Vol. 3A 6-13
INTERRUPT AND EXCEPTION HANDLING
To return from an exception- or interrupt-handler procedure, the handler must use the IRET (or IRETD) instruction.
The IRET instruction is similar to the RET instruction except that it restores the saved flags into the EFLAGS
register. The IOPL field of the EFLAGS register is restored only if the CPL is 0. The IF flag is changed only if the CPL
is less than or equal to the IOPL. See Chapter 3, “Instruction Set Reference, A-L,” of the Intel® 64 and IA-32 Archi-
tectures Software Developer’s Manual, Volume 2A, for a description of the complete operation performed by the
IRET instruction.
If a stack switch occurred when calling the handler procedure, the IRET instruction switches back to the interrupted
procedure’s stack on the return.
6.12.1.1 Protection of Exception- and Interrupt-Handler Procedures
The privilege-level protection for exception- and interrupt-handler procedures is similar to that used for ordinary
procedure calls when called through a call gate (see Section 5.8.4, “Accessing a Code Segment Through a Call
Gate”). The processor does not permit transfer of execution to an exception- or interrupt-handler procedure in a
less privileged code segment (numerically greater privilege level) than the CPL.
An attempt to violate this rule results in a general-protection exception (#GP). The protection mechanism for
exception- and interrupt-handler procedures is different in the following ways:
•
Because interrupt and exception vectors have no RPL, the RPL is not checked on implicit calls to exception and
interrupt handlers.
•
The processor checks the DPL of the interrupt or trap gate only if an exception or interrupt is generated with an
INT n, INT 3, or INTO instruction. Here, the CPL must be less than or equal to the DPL of the gate. This
restriction prevents application programs or procedures running at privilege level 3 from using a software
interrupt to access critical exception handlers, such as the page-fault handler, providing that those handlers are
placed in more privileged code segments (numerically lower privilege level). For hardware-generated
interrupts and processor-detected exceptions, the processor ignores the DPL of interrupt and trap gates.
Figure 6-4. Stack Usage on Transfers to Interrupt and Exception-Handling Routines
CS
Error Code
EFLAGS
CS
EIP
ESP After
Transfer to Handler
Error Code
ESP Before
Transfer to Handler
EFLAGS
EIP
SS
ESP
Stack Usage with No
Privilege-Level Change
Stack Usage with
Privilege-Level Change
Interrupted Procedure’s
Interrupted Procedure’s
and Handler’s Stack
Handler’s Stack
ESP After
Transfer to Handler
Transfer to Handler
ESP Before
Stack