43 aula

(1)

Interface Hardware-Software

Aula 4-3

Protected Mode Interrupts

Prof. Dr. Stefan Michael Blawid

(2)

Tópicos

1) Protected Mode Interrupts and Exceptions 2) Mode Switching

(3)

IHS - §4 ProMo Interrupts 3

Tópicos

1) Protected Mode Interrupts and Exceptions

2) Mode Switching 3) INT 80H (Linux)

(4)

Protected Mode Interruptions and Exceptions

Support and mechanism for interrupt and exception handling differs from real mode

Specific Registers Descriptors

Interrupt Descriptor Tables

However the number of interrupt vectors remains the same: 256 vectors (0 – 255)

With protected mode, some vector numbers are devoted to protection-related exception / interrupt types

Type 13: General Protection Fault Type 14: Page Fault

(5)

(6)

Exception Types

Fault can usually be fixed and allows the program to restart without

loss of continuity:

The return address of the fault handler (CS and EIP) points to the instruction that generated the fault instead to the following instruction

Example: Page fault

Trap is generated immediately after the instruction that caused it

and allows the program to continue:

Trap handler return address is to the statement following the one that generated the trap

Example: Overflow

Abort does not pinpoint the precise location of the statement that

caused the exception, nor does it allow a program restart: Example: Inconsistencies in descriptor tables

(7)

Interrupt/Exception Support

Control transfer to handlers (ISRs) is done through interrupt gates and trap gates

Descriptors of these types of gates are in the Interrupt Descriptor Table (IDT)

(8)

Interrupt Descriptor Table

Three types of descriptors:

Interrupt Gates: IF (Interrupt Flag) in EFLAGS is cleared after the

register is pushed onto the stack. The ISR cannot be interrupted by a maskable HW interrupt. IF is restored by iret

Trap Gates: IF in EFLAGS is not cleared after the register is

pushed onto the stack. Maskable HW interrupts can be registered during ISR execution

Task Gates: A task switch occurs, NT in EFLAGS is set, and the

target task acts as the ISR. The suspended task is resumed by iret Although not a rule, maskable HW interrupts typically select an

interrupt gate while SW interrupts/exceptions a trap gate; Task Gates are needed if the ISR is provided by a separate task.

Each descriptor is 8 bytes long IDT has 256 (or less) entries

(9)

IDTR

The IDTR register is 48 bits long and holds the 32-bit base address and the 16-bit IDT limit

However, the IDT should only have a maximum of 256 8-byte entries, so only 11 bits would be required for the limit

IDTR is loaded with base address and limit, usually at OS startup

lidt instruction loads IDTR

(10)

(11)

(12)

Handling Interruptions / Exceptions

CPL <= DPLg

DPLs < CPL

Stack change DPLs == CPL

(13)

Stack Change During Interruption Treatment

When the handler is located at a code segment with a higher (numerically lower) privilege level, a stack swap occurs

Execution transfer to a lower (numerically higher) privilege handler is not possible ➡ GP (General Protection) exception

(14)

(15)

(16)

Tópicos

1) Protected Mode Interrupts and Exceptions

2) Mode Switching

(17)

Privileged Instructions

There are instructions that can only be executed at zero privilege level

These are typically instructions that manipulate registers and data structures that support protection

Control Registers (CR0-CR4)

Descriptor Table Registers (GDTR, LDTR, IDTR) Table of Descriptors

(18)

(19)

The

ARPL Instruction

Adjust RPL field of segment selector; Syntax: arpl dest, src

Compares the RPL fields (2-bits) of the two selectors (16 bit) loaded in dest and src. If RPL_dest < RPL_src, ZF in EFLAGS is set and the destination RPL matched to the source RPL

Generally used to adjust the RPL of a segment selector (dest) that has been passed to the OS by an application to match the PL of the application (src = CS selector of the application)

(20)

Example: The

ARPL Instruction

DS D is protected RPL > DPL=CPL

Becomes CPL

Well behaved app (RPL=CPL)

Not well behaved (RPL < CPL)

To ensure protection:

(21)

Switching from Real to Protected Mode

Boot starts in real mode and then changes to protected mode Multi-stage Boot loader

Allows 32-bit kernel loading and execution Some steps are imperative for this change:

GDT creation and initialization IDT creation and initialization

Loading table registers with table base addresses Inhibition of external interruptions

Change control register to run in protected mode

(22)

(23)

(24)

Switching to Protected Mode …

(25)

(26)

(27)

Tópicos

1) Protected Mode Interrupts and Exceptions 2) Mode Switching

(28)

What Changes for the Programmer …

… in Protected Mode?

Some new instructions are available: Privileged instructions …

… Instructions that support writing OS (or parts) such as sgdt (saving the GDTR register in a memory location); sidt; …

… and other commonly used ones, e.g., sysenter (32-bit system call ) and syscall (64-bit system call)

Instead of using BIOS interrupts, system calls can be made through: OS interruptions

Specific Instructions OS procedure calls

(29)

Using the Linux System Call

INT 80H

When using this Linux interrupt, you must specify which service you want to use:

Specified by placing the service number in the EAX register

Service parameters must be loaded in EBX, ECX, and EDX (for 32-bit architectures)

(30)

(31)

(32)

(33)

INT 80H: Reading and Writing a String (cont.)

System call for read (EAX = 3): The read variable is written in the memory address given by ECX

(34)

(35)

Using

syscall

The syscall instruction is used for 64-bit processors

Allows faster access to codes that run at privilege level 0

When using this instruction, you must specify which service you want to use (depends on the OS used)

Specified by placing the service number in the RAX register

Service parameters must be loaded in RDI, RSI, RDX, R10, R8, and R9

Obs: 64-bit x86 adds eight more GPRs (R8-R15) and extends the existing eight (`E´ ➡ `R´ )

(36)

(37)