Volume 3A System Programming Guide_ Part 1 (794103), страница 42
Текст из файла (страница 42)
The 32-bit modebehavior in Table 3-4 also applies to IA-32 processors that support the executedisable bit but not Intel 64 architecture.If the execute disable bit is enabled in an IA-32 or Intel 64 processor, reserved bits inpaging data structures for legacy 32-bit mode and 64-bit mode are shown in Table3-5.Table 3-4. Reserved Bit Checking When Execute Disable Bit is DisabledModePaging ModePaging StructureCheck Bits32-bit4-KByte pages (PAE = 0, PSE = 0)PDE and PTNo reserved bits checked4-MByte page (PAE = 0, PSE = 1)PDEBit [21]4-KByte page (PAE = 0, PSE = 1)PDENo reserved bits checked4-KByte and 4-MByte page (PAE = 0,PSE = 1)PTENo reserved bits checked4-KByte and 2-MByte pages (PAE =1, PSE = x)PDP table entryBits [63:40] & [8:5] & [2:1]2-MByte page (PAE = 1, PSE = x)PDEBits [63:40] & [20:13]4-KByte pages (PAE =1, PSE = x)PDEBits [63:40]4-KByte and 2-MByte pages (PAE =1, PSE = x)PTEBits [63:40]4-KByte and 2-MByte pages (PAE =1, PSE = x)PML4EBit [63], bits [51:40]4-KByte and 2-MByte pages (PAE =1, PSE = x)PDPTEBit [63], bits [51:40]2-MByte page (PAE =1, PSE = x)PDE, 2-MByte pageBit [63], bits [51:40] & [20:13]4-KByte pages (PAE = 1, PSE = x)PDE, 4-KByte pageBit [63], bits [51:40]4-KByte and 2-MByte pages (PAE =1, PSE = x)PTEBit [63], bits [51:40]64-bit3-48 Vol.
3PROTECTED-MODE MEMORY MANAGEMENTTable 3-5. Reserved Bit Checking When Execute Disable Bit is EnabledModePaging ModePaging StructureCheck Bits32-bit4-KByte pages (PAE = 0, PSE = 0)PDE and PTNo reserved bits checked4-MByte page (PAE = 0, PSE = 1)PDEBit [21]4-KByte page (PAE = 0, PSE = 1)PDENo reserved bits checked4-KByte and 4-MByte page (PAE =0, PSE = 1)PTENo reserved bits checked4-KByte and 2-MByte pages (PAE =1, PSE = x)PDP table entryBits [63:40] & [8:5] & [2:1]2-MByte page (PAE = 1, PSE = x)PDEBits [62:40] & [20:13]4-KByte pages (PAE = 1, PSE = x)PDEBits [62:40]4-KByte pages (PAE = 1, PSE = x)PTEBits [62:40]4-KByte and 2-MByte pages (PAE =1, PSE = x)PML4EBits [51:40]4-KByte and 2-MByte pages (PAE =1, PSE = x)PDPTEBits [51:40]2-MByte page (PAE = 1, PSE = x)PDE, 2-MByte pageBits [51:40] & [20:13]4-KByte pages (PAE = 1, PSE = x)PDE, 4-KByte pageBits [51:40]4-KByte pages (PAE = 1, PSE = x)PTEBits [51:40]64-bitNOTE:x = Bit does not impact behavior.3.11MAPPING SEGMENTS TO PAGESThe segmentation and paging mechanisms provide in the IA-32 architecture supporta wide variety of approaches to memory management.
When segmentation andpaging is combined, segments can be mapped to pages in several ways. To implement a flat (unsegmented) addressing environment, for example, all the code, data,and stack modules can be mapped to one or more large segments (up to 4-GBytes)that share same range of linear addresses (see Figure 3-2). Here, segments areessentially invisible to applications and the operating-system or executive. If pagingis used, the paging mechanism can map a single linear address space (contained in asingle segment) into virtual memory. Or, each program (or task) can have its ownlarge linear address space (contained in its own segment), which is mapped intovirtual memory through its own page directory and set of page tables.Segments can be smaller than the size of a page.
If one of these segments is placedin a page which is not shared with another segment, the extra memory is wasted. Forexample, a small data structure, such as a 1-byte semaphore, occupies 4K bytes if itVol. 3 3-49PROTECTED-MODE MEMORY MANAGEMENTis placed in a page by itself. If many semaphores are used, it is more efficient to packthem into a single page.The IA-32 architecture does not enforce correspondence between the boundaries ofpages and segments. A page can contain the end of one segment and the beginningof another.
Likewise, a segment can contain the end of one page and the beginning ofanother.Memory-management software may be simpler and more efficient if it enforces somealignment between page and segment boundaries. For example, if a segment whichcan fit in one page is placed in two pages, there may be twice as much paging overhead to support access to that segment.One approach to combining paging and segmentation that simplifies memorymanagement software is to give each segment its own page table, as shown inFigure 3-28.
This convention gives the segment a single entry in the page directorywhich provides the access control information for paging the entire segment.Page FramesLDTPage DirectoryPage sPTEPTEPTESeg. Descript.Seg. Descript.PDEPDEPTEPTEFigure 3-28. Memory Management Convention That Assigns a Page Tableto Each Segment3.12TRANSLATION LOOKASIDE BUFFERS (TLBS)The processor stores the most recently used page-directory and page-table entries inon-chip caches called translation lookaside buffers or TLBs. The P6 family andPentium processors have separate TLBs for the data and instruction caches. Also, theP6 family processors maintain separate TLBs for 4-KByte and 4-MByte page sizes.The CPUID instruction can be used to determine the sizes of the TLBs provided in theP6 family and Pentium processors.3-50 Vol.
3PROTECTED-MODE MEMORY MANAGEMENTMost paging is performed using the contents of the TLBs. Bus cycles to the pagedirectory and page tables in memory are performed only when the TLBs do notcontain the translation information for a requested page.The TLBs are inaccessible to application programs and tasks (privilege level greaterthan 0); that is, they cannot invalidate TLBs. Only, operating system or executiveprocedures running at privilege level of 0 can invalidate TLBs or selected TLB entries.Whenever a page-directory or page-table entry is changed (including when thepresent flag is set to zero), the operating-system must immediately invalidate thecorresponding entry in the TLB so that it can be updated the next time the entry isreferenced.All of the (non-global) TLBs are automatically invalidated any time the CR3 register isloaded (unless the G flag for a page or page-table entry is set, as describe later in thissection).
The CR3 register can be loaded in either of two ways:•Explicitly, using the MOV instruction, for example:MOV CR3, EAXwhere the EAX register contains an appropriate page-directory base address.•Implicitly by executing a task switch, which automatically changes the contentsof the CR3 register.The INVLPG instruction is provided to invalidate a specific page-table entry in theTLB. Normally, this instruction invalidates only an individual TLB entry; however, insome cases, it may invalidate more than the selected entry and may even invalidateall of the TLBs. This instruction ignores the setting of the G flag in a page-directory orpage-table entry (see following paragraph).(Introduced in the Pentium Pro processor.) The page global enable (PGE) flag inregister CR4 and the global (G) flag of a page-directory or page-table entry (bit 8)can be used to prevent frequently used pages from being automatically invalidated inthe TLBs on a task switch or a load of register CR3.
(See Section 3.7.6, “Page-Directory and Page-Table Entries”, for more information about the global flag.) When theprocessor loads a page-directory or page-table entry for a global page into a TLB, theentry will remain in the TLB indefinitely. The only ways to deterministically invalidateglobal page entries are as follows:••Clear the PGE flag; this will invalidate the TLBs.Execute the INVLPG instruction to invalidate individual page-directory or pagetable entries in the TLBs.For additional information about invalidation of the TLBs, see Section 10.9, “Invalidating the Translation Lookaside Buffers (TLBs)”.Vol.
3 3-51PROTECTED-MODE MEMORY MANAGEMENT3-52 Vol. 3CHAPTER 4PROTECTIONIn protected mode, the Intel 64 and IA-32 architectures provide a protection mechanism that operates at both the segment level and the page level. This protectionmechanism provides the ability to limit access to certain segments or pages based onprivilege levels (four privilege levels for segments and two privilege levels for pages).For example, critical operating-system code and data can be protected by placingthem in more privileged segments than those that contain applications code. Theprocessor’s protection mechanism will then prevent application code from accessingthe operating-system code and data in any but a controlled, defined manner.Segment and page protection can be used at all stages of software development toassist in localizing and detecting design problems and bugs.
It can also be incorporated into end-products to offer added robustness to operating systems, utilities software, and applications software.When the protection mechanism is used, each memory reference is checked to verifythat it satisfies various protection checks. All checks are made before the memorycycle is started; any violation results in an exception. Because checks are performedin parallel with address translation, there is no performance penalty. The protectionchecks that are performed fall into the following categories:••••••Limit checks.Type checks.Privilege level checks.Restriction of addressable domain.Restriction of procedure entry-points.Restriction of instruction set.All protection violation results in an exception being generated. See Chapter 5,“Interrupt and Exception Handling,” for an explanation of the exception mechanism.This chapter describes the protection mechanism and the violations which lead toexceptions.The following sections describe the protection mechanism available in protectedmode.
See Chapter 15, “8086 Emulation,” for information on protection in realaddress and virtual-8086 mode.4.1ENABLING AND DISABLING SEGMENT AND PAGEPROTECTIONSetting the PE flag in register CR0 causes the processor to switch to protected mode,which in turn enables the segment-protection mechanism. Once in protected mode,Vol. 3 4-1PROTECTIONthere is no control bit for turning the protection mechanism on or off. The part of thesegment-protection mechanism that is based on privilege levels can essentially bedisabled while still in protected mode by assigning a privilege level of 0 (most privileged) to all segment selectors and segment descriptors.
This action disables theprivilege level protection barriers between segments, but other protection checkssuch as limit checking and type checking are still carried out.Page-level protection is automatically enabled when paging is enabled (by setting thePG flag in register CR0). Here again there is no mode bit for turning off page-levelprotection once paging is enabled. However, page-level protection can be disabled byperforming the following operations:••Clear the WP flag in control register CR0.Set the read/write (R/W) and user/supervisor (U/S) flags for each page-directoryand page-table entry.This action makes each page a writable, user page, which in effect disables pagelevel protection.4.2FIELDS AND FLAGS USED FOR SEGMENT-LEVEL ANDPAGE-LEVEL PROTECTIONThe processor’s protection mechanism uses the following fields and flags in thesystem data structures to control access to segments and pages:•Descriptor type (S) flag — (Bit 12 in the second doubleword of a segmentdescriptor.) Determines if the segment descriptor is for a system segment or acode or data segment.•Type field — (Bits 8 through 11 in the second doubleword of a segmentdescriptor.) Determines the type of code, data, or system segment.•Limit field — (Bits 0 through 15 of the first doubleword and bits 16 through 19of the second doubleword of a segment descriptor.) Determines the size of thesegment, along with the G flag and E flag (for data segments).•G flag — (Bit 23 in the second doubleword of a segment descriptor.) Determinesthe size of the segment, along with the limit field and E flag (for data segments).•E flag — (Bit 10 in the second doubleword of a data-segment descriptor.)Determines the size of the segment, along with the limit field and G flag.•Descriptor privilege level (DPL) field — (Bits 13 and 14 in the seconddoubleword of a segment descriptor.) Determines the privilege level of thesegment.•Requested privilege level (RPL) field — (Bits 0 and 1 of any segmentselector.) Specifies the requested privilege level of a segment selector.•Current privilege level (CPL) field — (Bits 0 and 1 of the CS segmentregister.) Indicates the privilege level of the currently executing program or4-2 Vol.
![](https://s.studizba.com/z.php?f=/templates/si/i/noavatar.png&w=100&h=100&t=1"){kind=avatar}
