beautypg.com

Intel IA-32 User Manual

Page 132

background image

4-2 Vol. 3A

PROTECTION

that is based on privilege levels can essentially be disabled while still in protected mode by
assigning a privilege level of 0 (most privileged) to all segment selectors and segment descrip-
tors. This action disables the privilege level protection barriers between segments, but other
protection checks such as limit checking and type checking are still carried out.

Page-level protection is automatically enabled when paging is enabled (by setting the PG flag
in register CR0). Here again there is no mode bit for turning off page-level protection once
paging is enabled. However, page-level protection can be disabled by performing the following
operations:

Clear the WP flag in control register CR0.

Set the read/write (R/W) and user/supervisor (U/S) flags for each page-directory and page-
table entry.

This action makes each page a writable, user page, which in effect disables page-level
protection.

4.2

FIELDS AND FLAGS USED FOR SEGMENT-LEVEL AND
PAGE-LEVEL PROTECTION

The processor’s protection mechanism uses the following fields and flags in the system data
structures to control access to segments and pages:

Descriptor type (S) flag (Bit 12 in the second doubleword of a segment descriptor.)
Determines if the segment descriptor is for a system segment or a code or data segment.

Type field — (Bits 8 through 11 in the second doubleword of a segment descriptor.)
Determines the type of code, data, or system segment.

Limit field — (Bits 0 through 15 of the first doubleword and bits 16 through 19 of the
second doubleword of a segment descriptor.) Determines the size of the segment, along
with the G flag and E flag (for data segments).

G flag — (Bit 23 in the second doubleword of a segment descriptor.) Determines the size
of the segment, along with the limit field and E flag (for data segments).

E flag — (Bit 10 in the second doubleword of a data-segment descriptor.) Determines the
size of the segment, along with the limit field and G flag.

Descriptor privilege level (DPL) field — (Bits 13 and 14 in the second doubleword of a
segment descriptor.) Determines the privilege level of the segment.

Requested privilege level (RPL) field — (Bits 0 and 1 of any segment selector.) Specifies
the requested privilege level of a segment selector.

Current privilege level (CPL) field — (Bits 0 and 1 of the CS segment register.) Indicates
the privilege level of the currently executing program or procedure. The term current
privilege level (CPL) refers to the setting of this field.

User/supervisor (U/S) flag — (Bit 2 of a page-directory or page-table entry.) Determines
the type of page: user or supervisor.