3-4 Vol. 3A

PROTECTED-MODE MEMORY MANAGEMENT

More complexity can be added to this protected flat model to provide more protection. For example, for the paging 
mechanism to provide isolation between user and supervisor code and data, four segments need to be defined: 
code and data segments at privilege level 3 for the user, and code and data segments at privilege level 0 for the 
supervisor. Usually these segments all overlay each other and start at address 0 in the linear address space. This 
flat segmentation model along with a simple paging structure can protect the operating system from applications, 
and by adding a separate paging structure for each task or process, it can also protect applications from each other. 
Similar designs are used by several popular multitasking operating systems.

3.2.3 Multi-Segment 

Model

A multi-segment model (such as the one shown in Figure 3-4) uses the full capabilities of the segmentation mech-
anism to provide hardware enforced protection of code, data structures, and programs and tasks. Here, each 
program (or task) is given its own table of segment descriptors and its own segments. The segments can be 
completely private to their assigned programs or shared among programs. Access to all segments and to the 
execution environments of individual programs running on the system is controlled by hardware.

Figure 3-3.  Protected Flat Model

Linear Address Space

(or Physical Memory)

Data and

FFFFFFFFH

Segment

Limit

Access

Base Address

Registers

CS

ES

SS

DS

FS

GS

Code

0

Segment

Descriptors

Limit

Access

Base Address

Memory I/O

Stack

Not Present