This document gives an introduction to the use of the protected mode (short pm) of the Intel processor (32 bit). For more informations look for a manual of Intel.
While in protected mode, the processor runs the tasks on different privilege levels (0 to 3). While in privilege level 0, all instructions, accesses etc. are allowed. The privilege level for user tasks is 3. The access restrictions for each level depend how this is handled by the OS. For example, it's possible to allow I/O operations for all privilege level or allow I/O only for the level 0. A task which runs on privilege level 2 can only access data and code segments with privilege level 2 or 3 (a call to a segment with privilege level 0 or 1causes an exception 0Dh).
The main difference between real mode and protected mode is, that in pm the stupid idea of segment*16+offset is given up. The segment address is now translated in two stages to get the base address of the segment, the memory is now addressed via selector:offset. The selector is an index to a table of descriptors. This descriptors decribe the access rights of a segment, the segement size and the linear base address of the segment (be careful, there is a difference between a linear and physical address, a linear address is translated by the MMU to a phiscal address). There are three descriptor tables: the GDT and the IDT which are global for all tasks, the LDT which is task specific.
|
15...3 |
2 |
1.. 0 |
| index to descriptor table | 0: descriptor is in GDT 1: descriptor is in LDT |
00: requested privilege level like the taks 01: requested privilege level 1 while accessing the segment 10: requested privilege level 2 while accessing the segment 11: requested privilege level 3 while accessing the segment |
The processor support different types of descriptors, some of these types are only allowed in the LDT or GDT, but not in the IDT.
Well, as decribed above, a user program can't call a routine in a segment with super visior privilege level, but how can a user task call the OS? The solution are call gates. Call gates are descriptors which allows to call a segment with a higher privilege. The offset in the destination comes also from the call gate descriptor so it's impossible for the user program to jump to any point in the super visior segment.
In the pm the processor distinguish between traps, interrupts and exceptions. A trap is a software interrupt, an interrupt an external interrupt which comes from a device (in rela mode hardware interrupt), an exception is an interrupt genereted by the processor if an error occurs (division by zero, page fault, access violation ....).
|
INT |
Exception |
Error code |
|
00h |
division by zero |
- |
|
01h |
Debugging (single step, break point ...) |
- |
|
02h |
- |
|
|
03h |
break point (INT3) |
- |
|
04h |
INT0 instruction, if overflow flag is set |
- |
|
05h |
BOUND operand out of range |
- |
|
06h |
Invalide opcode |
- |
|
07h |
coprocessor not present |
- |
|
08h |
double fault: fault while activate handler for exceptions 00h, 0Ah, 0Bh, 0Ch or 0Dh |
yes, but zero |
|
09h |
segment ranges are violated by coprocessor instruction |
yes |
|
0Ah |
Illegal task state segment |
yes |
|
0Bh |
segment isn't present in memory |
yes |
|
0Ch |
stack error (segment isn't present) or stack pointer out of range |
yes |
|
0Dh |
general privileg violation |
yes |
|
0Eh |
page fault (virtual memory management); page isn't present or access violation linear address in CR2 |
yes, but special |
|
0Fh |
reserved |
- |
|
10h |
coprocessor error (on PCs not available, error reporting via interrupt controller |
- |
This error code is written to stack:
31 16 |
15 3 |
2 |
1 |
0 |
|
undefined |
index |
TI |
IDT-bit | external bit |
TI: only important if IDT-bit=0
0 : index is selctor of GDT
1: index is selctor of LDT
IDT-bit:
0: Descriptor in the LDT or GDT causes the exception
1: interrupt gate (gate nr. in index)
External bit:
0: error is caused by the program
1: the error is caused by an interrupt
Bit 0:
0: page isn't present in phsical memory
1: page access violation
Bit 1:
0: error while read access
1: error while write acces
Bit 2:
0: program with privilege 0,1 or 2 causes the fault
1: user program (privilege=3) causesa the fault
The processor switches to the virtual mode if the VM-flag (bit 17 in EFLAGS) is set while executing an IRETD instruction from a segment with privilge level 0. If this flag is set, the segment registers and ESP are also loaded from the stack. The segment registers are now used like in real mode to create a linear address, this linear address can (it's in most cases nessecary) be translated by the MMU to a physical address. The main difference to the real mode is, that interrupts, exceptions and traps switch the processor back to the real mode and the handler which is specified by the IDT is called.
|
high word |
low word |
stack offset (level 0) |
|
0000 |
GS |
+20h |
|
0000 |
FS |
+1Ch |
|
0000 |
DS |
+18h |
|
0000 |
ES |
+14h |
|
0000 |
SS |
+10h |
|
high word ESP |
low word ESP |
+0Ch |
|
high word EFLAGS |
low word EFLAGS |
+08h |
|
0000 |
CS |
+04h |
|
high word EIP |
low word EIP |
00h |
If the processor leaves the virtual mode, these datas are also on the stack.