Retro video games delivered to your door every month!
Click above to get retro games delivered to your door ever month!
X-Hacker.org- iAPx86 - Norton Guide http://www.X-Hacker.org [<<Previous Entry] [^^Up^^] [Next Entry>>] [Menu] [About The Guide] 

TSS - Task State Segment

    A TSS is a data structure that holds the state of a task's virtual
    processor. The TSS is divided into two parts.

    ------------------------------------------------------------------

    The first class of information is the dynamic set that the
    processor updates with each switch from the task. This set
    includes the following:

      . The selector of the TSS of the previously executing task (this
        is updated only when a return is expected)
      . Instruction pointer     EIP
      . Flags register          EFLAGS
      . General registers       EAX,ECX,EDX,EBX,ESP,EBP,ESI,EDI
      . Segment registers       ES,CS,SS,DS,FS,GS

    ------------------------------------------------------------------

    The second class of information in the TSS is a static set that
    the processor reads but does not change. This set includes fields
    that store the following:

      . The stack definitions for level 0, 1, or 2 interrupt handlers
        that are to execute in the task's environment.
      . The selector of the task's LDT
      . The debug trap bit, T-bit, which causes the 80386 to raise a
        debug exception when a task switch occurs
      . The I/O map base

    ------------------------------------------------------------------

    A TSS may reside anywhere in the linear address space. The single
    caution is when the TSS spans a page boundary and the higher-
    addressed page is not present (exception generated).

    When creating a new task, the operating system creates the TSS and
    initializes it to the values that the task should have when it
    begins execution. The information is updated when any of the
    values change.

                Task State Segment
                Offset     [ bits 0..15 ][ bits 16..31 ]
                00h         -> Prev. TSS       rr
                04h                    ESP0
                                 SS0           rr
                0Ch                    ESP1
                                 SS1           rr
                14h                    ESP2
                                 SS2           rr
                1Ch              rr            rr
                20h                    EIP
                24h                   EFLAGS
                28h              EAX,ECX,EDX,EBX
                38h              ESP,EBP,ESI,EDI
                48h              ES            rr
                4Ch              CS            rr
                50h              SS            rr
                54h              DS            rr
                58h              FS            rr
                5Ch              GS            rr
                60h              LDT           rr
                64h          T-bit, rr    I/O Bitmap Base
                   Note: rr = Reserved, must be zero

    ------------------------------------------------------------------

    TSS descriptor
    Like all segments, the TSS is defined by a descriptor. This
    descriptor resides only in the Global Descriptor Table (GDT). An
    attempt to identify a TSS with a selector that has TI=1 (Table
    Indicator flag to indicate the current LDT) generates an exception.
    Also, even if it has access to a TSS descriptor, a procedure does
    not have the right to read or modify the TSS. Reading and changing
    can be done only with another descriptor that redefines the TSS as
    a data segment. An attempt to load a TSS descriptor into any of
    the segment registers causes an exception.

                                             TSS descriptor (80386+)
    
     6               5       5       4       4     4 3             3
     3               5       1       7       3     0 9             2
    +---------------------------------------------------------------+
    | Base 31..24   |G|0|0|A|Seg lim|P|DPL|  Type   | Base 23..16   |
    |               | | | |V| 19..16| |   |0 1 0 B 1|               |
    |-------------------------------+-------------------------------|
    | Base Address 15..0            | Segment Limit 15..0           |
    +---------------------------------------------------------------+
     3               2               1
     1               3               5               7             0


    Tasks are not re-entrant because both the LDT selector and CR3 for
    the task are stored in the TSS. The B-bit (busy) of the TYPE field
    allows the processor to detect an attempt to switch to a task that
    is already busy. A TYPE code of 09h shows the task is not-busy. A
    TYPE code of 0Bh indicates it is busy.

    The BASE, LIMIT, and DPL fields and the G-bit (granularity) and
    P-bit (present) have functions similar to their counterparts in
    data-segment descriptors. The BASE defines the location of the
    segment within the linear address space. The LIMIT defines the
    size of the segment. With the TSS descriptor, the LIMIT must
    contain a value of 103 or higher because the TSS itself requires
    104 bytes. An attempt to switch to a task whose LIMIT has less
    than 103 causes an exception.
See Also: Multitasking Selectors Descriptors Task switch 

Online resources provided by: http://www.X-Hacker.org ---  NG 2 HTML conversion by Dave Pearson