The holy bible of SWEB - Institute of Applied Information Processing ...

More documents

Recommendations

Info

3.3. BASIC CONCEPTS CHAPTER 3. VM, PROTECTION AND PAGING Figure 3.1: Protected Mode Segment Descriptor ((c) Dr. Jim Plusquellic [2]) 3.3 Basic Concepts 3.3.1 Protected Mode The IA32 Architecture offers a feature-set called "Protected Mode", which makes task separation possible. Using the protected mode capabilities, we can place restrictions on what a piece of code is allowed to do and in which part of the physical memory it may work. The two mechanisms making this possible are protected-mode- Segmentation and Paging. They will be explained in this chapter. Note that in order to switch to Protected Mode, at the very least the special registers GDTR and IDTR must have been loaded. 3.3.2 Protected Mode Segmentation Protected Mode Segmentation works differently than Real Mode Segmentation. In this document we consider only Protected Mode Segmentation. Basically it works by defining memory segments using so-called Segment Descriptors. They contain a Start Address in linear memory and a Limit to how much memory beyond the start address a program is allowed to access. The segment descriptor also defines restrictions on the kind of operations a program can execute. Otherwise a Segment Violation is triggered. Even before switching to Protected Mode, some Segment Descriptors need to be defined in the so-called Global Descriptor Table (short GDT). Like any descriptor table, the GDT is an array of Segment Descriptors of 8 byte length. Obviously, a restricted program can not be allowed to (re)write the GDT and the protection mechanisms available should be employed to prevent this. The GDT should contain at least one reasonable Segment Descriptor beyond the first entry. The first entry also called the Null Descriptor, has a special purpose and all its values set to zero. Once a GDT has been set up, we can point the CPU to its location in memory by loading its linear address into the Global Descriptor Table Register (short GDTR) using the LGDT instruction. Figure 3.1 shows the fields of a Segment Descriptor. Table 3.1 explains their use. Obviously, defining just one set of Descriptors for all programs is not going to help much with Task Separation, so conveniently the Local Descriptor Table (short LDT) comes to the rescue. The LDT, just like the GDT, is an array of Segment Descriptors, 26 of 151
CHAPTER 3. VM, PROTECTION AND PAGING 3.3. BASIC CONCEPTS Field Field Bits Use Limit 20 bits defines the amount of bytes, starting from the Base Address, which a program is allowed to access Base 25 bits the physical starting address of the Segment P 1 bit Descriptor Present Flag, if set to 0 entry is ignored DPL 2 bits Descriptor Privilege Level S 1 bit System Descriptor Flag if set, this is a special system descriptor Type 3 bits defines the segment type (note: interpretation is different in system descriptors) Type=000 Data, read-only Type=001 Data, read/write Type=010 Stack, read-only Type=011 Stack, read/write Type=100 Code, execute-only Type=101 Code, execute/read Type=110 Code, execute-only, aligned to 4 bytes Type=111 Code, execute/read, aligned to 4 bytes A 1 bit set by the CPU, indicates if a Segment has been accessed G 1 bit Granularity: defines the size of one Limit-Unit G=0 Granularity is 1 Byte, segments are 1 byte to 1 MiB in length G=1 Granularity is 4 KiB, segments are 4KiB to 4GiB in length D 1bit If 1: all instructions are assumed to be 32bit, 16bit otherwise. U 1bit user defined bit Table 3.1: Segment Descriptor Fields 27 of 151
Page 1 and 2: The holy bible of SWEB SWEB-Crew Se
Page 3 and 4: Contents 1 Install 13 1.1 some note
Page 5 and 6: CONTENTS CONTENTS 6 System Calls 71
Page 7 and 8: CONTENTS CONTENTS 11.6.9Running Xen
Page 9 and 10: List of Figures 3.1 Protected Mode
Page 11 and 12: List of Tables 3.1 Segment Descript
Page 13 and 14: Chapter 1 Install Basic guidelines
Page 15 and 16: CHAPTER 1. INSTALL 1.2. RUNNING SWE
Page 17 and 18: CHAPTER 1. INSTALL 1.3. DEVELOPERS
Page 19 and 20: Chapter 2 GDB 2.1 General The GNU P
Page 21 and 22: CHAPTER 2. GDB 2.5. USING DDD The d
Page 23 and 24: CHAPTER 2. GDB 2.5. USING DDD To ge
Page 25: Chapter 3 VM, Protection and Paging
Page 29 and 30: CHAPTER 3. VM, PROTECTION AND PAGIN
Page 55 and 56: Chapter 4 Kernelspace Memory Manage
Page 57 and 58: CHAPTER 4. KERNELSPACE MEMORY MANAG
Page 59 and 60: CHAPTER 4. KERNELSPACE MEMORY MANAG
Page 61 and 62: Chapter 5 Threads and Processes 5.1
Page 63 and 64: CHAPTER 5. THREADS AND PROCESSES 5.
Page 65 and 66: CHAPTER 5. THREADS AND PROCESSES5.4
Page 71 and 72: Chapter 6 System Calls 6.1 Base Inf
Page 73 and 74: CHAPTER 6. SYSTEM 6.2. CALLS SYSTEM
Page 75 and 76: CHAPTER 6. SYSTEM CALLS 6.3. SYSTEM
Page 77 and 78:
CHAPTER 6. SYSTEM CALLS 6.3. SYSTEM
Page 79 and 80:
CHAPTER 6. SYSTEM CALLS 6.3. SYSTEM
Page 81 and 82:
Chapter 7 Character Devices 7.1 Int
Page 83 and 84:
CHAPTER 7. CHARACTER DEVICES 7.3. C
Page 85 and 86:
CHAPTER 7. CHARACTER DEVICES 7.4. K
Page 87 and 88:
CHAPTER 7.5. SERIAL 7. CHARACTER PO
Page 89 and 90:
Page 91 and 92:
Page 93 and 94:
CHAPTER 7. CHARACTER DEVICES 7.7. T
Page 95 and 96:
CHAPTER 7. CHARACTER DEVICES 7.7. T
Page 97 and 98:
CHAPTER 7. CHARACTER DEVICES 7.8. C
Page 99 and 100:
Chapter 8 Block Devices 8.1 Introdu
Page 101 and 102:
CHAPTER 8. BLOCK DEVICES 8.2. IMPLE
Page 103 and 104:
Page 105 and 106:
Page 107 and 108:
Chapter 9 VFS, FS 9.1 Introduction
Page 109 and 110:
CHAPTER 9. VFS, FS 9.3. VFS DATA ST
Page 111 and 112:
Page 113 and 114:
Page 115 and 116:
CHAPTER 9. VFS, FS 9.4. RAMFS - MEM
Page 117 and 118:
Chapter 10 Locking 10.1 Introductio
Page 119 and 120:
CHAPTER 10. LOCKING 10.2. LOCKS 10.
Page 121 and 122:
CHAPTER 10. LOCKING 10.4. CRITICAL
Page 123 and 124:
Page 125 and 126:
Page 127 and 128:
Chapter 11 Xen 11.1 Introduction Th
Page 129 and 130:
CHAPTER 11. XEN 11.3. XEN Xen diffe
Page 131 and 132:
CHAPTER 11. XEN 11.4. SWEB- XEN 11.
Page 133 and 134:
CHAPTER 11. XEN 11.4. SWEB- XEN 21
Page 135 and 136:
CHAPTER 11. XEN 11.4. SWEB- XEN Fig
Page 137 and 138:
CHAPTER 11. XEN 11.4. SWEB- XEN 11.
Page 139 and 140:
CHAPTER 11. XEN 11.4. SWEB- XEN Fig
Page 141 and 142:
CHAPTER 11. XEN 11.6. APPENDIX: INS
Page 143 and 144:
Page 145 and 146:
Page 147 and 148:
Page 149 and 150:
Chapter 12 Hacking Sweb This chapte
Page 151:
Bibliography [1] Wikipedia:Binary_p
show all

The holy bible of SWEB - Institute of Applied Information Processing ...

Create successful ePaper yourself

Delete template?

Save as template?