I'm following the advice on to return from 32-bit protected mode to real mode. That code includes a far jump. My code looks like this now:

    ; At this point we are still in protected mode with CS pointing
    ; to a 16-bit descriptor.
    bits 16
    cli  ; Just to make sure.
    mov eax, cr0
    and eax, 0x7FFFFFFe ; Disable paging bit & disable 16-bit pmode.
    mov cr0, eax
f1: jmp 0:GoRMode  ; ?? Is this far jump needed ??
GoRMode:
    mov sp, 0x8000
    mov ax, 0       ; Reset segment registers to 0.
    mov ds, ax
    mov es, ax
    mov fs, ax
    mov gs, ax
    mov ss, ax
    pushf
    pop ax
    or ax, strict word 0x200  ; IF := 1 (sti) by the iret below.
    push ax
    push word my_segment
    push word my_offset
    iret  ; Pops IP first, then CS, then FLAGS.

My question is: Can I omit the far jump without breaking anything?

My idea is that the final iret will take care of setting CS.

The code works in QEMU (with or without KVM), VirtualBox, v86 and 86Box (Intel 430VX chipset, Pentium-S P54C 90 MHz CPU) with and without the far jump. I've also verified that iret doesn't pop SS and SP in this situation.

By using iret I'm avoiding the problems with an interrupt happening too early. Only the iret will enable interrupts, and by that time the system is already fully in real mode (i.e. all segment registers use real-mode descriptors).

FYI I know that I can replace the last few instructions with sti + jmp my_segment:my_offset, but that may break if an interrupt happens between the two.