Global Descriptor Table

The Global Descriptor Table (GDT) is a core part of Intel's x86 architecture that helps manage how memory is accessed and protected. Introduced with the Intel 80286 processor, it plays a key role in defining memory segments and their attributes: the base address, the size, and access privileges like executability and writability.^[1]

Even though modern 64-bit systems rarely rely on segmentation, the GDT remains a required component for starting up the processor and managing certain system-level tasks.

Description

The GDT helps isolate memory between application software and the operating system.

In protected mode (a more advanced processor mode that allows memory protection), the GDT defines:

Code segments: regions of memory that contain executable instructions.
Data segments: areas used to store program data.
System segments, like the Task State Segment (TSS), which is used for multitasking support.^[1]^[2]

Each entry in the GDT is 8 or 16 bytes long and holds a segment descriptor that defines the properties of one segment. Each descriptor includes access rights, ensuring programs cannot modify protected memory.^[1]

To use a segment, a program refers to it using a segment selector — a special value that tells the processor which GDT entry to use. The processor then loads this descriptor into a segment register, which holds both visible and hidden metadata about the segment.

GDT in 64-bit

In 64-bit mode, segmentation is mostly disabled: all segment bases are treated as zero, and limits are ignored, creating a flat address space. However, the GDT is still required to define system descriptors such as the Task State Segment (TSS). Two segment registers, FS and GS, remain active and are often used by operating systems for thread-local storage or process-specific data (e.g., the Thread Environment Block in Windows or gs_base in Linux).^[1]

Notably, Windows enforces strict protections: attempts to hook or modify the GDT in 64-bit versions will trigger a system crash (bug check).^[3]

Local Descriptor Table

While the GDT defines system-wide segments, the Local Descriptor Table (LDT) can define segments that are private to a single process. Historically, operating systems used the LDT to separate each program’s memory into private regions, especially before paging was introduced with the Intel 80386.

Today, LDTs are mostly obsolete but may still appear for compatibility with 16-bit or older 32-bit applications (e.g., DOS or OS/2 programs). The LDT is defined by an entry in the GDT and can include up to 8192 segment descriptors.^[2]

History and modern usage

In early x86 systems (like the 80286), segmentation via the GDT and LDT was critical to implementing multitasking and memory isolation. Each process had its own LDT, while the GDT held global definitions. The system could automatically switch the current LDT when changing tasks, making segment-based isolation efficient.

However, with the introduction of paging on the 80386, operating systems began using page-based virtual memory instead of segment-based memory. Paging allows fine-grained memory management in 4KB chunks and makes it easier to share or protect memory.

As a result, modern operating systems like Windows, Linux, and macOS use a flat memory model, where all code and data segments span the entire address space. The GDT is still involved in system initialization, interrupt handling, and defining special structures like the TSS and LDT pointer.^[1]

Legacy or compatibility modes (e.g., running 16-bit DOS or OS/2 code) may still use segmentation more actively. In such cases, a technique known as LDT tiling can be used, where the LDT is filled with descriptors that map fixed-size memory blocks (e.g., 64 KB each) to provide coverage for legacy applications.

References

^ ^a ^b ^c ^d ^e "Intel 64 and IA-32 Architectures Software Developer's Manual, Chapter 5: "Memory Management"". Intel. Retrieved May 19, 2025.
^ ^a ^b Tanenbaum, Andrew S.; Bos, Herbert (2014). Modern Operating Systems (4th ed.) (PDF). Pearson. p. 249. ISBN 978-0133591620. Retrieved May 19, 2025.
^ "Patching Policy for x64-Based Systems". 8 October 2009. Archived from the original on 19 January 2022. Retrieved 11 December 2020. If the operating system detects one of these modifications or any other unauthorized patch, it will generate a bug check and shut down the system.

External links

Intel Architecture Software Developer's Manual
GDT Table Archived 2009-10-17 at the Wayback Machine at OSDev.org
GDT Tutorial Archived 2009-02-14 at the Wayback Machine at OSDev.org
Bran's Kernel Dev GDT Tutorial Archived 2008-02-03 at the Wayback Machine
BrokenThorn Protected Mode Archived 2018-04-23 at the Wayback Machine

[Intel-1] "Intel 64 and IA-32 Architectures Software Developer's Manual, Chapter 5: "Memory Management"". Intel. Retrieved May 19, 2025.

[Tanenbaum_&_Bos-2] Tanenbaum, Andrew S.; Bos, Herbert (2014). Modern Operating Systems (4th ed.) (PDF). Pearson. p. 249. ISBN 978-0133591620. Retrieved May 19, 2025.

[Patching_Policy_for_x64-Based_Systems-3] "Patching Policy for x64-Based Systems". 8 October 2009. Archived from the original on 19 January 2022. Retrieved 11 December 2020. If the operating system detects one of these modifications or any other unauthorized patch, it will generate a bug check and shut down the system.

[1]

[2]

[3]