Control registers Cr0, CR2

Linux Kernel full analysis-Based on 0.12 kernel chapter 4th 80 x86 protection mode and Programming

Control Register (Cr0 ~ (3-3) used to control and determine the operating mode of the processor and the features of the current task, as shown in Figure 4-3. Cr0 contains the system control mark that controls the operating mode and status of the processor; CR1 is not needed; Cr2 contains the linear address that leads to page errors; Cr 3 contains the base address of the page Directory table physical memory, therefore, this register is also called the page Directory base address register pdbr (page-directory base address register ).

Figure 4-3 control register Cr0 ~ 303.

1. coprocessor control bit in Cr0

Four digits of Cr0: extended type bit et, task switching bit ts, simulation bit em, and mathematical existence bit MP are used to control 80x86 floating point (mathematical) coprocessor operations. For more information about coprocessor, see Chapter 11th. The et bit (FLAG) of Cr0 is used to select the protocol used to communicate with the coprocessor, that is, whether the 80387 or 80287 coprocessor is used in the system. TS, MP, and EM bits are used to determine whether the floating point or wait command should generate a device not available (DNA) exception. This exception can only be used to save and recover floating point registers for tasks that use floating point operations. For tasks that do not use floating point operations, this can speed up switching between them.

(1) et: The bit 4 of Cr0 is the extension type sign. When this flag is 1, it indicates that the system has 80387 coprocessor and uses the 32-bit coprocessor protocol. ET = 0 indicates that the 80287 coprocessor is used. If the simulation bit em = 1, the bit is ignored. During the reset operation, the et bit is initialized to specify the type of coprocessor used in the system. If 80387 exists in the system, ET is set to 1. Otherwise, if 80287 exists or no coprocessor exists, ET is set to 0.

(2) TS: The Bit 3 of Cr0 indicates that the task has been switched. This flag is used to delay the coprocessor content during Task Switching until the new task starts to actually execute the coprocessor command. This flag is set for the processor during each task switchover and is tested when the coprocessor command is executed.

If the TS flag is set and the EM flag of Cr0 is 0, a device does not have an exception before executing any coprocessor commands. If the TS flag is set but the Cr0 MP and EM flag is not set, no device exception will be generated before the coprocessor command wait/fwait is executed. If the EM flag is set, the TS flag does not affect the execution of the coprocessor commands, as shown in Table 4-1.

Table 4-1 influence of different combinations of EM, MP, and Ts ON coprocessor commands in Cr0

Mark in Cr0			Command type
Em	MP	TS	Floating Point	Wait/fwait
0	0	0	Run	Run
0	0	1	The device does not exist (DNA) exception	Run
0	1	0	Run	Run
0	1	1	DNA exception	DNA exception
1	0	0	DNA exception	Run
1	0	1	DNA exception	Run
1	1	0	DNA exception	Run
1	1	1	DNA exception	DNA exception

During task switching, the processor does not automatically save the context of the coprocessor, but sets the TS flag. This flag causes the processor to encounter a coprocessor command when executing a new Task Command stream without any device exception. If the device does not have an exception, you can use the clts command to clear the TS flag and save the context of the coprocessor. If a task has never used a coprocessor, the corresponding coprocessor context does not need to be saved.

(3) EM: The bit 2 of Cr0 is the emulation mark. When this bit is set, it indicates that the processor does not have an internal or external coprocessor. When the coprocessor command is executed, the device does not have an exception. When it is cleared, it indicates that the system has a coprocessor. Setting this flag forces all floating point commands to be simulated using software.

(4) MP: The bit 1 of Cr0 is the monitor coprocessor or math present sign. Controls the interaction between wait/fwait commands and TS labels. If MP = 1 and TS = 1, executing the wait command will generate a device with no exception. If MP = 0, the TS flag will not affect wait execution.

2. Protection Control bit in Cr0

(1) PE: the digit 0 of Cr0 is the protection enable flag. When this bit is set, the protection mode is enabled. When the bit is reset, the real address mode is enabled. This flag only enables segment-level protection, but does not enable the paging mechanism. To enable the paging mechanism, you must set the PE and PG flags.

(2) PG: The 31 bits of Cr0 are paging marks. When this bit is set, the paging mechanism is enabled. When the bit is reset, the paging mechanism is disabled. At this time, all linear addresses are equivalent to physical addresses. You must enable or disable the PE flag before enabling this flag. That is, to enable the paging mechanism, you must set the PE and PG flags.

(3) WP: for Intel 80486 or more CPUs, the 64-bit CRC is a write proctect sign. When this flag is set, the processor will prohibit superuser programs (such as programs with a privileged level 0) from performing write operations on the user-level read-only page. When this bit is reset, the opposite will be performed. This flag facilitates the copy on write technology for UNIX operating systems when creating processes.

(4) Ne: for Intel 80486 or more CPUs, the 64-bit Cr0 5 indicates a numeric error. When this flag is set, the internal reporting mechanism for x87 coprocessor errors is enabled. If this flag is reset, The x87 coprocessor Error Reporting Mechanism in PC form is used. When the ne is reset and the ignne input pin of the CPU has a signal, the x87 error will be ignored. When the ne is reset and the ignne input pin of the CPU has no signal, the unshielded math coprocessor x87 error will cause the processor to interrupt externally through the ferr pin, and immediately stop the command execution before executing the next wait-form floating point instruction or wait/fwait instruction. The ferr pin of the CPU is used to simulate the error pin of the external coprocessor 80387, so it is usually connected to the interrupt controller input request pin. The ne flag, ignne pin, and ferr pin are used to use external logic to implement an external error reporting mechanism in the PC form.

Enable the protection mode PE (protected enable) bit (bit 0) and enable paging PG (bit 31) are used to control the segmentation and paging mechanisms respectively. PE is used to control the segmentation mechanism. If PE = 1, the processor will work in the enabled segmentation environment, that is, running in protected mode. If PE = 0, the processor disables the segmentation mechanism, and 8086 works in real address mode. PG is used to control the paging mechanism. If Pg = 1, the paging mechanism is enabled. If Pg = 0, the paging mechanism is disabled, and the linear address is directly used as the physical address.

If PE = 0, Pg = 0, the processor works in real address mode; If Pg = 0, Pe = 1, the processor works in protection mode without paging enabled; if Pg = 1 and PE = 0, because the paging mechanism cannot be enabled in protection mode, the processor will generate a general protection exception, that is, this flag combination is invalid; if Pg = 1 and PE = 1, the processor works in the paging protection mode.

Be careful when changing the PE and PG locations. Only when the execution program has at least some code and data with the same address in the linear address space and physical address space can we change the PG bit settings. In this case, code with the same address serves as a bridge between the paging and non-Paging worlds. Whether or not the paging mechanism is enabled, the Code has the same address. In addition, you must refresh the page cache TLB before enabling paging (Pg = 1.

After the PE bit is modified, the program must immediately use a jump command to refresh any commands in different modes that have been obtained in the processor execution pipeline. Before setting the PE bit, the program must initialize several system segments and control registers. When the system is powered on, the processor is reset to PE = 0 and PG = 0 (that is, the real mode status ), to allow Boot Code to initialize these registers and data structures before the segmentation and paging mechanisms are enabled.

3. Cr2 AND Cr 3

Cr2 AND Cr 3 are used for paging. The physical address of the page Directory Table Page is contained in the table. Therefore, the physical address of the table is also called pdbr. Because the page Directory Table Page is page aligned, this register is only valid for 20 characters. The lower 12 bits are retained for use by more advanced processors. Therefore, when loading a new value to S3. the lower 12 bits must be set to 0.

When the mov command is used to load the F3. To reduce the number of bus cycles required for address translation, the recently accessed page directories and page tables are stored in the page high-speed buffer of the processor, this buffer is called the translation lookup buffer (TLB ). Only when TLB does not contain the required page table items will additional bus periods be used to read page table items from memory.

Even if the PG position in Cr0 is in the reset status (Pg = 0), we can load the f33. To allow page-based initialization. When the task is switched, the content of the c3.3. However, if the new job has the same value as the original job, the processor does not need to refresh the page for high-speed buffering. In this way, the task of sharing the page table can be executed faster.

Cr2 is used to report error information when a page exception occurs. When a report page exception occurs, the processor stores the linear address that causes the exception in cr2. Therefore, the page exception handler in the operating system can check the content of Cr2 to determine which page in the linear address space causes an exception.