8 fast system calls in 64-bit mode – Intel IA-32 User Manual
Page 160
4-30 Vol. 3A
PROTECTION
When SYSEXIT transfers control to compatibility mode user code when the operand size
attribute is 32 bits, the following fields are generated and bits set:
•
Target code segment — Computed by adding 16 to the value in IA32_SYSENTER_CS.
•
New CS attributes — L-bit = 0 (go to compatibility mode).
•
Target instruction — Fetch the target instruction from 32-bit address in EDX.
•
Stack segment — Computed by adding 24 to the value in IA32_SYSENTER_CS.
•
Stack pointer — Update ESP from 32-bit address in ECX.
4.8.8
Fast System Calls in 64-bit Mode
The SYSCALL and SYSRET instructions are designed for operating systems that use a flat
memory model (segmentation is not used). The instructions, along with SYSENTER and
SYSEXIT, are suited for IA-32e mode operation. SYSCALL and SYSRET, however, are not
supported in compatibility mode. Use CPUID to check if SYSCALL and SYSRET are available
(CPUID.80000001H.EDX[bit 11] = 1).
SYSCALL is intended for use by user code running at privilege level 3 to access operating
system or executive procedures running at privilege level 0. SYSRET is intended for use by
privilege level 0 operating system or executive procedures for fast returns to privilege level 3
user code.
Stack pointers for SYSCALL/SYSRET are not specified through model specific registers. The
clearing of bits in RFLAGS is programmable rather than fixed. SYSCALL/SYSRET save and
restore the RFLAGS register.
For SYSCALL, the processor saves the RIP of the instruction in RCX and gets the privilege
level 0 target instruction and stack pointer from:
•
Target code segment — Reads a non-NULL selector from IA32_STAR[47:32].
•
Target instruction — Reads a 64-bit canonical address from IA32_LSTAR.
•
Stack segment — Computed by adding 8 to the value in IA32_STAR[47:32].
•
System flags — The processor uses a mask derived from IA32_FMASK to perform a
logical-AND operation with the lower 32-bits of RFLAGS. The result is saved into R11.
The mask is the complement of the value supplied by privileged executives using the
IA32_FMASK MSR.