6-14 Vol. 3A
INTERRUPT AND EXCEPTION HANDLING
Because exceptions and interrupts generally do not occur at predictable times, these privilege rules effectively
impose restrictions on the privilege levels at which exception and interrupt- handling procedures can run. Either of
the following techniques can be used to avoid privilege-level violations.
•
The exception or interrupt handler can be placed in a conforming code segment. This technique can be used for
handlers that only need to access data available on the stack (for example, divide error exceptions). If the
handler needs data from a data segment, the data segment needs to be accessible from privilege level 3, which
would make it unprotected.
•
The handler can be placed in a nonconforming code segment with privilege level 0. This handler would always
run, regardless of the CPL that the interrupted program or task is running at.
6.12.1.2 Flag Usage By Exception- or Interrupt-Handler Procedure
When accessing an exception or interrupt handler through either an interrupt gate or a trap gate, the processor
clears the TF flag in the EFLAGS register after it saves the contents of the EFLAGS register on the stack. (On calls
to exception and interrupt handlers, the processor also clears the VM, RF, and NT flags in the EFLAGS register, after
they are saved on the stack.) Clearing the TF flag prevents instruction tracing from affecting interrupt response. A
subsequent IRET instruction restores the TF (and VM, RF, and NT) flags to the values in the saved contents of the
EFLAGS register on the stack.
The only difference between an interrupt gate and a trap gate is the way the processor handles the IF flag in the
EFLAGS register. When accessing an exception- or interrupt-handling procedure through an interrupt gate, the
processor clears the IF flag to prevent other interrupts from interfering with the current interrupt handler. A subse-
quent IRET instruction restores the IF flag to its value in the saved contents of the EFLAGS register on the stack.
Accessing a handler procedure through a trap gate does not affect the IF flag.
6.12.2 Interrupt
Tasks
When an exception or interrupt handler is accessed through a task gate in the IDT, a task switch results. Handling
an exception or interrupt with a separate task offers several advantages:
•
The entire context of the interrupted program or task is saved automatically.
•
A new TSS permits the handler to use a new privilege level 0 stack when handling the exception or interrupt. If
an exception or interrupt occurs when the current privilege level 0 stack is corrupted, accessing the handler
through a task gate can prevent a system crash by providing the handler with a new privilege level 0 stack.
•
The handler can be further isolated from other tasks by giving it a separate address space. This is done by
giving it a separate LDT.
The disadvantage of handling an interrupt with a separate task is that the amount of machine state that must be
saved on a task switch makes it slower than using an interrupt gate, resulting in increased interrupt latency.
A task gate in the IDT references a TSS descriptor in the GDT (see Figure 6-5). A switch to the handler task is
handled in the same manner as an ordinary task switch (see Section 7.3, “Task Switching”). The link back to the
interrupted task is stored in the previous task link field of the handler task’s TSS. If an exception caused an error
code to be generated, this error code is copied to the stack of the new task.
When exception- or interrupt-handler tasks are used in an operating system, there are actually two mechanisms
that can be used to dispatch tasks: the software scheduler (part of the operating system) and the hardware sched-
uler (part of the processor's interrupt mechanism). The software scheduler needs to accommodate interrupt tasks
that may be dispatched when interrupts are enabled.