I. privilege level (on) protection mode
A. Protected Mode Summary
. a selecting sub-access using descriptor table, checking the validity index value is
1. When the index value is out of range, abnormality initiator +
2. The judgment rule is: the index value x8 + 7 <= segment description limit value
b. memory segment type detection of legitimate
1. property includes executable segment (code segment) can only be loaded into the CS register
2 includes a writable attribute segment (data segment) can be loaded into the SS register
3 includes a read-only property to segment loaded into DS, ES, FS, GS registers
. c of code and data segments of protection
1. each of the processor address to be accessed to confirm that the address does not exceed the threshold value
2 determines rule: snippet: IP + instruction length <= Code segment limit; data segment: + access starting address to access the data length <= data segment limit
here should be noted that: a protection mode code value limit is generally defined as: the maximum value of the offset address (relative to the segment base address)
d. Code example
%include "inc.asm"
org 0x9000
jmp ENTRY_SEGMENT
[section .gdt]
; GDT definition
; ¶Î»ùÖ·£¬ ¶ÎœçÏÞ£¬ ¶ÎÊôÐÔ
GDT_ENTRY : Descriptor 0, 0, 0
CODE32_DESC : Descriptor 0, Code32SegLen - 1, DA_C + DA_32
VIDEO_DESC : Descriptor 0xB8000, 0x07FFF, DA_DRWA + DA_32
DATA32_DESC : Descriptor 0, Data32SegLen - 1, DA_DR + DA_32
STACK32_DESC : Descriptor 0, TopOfStack32, DA_DRW + DA_32
; GDT end
GdtLen equ $ - GDT_ENTRY
GdtPtr:
dw GdtLen - 1
dd 0
; GDT Selector
Code32Selector equ (0x0001 << 3) + SA_TIG + SA_RPL0
VideoSelector equ (0x0002 << 3) + SA_TIG + SA_RPL0
Data32Selector equ (0x0003 << 3) + SA_TIG + SA_RPL0
Stack32Selector equ (0x0004 << 3) + SA_TIG + SA_RPL0
ExceptionSelector equ (0x0005 << 3) + SA_TIG + SA_RPL0
; end of [section .gdt]
TopOfStack16 equ 0x7c00
[section .dat]
[bits 32]
DATA32_SEGMENT:
DTOS db "D.T.OS!", 0
DTOS_OFFSET equ DTOS - $$
Data32SegLen equ $ - DATA32_SEGMENT
[section .s16]
[bits 16]
ENTRY_SEGMENT:
mov ax, cs
mov ds, ax
mov es, ax
mov ss, ax
mov sp, TopOfStack16
; initialize GDT for 32 bits code segment
mov esi, CODE32_SEGMENT
mov edi, CODE32_DESC
call InitDescItem
mov esi, DATA32_SEGMENT
mov edi, DATA32_DESC
call InitDescItem
mov esi, STACK32_SEGMENT
mov edi, STACK32_DESC
call InitDescItem
; initialize GDT pointer struct
mov eax, 0
mov ax, ds
shl eax, 4
add eax, GDT_ENTRY
mov dword [GdtPtr + 2], eax
; 1. load GDT
lgdt [GdtPtr]
; 2. close interrupt
cli
; 3. open A20
in al, 0x92
or al, 00000010b
out 0x92, al
; 4. enter protect mode
mov eax, cr0
or eax, 0x01
mov cr0, eax
; 5. jump to 32 bits code
jmp dword ExceptionSelector : 0
; esi --> code segment label
; edi --> descriptor label
InitDescItem:
push eax
mov eax, 0
mov ax, cs
shl eax, 4
add eax, esi
mov word [edi + 2], ax
shr eax, 16
mov byte [edi + 4], al
mov byte [edi + 7], ah
pop eax
ret
[section .s32]
[bits 32]
CODE32_SEGMENT:
mov ax, VideoSelector
mov gs, ax
mov ax, Stack32Selector
mov ss, ax
mov eax, TopOfStack32
mov esp, eax
mov ax, Data32Selector
mov ds, ax
mov ebp, DTOS_OFFSET
mov bx, 0x0C
mov dh, 12
mov dl, 33
call PrintString
jmp $
; ds:ebp --> string address
; bx --> attribute
; dx --> dh : row, dl : col
PrintString:
push ebp
push eax
push edi
push cx
push dx
print:
mov cl, [ds:ebp]
cmp cl, 0
je end
mov eax, 80
mul dh
add al, dl
shl eax, 1
mov edi, eax
mov ah, bl
mov al, cl
mov [gs:edi], ax
inc ebp
inc dl
jmp print
end:
pop dx
pop cx
pop edi
pop eax
pop ebp
ret
Code32SegLen equ $ - CODE32_SEGMENT
[section .gs]
[bits 32]
STACK32_SEGMENT:
times 1024 * 4 db 0
Stack32SegLen equ $ - STACK32_SEGMENT
TopOfStack32 equ Stack32SegLen - 1
Code this modification
can be seen that the addition of a selection sub, but not too small scale corresponding to 5 to give the global segment descriptor table is described, and then the next 32-bit protected mode used the selectors, run the results shown in FIG
find no previous print result printed out Bochs running, but also an error has occurred, error occurs because at the time of entering the protected mode selectors selects ExceptionSelector descriptor corresponding jump found target, before the jump, the processor determines whether the index value is within the limit value of the descriptor table, we found greater than the threshold value, an abnormality
e. Next, the segment description attributes given DA_C executable only changed DA_DR ReadProperty
will find shipped result does not print the same time there has been the cause of abnormal, an error is loaded into the CS segment register should be executable, where it is turned into a read-only attribute, so an error.
B. protected mode privilege level
1.x86架构中的保护模式提供了4个特权级(0,1,2,3)
2.特权级从高到底分别是0,1,2,3(数字越大特权级越低)
a.特权级的表现形式
CPL-当前可执行代码段的特权级,由CS寄存器最低2位定义
DPL-内存段的特权级,在段描述符表中定义
RPL-选择子的特权级,由选择子最低2位定义
段描述符表中的DPL用于标识内存段的特权级,可执行代码访问内存段时必须满足一定特权级(CPL),否则,处理器将产生异常
b.CPL和DPL的关系
1.保护模式下,每一个代码段都定义了一个DPL
2.当处理器从A代码段成功跳转到B代码段执行
3.保护模式中,每一个数据段都定义了一个DPL,当处理器指向过程中需要访问数据段时
段描述符中的DPL常量定义
实验-保护模式特权级初探
首先将代码中加入一个特权级如下图所示
运行结果如图所示,发现出现错误,出现错误的原因是如图所示会发现上图提示的错误是dpl!=cpl,dpl=3,cpl=0,可以推出进入保护模式之后cpl=0,从cpl=0跳转到dpl=3的代码段出现错误
可以看到将DPL特权级改为0发现代码通过从cpl=0跳转到dpl=0的代码是可行的
接下来在选择子中进行改变看代码是否通过
会发现出现错误,在这里可以知道处理器进行保护判断时会考虑RPL
实验结论
1.处理器进入保护模式后CPL=0
2.处理器不能直接从高特权级转换到底特权级执行
3. Select sub RPL greater than the corresponding segment descriptor DPL, abnormal
problems drawn from several experiments
1. how to jump between different execution privilege level code segment?
2. High-level code why not use privileged bottom privilege level?
3. Select the child's specific RPL what is the use?
Summary
1. The protected mode has access to the strict definition of the scope memory
2. The protected mode defines the memory segment privilege level (0,1,2,3)
A. Each memory segment has a fixed privilege level
b. The different code after the jump between success CPL may change
successfully access c.CPL less than or equal to the data segment DPL