Professional Documents
Culture Documents
Protection 80386 RNM
Protection 80386 RNM
1 1
• Protection which isolate and protect user
programs from each other and the operating
system
2
Need of Protection,
Overview of 80386DX Protection
4
Segment Level Protection
• Type Checking:
• Type field of the descriptor specifies
1. Type of descriptor (system/non-
system)
2. Intended usage of the segment. Ex. If
the segment is read only segment then
its accessed is limited to only reading
purpose
5
Segment Level Protection
• Limit Checking:
• To prevent program from addressing outside the
segments.
• It interprets limit field depending on the setting of the G
(granularity) bit, which specifies whether limit value
counts 1 byte or 4 Kb.
6
Privilege Level Protection
• 80386 DX has four levels of protection which
isolate and protect user programs from each
other and the operating system
• The privilege levels (PL) are numbered 0
through 3.
• Level 0 is the highest privilege level and level
3 is the lowest privilege level
7 7
Protection
Operating System Operating System
Services Kernel
Level 0
Level 1
Level 2
Level 3
Applications
8
Rules for Privileges
• Intel 80386DX controls access to both data
and procedures according to the following
rules:
(1) Data segment with privilege level p can be
accessed only by the code executing at a
privilege level at least privileged as p
(E.g. Application programs are prevented
from reading or changing OS Tables)
VIIT,Pune 9
Rules for Privileges
(2) A code segment with a privilege level P can
only be called by a task executing at the same
or higher privilege level than P
E.g. Task running at level 2 can be called by task
of level 2 or level 1
VIIT,Pune 10
Privilege Level
• There are 3 different types of privilege level
entering into the privilege level checks:
– Current Privilege Level (CPL)
– Descriptor Privilege Level (DPL)
– Requestor Privilege Level (RPL)
VIIT,Pune 11
Protection
• CPL – Current Privilege Level is the
privilege level of the currently
executing program or task.
• DPL - Descriptor privilege level is the
privilege level of a segment. It is stored
in the DPL field of the segment
descriptor
• RPL - Requested privilege level is field
in selectors.
12