Abstract image of a woman sitting on books and studying on a laptop

jdsbfvkjsdbfvbasibgvyisbvilawbvslaksbvlawbvrab

Download as PPTX, PDF
F
f20230225

Real and protected modes

Engineering
1 of 43
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
Real and Protected Modes
2 Real-mode oIntel 8086 introduced the concept of memory segmentation oAs we discussed, major motivations for segmentation are to reduce accidental corruption of instruction memory and code relocation oThis was also the first step towards multi-programming (multiple programs existing in memory at the same time) oBut the processor did not provide any memory protection oA program can modify any location in the 1 MB memory location oEg: We always used this feature to modify the IVT
3 Real-mode o8086 also supported accessing hardware peripherals directly from user programs through in/out instructions oIt supported direct invocation of interrupts (through int instructions) oNumber of interrupts supported is limited (due to limited size of IVT) oBut these were not real issues back in early 1980s o8086 was considered quite advanced for its period oBut its architecture was relatively simpler and suitable for general purpose and embedded applications oBut as time passed, this simplicity raised major challenges
4 Protected-mode oIn the later processors (starting from 80286), Intel introduced additional features for memory protection oBut they still had to provide backward compatibility (to 8086) since millions of programs were already written based on 8086 oAlso, simpler systems (such as many embedded systems) did not need this extra protection (they are closed systems) oThus, the later processors were able to run in 2 modes oOne similar to the legacy 8086 mode with only 1MB system memory and the other with memory protection with support for much larger memory (such as 4GB in 80386) oTo distinguish these modes, the legacy mode is referred as real mod and the advanced mode as protected mode
5 Physical and Virtual Memory (Not x86 specific) oIn modern computers these issues are handled partly in software (as part of operating system) and partly in hardware (as part of memory management unit (MMU)) oAs the first step, user programmes are not given direct access to main memory locations oUser programmes: any programme that we usually write and use such as word processors, Photoshop etc. oSystem programmes: Special programmes such as operating systems, compilers etc. oProgrammes feel that they are reading from a particular main memory address but they are not
6 Physical and Virtual Memory (Not x86 specific) oTo distinguish these, we will introduce two terms oPhysical address : The real (physical) address of the main memory. oA 1 GB RAM will have physical addresses 0 to 1 G-1, a 4GB RAM will have physical addresses 0 to 4G-1 oVirtual address: An address used within your programme. oA system which supports 64-bit virtual address can have an address range of 0 to 264 -1 within a programme. oHow much virtual address is supported is again decided by OS and MMU
7 Physical and Virtual Memory (Not x86 specific) oSo your programme can be as big as the virtual memory size supported oIt is not restricted by the physical memory available oNow at runtime somebody has to translate the virtual addresses generated within a programme to physical addresses oThis is called address mapping or address translation (again done by both OS and MMU) oFor example your programme has an instruction to read from address 0x87898776 but your system has only 1 GB RAM oAddress 0x87898776 is beyond 1GB. But still this works o0x87898776 is only a virtual address. At runtime this address is mapped to a physical address within 1GB
8 Physical and Virtual Memory (Not x86 specific)
9 Physical and Virtual Memory (Not x86 specific) oThis concept also helps in relocation oSame virtual address can be mapped to different physical addresses at different time oTo implement virtual memory, first step is to divide a programme into chunks of fixed size oThese chunks are called pages oSimilarly the main memory is divided into multiple page holders, called page frames oOne page can fit in one page frame oData is always transferred between the main and secondary memory in multiple of pages
10 Address Translation (Not x86 specific) oThe virtual memory address is divided into virtual page number and the offset oThe offset part decides the size of a page (in bytes) oIf there are n bits in the offset, page size is 2n bytes. For most of the practical systems, page size is 4KB oThe virtual page number is then translated to a physical page (frame) number oThe number of pages supported in virtual memory might be much larger than supported physical pages oThis gives an illusion of having a very large main memory
11 Address Translation (Not x86 specific)
12 Address Translation (Not x86 specific) oThe translation from virtual to physical address is done with the support of page tables (it will be a datastructure) oEach process has its own page table oThe page table is also stored in the main memory!! oThe page table has entry for each and every page of the process oIt stores information such as whether a virtual page is mapped to a physical frame and if yes where oIf a page is not mapped to a physical frame (page fault), it has to be fetched from the secondary memory oA special bit indicates whether the page is present in the physical memory or not
13 Address Translation (Not x86 specific) oA special bit indicates whether the page is present in the physical memory or not oThe starting address of each page table is maintained by the OS in register called page table register (This is a software data structure) oTo get info. regarding a page, the virtual page number is added to this start address oA page table will be always stored in continuous memory for this kind of access
14 Address Translation (Not x86 specific)
15 Address Translation (Not x86 specific) oWhen the requested page is not present in the main memory, a page fault occurs oIn this case the page has to be loaded from secondary memory to main memory oBut there is no direct link between the page number and its physical location in the secondary memory oThis will slow down the process oThe OS keeps a part of the secondary memory for storing all the pages of a process as soon as it is loaded oHence when a page fault occurs, the page will be loaded from this region
16 Address Translation (Not x86 specific) oThis part of the secondary storage is called a swap memory (generally in Linux) or paging file (in windows) oOperating systems uses special data structures to track where the pages are stored in the swap memory space oWhen a page fault occurs, one of the pages in the main memory has to be replaced with a new one
17 Address Translation (Not x86 specific)
18 Translation Lookaside Buffer (TLBs) (Not x86 specific) oSince page tables are stored in memory, every memory access actually requires two accesses oFirst to get the physical address from the main memory (using page table) and the second one is to read it from main memory (or cache) oThis will affect the system performance oModern processors have a special cache called TLBs, which stores part of page table entries inside the processor oSo first the physical address is searched in the TLB oIf it is present, use it for translation, else take it from page table and keep a local copy
19 Translation Lookaside Buffer (TLBs) (Not x86 specific)
20 Translation Lookaside Buffer (TLBs) (Not x86 specific) Valid bit to indicate page Is present/not present in main memory
21 Translation Lookaside Buffer (TLBs) (Not x86 specific) Dirty/modified bot to indicate one or more data in the page was modified after it was loaded to main memory
22 Translation Lookaside Buffer (TLBs) (Not x86 specific) Reference bit to indicate the page was recently accessed by processor (Read/Write). It is useful when a page needs be replaced by a new page. A page which was not accessed recently will be replaced.
23 Real Mode oAll x86 processors start in real mode following a power-up or reset oThis mode implements the Intel 8086 programming environment with some extension (such as ability to switch to protected mode) o32- and 64-bit processors may use 32- and 64-bit registers with operand size override prefixes with instructions oBut the memory space is limited to 1MB oNo virtual memory, no paging, no privilege rings oDOS operating system always operate in real mode oModern Intel-based systems also start in real-mode then switch to protected mode by setting the PE bit (protection enable) in the CR0 register
24 Real Mode oIf required, it can switch back to real-mode by clearing this bit CR0 register of 80386 processor
25 Protected Mode oProtected mode supports privileges, virtual memory, paging, multi- tasking and many more features oModern operating systems operate in protected mode
26 Protected Mode Feature Real Mode Protected Mode Addressing Type Segmented (16:16) Segmented (with selectors and descriptors) Addressable Memory 1 MB (20-bit address bus) Up to 4 GB (32-bit address space) and 264 Bytes (64-bit address space) Segment Size Max 64 KB per segment Up to 4 GB per segment Multitasking Support No Yes Paging Support No Yes Interrupt Handling Uses Interrupt Vector Table (IVT) at 0x0000 Uses IDT (Interrupt Descriptor Table) Mode Activation Default mode after reset Set by enabling PE bit in CR0 Use Case Bootloaders, BIOS, early OS setup Operating systems (Windows, Linux, etc.) Protection Mechanism None Ring-based protection (Ring 0 to Ring 3) Descriptor Tables Not used Uses GDT and optionally LDT Instruction Set 16-bit instructions Full 16/32/64-bit instruction support Virtual Memory Not supported Supported (via paging) Software Example MS-DOS Modern OSes (Linux, Windows NT and above)
27 Privilege Rings oIntel introduced the concept of privilege rings from 80286 oEach privilege ring represents the access level that the presently executing instruction has oLower the ring number, higher the privilege oIntel proposed 3 privilege levels Ring 0: Highest privilege (Kernel mode) Ring 3: Lowest privilege (User mode) Ring 1 & 2: Rarely used (sometimes by drivers or hypervisors) o Practically only level 0 and 3 are used o All user programs run at level 3 and operating and other system software at level 0
28 Ring 0 vs Ring 3 Feature / Capability Ring 0 (Kernel Mode) Ring 3 (User Mode) Direct hardware access (ports, devices) ✅ Allowed ❌ Not allowed CPU control instructions (e.g., HLT, CLI) ✅ Allowed ❌ Causes fault I/O instructions (IN, OUT) ✅ Allowed ❌ Causes General Protection Fault Memory management (paging, CRx registers) ✅ Full access ❌ No access Interrupt descriptor table (IDT) setup ✅ Can modify ❌ Cannot modify Modify segment descriptors (GDT/LDT) ✅ Allowed ❌ Restricted Use of all instructions ✅ All instructions ❌ Some restricted Access to kernel memory ✅ Full access ❌ Blocked Create/Manage processes and threads ✅ Via system APIs ❌ Must request via syscall System call interface access ✅ Implements syscalls ✅ Can invoke (via trap) DMA / BIOS calls ✅ Allowed (low-level) ❌ Not directly allowed
29 Privilege Rings oOnce the privilege rings are introduced, many instruction that we used in 8086 (such as in, out instructions and int instructions) now can not be used in user programs oIf we use them in our programs, that will cause an exception, and the program will be terminated oIntel also introduced many more registers inside processor to control its operation oNew assembly instructions were introduced to set and clear bits in these registers and again these instructions cannot be used in user programs oThis includes the instructions to change the privilege level
30 Privilege Rings oThe privilege level is decided by the 2 bits in the segment register oSegment registers (still they are 16-bits irrespective of processor) still exist in latest x86 processors oIntel cannot get rid of them since the processors still need to support real mode of operation oBut how they are used once the system switches to protected mode is differs
31 Segment Selectors oThe lower 2 bits in the segment register indicates the current privilege level oFor example, if the lower 2 bits are 00 for CS segment, that means the privilege of current instruction is 0 oUnlike 8086, the base address of segment is not directly stored in the segment register Index TI RPL 15 2 1 0 Requested Privilege Level Table Indicator 0 GDT 1 LDT
32 Segment Selectors oIt is stored in one of the tables called Global Descriptor Table (GDT) or Local Descriptor Table (LDT) oIn which table the base address is present is indicated by the TI bit oThe tables are also maintained in the main memory (RAM) and the starting address of the tables are maintained in the 2 registers called the Global Descriptor Table Register (GDTR) and Local Descriptor Table Register (LDTR) oThe upper 13 bits in segment selector (register) indicates the offset within the table oThat means tables can have up to 8K entries oEach entry is 8-bytes in 32-bit machines including the segment base address (4-bytes) and the privilege level required to access the segment
33 Virtual Memory Generation 002 Segment Selector 000 GDT GDTR Segment Base Address + Logical Address Virtual Address
34 Segment Selectors oIf the RPL in the segment descriptor is lower than the privilege level in the GDT/LDT descriptor (that represents the segment privilege level), memory access is blocked (a fault/exception happens) oSince the address in the assembly instruction (32-bit) is used as offset with in a segment, now the size of a segment is 4GB
35 Memory Access Example oEg: Processor is executing the following instruction in protected mode o MOV EAX,[1234H] o Current code segment register (now called a CS segment selector) : 0x18 and data segment register (segment selector) 0x2F and IP 0x200 oThe address 1234H is logical address oThe instruction should be first fetched from code segment oFor this CS will be used and IP as the offset o0x18  00011000b  request privilege level 0, that means at highest privilege and the code can be fetched from any segment
36 Memory Access Example oTI 0, that means need to use global descriptor table oOffset in GDT is 3 oProcessor then reads the base address of GDT from GDTR and to it adds 3*8 (3 is offset, 8 is the size of each table entry) oThe table entry contains the segment base address. Assume it to be 5000H oIt also contains segment privilege level oAssume it is 0. In this example the code can be fetched from the segment since the request privilege level is equal to segment privilege level oBut if request privilege level were 3, this would have caused a fault
37 Memory Access Example oNow it adds the segment base address to the IP o5000H + 200H = 5200H oThis 5200H is the virtual address oAssuming 4KB page size, the virtual page number is 5 (drop lower 12 bits) oThus from the page table, 5th entry is checked oIf the valid bit is set there, that means the page is already in the main memory oThe physical page frame base address is obtained from the table oAssume it is 3000H oThus the final physical memory address from where the instruction is fetched is 3000H+200H = 3200H
38 Memory Access Example oNow the instruction is decoded, processor figures out data needs to be fetched from logical address 1234H oSimilar to 8086, processor will use DS as the segment (selector) register for direct memory access oSteps are similar, where it first check DS segment register to figure out the descriptor table oCurrent DS is 0x2F  00101 111b indicating local descriptor table (LDT) needs to be used and request privilege level is 3 oIt will check for the 3rd entry in the table oIf the privilege level of the 3rd entry in the table is 3, it proceeds further otherwise a fault occurs
39 Memory Access Example oIf privilege level is fine, takes the base address from there (Eg: 6000H) oAdds the offset (logical address) 1234H to it to get virtual address (7234H) oFrom here figures out the page table entry number as 7 oChecks the table and takes the page frame base address (Eg: 5000H) oAdds the offset 234H to it to get the final physical address (5234H)
40 Memory Access Example oThere is provision to disable paging in CR0 register oIf paging is disabled, segment base address from LDTR/GDTR added with logical address will be used as physical address
41 X86-64 oIt seems like this is an overkill with both segmentation and paging o64-bit in the latest X86-64-bit mode, segmentation is not used with CS, DS, SS and ES segment oThe offset portions are kept as 0 and a 0 offset indicates the descriptor tables are not used oThe logical address is directly used as virtual address oThe access levels are implemented in the page table with additional bits indicating the access level of pages oThus, a page can be accessed only if the rpl of instruction/data is equal to or higher than the privilege level of the table
42 RISC vs CISC oSince RISC processors came later, they never implemented segmentation oThey directly started with virtual memory and paging oIntel unfortunately cannot completely dump this model since real mode of operation still requires segment registers!!
43

More Related Content

PDF
Memory Management(MM) in operating system
preetypandey20
 
PDF
Memory Management Strategies - I.pdf
Harika Pudugosula
 
PPTX
It322 intro 2
J Cza Àkera
 
PPTX
x86 architecture
i i
 
PPT
Intel microprocessor history lec12_x86arch.ppt
jeronimored
 
PPTX
Paging +Algorithem+Segmentation+memory management
kazim Hussain
 
PPTX
Protected addressing mode and Paging
marada0033
 
PDF
PAI Unit 3 Paging in 80386 Microporcessor
KanchanPatil34
 
Memory Management(MM) in operating system
preetypandey20
 
Memory Management Strategies - I.pdf
Harika Pudugosula
 
It322 intro 2
J Cza Àkera
 
x86 architecture
i i
 
Intel microprocessor history lec12_x86arch.ppt
jeronimored
 
Paging +Algorithem+Segmentation+memory management
kazim Hussain
 
Protected addressing mode and Paging
marada0033
 
PAI Unit 3 Paging in 80386 Microporcessor
KanchanPatil34
 

Similar to jdsbfvkjsdbfvbasibgvyisbvilawbvslaksbvlawbvrab (20)

DOCX
virtual memory
Abeer Naskar
 
PPTX
32- bit Microprocessor-Indtel 80386.pptx
Yuvraj994432
 
PDF
Session01_Intro.pdf
RahnerJames
 
PPT
Power Point Presentation on Virtual Memory.ppt
RahulRaj395610
 
PPTX
Linux Kernel Booting Process (2) - For NLKB
shimosawa
 
PPT
Cs416 08 09a
Nishanthi Bheeman
 
PPTX
UNIT-3.pptx digital electronics system 34
POOJABHOITE5
 
PPTX
CMP 221.pptx computer science machine and assembly language
omotunwaserejoice
 
PPTX
X86 Architecture
IGZ Software house
 
DOCX
Mainmemoryfinalprefinal 160927115742
marangburu42
 
PDF
Chapter2d
MaeEstherMaguadMaralit
 
PPTX
Computer architecture virtual memory
Mazin Alwaaly
 
PPTX
Virtual Memory
Archith777
 
PPT
80386
anita bodke
 
PPT
Microprocessor 80386
yash sawarkar
 
PPT
80286 education project compiter application .ppt
deepparmar73
 
PPT
virtual memory
surbhisinghal90
 
PPTX
Protected mode memory addressing 8086
University of Gujrat, Pakistan
 
PPT
memory management and Virtual Memory.ppt
ssuser09d6cd1
 
PPT
Cache replacement policies,cache miss,writingtechniques
subhasishdas79
 
virtual memory
Abeer Naskar
 
32- bit Microprocessor-Indtel 80386.pptx
Yuvraj994432
 
Session01_Intro.pdf
RahnerJames
 
Power Point Presentation on Virtual Memory.ppt
RahulRaj395610
 
Linux Kernel Booting Process (2) - For NLKB
shimosawa
 
Cs416 08 09a
Nishanthi Bheeman
 
UNIT-3.pptx digital electronics system 34
POOJABHOITE5
 
CMP 221.pptx computer science machine and assembly language
omotunwaserejoice
 
X86 Architecture
IGZ Software house
 
Mainmemoryfinalprefinal 160927115742
marangburu42
 
Chapter2d
MaeEstherMaguadMaralit
 
Computer architecture virtual memory
Mazin Alwaaly
 
Virtual Memory
Archith777
 
80386
anita bodke
 
Microprocessor 80386
yash sawarkar
 
80286 education project compiter application .ppt
deepparmar73
 
virtual memory
surbhisinghal90
 
Protected mode memory addressing 8086
University of Gujrat, Pakistan
 
memory management and Virtual Memory.ppt
ssuser09d6cd1
 
Cache replacement policies,cache miss,writingtechniques
subhasishdas79
 
Ad

Recently uploaded (20)

PPTX
SE unit 1.pptx by d.y.p.akurdi aaaaaaaaaaaa
dsp1122334467
 
PDF
AIGA 012_04 Cleaning of equipment for oxygen service_reformat Jan 12.pdf
karthikp452666
 
PDF
V2500 Owner and Operatore Guide for Airbus
RosneyAlfaro2
 
PDF
Mechanics of materials week 2 rajeshwari
siddarthakattamuru
 
PPTX
INTERNET OF THINGS - EMBEDDED SYSTEMS AND INTERNET OF THINGS
Jeevanandhams14
 
PDF
Using Technology to Foster Innovative Teaching Practices (www.kiu.ac.ug)
publication11
 
PPTX
chapter 1.pptx dotnet technology introduction
gautamb639
 
PDF
ECT443_instrumentation_Engg_mod-1.pdf indroduction to instrumentation
brijmohan776944
 
PPTX
ARCHITECTURE AND PROGRAMMING OF EMBEDDED SYSTEMS
Jeevanandhams14
 
PDF
Project_Mgmt_Institute_-Marc Marc Marc .pdf
Ismail Sultan
 
PPTX
Real Estate Management PART 1.pptxFFFFFFFFFFFFF
AshenafiShibru
 
PDF
IAE-V2500 Engine for Airbus Family 319/320
RosneyAlfaro2
 
PPTX
SE unit 1.pptx aaahshdhajdviwhsiehebeiwheiebeiev
dsp1122334467
 
PPTX
Unit IImachinemachinetoolopeartions.pptx
Praveen Kumar
 
PPTX
Design ,Art Across Digital Realities and eXtended Reality
Meenalochini M
 
PDF
ST MNCWANGO P2 WIL (MEPR302) FINAL REPORT.pdf
sthathabo
 
PPTX
Solar energy pdf of gitam songa hemant k
siddarthakattamuru
 
DOCX
An investigation of the use of recycled crumb rubber as a partial replacement...
abdurrahmanabubakar21
 
PPTX
CS6006 - CLOUD COMPUTING - Module - 1.pptx
dharshinidharshu575
 
PDF
LS-6-Digital-Literacy (1) K12 CURRICULUM .pdf
RheaJaneMercado1
 
SE unit 1.pptx by d.y.p.akurdi aaaaaaaaaaaa
dsp1122334467
 
AIGA 012_04 Cleaning of equipment for oxygen service_reformat Jan 12.pdf
karthikp452666
 
V2500 Owner and Operatore Guide for Airbus
RosneyAlfaro2
 
Mechanics of materials week 2 rajeshwari
siddarthakattamuru
 
INTERNET OF THINGS - EMBEDDED SYSTEMS AND INTERNET OF THINGS
Jeevanandhams14
 
Using Technology to Foster Innovative Teaching Practices (www.kiu.ac.ug)
publication11
 
chapter 1.pptx dotnet technology introduction
gautamb639
 
ECT443_instrumentation_Engg_mod-1.pdf indroduction to instrumentation
brijmohan776944
 
ARCHITECTURE AND PROGRAMMING OF EMBEDDED SYSTEMS
Jeevanandhams14
 
Project_Mgmt_Institute_-Marc Marc Marc .pdf
Ismail Sultan
 
Real Estate Management PART 1.pptxFFFFFFFFFFFFF
AshenafiShibru
 
IAE-V2500 Engine for Airbus Family 319/320
RosneyAlfaro2
 
SE unit 1.pptx aaahshdhajdviwhsiehebeiwheiebeiev
dsp1122334467
 
Unit IImachinemachinetoolopeartions.pptx
Praveen Kumar
 
Design ,Art Across Digital Realities and eXtended Reality
Meenalochini M
 
ST MNCWANGO P2 WIL (MEPR302) FINAL REPORT.pdf
sthathabo
 
Solar energy pdf of gitam songa hemant k
siddarthakattamuru
 
An investigation of the use of recycled crumb rubber as a partial replacement...
abdurrahmanabubakar21
 
CS6006 - CLOUD COMPUTING - Module - 1.pptx
dharshinidharshu575
 
LS-6-Digital-Literacy (1) K12 CURRICULUM .pdf
RheaJaneMercado1
 
Ad

jdsbfvkjsdbfvbasibgvyisbvilawbvslaksbvlawbvrab

  • 2. 2 Real-mode oIntel 8086 introduced the concept of memory segmentation oAs we discussed, major motivations for segmentation are to reduce accidental corruption of instruction memory and code relocation oThis was also the first step towards multi-programming (multiple programs existing in memory at the same time) oBut the processor did not provide any memory protection oA program can modify any location in the 1 MB memory location oEg: We always used this feature to modify the IVT
  • 3. 3 Real-mode o8086 also supported accessing hardware peripherals directly from user programs through in/out instructions oIt supported direct invocation of interrupts (through int instructions) oNumber of interrupts supported is limited (due to limited size of IVT) oBut these were not real issues back in early 1980s o8086 was considered quite advanced for its period oBut its architecture was relatively simpler and suitable for general purpose and embedded applications oBut as time passed, this simplicity raised major challenges
  • 4. 4 Protected-mode oIn the later processors (starting from 80286), Intel introduced additional features for memory protection oBut they still had to provide backward compatibility (to 8086) since millions of programs were already written based on 8086 oAlso, simpler systems (such as many embedded systems) did not need this extra protection (they are closed systems) oThus, the later processors were able to run in 2 modes oOne similar to the legacy 8086 mode with only 1MB system memory and the other with memory protection with support for much larger memory (such as 4GB in 80386) oTo distinguish these modes, the legacy mode is referred as real mod and the advanced mode as protected mode
  • 5. 5 Physical and Virtual Memory (Not x86 specific) oIn modern computers these issues are handled partly in software (as part of operating system) and partly in hardware (as part of memory management unit (MMU)) oAs the first step, user programmes are not given direct access to main memory locations oUser programmes: any programme that we usually write and use such as word processors, Photoshop etc. oSystem programmes: Special programmes such as operating systems, compilers etc. oProgrammes feel that they are reading from a particular main memory address but they are not
  • 6. 6 Physical and Virtual Memory (Not x86 specific) oTo distinguish these, we will introduce two terms oPhysical address : The real (physical) address of the main memory. oA 1 GB RAM will have physical addresses 0 to 1 G-1, a 4GB RAM will have physical addresses 0 to 4G-1 oVirtual address: An address used within your programme. oA system which supports 64-bit virtual address can have an address range of 0 to 264 -1 within a programme. oHow much virtual address is supported is again decided by OS and MMU
  • 7. 7 Physical and Virtual Memory (Not x86 specific) oSo your programme can be as big as the virtual memory size supported oIt is not restricted by the physical memory available oNow at runtime somebody has to translate the virtual addresses generated within a programme to physical addresses oThis is called address mapping or address translation (again done by both OS and MMU) oFor example your programme has an instruction to read from address 0x87898776 but your system has only 1 GB RAM oAddress 0x87898776 is beyond 1GB. But still this works o0x87898776 is only a virtual address. At runtime this address is mapped to a physical address within 1GB
  • 8. 8 Physical and Virtual Memory (Not x86 specific)
  • 9. 9 Physical and Virtual Memory (Not x86 specific) oThis concept also helps in relocation oSame virtual address can be mapped to different physical addresses at different time oTo implement virtual memory, first step is to divide a programme into chunks of fixed size oThese chunks are called pages oSimilarly the main memory is divided into multiple page holders, called page frames oOne page can fit in one page frame oData is always transferred between the main and secondary memory in multiple of pages
  • 10. 10 Address Translation (Not x86 specific) oThe virtual memory address is divided into virtual page number and the offset oThe offset part decides the size of a page (in bytes) oIf there are n bits in the offset, page size is 2n bytes. For most of the practical systems, page size is 4KB oThe virtual page number is then translated to a physical page (frame) number oThe number of pages supported in virtual memory might be much larger than supported physical pages oThis gives an illusion of having a very large main memory
  • 12. 12 Address Translation (Not x86 specific) oThe translation from virtual to physical address is done with the support of page tables (it will be a datastructure) oEach process has its own page table oThe page table is also stored in the main memory!! oThe page table has entry for each and every page of the process oIt stores information such as whether a virtual page is mapped to a physical frame and if yes where oIf a page is not mapped to a physical frame (page fault), it has to be fetched from the secondary memory oA special bit indicates whether the page is present in the physical memory or not
  • 13. 13 Address Translation (Not x86 specific) oA special bit indicates whether the page is present in the physical memory or not oThe starting address of each page table is maintained by the OS in register called page table register (This is a software data structure) oTo get info. regarding a page, the virtual page number is added to this start address oA page table will be always stored in continuous memory for this kind of access
  • 15. 15 Address Translation (Not x86 specific) oWhen the requested page is not present in the main memory, a page fault occurs oIn this case the page has to be loaded from secondary memory to main memory oBut there is no direct link between the page number and its physical location in the secondary memory oThis will slow down the process oThe OS keeps a part of the secondary memory for storing all the pages of a process as soon as it is loaded oHence when a page fault occurs, the page will be loaded from this region
  • 16. 16 Address Translation (Not x86 specific) oThis part of the secondary storage is called a swap memory (generally in Linux) or paging file (in windows) oOperating systems uses special data structures to track where the pages are stored in the swap memory space oWhen a page fault occurs, one of the pages in the main memory has to be replaced with a new one
  • 18. 18 Translation Lookaside Buffer (TLBs) (Not x86 specific) oSince page tables are stored in memory, every memory access actually requires two accesses oFirst to get the physical address from the main memory (using page table) and the second one is to read it from main memory (or cache) oThis will affect the system performance oModern processors have a special cache called TLBs, which stores part of page table entries inside the processor oSo first the physical address is searched in the TLB oIf it is present, use it for translation, else take it from page table and keep a local copy
  • 19. 19 Translation Lookaside Buffer (TLBs) (Not x86 specific)
  • 20. 20 Translation Lookaside Buffer (TLBs) (Not x86 specific) Valid bit to indicate page Is present/not present in main memory
  • 21. 21 Translation Lookaside Buffer (TLBs) (Not x86 specific) Dirty/modified bot to indicate one or more data in the page was modified after it was loaded to main memory
  • 22. 22 Translation Lookaside Buffer (TLBs) (Not x86 specific) Reference bit to indicate the page was recently accessed by processor (Read/Write). It is useful when a page needs be replaced by a new page. A page which was not accessed recently will be replaced.
  • 23. 23 Real Mode oAll x86 processors start in real mode following a power-up or reset oThis mode implements the Intel 8086 programming environment with some extension (such as ability to switch to protected mode) o32- and 64-bit processors may use 32- and 64-bit registers with operand size override prefixes with instructions oBut the memory space is limited to 1MB oNo virtual memory, no paging, no privilege rings oDOS operating system always operate in real mode oModern Intel-based systems also start in real-mode then switch to protected mode by setting the PE bit (protection enable) in the CR0 register
  • 24. 24 Real Mode oIf required, it can switch back to real-mode by clearing this bit CR0 register of 80386 processor
  • 25. 25 Protected Mode oProtected mode supports privileges, virtual memory, paging, multi- tasking and many more features oModern operating systems operate in protected mode
  • 26. 26 Protected Mode Feature Real Mode Protected Mode Addressing Type Segmented (16:16) Segmented (with selectors and descriptors) Addressable Memory 1 MB (20-bit address bus) Up to 4 GB (32-bit address space) and 264 Bytes (64-bit address space) Segment Size Max 64 KB per segment Up to 4 GB per segment Multitasking Support No Yes Paging Support No Yes Interrupt Handling Uses Interrupt Vector Table (IVT) at 0x0000 Uses IDT (Interrupt Descriptor Table) Mode Activation Default mode after reset Set by enabling PE bit in CR0 Use Case Bootloaders, BIOS, early OS setup Operating systems (Windows, Linux, etc.) Protection Mechanism None Ring-based protection (Ring 0 to Ring 3) Descriptor Tables Not used Uses GDT and optionally LDT Instruction Set 16-bit instructions Full 16/32/64-bit instruction support Virtual Memory Not supported Supported (via paging) Software Example MS-DOS Modern OSes (Linux, Windows NT and above)
  • 27. 27 Privilege Rings oIntel introduced the concept of privilege rings from 80286 oEach privilege ring represents the access level that the presently executing instruction has oLower the ring number, higher the privilege oIntel proposed 3 privilege levels Ring 0: Highest privilege (Kernel mode) Ring 3: Lowest privilege (User mode) Ring 1 & 2: Rarely used (sometimes by drivers or hypervisors) o Practically only level 0 and 3 are used o All user programs run at level 3 and operating and other system software at level 0
  • 28. 28 Ring 0 vs Ring 3 Feature / Capability Ring 0 (Kernel Mode) Ring 3 (User Mode) Direct hardware access (ports, devices) ✅ Allowed ❌ Not allowed CPU control instructions (e.g., HLT, CLI) ✅ Allowed ❌ Causes fault I/O instructions (IN, OUT) ✅ Allowed ❌ Causes General Protection Fault Memory management (paging, CRx registers) ✅ Full access ❌ No access Interrupt descriptor table (IDT) setup ✅ Can modify ❌ Cannot modify Modify segment descriptors (GDT/LDT) ✅ Allowed ❌ Restricted Use of all instructions ✅ All instructions ❌ Some restricted Access to kernel memory ✅ Full access ❌ Blocked Create/Manage processes and threads ✅ Via system APIs ❌ Must request via syscall System call interface access ✅ Implements syscalls ✅ Can invoke (via trap) DMA / BIOS calls ✅ Allowed (low-level) ❌ Not directly allowed
  • 29. 29 Privilege Rings oOnce the privilege rings are introduced, many instruction that we used in 8086 (such as in, out instructions and int instructions) now can not be used in user programs oIf we use them in our programs, that will cause an exception, and the program will be terminated oIntel also introduced many more registers inside processor to control its operation oNew assembly instructions were introduced to set and clear bits in these registers and again these instructions cannot be used in user programs oThis includes the instructions to change the privilege level
  • 30. 30 Privilege Rings oThe privilege level is decided by the 2 bits in the segment register oSegment registers (still they are 16-bits irrespective of processor) still exist in latest x86 processors oIntel cannot get rid of them since the processors still need to support real mode of operation oBut how they are used once the system switches to protected mode is differs
  • 31. 31 Segment Selectors oThe lower 2 bits in the segment register indicates the current privilege level oFor example, if the lower 2 bits are 00 for CS segment, that means the privilege of current instruction is 0 oUnlike 8086, the base address of segment is not directly stored in the segment register Index TI RPL 15 2 1 0 Requested Privilege Level Table Indicator 0 GDT 1 LDT
  • 32. 32 Segment Selectors oIt is stored in one of the tables called Global Descriptor Table (GDT) or Local Descriptor Table (LDT) oIn which table the base address is present is indicated by the TI bit oThe tables are also maintained in the main memory (RAM) and the starting address of the tables are maintained in the 2 registers called the Global Descriptor Table Register (GDTR) and Local Descriptor Table Register (LDTR) oThe upper 13 bits in segment selector (register) indicates the offset within the table oThat means tables can have up to 8K entries oEach entry is 8-bytes in 32-bit machines including the segment base address (4-bytes) and the privilege level required to access the segment
  • 33. 33 Virtual Memory Generation 002 Segment Selector 000 GDT GDTR Segment Base Address + Logical Address Virtual Address
  • 34. 34 Segment Selectors oIf the RPL in the segment descriptor is lower than the privilege level in the GDT/LDT descriptor (that represents the segment privilege level), memory access is blocked (a fault/exception happens) oSince the address in the assembly instruction (32-bit) is used as offset with in a segment, now the size of a segment is 4GB
  • 35. 35 Memory Access Example oEg: Processor is executing the following instruction in protected mode o MOV EAX,[1234H] o Current code segment register (now called a CS segment selector) : 0x18 and data segment register (segment selector) 0x2F and IP 0x200 oThe address 1234H is logical address oThe instruction should be first fetched from code segment oFor this CS will be used and IP as the offset o0x18  00011000b  request privilege level 0, that means at highest privilege and the code can be fetched from any segment
  • 36. 36 Memory Access Example oTI 0, that means need to use global descriptor table oOffset in GDT is 3 oProcessor then reads the base address of GDT from GDTR and to it adds 3*8 (3 is offset, 8 is the size of each table entry) oThe table entry contains the segment base address. Assume it to be 5000H oIt also contains segment privilege level oAssume it is 0. In this example the code can be fetched from the segment since the request privilege level is equal to segment privilege level oBut if request privilege level were 3, this would have caused a fault
  • 37. 37 Memory Access Example oNow it adds the segment base address to the IP o5000H + 200H = 5200H oThis 5200H is the virtual address oAssuming 4KB page size, the virtual page number is 5 (drop lower 12 bits) oThus from the page table, 5th entry is checked oIf the valid bit is set there, that means the page is already in the main memory oThe physical page frame base address is obtained from the table oAssume it is 3000H oThus the final physical memory address from where the instruction is fetched is 3000H+200H = 3200H
  • 38. 38 Memory Access Example oNow the instruction is decoded, processor figures out data needs to be fetched from logical address 1234H oSimilar to 8086, processor will use DS as the segment (selector) register for direct memory access oSteps are similar, where it first check DS segment register to figure out the descriptor table oCurrent DS is 0x2F  00101 111b indicating local descriptor table (LDT) needs to be used and request privilege level is 3 oIt will check for the 3rd entry in the table oIf the privilege level of the 3rd entry in the table is 3, it proceeds further otherwise a fault occurs
  • 39. 39 Memory Access Example oIf privilege level is fine, takes the base address from there (Eg: 6000H) oAdds the offset (logical address) 1234H to it to get virtual address (7234H) oFrom here figures out the page table entry number as 7 oChecks the table and takes the page frame base address (Eg: 5000H) oAdds the offset 234H to it to get the final physical address (5234H)
  • 40. 40 Memory Access Example oThere is provision to disable paging in CR0 register oIf paging is disabled, segment base address from LDTR/GDTR added with logical address will be used as physical address
  • 41. 41 X86-64 oIt seems like this is an overkill with both segmentation and paging o64-bit in the latest X86-64-bit mode, segmentation is not used with CS, DS, SS and ES segment oThe offset portions are kept as 0 and a 0 offset indicates the descriptor tables are not used oThe logical address is directly used as virtual address oThe access levels are implemented in the page table with additional bits indicating the access level of pages oThus, a page can be accessed only if the rpl of instruction/data is equal to or higher than the privilege level of the table
  • 42. 42 RISC vs CISC oSince RISC processors came later, they never implemented segmentation oThey directly started with virtual memory and paging oIntel unfortunately cannot completely dump this model since real mode of operation still requires segment registers!!
  • 43. 43