iAPX 286 Operating System Writers Guide 1983

More documents

Recommendations

Info

inter INTRODUCTION TO PROTECTED MULTITASKING ON THE iAPX 286Applied to procedures, privilege level is a measure of the degree to which you trust a procedure not tomake a mistake that might affect other procedures or data. Applied to data, privilege level is a measureof the protection you think a data structure should have from less trusted procedures.Privilege level also applies to instructions. Certain instructions (those that deal with system tables,interrupts, and I/O, for example) have such an effect on the system as a whole that only highly trustedprocedures should have the right to use them.Levels of SegmentsWith regard to privilege, you can view the segments of a task as being grouped into four levels. Levelzero is for the most privileged procedures and the most private data; level three is for the least trustedprocedures and the most public data. You (or your operating system) associate each segment of eachtask with one of these four levels of privilege. The privilege level of a segment applies to all the proceduresor all the data in that segment. Figure 1-3 illustrates the logical segregation of segments intoprivilege levels. (Later chapters explain why operating-system segments are included within the task.)LDTPL~OPL~OPL~O}PRIVILEGELEVELoPRIVILEGELEVEL1PRIVILEGELEVEL2PRIVILEGELEVEL3PL~lPL~lPL~l}PL~lPL~2PL~2PL~2PL~2PL~2PL~3PL~3}~DATABASEMANAGER~~PL~3PL~3PL~3PL~3PL~3121960-41Figure 1-3. Segment Segregation by Privilege Level within a Task1-4121960-001
INTRODUCTION TO PROTECTED MULTITASKING ON THE iAPX 286Rules of PrivilegeThe 80286 processor controls access to both data and procedures between levels of a task. These rulesdefine access rights:• Data can be accessed only from the same or a more privileged level.• A procedure can be called only from the same level (or from a less privileged level, if the service isdeliberately "exported" to that level. Refer to gates in Chapter 2.).SOFTWARE SYSTEM STRUCTUREThe way you choose to distribute software and data among tasks and privilege levels affects the reliability,efficiency, and flexibility of your system. Operating-system modules may be segregated intotheir own tasks or may be distributed among and shared by every task. Some advantages of placingoperating-system modules in separate tasks are• Finer granularity of protection is achieved by using task separation as well as privilege levels.• Operating-system functions can execute in parallel with the caller.• When only one task at a time can perform the function (for example, reading from a keyboard),serialization of requests is automatic; you do not need to synchronize among requesting tasks.Some advantages of distributing operating-system functions are• The communication between application and operating system is faster.• It may be possible for all tasks to execute the same operation-system function in parallel. (You mustensure reentrancy and provide for synchronization, however.)Figures 1-4 through 1-7 illustrate some general approaches that you may consider.The approach shown in figure 1-4 takes maximum advantage of the four privilege levels. The criticalprocedures and data of the operating system kernel (for example, memory allocation tables and procedures,information about tasks) are protected from all other procedures in the system. Those parts ofthe operating system that are less reliable, either due to inherent complexity (for example, the I/Osubsystem) or due to occasional changes (for example, policies designed to increase overall throughput),are at a lower level but are still protected from application levels. Application logic has two levelsso that application services (such as database management) can be protected from less trusted applicationcode, yet application services cannot affect the integrity of the operating system. Operatingsystemprocedures and application services are shared among all the tasks in the system.Figure 1-5 illustrates that you do not need to use all four privilege levels. You may prefer this two-levelapproach if you are converting from a traditional multitasking system that offers protection only betweenthe two levels defined by application and operating system.The iAPX 286 can also emulate one-level systems, as illustrated in figure 1-6. This approach may beuseful in the initial stages of converting from an unprotected system, but it does not take advantage ofmany of the protection features offered by the iAPX 286. It does isolate tasks from one another, butit does not protect the operating system from applications software.Some operating system functions are better structured as independent operating-system tasks, not asprivileged procedures within a task. Certain I/0 functions are suited to this treatment. Because of thecomplexity of I/0 code, the extra protection offered by a task boundary contributes to the reliability1-5 121960-001
Page 2 and 3: LITERATUREIn addition to the produc
Page 4 and 5: Intel Corporation makes no warranty
Page 6 and 7: PREFACEExternal LiteratureMany aspe
Page 8: Table of ContentsCHAPTER 1PageINTRO
Page 11 and 12: TABLE OF CONTENTSCHAPTER 9PageVIRTU
Page 13 and 14: TABLE OF CONTENTSLIST OF FIGURESFig
Page 15: Introduction to Protected 1Multitas
Page 18 and 19: INTRODUCTION TO PROTECTED MULTITASK
Page 22 and 23: 111'eI INTRODUCTION TO PROTECTED MU
Page 29: Using Hardware2Protection Features
Page 32 and 33: USING HARDWARE PROTECTION,FEATURESs
Page 34 and 35: interUSING HARDWARE PROTECTION FEAT
Page 36 and 37: USING HARDWARE PROTECTION FEATURES(
Page 38 and 39: USING HARDWARE PROTECTION FEATURES
Page 40 and 41: USING HARDWARE PROTECTION FEATUREST
Page 42 and 43: USING HARDWARE PROTECTION FEATURESo
Page 44 and 45: USING HARDWARE PROTECTION FEATURESL
Page 46 and 47: USING HARDWARE PROTECTION FEATUREST
Page 48 and 49: USING HARDWARE PROTECTION FEATURESE
Page 50 and 51: inl:el~USING HARDWARE PROTECTION FE
Page 52 and 53: IntelUSING HARDWARE PROTECTION FEAT
Page 54 and 55: IntelU~ING HARDWARE PROTECTION FEAT
Page 56 and 57: lSLDTFORMATRt;;SERV~~"O~iA~~.~ijij
Page 59 and 60: CHAPTER 3REAL MEMORY MANAGEMENTIn d
Page 61 and 62: REAL MEMORY MANAGEMENTIALLOCATEGATE
Page 63 and 64: interREAL MEMORY MANAGEMENTBEFOREAF
Page 65 and 66: REAL MEMORY MANAGEMENTGLOBAL DESCRI
Page 67 and 68: REAL MEMORY MANAGEMENTTable 3-1. Ac
Page 69 and 70: REAL MEMORY MANAGEMENTBEFOREI "FREE
Page 71 and 72:
REAL MEMORY MANAGEMENTBEFOREI "FREE
Page 73 and 74:
REAL MEMORY MANAGEMENTPL/M-286 COMP
Page 75 and 76:
Page 77 and 78:
Page 79:
Page 82 and 83:
IIIIIIIIIIIIIIIIIIIIII
Page 84 and 85:
II I telTASK MANAGEMENTCPUTASK REGI
Page 86 and 87:
TASK MANAGEMENTIf the proc~sser, wh
Page 88 and 89:
TASK MANAGEMENTUsually, termination
Page 90 and 91:
TASK MANAGEMENTTASK XTSS TSS TSS TS
Page 92 and 93:
TASK MANAGEMENTSCHEDULING POLICIEST
Page 94 and 95:
TASK MANAGEMENTThe example in figur
Page 96 and 97:
TASK MANAGEMENTREADY QUEUESBY PRIOR
Page 98 and 99:
IIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIII
Page 101 and 102:
CHAPTER 5DATA SHARING, ALIASING, AN
Page 103 and 104:
DATA SHARING, ALIASING, AND SYNCHRO
Page 105 and 106:
interDATA SHARING, ALIASING, AND SV
Page 107 and 108:
Page 109 and 110:
Page 111 and 112:
Page 113 and 114:
Page 115 and 116:
Page 117:
Page 121 and 122:
CHAPTER 6SIGNALS AND INTERRUPTSInte
Page 123 and 124:
interSIGNALS AND INTERRUPTSlOTGOTTS
Page 125 and 126:
SIGNALS AND INTERRUPTSTable 6-1. In
Page 127 and 128:
SIGNALS AND INTERRUPTSSend interrup
Page 129 and 130:
SIGNALS AND INTERRUPTSprocedure suc
Page 131:
Handling Exception Conditions 7
Page 134 and 135:
HANDLING EXCEPTION CONDITIONSError
Page 136 and 137:
HANDLING EXCEPTION CONDITIONSAn exc
Page 138 and 139:
HANDLING EXCEPTION CONDITIONSA few
Page 140 and 141:
HANDLING EXCEPTION CONDITIONSAn ins
Page 143 and 144:
CHAPTER 8INPUT /OUTPUTMany of the c
Page 145 and 146:
INPUT /OUTPUTYou can still take adv
Page 147 and 148:
INPUT /OUTPUT• Only the operating
Page 149:
INPUT /OUTPUTtask the I/0 procedure
Page 153 and 154:
CHAPTER 9VIRTUAL MEMORYThe memory l
Page 155 and 156:
VIRTUAL MEMORYthose segments that a
Page 157 and 158:
VIRTUAL MEMORY• Return the RAM sp
Page 159 and 160:
VIRTUAL MEMORYReplacementThe operat
Page 161 and 162:
System Initialization10
Page 163 and 164:
CHAPTER 10SYSTEM INITIALIZATIONThe
Page 165 and 166:
SYSTEM INITIALIZATIONStarting the f
Page 167 and 168:
iAPX286 "ACRO ASSEMBLERLOCOBJEnter
Page 169 and 170:
iAPX286 MACRO ASSEMBLEtEnter Protec
Page 171 and 172:
iAPX286 MACRO ASSEMBLER·· Enter ~
Page 173 and 174:
iAPX286 'UCRO USE148LER Ente,. P,.o
Page 175 and 176:
iAPX286 MACRO ASSEMBLEREnt9~ P~otec
Page 177:
iAPX286 MACRO ASSEMBLE~ INITIAL TAS
Page 181 and 182:
CHAPTER 11BINDING AND LOADINGBindin
Page 183 and 184:
BINDING AND LOADINGNamingThe names
Page 185 and 186:
BINDING AND LOADING$ COMPACT (NUCLE
Page 187 and 188:
interBINDING AND LOADINGsystem-IDiA
Page 189 and 190:
BIND.ING AND LOADINGConverting a Pr
Page 191 and 192:
BINDING AND LOADINGThe OMF of each
Page 193 and 194:
interBINDING AND LOADINGsystem-IDiA
Page 195 and 196:
BINDING AND LOADINGPL/M-2B6 COMPILE
Page 197 and 198:
BINDING AND LOADI.NGPL/M-286 COMPIL
Page 199 and 200:
BINDING AND LOADINGPL/M-286 COMPILE
Page 201 and 202:
BINDING AND LOADINGPL/M-2B6 COMPILE
Page 203 and 204:
BINDING AND LOAD.INGPL/M-286 COMPIL
Page 205 and 206:
interBINDING AND LOADINGPL/M-286 CO
Page 207 and 208:
BINDING AND LOADINGPL/M-286 COMPILE
Page 209:
Numerics Processor Extension 12
Page 212 and 213:
NUMERICS PROCESSOR EXTENSIONMath Pr
Page 214 and 215:
interNUMERICS PROCESSOR EXTENSION
Page 217:
Extended Protection13
Page 220 and 221:
EXTENDED PROTECTIONIndirect NamingT
Page 222 and 223:
EXTENDED PROTECTIONanother procedur
Page 225:
Glossary
Page 228 and 229:
GLOSSARYbootloadable module: a modu
Page 230 and 231:
GLOSSARYexception: a processor-dete
Page 232 and 233:
GLOSSARYintersegment reference: a r
Page 234 and 235:
GLOSSARYoutward call: the attempt t
Page 236 and 237:
GLOSSARYscheduling state: one of se
Page 238 and 239:
GLOSSARYvirtual address: an address
Page 240 and 241:
INDEXES register, 2-17, 2-18, 2-21,
Page 242 and 243:
INDEXpresent bit, 2-2, 2-3, 2-9, 5-
Page 245 and 246:
interu.s. SALES OFFICESALAIWIA IlEQ
Page 247 and 248:
interu.s. DISTRIBUTORSNEW YORK (C"n
Page 249 and 250:
intJINTEL INTERNATIONAL SALES OFFIC
show all

iAPX 286 Operating System Writers Guide 1983

Create successful ePaper yourself

Delete template?

Save as template?