Reputation: 5520
Segment Descriptor vs Gate descriptors
Can anyone please explain me precise difference between Segment descriptor and Gate descriptor? I am trying to go through Intel manuals but not able to figure out why exactly we need Gate descriptor? What facility or support mechanism is it providing other than segment descriptors? We can do the priviledge level check when we are trying to access the segment descriptors also right? Moreover I guess Linux and Windows dont use the Call gate descriptor. Or is it kind of one more layer of protection before we get access to segment descriptor? I want to know the precise difference and the need of gate descriptors.
Upvotes: 1
Views: 1656
Answers (1)
Reputation: 6413
Segment descriptor specifies segment to be used for addressing. Segment is either predefined by instruction (movsb, scasb), predefined by instruction form (used in real mode, for example bp addressing is based on ss) or overridden by segment overrride prefix. Segment descriptors are stored in (G|L)DT.
Gate descriptor is usually matter of IDT. We know Interrupt gates (used for HW), Trap gates (these are for processor exceptions and software interrupts) and Task gates (used for HW task switching). Difference between them is very small (Interrupt gates prohibit another interrupts until actual is done), but in IDT they have different bit representation.
Call gates are another chapter. They reside in LDT/GDT and not in IDT. Their Type bit field must be set to 1100b and they don't have base and limit, but another segment selector that should be used for code, and offset in that segment.
Basic functions of call gate: is specifies ...
- Target code segment (index of another segment descriptor stored in descriptor table)
- Entry point for any procedure that can be used by code with some minimal privilege level (using
offsetfield) - Number of optional parameters to be copied between stacks when task switch occurs (5 bits are reserved for this purpose, so max. value is 31)
- Size of values on the stack (16/32 bit)
Functions list is from here.
Modern operating system don't usually use call gates, but trap gates stored in IDT, because they are faster. These "traps" are called using int or sysenter (and return is performed using iret/iretd or sysexit). If you wanted to use call gate, you would need gate descriptor in GDT/LDT, jump far to enter call gate and ret far to return back. Note that sysenter and sysexit instructions transfer control only between kernel ring (0) and user ring (3), while call gates don't have these limitations.
Upvotes: 2
Related Questions
- Segmentation registers use
- Are IA-32 segment descriptors that do not cover the full 4GiB linear address space slower?
- Can there be multiple segment descriptors for one segment?
- Why aren't bits 11 and 12 of a segment descriptor grouped together?
- x86 segment descriptor layout - why is it weird?
- why kernel descriptors are organised in such a way?
- Global Descriptor Table location
- Why have the first segment descriptor of the global descriptor table contain only zeroes?
- What is the advantage of using segment registers (today)?
- Segment definitions for linux on x86