Hi.
When CPL = 0, can i access another CPL = 0 segment?
If yes, when CPL = 3, can i access another CPL = 3 segment?
If yes, i dont understand that what is the protection mechanism?
Example i will wrote this code;
mov fs, 0x08
mov byte[fs:0], 5
Im asking this question, because i will create a list in another segment(Data Segment). And i will read and write this list.
Thanks.
Can access?
You mean you wanna know something about Protection machinism between Processes (Tasks) ? If yes , because different processes usually are using different page tables. The policy seperate processes safety. And within a process , Protection machinism include follow things:
1) Segment Limit Check .
2) Privilidge Check
3) Paging Check
Because Segments may be of different Limit and Base. So You question's answer's NOT ALWAYS BUT SOMETIMES when they are of the same Base and Limit.
Hmm...That's my thought
1) Segment Limit Check .
2) Privilidge Check
3) Paging Check
Because Segments may be of different Limit and Base. So You question's answer's NOT ALWAYS BUT SOMETIMES when they are of the same Base and Limit.
Hmm...That's my thought
Just Lazy Writing Anything...
Ok, easy example:
Kernel - Ring 0, virtual address 0xf0000000
Process 1 - Ring 3, virtual addr 0x00100000
Process 2 - Ring 3, virtual addr 0x00100000
Both processes appear at the same location, however they are using different phyiscal memory via their own page tables. Neither one can access any memory not defined in their page table, and less than ring 3 (unless it's caused by an interrupt, but that's for another time). So, both processes would have the kernel in their page table entries, except it's ring 0, so if they try to access it, it would create a fault. Neither process can see the other one at all, so each process is stuck in it's own little space. If it generates a fault due to accessing memory it doesn't own, the kernel gets the interrupt and can kill the offending process. The kernel on the other hand, has its list of processes, and can update that list however it wants since it runs in ring 0.
Kernel - Ring 0, virtual address 0xf0000000
Process 1 - Ring 3, virtual addr 0x00100000
Process 2 - Ring 3, virtual addr 0x00100000
Both processes appear at the same location, however they are using different phyiscal memory via their own page tables. Neither one can access any memory not defined in their page table, and less than ring 3 (unless it's caused by an interrupt, but that's for another time). So, both processes would have the kernel in their page table entries, except it's ring 0, so if they try to access it, it would create a fault. Neither process can see the other one at all, so each process is stuck in it's own little space. If it generates a fault due to accessing memory it doesn't own, the kernel gets the interrupt and can kill the offending process. The kernel on the other hand, has its list of processes, and can update that list however it wants since it runs in ring 0.
It is easy.... Yes every process running on CPL 3 can acces any other CPL 3 segment. However. It can not change virtual memory mapping so it can not acces memory not mapped to it's space. It can not also change GDT so it can not gain acces to descriptors not belonging to it. More common soulution is to let it acces whole linear memory space and map there what they can acces only.
Simply force selectors upon a task that do not infringe upon another programs data. If they are unable to access it with there selectors and are unable to change the selectors (i am not sure how todo that) then other processes are safe. I would advise using virtual memory though, it is highly effective and useful.Tolga wrote:Is "virtual memory mapping" page tables?
If yes, without paging how do this protection work?