[轉]关于CR0.WP

关于CR0.WP

我们知道CR0的WP位可以关闭内核写保护。他和页表的R/W位有关。Intel手册中的描述绕来绕去似乎一直没有说到重点。

When the processor is in supervisor mode and the WP flag in register CR0 is clear (its 
state following reset initialization), all pages are both readable and writable (write-
protection is ignored). When the processor is in user mode, it can write only to user-
mode pages that are read/write accessible. User-mode pages which are read/write or 
read-only are readable; supervisor-mode pages are neither readable nor writable 
from user mode. A page-fault exception is generated on any attempt to violate the 
protection rules.
Starting with the P6 family, Intel processors allow user-mode pages to be write-
protected against supervisor-mode access. Setting CR0.WP = 1 enables supervisor-
mode sensitivity to user-mode, write protected pages. Supervisor pages which are 
read-only are not writable from any privilege level (if CR0.WP = 1). This supervisor 
write-protect feature is useful for implementing a “copy-on-write” strategy used by 
some operating systems, such as UNIX*, for task creation (also called forking or 
spawning). When a new task is created, it is possible to copy the entire address space 
of the parent task. This gives the child task a complete, duplicate set of the parent's 
segments and pages. An alternative copy-on-write strategy saves memory space and 
time by mapping the child's segments and pages to the same segments and pages 
used by the parent task. A private copy of a page gets created only when one of the 
tasks writes to the page. By using the WP flag and marking the shared pages as read-
only, the supervisor can detect an attempt to write to a user-level page, and can copy 
the page at that time.

经过试验明白了WP位的作用。

WP位是Supervisor的写保护位 (CPL < 3是Supervisor)

当WP = 1时，Supervisor不能写R/W没有置位的页。

WP = 0时，Supervisor可以写任何页。

对于User (CPL = 3), 无论WP是什么，都不能写R/W没有置位的页。所以User无论怎么样都是二等公民。