diff options
| -rw-r--r-- | src/arch/x86_64.md | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/src/arch/x86_64.md b/src/arch/x86_64.md index 265bd8a..e6c26fe 100644 --- a/src/arch/x86_64.md +++ b/src/arch/x86_64.md @@ -77,6 +77,34 @@ wrmsr // Write MSR register, effectively does MSR[ECX] <- EDX:EAX Can be used to swap in a pointer to a kernel data structure on syscall entry, as for example in [`entry_SYSCALL_64`][linux-swapgs]. +## Current privilege level + +The current privilege level can be found at any time in the last two bits of the +code segment selector `cs`. The following shows an example debugging an entry +and exit of a syscall in x86_64-linux. + +``` +Breakpoint 1, entry_SYSCALL_64 () at arch/x86/entry/entry_64.S:90 +90 swapgs +(gdb) info r rax rcx cs +rax 0x0 0 ; syscall nr +rcx 0x7feb16399e56 140647666916950 ; ret addr +cs 0x10 16 ; cs & 0x3 -> 0 (ring0,kernel) + +(gdb) c +Breakpoint 2, entry_SYSCALL_64 () at arch/x86/entry/entry_64.S:217 +217 sysretq +(gdb) info r rcx cs +rcx 0x7feb16399e56 140647666916950 ; ret addr +cs 0x10 16 ; cs & 0x3 -> 0 (ring0,kernel) + +(gdb) b *$rcx +(gdb) s +Breakpoint 3, 0x00007feb16399e56 in ?? () +(gdb) info r cs +cs 0x33 51 ; cs & 0x3 -> 3 (ring3,user) +``` + ## Size directives Explicitly specify size of the operation. ```x86asm |