Volume 2 System Programming (794096), страница 82
Текст из файла (страница 82)
If this check fails, the task switch is abortedwithout modifying the processor state, and an invalid-TSS exception (#TS) occurs.The current-task state is saved in the TSS. This includes the next-instruction pointer (EIP),EFLAGS, the general-purpose registers, and the segment-selector registers.Up to this point, any exception that occurs aborts the task switch without changing the processorstate. From this point forward, any exception that occurs does so in the context of the new task. Ifan exception occurs in the context of the new task during a task switch, the processor finishesloading the new-task state without performing additional checks. The processor transfers control tothe #TS handler after this state is loaded, but before the first instruction is executed in the new task.When a #TS occurs, it is possible that some of the state loaded by the processor did not participatein segment access checks.
The #TS handler must verify that all segments are accessible beforereturning to the interrupted task.The task register (TR) is loaded with the new-task TSS selector, and the hidden portion of the TR isloaded with the new-task descriptor. The TSS now referenced by the processor is that of the newtask.The current task is marked as busy. The previous task is marked as available or remains busy, basedon the type of linkage. See “Nesting Tasks” on page 323 for more information.CR0.TS is set to 1.
This bit can be used to save other processor state only when it becomesnecessary. For more information, see the next section, “Saving Other Processor State.”The new-task state is loaded from the TSS. This includes the next-instruction pointer (EIP),EFLAGS, the general-purpose registers, and the segment-selector registers. The processor clearsthe segment-descriptor present (P) bits (in the hidden portion of the segment registers) to preventaccess into the new segments, until the task switch completes successfully.The LDTR and CR3 registers are loaded from the TSS, changing the virtual-to-physical mappingfrom that of the old task to the new task. Because this is done in the middle of accessing the newTSS, system software must guarantee that TSS addresses are translated identically in all tasks.320Task Management24593—Rev. 3.13—July 2007•AMD64 TechnologyThe descriptors for all previously-loaded segment selectors are loaded into the hidden portion ofthe segment registers.
This sets or clears the P bits for the segments as specified by the newdescriptor values.If the above steps complete successfully, the processor begins executing instructions in the new taskbeginning with the instruction referenced by the CS:EIP far pointer loaded from the new TSS. Theprivilege level of the new task is taken from the new CS segment selector’s RPL.Saving Other Processor State. The processor does not automatically save the registers used by themedia or x87 instructions. Instead, the processor sets CR0.TS to 1 during a task switch.
Later, when anattempt is made to execute any of the media or x87 instructions while TS=1, a device-not-availableexception (#NM) occurs. System software can then save the previous state of the media and x87registers and clear the CR0.TS bit to 0 before executing the next media/x87 instruction. As a result, themedia and x87 registers are saved only when necessary after a task switch.12.3.3 Task Switches Using Task GatesWhen a control transfer to a new task occurs through a task gate, the processor reads the task-gate DPL(DPLG) from the task-gate descriptor.
Two privilege checks, both of which must pass, are performedon DPLG before the task switch can occur successfully:••The processor compares the CPL with DPLG. The CPL must be numerically less than or equal toDPLG for this check to pass. In other words, the following expression must be true: CPL ≤ DPLG.The processor compares the RPL in the task-gate selector with DPLG. The RPL must benumerically less than or equal to DPLG for this check to pass.
In other words, the followingexpression must be true: RPL ≤ DPLG.Unlike call-gate control transfers, the processor does not read the DPL from the target TSS descriptor(DPLS) and compare it with the CPL when a task gate is used.Figure 12-10 on page 322 shows two examples of task-gate privilege checks.
In Example 1, theprivilege checks pass:••The task-gate DPL (DPLG) is at the lowest privilege (3), specifying that software running at anyprivilege level (CPL) can access the gate.The selector referencing the task gate passes its privilege check because the RPL is numericallyless than or equal to DPLG.In Example 2, both privilege checks fail:••The task-gate DPL (DPLG) specifies that only software at privilege-level 0 can access the gate.
Thecurrent program does not have enough privilege to access the task gate, because its CPL is 2.The selector referencing the task-gate descriptor does not have a high enough privilege to completethe reference. Its RPL is numerically greater than DPLG.Although both privilege checks failed in the example, if only one check fails, access into the target taskis denied.Task Management321AMD64 Technology24593—Rev. 3.13—July 2007Because the legacy task-switch mechanism is not supported in long mode, software cannot use taskgates in long mode. Any attempt to transfer control to another task using a task gate in long modecauses a general-protection exception (#GP) to occur.CSCPL=2Task-GateSelectorRPL=3DPLG=3Task-StateSegmentTask-Gate DescriptorDPLSAccess AllowedTSS DescriptorExample 1: Privilege Check PassesCSCPL=2Task-GateSelectorRPL=3DPLG=0Task-StateSegmentTask-Gate DescriptorDPLSAccess DeniedTSS DescriptorExample 2: Privilege Check Fails513-255.epsFigure 12-10.
Privilege-Check Examples for Task Gates322Task Management24593—Rev. 3.13—July 2007AMD64 Technology12.3.4 Nesting TasksThe hardware task-switch mechanism supports task nesting through the use of EFLAGS nested-task(NT) bit and the TSS link-field. The manner in which these fields are updated and used during a taskswitch depends on how the task switch is initiated:•••The JMP instruction does not update EFLAGS.NT or the TSS link-field.
Task nesting is notsupported by the JMP instruction.The CALL instruction, INTn instructions, interrupts, and exceptions can only be performed fromouter-level tasks to inner-level tasks. All of these operations set the EFLAGS.NT bit for the newtask to 1 during a task switch, and copy the selector for the previous task into the new-task linkfield.An IRET instruction which returns to another task only occurs when the EFLAGS.NT bit for thecurrent task is set to 1, and only can be performed from an inner-level task to an outer-level task.When an IRET results in a task switch, the new task is referenced using the selector stored in thecurrent-TSS link field. The EFLAGS.NT bit for the current task is cleared to 0 during the taskswitch.Table 12-1 summarizes the effect various task-switch initiators have on EFLAGS.NT, the TSS linkfield, and the TSS-busy bit.
(For more information on the busy bit, see the next section, “PreventingRecursion.”)Table 12-1.Effects of Task NestingOld TaskTask-SwitchNew TaskInitiatorEFLAGS.NTLink(Selector)BusyEFLAGS.NTLink(Selector)BusyJMP——Clear to 0(was 1)——Set to 1—(Was 1)Set to 1Old TaskSet to 1CALLINTnInterruptExceptionIRET—Clear to 0(was 1)—Clear to 0(was 1)—Note:“—” indicates no change is made.Programs running at any privilege level can set EFLAGS.NT to 1 and execute the IRET instruction totransfer control to another task.
System software can keep control over improperly nested-taskswitches by initializing the link field of all TSSs that it creates. That way, improperly nested-taskswitches always transfer control to a known task.Preventing Recursion. Task recursion is not allowed by the hardware task-switch mechanism. Ifrecursive-task switches were allowed, they would replace a previous task-state image with a newerimage, discarding the previous information.
To prevent recursion from occurring, the processor usesTask Management323AMD64 Technology24593—Rev. 3.13—July 2007the busy bit located in the TSS-descriptor type field (bit 9 of byte +4). Use of this bit depends on howthe task switch is initiated:•••The JMP instruction clears the busy bit in the old task to 0 and sets the busy bit in the new task to 1.A general-protection exception (#GP) occurs if an attempt is made to JMP to a task with a set busybit.The CALL instruction, INTn instructions, interrupts, and exceptions set the busy bit in the newtask to 1.
The busy bit in the old task remains set to 1, preventing recursion through task-nestinglevels. A general-protection exception (#GP) occurs if an attempt is made to switch to a task with aset busy bit.An IRET to another task (EFLAGS.NT must be 1) clears the busy bit in the old task to 0.
The busybit in the new task is not altered, because it was already set to 1.Table 12-1 on page 323 summarizes the effect various task-switch initiators have on the TSS-busy bit.324Task Management24593—Rev. 3.13—July 200713AMD64 TechnologyDebug and Performance ResourcesTesting, debug, and performance optimization consume a significant portion of the time needed todevelop a new computer or software product and move it successfully into production. To staycompetitive, product developers need tools that allow them to rapidly detect, isolate, and correctproblems before a product is shipped.
The goal of the debug and performance features incorporatedinto processor implementations of the AMD64 architecture is to support the tool chain solutions usedin software-product and hardware-product development.The debug and performance resources that can be supported by AMD64 architecture implementationsinclude:••Software Debug—The AMD64 architecture supports the legacy software-debug facilities,including the debug registers (DR0–DR7), debug exception, and breakpoint exception. Additionalfeatures are provided using model-specific registers (MSRs). These registers are used to setbreakpoints on branches, interrupts, and exceptions and to single step from one branch to the next.The software-debug capability is described in “Software-Debug Resources” on page 325.Performance Monitoring—Model-specific registers (MSRs) are provided to monitor events withinan implementation of the AMD64 architecture.
![](https://s.studizba.com/z.php?f=/templates/si/i/noavatar.png&w=100&h=100&t=1"){kind=avatar}
