Here are some instructions on privilege-level conversion, where you focus on privilege-level conversion, similar to the stack switching, task switching process, and nested nested, you can refer to the relevant monograph. In the same way, it does not involve the transition and task between the privilege levels, so it is important to say the transfer of the task and the transfer of tasks.
Transfer of the same privilege level in the task: Direct transfer and segment between segments: 1. Check if the descriptor indicated in the target address pointer is empty, the target code segment descriptor cannot be an empty descriptor, ie the selection The height of the child cannot be 0 2. The TI bit (second bit) is determined from the GDT or the descriptor code segment from the GDT or from the LDT. 3. Check if the descriptor type is correct 4. Normal code Segment, request CPL = DPL, RPL <= DPL; unanimous code segment, requires CPL> = CPL 5. The P bit in the target code segment descriptor must be 1 6. Segment base address, segment in the target code segment descriptor Limit, attribute is loaded into the CS cache register 7. Check if the offset of the target address is crossed the segment limit of the target code segment, which is not allowed, that is, the offset of the target address is not allowed to cross the code segment 8. Load Command pointer register EIP, and put the same privilege level in the RPL field of the CPL in the CPL: Direct or indirect transfer instructions between the same privileged command JMP and segments directly or indirectly transfer instructions Call during the task. Returns the instruction RET, interrupt command int, interrupt return command IRET. The transfer of the same privileges in the task of the During Direct Transfer Instructions, the During Interworking Instruction, the transfer gate is used to use the call gate.
Different privilege levels in the task: Different privileges in the task are divided into internally transferred and moving to outer transfer through calling doors (all below refers to indirect transfer): I. Transfer to the inner layer: 1. First of all Check the call door, must comply with the CPL <= DPL, RPL <= DPL 2. Check if the descriptor indicated in the target address pointer is empty, and the target code segment descriptor cannot be an empty descriptor, ie the high selection is high. 14 bits cannot be 0 3. Decided by the TI bit (2nd bit) in the selection to read the descriptor of the target code segment from the GDT or from the LDT. Check if the descriptor type is correct, adjust the RPL = 0 5. The check here is similar to the fourth step in the transfer of the same privilege level in the task, but the DPL here is not a DPL of the call gate, but is the DPL of the target code segment descriptor pointing to the gate to select the child, because Transfer instructions JMP and inter-segment call command CALL's inspection is inconsistent, so describing: 1) For inter-phase transfer instruction JMP: the same, Direct transfer, direct transfer, and inspections during the same paragraph, due to inspection RPL = 0 (0 after adjustment), always considers RPL <= DPL; so for normal code segments, CPL = DPL, for the same privilege level, for consistent code segments, CPL> = DPL also happens The transfer of privilege levels. So, it is not possible to implement the transfer of different privilege levels in the task. 2) For the call command call between the paragraphs using the call gate: Similarly, due to RPL = 0 (5), it is always It is considered that the RPL <= DPL; for the consistent code segment, the same privileged transfer occurs when the CPL> = DPL; for normal code segments, when the CPL = DPL is also the same transfer; these two cases are the original CS and EIP are saved to the current stack; only when the CPL> DPL occurs, the transfer of the inner layer occurs, and the CPL = DPL (a very important step) is to switch the stack. The contents of the original CS and EIP are saved in the inner stack 6. The P bit in the target code segment descriptor must be 1 7. Load the segment base, segment, attribute in the target code segment descriptor into the CS high-speed buffer register 8. Check if the offset of the target address is crossed The segment limit of the target code segment is not allowed, that is, the offset of the target address does not allow the code segment 9. The CS segment register and the instruction pointer register EIP are loaded, and the CPL is loaded into the RPL field in the CS. To the outer layer: 1. Return the address from the stack, if the returned target address is selected from the RPL> CPL of the sub-layer transfer. 2. Overserally transferred in the inner stack, the outer layer stack is popled from the stack from the stack. The pointer is loaded into SS and ESP. Restore the outer stack 3. Adjust the ESP, skip the parameters before the call. 4. Check the data segment register DS, ES, FS, and GS, and ensure that the address is in the outer layer. Accessible, otherwise load an empty choice Sub. 5. Return to continue execution If it is the same privileged transfer, only 1, 5 steps; if the RET instruction does not have immediate number, only the transfer route of different privileges in the first, 4th, 5 steps: inter-time call The command CALL implements the transfer from the outer layer to the inner layer by the call gate, and the instruction RET is returned to the inside to the outer layer. To this end, the transfer is over, the following is the transfer between tasks.
Task Switch: The switching of the actually task is more troubles, but fortunately, for its privileged check, it is relatively simple: 1. Directly use TSS to switch to the same privilege-level inspection rule with the same access data segment: Access TSS segment description The CPL of the character must be less than the DPL equal to the TSS segment descriptor, and the RPL indicating the selector of the TSS segment descriptor must be less than the DPL equal to the TSS segment descriptor. II. Task handover with the task door is also the same privilege to access the data segment Level Rule: Access the task door CPL must be less than the DPL of the task door, and the RPL indicating the selector of the task door must be less than the DPL equal to the task door, and the selection in the task must indicate the available TSS segment in the GDT. Descriptor (no deviation of the task door is not required).
Check the data segment:
1. Choose a child can't be empty
2. The descriptor of the selection sub-indication can only be a descriptor of the data segment descriptor and the readable code segment or consistent code segment.
3. For data segment descriptors and readable code segment descriptors, you need to check CPL <= DPL, RPL <= DPL
4. Segments indicated by the selection must exist
Check when accessing the stack segment:
1. Choose a child can't be empty
2. The descriptor indicated by the selection must be a readable data segment descriptor.
3. Requires RPL = CPL = DPL, that is, each privilege level has its own independent stack segment to achieve isolation protection 4. The segments indicated by the selection must exist.
