Global Descriptor Table: Difference between revisions

← Older edit

Global Descriptor Table (view source)

Revision as of 13:23, 27 January 2024

7,232 bytes added , 5 months ago

m

fixed reference to TSS Descriptor in Intel SDM

[unchecked revision]

VisualWikitext

Anonymous user

osdev>Cargo9511

Revision as of 17:09, 16 September 2020 (view source) osdev>Unprotectedmode m (→‎x86-64 Changes) ← Older edit		Latest revision as of 13:23, 27 January 2024 (view source) osdev>Cargo9511 m (fixed reference to TSS Descriptor in Intel SDM)
(27 intermediate revisions by 6 users not shown)
Line 1: The '''Global Descriptor Table''' ('''GDT''') is a binary data structure specific to the [[IA32_Architecture_Family \|~~IA32~~IA-32]] ~~architecture~~and [[X86-64\|x86-64]] architectures. It contains entries telling the CPU about memory [[Segmentation\|segments]]. A similar [[~~Interrupts~~Interrupt Descriptor Table]] exists containing [[task]]s and [[Interrupts\|interrupt]]s descriptors~~. Read the [[GDT Tutorial]]~~. It is recommended to read the [[GDT Tutorial]]. ~~== Structure ==~~ == GDTR == ~~The GDT is loaded using the [[LGDT]] assembly instruction. It expects the location of a GDT description structure:~~ The '''GDT''' is pointed to by the value in the '''GDTR''' register. This is loaded using the '''LGDT''' assembly instruction, whose argument is a pointer to a '''GDT Descriptor''' structure: ~~[[Image:Gdtr.png\|frame\|center\|GDTR]]~~ {\| class="wikitable" The <tt>offset</tt> is the linear address of the table itself, which means that paging applies. The <tt>size</tt> is the size of the table subtracted by 1. This is because the maximum value of <tt>size</tt> is 65535, while the GDT can be up to 65536 bytes (a maximum of 8192 entries). Further no GDT can have a size of 0. \|+ GDT Descriptor (GDTR) !style="width: 66%; text-align: left;" \|79 (64-bit mode) <br> 48 (32-bit mode)   <span style="float: right;">16</span> !style="width: 34%; text-align: left; vertical-align: bottom;" \|15   <span style="float: right;">0</span> \|- \|'''Offset'''<br>63 (64-bit mode) <br> 31 (32-bit mode)   <span style="float: right;">0</span> \|'''Size'''<br><br>15   <span style="float: right;">0</span> \|} * '''Size:''' The size of the table in bytes subtracted by 1. This subtraction occurs because the maximum value of '''Size''' is 65535, while the '''GDT''' can be up to 65536 bytes in length (8192 entries). Further, no '''GDT''' can have a size of 0 bytes. * '''Offset:''' The linear address of the '''GDT''' (not the physical address, paging applies). Note that the amount of data loaded by '''LGDT''' differs in 32-bit and 64-bit modes, the offset is 4 bytes long in 32-bit mode and 8 bytes long in 64-bit mode. ~~The table contains 8-byte entries. Each entry has a complex structure:~~ For more information, see '''Section 2.4.1: Global Descriptor Table Register (GDTR)''' and '''Figure 2-6: Memory Management Registers''' of the Intel Software Developer Manual, Volume 3-A. ~~[[Image:GDT_Entry.png\|frame\|center\|A GDT Entry]]~~ == Table == What "Limit 0:15" means is that the field contains bits 0-15 of the <tt>limit</tt> value. The <tt>base</tt> is a 32 bit value containing the linear address where the segment begins. The <tt>limit</tt>, a 20 bit value, tells the maximum addressable unit (either in 1 byte units, or in pages). Hence, if you choose page granularity (4 KiB) and set the <tt>limit</tt> value to 0xFFFFF the segment will span the full 4 GiB address space. ~~Here is the structure of the access byte and flags:~~ The entries in the '''GDT''' are 8 bytes long and form a table like this: ~~[[Image:Gdt bits fixed.png\|frame\|center\|GDT Bits]]~~ {\|class="wikitable" ~~The bit fields are:~~ \|+ Global Descriptor Table ! Address !! Content \|- \| GDTR Offset + 0 \|\| Null \|- \| GDTR Offset + 8 \|\| Entry 1 \|- \| GDTR Offset + 16 \|\| Entry 2 \|- \| GDTR Offset + 24 \|\| Entry 3 \|- style="text-align: center;" \| '''...''' \|\| '''...''' \|} The first entry in the '''GDT''' (Entry 0) should always be null and subsequent entries should be used instead. * '''Pr:''' Present bit. This must be '''1''' for all valid selectors. * '''Privl:''' Privilege, 2 bits. Contains the [[Security#Rings\|ring level]], 0 = highest (kernel), 3 = lowest (user applications). Entries in the table are accessed by '''[[Segment Selector\|Segment Selectors]]''', which are loaded into '''[[Segmentation]]''' registers either by assembly instructions or by hardware functions such as '''[[Interrupts]]'''. * '''S:''' Descriptor type. This bit should be set for code or data segments and should be cleared for system segments (eg. a [[Task_State_Segment\|Task State Segment]]) * '''Ex:''' Executable bit. If '''1''' code in this segment can be executed, ie. a code selector. If '''0''' it is a data selector. == Segment Descriptor == Each entry in the table has a complex structure: {\| class="wikitable" \|+ Segment Descriptor !style="width: 20%; text-align: left;"\|63   <span style="float: right;">56</span> !style="width: 12.5%; text-align: left;"\|55   <span style="float: right;">52</span> !style="width: 12.5%; text-align: left;"\|51   <span style="float: right;">48</span> !style="width: 25%; text-align: left;"\|47   <span style="float: right;">40</span> !style="width: 25%; text-align: left;"\|39   <span style="float: right;">32</span> \|- \|'''Base'''<br>31   <span style="float: right;">24</span> \|'''Flags'''<br>3   <span style="float: right;">0</span> \|'''Limit'''<br>19   <span style="float: right;">16</span> \|'''Access Byte'''<br>7   <span style="float: right;">0</span> \|'''Base'''<br>23   <span style="float: right;">16</span> \|- !colspan=3 style="text-align: left;"\|31   <span style="float: right;">16</span> !colspan=2 style="text-align: left;"\|15   <span style="float: right;">0</span> \|- \|colspan=3\|'''Base'''<br>15   <span style="float: right;">0</span> \|colspan=2\|'''Limit'''<br>15   <span style="float: right;">0</span> \|} * '''Base:''' A 32-bit value containing the linear address where the segment begins. * '''Limit:''' A 20-bit value, tells the maximum addressable unit, either in 1 byte units, or in 4KiB pages. Hence, if you choose page granularity and set the '''Limit''' value to 0xFFFFF the segment will span the full 4 GiB address space in 32-bit mode. In 64-bit mode, the '''Base''' and '''Limit''' values are ignored, each descriptor covers the entire linear address space regardless of what they are set to. For more information, see '''Section 3.4.5: Segment Descriptors''' and '''Figure 3-8: Segment Descriptor''' of the Intel Software Developer Manual, Volume 3-A. {\| class="wikitable" \|+ Access Byte \|- !style="width: 12.5%;"\|7 !style="width: 12.5%;"\|6 !style="width: 12.5%;"\|5 !style="width: 12.5%;"\|4 !style="width: 12.5%;"\|3 !style="width: 12.5%;"\|2 !style="width: 12.5%;"\|1 !style="width: 12.5%;"\|0 \|- \|'''P''' \|\|colspan=2\|'''DPL''' \|\| '''S''' \|\| '''E''' \|\| '''DC''' \|\| '''RW''' \|\| '''A''' \|} * '''P:''' Present bit. Allows an entry to refer to a valid segment. Must be set ('''1''') for any valid segment. * '''DPL:''' Descriptor privilege level field. Contains the [[Security#Rings\|CPU Privilege level]] of the segment. '''0''' = highest privilege (kernel), '''3''' = lowest privilege (user applications). * '''S:''' Descriptor type bit. If clear ('''0''') the descriptor defines a system segment (eg. a [[Task_State_Segment\|Task State Segment]]). If set ('''1''') it defines a code or data segment. * '''E:''' Executable bit. If clear ('''0''') the descriptor defines a data segment. If set ('''1''') it defines a code segment which can be executed from. * '''DC:''' Direction bit/Conforming bit. ~~Direction bit for~~For data selectors: ~~Tells~~Direction ~~the direction~~bit. If clear ('''0''') the segment grows up. If set ('''1''') the segment [[Expand_Down\|grows down]], ie. the ~~<tt>offset</tt>~~'''Offset''' has to be greater than the ~~<tt>limit</tt>~~'''Limit'''. ~~Conforming bit for~~For code selectors: Conforming bit. * If clear ('''0''') code in this segment can only be executed from the ring set in '''DPL'''. * If '''1''' code in this segment can be executed from an equal or lower privilege level. For example, code in ring 3 can far-jump to ''conforming'' code in a ring 2 segment. The <tt>privl</tt>-bits represent the highest privilege level that is allowed to execute the segment. For example, code in ring 0 cannot far-jump to a conforming code segment with <tt>privl==0x2</tt>, while code in ring 2 and 3 can. Note that the privilege level remains the same, ie. a far-jump form ring 3 to a <tt>privl==2</tt>-segment remains in ring 3 after the jump. * If set ('''1''') code in this segment can be executed from an equal or lower privilege level. For example, code in ring 3 can far-jump to ''conforming'' code in a ring 2 segment. The '''DPL''' field represent the highest privilege level that is allowed to execute the segment. For example, code in ring 0 cannot far-jump to a conforming code segment where '''DPL''' is 2, while code in ring 2 and 3 can. Note that the privilege level remains the same, ie. a far-jump from ring 3 to a segment with a '''DPL''' of 2 remains in ring 3 after the jump. * If '''0''' code in this segment can only be executed from the ring set in <tt>privl</tt>. * '''RW:''' Readable bit/Writable bit. For code segments: Readable bit. ~~for~~If ~~code~~clear ~~selectors: Whether~~('''0'''), read access for this segment is not allowed. If set ('''1''') read access is allowed. Write access is never allowed for code segments. ~~Writable bit for~~For data ~~selectors~~segments: ~~Whether~~Writeable bit. If clear ('''0'''), write access for this segment is not allowed. If set ('''1''') write access is allowed. Read access is always allowed for data segments. * '''A:''' Accessed bit. The CPU will set it when the segment is accessed unless set to '''1''' in advance. This means that in case the GDT descriptor is stored in read only pages and this bit is set to '''0''', the CPU trying to set this bit will trigger a page fault. Best left set to '''1''' unless otherwise needed. * '''Ac:''' Accessed bit. Just set to '''0'''. The CPU sets this to '''1''' when the segment is accessed. * '''Gr:''' Granularity bit. If '''0''' the <tt>limit</tt> is in 1 B blocks (byte granularity), if '''1''' the <tt>limit</tt> is in 4 KiB blocks (page granularity). * '''Sz:''' Size bit. If '''0''' the selector defines 16 bit protected mode. If '''1''' it defines 32 bit protected mode. You can have both 16 bit and 32 bit selectors at once. {\| class="wikitable" ~~=== x86-64 Changes ===~~ \|+ Flags * '''L''' bit (bit 53, next to '''Sz''') is used to indicate x86-64 code descriptor. '''For data segments, this bit is reserved''' \|- * '''Sz''' bit (bit 54) has to be 0 when the '''L''' bit is set, as the combination '''Sz''' = 1, '''L''' = 1 is reserved for future use (and will throw an exception if you try to use it) !style="width: 25%;"\|3 ~~<br/>~~ !style="width: 25%;"\|2 ~~The [[LGDT]] instruction will look for a 8-byte base address in long mode.~~ !style="width: 25%;"\|1 ~~<br/>~~ !style="width: 25%;"\|0 ~~See Figure 3-8, "Segment Descriptor" of the Intel System Programmer's manual.~~ \|- \|'''G''' \|\| '''DB''' \|\| '''L''' \|Reserved \|} * '''G:''' Granularity flag, indicates the size the '''Limit''' value is scaled by. If clear ('''0'''), the '''Limit''' is in 1 Byte blocks (byte granularity). If set ('''1'''), the '''Limit''' is in 4 KiB blocks (page granularity). ~~== See also ==~~ * '''DB:''' Size flag. If clear ('''0'''), the descriptor defines a 16-bit protected mode segment. If set ('''1''') it defines a 32-bit protected mode segment. A GDT can have both 16-bit and 32-bit selectors at once. * '''L:''' Long-mode code flag. If set ('''1'''), the descriptor defines a 64-bit code segment. When set, '''DB''' should always be clear. For any other type of segment (other code types or any data segment), it should be clear ('''0'''). == System Segment Descriptor == For system segments, such as those defining a '''[[Task State Segment]]''' or '''[[Local Descriptor Table]]''', the format of the '''Access Byte''' differs slightly, in order to define different types of system segments rather than code and data segments. For more information, see '''Section 3.5: System Descriptor Types''' and '''Figure 3-2: System-Segment and Gate-Descriptor Types''' of the Intel Software Developer Manual, Volume 3-A. {\| class="wikitable" \|+ Access Byte \|- !style="width: 12.5%;"\|7 !style="width: 12.5%;"\|6 !style="width: 12.5%;"\|5 !style="width: 12.5%;"\|4 !style="width: 12.5%;"\|3 !style="width: 12.5%;"\|2 !style="width: 12.5%;"\|1 !style="width: 12.5%;"\|0 \|- \|'''P'''    \|\|colspan=2\|'''DPL''' \|\| '''S''' \|\| colspan=4\|'''Type''' \|} * '''Type:''' Type of system segment. Types available in 32-bit protected mode: * '''0x1:''' 16-bit TSS (Available) * '''0x2:''' LDT * '''0x3:''' 16-bit TSS (Busy) * '''0x9:''' 32-bit TSS (Available) * '''0xB:''' 32-bit TSS (Busy) Types available in Long Mode: * '''0x2:''' LDT * '''0x9:''' 64-bit TSS (Available) * '''0xB:''' 64-bit TSS (Busy) == Long Mode System Segment Descriptor == For a '''[[Task State Segment]]''' or '''[[Local Descriptor Table]]''' in '''[[Long Mode]]''', the format of a '''Segment Descriptor''' differs to ensure that the '''Base''' value can contain a 64-bit '''[[Linear Address]]'''. It takes up the space in the table of two usual entries, in a little endian format, such that the lower half of this entry precedes the higher half in the table. For more information, see '''Section 8.2.3: TSS Descriptor in 64-bit Mode''' and '''Figure 8-4: Format of TSS and LDT Descriptors in 64-bit Mode''' of the Intel Software Developer Manual, Volume 3-A. {\| class="wikitable" style="display: inline-table;" \|+ 64-bit System Segment Descriptor \|- !colspan=5 style="text-align: left;"\|127   <span style="float: right;">96</span> \|- \|colspan=5\|Reserved \|- !colspan=5 style="text-align: left;"\|95   <span style="float: right;">64</span> \|- \|colspan=5\|'''Base'''<br>63   <span style="float: right;">32</span> \|- !style="width: 20%; text-align: left;"\|63   <span style="float: right;">56</span> !style="width: 12.5%; text-align: left;"\|55   <span style="float: right;">52</span> !style="width: 12.5%; text-align: left;"\|51   <span style="float: right;">48</span> !style="width: 25%; text-align: left;"\|47   <span style="float: right;">40</span> !style="width: 25%; text-align: left;"\|39   <span style="float: right;">32</span> \|- \|'''Base'''<br>31   <span style="float: right;">24</span> \|'''Flags'''<br>3   <span style="float: right;">0</span> \|'''Limit'''<br>19   <span style="float: right;">16</span> \|'''Access Byte'''<br>7   <span style="float: right;">0</span> \|'''Base'''<br>23   <span style="float: right;">16</span> \|- !colspan=3 style="text-align: left;"\|31   <span style="float: right;">16</span> !colspan=2 style="text-align: left;"\|15   <span style="float: right;">0</span> \|- \|colspan=3\|'''Base'''<br>15   <span style="float: right;">0</span> \|colspan=2\|'''Limit'''<br>15   <span style="float: right;">0</span> \|} == See Also == === Articles === * [[GDT Tutorial]] Line 54 ⟶ 202: * [http://files.osdev.org/mirrors/geezer/os/pm.htm Protected Mode tutorial] * [http://www.intel.com/design/processor/manuals/253668.pdf Intel® 64 and IA-32 Architectures Software Developer’s Manual, Volume 3A:. System Programming Guide, Part 1 (order number 253668)] chapter 2.4~~[[Category:X86 CPU]]~~ [[Category:X86 CPU]] [[Category:Memory Segmentation]] [[de:Global Descriptor Table]]