Task-Switching How the x86 processor assists with context-switching among multiple program-threads

Program Model Programs consist of data and instructions Data consists of constants and variables, which may be ‘persistent’ or ‘transient’ Instructions may be ‘private’ or ‘shared’ These observations lead to a conceptual model for the management of programs, and to special processor capabilities that assist in supporting that conceptual model

Conceptual Program-Model TEXT DATA BSS STACK heap runtime library Private Instructions (persistent ) Initialized Data (persistent) Uninitialized Data (persistent) Private Data (transient) Shared Instructions and Data (persistent) created at compile time created during runtime

Task Isolation The CPU is designed to assist the system software in isolating the private portions of one program from those of another while they both are residing in physical memory, while allowing them also to share certain instructions and data in a controlled way This ‘sharing’ includes access to the CPU, whereby the tasks take turns at executing

Multi-tasking TEXT DATA BSS heap STACK TEXT DATA BSS heap STACK shared runtime library user-space (ring3) supervisor-space (ring0) TSS 1TSS 2 Task #1 Task #2 GDTIDT IDTR GDTR CS DS SS SP IP TR

Context-Switching The CPU can perform a ‘context-switch’ to save the current values of all its registers (in the memory-area referenced by the TR register), and to load new values into all its registers (from the memory-area specified by a new Task-State Segment selector) There are four ways to trigger this ‘task- switch’ operation on x86 processors

How to cause a task-switch Use an ‘ljmp’ instruction (long jump): ljmp $task_selector, $0 Use an ‘lcall’ instruction (long call): lcall $task_selector, $0 Use an ‘int-n’ instruction (with a task-gate): int $0x80 Use an ‘iret’ instruction (with NT=1): iret

‘ljmp’ and ‘lcall’ These instructions are similar – they both make use of a ‘selector’ for a Task-State Segment descriptor Base[ ]Limit[ ] Base[31..24] DPLDPL Base[23..16]type0P TSS Descriptor-Format type: 16bitTSS( 0x1=available or 0x3=busy) or 32bitTSS( 0x9=available or 0xB=busy) Limit [19..16] AVLAVL

The two TSS formats Intel introduced the Task-State Segment in the processor (used in IBM-PC/AT) The CPU had a 16-bit architecture Later Intel introduced its processor which had a 32-bit architecture requiring a larger and more elaborate format for its Task-State Segment data-structure The 286 TSS is now considered ‘obsolete’

The TSS format link sp0 ss0 sp1 ss1 sp2 ss2 IP FLAGS AX CX DX BX SP BP SI DI ES CS SS DS LDTR 22 words 16-bits = field is ‘static’ = field is ‘volatile’

The TSS format link esp0 ss0 esp1 ss1 esp2 ss2 PTDB EIP ss0 ES CS SS DS FS GS LDTR IOMAPTRAP EFLAGS EAX ECX EDX EBX ESP EBP ESI EDI I/O permission bitmap = field is ‘static’ = field is ‘volatile’ = field is ‘reserved’ longwords 32-bits

Which to use: ‘ljmp’ or ‘lcall’? Use ‘ljmp’ to switch to a different task in case you have no intention of returning Use ‘lcall’ to switch to a different task in case you want to ‘return’ to this task later The CPU treats ‘ljmp’ and ‘lcall’ differently in regard to the TSS, GDT and EFLAGS

No Task Reentrancy! Since each task has just one ‘save area’ (in its TSS), it must not not be permitted for a task to be recursively reentered! The CPU enforces this prohibition using a ‘busy’ bit within each task’s TSS descriptor Whenever the TR register is loaded with a new selector-value, the CPU checks to be sure the task isn’t already ‘busy’; if it’s not, the task is entered, but gets marked ‘busy’

Task-Nesting But it’s OK for one task to be nested within another, and another, and another… TSS #4 TR LINK current TSS #3 LINK TSS #2 LINK TSS #1 LINK lcall initial TSS

The NT-bit in FLAGS When the CPU switches to a new task via an ‘lcall’ instruction, it sets NT=1 in FLAGS (and it leaves the old TSS marked ‘busy’) The new task can then ‘return’ to the old task by executing an ‘iret’ instruction (the old task is still ‘busy’, so returning to it with an ‘lcall’ or an ‘ljmp’ wouldn’t be possible)

Task-switch Semantics Fieldljmp effectlcall effectiret effect new busy-bitchanges to 1 changes to 1 stays = 1 old busy-bitis clearedstays = 1is cleared new NT-flagIs clearedIs set to 1no change old NT-flagno change is cleared new LINK-fieldno changenew valueno change old LINK-fieldno change

Task-Gate Descriptor It is also possible to trigger a task-switch with a software or hardware interrupt, by using a Task-Gate Descriptor in the IDT Task-State Segment Selector DPLDPL P type (=0x5) 0 Task-Gate Descriptor Format

‘Threads’ versus ‘Tasks’ In some advanced applications, a task can consist of multiple execution-threads Like tasks, threads take turns executing (and thus require ‘context-switching’) CPU doesn’t distinguish between ‘threads’ and ‘tasks’ – context-switching semantics are the same for both Difference lies in ‘sharing’ of data/code

A task with multiple threads CODE 1CODE 2 DATA 1 STACK 1STACK 2 heap TEXT (some shared, some private) DATA (some shared, some private) STACKS (each is thread-private) DATA 2 user-space (ring3) supervisor-space (ring0) TSS 1TSS 2 Each thread has its own TSS-segment

Demo program: ‘twotasks.s’ We have constructed a simple demo that illustrates the CPU task-switching ability It’s one program, but with two threads Everything is in one physical segment, but the segment-descriptors create a number of different overlapping ‘logical’ segments One task is the ‘supervisor’ thread: it ‘calls’ a ‘subordinate’ thread (to print a message)

A thread could use an LDT To support isolation of memory-segments among distinct tasks or threads, the CPU allows use of ‘private’ descriptor-tables Same format for the segment-descriptors But selectors use a Table-Indicator bit Descriptor-table index fieldRPL TITI Format of a segment-selector (16-bits) TI = Table-Indicator (0 = GDT, 1 = LDT) RPL = Requested Privilege-Level

LDT descriptors Each Local Descriptor Table is described by its own ‘system’ segment-descriptor in the Global Descriptor Table Base[ ]Limit[ ] Base[31..24] DPLDPL Base[23..16]type0P LDT Descriptor-Format Type-field: the ‘type’ code for any LDT segment-descriptor is 0x2 Limit [19..16] AVLAVL

In-class Exercise #1 In our ‘twotasks.s’ demo, the two threads will both execute at privilege-level zero An enhanced version of this demo would have the ‘supervisor’ (Thread #1) execute in ring 0 and the ‘subordinate’ (Thread #2) execute in ring 3 Can you modify the demo-program so it incorporates that suggested improvement?

More enhancements? The demo-program could be made much more interesting if it used more than one subordinate thread, and if the supervisor thread took turns repeatedly making calls to each subordinate (i.e., ‘time-sharing’) You can arrange for a thread to be called more than once by using a ‘jmp’ after the ‘iret’ instruction (to re-execute the thread)

In-class Exercise #2 Modify the demo so it has two subordinate threads, each of which prints a message, and each of which can be called again and again (i.e., add a jmp-instruction after iret): begin:; entry-point to the thread... iret jmp begin