On Tue, May 13, 2014 at 02:39:20PM -0400, Kevin O'Connor wrote: > On Tue, May 13, 2014 at 08:24:47PM +0200, Paolo Bonzini wrote: > > Il 27/04/2014 19:25, Kevin O'Connor ha scritto: > > > I was wondering about that as well. The Intel docs state that the CPL > > > is bits 0-1 of the CS.selector register, and that protected mode > > > starts immediately after setting the PE bit. The CS.selector field > > > should be the value of %cs in real mode, which is the value added to > > > eip (after shifting right by 4). > > > > > > I guess that means that the real mode code that enables the PE bit > > > must run with a code segment aligned to a value of 4. (Which > > > effectively means code alignment of 64 bytes because of the segment > > > shift.) > > > > It turns out that this is not a requirement; which means that the > > protected mode transition is exactly the only place where CPL is not > > redundant. The CPL remains zero until you reload CS with a long jump. > > That doesn't sound right.
FYI, I ran a couple of tests on a real machine where I set protected mode while %cs=0xf003 and I can confirm that it doesn't cause faults. So, you are correct - the CPL appears to be stored separately from %cs[1:0] and it appears CPL isn't altered until CS is reloaded. -Kevin
