1. Getting Ready to Enter x86 Protected Mode Survival tactics for enabling Protected-Mode with a minimum of supporting infrastructure

2. Diagnostics Upon entering protected-mode, the “rules” change regarding the allowed CPU actions Memory-addresses are computed using a different set of circuitry within the CPU Restrictions are enforced by generating a variety of “exceptions” which interrupt the CPU’s normal fetch-execute cycle We will need to “diagnose” their causes

3. Hexadecimal Display To display values in registers or memory locations, we need to convert from binary numbers to character-strings that consist of ascii-codes for hexadecimal numerals Why? Because hexadecimal values are easy for human programmers to convert into the actual bit-patterns represented, allowing us to “see” inside the computer

4. Conversion Algorithm The easiest algorithm to understand uses a “lookup table” for converting ‘nybbles’ to ascii numerals: 0000→ ‘0’ (=0x30) 1010→ ‘A’ (=0x41) 0001→ ‘1’ (=0x31) 1011→ ‘B’ (=0x42) 0010→ ‘2’ (=0x32) 1011→ ‘C’ (=0x43) 1001→ ‘9’ (=0x39) 1111→ ‘F’ (=0x46)

5. Lookup-Table Algorithm hexlist:.ASCII “0123456789ABCDEF” ;---------------------------------------------------------- ; Algorithm assumes DS already is setup lea bx, hexlist ; point DS:BX to table and al, #0x0F ; isolate nybble in AL xlat ; replace AL from table

6. Alternative to avoid data-table ; Clever machine-algorithm (by Tim Lopez) and al, #0x0F ; isolate nybble in AL cmp al, #10 ; set carry-flag for SBB sbb al, #0x69 ; subtract-with-borrow das ; adjustment to result ; no lookup-table is needed here, just some ; “immediate data” within instruction-stream

7. In-Class Exercise #1 Try replacing use of the ‘xlat’ instruction by the three Lopez-Algorithm instructions, in our bootsector demo-program ‘regdump.s’ Then the array of hexadecimal numerals, and the instruction setup for register BX, can be removed from the program source Question: How many bytes are saved?

8. Protected-Mode Addresses Segment-selector Logical Address: Segment-offset Operand’s effective address Physical Address: descriptor Segment Descriptor Table + Segment Base-address (also Segment-Limit and Access Rights) Validity is checked by CPU

9. Segment Descriptor Format Base[31..24]GD RSVRSV AVLAVL Limit [19..16] P DPLDPL SX C/DC/D R/WR/W ABase[23..16] Base[15..0]Limit[15..0] 6332 31 0

10. “Hidden” part of Segment Registers selectorSegment baseSegment limit Access rights The programmer-visible part of a segment-register The “invisible” parts of a segment-register

11. Segment-Register “cache” The hidden portions of segment-registers are modified whenever any instruction modifies a segment-register’s visible part Examples: mov ds, ax pop es lss esp, tos jmpf #main, #0x07C0 iret

12. Observation If we can enter protected-mode, but NOT do anything to alter any segment-register, then we won’t need to construct Tables of Segment-Descriptors The left-over real-mode descriptor-values will still be in the segment-registers’ cache We will pursue this idea in a future lesson

13. Project #1 To get us ready for diagnosing the causes of protected-mode “exceptions”, we build a program that displays the contents of CPU registers (in hexadecimal format) similar to the ‘regdump.s’ demo (from our website) Two more segment-registers: FS and GS Also four special control-registers: CR0, CR2, CR3, CR4

14. In-Class Exercise #2 Modify the ‘regdump.s’ bootsector demo so that it also displays the contents in the new 80386 segment-registers: FS and GS Test your changes by reassembling you modified program text, installing it on the floppy diskette in your workstation, then rebooting (use the diskette’s menu-item) Try rebooting from a diskette “image-file”