views:

2492

answers:

10
+3  Q: 

What is INT 21h?

Inspired by this question

http://stackoverflow.com/questions/1237489/how-can-i-force-gdb-to-disassemble

I wondered about the INT 21h as a concept. Now, I have some very rusty knowledge of the internals, but not so many details. I remember that in C64 you had regular Interrupts and Non Maskable Interrupts, but my knowledge stops here. Could you please give me some clue ? Is it a DOS related strategy ?

+5  A: 

From here: A multipurpose DOS interrupt used for various functions including reading the keyboard and writing to the console and printer. It was also used to read and write disks using the earlier File Control Block (FCB) method.

Otávio Décio
+2  A: 

The INT instruction is a software interrupt. It causes a jump to a routine pointed to by an interrupt vector, which is a fixed location in memory. The advantage of the INT instruction is that is only 2 bytes long, as oposed to maybe 6 for a JMP, and that it can easily be re-directed by modifying the contents of the interrupt vector.

anon
+3  A: 

Ralph Brown's interrupt list contains a lot of information on which interrupt does what. int 21, like all others, supports a wide range of functionality depending on register values.

A non-HTML version of Ralph Brown's list is also available.

Sinan Ünür
+1  A: 

This is a geat link from The Art of Assembly Language Programming about interrupts:

Chapter 17 - Interrupt Structure and Interrupt Service Routines

Dana Holt
+5  A: 
Adam Rosenfield
There is nothing special about the interrupt vectors (you can use them in your own ordinary usermode code, if you wish), and an INT instruction does not magically switch you into (or out of) protected or kernel mode.
anon
The LIDT instruction is privileged, so user code cannot install its own interrupt handlers. The IDT selector specifies the code segment, which in turn specifies the privilege level of the interrupt handler, so yes, if the kernel wanted to, it could set up an IDT with interupts handled in user mode, but that is rarely done in practice.
Adam Rosenfield
LIDT is a 286 (andd later) instruction. The question was about the DOS INT 21 instruction, which worked (works?) on non-protected mode processors such as the 8088 abd 8086.
anon
Could you please make an example of instructions that cannot be used in user mode?
Stefano Borini
This answer is confused and inaccurate. Protected mode is a broad processor state that supports different security levels (usually called "kernel mode" and "user mode"). DOS runs in real mode (the opposite of protected mode), where any running program CAN call into the kernel anywhere it wants.
Artelius
-1 as `int 21h` is a DOS interrupt. DOS is a real mode "OS" and has nothing to do with kernel or protected mode.
John Saunders
-1 because answer is confused and inaccurate.
snemarch
+2  A: 

Int 0x21 is an x86 software interrupt - basically that means there is an interrupt table at a fixed point in memory listing the addresses of software interrupt functions. When an x86 CPU receives the interrupt opcode (or otherwise decides that a particular software interrupt should be executed), it references that table to execute a call to that point (the function at that point must use iret instead of ret to return).

It is possible to remap Int 0x21 and other software interrupts (even inside DOS though this can have negative side effects). One interesting software interrupt to map or chain is Int 0x1C (or 0x08 if you are careful), which is the system tick interrupt, called 18.2 times every second. This can be used to create "background" processes, even in single threaded real mode (the real mode process will be interrupted 18.2 times a second to call your interrupt function).

On the DOS operating system (or a system that is providing some DOS emulation, such as Windows console) Int 0x21 is mapped to what is effectively the DOS operating systems main "API". By providing different values to the AH register, different DOS functions can be executed such as opening a file (AH=0x3D) or printing to the screen (AH=0x09).

David
Windows console doesn't do DOS emulation - console mode apps are fully-fledged 32bit windows applications. `command.com != cmd.exe` :) - 32bit Windows versions has NTVDM, though, which offers DOS emulation.
snemarch
+1  A: 

It's a "software interrupt"; so not a hardware interrupt at all.

When an application invokes a software interrupt, that's essentially the same as its making a subroutine call, except that (unlike a subroutine call) the doesn't need to know the exact memory address of the code it's invoking.

System software (e.g. DOS and the BIOS) expose their APIs to the application as software interrupts.

The software interrupt is therefore a kind of dynamic-linking.

ChrisW
+1  A: 

DOS can be thought of as a library used to provide a files/directories abstraction for the PC (-and a bit more). int 21h is a simple hardware "trick" that makes it easy to call code from this library without knowing in advance where it will be located in memory. Alternatively, you can think of this as the way to utilise the DOS API.

Now, the topic of software interrupts is a complex one, partly because the concepts evolved over time as Intel added features to the x86 family, while trying to remain compatible with old software. A proper explanation would take a few pages, but I'll try to be brief.

The main question is whether you are in real mode or protected mode.

Real mode is the simple, "original" mode of operation for the x86 processor. This is the mode that DOS runs in (when you run DOS programs under Windows, a real mode processor is virtualised, so within it the same rules apply). The currently running program has full control over the processor.

In real mode, there is a vector table that tells the processor which address to jump to for every interrupt from 0 to 255. This table is populated by the BIOS and DOS, as well as device drivers, and sometimes programs with special needs. Some of these interrupts can be generated by hardware (e.g. by a keypress). Others are generated by certain software conditions (e.g. divide by 0). Any of them can be generated by executing the int n instruction.

Programs can set/clear the "enable interrupts" flag; this flag affects hardware interrupts only and does not affect int instructions.

The DOS designers chose to use interrupt number 21h to handle DOS requests - the number is of no real significance: it was just an unused entry at the time. There are many others (number 10h is a BIOS-installed interrupt routine that deals with graphics, for instance). Also note that all this is for IBM PC compatibles only. x86 processors in say embedded systems may have their software and interrupt tables arranged quite differently!

Protected mode is the complex, "security-aware" mode that was introduced in the 286 processor and much extended on the 386. It provides multiple privilege levels. The OS must configure all of this (and if the OS gets it wrong, you have a potential security exploit). User programs are generally confined to a "minimal privilege" mode of operation, where trying to access hardware ports, or changing the interrupt flag, or accessing certain memory regions, halts the program and allows the OS to decide what to do (be it terminate the program or give the program what it seems to want).

Interrupt handling is made more complex. Suffice to say that generally, if a user program does a software interrupt, the interrupt number is not used as a vector into the interrupt table. Rather a general protection exception is generated and the OS handler for said exception may (if the OS is design this way) work out what the process wants and service the request. I'm pretty sure Linux and Windows have in the past (if not currently) used this sort of mechanism for their system calls. But there are other ways to achieve this, such as the SYSENTER instruction.

Artelius
A: 

To be precise, here's the direct link to R. Brown's INT 21H command list: http://www.ctyme.com/intr/int-21.htm

trusktr
A: 

Actually, there are a lot of concepts here. Let's start with the basics.

An interrupt is a mean to request attention from the CPU, to interrupt the current program flow, jump to an interrupt handler (ISR - Interrupt Service Routine), do some work (usually by the OS kernel or a device driver) and then return.

What are some typical uses for interrupts?

  • Hardware interrupts: A device requests attention from the CPU by issuing an interrupt request.
  • CPU Exceptions: If some abnormal CPU condition happens, such as a division by zero, a page fault, ... the CPU jumps to the corresponding interrupt handler so the OS can do whatever it has to do (send a signal to a process, load a page from swap and update the TLB/page table, ...).
  • Software interrupts: Since an interrupt ends up calling the OS kernel, a simple way to implement system calls is to use interrupts. But you don't need to, in x86 you could use a call instruction to some structure (some kind of TSS IIRC), and on newer x86 there are SYSCALL / SYSENTER intructions.

CPUs decide where to jump to looking at a table (exception vectors, interrupt vectors, IVT in x86 real mode, IDT in x86 protected mode, ...). Some CPUs have a single vector for hardware interrupts, another one for exceptions and so on, and the ISR has to do some work to identify the originator of the interrupt. Others have lots of vectors, and jump directly to very specific ISRs.

x86 has 256 interrupt vectors. On original PCs, these were divided into several groups:

  • 00-04 CPU exceptions, including NMI. With later CPUs (80186, 286, ...), this range expanded, overlapping with the following ranges.
  • 08-0F These are hardware interrupts, usually referred as IRQ0-7. The PC-AT added IRQ8-15
  • 10-1F BIOS calls. Conceptually, these can be considered system calls, since the BIOS is the part of DOS that depends on the concrete machine (that's how it was defined in CP/M).
  • 20-2F DOS calls. Some of these are multiplexed, and offer multitude of functions. The main one is INT 21h, which offers most of DOS services.
  • 30-FF The rest, for use by external drivers and user programs.
ninjalj