Jens Nerche wrote:
> My idea was to leave these descriptors untouched, which were
> referenced by segment selectors. If these descriptors in the new
> table doesn't change, it's ok. If one or more descriptors change,
> the guest will try to load them in selectors. This case can
> be caught by setting DPL to a lower than 3 value. Now we can
> emulate selector loading and update monitors GDT.
Unfortunately, if you set the DPL to != 3, this means that the
guest code runs in a ring != 3 (in the case of a code segment),
which we obviously can't allow for security reasons (and also
because access protection via supervisor bits etc. won't work) ...
Bye,
Ulrich
--
Ulrich Weigand,
IMMD 1, Universitaet Erlangen-Nuernberg,
Martensstr. 3, D-91058 Erlangen, Phone: +49 9131 85-27688
