protected mode prevents user programs from modifying the operating system by assigning a lower privelidge to it.my question is,what's there to stop someone from writing code with the highest privelidge and the modifying the OS's core?





thanks

protected mode prevents user programs from modifying the operating system by assigning a lower privelidge to it.my question is,what's there to stop someone from writing code with the highest privelidge and the modifying the OS's core?

The GDT ... The Global Descriptor Table. This table - a set of data - defines where the segments starts and ends. If they can be accessed with reading/writing, what privilige level they are etc. etc.

The lgdt instructions loads a new GDT into the memory. A tutorial on the GDT (http://www.osdever.net/tutorials/descriptors.php?the_id=42).

This is a dumm GDT which specifies that every memory is highest privileged (kernel) memory. This is dumm, but at first easier to understand:


SECTION .data

gdt:
; NULL descriptor
dw 0 ; limit 15:0
dw 0 ; base 15:0
db 0 ; base 23:16
db 0 ; type
db 0 ; limit 19:16, flags
db 0 ; base 31:24

; unused descriptor
dw 0
dw 0
db 0
db 0
db 0
db 0

LINEAR_DATA_SEL equ $-gdt
dw 0FFFFh
dw 0
db 0
db 92h ; present, ring 0, data, expand-up, writable
db 0CFh ; page-granular (4 gig limit), 32-bit
db 0

LINEAR_CODE_SEL equ $-gdt
dw 0FFFFh
dw 0
db 0
db 9Ah ; present,ring 0,code,non-conforming,readable
db 0CFh ; page-granular (4 gig limit), 32-bit
db 0
gdt_end:

gdt_ptr:
dw gdt_end - gdt - 1
dd gdt


And loades is this GDT by the following instruction:


lgdt [gdt_ptr]


(NASM code)