65002 User- and Hypervisor mode
The 65k processors have two modes of operation, the user mode and the hypervisor mode. In the hypervisor mode the processor has all privileges and access to all registers. The purpose of the hypervisor mode is to run operating system level code. The user mode is restricted and is intended to run application programs. Critical instructions that modify or leak system state can only be executed in hypervisor mode.
All such instructions are trapped into an ABORT so that the user mode can actually run a hypervisor mode program, as long as all such ABORTS are trapped and replaced with emulation code.
When the 65k boots it boots into hypervisor mode. The hypervisor mode is stored in the extended status byte.
Jump to User Mode
To go to a user space program - as set up by the user mode matchcode and user mode stack pointer - the JPU opcode is used. It reads the operand address (from hypervisor mode), then clears the hypervisor bit. After that it either jumps to the operand address in user mode (absolute jump), or it reads the effective address from user mode (indirect jump) and jumps there.
To emulate the behaviour of the original 6502, you would do a
JPU ($FFFC)
Interrupts and ABORTs
When an interrupt occurs the processor jumps into hypervisor mode. I.e. the stack pointer to store the return address and the status values is the hypervisor stack pointer, and hypervisor memory is used. In this native mode the extended stack frame is used that includes the hypervisor mode bit in the extended status byte (it is stored in hypervisor memory, so it is not leaked).
The RTI instruction returns from the interrupt. It reads the extended stack frame and restores the hypervisor mode bit as it was before.
The same happens on ABORTs.
For more information see the Interrupts page.
TRAP
When an TRP is executed the processor jumps into hypervisor mode. I.e. the stack pointer to store the return address and the extended status values is the hypervisor stack pointer, and hypervisor memory is used. In this native mode the extended stack frame without the standard status byte is used. That frame includes the hypervisor mode bit in the extended status byte (it is stored in hypervisor memory, so it is not leaked).
The RTU instruction returns from the TRP handler. It reads the extended stack frame and restores the hypervisor mode bit as it was before.
For more information see the Interrupts page.
Each of the two modes has its own memory management setting. The memory management is controlled by a so-called matchcode. Each mode has its own matchcode as set in the processor configuration registers. From the matchcode then the memory configuration is derived. For more details on this see the Memory Management page.
User Mode Prefix
To access the user mode memory from hypervisor mode (e.g. for stack parameters of a TRP execution), a prefix bit is implemented. This user mode prefix bit is used to access user mode memory from hypervisor mode code. When it is set, then the operand address is seen as user mode memory. For more details please see the Prefixes page.
This section lists the critical instructions that are allowed in hypervisor mode only
Status Register
The Extended Status Register byte contains the hypervisor mode. This extended status byte is not accessible through such an operation like PHP. Thus a program can actually not determine whether it is running in user mode or hypervisor mode.
Jump to user space and Return to user space
The JPU operation is protected. I.e. when a user mode program tries to JPU somewhere, the processor goes into an ABORT.
Similarly the RTU opcode is protected, as it also allows returning from hypervisor mode to user mode.
Note: would they not be protected, the processor could not trap them in a virtualized hypervisor mode (i.e. running in user space) and emulate their behaviour appropriately.
Return From Interrupt
The RTI opcode allows extended stack frames that include the hypervisor mode bit to be restored. In general, when the RTI opcode is executed in user mode it is not protected. Only when the RTI instruction tries to restore a set hypervisor bit (to jump into hypervisor mode), this instruction ABORTs.
User Mode Prefix
The user mode prefix bit is used to access user mode memory from hypervisor mode code. Any instruction that has this bit set and is executed from user mode traps into an ABORT.
Processor Configuration Register
The opcodes accessing (reading and writing) the processor configuration registers are protected and trap into an ABORT when executed in user mode.
Disclaimer
Last updated 2012-04-23. Last modified: 2012-04-29