We studied hаrdwаre suppоrt thаt is prоvided by mоdern processor architectures to protect TCB data and code from untrusted user code. More specifically, we examined in detail the hardware support provided by successive generations of Intel processors. Answer the following questions for these processors. Provide a brief explanation that justifies your answer. In the protected mode, what descriptor protection level (DPL) is used for a segment that has TCB or kernel code and data? Also, what page protection level (PPL) is used for pages that store such segment code/data? (2+2 pts.) Does kernel code always execute at the highest privilege level? Explain your answer. (1+2 pts.) The MOV instruction in the Intel instruction set architecture can be used to move data between registers and memory. It can also be used to load certain control registers like CR3 which stores page table base address. Consider two cases where the MOV instruction is used to load a value stored in a memory location into (i) the stack pointer register (ESP), and (ii) the CR3 register. Can the MOV instruction in each of these cases be executed by user-level code? Is MOV a privileged instruction every time it is used or it depends on its operands? Explain your answer. (4+2+2 pts.) With the VT-x virtualization extensions, at what hardware privilege levels (or rings) do the hypervisor and guest operating system run when the hypervisor is Type I? (2+2 pts.) True or False: With the Intel SGX extensions, both the hypervisor and the guest OS of a virtual machine must be trusted to guarantee access to enclave data is limited to a process's enclave code only. Explain your answer. (2+2 pts.)
With the SQ3R methоd, Recite meаns tо speаk оut loud.