Types of Code Segments Conforming Code Segment

Slides:

Advertisements

Similar presentations

Memory Management Unit

Advertisements

O PERATING I N P ROTECTED M ODE Prof.P.C.Patil Department of Computer Engg Matoshri College of Engg.Nasik M ICROPROCESSOR A RCHITECTURE.

Processor Privilege-Levels

1/1/ / faculty of Electrical Engineering eindhoven university of technology Memory Management and Protection Part 3:Virtual memory, mode switching,

Operating Systems.

Memory Management Paging &Segmentation CS311, CS350 & CS550.

Unit 4 Chapter-1 Multitasking. The Task State Segment.

IA32 Paging Scheme Introduction to the Pentium’s support for “virtual” memory.

Operating Systems: Segments 1 Segmentation Hardware Support single user program system: – wish somehow to relocate address 0 to after operating system.

Page-Faults in Linux How can we study the handling of page-fault exceptions?

Microprocessor Systems Design I Instructor: Dr. Michael Geiger Fall 2012 Lecture 15: Protected mode intro.

1 Copyright © 2011, Elsevier Inc. All rights Reserved. Appendix B Authors: John Hennessy & David Patterson.

UNIT 2 Memory Management Unit and Segment Description and Paging

Microprocessor system architectures – IA32 segmentation Jakub Yaghob.

The Pentium Processor.

The Pentium Processor Chapter 3 S. Dandamudi To be used with S. Dandamudi, “Introduction to Assembly Language Programming,” Second Edition, Springer,

The Pentium Processor Chapter 3 S. Dandamudi.

Multitasking Mr. Mahendra B. Salunke Asst. Prof. Dept. of Computer Engg., STES SITS, Narhe, Pune-41 STES Sinhgad Institute of Tech. & Science Dept. of.

CSC 660: Advanced Operating SystemsSlide #1 CSC 660: Advanced OS Memory Addressing / Kernel Modules.

System Address Registers/Memory Management Registers Four memory management registers are used to specify the locations of data structures which control.

1 i386 Memory Management Professor Ching-Chi Hsu 1998 年 4 月.

1 iAPX86 Protection Electronic Computers M. 2 Protection The protection mechanism is active only after PE setting in CR0 and is used before any access.

Virtual 8086 Mode  The supports execution of one or more 8086, 8088, 80186, or programs in an protected-mode environment.  An 8086.

EFLAG Register of The The only new flag bit is the AC alignment check, used to indicate that the microprocessor has accessed a word at an odd.

Microprocessor system architectures – IA32 tasks Jakub Yaghob.

Segment Descriptor Segments are areas of memory defined by a programmer and can be a code, data or stack segment. In segments need not be all the.

D P L s G D X U P Segment Descriptor A T Y P E

1 Microprocessors CSE Protected Mode Memory Addressing Remember using real mode addressing we were previously able to address 1M Byte of memory.

Page Replacement Implementation Issues Text: –Tanenbaum ch. 4.7.

Chapter 2 The Microprocessor Architecture Microprocessors prepared by Dr. Mohamed A. Shohla.

Microprocessor system architectures – IA32 security

Information Security - 2. Task Switching Every process has an associated Task State Segment, whose starting point is stored in the Task register. A task.

Memory Management Unit and Segment Description and Paging

Information Security - 2. Descriptor Tables There are two descriptor tables – Global Descriptor Tables – Local Descriptor Tables The global descriptor.

Information Security - 2. Descriptor Tables Descriptors are stored in three tables: – Global descriptor table (GDT) Maintains a list of most segments.

Privilege Check for Control Transfer(Code Access) Control transfers (except interrupts) are accomplished by the instructions JMP, CALL, and RET The "near"

Microprocessor Systems Design I

32- bit Microprocessor-Intel 80386

Protection in Virtual Mode

Descriptor Table & Register

Memory Management Paging (continued) Segmentation

16.317: Microprocessor System Design I

MICROPROCESSOR BASED SYSTEM DESIGN

Microprocessor and Assembly Language

Microprocessor Systems Design I

Microprocessor Systems Design I

Anton Burtsev February, 2017

Privilege Levels.

Electronic Computers M

Microprocessor Systems Design I

Protection UQ: Explain the protection mechanism of X86 Intel family microprocessor(10 Marks)

Copyright © 2011, Elsevier Inc. All rights Reserved.

Information Security - 2

x86 segmentation, page tables, and interrupts

System Segment Descriptor

Page Replacement Implementation Issues

Operating Modes UQ: State and explain the operating modes of X86 family of processors. Show the mode transition diagram highlighting important features.(10.

Memory Management Paging (continued) Segmentation

Module IV Memory Organization.

Page Replacement Implementation Issues

Lecture 36 Syed Mansoor Sarwar

Lecture 37 Syed Mansoor Sarwar

Information Security - 2

CS-401 Computer Architecture & Assembly Language Programming

Memory Management Paging (continued) Segmentation

CS444/544 Operating Systems II Virtual Memory

Presentation transcript:

Types of Code Segments Conforming Code Segment There are two types of code segments: Conforming Code Segment Nonconforming Code Segment

Conforming Code Segment An executable segment whose descriptor has the conforming bit set It permits sharing of procedures that may be called from various privilege levels but should execute at the privilege level of the calling procedure. Example: math libraries When control is transferred to a conforming segment, the CPL does not change

Nonconforming Code Segment Most code segments are not conforming For nonconforming segments, control can be transferred without a gate only to executable segments at the same level of privilege To transfer control to higher privilege levels(not numerical)-for e.g. application want to use system service- CALL instruction need to be used with call-gate descriptors JMP instruction never transfer control to a nonconforming segment whose DPL ≠ CPL.

Privilege Check for Control Transfer without Gate

Gate Descriptors To provide protection for control transfers among executable segments at different privilege levels, the 80386 uses gate descriptors. There are four kinds of gate descriptors: Call gates  for far jmp & call Trap gates  for exceptions Interrupt gates  for interrupts Task gates  for task switching

Call gates A call gate descriptor may reside in GDT or LDT A call gate has two primary functions: 1. To define an entry point of a procedure 2. To specify the privilege level of entry point When h/w recognizes that the destination selector refers to a gate descriptor the operation of the instruction is expanded by the contents of the call gate.

Call gates The selector and offset fields of a gate form a pointer to the entry point of a procedure Format of 80386 Call Gate

Privilege Check for Control Transfer with Gate The far pointer (48-bit logical address of two components: a 16-bit segment selector and a 32-bit offset) operand of the control transfer instruction does not point to the segment and offset of the target instruction; rather the selector part of the pointer selects a gate, and the offset is not used.

Privilege Check for Control Transfer with Gate

Privilege Check for Control Transfer with Gate Four different privilege levels are used to check the validity of a control transfer via a call gate: 1. CPL 2. RPL of the selector used to specify the call gate. 3. DPL of the gate descriptor. 4. DPL of the descriptor of the target segment

Privilege Check for Control Transfer with Gate Gates can be used for control transfers to numerically smaller privilege levels or to the same privilege level For a JMP instruction to a nonconforming segment, the privilege rules that must be satisfied are : MAX (CPL,RPL) ≤ gate DPL (numerically) target segment DPL = CPL (numerically)

Privilege Check for Control Transfer with Gate For a CALL instruction, the privilege rules that must be satisfied are : MAX (CPL,RPL) ≤ gate DPL (numerically) target segment DPL ≤ CPL (numerically)

Privilege Check for Control Transfer with Gate