Fig.6-1 Protection Fields of Segment Descriptors

Figure 6-1. Protection Fields of Segment Descriptors DATA SEGMENT DESCRIPTOR 31 23 15 7 0 +-----------------+-----------------+-----------------+-----------------+ | | | | |A| LIMIT | | | TYPE | | | BASE 31..24 |G|B|0|V| 19..16 |P| DPL | | BASE 23..16 | 4 | | | | |L| | | |1|0|E|W|A| | |-----------------------------------+-----------------------------------| | | | | SEGMENT BASE 15..0 | SEGMENT LIMIT 15..0 | 0 | | | +-----------------+-----------------+-----------------+-----------------+ EXECUTABLE SEGMENT DESCRIPTOR 31 23 15 7 0 +-----------------+-----------------+-----------------+-----------------+ | | | | |A| LIMIT | | | TYPE | | | BASE 31..24 |G|D|0|V| 19..16 |P| DPL | | BASE 23..16 | 4 | | | | |L| | | |1|1|C|R|A| | |-----------------------------------+-----------------------------------| | | | | SEGMENT BASE 15..0 | SEGMENT LIMIT 15..0 | 0 | | | +-----------------+-----------------+-----------------+-----------------+ SYSTEM SEGMENT DESCRIPTOR 31 23 15 7 0 +-----------------+-----------------+-----------------+-----------------+ | | | | |A| LIMIT | | | | | | | BASE 31..24 |G|X|0|V| 19..16 |P| DPL |0| TYPE | BASE 23..16 | 4 | | | | |L| | | | | | | |-----------------------------------+-----------------------------------| | | | | SEGMENT BASE 15..0 | SEGMENT LIMIT 15..0 | 0 | | | +-----------------+-----------------+-----------------+-----------------+ A - ACCESSED E - EXPAND-DOWN AVL - AVAILABLE FOR PROGRAMMERS USE G - GRANULARITY B - BIG P - SEGMENT PRESENT C - CONFORMING R - READABLE D - DEFAULT W - WRITABLE DPL - DESCRIPTOR PRIVILEGE LEVEL See Also:
6.3.1.1 Fig.B-1

Fig.6-2 Levels of Privilege

Figure 6-2. Levels of Privilege TASK C +---------------------------------------------------+ | +-----------------------------------------------+ | | | APPLICATIONS | | | | +-----------------------------------+ | | | | | CUSTOM EXTENSIONS | | | | | | +-----------------------+ | | | | | | | SYSTEM SERVICES | | | | | | | | +-----------+ | | | | | | | | | KERNAL | | | | | |-|-----+-----+-----+-----------+-----+-----+-----|-| | | | | | |LEVEL|LEVEL|LEVEL|LEVEL| | | | | | | | 0 | 1 | 2 | 3 | | | | | | +-----+-----+ | | | | | | | | | | | | | | | | +-----------+-----------+ | | | | | | | | | | | | +-----------------+-----------------+ | | | | | | | TASK B| +-----------------------------------------------+ |TASK A +------------------------+ +------------------------+

Fig.6-3 Privilege Check for Data Access

Figure 6-3. Privilege Check for Data Access 16-BIT VISIBLE SELECTOR INVISIBLE DESCRIPTOR +---------------------------------------------------+ CS | | |CPL| | +---------------------------------------------------+ | TARGET SEGMENT SELECTOR | +-----------+ +-----------------------------+ +------->| PRIVILEGE | | INDEX | |RPL|---------------------->| CHECK | +-----------------------------+ +------->| BY CPU | | +-----------+ DATA SEGMENT DESCRIPTOR +---+ | 31 23 15 | 7 0 +-----------------+-----------------+-----------------+-----------------+ | | | | |A| LIMIT | | |S| Type | | | BASE 31..24 |G|B|0|V| |P| DPL | | | BASE 23..16 | 4 | | | | |L| 19..16 | | |1|0|E|W|A| | |-----------------------------------+-----------------------------------| | | | | SEGMENT BASE 15..0 | SEGMENT LIMIT 15..0 | 0 | | | +-----------------+-----------------+-----------------+-----------------+ CPL - CURRENT PRIVILEGE LEVEL RPL - REQUESTOR'S PRIVILEGE LEVEL DPL - DESCRIPTOR PRIVILEGE LEVEL

Fig.6-4 Privilege Check for Control Transfer without Gate

Figure 6-4. Privilege Check for Control Transfer without Gate 16-BIT VISIBLE SELECTOR INVISIBLE PART +---------------------------------------------------+ | | |CPL| | CS +---------------------------------------------------+ | | +-----------+ +------->| PRIVILEGE | +----------->| CHECK | | +--->| BY CPU | CODE-SEGMENT DESCRIPTOR | | +-----------+ | | 31 23 15 | | 7 0 +-----------------+-----------------+-----------------+-----------------+ | | | | |A| LIMIT | | |S| Type | | | BASE 31..24 |G|D|0|V| |P| DPL | | | BASE 23..16 | 4 | | | | |L| 19..16 | | |1|1|C|R|A| | |-----------------------------------+-----------------------------------| | | | | SEGMENT BASE 15..0 | SEGMENT LIMIT 15..0 | 0 | | | +-----------------+-----------------+-----------------+-----------------+ CPL - CURRENT PRIVILEGE LEVEL DPL - DESCRIPTOR PRIVILEGE LEVEL C - CONFORMING BIT

Fig.6-5 Format of 80386 Call Gate

Figure 6-5. Format of 80386 Call Gate 31 23 15 12 8 7 5 0 +-----------------+-----------------+-----------------+---------------+ | | | | TYPE | | DWORD | | OFFSET 31..16 |P| DPL | |0 0 0| | 4 | | | |0 1 1 0 0| | COUNT | |-----------------------------------+---------------------------------| | | | | SELECTOR | OFFSET 15..0 | 0 | | | +-----------------+-----------------+-----------------+---------------+

Fig.6-6 Indirect Transfer via Call Gate

Figure 6-6. Indirect Transfer via Call Gate OPCODE OFFSET SELECTOR +------------------------------------------------------------+ | CALL | (NOT USED) | INDEX | |RPL| +------------------------------------------------------------+ | DESCRIPTOR TABLE | +-------------------------+ | | | | | | | |------------+------------| | | | | | +-------------------------+ | . . | . . | . . | +-------------------------+ | GATE | OFFSET | DPL |COUNT |<-------------+ EXECUTABLE DESCRIPTOR |------------+------------| SEGMENT +------| SELECTOR | OFFSET |-----+ +--------------+ | |------------+------------| | | | | | | | | | | | | | |------------+------------| | | | | | | | | | | | |------------+------------| | | | | | | | | | +--------->| PROCEDURE | | |------------+------------| | | | | | | | | v |------------+------------| | | EXECUTABLE | BASE | | DPL | BASE | | | SEGMENT |------------+------------| +--------->+--------------+ DESCRIPTOR | BASE | |-----+ +-------------------------+ . . . . . . +-------------------------+ | | | | | |------------+------------| | | | +-------------------------+

Fig.6-7 Privilege Check via Call Gate

Figure 6-7. Privilege Check via Call Gate 16-BIT VISIBLE SELECTOR INVISIBLE DESCRIPTOR +---------------------------------------------------+ CS | | |CPL| | +---------------------------------------------------+ | TARGET SELECTOR | +-----------+ +-----------------------------+ +------->| PRIVILEGE | | INDEX | |RPL|---------------------->| CHECK | +-----------------------------+ +------------------>| BY | | +-->| CPU | +------+ | +-----------+ | | GATE DESCRIPTOR v | +----------------------------------------------+ | | OFFSET | DPL | COUNT | | |-----------------------+----------------------| | | SELECTOR | OFFSET | | +----------------------------------------------+ | | | +----------------------------------------------+ EXECUTABLE | BASE | LIMIT | DPL | BASE | SEGMENT |-----------------------+----------------------| DESCRIPTOR | BASE | LIMIT | +----------------------------------------------+ CPL - CURRENT PRIVILEGE LEVEL RPL - REQUESTOR'S PRIVILEGE LEVEL DPL - DESCRIPTOR PRIVILEGE LEVEL

Fig.6-8 Initial Stack Pointers of TSS

Figure 6-8. Initial Stack Pointers of TSS 31 23 15 7 0 +--------+--------+--------+--------+64 . . . . . . | | |--------+--------+--------+--------| | EFLAGS |24 |--------+--------+--------+--------| | INSTRUCTION POINTER (EIP) |20 |--------+--------+--------+--------| | CR3 (PDBR) |1C |--------+-----------------+--------| -+ |00000000 00000000| SS2 |10|18 | |--------+-----------------+--------| | | ESP2 |14 | |--------+-----------------+--------| | |00000000 00000000| SS1 |01|10 | INITIAL |--------+-----------------+--------| |- STACK | ESP1 |0C | POINTERS |--------+-----------------+--------| | |00000000 00000000| SS0 |00|8 | |--------+-----------------+--------| | | ESP0 |4 | |--------+-----------------+--------| -+ |00000000 00000000| TSS BACK LINK |0 +--------+-----------------+--------+

Fig.6-9 Stack Contents after an Interievel Call

Figure 6-9. Stack Contents after an Interlevel Call 31 0 SS:ESP +-------+-------+<--FROM TSS 31 0 | |OLD SS | +-------+-------+ |-------+-------| D O | | | OLD ESP | I F | | |-------+-------| R | | | PARM 3 | E E | | |-------+-------| C X | | | PARM 2 | T P |-------+-------| |-------+-------| I A | PARM 3 | | PARM 1 | O N |-------+-------| |-------+-------| N S | PARM 2 | | |OLD CS | NEW I |-------+-------| OLD |-------+-------| SS:ESP | O | PARM 1 | SS:ESP | OLD EIP | | | N |-------+-------|<---+ |-------+-------|<-----+ | | | | | v | | | | +-------+-------+ +-------+-------+ OLD STACK NEW STACK

Fig.6-10 Protection Fields of Page Table Entries

Figure 6-10. Protection Fields of Page Table Entries 31 12 11 9 8 7 6 5 4 3 2 1 0 +--------------------------------------+-------------------------+ | | | | | | |U|R| | | PAGE FRAME ADDRESS 31..12 | AVAIL |0 0|D|A|0 0|/|/|P| | | | | | | |S|W| | +--------------------------------------+-------------------------+ R/W - READ/WRITE U/S - USER/SUPERVISOR