protected mode
protected mode
In real mode, addresses are generated by adding an addressoffset to the value of a segment register shifted left fourbits. As the segment register and address offset are 16 bitslong this results in a 20-bit address. This is the origin ofthe one megabyte (2^20) limit in real mode.
There are 4 segment registers on processors before the Intel 80386. The 80386 introduced two more segment registers.Which segment register is used depends on the instruction, onthe addressing mode and of an optional instruction prefixwhich selects the segment register explicitly.
In protected mode, the segment registers contain an index intoa table of segment descriptors. Each segment descriptorcontains the start address of the segment, to which the offsetis added to generate the address. In addition, the segmentdescriptor contains memory protection information. Thisincludes an offset limit and bits for write and readpermission. This allows the processor to prevent memoryaccesses to certain data. The operating system can use thisto protect different processes' memory from each other, hencethe name "protected mode".
While the standard register set belongs to the CPU, thesegment registers lie "at the boundary" between the CPU andMMU. Each time a new value is loaded into a segment registerwhile in protected mode, the corresponding descriptor isloaded into a descriptor cache in the (Segment-)MMU. Onprocessors before the Pentium this takes longer than justloading the segment register in real mode. Addressesgenerated by the CPU (which are segment offsets) are passed tothe MMU to be checked against the limit in the segmentdescriptor and are there added to the segment base address inthe descriptor to form a linear address.
On a 80386 or later, the linear address is further processedby the paged MMU before the result (the physical address)appears on the chip's address pins. The 80286 doesn't have apaged MMU so the linear address is output directly as thephysical address.
The paged MMU allows for arbitrary remapping of four klilobytememory blocks (pages) through a translation table stored inmemory. A few entries of this table are cached in the MMU'sTranslation Lookaside Buffer to avoid excessive memoryaccesses.
After processor reset, all processors start in real mode.Protected mode has to be enabled by software. On the 80286there exists no documented way back to real mode apart fromresetting the processor. Later processors allow switchingback to real mode by software.
Software which has been written or compiled to run inprotected mode must only use segment register values given toit by the operating system. Unfortunately, most applicationcode for MS-DOS, written before the 286, will fail inprotected mode because it assumes real mode addressing andwrites arbitrary values to segment registers, e.g. in order toperform address calculations.
Such use of segment registers is only really necessary withdata structures that are larger than 64 kilobytes and thusdon't fit into a single segment. This is usually dealt withby the huge memory model in compilers. In this model,compilers generate address arithmetic involving segmentregisters. A solution which is portable to protected modewith almost the same efficiency would involve using a table ofsegments instead of calculating new segment register values adhoc.
To ease the transition to protected mode, Intel 80386 andlater processors provide "virtual 86 mode".
Protected Mode
(1) The native state of an Intel CPU, which provides access to all advanced memory management functions. It was introduced in 1982 with the 16-bit 286 chip, which was the first x86 chip to break the 1MB barrier of the original 8086/8088 architecture. See Real Mode, Virtual 8086 Mode, 32-bit processing and memory protection.(2) (protected mode) May refer to memory protection or a type of secure environment. See memory protection.