Brad,
At 2:33 PM -0400 10/24/10, Brad Parker wrote:
   I have a low-level pdp-11 question... 
You might have better luck on the simh-dev list...
 I'm confused about writing to the PSW on cpu's
which support user &
supervisor mode.  My
read of the docs is that in user mode you should not be able to
write the "mode" bits of the PSW.
(or, perhaps more accurately, you should not be able to *clear* any
mode bits from user space) 
Yes, with MMU turned on, a less privileged mode should not be able to
change directly to a more privileged mode.  The CSM instruction,
which I'm not really familiar with, provides a controlled gate to
Supervisor mode from either User or Super mode, but not Kernel.
 I have a little diagnostic which doesn't work as I
though it should
under simh and I thought I'd
ask what others think...
Basically, simh allows code running in "user mode" to write the PSW
even when (I claim) it
should not.   I have not tried this on a real 11/44 or 11/34 yet,
but I can/will.
Should simh allow this?  In the test blow the "clr @#PSW" is
successful when run
on simh and I think it should basically be a nop...
(which begs another question - should it be a nop? or a exception?) 
In user mode?  Neither, I believe.  It should clear the bits you're
allowed to clear, and continue.
 A side question might be "the psw is not protected
from writes,
except by using
the mmu" - is this true on all models?  or just some?  The 11/40
manual implies
that it *is* protected.  But 11/73 docs seem to say the opposite and
imply using the mmu. 
Any mode can write _some_ bits of the PSW (e.g., N, Z, V, C,
sometimes T, and register set).  However, actually changing modes and
processor priorities should be gated by the MMU.
I haven't looked at this carefully, but a processor starts out in
Kernel mode.  Unless mapping is turned on, all modes are equivalent.
 diagnostic follows:
     .TITLE test17
     .ASECT
PSW=177776    ;processor status word
     .=34
     .word    200
     .word    0007
     .=200
     mov    #200, r5    ;we should be in kernel mode here
     rti
     .=500
     clr    @#PSW        ;kernel mode
     mov    #500,sp        ;sp=500 in kernel mode
     mov    #140000,@#PSW    ;user mode 
Not sure about the above.  Normally one would push new parameters
onto the (Kernel) stack and RTI to change mode.  But with the MMU
off, I don't think anything changes because at this point K=S=U.
      mov    #700,sp        ;sp=700 in user mode
     trap    377        ;should move us to kernel mode
     nop
     clr    @#PSW        ;back to kernel mode
     nop
     halt 
John