PROTECTION
An important distinction exists between tasks and programs. Programs (e.g., instructions in code segments) are static and consist of a fixed set of code and data segments each with an associated privilege level. The privilege assigned to a program determines what the program may do when executed by a task. Privilege is assigned to a program w~en the system is built or when the program is loaded.
Tasks are dynamic; they execute one or more programs. Task privilege changes with time according to the privilege level of the program being executed. Each task has a unique set of attributes that define it, e.g., address space, register values, stack, data, etc. A task may execute a program if that program appears in the task's address space. The rules of protection control determine when a program may be executed by a task, and once executed, determine what the program may do.
7.2MEMORY MANAGEMENT AND PROTECTION
The protection hardware of the 80286 is related to the memory management hardware. Since protec- tion attributes are assigned to segments, they are stored along with the memory management infor- mation in the segment descriptor. The protection information is specified when the segment is created. In addition to privilege levels, the descriptor defines the segment type (e.g., Code segment, Data segment, ~tc.). Descriptors may be created either by program development tools or by a loader in a dynamically loaded reprogrammabie environment.
The protection control Information consists of a segment type, its privilege level, and size. These are fields in the access byte of the segment descriptor (see figure
The hardware performs several checks while loading a segment register. These checks enforce the protection rules before any memory reference is generated. The hardware verifies that the selected segment is valid (is identified by a descriptor, is in memory, and is accessible from the privilege level in which the program is executing) and that the type is consistent with the target segment register. For example, you cannot load a
writable. |
|
|
|
| ' |
|
|
|
PROGRAM VISIBLE |
| r- - | ||||||
|
| I | 'ACCESS |
|
|
| I | |
SEGMENT SELECTORS' |
| I | RIGHTS | SEGMENT BASE ADDRESS | SEGMENT SIZE |
| I | |
::~,' | i | I | I |
| I | I ! | ||
|
| |||||||
I | I | : | I | . I |
| I | I | : |
15 | o | I | 47 | 40 39 |
| 16 15 | 0 | I |
SEGMENT REGISTERS |
| I |
|
| SEGMENT DESCRIPTOR CACHE REGISTERS |
| I | |
(loaded by program) |
| L ________(!T~M:TI~':.Y.:o~E~B':c:u~ _______ J | ||||||
|
| |||||||
G30108
