zoukankan      html  css  js  c++  java
  • 【译】x86程序员手册22-6.4页级保护

    6.4 Page-Level Protection 页级保护

    Two kinds of protection are related to pages:

    与页相关的保护有两类:

    1. Restriction of addressable domain. 可寻址域的约束
    2. Type checking. 类型检验

    6.4.1 Page-Table Entries Hold Protection Parameters页表项保存保护参数

    Figure 6-10 highlights the fields of PDEs and PTEs that control access to pages.

    6-10高亮了控制访问页的PDE和PTE(page directory entries and page table entries)的部分段。

     

    6.4.1.1 Restricting Addressable Domain 可寻址域的约束

    The concept of privilege for pages is implemented by assigning each page to one of two levels:

    页特权概念通过将每个页分配给两级中的一个来实现:

    1. Supervisor level (U/S=0) -- for the operating system and other systems software and related data.

    特权级(U/S = 0 —— 分配给操作系统和其他系统软件和相关数据。

    1. User level (U/S=1) -- for applications procedures and data.

    用户级(U/S = 1 —— 分配给应用程序和数据

    The current level (U or S) is related to CPL. If CPL is 0, 1, or 2, the processor is executing at supervisor level. If CPL is 3, the processor is executing at user level.

    当前级别(U或S)与CPL相关。如果CPL是0、1或2,处理器运行在超级用户级别。如果CPL是3,则处理器运行在用户级别。

    When the processor is executing at supervisor level, all pages are addressable, but, when the processor is executing at user level, only pages that belong to the user level are addressable.

    当处理器运行在超级用户级别时,所有页都可寻址,但当片日历运行在用户级别时,仅有那些属于用户级别的是可寻址的。

    6.4.1.2 Type Checking 类型检查

    At the level of page addressing, two types are defined:

    在页寻址级别中,定义了两类:

    1. Read-only access (R/W=0) 只读 R/W = 0)
    2. Read/write access (R/W=1) /写 (R/W = 1)

    When the processor is executing at supervisor level, all pages are both readable and writable. When the processor is executing at user level, only pages that belong to user level and are marked for read/write access are writable; pages that belong to supervisor level are neither readable nor writable from user level.

    当处理器运行在超级用户级别时,所有页即可读,也可写。当处理器运行在用户有级别时,仅当页属于用户级别,并且并标记为读写的才可写入;属于超级用户的页对于用户级别来说即不可读,也不可写。

    6.4.2 Combining Protection of Both Levels of Page Tables 在页表上二个级别的组合保护

    For any one page, the protection attributes of its page directory entry may differ from those of its page table entry. The 80386 computes the effective protection attributes for a page by examining the protection attributes in both the directory and the page table. Table 6-5 shows the effective protection provided by the possible combinations of protection attributes.

    对于任何一页,页目录项的保护属性都不同于页表顶。80386通过检查目录和页表的保护属性来计算保护效果。表6-5显示了通过保护属性可能组合所达到的保护效果。

    Table 6-5. Combining Directory and Page Protection

     

    Page Directory Entry     Page Table Entry      Combined Protection

    U/S          R/W         U/S      R/W          U/S         R/W

     

    S-0          R-0         S-0      R-0           S           x

    S-0          R-0         S-0      W-1           S           x

    S-0          R-0         U-1      R-0           S           x

    S-0          R-0         U-1      W-1           S           x

    S-0          W-1         S-0      R-0           S           x

    S-0          W-1         S-0      W-1           S           x

    S-0          W-1         U-1      R-0           S           x

    S-0          W-1         U-1      W-1           S           x

    U-1          R-0         S-0      R-0           S           x

    U-1          R-0         S-0      W-1           S           x

    U-1          R-0         U-1      R-0           U           R

    U-1          R-0         U-1      W-1           U           R

    U-1          W-1         S-0      R-0           S           x

    U-1          W-1         S-0      W-1           S           x

    U-1          W-1         U-1      R-0           U           R

    U-1          W-1         U-1      W-1           U           W

     

    Note

    S -- Supervisor

    R -- Read only

    U -- User

    W -- Read and Write

    x indicates that when the combined U/S attribute is S, the R/W attribute

    is not checked.

    6.4.3 Overrides to Page Protection 对页保护的覆盖

    Certain accesses are checked as if they are privilege-level 0 references, even if CPL = 3:

    对某些权限进行检查,就象它们处在特权级0下,哪怕CPL等于3:

    • LDT, GDT, TSS, IDT references. LDT、GDT、TSS和IDT的引用
    • Access to inner stack during ring-crossing CALL/INT.

    在跨特权级间进行CALL/INT期间访问内部栈。

  • 相关阅读:
    FTP的搭建与虚拟目录作用<之简单讲解>
    Android NDK: Application targets deprecated ABI(s): armeabi Open File
    Java:集合与数组转换
    优雅的运用 Kotlin 的 null safety 特性,而不要简单的直接用 !!双感叹号
    Android Studio安装Kotlin插件
    ViewPager一屏显示多个item,及边缘滑动事件优化
    卡片式ViewPager,一屏展示多个pager item,设置高度不一致的tabBar
    MPAndroidChart的具体属性方法
    android studio 解析Excel数据格式导入poi-3.17.jar时的一系列报错及处理Failed resolution of: Ljavax/xml/stream/XMLEventFactory,duplicate entry: org/apache/xmlbeans/xml/stream/Location.class,GC overhead limit exceeded
    android调用系统的自定义裁剪后得到的图片不清晰,使用MediaStore.EXTRA_OUTPUT获取缓存下的清晰图片
  • 原文地址:https://www.cnblogs.com/mqmelon/p/6692612.html
Copyright © 2011-2022 走看看