This preview shows page 1. Sign up to view the full content.
Unformatted text preview: page-directory and page-table entries. 4-3 PROTECTION Data-Segment Descriptor
31 24 23 22 21 20 19 16 15 14 13 12 11 87 0 A GB0V L D P L Base 31:24 Limit 19:16 P Type
1 0EWA Base 23:16 4
0 31 16 15 Base Address 15:00 Segment Limit 15:00 0 Code-Segment Descriptor
31 24 23 22 21 20 19 16 15 14 13 12 11 87 0 A GD0V L D P L Base 31:24 Limit 19:16 P Type
11CRA Base 23:16 4
0 31 16 15 Base Address 15:00 Segment Limit 15:00 0 System-Segment Descriptor
31 24 23 22 21 20 19 16 15 14 13 12 11 87 0 D P L Base 31:24 G 0 Limit 19:16 P 0 Type Base 23:16 4
0 31 16 15 Base Address 15:00 Segment Limit 15:00 0 A AVL B C D DPL Accessed Available to Sys. Programmer’s Big Conforming Default Descriptor Privilege Level Reserved E G R LIMIT W P Expansion Direction Granularity Readable Segment Limit Writable Present Figure 4-1. Descriptor Fields Used for Protection Many different styles of protection schemes can be implemented with these fields and flags. When the operating system creates a descriptor, it places values in these fields and flags in keeping with the particular protection style chosen for an operating system or executive. Application program do not generally access or modify these fields and flags. The following sections describe how the processor uses these fields and flags to perform the various categories of checks described in the introduction to this chapter. 4-4 PROTECTION 4.3. LIMIT CHECKING The limit field of a segment descriptor prevents programs or procedures from addressing memory locations outside the segment. The effective value of the limit depends on the setting of the G (granularity) flag (refer to Figure 4-1). For data segments, the limit also depends on the E (expansion direction) flag and the B (default stack pointer size and/or upper bound) flag. The E flag is one of the bits in the type field when the segment descriptor is for a data-segment type. When the G flag is clear (byte granularity), the effective limit is the value of the 20-bit limit field in the segment descriptor. Here, the limit ranges from 0 to FFFFFH (1 MByte). When the G flag is set (4-KByte page granularity), the processor scales the value in the limit field by a factor of 2^12 (4 KBytes). In this case, the effective limit ranges from FFFH (4 KBytes) to FFFFFFFFH (4 GBytes). Note that when scaling is used (G flag is set), the lower 12 bits of a segment offset (address) are not checked against the limit; for example, note that if the segment limit is 0, offsets 0 through FFFH are still valid. For all types of segments except expand-down data segments, the effective limit is the last address that is allowed to be accessed in the segment, which is one less than the size, in bytes, of the segment. The processor causes a general-protection exception any time an attempt is made to access the following addresses in a segment: • • • • A byte at an offset greater than the effective limit A word at an offset greater than the (effective-limit – 1) A doubleword at an offset greater than the (effective-limit – 3) A quadword at an offset greater than the (effective-limit – 7) For expand-down data segments, the segment limit has the same function but is interpreted differently. Here, the effective limit specifies the last address that is not allowed to be accessed within the segment; the range of valid offsets is from (effective-limit + 1) to FFFFFFFFH if the B flag is set and from (effective-limit + 1) to FFFFH if the B flag is clear. An expand-down segment has maximum size when the segment limit is 0. Limit checking catches programming errors such as runaway code, runaway subscripts, and invalid pointer calculations. These errors are detected when they occur, so identification of the cause is easier. Without limit checking, these errors could overwrite code or data in another segment. In addition to checking segment limits, the processor also checks descriptor table limits. The GDTR and IDTR registers contain 16-bit limit values that the processor uses to prevent programs from selecting a segment descriptors outside the respective descriptor tables. The LDTR and task registers contain 32-bit segment limit value (read from the segment descriptors for the current LDT and TSS, respectively). The processor uses these segment limits to prevent accesses beyond the bounds of the current LDT and TSS. Refer to Section 3.5.1., “Segment Descriptor Tables” in Chapter 3, Protected-Mode Memory Management for more information on the GDT and LDT limit fields; refer to Section 5.8., “Interrupt Descriptor Table (IDT)” in Chapter 5, Interrupt and Exception Handling for more information on the IDT limit field; and refer to Section 6.2.3., “Task Register” in Chapter 6, Task Management for more information on the TSS segment limit field. 4-5 PROTECTION 4.4. TYPE CHECKING Segment descriptors contain type information in two places: • • The S (descriptor type) flag. The type field. The processor uses this information to detect programming errors th...
View Full Document
- Spring '10