int instruction from user space

Question

I was under the impression that \"int\" instruction on x86 is not privileged. So, I thought we should be able to execute this instruction from the user space application. But do

Answer 1

The minimum ring level of a given interrupt vector (which decides whether a given "int" is privileged) is based on the ring-level descriptor associated with the vector in the interrupt descriptor table.

In Windows the majority of interrupts are privileged instructions. This prevents user-mode from merely calling the double-fault handler to immediately bugcheck the OS.

There are some non-privileged interrupts in Windows. Specifically:

• int 1 (both CD 01 encoding and debug interrupt occurs after a single instruction if EFLAGS_TF is set in eflags)
• int 3 (both encoding CC and CD 03)
• int 2E (Windows system call)

All other interrupts are privileged, and calling them causes the "invalid instruction" interrupt to be issued instead.