Hello all:
I know that data segment can be read or it can be read and written,
and code segment can be executed,but I don't know what does it mean
that code segment can be read and be executed in 80386,
such as:
codeseg descriptor <0ffffh,,,9ah,>
what data the code segment read?and who could give me an example about
difference between only read and both read and execute?
Thank you very much.
Under 16-bit DOS executing in real mode there are no protection mechanisms. You can freely modify code in the code segment, execute code in the data segment, or put data in the code segment. It's just a matter of managing the segment registers, execution path, etc.
this is a 32-bit question, as you are asking about the 386
in protected mode, memory sections (or segments, if you prefer) are typed this way
a read only data section might be .CONST, where initialized, permanant, unmodifiable data is stored
for example, you might define the floating point representation of Pi in this section
if the program tries to change it's value, an exception will occur
a good example of data that is read from a code section might be a branch vector table - i.e., a list of proc addresses
in that case, the code section must be both read and execute
another example might be self-modifying code
you can alter the access rights for pages in a section of code - see VirtualProtect
in both read and executed attribute of code segment,
what does the code read from?in self code segment or data segment?
The executing code comes from CS:[EIP]
Where that reads from depends on what's programmed into the CS SELECTOR in terms of the memory behind it. This is typically the same memory that is behind the DS SELECTOR, but it doesn't have to be. But it WILL be a different selector, with appropriate attributes.
In protected mode the SELECTOR is an abstraction, and you cannot do address math on it unless the systems programmer has made specific accommodations for that (ie AH_INCR, AH_SHIFT)
You should probably go dig up a 286 or 386 system programmer's reference manual
http://pdos.csail.mit.edu/6.828/2006/readings/i386/s05_01.htm
Quote from: clive on December 15, 2010, 03:04:33 AM
The executing code comes from CS:[EIP]
Where that reads from depends on what's programmed into the CS SELECTOR in terms of the memory behind it. This is typically the same memory that is behind the DS SELECTOR, but it doesn't have to be. But it WILL be a different selector, with appropriate attributes.
In protected mode the SELECTOR is an abstraction, and you cannot do address math on it unless the systems programmer has made specific accommodations for that (ie AH_INCR, AH_SHIFT)
You should probably go dig up a 286 or 386 system programmer's reference manual
http://pdos.csail.mit.edu/6.828/2006/readings/i386/s05_01.htm
Could you give me two examples about difference between read and read/execute?
here is an example
i am not sure this one requires read/execute
.CODE
mov eax,Index ;0,1,2,3
shl eax,2
call dword ptr VectorTable[eax]
VectorTable dd Proc1
dd Proc2
dd Proc3
dd Proc4
this one needs it for sure
.CODE
mov eax,Index ;0,1,2,3
shl eax,2
mov eax,VectorTable[eax]
call eax
VectorTable dd Proc1
dd Proc2
dd Proc3
dd Proc4
this is simple self-modifying code
.CODE
mov eax,20h
db 0B9h ;MOV ECX,nnnnnnnn
ImmOperand dd 10h
;
;
;
mov ImmOperand,11h ;modify the operand
the same thing can be done this way
.CODE
mov eax,20h
mov ecx,10h
ImmOperand label dword
;
;
;
mov ImmOperand-4,11h ;modify the operand
Thank all of you very much.