Vol. 3A 3-9
PROTECTED-MODE MEMORY MANAGEMENT
2. Implied load instructions such as the far pointer versions of the CALL, JMP, and RET instructions, the SYSENTER
and SYSEXIT instructions, and the IRET, INTn, INTO and INT3 instructions. These instructions change the
contents of the CS register (and sometimes other segment registers) as an incidental part of their operation.
The MOV instruction can also be used to store the visible part of a segment register in a general-purpose register.
3.4.4
Segment Loading Instructions in IA-32e Mode
Because ES, DS, and SS segment registers are not used in 64-bit mode, their fields (base, limit, and attribute) in
segment descriptor registers are ignored. Some forms of segment load instructions are also invalid (for example,
LDS, POP ES). Address calculations that reference the ES, DS, or SS segments are treated as if the segment base
is zero.
The processor checks that all linear-address references are in canonical form instead of performing limit checks.
Mode switching does not change the contents of the segment registers or the associated descriptor registers.
These registers are also not changed during 64-bit mode execution, unless explicit segment loads are performed.
In order to set up compatibility mode for an application, segment-load instructions (MOV to Sreg, POP Sreg) work
normally in 64-bit mode. An entry is read from the system descriptor table (GDT or LDT) and is loaded in the
hidden portion of the segment register. The descriptor-register base, limit, and attribute fields are all loaded.
However, the contents of the data and stack segment selector and the descriptor registers are ignored.
When FS and GS segment overrides are used in 64-bit mode, their respective base addresses are used in the linear
address calculation: (FS or GS).base + index + displacement. FS.base and GS.base are then expanded to the full
linear-address size supported by the implementation. The resulting effective address calculation can wrap across
positive and negative addresses; the resulting linear address must be canonical.
In 64-bit mode, memory accesses using FS-segment and GS-segment overrides are not checked for a runtime limit
nor subjected to attribute-checking. Normal segment loads (MOV to Sreg and POP Sreg) into FS and GS load a
standard 32-bit base value in the hidden portion of the segment register. The base address bits above the standard
32 bits are cleared to 0 to allow consistency for implementations that use less than 64 bits.
The hidden descriptor register fields for FS.base and GS.base are physically mapped to MSRs in order to load all
address bits supported by a 64-bit implementation. Software with CPL = 0 (privileged software) can load all
supported linear-address bits into FS.base or GS.base using WRMSR. Addresses written into the 64-bit FS.base
and GS.base registers must be in canonical form. A WRMSR instruction that attempts to write a non-canonical
address to those registers causes a #GP fault.
When in compatibility mode, FS and GS overrides operate as defined by 32-bit mode behavior regardless of the
value loaded into the upper 32 linear-address bits of the hidden descriptor register base field. Compatibility mode
ignores the upper 32 bits when calculating an effective address.
A new 64-bit mode instruction, SWAPGS, can be used to load GS base. SWAPGS exchanges the kernel data struc-
ture pointer from the IA32_KERNEL_GS_BASE MSR with the GS base register. The kernel can then use the GS
prefix on normal memory references to access the kernel data structures. An attempt to write a non-canonical
value (using WRMSR) to the IA32_KERNEL_GS_BASE MSR causes a #GP fault.
3.4.5 Segment
Descriptors
A segment descriptor is a data structure in a GDT or LDT that provides the processor with the size and location of
a segment, as well as access control and status information. Segment descriptors are typically created by
compilers, linkers, loaders, or the operating system or executive, but not application programs. Figure 3-8 illus-
trates the general descriptor format for all types of segment descriptors.