Linux Kernel learning notes (1)-multipart paging Protection

Three different addresses are involved in addressing with an 80x86 processor. The relationship is as follows:

 

Logical Address -------------------> linear address ------------------------> physical address

(Segmented) (paging)

Segmented protection mechanism:

 

A logical address consists of two parts: Segment identifier and offset. The offset is a 32-bit long field, and the segment identifier is a 16-bit long field, which is called a segment selector and contains a 13-bit segment descriptor index, A one-bit gdt and LDT indicate a bit and a two-bit requester privilege level.

The requester privilege level (RPL) is used to indicate the privilege level of the current CPU. 0 indicates the highest priority. 3 indicates the lowest priority. Linux uses only 0 and 3, which are called kernel and user States respectively.

 

To quickly and conveniently locate the segment selection character, the processor provides a segment register. The unique purpose of the segment register is to store the segment selection character. The CS register contains a two-digit field, specifies the current CPU priority (CPL ).

 

The segment descriptor is an 8-byte representation of the segment. It is stored in the Global Descriptor Table (gdt) and Local Descriptor Table (LDT). Because the segment descriptor contains a large amount of content, we will not describe them here. The key is a two-digit descriptor privilege level (DPL), which is mainly used to restrict access to this segment. It indicates the Minimum CPU priority that can access this segment.

 

The preceding three paragraphs contain three privileged levels: RPL, CPL, and DPL. Is it a bit dizzy, don't worry, the following describes the relationship between the three.

 

DPL: descriptor privilege level)

The permission bit stored in the descriptor is used to describe the privilege level of the code, that is, the real privilege level of the Code itself. A program can use multiple segments (data, code, stack) or
Use a code segment. Under normal circumstances, when the program environment is established, the segment descriptor does not need to be changed-of course, DPL does not need to be changed, so the DPL value of each segment is fixed.

CPL: current privilege level)

It is the value obtained from the combination of Bit 0 and bit 1 in CS register. At a certain time point, only this value uniquely represents the CPL of the program. In Linux, it indicates whether the system is in the kernel or user State.

 

RPL: Request privilege level RPL (request privilege level)

RPL is saved at least two of the sub-names.
RPL
It indicates the access request permission of the process to the segment, which means the request permission that the current process wants.
RPL
Of
Value
The RPL> = CPL is not necessarily set by the programmer. But when RPL <CPL, CPL actually works, because the Privilege Check during access is a judgment.
Disconnected:EPL = max (RPL, CPL) <= DPL
Whether it is true, so RPL can be considered as an additional limit for each access. RPL = 0 has the minimum limit, and RPL = 3 has
Maximum limit. So don't try to set up an RPL to access a segment that is more inner than Cpl.

Because it is impossible for you to get higher permissions than yourself, you must apply for lower permissions than you actually can pass CPU review, in order to allow you. So in fact, the role of RPL is that programmers can downgrade their programs to run. Sometimes, for better security, programs can reduce their permissions at the right time (RPL is set to a larger value ).

 

Use privileged-level protection mechanisms in the section Mechanism

 

Paging protection mechanism:

 

The paging mechanism divides 32-bit linear addresses into three fields.

Directory item (10 characters in height)

Page table item (medium 10 digits)

Offset (12 digits below)

 

The page Directory items and page table items have the same structure. The permissions are as follows:

Read/write flag

Read/write privilege. If it is 0, the corresponding page or page is read-only. If it is 1, it indicates that the page can be read and written.

User/supervisor flag

There are only two privileged levels related to the page table. If the flag is 0, it can be addressable only when it is in the kernel state. If the flag is 1, it can always be addressing the page.