looking for some solutions? You are welcome.

SOLVED: Creating a proper Task State Segment (TSS) structure with and without an IO Bitmap?

Michael Petch:

Reading the documentation between Intel and AMD and looking at code makes it difficult at times to understand how to create a proper Task State Segment (TSS) that has no IO port bitmap (IOBP). There also seems to be confusion over creating a TSS with an IOBP as well since it seems ambiguous as to whether an IO Bitmap (IOBP) requires a trailing 0xff byte.

I'm aware that there are is a dependency between the TSS and a TSS Descriptor (in the GDT). The TSS descriptor governs the base address of the TSS as well as the limit. The limit in the descriptor is one less than the actual size of the structure (similar in nature to the size specified in a GDT and IDT record). The TSS limit comes into play to determine the IOBP size.

I know that:

  • The TSS descriptor limit is one less than the size of the entire TSS structure
  • 16-bit TSS doesn't have an IOBP and the structure is a fixed size
  • The basic 32-bit and 64-bit TSS structures are similar in size (the data has different meaning)
  • the 32-bit TSS can support Control-flow Enforcement by adding an extra DWORD to the base structure.
  • The IOBP offset (word) in the TSS points to an offset relative to the beginning of the Task segment.
  • The IOBP offset points to the beginning of an IOBP structure, and with Virtual Mode Enhancements (VME) enabled the 32 bytes before IOBP are the interrupt redirection table.
  • If VME is not enabled the kernel can place extra per task instance data between the end of the basic TSS structure and the IOBP offset
  • If VME is enabled the kernel can place extra per task instance data between the end of the basic TSS structure and the offset 32 bytes below the IOBP.
  • If there is an IOBP present, each 0 bit is permission for port access and 1 denies permission.

The 32-bit TSS structure can be visualized this way:

enter image description here

The link also contains the layout of the 16-bit TSS and the 64-bit TSS structures.


Questions:

  • If I want a TSS without an IOBP, what value should I fill in for the IOBP offset at +66h?
  • If I want a TSS with an IOBP do I have to add a 0xff byte to the end of the IOBP?
  • In the diagram above why does the extra byte at the end get represented as xxxxx111. If the last byte is suppose to be 0xff wouldn't that be 11111111?


Posted in S.E.F
via StackOverflow & StackExchange Atomic Web Robots
Share:

No comments:

Recent