flat assembler
Message board for the users of flat assembler.

Index > Main > What happened with segment registers?

Author
Thread Post new topic Reply to topic
moveax41h



Joined: 18 Feb 2018
Posts: 59
moveax41h
Back when I wrote some 8086 code which was 16-bit, I had to load up for example the stack and data segment registers with base addresses. However, I've never had to do this on "modern" x86-64 assembly. Are DS, ES, SS, CS still used or is there another method used now?

_________________
-moveax41h
Post 27 Mar 2020, 18:18
View user's profile Send private message Reply with quote
Furs



Joined: 04 Mar 2016
Posts: 1520
Furs
Sadly, they're not used anymore, except for FS and GS. Typically to access thread local storage.

I personally think this was a big mistake, but then again, most "programmers" can't understand how to take advantage of a segmented memory model and want universal flat pointers and "automatic" paging permissions. Sigh.
Post 28 Mar 2020, 14:24
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17671
Location: In your JS exploiting you and your system
revolution
You can count me as one of those that "can't understand how to take advantage of a segmented memory model".

IMO they are a needless complication. Dynamic memory allocations become a nightmare. And because there are so many people like me that don't understand them properly they became a source of countless bugs and errors; holding back software development enormously.

Paging is more flexible and understandable. I am pleased to see the segment registers become useless.
Post 28 Mar 2020, 14:38
View user's profile Send private message Visit poster's website Reply with quote
Ali.Z



Joined: 08 Jan 2018
Posts: 373
Ali.Z
current memory model is flat, and often combined with paging.

two segments were added, fs and gs.
fs - (in windows based OS's) is used for thread local storage (tls)
gs - (again in windows) is used by the system internally (and i believe thats only true for protected/compatibility mode not long mode)

but why would you use segmented memory model? limiting yourself to 1mb of memory, and different segment:offset can resolve same physical address, or maybe even hard to track errors and failures and risk of crashing regardless of your programming skills.

it was good at it time, but no longer.

_________________
Asm For Wise Humans
Post 29 Mar 2020, 16:47
View user's profile Send private message Reply with quote
DimonSoft



Joined: 03 Mar 2010
Posts: 821
Location: Belarus
DimonSoft
A few corrections.
Ali.Z wrote:
two segments were added, fs and gs.
Those are segment registers, not segments.
Ali.Z wrote:
but why would you use segmented memory model? limiting yourself to 1mb of memory, and different segment:offset can resolve same physical address, or maybe even hard to track errors and failures and risk of crashing regardless of your programming skills.
Segment addressing doesn’t necessarily limit the available address space to 1 MB: protected mode can be used with 32-bit addressing and without paging, leaving only segment addressing layer and 4 GB of address space at the same time.
Post 29 Mar 2020, 18:34
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17671
Location: In your JS exploiting you and your system
revolution
I think Intel liked to rename them from segment registers to selectors when they introduced the 80286 protection model. But even the selector model was too limiting. It was just a hack to repurpose the existing segment registers.
Post 29 Mar 2020, 18:49
View user's profile Send private message Visit poster's website Reply with quote
Ali.Z



Joined: 08 Jan 2018
Posts: 373
Ali.Z
i meant segment registers tho, but i wrote it differently.

yes i said often combined with paging, its just a great mechanism and a must have for virtual memory addressing also dont forget pages can be swapped and loaded into the ram thats an additional feature.

_________________
Asm For Wise Humans
Post 30 Mar 2020, 07:56
View user's profile Send private message Reply with quote
DimonSoft



Joined: 03 Mar 2010
Posts: 821
Location: Belarus
DimonSoft
revolution wrote:
I think Intel liked to rename them from segment registers to selectors when they introduced the 80286 protection model. But even the selector model was too limiting. It was just a hack to repurpose the existing segment registers.

Well, the name “segment register” just means it is somehow related to segments. The rules are not implied by the name. We can say real mode selectors were just hard-coded to overlapping segments, and then protected mode introduced more freedom in setting them up.
Post 30 Mar 2020, 08:37
View user's profile Send private message Visit poster's website Reply with quote
Furs



Joined: 04 Mar 2016
Posts: 1520
Furs
Ali.Z wrote:
but why would you use segmented memory model? limiting yourself to 1mb of memory, and different segment:offset can resolve same physical address, or maybe even hard to track errors and failures and risk of crashing regardless of your programming skills.
Well the original segment design was a disaster indeed. Especially the "offset" which made no sense to me.

In my opinion, ideally segments should be used to clearly separate different address spaces. One address space for executable code, one for data, and so on. (the only thing that may be needed to be stored in pages now would be the read-only flag)

Perhaps, given enough permissions, one could use a segment to refer to different address spaces altogether, from different processes. A bit like shared memory, but implicit. Of course it would be dangerous that's why it would need to be activated manually, somehow.

Potentially a way to transparently use it; this could be used, for example, to isolate plugins in an app so that when one crashes it doesn't bring down the whole application with it. And doing this without the overhead of inter-process communication and task switching...

But yeah. Not really much point on going on with what could have happened. Confused
Post 30 Mar 2020, 13:17
View user's profile Send private message Reply with quote
Tomasz Grysztar



Joined: 16 Jun 2003
Posts: 7797
Location: Kraków, Poland
Tomasz Grysztar
Furs wrote:
In my opinion, ideally segments should be used to clearly separate different address spaces. One address space for executable code, one for data, and so on. (the only thing that may be needed to be stored in pages now would be the read-only flag)
That is more of less what the 80286 protected mode used to be, I once made a series of live streams where I did a simple demonstration of these concepts (with separate segments for code, data, video memory access; each with strict boundaries and permissions).

Of course, 80386+ still had all those features, but since having a flat memory model with paging was so much more comfortable to use, nobody was using limited segments anymore and this later led to abandonment of these features in long mode. We can only wonder if having OSes relying on segmentation-based protection instead of page-based one could have been a bit more resilient to various kinds of security problems. Possibly yes, but that ship had sailed a long time ago.
Post 30 Mar 2020, 18:13
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17671
Location: In your JS exploiting you and your system
revolution
A major drawback with the way Intel implemented paging was there wasn't any execute permission bit. The NX bit was only added recently and that fixed a number of problems.

But in general that doesn't mean that paging is worse at security than segmentation. It just means that Intel was short-sighted about how they implemented it. Other CPUs had better paging support right from the start.
Post 30 Mar 2020, 18:20
View user's profile Send private message Visit poster's website Reply with quote
Tomasz Grysztar



Joined: 16 Jun 2003
Posts: 7797
Location: Kraków, Poland
Tomasz Grysztar
revolution wrote:
But in general that doesn't mean that paging is worse at security than segmentation.
I actually think some of the Spectre-like vulnerabilities would not be as easy to exploit under a strict segmented model.
Post 30 Mar 2020, 18:25
View user's profile Send private message Visit poster's website Reply with quote
bitRAKE



Joined: 21 Jul 2003
Posts: 3050
Location: vpcmipstrm
bitRAKE
Wonder if the industry had fear of OS's becoming too monolithic and all-encompassing. Everyone and their brother was making stacks of cash pushing multitudes of specialized applications.

https://en.wikipedia.org/wiki/Taligent

... much of that technology lives on in other projects.

_________________
¯\(°_o)/¯ unlicense.org
Post 30 Mar 2020, 19:29
View user's profile Send private message Visit poster's website Reply with quote
Ali.Z



Joined: 08 Jan 2018
Posts: 373
Ali.Z
Furs wrote:
In my opinion, ideally segments should be used to clearly separate different address spaces. One address space for executable code, one for data, and so on. (the only thing that may be needed to be stored in pages now would be the read-only flag)

yes, this is one great concept thats similar to us - humans - we (usually) like to organize / arrange / structure things.

Tomasz Grysztar wrote:
where I did a simple demonstration of these concepts (with separate segments for code, data, video memory access; each with strict boundaries and permissions).

what do you mean "strict boundaries", we can go beyond the segment limit and maybe write data to somewhere we dont know and that will probably generate a segmentation fault.
same would be with paging - generates page-fault (if its not self modifying program), of course thats only if the NX bit is disabled.

the question goes here:
in matter of fault handling, i think page-fault is more manageable and flexible.
so what would be better in term of flexibility / handling / managing in protected mode, segment or paging faults?

_________________
Asm For Wise Humans
Post 31 Mar 2020, 17:11
View user's profile Send private message Reply with quote
Tomasz Grysztar



Joined: 16 Jun 2003
Posts: 7797
Location: Kraków, Poland
Tomasz Grysztar
Ali.Z wrote:
what do you mean "strict boundaries", we can go beyond the segment limit and maybe write data to somewhere we dont know and that will probably generate a segmentation fault.
That will surely (not just "probably") generate a General Protection Fault (this is the exception you get on 80286+ when accessing address past the segment limit). And you cannot just load any selector into your segment registers to try accessing other segments, you can only load selectors that have a valid combination of privilege levels in selector and descriptor, and allowed for the level at which your code is.

It is possible to set it all up in such way, that you would only be able to access a couple of tiny segments with your code/data and nothing else. You would be calling kernel through gates (which are special selectors that allow to call functions of higher privilege levels, but cannot be loaded into segment registers and therefore cannot be used to access a memory) and thus you would not even be able to "see" any memory other than your few small segments, your code would be in a complete isolation.

I believe I have managed to at least partially demonstrate these concepts during my recorded sessions.
Post 31 Mar 2020, 17:43
View user's profile Send private message Visit poster's website Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on GitHub, YouTube, Twitter.

Website powered by rwasa.