Why Have a Call Gate?
The CALL GATE is the mechanism by which an application
requests services from the operating system. Integrity has several requirements
which are not immediately obvious to most people.
- The caller must be forced to use a designed entry
point to prevent entry at an arbitrary location; for example, at a point
after the parameters have been validated. This might cause the operating
system to violate its own integrity or that of another application.
- The parameters, as well as the rest of the stack,
must be protected from the application while in use by the operating system
to prevent changes by another thread in that application.
- The return address must be protected from the
application while the operating system is running to prevent other threads
of the application from altering it in a way that would cause a return to
the application in a privileged mode.
Note: A CALL GATE implements all of the above requirements.
Note: A CALL GATE is a system descriptor which describes an entry
point in a more privileged program which is accessible to less privileged
programs.
[Back: The Call Gate]
[Next: Another View]