什么是“中断挂接"?意思是? [英] What does "interrupt hooking" mean?

问题描述

我正在阅读 PnP BIOS规范，并迷迷糊糊在以下段落中:

I'm reading the PnP BIOS specification and stumbled across the following paragraph:

积极监控INT 19h引导程序向量

当前的系统BIOS 架构允许选件ROM随意钩住INT 19h.经过 主动监视INT 19h的控制，系统BIOS可能会恢复 控制Bootstrap进程以确保操作系统 是从正确的设备以正确的方式加载的.

The current System BIOS Architecture allows option ROMs to hook INT 19h indiscriminately. By actively monitoring control of INT 19h, the System BIOS may regain control of the Bootstrap process to ensure that the Operating System is loaded from the proper device and in the proper manner.

在第3行中，提到了挂接"中断的可能性.据我所知，这意味着监视中断的发出，例如在每个ISR中调用特殊的通知功能，以使OS跟踪触发的中断.正确吗?
是什么意思?

On line 3, the possibility to "hook" an interrupt is mentioned. As far as I could find out, it means to monitor the issuance of an interrupt like calling a special notification function in every ISR to let the OS keep track of fired interrupts. Is that correct?
What does it mean?

推荐答案

在实模式下触发中断时，CPU将执行转移到该中断的处理程序中，该处理程序在

When interrupts are fired in real mode, the CPU transfers execution to the handler for that interrupt, which is specified in the Interrupt Vector Table.

在这种情况下挂接中断意味着更改中断向量表中条目19h处的地址，以指向其选择的另一个地址.然后，当触发中断19h时，它将从该地址开始执行自己的例程，这很可能还会在返回之前将控制权转移回原始的19h中断处理程序.

To hook an interrupt in this context means to change the address at entry 19h in the Interrupt Vector Table to point to another address of their choice. Then, when interrupt 19h is fired, it would execute their own routine starting at that address, which would likely also transfer control back to the original 19h interrupt handler before returning.

假设中断处理程序位于RAM中，另一种挂接方法将是在处理程序内放置一个内联钩子以处理中断19h.也就是说，可以不理会中断处理程序的地址，而用jmp(或call)替换其自身例程中的处理程序中的一条指令.在这种情况下，还不清楚他们是否也监视这种钩子.

Assuming the interrupt handler is located in RAM, another approach to hooking would be to place an inline hook within the handler for interrupt 19h. That is, one could leave the address of the interrupt handler alone, but replace one of the instructions in the handler with a jmp (or call) to their own routine. It is unclear in this context if they also monitor for this type of hooking.

浏览文档后，看来钩子的第一种样式就是他们在说什么.

...如果系统BIOS知道IPL设备，则 确保中断19h仍由系统BIOS控制. 如果没有，请重新捕获中断19h并保存向量 ...

... If the IPL device is known to the system BIOS, then ensure that interrupt 19h is still controlled by the system BIOS. If not, recapture interrupt 19h and save the vector ...

...如果操作系统无法加载，并且以前的ISA选项ROM 控制了中断19h向量，然后将中断19h向量恢复到ISA选项ROM ，然后重新执行Interrupt 19h引导程序加载器...

... If the operating system fails to load and a previous ISA option ROM had control of the interrupt 19h vector, then restore the interrupt 19h vector to the ISA option ROM and re-execute the Interrupt 19h bootstrap loader ...

因此，基本上在引导过程的特定部分，他们检查以查看ROM是否已针对中断19h修改了处理程序.如果修改后，他们将保存新处理程序的地址(可以选择稍后运行)，然后将原始处理程序放回IVT.

So, basically at a specific part of the boot process, they check to see if an option ROM has modified the handler for interrupt 19h. If it is modified, they save the address of the new handler (which they may choose to run later) and put the original handler back into the IVT.

这篇关于什么是“中断挂接"?意思是?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！