IntelSoftwareDevelopersManual

Once loaded in the destination register software can

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: ad access rights) instruction. The LAR instruction specifies the segment selector for the segment descriptor whose access rights are to be checked and a destination register. The instruction then performs the following operations: 1. Check that the segment selector is not null. 2. Checks that the segment selector points to a segment descriptor that is within the descriptor table limit (GDT or LDT). 3. Checks that the segment descriptor is a code, data, LDT, call gate, task gate, or TSS segment-descriptor type. 4. If the segment is not a conforming code segment, checks if the segment descriptor is visible at the CPL (that is, if the CPL and the RPL of the segment selector are less than or equal to the DPL). 5. If the privilege level and type checks pass, loads the second doubleword of the segment descriptor into the destination register (masked by the value 00FXFF00H, where X indicates that the corresponding 4 bits are undefined) and sets the ZF flag in the EFLAGS register. If the segment selector is not visible at the current privilege level or is an invalid type for the LAR instruction, the instruction does not modify the destination register and clears the ZF flag. Once loaded in the destination register, software can preform additional checks on the access rights information. 4-26 PROTECTION 4.10.2. Checking Read/Write Rights (VERR and VERW Instructions) When the processor accesses any code or data segment it checks the read/write privileges assigned to the segment to verify that the intended read or write operation is allowed. Software can check read/write rights using the VERR (verify for reading) and VERW (verify for writing) instructions. Both these instructions specify the segment selector for the segment being checked. The instructions then perform the following operations: 1. Check that the segment selector is not null. 2. Checks that the segment selector points to a segment descriptor that is within the descriptor table limit (GDT or LDT). 3. Checks that the segment descriptor is a code or data-segment descriptor type. 4. If the segment is not a conforming code segment, checks if the segment descriptor is visible at the CPL (that is, if the CPL and the RPL of the segment selector are less than or equal to the DPL). 5. Checks that the segment is readable (for the VERR instruction) or writable (for the VERW) instruction. The VERR instruction sets the ZF flag in the EFLAGS register if the segment is visible at the CPL and readable; the VERW sets the ZF flag if the segment is visible and writable. (Code segments are never writable.) The ZF flag is cleared if any of these checks fail. 4-27 PROTECTION 4.10.3. Checking That the Pointer Offset Is Within Limits (LSL Instruction) When the processor accesses any segment it performs a limit check to insure that the offset is within the limit of the segment. Software can perform this limit check using the LSL (load segment limit) instruction. Like the LAR instruction, the LSL instruction specifies the segment selector for the segment descriptor whose limit is to be checked and a destination register. The instruction then performs the following operations: 1. Check that the segment selector is not null. 2. Checks that the segment selector points to a segment descriptor that is within the descriptor table limit (GDT or LDT). 3. Checks that the segment descriptor is a code, data, LDT, or TSS segment-descriptor type. 4. If the segment is not a conforming code segment, checks if the segment descriptor is visible at the CPL (that is, if the CPL and the RPL of the segment selector less than or equal to the DPL). 5. If the privilege level and type checks pass, loads the unscrambled limit (the limit scaled according to the setting of the G flag in the segment descriptor) into the destination register and sets the ZF flag in the EFLAGS register. If the segment selector is not visible at the current privilege level or is an invalid type for the LSL instruction, the instruction does not modify the destination register and clears the ZF flag. Once loaded in the destination register, software can compare the segment limit with the offset of a pointer. 4.10.4. Checking Caller Access Privileges (ARPL Instruction) The requestor’s privilege level (RPL) field of a segment selector is intended to carry the privilege level of a calling procedure (the calling procedure’s CPL) to a called procedure. The called procedure then uses the RPL to determine if access to a segment is allowed. The RPL is said to “weaken” the privilege level of the called procedure to that of the RPL. Operating-system procedures typically use the RPL to prevent less privileged application programs from accessing data located in more privileged segments. When an operating-system procedure (the called procedure) receives a segment selector from an application program (the calling procedure), it sets the segment selector’s RPL to the privilege level of the calling procedure. Then, when the operating system uses the segment selector to access its associated segment, the processor performs...
View Full Document

This note was uploaded on 06/07/2013 for the course ECE 1234 taught by Professor Kwhon during the Spring '10 term at University of California, Berkeley.

Ask a homework question - tutors are online