User's Manual

ManualsBrandsIntel ManualsWebcamIntel Intel Webcam 253668-032US

201

202

203

204

205

206

207

208

209

210

5-40 Vol. 3

PROTECTION

page-fault exception mechanism. This chapter describes the protection violations

which lead to page-fault exceptions.

5.11.1 Page-Protection Flags

Protection information for pages is contained in two flags in a paging-structure entry

(see Chapter 4): the read/write flag (bit 1) and the user/supervisor flag (bit 2). The

protection checks use the flags in all paging structures.

5.11.2 Restricting Addressable Domain

The page-level protection mechanism allows restricting access to pages based on

two privilege levels:

• Supervisor mode (U/S flag is 0)—(Most privileged) For the operating system or

executive, other system software (such as device drivers), and protected system

data (such as page tables).

• User mode (U/S flag is 1)—(Least privileged) For application code and data.

The segment privilege levels map to the page privilege levels as follows. If the

processor is currently operating at a CPL of 0, 1, or 2, it is in supervisor mode; if it is

operating at a CPL of 3, it is in user mode. When the processor is in supervisor mode,

it can access all pages; when in user mode, it can access only user-level pages. (Note

that the WP flag in control register CR0 modifies the supervisor permissions, as

described in

Section 5.11.3, “Page Type.”)

Note that to use the page-level protection mechanism, code and data segments must

be set up for at least two segment-based privilege levels: level 0 for supervisor code

and data segments and level 3 for user code and data segments. (In this model, the

stacks are placed in the data segments.) To minimize the use of segments, a flat

memory model can be used (see

Section 3.2.1, “Basic Flat Model”).

Here, the user and supervisor code and data segments all begin at address zero in

the linear address space and overlay each other. With this arrangement, operating-

system code (running at the supervisor level) and application code (running at the

user level) can execute as if there are no segments. Protection between operating-

system and application code and data is provided by the processor’s page-level

protection mechanism.

5.11.3 Page Type

The page-level protection mechanism recognizes two page types:

• Read-only access (R/W flag is 0).

• Read/write access (R/W flag is 1).