本文主要是介绍保护模式下DPL,RPL,CPL的区别,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!
1.当前特权CPL(Current Privilege Level)
CPL是当前进程的权限级别(Current Privilege Level),是当前正在执行的代码所在的段的特权级,存在于cs寄存器的低两位。
2.描述符特权级DPL(Descriptor Privilege Level)
DPL存储在段描述符中,规定访问该段的权限级别(Descriptor Privilege Level),每个段的DPL固定。
3.请求特权级RPL(Request Privilege Level)
RPL保存在选择子的最低两位。RPL说明的是进程对段访问的请求权限,意思是当前进程想要的请求权限。RPL的值由程序员自己来自由的设置,并不一定RPL>=CPL,但是当RPL<CPL时,实际起作用的就是CPL了,因为访问时的特权检查是判断:EPL=max(RPL,CPL)<=DPL是否成立,所以RPL可以看成是每次访问时的附加限制,RPL=0时附加限制最小,RPL=3时附加限制最大。所以你不要想通过来随便设置一个RPL来访问一个比CPL更内层的段。
对于为甚麽在CPL之外在增加一个RPL的原因:
Intel手册上的解释为:The RPL can be used to insure that privileged code does not access a segment on behalf of an application program unless the program itself has access privileges for that segment.
(RPL能够用来确保具有特权级的代码不会代表另一个应用程序去访问一个段,除非那个应用程序具有访问那个段的权限.)
比方说:A进程的DPL为0,C进程的DPL为1,现在有一个B进程他的DPL为2,这B进程想委托A进程去访问C的数据,如果没有RPL的话这样的委托访问是可以成功的,但这样是非常不安全的。有了RPL以后A进程在访问C的时候还要受到RPL的约束,此时可以将访问C的选择子的RPL设为B的DPL,这样A的访问权限就相当为EPL=max(RPL,DPL)=2,这样他就无法代表B去越权访问C了。
在网上还有一个形象的例子,一起贴出来:
一个农民(低特权级)请县长(高特权级)打听一种超级种子,如果找到的话帮忙拿一点回来,听闻这种超级种子可让收成倍增。县长说:好!我认识很多当官的,我可以帮你打听一下哪里有,但是有些地方如果需要表示身分的话我只能说我是农民的代理人。县长利用自己的身份很容易找到了种子在哪里---找的时候没有人问起他代表谁。县长问种子管理员可不可以给他一点,管理员说种子不能给农民因为种子还在试验阶段,我们可以给县长让他们带回当地的专家来帮忙一起做试验,但是一定要县长来申请。那你是谁?县长说我是农民的代理人,因为县长保证他会这样回答的(他也不知道那农民是不是专家),管理员当然不给。县长没办法只能告诉农民拿不到种子。这件事里面县长是以县长的身份帮农民找到种子,但需要表示身分的时候他说只是农民的代理人。这样做县长可以帮人但也不会给别人利用。(农民可能把种子拿回来卖钱也说不定,没人知道)
在这里RPL就是县长的另一个身份---农民的代理人也就是农民---他会带在身上,人家没有问他的时候他不会告诉别人,所以别人也就以县长的身分来看待他。当查身份的时候他才告诉你---我是农民的代理人。
A privilege level in the x86 instruction set controls the access of the program currently running on the processor to resources such as memory regions, I/O ports, and special instructions. There are 4 privilege levels ranging from 0 which is the most privileged, to 3 which is least privileged. Most modern operating systems use level 0 for the kernel/executive, and use level 3 for application programs. Any resource available to level n is also available to level 0..n, so the privilege levels are "rings". Privilege levels appear in several places in the x86 architecture, including:
Segment descriptors contain a field called the descriptor privilege level (DPL). This is the numerically highest level that can access the resource.
Segment selectors contain a field called the requested privilege level (RPL). This allows a program to request a resource at a lower privilege level than it would otherwise use.
The Current Privilege Level (CPL) is the level the processor is currently operating at. It is stored in the lowest 2 bits of thecode segment selector (CS).
The processor automatically evaluates the right of a procedure to access another segment by comparing the CPL to the numeric max of the RPL and DPL. If the CPL>MAX(RPL, DPL), then a general protection fault is generated. Seememory segment for more details.
It is not necessary to use all four privilege levels. Existing software that was designed to use only one or two levels of privilege can simply ignore the other levels offered by the 80386 and later processors. A one-level system should use privilege level zero; a two-level system should use privilege levels zero and three.
The IOPL (I/O Privilege level) flag is a flag found on all IA-32 compatible x86 CPUs. It occupies bits 12 and 13 in the FLAGS register. In protected and long mode, it shows the I/O privilege level of the current program or task. The CPL (Current Privilege Level) of the task or program must be less than or equal to the IOPL in order for the task or program to access I/O ports.
The IOPL can be changed using PUSHF and POPF only when the task changing it is in Ring 0.
Besides IOPL, the I/O Permission Bitmap also takes part in determining the ability of a task to access an I/O port.
这篇关于保护模式下DPL,RPL,CPL的区别的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!
