5 checking alignment – Intel IA-32 User Manual
Page 167
Vol. 3A 4-37
PROTECTION
application program (represented by the code-segment selector pushed onto the stack). If the
RPL is less than application program’s privilege level, the ARPL instruction changes the RPL
of the segment selector to match the privilege level of the application program (segment
selector D1). Using this instruction thus prevents a procedure running at a numerically higher
privilege level from accessing numerically lower privilege-level (more privileged) segments by
lowering the RPL of a segment selector.
Note that the privilege level of the application program can be determined by reading the RPL
field of the segment selector for the application-program’s code segment. This segment selector
is stored on the stack as part of the call to the operating system. The operating system can copy
the segment selector from the stack into a register for use as an operand for the ARPL
instruction.
4.10.5
Checking Alignment
When the CPL is 3, alignment of memory references can be checked by setting the AM flag in
the CR0 register and the AC flag in the EFLAGS register. Unaligned memory references
generate alignment exceptions (#AC). The processor does not generate alignment exceptions
when operating at privilege level 0, 1, or 2. See Table 5-7 for a description of the alignment
requirements when alignment checking is enabled.
4.11
PAGE-LEVEL PROTECTION
Page-level protection can be used alone or applied to segments. When page-level protection is
used with the flat memory model, it allows supervisor code and data (the operating system or
executive) to be protected from user code and data (application programs). It also allows pages
containing code to be write protected. When the segment- and page-level protection are
combined, page-level read/write protection allows more protection granularity within segments.
With page-level protection (as with segment-level protection) each memory reference is
checked to verify that protection checks are satisfied. All checks are made before the memory
cycle is started, and any violation prevents the cycle from starting and results in a page-fault
exception being generated. Because checks are performed in parallel with address translation,
there is no performance penalty.
The processor performs two page-level protection checks:
•
Restriction of addressable domain (supervisor and user modes).
•
Page type (read only or read/write).
Violations of either of these checks results in a page-fault exception being generated. See
Chapter 5, “Interrupt 14—Page-Fault Exception (#PF),” for an explanation of the page-fault
exception mechanism. This chapter describes the protection violations which lead to page-
fault exceptions.