Deutsch English Français Italiano |
<1316e4baa439de908666e38c39cd8c79@www.novabbs.org> View for Bookmarking (what is this?) Look up another Usenet article |
Path: ...!weretis.net!feeder9.news.weretis.net!news.nk.ca!rocksolid2!i2pn2.org!.POSTED!not-for-mail From: mitchalsup@aol.com (MitchAlsup1) Newsgroups: comp.arch Subject: Re: Privilege Levels Below User Date: Sat, 8 Jun 2024 17:37:46 +0000 Organization: Rocksolid Light Message-ID: <1316e4baa439de908666e38c39cd8c79@www.novabbs.org> References: <jai66jd4ih4ejmek0abnl4gvg5td4obsqg@4ax.com> <Z9I8O.13$2JEf.11@fx14.iad> <5h%8O.4327$wDZ.776@fx48.iad> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Injection-Info: i2pn2.org; logging-data="3585978"; mail-complaints-to="usenet@i2pn2.org"; posting-account="65wTazMNTleAJDh/pRqmKE7ADni/0wesT78+pyiDW8A"; User-Agent: Rocksolid Light X-Rslight-Posting-User: ac58ceb75ea22753186dae54d967fed894c3dce8 X-Spam-Checker-Version: SpamAssassin 4.0.0 X-Rslight-Site: $2y$10$qYrIoJZM2jqONkfXbC/oRem0ZKE1h7GzYkewTT5c6nvgbY3FvlM4q Bytes: 4078 Lines: 69 EricP wrote: > Scott Lurndal wrote: >> John Savard <quadibloc@servername.invalid> writes: >>> This may be a silly idea... but it seems to be the sort of thing that >>> current concerns about computer security may be calling for. >>> >>> It is typical for computers to have a privileged mode of operation, >>> wherein I/O operations and certain special changes to the state of the >>> computer are allowed that are barred to normal computational tasks. >>> >>> For various reasons, miscreants have not been completely foiled by the >>> existence of this feature. >>> >>> Some types of instruction that are required for normal computation are >>> still, to a certain extent, potentially harmful. >>> >>> So I am thinking it might be useful to have, for example, two states >>> less privileged than the user state, and some mechanism for user >>> programs to call subroutines which are in that state until they return >>> - the return instruction being limited, sort of like a supervisor >>> call, so it can only return in a proper manner. >> >> There are already more than five security rings in most >> processors. >> >> Intel: Ring 3, Ring 2 (unused), Ring 1(unused), Ring 0, VMX, Enclave, >> >> SMM >> AMD: Ring 3, Ring 2 (unused), Ring 1(unused), Ring 0, SVM, SMM >> ARM64: Realm Monitor, EL3 (Secure monitor), EL2(Hypervisor), EL1 >> (Kernel), EL0 (user) > VAX had 4 modes, User, Supervisor, Executive, Kernel. > VMS used Super for debugger and the command language DCL, > Exec was mostly for the file system. > Kernel was for the core of the OS. > What they found that not only do they not need 4 levels, > it was a pointless overhead to have to constantly switch between them. > (There is a pretty high penalty to switching modes, copying in args, > validating args, doing something usually simple, then switching back, > when it is all the OS's code anyway.) VAX was before common era Hypervisors, do you think VAX could have supported secure mode and hypervisor with their 4 levels ?? But for similar reasons ring 1 and 2 are not used in x86 machines, either. {{NOw, if we could just go back to 1982 and not invent IDTs, and call gates, .....}} > I don't know what privileges Unix on VAX used but it was > probably 2 levels because PDP-11 had only 2 levels. > Alpha had 3 levels, User, Supervisor, and a higher third mode called > PAL for Privileged Architecture Library. It was supposed to be thought > of like microcode, privileged subroutines. Then PAL mode was used to > emulate the 4 levels that VMS expected when they ported it. PAL was microcode in <fast> ROM in the native ISA. > (I think PAL mode was a way to patent a feature that made the > ISA impossible to copy without their permission, > and therefore someone can't take DEC's executables and run them > on a clone processor, like what happened to IBM with Amdahl.) Worked real well for them !! > WinNT was written to be portable so the lowest common denominator > is 2 levels, User and Super, and everything worked just fine.