chaining interrupts
Download
Report
Transcript chaining interrupts
Chaining Interrupts
Short contents
What does chaining interrupts mean?
TSR programs
Chaining an interrupt example program
Reentrancy problems with DOS
Reentrancy problems with BIOS
The multiplex interrupt (INT 2Fh)
Installing and removing a TSR
Debugging TSRs
Difficulties in chaining interrupts in Windows
What does chaining interrupts
mean?
MS-DOS places at memory address 0000:0000
the interrupt vector table (holds FAR address of
each handler/ISR – Interrupt Service Routine)
Purpose of chaining interrupts: implementing
missing functionalities from the OS, optimizing
BIOS or DOS routines, altering OS behavior
Steps in chaining interrupts:
1)
2)
3)
4)
5)
6)
Writing the new ISR (the new handler);
Saving old handler’s (the original one) address;
Modifying handler’s address in the interrupt vector table;
Calling the new ISR;
Eventually, calling the old ISR;
Restoring the original handler;
Saving old handler’s address
Accessing the interrupt
vector table directly:
oldint77 dd ? ; space for storing old handler’s addr.
…
…
mov es, 0
cli
; deactivate interrupts
mov ax, word ptr es:[4*77h]
mov word ptr cs:oldint77, ax
mov ax, word ptr es:[4*77h+2]
mov word ptr cs:[oldint77+2], ax
sti
; reactivate interrupts
Using DOS function no. 35h:
oldint77 dd ? ; for storing old handler’s address
…
…
mov ax, 3577h ; ES:BX –address of current handler
int 21h
mov word ptr cs:oldint77, bx
mov word ptr cs:[oldint77+2], es
Modifying handler’s address in the
interrupt vector table
Accessing the interrupt vector
table directly :
mov es, 0
cli
mov word ptr es:[4*77h],offset Newhandler
mov word ptr es:[4*77h+2],seg Newhandler
sti
Using DOS function no.
25h:
push ds
mov ax, 2577h
mov dx, seg Newhandler
mov ds, dx
mov dx, offset Newhandler
int 21h
pop ds
Calling the original handler and
returning from the ISR
Calling the old handler, then return in the new
handler:
pushf
; pushing flags on to the stack
call dword ptr cs:oldint77
…
iret
; popf + retf
Calling the old handler, then return in the
application:
jmp dword ptr cs:oldint77
Writing the new ISR
We can not count on (know) the value of any
register except CS and IP
If we modify registers inside the ISR their values
must be saved previously and then restored
prior of returning from the ISR
TSR Programs (Terminate and
Stay Resident)
MS-DOS programs are:
transient : free memory when they terminate execution
resident : does not return all memory back to DOS
TSRs are used for introducing multitasking
functionality into a monotasking OS
Staying resident is done using DOS function no.
31h
TSRs have a transient section (executed once in
the beginning) and a resident one (stays in
memory after completion)
Active TSRs (activated by system generated
hardware interrupts)
TSR-uri pasive (activated by an explicit call)
DOS memory map and TSRs (1)
DOS memory map, no active
application
DOS memory map, one
active application
DOS memory map and TSRs (2)
DOS memory map, one resident
application
DOS memory map with one
resident application and one
transient application
Chaining an interrupt example
program(1)
assume cs:cod
cod segment
org 100h
start:
jmp install
;resident part
message db “Parameters initialized for
COM1 ! $"
minstalled db “Handler already installed $"
Oldip dw ?
Oldcs dw ?
signature db “exemplu rutina"
handler:
;****New handler****
cmp ah,00h
jnz CallOldHandler
push ax
push ds
push dx
mov ah,9h
push cs
pop ds
lea dx,message
int 21h
;uninstall new handler
;mov ax,2514h
;mov dx,word ptr Oldip
;mov ds,word ptr Oldcs
pop dx
pop ds
pop ax
iret
CallOldHandler :
jmp dword ptr Oldip
Chaining an interrupt example
program(2)
install:
; ds:si contains address of signature
;check whether new ISR has already been
; es:si contains address of signature
installed
from the old handler
mov di,si
mov ah,35h
cld
mov al,14h
mov cx,handler-signature
int 21h
repe cmpsb
;in es:bx we have the address of 14h ISR
jne notinstalled
mov word ptr Oldip,bx
mov ah,9h
mov word ptr Oldcs,es
lea dx,minstalled
;compare the addresses of old and new handler int 21h
cmp bx,offset handler
;ending program
jne notinstalled
mov ax,4c01h
;compare signatures
int 21h
push cs
pop ds
lea si,signature
Chaining an interrupt example
program(3)
notinstalled:
mov ah,25h
mov al,14h
push cs
pop ds
lea dx,handler
int 21h
mov ah,31h
mov al,00h
lea dx,install
add dx,15
mov cl,4
shr dx,cl
int 21h
cod ends
end start
Reentrancy problems with DOS
Happens when the current application calls a DOS function
and during the execution of this DOS function an
asynchronous event (e.g. timer interrupt, pressing a key)
occurs which activates a TSR that at his turn calls DOS.
DOS is not reentrant: it does not allow several DOS calls to be
active in the same time
May lead to system hang
In general, the problem does not occur for passive TSRs
InDOS flag on 1 byte(=0 if no DOS call is active, !=0 if a DOS
call is in progress) + DOS function34h (GetInDosFlagAddress)
CritError flag– set when a DOS calls issues a critical error;
error’s details are saved at a fix memory address which gets
overwritten each time
Reentrancy problems with BIOS
Some BIOS interrupts are not reentrant, others
are reentrant
BIOS doesn’t provide an InBIOS flag
For not reentrant BIOS interrupts one can
implement a wrapper ISR to simulate the InBIOS
flag:
int17 proc far
inc CS:InBIOS
pushf
call dword ptr CS:OldInt17
dec CS:InBIOS
iret
int17 endp
The multiplex interrupt(INT 2Fh)
When we install a passive TSR we have to
choose an interrupt vector (number) to patch
into:
We can randomly choose an interrupt vector from the
interrupt vector table
We can choose an interrupt which implements specific
functionality
We can choose the multiplex interrupt, 2Fh
The multiplex interrupt, 2Fh: reserved for
providing a general mechanism for installing,
testing the presence and communicating with a
TSR
Installing and removing a TSR
To check at install time:
The handler is not already installed (using a signature)
The interrupt vector is free (reserved)
To do at uninstall time:
Stop all pending actions of this TSR
Restore all interrupt vectors to their former values
Return all reserved memory back to DOS
[Last two tasks difficult to accomplish]
Exemplifying the aforementioned issues: “TSR
Monitor Tastatura” example, section 6.8, pag.
229, the blue book
Debugging a TSR (1)
Compile and linkedit the TSR (possible with debug
information included).
Load the TSR into TD and execute the transient part
naturally. When this part is executed, the resident part
would be installed into the RAM memory.
Set a breakpoint in the resident part (preferably in the
beginning) with the F2 key (or from the Breakpoints
menu).
Select option File | Resident from the menu in order to
make TD resident. This is done in order to get the DOS
prompter again.
Once we are back to DOS the resident part gets active.
When the program execution gets to the breakpoint, TD
comes back showing the TSR in the respective point. Thus,
debugging this code is then possible. (Coming back to TD
from DOS is done by pressing CTRL-Break twice)
Debugging a TSR (2)
Debugging a TSR (3)
Debugging a TSR (4)
Debugging a TSR (5)
Debugging a TSR (6)
Debugging a TSR (7)
Difficulties in chaining interrupts
in Windows
There are no systems running native MS-DOS
any more
Windows OS emulates a virtual hardware
architecture in which DOS is run
We can not chain interrupts that work with
hardware equipment because this is virtual (e.g.
int 13h for working with the disk, int 10h for
working in graphical mode etc)