开发者

A trivial SYSENTER/SYSCALL question

开发者 https://www.devze.com 2022-12-09 15:03 出处:网络
If a Windows executable makes use of S开发者_StackOverflow中文版YSENTER and is executed on a processor implementing AMD64 ISA, what happens? I am both new and newbie to this topic (OSes, hardware/soft

If a Windows executable makes use of S开发者_StackOverflow中文版YSENTER and is executed on a processor implementing AMD64 ISA, what happens? I am both new and newbie to this topic (OSes, hardware/software interaction) but from what I've read I have understood that SYSCALL is the AMD64 equivalent to Intel's SYSENTER. Hopefully this question makes sense.


If you try to use SYSENTER where it is not supported, you'll probably get an "invalid opcode" exception. Note that this situation is unusual - generally, Windows executables do not directly contain instructions to enter kernel mode.


As far as i know AM64 processors using different type of modes to handle such issues.

SYSENTER works fine but is not that fast.

A very useful site to get started about the different modes: Wikipedia


They got rid of a bunch of unused functionality when they developed AMD64 extensions. One of the main ones is the elimination of the cs, ds, es, and ss segment registers. Normally loading segment registers is an extremely expensive operation (the CPU has to do permission checks, which could involve multiple memory accesses). Entering kernel mode requires loading new segment register values.

The SYSENTER instruction accelerates this by having a set of "shadow registers" which is can copy directly to the (internal, hidden) segment descriptors without doing any permission checks. The vast majority of the benefit is lost with only a couple of segment registers, so most likely the reasoning for removing the support for the instructions is that using regular instructions for the mode switch is faster.

0

精彩评论

暂无评论...
验证码 换一张
取 消