While the Global Descriptor Table provides segments available to all tasks in the system, the x86 architecture also supports Local Descriptor Tables (LDTs)—per-process descriptor tables that can define segments unique to individual tasks. This mechanism was part of Intel's original vision for segmented memory management, where each process could have its own memory segments with independent addresses, limits, and protections.

The LDT represents an elegant solution to a fundamental operating system challenge: how to give each process its own view of memory while maintaining protection between processes. Though rarely used in modern systems (paging has effectively replaced this role), understanding the LDT provides crucial insights into x86 architecture history and remains relevant for legacy code compatibility.

The Local Descriptor Table was designed to provide per-process isolation through segmentation. Intel's original vision for protected mode imagined a world where:

• Each process would have its own set of segments (code, data, stack, heap)
• These segments would be private to the process, invisible to others
• The operating system could easily control which memory regions each process could access
• Segment base addresses could differ between processes, providing relocation

The Two-Table Architecture:

The x86 protected mode architecture provides two descriptor tables:

1. Global Descriptor Table (GDT): Contains segments accessible by all processes—typically kernel segments, TSS, and shared system segments.

2. Local Descriptor Table (LDT): Contains segments specific to a single process—user code, data, and any process-specific memory regions.

This separation creates a natural boundary: system-wide resources in the GDT, process-private resources in the LDT.

Conceptual Benefits of the LDT Model:

1. Isolation by Design: Each process literally cannot see other processes' segments—they don't exist in the process's LDT.

2. Simplified Relocation: With per-process segment bases, the same logical address in different processes can map to different physical locations.

3. Fine-Grained Protection: Different segments can have different permissions (read-only code, read-write data, etc.).

4. Clear Separation: System resources (GDT) are clearly distinguished from process resources (LDT).

The TI Bit Revealed:

Remember the segment selector's Table Indicator (TI) bit? This is where it comes into play:

• TI = 0: Selector indexes into the GDT
• TI = 1: Selector indexes into the current task's LDT

This single bit determines which descriptor table the processor consults for a given selector.

Here's a crucial architectural point: the LDT itself is defined by a descriptor in the GDT. The LDT doesn't float in memory independently—it must be described by an LDT system segment descriptor (type 0x2) in the GDT.

This creates a hierarchy:

1. The GDT contains an LDT descriptor (system segment, type 0x2)
2. The LDT descriptor's base address points to the actual LDT in memory
3. The LDT contains code/data segment descriptors for the process
4. The LDTR register holds a selector pointing to the LDT descriptor in the GDT

The LDTR Register:

The Local Descriptor Table Register (LDTR) is a 16-bit register that holds a selector pointing to the LDT descriptor in the GDT. When the processor needs to resolve a selector with TI=1, it:

1. Reads the LDTR to get the LDT selector
2. Uses this selector to find the LDT descriptor in the GDT
3. Reads the LDT descriptor to get the LDT's base address and limit
4. Uses the original selector's index to find the descriptor in the LDT

LLDT and SLDT Instructions:

• LLDT (Load LDT): Loads a new selector into the LDTR. This is a privileged instruction (Ring 0 only).
• SLDT (Store LDT): Stores the current LDTR value to a register or memory. This is NOT privileged—any code can read the LDT selector.

Creating an LDT for a process involves several steps:

1. Allocate Memory for the LDT: Determine how many entries the process needs and allocate contiguous memory.

2. Populate LDT Entries: Create segment descriptors for the process's code, data, stack, and other segments.

3. Create LDT Descriptor in GDT: Add an LDT system segment descriptor to the GDT pointing to the LDT.

4. Load LDTR: Use the LLDT instruction to load the selector for the LDT descriptor.

Example Implementation:

Context Switch Considerations:

When switching between processes that use LDTs:

1. Save the outgoing process's register state (including segment registers)
2. Load the LDTR with the incoming process's LDT selector (LLDT instruction)
3. The segment registers may need to be reloaded if they reference LDT segments
4. Any cached segment descriptor information is automatically invalidated when LDTR changes

Performance Impact:

Loading a new LDT (LLDT instruction) is relatively expensive because:

• The processor must read the new LDT descriptor from the GDT
• Cached segment information from the old LDT becomes invalid
• Subsequent segment register loads must fetch descriptors from the new LDT

The LDT was extensively used in operating systems of the late 1980s and early 1990s, before paging became the dominant memory management mechanism. Understanding these historical use cases illuminates why the LDT exists.

OS/2: The LDT Showcase

IBM's OS/2 operating system was perhaps the most significant user of LDTs. OS/2 used segmentation extensively for memory management:

• Each process had its own LDT containing segments for code, data, and resources
• Memory protection was enforced through segment limits and access rights
• Shared memory was implemented through segments present in multiple LDTs
• The DOS compatibility box used LDTs to provide real mode emulation

Windows 3.x (Enhanced Mode)

Microsoft's Windows 3.0 and 3.1 in 386 Enhanced Mode used LDTs:

• Each Windows application ran in its own LDT
• The GlobalAlloc/GlobalLock API allocated segments in the LDT
• Segment selectors were exposed to applications (the infamous "selector" memory model)
• Protection between Windows applications relied on LDT separation

The Wine Project and LDTs:

The Wine compatibility layer, which runs Windows applications on Linux/Unix, makes interesting use of LDTs. When running 16-bit Windows (Win16) applications, Wine must provide segment selectors that the application expects. Linux provides the modify_ldt() system call specifically for this purpose, allowing Wine to create and manage LDT entries for Win16 compatibility.

Embedded Systems and Specialized Uses:

Some embedded and real-time operating systems used LDTs to create strictly isolated memory domains:

• Critical control systems could use separate LDTs for safety-critical vs. non-critical code
• Hardware peripheral access could be restricted to segments in specific LDTs
• Each LDT could represent a "trust domain" with specific capabilities

Despite the elegant architecture of per-process LDTs, modern operating systems almost universally use a flat memory model with paging for memory management. The LDT has fallen into disuse for several compelling reasons:

The Flat Model Triumph:

The flat memory model—where all segments have base=0 and limit=4GB (or the maximum address space in 64-bit mode)—combined with paging provides all the protection benefits of segmentation with none of the complexity:

1. Process Isolation: Each process has its own page tables; it cannot see (or even address) another process's pages.

2. Fine-Grained Protection: Individual 4KB pages can be marked read-only, no-execute, supervisor-only, etc.

3. Simple Programming Model: Applications use linear pointers without segment management.

4. Demand Paging: Pages can be loaded on demand, not entire segments.

5. Copy-on-Write: Shared pages can be efficiently duplicated when written.

Modern LDT Usage (Rare but Existent):

LDTs still appear in a few contexts:

• Wine/Compatibility Layers: For running legacy Windows applications that expect segment selectors
• Linux modify_ldt(): System call allows user processes to create custom LDT entries (used by Wine, some legacy ports)
• VM86 Mode: Emulating real mode DOS programs
• Specialized Security Applications: Some sandboxing or isolation mechanisms have explored segments
• DOSEMU/DOSBox: DOS emulators that need to provide real mode segment semantics

With the transition to 64-bit long mode, the LDT's role diminished even further. While LDTs remain supported for compatibility, they are even less relevant in the 64-bit world.

64-bit LDT Changes:

1. LDT Descriptor is 16 bytes: Like the TSS, LDT descriptors in long mode are 16 bytes to accommodate 64-bit base addresses. This means an LDT descriptor occupies two GDT slots.

2. Segmentation Mostly Disabled: In 64-bit mode, segment bases for CS, DS, ES, SS are fixed at 0 (except FS/GS for TLS).

3. Limited Utility: With a flat 47-bit (or larger) address space and paging, there's almost no reason to use LDT segments.

4. Compatibility Mode Support: LDTs remain relevant for running 32-bit applications in compatibility mode, where they might expect segment-based behavior.

Modern Operating System Approaches:

Linux (x86-64):

• Provides modify_ldt() for compatibility
• Each process can have a small LDT (typically up to 8192 entries)
• Used primarily by Wine for Win16/Win32 compatibility
• LDT entries are allocated on demand
• Default is no LDT (LDTR contains null selector)

Windows (x86-64):

• Maintains minimal LDT support for WoW64 (Windows on Windows 64-bit)
• 16-bit code (VDM - Virtual DOS Machine) may use LDT entries
• Most 32-bit and all 64-bit code runs in flat model without LDT
• LDT creation is heavily restricted for security

FreeBSD, NetBSD, OpenBSD:

• Similar to Linux: modify_ldt() or equivalent available
• Used for compatibility layers
• Default operation without LDT

While the LDT was designed for process isolation, modern systems use various other mechanisms to achieve similar goals. Understanding where LDT fits in this landscape provides perspective on its current role.

Why Paging Won:

Paging emerged as the dominant isolation mechanism because:

1. Universal Hardware Support: All modern architectures implement paging; segmentation is x86-specific.

2. Uniform Granularity: Fixed-size pages simplify memory allocation algorithms.

3. Better for Virtual Memory: Demand paging and page replacement algorithms work naturally with fixed-size units.

4. Simpler Software Model: Applications don't need to reason about segments or manage selectors.

5. Hardware Optimization: Paging is heavily optimized with TLBs, huge pages, and hierarchical structures.

Niche Uses Where Segments Might Excel:

There are theoretical scenarios where segment-based protection could be valuable:

• Bounds Checking: Segment limits provide automatic bounds checking. Some research explores re-enabling this for security.

• Object-Based Protection: Each object could be a segment, with access rights per segment. This was Intel's original vision.

• Capability Systems: Segment selectors resemble capabilities—unforgeable tokens granting access rights.

However, these niches haven't overcome paging's dominance and breadth of support.

We've explored the Local Descriptor Table—the per-process segment repository that was central to Intel's original protected mode vision but has largely been superseded by paging.

What's Next:

Having covered both the Global Descriptor Table and Local Descriptor Table, we'll turn to Segment Selectors—examining in depth how these 16-bit values encode table selection, index, and privilege information to form the bridge between software and the descriptor table architecture.