An instruction set, or instruction set architecture (ISA), is the part of the computer architecture related to programming, and may include the native data types, instructions, register architecture, addressing modes, memory architecture, interrupt and exception handling, and external input and output (I/O). The term instruction generally refers herein to macro-instructions—that is instructions that are provided to the processor (or instruction converter that translates (e.g., using static binary translation, dynamic binary translation including dynamic compilation), morphs, emulates, or otherwise converts an instruction to one or more other instructions to be processed by the processor) for execution—as opposed to micro-instructions or micro-operations (micro-ops)—that is the result of a processor's decoder decoding macro-instructions.
The ISA is distinguished from the micro-architecture, which is the internal design of the processor implementing the instruction set. Processors with different micro-architectures can share a common instruction set. For example, Intel® Core™ processors and processors from Advanced Micro Devices, Inc. of Sunnyvale Calif. implement nearly identical versions of the x86 instruction set (with some extensions that have been added with newer versions), but have different internal designs. For example, the same register architecture of the ISA may be implemented in different ways in different micro-architectures using well-known techniques, including dedicated physical registers, one or more dynamically allocated physical registers using a register renaming mechanism, etc.
An ISA typically provides one or more instructions for an application program to make a system call. Via the system call, an application program can request a service from an operating system kernel. The service includes hardware-related services (e.g., accessing the hard disk), creating and executing new processes, and communicating with integral kernel services (e.g., scheduling). Thus, system calls provide an interface between an application program and the operating system kernel.
Typically, system calls are implemented with a software interrupt or trap. Interrupts transfer control from an application program to the operating system kernel. Some existing architectures provide control transfer instructions for making a system call. These control transfer instructions are designed for an application program to quickly transfer control to the operating system without the overhead of an interrupt. However, the existing control transfer instructions have significant weakness that is vulnerable to faults and attacks. This vulnerability leads to less robust software. For example, if a fault occurs during a system call or system return before the control stacks are switched, the fault handler in the operating system may execute with the user mode stack instead of the system stack. The user mode stack is non-privileged and untrusted. In some scenarios, the user mode stack may contain malicious code and executing with the user mode stack can expose the system to malicious attacks.