Lect 8: Protected-Mode SW Architecture II

Download Report

Transcript Lect 8: Protected-Mode SW Architecture II 

Lect 8: Protected-Mode SW Architecture II
1
Paging Memory Management
 Segmentation : 4GB physical memory -- organized into segments that can be any size from 1
byte to 4G byte
 Paging: 1,048,496 pages that are each 4K(4096) bytes long
SELECTOR
Page 1,048,495
Page 1,048,494
.
.
Physical
Address
space
.
.
Page 1
Page 0
4KB
4KB
OFFSET
LOGICAL ADDRESS
SEGMENT
TRANSLATION
PAGING DISABLED
PG?
PAGING ENABLED
0
31
4KB
LINEAR ADDRESS
DIR
PAGE
OFFSET
4KB
PAGE
TRANSLATION
PHYSICAL ADDRESS
Maeng Lect 8-2
Linear Address Format
DIRECTORY
31
22 21
PAGE
•TLB (Translation Lookaside Buffer)
•maintaining 32 sets of table entries
•128 KB of paged memory are always
directly accessible
OFFSET
12 11
0
Operand
Translation
lookaside
buffer
(TLB)
Page Frame
Page table entry
Page table
Page directory entry
Page directory
table
PDBR(CR3)
Maeng Lect 8-3
Descriptors and Page Table Entries
24 23
32
3
BASE 31..24
GX0
Name
7
Present (P)
4
3
2
1
Type
3
Field
2
Definition
1
0
8 7
LIMIT P DPL S TYPE A
19..16
SEGMENT BASE 15 .. 0
Bit Position
6-5
AVL
7
16 15
0
BASE 23..16
SEGMENT LIMIT 15 .. 0
4
0
Function
P=1 Segment is mapped into physical memory
P=0 No mapping to physical memory exists, base and limit
are not used
Descriptor Privilege
Segment privilege attribute used in privilege tests
Level (DPL)
Segment Descriptor S=1 Code or Data segment descriptor
Type (S)
S=0 System segment Descriptor or Gate Descriptor
Executable(E)
E=0 Data segment descriptor type is :
if data
Expansion
ED=0 Expand Up segment
segment
Direction(ED)
ED=1 Expand Down segment
(S=1,
Writeable(W)
W= 0 Data segment may not be written into
E=0)
W= 1 Data segment may be written into
Executable(E)
E=1 Code segment descriptor type is:
if code
Conforming(C)
C=1 Code segment may only be executed
segment
When CPL DPL and CPL remains
(S=1,
unchanged
E=1)
Readable(R)
R=0 Code segment may not be read
R=1 Code segment may be read
Accessed(A)
A=0 Segment has not been accessed
A=1 Segment selector has been loaded into segment
register or used by selector test instruction
Maeng Lect 8-4
Descriptor Format
 G : granularity bit
• G = 1 Page (the lowest 12 bits of segment base address should be zero)
• G = 0 Byte (1MB max)
 D: default length for operands and effective addresses
• D = 1 32-bit operation
• D = 0 16-bit operation
 AVL: programmer available
 Example: Access Rights byte FEH = 1111 1110
• P=1
Segment is mapped into physical memory
• DPL=11 Privilege level 3
• E=1
executable code segment
• C=1
confirming code segment
• R=1
readable code segment
• A=0
segment has not been accessed
Maeng Lect 8-5
Loading Descriptor from Descriptor Table
00A0FFFFH
GDTR
00A00000H FFFFH
00A02007H
00A02000H
LDTR
descriptor
GDT
(64KB)
00A00000H
0 0
00
82
0000
SYSTEM MEMORY
90
FFFF
0090FFFFH
00901007H
00901000H
LDTR 2000H
0090000H FFFFH
CS
descriptor
LDT
(64KB)
00900000H
00
0
0000
F
FE
60
USER MEMORY
FFFF
0060FFFFH
CS
1005H
CODE
SEGMENT
(1 MB)
0060000H FFFFH
00600000H
Maeng Lect 8-6
LIMIT
Offset of last byte in segment from the base
BASE 23..16
0
SEGMENT LIMIT 15 .. 0
SEGMENT BASE 15 .. 0
3
BASE
LIMIT P DPL 0 TYPE A
19..16
Base address of special system data segment in memory
DPL
GX0
32-bit
number
20-bit
number
P
AVL
BASE 31..24
Reserved
Available 80286 TSS
LDT
Busy 80286 TSS
Call Gate
Task Gate
80286 Interrupt gate
80286 Trap gate
Reserved
Available 80386 TSS
Reserved
Busy 80386 TSS
80386 Call Gate
Reserved
80386 Interrupt Gate
80386 Trap Gate
Descriptor contents are not valid
Descriptor contents are valid
Descriptor Privilege level 0,1,2, or 3
7
0
1
2
3
4
5
6
7
8
9
A
B
C
D
E
F
0
1
0-3
8 7
Type
16 15
Description
24 23
Value
32
Name
0
4
 System descriptor Access Right byte: 82H
• 82H = 1000 0010: S=0 system segment, Type = 0010 = local descriptor table, DPL = 00
= privilege level 0, P = 1 present in physical memory
Maeng Lect 8-7
Page Table Entries
31
12 11
BASE ADDRESS 31-12
 P : Present bit
• P=1
• P=0
 A : Accessed
 D : Dirty bit
 AVL
 U/S, R/W
U/S
0
0
1
1
AVL
0
U R
00 D A 00 / / P
SW
the entry is valid and is available for use in address translation
the entry is undefined or not present in physical memory : page fault
R/W
0
1
0
1
User
None
None
Read-only
R/W
Supervisor
R/W
R/W
R/W
R/W
Maeng Lect 8-8
Protected-Mode System-Control Instruction Set
Instruction Set
 See figure 8.27 in page 354
Examples
 LAR D, S : Load access right byte
• LAR r16, r/m16 ; LAR r32, r/m32
• high order double word: 00FxFF00 <- mask
 ARPL r/m16, r16 : Adjust RPL field of the selector
• If RPL bits(0,1) of Dest < RPL bits(0,1) of SRC
Then ZF <-1; RPL bits(0,1) of DEST <-RPL bits(0,1) of SRC;
else ZF <-0;
Maeng Lect 8-9
Multitasking and Protection
 386 : multitasking software architecture
• on-chip hardware that both permits multiple tasks to exist and allows them to be
scheduled for execution in a time-shared manner.
 Task switching mechanism
• 16 MHz 386 : task switch 19 ms
Task 1
Local Address
Space
Task 1 Virtual Address Space
Task 3 Virtual Address Space
Task 3
Local Address
Space
Global
Address
Space
Task 2 Virtual Address Space
Task 2
Local Address
Space
Maeng Lect 8-10
Protection and the Protection Model
 Protection : unauthorized or incorrect accesses of a task’s memory resources
• Segmentation, paging, and descriptors
Segment Level Protection
 In parallel with address translation
 Five Protection Checks
• Type Check: 16 types, Code and Data
• Limit Check
• Restriction of Addressable Domain : readable, writeable
• Restriction of Procedure Entry Point
• Restriction of Instruction Set
 See Figure 8.29 and 8.30
Maeng Lect 8-11
Privilege Levels
Task A local
address space
Applications
Custom
extensions
System
Services
global
address space
Kernel
Level Level
1
0
Level
2
Level
3
Task B local
address space
Task C local
address space
Data Structures contains Privilege Levels
 CPL : Current Privilege Level
• DPL of the access rights byte in CS segment descriptor cache register
• privilege level of the code and data segment for the current task
 RPL : Requested Privilege Level
• the privilege level of the new selector loaded into a segment register
Maeng Lect 8-12
 DPL : Segment Desriptor Privilege Level
Checking:
 When the selector of a descriptor is loaded into a segment register
Restricting Access Data
 See fig 8.32
 Descriptors : DS, ES, FS, GS, or SS
 CPL : current privilege level
DPL : seg descriptor of the segment containing the operand
RPL : requestor's privilege of the selector ;
• DPL MAX (CPL, RPL)
• Stack : RPL = CPL
Maeng Lect 8-13
Restricting Control Transfers
 Intrasegment Jump and Call
• limit check
 Intersegment Jump and Call
• the operand selects the descriptor of another executable segment (Case 1)
• the operand selects a call gate descriptor (Case 2)
 Case 1
• See fig 8.33
• CPL = DPL or CPL> DPL if the selected code segment is confirming segment
1
DPL =1
Conforming
Code
Seg
1
2
E
2
2
3
Jmp Call
Ret
3
Jmp Call
Ret
1
E
3
E
E
Intrasegment
E
Intersegment
E
Calling a Confirming Segment
Maeng Lect 8-14
Gate Descriptors
 Call Gates
Trap Gates
Interrupt Gates
Task Gates
 Call Gates
• To define an entry point of a procedure
• To specify the privilege level required to enter a procedure
32
24 23
7
OFFSET 31..16
3
SELECTOR
 Type :
4
5
6
7
16 15
8 7
P DPL 0 TYPE 0 0 0
OFFSET 15 .. 0
Call Gate
Task Gate
Interrupt Gate
Trap Gate
0
DWORD
COUNT
4
0
P =0 : Descriptor contents are not valid
=1 : Descriptor contents are valid
WORD COUNT : Number of double words to copy from
caller’s stack to called procedure’s stack. Call
Gate only
Maeng Lect 8-15