| sysenter instruction |
(gdb) disass Dump of assembler code for function __kernel_vsyscall: 0xb780b414 : push %ecx 0xb780b415 : push %edx 0xb780b416 : push %ebp 0xb780b417 : mov %esp,%ebp 0xb780b419 : sysenter 0xb780b41b : nop 0xb780b41c : nop 0xb780b41d : nop 0xb780b41e : nop 0xb780b41f : nop 0xb780b420 : nop 0xb780b421 : nop 0xb780b422 : jmp 0xb780b417 => 0xb780b424 : pop %ebp 0xb780b425 : pop %edx 0xb780b426 : pop %ecx 0xb780b427 : ret End of assembler dump. (gdb)0xb780b419 : sysenter
The SYSENTER instruction is part of the "Fast System Call" facility introduced on the Pentium(R) II processor. The SYSENTER instruction is optimized to provide the maximum performance for transitions to protection ring 0 (CPL 0). The SYSENTER instruction sets the following registers according to values specified by the operating system in certain model-specific registers. CS register set to the value of (SYSENTER_CS_MSR) EIP register set to the value of (SYSENTER_EIP_MSR) SS register set to the sum of (8 plus the value in SYSENTER_CS_MSR) ESP register set to the value of (SYSENTER_ESP_MSR) The processor does not save user stack or return address information, and does not save any registers. http://www.intel.com/software/products/documentation /vlin/mergedprojects/analyzer_ec/mergedprojects/reference _olh/mergedprojects/instructions/instruct32_hh/vc311.htm