IOPL-sensitive instructions
Instructions that deal with I/O not only need to be restricted;
they need to be exectued by procedures that execute at privilege
levels other than zero. To allow this, the 80286+ uses two bits of
the flags register to store the IOPL. The IOPL defines the
privilege level needed to execute I/O related instructions. The
following instructions can be executed only if CPL is less than
or equal to IOPL. They are called IOPL-sensitive because they are
sensitive to the value stored in IOPL.
Protected Protected
mode V86 mode
IN Input from Port +
INS Input String from Port +
OUT Output to Port +
OUTS Output String to Port +
CLI Clear Interrupt Flag + +
STI Set Interrupt Flag + +
PUSHF Push Flags +
POPF Pop Flags +
IRET Interrupt Return +
INT Interrupt +
INTO Interrupt on Overflow +
LOCK Assert Bus Lock +
Note + = IOPL-sensitive, CPL=3 in V86 mode
To use sensitive instructions, a procedure must execute at a
privilege level at least as privileged as that stored in IOPL. Any
attempt by a less privileged procedure to use one of the
instructions listed produces a general protection exception.
This allows a V86 monitor to trap - and possibly modify the
results of - IOPL-sensitive instructions in a program executing in
V86 mode.
Each task in the system has its own unique copy of the flags
register. Therefore each task can have a different IOPL. A task
can change the IOPL only with a POPF instruction. Such changes
are privileged. No procedure may alter IOPL in the flags register
unless the procedure is executing at privilege level 0 (CPL=0).
Any attempt by a less privileged procedure to alter IOPL does not
result in an exception, but IOPL remains unchanged.