Transcript Getting Ready to Enter x86 Protected Mode Survival tactics for enabling

Getting Ready to Enter
x86 Protected Mode
Survival tactics for enabling
Protected-Mode with a minimum
of supporting infrastructure
Diagnostics
• Upon entering protected-mode, the “rules”
change regarding the allowed CPU actions
• Memory-addresses are computed using a
different set of circuitry within the CPU
• Restrictions are enforced by generating a
variety of “exceptions” which interrupt the
CPU’s normal fetch-execute cycle
• We will need to “diagnose” their causes
Hexadecimal Display
• To display values in registers or memory
locations, we need to convert from binary
numbers to character-strings that consist
of ascii-codes for hexadecimal numerals
• Why? Because hexadecimal values are
easy for human programmers to convert
into the actual bit-patterns represented,
allowing us to “see” inside the computer
Conversion Algorithm
• The easiest algorithm to understand uses
a “lookup table” for converting ‘nybbles’ to
ascii numerals:
0000→ ‘0’ (=0x30) 1010→ ‘A’ (=0x41)
0001→ ‘1’ (=0x31) 1011→ ‘B’ (=0x42)
0010→ ‘2’ (=0x32) 1011→ ‘C’ (=0x43)
•••
•••
1001→ ‘9’ (=0x39) 1111→ ‘F’ (=0x46)
Lookup-Table Algorithm
hexlist: .ASCII “0123456789ABCDEF”
;---------------------------------------------------------; Algorithm assumes DS already is setup
lea
bx, hexlist ; point DS:BX to table
and
al, #0x0F ; isolate nybble in AL
xlat
; replace AL from table
Alternative to avoid data-table
; Clever machine-algorithm (by Tim Lopez)
and al, #0x0F ; isolate nybble in AL
cmp al, #10
; set carry-flag for SBB
sbb al, #0x69 ; subtract-with-borrow
das
; adjustment to result
; no lookup-table is needed here, just some
; “immediate data” within instruction-stream
In-Class Exercise #1
• Try replacing use of the ‘xlat’ instruction by
the three Lopez-Algorithm instructions, in
our bootsector demo-program ‘regdump.s’
• Then the array of hexadecimal numerals,
and the instruction setup for register BX,
can be removed from the program source
• Question: How many bytes are saved?
Protected-Mode Addresses
Logical Address:
Segment-selector
Segment-offset
Segment Descriptor Table
descriptor
descriptor
Segment Base-address
descriptor
(also Segment-Limit
and Access Rights)
+
Validity is
checked
by CPU
descriptor
Physical Address:
Operand’s effective address
Segment Descriptor Format
63
32
Base[31..24]
RA
D
CR
Limit
GDSV
P P SX / / A
[19..16]
VL
L
DW
Base[15..0]
31
Base[23..16]
Limit[15..0]
0
“Hidden” part of Segment Registers
selector
Segment base
Segment limit
Access
rights
The “invisible” parts of a segment-register
The programmer-visible part of a segment-register
Segment-Register “cache”
• The hidden portions of segment-registers
are modified whenever any instruction
modifies a segment-register’s visible part
• Examples: mov ds, ax
pop es
lss esp, tos
jmpf #main, #0x07C0
iret
Observation
• If we can enter protected-mode, but NOT
do anything to alter any segment-register,
then we won’t need to construct Tables of
Segment-Descriptors
• The left-over real-mode descriptor-values
will still be in the segment-registers’ cache
• We will pursue this idea in a future lesson
Project #1
• To get us ready for diagnosing the causes
of protected-mode “exceptions”, we build a
program that displays the contents of CPU
registers (in hexadecimal format) similar to
the ‘regdump.s’ demo (from our website)
• Two more segment-registers: FS and GS
• Also four special control-registers:
CR0, CR2, CR3, CR4
In-Class Exercise #2
• Modify the ‘regdump.s’ bootsector demo
so that it also displays the contents in the
new 80386 segment-registers: FS and GS
• Test your changes by reassembling you
modified program text, installing it on the
floppy diskette in your workstation, then
rebooting (use the diskette’s menu-item)
• Try rebooting from a diskette “image-file”