1 | @c |
---|
2 | @c COPYRIGHT (c) 1988-2002. |
---|
3 | @c On-Line Applications Research Corporation (OAR). |
---|
4 | @c All rights reserved. |
---|
5 | |
---|
6 | @ifinfo |
---|
7 | @end ifinfo |
---|
8 | @chapter Intel/AMD x86 Specific Information |
---|
9 | |
---|
10 | This chapter discusses the Intel x86 architecture dependencies |
---|
11 | in this port of RTEMS. This family has multiple implementations |
---|
12 | from multiple vendors and suffers more from having evolved rather |
---|
13 | than being designed for growth. |
---|
14 | |
---|
15 | For information on the i386 processor, refer to the |
---|
16 | following documents: |
---|
17 | |
---|
18 | @itemize @bullet |
---|
19 | @item @cite{386 Programmer's Reference Manual, Intel, Order No. 230985-002}. |
---|
20 | |
---|
21 | @item @cite{386 Microprocessor Hardware Reference Manual, Intel, |
---|
22 | Order No. 231732-003}. |
---|
23 | |
---|
24 | @item @cite{80386 System Software Writer's Guide, Intel, Order No. 231499-001}. |
---|
25 | |
---|
26 | @item @cite{80387 Programmer's Reference Manual, Intel, Order No. 231917-001}. |
---|
27 | @end itemize |
---|
28 | |
---|
29 | @c |
---|
30 | @c |
---|
31 | @c |
---|
32 | @section CPU Model Dependent Features |
---|
33 | |
---|
34 | This section presents the set of features which vary |
---|
35 | across i386 implementations and are of importance to RTEMS. |
---|
36 | The set of CPU model feature macros are defined in the file |
---|
37 | @code{cpukit/score/cpu/i386/i386.h} based upon the particular CPU |
---|
38 | model specified on the compilation command line. |
---|
39 | |
---|
40 | @subsection bswap Instruction |
---|
41 | |
---|
42 | The macro @code{I386_HAS_BSWAP} is set to 1 to indicate that |
---|
43 | this CPU model has the @code{bswap} instruction which |
---|
44 | endian swaps a thirty-two bit quantity. This instruction |
---|
45 | appears to be present in all CPU models |
---|
46 | i486's and above. |
---|
47 | |
---|
48 | @c |
---|
49 | @c |
---|
50 | @c |
---|
51 | @section Calling Conventions |
---|
52 | |
---|
53 | @subsection Processor Background |
---|
54 | |
---|
55 | The i386 architecture supports a simple yet effective |
---|
56 | call and return mechanism. A subroutine is invoked via the call |
---|
57 | (@code{call}) instruction. This instruction pushes the return address |
---|
58 | on the stack. The return from subroutine (@code{ret}) instruction pops |
---|
59 | the return address off the current stack and transfers control |
---|
60 | to that instruction. It is is important to note that the i386 |
---|
61 | call and return mechanism does not automatically save or restore |
---|
62 | any registers. It is the responsibility of the high-level |
---|
63 | language compiler to define the register preservation and usage |
---|
64 | convention. |
---|
65 | |
---|
66 | @subsection Calling Mechanism |
---|
67 | |
---|
68 | All RTEMS directives are invoked using a call instruction and return to |
---|
69 | the user application via the ret instruction. |
---|
70 | |
---|
71 | @subsection Register Usage |
---|
72 | |
---|
73 | As discussed above, the call instruction does not automatically save |
---|
74 | any registers. RTEMS uses the registers EAX, ECX, and EDX as scratch |
---|
75 | registers. These registers are not preserved by RTEMS directives |
---|
76 | therefore, the contents of these registers should not be assumed upon |
---|
77 | return from any RTEMS directive. |
---|
78 | |
---|
79 | @subsection Parameter Passing |
---|
80 | |
---|
81 | RTEMS assumes that arguments are placed on the |
---|
82 | current stack before the directive is invoked via the call |
---|
83 | instruction. The first argument is assumed to be closest to the |
---|
84 | return address on the stack. This means that the first argument |
---|
85 | of the C calling sequence is pushed last. The following |
---|
86 | pseudo-code illustrates the typical sequence used to call a |
---|
87 | RTEMS directive with three (3) arguments: |
---|
88 | |
---|
89 | @example |
---|
90 | push third argument |
---|
91 | push second argument |
---|
92 | push first argument |
---|
93 | invoke directive |
---|
94 | remove arguments from the stack |
---|
95 | @end example |
---|
96 | |
---|
97 | The arguments to RTEMS are typically pushed onto the |
---|
98 | stack using a push instruction. These arguments must be removed |
---|
99 | from the stack after control is returned to the caller. This |
---|
100 | removal is typically accomplished by adding the size of the |
---|
101 | argument list in bytes to the stack pointer. |
---|
102 | |
---|
103 | @c |
---|
104 | @c |
---|
105 | @c |
---|
106 | |
---|
107 | @section Memory Model |
---|
108 | |
---|
109 | @subsection Flat Memory Model |
---|
110 | |
---|
111 | RTEMS supports the i386 protected mode, flat memory |
---|
112 | model with paging disabled. In this mode, the i386 |
---|
113 | automatically converts every address from a logical to a |
---|
114 | physical address each time it is used. The i386 uses |
---|
115 | information provided in the segment registers and the Global |
---|
116 | Descriptor Table to convert these addresses. RTEMS assumes the |
---|
117 | existence of the following segments: |
---|
118 | |
---|
119 | @itemize @bullet |
---|
120 | @item a single code segment at protection level (0) which |
---|
121 | contains all application and executive code. |
---|
122 | |
---|
123 | @item a single data segment at protection level zero (0) which |
---|
124 | contains all application and executive data. |
---|
125 | @end itemize |
---|
126 | |
---|
127 | The i386 segment registers and associated selectors |
---|
128 | must be initialized when the initialize_executive directive is |
---|
129 | invoked. RTEMS treats the segment registers as system registers |
---|
130 | and does not modify or context switch them. |
---|
131 | |
---|
132 | This i386 memory model supports a flat 32-bit address |
---|
133 | space with addresses ranging from 0x00000000 to 0xFFFFFFFF (4 |
---|
134 | gigabytes). Each address is represented by a 32-bit value and |
---|
135 | is byte addressable. The address may be used to reference a |
---|
136 | single byte, half-word (2-bytes), or word (4 bytes). |
---|
137 | |
---|
138 | @c |
---|
139 | @c |
---|
140 | @c |
---|
141 | |
---|
142 | @section Interrupt Processing |
---|
143 | |
---|
144 | Although RTEMS hides many of the processor |
---|
145 | dependent details of interrupt processing, it is important to |
---|
146 | understand how the RTEMS interrupt manager is mapped onto the |
---|
147 | processor's unique architecture. Discussed in this chapter are |
---|
148 | the the processor's response and control mechanisms as they |
---|
149 | pertain to RTEMS. |
---|
150 | |
---|
151 | @subsection Vectoring of Interrupt Handler |
---|
152 | |
---|
153 | Although the i386 supports multiple privilege levels, |
---|
154 | RTEMS and all user software executes at privilege level 0. This |
---|
155 | decision was made by the RTEMS designers to enhance |
---|
156 | compatibility with processors which do not provide sophisticated |
---|
157 | protection facilities like those of the i386. This decision |
---|
158 | greatly simplifies the discussion of i386 processing, as one |
---|
159 | need only consider interrupts without privilege transitions. |
---|
160 | |
---|
161 | Upon receipt of an interrupt the i386 automatically |
---|
162 | performs the following actions: |
---|
163 | |
---|
164 | @itemize @bullet |
---|
165 | @item pushes the EFLAGS register |
---|
166 | |
---|
167 | @item pushes the far address of the interrupted instruction |
---|
168 | |
---|
169 | @item vectors to the interrupt service routine (ISR). |
---|
170 | @end itemize |
---|
171 | |
---|
172 | A nested interrupt is processed similarly by the |
---|
173 | i386. |
---|
174 | |
---|
175 | @subsection Interrupt Stack Frame |
---|
176 | |
---|
177 | The structure of the Interrupt Stack Frame for the |
---|
178 | i386 which is placed on the interrupt stack by the processor in |
---|
179 | response to an interrupt is as follows: |
---|
180 | |
---|
181 | @ifset use-ascii |
---|
182 | @example |
---|
183 | @group |
---|
184 | +----------------------+ |
---|
185 | | Old EFLAGS Register | ESP+8 |
---|
186 | +----------+-----------+ |
---|
187 | | UNUSED | Old CS | ESP+4 |
---|
188 | +----------+-----------+ |
---|
189 | | Old EIP | ESP |
---|
190 | +----------------------+ |
---|
191 | @end group |
---|
192 | @end example |
---|
193 | @end ifset |
---|
194 | |
---|
195 | @ifset use-tex |
---|
196 | @sp 1 |
---|
197 | @tex |
---|
198 | \centerline{\vbox{\offinterlineskip\halign{ |
---|
199 | \strut\vrule#& |
---|
200 | \hbox to 1.00in{\enskip\hfil#\hfil}& |
---|
201 | \vrule#& |
---|
202 | \hbox to 1.00in{\enskip\hfil#\hfil}& |
---|
203 | \vrule#& |
---|
204 | \hbox to 0.75in{\enskip\hfil#\hfil} |
---|
205 | \cr |
---|
206 | \multispan{4}\hrulefill\cr |
---|
207 | & \multispan{3} Old EFLAGS Register\quad&&ESP+8\cr |
---|
208 | \multispan{4}\hrulefill\cr |
---|
209 | &UNUSED &&Old CS &&ESP+4\cr |
---|
210 | \multispan{4}\hrulefill\cr |
---|
211 | & \multispan{3} Old EIP && ESP\cr |
---|
212 | \multispan{4}\hrulefill\cr |
---|
213 | }}\hfil} |
---|
214 | @end tex |
---|
215 | @end ifset |
---|
216 | |
---|
217 | @ifset use-html |
---|
218 | @html |
---|
219 | <CENTER> |
---|
220 | <TABLE COLS=3 WIDTH="40%" BORDER=2> |
---|
221 | <TR><TD ALIGN=center COLSPAN=2><STRONG>Old EFLAGS Register</STRONG></TD> |
---|
222 | <TD ALIGN=center>0x0</TD></TR> |
---|
223 | <TR><TD ALIGN=center><STRONG>UNUSED</STRONG></TD> |
---|
224 | <TD ALIGN=center><STRONG>Old CS</STRONG></TD> |
---|
225 | <TD ALIGN=center>0x2</TD></TR> |
---|
226 | <TR><TD ALIGN=center COLSPAN=2><STRONG>Old EIP</STRONG></TD> |
---|
227 | <TD ALIGN=center>0x4</TD></TR> |
---|
228 | </TABLE> |
---|
229 | </CENTER> |
---|
230 | @end html |
---|
231 | @end ifset |
---|
232 | |
---|
233 | @subsection Interrupt Levels |
---|
234 | |
---|
235 | Although RTEMS supports 256 interrupt levels, the |
---|
236 | i386 only supports two -- enabled and disabled. Interrupts are |
---|
237 | enabled when the interrupt-enable flag (IF) in the extended |
---|
238 | flags (EFLAGS) is set. Conversely, interrupt processing is |
---|
239 | inhibited when the IF is cleared. During a non-maskable |
---|
240 | interrupt, all other interrupts, including other non-maskable |
---|
241 | ones, are inhibited. |
---|
242 | |
---|
243 | RTEMS interrupt levels 0 and 1 such that level zero |
---|
244 | (0) indicates that interrupts are fully enabled and level one |
---|
245 | that interrupts are disabled. All other RTEMS interrupt levels |
---|
246 | are undefined and their behavior is unpredictable. |
---|
247 | |
---|
248 | @subsection Interrupt Stack |
---|
249 | |
---|
250 | The i386 family does not support a dedicated hardware |
---|
251 | interrupt stack. On this processor, RTEMS allocates and manages |
---|
252 | a dedicated interrupt stack. As part of vectoring a non-nested |
---|
253 | interrupt service routine, RTEMS switches from the stack of the |
---|
254 | interrupted task to a dedicated interrupt stack. When a |
---|
255 | non-nested interrupt returns, RTEMS switches back to the stack |
---|
256 | of the interrupted stack. The current stack pointer is not |
---|
257 | altered by RTEMS on nested interrupt. |
---|
258 | |
---|
259 | @c |
---|
260 | @c |
---|
261 | @c |
---|
262 | |
---|
263 | @section Default Fatal Error Processing |
---|
264 | |
---|
265 | The default fatal error handler for this architecture disables processor |
---|
266 | interrupts, places the error code in EAX, and executes a HLT instruction |
---|
267 | to halt the processor. |
---|
268 | |
---|
269 | @c |
---|
270 | @c |
---|
271 | @c |
---|
272 | |
---|
273 | @section Board Support Packages |
---|
274 | |
---|
275 | @subsection System Reset |
---|
276 | |
---|
277 | An RTEMS based application is initiated when the i386 processor is reset. |
---|
278 | When the i386 is reset, |
---|
279 | |
---|
280 | @itemize @bullet |
---|
281 | |
---|
282 | @item The EAX register is set to indicate the results of the processor's |
---|
283 | power-up self test. If the self-test was not executed, the contents of |
---|
284 | this register are undefined. Otherwise, a non-zero value indicates the |
---|
285 | processor is faulty and a zero value indicates a successful self-test. |
---|
286 | |
---|
287 | @item The DX register holds a component identifier and revision level. DH |
---|
288 | contains 3 to indicate an i386 component and DL contains a unique revision |
---|
289 | level indicator. |
---|
290 | |
---|
291 | @item Control register zero (CR0) is set such that the processor is in real |
---|
292 | mode with paging disabled. Other portions of CR0 are used to indicate the |
---|
293 | presence of a numeric coprocessor. |
---|
294 | |
---|
295 | @item All bits in the extended flags register (EFLAG) which are not |
---|
296 | permanently set are cleared. This inhibits all maskable interrupts. |
---|
297 | |
---|
298 | @item The Interrupt Descriptor Register (IDTR) is set to point at address |
---|
299 | zero. |
---|
300 | |
---|
301 | @item All segment registers are set to zero. |
---|
302 | |
---|
303 | @item The instruction pointer is set to 0x0000FFF0. The first instruction |
---|
304 | executed after a reset is actually at 0xFFFFFFF0 because the i386 asserts |
---|
305 | the upper twelve address until the first intersegment (FAR) JMP or CALL |
---|
306 | instruction. When a JMP or CALL is executed, the upper twelve address |
---|
307 | lines are lowered and the processor begins executing in the first megabyte |
---|
308 | of memory. |
---|
309 | |
---|
310 | @end itemize |
---|
311 | |
---|
312 | Typically, an intersegment JMP to the application's initialization code is |
---|
313 | placed at address 0xFFFFFFF0. |
---|
314 | |
---|
315 | @subsection Processor Initialization |
---|
316 | |
---|
317 | This initialization code is responsible for initializing all data |
---|
318 | structures required by the i386 in protected mode and for actually entering |
---|
319 | protected mode. The i386 must be placed in protected mode and the segment |
---|
320 | registers and associated selectors must be initialized before the |
---|
321 | initialize_executive directive is invoked. |
---|
322 | |
---|
323 | The initialization code is responsible for initializing the Global |
---|
324 | Descriptor Table such that the i386 is in the thirty-two bit flat memory |
---|
325 | model with paging disabled. In this mode, the i386 automatically converts |
---|
326 | every address from a logical to a physical address each time it is used. |
---|
327 | For more information on the memory model used by RTEMS, please refer to the |
---|
328 | Memory Model chapter in this document. |
---|
329 | |
---|
330 | Since the processor is in real mode upon reset, the processor must be |
---|
331 | switched to protected mode before RTEMS can execute. Before switching to |
---|
332 | protected mode, at least one descriptor table and two descriptors must be |
---|
333 | created. Descriptors are needed for a code segment and a data segment. ( |
---|
334 | This will give you the flat memory model.) The stack can be placed in a |
---|
335 | normal read/write data segment, so no descriptor for the stack is needed. |
---|
336 | Before the GDT can be used, the base address and limit must be loaded into |
---|
337 | the GDTR register using an LGDT instruction. |
---|
338 | |
---|
339 | If the hardware allows an NMI to be generated, you need to create the IDT |
---|
340 | and a gate for the NMI interrupt handler. Before the IDT can be used, the |
---|
341 | base address and limit for the idt must be loaded into the IDTR register |
---|
342 | using an LIDT instruction. |
---|
343 | |
---|
344 | Protected mode is entered by setting thye PE bit in the CR0 register. |
---|
345 | Either a LMSW or MOV CR0 instruction may be used to set this bit. Because |
---|
346 | the processor overlaps the interpretation of several instructions, it is |
---|
347 | necessary to discard the instructions from the read-ahead cache. A JMP |
---|
348 | instruction immediately after the LMSW changes the flow and empties the |
---|
349 | processor if intructions which have been pre-fetched and/or decoded. At |
---|
350 | this point, the processor is in protected mode and begins to perform |
---|
351 | protected mode application initialization. |
---|
352 | |
---|
353 | If the application requires that the IDTR be some value besides zero, then |
---|
354 | it should set it to the required value at this point. All tasks share the |
---|
355 | same i386 IDTR value. Because interrupts are enabled automatically by |
---|
356 | RTEMS as part of the initialize_executive directive, the IDTR MUST be set |
---|
357 | properly before this directive is invoked to insure correct interrupt |
---|
358 | vectoring. If processor caching is to be utilized, then it should be |
---|
359 | enabled during the reset application initialization code. The reset code |
---|
360 | which is executed before the call to initialize_executive has the following |
---|
361 | requirements: |
---|
362 | |
---|
363 | For more information regarding the i386 data structures and their |
---|
364 | contents, refer to Intel's 386 Programmer's Reference Manual. |
---|
365 | |
---|