Interrupt descriptor table
This article includes a list of general references, but it lacks sufficient corresponding inline citations. (September 2013) |
The Interrupt Descriptor Table (IDT) is a data structure used by the x86 architecture to implement an interrupt vector table. The IDT is used by the processor to determine the correct response to interrupts and exceptions.
The details in the description below apply specifically to the x86 architecture and the AMD64 architecture. Other architectures have similar data structures, but may behave differently.
Use of the IDT is triggered by three types of events: hardware interrupts, software interrupts, and processor exceptions, which together are referred to as interrupts. The IDT consists of 256 interrupt vectors–the first 32 (0–31 or 0x00–0x1F) of which are used for processor exceptions.[1]
Real mode
In real mode, the interrupt table is called IVT (interrupt vector table). Up to the 80286, the IVT always resided at the same location in memory, ranging from 0x0000
to 0x03ff
, and consisted of 256 far pointers. Hardware interrupts may be mapped to any of the vectors by way of a programmable interrupt controller. On the 80286 and later, the size and locations of the IVT can be changed in the same way as it is done with the IDT (Interrupt descriptor table) in protected mode (i.e., via the LIDT (Load Interrupt Descriptor Table Register) instruction) though it does not change the format of it.[2]
BIOS interrupts
The BIOS provides simple real-mode access to a subset of hardware facilities by registering interrupt handlers. They are invoked as software interrupts with the INT instruction and the parameters are passed via registers. These interrupts are used for various tasks like detecting the system memory layout, configuring VGA output and modes, and accessing the disk early in the boot process.
Protected and long mode
The IDT is an array of descriptors stored consecutively in memory and indexed by the vector number. It is not necessary to use all of the possible entries: it is sufficient to populate the table up to the highest interrupt vector used, and set the IDT length portion of the IDTR
accordingly.
The IDTR register is used to store both the linear base address and the limit (length in bytes minus 1) of the IDT. When an interrupt occurs, the processor multiplies the interrupt vector by the entry size (8 for protected mode, 16 for long mode) and adds the result to the IDT base address.[3] If the address is inside the table, the DPL is checked and the interrupt is handled based on the gate type.
The descriptors may be either interrupt gates, trap gates or, for 32-bit protected mode only, task gates. Interrupt and trap gates point to a memory location containing code to execute by specifying both a segment (present in either the GDT or LDT) and an offset within that segment. The only difference between trap and interrupt gates is that interrupt gates will disable further processor handling of maskable hardware interrupts, making them suitable to handle hardware-generated interrupts (conversely, trap gates are useful for handling software interrupts and exceptions). A task gate will cause the currently active task-state segment to be switched, using the hardware task switch mechanism to effectively hand over use of the processor to another program, thread or process.
Processor-generated exceptions
All INT_NUM between 0x0 and 0x1F, inclusive, are reserved for exceptions; INT_NUM bigger than 0x1F are used for interrupt routines. (the IBM PC did not always obey this rule, for instance using interrupt 5 to indicate the Print Screen key was pressed.)
INT_NUM | Short Description PM[clarification needed] |
---|---|
0x00 | Division by zero |
0x01 | Single-step interrupt (see trap flag) |
0x02 | NMI |
0x03 | Breakpoint (which benefits from the shorter 0xCC encoding of INT 3) |
0x04 | Overflow |
0x05 | Bound Range Exceeded |
0x06 | Invalid Opcode |
0x07 | Coprocessor not available |
0x08 | Double Fault |
0x09 | Coprocessor Segment Overrun (386 or earlier only) |
0x0A | Invalid Task State Segment |
0x0B | Segment not present |
0x0C | Stack Segment Fault |
0x0D | General Protection Fault |
0x0E | Page Fault |
0x0F | reserved |
0x10 | x87 Floating Point Exception |
0x11 | Alignment Check |
0x12 | Machine Check |
0x13 | SIMD Floating-Point Exception |
0x14 | Virtualization Exception |
0x15 | Control Protection Exception (only available with CET) |
Hooking
Some Windows programs hook calls to the IDT. This involves writing a kernel mode driver that intercepts calls to the IDT and adds in its own processing. This has never been officially supported by Microsoft, but was not programatically prevented on its operating systems until 64-bit versions of Windows, where a driver that attempts to use a kernel mode hook will cause the machine to bug check.[4]
References
- ^ "Exceptions - OSDev Wiki". wiki.osdev.org. Retrieved 2021-04-17.
- ^ Intel® 64 and IA-32 Architectures Software Developer’s Manual, 20.1.4 Interrupt and Exception Handling
- ^ Intel® 64 and IA-32 Architectures Software Developer’s Manual, 6.12.1 Exception- or Interrupt-Handler Procedures
- ^
"Patching Policy for x64-Based Systems".
If the operating system detects one of these modifications or any other unauthorized patch, it will generate a bug check and shut down the system.
- General
External links
- Intel 64 and IA-32 Architectures Software Developer’s Manual, Volume 3A:System Programming Guide, Part 1 (see CHAPTER 5, INTERRUPT AND EXCEPTION HANDLING and CHAPTER 10, ADVANCED PROGRAMMABLE INTERRUPT CONTROLLER)]
- Interrupt Descriptor Table at OSDev.org