chaining interrupts

Download Chaining Interrupts

If you can't read please download the document

Upload: jens

Post on 09-Jan-2016

53 views

Category:

Documents


2 download

DESCRIPTION

Chaining Interrupts. Short contents. What does chaining interrupts mean? TSR programs Chaining an interrupt example program Reentrancy problems with DOS Reentrancy problems with BIOS The multiplex interrupt (INT 2Fh) Installing and removing a TSR Debugging TSRs - PowerPoint PPT Presentation

TRANSCRIPT

  • Chaining Interrupts

  • Short contentsWhat does chaining interrupts mean?TSR programsChaining an interrupt example programReentrancy problems with DOSReentrancy problems with BIOSThe multiplex interrupt (INT 2Fh)Installing and removing a TSRDebugging TSRsDifficulties in chaining interrupts in Windows

  • What does chaining interrupts mean?MS-DOS places at memory address 0000:0000 the interrupt vector table (holds FAR address of each handler/ISR Interrupt Service Routine)Purpose of chaining interrupts: implementing missing functionalities from the OS, optimizing BIOS or DOS routines, altering OS behaviorSteps in chaining interrupts:Writing the new ISR (the new handler);Saving old handlers (the original one) address;Modifying handlers address in the interrupt vector table;Calling the new ISR;Eventually, calling the old ISR;Restoring the original handler;

  • Saving old handlers addressAccessing the interrupt vector table directly:oldint77 dd ?; space for storing old handlers addr.mov es, 0cli; deactivate interruptsmov ax, word ptr es:[4*77h]mov word ptr cs:oldint77, axmov ax, word ptr es:[4*77h+2]mov word ptr cs:[oldint77+2], axsti ; reactivate interruptsUsing DOS function no. 35h:

    oldint77 dd ?; for storing old handlers addressmov ax, 3577h; ES:BX address of current handlerint 21hmov word ptr cs:oldint77, bxmov word ptr cs:[oldint77+2], es

  • Modifying handlers address in the interrupt vector tableAccessing the interrupt vector table directly :mov es, 0climov word ptr es:[4*77h],offset Newhandlermov word ptr es:[4*77h+2],seg NewhandlerstiUsing DOS function no. 25h:push dsmov ax, 2577hmov dx, seg Newhandlermov ds, dxmov dx, offset Newhandlerint 21hpop ds

  • Calling the original handler and returning from the ISRCalling the old handler, then return in the new handler:pushf; pushing flags on to the stackcall dword ptr cs:oldint77iret ; popf + retfCalling the old handler, then return in the application:jmp dword ptr cs:oldint77

  • Writing the new ISRWe can not count on (know) the value of any register except CS and IPIf we modify registers inside the ISR their values must be saved previously and then restored prior of returning from the ISR

  • TSR Programs (Terminate and Stay Resident)MS-DOS programs are:transient : free memory when they terminate executionresident : does not return all memory back to DOSTSRs are used for introducing multitasking functionality into a monotasking OSStaying resident is done using DOS function no. 31h TSRs have a transient section (executed once in the beginning) and a resident one (stays in memory after completion)Active TSRs (activated by system generated hardware interrupts)TSR-uri pasive (activated by an explicit call)

  • DOS memory map and TSRs (1)DOS memory map, no active applicationDOS memory map, one active application

  • DOS memory map and TSRs (2)DOS memory map, one resident applicationDOS memory map with one resident application and one transient application

  • Chaining an interrupt example program(1)assume cs:codcod segment org 100hstart: jmp install ;resident part message db Parameters initialized for COM1 ! $" minstalled db Handler already installed $" Oldip dw ? Oldcs dw ? signature db exemplu rutina"

    handler: ;****New handler**** cmp ah,00h jnz CallOldHandler push ax push ds push dx mov ah,9h push cs pop ds lea dx,message int 21h ;uninstall new handler ;mov ax,2514h ;mov dx,word ptr Oldip ;mov ds,word ptr Oldcs pop dx pop ds pop ax iret

    CallOldHandler : jmp dword ptr Oldip

  • Chaining an interrupt example program(2)install: ;check whether new ISR has already been installed mov ah,35h mov al,14h int 21h ;in es:bx we have the address of 14h ISR mov word ptr Oldip,bx mov word ptr Oldcs,es ;compare the addresses of old and new handler cmp bx,offset handler jne notinstalled ;compare signatures push cs pop ds lea si,signature; ds:si contains address of signature; es:si contains address of signature from the old handler mov di,si cld mov cx,handler-signature repe cmpsb jne notinstalled mov ah,9h lea dx,minstalled int 21h ;ending program mov ax,4c01h int 21h

  • Chaining an interrupt example program(3)notinstalled: mov ah,25h mov al,14h push cs pop ds lea dx,handler int 21h mov ah,31h mov al,00h lea dx,install add dx,15 mov cl,4 shr dx,cl int 21hcod endsend start

  • Reentrancy problems with DOSHappens when the current application calls a DOS function and during the execution of this DOS function an asynchronous event (e.g. timer interrupt, pressing a key) occurs which activates a TSR that at his turn calls DOS. DOS is not reentrant: it does not allow several DOS calls to be active in the same timeMay lead to system hangIn general, the problem does not occur for passive TSRsInDOS flag on 1 byte(=0 if no DOS call is active, !=0 if a DOS call is in progress) + DOS function34h (GetInDosFlagAddress)CritError flag set when a DOS calls issues a critical error; errors details are saved at a fix memory address which gets overwritten each time

  • Reentrancy problems with BIOSSome BIOS interrupts are not reentrant, others are reentrantBIOS doesnt provide an InBIOS flagFor not reentrant BIOS interrupts one can implement a wrapper ISR to simulate the InBIOS flag:int17 proc farinc CS:InBIOSpushfcall dword ptr CS:OldInt17dec CS:InBIOSiretint17 endp

  • The multiplex interrupt(INT 2Fh)When we install a passive TSR we have to choose an interrupt vector (number) to patch into:We can randomly choose an interrupt vector from the interrupt vector tableWe can choose an interrupt which implements specific functionalityWe can choose the multiplex interrupt, 2FhThe multiplex interrupt, 2Fh: reserved for providing a general mechanism for installing, testing the presence and communicating with a TSR

  • Installing and removing a TSRTo check at install time:The handler is not already installed (using a signature)The interrupt vector is free (reserved) To do at uninstall time:Stop all pending actions of this TSRRestore all interrupt vectors to their former valuesReturn all reserved memory back to DOS[Last two tasks difficult to accomplish]Exemplifying the aforementioned issues: TSR Monitor Tastatura example, section 6.8, pag. 229, the blue book

  • Debugging a TSR (1)Compile and linkedit the TSR (possible with debug information included).Load the TSR into TD and execute the transient part naturally. When this part is executed, the resident part would be installed into the RAM memory.Set a breakpoint in the resident part (preferably in the beginning) with the F2 key (or from the Breakpoints menu).Select option File | Resident from the menu in order to make TD resident. This is done in order to get the DOS prompter again.Once we are back to DOS the resident part gets active.When the program execution gets to the breakpoint, TD comes back showing the TSR in the respective point. Thus, debugging this code is then possible. (Coming back to TD from DOS is done by pressing CTRL-Break twice)

  • Debugging a TSR (2)

  • Debugging a TSR (3)

  • Debugging a TSR (4)

  • Debugging a TSR (5)

  • Debugging a TSR (6)

  • Debugging a TSR (7)

  • Difficulties in chaining interrupts in WindowsThere are no systems running native MS-DOS any moreWindows OS emulates a virtual hardware architecture in which DOS is runWe can not chain interrupts that work with hardware equipment because this is virtual (e.g. int 13h for working with the disk, int 10h for working in graphical mode etc)