How is Win/Dos syscalls implemented in Wine?

Ove Kaaven ovehk at
Sun Oct 27 06:36:25 CST 2002

On Sun, 27 Oct 2002, Eric Pouech wrote:

> > Well, while I agree with the general sentiment, this is technically not
> > quite right. In i386 protected mode, you cannot jump directly to code with
> > a different privilege level (it'd cause a GPF/SIGSEGV to try), it must be
> > done through a "gate" (typically an interrupt). Passing through such a
> > privilege-transition gate also implies switching to a similarly-privileged
> > stack (before the return address is pushed), so you cannot push your own
> > return address onto the kernel's privileged stack. And you probably can't
> > even get the address of the kernel interrupt handler (the IDT can be
> > protected from being read). This doesn't make Wine any more secure though,
> > of course...
> I wasn't talking about jumping directly into the kernel

Hm? I was replying to Sylvain, who was talking about that.

More information about the wine-devel mailing list