"Consistent code segment" and "inconsistent code segment" are confusing!

Source: Internet
Author: User

In the course of learning, I found that "consistency" and "inconsistency"CodeThe definition of the section is not too clear, so I made a round online and summarized it to help me better understand it! Haha

1. The so-called "consistent code segment" aims to share. For example, if the privileged level of the consistent code segment is 2, the consistent code can be accessed even if the privileged level is 3. That is, allow low-Permission code to access high-Permission code. After successful access, the current privileged level is not the target code's privileged level, but the original code's privileged level. That is to say, CPL remains unchanged after the jump. It should be noted that the DPL definition of consistent code segments defines the highest permission to allow access to change consistent code segments, that is, if you have a higher permission than DPL in a consistent code segment, you are not allowed to access this consistent code segment.

2. For non-consistent code segments, only transfer at the same privilege level is allowed.

There are the following reasons:
(1) high-privilege Code cannot be called at the low-privilege level, that is, code at the High-privilege level is protected.
(2) Low-privilege Code cannot be called at the High-privilege level. In order to prevent low-privilege code from obtaining high-privilege level code, some system commands can be executed.

That is to say:
If the transfer target is a consistent code segment, as long as CPL> = DPL can be transferred, and CPL remains unchanged, that is, access the High-privilege code at the original privileged level, this is "consistent ".

If the transfer target is a non-consistent code segment, only CPL = DPL allows the transfer.

Summary: DPL of the same code segment specifies the highest permission for successfully accessing it. Code with a higher permission cannot access it successfully. After a consistent code segment is successfully accessed, CPL remains the original permission. Such settings are mainly for sharing, such as some function libraries, without permission restrictions.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.