lesson22 by huanghengdong


									Interrupts in the guest VM

   A look at the steps needed to
“reflect” hardware interrupts back
 into the ROM-BIOS for servicing
            The VME-bit in CR4
• Our VMX demo-program set the VME-bit
  (bit #0) in Guest‟s Control Register CR4
 31                   13                          5   4          0
                      V                           P P            V
                      X                           A S            M
                      E                           E E            E

        VME (Virtual-8086 Extensions): 1=on, 0=off
        PSE (Page-Size Extensions): 1=on, 0=off
        PAE (Page-Address Extensions): 1=on, 0=off
        VMXE (Virtual Machine eXtensions Enabled): 1=yes, 0=no
 Virtual-8086 Mode Extensions
• Software interrupt instructions (int $nn) will
  selectively be directed either to IDT-gates
  or to IVT-vectors, depending on a „bitmap‟
  located within the Task-State Descriptor
• This „interrupt redirection bitmap‟ has 256
  bits (one for each 8-bit interrupt-number)
• Its location within the TSS is immediately
  ahead of the I/O Permission Bitmap
     Interrupt-redirection Bitmap
                                                                 TSS base

                     25 longwords

                                                    1 = interrupt is directed to IDT
                                                    0 = interrupt is directed to IVT
                                                   Interrupt-redirection Bitmap
                                        256 bits
                                                    256-bits ( = 32 longwords)

= ‘IOMAP’ field (at offset 0x66)
                                         bits       I/O-Permission Bitmap
= interrupt-redirection bitmap                     65536-bits ( = 8192 bytes)
= I/O-permission bitmap

                                 Task-State Segment
        Software INTs Only!
• The interrupt-redirection bitmap does NOT
  affect any „hardware‟ interrupts – they are
  serviced by the interrupt-handlers whose
  entry-points are specified within the gate-
  descriptors that comprise the IDT
• How can the Guest VM in our VMX demo-
  program handle the „hardware‟ interrupts
  generated by the peripheral devices?
   We‟ll modify our VMX demo
• One change to „vmxstep3.s‟:
  guest_RFLAGS: 0x00023202      # IF=1, IOPL=3

• One change to „vmxdemo.s‟:
  in $0x21, %al    # get master-PIC‟s mask
  or $0x10, %al    # mask UART interrupt
  out %al, $0x21   # set master-PIC‟s mask
       Modify „guest_isrGPF‟
• We introduce a major modification into the
  guest‟s General Protection Fault-handler,
  to “reflect” external device-interrupts back
  to „real-mode‟ code in the ROM-BIOS that
  will be executed in „Virtual-8086 mode‟
• The steps needed to do this are based on
  „emulating‟ the CPU‟s usual response to
  an external interrupt in 8086 real-mode
       CPU‟s interrupt-response
•   Push FLAGS register onto the stack
•   Clear IF and TF bits in FLAGS register
•   Push CS and IP registers onto the stack
•   Acquire the device‟s interrupt-ID number
•   Lookup that ID-number‟s interrupt-vector
•   Put that vector‟s „loword‟ into IP register
•   Put that vector‟s „hiword‟ into CS register
•   Then resume CPU‟s fetch-execute cycle
31          21 20 19 18   17 16   14 13 12 11 10   9   8   7   6   4       2      0

              V V
            I     A V R   N I/O O D I T S Z   A   P   C
              I I       0                   0   0   1
            D     C M F   T PL F F F F F F    F   F   F
              P F

                                                           IF (Interrupt-Flag):
     VM (Virtual-8086 Mode):                                  1=on, 0=off
         1=on, 0=off

         IOPL (Input/Output Permission-Level):
             =00 (only ring0 can execute „in‟ and ‟out‟)
             =01 (ring0 and ring1 can execute „in‟ and „out‟)
             =10 (ring0, ring1, ring2 can execute „in‟ and „out‟)
             =11 (ring0, ring1, ring2, ring3 can execute „in‟ and „out‟)

        NOTE: Virtual-8086 mode operates at the „ring3‟ privilege-level
                          PIC masks
• Each Programmable Interrupt Controller
  has a „mask register‟ that allows blocking
  of the interrupts from specific devices

                  I   I   I   I   I   I   I   I
   Master-PIC     R   R   R   R   R   R   R   R
                  Q   Q   Q   Q   Q   Q   Q   Q   I/O Port 0x21
  mask-register   7   6   5   4   3   2   1   0

                  I   I   I   I   I   I   I   I
   Slave-PIC      R   R   R   R   R   R   R   R   I/O Port 0xA1
                  Q   Q   Q   Q   Q   Q   Q   Q
  mask-register   F   E   D   C   B   A   9   8
              GPF stack-frame
                           SS:SP       ?
                          (before)   FLAGS
                                      IP     SS:SP
SS0:ESP0          error              ring3
           ring0 stack
       GPF error-code
15                                          \3   2   1   0
                                                   I E
               selector-index                      N X
                                                   T T


       EXT (External-event): 1=yes, 0=no
       INT (Interrupt-table): 1=yes, 0=no
       TI (Table-Indicator): 1=LDT, 0=GDT

       Index = Table‟s element-number
              GPF stack-frame
                          Interrupt Vector Table
                  GS         hiword   loword
                  FS         hiword   loword
                             hiword   loword
                             hiword   loword
                  ES         hiword   loword
                  SS         hiword   loword
                  SP         hiword   loword
                             hiword   loword
                             hiword   loword
                  CS         hiword   loword
                   IP        hiword   loword
SS0:ESP0          error      hiword   loword
                             hiword   loword
           ring0 stack       hiword   loword
                             hiword   loword

To top