Volume 2 System Programming (794096), страница 66
Текст из файла (страница 66)
Thismeans software running at any privilege can enter the interrupt handler through the interrupt gate.234Exceptions and Interrupts24593—Rev. 3.13—July 2007CSAMD64 TechnologyCPL=2Interrupt VectorAccessAllowed≤?DPL=3Gate Descriptor≥Access AllowedInterruptHandlerAccessAllowedDPL=0Code DescriptorExample 1: Privilege Check PassesCSCPL=2Interrupt VectorAccessDenied≤?DPL=0Gate Descriptor≥Access DeniedInterruptHandlerAccessDeniedDPL=3Code DescriptorExample 2: Privilege Check Fails513-244.epsFigure 8-10.
Privilege-Check Examples for InterruptsIn Example 2, both privilege checks fail:•The interrupt-gate DPL specifies that only software running at privilege-level 0 can access thegate. The current program does not have a high enough privilege level to access the interrupt gate,since its CPL is set at 2.Exceptions and Interrupts235AMD64 Technology•24593—Rev. 3.13—July 2007The interrupt handler has a lower privilege (DPL=3) than the currently-running software (CPL=2).Transitions from more-privileged software to less-privileged software are not allowed, so thisprivilege check fails as well.Although both privilege checks fail, only one such failure is required to deny access to the interrupthandler.8.7.5 Returning From Interrupt ProceduresA return to an interrupted program should be performed using the IRET instruction.
An IRET is a farreturn to a different code segment, with or without a change in privilege level. The actions of an IRETin both cases are described in the following sections.IRET, Same Privilege. Before performing the IRET, the stack pointer must point to the return EIP. Ifthere was an error code pushed onto the stack as a result of the exception or interrupt, that error codeshould have been popped off the stack earlier by the handler.
The IRET reverses the actions of theinterrupt mechanism:1. Pops the return pointer off of the stack, loading both the CS register and EIP register (RIP[31:0])with the saved values. The return code-segment RPL is read by the processor from the CS valuestored on the stack to determine that an equal-privilege control transfer is occurring.2. Pops the saved EFLAGS image off of the stack and into the EFLAGS register.3. Transfers control to the return program at the target CS:EIP.IRET, Less Privilege. If an IRET changes privilege levels, the return program must be at a lowerprivilege than the interrupt handler. The IRET in this case causes a stack switch to occur:1.
The return pointer is popped off of the stack, loading both the CS register and EIP register(RIP[31:0]) with the saved values. The return code-segment RPL is read by the processor from theCS value stored on the stack to determine that a lower-privilege control transfer is occurring.2. The saved EFLAGS image is popped off of the stack and loaded into the EFLAGS register.3. The return-program stack pointer is popped off of the stack, loading both the SS register and ESPregister (RSP[31:0]) with the saved values.4.
Control is transferred to the return program at the target CS:EIP.8.8Virtual-8086 Mode Interrupt Control TransfersThis section describes interrupt control transfers as they relate to virtual-8086 mode. Virtual-8086mode is not supported by long mode. Therefore, the control-transfer mechanism described here is notapplicable to long mode.When a software interrupt occurs (not external interrupts, INT1, or INT3) while the processor isrunning in virtual-8086 mode (EFLAGS.VM=1), the control transfer that occurs depends on threesystem controls:236Exceptions and Interrupts24593—Rev.
3.13—July 2007AMD64 Technology•EFLAGS.IOPL—This field controls interrupt handling based on the CPL. See “I/O Privilege LevelField (IOPL) Field” on page 52 for more information on this field.Setting IOPL<3 redirects the interrupt to the general-protection exception (#GP) handler.•CR4.VME—This bit enables virtual-mode extensions.
See “Virtual-8086 Mode Extensions (VME)Bit” on page 47 for more information on this bit.TSS Interrupt-Redirection Bitmap—The TSS interrupt-redirection bitmap contains 256 bits, onefor each possible INTn vector (software interrupt). When CR4.VME=1, the bitmap is used by theprocessor to direct interrupts to the handler provided by the currently-running 8086 program(bitmap entry is 0), or to the protected-mode operating-system interrupt handler (bitmap entry is1).
See “Legacy Task-State Segment” on page 311 for information on the location of this fieldwithin the TSS.•If IOPL<3, CR4.VME=1, and the corresponding interrupt redirection bitmap entry is 0, the processoruses the virtual-interrupt mechanism. See “Virtual Interrupts” on page 245 for more information onthis mechanism.Table 8-10 summarizes the actions of the above system controls on interrupts taken when theprocessor is running in virtual-8086 mode.Table 8-10.
Virtual-8086 Mode Interrupt MechanismsEFLAGS.IOPL0, 1, or 23CR4.VMETSS InterruptRedirectionBitmap Entry0—11100—1110Interrupt MechanismGeneral-Protection ExceptionVirtual InterruptProtected-Mode HandlerVirtual 8086 Handler8.8.1 Protected-Mode Handler Control TransferControl transfers to protected-mode handlers from virtual-8086 mode differ from standard protectedmode transfers in several ways. The processor follows these steps in making the control transfer:1. Reads the CPL=0 stack pointer (SS:ESP) from the TSS.2.
Pushes the GS, FS, DS, and ES selector registers onto the stack. Each push is padded with twobytes to form a doubleword.3. Clears the GS, FS, DS, and ES selector registers to 0. This places a null selector in each of thefour registers4. Pushes the return stack pointer (old SS:ESP) onto the new stack. The SS value is padded with twobytes to form a doubleword.Exceptions and Interrupts237AMD64 Technology24593—Rev. 3.13—July 20075. Pushes the EFLAGS register onto the new stack.6. Clears the following EFLAGS bits to 0: TF, NT, RF, and VM.7.
Handles EFLAGS.IF based on the gate-descriptor type:- If the gate descriptor is an interrupt gate, EFLAGS.IF is cleared to 0.- If the gate descriptor is a trap gate, EFLAGS.IF is not modified.8. Pushes the return-address pointer (CS:EIP) onto the stack. The CS value is padded with two bytesto form a doubleword.9. If the interrupt has an associated error code, pushes the error code onto the stack.10. Loads the segment-selector field from the gate descriptor into the CS register, and loads the offsetfield from the gate descriptor into the EIP register.11.
Begins execution of the interrupt handler with the instruction referenced by the new CS:EIP.Figure 8-11 shows the new stack after control is transferred to the interrupt handler with an error code.With Error CodeInterrupt-Handler StackWith No Error CodeReturn GS +36Return FS+32Return GS +32Return DS +28Return FSReturn ES +24Return DS +24Return SS +20Return ES+20Return SS+16Return ESP+16Return EFLAGS+12Return CS +8Return EIPError Code+28Return ESP+12Return EFLAGS+8Return CS +4+4New SS:ESP(From TSS, CPL=0)Return EIPSS:ESP513-249.epsFigure 8-11.Stack After Virtual-8086 Mode Interrupt to Protected ModeAn IRET from privileged protected-mode software (CPL=0) to virtual-8086 mode reverses the stackbuild process. After the return pointer, EFLAGS, and return stack-pointer are restored, the processorrestores the ES, DS, FS, and GS registers by popping their values off the stack.238Exceptions and Interrupts24593—Rev.
3.13—July 2007AMD64 Technology8.8.2 Virtual-8086 Handler Control TransferWhen a control transfer to an 8086 handler occurs from virtual-8086 mode, the processor creates aninterrupt-handler stack identical to that created when an interrupt occurs in real mode (see Figure 8-6on page 229). The processor performs the following actions during a control transfer:1.
Pushes the FLAGS register (EFLAGS[15:0]) onto the stack.2. Clears the EFLAGS.IF and EFLAGS.RF bits to 0.3. Saves the CS register and IP register (RIP[15:0]) by pushing them onto the stack.4. Locates the interrupt-handler pointer (CS:IP) in the 8086 IDT by scaling the interrupt vector byfour and adding the result to the virtual (linear) address 0. The value in the IDTR is not used.5. Transfers control to the interrupt handler referenced by the CS:IP in the IDT.An IRET from the 8086 handler back to virtual-8086 mode reverses the stack-build process.8.9Long-Mode Interrupt Control TransfersThe long-mode architecture expands the legacy interrupt-mechanism to support 64-bit operatingsystems and applications. These changes include:•••••••All interrupt handlers are 64-bit code and operate in 64-bit mode.The size of an interrupt-stack push is fixed at 64 bits (8 bytes).The interrupt-stack frame is aligned on a 16-byte boundary.The stack pointer, SS:RSP, is pushed unconditionally on interrupts, rather than conditionally basedon a change in CPL.The SS selector register is loaded with a null selector as a result of an interrupt, if the CPL changes.The IRET instruction behavior changes, to unconditionally pop SS:RSP, allowing a null SS to bepopped.A new interrupt stack-switch mechanism, called the interrupt-stack table or IST, is introduced.8.9.1 Interrupt Gates and Trap GatesOnly long-mode interrupt and trap gates can be referenced in long mode (64-bit mode andcompatibility mode).
The legacy 32-bit interrupt-gate and 32-bit trap-gate types (0Eh and 0Fh, asdescribed in “System Descriptors” on page 88) are redefined in long mode as 64-bit interrupt-gate and64-bit trap-gate types. 32-bit and 16-bit interrupt-gate and trap-gate types do not exist in long mode,and software is prohibited from using task gates. If a reference is made to any gate other than a 64-bitinterrupt gate or a 64-bit trap gate, a general-protection exception (#GP) occurs.The long-mode gate types are 16 bytes (128 bits) long. They are an extension of the legacy-mode gatetypes, allowing a full 64-bit segment offset to be stored in the descriptor. See “Legacy SegmentDescriptors” on page 77 for a detailed description of the gate-descriptor format and fields.Exceptions and Interrupts239AMD64 Technology24593—Rev.
3.13—July 20078.9.2 Locating the Interrupt HandlerWhen an interrupt occurs in long mode, the processor multiplies the interrupt-vector number by 16 anduses the result as an offset into the IDT. The gate descriptor referenced by the IDT offset contains asegment-selector and a 64-bit segment-offset field.
The gate-descriptor segment-offset field containsthe complete virtual address for the interrupt handler. The gate-descriptor segment-selector field pointsto the target code-segment descriptor located in either the GDT or LDT. The code-segment descriptoris only used for privilege-checking purposes and for placing the processor in 64-bit mode. The codesegment-descriptor base field, limit field, and most attributes are ignored.Figure 8-12 shows how the long-mode interrupt handler is located by the interrupt mechanism.Interrupt-DescriptorTableCode-Segment OffsetCS SelectorDPLInterrupt Vector+*16IDT LimitIDT Base AddressGlobal- or LocalDescriptor TableInterrupt-Descriptor-Table RegisterVirtual-AddressSpaceCS LimitDPLCode-Segment BaseInterrupt Handler513-245.epsFigure 8-12.240Long-Mode Interrupt Control TransferExceptions and Interrupts24593—Rev.
![](https://s.studizba.com/z.php?f=/templates/si/i/noavatar.png&w=100&h=100&t=1"){kind=avatar}
