DPL, RPL, CPL privilege level

Source: Internet
Author: User

 

DPL, RPL, CPL

 

DPL is placed in the segment/gate descriptor, and RPL is located in the Selection Sub-, CPL is the CS. RPL that loads the visible part of the Selection Sub-CS

 

Data Segment: The data segment is always the same segment. The data segment must meet the requirements of max (RPL, CPL) <= DPL

 

There is a metaphor:

 

The Prime Minister (CPL = 1) can access the mayor (DPL = 3) in the name of the Governor (RPL = 2. Of course, in the name of the village chief (RPL = 4), it is estimated that no one cares about him.

 

JMP and call jump directly

 

Inconsistent code segments: used for isolation. Cpl = DPL and RPL <= DPL are required. In addition, the privileged fields in Cs remain unchanged.

The caller's CPL, which can only be transferred between code segments of the same level.

Consistent code segment: CPL <= DPL is required, but CPL will pass on without detecting RPL. In this way, you can only gradually transfer to a higher-level code segment.

 

In both cases, CPL has not changed and is the CPL of the caller.

 

Direct jump cannot be transferred freely between various levels of code. You can call the door.

 

The access method is the same as that for accessing data segments.

Max (RPL, CPL) required <= gate. DPL

For call: whether it is a consistent code segment or a non-consistent code segment, CPL <= DPL

For JMP: For inconsistent code segments CPL = DPL, consistent code segments CPL <= DPL

 

Stack Switching

For JMP, there is no stack switching, short JMP jumps within the corresponding segment, and long JMP jumps between corresponding segments

For a call, if there is a privilege-level change, there is a stack switch.

 

There is a TSS, which stores the SS and esp of each privileged stack.

When redirecting to a high-privilege code segment, you must first copy the caller's stack to the called Stack.

 

For example:

Caller Stack: parameter 1, parameter 2, parameter 3

Caller Stack: caller SS, caller ESP, parameter 1, parameter 2, parameter 3, caller CS, caller EIP

The caller's SS and the caller's ESP are obtained in TSS Based on the caller's privileged DPL.

 

When returned, you can obtain the correct SS and esp of the caller Based on the stack content.

 

 

 

 

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.