Can we bypass entering kernel mode to execute system call code in assembly language?

Question

I'm wondering that can we just copy system call code and drivers code to our assembly program and use these code to manipulate hardware? Say wipe out the hard drive?

Could we copy code from kernel mode and use it to do anything we want? As in: can we just copy any code that runs in the kernel to user mode, and do the exact same as the kernel?

Is there any thing that can stop us from doing this?

Answer 1

can we just copy any code that run in kernel to user mode

No, you cannot. Kernel mode code has two main differences from user mode code that make it impossible to run in user space:

1. It uses privileged instructions (and privileged special registers) to communicate with hardware which are not available in userspace. If executed in userspace, such instructions will cause hardware exceptions and redirect control to a kernel exception handler that will kill your program for executing a forbidden instruction.

   This also answers your question:

   Is there any thing that can stop us from doing this?

   Yes, the processor itself will stop you from doing this, and since the kernel has installed the appropriate exception handlers for such events, it will then act accordingly.

2. Even being able to execute those instructions, you would still need to access and manipulate data stored in kernel space, for example directory entries, page tables, task structures, etc. This data is completely invisible to any userspace program due to virtual memory isolation.