1 / 18

NT Kernel

NT Kernel. CS 470 -- Spring 2002. Overview. Interrupts and Exceptions: Trap Handler Interrupt Request Levels and IRT DPC’s, and APC’s System Service Dispatching Exception Dispatching Dispatcher Objects Example: Reading a file. Interrupts vs Exceptions.

deborah-lancaster
Download Presentation

NT Kernel

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. NT Kernel CS 470 -- Spring 2002

  2. Overview • Interrupts and Exceptions: Trap Handler • Interrupt Request Levels and IRT • DPC’s, and APC’s • System Service Dispatching • Exception Dispatching • Dispatcher Objects • Example: Reading a file

  3. Interrupts vs Exceptions • An interrupt is an asynchronous event, one that occurs at a time unrelated to what the processor is executing: I/O device interrupts, clocks, timers, etc. They usually can be enabled or disabled. • An exception is a synchronous event, one that results from the execution of an instruction: memory access violations, debugger instructions, divide-by-zero, etc.

  4. Interrupt & Exception Handling • Wide variety of hardware supported • The kernel provides a uniform interface by transferring control to the trap handler. • The trap handler fills TrapFrame field in _KTHREAD with the execution state of the thread and transfers control to an appropriate kernel or executive module for handling the condition.

  5. Interrupt & Exception Dispatching Trap Handler Interrupt Service Routines Interrupt Dispatcher Interrupt System Service Dispatcher System Service Call System Services Hard/Software Exceptions Exception Dispatcher Exception Handlers Virtual Address Exceptions VM Manager Pager

  6. Interrupt Request Levels • Each processor runs at a particular interrupt request level (IRQL) • Threads running in kernel mode can change their current processor’s IRQL. • Each type of interrupt is associated with a particular IRQL. • Only interrupts at IRQL greater than that of a processor are enabled for that processor.

  7. High Level Power Level Interprocessor Interrupt Level Clock Levels Device Levels n to 1 Dispatch/DPC Level APC Level Low Level Machine check or bus error Power failure (not used) Work request from another processor Clock, kernel profiler I/O Device levels Thread dispatching & DPC’s Asynchronous proc. calls Normal Thread Execution NT Defined IRQL’s IRQL Types of Interrupts

  8. Interrupt Dispatch Table • One IDT per processor • One entry for each IRQL • An entry is a list of interrupt objects which were connected by device drivers • When an interrupt occurs, it is mapped to an IRQL and so to an entry in the table. • Each interrupt object specifies an ISR to handle the interrupt. So several devices can interrupt at the same level.

  9. Software Interrupt Uses • To initiate thread dispatching: For synchronization, kernel runs at DPC level; it requests a dispatch interrupt which will not be serviced until it lowers IRQL. • Handle timer expiration • Asynchronously execute a procedure in the context of a particular thread. For example, asynchronous I/O is done this way.

  10. Deferred Procedure Calls • Handlers can issue deferred procedure calls for non-time critical operations. Timers and the clock interrupt are handled this way. • These are DPC objects which are ly queued per processor, and a DPC interrupt is requested. When IRQL below DPC level, they are executed.

  11. Asynchronous Procedure Calls • APC objects are queued on a per thread queue and an APC level interrupt is requested. • Executes only in a specified thread. • Kernel mode APC’s require no permission, but user mode APC’s execute only if the target thread has declared itself to be alertable (using e.g. WaitForSingleObjectEx or SleepEx) • Asynchronous I/O uses this method.

  12. Dispatcher Header KTHREAD User & kernel times Kernel stack info System service table Thread scheduling info Trap frame Thread Local storage Synchronization info Pending APC list Object Wait List TEB

  13. System Service Dispatching • Uses SYSCALL or INT 0x2e to trap to kernel mode. • _KTHREAD SystemTable field specifies up to four System Service Dispatch Tables, 1K entries per table • Arguments are copied to kernel mode stack to protect them. • Flexible: expansion or modification by changing table entries.

  14. Exception Dispatching • Save trap frame and exception record • LPC to debugger port • Check Frame based handlers • LPC to debugger port • LPC to exception port (monitored by environment subsystem -- e.g. POSIX signals sent this way) • Kernel Default handler -- terminates process -- DrWtsn32.exe

  15. ACCESS_VIOLATION DATATYPE_MISALIGNMENT BREAKPOINT SINGLE_STEP ARRAY_BOUNDS_EXCEEDED FLT_DENORMAL_OPERAND FLT_DIVIDE_BY_ZERO FLT_INEXACT_RESULT FLT_INVALID_OPERATION FLT_OVERFLOW FLT_STACK_CHECK FLT_UNDERFLOW INT_DIVIDE_BY_ZERO INT_OVERFLOW PRIV_INSTRUCTION IN_PAGE_ERROR ILLEGAL_INSTRUCTION NONCONTINUABLE_EXCEPTION STACK_OVERFLOW INVALID_DISPOSITION GUARD_PAGE INVALID_HANDLE Exception Types

  16. Example: Read.c void main(void) { HANDLE hFile; char buffer[256]; DWORD numRead; if ((hFile = CreateFile(“foo.bar”, ...) !=INVALID_HANDLE_VALUE) { if(!ReadFile(hFile, buffer, 256, &numRead, NULL)){ ...} }}

  17. Tracking the Read (1 of 2) • ReadFile called from main • NtReadFile called from ReadFile • Trap handler: System Service Dispatch Table  I/O Manager  Device Driver • Device Driver: queues read job • Interrupt  Trap handler: IDT  Device Driver ISR: Queue DPC

  18. Tracking the Read (2 of 2) • IRQL drops DPC starts disk read • Interrupt  Trap handler: IDT  Device Driver ISR  ISR queues DPC • IRQL drops  DPC checks status, etc. • DPC queues Kernel APC • IRQL drops, Thread runs  APC runs,copies data to user buffer • NtRead returns, ReadFile returns.

More Related