This preview shows page 1. Sign up to view the full content.
Unformatted text preview: at result in an attempt to use a segment or gate in an incorrect or unintended manner. The S flag indicates whether a descriptor is a system type or a code or data type. The type field provides 4 additional bits for use in defining various types of code, data, and system descriptors. Table 3-1 in Chapter 3, Protected-Mode Memory Management shows the encoding of the type field for code and data descriptors; Table 3-2 in Chapter 3, Protected-Mode Memory Management shows the encoding of the field for system descriptors. The processor examines type information at various times while operating on segment selectors and segment descriptors. The following list gives examples of typical operations where type checking is performed. This list is not exhaustive. • When a segment selector is loaded into a segment register. Certain segment registers can contain only certain descriptor types, for example: — The CS register only can be loaded with a selector for a code segment. — Segment selectors for code segments that are not readable or for system segments cannot be loaded into data-segment registers (DS, ES, FS, and GS). — Only segment selectors of writable data segments can be loaded into the SS register. • When a segment selector is loaded into the LDTR or task register. — The LDTR can only be loaded with a selector for an LDT. — The task register can only be loaded with a segment selector for a TSS. • When instructions access segments whose descriptors are already loaded into segment registers. Certain segments can be used by instructions only in certain predefined ways, for example: — No instruction may write into an executable segment. — No instruction may write into a data segment if it is not writable. — No instruction may read an executable segment unless the readable flag is set. • When an instruction operand contains a segment selector. Certain instructions can access segment or gates of only a particular type, for example: — A far CALL or far JMP instruction can only access a segment descriptor for a conforming code segment, nonconforming code segment, call gate, task gate, or TSS. — The LLDT instruction must reference a segment descriptor for an LDT. — The LTR instruction must reference a segment descriptor for a TSS. 4-6 PROTECTION — The LAR instruction must reference a segment or gate descriptor for an LDT, TSS, call gate, task gate, code segment, or data segment. — The LSL instruction must reference a segment descriptor for a LDT, TSS, code segment, or data segment. — IDT entries must be interrupt, trap, or task gates. • During certain internal operations. For example: — On a far call or far jump (executed with a far CALL or far JMP instruction), the processor determines the type of control transfer to be carried out (call or jump to another code segment, a call or jump through a gate, or a task switch) by checking the type field in the segment (or gate) descriptor pointed to by the segment (or gate) selector given as an operand in the CALL or JMP instruction. If the descriptor type is for a code segment or call gate, a call or jump to another code segment is indicated; if the descriptor type is for a TSS or task gate, a task switch is indicated. — On a call or jump through a call gate (or on an interrupt- or exception-handler call through a trap or interrupt gate), the processor automatically checks that the segment descriptor being pointed to by the gate is for a code segment. — On a call or jump to a new task through a task gate (or on an interrupt- or exceptionhandler call to a new task through a task gate), the processor automatically checks that the segment descriptor being pointed to by the task gate is for a TSS. — On a call or jump to a new task by a direct reference to a TSS, the processor automatically checks that the segment descriptor being pointed to by the CALL or JMP instruction is for a TSS. — On return from a nested task (initiated by an IRET instruction), the processor checks that the previous task link field in the current TSS points to a TSS. 4.4.1. Null Segment Selector Checking Attempting to load a null segment selector (refer to Section 3.4.1. in Chapter 3, Protected-Mode Memory Management) into the CS or SS segment register generates a general-protection exception (#GP). A null segment selector can be loaded into the DS, ES, FS, or GS register, but any attempt to access a segment through one of these registers when it is loaded with a null segment selector results in a #GP exception being generated. Loading unused data-segment registers with a null segment selector is a useful method of detecting accesses to unused segment registers and/or preventing unwanted accesses to data segments. 4-7 PROTECTION 4.5. PRIVILEGE LEVELS The processor’s segment-protection mechanism recognizes 4 privilege levels, numbered from 0 to 3. The greater numbers mean lesser privileges. Figure 4-2 shows how these levels of privilege can be interpreted as r...
View Full Document
- Spring '10