Interrupts and Exceptions（七）

thomas_ar

Interrupt Descriptor Table
A system table called Interrupt Descriptor Table (IDT) associates each interrupt or exception vector with the address of the corresponding interrupt or exception handler. The IDT must be properly initialized before the kernel enables interrupts.
一个叫做IDT（中断描述符表）的系统表将每个中断或异常向量与对应的中断或异常处理函数的地址联系在一起。IDT必须在内核开启中断前被正确地初始化。
The IDT format is similar to that of the GDT and the LDTs examined in Chapter 2. Each entry corresponds to an interrupt or an exception vector and consists of an 8-byte descriptor. Thus, a maximum of 256 x 8 = 2048 bytes are required to store the IDT.
IDT格式与GDT和LDT相似。每个条目对应一个中断或异常向量，并且有8byte的描述符组成。因此，存储IDT需要最多256*8=2048byte。
The idtr CPU register allows the IDT to be located anywhere in memory: it specifies both the IDT base physical address and its limit (maximum length). It must be initialized before enabling interrupts by using the lidt assembly language instruction.
CPU的idtr寄存器容许IDT被存放在内存的任何位置；它指明了IDT物理基地址和限制（最大长度）。它必须在开启中断前使用lidt汇编指令初始化。
The IDT may include three types of descriptors; Figure 4-2 illustrates the meaning of the 64 bits included in each of them. In particular, the value of the Type field encoded in the bits 40-43 identifies the descriptor type.
IDT可能有三种类型的描述符。一般，bit40-43编码的Type成员值标识了描述符类型。
The descriptors are:
Task gate
Includes the TSS selector of the process that must replace the current one when an interrupt signal occurs.
包含了进程的TSS选择子，当中断信号发生是这个进程必须替换当前进程。
Interrupt gate
Includes the Segment Selector and the offset inside the segment of an interrupt or exception handler. While transferring control to the proper segment, the processor clears the IF flag, thus disabling further maskable interrupts.
包含了中断或异常处理函数在段内的段选择子和偏移。当将控制转移到合适的段时，处理器清除IF标志，因此关闭将来的可屏蔽中断。
Trap gate
Similar to an interrupt gate, except that while transferring control to the proper segment, the processor does not modify the IF flag.
与中断门类似，除了处理器不会修改IF标志。
As we'll see in the later section "Interrupt, Trap, and System Gates," Linux uses interrupt gates to handle interrupts and trap gates to handle exceptions.

Linux使用中断门处理中断，陷阱门处理异常。

The "Double fault" exception, which denotes a type of kernel misbehavior, is the only exception handled by means of a task gate (see the section "Exception Handling" later in this chapter.).
Hardware Handling of Interrupts and Exceptions
We now describe how the CPU control unit handles interrupts and exceptions. We assume that the kernel has been initialized, and thus the CPU is operating in Protected Mode.
我们现在描述CPU控制单元是如何处理中断和异常的。我们假设内核已经被初始化，因此CPU运行在保护模式。
After executing an instruction, the cs and eip pair of registers contain the logical address of the next instruction to be executed. Before dealing with that instruction, the control unit checks whether an interrupt or an exception occurred while the control unit executed the previous instruction. If one occurred, the control unit does the following:
在执行完一条指令后，cs和eip寄存器组包含了下一条将要执行的指令的逻辑地址。在执行这个指令之前，控制单元检查在它执行前一条指令时，是否有中断或异常产生。如果有，则：
1.    Determines the vector i (0 ³i³ 255) associated with the interrupt or the exception.
确定与中断或异常关联的向量i。
2.    Reads the i th entry of the IDT referred by the idtr register (we assume in the following description that the entry contains an interrupt or a trap gate).
从idtr寄存器指向的IDT中，读出第i个条目（下面假设该条目包含中断门或陷阱门）。
3.    Gets the base address of the GDT from the gdtr register and looks in the GDT to read the Segment Descriptor identified by the selector in the IDT entry. This descriptor specifies the base address of the segment that includes the interrupt or exception handler.
从gdtr寄存器中得到GDT的基地址，并在GDT中寻找，读取IDT条目中选择子标识的段描述符。这个描述符指明了包含中断或异常处理函数的段的基地址。
4.    Makes sure the interrupt was issued by an authorized source. First, it compares the Current Privilege Level (CPL), which is stored in the two least significant bits of the cs register, with the Descriptor Privilege Level (DPL) of the Segment Descriptor included in the GDT. Raises a "General protection" exception if the CPL is lower than the DPL, because the interrupt handler cannot have a lower privilege than the program that caused the interrupt. For programmed exceptions, makes a further security check: compares the CPL with the DPL of the gate descriptor included in the IDT and raises a "General protection" exception if the DPL is lower than the CPL. This last check makes it possible to prevent access by user applications to specific trap or interrupt gates.
保证中断是由授权的源提出的。首先，将CPL（当前权限级别），它存储在cs寄存器的最后2个bit，与GDT中的段描述符的DPL（要求权限级别）比较。如果CPL比DPL低，则产生一个“General Protection”异常，因为中断处理函数的权限不能比引发中断的程序低。对于可编程异常，做更进一步的安全检查：将CPL与IDT中对应的门描述符的DPL比较，同样如果CPL低于DPL则产生“General Protection”异常。最后一个检查可以阻止用户程序访问指定的陷阱门或中断门。
5.    Checks whether a change of privilege level is taking place that is, if CPL is different from the selected Segment Descriptor's DPL. If so, the control unit must start using the stack that is associated with the new privilege level. It does this by performing the following steps:
检查是否权限级别发生了变化，即如果CPL不同于选定的段描述符的DPL。如果是，控制单元必须开始使用与新的权限级别关联的栈：
a.    Reads the tr register to access the TSS segment of the running process.
读取tr寄存器，访问正在运行进程的TSS段。
b.    Loads the ss and esp registers with the proper values for the stack segment and stack pointer associated with the new privilege level. These values are found in the TSS (see the section "Task State Segment" in Chapter 3).
用与新的权限级别关联的堆栈段和栈指针的合适的值，加载到ss和esp寄存器中。这些值在TSS中找到。
c.    In the new stack, it saves the previous values of ss and esp, which define the logical address of the stack associated with the old privilege level.
将以前的ss和esp的值保存在新的栈中，这对值定义了与老的权限级别关联的堆栈的逻辑地址。
6.    If a fault has occurred, it loads cs and eip with the logical address of the instruction that caused the exception so that it can be executed again.
如果发生的是fault，将引发异常的指令的逻辑地址加载到cs和eip寄存器，使得那个指令能再次被执行。
7.    Saves the contents of eflags, cs, and eip in the stack.
将eflags、cs、eip的内容保存在栈中。
8.    If the exception carries a hardware error code, it saves it on the stack.
如果异常携带了一个硬件错误码，则将它保存在栈中。
9.    Loads cs and eip, respectively, with the Segment Selector and the Offset fields of the Gate Descriptor stored in the i th entry of the IDT. These values define the logical address of the first instruction of the interrupt or exception handler.
分别用IDT中第i条目中存储的门描述符的段选择子和偏移加载到cs和eip寄存器中。这些值定义了中断或异常处理函数的第一条指令的逻辑地址。
The last step performed by the control unit is equivalent to a jump to the interrupt or exception handler. In other words, the instruction processed by the control unit after dealing with the interrupt signal is the first instruction of the selected handler.
控制单元进行的最后一步等同于跳到中断或异常处理函数。换句话说，控制单元在解决完中断信号后，处理的指令就是选中的处理函数的第一条指令。
After the interrupt or exception is processed, the corresponding handler must relinquish control to the interrupted process by issuing the iret instruction, which forces the control unit to:
在中断或异常处理完以后，对应的处理函数必须通过iret指令，将控制权交还给被中断的进程，这个指令强迫控制单元做：
1.    Load the cs, eip, and eflags registers with the values saved on the stack. If a hardware error code has been pushed in the stack on top of the eip contents, it must be popped before executing iret.
将保存在栈内的值加载到cs、eip和eflags寄存器中。如果硬件错误码已经被压入栈中，并在eip内容的顶部，它必须在执行iret前被弹出栈。
2.    Check whether the CPL of the handler is equal to the value contained in the two least significant bits of cs (this means the interrupted process was running at the same privilege level as the handler). If so, iret concludes execution; otherwise, go to the next step.
检查处理函数的CPL是否等于cs最后2bit的值（意味着每中断的进程与处理函数运行在同一权限级别）。如果是的话，iret结束执行，否则下一步：
3.    Load the ss and esp registers from the stack and return to the stack associated with the old privilege level.
从栈中加载ss和esp寄存器的值，并返回到与旧的权限级别关联的栈。
4.    Examine the contents of the ds, es, fs, and gs segment registers; if any of them contains a selector that refers to a Segment Descriptor whose DPL value is lower than CPL, clear the corresponding segment register. The control unit does this to forbid User Mode programs that run with a CPL equal to 3 from using segment registers previously used by kernel routines (with a DPL equal to 0). If these registers were not cleared, malicious User Mode programs could exploit them in order to access the kernel address space.
检查ds、es、fs、gs段寄存器；如果其中任何一个包含的段选择子所指向的段描述符的DPL比CPL低，则清空对应的段寄存器。控制单元做这个是为了禁止运行在CPL为3的用户空间程序使用内核之前使用的段寄存器（DPL为0），恶意的用户空间程序可能利用这一点来达到访问内核地址空间的目的。


本文来自ChinaUnix博客，如果查看原文请点：http://blog.chinaunix.net/u2/65228/showart_693469.html