OSDev.org

Hi.

When CPL = 0, can i access another CPL = 0 segment?

If yes, when CPL = 3, can i access another CPL = 3 segment?

If yes, i dont understand that what is the protection mechanism?

Example i will wrote this code;

mov fs, 0x08
mov byte[fs:0], 5

Im asking this question, because i will create a list in another segment(Data Segment). And i will read and write this list.

Thanks.

You mean you wanna know something about Protection machinism between Processes (Tasks) ? If yes , because different processes usually are using different page tables. The policy seperate processes safety. And within a process , Protection machinism include follow things:
1) Segment Limit Check .
2) Privilidge Check
3) Paging Check

Because Segments may be of different Limit and Base. So You question's answer's NOT ALWAYS BUT SOMETIMES when they are of the same Base and Limit.

Hmm...That's my thought

No. Not about between processes. Example, i will create a list of running applications memory addresses. And i will read application address from this table, i will write when an application has been executed. This is only an example.

Ok, easy example:

Kernel - Ring 0, virtual address 0xf0000000
Process 1 - Ring 3, virtual addr 0x00100000
Process 2 - Ring 3, virtual addr 0x00100000

Both processes appear at the same location, however they are using different phyiscal memory via their own page tables. Neither one can access any memory not defined in their page table, and less than ring 3 (unless it's caused by an interrupt, but that's for another time). So, both processes would have the kernel in their page table entries, except it's ring 0, so if they try to access it, it would create a fault. Neither process can see the other one at all, so each process is stuck in it's own little space. If it generates a fault due to accessing memory it doesn't own, the kernel gets the interrupt and can kill the offending process. The kernel on the other hand, has its list of processes, and can update that list however it wants since it runs in ring 0.

It is easy.... Yes every process running on CPL 3 can acces any other CPL 3 segment. However. It can not change virtual memory mapping so it can not acces memory not mapped to it's space. It can not also change GDT so it can not gain acces to descriptors not belonging to it. More common soulution is to let it acces whole linear memory space and map there what they can acces only.

Is "virtual memory mapping" page tables?

If yes, without paging how do this protection work?

hmm seems like a good idea to make some sort of code snipplet type thing that includes functions for CanRead(), CanWrite(), GetLimit() [in bytes], GetBase() [in bytes], IsExpandDown(), IsConforming (return 1 if it's a cde segment and conforming, else return 0)

/me begins doing a bit of work on it..

Tolga wrote:Is "virtual memory mapping" page tables?

If yes, without paging how do this protection work?

Simply force selectors upon a task that do not infringe upon another programs data. If they are unable to access it with there selectors and are unable to change the selectors (i am not sure how todo that) then other processes are safe. I would advise using virtual memory though, it is highly effective and useful.