4.段权限检查(Segment Privilege Check)

风吹吹蛋蛋疼风w

章节介绍

• 参考段寄存器(Segment Register),段形貌符(Segment Descriptor)
  
• CPU特权品级划分.(R0为内核.R1,R2操作系统并未利用.R3为应用层.."VT"(-1)."上帝模式"(-2)).
  
• CPL,DPL,RPL,识别与权限比较.
  

0.CPU权限品级


处置惩罚器的段保护机制可以识别4个特权级别，编号从0到3。数字越大，特权就越低。
处置惩罚器利用特权级别来防止在较低特权级别上操作的程序或任务访问具有更大权限的段，除非在受控的情况下。当处置惩罚器检测到特权级别违反时，它会生成一个通用保护异常(#GP)。
R0: 操作系统内核
R1: 操作系统服务
R2: 操作系统服务
R3: 应用程序
1.CPL(Current Privilege Level)

CPL: CPU当前的权限级别(CS,SS低2位为当前CPL)
在应用层中:

CS: 0x001B 0000 0000 0001 1011 CPL = 3
SS: 0x0023  0000 0000 0010 0011 CPL = 3
在内核层中:

CS: 0x0008 0000 0000 0000 1000 CPL = 0
SS: 0x0010 0000 0000 0001 0000 CPL = 0
intel白皮书介绍如下:
Current privilege level (CPL) — The CPL is the privilege level of the currently executing program or task. It is stored in bits 0 and 1 of the CS and SS segment registers. Normally, the CPL is equal to the privilege level of the code segment from which instructions are being fetched. The processor changes the CPL when program control is transferred to a code segment with a different privilege level. The CPL is treated slightly differently when accessing conforming code segments. Conforming code segments can be accessed from any privilege level that is equal to or numerically greater (less privileged) than the DPL of the conforming code segment. Also, the CPL is not changed when the processor accesses a conforming code segment that has a different privilege level than the CPL.
2.DPL(Descriptor Privilege Level)

DPL: 存储在段形貌符中,规定了访问该段所需要的特权级别.
段形貌符高4字节13~14位
在应用层中:
CS: 0x001B 0000 0000 0001 1011 CPL = 3
对应段形貌符为:

00CFF(1111)B00 - 0000FFFF DPL = 3
intel白皮书对DPL在不同情况时权限介绍:
Descriptor privilege level (DPL) — The DPL is the privilege level of a segment or gate. It is stored in the DPL field of the segment or gate descriptor for the segment or gate. When the currently executing code segment attempts to access a segment or gate, the DPL of the segment or gate is compared to the CPL and RPL of the segment or gate selector (as described later in this section). The DPL is interpreted differently, depending on the type of segment or gate being accessed:
Data segment — The DPL indicates the numerically highest privilege level that a program or task can have to be allowed to access the segment. For example, if the DPL of a data segment is 1, only programs running at a CPL of 0 or 1 can access the segment.
Nonconforming code segment (without using a call gate) — The DPL indicates the privilege level that a program or task must be at to access the segment. For example, if the  DPL of a nonconforming code segment is 0, only programs running at a CPL of 0 can access the segment.
Call gate — The DPL indicates the numerically highest privilege level that the currently executing program or task can be at and still be able to access the call gate. (This is the same access rule as for a data segment.)
Conforming code segment and nonconforming code segment accessed through a call gate — The DPL indicates the numerically lowest privilege level that a program or task can have to be allowed to access the segment. For example, if the DPL of a conforming code segment is 2, programs running at a CPL of 0 or 1 cannot access the segment.
TSS — The DPL indicates the numerically highest privilege level that the currently executing program or task can be at and still be able to access the TSS. (This is the same access rule as for a data segment.)
3.RPL(Request Privilege Level)

RPL: 是针对段选择子而言的,每个段的选择子都有自己的RPL.
对应相同的段形貌符但是请求级别不同
mov ax,0x0008 1000 RPL = 0
mov ss,ax
mov ax,0x000B 1011 RPL = 3
mov ss,ax
intel白皮书介绍如下:
Requested privilege level (RPL) — The RPL is an override privilege level that is assigned to segment selectors. It is stored in bits 0 and 1 of the segment selector. The processor checks the RPL along with the CPL to determine if access to a segment is allowed. Even if the program or task requesting access to a segment has sufficient privilege to access the segment, access is denied if the RPL is not of sufficient privilege level. That is, if the RPL of a segment selector is numerically greater than the CPL, the RPL overrides the CPL, and vice versa. The RPL can be used to ensure that privileged code does not access a segment on behalf of an application program unless the program itself has access privileges for that segment.
4.数据段权限检查

CPL CPU当前的权限级别
DPL 如果你想访问我,你应该具备什么样的权限

RPL 用什么权限去访问 数据段的权限检查: CPL