A confusion about IA32 protected mode protecting kernel data.

A confusion about IA32 protected mode protecting kernel data.

Post by hush » Sat, 26 Oct 2002 16:34:42



From head.s which is the booting code setting GDT on IA32, data
segment of kernel and user program are both 0-4G.
Is kernel data protected by page access attribute??
For example , if user program want access 0xc1000000 and use user data
segment selector , this address is valid according to user segment
protected layer but will be invalid when it is used for forming
physical address according to page memory protected .
The access attribute of PDT adn PET forbid the linear address to read
from user program (By U/S bit ) .

Am I right ??  
The above assumption is based on IA32 architecture's flat memory model
which is used by linux kernel on IA32.

 
 
 

A confusion about IA32 protected mode protecting kernel data.

Post by Kasper Dupon » Sat, 26 Oct 2002 16:51:01



> From head.s which is the booting code setting GDT on IA32, data
> segment of kernel and user program are both 0-4G.
> Is kernel data protected by page access attribute??
> For example , if user program want access 0xc1000000 and use user data
> segment selector , this address is valid according to user segment
> protected layer but will be invalid when it is used for forming
> physical address according to page memory protected .
> The access attribute of PDT adn PET forbid the linear address to read
> from user program (By U/S bit ) .

> Am I right ??
> The above assumption is based on IA32 architecture's flat memory model
> which is used by linux kernel on IA32.

I think you are right about that. Segment selectors are build on top
of paging. Although the segment selector gives you access to the
entire linear address space, there is another level of testing on
the individual pages. The kernel pages are not accessible from user
mode, that is what protects the kernel from user mode programs, not
the segments. I think it could have been done with segments instead,
and was actually done so in earlier Linux versions.

--
Kasper Dupont -- der bruger for meget tid p? usenet.

Don't do this at home kids: touch -- -rf

 
 
 

A confusion about IA32 protected mode protecting kernel data.

Post by Joshua Jone » Sat, 26 Oct 2002 23:44:48



> The above assumption is based on IA32 architecture's flat memory model
> which is used by linux kernel on IA32.

In addition to what Kasper said, see chapter 2 of "Understanding
the Linux Kernel" for an explanation of segmentation, paging,
and all the*details.  Linux makes little use of segmentation.

--
 josh(at)intmain.net  |  http://www.veryComputer.com/

 37534 local keystrokes since last reboot (5 days ago)

 
 
 

A confusion about IA32 protected mode protecting kernel data.

Post by hush » Mon, 28 Oct 2002 11:53:22




> > The above assumption is based on IA32 architecture's flat memory model
> > which is used by linux kernel on IA32.

> In addition to what Kasper said, see chapter 2 of "Understanding
> the Linux Kernel" for an explanation of segmentation, paging,
> and all the*details.  Linux makes little use of segmentation.

Thanks first.
PDTs are not the same for each process. In linux , I know the PDT
entries corresponding to kernel space in each user process are copied
from kernel ,so they are always the same.

This 4k space for PDT table are created when user process is created ???
The space of PET tables is created when page faults happen.
Is is true ??

 
 
 

A confusion about IA32 protected mode protecting kernel data.

Post by Joshua Jone » Mon, 28 Oct 2002 15:08:35



> PDTs are not the same for each process. In linux , I know the PDT
> entries corresponding to kernel space in each user process are copied
> from kernel ,so they are always the same.

> This 4k space for PDT table are created when user process is created ???
> The space of PET tables is created when page faults happen.

As far as I know, each process does not have its own LDT (local
descriptor table) by default, though one can be made if you so
desire.  Each process _does_ have task state segment (TSS) that
is pointed to by the GDT (global descriptor table).  The TSS
for each process is created when the process is created by the
kernel ( see set_tss_desc() ).

--
 josh(at)intmain.net  |  http://intmain.net

 48947 local keystrokes since last reboot (7 days ago)

 
 
 

A confusion about IA32 protected mode protecting kernel data.

Post by hush » Tue, 29 Oct 2002 00:36:23




> > The above assumption is based on IA32 architecture's flat memory model
> > which is used by linux kernel on IA32.

> In addition to what Kasper said, see chapter 2 of "Understanding
> the Linux Kernel" for an explanation of segmentation, paging,
> and all the*details.  Linux makes little use of segmentation.

Thanks both of u .

Are each user process  allocated PDT table when it is created , but no
space for PET tables which is created in page faults ??

 
 
 

A confusion about IA32 protected mode protecting kernel data.

Post by Joshua Jone » Tue, 29 Oct 2002 11:13:21



> Are each user process  allocated PDT table when it is created , but no
> space for PET tables which is created in page faults ??

PDT == Process Descriptor Table, right?
PET == ?

--
 josh(at)intmain.net  |  http://intmain.net

 51107 local keystrokes since last reboot (8 days ago)

 
 
 

A confusion about IA32 protected mode protecting kernel data.

Post by Tim Robert » Tue, 29 Oct 2002 13:31:43




>> Are each user process  allocated PDT table when it is created , but no
>> space for PET tables which is created in page faults ??

>PDT == Process Descriptor Table, right?
>PET == ?

My ASSUMPTION is that Hushui is trying to ask about the two levels of page
tables: the Page Directory, which contains Page Directory Entries (PDE),
and the Page Tables, which contin Page Table Entries (PTE).

It would be nice to confirm this so that we are actually answering the
questions he/she is trying to ask.
--

  Providenza & Boekelheide, Inc.

 
 
 

A confusion about IA32 protected mode protecting kernel data.

Post by hush » Tue, 29 Oct 2002 18:35:35




> > Are each user process  allocated PDT table when it is created , but no
> > space for PET tables which is created in page faults ??

> PDT == Process Descriptor Table, right?
Yes.
> PET == ?

Sorry , a mistake .
I mean Page Table —An array of 32-bit page-table entries (PTEs)
contained in a 4-KByte page. Each entry represents 4k emory space on
IA32 architecture .
 
 
 

A confusion about IA32 protected mode protecting kernel data.

Post by hush » Tue, 29 Oct 2002 22:37:02





> >> Are each user process  allocated PDT table when it is created , but no
> >> space for PET tables which is created in page faults ??

> >PDT == Process Descriptor Table, right?
> >PET == ?

> My ASSUMPTION is that Hushui is trying to ask about the two levels of page
> tables: the Page Directory, which contains Page Directory Entries (PDE),
> and the Page Tables, which contin Page Table Entries (PTE).

Yes. This is also what I assume .
Quote:

> It would be nice to confirm this so that we are actually answering the
> questions he/she is trying to ask.

 
 
 

1. switch from protected mode to real mode in kernel

Does anyone have code that would show how to switch from protected mode
back to 8086 compatible real mode that x86 processors always start in?
I would be doing this at the end of a shutdown before the kernel would
otherwise do its final halt/reboot.

--
| Phil Howard - KA9WGN | for headlines that | Just say no to absurd patents |

| Dallas - Texas - USA | linuxhomepage.com  | Shop http://bn.com/ instead   |

2. Things that broke upgrading 1.2.13 -> 1.3.xx (add yours here)

3. Filesystem semantics protecting meta data ... and users data

4. Gigabyte GA-7DXR probs

5. kernel and protected mode

6. Network access fails in RH9 with large file transfers

7. linux->real mode-> boot other OS in protected mode

8. System reboots after ramdisk begins kernel uncompress

9. How to enter VGA 12H mode from protected mode?

10. What is a protected mode?

11. - CERN WWW server - protected mode - help

12. More trouble protecting data segment

13. Some question oi protected mode on PC?.