usermode

switching to user stack in kernel dumps

北城以北 提交于 2021-02-06 09:33:06
问题 Is there a way to switch to user mode of a particular process in a kernel dump while doing postmortem debugging ? I remember doing this while live debugging using the .process command. 回答1: .process also works in kernel dumps. First, you can find your process using !process 0 0 myprocess.exe and then switch to that process using .process <address> where <address> is the hex number after PROCESS . Note that you are still kernel debugging and you have only the physical memory of that process

C and resource protection in memory

醉酒当歌 提交于 2019-12-21 17:46:49
问题 When we compile a C program, it just generates some machine-understandable code. This code can directly run on the hardware, telling from this question. So my questions are: If a C program can directly run on the hardware, how can the kernel handle the resource allocation for this program? If the executable generated from the compiler is in pure machine-understandable form, then how do the privileged and non-privileged modes work? How does the kernel manage the permission of hardware

Difference between User vs Kernel System call

南楼画角 提交于 2019-12-13 06:32:20
问题 A system call is how a program requests a service from an operating system's kernel. They can occur in user-mode and kernel-mode. What are differences? For example: Overhead System time 回答1: A system call is the way you transition between the application ("user mode") and the kernel. Syscalls are slower than normal function calls, but newer x86 chips from Intel and AMD have a special sysenter / syscall opcode to make it take just a hundred nanoseconds or so, give or take. 回答2: @Leo, Could you

Linux user space PCI driver

不想你离开。 提交于 2019-12-13 03:59:18
问题 I'm trying to write a PCI device driver that runs in user space. Not my idea, what the client wants. Target is an embedded Linux board that will never have more than a single user. I'm an experienced C programmer and know Linux, just not familiar with Linux driver development. Is this really a device driver or just a library? Do I need to use the typical calls pci_register_driver, etc. or can I just access the device using fopen, and using mmap and ioperm to get to it? Interrupts will be done

How does exception dispatching change with an unhandled exception handler?

回眸只為那壹抹淺笑 提交于 2019-12-11 10:29:21
问题 In short, MSDN describes exception dispatching for user mode application like this: the debugger gets notified of the first chance exception (if attached) an exception handler aka. try/catch is invoked (if available) the debugger gets notified of the second chance exception (if attached) the system cares about the unhandled exception (typically: terminate the process) This sequence does not consider the presence of an unhandled exception handler. How does exception dispatching change when an

Difference between processes running in kernel mode and running as root?

萝らか妹 提交于 2019-12-09 09:20:41
问题 I am aware of the difference between a process running in user mode and one running in kernel mode (based on access restrictions, access to hardware etc.). But just out of curiosity, what is the difference between a process running in kernel mode and one running as root? 回答1: kernel mode and root are two separate ideas that aren't really related to each other. The concept of running a process as root is a unix/linux term that means you're logged in as the administrator of the system. Any

C and resource protection in memory

北城以北 提交于 2019-12-04 08:03:54
When we compile a C program, it just generates some machine-understandable code. This code can directly run on the hardware, telling from this question . So my questions are: If a C program can directly run on the hardware, how can the kernel handle the resource allocation for this program? If the executable generated from the compiler is in pure machine-understandable form, then how do the privileged and non-privileged modes work? How does the kernel manage the permission of hardware resources if a program can directly run on the hardware not through the kernel? If a C program can directly
订阅 usermode