Information Technology Reference
In-Depth Information
the interrupt vector must be a protected register that can only be set when in
kernel-mode.
Interrupt stack
Where should the interrupted process's state be saved and what stack should
the kernel's code use?
On most processors, there is a special, privileged hardware register pointing
to a region of kernel memory called the interrupt stack. When an interrupt,
exception, or trap causes a context switch into the kernel, the hardware changes
the stack pointer to point to the base of the kernel's interrupt stack. The
hardware automatically saves some of the interrupted process's registers by
pushing them onto the interrupt stack, before calling the kernel's handler.
When the kernel handler runs, it can then push any remaining registers onto
the stack before performing the work of the handler. When returning from
the interrupt, exception or trap, the reverse occurs: first we pop the registers
saved by the handler, and then the hardware restores the registers it saved onto
the interrupt stack, returning to the point where the process was interrupted.
(In the case of returning from a system call, the value of the saved program
counter needs to be incremented, so that the hardware returns to the instruction
immediately after the one that caused the trap.)
You might think you could use the process's user-level stack to store its state.
We use a separate kernel-level interrupt stack for two reasons.
First, having a dedicated stack is necessary for reliability: even if the
process is buggy and its stack pointer is not a valid memory address,
kernel handlers can continue to work properly.
Second, having a protected stack is necessary for security: on a multipro-
cessor machine if the kernel handler stored some of its variables on the
user-level process's stack (for example, if the kernel handler did a proce-
dure call), other threads in that process might read or write the kernel's
return address, potentially causing the kernel to jump to arbitrary code
within the kernel.
If the kernel is running on a multiprocessor system, each processor needs to
have its own interrupt stack in the kernel so that, for example, we can handle si-
multaneous traps and exceptions across multiple processors. For each processor,
the kernel allocates a separate region of memory to be used as that processor's
interrupt stack.
Most operating system kernels go one step further and allocate a kernel
interrupt stack for every user-level process (and as we'll see in the next chapter,
every user-level thread).
When a user-level process is running, the hardware
