Jump to content

Interrupt descriptor table

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by 73.19.109.188 (talk) at 17:56, 24 July 2022 (Protected and long mode). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

The Interrupt Descriptor Table (IDT) is a data structure used by the x86 architecture to implement an interrupt vector table. The IDT is used by the processor to determine the correct response to interrupts and exceptions.

The details in the description below apply specifically to the x86 architecture and the AMD64 architecture. Other architectures have similar data structures, but may behave differently.

Use of the IDT is triggered by three types of events: hardware interrupts, software interrupts, and processor exceptions, which together are referred to as interrupts. The IDT consists of 256 interrupt vectors–the first 32 (0–31 or 0x00–0x1F) of which are used for processor exceptions.[1]

Real mode

In real mode, the interrupt table is called IVT (interrupt vector table). Up to the 80286, the IVT always resided at the same location in memory, ranging from 0x0000 to 0x03ff, and consisted of 256 far pointers. Hardware interrupts may be mapped to any of the vectors by way of a programmable interrupt controller. On the 80286 and later, the size and locations of the IVT can be changed in the same way as it is done with the IDT (Interrupt descriptor table) in protected mode (i.e., via the LIDT (Load Interrupt Descriptor Table Register) instruction) though it does not change the format of it.[2]

BIOS interrupts

The BIOS provides simple real-mode access to a subset of hardware facilities by registering interrupt handlers. They are invoked as software interrupts with the INT instruction and the parameters are passed via registers. These interrupts are used for various tasks like detecting the system memory layout, configuring VGA output and modes, and accessing the disk early in the boot process.

Protected and long mode

The IDT is an array of descriptors stored consecutively in memory and indexed by the vector number. It is not necessary to use all of the possible entries: it is sufficient to populate the table up to the highest interrupt vector used, and set the IDT length portion of the IDTR accordingly.

The IDTR register is used to store both the linear base address and the limit (length in bytes minus 1) of the IDT. When an interrupt occurs, the processor multiplies the interrupt vector by the entry size (8 for protected mode, 16 for long mode) and adds the result to the IDT base address.[3] If the address is inside the table, the DPL is checked and the interrupt is handled based on the gate type.

The descriptors may be either interrupt gates, trap gates or, for 32-bit protected mode only, task gates. Interrupt and trap gates point to a memory location containing code to execute by specifying both a segment (present in either the GDT or LDT) and an offset within that segment. The only difference between trap and interrupt gates is that interrupt gates will disable further processor handling of maskable hardware interrupts, making them suitable to handle hardware-generated interrupts (conversely, trap gates are useful for handling software interrupts and exceptions). A task gate will cause the currently active task-state segment to be switched, using the hardware task switch mechanism to effectively hand over use of the processor to another program, thread or process.

Processor-generated exceptions

All INT_NUM between 0x0 and 0x1F, inclusive, are reserved for exceptions; INT_NUM bigger than 0x1F are used for interrupt routines. (the IBM PC did not always obey this rule, for instance using interrupt 5 to indicate the Print Screen key was pressed.)

INT_NUM Short Description PM[clarification needed]
0x00 Division by zero
0x01 Single-step interrupt (see trap flag)
0x02 NMI
0x03 Breakpoint (which benefits from the shorter 0xCC encoding of INT 3)
0x04 Overflow
0x05 Bound Range Exceeded
0x06 Invalid Opcode
0x07 Coprocessor not available
0x08 Double Fault
0x09 Coprocessor Segment Overrun (386 or earlier only)
0x0A Invalid Task State Segment
0x0B Segment not present
0x0C Stack Segment Fault
0x0D General Protection Fault
0x0E Page Fault
0x0F reserved
0x10 x87 Floating Point Exception
0x11 Alignment Check
0x12 Machine Check
0x13 SIMD Floating-Point Exception
0x14 Virtualization Exception
0x15 Control Protection Exception (only available with CET)

Hooking

Some Windows programs hook calls to the IDT. This involves writing a kernel mode driver that intercepts calls to the IDT and adds in its own processing. This has never been officially supported by Microsoft, but was not programatically prevented on its operating systems until 64-bit versions of Windows, where a driver that attempts to use a kernel mode hook will cause the machine to bug check.[4]

References

  1. ^ "Exceptions - OSDev Wiki". wiki.osdev.org. Retrieved 2021-04-17.
  2. ^ Intel® 64 and IA-32 Architectures Software Developer’s Manual, 20.1.4 Interrupt and Exception Handling
  3. ^ Intel® 64 and IA-32 Architectures Software Developer’s Manual, 6.12.1 Exception- or Interrupt-Handler Procedures
  4. ^ "Patching Policy for x64-Based Systems". If the operating system detects one of these modifications or any other unauthorized patch, it will generate a bug check and shut down the system.
General