page-139

3.5 Implementing Memory Protection

the code segment descriptor to specify a handling routine for the interrupt/

trap in linear address space. So, although they live in the IDT, both the

interrupt-gate and trap-gate descriptors end up using entries in the GDT to

specify code segments.

The only real difference between interrupt-gate descriptors and trap-gate

descriptors lies in how the processor manipulates the IF in the EFLAGS register.

Specifically, when an interrupt handling routine is accessed using an inter¬

rupt-gate descriptor, the processor clears the IF. Trap gates, in contrast, do not

require the IF to be altered.

With regard to privilege-level checks for interrupt and trap handling routines,

the CPL of the program invoking the handling routine must be less than or

equal to the DPL of the interrupt or trap gate. This condition only holds when

the handling routine is invoked by software (e.g., the INT instruction). In

addition, as with call gates, the DPL of the segment descriptor pointing to the

handling routine's code segment must be less than or equal to the CPL.

The Protected-Mode Interrupt Table

In real mode, the location of interrupt handlers was stored in the interrupt

vector table (IVT), an array of 256 far pointers (16-bit segment and offset

pairs) that populated the very bottom 1,024 bytes of memory. In protected

mode, the IVT is supplanted by the interrupt descriptor table (IDT). The

IDT stores an array of 64-bit gate descriptors. These gate descriptors may be

interrupt-gate descriptors, trap-gate descriptors, and task-gate descriptors (we

won't cover task-gate descriptors).

Unlike the IVT, the IDT may reside anywhere in linear address space. The

32-bit base address of the IDT is stored in the 48-bit IDTR register (in bits 16

through 47). The size limit of the IDT, in bytes, is stored in the lower word of

the IDTR register (bits 0 through 15). The LIDT instrucdon can be used to set

the value in the IDTR register, and the SIDT instruction can be used to read the

value in the IDTR register.

The size limit might not be what you think it is. It's actually a byte offset

from the base address of the IDT to the last entry in the table, such that an

IDT with N entries will have its size limit set to (8(N-1)). If a vector beyond

the size limit is referenced, the processor generates a general-protection

(#GP) exception.

Parti I 109