问题
I know how a GDT (Global Descriptor Table) is implemented and the use of segment registers and segment descriptors. However how/when is a GDT entry accessed?
Is it accessed in basic mov instructions like
mov [eax],ebx
Does this implicitly invoke ds segment register and then access the GDT segment descriptor or there is some other way via which access to the GDT entry happens?
回答1:
TL;DR : The Global Descriptor Table (GDT) or Local Descriptor Table (LDT) is only accessed when a segment register is loaded with a new selector (whether it is the same value or a different value) when in protected mode or long mode. Bit 2 of the selector value being loaded determines if the GDT (bit 2 is clear) or LDT (bit 2 is set) will be used to determine where the descriptor is read from.
The GDT (or LDT) will be queried for the information in a descriptor entry when a segment register (CS/DS/ES/SS/FS/GS) is loaded (whether with a new value or the same value) when in 16/32-bit protected mode or long mode. Instructions that may load a value into a segment register are POP, MOV, JMP (far), CALL (far), RET (far). IRET.
In real mode the GDT/LDT is not directly consulted when a segment register is loaded with a new value.
The loading of a segment register with a selector will cause an appropriate privilege level and access right check to determine if it is valid in the context it is being used. The base, limit and access rights of a descriptor will be loaded into a Segment Descriptor Cache associated with each of the segment registers.
The Segment Descriptor Cache is a hidden part of the CPU that exists to speed up memory accesses so that the descriptor informations doesn't have to be reloaded from memory for each instruction that accesses memory. When you do something like:
mov [eax], ebx
The CPU will write the 32-bit value in EBX to the memory address DS:[eax] (where EAX contains the offset to read from). There is an implicit segment(s) associated with each memory access unless overridden. The default on a MOV instruction with a memory address is DS (or SS if a memory address uses EBP as a base). Because the information needed about a selector in a segment register is cached in the CPU, the GDT (or LDT) is not queried directly when a an instruction has a memory operand(s).
来源:https://stackoverflow.com/questions/59952499/how-is-a-gdt-invoked