Volume 2 System Programming (794096), страница 65
Текст из файла (страница 65)
The features of the implementation-specific IC can impact the operation of theTPR. For example, the TPR might affect interrupt delivery only if the IC is enabled. Also, the mappingof an external interrupt to a specific interrupt priority is an implementation-specific behavior of the IC.8.6Real-Mode Interrupt Control TransfersIn real mode, the IDT is a table of 4-byte entries, one entry for each of the 256 possible interruptsimplemented by the system. The real mode IDT is often referred to as an interrupt-vector table, orIVT.
Table entries contain a far pointer (CS:IP pair) to an exception or interrupt handler. The base ofthe IDT is stored in the IDTR register, which is loaded with a value of 00h during a processor reset.Figure 8-5 on page 228 shows how the real-mode interrupt handler is located by the interruptmechanism.Exceptions and Interrupts227AMD64 Technology24593—Rev.
3.13—July 2007MemoryInterrupt-DescriptorTableCSInterrupt Vector*+OffsetInterrupt Handler4IDT Base Address513-239.epsInterrupt-Descriptor-Table RegisterFigure 8-5.Real-Mode Interrupt Control TransferWhen an exception or interrupt occurs in real mode, the processor performs the following:1. Pushes the FLAGS register (EFLAGS[15:0]) onto the stack.2. Clears EFLAGS.IF to 0 and EFLAGS.TF to 0.3. Saves the CS register and IP register (RIP[15:0]) by pushing them onto the stack.4. Locates the interrupt-handler pointer (CS:IP) in the IDT by scaling the interrupt vector by fourand adding the result to the value in the IDTR.5.
Transfers control to the interrupt handler referenced by the CS:IP in the IDT.Figure 8-6 on page 229 shows the stack after control is transferred to the interrupt handler in realmode.228Exceptions and Interrupts24593—Rev. 3.13—July 2007AMD64 TechnologyInterrupt-Handler andInterrupted-ProgramStackReturn FLAGS+4Return CS+2Return IPSS:SP513-243.epsFigure 8-6.Stack After Interrupt in Real ModeAn IRET instruction is used to return to the interrupted program.
When an IRET is executed, theprocessor performs the following:1. Pops the saved CS value off the stack and into the CS register. The saved IP value is popped intoRIP[15:0].2. Pops the FLAGS value off of the stack and into EFLAGS[15:0].3. Execution begins at the saved CS.IP location.8.7Legacy Protected-Mode Interrupt Control TransfersIn protected mode, the interrupt mechanism transfers control to an exception or interrupt handlerthrough gate descriptors.
In protected mode, the IDT is a table of 8-byte gate entries, one for each ofthe 256 possible interrupt vectors implemented by the system. Three gate types are allowed in the IDT:•••Interrupt gates.Trap gates.Task gates.If a reference is made to any other descriptor type in the IDT, a general-protection exception (#GP)occurs.Interrupt-gate control transfers are similar to CALLs and JMPs through call gates. The interruptmechanism uses gates (interrupt, trap, and task) to establish protected entry-points into the exceptionand interrupt handlers.The remainder of this chapter discusses control transfers through interrupt gates and trap gates.
If thegate descriptor in the IDT is a task gate, a TSS-segment selector is referenced, and a task switchExceptions and Interrupts229AMD64 Technology24593—Rev. 3.13—July 2007occurs. See Chapter 12, “Task Management,” for more information on the hardware task-switchmechanism.8.7.1 Locating the Interrupt HandlerWhen an exception or interrupt occurs, the processor scales the interrupt-vector number by eight anduses the result as an offset into the IDT.
If the gate descriptor referenced by the IDT offset is aninterrupt gate or a trap gate, it contains a segment-selector and segment-offset field (see “LegacySegment Descriptors” on page 77 for a detailed description of the gate-descriptor format and fields).These two fields perform the same function as the pointer operand in a far control-transfer instruction.The gate-descriptor segment-selector field points to the target code-segment descriptor located ineither the GDT or LDT. The gate-descriptor segment-offset field is the instruction-pointer offset intothe interrupt-handler code segment.
The code-segment base taken from the code-segment descriptor isadded to the gate-descriptor segment-offset field to create the interrupt-handler virtual address (linearaddress).Figure 8-7 on page 231 shows how the protected-mode interrupt handler is located by the interruptmechanism.230Exceptions and Interrupts24593—Rev. 3.13—July 2007AMD64 TechnologyInterruptDescriptor TableCS SelectorDPLInterrupt VectorCode-Segment Offset+*8IDT Base AddressIDT LimitInterrupt-Descriptor-Table RegisterVirtual-AddressSpaceGlobal or LocalDescriptor Table+CS LimitDPLCode-Segment BaseInterrupt HandlerCode Segment513-240.epsFigure 8-7.Protected-Mode Interrupt Control Transfer8.7.2 Interrupt To Same PrivilegeWhen a control transfer to an exception or interrupt handler at the same privilege level occurs (throughan interrupt gate or a trap gate), the processor performs the following:1.
Pushes the EFLAGS register onto the stack.2. Clears the TF, NT, RF, and VM bits in EFLAGS to 0.Exceptions and Interrupts231AMD64 Technology24593—Rev. 3.13—July 20073. The processor handles EFLAGS.IF based on the gate-descriptor type:- If the gate descriptor is an interrupt gate, EFLAGS.IF is cleared to 0.- If the gate descriptor is a trap gate, EFLAGS.IF is not modified.4.
Saves the return CS register and EIP register (RIP[31:0]) by pushing them onto the stack. The CSvalue is padded with two bytes to form a doubleword.5. If the interrupt has an associated error code, the error code is pushed onto the stack.6. The CS register is loaded from the segment-selector field in the gate descriptor, and the EIP isloaded from the offset field in the gate descriptor.7. The interrupt handler begins executing with the instruction referenced by new CS:EIP.Figure 8-8 shows the stack after control is transferred to the interrupt handler.Interrupt-Handler andInterrupted ProgramStackWith Error CodeReturn EFLAGSWith No Error Code+12Return CS +8Return EIPError CodeReturn EFLAGS+4+8Return CS +4SS:ESPReturn EIPSS:EIP513-242.epsFigure 8-8.
Stack After Interrupt to Same Privilege Level8.7.3 Interrupt To Higher PrivilegeWhen a control transfer to an exception or interrupt handler running at a higher privilege occurs(numerically lower CPL value), the processor performs a stack switch using the following steps:1. The target CPL is read by the processor from the target code-segment DPL and used as an indexinto the TSS for selecting the new stack pointer (SS:ESP). For example, if the target CPL is 1, theprocessor selects the SS:ESP for privilege-level 1 from the TSS.2. Pushes the return stack pointer (old SS:ESP) onto the new stack. The SS value is padded with twobytes to form a doubleword.3.
Pushes the EFLAGS register onto the new stack.4. Clears the following EFLAGS bits to 0: TF, NT, RF, and VM.232Exceptions and Interrupts24593—Rev. 3.13—July 2007AMD64 Technology5. The processor handles the EFLAGS.IF bit based on the gate-descriptor type:- If the gate descriptor is an interrupt gate, EFLAGS.IF is cleared to 0.- If the gate descriptor is a trap gate, EFLAGS.IF is not modified.6. Saves the return-address pointer (CS:EIP) by pushing it onto the stack.
The CS value is paddedwith two bytes to form a doubleword.7. If the interrupt-vector number has an error code associated with it, the error code is pushed ontothe stack.8. The CS register is loaded from the segment-selector field in the gate descriptor, and the EIP isloaded from the offset field in the gate descriptor.9. The interrupt handler begins executing with the instruction referenced by new CS:EIP.Figure 8-9 shows the new stack after control is transferred to the interrupt handler.Interrupt-Handler StackWith Error CodeReturn SSReturn ESPReturn EFLAGSReturn CSReturn EIPError CodeWith No Error Code+20+16Return SS+16+12Return ESP+12+8Return EFLAGS+8Return CS+4New SS:ESPReturn EIP+4ESS:ESP513-241.epsFigure 8-9.
Stack After Interrupt to Higher Privilege8.7.4 Privilege ChecksBefore loading the CS register with the interrupt-handler code-segment selector (located in the gatedescriptor), the processor performs privilege checks similar to those performed on call gates. Thechecks are performed when either conforming or nonconforming interrupt handlers are referenced:1. The processor reads the gate DPL from the interrupt-gate or trap-gate descriptor. The gate DPL isthe minimum privilege-level (numerically-highest value) needed by a program to access the gate.The processor compares the CPL with the gate DPL.
The CPL must be numerically less-than orequal-to the gate DPL for this check to pass.Exceptions and Interrupts233AMD64 Technology24593—Rev. 3.13—July 20072. The processor compares the CPL with the interrupt-handler code-segment DPL. For this check topass, the CPL must be numerically greater-than or equal-to the code-segment DPL. This checkprevents control transfers to less-privileged interrupt handlers.Unlike call gates, no RPL comparison takes place. This is because the gate descriptor is referenced inthe IDT using the interrupt-vector number rather than a selector, and no RPL field exists in theinterrupt-vector number.Exception and interrupt handlers should be made reachable from software running at any privilegelevel that requires them.
If the gate DPL value is too low (requiring more privilege), or the interrupthandler code-segment DPL is too high (runs at lower privilege), the interrupt control transfer can failthe privilege checks. Setting the gate DPL=3 and interrupt-handler code-segment DPL=0 makes theexception handler or interrupt handler reachable from any privilege level.Figure 8-10 on page 235 shows two examples of interrupt privilege checks. In Example 1, bothprivilege checks pass:••The interrupt-gate DPL is at the lowest privilege (3), which means that software running at anyprivilege level (CPL) can access the interrupt gate.The interrupt-handler code segment is at the highest-privilege level, as indicated by DPL=0.
![](https://s.studizba.com/z.php?f=/templates/si/i/noavatar.png&w=100&h=100&t=1"){kind=avatar}
