Intel 80386 manual Segmentation Introduction, Terminology, Descriptor Tables

4.3 SEGMENTATION

4.3.1 Segmentation Introduction

Segmentation is one method of memory manage- ment. Segmentation provides the basis for protec- tion. Segments are used to encapsulate regions of memory which have common attributes. For exam- ple, all of the code of a given program could be con- tained in a segment, or an operating system table may reside in a segment. All information about a segment is stored in an 8 byte data structure called a descriptor. All of the descriptors in a system are contained in tables recognized by hardware.

4.3.2 Terminology

The following terms are used throughout the discus- sion of descriptors, privilege levels and protection:

PL: Privilege Level-One of the four hierarchical privilege levels. Level 0 is the most privileged level and level 3 is the least privileged. More privileged levels are numerically smaller than less privileged levels.

RPL: Requestor Privilege Level-The privilege level of the original supplier of the selector. RPL is deter- mined by the least two significant bits of a selector.

DPL: Descriptor Privilege Level-This is the least privileged level at which a task may access that de- scriptor (and the segment associated with that de- scriptor). Descriptor Privilege Level is determined by bits 6:5 in the Access Right Byte of a descriptor.

CPL: Current Privilege Level-The privilege level at which a task is currently executing, which equals the privilege level of the code segment being executed.

CPL can also be determined by examining the low- est 2 bits of the CS register, except for conforming code segments.

EPL: Effective Privilege Level-The effective privi- lege level is the least privileged of the RPL and DPL. Since smaller privilege level values indicate greater privilege, EPL is the numerical maximum of RPL and DPL.

Task: One instance of the execution of a program. Tasks are also referred to as processes.

4.3.3 Descriptor Tables

4.3.3.1 DESCRIPTOR TABLES INTRODUCTION

The descriptor tables define all of the segments which are used in an 80386 system. There are three types of tables on the 80386 which hold descriptors: the Global Descriptor Table, Local Descriptor Table, and the Interrupt Descriptor Table. All of the tables are variable length memory arrays. They can range in size between 8 bytes and 64K bytes. Each table can hold up to 8192 8 byte descriptors. The upper 13 bits of a selector are used as an index into the descriptor table. The tables have registers associat- ed with them which hold the 32-bit linear base ad- dress, and the 16-bit limit of each table.

Each of the tables has a register associated with it the GDTR, LDTR, and the IDTR (see Figure 4-3). The LGDT, LLDT, and LlDT instructions, load the base and limit of the Global, Local, and Interrupt De- scriptor Tables, respectively, into the appropriate register. The SGDT, SLOT, and SlOT store the base and limit values. These tables are manipulated by the operating system. Therefore, the load descriptor table instructions are privileged instructions.