Privilege levels 80386
-
Upload
akshay-nagpurkar -
Category
Technology
-
view
2.532 -
download
29
description
Transcript of Privilege levels 80386
Privilege Levels
Computer system security measures prevent
Users from interfering with one another Users from examining secure data Program bugs from damaging other programs Program bugs from damaging data Malicious attempts to compromise system
integrity Accidental damage to data
Privilege protection 80386 protection mechanism
Memory management Privilege protection
4 privilege level protection PL0 (highest) PL1 PL2 PL3(lowest)
A numerically Smaller PL means aHigher privilege.
When running in protected mode, the 80386 continually checks that the application is privileged enough to
Execute certain instructions. Reference data other than its own. Transfer control to code other than its
own.
Executing privileged instructions
Privilege instructions Modify interrupt flag Alter segmentation Affect protection mechanism
They are allowed only if the program is running at PL0
References to other data
Shared data
Programs are not allowed to read or write data items that have a higher privilege level.
Transferring control to other code
Programs are not allowed to CALL or JMP to
code that does not have exactly the same
privilege level that they do.
Defining privilege levels
Privileges are assigned by segment. Everything contained in a segment have
same privilege. The privilege level is defined in the segment
descriptors. The privilege level of the code segment
determines the current privilege level(CPL).
A numerically smaller PL
means a higher privilege level
Privileged instructions
19 instructions
Privilege instructions are those That affect the segmentation
and protection mechanism CPL=0 Alter interrupt flag Perform peripheral I/O CPL <IOPL numerically
Privileged instructions
HLT (Halts the processor) CLTS (Clear task switch flag) LGDT,LIDT,LLDT(Loads GDT,IDT,LDT register) LTR (Load task register) LMSW (Load machine status word) Mov CRn,…. (moves to control register) Mov DRn,.. (moved to debug registers) Mov TRn,…. (moves to test registers)
IOPL sensitive instructions
CLI Disables interrupts STI Enables interrupts IN Inputs data from I/O port Out Outputs data to output port
Privildged Data References
Second type of privilege checking DPL of code segment descriptor must have
smaller value (higher privilege)than DPL of data segment descriptor.
After u have placed each descriptor in a descriptor table, you need to inform the processor
U can place theses tables anywhere in the processor’s address space and u need not keep them together.
To allow processor to locate the GDT, IDT and current LDT, u load three special purpose registers, GDTR, IDTR,LDTR resply.
GDTR,IDTR,LDTR contains
Base address of table Limit
Segment Selectors
Once the descriptors are defined , how does the processor make use of them?
Any 16 bit value that u write into a segment register is called a selector, because it selects a segment descriptor from a descriptor table.
15 2 1 0
INDEX RPLTI
80386 segment registers
80386 has 6 segment registers One for current code segment(CS) One for current stack segment (SS) Four for general data segments (DS, ES,FS,GS)
Segment registers select segment descriptors: Thirteen bits select descriptors One bit selects descriptor table Two bits privilege checking
Loading Segment Selectors
Any given selector value selects one and only one descriptor
When loading segment selector ,the 80386 check that The selector index is within the descriptor table limit The selector references the correct descriptor table The descriptor is of correct type The selector uses the correct privilege level
GDT
GDT 0GDT 1GDT 2
GDTR
Offset
Index
2 1 0
TI RPL
SEGMENTATION
Addressing
Index
2 1 0
TI RPL
GDT
GD 0
GD 1GD 2
GDTR
Offset
Prog
GDT
Main Memory
Addressing
Index
3 2 1 0
TI RPL
GDT
GD 0GD 1
GD 2
GDTR
Main Memory
Base AddressSeg Limit
Attrib
Offset
GD 0
GD 1
GD 2
GDTR
Index
2 1 0
TI RPL
GDT
Base AddressSeg Limit
Attrib
+
Offset
Local Descriptor Tables(LDT’s)
LDT’s act like extension to GDT Are assigned to individual tasks when task
switching is done. While running, any program can assess
descriptors from GDT and LDT The way in which the processor locates
LDT’s is much different, however.
Descriptor
LDT Descriptor
Descriptor
Descriptor
Data Descriptor
Descriptor
GDT
LDT
GDTR
LDTR
1DS
ESI
Local Descriptor table
Hold segment descriptors May be used in addition to the global descriptor
table Are defined by special “system descriptor” in
GDT. May be larger or smaller than GDT. May not be define other LDTs