Chapter 8faculty.uml.edu/yluo/Teaching/MicroprocessorI/chapter8.pdf · The 80386, 80486, and Prentium ... to-Physical Address Translation ... implements a protection mechanism Segmentation,

11/1/2005

Chapter 8 1

Chapter 8

Protected-Mode Software Architecture of 80386DX

11/1/2005

Chapter 8 2

The 80386, 80486, and Prentium Processors Prof. Yan Luo, UMass Lowell 2

Overview of Protected Mode

� Memory management� Larger memory space (up to 4GB physical memory)� Flexible segment size in segmentation� Can also be organized as 4KB “pages”� Virtual memory (larger than physical memory size)

� Multitasking� Tasks sharing CPU, memory, I/O

� Protection� Safeguard against software bugs and integrity of OS

� Virtual mode� Allow execution of DOS applications

11/1/2005

Chapter 8 3


Important Registers in Protected Mode

� EIP : 32-bit� EFLAGS: 32-bit� Global Descriptor Table Register (GDTR): 48-bit� Interrupt Descriptor Table Register (IDTR): 48-bit� Local Descriptor Table Register (LDTR): 16-bit� Task Register� Control Register (CR0 through CR3)

11/1/2005

Chapter 8 4


Global Descriptor Table Register (GDTR)

� Global descriptor table� For memory management� Located in physical memory� Contains segment descriptors� Defined by GDTR� Each entry (segment descriptor) takes 8 bytes

� GDTR� Lower 2 bytes define LIMIT (or size)� Upper 4 bytes define the base (physical address)� Initialized before switching to protected mode

� Example� GDTR = 001000000FFFH, Thus, for GDT,

Base = 00100000H, Size = 0FFFH+1 = 4096bytes, # of descriptors = 4096/8=512End at = 00100FFFH

11/1/2005

Chapter 8 5


Interrupt Descriptor Table Register (IDTR)

� Interrupt descriptor table� Up to 256 interrupt descriptors� Defined by IDTR� Each entry (interrupt descriptor) takes 8 bytes

� IDTR: 48-bit� Lower 2 bytes define LIMIT (or size)� Upper 4 bytes define the base (physical address)� Initialized before switching to protected mode

11/1/2005

Chapter 8 6


Local Descriptor Table Register (LDTR)

� Local descriptor table� Defines local memory address space for the task� Each task has its own LDT� Contains segment descriptors

� LDTR: 16bit� A selector used to find LDT descriptor in GDT� LDT descriptor is loaded transparently from GDT to LDTR

cache

� LDTR cache: 48bit� Lower 2 bytes define LIMIT (or size)� Upper 4 bytes define the base (physical address)

11/1/2005

Chapter 8 7


Control Registers

� CR0 through CR3� Machine Status Word in CR0 (lower 5 bits)

� PE: protection mode enable� MP/EM: math present/absent� TS: task switched

� CR2 and CR3 used to support paging� CR3 contains Page Directory Base Register

(PDBR), pointing to the beginning of page directory� CR2 saves the page fault address

11/1/2005

Chapter 8 8


Task Register� Key element for task switching� Holds a 16-bit selector� Used to find Task State Segment (TSS) descriptor (8bytes) in GDT� TSS descriptor is loaded automatically into on-chip task descriptor

cache� 48-bit (16-bit LIMIT, 32-bit Base)

� TSS holds information of a task such as initial values for user-accessible registers

� Questions:� What is the maximum size of a TSS? Where can it be located in the

linear address space?� Base of GDT is 00011000, TR = 2108, what is the address range of

the TSS descriptor?

11/1/2005

Chapter 8 9


Registers with Changed Functionality

� Segment selector register (originally segment register)� Selector selects a descriptor that defines the

size and characteristics of a segment� Format

� Requested Privilege Level (RPL)� Table indicator (0: GDT, 1: LDT)� Index (to be scaled by 8 to give the offset)

11/1/2005

Chapter 8 10


Registers with Changed Functionality

� Flag, now EFLAGS� New flag bits

� I/O privilege level (IOPL): 2-bit� Nested task (NT): 1-bit� Resume (RF): 1-bit� Virtual 8086 mode (VM): 1-bit

11/1/2005

Chapter 8 11


Virtual Address and VA Space

� Virtual address: 48-bit� Used by Memory Management Unit (MMU)� Consists of

� Selector (16bit): can be one of the segment selector register

� Offset (32bit): can be EIP or other 32-bit registers

� Segment can be as large as 4GB� Virtual address space can be 246 (64

Terabytes)� 2 bits used for privilege level in selector

11/1/2005

Chapter 8 12


Segmented Partition of Virtual Address Space

� Virtual memory space is divided into global and local memory address space� 32 Terabytes global address space� 32 Terabytes local address space

� Up to 8192 segments may exist in either global or local address space� Because maximum size of GDT is 64KBytes, each

descriptor is 8bytes, 64KB/8B = 8192� Not all descriptors are normally in use

� Task has both global and local memory space

11/1/2005

Chapter 8 13


Physical Memory Space and Virtual-to-Physical Address Translation

� 4GB physical memory vs 64TB virtual memory space� Just a small amount of the information in virtual

memory can reside in physical memory

� Segments not in use is stored on secondary storage device

� Address translation: 48bit VA -> 32bit PA� Segment translation� Page translation

11/1/2005

Chapter 8 14


Memory Swap

� MMU determines whether or not a segment or page resides in physical memory

� If not present, “swap”� memory management software initiates loading of

the segment or page from external storage device to physical memory

� A segment or page in physical memory will be swapped out and stored in external storage device

11/1/2005

Chapter 8 15


Segmentation Virtual to Physical Address Translation

� 48-bit virtual address (selector + offset) translated to 32-bit physical address

� “Selector” used to find segment descriptor in LDT� 64-bit segment descriptor cache register in 80386 contains:

access rights (12b), base address(32b), limit(20b)

� Segment descriptor cache defines the location and size of code/data segment� Code/data segments in physical memory

� Offset is the address of the data to be accessed in the segment

� Segment base address + offset = 32b linear address� 32b linear address is physical address, if paging is

disabled

11/1/2005

Chapter 8 16


Example

� Segment selector = 0100Hoffset = 00002000Hsegment base address = 00030000H

Q:What is the virtual address? Physical address?A: VA = 0100:00002000H

linear address = base address + offset= 00030000H+00002000H= 00032000H

if paging disabled, PA = linear addr = 00032000H

11/1/2005

Chapter 8 17


Paged partition of Virtual Address Space

� Physical memory is organized in 4KB pages� 4GB/4KB = 1,048,496 pages

� Simplifies the implementation of the memory management software� Fixed 4K pages make space allocation and

deallocation easier than segmentation

� Space in a page might not be fully utilized� Linear address is not direct physical address

� Undergo a second translation - page translation� Format: 12-b offset, 10-b page, 10-b directory field

11/1/2005

Chapter 8 18


Translating a Linear Address to a Physical Address

� Figure 8.19 (important !)� CR3 -> Page Directory Base Register� Page Directory Table� Page Table� Page Frame� Translation Look-aside Buffer (TLB)

11/1/2005

Chapter 8 19


Segment Descriptor

� Figure 8.20(a)� Used in segmentation virtual memory

� One descriptor for one segment� Stored in GDT, LDT� 8 bytes

� LIMIT (20b), Base (32b), access right byte

� Access right bits� Accessed, readable, executable, privilege level

11/1/2005

Chapter 8 20


Page Table Entry

� Figure 8.24� Entries in page directory table or page table� Each entry has 32 bits

� Upper 20-bit as base address� Bit 12 through 31 of the base address are assumed to be

equal to zero

� Lower 12 as protection characteristics� Read/write� User/superviosr

11/1/2005

Chapter 8 21


Multitasking and Protection

� Multiple tasks exist in a software system, and are scheduled in a time-shared manner (e.g. round-robin)

� Process: an independent task� Protection: deny unauthorized or incorrect

access of a task’s memory resources� 80386DX has on-chip hardware that

implements a protection mechanism� Segmentation, paging, descriptors� Access rights

11/1/2005

Chapter 8 22


Accessing Code and Data Through Protection Model

� Descriptor Privilege Level (DPL)� Current Privilege Level (CPL) and Requested Privilege

Level (RPL)� CPL is the DPL of code or data segment that is currently being

accessed by a task� RPL is the DPL of the target code or data segment

� CPL changes dynamically as programs are executed� General Rule:

� code can access only data that are at the same or a less privileged level

� Privilege-level check, e.g. Figure 8.32

11/1/2005

Chapter 8 23


TSS and Task Switching� Task state selector -> TSS descriptor in

GDT -> TSS in physical memory� TSS contains information needed to start

or stop a task (Figure 8.38)� Minimum size 103 bytes� State of microprocessor (general register,

segment selector, IP, flags)� LDTR selector, I/O permission bit map

11/1/2005

Chapter 8 24


Task Switching� Intersegment jump or intersegment call� Task State Selector is loaded into Task Register� TSS descriptor is loaded from GDT� The current task is suspended and its TSS is saved in

physical memory� State information from new task’s TSS is loaded into

microprocessor� The selector of the old TSS is saved as the back-link

selector in the new task state segment� Execution resumes with instruction identified by CS and

EIP of new task

11/1/2005

Chapter 8 25


Virtual 8086 Mode

� Support execution of real-mode programs in 80386DS protection mode

� Task switching between protected mode and virtual 8086 mode

� VM bit in EFLAGS� VM =1: enable virtual mode operation

� VM task runs at least privileged level (3)

Documents

Chapter 8faculty.uml.edu/yluo/Teaching/MicroprocessorI/chapter8.pdf · The 80386, 80486, and Prentium ... to-Physical Address Translation ... implements a protection mechanism Segmentation,