Retro video games delivered to your door every month!
Click above to get retro games delivered to your door ever month!
X-Hacker.org- iAPx86 - Norton Guide http://www.X-Hacker.org [<<Previous Entry] [^^Up^^] [Next Entry>>] [Menu] [About The Guide]

V86 - virtual 8086 environment

    On the 80386+, 8086 applications and operating systems can run in
    protected mode as part of a virtual task (V86) that takes advantage
    of the hardware support of multitasking offered by protected mode.

    The V86 task forms a "virtual machine" that consists of the 80386
    hardware and systems software. The software controls the V86
    external interfacing, the interrupts and I/O. The hardware provides
    the TSS (task state segment) containing the virtual registers (a
    virtual memory space that is the task's first megabyte of the
    linear address space) and executes the instructions that deal with
    the registers and address space.

    ------------------------------------------------------------------
    Virtual 8086 mode addressing
    The 80386 executes V86 mode when the VM (virtual mode) flag is
    set in the EFLAGS register. The processor tests the VM flag when
    decoding instructions to determine which instructions are
    sensitive to IOPL, and when loading segment registers to determine
    if it is to use 8086-style address formation.

    All 80386 registers are accessible to V86, including the segment
    registers FS and GS, but subject to protected mode limitations.
    V86 code also may use non-privileged 80386 instructions, including
    LSS, LFS, LGS, bit scan, double-shift, byte set on condition,
    long-displacement conditional jumps, move with sign/zero
    extension, and a generalized multiply.


    ------------------------------------------------------------------
    Address formation
    When in V86 mode, the 80386 does not interpret 8086 selectors by
    referring to descriptors; it forms linear addresses as if it were
    an 8086. The selector is shifted left by 4 bits to form the 20-bit
    base address. The effective address is extended with 4 high-order
    zeros and added to the base address. Range is 0-10FFEFh.

    V86 tasks actually generate 32-bit linear addresses. However, if
    the value of the 32-bit address exceeds 65535 (0FFFFh), an
    exception is generated (12: stack exception, or 13: general
    protection exception).


    ------------------------------------------------------------------
    Virtual 86 task
    A virtual 8086 task must be represented by an 80386 task state
    segment (TSS), which the 80386 uses to execute the 8086 program
    before it returns to protected mode to execute the 80386 tasks.
    The V86 task consists of two parts:
        - the 8086 program to be executed, and
        - 80386 code that serves as the virtual machine monitor

    The V86 monitor is actually 80386 protected mode code that
    executes at privilege level zero and consists mainly of
    initialization and exception handling procedures. The monitor, as
    with any other 80386 program, uses executable segment descriptors
    that must exist in the GDT or in the task's LDT. The monitor may
    also need data segment descriptors to allow it to examine the
    interrupt vector table or other parts of the 8086 program that are
    in the first megabyte of address space.

    Operating system services can be left as part of the 8086 code or
    emulated in the V86 monitor. Regardless how V86 is implemented,
    note that different V86 tasks can use different 8086 operating
    systems, which opens choices available to systems programmers.

    Paging is not required for a single V86 task but is useful in
    order to do the following:

        . Redirect or trap references to memory-mapped I/O devices.
        . Share 8086 operating system code or ROM code common to
          several 8086 programs that may be executing simultaneously.
        . Create a virtual address space larger than the physical
          address space.
        . Create multiple V86 tasks, in which each task must map the
          lower megabyte of linear addresses to different physical
          locations.
        . Emulate the megabyte wrap of the 8086.


    The 80386 does not refer to descriptors while executing 8086
    programs, so it does not use the protection mechanisms offered by
    descriptors. A couple of approaches can be used to protect the
    systems software in a V86 task from the 8086 program. The software
    designer may choose to use the U/S bit of the page table entries
    to protect the virtual machine monitor and other systems software
    that is in each V86 task's task space. When the 80386 is in V86
    mode, the current privilege level is 3 (CPL=3), which means that
    the 8086 program has only user privileges. If the virtual machine
    monitor's pages have supervisor privileges, they cannot be
    accessed by the 8086 program.
    Another way to protect the V86 system from a V86 application is to
    reserve the first megabyte and 64K of each task's linear address
    space for the 8086 program. The 8086 tasks cannot generate
    addresses outside that range.


    ------------------------------------------------------------------
    Sensitive instructions in V86 mode
    Refer to IOPL-sensitive instructions.

    
    ------------------------------------------------------------------
    Virtual mode input/output
    Some 8086 programs are designed to operate on a single-task system
    and use I/O devices directly. These programs are disruptive when
    running in a multitasking environment. Instead of direct control,
    system designers may take other approaches. The method chosen to
    control the I/O depends on whether the I/O ports are memory-mapped
    or I/O-mapped. Some options for control are to

        . selectively trap and then emulate references that a task
          makes to specifie I/O ports
        . trap or redirect references to memory-mapped I/O addresses
        . emulate the 8086 operating system as an 80386 program and
          require it to do I/O via software interrupts to the
          operating system (trap all attempts to do I/O directly)

    I/O-mapped input/output in the V86 differs from protected mode in
    one way. The protection mechanism does not consult IOPL when it
    executes the IN,INS,OUT, and OUTS instructions; only the I/O
    Permission Bit Map controls whether the V86 tasks execute these
    I/O instructions. The I/O Permission Bit Map traps I/O
    instructions selectively, depending on the I/O address to which
    they refer. Because each task has its own I/O Permission Bit Map,
    the addresses trapped for one task may be different for those
    trapped for others.

    Each task that executes memory-mapped I/O must have a page (or
    several pages) for the memory-mapped address space. The V86
    monitor can control the memory-mapped I/O by

        . causing a monitor trap, which forces a page fault on the
          memory-mapped page (read-only pages will trap writes and
          not-present pages will trap both reads and writes), or
        . assigning the memory-mapped page to appropriate physical
          addresses

    Intervening for each I/O may be excessive for some kinds of I/O
    devices. In this case, a page fault can intervene on the first I/O
    operation. The the monitor can make sure that the task has
    exclusive access to the device and can change the page status to
    present and read/write, which allows subsequent I/O to proceed at
    full speed.

See Also: Register availability Flags TSS IOPL Addressing modes

Online resources provided by: http://www.X-Hacker.org --- NG 2 HTML conversion by Dave Pearson