Intel architecture ia-32 User Manual
Vol. 3A 4-7
PROTECTION
•
When a segment selector is loaded into a segment register — Certain segment registers
can contain only certain descriptor types, for example:
can contain only certain descriptor types, for example:
— The CS register only can be loaded with a selector for a code segment.
— Segment selectors for code segments that are not readable or for system segments
cannot be loaded into data-segment registers (DS, ES, FS, and GS).
— Only segment selectors of writable data segments can be loaded into the SS register.
•
When a segment selector is loaded into the LDTR or task register — For example:
— The LDTR can only be loaded with a selector for an LDT.
— The task register can only be loaded with a segment selector for a TSS.
•
When instructions access segments whose descriptors are already loaded into
segment registers — Certain segments can be used by instructions only in certain
predefined ways, for example:
segment registers — Certain segments can be used by instructions only in certain
predefined ways, for example:
— No instruction may write into an executable segment.
— No instruction may write into a data segment if it is not writable.
— No instruction may read an executable segment unless the readable flag is set.
•
When an instruction operand contains a segment selector — Certain instructions can
access segments or gates of only a particular type, for example:
access segments or gates of only a particular type, for example:
— A far CALL or far JMP instruction can only access a segment descriptor for a
conforming code segment, nonconforming code segment, call gate, task gate, or TSS.
— The LLDT instruction must reference a segment descriptor for an LDT.
— The LTR instruction must reference a segment descriptor for a TSS.
— The LAR instruction must reference a segment or gate descriptor for an LDT, TSS,
call gate, task gate, code segment, or data segment.
— The LSL instruction must reference a segment descriptor for a LDT, TSS, code
segment, or data segment.
— IDT entries must be interrupt, trap, or task gates.
•
During certain internal operations — For example:
— On a far call or far jump (executed with a far CALL or far JMP instruction), the
processor determines the type of control transfer to be carried out (call or jump to
another code segment, a call or jump through a gate, or a task switch) by checking the
type field in the segment (or gate) descriptor pointed to by the segment (or gate)
selector given as an operand in the CALL or JMP instruction. If the descriptor type is
for a code segment or call gate, a call or jump to another code segment is indicated; if
the descriptor type is for a TSS or task gate, a task switch is indicated.
another code segment, a call or jump through a gate, or a task switch) by checking the
type field in the segment (or gate) descriptor pointed to by the segment (or gate)
selector given as an operand in the CALL or JMP instruction. If the descriptor type is
for a code segment or call gate, a call or jump to another code segment is indicated; if
the descriptor type is for a TSS or task gate, a task switch is indicated.