In IA32 operating systems, the segment is divided into four privilege level, were 0-3, we sometimes also called ring0-ring3, where the value is, the higher privilege level. As shown below:
FIG privilege stages core code and data reside relatively high, usually in ring0, while the lower privilege level which the user program segment, generally ring3. When the low privilege level task attempts to access privileged high-level segment without being allowed, it will produce a General Protection Fault.
The processor is how to distinguish where the privileged segment, and then protect it do? This had to mention CPL, DPL and the three RPL. But before beginning, we need to look at the code segment and a non-uniform code.
Code segment and code segment non
In the operating system, some of our high privilege level of the code is to be accessed by low privilege level programs, such as some library functions, so we will put these high privilege level code is called a code segment's segment. And some high privilege level code, we do not want low privilege level of program access, so we put them in a section called the non-uniform code segment's. Specifically, when transferred to other segments by call or jmp instruction (ie access to other segments), when the target of the transfer agreement is a priority higher segment of code, we can visit, but the current privilege level It will be continue; when the goal is to transfer a higher-priority non-uniform section of code, then the access will cause a general protection fault (unless a call gate or task gate).
to conclude:
- Code segment: Sharing section to the code lower privilege level of the program is located by the system (high privilege level), there are the following two limitations:
- High privilege level can not access privileged low-level data
- Low privilege level of the program can access the high privilege level of the code, but the privilege level does not change , or to maintain a low privilege level privilege level program
- Non-uniform code segment: In order to avoid and protected code segment is accessed by low privilege level program, there are some limits:
- Only allows access to the same level between
- Further, the data segment is non-uniform
Rules followed as shown below:
CPL
The full name CPL Current Privilege Level, as the name suggests, on behalf of the CPL is the privilege level of the current task and program execution. It is stored in bits 0 and bit 1 cs and ss. In general , where the CPL equals the privilege level of the code segment, when a program branches to a different code segments, the processor will change the value of the CPL.
But when the access code segment, and will not change the CPL, as mentioned in the code segment, code segment can be accessed by low privilege level of the program, but does not change the privilege level, so it will not change the CPL this is the "general" and above bold relative "non-ordinary circumstances."
DPL
DPL entire process for Descriptor Privilege Level, which represents the segment or gate privilege level. He was stored in the segment descriptor field DPL or gate descriptor attribute.
When the current code segment or segment attempts to access a door, and the DPL will CPL and the gate selection period or RPL promoter compared to the segment, or for different types of doors comparison rules are different, as follows:
- Data segment: If the access is a data segment, DPL access this section on behalf of the lowest privilege level that only CPL <= (numerically) DPL, have access to.
- Non-uniform code segment (do not use a call gate): DPL access this section on behalf of the privileged class. That is, only DPL = RPL, have access to.
- Call gate: DPL sets out the tasks and procedures currently executing can access this call gate lowest privilege level, that is, to CPL <= DPL
- Code segment and a non-uniform code segments (using a call gate access): DPL provides the highest privilege level access to this segment. That is, only CPL> = DPL, have access to.
- TSS: DPL sets the minimum level access privileges of this TSS.
It boils down to this:
- In the data segment, call gate, TSS in, DPL is the lowest privilege level access requirements: CPL <= DPL
- When the non-calls without using the access door has a code segment, access requirements: CPL = DPL
- In the same code and non-code segment to use to access the call gate, DPL represents the highest privilege level, access requirements: CPL> = DPL
RPL
RPL stands for Requested Privilege Level. RPL stored in bits 0 and bit 1 of the segment selector. We said above, when a segment access another segment, CPL and DPL comparison rules, but only relatively CPL and DPL is not enough, but also to determine the processor can access another segment by checking the RPL.
Operating systems often use RPL to avoid low-privileged application accesses data in a high privilege level segment, even Visits requested segment has sufficient privilege level, if RPL is not enough is not enough, when the value of RPL is greater than the CPL time, RPL will play a decisive role. That is, only when DPL CPL and RPL are smaller than you want to access the data segment, have access to the data segment. Discussion about why the introduction of RPL is quite complex, not to explore in depth here.
Finish
reference:
- "An operating system to achieve" in the deep