User's Manual

ManualsBrandsIntel ManualsWebcamIntel Intel Webcam 253668-032US

191

192

193

194

195

196

197

198

199

200

Vol. 3 5-31

PROTECTION

• Stack segment — Computed by adding 24 to the value in IA32_SYSENTER_CS.

• Stack pointer — Reads this from ECX.

The SYSENTER and SYSEXIT instructions preform “fast” calls and returns because

they force the processor into a predefined privilege level 0 state when SYSENTER is

executed and into a predefined privilege level 3 state when SYSEXIT is executed. By

forcing predefined and consistent processor states, the number of privilege checks

ordinarily required to perform a far call to another privilege levels are greatly

reduced. Also, by predefining the target context state in MSRs and general-purpose

registers eliminates all memory accesses except when fetching the target code.

Any additional state that needs to be saved to allow a return to the calling procedure

must be saved explicitly by the calling procedure or be predefined through program

ming conventions.

5.8.7.1 SYSENTER and SYSEXIT Instructions in IA-32e Mode

For Intel 64 processors, the SYSENTER and SYSEXIT instructions are enhanced to

allow fast system calls from user code running at privilege level 3 (in compatibility

mode or 64-bit mode) to 64-bit executive procedures running at privilege level 0.

IA32_SYSENTER_EIP MSR and IA32_SYSENTER_ESP MSR are expanded to hold

64-bit addresses. If IA-32e mode is inactive, only the lower 32-bit addresses stored

in these MSRs are used. If 64-bit mode is active, addresses stored in

IA32_SYSENTER_EIP and IA32_SYSENTER_ESP must be canonical. Note that, in

64-bit mode, IA32_SYSENTER_CS must not contain a NULL selector.

When SYSENTER transfers control, the following fields are generated and bits set:

• Target code segment — Reads non-NULL selector from IA32_SYSENTER_CS.

• New CS attributes — CS base = 0, CS limit = FFFFFFFFH.

• Target instruction — Reads 64-bit canonical address from

IA32_SYSENTER_EIP.

• Stack segment — Computed by adding 8 to the value from

IA32_SYSENTER_CS.

• Stack pointer — Reads 64-bit canonical address from IA32_SYSENTER_ESP.

• New SS attributes — SS base = 0, SS limit = FFFFFFFFH.

When the SYSEXIT instruction transfers control to 64-bit mode user code using

REX.W, the following fields are generated and bits set:

• Target code segment — Computed by adding 32 to the value in

IA32_SYSENTER_CS.

• New CS attributes — L-bit = 1 (go to 64-bit mode).

• Target instruction — Reads 64-bit canonical address in RDX.

• Stack segment — Computed by adding 40 to the value of IA32_SYSENTER_CS.

• Stack pointer — Update RSP using 64-bit canonical address in RCX.