Linux - KernelThis forum is for all discussion relating to the Linux kernel.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have some questions in x86 protection Mechanism.
We have RPL for data segment selectors.
From where is the RPL loaded into the segment selector?. Is it stored in the process descriptor or the Segment Descriptor of that Data segment?
A logical address consists of a 16-bit segment selector (supplying 13+1 address bits) and a 16-bit offset. The segment selector must be located in one of the segment registers. That selector consists of a 2-bit Requested Privilege Level (RPL), a 1-bit Table Indicator (TI), and a 13-bit index.
When attempting address translation of a given logical address, the processor reads the 64-bit segment descriptor structure from either the Global Descriptor Table when TI=0 or the Local Descriptor Table when TI=1. It then performs the privilege check:
max(CPL, RPL) ≤ DPL
where CPL is the current privilege level (found in the lower 2 bits of the CS register), RPL is the requested privilege level from the segment selector, and DPL is the descriptor privilege level of the segment (found in the descriptor). All privilege levels are integers in the range 0–3, where the lowest number corresponds to the highest privilege.
If the inequality is false, the processor generates a general protection (GP) fault.
There are several different types of segments on the x86 and this protection mechanism applies to each one. The segment reference is either express or implied, as the case may be, but each segment-register's content and the information that it points to specifies the protection that is to apply when the processor uses that segment (register), for that purpose.
The idea is that when the OS/kernel does something on behalf of user code, it could access memory using user code's privileges (RPL would reflect, well, the Requestor's Privilege Level, user code's level). If they are insufficient, an exception fails the operation. If this (or similar) mechanism isn't there, user code may subvert the OS/kernel by somehow requesting an operation to be performed on its behalf and the operation would be performed by the kernel with its, kernel's, privileges.
... and there were several comments made by others in response to this.
Thanks for replying. Actually I had gone through the stackoverflow post. So one question on it.
When we say that , its the user code priviledge level, the processor has to somehow find out what was the user's priviledge level. So on x86 how can he find out.
And one more thing,
Kernel can access user data segment -> iilegally
-> Legally - Using get_user_pages. So in either of the cases how is the RPL set so that access to kernel are prohibited/allowed? I mean logically , for each data segment their should be something permission info stored somewhere like process descriptor or some location , from where it is picked and set as the RPL so access by kernel are monitored.
I am somehow missing the connecting links in my understanding. Can you please help me out. Thanks in Advance!!
Read the quoted text again: all the information that you are looking for is right there.
The kernel usually operates at "ring 0," which in less-enlightened processor designs would mean that "it has access to everything" and therefore would constantly have to check, in kernel software, whether a particular chunk of memory should be accessible to the user or not. Instead of this, the x86 architecture can perform the test ... and will throw a general profection fault (GPF), even to the kernel, which the kernel must be prepared to catch.
(When it doesn't, you get things like "unable to handle kernel paging request ...".)
The processor defines, on a segment level and a segment-register level, three privilege-level numbers:
CPL: The privilege level of the CPU at the time.
[b]RPL:{/b] The privilege level requested by the software.
DPL: The privilege-level of the segment being accessed.
Now, notice how max(CPL, RPL) makes the whole thing very efficient:
The user, operating (say) at "ring 3" (CPL=3), can never "get too big for its britches." This much is just ordinary protectiveness.
The kernel, operating at "ring 0" (CPL=0), now has the ability to make memory requests on behalf of the user, knowing that a GPF will occur (in kernel mode ...) if the user is not privileged to access that data. Instead of being forced to constantly check, it too can rely upon the interrupt mechanism to treat invalid references as what they are ... "the exception, rather than the rule."
Within the kernel, there is literally a list of places where a GPF is allowed to occur within kernel-space, with information to tell the kernel what to do about it.
Memory access by the kernel is still complicated by the fact that page-faults could occur if the user-requested data is not in memory at the time, and by the possibility that there are more CPUs/cores involved, and by the special dispatching rules that apply to kernel code (and kernel-task vs. not).
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.