Protected Mode - Wikipedia
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
Allgemeines Abkürzungsverzeichnis
Allgemeines Abkürzungsverzeichnis L. -
Kontron / ICS Advent SB586P(V) Manual (Pdf)
Full-service, independent repair center -~ ARTISAN® with experienced engineers and technicians on staff. TECHNOLOGY GROUP ~I We buy your excess, underutilized, and idle equipment along with credit for buybacks and trade-ins. Custom engineering Your definitive source so your equipment works exactly as you specify. for quality pre-owned • Critical and expedited services • Leasing / Rentals/ Demos equipment. • In stock/ Ready-to-ship • !TAR-certified secure asset solutions Expert team I Trust guarantee I 100% satisfaction Artisan Technology Group (217) 352-9330 | [email protected] | artisantg.com All trademarks, brand names, and brands appearing herein are the property o f their respective owners. Find the Kontron / ICS Advent SB586PV at our website: Click HERE Model SB586P(V) Product Manual MANUAL NUMBER : 00431-027-3C Page - ii FOREWORD This product manual provides information to install, operate and or program the referenced product(s) manufactured or distributed by ICS Advent. The following pages contain information regarding the war- ranty and repair policies. Technical assistance is available at: 800-480-0044. Manual Errors, Omissions and Bugs: A "Bug Sheet" is included as the last page of this manual. Please use the "Bug Sheet" if you experience any problems with the manual that requires correction. The information in this document is provided for reference only. ICS Advent does not assume any liability arising from the application or use of the information or products described herein. This document may contain or reference information and products protected by copyrights or patents and does not convey any license under the patent rights of ICS Advent, nor the rights of others. -
Virtualization
Virtualization Dave Eckhardt and Roger Dannenberg based on material from : Mike Kasick Glenn Willen Mike Cui April 10, 2009 1 Synchronization Memorial service for Timothy Wismer − Friday, April 17 − 16:00-18:00 − Breed Hall (Margaret Morrison 103) Sign will say “Private Event” − Donations to National Arthritis Foundation will be welcome 2 Outline Introduction Virtualization x86 Virtualization Paravirtualization Alternatives for Isolation Alternatives for “running two OSes on same machine” Summary 3 What is Virtualization? Virtualization: − Process of presenting and partitioning computing resources in a logical way rather than partitioning according to physical reality Virtual Machine: − An execution environment (logically) identical to a physical machine, with the ability to execute a full operating system The Process abstraction is related to virtualization: it’s at least similar to a physical machine Process : Kernel :: Kernel : ? 4 Advantages of the Process Abstraction Each process is a pseudo-machine Processes have their own registers, address space, file descriptors (sometimes) Protection from other processes 5 Disadvantages of the Process Abstraction Processes share the file system − Difficult to simultaneously use different versions of: Programs, libraries, configurations Single machine owner: − root is the superuser − Any process that attains superuser privileges controls all processes Other processes aren't so isolated after all 6 Disadvantages of the Process Abstraction Processes share the same kernel − Kernel/OS -
SYSCALL, IRET ● Opportunistic SYSRET Failed, Do IRET
entry_*.S A carefree stroll through kernel entry code Borislav Petkov SUSE Labs [email protected] Reasons for entry into the kernel ● System calls (64-bit, compat, 32-bit) ● Interrupts (NMIs, APIC, timer, IPIs... ) – software: INT 0x0-0xFF, INT3, … – external (hw-generated): CPU-ext logic, async to insn exec ● Architectural exceptions (sync vs async) – faults: precise, reported before faulting insn => restartable (#GP,#PF) – traps: precise, reported after trapping insn (#BP,#DB-both) – aborts: imprecise, not reliably restartable (#MC, unless MCG_STATUS.RIPV) 2 Intr/Ex entry ● IDT, int num index into it (256 vectors); all modes need an IDT ● If handler has a higher CPL, switch stacks ● A picture is always better: 3 45sec guide to Segmentation ● Continuous range at an arbitrary position in VA space ● Segments described by segment descriptors ● … selected by segment selectors ● … by indexing into segment descriptor tables (GDT,LDT,IDT,...) ● … and loaded by the hw into segment registers: – user: CS,DS,{E,F,G}S,SS – system: GDTR,LDTR,IDTR,TR (TSS) 4 A couple more seconds of Segmentation ● L (bit 21) new long mode attr: 1=long mode, 0=compat mode ● D (bit 22): default operand and address sizes ● legacy: D=1b – 32bit, D=0b – 16bit ● long mode: D=0b – 32-bit, L=1,D=1 reserved for future use ● G (bit 23): granularity: G=1b: seg limit scaled by 4K ● DPL: Descriptor Privilege Level of the segment 5 Legacy syscalls ● Call OS through gate descriptor (call, intr, trap or task gate) ● Overhead due to segment-based protection: – load new selector + desc into -
Class-Action Lawsuit
Case 3:20-cv-00863-SI Document 1 Filed 05/29/20 Page 1 of 279 Steve D. Larson, OSB No. 863540 Email: [email protected] Jennifer S. Wagner, OSB No. 024470 Email: [email protected] STOLL STOLL BERNE LOKTING & SHLACHTER P.C. 209 SW Oak Street, Suite 500 Portland, Oregon 97204 Telephone: (503) 227-1600 Attorneys for Plaintiffs [Additional Counsel Listed on Signature Page.] UNITED STATES DISTRICT COURT DISTRICT OF OREGON PORTLAND DIVISION BLUE PEAK HOSTING, LLC, PAMELA Case No. GREEN, TITI RICAFORT, MARGARITE SIMPSON, and MICHAEL NELSON, on behalf of CLASS ACTION ALLEGATION themselves and all others similarly situated, COMPLAINT Plaintiffs, DEMAND FOR JURY TRIAL v. INTEL CORPORATION, a Delaware corporation, Defendant. CLASS ACTION ALLEGATION COMPLAINT Case 3:20-cv-00863-SI Document 1 Filed 05/29/20 Page 2 of 279 Plaintiffs Blue Peak Hosting, LLC, Pamela Green, Titi Ricafort, Margarite Sampson, and Michael Nelson, individually and on behalf of the members of the Class defined below, allege the following against Defendant Intel Corporation (“Intel” or “the Company”), based upon personal knowledge with respect to themselves and on information and belief derived from, among other things, the investigation of counsel and review of public documents as to all other matters. INTRODUCTION 1. Despite Intel’s intentional concealment of specific design choices that it long knew rendered its central processing units (“CPUs” or “processors”) unsecure, it was only in January 2018 that it was first revealed to the public that Intel’s CPUs have significant security vulnerabilities that gave unauthorized program instructions access to protected data. 2. A CPU is the “brain” in every computer and mobile device and processes all of the essential applications, including the handling of confidential information such as passwords and encryption keys. -
SOS Internals
Understanding a Simple Operating System SOS is a Simple Operating System designed for the 32-bit x86 architecture. Its purpose is to understand basic concepts of operating system design. These notes are meant to help you recall the class discussions. Chapter 1 : Starting Up SOS 3 Registers in the IA-32 x86 Architecture BIOS (Basic Input/Ouput System) Routines Real Mode Addressing Organization of SOS on Disk and Memory Master Boot Record SOS Startup A20 Line 32-bit Protected Mode Addressing Privilege Level Global Descriptor Table (GDT) More on Privilege Levels The GDT Setup Enabling Protected Mode Calling main() Chapter 2 : SOS Initializations 10 In main() Disk Initialization Display Initialization Setting Up Interrupt Handlers Interrupt Descriptor Table (IDT) A Default Interrupt Handler Load IDT The Programmable Interrupt Controller (PIC) The Keyboard Interrupt Handler Starting the Console Putting It All Together Chapter 3: SOS1 – Single-tasking SOS 16 Running User Programs GDT Entries Default Exception Handler User Programs Executable Format System Calls Creating User Programs The run Command Understanding a Simple Operating System The DUMB Memory Manager Program Address Space Process Control Block Switching to a User Program Kernel-Mode Stack Chapter 4 : SOS2 – Multi-tasking SOS 24 Running Multiple User Programs NAÏVE Memory Manager Programmable Interval Timer (PIT) Process States Timer Interrupt Handler Sleep System Call The run Command Process Queue The Scheduler The Complete Picture ps Command Chapter 5 : SOS3 – Paging in SOS 31 -
I386-Engine™ Technical Manual
i386-Engine™ C/C++ Programmable, 32-bit Microprocessor Module Based on the Intel386EX Technical Manual 1950 5 th Street, Davis, CA 95616, USA Tel: 530-758-0180 Fax: 530-758-0181 Email: [email protected] http://www.tern.com Internet Email: [email protected] http://www.tern.com COPYRIGHT i386-Engine, VE232, A-Engine, A-Core, C-Engine, V25-Engine, MotionC, BirdBox, PowerDrive, SensorWatch, Pc-Co, LittleDrive, MemCard, ACTF, and NT-Kit are trademarks of TERN, Inc. Intel386EX and Intel386SX are trademarks of Intel Coporation. Borland C/C++ are trademarks of Borland International. Microsoft, MS-DOS, Windows, and Windows 95 are trademarks of Microsoft Corporation. IBM is a trademark of International Business Machines Corporation. Version 2.00 October 28, 2010 No part of this document may be copied or reproduced in any form or by any means without the prior written consent of TERN, Inc. © 1998-2010 1950 5 th Street, Davis, CA 95616, USA Tel: 530-758-0180 Fax: 530-758-0181 Email: [email protected] http://www.tern.com Important Notice TERN is developing complex, high technology integration systems. These systems are integrated with software and hardware that are not 100% defect free. TERN products are not designed, intended, authorized, or warranted to be suitable for use in life-support applications, devices, or systems, or in other critical applications. TERN and the Buyer agree that TERN will not be liable for incidental or consequential damages arising from the use of TERN products. It is the Buyer's responsibility to protect life and property against incidental failure. TERN reserves the right to make changes and improvements to its products without providing notice. -
Professor Won Woo Ro, School of Electrical and Electronic Engineering Yonsei University the Intel® 4004 Microprocessor, Introdu
Professor Won Woo Ro, School of Electrical and Electronic Engineering Yonsei University The 1st Microprocessor The Intel® 4004 microprocessor, introduced in November 1971 An electronics revolution that changed our world. There were no customer‐ programmable microprocessors on the market before the 4004. It propelled software into the limelight as a key player in the world of digital electronics design. 4004 Microprocessor Display at New Intel Museum A Japanese calculator maker (Busicom) asked to design: A set of 12 custom logic chips for a line of programmable calculators. Marcian E. "Ted" Hoff Recognized the integrated circuit technology (of the day) had advanced enough to build a single chip, general purpose computer. Federico Faggin to turn Hoff's vision into a silicon reality. (In less than one year, Faggin and his team delivered the 4004, which was introduced in November, 1971.) The world's first microprocessor application was this Busicom calculator. (sold about 100,000 calculators.) Measuring 1/8 inch wide by 1/6 inch long, consisting of 2,300 transistors, Intel’s 4004 microprocessor had as much computing power as the first electronic computer, ENIAC. 2 inch 4004 and 12 inch Core™2 Duo wafer ENIAC, built in 1946, filled 3000‐cubic‐ feet of space and contained 18,000 vacuum tubes. The 4004 microprocessor could execute 60,000 operations per second Running frequency: 108 KHz Founders wanted to name their new company Moore Noyce. However the name sounds very much similar to “more noise”. "Only the paranoid survive". Moore received a B.S. degree in Chemistry from the University of California, Berkeley in 1950 and a Ph.D. -
The Bootstrap the Where Are Wenow?
Dedicated Operating System March2011 Prof. Dr.Antônio AugustoFröhlich http://www.lisha.ufsc.br/Guto Getting ready for the OS for the ready Getting [email protected] LISHA/UFSC The Boot: The March 2011 (http://www.lisha.ufsc.br) 1 Dedicated Operating System March2011 ● ● ● BIOSgot the system ready for BIOSbrought the system on ● Lots of “jmp” so far, no calls, why? ● First instruction fetched ● initializedBIOS a complex architecture Where the stack?Where is 0x7c00 BIST, POST, hooks The Bootstrap Where are we now? we are Where (http://www.lisha.ufsc.br) =>Today class 2 EPOS Bootstrap: m src/boot/pc_boot.S e t ; CONSTANTS s ;============================================================ y ; PHYSICAL MEMORY MAP S ; 0x0000 0000 -+-----------------------+ BOOT_IDT ; | IDT (4 K) | g ; 0x0000 1000 -+-----------------------+ BOOT_GDT ; | GDT (4 K) | n i ; 0x0000 2000 -+-----------------------+ t ; : : a ; | BOOT STACK (23 K) | r ; 0x0000 7c00 -+-----------------------+ BOOTSTRAP_STACK e ; | BOOT CODE (512 b) | BOOTSTRAP_CODE p ; 0x0000 7e00 -+-----------------------+ ; | RESERVED (512 b) | O ; 0x0000 8000 -+-----------------------+ DISK_IMAGE ; | DISK IMAGE (608 K) | d ; : : e ; | | t ; 0x000a 0000 -+-----------------------+ a ; | UNUSED (384K) | c ; : : i ; | | d ; 0x000f f000 -+-----------------------+ e D March 2011 (http://www.lisha.ufsc.br) 3 EPOS Bootstrap: Notes m e t s Code to be ran at real mode (16 bits) y S Interrupts (IDT) ● g At real mode, always at 0x0000 n ● i At protected mode, anywhere (IDTR) t a Segmentation (GDT) r ● e Always -
Understanding the Microsoft Office 2013 Protected-View Sandbox
MWRI PUBLIC UNDERSTANDING THE MICROSOFT OFFICE 2013 PROTECTED-VIEW SANDBOX Yong Chuan, Koh (@yongchuank) 2015/07/09 mwrinfosecurity.com | © MWR InfoSecurity MWRI PUBLIC MWRI PUBLIC Table of Contents 1. Introduction .................................................................................................................... 3 2. Sandbox Internals ............................................................................................................. 4 2.1 Architecture .............................................................................................................. 4 2.1.1 Interception Component ......................................................................................... 4 2.1.2 Elevation Policy Manager ........................................................................................ 4 2.1.3 Inter-Process Communication ................................................................................... 5 2.2 Sandbox Restrictions.................................................................................................... 6 2.2.1 Sandbox Initialization ............................................................................................ 6 2.2.2 File Locations .................................................................................................... 12 2.2.3 Registry Keys ..................................................................................................... 12 2.2.4 Network Connections .......................................................................................... -
Xv6 Booting: Transitioning from 16 to 32 Bit Mode
238P Operating Systems, Fall 2018 xv6 Boot Recap: Transitioning from 16 bit mode to 32 bit mode 3 November 2018 Aftab Hussain University of California, Irvine BIOS xv6 Boot loader what it does Sets up the hardware. Transfers control to the Boot Loader. BIOS xv6 Boot loader what it does Sets up the hardware. Transfers control to the Boot Loader. how it transfers control to the Boot Loader Boot loader is loaded from the 1st 512-byte sector of the boot disk. This 512-byte sector is known as the boot sector. Boot loader is loaded at 0x7c00. Sets processor’s ip register to 0x7c00. BIOS xv6 Boot loader 2 source source files bootasm.S - 16 and 32 bit assembly code. bootmain.c - C code. BIOS xv6 Boot loader 2 source source files bootasm.S - 16 and 32 bit assembly code. bootmain.c - C code. executing bootasm.S 1. Disable interrupts using cli instruction. (Code). > Done in case BIOS has initialized any of its interrupt handlers while setting up the hardware. Also, BIOS is not running anymore, so better to disable them. > Clear segment registers. Use xor for %ax, and copy it to the rest (Code). 2. Switch from real mode to protected mode. (References: a, b). > Note the difference between processor modes and kernel privilege modes > We do the above switch to increase the size of the memory we can address. BIOS xv6 Boot loader 2 source source file executing bootasm.S m. Let’s 2. Switch from real mode to protected mode. expand on this a little bit Addressing in Real Mode In real mode, the processor sends 20-bit addresses to the memory. -
Iapx 286 PROGRAMMER's REFERENCE MANUAL
iAPX 286 PROGRAMMER'S REFERENCE MANUAL 1983 -. Additional copies of this manual or other Intel literature may be obtained from: Literature Department Intel Corporation 3065 Bowers Avenue Santa Clara, CA 95051 The information in this document is subject to change without notice. Intel Corporation makes no warranty of any kind with regard to this material, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose. Intel Corporation assumes no responsibility for any errors that may appear in this document. Intel Corporation makes no commitment to update nor to keep current the information contained in this document. Intel Corporation assumes no responsibility for the use of any circuitry other than circuitry embodied in an Intel product. No other circuit patent licenses are implied. Intel software products are copyrighted by and shall remain the property of Intel Corporation. Use, dupli cation or disclosure is subject to restrictions stated in Intel's software license, or as defined in ASPR 7-104.9(a)(9). No part of this document may be copied or reproduced in any form or by any means without the prior written consent of Intel Corporation. The following are trademarks of Intel Corporation and its affiliates and may be used to identify Intel products: AEDIT iDiS Intellink MICROMAINFRAME BITBUS iLBX iOSP MULTIBUS BXP im iPDS MULTICHANNEL COMMputer iMMX iRMX MULTIMODULE CREDIT Insite iSBC Plug-A-Bubble i intel iSBX PROMPT 12ICE intelBOS iSDM Ripplemode iATC Intelevision iSXM RMX/80 ICE inteligent Identifier Library Manager RUPI iCS inteligent Programming MCS System 2000 iDBP Intellec Megachassis UPI Table of Contents CHAPTER 1 Page INTRODUCTION TO iAPX 286 General Attributes .........