1 / 20

Segmentation

Segmentation. Hardware Support single user program system: wish somehow to relocate address 0 to after operating system in memory can then compile and run program as if from address 0 automatic hardware relocation: a Relocation Base Register (RBR)

jenny
Download Presentation

Segmentation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Operating Systems: Segments Segmentation Hardware Support • single user program system: • wish somehow to relocate address 0 to after operating system in memory • can then compile and run program as if from address 0 • automatic hardware relocation: • a Relocation Base Register (RBR) • contents added in to every address before use • set to 0 when running operating system • set to address after operating system when running user program • program generates virtual addresses • become physical addresses after adding in the RBR contents address 0 for op. sys. operating system address 0 for user prog. user program

  2. Operating Systems: Segments RBR 100000 • used on the English Electric KDF9 • first ever mainframe in the University of Edinburgh - 1968 • operating system very small and simple – called the Director • RBR cleared when system call to Director and restored when returning to user • 48-bit words, zero-addressing for pushdown/popup evaluation stack • also used on the DEC System-10 • 36-bit words • first mainframe in Dept. of Computer Science - 1973 • used for Computer Aided Design memory virtual address 2345 physical address 102345 + CPU

  3. Operating Systems: Segments • multiprogramming system: • each program must be prevented from accessing another program’s area • a Limit Register in addition to RBR: • all virtual addresses must be less than a limit – the partition size • an exception generated into the operating system when limit violated • each program has its own base and limit values • limit value is a virtual limit • hence limit check and base address addition can operate concurrently Op. Sys. Partition 1 Partition 2 Partition 3 Limit RBR memory yes virtual address + CPU < no

  4. Operating Systems: Segments • Multiple base and limit registers • separate pairs for each module e.g. code, data: code: data: • in effect Segment Registers • CPU knows whether code or data access requested • hence can relocate using the correct base and limit pair RBRcode LRcode RBRdata LRdata LRcode LRdata code data RBRcode RBRcode

  5. Operating Systems: Segments • Example : Intel 8086 (and Pentium real-address mode) • a 16-bit machine with 16-bit registers : • appropriate segment registers are selected implicitly • executing code addresses imply code segment register • stack operations imply stack segment register • others depend on the registers used in the instruction: 15 0 7 0 7 0 CS code segment selector AX AH AL multiply, divide & I/O DS data segment selector DX DH DL SS stack segment selector CX CH CL loop, shift, repeat & count ES extra segment selector BX BH BL base registers BP 15 0 SI F flags index registers DI IP instruction pointer SP MSW stack pointer machine status word Register SP BP BX SI DI BP+SI/DI BX+SI/DI Implied Segment SS SS DS DS DS SS SS ES for string operations

  6. Operating Systems: Segments • implicit segment register selection can be overridden with an instruction prefix • new values can be loaded into segment registers at any time • segments are all 64Kb in length • physical address calculation: • CPU addresses generated are 16-bits – regarded as within-segment offset • segment register value shifted left 4 and added to within-segment offset: • no variable size segments and no limit checking • segments can overlap in memory • no differential read/write/execute protection 19 18 17 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0 base 0 0 0 0 0 + 19 18 17 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0 offset 0 0 0 0 = base 20 19 18 17 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0 64K segment linear address

  7. Operating Systems: Segments • Segment Tables • an indexed array of base & limit pairs: • virtual address partitioned into two parts • position of partition defines maximum number of segments and their size • other information also present in each index entry • presence bit – whether this segment exists and has a valid base and limit • protection bits – to allow read/write/execute etc. for this segment • cacheable bit – to allow data in this segment to be cached or not base limit 0 1 2 3 virtual address segment number within-segment offset

  8. Operating Systems: Segments 0x000000 • Example – 1Mb segments : main program main program 0x000000 0x100000 0x0A0000 library data 0 1 2 3 4 0x000000 0x0A0000 0x200000 0x1C0000 0x080000 0x1C0000 - - library 0x0A0000 0x0C0000 0x300000 data 0x300000 0x100000 . . . . 0x300000 0x400000 stack stack physical address space . . . . virtual address space

  9. Operating Systems: Segments Process 1 • Shared segments: process 1 segment table 0x000000 main program 1 0 1 0x000000 0x0A0000 0x000000 main program 1 0x1C0000 0x080000 - - 0x100000 shared library . . . . 0x0C0000 main program 2 process 1 virtual address space 0x1C0000 shared library Process 2 process 2 segment table 0x000000 main program 2 0 1 2 0x0C0000 0x0B0000 - - 0x1C0000 0x080000 0x100000 . . . . 0x200000 shared library physical address space process 2 virtual address space

  10. Operating Systems: Segments • Example : the ARM processor MMU : • 12-bit section (segment) number, 20-bit offset • Translation Table Base is a loadable processor register • new value loaded whenever running process switched • translation table (segment table) contains descriptors for sections

  11. Operating Systems: Segments • level-one descriptor formats : • AP : access permission bits, read/write, no access etc. • together with other processor register bits R and S • Domain : level of access control, client/manager etc. • C : cacheable bit • B : bufferable bit – write-through write buffer enable bit • paging also possible • two page sizes available, 4Kb and 1Mb blocks

  12. Operating Systems: Segments • the full translation process for sections :

  13. Operating Systems: Segments • Example : Intel Pentium protected mode : • 32-bit registers with 16 and 8 bit versions available for backwards compatibility • implicit segment register selection as on 8086 • running program must ensure segment registers loaded with correct selectors • a selector is an index into a Descriptor Table • a descriptor table acts as a segment table but many other types of descriptor also exist: • e.g. call, interrupt, trap and task gates 15 7 0 15 0 31 EAX AX AH AL CS code segment selector DH DL EDX DX DS data segment selector SS ECX CH CL CX stack segment selector BH BL ES EBX BX BP FS EBP extra segment selectors GS ESI SI EDI DI status and control registers 31 0 ESP SP EFLAGS EIP

  14. Operating Systems: Segments 15 3 2 1 0 • selector structure : • TI : table indicator, 0 = Global Descriptor Table, 1 = Local Descriptor Table • RPL : Requestor Privilege Level, 00 = most privileged, 11 = least privileged TI RPL index Global Descriptor Table Base Register Local Descriptor Table Base Register base address limit base address limit Global Descriptor Table Local Descriptor Table

  15. Operating Systems: Segments • two descriptor tables : • one for kernel segments and gates • same table used all the time • each process has its own local descriptor table • saves reloading base register each time kernel entered • one for each process segments and gates • local descriptor table base register changed as running process switched • selector index (13 bits) + TI bit + within-segment offset (32 bits) • effectively give a 46-bit virtual address : 15 3 31 0 selector offset 31 0 base address + segment descriptor linear address 36-bit linear address also possible on Pentium II up descriptor table

  16. Operating Systems: Segments 31 30 29 28 27 26 25 24 23 22 21 20 19 18 17 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0 • descriptor table segment entry : • base : segment base address • G : granularity : • 0 = segment limit expressed in bytes, from 1 byte to 1Mb • 1 = segment limit expressed in 4Kb units, from 4Kb to 4Gb • D : default operation size, 0 = 16-bit, 1 = 32-bit • for backwards compatibility • P : presence bit • DPL : descriptor privilege level • S : system/application descriptor type • type : segment type • for access control seg lim (19:16) base (31:24) G D P DPL S type base (23:16) base address (15:0) segment limit (15:0)

  17. Operating Systems: Segments • A bit : set when selector has been loaded into a segment register • expand-down for stacks etc. • the limit check reversed • conforming associated with changing privilege levels in new segments

  18. Operating Systems: Segments • when a program loads a selector into a segment register : • hardware uses selector value to index into appropriate descriptor table and loads base and limit values into invisible part of the segment register: • access permission to segment validated at time of loading segment register • never needs to be done again whilst that segment is in use • much more efficient • checks involve: • processes current privilege level (CPL) • descriptor privilege level (DPL) • requestor privilege level (RPL) visible part invisible part CS selector base address, limit etc. DS SS ES FS GS

  19. Operating Systems: Segments • CPL is held in the two lowest bits of the code segment (CS) register • normally is the same as the privilege level of the current code segment • except for conforming segments called from a less privileged level • changes when control passes to a code segment with a different privilege level • instructions may only load a segment register if CPL  DPL • i.e. process has a greater or equal level of privilege as the segment • Rings of Protection • RPL is in the segment selector • represents the privilege level of the procedure which created the selector • when RPL  CPL, this value overrides the CPL for accesses using that selector • used to guard against a security violation in which a less privileged program requests a more privileged program to access protected data • data can be given a lower privilege RPL to protect it, even though the program doing the accessing might otherwise have sufficient privilege to do so higher privilege 0 1 2 3 lower privilege

  20. Operating Systems: Segments • Multitasking on Pentiums • Task State Segment (TSS) • for each process, holds volatile context (PCB) for that process • a segment with a descriptor in the Global Descriptor Table • Task Register (TR) • identifies the current TSS • Interrupt Descriptor Table Register (IDTR) • a segment register for the segment which holds the Interrupt Descriptor Table • when an interrupt occurs, this table is used as an interrupt vector

More Related