Manualshelf

Intel 64 and IA-32 Architectures Software Developers Manual Volume 3A, System Programming Guide, Part 1

ManualsBrandsIntel ManualsOtherIntel Pentium 4 Processor 2.80 GHz, 512K Cache, 533 MHz FSB
141142143144145146147148149150
4-14 Vol. 3A
PROTECTION
violate privilege-level security for the data segment. To prevent these types of privi-
lege-level-check violations, a program or procedure can check access privileges
whenever it receives a data-segment selector from another procedure (see Section
4.10.4, “Checking Caller Access Privileges (ARPL Instruction)”).
4.6.1 Accessing Data in Code Segments
In some instances it may be desirable to access data structures that are contained in
a code segment. The following methods of accessing data in code segments are
possible:
Load a data-segment register with a segment selector for a nonconforming,
readable, code segment.
Load a data-segment register with a segment selector for a conforming,
readable, code segment.
Use a code-segment override prefix (CS) to read a readable, code segment
whose selector is already loaded in the CS register.
The same rules for accessing data segments apply to method 1. Method 2 is always
valid because the privilege level of a conforming code segment is effectively the
same as the CPL, regardless of its DPL. Method 3 is always valid because the DPL of
the code segment selected by the CS register is the same as the CPL.
4.7 PRIVILEGE LEVEL CHECKING WHEN LOADING THE SS
REGISTER
Privilege level checking also occurs when the SS register is loaded with the segment
selector for a stack segment. Here all privilege levels related to the stack segment
must match the CPL; that is, the CPL, the RPL of the stack-segment selector, and the
DPL of the stack-segment descriptor must be the same. If the RPL and DPL are not
equal to the CPL, a general-protection exception (#GP) is generated.
4.8 PRIVILEGE LEVEL CHECKING WHEN TRANSFERRING
PROGRAM CONTROL BETWEEN CODE SEGMENTS
To transfer program control from one code segment to another, the segment selector
for the destination code segment must be loaded into the code-segment register
(CS). As part of this loading process, the processor examines the segment descriptor
for the destination code segment and performs various limit, type, and privilege
checks. If these checks are successful, the CS register is loaded, program control is
transferred to the new code segment, and program execution begins at the instruc-
tion pointed to by the EIP register.