Presentation is loading. Please wait.

Presentation is loading. Please wait.

Model-Specific Registers A look at Intel’s scheme for introducing new CPU features.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Model-Specific Registers A look at Intel’s scheme for introducing new CPU features."— Presentation transcript:

1 Model-Specific Registers A look at Intel’s scheme for introducing new CPU features

2 Test Registers The 80386 implemented two registers for testing its Translation Look-aside Buffer (i.e., the special cache used for speeding up virtual-to-physical address-conversions The registers were named TR6 and TR7 Intel warned that these system registers were unique to the 80386 CPU’s design and might not be present in future chips

3 Then three more The TR6 and TR7 registers were kept in the 80486 design -- along with three extra Test Registers (TR3, TR4, TR5) that allowed testing of the processor’s caches for code and data Again Intel warned that these registers were unique to the 80486 CPU’s design and that they might not be implemented in subsequent chips Sure enough, in the 80586 (‘Pentium’) they were gone – so software written to use them would no longer execute on the newer Pentium CPUs

4 The ‘Model-Specific’ concept Beginning with the Pentium processor, Intel has been including ‘experimental’ features in its processors, warning that they may disappear from future designs, but providing a standard and permanent way for all such features to be accessed This access is via a pair of ‘privileged’ instructions (rdmsr and wrmsr) that can only be executed by ‘ring0’ code

5 Quite a few MSRs now! At first there were only about a dozen of these MSRs (Model-Specific Registers), but lately their number is well over 200 Some MSRs have evidently proven to be sufficiently satisfactory and worth having that they are now deemed as permanent fixtures of the defined i386 architecture

6 The Time-Stamp Counter This 64-bit Model-Specific Register was introduced in the Pentium processor and has been present in each CPU thereafter It increments once every CPU clock-cycle, starting from 0 when power is turned on It won’t overflow for at least ten years Unprivileged programs (ring3) normally can access, it via the rdtsc instruction

7 Using the TSC EDXEAX 63 32 31 0 64-bits time0:.quad0# saves starting value from the TSC time1:.quad0# saves concluding value from TSC # how you can measure CPU clock-cycles in a code-fragment rdtsc# read the Time-Stamp Counter movl%eax, time0+0# save least-significant longword movl%edx, time0+4# save most-significant longword # rdtsc# read the Time-Stamp Counter movl%eax, time1+0# save least-significant longword movl%edx, time1+4# save most-significant longword # now subtract starting-value ‘time0’ from ending value ‘time1’

8 The TSC as an MSR Each Model-Specific Register has its own identifying register-number, and can be accessed (from ring0) using the special pair of instructions: rdmsr and wrmsr The Time-Stamp Counter is MSR number 0x10 To write a new 64-bit value into the TSC, you load the desired 64-bit value into the EDX:EAX register-pair, you put the MSR ID-number 0x10 into register ECX, then you execute wrmsr

9 IA32_APIC_BASE This register has MSR number 0x1B and it’s private to each CPU in an SMP system It establishes the base-address for the Local-APIC’s memory-mapped registers (the default base-address is 0xFEE00000, but that can be changed using this MSR) The CPU’s Local-APIC functions can be either enabled or disabled (via bit #11) The BSP can be recognized (via bit #8)

10 Relocating the APIC registers reserved 63 32 31 12 11 8 0 IA32_APIC_BASE (64-bits) APIC base-address (4K page-number) ENEN BSPBSP Default-value for APIC base-address page = 0xFEE00 Local-APIC Enable bit (1=enabled, 0=disabled) Boot-Strap Processor (read-only): 1=yes, 0=no # make the processor’s Local-APIC registers accessible in real-mode mov$0x000D8000, %eax# least-significant 32-bits mov$0x00000000, %edx# most-significant 32-bits mov$0x1B, %ecx# MSR register-number wrmsr# write to specified MSR

11 Extended Feature Enable Register The EFER was introduced in conformity with Advanced Microprocessor Designs way of implementing 64-bit architecture Its MSR register-number is 0xC0000080 reserved 63 32 31 12 11 10 9 8 0 IA32_EFER (64-bits) reserved XDXD 32eE32eE SYSCALLSYSCALL 32eA32eA eXecute-Disable bit in paging structures (1=enabled, 0=disabled) IA32e-mode is active (1=yes, 0=no) Enable IA32e-mode (1=yes, 0=no) Enable SYSCALL/SYSRET instructions in 64-bit mode (1=yes, 0=no)

12 Demo: ‘try64bit.s’ We created a demo-program that shows what steps are needed to enable the new 64-bit capabilities of recent Pentium-D or Core 2 Duo processors (using EFER) This demo cannot be executed on our current CS Lab/Classroom workstations, but it CAN execute on a remote-access department server named ‘anchor00’

13 New 4-Level page-tables needed For executing in 64-bit mode, the PAE-bit (Page-Addressing Extensions) must be enabled (bit #6 in Control Register CR4) and 4-levels of page-table structures must be prepared which implement an “identity mapping” for the transition-code itself Then 64-bit mode is entered by turning on the PG-bit in Control Register 0 (assuming bit #8 in the EFER register was set to 1)

14 4-Levels of mapping Page Map Level-4 Table CR3 Page Directory Pointer Table Page Directory Page Table Page Frame (4KB) offset 64-bit ‘canonical’ virtual address sign-extension PML4PDPTPDIRPTBL 63 48 47 39 38 30 29 21 20 12 11 0 Each mapping-table contains up to 512 quadword-size entries

15 Page-Table entry format Base Address [39..32] EXBEXB 63 62 52 51 40 39 32 available reserved (must be 0) 31 12 11 9 8 0 P R/WR/W S/US/U PWTPWT PCDPCD AD PATPAT GBase Address [31..12]avail Legend: P = present (0=no, 1=yes)PWT = Page Write-Through (0=no, 1=yes) R/W (0=read-only, 1=writable)PCD = Page Caching Disable (0=no, 1=yes) S/U (0=supervisor-only, 1=user)PAT = Page-Attribute Table-Index A = accessed (0=no, 1=yes)G = Global page (1=yes, 0=no) D = dirty (0=no, 1=yes)

16 Segment descriptors Segment-descriptors and gate-descriptors have an enlarged format in 64-bit mode to accommodate the larger-sized addresses Segment-Limit and Base are disregarded for selectors in registers CS, DS, ES, SS 127 64 63 0 GDLAP DPLDPL STYPE Formerly ‘reserved’ bit is now the ‘L’ bit (it indicates a ‘long’ segment-descriptor

17 A few GDT descriptors….align16# octaword-alignment (for optimal access) theGDT:.octa0x00000000000000000000000000000000# null.equsel_cs64, (. – theGDT)+0# code64 selector (ring0).octa0x000000000000000000209A0000000000# code.equsel_cs32, (. – theGDT)+0# code32 selector (ring0).octa0x000000000000000000409A010000FFFF# code.equsel_vram, (. – theGDT)+0# data16 selector (ring3).octa0x00000000000000000080F20B80000007# data

18 You must update ‘binutils’ You cannot assemble and link programs that are written for the IA32e 64-bit mode unless you install the newest versions of the GNU assembler ‘as’ and the linker ‘ld’ You can download these utilities from the website for the Free Software Foundation at:http://www.fsf.org/http://www.fsf.org/ Directions for installing are easy-to-follow

Download ppt "Model-Specific Registers A look at Intel’s scheme for introducing new CPU features."

Similar presentations

Memory Management Unit

Memory Management Unit
Using VMX within Linux We explore the feasibility of executing ROM-BIOS code within the Linux x86_64 kernel.

Using VMX within Linux We explore the feasibility of executing ROM-BIOS code within the Linux x86_64 kernel.
MODERN OPERATING SYSTEMS Third Edition ANDREW S. TANENBAUM Chapter 3 Memory Management Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall,

MODERN OPERATING SYSTEMS Third Edition ANDREW S. TANENBAUM Chapter 3 Memory Management Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall,
Computer Organization and Assembly Languages Yung-Yu Chuang

Computer Organization and Assembly Languages Yung-Yu Chuang
The Microprocessor and its Architecture

The Microprocessor and its Architecture
16.317: Microprocessor System Design I

16.317: Microprocessor System Design I
4/14/2017 Discussed Earlier segmentation - the process address space is divided into logical pieces called segments. The following are the example of types.

4/14/2017 Discussed Earlier segmentation - the process address space is divided into logical pieces called segments. The following are the example of types.
Virtual Memory Chapter 18 S. Dandamudi. 2003 To be used with S. Dandamudi, “Fundamentals of Computer Organization and Design,” Springer, 2003.  S. Dandamudi.

Virtual Memory Chapter 18 S. Dandamudi To be used with S. Dandamudi, “Fundamentals of Computer Organization and Design,” Springer,  S. Dandamudi.
Intel 80386 MP.

Intel MP.
IA32 Paging Scheme Introduction to the Pentium’s support for “virtual” memory.

IA32 Paging Scheme Introduction to the Pentium’s support for “virtual” memory.
Introduction to the Intel x86’s support for “virtual” memory

Introduction to the Intel x86’s support for “virtual” memory
Operating Systems: Segments 1 Segmentation Hardware Support single user program system: – wish somehow to relocate address 0 to after operating system.

Operating Systems: Segments 1 Segmentation Hardware Support single user program system: – wish somehow to relocate address 0 to after operating system.
IA32 Paging Scheme Introduction to the Intel x86’s support for “virtual” memory.

IA32 Paging Scheme Introduction to the Intel x86’s support for “virtual” memory.
Linux Memory Issues An introduction to some low-level and some high-level memory management concepts.

Linux Memory Issues An introduction to some low-level and some high-level memory management concepts.
IA32 Paging Scheme Introduction to the Pentium’s support for “virtual” memory.

IA32 Paging Scheme Introduction to the Pentium’s support for “virtual” memory.
EM64T ‘fast’ system-calls A look at the requirements for using Intel’s ‘syscall’ and ‘sysret’ instructions in 64-bit mode.

EM64T ‘fast’ system-calls A look at the requirements for using Intel’s ‘syscall’ and ‘sysret’ instructions in 64-bit mode.
IA-32 Processor Architecture

IA-32 Processor Architecture
The various x86 ‘modes’ On understanding key differences among the processor’s several execution-architectures.

The various x86 ‘modes’ On understanding key differences among the processor’s several execution-architectures.
Vacuum tubes Transistor 1948 ICs 1960s Microprocessors 1970s.

Vacuum tubes Transistor 1948 ICs 1960s Microprocessors 1970s.
Venturing into protected-mode A first look at the CPU registers and instructions which provide the essential supporting infrastructure.

Venturing into protected-mode A first look at the CPU registers and instructions which provide the essential supporting infrastructure.

Similar presentations

Ads by Google