Re: [Syllable-kernel] IO operations

[Nathanael B. <nbe...@ya...>]

--- Daniel Gryniewicz <da...@fp...> wrote:

> On Tue, 2004-12-14 at 19:52 +0100, Jacek wrote:
> > Daniel wrote:
> > > On Tue, 2004-12-14 at 18:21 +0100, Jacek wrote:
> > >> 1. all kernel and application code currently
> runs on privilege level 0
> > >
> > >Nope.  User code runs at level 3.
> > 
> > That's great for me, half of work is done.
> > 
> > > I believe iopl is allowed (optionally) to root. 
> Anything not run as
> > > root does not have iopl access.
> > 
> > Unfortunately you're not right. You can make a
> simple test:
> > 
> > // this will disable your PS/2 mouse
> > int main() {
> >         asm("mov $0xA7, %al;out %al, $0x64");
> > }
> > 
> > sending 0xA8 to the same port will enable your
> mouse back
> > 
> > And the following code will reset your computer
> immediately (run it at your 
> > own risk)
> > int main() {
> >         asm("mov $0xFE, %al;out %al, $0x64");
> > }
> > 
> > What about other questions?
> 
> Yes, but unless you made a new account to log in as,
> you are running as
> root, and therefore have iopl.
> 
> The Appserver, being started by init (which runs as
> root) will always
> have iopl permission.
> 
> I didn't see any other questions in the original
> email?
> 
> Daniel
IOPL is a chiplevel function. It has no idea what root
even is. It sees only the three rings, and in flat
paging mode, AFAIK (and definitely in current
syllable), only ring 0 (kernel) and 3 (user) are
really relevant. In other words, if its allowed in
user mode, it can be done, regardless of the user
account. It might not be easy to get at via libc or
whatever, but it can still be done. To do things
properly, we'd have to either shunt hw-accessing code
to ring 1 or 2, or have it all done via syscalls.

Disclaimer: of course, I could be wrong ;)

Nathanael Bettridge


		
__________________________________ 
Do you Yahoo!? 
Yahoo! Mail - Helps protect you from nasty viruses. 
http://promotions.yahoo.com/new_mail