Intel 253668-032US Benutzerhandbuch
5-18 Vol. 3
PROTECTION
In the example in Figure 5-7, code segment D is a conforming code segment. There-
fore, calling procedures in both code segment A and B can access code segment D
(using either segment selector D1 or D2, respectively), because they both have CPLs
that are greater than or equal to the DPL of the conforming code segment. For
conforming code segments, the DPL represents the numerically lowest priv-
ilege level that a calling procedure may be at to successfully make a call to
the code segment.
(Note that segments selectors D1 and D2 are identical except for their respective
RPLs. But since RPLs are not checked when accessing conforming code segments,
the two segment selectors are essentially interchangeable.)
When program control is transferred to a conforming code segment, the CPL does not
change, even if the DPL of the destination code segment is less than the CPL. This
situation is the only one where the CPL may be different from the DPL of the current
code segment. Also, since the CPL does not change, no stack switch occurs.
Conforming segments are used for code modules such as math libraries and excep-
tion handlers, which support applications but do not require access to protected
system facilities. These modules are part of the operating system or executive soft-
ware, but they can be executed at numerically higher privilege levels (less privileged
levels). Keeping the CPL at the level of a calling code segment when switching to a
conforming code segment prevents an application program from accessing noncon-
forming code segments while at the privilege level (DPL) of a conforming code
segment and thus prevents it from accessing more privileged data.
Most code segments are nonconforming. For these segments, program control can
be transferred only to code segments at the same level of privilege, unless the
transfer is carried out through a call gate, as described in the following sections.
fore, calling procedures in both code segment A and B can access code segment D
(using either segment selector D1 or D2, respectively), because they both have CPLs
that are greater than or equal to the DPL of the conforming code segment. For
conforming code segments, the DPL represents the numerically lowest priv-
ilege level that a calling procedure may be at to successfully make a call to
the code segment.
(Note that segments selectors D1 and D2 are identical except for their respective
RPLs. But since RPLs are not checked when accessing conforming code segments,
the two segment selectors are essentially interchangeable.)
When program control is transferred to a conforming code segment, the CPL does not
change, even if the DPL of the destination code segment is less than the CPL. This
situation is the only one where the CPL may be different from the DPL of the current
code segment. Also, since the CPL does not change, no stack switch occurs.
Conforming segments are used for code modules such as math libraries and excep-
tion handlers, which support applications but do not require access to protected
system facilities. These modules are part of the operating system or executive soft-
ware, but they can be executed at numerically higher privilege levels (less privileged
levels). Keeping the CPL at the level of a calling code segment when switching to a
conforming code segment prevents an application program from accessing noncon-
forming code segments while at the privilege level (DPL) of a conforming code
segment and thus prevents it from accessing more privileged data.
Most code segments are nonconforming. For these segments, program control can
be transferred only to code segments at the same level of privilege, unless the
transfer is carried out through a call gate, as described in the following sections.
5.8.2 Gate
Descriptors
To provide controlled access to code segments with different privilege levels, the
processor provides special set of descriptors called gate descriptors. There are four
kinds of gate descriptors:
processor provides special set of descriptors called gate descriptors. There are four
kinds of gate descriptors:
•
Call gates
•
Trap gates
•
Interrupt gates
•
Task gates
Task gates are used for task switching and are discussed in Chapter 7, “Task Manage-
ment”. Trap and interrupt gates are special kinds of call gates used for calling excep-
tion and interrupt handlers. The are described in Chapter 6, “Interrupt and Exception
Handling.” This chapter is concerned only with call gates.
ment”. Trap and interrupt gates are special kinds of call gates used for calling excep-
tion and interrupt handlers. The are described in Chapter 6, “Interrupt and Exception
Handling.” This chapter is concerned only with call gates.