Mdthbs

How can I fix this gap between bookcases I made?

Prevent a directory in /tmp from being deleted

Do airline pilots ever risk not hearing communication directed to them specifically, from traffic controllers?

How to make payment on the internet without leaving a money trail?

How to type dʒ symbol (IPA) on Mac?

Is there a familial term for apples and pears?

Theorems that impeded progress

Why has Russell's definition of numbers using equivalence classes been finally abandoned? ( If it has actually been abandoned).

Accidentally leaked the solution to an assignment, what to do now? (I'm the prof)

Is there really no realistic way for a skeleton monster to move around without magic?

Why are 150k or 200k jobs considered good when there are 300k+ births a month?

Can an x86 CPU running in real mode be considered to be basically an 8086 CPU?

Banach space and Hilbert space topology

declaring a variable twice in IIFE

Book about a traveler who helps planets in need

How can the DM most effectively choose 1 out of an odd number of players to be targeted by an attack or effect?

Can I make popcorn with any corn?

What is the command to reset a PC without deleting any files

Download, install and reboot computer at night if needed

How can I hide my bitcoin transactions to protect anonymity from others?

Set-theoretical foundations of Mathematics with only bounded quantifiers

GPS Rollover on Android Smartphones

How is it possible to have an ability score that is less than 3?

If Manufacturer spice model and Datasheet give different values which should I use?

Why does Linux have two data segments, one for user mode and another for kernel mode?

Why do the data and code segments completely overlap in Linux?How is user space process/thread controlled by the operating systemHow are separate stacks for different threads allocated in kernel mode for a process in Linux Kernel?Does Linux not use segmentation but only paging?Does the Linux kernel have its own page table?Linux Kernel Mode Vs User ModeLinux 3/1 split and physical mapDoesn't allowing a user mode program to access kernel space memory and execute the IN and OUT instructions defeat the purpose of having CPU modes?Can a user mode program access the kernel memory and the memory of other processes?Does Linux uses Segmentation (in addition to Paging)?

.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}

2

0

Linux have (in addition to other segments) a user data segment and a kernel data segment.

When the CPU is in user mode, Linux loads the segment selector of the user data segment into the DS register. And when the CPU is in kernel mode, Linux loads the segment selector of the kernel data segment into the DS register.

But the kernel data segment is still accessible from user mode, since the user data segment and the kernel data segment point to the same virtual memory addresses!

So why does Linux have two data segments, one for user mode and another for kernel mode?

linux linux-kernel

share|improve this question

asked 23 hours ago

user345903user345903

161

New contributor

user345903 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  (1) How do other operating systems work?  If most operating systems work the same as Linux, then this isn’t a question about Linux. (2) You say, “But the kernel data segment is still accessible from user mode, since the user data segment and the kernel data segment point to the same virtual memory addresses!”  What do you mean?  Can you support this statement with references?
  
  – G-Man
  23 hours ago
  

  
  
  
  

add a comment | 

2

0

Linux have (in addition to other segments) a user data segment and a kernel data segment.

When the CPU is in user mode, Linux loads the segment selector of the user data segment into the DS register. And when the CPU is in kernel mode, Linux loads the segment selector of the kernel data segment into the DS register.

But the kernel data segment is still accessible from user mode, since the user data segment and the kernel data segment point to the same virtual memory addresses!

So why does Linux have two data segments, one for user mode and another for kernel mode?

linux linux-kernel

share|improve this question

asked 23 hours ago

user345903user345903

161

New contributor

user345903 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  (1) How do other operating systems work?  If most operating systems work the same as Linux, then this isn’t a question about Linux. (2) You say, “But the kernel data segment is still accessible from user mode, since the user data segment and the kernel data segment point to the same virtual memory addresses!”  What do you mean?  Can you support this statement with references?
  
  – G-Man
  23 hours ago
  

  
  
  
  

add a comment | 

Linux have (in addition to other segments) a user data segment and a kernel data segment.

When the CPU is in user mode, Linux loads the segment selector of the user data segment into the DS register. And when the CPU is in kernel mode, Linux loads the segment selector of the kernel data segment into the DS register.

But the kernel data segment is still accessible from user mode, since the user data segment and the kernel data segment point to the same virtual memory addresses!

So why does Linux have two data segments, one for user mode and another for kernel mode?

linux linux-kernel

share|improve this question

asked 23 hours ago

user345903user345903

161

New contributor

user345903 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

share|improve this question

asked 23 hours ago

user345903user345903

161

New contributor

user345903 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

share|improve this question

asked 23 hours ago

user345903user345903

161

New contributor

user345903 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

asked 23 hours ago

user345903user345903

161

New contributor

user345903 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

asked 23 hours ago

user345903user345903

161

1 Answer
1

active

oldest

votes

3

Linux uses the same segment descriptor for SS and DS. The SS segment descriptor must have a DPL field exactly equal to CPL, i.e. the Current Privilege Level. Therefore you need separate data segment descriptors for kernel and user mode.

Sources (I am too lazy to download CPU manuals)

There is a comment in the definition of gdt_page:

We need valid kernel segments for data and code in long mode too.
IRET will check the segment types. -- kkeil 2000/10/28

Web search: iret checks segment types

Abhishek Yadav :

Instructions that load selectors into SS must refer to data segment descriptors for writable data segments. The descriptor privilege (DPL) and RPL must equal CPL. All other descriptor types or a privilege level violation will cause exception 13.

Web search: iret check segment type OR "DPL" OR "CPL" "SS"

"Many But Finite" :

... The exception is for the stack segment register ss, for which the three of CPL, RPL, and DPL must match exactly.

bochs-2.6.2/cpu/iret.cc:256 :

    /* stack segment DPL must equal the RPL of the return CS selector,

     * else #GP(SS selector) */

    if (ss_descriptor.dpl != cs_selector.rpl) {

       BX_ERROR(("iret: SS.dpl != CS selector RPL"));

       exception(BX_GP_EXCEPTION, raw_ss_selector & 0xfffc);

    }

Background: why does Linux have separate code segments for user and kernel mode?

Related, another comment in the kernel source code:

We cannot use the same code segment descriptor for user and kernel mode,
not even in long flat mode, because of different DPL.

This is because the DPL of the current code segment is used as the CPL.

I notice you also need different code segments for 32 and 64 bit code -

https://en.wikipedia.org/wiki/Segment_descriptor -

L=Long-mode segment

If set, this is a 64-bit segment (and D must be zero), and code in this segment uses the 64-bit instruction encoding

---

I guess the DS segment register gets reset when entering the kernel from userspace, at least on x86-32. But I was not able to identify the code that does it.

There is also a recent LWN.net article, which makes an interesting comment about set_fs().

The original role of set_fs() was to set the x86 processor's FS segment register which, in the early days, was used to control the range of virtual addresses that could be accessed by unprivileged code. The kernel has ... long since stopped using x86 segments this way.

share|improve this answer

edited 2 hours ago

answered 12 hours ago

sourcejedisourcejedi

25.7k445113

add a comment | 

Your Answer

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});

user345903 is a new contributor. Be nice, and check out our Code of Conduct.

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f510960%2fwhy-does-linux-have-two-data-segments-one-for-user-mode-and-another-for-kernel%23new-answer', 'question_page');
}
);

Post as a guest

Name

Email

Required, but never shown

3

Linux uses the same segment descriptor for SS and DS. The SS segment descriptor must have a DPL field exactly equal to CPL, i.e. the Current Privilege Level. Therefore you need separate data segment descriptors for kernel and user mode.

Sources (I am too lazy to download CPU manuals)

There is a comment in the definition of gdt_page:

We need valid kernel segments for data and code in long mode too.
IRET will check the segment types. -- kkeil 2000/10/28

Web search: iret checks segment types

Abhishek Yadav :

Instructions that load selectors into SS must refer to data segment descriptors for writable data segments. The descriptor privilege (DPL) and RPL must equal CPL. All other descriptor types or a privilege level violation will cause exception 13.

Web search: iret check segment type OR "DPL" OR "CPL" "SS"

"Many But Finite" :

... The exception is for the stack segment register ss, for which the three of CPL, RPL, and DPL must match exactly.

bochs-2.6.2/cpu/iret.cc:256 :

    /* stack segment DPL must equal the RPL of the return CS selector,

     * else #GP(SS selector) */

    if (ss_descriptor.dpl != cs_selector.rpl) {

       BX_ERROR(("iret: SS.dpl != CS selector RPL"));

       exception(BX_GP_EXCEPTION, raw_ss_selector & 0xfffc);

    }

Background: why does Linux have separate code segments for user and kernel mode?

Related, another comment in the kernel source code:

We cannot use the same code segment descriptor for user and kernel mode,
not even in long flat mode, because of different DPL.

This is because the DPL of the current code segment is used as the CPL.

I notice you also need different code segments for 32 and 64 bit code -

https://en.wikipedia.org/wiki/Segment_descriptor -

L=Long-mode segment

If set, this is a 64-bit segment (and D must be zero), and code in this segment uses the 64-bit instruction encoding

---

I guess the DS segment register gets reset when entering the kernel from userspace, at least on x86-32. But I was not able to identify the code that does it.

There is also a recent LWN.net article, which makes an interesting comment about set_fs().

The original role of set_fs() was to set the x86 processor's FS segment register which, in the early days, was used to control the range of virtual addresses that could be accessed by unprivileged code. The kernel has ... long since stopped using x86 segments this way.

share|improve this answer

edited 2 hours ago

answered 12 hours ago

sourcejedisourcejedi

25.7k445113

add a comment | 

3

Linux uses the same segment descriptor for SS and DS. The SS segment descriptor must have a DPL field exactly equal to CPL, i.e. the Current Privilege Level. Therefore you need separate data segment descriptors for kernel and user mode.

Sources (I am too lazy to download CPU manuals)

There is a comment in the definition of gdt_page:

We need valid kernel segments for data and code in long mode too.
IRET will check the segment types. -- kkeil 2000/10/28

Web search: iret checks segment types

Abhishek Yadav :

Instructions that load selectors into SS must refer to data segment descriptors for writable data segments. The descriptor privilege (DPL) and RPL must equal CPL. All other descriptor types or a privilege level violation will cause exception 13.

Web search: iret check segment type OR "DPL" OR "CPL" "SS"

"Many But Finite" :

... The exception is for the stack segment register ss, for which the three of CPL, RPL, and DPL must match exactly.

bochs-2.6.2/cpu/iret.cc:256 :

    /* stack segment DPL must equal the RPL of the return CS selector,

     * else #GP(SS selector) */

    if (ss_descriptor.dpl != cs_selector.rpl) {

       BX_ERROR(("iret: SS.dpl != CS selector RPL"));

       exception(BX_GP_EXCEPTION, raw_ss_selector & 0xfffc);

    }

Background: why does Linux have separate code segments for user and kernel mode?

Related, another comment in the kernel source code:

We cannot use the same code segment descriptor for user and kernel mode,
not even in long flat mode, because of different DPL.

This is because the DPL of the current code segment is used as the CPL.

I notice you also need different code segments for 32 and 64 bit code -

https://en.wikipedia.org/wiki/Segment_descriptor -

L=Long-mode segment

If set, this is a 64-bit segment (and D must be zero), and code in this segment uses the 64-bit instruction encoding

---

I guess the DS segment register gets reset when entering the kernel from userspace, at least on x86-32. But I was not able to identify the code that does it.

There is also a recent LWN.net article, which makes an interesting comment about set_fs().

The original role of set_fs() was to set the x86 processor's FS segment register which, in the early days, was used to control the range of virtual addresses that could be accessed by unprivileged code. The kernel has ... long since stopped using x86 segments this way.

share|improve this answer

edited 2 hours ago

answered 12 hours ago

sourcejedisourcejedi

25.7k445113

add a comment | 

Linux uses the same segment descriptor for SS and DS. The SS segment descriptor must have a DPL field exactly equal to CPL, i.e. the Current Privilege Level. Therefore you need separate data segment descriptors for kernel and user mode.

Sources (I am too lazy to download CPU manuals)

There is a comment in the definition of gdt_page:

We need valid kernel segments for data and code in long mode too.
IRET will check the segment types. -- kkeil 2000/10/28

Web search: iret checks segment types

Abhishek Yadav :

Instructions that load selectors into SS must refer to data segment descriptors for writable data segments. The descriptor privilege (DPL) and RPL must equal CPL. All other descriptor types or a privilege level violation will cause exception 13.

Web search: iret check segment type OR "DPL" OR "CPL" "SS"

"Many But Finite" :

... The exception is for the stack segment register ss, for which the three of CPL, RPL, and DPL must match exactly.

bochs-2.6.2/cpu/iret.cc:256 :

    /* stack segment DPL must equal the RPL of the return CS selector,

     * else #GP(SS selector) */

    if (ss_descriptor.dpl != cs_selector.rpl) {

       BX_ERROR(("iret: SS.dpl != CS selector RPL"));

       exception(BX_GP_EXCEPTION, raw_ss_selector & 0xfffc);

    }

Background: why does Linux have separate code segments for user and kernel mode?

Related, another comment in the kernel source code:

We cannot use the same code segment descriptor for user and kernel mode,
not even in long flat mode, because of different DPL.

This is because the DPL of the current code segment is used as the CPL.

I notice you also need different code segments for 32 and 64 bit code -

https://en.wikipedia.org/wiki/Segment_descriptor -

L=Long-mode segment

If set, this is a 64-bit segment (and D must be zero), and code in this segment uses the 64-bit instruction encoding

---

I guess the DS segment register gets reset when entering the kernel from userspace, at least on x86-32. But I was not able to identify the code that does it.

There is also a recent LWN.net article, which makes an interesting comment about set_fs().

The original role of set_fs() was to set the x86 processor's FS segment register which, in the early days, was used to control the range of virtual addresses that could be accessed by unprivileged code. The kernel has ... long since stopped using x86 segments this way.

share|improve this answer

edited 2 hours ago

answered 12 hours ago

sourcejedisourcejedi

25.7k445113

    /* stack segment DPL must equal the RPL of the return CS selector,

     * else #GP(SS selector) */

    if (ss_descriptor.dpl != cs_selector.rpl) {

       BX_ERROR(("iret: SS.dpl != CS selector RPL"));

       exception(BX_GP_EXCEPTION, raw_ss_selector & 0xfffc);

    }

share|improve this answer

edited 2 hours ago

answered 12 hours ago

sourcejedisourcejedi

25.7k445113

answered 12 hours ago

sourcejedisourcejedi

25.7k445113

answered 12 hours ago

sourcejedisourcejedi

25.7k445113