4 protection within a virtual-8086 task, 5 entering virtual-8086 mode – Intel IA-32 User Manual
Page 561
Vol. 3A 15-11
8086 EMULATION
•
When sharing the 8086 operating-system services or ROM code that is common to several
8086 programs running as different 8086-mode tasks.
•
When redirecting or trapping references to memory-mapped I/O devices.
15.2.4
Protection within a Virtual-8086 Task
Protection is not enforced between the segments of an 8086 program. Either of the following
techniques can be used to protect the system software running in a virtual-8086-mode task from
the 8086 program:
•
Reserve the first 1 MByte plus 64 KBytes of each task’s linear address space for the 8086
program. An 8086 processor task cannot generate addresses outside this range.
•
Use the U/S flag of page-table entries to protect the virtual-8086 monitor and other system
software in the virtual-8086 mode task space. When the processor is in virtual-8086 mode,
the CPL is 3. Therefore, an 8086 processor program has only user privileges. If the pages
of the virtual-8086 monitor have supervisor privilege, they cannot be accessed by the 8086
program.
15.2.5
Entering Virtual-8086 Mode
Figure 15-3 summarizes the methods of entering and leaving virtual-8086 mode. The processor
switches to virtual-8086 mode in either of the following situations:
•
Task switch when the VM flag is set to 1 in the EFLAGS register image stored in the TSS
for the task. Here the task switch can be initiated in either of two ways:
— A CALL or JMP instruction.
— An IRET instruction, where the NT flag in the EFLAGS image is set to 1.
•
Return from a protected-mode interrupt or exception handler when the VM flag is set to 1
in the EFLAGS register image on the stack.
When a task switch is used to enter virtual-8086 mode, the TSS for the virtual-8086-mode task
must be a 32-bit TSS. (If the new TSS is a 16-bit TSS, the upper word of the EFLAGS register
is not in the TSS, causing the processor to clear the VM flag when it loads the EFLAGS register.)
The processor updates the VM flag prior to loading the segment registers from their images in
the new TSS. The new setting of the VM flag determines whether the processor interprets the
contents of the segment registers as 8086-style segment selectors or protected-mode segment
selectors. When the VM flag is set, the segment registers are loaded from the TSS, using 8086-
style address translation to form base addresses.
See Section 15.3, “Interrupt and Exception Handling in Virtual-8086 Mode”, for information on
entering virtual-8086 mode on a return from an interrupt or exception handler.