When do we jump into kernel part of our process virtual memory other than when we use system calls? (In Linux)

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
2
down vote

favorite












This is a follow up question from my previous question.



Based on the answer, a system call is an example of when we jump into kernel part of virtual memory of our process.



  1. What are other examples of a normal process (non kernel) using this part of virtual memory other than system calls? like is there any function call that directly jumps into this kernel part or..?


  2. When we jump into this section of memory, does the processor automatically set the kernel mode bit to 1 in order for our process to access this part or there is no need to set this bit?


  3. Does all of the execution inside of this kernel part happen without any need for context switching to a kernel process?


(I didn't want to ask these follow up questions on comments so I opened another thread.)



enter image description here










share|improve this question



























    up vote
    2
    down vote

    favorite












    This is a follow up question from my previous question.



    Based on the answer, a system call is an example of when we jump into kernel part of virtual memory of our process.



    1. What are other examples of a normal process (non kernel) using this part of virtual memory other than system calls? like is there any function call that directly jumps into this kernel part or..?


    2. When we jump into this section of memory, does the processor automatically set the kernel mode bit to 1 in order for our process to access this part or there is no need to set this bit?


    3. Does all of the execution inside of this kernel part happen without any need for context switching to a kernel process?


    (I didn't want to ask these follow up questions on comments so I opened another thread.)



    enter image description here










    share|improve this question

























      up vote
      2
      down vote

      favorite









      up vote
      2
      down vote

      favorite











      This is a follow up question from my previous question.



      Based on the answer, a system call is an example of when we jump into kernel part of virtual memory of our process.



      1. What are other examples of a normal process (non kernel) using this part of virtual memory other than system calls? like is there any function call that directly jumps into this kernel part or..?


      2. When we jump into this section of memory, does the processor automatically set the kernel mode bit to 1 in order for our process to access this part or there is no need to set this bit?


      3. Does all of the execution inside of this kernel part happen without any need for context switching to a kernel process?


      (I didn't want to ask these follow up questions on comments so I opened another thread.)



      enter image description here










      share|improve this question















      This is a follow up question from my previous question.



      Based on the answer, a system call is an example of when we jump into kernel part of virtual memory of our process.



      1. What are other examples of a normal process (non kernel) using this part of virtual memory other than system calls? like is there any function call that directly jumps into this kernel part or..?


      2. When we jump into this section of memory, does the processor automatically set the kernel mode bit to 1 in order for our process to access this part or there is no need to set this bit?


      3. Does all of the execution inside of this kernel part happen without any need for context switching to a kernel process?


      (I didn't want to ask these follow up questions on comments so I opened another thread.)



      enter image description here







      linux kernel memory virtual-memory






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited 22 hours ago









      Stephen Kitt

      149k23332399




      149k23332399










      asked yesterday









      John P

      1608




      1608




















          2 Answers
          2






          active

          oldest

          votes

















          up vote
          2
          down vote



          accepted











          1. Processes running in user mode don’t have access to the kernel’s address space, at all. There are a number of ways for the processor to switch to kernel mode and run kernel code, but they are all set up by the kernel and happen in well-defined contexts: to run a system call, to respond to an interrupt, or to handle a fault. System calls don’t involve calling into kernel code directly; they involve an architecture-specific mechanism to ask the CPU to transfer control to the kernel, to run a specific system call, identified by its number, on behalf of the calling process. LWN has a series of articles explaining how this works: Anatomy of a system call part one, part two, and additional content.



            If a process attempts to access memory in the kernel’s address space, it will switch to kernel mode, but as a result of a fault; the kernel will then kill the process with a segmentation violation (SIGSEGV).



            On 32-bit x86, there is a mechanism to switch to kernel mode using far calls, call gates; but Linux doesn’t use that. (And they rely on special code segment descriptors rather than calling into kernel addresses.)



          2. See above: you can’t jump into kernel memory. In the circumstances described above, when transitioning to kernel mode, the CPU checks that the transition is allowed, and if so, switches to kernel mode using whichever mechanism is appropriate on the architecture being used. On x86 Linux, that means switching from ring 3 to ring 0.


          3. Transitioning to kernel mode doesn’t involve a change of process, so yes, all this happens without a context switch (as counted by the kernel).






          share|improve this answer






















          • So overall cpu jumps into kernel space of a process for 3 things : 1.to run a system call 2. to respond to an interrupt 3. to handle a fault; correct? (just want to make sure i know all the situations were our CPU might need to jump into this section of our process virtual memory)
            – John P
            21 hours ago







          • 1




            Yes, that’s exactly what I wrote ;-).
            – Stephen Kitt
            21 hours ago






          • 1




            On x86 you can see all the entry points in the kernel in arch/x86/entry: entry_32.S for 32-bit x86, entry_64_compat.S for 32-bit compatibility on 64-bit x86, and entry_64.S for 64-bit x86.
            – Stephen Kitt
            21 hours ago

















          up vote
          0
          down vote













          1 & 2. No, a user program cannot simply use a jump instruction to enter kernel memory. It is not allowed to do so. The CPU does not automatically set the "kernel bit" to allow such a jump to succeed... (maybe some CPU has such a feature, but a secure Linux port would disable this feature)



          ...Actually, since you are accessing a page in a way you do not have permission to do, you will enter the kernel :-). It enters in a controlled fashion, it works very similar to a system call, but we call it a "page fault". The CPU will provide details of the access to the kernel. With the type of access you describe, the kernel will treat it as an error in your program :-). It will send a fatal signal to your program (SIGSEGV).






          share|improve this answer






















          • So what happens when a normal process wants to do a JMP into a function inside of kernel? or when it wants to jmp into the code of a system call? if it cannot access that part then what happens and how can it use that function?
            – John P
            yesterday










          • @JohnP lwn.net/Articles/604287
            – sourcejedi
            23 hours ago










          Your Answer







          StackExchange.ready(function()
          var channelOptions =
          tags: "".split(" "),
          id: "106"
          ;
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function()
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled)
          StackExchange.using("snippets", function()
          createEditor();
          );

          else
          createEditor();

          );

          function createEditor()
          StackExchange.prepareEditor(
          heartbeatType: 'answer',
          convertImagesToLinks: false,
          noModals: false,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: null,
          bindNavPrevention: true,
          postfix: "",
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          );



          );













           

          draft saved


          draft discarded


















          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f473824%2fwhen-do-we-jump-into-kernel-part-of-our-process-virtual-memory-other-than-when-w%23new-answer', 'question_page');

          );

          Post as a guest






























          2 Answers
          2






          active

          oldest

          votes








          2 Answers
          2






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes








          up vote
          2
          down vote



          accepted











          1. Processes running in user mode don’t have access to the kernel’s address space, at all. There are a number of ways for the processor to switch to kernel mode and run kernel code, but they are all set up by the kernel and happen in well-defined contexts: to run a system call, to respond to an interrupt, or to handle a fault. System calls don’t involve calling into kernel code directly; they involve an architecture-specific mechanism to ask the CPU to transfer control to the kernel, to run a specific system call, identified by its number, on behalf of the calling process. LWN has a series of articles explaining how this works: Anatomy of a system call part one, part two, and additional content.



            If a process attempts to access memory in the kernel’s address space, it will switch to kernel mode, but as a result of a fault; the kernel will then kill the process with a segmentation violation (SIGSEGV).



            On 32-bit x86, there is a mechanism to switch to kernel mode using far calls, call gates; but Linux doesn’t use that. (And they rely on special code segment descriptors rather than calling into kernel addresses.)



          2. See above: you can’t jump into kernel memory. In the circumstances described above, when transitioning to kernel mode, the CPU checks that the transition is allowed, and if so, switches to kernel mode using whichever mechanism is appropriate on the architecture being used. On x86 Linux, that means switching from ring 3 to ring 0.


          3. Transitioning to kernel mode doesn’t involve a change of process, so yes, all this happens without a context switch (as counted by the kernel).






          share|improve this answer






















          • So overall cpu jumps into kernel space of a process for 3 things : 1.to run a system call 2. to respond to an interrupt 3. to handle a fault; correct? (just want to make sure i know all the situations were our CPU might need to jump into this section of our process virtual memory)
            – John P
            21 hours ago







          • 1




            Yes, that’s exactly what I wrote ;-).
            – Stephen Kitt
            21 hours ago






          • 1




            On x86 you can see all the entry points in the kernel in arch/x86/entry: entry_32.S for 32-bit x86, entry_64_compat.S for 32-bit compatibility on 64-bit x86, and entry_64.S for 64-bit x86.
            – Stephen Kitt
            21 hours ago














          up vote
          2
          down vote



          accepted











          1. Processes running in user mode don’t have access to the kernel’s address space, at all. There are a number of ways for the processor to switch to kernel mode and run kernel code, but they are all set up by the kernel and happen in well-defined contexts: to run a system call, to respond to an interrupt, or to handle a fault. System calls don’t involve calling into kernel code directly; they involve an architecture-specific mechanism to ask the CPU to transfer control to the kernel, to run a specific system call, identified by its number, on behalf of the calling process. LWN has a series of articles explaining how this works: Anatomy of a system call part one, part two, and additional content.



            If a process attempts to access memory in the kernel’s address space, it will switch to kernel mode, but as a result of a fault; the kernel will then kill the process with a segmentation violation (SIGSEGV).



            On 32-bit x86, there is a mechanism to switch to kernel mode using far calls, call gates; but Linux doesn’t use that. (And they rely on special code segment descriptors rather than calling into kernel addresses.)



          2. See above: you can’t jump into kernel memory. In the circumstances described above, when transitioning to kernel mode, the CPU checks that the transition is allowed, and if so, switches to kernel mode using whichever mechanism is appropriate on the architecture being used. On x86 Linux, that means switching from ring 3 to ring 0.


          3. Transitioning to kernel mode doesn’t involve a change of process, so yes, all this happens without a context switch (as counted by the kernel).






          share|improve this answer






















          • So overall cpu jumps into kernel space of a process for 3 things : 1.to run a system call 2. to respond to an interrupt 3. to handle a fault; correct? (just want to make sure i know all the situations were our CPU might need to jump into this section of our process virtual memory)
            – John P
            21 hours ago







          • 1




            Yes, that’s exactly what I wrote ;-).
            – Stephen Kitt
            21 hours ago






          • 1




            On x86 you can see all the entry points in the kernel in arch/x86/entry: entry_32.S for 32-bit x86, entry_64_compat.S for 32-bit compatibility on 64-bit x86, and entry_64.S for 64-bit x86.
            – Stephen Kitt
            21 hours ago












          up vote
          2
          down vote



          accepted







          up vote
          2
          down vote



          accepted







          1. Processes running in user mode don’t have access to the kernel’s address space, at all. There are a number of ways for the processor to switch to kernel mode and run kernel code, but they are all set up by the kernel and happen in well-defined contexts: to run a system call, to respond to an interrupt, or to handle a fault. System calls don’t involve calling into kernel code directly; they involve an architecture-specific mechanism to ask the CPU to transfer control to the kernel, to run a specific system call, identified by its number, on behalf of the calling process. LWN has a series of articles explaining how this works: Anatomy of a system call part one, part two, and additional content.



            If a process attempts to access memory in the kernel’s address space, it will switch to kernel mode, but as a result of a fault; the kernel will then kill the process with a segmentation violation (SIGSEGV).



            On 32-bit x86, there is a mechanism to switch to kernel mode using far calls, call gates; but Linux doesn’t use that. (And they rely on special code segment descriptors rather than calling into kernel addresses.)



          2. See above: you can’t jump into kernel memory. In the circumstances described above, when transitioning to kernel mode, the CPU checks that the transition is allowed, and if so, switches to kernel mode using whichever mechanism is appropriate on the architecture being used. On x86 Linux, that means switching from ring 3 to ring 0.


          3. Transitioning to kernel mode doesn’t involve a change of process, so yes, all this happens without a context switch (as counted by the kernel).






          share|improve this answer















          1. Processes running in user mode don’t have access to the kernel’s address space, at all. There are a number of ways for the processor to switch to kernel mode and run kernel code, but they are all set up by the kernel and happen in well-defined contexts: to run a system call, to respond to an interrupt, or to handle a fault. System calls don’t involve calling into kernel code directly; they involve an architecture-specific mechanism to ask the CPU to transfer control to the kernel, to run a specific system call, identified by its number, on behalf of the calling process. LWN has a series of articles explaining how this works: Anatomy of a system call part one, part two, and additional content.



            If a process attempts to access memory in the kernel’s address space, it will switch to kernel mode, but as a result of a fault; the kernel will then kill the process with a segmentation violation (SIGSEGV).



            On 32-bit x86, there is a mechanism to switch to kernel mode using far calls, call gates; but Linux doesn’t use that. (And they rely on special code segment descriptors rather than calling into kernel addresses.)



          2. See above: you can’t jump into kernel memory. In the circumstances described above, when transitioning to kernel mode, the CPU checks that the transition is allowed, and if so, switches to kernel mode using whichever mechanism is appropriate on the architecture being used. On x86 Linux, that means switching from ring 3 to ring 0.


          3. Transitioning to kernel mode doesn’t involve a change of process, so yes, all this happens without a context switch (as counted by the kernel).







          share|improve this answer














          share|improve this answer



          share|improve this answer








          edited 22 hours ago

























          answered 22 hours ago









          Stephen Kitt

          149k23332399




          149k23332399











          • So overall cpu jumps into kernel space of a process for 3 things : 1.to run a system call 2. to respond to an interrupt 3. to handle a fault; correct? (just want to make sure i know all the situations were our CPU might need to jump into this section of our process virtual memory)
            – John P
            21 hours ago







          • 1




            Yes, that’s exactly what I wrote ;-).
            – Stephen Kitt
            21 hours ago






          • 1




            On x86 you can see all the entry points in the kernel in arch/x86/entry: entry_32.S for 32-bit x86, entry_64_compat.S for 32-bit compatibility on 64-bit x86, and entry_64.S for 64-bit x86.
            – Stephen Kitt
            21 hours ago
















          • So overall cpu jumps into kernel space of a process for 3 things : 1.to run a system call 2. to respond to an interrupt 3. to handle a fault; correct? (just want to make sure i know all the situations were our CPU might need to jump into this section of our process virtual memory)
            – John P
            21 hours ago







          • 1




            Yes, that’s exactly what I wrote ;-).
            – Stephen Kitt
            21 hours ago






          • 1




            On x86 you can see all the entry points in the kernel in arch/x86/entry: entry_32.S for 32-bit x86, entry_64_compat.S for 32-bit compatibility on 64-bit x86, and entry_64.S for 64-bit x86.
            – Stephen Kitt
            21 hours ago















          So overall cpu jumps into kernel space of a process for 3 things : 1.to run a system call 2. to respond to an interrupt 3. to handle a fault; correct? (just want to make sure i know all the situations were our CPU might need to jump into this section of our process virtual memory)
          – John P
          21 hours ago





          So overall cpu jumps into kernel space of a process for 3 things : 1.to run a system call 2. to respond to an interrupt 3. to handle a fault; correct? (just want to make sure i know all the situations were our CPU might need to jump into this section of our process virtual memory)
          – John P
          21 hours ago





          1




          1




          Yes, that’s exactly what I wrote ;-).
          – Stephen Kitt
          21 hours ago




          Yes, that’s exactly what I wrote ;-).
          – Stephen Kitt
          21 hours ago




          1




          1




          On x86 you can see all the entry points in the kernel in arch/x86/entry: entry_32.S for 32-bit x86, entry_64_compat.S for 32-bit compatibility on 64-bit x86, and entry_64.S for 64-bit x86.
          – Stephen Kitt
          21 hours ago




          On x86 you can see all the entry points in the kernel in arch/x86/entry: entry_32.S for 32-bit x86, entry_64_compat.S for 32-bit compatibility on 64-bit x86, and entry_64.S for 64-bit x86.
          – Stephen Kitt
          21 hours ago












          up vote
          0
          down vote













          1 & 2. No, a user program cannot simply use a jump instruction to enter kernel memory. It is not allowed to do so. The CPU does not automatically set the "kernel bit" to allow such a jump to succeed... (maybe some CPU has such a feature, but a secure Linux port would disable this feature)



          ...Actually, since you are accessing a page in a way you do not have permission to do, you will enter the kernel :-). It enters in a controlled fashion, it works very similar to a system call, but we call it a "page fault". The CPU will provide details of the access to the kernel. With the type of access you describe, the kernel will treat it as an error in your program :-). It will send a fatal signal to your program (SIGSEGV).






          share|improve this answer






















          • So what happens when a normal process wants to do a JMP into a function inside of kernel? or when it wants to jmp into the code of a system call? if it cannot access that part then what happens and how can it use that function?
            – John P
            yesterday










          • @JohnP lwn.net/Articles/604287
            – sourcejedi
            23 hours ago














          up vote
          0
          down vote













          1 & 2. No, a user program cannot simply use a jump instruction to enter kernel memory. It is not allowed to do so. The CPU does not automatically set the "kernel bit" to allow such a jump to succeed... (maybe some CPU has such a feature, but a secure Linux port would disable this feature)



          ...Actually, since you are accessing a page in a way you do not have permission to do, you will enter the kernel :-). It enters in a controlled fashion, it works very similar to a system call, but we call it a "page fault". The CPU will provide details of the access to the kernel. With the type of access you describe, the kernel will treat it as an error in your program :-). It will send a fatal signal to your program (SIGSEGV).






          share|improve this answer






















          • So what happens when a normal process wants to do a JMP into a function inside of kernel? or when it wants to jmp into the code of a system call? if it cannot access that part then what happens and how can it use that function?
            – John P
            yesterday










          • @JohnP lwn.net/Articles/604287
            – sourcejedi
            23 hours ago












          up vote
          0
          down vote










          up vote
          0
          down vote









          1 & 2. No, a user program cannot simply use a jump instruction to enter kernel memory. It is not allowed to do so. The CPU does not automatically set the "kernel bit" to allow such a jump to succeed... (maybe some CPU has such a feature, but a secure Linux port would disable this feature)



          ...Actually, since you are accessing a page in a way you do not have permission to do, you will enter the kernel :-). It enters in a controlled fashion, it works very similar to a system call, but we call it a "page fault". The CPU will provide details of the access to the kernel. With the type of access you describe, the kernel will treat it as an error in your program :-). It will send a fatal signal to your program (SIGSEGV).






          share|improve this answer














          1 & 2. No, a user program cannot simply use a jump instruction to enter kernel memory. It is not allowed to do so. The CPU does not automatically set the "kernel bit" to allow such a jump to succeed... (maybe some CPU has such a feature, but a secure Linux port would disable this feature)



          ...Actually, since you are accessing a page in a way you do not have permission to do, you will enter the kernel :-). It enters in a controlled fashion, it works very similar to a system call, but we call it a "page fault". The CPU will provide details of the access to the kernel. With the type of access you describe, the kernel will treat it as an error in your program :-). It will send a fatal signal to your program (SIGSEGV).







          share|improve this answer














          share|improve this answer



          share|improve this answer








          edited yesterday

























          answered yesterday









          sourcejedi

          20.6k42888




          20.6k42888











          • So what happens when a normal process wants to do a JMP into a function inside of kernel? or when it wants to jmp into the code of a system call? if it cannot access that part then what happens and how can it use that function?
            – John P
            yesterday










          • @JohnP lwn.net/Articles/604287
            – sourcejedi
            23 hours ago
















          • So what happens when a normal process wants to do a JMP into a function inside of kernel? or when it wants to jmp into the code of a system call? if it cannot access that part then what happens and how can it use that function?
            – John P
            yesterday










          • @JohnP lwn.net/Articles/604287
            – sourcejedi
            23 hours ago















          So what happens when a normal process wants to do a JMP into a function inside of kernel? or when it wants to jmp into the code of a system call? if it cannot access that part then what happens and how can it use that function?
          – John P
          yesterday




          So what happens when a normal process wants to do a JMP into a function inside of kernel? or when it wants to jmp into the code of a system call? if it cannot access that part then what happens and how can it use that function?
          – John P
          yesterday












          @JohnP lwn.net/Articles/604287
          – sourcejedi
          23 hours ago




          @JohnP lwn.net/Articles/604287
          – sourcejedi
          23 hours ago

















           

          draft saved


          draft discarded















































           


          draft saved


          draft discarded














          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f473824%2fwhen-do-we-jump-into-kernel-part-of-our-process-virtual-memory-other-than-when-w%23new-answer', 'question_page');

          );

          Post as a guest













































































          Popular posts from this blog

          How to check contact read email or not when send email to Individual?

          Displaying single band from multi-band raster using QGIS

          How many registers does an x86_64 CPU actually have?