Architectural Aid to Secure Systems Engineering - X86 Protected Mode Details

Architectural Aid to Secure Systems Engineering - X86 Protected Mode Details
Slide Note
Embed
Share

This session delves into the intricacies of X86 protected mode, focusing on addressing, segment limits, process execution, interprocess protection, privilege levels, and code segment privilege association. Learn about logical addressing, segment descriptors, privilege assignment, and more in securing systems engineering.

  • Systems Engineering
  • Security
  • X86 Architecture
  • Privilege Levels
  • Interprocess Protection
keit_nna
keit_nna Follow

Uploaded on Apr 20, 2025 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. Information Security - 2 Topic: Architectural Aid to Secure Systems Engineering V. Kamakoti RISE LAB, Department of Computer Science and Engineering IIT Madras SESSION 10: X86 PROTECTED MODE DETAILS

  2. Protected Mode Addressing Logical Address SELECTOR OFFSET Descriptor Table Base Address Segment Descriptor Linear Address

  3. A process always executes from Code segment. It should not execute by accessing from adjoining Data or stack area or any other code area too. A stack should not overgrow into adjoining segments 500 Every segment is specified a start address and limit. CS 1000 Architecture checks if limit is not exceeded. ES 1500 SS 2000 jmp CS:250 //This is fine jmp CS:501 //This is a violation as limit is 500 mov [ES:498], AX //This is fine mov [ES:498], EAX //This is a violation!!! PUSH AX //Let SP be 498, it is fine PUSH EAX //Let SP be 498, violation POP AX //Let SP be 2, it is fine POP EAX //Let SP be 2, Violation!!! Intra and Inter process Protection

  4. Process 1 should be prevented from loading CS, such that it can access the code of Process 2 Process 1 CS CS Process 1 DS Process 2 CS Similarly for the DS,SS, ES, FS and GS DS Process 2 SS Privilege levels: [0-3] assigned to each segment. SS Process 2 DS Process 1 SS 0: Highest privilege 3: Lowest privilege Interprocess Protection

  5. Privilege levels and Protection Every segment has an associated privilege level and hence any code segment will have an associated privilege level. The CPL (Current Privilege Level) of a process is the privilege level of the code segment, the code stored in which, it is executing. A process can access segments that have privilege levels numerically greater than or equal to (less privileged than) its CPL.

  6. End of Session-10 Thank You

Related


Understanding Financial Aid Essentials

Understanding Financial Aid Essentials

carolyn
Memory Virtualization in Operating Systems

Memory Virtualization in Operating Systems

kitty
System Management Mode (SMM) in x86 Processors

System Management Mode (SMM) in x86 Processors

justice
Common Myths About Financial Aid Debunked at Norco College

Common Myths About Financial Aid Debunked at Norco College

ailis
Flash Descriptor in x86 Systems

Flash Descriptor in x86 Systems

marija
x86-64 Procedures and Data Structures

x86-64 Procedures and Data Structures

ftim
Care Experience as a Protected Characteristic

Care Experience as a Protected Characteristic

mwink
Legal Aid and Access to Justice

Legal Aid and Access to Justice

kindrick
Software Architectural Design in Computer-Based Systems

Software Architectural Design in Computer-Based Systems

zenner_d
SMI Suppression in x86 BIOS Management

SMI Suppression in x86 BIOS Management

paccione_j
Assessing Forest Loss in Protected Areas: A Philippines Case Study

Assessing Forest Loss in Protected Areas: A Philippines Case Study

mdem
X86 ISA Flags in System Security

X86 ISA Flags in System Security

scol
Architectural Engineering: Design, Responsibilities, and Opportunities

Architectural Engineering: Design, Responsibilities, and Opportunities

maldonado_j
Evolution of Intel x86 Processors

Evolution of Intel x86 Processors

laticia
Intel x86 Evolution and Programming

Intel x86 Evolution and Programming

zakh_33
Input, Output, and Automation in x86 Proved by Jason Gross and Andrew Kennedy

Input, Output, and Automation in x86 Proved by Jason Gross and Andrew Kennedy

nory
Advanced x86: BIOS and System Management Mode Internals

Advanced x86: BIOS and System Management Mode Internals

dekeyser_a
Introduction to Intel x86-64 Assembly and Alliteration Applications

Introduction to Intel x86-64 Assembly and Alliteration Applications

nvosb
Introduction to Intel x86-64 Assembly and Architecture

Introduction to Intel x86-64 Assembly and Architecture

jaon270
Architectural Aid to Secure Systems Engineering: Task Switching and Interrupt Service

Architectural Aid to Secure Systems Engineering: Task Switching and Interrupt Service

macaulay_c
Advanced x86: BIOS and System Management Internals Boot Process

Advanced x86: BIOS and System Management Internals Boot Process

jroth
Advanced.x86: BIOS and System Management Mode Internals

Advanced.x86: BIOS and System Management Mode Internals

kmes

More Related Content