From f37b615dd644f82ea1f12dd5b7303b6fff5866cd Mon Sep 17 00:00:00 2001 From: _xeroxz Date: Tue, 16 Feb 2021 02:50:33 +0000 Subject: [PATCH] Update README.md --- README.md | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index abd1a99..37513c7 100644 --- a/README.md +++ b/README.md @@ -39,7 +39,7 @@ forward to guest controlled interrupt handlers such as #DB and interrupt handler These stacks are used by bluepills interrupt routines. This is not required at all but I felt I should go the extra mile here and setup dedicated stacks for my interrupt handlers in the off chance that RSP contains an invalid address when a page fault, division error, or general protection error happens. -##### GDT +##### GDT - Global Descriptor Table The host GDT is 1:1 with the guest GDT except firstly, a different, host controlled page is used for each cores GDT. Secondly the TR segment base address is updated to reflect the new TSS (which is also 1:1 with the guest TSS but on a new page). @@ -55,4 +55,12 @@ _sgdt(&gdt_value); memcpy(vcpu->gdt, (void*)gdt_value.base_address, PAGE_SIZE); ``` -##### TSS \ No newline at end of file +##### TSS - Task State Segment + +The host TSS is 1:1 with the guest TSS except that there are additional interrupt stack table entries. When an exception happens and execution is redirected to an interrupt handler, the address +in RSP cannot ***always*** be trusted. Therefore, ***especially*** on privilege level changes, RSP will be changed with a predetermined valid stack (which is located in the TSS). However if an exception happens and there is no privilege change (say you have an exception in ring-0), +RSP ***might not*** need to be changed as there is not a risk of privilege escalation. An OS (and type-2 hypervisor) designer can determine how they want RSP to be handled by the CPU by configuring interrupt descriptor table entries accordingly. In an interrupt descriptor table entry there is a bit field for interrupt stack table index. + +###### IST - Interrupt Stack Table +This interrupt stack table is located inside of the TSS. Bluepill interrupt routines have their own stack, this is the only change done to the TSS. IST entries zero through three are used by windows interrupt routines and entries four through six are used by Bluepill. +