6.5 Combining Page and Segment Protection 组合页与段保护
When paging is enabled, the 80386 first evaluates segment protection, then evaluates page protection. If the processor detects a protection violation at either the segment or the page level, the requested operation cannot proceed; a protection exception occurs instead.
当分页被启用,80386首先评估段保护,然后评估页保护。如果处理器侦测到保护违例,无论在段上或页上,请求的操作都不被执行;替代的结果是发生保护异常。
For example, it is possible to define a large data segment which has some subunits that are read-only and other subunits that are read-write. In this case, the page directory (or page table) entries for the read-only subunits would have the U/S and R/W bits set to x0, indicating no write rights for all the pages described by that directory entry (or for individual pages).
例如,定义了一个大的数据段,其中有只读部分和可读写部分。在这种情况下,只读部分的页目录(或页表)项会将U/S和R/W位设置为0,表明这些目录项(或分开的页)所描述的页没有写权限。
This technique might be used, for example, in a UNIX-like system to define a large data segment, part of which is read only (for shared data or ROMmed constants). This enables UNIX-like systems to define a "flat" data space as one large segment, use "flat" pointers to address within this "flat" space, yet be able to protect shared data, shared files mapped into the virtual space, and supervisor areas.
这种技术可以使用,例如在类UNIX系统中,定义了一个大的数据段,一部分是只读的(用来共享数据或只读的静态变量)。这使得类UNIX系统定义一个扁平的数据空间做为一个大的段,使用扁平指针在扁平的空间中寻址,然后也能实现保护共享数据,将共享的文件映射到虚拟空间,超级用户区域。