Vol. 3A 5-13
PROTECTION
prevents an application program from accessing nonconforming code segments while at the privilege level (DPL) of
a conforming code segment and thus prevents it from accessing more privileged data.
Most code segments are nonconforming. For these segments, program control can be transferred only to code
segments at the same level of privilege, unless the transfer is carried out through a call gate, as described in the
following sections.
5.8.2 Gate
Descriptors
To provide controlled access to code segments with different privilege levels, the processor provides special set of
descriptors called gate descriptors. There are four kinds of gate descriptors:
•
Call gates
•
Trap gates
•
Interrupt gates
•
Task gates
Task gates are used for task switching and are discussed in Chapter 7, “Task Management”. Trap and interrupt
gates are special kinds of call gates used for calling exception and interrupt handlers. The are described in Chapter
6, “Interrupt and Exception Handling.” This chapter is concerned only with call gates.
5.8.3 Call
Gates
Call gates facilitate controlled transfers of program control between different privilege levels. They are typically
used only in operating systems or executives that use the privilege-level protection mechanism. Call gates are also
useful for transferring program control between 16-bit and 32-bit code segments, as described in Section 21.4,
“Transferring Control Among Mixed-Size Code Segments.”
Figure 5-8 shows the format of a call-gate descriptor. A call-gate descriptor may reside in the GDT or in an LDT, but
not in the interrupt descriptor table (IDT). It performs six functions:
•
It specifies the code segment to be accessed.
•
It defines an entry point for a procedure in the specified code segment.
•
It specifies the privilege level required for a caller trying to access the procedure.
•
If a stack switch occurs, it specifies the number of optional parameters to be copied between stacks.
•
It defines the size of values to be pushed onto the target stack: 16-bit gates force 16-bit pushes and 32-bit
gates force 32-bit pushes.
•
It specifies whether the call-gate descriptor is valid.
The segment selector field in a call gate specifies the code segment to be accessed. The offset field specifies the
entry point in the code segment. This entry point is generally to the first instruction of a specific procedure. The
DPL field indicates the privilege level of the call gate, which in turn is the privilege level required to access the
Figure 5-8. Call-Gate Descriptor
31
16 15
13
14
12 11
8 7
0
P
Offset in Segment 31:16
D
P
L
Type
0
4
31
16 15
0
Segment Selector
Offset in Segment 15:00
0
Param.
0
0
1
1
P
DPL
Gate Valid
Descriptor Privilege Level
Count
4
5
6
0 0 0