1. Field of Invention
The present invention relates to a system call implementation. More particularly, the present invention relates to a system call implementation using encryption to control a kernel entry point.
2. Description of Related Art
User mode programs usually require a hardware assistant to switch from a user mode to a kernel mode so that the user mode can have full control of authority over the hardware. The operating system may be divided into two groups: an operating system executed on a virtual machine or an operating system directly executing on the hardware. The operating system executed on the virtual machine, for example JavaOS, completely relies on dynamic checks using software to control the use of pointers and the hardware resources. However, the disadvantage of the foregoing method is the low execution efficiency.
In addition, the operating system directly executed on the hardware greatly relies on the protection provided by the hardware. Therefore, some particular instructions and actions may only be executed by some particular components (usually the kernel) of the system.
Nowadays, most central processing units and operating systems use software interrupt as the foundation for the system call. The software interrupt uses a software dispatch mechanism to call a correct kernel service routine. For example, the Linux uses int 0x80 instruction series to cause system interruption on Intelx86 processor series, and the kernel subsequently executes a corresponding kernel service routine according to the user request.
FIG. 1 illustrates a flowchart of a conventional Linux system calls performed on the Pentium processor. The foregoing method requires five steps in order to complete the system call (step 110 to step 118). First, during step 110, the user mode program to make a system call (for example, int 0x80). In step 112, the content of the 0x80 in the Interrupt Descriptor Table (IDT) is then loaded into the program counter in the kernel space. After loading the new address in the program counter, in step 114, the operating system calls a corresponding kernel service routine in the kernel space according to the designation of the user (usually the value of the AX register stores in the stack). In step 116, the system call operation returns from the kernel service routine to the register in the kernel space. Finally, in step 118, the system call operation switches back from the kernel mode to the user mode.
FIG. 1 uses the software interrupt as the foundation for the system call, which requires complicated, time consumption of the software dispatch mechanism in order to call the correct kernel service routine. In addition, most kernels have a single entry point. Therefore, the foregoing method uses a complicated step for the system call (step 110 to step 118).
Therefore, there is a need for a simplified step for the system call to enhance the execution efficiency.