Mainly into two categories:
Does not change the privilege, the privilege to change
1. does not change the privilege level may be the inter-segment, call or jmp within the segment. Intersegment not judge. Inter-segment will see what is the purpose of paragraph code segment.
If a non-code segment, you must CPL = DPL, and RPL <= DPL. CPL unchanged after the jump.
If a code segment, for determining RPL do, must CPL> = DPL, i.e., the outer ring can jump into the inner ring, but the same CPL.
2. To change the privilege level must pass gate (call gate, task gate, interrupt gate, trap door). Through the door jumped into the inner ring by the outer loop, through ret, lret, inet jump back to the outer ring.
Interstage transfer: a 48-bit address (selectors + offset) to jump to the address described.
Direct inter-segment transfers: 48-bit address directly with
an indirect transfer segment: a 48-bit address pointing to a call gate, characters who, TSS descriptor. Only the sub-described useful effect without the offset. The address is the address corresponding to the janitor.
JMP whether direct or indirect, can only be to jump between different privilege levels.
When the branch instruction is a call instruction interstage between JMP and CALL segment selectors contained pointer indicating call gate descriptors, it can be achieved by transferring the call gate. But only CALL instruction can be transformed to the inner layer privilege level, JMP instruction code can be transferred to the same level.
Call gate descriptor comprising a transfer destination address entry point 48 and the whole segment pointer offset. Between the segments to perform the task gate call instruction when the branch instruction CALL, instructions contained in the selected sub-pointer for determining a call gate, and the offset between the JMP or segments are discarded; pointer calls the whole door 48 as a target the address pointer transfer.
Processor accessing the same data segment privilege level rules to control access door descriptor. Call gate descriptor DPL provides access to the outermost door privilege level, before removing the door calling full pointer 48, it transfers the target address pointer to the target code segment, the privilege level to be checked. Call gate only accessible in the privileged program the same level or more inner layers, i.e. CPL <= call gate DPL. At the same time, but also it requires selection sub RPL indicating that the door must meet RPL <condition of the call gate DPL =. After detection by only step starts the transfer to the target code segment. Wherein the detection target but also whether the code segment descriptor, the call door selectors indicated by the descriptor must be a code segment. In addition, the adjustment of the code segment selector code segment before loading the cache register RPL = 0, i.e. RPL gate selection sub-code segment calls are ignored.
CS when loading the cache register, but also to protect the target code segment detection. Detection process is no longer a call gate DPL DPL, it calls the object code selection sub door indicated by the segment descriptor DPL. Intersegment call instruction detection instruction JMP made between CALL and segment transfers are not the same.
For interstage branch instructions using the call gate the JMP , and the detection condition between the direct transfer of the same segment. Since been set RPL = 0, it is considered that RPL <= DPL always meet the conditions. Therefore, the non-uniform code for normal section, when CPL = DPL, metastasis privilege level conversion occurs; for code segment, satisfying CPL> metastasis privilege level conversion also occurs when = DPL; other cases, it caused an abnormal .
For the period between the call instruction using the call gate of the CALL , the situation is different. Since been set RPL = 0, it is considered that RPL <= DPL always meet the conditions. For code segment, the transfer of the non-privileged level conversion occurs when the CPL> = DPL. For non-code segment, when CPL = DPL, metastasis still occurred privilege level conversion; when CPL> DPL, transfer to the privileged inner transformation occurs, the call gate and an offset in the selection sub-mount the instruction pointer EIP and CS, CPL and remains equal to the DPL, while switching to the inner layer stack.
In summary, the use of inter-segment call instruction CALL, the door can be invoked from the outer layer into the inner layer invokes the program (JMP instruction can realize the transfer of the non-privileged level conversion); call gate may also be achieved by non-privileged level conversion transfer. Note that, JMP instruction and CALL instruction can not be achieved otherwise it will cause an exception to the privilege level of the outer layer of the transfer.
Of course, before, CALL instruction pointer at the end of the target code segment CS and charged EIP, should the original CS and EIP, i.e. return address onto the stack. If there is no privilege level transformation, the stack remains unchanged, the return address is stored in the original stack; otherwise, the return address stored in the inner layer of the stack.
Reproduced in: https: //www.cnblogs.com/fanzi2009/archive/2009/05/29/1491886.html