Intel IA-32 Manuale Utente
Vol. 3A 4-17
PROTECTION
In the example in Figure 4-7, code segment D is a conforming code segment. Therefore, calling
procedures in both code segment A and B can access code segment D (using either segment
selector D1 or D2, respectively), because they both have CPLs that are greater than or equal to
the DPL of the conforming code segment. For conforming code segments, the DPL repre-
sents the numerically lowest privilege level that a calling procedure may be at to success-
fully make a call to the code segment.
procedures in both code segment A and B can access code segment D (using either segment
selector D1 or D2, respectively), because they both have CPLs that are greater than or equal to
the DPL of the conforming code segment. For conforming code segments, the DPL repre-
sents the numerically lowest privilege level that a calling procedure may be at to success-
fully make a call to the code segment.
(Note that segments selectors D1 and D2 are identical except for their respective RPLs. But
since RPLs are not checked when accessing conforming code segments, the two segment selec-
tors are essentially interchangeable.)
since RPLs are not checked when accessing conforming code segments, the two segment selec-
tors are essentially interchangeable.)
When program control is transferred to a conforming code segment, the CPL does not change,
even if the DPL of the destination code segment is less than the CPL. This situation is the only
one where the CPL may be different from the DPL of the current code segment. Also, since the
CPL does not change, no stack switch occurs.
even if the DPL of the destination code segment is less than the CPL. This situation is the only
one where the CPL may be different from the DPL of the current code segment. Also, since the
CPL does not change, no stack switch occurs.
Conforming segments are used for code modules such as math libraries and exception handlers,
which support applications but do not require access to protected system facilities. These
modules are part of the operating system or executive software, but they can be executed at
numerically higher privilege levels (less privileged levels). Keeping the CPL at the level of a
calling code segment when switching to a conforming code segment prevents an application
program from accessing nonconforming code segments while at the privilege level (DPL) of a
conforming code segment and thus prevents it from accessing more privileged data.
which support applications but do not require access to protected system facilities. These
modules are part of the operating system or executive software, but they can be executed at
numerically higher privilege levels (less privileged levels). Keeping the CPL at the level of a
calling code segment when switching to a conforming code segment prevents an application
program from accessing nonconforming code segments while at the privilege level (DPL) of a
conforming code segment and thus prevents it from accessing more privileged data.
Most code segments are nonconforming. For these segments, program control can be transferred
only to code segments at the same level of privilege, unless the transfer is carried out through a
call gate, as described in the following sections.
only to code segments at the same level of privilege, unless the transfer is carried out through a
call gate, as described in the following sections.
4.8.2
Gate Descriptors
To provide controlled access to code segments with different privilege levels, the processor
provides special set of descriptors called gate descriptors. There are four kinds of gate
descriptors:
provides special set of descriptors called gate descriptors. There are four kinds of gate
descriptors:
•
Call gates
•
Trap gates
•
Interrupt gates
•
Task gates
Task gates are used for task switching and are discussed in Chapter 6, “Task Management”. Trap
and interrupt gates are special kinds of call gates used for calling exception and interrupt
handlers. The are described in Chapter 5, “Interrupt and Exception Handling.” This chapter is
concerned only with call gates.
and interrupt gates are special kinds of call gates used for calling exception and interrupt
handlers. The are described in Chapter 5, “Interrupt and Exception Handling.” This chapter is
concerned only with call gates.