Page 1 of 1
What' the address space like when switching to protect mode?
Posted: Tue Apr 05, 2011 5:56 am
by yuq
I know how to switch to protect mode in x86.
Code: Select all
; set PE bit
mov cr0, eax
or eax, 1
mov eax, cr0
; I need to insert code here
; far jump (cs = selector of code segment)
jmp cs:@pm
@pm:
; Now we are in PM.
But now I need to insert some code just before far jump and after "mov eax,cr0". So I'm confused by what's the address space like here, has the GDT take effect already?
Re: What' the address space like when switching to protect m
Posted: Tue Apr 05, 2011 6:26 am
by qw
You are in Protected Mode the moment you change CR0, but the old base and limit of CS are still in use until you reload CS. In real mode, and before reloading CS, the base is 16 times the value of the segment register and the limit is 65535.
The CPU reads the base, limit and attributes from the GDT the moment CS is loaded with the new value, that is, during the processing of the far jump. So you should make sure that the base is the same as it was in real mode otherwise the offset of "@pm" will be incorrect.
BTW you'd better not call the selector "cs" because it will confuse your assembler.
P.S. Watch the order of the operands. Is it Intel or AT&T syntax you are using?
Re: What' the address space like when switching to protect m
Posted: Tue Apr 05, 2011 6:39 am
by Combuster
Entering protected mode does not change memory mapping of itself - imagine that execution goes off to somewhere else the moment you set PE. Instead it only changes how instructions related to protection and segmentation are interpreted.
Basically, whatever code follows depends on the behaviour of the
Descriptor Cache.
Re: What' the address space like when switching to protect m
Posted: Tue Apr 05, 2011 6:50 am
by yuq
Thank you. According to your saying, I'm in protect mode because I've set the PE bit. But I have not reload CS, and there's no old global descriptor because I was in real mode before. Further more, my CS may be 0x1234 in real mode which may not be a valid entry in GDT. So what's the address strategy here? And how does the CPU find the next instruction after enable PE (which is far jump here) when CS has no mean before reloading in protect mode?
Re: What' the address space like when switching to protect m
Posted: Tue Apr 05, 2011 7:07 am
by yuq
Oh I'm sorry! I miss-understanded what you two guys' saying. Yes, I know the answer just like your saying, thank you.
Re: What' the address space like when switching to protect m
Posted: Tue Apr 05, 2011 7:30 am
by yuq
I understand the address strategy here: if CS is 0x1234 in real mode, then here I got cached descriptor base 0x12340 with limit 0xffff. But CS has lest bits for memory protection, here the CS is still 0x1234 before reload, will the lest bits take effect here? If it is, may be I should make sure to make these bits of CS cleared for kernel mode in real mode?
Re: What' the address space like when switching to protect m
Posted: Tue Apr 05, 2011 8:54 pm
by landmine
Segment privilege levels are only checked when loading the selectors.
Re: What' the address space like when switching to protect m
Posted: Wed Apr 06, 2011 12:44 am
by Combuster
Before you try to consider any more things about segmentation: when did you modify the descriptor cache? Segment behaviour does not change until you explicitly change it. Between setting PE and changing CS nothing touches the descriptor cache, so nothing changes how addresses are translated.