Search code examples
assemblyx86intelinterrupt

Can software interrupt `int` instruction be used to trigger a hardware interrupt handler?

This might be a trivial question, but i cannot easily find an answer online.

Can the software interups int instruction (in Intel processors) be used to trigger any interrupt handler, including those that respond to hardware interrupts? If yes, is this used in practice?

Solution

  • In the Intel IA-32 and x86-64 architectures, the Interrupt Descriptor Table (IDT) has a Descriptor privilege level (DPL) field for each entry, which defines the CPU Privilege Levels (CPL) that are allowed to access that interrupt handler via the INT instruction (software interrupts). Hardware interrupts coming from devices ignore this mechanism.

    The Linux operating system kernel initializes all the entries of the IDT while initializing the system. (I presume other operating systems do the same in their own fashion.)

    The INT instruction allows a User Mode process to issue an interrupt signal that has an arbitrary vector ranging from 0 to 255. Therefore, initialization of the IDT must be done carefully, to block illegal interrupts and exceptions simulated by User Mode processes via INT instructions. This can be achieved by setting the DPL field of the IDT entry to 0 (this is ring 0, i.e. kernel mode). If the process attempts to issue one of these interrupt signals, the control unit checks the CPL value against the DPL field and issues a General Protection Fault (interrupt vector number 13).

    In a few cases, however, a User Mode process needs to be able to issue a programmed exception. To allow this, it is sufficient to set the DPL field of the corresponding IDT entry to 3 (ring 3, i.e. userspace). The four Linux exception handlers associated with the vectors 3, 4, 5, and 128 can be issued in User Mode because their IDT entries have the DPL field set to 3. Therefore, the four assembly language instructions INT3 (Breakpoint: interrupt number 3), INTO (Overflow: interrupt number 4), BOUND (Bounds range exceeded: INT 0x05), and INT 0x80 (for system calls) can be issued by User Mode processes.

    The interrupt handlers for all other vectors are privileged and their corresponding INT instructions are considered privileged instructions that can only be executed by the kernel itself, running with CPL 0. What I'm not sure of is whether, in practice, the kernel itself executes INT instructions to call various interrupt handlers.