background image

5-12 Vol. 3A

PROTECTION

The RPL of the segment selector that points to a nonconforming code segment has a limited effect on the privilege 
check. The RPL must be numerically less than or equal to the CPL of the calling procedure for a successful control 
transfer to occur. So, in the example in Figure 5-7, the RPLs of segment selectors C1 and C2 could legally be set to 
0, 1, or 2, but not to 3.
When the segment selector of a nonconforming code segment is loaded into the CS register, the privilege level field 
is not changed; that is, it remains at the CPL (which is the privilege level of the calling procedure). This is true, even 
if the RPL of the segment selector is different from the CPL.

5.8.1.2  

Accessing Conforming Code Segments

When accessing conforming code segments, the CPL of the calling procedure may be numerically equal to or 
greater than (less privileged) the DPL of the destination code segment; the processor generates a general-protec-
tion exception (#GP) only if the CPL is less than the DPL. (The segment selector RPL for the destination code 
segment is not checked if the segment is a conforming code segment.)
In the example in Figure 5-7, code segment D is a conforming code segment. Therefore, calling procedures in both 
code segment A and B can access code segment D (using either segment selector D1 or D2, respectively), because 
they both have CPLs that are greater than or equal to the DPL of the conforming code segment. For conforming 
code segments, the DPL represents the numerically lowest privilege level that a calling procedure may 
be at to successfully make a call to the code segment.
(Note that segments selectors D1 and D2 are identical except for their respective RPLs. But since RPLs are not 
checked when accessing conforming code segments, the two segment selectors are essentially interchangeable.)
When program control is transferred to a conforming code segment, the CPL does not change, even if the DPL of 
the destination code segment is less than the CPL. This situation is the only one where the CPL may be different 
from the DPL of the current code segment. Also, since the CPL does not change, no stack switch occurs.
Conforming segments are used for code modules such as math libraries and exception handlers, which support 
applications but do not require access to protected system facilities. These modules are part of the operating 
system or executive software, but they can be executed at numerically higher privilege levels (less privileged 
levels). Keeping the CPL at the level of a calling code segment when switching to a conforming code segment 

Figure 5-7.  Examples of Accessing Conforming and Nonconforming Code Segments From Various Privilege Levels

Code

Segment D

Code

Segment C

Code

Segment A

Lowest Privilege

Highest Privilege

CPL=3

Code

Segment B

Nonconforming

Code Segment

Conforming

Code Segment

3

2

1

0

CPL=2

DPL=2

DPL=1

Segment Sel. D1

RPL=2

Segment Sel. D2

RPL=3

Segment Sel. C2

RPL=3

Segment Sel. C1

RPL=2