Intel 253668-032US User Manual
3-18 Vol. 3
PROTECTED-MODE MEMORY MANAGEMENT
For code segments, the three low-order bits of the type field are interpreted as
accessed (A), read enable (R), and conforming (C). Code segments can be execute-
only or execute/read, depending on the setting of the read-enable bit. An
execute/read segment might be used when constants or other static data have been
placed with instruction code in a ROM. Here, data can be read from the code segment
either by using an instruction with a CS override prefix or by loading a segment
selector for the code segment in a data-segment register (the DS, ES, FS, or GS
registers). In protected mode, code segments are not writable.
Code segments can be either conforming or nonconforming. A transfer of execution
into a more-privileged conforming segment allows execution to continue at the
current privilege level. A transfer into a nonconforming segment at a different privi-
lege level results in a general-protection exception (#GP), unless a call gate or task
gate is used (see Section 5.8.1, “Direct Calls or Jumps to Code Segments”, for more
information on conforming and nonconforming code segments). System utilities that
do not access protected facilities and handlers for some types of exceptions (such as,
divide error or overflow) may be loaded in conforming code segments. Utilities that
need to be protected from less privileged programs and procedures should be placed
in nonconforming code segments.
accessed (A), read enable (R), and conforming (C). Code segments can be execute-
only or execute/read, depending on the setting of the read-enable bit. An
execute/read segment might be used when constants or other static data have been
placed with instruction code in a ROM. Here, data can be read from the code segment
either by using an instruction with a CS override prefix or by loading a segment
selector for the code segment in a data-segment register (the DS, ES, FS, or GS
registers). In protected mode, code segments are not writable.
Code segments can be either conforming or nonconforming. A transfer of execution
into a more-privileged conforming segment allows execution to continue at the
current privilege level. A transfer into a nonconforming segment at a different privi-
lege level results in a general-protection exception (#GP), unless a call gate or task
gate is used (see Section 5.8.1, “Direct Calls or Jumps to Code Segments”, for more
information on conforming and nonconforming code segments). System utilities that
do not access protected facilities and handlers for some types of exceptions (such as,
divide error or overflow) may be loaded in conforming code segments. Utilities that
need to be protected from less privileged programs and procedures should be placed
in nonconforming code segments.
NOTE
Execution cannot be transferred by a call or a jump to a less-
privileged (numerically higher privilege level) code segment,
regardless of whether the target segment is a conforming or noncon-
forming code segment. Attempting such an execution transfer will
result in a general-protection exception.
privileged (numerically higher privilege level) code segment,
regardless of whether the target segment is a conforming or noncon-
forming code segment. Attempting such an execution transfer will
result in a general-protection exception.
All data segments are nonconforming, meaning that they cannot be accessed by less
privileged programs or procedures (code executing at numerically high privilege
levels). Unlike code segments, however, data segments can be accessed by more
privileged programs or procedures (code executing at numerically lower privilege
levels) without using a special access gate.
If the segment descriptors in the GDT or an LDT are placed in ROM, the processor can
enter an indefinite loop if software or the processor attempts to update (write to) the
ROM-based segment descriptors. To prevent this problem, set the accessed bits for
all segment descriptors placed in a ROM. Also, remove operating-system or executive
code that attempts to modify segment descriptors located in ROM.
privileged programs or procedures (code executing at numerically high privilege
levels). Unlike code segments, however, data segments can be accessed by more
privileged programs or procedures (code executing at numerically lower privilege
levels) without using a special access gate.
If the segment descriptors in the GDT or an LDT are placed in ROM, the processor can
enter an indefinite loop if software or the processor attempts to update (write to) the
ROM-based segment descriptors. To prevent this problem, set the accessed bits for
all segment descriptors placed in a ROM. Also, remove operating-system or executive
code that attempts to modify segment descriptors located in ROM.
3.5 SYSTEM
DESCRIPTOR
TYPES
When the S (descriptor type) flag in a segment descriptor is clear, the descriptor type
is a system descriptor. The processor recognizes the following types of system
descriptors:
is a system descriptor. The processor recognizes the following types of system
descriptors:
•
Local descriptor-table (LDT) segment descriptor.