Menu
Home
People
Places
Arts
History
Plants & Animals
Science
Life & Culture
Technology
Reference.org
Control register
open-in-new
<h2 id="history">History</h2> <p>The early CPU lacked dedicated control registers, and relied on a limited set of internal signals and flags.<a class="footnote-ref" id="fnref:1" href="#fn:1"><sup>1</sup></a> When IBM developed a paging version<a class="footnote-ref" id="fnref:2" href="#fn:2"><sup>2</sup></a> of the <a href="/facts/System%2f360/7znvpy4K">System/360</a>, they added 16 control registers<a class="footnote-ref" id="fnref:3" href="#fn:3"><sup>3</sup></a><a class="footnote-ref" id="fnref:4" href="#fn:4"><sup>4</sup></a> to the design for what became the <a href="/facts/360%2f67/0BwJAwRV">360/67</a>. IBM did not provide control registers on other S/360 models, but made them a standard part<a class="footnote-ref" id="fnref:5" href="#fn:5"><sup>5</sup></a> of <a href="/facts/System%2f370/TRo1jaFw">System/370</a>, although with different register and bit assignments. As IBM added new features to the architecture, e.g., <a href="/facts/IBM_System%2f370/TRo1jaFw">DAS</a>, <a href="/facts/S%2f370-XA/TRo1jaFw">S/370-XA</a>, <a href="/facts/ESA%2f370/TRo1jaFw">S/370-ESA</a>, <a href="/facts/ESA%2f390/lzkp2UE5">ESA/390</a>, they added additional fields to the control registers. With <a href="/facts/Z%2fArchitecture/FcKYkGn9">z/Architecture</a>, IBM doubled the control register size to 64 bits. </p> <h2 id="control-registers-in-ibm-36067">Control registers in IBM 360/67</h2> <p>On the <a href="/facts/360%2f67/0BwJAwRV">360/67</a>, CR0 and CR2 are used by address translation, CR 4-6 contain miscellaneous flags including interrupt masks and Extended Control Mode,<a class="footnote-ref" id="fnref:6" href="#fn:6"><sup>6</sup></a> and CR 8-14<a class="footnote-ref" id="fnref:7" href="#fn:7"><sup>7</sup></a> contain the switch settings on the 2167 Configuration Unit. </p> <h3>M67 CR0</h3> <p>Control Register 0 contains the address of the segment table for dynamic address translation. </p> <h3>M67 CR2</h3> <p>Control register 2 is the Relocation exception address register. </p> <h3>M67 CR4</h3> <p>CR4 is the extended mask register for channels 0-31. Each bit is the 1/0 channel mask for the corresponding channel. </p> <h3>M67 CR5</h3> <p>CR5 is reserved for the extended mask register for channels 32–63. Each bit is the 1/0 channel mask for the corresponding channel. </p> <h3>M67 CR6</h3> <p>CR6 contains two mode flags plus extensions to the PSW mask bits. </p> CR6 Flags and Masks<table><tbody><tr><th>Field</th><th>Bit</th><th>Description</th></tr><tr><td>0</td><td>0</td><td>Machine Check Mask Extension for Channel Controller o</td></tr><tr><td>1</td><td>1</td><td>Machine Check Mask Extension for Channel Controller 1</td></tr><tr><td>2-3</td><td></td><td>Reserved for channel controllers 2-3</td></tr><tr><td>4-7</td><td></td><td>Unassigned</td></tr><tr><td>8</td><td>8</td><td>Extended Control Mode</td></tr><tr><td>9</td><td>9</td><td>Configuration Control Bit</td></tr><tr><td>10-23</td><td></td><td>Unassigned</td></tr><tr><td>24-31</td><td></td><td>External interrupt masking</td></tr><tr><td></td><td>24</td><td>Timer</td></tr><tr><td></td><td>25</td><td>Interrupt Key</td></tr><tr><td></td><td>26</td><td>Malfunction Alert - CPU 1 (Ext. Sig. 2)</td></tr><tr><td></td><td>27</td><td>Malfunction Alert - CPU 2 (Ext. Sig. 3)</td></tr><tr><td></td><td>28</td><td>Reserved (Ext. Sig. 4)</td></tr><tr><td></td><td>29</td><td>Reserved (Ext. Sig. 5)</td></tr><tr><td></td><td>30</td><td>External Interrupt - CPU 1, 2 (Ext. Sig. 6)</td></tr><tr><td></td><td>31</td><td>Reserved (Ext. Sig. 7)</td></tr></tbody></table> <h3>M67 CR8</h3> <p>Control Register 8 contains the assignments of Processor Storage units 1–4 to central processing units (CPUs) and channel controllers (CCs). </p> Processor Storage unit 1-4 assignment<table><tbody><tr><th>Bit</th><th>Description</th></tr><tr><td>0</td><td>Processor Storage Unit 1 to CPU 1</td></tr><tr><td>1</td><td>Processor Storage Unit 1 to CPU 2</td></tr><tr><td>2-3</td><td>Reserved for CPU 3-4</td></tr><tr><td>4</td><td>Processor Storage Unit 1 to CC 0</td></tr><tr><td>5</td><td>Processor Storage Unit 1 to CC 1</td></tr><tr><td>6-7</td><td>Reserved for CC 3-4</td></tr><tr><td>8</td><td>Processor Storage Unit 2 to CPU 1</td></tr><tr><td>9</td><td>Processor Storage Unit 2 to CPU 2</td></tr><tr><td>10-11</td><td>Reserved for CPU 3-4</td></tr><tr><td>12</td><td>Processor Storage Unit 2 to CC 0</td></tr><tr><td>13</td><td>Processor Storage Unit 2 to CC 1</td></tr><tr><td>14-15</td><td>Reserved for CC 3-4</td></tr><tr><td>16</td><td>Processor Storage Unit 3 to CPU 1</td></tr><tr><td>17</td><td>Processor Storage Unit 3 to CPU 2</td></tr><tr><td>18-19</td><td>Reserved for CPU 3-4</td></tr><tr><td>20</td><td>Processor Storage Unit 3 to CC 0</td></tr><tr><td>21</td><td>Processor Storage Unit 3 to CC 1</td></tr><tr><td>22-23</td><td>Reserved for CC 3-4</td></tr><tr><td>24</td><td>Processor Storage Unit 4 to CPU 1</td></tr><tr><td>25</td><td>Processor Storage Unit 4 to CPU 2</td></tr><tr><td>26-27</td><td>Reserved for CPU 3-4</td></tr><tr><td>28</td><td>Processor Storage Unit 4 to CC 0</td></tr><tr><td>29</td><td>Processor Storage Unit 4 to CC 1</td></tr><tr><td>30-31</td><td>Reserved for CC 3-4</td></tr></tbody></table> <h3>M67 CR9</h3> <p>Control Register 9 contains the assignments of Processor Storage units 5–8 to central processing units (CPUs) and channel controllers (CCs). </p> Processor Storage unit 1-4 assignment<table><tbody><tr><th>Bit</th><th>Description</th></tr><tr><td>0</td><td>Processor Storage Unit 5 to CPU 1</td></tr><tr><td>1</td><td>Processor Storage Unit 5 to CPU 2</td></tr><tr><td>2-3</td><td>Reserved for CPU 3-4</td></tr><tr><td>4</td><td>Processor Storage Unit 5 to CC 0</td></tr><tr><td>5</td><td>Processor Storage Unit 5 to CC 1</td></tr><tr><td>6-7</td><td>Reserved for CC 3-4</td></tr><tr><td>8</td><td>Processor Storage Unit 6 to CPU 66</td></tr><tr><td>9</td><td>Processor Storage Unit 6 to CPU 2</td></tr><tr><td>10-11</td><td>Reserved for CPU 3-4</td></tr><tr><td>12</td><td>Processor Storage Unit 6 to CC 0</td></tr><tr><td>13</td><td>Processor Storage Unit 6 to CC 1</td></tr><tr><td>14-15</td><td>Reserved for CC 3-4</td></tr><tr><td>16</td><td>Processor Storage Unit 7 to CPU 1</td></tr><tr><td>17</td><td>Processor Storage Unit 7 to CPU 2</td></tr><tr><td>18-19</td><td>Reserved for CPU 3-4</td></tr><tr><td>20</td><td>Processor Storage Unit 7 to CC 0</td></tr><tr><td>21</td><td>Processor Storage Unit 7 to CC 1</td></tr><tr><td>22-23</td><td>Reserved for CC 3-4</td></tr><tr><td>24</td><td>Processor Storage Unit 8 to CPU 1</td></tr><tr><td>25</td><td>Processor Storage Unit 8 to CPU 2</td></tr><tr><td>26-27</td><td>Reserved for CPU 3-4</td></tr><tr><td>28</td><td>Processor Storage Unit 8 to CC 0</td></tr><tr><td>29</td><td>Processor Storage Unit 8 to CC 1</td></tr><tr><td>30-31</td><td>Reserved for CC 3-4</td></tr></tbody></table> <h3>M67 CR10</h3> <p>Control Register 10 contains the Processor storage address assignment codes. </p> Processor storage address bits 11-14 assignment codes<table><tbody><tr><th>Bit</th><th>Starting Address Code for</th></tr><tr><td>0-3</td><td>Processor Storage Unit 1</td></tr><tr><td>4-7</td><td>Processor Storage Unit 2</td></tr><tr><td>8-11</td><td>Processor Storage Unit 3</td></tr><tr><td>12-15</td><td>Processor Storage Unit 4</td></tr><tr><td>16-19</td><td>Processor Storage Unit 5</td></tr><tr><td>20-23</td><td>Processor Storage Unit 6</td></tr><tr><td>24-27</td><td>Processor Storage Unit 7</td></tr><tr><td>28-31</td><td>Processor Storage Unit 8</td></tr></tbody></table> <h3>M67 CR11</h3> <p>Control Register 11 contains channel controller (CC) assignments. </p> CR11 Channel Controller (CC) partitioning<table><tbody><tr><th>Bit</th><th>Description</th></tr><tr><td>0</td><td>CC 0 available on CPU 1</td></tr><tr><td>1</td><td>CC 0 available on CPU 2</td></tr><tr><td>2-3</td><td>Reserved for CPUs 3-4</td></tr><tr><td>4</td><td>CC 1 available on CPU 1</td></tr><tr><td>5</td><td>CC 1 available on CPU 2</td></tr><tr><td>6-7</td><td>Reserved for CPUs 3-4</td></tr><tr><td>8-15</td><td>Unassigned</td></tr><tr><td>16</td><td>CPU 1 to only CC 0</td></tr><tr><td>17</td><td>CPU 1 to only CC 1</td></tr><tr><td>18-19</td><td>Reserved for CC 2-3</td></tr><tr><td>20</td><td>CPU 2 to only CC 0</td></tr><tr><td>21</td><td>CPU 2 to only CC 1</td></tr><tr><td>22-23</td><td>Reserved for CC 2-3</td></tr><tr><td>24-31</td><td>Unassigned</td></tr></tbody></table> <h3>M67 CR12</h3> <p>CR12 contains I/O Control Unit Partitioning. </p> CR12 I/O Control Unit 1-16 Partitioning<table><tbody><tr><th>Bit</th><th>I/O Control Unit</th><th>Interface</th></tr><tr><td>0</td><td rowspan="2">1</td><td>1</td></tr><tr><td>1</td><td>2</td></tr><tr><td>2</td><td rowspan="2">2</td><td>1</td></tr><tr><td>3</td><td>2</td></tr><tr><td>4</td><td rowspan="2">3</td><td>1</td></tr><tr><td>5</td><td>2</td></tr><tr><td>6</td><td rowspan="2">4</td><td>1</td></tr><tr><td>7</td><td>2</td></tr><tr><td>8</td><td rowspan="2">5</td><td>1</td></tr><tr><td>9</td><td>2</td></tr><tr><td>10</td><td rowspan="2">6</td><td>1</td></tr><tr><td>11</td><td>2</td></tr><tr><td>12</td><td rowspan="2">7</td><td>1</td></tr><tr><td>13</td><td>2</td></tr><tr><td>14</td><td rowspan="2">8</td><td>1</td></tr><tr><td>15</td><td>2</td></tr><tr><td>16</td><td rowspan="2">9</td><td>1</td></tr><tr><td>17</td><td>2</td></tr><tr><td>18</td><td rowspan="2">10</td><td>1</td></tr><tr><td>19</td><td>2</td></tr><tr><td>20</td><td rowspan="2">11</td><td>1</td></tr><tr><td>21</td><td>2</td></tr><tr><td>22</td><td rowspan="2">12</td><td>1</td></tr><tr><td>23</td><td>2</td></tr><tr><td>24</td><td rowspan="2">13</td><td>1</td></tr><tr><td>25</td><td>2</td></tr><tr><td>26</td><td rowspan="2">14</td><td>1</td></tr><tr><td>27</td><td>2</td></tr><tr><td>28</td><td rowspan="2">15</td><td>1</td></tr><tr><td>29</td><td>2</td></tr><tr><td>30</td><td rowspan="2">16</td><td>1</td></tr><tr><td>31</td><td>2</td></tr></tbody></table> <h3>M67 CR13</h3> <p>CR13 contains I/O Control Unit Partitioning. </p> CR13 I/O Control Unit 17-32 Partitioning<table><tbody><tr><th>Bit</th><th>I/O Control Unit</th><th>Interface</th></tr><tr><td>0</td><td rowspan="2">17</td><td>1</td></tr><tr><td>1</td><td>2</td></tr><tr><td>2</td><td rowspan="2">18</td><td>1</td></tr><tr><td>3</td><td>2</td></tr><tr><td>4</td><td rowspan="2">19</td><td>1</td></tr><tr><td>5</td><td>2</td></tr><tr><td>6</td><td rowspan="2">20</td><td>1</td></tr><tr><td>7</td><td>2</td></tr><tr><td>8</td><td rowspan="2">21</td><td>1</td></tr><tr><td>9</td><td>2</td></tr><tr><td>10</td><td rowspan="2">22</td><td>1</td></tr><tr><td>11</td><td>2</td></tr><tr><td>12</td><td rowspan="2">23</td><td>1</td></tr><tr><td>13</td><td>2</td></tr><tr><td>14</td><td rowspan="2">24</td><td>1</td></tr><tr><td>15</td><td>2</td></tr><tr><td>16</td><td rowspan="2">25</td><td>1</td></tr><tr><td>17</td><td>2</td></tr><tr><td>18</td><td rowspan="2">26</td><td>1</td></tr><tr><td>19</td><td>2</td></tr><tr><td>20</td><td rowspan="2">27</td><td>1</td></tr><tr><td>21</td><td>2</td></tr><tr><td>22</td><td rowspan="2">28</td><td>1</td></tr><tr><td>23</td><td>2</td></tr><tr><td>24</td><td rowspan="2">29</td><td>1</td></tr><tr><td>25</td><td>2</td></tr><tr><td>26</td><td rowspan="2">30</td><td>1</td></tr><tr><td>27</td><td>2</td></tr><tr><td>28</td><td rowspan="2">31</td><td>1</td></tr><tr><td>29</td><td>2</td></tr><tr><td>30</td><td rowspan="2">32</td><td>1</td></tr><tr><td>31</td><td>2</td></tr></tbody></table> <h3>M67 CR14</h3> <p>CR14 contains indicators. </p> CR14 Indicators<table><tbody><tr><th>Bit</th><th>Indicator</th></tr><tr><td>0-27</td><td>Unassigned</td></tr><tr><td>22</td><td>2167 Power On</td></tr><tr><td>23</td><td>Unassigned</td></tr><tr><td>24</td><td>Direct Control, CPU 1</td></tr><tr><td>25</td><td>Direct Control, CPU 2</td></tr><tr><td>26-27</td><td>Unassigned</td></tr><tr><td>28</td><td>Prefix, CPU 1</td></tr><tr><td>29</td><td>Prefix, CPU 2</td></tr><tr><td>30-31</td><td>Unassigned</td></tr></tbody></table> <h2 id="control-registers-in-ibm-s390">Control registers in IBM S/390</h2> <p>The control registers of <a href="/facts/ESA%2f390/lzkp2UE5">ESA/390</a><a class="footnote-ref" id="fnref:8" href="#fn:8"><sup>8</sup></a> on the <a href="/facts/IBM_S%2f390/lzkp2UE5">IBM S/390</a> are an evolutionary enhancement to the control registers on the earlier <a href="/facts/ESA%2f370/TRo1jaFw">ESA/370</a>,<a class="footnote-ref" id="fnref:9" href="#fn:9"><sup>9</sup></a> <a href="/facts/S%2f370-XA/TRo1jaFw">S/370-XA</a><a class="footnote-ref" id="fnref:10" href="#fn:10"><sup>10</sup></a> and <a href="/facts/S%2f370/TRo1jaFw">S/370</a><a class="footnote-ref" id="fnref:11" href="#fn:11"><sup>11</sup></a> processors. For details on which fields are dependent on specific features, consult the Principles of Operation.<a class="footnote-ref" id="fnref:12" href="#fn:12"><sup>12</sup></a> </p> ESA/390 control registers<table><tbody><tr><th>CR</th><th>bits</th><th>Field</th></tr><tr><td>0</td><td>1</td><td>SSM-suppression</td></tr><tr><td>0</td><td>2</td><td>TOD-clock-sync control</td></tr><tr><td>0</td><td>3</td><td>Low-address-protection control</td></tr><tr><td>0</td><td>4</td><td>Extraction-authority control</td></tr><tr><td>0</td><td>5</td><td>Secondary-space control</td></tr><tr><td>0</td><td>6</td><td>Fetch-protection-override control</td></tr><tr><td>0</td><td>7</td><td>Storage-protection-override control</td></tr><tr><td>0</td><td>8-12</td><td>Translation format</td></tr><tr><td>0</td><td>13</td><td>AFP-register control</td></tr><tr><td>0</td><td>14</td><td>Vector control</td></tr><tr><td>0</td><td>15</td><td>Address-space-function control</td></tr><tr><td>0</td><td>16</td><td>Malfunction-alert subclass mask</td></tr><tr><td>0</td><td>17</td><td>Emergency-signal subclass mask</td></tr><tr><td>0</td><td>18</td><td>External-call subclass mask</td></tr><tr><td>0</td><td>19</td><td>TOD-clock sync-check subclass mask</td></tr><tr><td>0</td><td>20</td><td>Clock-comparator subclass mask</td></tr><tr><td>0</td><td>21</td><td>CPU-timer subclass mask</td></tr><tr><td>0</td><td>22</td><td>Service-signal subclass mask</td></tr><tr><td>0</td><td>24</td><td>Set to 1</td></tr><tr><td>0</td><td>25</td><td>Interrupt-key subclass mask</td></tr><tr><td>0</td><td>26</td><td>Set to 1</td></tr><tr><td>0</td><td>27</td><td>ETR subclass mask</td></tr><tr><td>0</td><td>28</td><td>Program-call-fast</td></tr><tr><td>0</td><td>29</td><td>Crypto control</td></tr><tr><td>1</td><td>0</td><td>Primary space-switch-event control</td></tr><tr><td>1</td><td>1-19</td><td>Primary segment-table origin</td></tr><tr><td>1</td><td>22</td><td>Primary subspace-group control</td></tr><tr><td>1</td><td>23</td><td>Primary private-space control</td></tr><tr><td>1</td><td>24</td><td>Primary storage-alteration-event control</td></tr><tr><td>1</td><td>25-31</td><td>Primary segment-table length</td></tr><tr><td>2</td><td>1-25</td><td>Dispatchable-unit-control-table origin</td></tr><tr><td>3</td><td>0-15</td><td>PSW-key mask</td></tr><tr><td>3</td><td>16-31</td><td>Secondary ASN</td></tr><tr><td>4</td><td>0-15</td><td>Authorization index</td></tr><tr><td>4</td><td>16-31</td><td>Primary ASN</td></tr><tr><td>5</td><td>0</td><td>Subsystem-linkage control</td></tr><tr><td>5</td><td>1-24</td><td>Linkage-table origin</td></tr><tr><td>5</td><td>25-31</td><td>Linkage-table length</td></tr><tr><td>5</td><td>1-25</td><td>When the address-space-function control is one,Primary-ASN-second-table-entry</td></tr><tr><td>6</td><td>0-7</td><td>I/O-interruption subclass mask</td></tr><tr><td>7</td><td>1-19</td><td>Secondary segment-table origin</td></tr><tr><td>7</td><td>22</td><td>Secondary subspace-group control</td></tr><tr><td>7</td><td>23</td><td>Secondary private-space control</td></tr><tr><td>7</td><td>24</td><td>Secondary storage-alteration-event control</td></tr><tr><td>7</td><td>25-31</td><td>Secondary segment-table length</td></tr><tr><td>8</td><td>0-15</td><td>Extended authorization index</td></tr><tr><td>8</td><td>16-31</td><td>Monitor masks</td></tr><tr><td>9</td><td>0</td><td>Successful-branching-event mask</td></tr><tr><td>9</td><td>1</td><td>Instruction-fetching-event mask</td></tr><tr><td>9</td><td>2</td><td>Storage-alteration-event mask</td></tr><tr><td>9</td><td>3</td><td>GR-alteration-event mask</td></tr><tr><td>9</td><td>4</td><td>Store-using-real-address-event mask</td></tr><tr><td>9</td><td>8</td><td>Branch-address control</td></tr><tr><td>9</td><td>10</td><td>Storage-alteration-space control</td></tr><tr><td>9</td><td>16-31</td><td>PER general-register masks</td></tr><tr><td>10</td><td>1-31</td><td>PER starting address</td></tr><tr><td>11</td><td>1-31</td><td>PER ending address</td></tr><tr><td>12</td><td>0</td><td>Branch-trace control</td></tr><tr><td>12</td><td>1-29</td><td>Trace-entry address</td></tr><tr><td>12</td><td>30</td><td>ASN-trace control</td></tr><tr><td>12</td><td>31</td><td>Explicit-trace control</td></tr><tr><td>13</td><td>0</td><td>Home space-switch-event control</td></tr><tr><td>13</td><td>1-19</td><td>Home segment-table origin</td></tr><tr><td>13</td><td>23</td><td>Home private-space control</td></tr><tr><td>13</td><td>24</td><td>Home storage-alteration-event control</td></tr><tr><td>13</td><td>25-31</td><td>Home segment-table length</td></tr><tr><td>14</td><td>0</td><td>Set to 1</td></tr><tr><td>14</td><td>1</td><td>Set to 1</td></tr><tr><td>14</td><td>2</td><td>Extended-save-area control</td></tr><tr><td>14</td><td>3</td><td>Channel-report-pending subclass mask</td></tr><tr><td>14</td><td>4</td><td>Recovery subclass mask</td></tr><tr><td>14</td><td>5</td><td>Degradation subclass mask</td></tr><tr><td>14</td><td>6</td><td>External-damage subclass mask</td></tr><tr><td>14</td><td>7</td><td>Warning subclass mask</td></tr><tr><td>14</td><td>10</td><td>TOD-clock-control-override control</td></tr><tr><td>14</td><td>12</td><td>ASN-translation control</td></tr><tr><td>14</td><td>13-31</td><td>ASN-first-table origin</td></tr><tr><td>15</td><td>1-28</td><td>Linkage-stack-entry address</td></tr></tbody></table> <h2 id="control-registers-in-ibm-zarchitecture">Control registers in IBM z/Architecture</h2> <p>The control registers of <a href="/facts/Z%2fArchitecture/FcKYkGn9">z/Architecture</a><a class="footnote-ref" id="fnref:13" href="#fn:13"><sup>13</sup></a> are an evolutionary enhancement to the control registers of the earlier <a href="/facts/ESA%2f390/lzkp2UE5">ESA/390</a> on the <a href="/facts/IBM_S%2f390/lzkp2UE5">IBM S/390</a> processors. For details on which fields are dependent on specific features, consult the Principles of Operation.<a class="footnote-ref" id="fnref:14" href="#fn:14"><sup>14</sup></a> Because z/Architecture expands the control registers from 32 bits to 64, the bit numbering differs from that in ESA/390. </p> z/Architecture mode control registers<table><tbody><tr><th>CR</th><th>bits</th><th>Field</th></tr><tr><td>0</td><td>8</td><td>Transactional-execution control</td></tr><tr><td>0</td><td>9</td><td>Transactional-execution program-interruption filtering override</td></tr><tr><td>0</td><td>10</td><td>Clock-comparator sign control</td></tr><tr><td>0</td><td>13</td><td>Cryptography counter control</td></tr><tr><td>0</td><td>14</td><td>Processor-activity-instrumentation-extension control</td></tr><tr><td>0</td><td>15</td><td>Measurement-counter-extraction-authorization control</td></tr><tr><td>0</td><td>30</td><td>Warning-track subclass mask</td></tr><tr><td>0</td><td>32</td><td>TRACE TOD-clock control</td></tr><tr><td>0</td><td>33</td><td>SSM-suppression</td></tr><tr><td>0</td><td>34</td><td>TOD-clock-sync control</td></tr><tr><td>0</td><td>35</td><td>Low-address-protection control</td></tr><tr><td>0</td><td>36</td><td>Extraction-authority control</td></tr><tr><td>0</td><td>37</td><td>Secondary-space control</td></tr><tr><td>0</td><td>38</td><td>Fetch-protection-override control</td></tr><tr><td>0</td><td>39</td><td>Storage-protection-override control</td></tr><tr><td>0</td><td>40</td><td>Enhanced-DAT-enablement control</td></tr><tr><td>0</td><td>43</td><td>Instruction-execution-protection-enablement control</td></tr><tr><td>0</td><td>44</td><td>ASN-and-LX-reuse control</td></tr><tr><td>0</td><td>45</td><td>AFP-register control</td></tr><tr><td>0</td><td>46</td><td>Vector enablement control</td></tr><tr><td>0</td><td>48</td><td>Malfunction-alert subclass mask</td></tr><tr><td>0</td><td>48</td><td>Malfunction-alert subclass mask</td></tr><tr><td>0</td><td>49</td><td>Emergency-signal subclass mask</td></tr><tr><td>0</td><td>50</td><td>External-call subclass mask</td></tr><tr><td>0</td><td>52</td><td>Clock-comparator subclass mask</td></tr><tr><td>0</td><td>53</td><td>CPU-timer subclass mask</td></tr><tr><td>0</td><td>54</td><td>Service-signal subclass mask</td></tr><tr><td>0</td><td>56</td><td>Initialized to 1</td></tr><tr><td>0</td><td>57</td><td>Interrupt-key subclass mask</td></tr><tr><td>0</td><td>58</td><td>Measurement-alert subclass mask</td></tr><tr><td>0</td><td>59</td><td>Timing-alert subclass mask</td></tr><tr><td>0</td><td>61</td><td>Crypto control</td></tr><tr><td>1</td><td>0-51</td><td>Primary Address-Space Control Element (ASCE)Primary region-table originPrimary segment-table originPrimary real-space token origin</td></tr><tr><td>1</td><td>54</td><td>Primary subspace-group control</td></tr><tr><td>1</td><td>55</td><td>Primary private-space control</td></tr><tr><td>1</td><td>56</td><td>Primary storage-alteration-event</td></tr><tr><td>1</td><td>57</td><td>Primary space-switch-event control</td></tr><tr><td>1</td><td>58</td><td>Primary real-space control</td></tr><tr><td>1</td><td>60-61</td><td>Primary designation-type control</td></tr><tr><td>1</td><td>62-63</td><td>Primary table length</td></tr><tr><td>2</td><td>33-57</td><td>Dispatchable-unit-control-table origin</td></tr><tr><td>2</td><td>59</td><td>Guarded-storage-facility enablement control</td></tr><tr><td>2</td><td>61</td><td>Transaction diagnostic scope</td></tr><tr><td>2</td><td>62-63</td><td>Transaction diagnostic control</td></tr><tr><td>3</td><td>0-31</td><td>Secondary ASN-second-table-entry instance number</td></tr><tr><td>3</td><td>32-47</td><td>PSW-key mask</td></tr><tr><td>3</td><td>48-63</td><td>Secondary ASN</td></tr><tr><td>4</td><td>0-31</td><td>Primary ASN-second-table-entry instance number</td></tr><tr><td>4</td><td>32-47</td><td>Authorization index</td></tr><tr><td>4</td><td>48-63</td><td>Primary ASN</td></tr><tr><td>5</td><td>33-57</td><td>Primary-ASN-second-table-entry origin</td></tr><tr><td>6</td><td>32-39</td><td>I/O-interruption subclass mask</td></tr><tr><td>7</td><td>0-51</td><td>Secondary Address-Space Control Element (ASCE)Secondary region-table originSecondary segment-table originSecondary real-space token origin</td></tr><tr><td>7</td><td>54</td><td>Secondary subspace-group control</td></tr><tr><td>7</td><td>55</td><td>Secondary private-space control</td></tr><tr><td>7</td><td>56</td><td>Secondary storage-alteration-event control</td></tr><tr><td>7</td><td>58</td><td>Secondary real-space control</td></tr><tr><td>7</td><td>60-61</td><td>Secondary designation-type control</td></tr><tr><td>7</td><td>62-63</td><td>Secondary table length</td></tr><tr><td>8</td><td>16-31</td><td>Enhanced-monitor masks</td></tr><tr><td>8</td><td>32-47</td><td>Extended authorization index</td></tr><tr><td>8</td><td>48-63</td><td>Monitor masks</td></tr><tr><td>9</td><td>32</td><td>Successful-branching-event mask</td></tr><tr><td>9</td><td>33</td><td>Instruction-fetching-event mask</td></tr><tr><td>9</td><td>34</td><td>Storage-alteration-event mask</td></tr><tr><td>9</td><td>35</td><td>Storage-key-alteration-event mask</td></tr><tr><td>9</td><td>36</td><td>Store-using-real-address-event mask</td></tr><tr><td>9</td><td>37</td><td>Zero-address-detection-event mask</td></tr><tr><td>9</td><td>38</td><td>Transaction-end event mask</td></tr><tr><td>9</td><td>39</td><td>Instruction-fetching-nullification-event mask</td></tr><tr><td>9</td><td>40</td><td>Branch-address control</td></tr><tr><td>9</td><td>41</td><td>PER-event-suppression control</td></tr><tr><td>9</td><td>43</td><td>Storage-alteration-space control</td></tr><tr><td>10</td><td>0-63</td><td>PER starting address</td></tr><tr><td>11</td><td>0-63</td><td>PER ending address</td></tr><tr><td>12</td><td>0</td><td>Branch-trace control</td></tr><tr><td>12</td><td>1</td><td>Mode-trace control</td></tr><tr><td>12</td><td>2-61</td><td>Trace-entry address</td></tr><tr><td>12</td><td>62</td><td>ASN-trace control</td></tr><tr><td>12</td><td>63</td><td>Explicit-trace control</td></tr><tr><td>13</td><td>0-51</td><td>Home Address-Space Control Element (ASCE)Home region-table originHome segment-table originHome real-space token origin</td></tr><tr><td>13</td><td>55</td><td>Home private-space control</td></tr><tr><td>13</td><td>56</td><td>Home storage-alteration-eventl</td></tr><tr><td>13</td><td>57</td><td>Home space-switch-event control</td></tr><tr><td>13</td><td>58</td><td>Secondary real-space control</td></tr><tr><td>13</td><td>60-61</td><td>Home designation-type control</td></tr><tr><td>13</td><td>62-63</td><td>Home table length</td></tr><tr><td>14</td><td>32</td><td>Set to 1</td></tr><tr><td>14</td><td>33</td><td>Set to 1</td></tr><tr><td>14</td><td>34</td><td>Extended save-area control (ESA/390-compatibility mode<p>only)</p></td></tr><tr><td>14</td><td>35</td><td>Channel-report-pending subclass mask</td></tr><tr><td>14</td><td>36</td><td>Recovery subclass mask</td></tr><tr><td>14</td><td>37</td><td>Degradation subclass mask</td></tr><tr><td>14</td><td>38</td><td>External-damage subclass mask</td></tr><tr><td>14</td><td>39</td><td>Warning subclass mask</td></tr><tr><td>14</td><td>42</td><td>TOD-clock-control-override control</td></tr><tr><td>14</td><td>44</td><td>ASN-translation control</td></tr><tr><td>14</td><td>45-63</td><td>ASN-first-table origin</td></tr><tr><td>15</td><td>0-60</td><td>Linkage-stack-entry address</td></tr></tbody></table> <h2 id="control-registers-in-intel-x86series">Control registers in Intel <a href="/facts/X86/Kypq5fgu">x86</a> series</h2> <h3>CR0</h3> <p>The CR0 register is 32 bits long on the <a href="/facts/Intel_80386/ag5eSgWv">386</a> and higher processors. On <a href="/facts/X64/cyWvUFlP">x64</a> processors in <a href="/facts/Long_mode/ITshSuE6">long mode</a>, it (and the other control registers) is 64 bits long. CR0 has various control flags that modify the basic operation of the processor. Register CR0 is the 32 Bit version of the old Machine Status Word (MSW) register. The MSW register was expanded to the Control Register with the appearance of the i386 processor. </p> <table><tbody><tr><th>Bit</th><th>Name</th><th>Full Name</th><th>Description</th></tr><tr><td>0</td><td>PE</td><td>Protected Mode Enable</td><td>If 1, system is in <a href="/facts/Protected_mode/y5u3Gwqq">protected mode</a>, else, system is in <a href="/facts/Real_mode/wfU8vfjn">real mode</a></td></tr><tr><td>1</td><td>MP</td><td>Monitor co-processor</td><td>Controls interaction of WAIT/FWAIT instructions with TS flag in CR0</td></tr><tr><td>2</td><td>EM</td><td>Emulation</td><td>If set, no x87 <a href="/facts/Floating-point_unit/XWTW2AbF">floating-point unit</a> present, if clear, x87 FPU present</td></tr><tr><td>3</td><td>TS</td><td>Task switched</td><td>Allows saving x87 task context upon a task switch only after x87 instruction used</td></tr><tr><td>4</td><td>ET</td><td>Extension type</td><td>On the 386, it allowed to specify whether the external math coprocessor was an <a href="/facts/80287/y8X9HnLL">80287</a> or <a href="/facts/80387/y8X9HnLL">80387</a></td></tr><tr><td>5</td><td>NE</td><td>Numeric error</td><td>Enable internal <a href="/facts/X87/y8X9HnLL">x87</a> floating point error reporting when set, else enables PC style x87 error detection</td></tr><tr><td>16</td><td>WP</td><td>Write protect</td><td>When set, the CPU cannot write to read-only pages when privilege level is 0</td></tr><tr><td>18</td><td>AM</td><td>Alignment mask</td><td>Alignment check enabled if AM set, AC flag (in <a href="/facts/FLAGS_register/InwH5QlS">EFLAGS</a> register) set, and privilege level is 3</td></tr><tr><td>29</td><td>NW</td><td>Not-write through</td><td>Globally enables/disable <a href="/facts/Write-through_cache/gmJYN8wm">write-through caching</a></td></tr><tr><td>30</td><td>CD</td><td><a href="/facts/CPU_cache/x8BYFcdv">Cache</a> disable</td><td>Globally enables/disable the memory cache</td></tr><tr><td>31</td><td>PG</td><td>Paging</td><td>If 1, enable <a href="/facts/Paging/KR889x5k">paging</a> and use the § CR3 register, else disable paging.</td></tr></tbody></table> <h3>CR1</h3> <p>Reserved, the CPU will throw a #<a href="/facts/Undefined_opcode/D5s0eYeX">UD</a> exception when trying to access it. </p> <h3>CR2</h3> <p>Contains a value called Page Fault Linear Address (PFLA). When a page fault occurs, the address the program attempted to access is stored in the CR2 register. </p> <h3>CR3</h3> <p>Used when <a href="/facts/Virtual_memory/Lw2GemF5">virtual addressing</a> is enabled, hence when the PG bit is set in CR0. CR3 enables the processor to translate linear addresses into physical addresses by locating the page directory and <a href="/facts/Page_table/0IBU5cwg">page tables</a> for the current task. Typically, the upper 20 bits of CR3 become the <i>page directory base register</i> (PDBR), which stores the physical address of the first page directory. If the PCIDE bit in CR4 is set, the lowest 12 bits are used for the <a href="/facts/Process-context_identifier/vvwGkfvD">process-context identifier</a> (PCID).<a class="footnote-ref" id="fnref:15" href="#fn:15"><sup>15</sup></a> </p> <h3>CR4</h3> <p>Used in protected mode to control operations such as virtual-8086 support, enabling I/O breakpoints, <a href="/facts/Page_Size_Extension/V35daBet">page size extension</a> and <a href="/facts/Machine-check_exception/8aLxkI6W">machine-check exceptions</a>. </p> <table><tbody><tr><th>Bit</th><th>Name</th><th>Full Name</th><th>Description</th></tr><tr><td>0</td><td>VME</td><td><a href="/facts/Virtual_8086_Mode_Extensions/f4fjXWdU">Virtual 8086 Mode Extensions</a></td><td>If set, enables support for the virtual interrupt flag (VIF) in virtual-8086 mode.</td></tr><tr><td>1</td><td>PVI</td><td>Protected-mode Virtual Interrupts</td><td>If set, enables support for the virtual interrupt flag (VIF) in protected mode.</td></tr><tr><td>2</td><td>TSD</td><td><a href="/facts/Timestamp/6lApANE6">Time Stamp</a> Disable</td><td>If set, <a href="/facts/Time_Stamp_Counter/THy8g17s">RDTSC</a> instruction can only be executed when in <a href="/facts/Ring_(computer_security)/27y4kjHs">ring 0</a>, otherwise RDTSC can be used at any privilege level.</td></tr><tr><td>3</td><td>DE</td><td><a href="/facts/Debugging/QtdpPJT0">Debugging</a> Extensions</td><td>If set, enables debug register based breaks on <a href="/facts/Input%2foutput/WQTE8Jas">I/O</a> space access.</td></tr><tr><td>4</td><td>PSE</td><td><a href="/facts/Page_Size_Extension/V35daBet">Page Size Extension</a></td><td>If set, enables 32-bit paging mode to use 4 MiB huge pages in addition to 4 KiB pages.<p>If PAE is enabled or the processor is in x86-64 <a href="/facts/Long_mode/ITshSuE6">long mode</a> this bit is ignored.<a class="footnote-ref" id="fnref:16" href="#fn:16"><sup>16</sup></a></p></td></tr><tr><td>5</td><td>PAE</td><td><a href="/facts/Physical_Address_Extension/aEr4tj4x">Physical Address Extension</a></td><td>If set, changes page table layout to translate 32-bit virtual addresses into extended 36-bit physical addresses.</td></tr><tr><td>6</td><td>MCE</td><td>Machine Check Exception</td><td>If set, enables machine check interrupts to occur.</td></tr><tr><td>7</td><td>PGE</td><td>Page Global Enabled</td><td>If set, address translations (PDE or PTE records) may be shared between address spaces.</td></tr><tr><td>8</td><td>PCE</td><td>Performance-Monitoring Counter enable</td><td>If set, RDPMC can be executed at any privilege level, else RDPMC can only be used in ring 0.</td></tr><tr><td>9</td><td>OSFXSR</td><td>Operating system support for FXSAVE and FXRSTOR instructions</td><td>If set, enables <a href="/facts/Streaming_SIMD_Extensions/mMa6EFyB">Streaming SIMD Extensions</a> (SSE) instructions and fast FPU save & restore.</td></tr><tr><td>10</td><td>OSXMMEXCPT</td><td>Operating System Support for Unmasked SIMD Floating-Point Exceptions</td><td>If set, enables unmasked SSE exceptions.</td></tr><tr><td>11</td><td>UMIP</td><td>User-Mode Instruction Prevention</td><td>If set, the SGDT, SIDT, SLDT, SMSW and STR instructions cannot be executed if CPL > 0.<a class="footnote-ref" id="fnref:17" href="#fn:17"><sup>17</sup></a></td></tr><tr><td>12</td><td>LA57</td><td>57-Bit Linear Addresses</td><td>If set, enables 5-Level Paging.<a class="footnote-ref" id="fnref:18" href="#fn:18"><sup>18</sup></a><a class="footnote-ref" id="fnref:19" href="#fn:19"><sup>19</sup></a>: 2–18 </td></tr><tr><td>13</td><td>VMXE</td><td>Virtual Machine Extensions Enable</td><td>see <a href="/facts/Intel_VT-x/utQwmdY3">Intel VT-x</a> x86 <a href="/facts/Virtualization/bEqH0Wtf">virtualization</a>.</td></tr><tr><td>14</td><td>SMXE</td><td>Safer Mode Extensions Enable</td><td>see <a href="/facts/Trusted_Execution_Technology/ELjv2uVt">Trusted Execution Technology</a> (TXT)</td></tr><tr><td>15</td><td><a class="footnote-ref" id="fnref:20" href="#fn:20"><sup>20</sup></a></td><td>(Reserved)</td><td>—</td></tr><tr><td>16</td><td>FSGSBASE</td><td>FSGSBASE Enable</td><td>If set, enables the instructions RDFSBASE, RDGSBASE, WRFSBASE, and WRGSBASE.</td></tr><tr><td>17</td><td>PCIDE</td><td><a href="/facts/Process-context_identifier/vvwGkfvD">PCID</a> Enable</td><td>If set, enables process-context identifiers (PCIDs).</td></tr><tr><td>18</td><td>OSXSAVE</td><td>XSAVE and Processor Extended States Enable</td><td></td></tr><tr><td>19</td><td>KL</td><td>Key Locker Enable</td><td>If set, enables the AES Key Locker instructions.</td></tr><tr><td>20</td><td>SMEP<a class="footnote-ref" id="fnref:21" href="#fn:21"><sup>21</sup></a></td><td>Supervisor Mode Execution Protection Enable</td><td>If set, execution of code in a higher <a href="/facts/Protection_ring/27y4kjHs">ring</a> generates a <a href="/facts/Fault_(computing)/larfsSWA">fault</a>.</td></tr><tr><td>21</td><td>SMAP</td><td><a href="/facts/Supervisor_Mode_Access_Prevention/H8RSCNy2">Supervisor Mode Access Prevention</a> Enable</td><td>If set, access of data in a higher ring generates a <a href="/facts/Fault_(computing)/larfsSWA">fault</a>.<a class="footnote-ref" id="fnref:22" href="#fn:22"><sup>22</sup></a></td></tr><tr><td>22</td><td>PKE</td><td>Protection Key Enable</td><td>See Intel 64 and IA-32 Architectures Software Developer's Manual.</td></tr><tr><td>23</td><td>CET</td><td>Control-flow Enforcement Technology</td><td>If set, enables control-flow enforcement technology.<a class="footnote-ref" id="fnref:23" href="#fn:23"><sup>23</sup></a>: 2–19 </td></tr><tr><td>24</td><td>PKS</td><td>Enable Protection Keys for Supervisor-Mode Pages</td><td>If set, each supervisor-mode linear address is associated with a <a href="/facts/Memory_protection/3zDwN2SG">protection key</a> when 4-level or 5-level paging is in use.<a class="footnote-ref" id="fnref:24" href="#fn:24"><sup>24</sup></a>: 2–19 </td></tr><tr><td>25</td><td>UINTR</td><td>User Interrupts Enable</td><td>If set, enables user-mode inter-processor interrupts and their associated instructions and data structures.</td></tr><tr><td>63-26</td><td>—</td><td>(Reserved)</td><td>—</td></tr></tbody></table> <h3>CR5–7</h3> <p>Reserved, same case as CR1. </p> <h2 id="additional-control-registers-in-intel-x86-64series">Additional Control registers in Intel <a href="/facts/X86-64/cyWvUFlP">x86-64</a> series</h2> <h3>EFER</h3> <p>Extended Feature Enable Register (EFER) is a <a href="/facts/Model-specific_register/uzoD3Ynm">model-specific register</a> added in the <a href="/facts/AMD_K6/VSDY3GcM">AMD K6</a> processor, to allow enabling the <a href="/facts/System_call/NW44AFJr">SYSCALL</a>/SYSRET instruction, and later for entering and exiting <a href="/facts/Long_mode/ITshSuE6">long mode</a>. This register becomes architectural in <a href="/facts/AMD64/cyWvUFlP">AMD64</a> and has been adopted by <a href="/facts/Intel/SMF0gJJX">Intel</a> as IA32_EFER. Its MSR number is 0xC0000080. </p> <table><tbody><tr><th>Bit</th><th>Purpose</th></tr><tr><td>0</td><td>SCE (System Call Extensions)</td></tr><tr><td>1</td><td>DPE (AMD K6 only: Data Prefetch Enable)</td></tr><tr><td>2</td><td>SEWBED (AMD K6 only: Speculative EWBE# Disable)</td></tr><tr><td>3</td><td>GEWBED (AMD K6 only: Global EWBE# Disable)</td></tr><tr><td>4</td><td>L2D (AMD K6 only: L2 Cache Disable)</td></tr><tr><td>5-7</td><td>Reserved, Read as Zero</td></tr><tr><td>8</td><td>LME (Long Mode Enable)</td></tr><tr><td>9</td><td>Reserved</td></tr><tr><td>10</td><td>LMA (Long Mode Active)</td></tr><tr><td>11</td><td>NXE (<a href="/facts/No_Execute/MnBB93BK">No-Execute</a> Enable)</td></tr><tr><td>12</td><td>SVME (<a href="/facts/Secure_Virtual_Machine/utQwmdY3">Secure Virtual Machine</a> Enable)</td></tr><tr><td>13</td><td>LMSLE (Long Mode Segment Limit Enable)</td></tr><tr><td>14</td><td>FFXSR (Fast FXSAVE/FXRSTOR)</td></tr><tr><td>15</td><td>TCE (Translation Cache Extension)</td></tr><tr><td>16</td><td>Reserved</td></tr><tr><td>17</td><td>MCOMMIT (MCOMMIT instruction enable)</td></tr><tr><td>18</td><td>INTWB (Interruptible WBINVD/WBNOINVD enable)</td></tr><tr><td>19</td><td>Reserved</td></tr><tr><td>20</td><td>UAIE (Upper Address Ignore Enable)</td></tr><tr><td>21</td><td>AIBRSE (Automatic IBRS Enable)</td></tr><tr><td>22–63</td><td>Reserved</td></tr></tbody></table> <h3>CR8</h3> <p>CR8 is a new register accessible in 64-bit mode using the REX prefix. CR8 is used to prioritize external <a href="/facts/Interrupts/Mm6C4rpc">interrupts</a> and is referred to as the task-priority register (TPR).<a class="footnote-ref" id="fnref:25" href="#fn:25"><sup>25</sup></a> </p><p>The <a href="/facts/AMD64/cyWvUFlP">AMD64</a> architecture allows software to define up to 15 external interrupt-priority classes. Priority classes are numbered from 1 to 15, with priority-class 1 being the lowest and priority-class 15 the highest. CR8 uses the four low-order bits for specifying a <a href="/facts/Interrupt_priority_level/STByT1b6">task priority</a> and the remaining 60 bits are reserved and must be written with zeros. </p><p>System software can use the TPR register to temporarily block low-priority interrupts from interrupting a high-priority task. This is accomplished by loading TPR with a value corresponding to the highest-priority interrupt that is to be blocked. For example, loading TPR with a value of 9 (1001b) blocks all interrupts with a priority class of 9 or less, while allowing all interrupts with a priority class of 10 or more to be recognized. Loading TPR with 0 enables all external interrupts. Loading TPR with 15 (1111b) disables all external interrupts. </p><p>The TPR is cleared to 0 on reset. </p> <h3>XCR0 and XSS</h3> <p>XCR0, or Extended Control Register 0, is a control register which is used to toggle the storing or loading of registers related to specific CPU features using the XSAVE/XRSTOR instructions. It is also used with some features to enable or disable the processor's ability to execute their corresponding instructions. It can be changed using the privileged XSETBV read using the unprivileged XGETBV instructions.<a class="footnote-ref" id="fnref:26" href="#fn:26"><sup>26</sup></a> </p> <table><tbody><tr><th>Bit</th><th>Name</th><th>Enabled Feature</th><th>Purpose</th></tr><tr><td>0</td><td>X87</td><td>x87 FPU</td><td>x87 FPU/MMX State, must be '1'</td></tr><tr><td>1</td><td>SSE</td><td>SSE</td><td>MXCSR and 16 XMM registers</td></tr><tr><td>2</td><td>AVX</td><td>AVX</td><td>16 upper-halves of the YMM registers<a class="footnote-ref" id="fnref:27" href="#fn:27"><sup>27</sup></a></td></tr><tr><td>3</td><td>BNDREG</td><td rowspan="2"><a href="/facts/Intel_MPX/GI1a54M2">MPX</a></td><td>Four BND registers</td></tr><tr><td>4</td><td>BNDCSR</td><td>BNDCFGU and BNDSTATUS registers</td></tr><tr><td>5</td><td>OPMASK</td><td rowspan="3"><a href="/facts/AVX-512/2KpGqI8t">AVX-512</a></td><td>Eight k-mask registers</td></tr><tr><td>6</td><td>ZMM_Hi256</td><td>16 upper-halves of the ZMM registers<a class="footnote-ref" id="fnref:28" href="#fn:28"><sup>28</sup></a></td></tr><tr><td>7</td><td>Hi16_ZMM</td><td>16 "high" ZMM registers (ZMM16 through ZMM31)</td></tr><tr><td>8</td><td>PT</td><td>Processor Trace</td><td></td></tr><tr><td>9</td><td>PKRU</td><td><a href="/facts/Memory_protection/3zDwN2SG">Protection Keys</a></td><td>PKRU register</td></tr><tr><td>10</td><td>PASID</td><td></td><td></td></tr><tr><td>11</td><td>CET_U</td><td rowspan="2"><a href="/facts/Control-flow_integrity/wsP7s8pr">Intel CET</a></td><td>User shadow stack</td></tr><tr><td>12</td><td>CET_S</td><td>Supervisor shadow stack</td></tr><tr><td>13</td><td>HDC</td><td>Hardware Duty Cycling</td><td></td></tr><tr><td>14</td><td>UINTR</td><td>User interrupts</td><td></td></tr><tr><td>15</td><td>LBR</td><td>Last Branch Records</td><td></td></tr><tr><td>16</td><td>HWP</td><td>Hardware P-states</td><td></td></tr><tr><td>17</td><td>XTILECFG</td><td rowspan="2"><a href="/facts/Advanced_Matrix_Extensions/qkDBQbBE">Intel AMX</a></td><td>64-byte TILECFG register</td></tr><tr><td>18</td><td>XTILEDATA</td><td>Eight 1024-byte TILE registers</td></tr><tr><td>19<a class="footnote-ref" id="fnref:29" href="#fn:29"><sup>29</sup></a></td><td>APX</td><td><a href="/facts/Advanced_Performance_Extensions/Kypq5fgu">Intel APX</a></td><td>16 "high" <a href="/facts/General_purpose_register/32RvbUdz">GPRs</a> (R16 through R31)</td></tr><tr><td>20–63</td><td colspan="3">Reserved</td></tr></tbody></table> <p>There is also the IA32_XSS MSR, which is located at address DA0h. The IA32_XSS MSR controls bits of XCR0 which are considered to be "supervisor" state, and should be invisible to regular programs. It operates with the privileged XSAVES and XRSTORS instructions by adding supervisor state to the data they operate with. Put simply, if the X87 state was enabled in XCR0 and PT state was enabled in IA32_XSS, the XSAVE instruction would only store X87 state, while the privileged XSAVES would store both X87 and PT states. Because it is an MSR, it can be accessed using the RDMSR and WRMSR instructions. </p> <table><tbody><tr><th>Bit</th><th>Purpose</th></tr><tr><td>0–7</td><td>Reserved; must be 0.</td></tr><tr><td>8</td><td>PT (Enables the saving and loading of nine Processor Trace MSRs.)</td></tr><tr><td>10</td><td>Processor Address Space ID (PASID) state</td></tr><tr><td>11</td><td>Control-flow Enforcement Technology (CET) User State</td></tr><tr><td>12</td><td>Control-flow Enforcement Technology (CET) Supervisor State</td></tr><tr><td>13</td><td>HDC (Enables the saving and loading of the IA32_PM_CTL1 MSR.)</td></tr><tr><td>14</td><td>User interrupts (UINTR) state</td></tr><tr><td>15</td><td>Last branch recording (LBR) state</td></tr><tr><td>16</td><td>HWP (enables the saving/loading of IA32_HWP_REQUEST MSR)</td></tr><tr><td>17–63</td><td>Reserved; must be 0.</td></tr></tbody></table> <h2 id="see-also">See also</h2> <ul><li><a href="/facts/Processor_register/32RvbUdz">General-purpose register</a></li> <li><a href="/facts/Test_register/I03JuoIp">Test register</a></li> <li><a href="/facts/Model-specific_register/uzoD3Ynm">Model-specific register</a></li> <li><a href="/facts/X86_debug_register/1I18ADvz">Debug register</a></li> <li><a href="/facts/Flag_word/fWgTjqvX">Flag byte</a></li> <li><a href="/facts/Status_register/7KMY9LR9">Status register</a></li></ul> <h2 id="notes">Notes</h2> IBM manuals M67prelim <a href="http://bitsavers.org/pdf/ibm/360/model67/C20-1647-0_System_360_Model_67_Time_Sharing_System_Preliminary_Technical_Summary_1966.pdf"><i>System/360 Model 67 - Time Sharing System - Preliminary Technical Summary</i></a> (PDF). Systems Reference Library (First ed.). <a href="/facts/IBM/QszA7nwd">IBM</a>. C20-1647-0. Retrieved May 8, 2023. M67 <a href="http://bitsavers.org/pdf/ibm/360/functional_characteristics/GA27-2719-2_360-67_funcChar.pdf"><i>IBM System/360 Model 67 - Functional Characteristics</i></a> (PDF). Systems Reference Library (Third ed.). <a href="/facts/IBM/QszA7nwd">IBM</a>. February 1972. A27-2719-0. Retrieved May 8, 2023. S/370 <a href="http://bitsavers.org/pdf/ibm/36http://bitsavers.org/pdf/ibm/370/princOps/GA22-7000-10_370_Principles_of_Operation_Sep87.pdf"><i>IBM System/370 - Principles of Operation</i></a> (PDF) (Eleventh ed.). <a href="/facts/IBM/QszA7nwd">IBM</a>. September 1987. GA22-7000-10. Retrieved May 8, 2023. S/370-XA <a href="http://bitsavers.org/pdf/ibm/370/princOps/SA22-7085-1_370-XA_Principles_of_Operation_Jan87.pdf"><i>IBM System/370 Extended Architecture Principles of Operation</i></a> (PDF) (Second ed.). <a href="/facts/IBM/QszA7nwd">IBM</a>. January 1987. SA22-7085-1. Retrieved May 8, 2023. S/370-ESA <a href="http://bitsavers.org/pdf/ibm/370/princOps/SA22-7200-0_370-ESA_Principles_of_Operation_Aug88.pdf"><i>IBM Enterprise Systems Architecture/370 Principles of Operation</i></a> (PDF) (First ed.). <a href="/facts/IBM/QszA7nwd">IBM</a>. August 1988. SA22-7200-0. Retrieved May 8, 2023. S/390-ESA <a href="https://publibz.boulder.ibm.com/epubs/pdf/dz9ar008.pdf"><i>IBM Enterprise Systems Architecture/390 Principles of Operation</i></a> (PDF) (Ninth ed.). <a href="/facts/IBM/QszA7nwd">IBM</a>. June 2003. SA22-7201-08. Retrieved May 8, 2023. z/Architecture <a href="https://www.vm.ibm.com/library/other/27493840.pdf"><i>z/Architecture - Principles of Operation</i></a> (PDF) (Fourteenth ed.). <a href="/facts/IBM/QszA7nwd">IBM</a>. May 2022. SA22-7832-13. Retrieved May 8, 2023. <h2 id="external-links">External links</h2> Wikibooks has a book on the topic of: <i>X86 Assembly/Protected Mode</i> <ul><li><a href="https://www.intel.com/design/processor/manuals/253668.pdf">Intel 64 and IA-32 Architectures Developer's Manual: Vol. 3A</a></li> <li><a href="https://software.intel.com/en-us/articles/intel-sdm">Intel 64 and IA-32 Architectures Software Developer Manuals</a></li> <li><a href="https://support.amd.com/en-us/search/tech-docs#k=AMD64">Tech Docs: AMD64</a></li> <li><a href="https://www.gamedeveloper.com/programming/wyatt-s-world-cracking-open-the-pentium-iii">Wyatt's World: Cracking Open the Pentium III</a> (1999-05-28)</li></ul> <h2 id="references">References</h2> <ol> <li id="fn:1"><p>"lab4.pdf" (PDF). Uppsala University. March 17, 2024. Archived (PDF) from the original on January 17, 2021. Retrieved March 16, 2024. <a href="https://www.it.uu.se/edu/course/homepage/mil/vt13/labcourse/lab4.pdf" target="_blank">https://www.it.uu.se/edu/course/homepage/mil/vt13/labcourse/lab4.pdf</a> <a href="#fnref:1" class="footnote-back-ref">↩</a></p></li> <li id="fn:2"><p>IBM never shipped the 360/64 or 360/66, only the 360/67. <a href="#fnref:2" class="footnote-back-ref">↩</a></p></li> <li id="fn:3"><p>M67prelim, pp. 25-26, Control Registers. - System/360 Model 67 - Time Sharing System - Preliminary Technical Summary (PDF). Systems Reference Library (First ed.). IBM. C20-1647-0. Retrieved May 8, 2023. <a href="http://bitsavers.org/pdf/ibm/360/model67/C20-1647-0_System_360_Model_67_Time_Sharing_System_Preliminary_Technical_Summary_1966.pdf" target="_blank">http://bitsavers.org/pdf/ibm/360/model67/C20-1647-0_System_360_Model_67_Time_Sharing_System_Preliminary_Technical_Summary_1966.pdf</a> <a href="#fnref:3" class="footnote-back-ref">↩</a></p></li> <li id="fn:4"><p>M67, p. 16, Table 4. Control Registers. - IBM System/360 Model 67 - Functional Characteristics (PDF). Systems Reference Library (Third ed.). IBM. February 1972. A27-2719-0. Retrieved May 8, 2023. <a href="http://bitsavers.org/pdf/ibm/360/functional_characteristics/GA27-2719-2_360-67_funcChar.pdf" target="_blank">http://bitsavers.org/pdf/ibm/360/functional_characteristics/GA27-2719-2_360-67_funcChar.pdf</a> <a href="#fnref:4" class="footnote-back-ref">↩</a></p></li> <li id="fn:5"><p>S/370, pp. 4-8-4-11 , Control Registers. - IBM System/370 - Principles of Operation (PDF) (Eleventh ed.). IBM. September 1987. GA22-7000-10. Retrieved May 8, 2023. <a href="http://bitsavers.org/pdf/ibm/36http://bitsavers.org/pdf/ibm/370/princOps/GA22-7000-10_370_Principles_of_Operation_Sep87.pdf" target="_blank">http://bitsavers.org/pdf/ibm/36http://bitsavers.org/pdf/ibm/370/princOps/GA22-7000-10_370_Principles_of_Operation_Sep87.pdf</a> <a href="#fnref:5" class="footnote-back-ref">↩</a></p></li> <li id="fn:6"><p>M67, p. 16, Table 4. Control Registers. - IBM System/360 Model 67 - Functional Characteristics (PDF). Systems Reference Library (Third ed.). IBM. February 1972. A27-2719-0. Retrieved May 8, 2023. <a href="http://bitsavers.org/pdf/ibm/360/functional_characteristics/GA27-2719-2_360-67_funcChar.pdf" target="_blank">http://bitsavers.org/pdf/ibm/360/functional_characteristics/GA27-2719-2_360-67_funcChar.pdf</a> <a href="#fnref:6" class="footnote-back-ref">↩</a></p></li> <li id="fn:7"><p>M67, pp. 31-35, Control Register Bit Assignments for Sensing. - IBM System/360 Model 67 - Functional Characteristics (PDF). Systems Reference Library (Third ed.). IBM. February 1972. A27-2719-0. Retrieved May 8, 2023. <a href="http://bitsavers.org/pdf/ibm/360/functional_characteristics/GA27-2719-2_360-67_funcChar.pdf" target="_blank">http://bitsavers.org/pdf/ibm/360/functional_characteristics/GA27-2719-2_360-67_funcChar.pdf</a> <a href="#fnref:7" class="footnote-back-ref">↩</a></p></li> <li id="fn:8"><p>S/390-ESA. - IBM Enterprise Systems Architecture/390 Principles of Operation (PDF) (Ninth ed.). IBM. June 2003. SA22-7201-08. Retrieved May 8, 2023. <a href="https://publibz.boulder.ibm.com/epubs/pdf/dz9ar008.pdf" target="_blank">https://publibz.boulder.ibm.com/epubs/pdf/dz9ar008.pdf</a> <a href="#fnref:8" class="footnote-back-ref">↩</a></p></li> <li id="fn:9"><p>S/370-ESA. - IBM Enterprise Systems Architecture/370 Principles of Operation (PDF) (First ed.). IBM. August 1988. SA22-7200-0. Retrieved May 8, 2023. <a href="http://bitsavers.org/pdf/ibm/370/princOps/SA22-7200-0_370-ESA_Principles_of_Operation_Aug88.pdf" target="_blank">http://bitsavers.org/pdf/ibm/370/princOps/SA22-7200-0_370-ESA_Principles_of_Operation_Aug88.pdf</a> <a href="#fnref:9" class="footnote-back-ref">↩</a></p></li> <li id="fn:10"><p>S/370-XA. - IBM System/370 Extended Architecture Principles of Operation (PDF) (Second ed.). IBM. January 1987. SA22-7085-1. Retrieved May 8, 2023. <a href="http://bitsavers.org/pdf/ibm/370/princOps/SA22-7085-1_370-XA_Principles_of_Operation_Jan87.pdf" target="_blank">http://bitsavers.org/pdf/ibm/370/princOps/SA22-7085-1_370-XA_Principles_of_Operation_Jan87.pdf</a> <a href="#fnref:10" class="footnote-back-ref">↩</a></p></li> <li id="fn:11"><p>S/370. - IBM System/370 - Principles of Operation (PDF) (Eleventh ed.). IBM. September 1987. GA22-7000-10. Retrieved May 8, 2023. <a href="http://bitsavers.org/pdf/ibm/36http://bitsavers.org/pdf/ibm/370/princOps/GA22-7000-10_370_Principles_of_Operation_Sep87.pdf" target="_blank">http://bitsavers.org/pdf/ibm/36http://bitsavers.org/pdf/ibm/370/princOps/GA22-7000-10_370_Principles_of_Operation_Sep87.pdf</a> <a href="#fnref:11" class="footnote-back-ref">↩</a></p></li> <li id="fn:12"><p>S/390-ESA, pp. 4-6-4-10, Control Registers. - IBM Enterprise Systems Architecture/390 Principles of Operation (PDF) (Ninth ed.). IBM. June 2003. SA22-7201-08. Retrieved May 8, 2023. <a href="https://publibz.boulder.ibm.com/epubs/pdf/dz9ar008.pdf" target="_blank">https://publibz.boulder.ibm.com/epubs/pdf/dz9ar008.pdf</a> <a href="#fnref:12" class="footnote-back-ref">↩</a></p></li> <li id="fn:13"><p>z/Architecture. - z/Architecture - Principles of Operation (PDF) (Fourteenth ed.). IBM. May 2022. SA22-7832-13. Retrieved May 8, 2023. <a href="https://www.vm.ibm.com/library/other/27493840.pdf" target="_blank">https://www.vm.ibm.com/library/other/27493840.pdf</a> <a href="#fnref:13" class="footnote-back-ref">↩</a></p></li> <li id="fn:14"><p>z/Architecture, pp. 4-9–4-12, Control Registers. - z/Architecture - Principles of Operation (PDF) (Fourteenth ed.). IBM. May 2022. SA22-7832-13. Retrieved May 8, 2023. <a href="https://www.vm.ibm.com/library/other/27493840.pdf" target="_blank">https://www.vm.ibm.com/library/other/27493840.pdf</a> <a href="#fnref:14" class="footnote-back-ref">↩</a></p></li> <li id="fn:15"><p>Intel Corporation (2016). "4.10.1 Process-Context Identifiers (PCIDs)". Intel 64 and IA-32 Architectures Software Developer's Manual (PDF). Vol. 3A: System Programming Guide, Part 1. <a href="https://www.intel.com/content/dam/www/public/us/en/documents/manuals/64-ia-32-architectures-software-developer-vol-3a-part-1-manual.pdf" target="_blank">https://www.intel.com/content/dam/www/public/us/en/documents/manuals/64-ia-32-architectures-software-developer-vol-3a-part-1-manual.pdf</a> <a href="#fnref:15" class="footnote-back-ref">↩</a></p></li> <li id="fn:16"><p>"AMD64 Architecture Programmer's Manual Volume 2: System Programming" (PDF). AMD. September 2012. pp. 127 & 130. Retrieved 2017-08-04. <a href="http://developer.amd.com/wordpress/media/2012/10/24593_APM_v2.pdf" target="_blank">http://developer.amd.com/wordpress/media/2012/10/24593_APM_v2.pdf</a> <a href="#fnref:16" class="footnote-back-ref">↩</a></p></li> <li id="fn:17"><p>Intel Corporation (2016). "4.10.1 Process-Context Identifiers (PCIDs)". Intel 64 and IA-32 Architectures Software Developer's Manual (PDF). Vol. 3A: System Programming Guide, Part 1. <a href="https://www.intel.com/content/dam/www/public/us/en/documents/manuals/64-ia-32-architectures-software-developer-vol-3a-part-1-manual.pdf" target="_blank">https://www.intel.com/content/dam/www/public/us/en/documents/manuals/64-ia-32-architectures-software-developer-vol-3a-part-1-manual.pdf</a> <a href="#fnref:17" class="footnote-back-ref">↩</a></p></li> <li id="fn:18"><p>"5-Level Paging and 5-Level EPT" (PDF). Intel. May 2017. p. 16. Retrieved 2018-01-23. <a href="https://software.intel.com/sites/default/files/managed/2b/80/5-level_paging_white_paper.pdf" target="_blank">https://software.intel.com/sites/default/files/managed/2b/80/5-level_paging_white_paper.pdf</a> <a href="#fnref:18" class="footnote-back-ref">↩</a></p></li> <li id="fn:19"><p>"Intel 64 and IA-32 Architectures Software Developer's Manual" (PDF). Intel® Corporation. 2021-06-28. Retrieved 2021-09-21. <a href="https://software.intel.com/content/dam/develop/external/us/en/documents-tps/253668-sdm-vol-3a.pdf" target="_blank">https://software.intel.com/content/dam/develop/external/us/en/documents-tps/253668-sdm-vol-3a.pdf</a> <a href="#fnref:19" class="footnote-back-ref">↩</a></p></li> <li id="fn:20"><p>In early drafts of the Intel SGX specification, bit 15 of CR4 was named "CR4.SEE" and was described as an SGX enclave-instruction enable bit.[17] Later revisions of this specification removed references to this bit.[18] <a href="/wiki/Intel_SGX" target="_blank">/wiki/Intel_SGX</a> <a href="#fnref:20" class="footnote-back-ref">↩</a></p></li> <li id="fn:21"><p>Fischer, Stephen (2011-09-21). "Supervisor Mode Execution Protection" (PDF). NSA Trusted Computing Conference 2011. National Conference Services, Inc. Archived from the original (PDF) on 2016-08-03. Retrieved 2017-08-04. <a href="https://web.archive.org/web/20160803075007/https://www.ncsi.com/nsatc11/presentations/wednesday/emerging_technologies/fischer.pdf" target="_blank">https://web.archive.org/web/20160803075007/https://www.ncsi.com/nsatc11/presentations/wednesday/emerging_technologies/fischer.pdf</a> <a href="#fnref:21" class="footnote-back-ref">↩</a></p></li> <li id="fn:22"><p>Anvin, H. Peter (2012-09-21). "x86: Supervisor Mode Access Prevention". LWN.net. Retrieved 2017-08-04. <a href="https://lwn.net/Articles/517251/" target="_blank">https://lwn.net/Articles/517251/</a> <a href="#fnref:22" class="footnote-back-ref">↩</a></p></li> <li id="fn:23"><p>"Intel 64 and IA-32 Architectures Software Developer's Manual" (PDF). Intel® Corporation. 2021-06-28. Retrieved 2021-09-21. <a href="https://software.intel.com/content/dam/develop/external/us/en/documents-tps/253668-sdm-vol-3a.pdf" target="_blank">https://software.intel.com/content/dam/develop/external/us/en/documents-tps/253668-sdm-vol-3a.pdf</a> <a href="#fnref:23" class="footnote-back-ref">↩</a></p></li> <li id="fn:24"><p>"Intel 64 and IA-32 Architectures Software Developer's Manual" (PDF). Intel® Corporation. 2021-06-28. Retrieved 2021-09-21. <a href="https://software.intel.com/content/dam/develop/external/us/en/documents-tps/253668-sdm-vol-3a.pdf" target="_blank">https://software.intel.com/content/dam/develop/external/us/en/documents-tps/253668-sdm-vol-3a.pdf</a> <a href="#fnref:24" class="footnote-back-ref">↩</a></p></li> <li id="fn:25"><p>"AMD64 Architecture Programmer's Manual Volume 2: System Programming" (PDF). AMD. September 2012. pp. 127 & 130. Retrieved 2017-08-04. <a href="http://developer.amd.com/wordpress/media/2012/10/24593_APM_v2.pdf" target="_blank">http://developer.amd.com/wordpress/media/2012/10/24593_APM_v2.pdf</a> <a href="#fnref:25" class="footnote-back-ref">↩</a></p></li> <li id="fn:26"><p>"Chapter 13, Managing State Using The Xsave Feature Set" (PDF). Intel(R) 64 and IA-32 Architectures Software Developer's Manual, Volume 1: Basic Architecture. Intel Corporation (2019). Retrieved 23 March 2019. <a href="https://software.intel.com/sites/default/files/managed/a4/60/253665-sdm-vol-1.pdf" target="_blank">https://software.intel.com/sites/default/files/managed/a4/60/253665-sdm-vol-1.pdf</a> <a href="#fnref:26" class="footnote-back-ref">↩</a></p></li> <li id="fn:27"><p>The lower 128 bits of all YMM registers is stored in the SSE state. <a href="#fnref:27" class="footnote-back-ref">↩</a></p></li> <li id="fn:28"><p>The lower 256 bits of ZMM registers ZMM0 through ZMM15 are stored in the SSE and AVX states. <a href="#fnref:28" class="footnote-back-ref">↩</a></p></li> <li id="fn:29"><p>Even though Intel APX is indicated through bit 19 of XCR0, it is actually written, through XSAVE (the uncompacted form), in the unused 128 byte space left where Intel MPX went. <a href="#fnref:29" class="footnote-back-ref">↩</a></p></li> </ol>