210 likes | 281 Views
ECE291 Computer Engineering II Lecture 16PM. Dr. Zbigniew Kalbarczyk University of Illinois at Urbana- Champaign. Outline. Real Mode: recap Introduction to Protected Mode. Segment Offset Special Purpose CS IP Instruction address SS SP or BP Stack address
E N D
ECE291Computer Engineering IILecture 16PM Dr. Zbigniew Kalbarczyk University of Illinois at Urbana- Champaign
Outline • Real Mode: recap • Introduction to Protected Mode ECE291
Segment Offset Special Purpose CS IP Instruction address SS SP or BP Stack address DS BX, DI, SI, Data address an 8- or 16-bit number ES DI for string ops String destination address Real Mode Addressing • Up to 1Mb of addressable memory. Address is always computed by<segment:displacement> where each of the two can be 16-bits. • Segment register is always extended with a 0H at the right end. • Up to 20 bits of address => 1Mb of memory • Segments are always 64Kb • 16-bit Default Segment + Offset address combinations: ECE291
Segment Offset Special Purpose CS EIP Instruction address SS ESP or EBP Stack address DS EBX, EDI, ESI, Data address EAX, ECX, EDX, an 8- or 32-bit number ES DI for string ops String destination address FS No default General address GS No default General address Real Mode 32-bit Default Segment + Offset address combinations: • In 386-Pentium III, never place a number > FFFFH in an offset register when operating in real mode. • This causes the system to halt and to indicate an addressing error ECE291
Real Mode (cont.) • Up to four 64Kb-segments for < x286 • Up to six segments for >= x386 • Program can use any arbitrary number of segments but only four/six can be addressed simultaneously at any given time • If a user segment does not use all 64Kb of memory segment registers can be initialized so that segments can overlap - it’s your responsibility to assure the overlap does not create unwanted side-effects! • DOS or any OS is responsible for linking and loading a user program, figuring out the code-data-stack segments, dynamic data area, and initializing the corresponding segment registers. ECE291
Data Stack Memory FFFFF Code Stack Data 0A27F 0A47F 0A0EF Code SS DS CS 0A480 090F 0A28 0A0F 0908F 090F0 0A0F0 0A280 OS & drivers 00000 Example of Overlapping Segments Conceptual overlap ECE291
Real Mode (cont.) • Segment registers allow programs to be written using only offset address and still be relocated anywhere in memory: all we need to do to move a code/data/stack segment is to change the corresponding segment register - all offset addresses remain same. • Relocation of code and data is very important for: • up/downward compatibility • write programs without concerned about the memory size of the particular machine they execute on • moving programs around in memory and allowing multiple programs to run simultaneously • Segment registers are used to address memory in Real Mode only. • The result is similar to Virtual Memory (in ECE 312) ECE291
Protected Mode • In protected mode (where memory is much larger) we have yet another indirection • Segment registers no longer point to memory directly - they point to descriptors which then point to the beginning of a segment in memory • The drawback is a more expensive address translation mechanism • But the benefit is that we can relocate any segment anywhere in 4Gb space, customize access rights to each segment, share segments with different programs/applications, etc. • NOTE: Protected mode does NOT require any change in the application either (unless you customize protection rights) since the indirection is handled automatically by the linker/loader. ECE291
Protected Mode: General • In PM, segment points to descriptor tables (DT)- which then give us the starting address of the segment • Each DT contains 8K (8,192) descriptors where each descriptor is an 8-byte quantity that describes a memory segment. There are two DTs: • Global (or system) descriptor table • Local (or application) descriptor table • Therefore we have up to 16K (2 x 8,192) memory segments that can be addressed in PM by each application. • The two DTs reside in memory and take up a max of 64Kb of memory (8b x 8K). ECE291
G D 0 A V Base B31-B24 Limit L19-L16 00000000 00000000 Base(B23-B16) Access rights Base(B23-B16) Access rights Base (B15-B0) Base (B15-B0) Limit (L15-L0) Limit (L15-L0) Format of Descriptors in PM 80286 Descriptor 386-Pentium III Descriptor • Base is the base address of segment in memory • in x286 it is 24-bits; • in x386+ it can be 32-bits. (Smallest mem. granularity is 4Kb so in x386+, least significant 12 bits can be ignored in Base => 20+12=32 bit addresses) • Limit is the last offset in a segment • i.e. variable size segments in PM. In x286 limit is 16-bits bit in x386+ it is 20bits. • Examples: • x286: segment begins at F00000H and ends at F000FFH => it has base F00000H and has a limit of 00FFH (16 bits). • x386: same segment would begin at 00F00000H and will have a limit of 000FFH (20 bits) ECE291
G D 0 A V Base B31-B24 Limit L19-L16 Base(B23-B16) Access rights Base (B15-B0) Limit (L15-L0) PM: Descriptor Format 386-Pentium III Descriptor G - granularity bit: Specifies the size of segment incremets: - G=0 => Limit specifies a segment limit of 00000H to FFFFFH - G=1 => Limit specifies a segment limit of 00000XXXH to FFFFFXXXH (G=1 allows a segment length of 4Kb-4Gb in increments of 4Kb) Example 1: Base =Start= 10000000H G=0 End=Base+Limit=10000000H + 001FFH = 100001FFH Example 2: Base =Start= 10000000H G=1 End=Base+Limit=10000000H + 001FFXXXH = 101FFFFFH The extension XXX can take any value from 000 to FFF ECE291
G D 0 A V Base B31-B24 Limit L19-L16 Base(B23-B16) Access rights Base (B15-B0) Limit (L15-L0) RPL TI Descriptor Selector PM: Descriptor Format (cont.) 386-Pentium III Descriptor AV-bit: Specifies whether the segment is available or not. D-bit: Specifies how memory is accessed in RM or PM - D=0 => Default: 16-bit instructions, offsets and registers - D=1 => Default: 32-bit instructions, offsets and registers NOTE: The default of register size and offset size can be overridden in both 16- and 32-bit instruction modes. Access Rights byte: Specifies access rights, access violation actions, direction of growth (for data segments) - e.g., shared code segments Segment Register in PM: RPL=requested privilege level (00-highest, 11-lowest) TI=0 => Global descriptor tableTI=1 => Local descriptor table Selects one of 8,192 descriptors in global or local description tables ECE291
How do we access DT in PM? • In PM registers contain offsets into the DT (or selectors), not segment addresses (which are contained in the descriptors) • The processor “knows” where to find the DT: a special register, GDTR (global descriptor table register; program invisible) keeps the base address of the DT. • Each time a segment register changes (indicating that a new segment is to be accessed => a DT access is needed) the following actions take place: • GDTR + segment reg => address in memory from where to get Descriptor • Descriptor (Base, Limit, Access) is fetched in an invisible register in the processor (descriptor cache) where it’s kept so that DT is not accessed with each memory access (too expensive) • When a segment register is reloaded the corresponding DT cache entry is invalidated ECE291
Program Invisible Registers • There are 10 descriptor caches (i.e. registers that cache DT entries) or program-invisible registers • In addition there is a task register, TR, which holds a selector of a descriptor that defines a task (i.e. a procedure, or application). The TR allows a context (task) switch in only 17μs. • TR allows switching from one application program to another in a short period of time. This is also known as multiprogramming, multitasking, or time-sharing. • TR points to a descriptor in the global descriptor table. ECE291
; Display a character from DL BITS 32 GLOBAL _main SECTION .bss DPMI_Regs DPMI_EDI resd 1 DPMI_ESI resd 1 DPMI_EBP resd 1 DPMI_RES0 resd 1 DPMI_EBX resd 1 DPMI_EDX resd 1 DPMI_ECX resd 1 DPMI_EAX resd 1 DPMI_FLAGS resw 1 DPMI_ES resw 1 DPMI_DS resw 1 DPMI_FS resw 1 DPMI_GS resw 1 DPMI_IP resw 1 DPMI_CS resw 1 DPMI_SP resw 1 DPMI_SS resw 1 SECTION .data SECTION .text _main mov dl, '1' mov ah, 06h call _INT21H and eax, 0FFh ret ;Interrupt 21h in Protected Mode _INT21H mov dword [DPMI_EAX], EAX mov dword [DPMI_EBX], EBX mov dword [DPMI_ECX], ECX mov dword [DPMI_EDX], EDX mov dword [DPMI_ESI], ESI mov dword [DPMI_EDI], EDI mov dword [DPMI_EBP], EBP pushf pop ax mov word [DPMI_FLAGS], ax push es ; we use ES doing DOS interrupt mov ax, 0300h mov bx, 21h mov cx, 0 push ds pop es mov edi, DPMI_Regs int 31h pop es mov ax, [DPMI_FLAGS] ;restore registers push ax popf mov EAX, [DPMI_EAX] mov EBX, [DPMI_EBX] mov ECX, [DPMI_ECX] mov EDX, [DPMI_EDX] mov ESI, [DPMI_ESI] mov EDI, [DPMI_EDI] mov EBP, [DPMI_EBP] ret ECE291
; Display a character from DL BITS 32 GLOBAL _main SECTION .bss DPMI_Regs DPMI_EDI resd 1 DPMI_ESI resd 1 DPMI_EBP resd 1 DPMI_RES0 resd 1 DPMI_EBX resd 1 DPMI_EDX resd 1 DPMI_ECX resd 1 DPMI_EAX resd 1 DPMI_FLAGS resw 1 DPMI_ES resw 1 DPMI_DS resw 1 DPMI_FS resw 1 DPMI_GS resw 1 DPMI_IP resw 1 DPMI_CS resw 1 DPMI_SP resw 1 DPMI_SS resw 1 SECTION .data SECTION .text _main ;Displays the ASCII character found in AL mov dl, '1' mov ah, 06h call _INT21H ;and eax, 0FFh ; ret Invoking DOS Interrupts in Protected Mode Display ASCII Character (06h; Int 21h) ECE291
; INT21H Interrupt 21h in Protected Mode _INT21H mov dword [DPMI_EAX], EAX mov dword [DPMI_EBX], EBX mov dword [DPMI_ECX], ECX mov dword [DPMI_EDX], EDX mov dword [DPMI_ESI], ESI mov dword [DPMI_EDI], EDI mov dword [DPMI_EBP], EBP pushf pop ax mov word [DPMI_FLAGS], ax push es ; we use ES doing DOS interrupt mov ax, 0300h ; Simulate Real Mode Interrupt mov bx, 21h mov cx, 0 push ds pop es mov edi, DPMI_Regs int 31h pop es mov ax, [DPMI_FLAGS] ;restore registers push ax popf mov EAX, [DPMI_EAX] mov EBX, [DPMI_EBX] mov ECX, [DPMI_ECX] mov EDX, [DPMI_EDX] mov ESI, [DPMI_ESI] mov EDI, [DPMI_EDI] mov EBP, [DPMI_EBP] ret Invoking DOS Interrupts in Protected Mode Display ASCII Character (06h; Int 21h) ECE291
PAGING • Maps a virtual to a physical address: • Linear (virtual) address ==> physical address • Paging also extends the “size” of memory beyond that of physical memory (DRAM). The principle works by fetching and keeping in memory only those segments that are currently accessed to make progress in the execution. All other code/data may be in disk (linear addresses that are not currently present in physical memory). • Why paging? Because segmentation is not enough to allow multiple applications to reside in memory at the same time and thus execute “together” - the reason is that we need separate segment registers for each application but we also need to make sure that different application segments map to different physical memory segments. This, would severely limit the # of apps that can run together as well as the range of memory they could address: no longer relocatable! • Paging solves all of the above problems! ECE291
Paging (cont.) • Memory Management Unit MMU (or memory paging unit - MPG) translates linear to physical addresses. • Paging is controlled by the (invisible) control registers that keep the location of the mapping tables known as the page table directory (PTD) and the page map tables (PMT). The address translation process then follows the steps: • Use a control register to get the base of PTD • Use MSBs of the linear address as an offset into PTD to get entry • Entry gives the base of the PMT for this application. Add to it the next MSBs of the linear address to get entry of PMT. • This entry gives the location in physical memory of the base of the segment we want to access. Add to it the LSBs of the linear address to form the byte address of data or instruction to access. • Paging works with real and with protected mode ECE291
Paging - Control Registers • Control registers: CR0-CR3 (and in Pentium CR4) are 32b regs. Bit 0 (MSB) of CR0 is used to set paging on/off. If CR0(0)=0 the linear address is also the physical address. Otherwise, paging is enabled. • CR3 has the page directory page address - there is only one page directory in the entire system with up to 1,024, 32-bit entries. • Each entry in the page directory points to a page table. Each page table contains up to 1,024, 32-bit entries, each pointing to a physical memory page (segment). • Thus, we have up to 220 x 4bytes = 4Mb of physical memory reserved only for the PMT -- way too much! • Usually, a PMT is needed for each active application, and in practice there are only a few PMTs. However, the 4Kb space for the page directory must be reserved and available. ECE291
0 0 6 11 12 22 31 31 21 12 Linear (virtual) address: Directory Address Control bits Offset Page Table CR3 (Page directory base) PMT entry - points to base of memory (page) segment: Page Table base address This is what used to be the Segment Register in RM 32-bit Physical Address Paging: Address Translation ECE291