Wiley.Symbian.OS.Internals.Real.time.Kernel.Programming.Dec.2005.eBook-DDU (779891), страница 47
Текст из файла (страница 47)
ARM supports two privilege levels – privileged and nonprivileged. All execution modes except user mode are privileged. TheARM architecture supports 16 general purpose registers, labeled R0–R15.However, an instruction referring to one of these registers does not alwaysaccess the same physical register. Accesses to registers R8–R14 refer todifferent physical registers depending upon the current execution mode.Figure 6.1 illustrates which physical registers are accessed in eachexecution mode. You can see that R0–R7 are the same across allmodes – the user mode registers are always used. We say that R0–R7 arenever banked.R13 and R14 are banked across all modes apart from system mode –each mode that can be entered because of an exception has its own R13usrsyssvcabtundirqfiqR0R1R2R3R4R5R6R7R8R8_fiqR9R9_fiqR10R10_fiqR11R11_fiqR12R12_fiqR13R13_svcR13_abtR13_undR13_irqR13_fiqR14R14_svcR14_abtR14_undR14_irqR14_fiqSPSR_undSPSR_irqSPSR_fiqR15 = PCCPSRSPSR_svcSPSR_abtFigure 6.1 ARM registersEXCEPTIONS ON REAL HARDWARE213and R14.
These registers generally hold the stack pointer and the returnaddress from function calls respectively.Also, each mode that can be entered by an exception has a SPSR(saved processor status register).The actions taken by ARM CPUs on recognizing an exception are:1. For exceptions other than resets, the CPU saves the return addressfrom the exception in the banked R14 for the respective exceptionmode2. For exceptions other than resets, the CPU copies the current value ofthe CPSR to the SPSR for the respective exception mode3. The CPU changes the execution mode to that appropriate for the typeof exception4.
The CPU disables normal (IRQ) interrupts. If it is processing an FIQ(fast interrupt) it disables FIQs, otherwise it leaves them enabled5. The CPU continues execution at the vector address for the exceptionconcerned. It always starts execution in ARM (not Thumb) mode.This means that the first part of the exception handler must be writtenin 32-bit ARM instructions rather than 16-bit Thumb instructions.
Ofcourse the handler can change to Thumb mode if it wishes.Figure 6.2 illustrates these actions.0x00000018PCR14_irqFigure 6.21CPSR00x12I F T modeSPSR_irqARM CPU response to IRQ interruptWhen an exception is recognized, the processor only saves the returnaddress and CPSR. Of course an exception handler will need to makeuse of some working registers too. The software handler must save theseon the stack, and then restore them from the stack before returning fromthe exception.
The banked R13 ensures that the exception handler hasaccess to a valid stack area to which it can save its working registers.The following table lists all the exceptions supported by the ARMarchitecture, along with the execution mode into which the exceptionputs the processor and the vector address for the exception:214INTERRUPTS AND EXCEPTIONSExceptionModeVectorCategoryResetsvc0 × 00ResetUndefined Instructionund0 × 04Fault, Trap or AbortSWIsvc0 × 08Programmed ExceptionPrefetch Abortabt0 × 0CFault or AbortData Abortabt0 × 10Fault or AbortIRQirq0 × 18InterruptFIQfiq0 × 1CInterruptAs you can see in the previous table, the ARM core directly supportsonly two interrupt sources.
External logic drives two signals, IRQ andFIQ, to signal these interrupts. FIQ has a higher priority than IRQ; if bothare asserted simultaneously the FIQ is recognized first. What is more, IRQinterrupts are masked when an FIQ is recognized but FIQ interrupts arenot masked when an IRQ is recognized. This means that FIQ interruptscan usually interrupt the service routine for an IRQ interrupt. RegistersR8–R12 are banked for FIQ mode, which allows some FIQ interrupts tobe serviced without the need to save working registers on the stack.
Thisreduces the time taken to service the interrupt.For most systems, and certainly for systems running Symbian OS,more than two interrupt sources are required. Because of this, we use anexternal interrupt controller. This accepts a number (typically 32 to 128)of interrupt signals from various peripherals.The interrupt controller may provide the following services:• Allow individual interrupt sources to be masked• Allow the processor to look in one central place to discover whichsources are currently pending• Allow each source to be routed to either the IRQ or FIQ input to theprocessor• Allow edge-triggered inputs to be latched before being fed to theprocessor.The interrupt controller asserts the IRQ input to the processor if anyinterrupt source is:1.PendingEXCEPTIONS ON REAL HARDWARE2152. Not masked3.
Routed to IRQ.A similar rule applies to FIQ. On accepting an interrupt, the processormust check the interrupt controller to discover which sources are bothpending and enabled. It then applies a software prioritization scheme toselect one of these to be serviced. When the service routine completes,the procedure is repeated and another interrupt may be serviced. Thiscontinues until there are no more pending interrupts.6.2.2 Intel IA-32Most RISC processors use exception handling schemes similar to theone I described for ARM, in which special registers are used to holdreturn information from exceptions.
The IA-32 architecture, coming froma CISC heritage, handles exceptions differently. The IA-32 architecturehas an explicitly designated stack pointer register, ESP, along with specialinstructions that reference the stack (PUSH and POP). When it recognizesan exception, an IA-32 processor will push the return address and returnstatus register onto the stack.Before I go on to talk about IA-32 exception handling, it might be usefulif I describe IA-32 memory addressing. Since Symbian OS runs in IA-32protected mode, I will only cover that mode here.
IA-32 protected modeuses a two-component memory address consisting of a segment selectorand a 16- or 32-bit offset. The segment selector is specified by one of six16-bit segment selector registers, as shown in the following table:RegisterNameDescriptionCSCode SegmentSpecifies the segment for all instruction fetches.EIP specifies the offset component for instructionfetches.SSStack SegmentSpecifies the segment for all explicit stackinstructions, including subroutine calls and returnsand exception handling. ESP specifies the offset forexplicit stack operations.DSData SegmentSpecifies the segment for data memory referencesother than those to the stack.ESExtra SegmentSpecifies the segment for data memory referenceswhich explicitly indicate that ES is to be used.FSSecond Extra SegmentSimilar to ES.GSThird Extra SegmentSimilar to ES.216INTERRUPTS AND EXCEPTIONSThe segment selectors are interpreted as follows:• Bits 0 and 1 are known as the requestor privilege level (RPL) of theselector• Bit 2 specifies whether the selector is local (1) or global (0).
SymbianOS uses only global selectors• Bits 3–15 form a 13-bit index into a descriptor table.Bits 3–15 of the selector point to an 8-byte entry in the global descriptortable (GDT), which gives the base address of the segment, its size,privilege level and type (code, data, system information).We find the effective memory address by adding the segment baseaddress from the GDT entry to the 16- or 32-bit offset. This effectiveaddress is known as a linear address in IA-32 terminology. If paging isdisabled, it is used directly as a physical address, but if it is not, then it istranslated to a physical address using the page tables.The IA-32 architecture supports four privilege levels (also known asrings).
Level 0 is the most privileged; all instructions and resources areavailable at this level. Level 3 is the least privileged; application codeusually runs at this level.The RPL of the selector currently in CS is known as the current privilege level (CPL) and specifies the privilege level of the code that iscurrently executing. For segment registers other than CS, the RPL indicates the privilege level of the code that originated the selector – hencethe name, requestor privilege level. So the RPL may not be the sameas the CPL of the code currently executing – for example the selectormay have been passed in as an argument from less privileged code.The kumem functions use this method to ensure that user code is notallowed to write with kernel privileges; see Section 5.2.1.5 for moreon this.Symbian OS uses five segments and only privilege levels 0 and 3.We have one level 0 code segment and one level 0 data segment, bothcovering the entire 4GB linear address space.
We also have one level3 code segment and one level 3 data segment, each covering the lower3GB of linear address space. Finally, we have a single task state segment,which I will describe later in this chapter.Returning to IA-32 exception handling, each exception other thanreset has an 8-bit vector number associated with it. Numbers 0 to 31are reserved for standard exceptions such as interrupts, page faults anddivision-by-zero, as described in the following table of all supportedexceptions on IA-32 architectures.EXCEPTIONS ON REAL HARDWAREVectorDescription217CategoryErrorcode–ResetReset–0Division by zeroAbortNo1RESERVED2Non-maskable Interrupt (NMI)InterruptNo3BreakpointProgrammedExceptionNo4OverflowAbortNo5Out of bounds (BOUND instruction)AbortNo6Invalid opcodeTrap or AbortNo7Device not availableFault or AbortNo8Double FaultAbortYes9RESERVED10Invalid Task State Segment (TSS)AbortYes11Segment not presentFault or AbortYes12Stack segment errorAbortYes13General protection errorAbortYes14Page FaultFault or AbortYes15RESERVED16Floating point errorTrap or AbortNo17Alignment check errorAbortYes18Machine check error (Pentium and later)AbortNo19SIMD Floating point exception (Pentium III andlater)Trap or AbortNoProgrammedException orInterruptNo20–31RESERVED32–255User defined exception; either hardwareinterrupt signaled via the INTR line or executionof INT instruction218INTERRUPTS AND EXCEPTIONSWhen an exception is recognized, the processor uses the vectornumber to index the interrupt descriptor table (IDT).
This is a table of8-byte entries whose linear base is stored in the IDTR register. Each entrycontains one of the following:• A task gate; these are not used by Symbian OS• A trap gate; this specifies a new CS and EIP indicating an address towhich instruction execution should be transferred• An interrupt gate; this is the same as a trap gate apart from the interruptmask behavior.Since a new CS selector is specified, a change of privilege level canoccur when an exception is handled. The processor will not permit anexception to transfer control to a less privileged level.
On Symbian OS,all exception handlers execute at level 0.In the interests of security and robustness, it is a general principlethat more privileged code must not rely on the validity of any data oraddresses passed by less privileged code. So if an exception results in achange of CPL, the processor changes the stack from the current SS:ESP,which is accessible to less privileged code.The processor uses the task state segment (TSS) in stack switching.The task register (TR) contains a segment selector that refers to a TSSdescriptor in the GDT. The TSS descriptor specifies where in the linearaddress space the TSS resides.
![](https://s.studizba.com/z.php?f=/templates/si/i/noavatar.png&w=100&h=100&t=1"){kind=avatar}
