Vol. 3A 9-13
PROCESSOR MANAGEMENT AND INITIALIZATION
9.9 MODE
SWITCHING
To use the processor in protected mode after hardware or software reset, a mode switch must be performed from
real-address mode. Once in protected mode, software generally does not need to return to real-address mode. To
run software written to run in real-address mode (8086 mode), it is generally more convenient to run the software
in virtual-8086 mode, than to switch back to real-address mode.
9.9.1
Switching to Protected Mode
Before switching to protected mode from real mode, a minimum set of system data structures and code modules
must be loaded into memory, as described in Section 9.8, “Software Initialization for Protected-Mode Operation.”
Once these tables are created, software initialization code can switch into protected mode.
Protected mode is entered by executing a MOV CR0 instruction that sets the PE flag in the CR0 register. (In the
same instruction, the PG flag in register CR0 can be set to enable paging.) Execution in protected mode begins with
a CPL of 0.
Intel 64 and IA-32 processors have slightly different requirements for switching to protected mode. To insure
upwards and downwards code compatibility with Intel 64 and IA-32 processors, we recommend that you follow
these steps:
1. Disable interrupts. A CLI instruction disables maskable hardware interrupts. NMI interrupts can be disabled
with external circuitry. (Software must guarantee that no exceptions or interrupts are generated during the
mode switching operation.)
2. Execute the LGDT instruction to load the GDTR register with the base address of the GDT.
3. Execute a MOV CR0 instruction that sets the PE flag (and optionally the PG flag) in control register CR0.
4. Immediately following the MOV CR0 instruction, execute a far JMP or far CALL instruction. (This operation is
typically a far jump or call to the next instruction in the instruction stream.)
5. The JMP or CALL instruction immediately after the MOV CR0 instruction changes the flow of execution and
serializes the processor.
6. If paging is enabled, the code for the MOV CR0 instruction and the JMP or CALL instruction must come from a
page that is identity mapped (that is, the linear address before the jump is the same as the physical address
after paging and protected mode is enabled). The target instruction for the JMP or CALL instruction does not
need to be identity mapped.
7. If a local descriptor table is going to be used, execute the LLDT instruction to load the segment selector for the
LDT in the LDTR register.
8. Execute the LTR instruction to load the task register with a segment selector to the initial protected-mode task
or to a writable area of memory that can be used to store TSS information on a task switch.
9. After entering protected mode, the segment registers continue to hold the contents they had in real-address
mode. The JMP or CALL instruction in step 4 resets the CS register. Perform one of the following operations to
update the contents of the remaining segment registers.
— Reload segment registers DS, SS, ES, FS, and GS. If the ES, FS, and/or GS registers are not going to be
used, load them with a null selector.
— Perform a JMP or CALL instruction to a new task, which automatically resets the values of the segment
registers and branches to a new code segment.
10. Execute the LIDT instruction to load the IDTR register with the address and limit of the protected-mode IDT.
11. Execute the STI instruction to enable maskable hardware interrupts and perform the necessary hardware
operation to enable NMI interrupts.
Random failures can occur if other instructions exist between steps 3 and 4 above. Failures will be readily seen in
some situations, such as when instructions that reference memory are inserted between steps 3 and 4 while in
system management mode.