index.html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  <meta http-equiv="Content-Style-Type" content="text/css" />
  <meta name="generator" content="pandoc" />
  <meta name="author" content="Erik Helin, Adam Renberg" />
  <title>The little book about OS development</title>
  <style type="text/css">
table.sourceCode, tr.sourceCode, td.lineNumbers, td.sourceCode {
  margin: 0; padding: 0; vertical-align: baseline; border: none; }
table.sourceCode { width: 100%; line-height: 100%; }
td.lineNumbers { text-align: right; padding-right: 4px; padding-left: 4px; color: #aaaaaa; border-right: 1px solid #aaaaaa; }
td.sourceCode { padding-left: 5px; }
code > span.kw { color: #007020; font-weight: bold; }
code > span.dt { color: #902000; }
code > span.dv { color: #40a070; }
code > span.bn { color: #40a070; }
code > span.fl { color: #40a070; }
code > span.ch { color: #4070a0; }
code > span.st { color: #4070a0; }
code > span.co { color: #60a0b0; font-style: italic; }
code > span.ot { color: #007020; }
code > span.al { color: #ff0000; font-weight: bold; }
code > span.fu { color: #06287e; }
code > span.er { color: #ff0000; font-weight: bold; }
  </style>
  <link rel="stylesheet" href="book.css" type="text/css" />
</head>
<body>
<div id='wrapper'>
<div id="header">
<h1 class="title">The little book about OS development</h1>
<h2 class="author">Erik Helin, Adam Renberg</h2>
</div>
<div class="subheader">
<a href="https://github.com/littleosbook/littleosbook/">2015-01-19 | Commit: fe83e27dab3c39930354d2dea83f6d4ee2928212</a>
<a class="pdflink" href="book.pdf" title="PDF version">PDF version</a>
</div>
<div id='content'>
<div id="TOC">
<h1>Contents</h1>
<ul>
<li><a href="#introduction"><span class="toc-section-number">1</span> Introduction</a><ul>
<li><a href="#about-the-book"><span class="toc-section-number">1.1</span> About the Book</a></li>
<li><a href="#the-reader"><span class="toc-section-number">1.2</span> The Reader</a></li>
<li><a href="#credits-thanks-and-acknowledgements"><span class="toc-section-number">1.3</span> Credits, Thanks and Acknowledgements</a></li>
<li><a href="#contributors"><span class="toc-section-number">1.4</span> Contributors</a></li>
<li><a href="#changes-and-corrections"><span class="toc-section-number">1.5</span> Changes and Corrections</a></li>
<li><a href="#issues-and-where-to-get-help"><span class="toc-section-number">1.6</span> Issues and where to get help</a></li>
<li><a href="#license"><span class="toc-section-number">1.7</span> License</a></li>
</ul></li>
<li><a href="#first-steps"><span class="toc-section-number">2</span> First Steps</a><ul>
<li><a href="#tools"><span class="toc-section-number">2.1</span> Tools</a><ul>
<li><a href="#quick-setup"><span class="toc-section-number">2.1.1</span> Quick Setup</a></li>
<li><a href="#programming-languages"><span class="toc-section-number">2.1.2</span> Programming Languages</a></li>
<li><a href="#host-operating-system"><span class="toc-section-number">2.1.3</span> Host Operating System</a></li>
<li><a href="#build-system"><span class="toc-section-number">2.1.4</span> Build System</a></li>
<li><a href="#virtual-machine"><span class="toc-section-number">2.1.5</span> Virtual Machine</a></li>
</ul></li>
<li><a href="#booting"><span class="toc-section-number">2.2</span> Booting</a><ul>
<li><a href="#bios"><span class="toc-section-number">2.2.1</span> BIOS</a></li>
<li><a href="#the-bootloader"><span class="toc-section-number">2.2.2</span> The Bootloader</a></li>
<li><a href="#the-operating-system"><span class="toc-section-number">2.2.3</span> The Operating System</a></li>
</ul></li>
<li><a href="#hello-cafebabe"><span class="toc-section-number">2.3</span> Hello Cafebabe</a><ul>
<li><a href="#compiling-the-operating-system"><span class="toc-section-number">2.3.1</span> Compiling the Operating System</a></li>
<li><a href="#linking-the-kernel"><span class="toc-section-number">2.3.2</span> Linking the Kernel</a></li>
<li><a href="#obtaining-grub"><span class="toc-section-number">2.3.3</span> Obtaining GRUB</a></li>
<li><a href="#building-an-iso-image"><span class="toc-section-number">2.3.4</span> Building an ISO Image</a></li>
<li><a href="#running-bochs"><span class="toc-section-number">2.3.5</span> Running Bochs</a></li>
</ul></li>
<li><a href="#further-reading"><span class="toc-section-number">2.4</span> Further Reading</a></li>
</ul></li>
<li><a href="#getting-to-c"><span class="toc-section-number">3</span> Getting to C</a><ul>
<li><a href="#setting-up-a-stack"><span class="toc-section-number">3.1</span> Setting Up a Stack</a></li>
<li><a href="#calling-c-code-from-assembly"><span class="toc-section-number">3.2</span> Calling C Code From Assembly</a><ul>
<li><a href="#packing-structs"><span class="toc-section-number">3.2.1</span> Packing Structs</a></li>
</ul></li>
<li><a href="#compiling-c-code"><span class="toc-section-number">3.3</span> Compiling C Code</a></li>
<li><a href="#build-tools"><span class="toc-section-number">3.4</span> Build Tools</a></li>
<li><a href="#further-reading-1"><span class="toc-section-number">3.5</span> Further Reading</a></li>
</ul></li>
<li><a href="#output"><span class="toc-section-number">4</span> Output</a><ul>
<li><a href="#interacting-with-the-hardware"><span class="toc-section-number">4.1</span> Interacting with the Hardware</a></li>
<li><a href="#the-framebuffer"><span class="toc-section-number">4.2</span> The Framebuffer</a><ul>
<li><a href="#writing-text"><span class="toc-section-number">4.2.1</span> Writing Text</a></li>
<li><a href="#moving-the-cursor"><span class="toc-section-number">4.2.2</span> Moving the Cursor</a></li>
<li><a href="#the-driver"><span class="toc-section-number">4.2.3</span> The Driver</a></li>
</ul></li>
<li><a href="#the-serial-ports"><span class="toc-section-number">4.3</span> The Serial Ports</a><ul>
<li><a href="#configuring-the-serial-port"><span class="toc-section-number">4.3.1</span> Configuring the Serial Port</a></li>
<li><a href="#configuring-the-line"><span class="toc-section-number">4.3.2</span> Configuring the Line</a></li>
<li><a href="#configuring-the-buffers"><span class="toc-section-number">4.3.3</span> Configuring the Buffers</a></li>
<li><a href="#configuring-the-modem"><span class="toc-section-number">4.3.4</span> Configuring the Modem</a></li>
<li><a href="#writing-data-to-the-serial-port"><span class="toc-section-number">4.3.5</span> Writing Data to the Serial Port</a></li>
<li><a href="#configuring-bochs"><span class="toc-section-number">4.3.6</span> Configuring Bochs</a></li>
<li><a href="#the-driver-1"><span class="toc-section-number">4.3.7</span> The Driver</a></li>
</ul></li>
<li><a href="#further-reading-2"><span class="toc-section-number">4.4</span> Further Reading</a></li>
</ul></li>
<li><a href="#segmentation"><span class="toc-section-number">5</span> Segmentation</a><ul>
<li><a href="#accessing-memory"><span class="toc-section-number">5.1</span> Accessing Memory</a></li>
<li><a href="#the-global-descriptor-table-gdt"><span class="toc-section-number">5.2</span> The Global Descriptor Table (GDT)</a></li>
<li><a href="#loading-the-gdt"><span class="toc-section-number">5.3</span> Loading the GDT</a></li>
<li><a href="#further-reading-3"><span class="toc-section-number">5.4</span> Further Reading</a></li>
</ul></li>
<li><a href="#interrupts-and-input"><span class="toc-section-number">6</span> Interrupts and Input</a><ul>
<li><a href="#interrupts-handlers"><span class="toc-section-number">6.1</span> Interrupts Handlers</a></li>
<li><a href="#creating-an-entry-in-the-idt"><span class="toc-section-number">6.2</span> Creating an Entry in the IDT</a></li>
<li><a href="#handling-an-interrupt"><span class="toc-section-number">6.3</span> Handling an Interrupt</a></li>
<li><a href="#creating-a-generic-interrupt-handler"><span class="toc-section-number">6.4</span> Creating a Generic Interrupt Handler</a></li>
<li><a href="#loading-the-idt"><span class="toc-section-number">6.5</span> Loading the IDT</a></li>
<li><a href="#programmable-interrupt-controller-pic"><span class="toc-section-number">6.6</span> Programmable Interrupt Controller (PIC)</a></li>
<li><a href="#reading-input-from-the-keyboard"><span class="toc-section-number">6.7</span> Reading Input from the Keyboard</a></li>
<li><a href="#further-reading-4"><span class="toc-section-number">6.8</span> Further Reading</a></li>
</ul></li>
<li><a href="#the-road-to-user-mode"><span class="toc-section-number">7</span> The Road to User Mode</a><ul>
<li><a href="#loading-an-external-program"><span class="toc-section-number">7.1</span> Loading an External Program</a><ul>
<li><a href="#grub-modules"><span class="toc-section-number">7.1.1</span> GRUB Modules</a></li>
</ul></li>
<li><a href="#executing-a-program"><span class="toc-section-number">7.2</span> Executing a Program</a><ul>
<li><a href="#a-very-simple-program"><span class="toc-section-number">7.2.1</span> A Very Simple Program</a></li>
<li><a href="#compiling"><span class="toc-section-number">7.2.2</span> Compiling</a></li>
<li><a href="#finding-the-program-in-memory"><span class="toc-section-number">7.2.3</span> Finding the Program in Memory</a></li>
<li><a href="#jumping-to-the-code"><span class="toc-section-number">7.2.4</span> Jumping to the Code</a></li>
</ul></li>
<li><a href="#the-beginning-of-user-mode"><span class="toc-section-number">7.3</span> The Beginning of User Mode</a></li>
</ul></li>
<li><a href="#a-short-introduction-to-virtual-memory"><span class="toc-section-number">8</span> A Short Introduction to Virtual Memory</a><ul>
<li><a href="#virtual-memory-through-segmentation"><span class="toc-section-number">8.1</span> Virtual Memory Through Segmentation?</a></li>
<li><a href="#further-reading-5"><span class="toc-section-number">8.2</span> Further Reading</a></li>
</ul></li>
<li><a href="#paging"><span class="toc-section-number">9</span> Paging</a><ul>
<li><a href="#why-paging"><span class="toc-section-number">9.1</span> Why Paging?</a></li>
<li><a href="#paging-in-x86"><span class="toc-section-number">9.2</span> Paging in x86</a><ul>
<li><a href="#identity-paging"><span class="toc-section-number">9.2.1</span> Identity Paging</a></li>
<li><a href="#enabling-paging"><span class="toc-section-number">9.2.2</span> Enabling Paging</a></li>
<li><a href="#a-few-details"><span class="toc-section-number">9.2.3</span> A Few Details</a></li>
</ul></li>
<li><a href="#paging-and-the-kernel"><span class="toc-section-number">9.3</span> Paging and the Kernel</a><ul>
<li><a href="#reasons-to-not-identity-map-the-kernel"><span class="toc-section-number">9.3.1</span> Reasons to Not Identity Map the Kernel</a></li>
<li><a href="#the-virtual-address-for-the-kernel"><span class="toc-section-number">9.3.2</span> The Virtual Address for the Kernel</a></li>
<li><a href="#placing-the-kernel-at-0xc0000000"><span class="toc-section-number">9.3.3</span> Placing the Kernel at <code>0xC0000000</code></a></li>
<li><a href="#higher-half-linker-script"><span class="toc-section-number">9.3.4</span> Higher-half Linker Script</a></li>
<li><a href="#entering-the-higher-half"><span class="toc-section-number">9.3.5</span> Entering the Higher Half</a></li>
<li><a href="#running-in-the-higher-half"><span class="toc-section-number">9.3.6</span> Running in the Higher Half</a></li>
</ul></li>
<li><a href="#virtual-memory-through-paging"><span class="toc-section-number">9.4</span> Virtual Memory Through Paging</a></li>
<li><a href="#further-reading-6"><span class="toc-section-number">9.5</span> Further Reading</a></li>
</ul></li>
<li><a href="#page-frame-allocation"><span class="toc-section-number">10</span> Page Frame Allocation</a><ul>
<li><a href="#managing-available-memory"><span class="toc-section-number">10.1</span> Managing Available Memory</a><ul>
<li><a href="#how-much-memory-is-there"><span class="toc-section-number">10.1.1</span> How Much Memory is There?</a></li>
<li><a href="#managing-available-memory-1"><span class="toc-section-number">10.1.2</span> Managing Available Memory</a></li>
</ul></li>
<li><a href="#how-can-we-access-a-page-frame"><span class="toc-section-number">10.2</span> How Can We Access a Page Frame?</a></li>
<li><a href="#a-kernel-heap"><span class="toc-section-number">10.3</span> A Kernel Heap</a></li>
<li><a href="#further-reading-7"><span class="toc-section-number">10.4</span> Further reading</a></li>
</ul></li>
<li><a href="#user-mode"><span class="toc-section-number">11</span> User Mode</a><ul>
<li><a href="#segments-for-user-mode"><span class="toc-section-number">11.1</span> Segments for User Mode</a></li>
<li><a href="#setting-up-for-user-mode"><span class="toc-section-number">11.2</span> Setting Up For User Mode</a></li>
<li><a href="#entering-user-mode"><span class="toc-section-number">11.3</span> Entering User Mode</a></li>
<li><a href="#using-c-for-user-mode-programs"><span class="toc-section-number">11.4</span> Using C for User Mode Programs</a><ul>
<li><a href="#a-c-library"><span class="toc-section-number">11.4.1</span> A C Library</a></li>
</ul></li>
<li><a href="#further-reading-8"><span class="toc-section-number">11.5</span> Further Reading</a></li>
</ul></li>
<li><a href="#file-systems"><span class="toc-section-number">12</span> File Systems</a><ul>
<li><a href="#why-a-file-system"><span class="toc-section-number">12.1</span> Why a File System?</a></li>
<li><a href="#a-simple-read-only-file-system"><span class="toc-section-number">12.2</span> A Simple Read-Only File System</a></li>
<li><a href="#inodes-and-writable-file-systems"><span class="toc-section-number">12.3</span> Inodes and Writable File Systems</a></li>
<li><a href="#a-virtual-file-system"><span class="toc-section-number">12.4</span> A Virtual File System</a></li>
<li><a href="#further-reading-9"><span class="toc-section-number">12.5</span> Further Reading</a></li>
</ul></li>
<li><a href="#system-calls"><span class="toc-section-number">13</span> System Calls</a><ul>
<li><a href="#designing-system-calls"><span class="toc-section-number">13.1</span> Designing System Calls</a></li>
<li><a href="#implementing-system-calls"><span class="toc-section-number">13.2</span> Implementing System Calls</a></li>
<li><a href="#further-reading-10"><span class="toc-section-number">13.3</span> Further Reading</a></li>
</ul></li>
<li><a href="#multitasking"><span class="toc-section-number">14</span> Multitasking</a><ul>
<li><a href="#creating-new-processes"><span class="toc-section-number">14.1</span> Creating New Processes</a></li>
<li><a href="#cooperative-scheduling-with-yielding"><span class="toc-section-number">14.2</span> Cooperative Scheduling with Yielding</a></li>
<li><a href="#preemptive-scheduling-with-interrupts"><span class="toc-section-number">14.3</span> Preemptive Scheduling with Interrupts</a><ul>
<li><a href="#programmable-interval-timer"><span class="toc-section-number">14.3.1</span> Programmable Interval Timer</a></li>
<li><a href="#separate-kernel-stacks-for-processes"><span class="toc-section-number">14.3.2</span> Separate Kernel Stacks for Processes</a></li>
<li><a href="#difficulties-with-preemptive-scheduling"><span class="toc-section-number">14.3.3</span> Difficulties with Preemptive Scheduling</a></li>
</ul></li>
<li><a href="#further-reading-11"><span class="toc-section-number">14.4</span> Further Reading</a></li>
</ul></li>
</ul>
</div>
<h1 id="introduction"><span class="header-section-number">1</span> Introduction</h1>
<p>This text is a practical guide to writing your own x86 operating system. It is designed to give enough help with the technical details while at the same time not reveal too much with samples and code excerpts. We’ve tried to collect parts of the vast (and often excellent) expanse of material and tutorials available, on the web and otherwise, and add our own insights into the problems we encountered and struggled with.</p>
<p>This book is not about the theory behind operating systems, or how any specific operating system (OS) works. For OS theory we recommend the book <em>Modern Operating Systems</em> by Andrew Tanenbaum <span class="citation">[1]</span>. Lists and details on current operating systems are available on the Internet.</p>
<p>The starting chapters are quite detailed and explicit, to quickly get you into coding. Later chapters give more of an outline of what is needed, as more and more of the implementation and design becomes up to the reader, who should now be more familiar with the world of kernel development. At the end of some chapters there are links for further reading, which might be interesting and give a deeper understanding of the topics covered.</p>
<p>In <a href="#first-steps">chapter 2</a> and <a href="#getting-to-c">3</a> we set up our development environment and boot up our OS kernel in a virtual machine, eventually starting to write code in C. We continue in <a href="#output">chapter 4</a> with writing to the screen and the serial port, and then we dive into segmentation in <a href="#segmentation">chapter 5</a> and interrupts and input in <a href="#interrupts-and-input">chapter 6</a>.</p>
<p>After this we have a quite functional but bare-bones OS kernel. In <a href="#the-road-to-user-mode">chapter 7</a> we start the road to user mode applications, with virtual memory through paging (<a href="#a-short-introduction-to-virtual-memory">chapter 8</a> and <a href="#paging">9</a>), memory allocation (<a href="#page-frame-allocation">chapter 10</a>), and finally running a user application in <a href="#user-mode">chapter 11</a>.</p>
<p>In the last three chapters we discuss the more advanced topics of file systems (<a href="#file-systems">chapter 12</a>), system calls (<a href="#system-calls">chapter 13</a>), and multitasking (<a href="#multitasking">chapter 14</a>).</p>
<h2 id="about-the-book"><span class="header-section-number">1.1</span> About the Book</h2>
<p>The OS kernel and this book were produced as part of an advanced individual course at the Royal Institute of Technology <span class="citation">[2]</span>, Stockholm. The authors had previously taken courses in OS theory, but had only minor practical experience with OS kernel development. In order to get more insight and a deeper understanding of how the theory from the previous OS courses works out in practice, the authors decided to create a new course, which focused on the development of a small OS. Another goal of the course was writing a thorough tutorial on how to develop a small OS basically from scratch, and this short book is the result.</p>
<p>The x86 architecture is, and has been for a long time, one of the most common hardware architectures. It was not a difficult choice to use the x86 architecture as the target of the OS, with its large community, extensive reference material and mature emulators. The documentation and information surrounding the details of the hardware we had to work with was not always easy to find or understand, despite (or perhaps due to) the age of the architecture.</p>
<p>The OS was developed in about six weeks of full-time work. The implementation was done in many small steps, and after each step the OS was tested manually. By developing in this incremental and iterative way, it was often easier to find any bugs that were introduced, since only a small part of the code had changed since the last known good state of the code. We encourage the reader to work in a similar way.</p>
<p>During the six weeks of development, almost every single line of code was written by the authors together (this way of working is also called <em>pair-programming</em>). It is our belief that we managed to avoid a lot of bugs due to this style of development, but this is hard to prove scientifically.</p>
<h2 id="the-reader"><span class="header-section-number">1.2</span> The Reader</h2>
<p>The reader of this book should be comfortable with UNIX/Linux, systems programming, the C language and computer systems in general (such as hexadecimal notation <span class="citation">[3]</span>). This book could be a way to get started learning those things, but it will be more difficult, and developing an operating system is already challenging on its own. Search engines and other tutorials are often helpful if you get stuck.</p>
<h2 id="credits-thanks-and-acknowledgements"><span class="header-section-number">1.3</span> Credits, Thanks and Acknowledgements</h2>
<p>We’d like to thank the OSDev community <span class="citation">[4]</span> for their great wiki and helpful members, and James Malloy for his eminent kernel development tutorial <span class="citation">[5]</span>. We’d also like to thank our supervisor Torbjörn Granlund for his insightful questions and interesting discussions.</p>
<p>Most of the CSS formatting of the book is based on the work by Scott Chacon for the book Pro Git, <a href="http://progit.org/">http://progit.org/</a>.</p>
<h2 id="contributors"><span class="header-section-number">1.4</span> Contributors</h2>
<p>We are very grateful for the patches that people send us. The following users have all contributed to this book:</p>
<ul>
<li><a href="https://github.com/alexschneider">alexschneider</a></li>
<li><a href="https://github.com/Avidanborisov">Avidanborisov</a></li>
<li><a href="https://github.com/nirs">nirs</a></li>
<li><a href="https://github.com/kedarmhaswade">kedarmhaswade</a></li>
<li><a href="https://github.com/vamanea">vamanea</a></li>
<li><a href="https://github.com/ansjob">ansjob</a></li>
</ul>
<h2 id="changes-and-corrections"><span class="header-section-number">1.5</span> Changes and Corrections</h2>
<p>This book is hosted on Github - if you have any suggestions, comments or corrections, just fork the book, write your changes, and send us a pull request. We’ll happily incorporate anything that makes this book better.</p>
<h2 id="issues-and-where-to-get-help"><span class="header-section-number">1.6</span> Issues and where to get help</h2>
<p>If you run into problems while reading the book, please check the issues on Github for help: <a href="https://github.com/littleosbook/littleosbook/issues">https://github.com/littleosbook/littleosbook/issues</a>.</p>
<h2 id="license"><span class="header-section-number">1.7</span> License</h2>
<p>All content is under the Creative Commons Attribution Non Commercial Share Alike 3.0 license, <a href="http://creativecommons.org/licenses/by-nc-sa/3.0/us/">http://creativecommons.org/licenses/by-nc-sa/3.0/us/</a>. The code samples are in the public domain - use them however you want. References to this book are always received with warmth.</p>
<h1 id="first-steps"><span class="header-section-number">2</span> First Steps</h1>
<p>Developing an operating system (OS) is no easy task, and the question “How do I even begin to solve this problem?” is likely to come up several times during the course of the project for different problems. This chapter will help you set up your development environment and booting a very small (and primitive) operating system.</p>
<h2 id="tools"><span class="header-section-number">2.1</span> Tools</h2>
<h3 id="quick-setup"><span class="header-section-number">2.1.1</span> Quick Setup</h3>
<p>We (the authors) have used Ubuntu <span class="citation">[6]</span> as the operating system for doing OS development, running it both physically and virtually (using the virtual machine VirtualBox <span class="citation">[7]</span>). A quick way to get everything up and running is to use the same setup as we did, since we know that these tools work with the samples provided in this book.</p>
<p>Once Ubuntu is installed, either physical or virtual, the following packages should be installed using <code>apt-get</code>:</p>
<pre class="sourceCode bash"><code class="sourceCode bash">    <span class="kw">sudo</span> apt-get install build-essential nasm genisoimage bochs bochs-sdl</code></pre>
<h3 id="programming-languages"><span class="header-section-number">2.1.2</span> Programming Languages</h3>
<p>The operating system will be developed using the C programming language <span class="citation">[8]</span><span class="citation">[9]</span>, using GCC <span class="citation">[10]</span>. We use C because developing an OS requires a very precise control of the generated code and direct access to memory. Other languages that provide the same features can also be used, but this book will only cover C.</p>
<p>The code will make use of one type attribute that is specific for GCC:</p>
<pre><code>    __attribute__((packed))</code></pre>
<p>This attribute allows us to ensure that the compiler uses a memory layout for a <code>struct</code> exactly as we define it in the code. This is explained in more detail in the next chapter.</p>
<p>Due to this attribute, the example code might be hard to compile using a C compiler other than GCC.</p>
<p>For writing assembly code, we have chosen NASM <span class="citation">[11]</span> as the assembler, since we prefer NASM’s syntax over GNU Assembler.</p>
<p>Bash <span class="citation">[12]</span> will be used as the scripting language throughout the book.</p>
<h3 id="host-operating-system"><span class="header-section-number">2.1.3</span> Host Operating System</h3>
<p>All the code examples assumes that the code is being compiled on a UNIX like operating system. All code examples have been successfully compiled using Ubuntu <span class="citation">[6]</span> versions 11.04 and 11.10.</p>
<h3 id="build-system"><span class="header-section-number">2.1.4</span> Build System</h3>
<p>Make <span class="citation">[13]</span> has been used when constructing the Makefile examples.</p>
<h3 id="virtual-machine"><span class="header-section-number">2.1.5</span> Virtual Machine</h3>
<p>When developing an OS it is very convenient to be able to run your code in a <em>virtual machine</em> instead of on a physical computer, since starting your OS in a virtual machine is much faster than getting your OS onto a physical medium and then running it on a physical machine. Bochs <span class="citation">[14]</span> is an emulator for the x86 (IA-32) platform which is well suited for OS development due to its debugging features. Other popular choices are QEMU <span class="citation">[15]</span> and VirtualBox <span class="citation">[7]</span>. This book uses Bochs.</p>
<p>By using a virtual machine we cannot ensure that our OS works on real, physical hardware. The environment simulated by the virtual machine is designed to be very similar to their physical counterparts, and the OS can be tested on one by just copying the executable to a CD and finding a suitable machine.</p>
<h2 id="booting"><span class="header-section-number">2.2</span> Booting</h2>
<p>Booting an operating system consists of transferring control along a chain of small programs, each one more “powerful” than the previous one, where the operating system is the last “program”. See the following figure for an example of the boot process:</p>
<div class="figure">
<img src="images/boot_chain.png" alt="An example of the boot process. Each box is a program." /><p class="caption">An example of the boot process. Each box is a program.</p>
</div>
<h3 id="bios"><span class="header-section-number">2.2.1</span> BIOS</h3>
<p>When the PC is turned on, the computer will start a small program that adheres to the <em>Basic Input Output System</em> (BIOS) <span class="citation">[16]</span> standard. This program is usually stored on a read only memory chip on the motherboard of the PC. The original role of the BIOS program was to export some library functions for printing to the screen, reading keyboard input etc. Modern operating systems do not use the BIOS’ functions, they use drivers that interact directly with the hardware, bypassing the BIOS. Today, BIOS mainly runs some early diagnostics (power-on-self-test) and then transfers control to the bootloader.</p>
<h3 id="the-bootloader"><span class="header-section-number">2.2.2</span> The Bootloader</h3>
<p>The BIOS program will transfer control of the PC to a program called a <em>bootloader</em>. The bootloader’s task is to transfer control to us, the operating system developers, and our code. However, due to some restrictions<a href="#fn1" class="footnoteRef" id="fnref1"><sup>1</sup></a> of the hardware and because of backward compatibility, the bootloader is often split into two parts: the first part of the bootloader will transfer control to the second part, which finally gives control of the PC to the operating system.</p>
<p>Writing a bootloader involves writing a lot of low-level code that interacts with the BIOS. Therefore, an existing bootloader will be used: the GNU GRand Unified Bootloader (GRUB) <span class="citation">[17]</span>.</p>
<p>Using GRUB, the operating system can be built as an ordinary ELF <span class="citation">[18]</span> executable, which will be loaded by GRUB into the correct memory location. The compilation of the kernel requires that the code is laid out in memory in a specific way (how to compile the kernel will be discussed later in this chapter).</p>
<h3 id="the-operating-system"><span class="header-section-number">2.2.3</span> The Operating System</h3>
<p>GRUB will transfer control to the operating system by jumping to a position in memory. Before the jump, GRUB will look for a magic number to ensure that it is actually jumping to an OS and not some random code. This magic number is part of the <em>multiboot specification</em> <span class="citation">[19]</span> which GRUB adheres to. Once GRUB has made the jump, the OS has full control of the computer.</p>
<h2 id="hello-cafebabe"><span class="header-section-number">2.3</span> Hello Cafebabe</h2>
<p>This section will describe how to implement of the smallest possible OS that can be used together with GRUB. The only thing the OS will do is write <code>0xCAFEBABE</code> to the <code>eax</code> register (most people would probably not even call this an OS).</p>
<h3 id="compiling-the-operating-system"><span class="header-section-number">2.3.1</span> Compiling the Operating System</h3>
<p>This part of the OS has to be written in assembly code, since C requires a stack, which isn’t available (the chapter <a href="#getting-to-c">“Getting to C”</a> describes how to set one up). Save the following code in a file called <code>loader.s</code>:</p>
<pre class="sourceCode nasm"><code class="sourceCode nasm">    <span class="kw">global</span> loader                   <span class="co">; the entry symbol for ELF</span>

    MAGIC_NUMBER <span class="dt">equ</span> <span class="bn">0x1BADB002</span>     <span class="co">; define the magic number constant</span>
    FLAGS        <span class="dt">equ</span><span class="bn"> 0x0            </span><span class="co">; multiboot flags</span>
    CHECKSUM     <span class="dt">equ</span> -MAGIC_NUMBER  <span class="co">; calculate the checksum</span>
                                    <span class="co">; (magic number + checksum + flags should equal 0)</span>

    <span class="kw">section</span> .text:                  <span class="co">; start of the text (code) section</span>
    <span class="kw">align</span> <span class="dv">4</span>                         <span class="co">; the code must be 4 byte aligned</span>
        <span class="dt">dd</span> MAGIC_NUMBER             <span class="co">; write the magic number to the machine code,</span>
        <span class="dt">dd</span> FLAGS                    <span class="co">; the flags,</span>
        <span class="dt">dd</span> CHECKSUM                 <span class="co">; and the checksum</span>

<span class="fu">    loader:</span>                         <span class="co">; the loader label (defined as entry point in linker script)</span>
        <span class="kw">mov</span> <span class="kw">eax</span>, <span class="bn">0xCAFEBABE</span>         <span class="co">; place the number 0xCAFEBABE in the register eax</span>
<span class="fu">    .loop:</span>
        <span class="kw">jmp</span> .<span class="kw">loop</span>                   <span class="co">; loop forever</span></code></pre>
<p>The only thing this OS will do is write the very specific number <code>0xCAFEBABE</code> to the <code>eax</code> register. It is <em>very</em> unlikely that the number <code>0xCAFEBABE</code> would be in the <code>eax</code> register if the OS did <em>not</em> put it there.</p>
<p>The file <code>loader.s</code> can be compiled into a 32 bits ELF <span class="citation">[18]</span> object file with the following command:</p>
<pre class="sourceCode bash"><code class="sourceCode bash">    <span class="kw">nasm</span> -f elf32 loader.s</code></pre>
<h3 id="linking-the-kernel"><span class="header-section-number">2.3.2</span> Linking the Kernel</h3>
<p>The code must now be linked to produce an executable file, which requires some extra thought compared to when linking most programs. We want GRUB to load the kernel at a memory address larger than or equal to <code>0x00100000</code> (1 megabyte (MB)), because addresses lower than 1 MB are used by GRUB itself, BIOS and memory-mapped I/O. Therefore, the following linker script is needed (written for GNU LD <span class="citation">[20]</span>):</p>
<pre><code>ENTRY(loader)                /* the name of the entry label */

SECTIONS {
    . = 0x00100000;          /* the code should be loaded at 1 MB */

    .text ALIGN (0x1000) :   /* align at 4 KB */
    {
        *(.text)             /* all text sections from all files */
    }

    .rodata ALIGN (0x1000) : /* align at 4 KB */
    {
        *(.rodata*)          /* all read-only data sections from all files */
    }

    .data ALIGN (0x1000) :   /* align at 4 KB */
    {
        *(.data)             /* all data sections from all files */
    }

    .bss ALIGN (0x1000) :    /* align at 4 KB */
    {
        *(COMMON)            /* all COMMON sections from all files */
        *(.bss)              /* all bss sections from all files */
    }
}</code></pre>
<p>Save the linker script into a file called <code>link.ld</code>. The executable can now be linked with the following command:</p>
<pre class="sourceCode bash"><code class="sourceCode bash">    <span class="kw">ld</span> -T link.ld -melf_i386 loader.o -o kernel.elf</code></pre>
<p>The final executable will be called <code>kernel.elf</code>.</p>
<h3 id="obtaining-grub"><span class="header-section-number">2.3.3</span> Obtaining GRUB</h3>
<p>The GRUB version we will use is GRUB Legacy, since the OS ISO image can then be generated on systems using both GRUB Legacy and GRUB 2. More specifically, the GRUB Legacy <code>stage2_eltorito</code> bootloader will be used. This file can be built from GRUB 0.97 by downloading the source from <a href="ftp://alpha.gnu.org/gnu/grub/grub-0.97.tar.gz">ftp://alpha.gnu.org/gnu/grub/grub-0.97.tar.gz</a>. However, the <code>configure</code> script doesn’t work well with Ubuntu <span class="citation">[21]</span>, so the binary file can be downloaded from <a href="http://littleosbook.github.com/files/stage2_eltorito">http://littleosbook.github.com/files/stage2_eltorito</a>. Copy the file <code>stage2_eltorito</code> to the folder that already contains <code>loader.s</code> and <code>link.ld</code>.</p>
<h3 id="building-an-iso-image"><span class="header-section-number">2.3.4</span> Building an ISO Image</h3>
<p>The executable must be placed on a media that can be loaded by a virtual or physical machine. In this book we will use ISO <span class="citation">[22]</span> image files as the media, but one can also use floppy images, depending on what the virtual or physical machine supports.</p>
<p>We will create the kernel ISO image with the program <code>genisoimage</code>. A folder must first be created that contains the files that will be on the ISO image. The following commands create the folder and copy the files to their correct places:</p>
<pre class="sourceCode bash"><code class="sourceCode bash">    <span class="kw">mkdir</span> -p iso/boot/grub              <span class="co"># create the folder structure</span>
    <span class="kw">cp</span> stage2_eltorito iso/boot/grub/   <span class="co"># copy the bootloader</span>
    <span class="kw">cp</span> kernel.elf iso/boot/             <span class="co"># copy the kernel</span></code></pre>
<p>A configuration file <code>menu.lst</code> for GRUB must be created. This file tells GRUB where the kernel is located and configures some options:</p>
<pre><code>    default=0
    timeout=0

    title os
    kernel /boot/kernel.elf</code></pre>
<p>Place the file <code>menu.lst</code> in the folder <code>iso/boot/grub/</code>. The contents of the <code>iso</code> folder should now look like the following figure:</p>
<pre><code>    iso
    |-- boot
      |-- grub
      | |-- menu.lst
      | |-- stage2_eltorito
      |-- kernel.elf</code></pre>
<p>The ISO image can then be generated with the following command:</p>
<pre><code>    genisoimage -R                              \
                -b boot/grub/stage2_eltorito    \
                -no-emul-boot                   \
                -boot-load-size 4               \
                -A os                           \
                -input-charset utf8             \
                -quiet                          \
                -boot-info-table                \
                -o os.iso                       \
                iso</code></pre>
<p>For more information about the flags used in the command, see the manual for <code>genisoimage</code>.</p>
<p>The ISO image <code>os.iso</code> now contains the kernel executable, the GRUB bootloader and the configuration file.</p>
<h3 id="running-bochs"><span class="header-section-number">2.3.5</span> Running Bochs</h3>
<p>Now we can run the OS in the Bochs emulator using the <code>os.iso</code> ISO image. Bochs needs a configuration file to start and an example of a simple configuration file is given below:</p>
<pre><code>    megs:            32
    display_library: sdl
    romimage:        file=/usr/share/bochs/BIOS-bochs-latest
    vgaromimage:     file=/usr/share/bochs/VGABIOS-lgpl-latest
    ata0-master:     type=cdrom, path=os.iso, status=inserted
    boot:            cdrom
    log:             bochslog.txt
    clock:           sync=realtime, time0=local
    cpu:             count=1, ips=1000000</code></pre>
<p>You might need to change the path to <code>romimage</code> and <code>vgaromimage</code> depending on how you installed Bochs. More information about the Bochs config file can be found at Boch’s website <span class="citation">[23]</span>.</p>
<p>If you saved the configuration in a file named <code>bochsrc.txt</code> then you can run Bochs with the following command:</p>
<pre><code>    bochs -f bochsrc.txt -q</code></pre>
<p>The flag <code>-f</code> tells Bochs to use the given configuration file and the flag <code>-q</code> tells Bochs to skip the interactive start menu. You should now see Bochs starting and displaying a console with some information from GRUB on it.</p>
<p>After quitting Bochs, display the log produced by Boch:</p>
<pre><code>    cat bochslog.txt</code></pre>
<p>You should now see the contents of the registers of the CPU simulated by Bochs somewhere in the output. If you find <code>RAX=00000000CAFEBABE</code> or <code>EAX=CAFEBABE</code> (depending on if you are running Bochs with or without 64 bit support) in the output then your OS has successfully booted!</p>
<h2 id="further-reading"><span class="header-section-number">2.4</span> Further Reading</h2>
<ul>
<li>Gustavo Duertes has written an in-depth article about what actually happens when a x86 computer boots up, <a href="http://duartes.org/gustavo/blog/post/how-computers-boot-up">http://duartes.org/gustavo/blog/post/how-computers-boot-up</a></li>
<li>Gustavo continues to describe what the kernel does in the very early stages at <a href="http://duartes.org/gustavo/blog/post/kernel-boot-process">http://duartes.org/gustavo/blog/post/kernel-boot-process</a></li>
<li>The OSDev wiki also contains a nice article about booting an x86 computer: <a href="http://wiki.osdev.org/Boot_Sequence">http://wiki.osdev.org/Boot_Sequence</a></li>
</ul>
<h1 id="getting-to-c"><span class="header-section-number">3</span> Getting to C</h1>
<p>This chapter will show you how to use C instead of assembly code as the programming language for the OS. Assembly is very good for interacting with the CPU and enables maximum control over every aspect of the code. However, at least for the authors, C is a much more convenient language to use. Therefore, we would like to use C as much as possible and use assembly code only where it make sense.</p>
<h2 id="setting-up-a-stack"><span class="header-section-number">3.1</span> Setting Up a Stack</h2>
<p>One prerequisite for using C is a stack, since all non-trivial C programs use a stack. Setting up a stack is not harder than to make the <code>esp</code> register point to the end of an area of free memory (remember that the stack grows towards lower addresses on the x86) that is correctly aligned (alignment on 4 bytes is recommended from a performance perspective).</p>
<p>We could point <code>esp</code> to a random area in memory since, so far, the only thing in the memory is GRUB, BIOS, the OS kernel and some memory-mapped I/O. This is not a good idea - we don’t know how much memory is available or if the area <code>esp</code> would point to is used by something else. A better idea is to reserve a piece of uninitialized memory in the <code>bss</code> section in the ELF file of the kernel. It is better to use the <code>bss</code> section instead of the <code>data</code> section to reduce the size of the OS executable. Since GRUB understands ELF, GRUB will allocate any memory reserved in the <code>bss</code> section when loading the OS.</p>
<p>The NASM pseudo-instruction <code>resb</code> <span class="citation">[24]</span> can be used to declare uninitialized data:</p>
<pre class="sourceCode nasm"><code class="sourceCode nasm">    KERNEL_STACK_SIZE <span class="dt">equ</span> <span class="dv">4096</span>                  <span class="co">; size of stack in bytes</span>

    <span class="kw">section</span> .bss
    <span class="kw">align</span> <span class="dv">4</span>                                     <span class="co">; align at 4 bytes</span>
<span class="fu">    kernel_stack:</span>                               <span class="co">; label points to beginning of memory</span>
        <span class="dt">resb</span> KERNEL_STACK_SIZE                  <span class="co">; reserve stack for the kernel</span></code></pre>
<p>There is no need to worry about the use of uninitialized memory for the stack, since it is not possible to read a stack location that has not been written (without manual pointer fiddling). A (correct) program can not pop an element from the stack without having pushed an element onto the stack first. Therefore, the memory locations of the stack will always be written to before they are being read.</p>
<p>The stack pointer is then set up by pointing <code>esp</code> to the end of the <code>kernel_stack</code> memory:</p>
<pre class="sourceCode nasm"><code class="sourceCode nasm">    <span class="kw">mov</span> <span class="kw">esp</span>, kernel_stack + KERNEL_STACK_SIZE   <span class="co">; point esp to the start of the</span>
                                                <span class="co">; stack (end of memory area)</span></code></pre>
<h2 id="calling-c-code-from-assembly"><span class="header-section-number">3.2</span> Calling C Code From Assembly</h2>
<p>The next step is to call a C function from assembly code. There are many different conventions for how to call C code from assembly code <span class="citation">[25]</span>. This book uses the <em>cdecl</em> calling convention, since that is the one used by GCC. The cdecl calling convention states that arguments to a function should be passed via the stack (on x86). The arguments of the function should be pushed on the stack in a right-to-left order, that is, you push the rightmost argument first. The return value of the function is placed in the <code>eax</code> register. The following code shows an example:</p>
<pre class="sourceCode c"><code class="sourceCode c">    <span class="co">/* The C function */</span>
    <span class="dt">int</span> sum_of_three(<span class="dt">int</span> arg1, <span class="dt">int</span> arg2, <span class="dt">int</span> arg3)
    {
        <span class="kw">return</span> arg1 + arg2 + arg3;
    }</code></pre>
<pre class="sourceCode nasm"><code class="sourceCode nasm">    <span class="co">; The assembly code</span>
    external sum_of_three   <span class="co">; the function sum_of_three is defined elsewhere</span>

    <span class="kw">push</span> <span class="dt">dword</span> <span class="dv">3</span>            <span class="co">; arg3</span>
    <span class="kw">push</span> <span class="dt">dword</span> <span class="dv">2</span>            <span class="co">; arg2</span>
    <span class="kw">push</span> <span class="dt">dword</span> <span class="dv">1</span>            <span class="co">; arg1</span>
    <span class="kw">call</span> sum_of_three       <span class="co">; call the function, the result will be in eax</span></code></pre>
<h3 id="packing-structs"><span class="header-section-number">3.2.1</span> Packing Structs</h3>
<p>In the rest of this book, you will often come across “configuration bytes” that are a collection of bits in a very specific order. Below follows an example with 32 bits:</p>
<pre><code>Bit:     | 31     24 | 23          8 | 7     0 |
Content: | index     | address       | config  |</code></pre>
<p>Instead of using an unsigned integer, <code>unsigned int</code>, for handling such configurations, it is much more convenient to use “packed structures”:</p>
<pre class="sourceCode C"><code class="sourceCode c">    <span class="kw">struct</span> example {
        <span class="dt">unsigned</span> <span class="dt">char</span> config;   <span class="co">/* bit 0 - 7   */</span>
        <span class="dt">unsigned</span> <span class="dt">short</span> address; <span class="co">/* bit 8 - 23  */</span>
        <span class="dt">unsigned</span> <span class="dt">char</span> index;    <span class="co">/* bit 24 - 31 */</span>
    };</code></pre>
<p>When using the <code>struct</code> in the previous example there is no guarantee that the size of the <code>struct</code> will be exactly 32 bits - the compiler can add some padding between elements for various reasons, for example to speed up element access or due to requirements set by the hardware and/or compiler. When using a <code>struct</code> to represent configuration bytes, it is very important that the compiler does <em>not</em> add any padding, because the <code>struct</code> will eventually be treated as a 32 bit unsigned integer by the hardware. The attribute <code>packed</code> can be used to force GCC to <em>not</em> add any padding:</p>
<pre class="sourceCode C"><code class="sourceCode c">    <span class="kw">struct</span> example {
        <span class="dt">unsigned</span> <span class="dt">char</span> config;   <span class="co">/* bit 0 - 7   */</span>
        <span class="dt">unsigned</span> <span class="dt">short</span> address; <span class="co">/* bit 8 - 23  */</span>
        <span class="dt">unsigned</span> <span class="dt">char</span> index;    <span class="co">/* bit 24 - 31 */</span>
    } __attribute__((packed));</code></pre>
<p>Note that <code>__attribute__((packed))</code> is not part of the C standard - it might not work with all C compilers.</p>
<h2 id="compiling-c-code"><span class="header-section-number">3.3</span> Compiling C Code</h2>
<p>When compiling the C code for the OS, a lot of flags to GCC need to be used. This is because the C code should <em>not</em> assume the presence of a standard library, since there is no standard library available for our OS. For more information about the flags, see the GCC manual.</p>
<p>The flags used for compiling the C code are:</p>
<pre><code>    -m32 -nostdlib -nostdinc -fno-builtin -fno-stack-protector -nostartfiles
    -nodefaultlibs</code></pre>
<p>As always when writing C programs we recommend turning on all warnings and treat warnings as errors:</p>
<pre><code>    -Wall -Wextra -Werror</code></pre>
<p>You can now create a function <code>kmain</code> in a file called <code>kmain.c</code> that you call from <code>loader.s</code>. At this point, <code>kmain</code> probably won’t need any arguments (but in later chapters it will).</p>
<h2 id="build-tools"><span class="header-section-number">3.4</span> Build Tools</h2>
<p>Now is also probably a good time to set up some build tools to make it easier to compile and test-run the OS. We recommend using <code>make</code> <span class="citation">[13]</span>, but there are plenty of other build systems available. A simple Makefile for the OS could look like the following example:</p>
<pre class="sourceCode Makefile"><code class="sourceCode makefile">    <span class="dt">OBJECTS </span><span class="ch">=</span><span class="st"> loader.o kmain.o</span>
    <span class="dt">CC </span><span class="ch">=</span><span class="st"> gcc</span>
    <span class="dt">CFLAGS </span><span class="ch">=</span><span class="st"> -m32 -nostdlib -nostdinc -fno-builtin -fno-stack-protector </span><span class="ch">\</span>
             <span class="ch">-</span><span class="fu">nostartfiles -nodefaultlibs -Wall -Wextra -Werror -c</span>
    <span class="dt">LDFLAGS </span><span class="ch">=</span><span class="st"> -T link.ld -melf_i386</span>
    <span class="dt">AS </span><span class="ch">=</span><span class="st"> nasm</span>
    <span class="dt">ASFLAGS </span><span class="ch">=</span><span class="st"> -f elf</span>

    all: kernel.elf

    kernel.elf: <span class="ch">$(</span><span class="dt">OBJECTS</span><span class="ch">)</span>
        ld <span class="ch">$(</span><span class="dt">LDFLAGS</span><span class="ch">)</span> <span class="ch">$(</span><span class="dt">OBJECTS</span><span class="ch">)</span> -o kernel.elf

    os.iso: kernel.elf
        cp kernel.elf iso/boot/kernel.elf
        genisoimage -R                              \
                    <span class="ch">-</span><span class="fu">b boot/grub/stage2_eltorito    </span><span class="ch">\</span>
                    <span class="ch">-</span><span class="fu">no-emul-boot                   </span><span class="ch">\</span>
                    <span class="ch">-</span><span class="fu">boot-load-size 4               </span><span class="ch">\</span>
                    <span class="ch">-</span><span class="fu">A os                           </span><span class="ch">\</span>
                    <span class="ch">-</span><span class="fu">input-charset utf8             </span><span class="ch">\</span>
                    <span class="ch">-</span><span class="fu">quiet                          </span><span class="ch">\</span>
                    <span class="ch">-</span><span class="fu">boot-info-table                </span><span class="ch">\</span>
                    <span class="ch">-</span><span class="fu">o os.iso                       </span><span class="ch">\</span>
                    iso

    run: os.iso
        bochs -f bochsrc.txt -q

    %.o: %.c
        <span class="ch">$(</span><span class="dt">CC</span><span class="ch">)</span> <span class="ch">$(</span><span class="dt">CFLAGS</span><span class="ch">)</span>  <span class="ch">$&lt;</span> -o <span class="ch">$@</span>

    %.o: %.s
        <span class="ch">$(</span><span class="dt">AS</span><span class="ch">)</span> <span class="ch">$(</span><span class="dt">ASFLAGS</span><span class="ch">)</span> <span class="ch">$&lt;</span> -o <span class="ch">$@</span>

    clean:
        rm -rf *.o kernel.elf os.iso</code></pre>
<p>The contents of your working directory should now look like the following figure:</p>
<pre><code>    .
    |-- bochsrc.txt
    |-- iso
    |   |-- boot
    |     |-- grub
    |       |-- menu.lst
    |       |-- stage2_eltorito
    |-- kmain.c
    |-- loader.s
    |-- Makefile</code></pre>
<p>You should now be able to start the OS with the simple command <code>make run</code>, which will compile the kernel and boot it up in Bochs (as defined in the Makefile above).</p>
<h2 id="further-reading-1"><span class="header-section-number">3.5</span> Further Reading</h2>
<ul>
<li>Kernigan &amp; Richie’s book, <em>The C Programming Language, Second Edition</em>, <span class="citation">[8]</span> is great for learning about all the aspects of C.</li>
</ul>
<h1 id="output"><span class="header-section-number">4</span> Output</h1>
<p>This chapter will present how to display text on the console as well as writing data to the serial port. Furthermore, we will create our first <em>driver</em>, that is, code that acts as a layer between the kernel and the hardware, providing a higher abstraction than communicating directly with the hardware. The first part of this chapter is about creating a driver for the <em>framebuffer</em> <span class="citation">[26]</span> to be able to display text on the console. The second part shows how to create a driver for the serial port. Bochs can store output from the serial port in a file, effectively creating a logging mechanism for the operating system.</p>
<h2 id="interacting-with-the-hardware"><span class="header-section-number">4.1</span> Interacting with the Hardware</h2>
<p>There are usually two different ways to interact with the hardware, <em>memory-mapped I/O</em> and <em>I/O ports</em>.</p>
<p>If the hardware uses memory-mapped I/O then you can write to a specific memory address and the hardware will be updated with the new data. One example of this is the framebuffer, which will be discussed in more detail later. For example, if you write the value <code>0x410F</code> to address <code>0x000B8000</code>, you will see the letter A in white color on a black background (see the section on <a href="#the-framebuffer">the framebuffer</a> for more details).</p>
<p>If the hardware uses I/O ports then the assembly code instructions <code>out</code> and <code>in</code> must be used to communicate with the hardware. The instruction <code>out</code> takes two parameters: the address of the I/O port and the data to send. The instruction <code>in</code> takes a single parameter, the address of the I/O port, and returns data from the hardware. One can think of I/O ports as communicating with hardware the same way as you communicate with a server using sockets. The cursor (the blinking rectangle) of the framebuffer is one example of hardware controlled via I/O ports on a PC.</p>
<h2 id="the-framebuffer"><span class="header-section-number">4.2</span> The Framebuffer</h2>
<p>The framebuffer is a hardware device that is capable of displaying a buffer of memory on the screen <span class="citation">[26]</span>. The framebuffer has 80 columns and 25 rows, and the row and column indices start at 0 (so rows are labelled 0 - 24).</p>
<h3 id="writing-text"><span class="header-section-number">4.2.1</span> Writing Text</h3>
<p>Writing text to the console via the framebuffer is done with memory-mapped I/O. The starting address of the memory-mapped I/O for the framebuffer is <code>0x000B8000</code> <span class="citation">[27]</span>. The memory is divided into 16 bit cells, where the 16 bits determine both the character, the foreground color and the background color. The highest eight bits is the ASCII <span class="citation">[28]</span> value of the character, bit 7 - 4 the background and bit 3 - 0 the foreground, as can be seen in the following figure:</p>
<pre><code>Bit:     | 15 14 13 12 11 10 9 8 | 7 6 5 4 | 3 2 1 0 |
Content: | ASCII                 | FG      | BG      |</code></pre>
<p>The available colors are shown in the following table:</p>
<table>
<thead>
<tr class="header">
<th align="right">Color</th>
<th align="left">Value</th>
<th align="right">Color</th>
<th align="left">Value</th>
<th align="right">Color</th>
<th align="left">Value</th>
<th align="right">Color</th>
<th align="left">Value</th>
</tr>
</thead>
<tbody>
<tr class="odd">
<td align="right">Black</td>
<td align="left">0</td>
<td align="right">Red</td>
<td align="left">4</td>
<td align="right">Dark grey</td>
<td align="left">8</td>
<td align="right">Light red</td>
<td align="left">12</td>
</tr>
<tr class="even">
<td align="right">Blue</td>
<td align="left">1</td>
<td align="right">Magenta</td>
<td align="left">5</td>
<td align="right">Light blue</td>
<td align="left">9</td>
<td align="right">Light magenta</td>
<td align="left">13</td>
</tr>
<tr class="odd">
<td align="right">Green</td>
<td align="left">2</td>
<td align="right">Brown</td>
<td align="left">6</td>
<td align="right">Light green</td>
<td align="left">10</td>
<td align="right">Light brown</td>
<td align="left">14</td>
</tr>
<tr class="even">
<td align="right">Cyan</td>
<td align="left">3</td>
<td align="right">Light grey</td>
<td align="left">7</td>
<td align="right">Light cyan</td>
<td align="left">11</td>
<td align="right">White</td>
<td align="left">15</td>
</tr>
</tbody>
</table>
<p>The first cell corresponds to row zero, column zero on the console. Using an ASCII table, one can see that A corresponds to 65 or <code>0x41</code>. Therefore, to write the character A with a green foreground (2) and dark grey background (8) at place (0,0), the following assembly code instruction is used:</p>
<pre class="sourceCode nasm"><code class="sourceCode nasm">    <span class="kw">mov</span> [<span class="bn">0x000B8000</span>]<span class="bn">, 0x4128</span></code></pre>
<p>The second cell then corresponds to row zero, column one and its address is therefore:</p>
<pre><code>    0x000B8000 + 16 = 0x000B8010</code></pre>
<p>Writing to the framebuffer can also be done in C by treating the address <code>0x000B8000</code> as a char pointer, <code>char *fb = (char *) 0x000B8000</code>. Then, writing A at place (0,0) with green foreground and dark grey background becomes:</p>
<pre class="sourceCode nasm"><code class="sourceCode nasm">    fb[<span class="dv">0</span>] = <span class="st">&#39;A&#39;</span><span class="co">;</span>
    fb[<span class="dv">1</span>] = <span class="bn">0x28</span><span class="co">;</span></code></pre>
<p>The following code shows how this can be wrapped into a function:</p>
<pre class="sourceCode c"><code class="sourceCode c">    <span class="co">/** fb_write_cell:</span>
<span class="co">     *  Writes a character with the given foreground and background to position i</span>
<span class="co">     *  in the framebuffer.</span>
<span class="co">     *</span>
<span class="co">     *  </span><span class="kw">@param</span><span class="co"> </span><span class="kw">i</span><span class="co">  The location in the framebuffer</span>
<span class="co">     *  </span><span class="kw">@param</span><span class="co"> </span><span class="kw">c</span><span class="co">  The character</span>
<span class="co">     *  </span><span class="kw">@param</span><span class="co"> </span><span class="kw">fg</span><span class="co"> The foreground color</span>
<span class="co">     *  </span><span class="kw">@param</span><span class="co"> </span><span class="kw">bg</span><span class="co"> The background color</span>
<span class="co">     */</span>
    <span class="dt">void</span> fb_write_cell(<span class="dt">unsigned</span> <span class="dt">int</span> i, <span class="dt">char</span> c, <span class="dt">unsigned</span> <span class="dt">char</span> fg, <span class="dt">unsigned</span> <span class="dt">char</span> bg)
    {
        fb[i] = c;
        fb[i + <span class="dv">1</span>] = ((fg &amp; <span class="bn">0x0F</span>) &lt;&lt; <span class="dv">4</span>) | (bg &amp; <span class="bn">0x0F</span>)
    }</code></pre>
<p>The function can then be used as follows:</p>
<pre class="sourceCode c"><code class="sourceCode c">    <span class="ot">#define FB_GREEN     2</span>
    <span class="ot">#define FB_DARK_GREY 8</span>

    fb_write_cell(<span class="dv">0</span>, &#39;A&#39;, FB_GREEN, FB_DARK_GREY);</code></pre>
<h3 id="moving-the-cursor"><span class="header-section-number">4.2.2</span> Moving the Cursor</h3>
<p>Moving the cursor of the framebuffer is done via two different I/O ports. The cursor’s position is determined with a 16 bits integer: 0 means row zero, column zero; 1 means row zero, column one; 80 means row one, column zero and so on. Since the position is 16 bits large, and the <code>out</code> assembly code instruction argument is 8 bits, the position must be sent in two turns, first 8 bits then the next 8 bits. The framebuffer has two I/O ports, one for accepting the data, and one for describing the data being received. Port <code>0x3D4</code> <span class="citation">[29]</span> is the port that describes the data and port <code>0x3D5</code> <span class="citation">[29]</span> is for the data itself.</p>
<p>To set the cursor at row one, column zero (position <code>80 = 0x0050</code>), one would use the following assembly code instructions:</p>
<pre class="sourceCode nasm"><code class="sourceCode nasm">    <span class="kw">out</span> <span class="bn">0x3D4</span>, <span class="dv">14</span>      <span class="co">; 14 tells the framebuffer to expect the highest 8 bits of the position</span>
    <span class="kw">out</span> <span class="bn">0x3D5, 0x00    </span><span class="co">; sending the highest 8 bits of 0x0050</span>
    <span class="kw">out</span> <span class="bn">0x3D4</span>, <span class="dv">15</span>      <span class="co">; 15 tells the framebuffer to expect the lowest 8 bits of the position</span>
    <span class="kw">out</span> <span class="bn">0x3D5, 0x50    </span><span class="co">; sending the lowest 8 bits of 0x0050</span></code></pre>
<p>The <code>out</code> assembly code instruction can’t be executed directly in C. Therefore it is a good idea to wrap <code>out</code> in a function in assembly code which can be accessed from C via the cdecl calling standard <span class="citation">[25]</span>:</p>
<pre class="sourceCode nasm"><code class="sourceCode nasm">    <span class="kw">global</span> outb             <span class="co">; make the label outb visible outside this file</span>

    <span class="co">; outb - send a byte to an I/O port</span>
    <span class="co">; stack: [esp + 8] the data byte</span>
    <span class="co">;        [esp + 4] the I/O port</span>
    <span class="co">;        [esp    ] return address</span>
<span class="fu">    outb:</span>
        <span class="kw">mov</span> <span class="kw">al</span>, [<span class="kw">esp</span> + <span class="dv">8</span>]    <span class="co">; move the data to be sent into the al register</span>
        <span class="kw">mov</span> <span class="kw">dx</span>, [<span class="kw">esp</span> + <span class="dv">4</span>]    <span class="co">; move the address of the I/O port into the dx register</span>
        <span class="kw">out</span> <span class="kw">dx</span>, <span class="kw">al</span>           <span class="co">; send the data to the I/O port</span>
        <span class="kw">ret</span>                  <span class="co">; return to the calling function</span></code></pre>
<p>By storing this function in a file called <code>io.s</code> and also creating a header <code>io.h</code>, the <code>out</code> assembly code instruction can be conveniently accessed from C:</p>
<pre class="sourceCode c"><code class="sourceCode c">    <span class="ot">#ifndef INCLUDE_IO_H</span>
    <span class="ot">#define INCLUDE_IO_H</span>

    <span class="co">/** outb:</span>
<span class="co">     *  Sends the given data to the given I/O port. Defined in io.s</span>
<span class="co">     *</span>
<span class="co">     *  </span><span class="kw">@param</span><span class="co"> </span><span class="kw">port</span><span class="co"> The I/O port to send the data to</span>
<span class="co">     *  </span><span class="kw">@param</span><span class="co"> </span><span class="kw">data</span><span class="co"> The data to send to the I/O port</span>
<span class="co">     */</span>
    <span class="dt">void</span> outb(<span class="dt">unsigned</span> <span class="dt">short</span> port, <span class="dt">unsigned</span> <span class="dt">char</span> data);

    <span class="ot">#endif </span><span class="co">/* INCLUDE_IO_H */</span></code></pre>
<p>Moving the cursor can now be wrapped in a C function:</p>
<pre class="sourceCode c"><code class="sourceCode c">    <span class="ot">#include &quot;io.h&quot;</span>

    <span class="co">/* The I/O ports */</span>
    <span class="ot">#define FB_COMMAND_PORT         0x3D4</span>
    <span class="ot">#define FB_DATA_PORT            0x3D5</span>

    <span class="co">/* The I/O port commands */</span>
    <span class="ot">#define FB_HIGH_BYTE_COMMAND    14</span>
    <span class="ot">#define FB_LOW_BYTE_COMMAND     15</span>

    <span class="co">/** fb_move_cursor:</span>
<span class="co">     *  Moves the cursor of the framebuffer to the given position</span>
<span class="co">     *</span>
<span class="co">     *  </span><span class="kw">@param</span><span class="co"> </span><span class="kw">pos</span><span class="co"> The new position of the cursor</span>
<span class="co">     */</span>
    <span class="dt">void</span> fb_move_cursor(<span class="dt">unsigned</span> <span class="dt">short</span> pos)
    {
        outb(FB_COMMAND_PORT, FB_HIGH_BYTE_COMMAND);
        outb(FB_DATA_PORT,    ((pos &gt;&gt; <span class="dv">8</span>) &amp; <span class="bn">0x00FF</span>));
        outb(FB_COMMAND_PORT, FB_LOW_BYTE_COMMAND);
        outb(FB_DATA_PORT,    pos &amp; <span class="bn">0x00FF</span>);
    }</code></pre>
<h3 id="the-driver"><span class="header-section-number">4.2.3</span> The Driver</h3>
<p>The driver should provide an interface that the rest of the code in the OS will use for interacting with the framebuffer. There is no right or wrong in what functionality the interface should provide, but a suggestion is to have a <code>write</code> function with the following declaration:</p>
<pre class="sourceCode c"><code class="sourceCode c">    <span class="dt">int</span> write(<span class="dt">char</span> *buf, <span class="dt">unsigned</span> <span class="dt">int</span> len);</code></pre>
<p>The <code>write</code> function writes the contents of the buffer <code>buf</code> of length <code>len</code> to the screen. The <code>write</code> function should automatically advance the cursor after a character has been written and scroll the screen if necessary.</p>
<h2 id="the-serial-ports"><span class="header-section-number">4.3</span> The Serial Ports</h2>
<p>The serial port <span class="citation">[30]</span> is an interface for communicating between hardware devices and although it is available on almost all motherboards, it is seldom exposed to the user in the form of a DE-9 connector nowadays. The serial port is easy to use, and, more importantly, it can be used as a logging utility in Bochs. If a computer has support for a serial port, then it usually has support for multiple serial ports, but we will only make use of one of the ports. This is because we will only use the serial ports for logging. Furthermore, we will only use the serial ports for output, not input. The serial ports are completely controlled via I/O ports.</p>
<h3 id="configuring-the-serial-port"><span class="header-section-number">4.3.1</span> Configuring the Serial Port</h3>
<p>The first data that need to be sent to the serial port is configuration data. In order for two hardware devices to be able to talk to each other they must agree upon a couple of things. These things include:</p>
<ul>
<li>The speed used for sending data (bit or baud rate)</li>
<li>If any error checking should be used for the data (parity bit, stop bits)</li>
<li>The number of bits that represent a unit of data (data bits)</li>
</ul>
<h3 id="configuring-the-line"><span class="header-section-number">4.3.2</span> Configuring the Line</h3>
<p>Configuring the line means to configure how data is being sent over the line. The serial port has an I/O port, the <em>line command port</em>, that is used for configuration.</p>
<p>First the speed for sending data will be set. The serial port has an internal clock that runs at 115200 Hz. Setting the speed means sending a divisor to the serial port, for example sending 2 results in a speed of <code>115200 / 2 = 57600</code> Hz.</p>
<p>The divisor is a 16 bit number but we can only send 8 bits at a time. We must therefore send an instruction telling the serial port to first expect the highest 8 bits, then the lowest 8 bits. This is done by sending <code>0x80</code> to the line command port. An example is shown below:</p>
<pre class="sourceCode c"><code class="sourceCode c">    <span class="ot">#include &quot;io.h&quot; </span><span class="co">/* io.h is implement in the section &quot;Moving the cursor&quot; */</span>

    <span class="co">/* The I/O ports */</span>

    <span class="co">/* All the I/O ports are calculated relative to the data port. This is because</span>
<span class="co">     * all serial ports (COM1, COM2, COM3, COM4) have their ports in the same</span>
<span class="co">     * order, but they start at different values.</span>
<span class="co">     */</span>

    <span class="ot">#define SERIAL_COM1_BASE                0x3F8      </span><span class="co">/* COM1 base port */</span>

    <span class="ot">#define SERIAL_DATA_PORT(base)          (base)</span>
    <span class="ot">#define SERIAL_FIFO_COMMAND_PORT(base)  (base + 2)</span>
    <span class="ot">#define SERIAL_LINE_COMMAND_PORT(base)  (base + 3)</span>
    <span class="ot">#define SERIAL_MODEM_COMMAND_PORT(base) (base + 4)</span>
    <span class="ot">#define SERIAL_LINE_STATUS_PORT(base)   (base + 5)</span>

    <span class="co">/* The I/O port commands */</span>

    <span class="co">/* SERIAL_LINE_ENABLE_DLAB:</span>
<span class="co">     * Tells the serial port to expect first the highest 8 bits on the data port,</span>
<span class="co">     * then the lowest 8 bits will follow</span>
<span class="co">     */</span>
    <span class="ot">#define SERIAL_LINE_ENABLE_DLAB         0x80</span>

    <span class="co">/** serial_configure_baud_rate:</span>
<span class="co">     *  Sets the speed of the data being sent. The default speed of a serial</span>
<span class="co">     *  port is 115200 bits/s. The argument is a divisor of that number, hence</span>
<span class="co">     *  the resulting speed becomes (115200 / divisor) bits/s.</span>
<span class="co">     *</span>
<span class="co">     *  </span><span class="kw">@param</span><span class="co"> </span><span class="kw">com</span><span class="co">      The COM port to configure</span>
<span class="co">     *  </span><span class="kw">@param</span><span class="co"> </span><span class="kw">divisor</span><span class="co">  The divisor</span>
<span class="co">     */</span>
    <span class="dt">void</span> serial_configure_baud_rate(<span class="dt">unsigned</span> <span class="dt">short</span> com, <span class="dt">unsigned</span> <span class="dt">short</span> divisor)
    {
        outb(SERIAL_LINE_COMMAND_PORT(com),
             SERIAL_LINE_ENABLE_DLAB);
        outb(SERIAL_DATA_PORT(com),
             (divisor &gt;&gt; <span class="dv">8</span>) &amp; <span class="bn">0x00FF</span>);
        outb(SERIAL_DATA_PORT(com),
             divisor &amp; <span class="bn">0x00FF</span>);
    }</code></pre>
<p>The way that data should be sent must be configured. This is also done via the line command port by sending a byte. The layout of the 8 bits looks like the following:</p>
<pre><code>Bit:     | 7 | 6 | 5 4 3 | 2 | 1 0 |
Content: | d | b | prty  | s | dl  |</code></pre>
<p>A description for each name can be found in the table below (and in <span class="citation">[31]</span>):</p>
<table>
<thead>
<tr class="header">
<th align="right">Name</th>
<th align="left">Description</th>
</tr>
</thead>
<tbody>
<tr class="odd">
<td align="right">d</td>
<td align="left">Enables (<code>d = 1</code>) or disables (<code>d = 0</code>) DLAB</td>
</tr>
<tr class="even">
<td align="right">b</td>
<td align="left">If break control is enabled (<code>b = 1</code>) or disabled (<code>b = 0</code>)</td>
</tr>
<tr class="odd">
<td align="right">prty</td>
<td align="left">The number of parity bits to use</td>
</tr>
<tr class="even">
<td align="right">s</td>
<td align="left">The number of stop bits to use (<code>s = 0</code> equals 1, <code>s = 1</code> equals 1.5 or 2)</td>
</tr>
<tr class="odd">
<td align="right">dl</td>
<td align="left">Describes the length of the data</td>
</tr>
</tbody>
</table>
<p>We will use the mostly standard value <code>0x03</code> <span class="citation">[31]</span>, meaning a length of 8 bits, no parity bit, one stop bit and break control disabled. This is sent to the line command port, as seen in the following example:</p>
<pre class="sourceCode c"><code class="sourceCode c">    <span class="co">/** serial_configure_line:</span>
<span class="co">     *  Configures the line of the given serial port. The port is set to have a</span>
<span class="co">     *  data length of 8 bits, no parity bits, one stop bit and break control</span>
<span class="co">     *  disabled.</span>
<span class="co">     *</span>
<span class="co">     *  </span><span class="kw">@param</span><span class="co"> </span><span class="kw">com</span><span class="co">  The serial port to configure</span>
<span class="co">     */</span>
    <span class="dt">void</span> serial_configure_line(<span class="dt">unsigned</span> <span class="dt">short</span> com)
    {
        <span class="co">/* Bit:     | 7 | 6 | 5 4 3 | 2 | 1 0 |</span>
<span class="co">         * Content: | d | b | prty  | s | dl  |</span>
<span class="co">         * Value:   | 0 | 0 | 0 0 0 | 0 | 1 1 | = 0x03</span>
<span class="co">         */</span>
        outb(SERIAL_LINE_COMMAND_PORT(com), <span class="bn">0x03</span>);
    }</code></pre>
<p>The article on OSDev <span class="citation">[31]</span> has a more in-depth explanation of the values.</p>
<h3 id="configuring-the-buffers"><span class="header-section-number">4.3.3</span> Configuring the Buffers</h3>
<p>When data is transmitted via the serial port it is placed in buffers, both when receiving and sending data. This way, if you send data to the serial port faster than it can send it over the wire, it will be buffered. However, if you send too much data too fast the buffer will be full and data will be lost. In other words, the buffers are FIFO queues. The FIFO queue configuration byte looks like the following figure:</p>
<pre><code>Bit:     | 7 6 | 5  | 4 | 3   | 2   | 1   | 0 |
Content: | lvl | bs | r | dma | clt | clr | e |</code></pre>
<p>A description for each name can be found in the table below:</p>
<table>
<thead>
<tr class="header">
<th align="right">Name</th>
<th align="left">Description</th>
</tr>
</thead>
<tbody>
<tr class="odd">
<td align="right">lvl</td>
<td align="left">How many bytes should be stored in the FIFO buffers</td>
</tr>
<tr class="even">
<td align="right">bs</td>
<td align="left">If the buffers should be 16 or 64 bytes large</td>
</tr>
<tr class="odd">
<td align="right">r</td>
<td align="left">Reserved for future use</td>
</tr>
<tr class="even">
<td align="right">dma</td>
<td align="left">How the serial port data should be accessed</td>
</tr>
<tr class="odd">
<td align="right">clt</td>
<td align="left">Clear the transmission FIFO buffer</td>
</tr>
<tr class="even">
<td align="right">clr</td>
<td align="left">Clear the receiver FIFO buffer</td>
</tr>
<tr class="odd">
<td align="right">e</td>
<td align="left">If the FIFO buffer should be enabled or not</td>
</tr>
</tbody>
</table>
<p>We use the value <code>0xC7 = 11000111</code> that:</p>
<ul>
<li>Enables FIFO</li>
<li>Clear both receiver and transmission FIFO queues</li>
<li>Use 14 bytes as size of queue</li>
</ul>
<p>The WikiBook on serial programming <span class="citation">[32]</span> explains the values in more depth.</p>
<h3 id="configuring-the-modem"><span class="header-section-number">4.3.4</span> Configuring the Modem</h3>
<p>The modem control register is used for very simple hardware flow control via the Ready To Transmit (RTS) and Data Terminal Ready (DTR) pins. When configuring the serial port we want RTS and DTR to be 1, which means that we are ready to send data.</p>
<p>The modem configuration byte is shown in the following figure:</p>
<pre><code>Bit:     | 7 | 6 | 5  | 4  | 3   | 2   | 1   | 0   |
Content: | r | r | af | lb | ao2 | ao1 | rts | dtr |</code></pre>
<p>A description for each name can be found in the table below:</p>
<table>
<thead>
<tr class="header">
<th align="right">Name</th>
<th align="left">Description</th>
</tr>
</thead>
<tbody>
<tr class="odd">
<td align="right">r</td>
<td align="left">Reserved</td>
</tr>
<tr class="even">
<td align="right">af</td>
<td align="left">Autoflow control enabled</td>
</tr>
<tr class="odd">
<td align="right">lb</td>
<td align="left">Loopback mode (used for debugging serial ports)</td>
</tr>
<tr class="even">
<td align="right">ao2</td>
<td align="left">Auxiliary output 2, used for receiving interrupts</td>
</tr>
<tr class="odd">
<td align="right">ao1</td>
<td align="left">Auxiliary output 1</td>
</tr>
<tr class="even">
<td align="right">rts</td>
<td align="left">Ready To Transmit</td>
</tr>
<tr class="odd">
<td align="right">dtr</td>
<td align="left">Data Terminal Ready</td>
</tr>
</tbody>
</table>
<p>We don’t need to enable interrupts, because we won’t handle any received data. Therefore we use the configuration value <code>0x03 = 00000011</code> (RTS = 1 and DTS = 1).</p>
<h3 id="writing-data-to-the-serial-port"><span class="header-section-number">4.3.5</span> Writing Data to the Serial Port</h3>
<p>Writing data to the serial port is done via the data I/O port. However, before writing, the transmit FIFO queue has to be empty (all previous writes must have finished). The transmit FIFO queue is empty if bit 5 of the line status I/O port is equal to one.</p>
<p>Reading the contents of an I/O port is done via the <code>in</code> assembly code instruction. There is no way to use the <code>in</code> assembly code instruction from C, therefore it has to be wrapped (the same way as the <code>out</code> assembly code instruction):</p>
<pre class="sourceCode nasm"><code class="sourceCode nasm">    <span class="kw">global</span> inb

    <span class="co">; inb - returns a byte from the given I/O port</span>
    <span class="co">; stack: [esp + 4] The address of the I/O port</span>
    <span class="co">;        [esp    ] The return address</span>
<span class="fu">    inb:</span>
        <span class="kw">mov</span> <span class="kw">dx</span>, [<span class="kw">esp</span> + <span class="dv">4</span>]       <span class="co">; move the address of the I/O port to the dx register</span>
        <span class="kw">in</span>  <span class="kw">al</span>, <span class="kw">dx</span>              <span class="co">; read a byte from the I/O port and store it in the al register</span>
        <span class="kw">ret</span>                     <span class="co">; return the read byte</span></code></pre>
<pre class="sourceCode c"><code class="sourceCode c">    <span class="co">/* in file io.h */</span>

    <span class="co">/** inb:</span>
<span class="co">     *  Read a byte from an I/O port.</span>
<span class="co">     *</span>
<span class="co">     *  </span><span class="kw">@param</span><span class="co">  </span><span class="kw">port</span><span class="co"> The address of the I/O port</span>
<span class="co">     *  </span><span class="kw">@return</span><span class="co">      The read byte</span>
<span class="co">     */</span>
    <span class="dt">unsigned</span> <span class="dt">char</span> inb(<span class="dt">unsigned</span> <span class="dt">short</span> port);</code></pre>
<p>Checking if the transmit FIFO is empty can then be done from C:</p>
<pre class="sourceCode c"><code class="sourceCode c">    <span class="ot">#include &quot;io.h&quot;</span>

    <span class="co">/** serial_is_transmit_fifo_empty:</span>
<span class="co">     *  Checks whether the transmit FIFO queue is empty or not for the given COM</span>
<span class="co">     *  port.</span>
<span class="co">     *</span>
<span class="co">     *  </span><span class="kw">@param</span><span class="co">  </span><span class="kw">com</span><span class="co"> The COM port</span>
<span class="co">     *  </span><span class="kw">@return</span><span class="co"> 0 if the transmit FIFO queue is not empty</span>
<span class="co">     *          1 if the transmit FIFO queue is empty</span>
<span class="co">     */</span>
    <span class="dt">int</span> serial_is_transmit_fifo_empty(<span class="dt">unsigned</span> <span class="dt">int</span> com)
    {
        <span class="co">/* 0x20 = 0010 0000 */</span>
        <span class="kw">return</span> inb(SERIAL_LINE_STATUS_PORT(com)) &amp; <span class="bn">0x20</span>;
    }</code></pre>
<p>Writing to a serial port means spinning as long as the transmit FIFO queue isn’t empty, and then writing the data to the data I/O port.</p>
<h3 id="configuring-bochs"><span class="header-section-number">4.3.6</span> Configuring Bochs</h3>
<p>To save the output from the first serial serial port the Bochs configuration file <code>bochsrc.txt</code> must be updated. The <code>com1</code> configuration instructs Bochs how to handle first serial port:</p>
<pre><code>    com1: enabled=1, mode=file, dev=com1.out</code></pre>
<p>The output from serial port one will now be stored in the file <code>com1.out</code>.</p>
<h3 id="the-driver-1"><span class="header-section-number">4.3.7</span> The Driver</h3>
<p>We recommend that you implement a <code>write</code> function for the serial port similar to the <code>write</code> function in the driver for the framebuffer. To avoid name clashes with the <code>write</code> function for the framebuffer it is a good idea to name the functions <code>fb_write</code> and <code>serial_write</code> to distinguish them.</p>
<p>We further recommend that you try to write a <code>printf</code>-like function, see section 7.3 in <span class="citation">[8]</span>. The <code>printf</code> function could take an additional argument to decide to which device to write the output (framebuffer or serial).</p>
<p>A final recommendation is that you create some way of distinguishing the severeness of the log messages, for example by prepending the messages with <code>DEBUG</code>, <code>INFO</code> or <code>ERROR</code>.</p>
<h2 id="further-reading-2"><span class="header-section-number">4.4</span> Further Reading</h2>
<ul>
<li>The book “Serial programming” (available on WikiBooks) has a great section on programming the serial port, <a href="http://en.wikibooks.org/wiki/Serial_Programming/8250_UART_Programming#UART_Registers">http://en.wikibooks.org/wiki/Serial_Programming/8250_UART_Programming#UART_Registers</a></li>
<li>The OSDev wiki has a page with a lot of information about the serial ports, <a href="http://wiki.osdev.org/Serial_ports">http://wiki.osdev.org/Serial_ports</a></li>
</ul>
<h1 id="segmentation"><span class="header-section-number">5</span> Segmentation</h1>
<p><em>Segmentation</em> in x86 means accessing the memory through segments. Segments are portions of the address space, possibly overlapping, specified by a base address and a limit. To address a byte in segmented memory you use a 48-bit <em>logical address</em>: 16 bits that specifies the segment and 32-bits that specifies what offset within that segment you want. The offset is added to the base address of the segment, and the resulting linear address is checked against the segment’s limit - see the figure below. If everything works out fine (including access-rights checks ignored for now) the result is a <em>linear address</em>. When paging is disabled, then the linear address space is mapped 1:1 onto the <em>physical address</em> space, and the physical memory can be accessed. (See the chapter <a href="#paging">“Paging”</a> for how to enable paging.)</p>
<div class="figure">
<img src="images/intel_3_5_logical_to_linear.png" alt="Translation of logical addresses to linear addresses." /><p class="caption">Translation of logical addresses to linear addresses.</p>
</div>
<p>To enable segmentation you need to set up a table that describes each segment - a <em>segment descriptor table</em>. In x86, there are two types of descriptor tables: the <em>Global Descriptor Table</em> (GDT) and <em>Local Descriptor Tables</em> (LDT). An LDT is set up and managed by user-space processes, and all processes have their own LDT. LDTs can be used if a more complex segmentation model is desired - we won’t use it. The GDT is shared by everyone - it’s global.</p>
<p>As we discuss in the sections on virtual memory and paging, segmentation is rarely used more than in a minimal setup, similar to what we do below.</p>
<h2 id="accessing-memory"><span class="header-section-number">5.1</span> Accessing Memory</h2>
<p>Most of the time when accessing memory there is no need to explicitly specify the segment to use. The processor has six 16-bit segment registers: <code>cs</code>, <code>ss</code>, <code>ds</code>, <code>es</code>, <code>gs</code> and <code>fs</code>. The register <code>cs</code> is the code segment register and specifies the segment to use when fetching instructions. The register <code>ss</code> is used whenever accessing the stack (through the stack pointer <code>esp</code>), and <code>ds</code> is used for other data accesses. The OS is free to use the registers <code>es</code>, <code>gs</code> and <code>fs</code> however it want.</p>
<p>Below is an example showing implicit use of the segment registers:</p>
<pre class="sourceCode nasm"><code class="sourceCode nasm"><span class="fu">    func:</span>
        <span class="kw">mov</span> <span class="kw">eax</span>, [<span class="kw">esp</span><span class="dv">+4</span>]
        <span class="kw">mov</span> <span class="kw">ebx</span>, [<span class="kw">eax</span>]
        <span class="kw">add</span> <span class="kw">ebx</span>, <span class="dv">8</span>
        <span class="kw">mov</span> [<span class="kw">eax</span>], <span class="kw">ebx</span>
        <span class="kw">ret</span></code></pre>
<p>The above example can be compared with the following one that makes explicit use of the segment registers:</p>
<pre class="sourceCode nasm"><code class="sourceCode nasm"><span class="fu">    func:</span>
        <span class="kw">mov</span> <span class="kw">eax</span>, [<span class="kw">ss</span>:<span class="kw">esp</span><span class="dv">+4</span>]
        <span class="kw">mov</span> <span class="kw">ebx</span>, [<span class="kw">ds</span>:<span class="kw">eax</span>]
        <span class="kw">add</span> <span class="kw">ebx</span>, <span class="dv">8</span>
        <span class="kw">mov</span> [<span class="kw">ds</span>:<span class="kw">eax</span>], <span class="kw">ebx</span>
        <span class="kw">ret</span></code></pre>
<p>You don’t need to use <code>ss</code> for storing the stack segment selector, or <code>ds</code> for the data segment selector. You could store the stack segment selector in <code>ds</code> and vice versa. However, in order to use the implicit style shown above, you must store the segment selectors in their indented registers.</p>
<p>Segment descriptors and their fields are described in figure 3-8 in the Intel manual <span class="citation">[33]</span>.</p>
<h2 id="the-global-descriptor-table-gdt"><span class="header-section-number">5.2</span> The Global Descriptor Table (GDT)</h2>
<p>A GDT/LDT is an array of 8-byte segment descriptors. The first descriptor in the GDT is always a null descriptor and can never be used to access memory. At least two segment descriptors (plus the null descriptor) are needed for the GDT, because the descriptor contains more information than just the base and limit fields. The two most relevant fields for us are the <em>Type</em> field and the <em>Descriptor Privilege Level</em> (DPL) field.</p>
<p>Table 3-1 in chapter 3 of the Intel manual <span class="citation">[33]</span> specifies the values for the Type field. The table shows that the Type field can’t be both writable <em>and</em> executable at the same time. Therefore, two segments are needed: one segment for executing code to put in <code>cs</code> (Type is Execute-only or Execute-Read) and one segment for reading and writing data (Type is Read/Write) to put in the other segment registers.</p>
<p>The DPL specifies the <em>privilege levels</em> required to use the segment. x86 allows for four privilege levels (PL), 0 to 3, where PL0 is the most privileged. In most operating systems (eg. Linux and Windows), only PL0 and PL3 are used. However, some operating system, such as MINIX, make use of all levels. The kernel should be able to do anything, therefore it uses segments with DPL set to 0 (also called kernel mode). The current privilege level (CPL) is determined by the segment selector in <code>cs</code>.</p>
<p>The segments needed are described in the table below.</p>
<table>
<caption>The segment descriptors needed.</caption>
<thead>
<tr class="header">
<th align="right">Index</th>
<th align="right">Offset</th>
<th align="left">Name</th>
<th align="left">Address range</th>
<th align="left">Type</th>
<th align="left">DPL</th>
</tr>
</thead>
<tbody>
<tr class="odd">
<td align="right">0</td>
<td align="right"><code>0x00</code></td>
<td align="left">null descriptor</td>
<td align="left"></td>
<td align="left"></td>
<td align="left"></td>
</tr>
<tr class="even">
<td align="right">1</td>
<td align="right"><code>0x08</code></td>
<td align="left">kernel code segment</td>
<td align="left"><code>0x00000000 - 0xFFFFFFFF</code></td>
<td align="left">RX</td>
<td align="left">PL0</td>
</tr>
<tr class="odd">
<td align="right">2</td>
<td align="right"><code>0x10</code></td>
<td align="left">kernel data segment</td>
<td align="left"><code>0x00000000 - 0xFFFFFFFF</code></td>
<td align="left">RW</td>
<td align="left">PL0</td>
</tr>
</tbody>
</table>
<p>Note that the segments overlap - they both encompass the entire linear address space. In our minimal setup we’ll only use segmentation to get privilege levels. See the Intel manual <span class="citation">[33]</span>, chapter 3, for details on the other descriptor fields.</p>
<h2 id="loading-the-gdt"><span class="header-section-number">5.3</span> Loading the GDT</h2>
<p>Loading the GDT into the processor is done with the <code>lgdt</code> assembly code instruction, which takes the address of a struct that specifies the start and size of the GDT. It is easiest to encode this information using a <a href="#packing-structs">“packed struct”</a> as shown in the following example:</p>
<pre class="sourceCode c"><code class="sourceCode c">    <span class="kw">struct</span> gdt {
        <span class="dt">unsigned</span> <span class="dt">int</span> address;
        <span class="dt">unsigned</span> <span class="dt">short</span> size;
    } __attribute__((packed));</code></pre>
<p>If the content of the <code>eax</code> register is the address to such a struct, then the GDT can be loaded with the assembly code shown below:</p>
<pre class="sourceCode nasm"><code class="sourceCode nasm">    <span class="kw">lgdt</span> [<span class="kw">eax</span>]</code></pre>
<p>It might be easier if you make this instruction available from C, the same way as was done with the assembly code instructions <code>in</code> and <code>out</code>.</p>
<p>After the GDT has been loaded the segment registers needs to be loaded with their corresponding segment selectors. The content of a segment selector is described in the figure and table below:</p>
<pre><code>Bit:     | 15                                3 | 2  | 1 0 |
Content: | offset (index)                      | ti | rpl |</code></pre>
<table>
<caption>The layout of segment selectors.</caption>
<col width="23%" />
<col width="76%" />
<thead>
<tr class="header">
<th align="left">Name</th>
<th align="left">Description</th>
</tr>
</thead>
<tbody>
<tr class="odd">
<td align="left">rpl</td>
<td align="left">Requested Privilege Level - we want to execute in PL0 for now.</td>
</tr>
<tr class="even">
<td align="left">ti</td>
<td align="left">Table Indicator. 0 means that this specifies a GDT segment, 1 means an LDT Segment.</td>
</tr>
<tr class="odd">
<td align="left">offset (index)</td>
<td align="left">Offset within descriptor table.</td>
</tr>
</tbody>
</table>
<p>The offset of the segment selector is added to the start of the GDT to get the address of the segment descriptor: <code>0x08</code> for the first descriptor and <code>0x10</code> for the second, since each descriptor is 8 bytes. The Requested Privilege Level (RPL) should be <code>0</code> since the kernel of the OS should execute in privilege level 0.</p>
<p>Loading the segment selector registers is easy for the data registers - just copy the correct offsets to the registers:</p>
<pre class="sourceCode nasm"><code class="sourceCode nasm">    <span class="kw">mov</span> <span class="kw">ds</span><span class="bn">, 0x10</span>
    <span class="kw">mov</span> <span class="kw">ss</span><span class="bn">, 0x10</span>
    <span class="kw">mov</span> <span class="kw">es</span><span class="bn">, 0x10</span>
    .
    .
    .</code></pre>
<p>To load <code>cs</code> we have to do a “far jump”:</p>
<pre class="sourceCode nasm"><code class="sourceCode nasm">    <span class="co">; code here uses the previous cs</span>
    <span class="kw">jmp</span> <span class="bn">0x08</span>:flush_cs   <span class="co">; specify cs when jumping to flush_cs</span>

<span class="fu">    flush_cs:</span>
        <span class="co">; now we&#39;ve changed cs to 0x08</span></code></pre>
<p>A far jump is a jump where we explicitly specify the full 48-bit logical address: the segment selector to use and the absolute address to jump to. It will first set <code>cs</code> to <code>0x08</code> and then jump to <code>flush_cs</code> using its absolute address.</p>
<h2 id="further-reading-3"><span class="header-section-number">5.4</span> Further Reading</h2>
<ul>
<li>Chapter 3 of the Intel manual <span class="citation">[33]</span> is filled with low-level and technical details about segmentation.</li>
<li>The OSDev wiki has a page about segmentation: <a href="http://wiki.osdev.org/Segmentation">http://wiki.osdev.org/Segmentation</a></li>
<li>The Wikipedia page on x86 segmentation might be worth looking into: <a href="http://en.wikipedia.org/wiki/X86_memory_segmentation">http://en.wikipedia.org/wiki/X86_memory_segmentation</a></li>
</ul>
<h1 id="interrupts-and-input"><span class="header-section-number">6</span> Interrupts and Input</h1>
<p>Now that the OS can produce <em>output</em> it would be nice if it also could get some <em>input</em>. (The operating system must be able to handle <em>interrupts</em> in order to read information from the keyboard). An interrupt occurs when a hardware device, such as the keyboard, the serial port or the timer, signals the CPU that the state of the device has changed. The CPU itself can also send interrupts due to program errors, for example when a program references memory it doesn’t have access to, or when a program divides a number by zero. Finally, there are also <em>software intterupts</em>, which are interrupts that are caused by the <code>int</code> assembly code instruction, and they are often used for system calls.</p>
<h2 id="interrupts-handlers"><span class="header-section-number">6.1</span> Interrupts Handlers</h2>
<p>Interrupts are handled via the <em>Interrupt Descriptor Table</em> (IDT). The IDT describes a handler for each interrupt. The interrupts are numbered (0 - 255) and the handler for interrupt <em>i</em> is defined at the <em>ith</em> position in the table. There are three different kinds of handlers for interrupts:</p>
<ul>
<li>Task handler</li>
<li>Interrupt handler</li>
<li>Trap handler</li>
</ul>
<p>The task handlers use functionality specific to the Intel version of x86, so they won’t be covered here (see the Intel manual <span class="citation">[33]</span>, chapter 6, for more info). The only difference between an interrupt handler and a trap handler is that the interrupt handler disables interrupts, which means you cannot get an interrupt while at the same time handling an interrupt. In this book, we will use trap handlers and disable interrupts manually when we need to.</p>
<h2 id="creating-an-entry-in-the-idt"><span class="header-section-number">6.2</span> Creating an Entry in the IDT</h2>
<p>An entry in the IDT for an interrupt handler consists of 64 bits. The highest 32 bits are shown in the figure below:</p>
<pre><code>Bit:     | 31              16 | 15 | 14 13 | 12 | 11 | 10 9 8 | 7 6 5 | 4 3 2 1 0 |
Content: | offset high        | P  | DPL   | 0  | D  | 1  1 0 | 0 0 0 | reserved  |</code></pre>
<p>The lowest 32 bits are presented in the following figure:</p>
<pre><code>Bit:     | 31              16 | 15              0 |
Content: | segment selector   | offset low        |</code></pre>
<p>A description for each name can be found in the table below:</p>
<table>
<thead>
<tr class="header">
<th align="right">Name</th>
<th align="left">Description</th>
</tr>
</thead>
<tbody>
<tr class="odd">
<td align="right">offset high</td>
<td align="left">The 16 highest bits of the 32 bit address in the segment.</td>
</tr>
<tr class="even">
<td align="right">offset low</td>
<td align="left">The 16 lowest bits of the 32 bits address in the segment.</td>
</tr>
<tr class="odd">
<td align="right">p</td>
<td align="left">If the handler is present in memory or not (1 = present, 0 = not present).</td>
</tr>
<tr class="even">
<td align="right">DPL</td>
<td align="left">Descriptor Privilige Level, the privilege level the handler can be called from (0, 1, 2, 3).</td>
</tr>
<tr class="odd">
<td align="right">D</td>
<td align="left">Size of gate, (1 = 32 bits, 0 = 16 bits).</td>
</tr>
<tr class="even">
<td align="right">segment selector</td>
<td align="left">The offset in the GDT.</td>
</tr>
<tr class="odd">
<td align="right">r</td>
<td align="left">Reserved.</td>
</tr>
</tbody>
</table>
<p>The offset is a pointer to code (preferably an assembly code label). For example, to create an entry for a handler whose code starts at <code>0xDEADBEEF</code> and that runs in privilege level 0 (therefore using the same code segment selector as the kernel) the following two bytes would be used:</p>
<pre><code>    0xDEAD8E00
    0x0008BEEF</code></pre>
<p>If the IDT is represented as an <code>unsigned integer idt[512]</code> then to register the above example as an handler for interrupt 0 (divide-by-zero), the following code would be used:</p>
<pre class="sourceCode c"><code class="sourceCode c">    idt[<span class="dv">0</span>] = <span class="bn">0xDEAD8E00</span>
    idt[<span class="dv">1</span>] = <span class="bn">0x0008BEEF</span></code></pre>
<p>As written in the chapter <a href="#getting-to-c">“Getting to C”</a>, we recommend that you instead of using bytes (or unsigned integers) use packed structures to make the code more readable.</p>
<h2 id="handling-an-interrupt"><span class="header-section-number">6.3</span> Handling an Interrupt</h2>
<p>When an interrupt occurs the CPU will push some information about the interrupt onto the stack, then look up the appropriate interrupt hander in the IDT and jump to it. The stack at the time of the interrupt will look like the following:</p>
<pre><code>    [esp + 12] eflags
    [esp + 8]  cs
    [esp + 4]  eip
    [esp]      error code?</code></pre>
<p>The reason for the question mark behind error code is that not all interrupts create an <em>error code</em>. The specific CPU interrupts that put an error code on the stack are 8, 10, 11, 12, 13, 14 and 17. The error code can be used by the interrupt handler to get more information on what has happened. Also, note that the interrupt <em>number</em> is <em>not</em> pushed onto the stack. We can only determine what interrupt has occurred by knowing what code is executing - if the handler registered for interrupt 17 is executing, then interrupt 17 has occurred.</p>
<p>Once the interrupt handler is done, it uses the <code>iret</code> instruction to return. The instruction <code>iret</code> expects the stack to be the same as at the time of the interrupt (see the figure above). Therefore, any values pushed onto the stack by the interrupt handler must be popped. Before returning, <code>iret</code> restores <code>eflags</code> by popping the value from the stack and then finally jumps to <code>cs:eip</code> as specified by the values on the stack.</p>
<p>The interrupt handler has to be written in assembly code, since all registers that the interrupt handlers use must be preserved by pushing them onto the stack. This is because the code that was interrupted doesn’t know about the interrupt and will therefore expect that its registers stay the same. Writing all the logic of the interrupt handler in assembly code will be tiresome. Creating a handler in assembly code that saves the registers, calls a C function, restores the registers and finally executes <code>iret</code> is a good idea!</p>
<p>The C handler should get the state of the registers, the state of the stack and the number of the interrupt as arguments. The following definitions can for example be used:</p>
<pre class="sourceCode c"><code class="sourceCode c">    <span class="kw">struct</span> cpu_state {
        <span class="dt">unsigned</span> <span class="dt">int</span> eax;
        <span class="dt">unsigned</span> <span class="dt">int</span> ebx;
        <span class="dt">unsigned</span> <span class="dt">int</span> ecx;
        .
        .
        .
        <span class="dt">unsigned</span> <span class="dt">int</span> esp;
    } __attribute__((packed));

    <span class="kw">struct</span> stack_state {
        <span class="dt">unsigned</span> <span class="dt">int</span> error_code;
        <span class="dt">unsigned</span> <span class="dt">int</span> eip;
        <span class="dt">unsigned</span> <span class="dt">int</span> cs;
        <span class="dt">unsigned</span> <span class="dt">int</span> eflags;
    } __attribute__((packed));

    <span class="dt">void</span> interrupt_handler(<span class="kw">struct</span> cpu_state cpu, <span class="kw">struct</span> stack_state stack, <span class="dt">unsigned</span> <span class="dt">int</span> interrupt);</code></pre>
<h2 id="creating-a-generic-interrupt-handler"><span class="header-section-number">6.4</span> Creating a Generic Interrupt Handler</h2>
<p>Since the CPU does not push the interrupt number on the stack it is a little tricky to write a generic interrupt handler. This section will use macros to show how it can be done. Writing one version for each interrupt is tedious - it is better to use the macro functionality of NASM <span class="citation">[34]</span>. And since not all interrupts produce an error code the value 0 will be added as the “error code” for interrupts without an error code. The following code shows an example of how this can be done:</p>
<pre class="sourceCode nasm"><code class="sourceCode nasm">    <span class="ot">%macro no_error_code_interrupt_handler %1</span>
    <span class="kw">global</span> interrupt_handler_<span class="ot">%1</span>
    interrupt_handler_<span class="ot">%1:</span>
        <span class="kw">push</span>    <span class="dt">dword</span> <span class="dv">0</span>                     <span class="co">; push 0 as error code</span>
        <span class="kw">push</span>    <span class="dt">dword</span> <span class="ot">%1                    ; push the interrupt number</span>
        <span class="kw">jmp</span>     common_interrupt_handler    <span class="co">; jump to the common handler</span>
    <span class="ot">%endmacro</span>

    <span class="ot">%macro error_code_interrupt_handler %1</span>
    <span class="kw">global</span> interrupt_handler_<span class="ot">%1</span>
    interrupt_handler_<span class="ot">%1:</span>
        <span class="kw">push</span>    <span class="dt">dword</span> <span class="ot">%1                    ; push the interrupt number</span>
        <span class="kw">jmp</span>     common_interrupt_handler    <span class="co">; jump to the common handler</span>
    <span class="ot">%endmacro</span>

<span class="fu">    common_interrupt_handler:</span>               <span class="co">; the common parts of the generic interrupt handler</span>
        <span class="co">; save the registers</span>
        <span class="kw">push</span>    <span class="kw">eax</span>
        <span class="kw">push</span>    <span class="kw">ebx</span>
        .
        .
        .
        <span class="kw">push</span>    <span class="kw">ebp</span>

        <span class="co">; call the C function</span>
        <span class="kw">call</span>    interrupt_handler

        <span class="co">; restore the registers</span>
        <span class="kw">pop</span>     <span class="kw">ebp</span>
        .
        .
        .
        <span class="kw">pop</span>     <span class="kw">ebx</span>
        <span class="kw">pop</span>     <span class="kw">eax</span>

        <span class="co">; restore the esp</span>
        <span class="kw">add</span>     <span class="kw">esp</span>, <span class="dv">8</span>

        <span class="co">; return to the code that got interrupted</span>
        <span class="kw">iret</span>

    no_error_code_interrupt_handler <span class="dv">0</span>       <span class="co">; create handler for interrupt 0</span>
    no_error_code_interrupt_handler <span class="dv">1</span>       <span class="co">; create handler for interrupt 1</span>
    .
    .
    .
    error_code_handler              <span class="dv">7</span>       <span class="co">; create handler for interrupt 7</span>
    .
    .
    .</code></pre>
<p>The <code>common_interrupt_handler</code> does the following:</p>
<ul>
<li>Push the registers on the stack.</li>
<li>Call the C function <code>interrupt_handler</code>.</li>
<li>Pop the registers from the stack.</li>
<li>Add 8 to <code>esp</code> (because of the error code and the interrupt number pushed earlier).</li>
<li>Execute <code>iret</code> to return to the interrupted code.</li>
</ul>
<p>Since the macros declare global labels the addresses of the interrupt handlers can be accessed from C or assembly code when creating the IDT.</p>
<h2 id="loading-the-idt"><span class="header-section-number">6.5</span> Loading the IDT</h2>
<p>The IDT is loaded with the <code>lidt</code> assembly code instruction which takes the address of the first element in the table. It is easiest to wrap this instruction and use it from C:</p>
<pre class="sourceCode nasm"><code class="sourceCode nasm">    <span class="kw">global</span>  load_idt

    <span class="co">; load_idt - Loads the interrupt descriptor table (IDT).</span>
    <span class="co">; stack: [esp + 4] the address of the first entry in the IDT</span>
    <span class="co">;        [esp    ] the return address</span>
<span class="fu">    load_idt:</span>
        <span class="kw">mov</span>     <span class="kw">eax</span>, [<span class="kw">esp</span><span class="dv">+4</span>]    <span class="co">; load the address of the IDT into register eax</span>
        <span class="kw">lidt</span>    <span class="kw">eax</span>             <span class="co">; load the IDT</span>
        <span class="kw">ret</span>                     <span class="co">; return to the calling function</span></code></pre>
<h2 id="programmable-interrupt-controller-pic"><span class="header-section-number">6.6</span> Programmable Interrupt Controller (PIC)</h2>
<p>To start using hardware interrupts you must first configure the Programmable Interrupt Controller (PIC). The PIC makes it possible to map signals from the hardware to interrupts. The reasons for configuring the PIC are:</p>
<ul>
<li>Remap the interrupts. The PIC uses interrupts 0 - 15 for hardware interrupts by default, which conflicts with the CPU interrupts. Therefore the PIC interrupts must be remapped to another interval.</li>
<li>Select which interrupts to receive. You probably don’t want to receive interrupts from all devices since you don’t have code that handles these interrupts anyway.</li>
<li>Set up the correct mode for the PIC.</li>
</ul>
<p>In the beginning there was only one PIC (PIC 1) and eight interrupts. As more hardware were added, 8 interrupts were too few. The solution chosen was to chain on another PIC (PIC 2) on the first PIC (see interrupt 2 on PIC 1).</p>
<p>The hardware interrupts are shown in the table below:</p>
<table>
<thead>
<tr class="header">
<th align="right">PIC 1</th>
<th align="left">Hardware</th>
<th align="right">PIC 2</th>
<th align="left">Hardware</th>
</tr>
</thead>
<tbody>
<tr class="odd">
<td align="right">0</td>
<td align="left">Timer</td>
<td align="right">8</td>
<td align="left">Real Time Clock</td>
</tr>
<tr class="even">
<td align="right">1</td>
<td align="left">Keyboard</td>
<td align="right">9</td>
<td align="left">General I/O</td>
</tr>
<tr class="odd">
<td align="right">2</td>
<td align="left">PIC 2</td>
<td align="right">10</td>
<td align="left">General I/O</td>
</tr>
<tr class="even">
<td align="right">3</td>
<td align="left">COM 2</td>
<td align="right">11</td>
<td align="left">General I/O</td>
</tr>
<tr class="odd">
<td align="right">4</td>
<td align="left">COM 1</td>
<td align="right">12</td>
<td align="left">General I/O</td>
</tr>
<tr class="even">
<td align="right">5</td>
<td align="left">LPT 2</td>
<td align="right">13</td>
<td align="left">Coprocessor</td>
</tr>
<tr class="odd">
<td align="right">6</td>
<td align="left">Floppy disk</td>
<td align="right">14</td>
<td align="left">IDE Bus</td>
</tr>
<tr class="even">
<td align="right">7</td>
<td align="left">LPT 1</td>
<td align="right">15</td>
<td align="left">IDE Bus</td>
</tr>
</tbody>
</table>
<p>A great tutorial for configuring the PIC can be found at the SigOPS website <span class="citation">[35]</span>. We won’t repeat that information here.</p>
<p>Every interrupt from the PIC has to be acknowledged - that is, sending a message to the PIC confirming that the interrupt has been handled. If this isn’t done the PIC won’t generate any more interrupts.</p>
<p>Acknowledging a PIC interrupt is done by sending the byte <code>0x20</code> to the PIC that raised the interrupt. Implementing a <code>pic_acknowledge</code> function can thus be done as follows:</p>
<pre class="sourceCode c"><code class="sourceCode c">    <span class="ot">#include &quot;io.h&quot;</span>

    <span class="ot">#define PIC1_PORT_A 0x20</span>
    <span class="ot">#define PIC2_PORT_A 0xA0</span>

    <span class="co">/* The PIC interrupts have been remapped */</span>
    <span class="ot">#define PIC1_START_INTERRUPT 0x20</span>
    <span class="ot">#define PIC2_START_INTERRUPT 0x28</span>
    <span class="ot">#define PIC2_END_INTERRUPT   PIC2_START_INTERRUPT + 7</span>

    <span class="ot">#define PIC_ACK     0x20</span>

    <span class="co">/** pic_acknowledge:</span>
<span class="co">     *  Acknowledges an interrupt from either PIC 1 or PIC 2.</span>
<span class="co">     *</span>
<span class="co">     *  </span><span class="kw">@param</span><span class="co"> </span><span class="kw">num</span><span class="co"> The number of the interrupt</span>
<span class="co">     */</span>
    <span class="dt">void</span> pic_acknowledge(<span class="dt">unsigned</span> integer interrupt)
    {
        <span class="kw">if</span> (interrupt &lt; PIC1_START_INTERRUPT || interrupt &gt; PIC2_END_INTERRUPT) {
          <span class="kw">return</span>;
        }

        <span class="kw">if</span> (interrupt &lt; PIC2_START_INTERRUPT) {
          outb(PIC1_PORT_A, PIC_ACK);
        } <span class="kw">else</span> {
          outb(PIC2_PORT_A, PIC_ACK);
        }
    }</code></pre>
<h2 id="reading-input-from-the-keyboard"><span class="header-section-number">6.7</span> Reading Input from the Keyboard</h2>
<p>The keyboard does not generate ASCII characters, it generates scan codes. A scan code represents a button - both presses and releases. The scan code representing the just pressed button can be read from the keyboard’s data I/O port which has address <code>0x60</code>. How this can be done is shown in the following example:</p>
<pre class="sourceCode c"><code class="sourceCode c">    <span class="ot">#include &quot;io.h&quot;</span>

    <span class="ot">#define KBD_DATA_PORT   0x60</span>

    <span class="co">/** read_scan_code:</span>
<span class="co">     *  Reads a scan code from the keyboard</span>
<span class="co">     *</span>
<span class="co">     *  </span><span class="kw">@return</span><span class="co"> The scan code (NOT an ASCII character!)</span>
<span class="co">     */</span>
    <span class="dt">unsigned</span> <span class="dt">char</span> read_scan_code(<span class="dt">void</span>)
    {
        <span class="kw">return</span> inb(KBD_DATA_PORT);
    }</code></pre>
<p>The next step is to write a function that translates a scan code to the corresponding ASCII character. If you want to map the scan codes to ASCII characters as is done on an American keyboard then Andries Brouwer has a great tutorial <span class="citation">[36]</span>.</p>
<p>Remember, since the keyboard interrupt is raised by the PIC, you must call <code>pic_acknowledge</code> at the end of the keyboard interrupt handler. Also, the keyboard will not send you any more interrupts until you read the scan code from the keyboard.</p>
<h2 id="further-reading-4"><span class="header-section-number">6.8</span> Further Reading</h2>
<ul>
<li>The OSDev wiki has a great page on interrupts, <a href="http://wiki.osdev.org/Interrupts">http://wiki.osdev.org/Interrupts</a></li>
<li>Chapter 6 of Intel Manual 3a <span class="citation">[33]</span> describes everything there is to know about interrupts.</li>
</ul>
<h1 id="the-road-to-user-mode"><span class="header-section-number">7</span> The Road to User Mode</h1>
<p>Now that the kernel boots, prints to screen and reads from keyboard - what do we do? Usually, a kernel is not supposed to do the application logic itself, but leave that for applications. The kernel creates the proper abstractions (for memory, files, devices) to make application development easier, performs tasks on behalf of applications (system calls) and <a href="#scheduling">schedules processes</a>.</p>
<p>User mode, in contrast with kernel mode, is the environment in which the user’s programs execute. This environment is less privileged than the kernel, and will prevent (badly written) user programs from messing with other programs or the kernel. Badly written kernels are free to mess up what they want.</p>
<p>There’s quite a way to go until the OS created in this book can execute programs in user mode, but this chapter will show how to easily execute a small program in kernel mode.</p>
<h2 id="loading-an-external-program"><span class="header-section-number">7.1</span> Loading an External Program</h2>
<p>Where do we get the external program from? Somehow we need to load the code we want to execute into memory. More feature-complete operating systems usually have drivers and file systems that enable them to load the software from a CD-ROM drive, a hard disk or other persistent media.</p>
<p>Instead of creating all these drivers and file systems we will use a feature in GRUB called modules to load the program.</p>
<h3 id="grub-modules"><span class="header-section-number">7.1.1</span> GRUB Modules</h3>
<p>GRUB can load arbitrary files into memory from the ISO image, and these files are usually referred to as <em>modules</em>. To make GRUB load a module, edit the file <code>iso/boot/grub/menu.lst</code> and add the following line at the end of the file:</p>
<pre><code>    module /modules/program</code></pre>
<p>Now create the folder <code>iso/modules</code>:</p>
<pre><code>    mkdir -p iso/modules</code></pre>
<p>The application <code>program</code> will be created later in this chapter.</p>
<p>The code that calls <code>kmain</code> must be updated to pass information to <code>kmain</code> about where it can find the modules. We also want to tell GRUB that it should align all the modules on page boundaries when loading them (see the chapter <a href="#paging">“Paging”</a> for details about page alignment).</p>
<p>To instruct GRUB how to load our modules, the “multiboot header” - the first bytes of the kernel - must be updated as follows:</p>
<pre class="sourceCode nasm"><code class="sourceCode nasm">    <span class="co">; in file `loader.s`</span>


    MAGIC_NUMBER    <span class="dt">equ</span> <span class="bn">0x1BADB002</span>      <span class="co">; define the magic number constant</span>
    ALIGN_MODULES   <span class="dt">equ</span><span class="bn"> 0x00000001      </span><span class="co">; tell GRUB to align modules</span>

    <span class="co">; calculate the checksum (all options + checksum should equal 0)</span>
    CHECKSUM        <span class="dt">equ</span> -(MAGIC_NUMBER + ALIGN_MODULES)

    <span class="kw">section</span> .text:                      <span class="co">; start of the text (code) section</span>
    <span class="kw">align</span> <span class="dv">4</span>                             <span class="co">; the code must be 4 byte aligned</span>
        <span class="dt">dd</span> MAGIC_NUMBER                 <span class="co">; write the magic number</span>
        <span class="dt">dd</span> ALIGN_MODULES                <span class="co">; write the align modules instruction</span>
        <span class="dt">dd</span> CHECKSUM                     <span class="co">; write the checksum</span></code></pre>
<p>GRUB will also store a pointer to a <code>struct</code> in the register <code>ebx</code> that, among other things, describes at which addresses the modules are loaded. Therefore, you probably want to push <code>ebx</code> on the stack before calling <code>kmain</code> to make it an argument for <code>kmain</code>.</p>
<h2 id="executing-a-program"><span class="header-section-number">7.2</span> Executing a Program</h2>
<h3 id="a-very-simple-program"><span class="header-section-number">7.2.1</span> A Very Simple Program</h3>
<p>A program written at this stage can only perform a few actions. Therefore, a very short program that writes a value to a register suffices as a test program. Halting Bochs after a while and then check that register contains the correct number by looking in the Bochs log will verify that the program has run. This is an example of such a short program:</p>
<pre class="sourceCode nasm"><code class="sourceCode nasm">    <span class="co">; set eax to some distinguishable number, to read from the log afterwards</span>
    <span class="kw">mov</span> <span class="kw">eax</span>, <span class="bn">0xDEADBEEF</span>

    <span class="co">; enter infinite loop, nothing more to do</span>
    <span class="co">; $ means &quot;beginning of line&quot;, ie. the same instruction</span>
    <span class="kw">jmp</span> <span class="dv">$</span></code></pre>
<h3 id="compiling"><span class="header-section-number">7.2.2</span> Compiling</h3>
<p>Since our kernel cannot parse advanced executable formats we need to compile the code into a flat binary. NASM can do this with the flag <code>-f</code>:</p>
<pre><code>    nasm -f bin program.s -o program</code></pre>
<p>This is all we need. You must now move the file <code>program</code> to the folder <code>iso/modules</code>.</p>
<h3 id="finding-the-program-in-memory"><span class="header-section-number">7.2.3</span> Finding the Program in Memory</h3>
<p>Before jumping to the program we must find where it resides in memory. Assuming that the contents of <code>ebx</code> is passed as an argument to <code>kmain</code>, we can do this entirely from C.</p>
<p>The pointer in <code>ebx</code> points to a <em>multiboot</em> structure <span class="citation">[19]</span>. Download the <code>multiboot.h</code> file from <a href="http://www.gnu.org/software/grub/manual/multiboot/html_node/multiboot.h.html">http://www.gnu.org/software/grub/manual/multiboot/html_node/multiboot.h.html</a>, which describes the structure.</p>
<p>The pointer passed to <code>kmain</code> in the <code>ebx</code> register can be cast to a <code>multiboot_info_t</code> pointer. The address of the first module is in the field <code>mods_addr</code>. The following code shows an example:</p>
<pre class="sourceCode c"><code class="sourceCode c">    <span class="dt">int</span> kmain(<span class="co">/* additional arguments */</span> <span class="dt">unsigned</span> <span class="dt">int</span> ebx)
    {
        multiboot_info_t *mbinfo = (multiboot_info_t *) ebx;
        <span class="dt">unsigned</span> <span class="dt">int</span> address_of_module = mbinfo-&gt;mods_addr;
    }</code></pre>
<p>However, before just blindly following the pointer, you should check that the module got loaded correctly by GRUB. This can be done by checking the <code>flags</code> field of the <code>multiboot_info_t</code> structure. You should also check the field <code>mods_count</code> to make sure it is exactly 1. For more details about the multiboot structure, see the multiboot documentation <span class="citation">[19]</span>.</p>
<h3 id="jumping-to-the-code"><span class="header-section-number">7.2.4</span> Jumping to the Code</h3>
<p>The only thing left to do is to jump to the code loaded by GRUB. Since it is easier to parse the multiboot structure in C than assembly code, calling the code from C is more convenient (it can of course be done with <code>jmp</code> or <code>call</code> in assembly code as well). The C code could look like this:</p>
<pre class="sourceCode c"><code class="sourceCode c">    <span class="kw">typedef</span> <span class="dt">void</span> (*call_module_t)(<span class="dt">void</span>);
    <span class="co">/* ... */</span>
    call_module_t start_program = (call_module_t) address_of_module;
    start_program();
    <span class="co">/* we&#39;ll never get here, unless the module code returns */</span></code></pre>
<p>If we start the kernel, wait until it has run and entered the infinite loop in the program, and then halt Bochs, we should see <code>0xDEADBEEF</code> in the register <code>eax</code> via the Bochs log. We have successfully started a program in our OS!</p>
<h2 id="the-beginning-of-user-mode"><span class="header-section-number">7.3</span> The Beginning of User Mode</h2>
<p>The program we’ve written now runs at the same privilege level as the kernel - we’ve just entered it in a somewhat peculiar way. To enable applications to execute at a different privilege level we’ll need to, beside <a href="#segmentation"><em>segmentation</em></a>, do <a href="#paging"><em>paging</em></a> and <a href="#page-frame-allocation"><em>page frame allocation</em></a>.</p>
<p>It’s quite a lot of work and technical details to go through, but in a few chapters you’ll have working user mode programs.</p>
<h1 id="a-short-introduction-to-virtual-memory"><span class="header-section-number">8</span> A Short Introduction to Virtual Memory</h1>
<p><em>Virtual memory</em> is an abstraction of physical memory. The purpose of virtual memory is generally to simplify application development and to let processes address more memory than what is actually physically present in the machine. We also don’t want applications messing with the kernel or other applications’ memory due to security.</p>
<p>In the x86 architecture, virtual memory can be accomplished in two ways: <em>segmentation</em> and <em>paging</em>. Paging is by far the most common and versatile technique, and we’ll implement it the next chapter. Some use of segmentation is still necessary to allow for code to execute under different privilege levels.</p>
<p>Managing memory is a big part of what an operating system does. <a href="#paging">Paging</a> and <a href="#page-frame-allocation">page frame allocation</a> deals with that.</p>
<p>Segmentation and paging is described in the <span class="citation">[33]</span>, chapter 3 and 4.</p>
<h2 id="virtual-memory-through-segmentation"><span class="header-section-number">8.1</span> Virtual Memory Through Segmentation?</h2>
<p>You could skip paging entirely and just use segmentation for virtual memory. Each user mode process would get its own segment, with base address and limit properly set up. This way no process can see the memory of another process. A problem with this is that the physical memory for a process needs to be contiguous (or at least it is very convenient if it is). Either we need to know in advance how much memory the program will require (unlikely), or we can move the memory segments to places where they can grow when the limit is reached (expensive, causes fragmentation - can result in “out of memory” even though enough memory is available). Paging solves both these problems.</p>
<p>It is interesting to note that in x86_64 (the 64-bit version of the x86 architecture), segmentation is almost completely removed.</p>
<h2 id="further-reading-5"><span class="header-section-number">8.2</span> Further Reading</h2>
<ul>
<li>LWN.net has an article on virtual memory: <a href="http://lwn.net/Articles/253361/">http://lwn.net/Articles/253361/</a></li>
<li>Gustavo Duarte has also written an article about virtual memory: <a href="http://duartes.org/gustavo/blog/post/memory-translation-and-segmentation">http://duartes.org/gustavo/blog/post/memory-translation-and-segmentation</a></li>
</ul>
<h1 id="paging"><span class="header-section-number">9</span> Paging</h1>
<p>Segmentation translates a logical address into a linear address. <em>Paging</em> translates these linear addresses onto the physical address space, and determines access rights and how the memory should be cached.</p>
<h2 id="why-paging"><span class="header-section-number">9.1</span> Why Paging?</h2>
<p>Paging is the most common technique used in x86 to enable virtual memory. Virtual memory through paging means that each process will get the impression that the available memory range is <code>0x00000000</code> - <code>0xFFFFFFFF</code> even though the actual size of the memory might be much less. It also means that when a process addresses a byte of memory it will use a virtual (linear) address instead of physical one. The code in the user process won’t notice any difference (except for execution delays). The linear address gets translated to a physical address by the MMU and the page table. If the virtual address isn’t mapped to a physical address, the CPU will raise a page fault interrupt.</p>
<p>Paging is optional, and some operating systems do not make use of it. But if we want to mark certain areas of memory accessible only to code running at a certain privilege level (to be able to have processes running at different privilege levels), paging is the neatest way to do it.</p>
<h2 id="paging-in-x86"><span class="header-section-number">9.2</span> Paging in x86</h2>
<p>Paging in x86 (chapter 4 in the Intel manual <span class="citation">[33]</span>) consists of a <em>page directory</em> (PDT) that can contain references to 1024 <em>page tables</em> (PT), each of which can point to 1024 sections of physical memory called <em>page frames</em> (PF). Each page frame is 4096 byte large. In a virtual (linear) address, the highest 10 bits specifies the offset of a page directory entry (PDE) in the current PDT, the next 10 bits the offset of a page table entry (PTE) within the page table pointed to by that PDE. The lowest 12 bits in the address is the offset within the page frame to be addressed.</p>
<p>All page directories, page tables and page frames need to be aligned on 4096 byte addresses. This makes it possible to address a PDT, PT or PF with just the highest 20 bits of a 32 bit address, since the lowest 12 need to be zero.</p>
<p>The PDE and PTE structure is very similar to each other: 32 bits (4 bytes), where the highest 20 bits points to a PTE or PF, and the lowest 12 bits control access rights and other configurations. 4 bytes times 1024 equals 4096 bytes, so a page directory and page table both fit in a page frame themselves.</p>
<p>The translation of linear addresses to physical addresses is described in the figure below.</p>
<p>While pages are normally 4096 bytes, it is also possible to use 4 MB pages. A PDE then points directly to a 4 MB page frame, which needs to be aligned on a 4 MB address boundary. The address translation is almost the same as in the figure, with just the page table step removed. It is possible to mix 4 MB and 4 KB pages.</p>
<div class="figure">
<img src="images/intel_4_2_linear_address_translation.png" alt="Translating virtual addresses (linear addresses) to physical addresses." /><p class="caption">Translating virtual addresses (linear addresses) to physical addresses.</p>
</div>
<p>The 20 bits pointing to the current PDT is stored in the register <code>cr3</code>. The lower 12 bits of <code>cr3</code> are used for configuration.</p>
<p>For more details on the paging structures, see chapter 4 in the Intel manual <span class="citation">[33]</span>. The most interesting bits are <em>U/S</em>, which determine what privilege levels can access this page (PL0 or PL3), and <em>R/W</em>, which makes the memory in the page read-write or read-only.</p>
<h3 id="identity-paging"><span class="header-section-number">9.2.1</span> Identity Paging</h3>
<p>The simplest kind of paging is when we map each virtual address onto the same physical address, called <em>identity paging</em>. This can be done at compile time by creating a page directory where each entry points to its corresponding 4 MB frame. In NASM this can be done with macros and commands (<code>%rep</code>, <code>times</code> and <code>dd</code>). It can of course also be done at run-time by using ordinary assembly code instructions.</p>
<h3 id="enabling-paging"><span class="header-section-number">9.2.2</span> Enabling Paging</h3>
<p>Paging is enabled by first writing the address of a page directory to <code>cr3</code> and then setting bit 31 (the PG “paging-enable” bit) of <code>cr0</code> to <code>1</code>. To use 4 MB pages, set the PSE bit (Page Size Extensions, bit 4) of <code>cr4</code>. The following assembly code shows an example:</p>
<pre class="sourceCode nasm"><code class="sourceCode nasm">    <span class="co">; eax has the address of the page directory</span>
    <span class="kw">mov</span> <span class="kw">cr3</span>, <span class="kw">eax</span>

    <span class="kw">mov</span> <span class="kw">ebx</span>, <span class="kw">cr4</span>        <span class="co">; read current cr4</span>
    <span class="kw">or</span>  <span class="kw">ebx</span><span class="bn">, 0x00000010 </span><span class="co">; set PSE</span>
    <span class="kw">mov</span> <span class="kw">cr4</span>, <span class="kw">ebx</span>        <span class="co">; update cr4</span>

    <span class="kw">mov</span> <span class="kw">ebx</span>, <span class="kw">cr0</span>        <span class="co">; read current cr0</span>
    <span class="kw">or</span>  <span class="kw">ebx</span><span class="bn">, 0x80000000 </span><span class="co">; set PG</span>
    <span class="kw">mov</span> <span class="kw">cr0</span>, <span class="kw">ebx</span>        <span class="co">; update cr0</span>

    <span class="co">; now paging is enabled</span></code></pre>
<h3 id="a-few-details"><span class="header-section-number">9.2.3</span> A Few Details</h3>
<p>It is important to note that all addresses within the page directory, page tables and in <code>cr3</code> need to be physical addresses to the structures, never virtual. This will be more relevant in later sections where we dynamically update the paging structures (see the chapter <a href="#user-mode">“User Mode”</a>).</p>
<p>An instruction that is useful when an updating a PDT or PT is <code>invlpg</code>. It invalidates the <em>Translation Lookaside Buffer</em> (TLB) entry for a virtual address. The TLB is a cache for translated addresses, mapping physical addresses corresponding to virtual addresses. This is only required when changing a PDE or PTE that was previously mapped to something else. If the PDE or PTE had previously been marked as not present (bit 0 was set to 0), executing <code>invlpg</code> is unnecessary. Changing the value of <code>cr3</code> will cause all entries in the TLB to be invalidated.</p>
<p>An example of invalidating a TLB entry is shown below:</p>
<pre class="sourceCode nasm"><code class="sourceCode nasm">    <span class="co">; invalidate any TLB references to virtual address 0</span>
    <span class="kw">invlpg</span> [<span class="dv">0</span>]</code></pre>
<h2 id="paging-and-the-kernel"><span class="header-section-number">9.3</span> Paging and the Kernel</h2>
<p>This section will describe how paging affects the OS kernel. We encourage you to run your OS using identity paging before trying to implement a more advanced paging setup, since it can be hard to debug a malfunctioning page table that is set up via assembly code.</p>
<h3 id="reasons-to-not-identity-map-the-kernel"><span class="header-section-number">9.3.1</span> Reasons to Not Identity Map the Kernel</h3>
<p>If the kernel is placed at the beginning of the virtual address space - that is, the virtual address space (<code>0x00000000</code>, <code>&quot;size of kernel&quot;</code>) maps to the location of the kernel in memory - there will be issues when linking the user mode process code. Normally, during linking, the linker assumes that the code will be loaded into the memory position <code>0x00000000</code>. Therefore, when resolving absolute references, <code>0x00000000</code> will be the base address for calculating the exact position. But if the kernel is mapped onto the virtual address space (<code>0x00000000</code>, <code>&quot;size of kernel&quot;</code>), the user mode process cannot be loaded at virtual address <code>0x00000000</code> - it must be placed somewhere else. Therefore, the assumption from the linker that the user mode process is loaded into memory at position <code>0x00000000</code> is wrong. This can be corrected by using a linker script which tells the linker to assume a different starting address, but that is a very cumbersome solution for the users of the operating system.</p>
<p>This also assumes that we want the kernel to be part of the user mode process’ address space. As we will see later, this is a nice feature, since during system calls we don’t have to change any paging structures to get access to the kernel’s code and data. The kernel pages will of course require privilege level 0 for access, to prevent a user process from reading or writing kernel memory.</p>
<h3 id="the-virtual-address-for-the-kernel"><span class="header-section-number">9.3.2</span> The Virtual Address for the Kernel</h3>
<p>Preferably, the kernel should be placed at a very high virtual memory address, for example <code>0xC0000000</code> (3 GB). The user mode process is not likely to be 3 GB large, which is now the only way that it can conflict with the kernel. When the kernel uses virtual addresses at 3 GB and above it is called a <em>higher-half kernel</em>. <code>0xC0000000</code> is just an example, the kernel can be placed at any address higher than 0 to get the same benefits. Choosing the correct address depends on how much virtual memory should be available for the kernel (it is easiest if all memory above the kernel virtual address should belong to the kernel) and how much virtual memory should be available for the process.</p>
<p>If the user mode process is larger than 3 GB, some pages will need to be swapped out by the kernel. Swapping pages is not part of this book.</p>
<h3 id="placing-the-kernel-at-0xc0000000"><span class="header-section-number">9.3.3</span> Placing the Kernel at <code>0xC0000000</code></h3>
<p>To start with, it is better to place the kernel at <code>0xC0100000</code> than <code>0xC0000000</code>, since this makes it possible to map (<code>0x00000000</code>, <code>0x00100000</code>) to (<code>0xC0000000</code>, <code>0xC0100000</code>). This way, the entire range (<code>0x00000000</code>, <code>&quot;size of kernel&quot;</code>) of memory is mapped to the range (<code>0xC0000000</code>, <code>0xC0000000  + &quot;size of kernel&quot;</code>).</p>
<p>Placing the kernel at <code>0xC0100000</code> isn’t hard, but it does require some thought. This is once again a linking problem. When the linker resolves all absolute references in the kernel, it will assume that our kernel is loaded at physical memory location <code>0x00100000</code>, not <code>0x00000000</code>, since relocation is used in the linker script (see the section <a href="#linking-the-kernel">“Linking the kernel”</a>). However, we want the jumps to be resolved using <code>0xC0100000</code> as base address, since otherwise a kernel jump will jump straight into the user mode process code (remember that the user mode process is loaded at virtual memory <code>0x00000000</code>).</p>
<p>However, we can’t simply tell the linker to assume that the kernel starts (is loaded) at <code>0xC01000000</code>, since we want it to be loaded at the physical address <code>0x00100000</code>. The reason for having the kernel loaded at 1 MB is because it can’t be loaded at <code>0x00000000</code>, since there is BIOS and GRUB code loaded below 1 MB. Furthermore, we cannot assume that we can load the kernel at <code>0xC0100000</code>, since the machine might not have 3 GB of physical memory.</p>
<p>This can be solved by using both relocation (<code>.=0xC0100000</code>) and the <code>AT</code> instruction in the linker script. Relocation specifies that non-relative memory-references should should use the relocation address as base in address calculations. <code>AT</code> specifies where the kernel should be loaded into memory. Relocation is done at link time by GNU ld <span class="citation">[37]</span>, the load address specified by <code>AT</code> is handled by GRUB when loading the kernel, and is part of the ELF format <span class="citation">[18]</span>.</p>
<h3 id="higher-half-linker-script"><span class="header-section-number">9.3.4</span> Higher-half Linker Script</h3>
<p>We can modify the <a href="#linking-the-kernel">first linker script</a> to implement this:</p>
<pre><code>    ENTRY(loader)           /* the name of the entry symbol */

    . = 0xC0100000          /* the code should be relocated to 3GB + 1MB */

    /* align at 4 KB and load at 1 MB */
    .text ALIGN (0x1000) : AT(ADDR(.text)-0xC0000000)
    {
        *(.text)            /* all text sections from all files */
    }

    /* align at 4 KB and load at 1 MB + . */
    .rodata ALIGN (0x1000) : AT(ADDR(.text)-0xC0000000)
    {
        *(.rodata*)         /* all read-only data sections from all files */
    }

    /* align at 4 KB and load at 1 MB + . */
    .data ALIGN (0x1000) : AT(ADDR(.text)-0xC0000000)
    {
        *(.data)            /* all data sections from all files */
    }

    /* align at 4 KB and load at 1 MB + . */
    .bss ALIGN (0x1000) : AT(ADDR(.text)-0xC0000000)
    {
        *(COMMON)           /* all COMMON sections from all files */
        *(.bss)             /* all bss sections from all files */
    }</code></pre>
<h3 id="entering-the-higher-half"><span class="header-section-number">9.3.5</span> Entering the Higher Half</h3>
<p>When GRUB jumps to the kernel code, there is no paging table. Therefore, all references to <code>0xC0100000 + X</code> won’t be mapped to the correct physical address, and will therefore cause a general protection exception (GPE) at the very best, otherwise (if the computer has more than 3 GB of memory) the computer will just crash.</p>
<p>Therefore, assembly code that doesn’t use relative jumps or relative memory addressing must be used to do the following:</p>
<ul>
<li>Set up a page table.</li>
<li>Add identity mapping for the first 4 MB of the virtual address space.</li>
<li>Add an entry for <code>0xC0100000</code> that maps to <code>0x0010000</code></li>
</ul>
<p>If we skip the identity mapping for the first 4 MB, the CPU would generate a page fault immediately after paging was enabled when trying to fetch the next instruction from memory. After the table has been created, an jump can be done to a label to make <code>eip</code> point to a virtual address in the higher half:</p>
<pre class="sourceCode nasm"><code class="sourceCode nasm">    <span class="co">; assembly code executing at around 0x00100000</span>
    <span class="co">; enable paging for both actual location of kernel</span>
    <span class="co">; and its higher-half virtual location</span>

    <span class="kw">lea</span> <span class="kw">ebx</span>, [higher_half] <span class="co">; load the address of the label in ebx</span>
    <span class="kw">jmp</span> <span class="kw">ebx</span>                <span class="co">; jump to the label</span>

<span class="fu">    higher_half:</span>
        <span class="co">; code here executes in the higher half kernel</span>
        <span class="co">; eip is larger than 0xC0000000</span>
        <span class="co">; can continue kernel initialisation, calling C code, etc.</span></code></pre>
<p>The register <code>eip</code> will now point to a memory location somewhere right after <code>0xC0100000</code> - all the code can now execute as if it were located at <code>0xC0100000</code>, the higher-half. The entry mapping of the first 4 MB of virtual memory to the first 4 MB of physical memory can now be removed from the page table and its corresponding entry in the TLB invalidated with <code>invlpg [0]</code>.</p>
<h3 id="running-in-the-higher-half"><span class="header-section-number">9.3.6</span> Running in the Higher Half</h3>
<p>There are a few more details we must deal with when using a higher-half kernel. We must be careful when using memory-mapped I/O that uses specific memory locations. For example, the frame buffer is located at <code>0x000B8000</code>, but since there is no entry in the page table for the address <code>0x000B8000</code> any longer, the address <code>0xC00B8000</code> must be used, since the virtual address <code>0xC0000000</code> maps to the physical address <code>0x00000000</code>.</p>
<p>Any explicit references to addresses within the multiboot structure needs to be changed to reflect the new virtual addresses as well.</p>
<p>Mapping 4 MB pages for the kernel is simple, but wastes memory (unless you have a really big kernel). Creating a higher-half kernel mapped in as 4 KB pages saves memory but is harder to set up. Memory for the page directory and one page table can be reserved in the <code>.data</code> section, but one needs to configure the mappings from virtual to physical addresses at run-time. The size of the kernel can be determined by exporting labels from the linker script <span class="citation">[37]</span>, which we’ll need to do later anyway when writing the page frame allocator (see the chapter <a href="#page-frame-allocation">“Page Frame Allocation</a>).</p>
<h2 id="virtual-memory-through-paging"><span class="header-section-number">9.4</span> Virtual Memory Through Paging</h2>
<p>Paging enables two things that are good for virtual memory. First, it allows for fine-grained access control to memory. You can mark pages as read-only, read-write, only for PL0 etc. Second, it creates the illusion of contiguous memory. User mode processes, and the kernel, can access memory as if it were contiguous, and the contiguous memory can be extended without the need to move data around in memory. We can also allow the user mode programs access to all memory below 3 GB, but unless they actually use it, we don’t have to assign page frames to the pages. This allows processes to have code located near <code>0x00000000</code> and the stack at just below <code>0xC0000000</code>, and still not require more than two actual pages.</p>
<h2 id="further-reading-6"><span class="header-section-number">9.5</span> Further Reading</h2>
<ul>
<li>Chapter 4 (and to some extent chapter 3) of the Intel manual <span class="citation">[33]</span> are your definitive sources for the details about paging.</li>
<li>Wikipedia has an article on paging: <a href="http://en.wikipedia.org/wiki/Paging">http://en.wikipedia.org/wiki/Paging</a></li>
<li>The OSDev wiki has a page on paging: <a href="http://wiki.osdev.org/Paging">http://wiki.osdev.org/Paging</a> and a tutorial for making a higher-half kernel: <a href="http://wiki.osdev.org/Higher_Half_bare_bones">http://wiki.osdev.org/Higher_Half_bare_bones</a></li>
<li>Gustavo Duarte’s article on how a kernel manages memory is well worth a read: <a href="http://duartes.org/gustavo/blog/post/anatomy-of-a-program-in-memory">http://duartes.org/gustavo/blog/post/anatomy-of-a-program-in-memory</a></li>
<li>Details on the linker command language can be found at Steve Chamberlain’s website <span class="citation">[37]</span>.</li>
<li>More details on the ELF format can be found in this presentation: <a href="http://flint.cs.yale.edu/cs422/doc/ELF_Format.pdf">http://flint.cs.yale.edu/cs422/doc/ELF_Format.pdf</a></li>
</ul>
<h1 id="page-frame-allocation"><span class="header-section-number">10</span> Page Frame Allocation</h1>
<p>When using virtual memory, how does the OS know which parts of memory are free to use? That is the role of the page frame allocator.</p>
<h2 id="managing-available-memory"><span class="header-section-number">10.1</span> Managing Available Memory</h2>
<h3 id="how-much-memory-is-there"><span class="header-section-number">10.1.1</span> How Much Memory is There?</h3>
<p>First we need to know how much memory is available on the computer the OS is running on. The easiest way to do this is to read it from the multiboot structure <span class="citation">[19]</span> passed to us by GRUB. GRUB collects the information we need about the memory - what is reserved, I/O mapped, read-only etc. We must also make sure that we don’t mark the part of memory used by the kernel as free (since GRUB doesn’t mark this memory as reserved). One way to know how much memory the kernel uses is to export labels at the beginning and the end of the kernel binary from the linker script:</p>
<pre><code>    ENTRY(loader)           /* the name of the entry symbol */

    . = 0xC0100000          /* the code should be relocated to 3 GB + 1 MB */

    /* these labels get exported to the code files */
    kernel_virtual_start = .;
    kernel_physical_start = . - 0xC0000000;

    /* align at 4 KB and load at 1 MB */
    .text ALIGN (0x1000) : AT(ADDR(.text)-0xC0000000)
    {
        *(.text)            /* all text sections from all files */
    }

    /* align at 4 KB and load at 1 MB + . */
    .rodata ALIGN (0x1000) : AT(ADDR(.rodata)-0xC0000000)
    {
        *(.rodata*)         /* all read-only data sections from all files */
    }

    /* align at 4 KB and load at 1 MB + . */
    .data ALIGN (0x1000) : AT(ADDR(.data)-0xC0000000)
    {
        *(.data)            /* all data sections from all files */
    }

    /* align at 4 KB and load at 1 MB + . */
    .bss ALIGN (0x1000) : AT(ADDR(.bss)-0xC0000000)
    {
        *(COMMON)           /* all COMMON sections from all files */
        *(.bss)             /* all bss sections from all files */
    }

    kernel_virtual_end = .;
    kernel_physical_end = . - 0xC0000000;</code></pre>
<p>These labels can directly be read from assembly code and pushed on the stack to make them available to C code:</p>
<pre class="sourceCode nasm"><code class="sourceCode nasm">    <span class="kw">extern</span> kernel_virtual_start
    <span class="kw">extern</span> kernel_virtual_end
    <span class="kw">extern</span> kernel_physical_start
    <span class="kw">extern</span> kernel_physical_end

    <span class="co">; ...</span>

    <span class="kw">push</span> kernel_physical_end
    <span class="kw">push</span> kernel_physical_start
    <span class="kw">push</span> kernel_virtual_end
    <span class="kw">push</span> kernel_virtual_start

    <span class="kw">call</span> kmain</code></pre>
<p>This way we get the labels as arguments to <code>kmain</code>. If you want to use C instead of assembly code, one way to do it is to declare the labels as functions and take the addresses of these functions:</p>
<pre class="sourceCode c"><code class="sourceCode c">    <span class="dt">void</span> kernel_virtual_start(<span class="dt">void</span>);

    <span class="co">/* ... */</span>

    <span class="dt">unsigned</span> <span class="dt">int</span> vaddr = (<span class="dt">unsigned</span> <span class="dt">int</span>) &amp;kernel_virtual_start;</code></pre>
<p>If you use GRUB modules you need to make sure the memory they use is marked as reserved as well.</p>
<p>Note that the available memory does not need to be contiguous. In the first 1 MB there are several I/O-mapped memory sections, as well as memory used by GRUB and the BIOS. Other parts of the memory might be similarly unavailable.</p>
<p>It’s convenient to divide the memory sections into complete page frames, as we can’t map part of pages into memory.</p>
<h3 id="managing-available-memory-1"><span class="header-section-number">10.1.2</span> Managing Available Memory</h3>
<p>How do we know which page frames are in use? The page frame allocator needs to keep track of which are free and which aren’t. There are several ways to do this: bitmaps, linked lists, trees, the Buddy System (used by Linux) etc. For more information about the different algorithms see the article on OSDev <span class="citation">[38]</span>.</p>
<p>Bitmaps are quite easy to implement. One bit is used for each page frame and one (or more) page frames are dedicated to store the bitmap. (Note that this is just one way to do it, other designs might be better and/or more fun to implement.)</p>
<h2 id="how-can-we-access-a-page-frame"><span class="header-section-number">10.2</span> How Can We Access a Page Frame?</h2>
<p>The page frame allocator returns the physical start address of the page frame. This page frame is not mapped in - no page table points to this page frame. How can we read and write data to the frame?</p>
<p>We need to map the page frame into virtual memory, by updating the PDT and/or PT used by the kernel. What if all available page tables are full? Then we can’t map the page frame into memory, because we’d need a new page table - which takes up an entire page frame - and to write to this page frame we’d need to map its page frame… Somehow this circular dependency must be broken.</p>
<p>One solution is to reserve a part of the first page table used by the kernel (or some other higher-half page table) for temporarily mapping page frames to make them accessible. If the kernel is mapped at <code>0xC0000000</code> (page directory entry with index 768), and 4 KB page frames are used, then the kernel has at least one page table. If we assume - or limit us to - a kernel of size at most 4 MB minus 4 KB we can dedicate the last entry (entry 1023) of this page table for temporary mappings. The virtual address of pages mapped in using the last entry of the kernel’s PT will be:</p>
<pre><code>    (768 &lt;&lt; 22) | (1023 &lt;&lt; 12) | 0x000 = 0xC03FF000</code></pre>
<p>After we’ve temporarily mapped the page frame we want to use as a page table, and set it up to map in our first page frame, we can add it to the paging directory, and remove the temporary mapping.</p>
<h2 id="a-kernel-heap"><span class="header-section-number">10.3</span> A Kernel Heap</h2>
<p>So far we’ve only been able to work with fixed-size data, or directly with raw memory. Now that we have a page frame allocator we can implement <code>malloc</code> and <code>free</code> to use in the kernel.</p>
<p>Kernighan and Ritchie <span class="citation">[8]</span> have an example implementation in their book <span class="citation">[8]</span> that we can draw inspiration from. The only modification we need to do is to replace calls to <code>sbrk</code>/<code>brk</code> with calls to the page frame allocator when more memory is needed. We must also make sure to map the page frames returned by the page frame allocator to virtual addresses. A correct implementation should also return page frames to the page frame allocator on call to <code>free</code>, whenever sufficiently large blocks of memory are freed.</p>
<h2 id="further-reading-7"><span class="header-section-number">10.4</span> Further reading</h2>
<ul>
<li>The OSDev wiki page on page frame allocation: <a href="http://wiki.osdev.org/Page_Frame_Allocation">http://wiki.osdev.org/Page_Frame_Allocation</a></li>
</ul>
<h1 id="user-mode"><span class="header-section-number">11</span> User Mode</h1>
<p>User mode is now almost within our reach, there are just a few more steps required to get there. Although these steps might seem easy they way they are presented in this chapter, they can be tricky to implement, since there are a lot of places where small errors will cause bugs that are hard to find.</p>
<h2 id="segments-for-user-mode"><span class="header-section-number">11.1</span> Segments for User Mode</h2>
<p>To enable user mode we need to add two more segments to the GDT. They are very similar to the kernel segments we added when we <a href="#the-global-descriptor-table-gdt">set up the GDT</a> in the <a href="#segmentation">chapter about segmentation</a>:</p>
<table>
<caption>The segment descriptors needed for user mode.</caption>
<thead>
<tr class="header">
<th align="right">Index</th>
<th align="right">Offset</th>
<th align="left">Name</th>
<th align="left">Address range</th>
<th align="left">Type</th>
<th align="left">DPL</th>
</tr>
</thead>
<tbody>
<tr class="odd">
<td align="right">3</td>
<td align="right"><code>0x18</code></td>
<td align="left">user code segment</td>
<td align="left"><code>0x00000000 - 0xFFFFFFFF</code></td>
<td align="left">RX</td>
<td align="left">PL3</td>
</tr>
<tr class="even">
<td align="right">4</td>
<td align="right"><code>0x20</code></td>
<td align="left">user data segment</td>
<td align="left"><code>0x00000000 - 0xFFFFFFFF</code></td>
<td align="left">RW</td>
<td align="left">PL3</td>
</tr>
</tbody>
</table>
<p>The difference is the DPL, which now allows code to execute in PL3. The segments can still be used to address the entire address space, just using these segments for user mode code will not protect the kernel. For that we need paging.</p>
<h2 id="setting-up-for-user-mode"><span class="header-section-number">11.2</span> Setting Up For User Mode</h2>
<p>There are a few things every user mode process needs:</p>
<ul>
<li><p>Page frames for code, data and stack. At the moment it suffices to allocate one page frame for the stack and enough page frames to fit the program’s code. Don’t worry about setting up a stack that can be grow and shrink at this point in time, focus on getting a basic implementation work first.</p></li>
<li><p>The binary from the GRUB module has to be copied to the page frames used for the programs code.</p></li>
<li><p>A page directory and page tables are needed to map the page frames described above into memory. At least two page tables are needed, because the code and data should be mapped in at <code>0x00000000</code> and increasing, and the stack should start just below the kernel, at <code>0xBFFFFFFB</code>, growing towards lower addresses. The U/S flag has to be set to allow PL3 access.</p></li>
</ul>
<p>It might be convenient to store this information in a <code>struct</code> representing a process. This process <code>struct</code> can be dynamically allocated with the kernel’s <code>malloc</code> function.</p>
<h2 id="entering-user-mode"><span class="header-section-number">11.3</span> Entering User Mode</h2>
<p>The only way to execute code with a lower privilege level than the current privilege level (CPL) is to execute an <code>iret</code> or <code>lret</code> instruction - interrupt return or long return, respectively.</p>
<p>To enter user mode we set up the stack as if the processor had raised an inter-privilege level interrupt. The stack should look like the following:</p>
<pre><code>    [esp + 16]  ss      ; the stack segment selector we want for user mode
    [esp + 12]  esp     ; the user mode stack pointer
    [esp +  8]  eflags  ; the control flags we want to use in user mode
    [esp +  4]  cs      ; the code segment selector
    [esp +  0]  eip     ; the instruction pointer of user mode code to execute</code></pre>
<p>See the Intel manual <span class="citation">[33]</span>, section 6.2.1, figure 6-4 for more information.</p>
<p>The instruction <code>iret</code> will then read these values from the stack and fill in the corresponding registers. Before we execute <code>iret</code> we need to change to the page directory we setup for the user mode process. It is important to remember that to continue executing kernel code after we’ve switched PDT, the kernel needs to be mapped in. One way to accomplish this is to have a separate PDT for the kernel, which maps all data at <code>0xC0000000</code> and above, and merge it with the user PDT (which only maps below <code>0xC0000000</code>) when performing the switch. Remember that physical address of the PDT has to be used when setting the register <code>cr3</code>.</p>
<p>The register <code>eflags</code> contains a set of different flags, specified in section 2.3 of the Intel manual <span class="citation">[33]</span>. Most important for us is the interrupt enable (IF) flag. The assembly code instruction <code>sti</code> can’t be used in privilege level 3 for enabling interrupts. If interrupts are disabled when entering user mode, then interrupts can’t enabled once user mode is entered. Setting the IF flag in the <code>eflags</code> entry on the stack will enable interrupts in user mode, since the assembly code instruction <code>iret</code> will set the register <code>eflags</code> to the corresponding value on the stack.</p>
<p>For now, we should have interrupts disabled, as it requires a little more work to get inter-privilege level interrupts to work properly (see the section <a href="#system-calls">“System calls”</a>).</p>
<p>The value <code>eip</code> on the stack should point to the entry point for the user code - <code>0x00000000</code> in our case. The value <code>esp</code> on the stack should be where the stack starts - <code>0xBFFFFFFB</code> (<code>0xC0000000 - 4</code>).</p>
<p>The values <code>cs</code> and <code>ss</code> on the stack should be the segment selectors for the user code and user data segments, respectively. As we saw in the <a href="#creating-and-loading-the-gdt">segmentation chapter</a>, the lowest two bits of a segment selector is the RPL - the Requested Privilege Level. When using <code>iret</code> to enter PL3, the RPL of <code>cs</code> and <code>ss</code> should be <code>0x3</code>. The following code shows an example:</p>
<pre class="sourceCode nasm"><code class="sourceCode nasm">    USER_MODE_CODE_SEGMENT_SELECTOR <span class="dt">equ</span><span class="bn"> 0x18</span>
    USER_MODE_DATA_SEGMENT_SELECTOR <span class="dt">equ</span><span class="bn"> 0x20</span>
    <span class="kw">mov</span> <span class="kw">cs</span>, USER_MODE_CODE_SEGMENT_SELECTOR |<span class="bn"> 0x3</span>
    <span class="kw">mov</span> <span class="kw">ss</span>, USER_MODE_DATA_SEGMENT_SELECTOR |<span class="bn"> 0x3</span></code></pre>
<p>The register <code>ds</code>, and the other data segment registers, should be set to the same segment selector as <code>ss</code>. They can be set the ordinary way, with the <code>mov</code> assembly code instruction.</p>
<p>We are now ready to execute <code>iret</code>. If everything has been set up right, we should now have a kernel that can enter user mode.</p>
<h2 id="using-c-for-user-mode-programs"><span class="header-section-number">11.4</span> Using C for User Mode Programs</h2>
<p>When C is used as the programming language for user mode programs, it is important to think about the structure of the file that will be the result of the compilation.</p>
<p>The reason we can use ELF <span class="citation">[18]</span> as the file format for for the kernel executable is because GRUB knows how to parse and interpret the ELF file format. If we implemented an ELF parser, we could compile the user mode programs into ELF binaries as well. We leave this as an exercise for the reader.</p>
<p>One thing we can do to make it easier to develop user mode programs is to allow the programs to be written in C, but compile them to flat binaries instead of ELF binaries. In C the layout of the generated code is more unpredictable and the entry point, <code>main</code>, might not be at offset 0 in the binary. One common way to work around this is to add a few assembly code lines placed at offset 0 which calls <code>main</code>:</p>
<pre class="sourceCode nasm"><code class="sourceCode nasm">    <span class="kw">extern</span> main

    <span class="kw">section</span> .text
        <span class="co">; push argv</span>
        <span class="co">; push argc</span>
        <span class="kw">call</span> main
        <span class="co">; main has returned, eax is return value</span>
        <span class="kw">jmp</span>  <span class="dv">$</span>    <span class="co">; loop forever</span></code></pre>
<p>If this code is saved in a file called <code>start.s</code>, then the following code show an example of a linker script that places these instructions first in executable (remember that <code>start.s</code> gets compiled to <code>start.o</code>):</p>
<pre><code>    OUTPUT_FORMAT(&quot;binary&quot;)    /* output flat binary */

    SECTIONS
    {
        . = 0;                 /* relocate to address 0 */

        .text ALIGN(4):
        {
            start.o(.text)     /* include the .text section of start.o */
            *(.text)           /* include all other .text sections */
        }

        .data ALIGN(4):
        {
            *(.data)
        }

        .rodata ALIGN(4):
        {
            *(.rodata*)
        }
    }</code></pre>
<p><em>Note</em>: <code>*(.text)</code> will not include the <code>.text</code> section of <code>start.o</code> again.</p>
<p>With this script we can write programs in C or assembler (or any other language that compiles to object files linkable with <code>ld</code>), and it is easy to load and map for the kernel (<code>.rodata</code> will be mapped in as writeable, though).</p>
<p>When we compile user programs we want the following GCC flags:</p>
<pre><code>    -m32 -nostdlib -nostdinc -fno-builtin -fno-stack-protector -nostartfiles
    -nodefaultlibs</code></pre>
<p>For linking, the followings flags should be used:</p>
<pre><code>    -T link.ld -melf_i386  # emulate 32 bits ELF, the binary output is specified
                           # in the linker script</code></pre>
<p>The option <code>-T</code> instructs the linker to use the linker script <code>link.ld</code>.</p>
<h3 id="a-c-library"><span class="header-section-number">11.4.1</span> A C Library</h3>
<p>It might now be interesting to start thinking about writing a small “standard library” for your programs. Some of the functionality requires <a href="#system-calls">system calls</a> to work, but some, such as the functions in <code>string.h</code>, does not.</p>
<h2 id="further-reading-8"><span class="header-section-number">11.5</span> Further Reading</h2>
<ul>
<li>Gustavo Duarte has an article on privilege levels: <a href="http://duartes.org/gustavo/blog/post/cpu-rings-privilege-and-protection">http://duartes.org/gustavo/blog/post/cpu-rings-privilege-and-protection</a></li>
</ul>
<h1 id="file-systems"><span class="header-section-number">12</span> File Systems</h1>
<p>We are not required to have file systems in our operating system, but it is a very usable abstraction, and it often plays a central part of many operating systems, especially UNIX-like operating systems. Before we start the process of supporting multiple processes and system calls we might want to consider implementing a simple file system.</p>
<h2 id="why-a-file-system"><span class="header-section-number">12.1</span> Why a File System?</h2>
<p>How do we specify what programs to run in our OS? Which is the first program to run? How do programs output data or read input?</p>
<p>In UNIX-like systems, with their almost-everything-is-a-file convention, these problems are solved by the file system. (It might also be interesting to read a bit about the Plan 9 project, which takes this idea one step further.)</p>
<h2 id="a-simple-read-only-file-system"><span class="header-section-number">12.2</span> A Simple Read-Only File System</h2>
<p>The simplest file system might be what we already have - one file, existing only in RAM, loaded by GRUB before the kernel starts. When the kernel and operating system grows this is probably too limiting.</p>
<p>A file system that is slightly more advanced than just the bits of one file is a file with metadata. The metadata can describe the type of the file, the size of the file and so on. A utility program can be created that runs at build time, adding this metadata to a file. This way, a “file system in a file” can be constructed by concatenating several files with metadata into one large file. The result of this technique is a read-only file system that resides in memory (once GRUB has loaded the file).</p>
<p>The program constructing the file system can traverse a directory on the host system and add all subdirectories and files as part of the target file system. Each object in the file system (directory or file) can consist of a header and a body, where the body of a file is the actual file and the body of a directory is a list of entries - names and “addresses” of other files and directories.</p>
<p>Each object in this file system will become contiguous, so they will be easy to read from memory for the kernel. All objects will also have a fixed size (except for the last one, which can grow), therefore it is difficult to add new files or modify existing ones.</p>
<h2 id="inodes-and-writable-file-systems"><span class="header-section-number">12.3</span> Inodes and Writable File Systems</h2>
<p>When the need for a writable file system arises, then it is a good idea to look into the concept of an <em>inode</em>. See the section <a href="#further-reading-6">“Further Reading”</a> for recommended reading.</p>
<h2 id="a-virtual-file-system"><span class="header-section-number">12.4</span> A Virtual File System</h2>
<p>What abstraction should be used for reading and writing to devices such as the screen and the keyboard?</p>
<p>A virtual file system (VFS) creates an abstraction on top of the concrete file systems. A VFS mainly supplies the path system and file hierarchy, it delegates operations on files to the underlying file systems. The original paper on VFS is succinct and well worth a read. See the section <a href="#further-reading-6">“Further Reading”</a> for a reference.</p>
<p>With a VFS we could mount a special file system on the path <code>/dev</code>. This file system would handle all devices such as keyboards and the console. However, one could also take the traditional UNIX approach, with major/minor device numbers and <code>mknod</code> to create special files for devices. Which approach you think is the most appropriate is up to you, there is no right or wrong when building abstraction layers (although some abstractions turn out way more useful than others).</p>
<h2 id="further-reading-9"><span class="header-section-number">12.5</span> Further Reading</h2>
<ul>
<li>The ideas behind the Plan 9 operating systems is worth taking a look at: <a href="http://plan9.bell-labs.com/plan9/index.html">http://plan9.bell-labs.com/plan9/index.html</a></li>
<li>Wikipedia’s page on inodes: <a href="http://en.wikipedia.org/wiki/Inode">http://en.wikipedia.org/wiki/Inode</a> and the inode pointer structure: <a href="http://en.wikipedia.org/wiki/Inode_pointer_structure">http://en.wikipedia.org/wiki/Inode_pointer_structure</a>.</li>
<li>The original paper on the concept of vnodes and a virtual file system is quite interesting: <a href="http://www.arl.wustl.edu/~fredk/Courses/cs523/fall01/Papers/kleiman86vnodes.pdf">http://www.arl.wustl.edu/~fredk/Courses/cs523/fall01/Papers/kleiman86vnodes.pdf</a></li>
<li>Poul-Henning Kamp discusses the idea of a special file system for <code>/dev</code> in <a href="http://static.usenix.org/publications/library/proceedings/bsdcon02/full_papers/kamp/kamp_html/index.html">http://static.usenix.org/publications/library/proceedings/bsdcon02/full_papers/kamp/kamp_html/index.html</a></li>
</ul>
<h1 id="system-calls"><span class="header-section-number">13</span> System Calls</h1>
<p><em>System calls</em> is the way user-mode applications interact with the kernel - to ask for resources, request operations to be performed, etc. The system call API is the part of the kernel that is most exposed to the users, therefore its design requires some thought.</p>
<h2 id="designing-system-calls"><span class="header-section-number">13.1</span> Designing System Calls</h2>
<p>It is up to us, the kernel developers, to design the system calls that application developers can use. We can draw inspiration from the POSIX standards or, if they seem like too much work, just look at the ones for Linux, and pick and choose. See the section <a href="#further-reading-7">“Further Reading”</a> at the end of the chapter for references.</p>
<h2 id="implementing-system-calls"><span class="header-section-number">13.2</span> Implementing System Calls</h2>
<p>System calls are traditionally invoked with software interrupts. The user applications put the appropriate values in registers or on the stack and then initiates a pre-defined interrupt which transfers execution to the kernel. The interrupt number used is dependent on the kernel, Linux uses the number <code>0x80</code> to identify that an interrupt is intended as a system call.</p>
<p>When system calls are executed, the current privilege level is typically changed from PL3 to PL0 (if the application is running in user mode). To allow this, the DPL of the entry in the IDT for the system call interrupt needs to allow PL3 access.</p>
<p>Whenever inter-privilege level interrupts occur, the processor pushes a few important registers onto the stack - the same ones we used to enter user mode <a href="#user-mode">before</a>, see figure 6-4, section 6.12.1, in the Intel manual <span class="citation">[33]</span>. What stack is used? The same section in <span class="citation">[33]</span> specifies that if an interrupt leads to code executing at a numerically lower privilege level, a stack switch occurs. The new values for the registers <code>ss</code> and <code>esp</code> is loaded from the current Task State Segment (TSS). The TSS structure is specified in figure 7-2, section 7.2.1 of the Intel manual <span class="citation">[33]</span>.</p>
<p>To enable system calls we need to setup a TSS before entering user mode. Setting it up can be done in C by setting the <code>ss0</code> and <code>esp0</code> fields of a “packed struct” that represents a TSS. Before loading the “packed struct” into the processor, a TSS descriptor has to be added to the GDT. The structure of the TSS descriptor is described in section 7.2.2 in <span class="citation">[33]</span>.</p>
<p>You specify the current TSS segment selector by loading it into the <code>tr</code> register with the <code>ltr</code> assembly code instruction. If the TSS segment descriptor has index 5, and thus offset <code>5 * 8 = 40 = 0x28</code>, this is the value that should be loaded into the register <code>tr</code>.</p>
<p>When we entered user mode before in the chapter <a href="#entering-user-mode">“Entering User Mode”</a> we disabled interrupts when executing in PL3. Since system calls are implemented using interrupts, interrupts must be enabled in user mode. Setting the IF flag bit in the <code>eflags</code> value on the stack will make <code>iret</code> enable interrupts (since the <code>eflags</code> value on the stack will be loaded into the <code>eflags</code> register by the assembly code instruction <code>iret</code>).</p>
<h2 id="further-reading-10"><span class="header-section-number">13.3</span> Further Reading</h2>
<ul>
<li>The Wikipedia page on POSIX, with links to the specifications: <a href="http://en.wikipedia.org/wiki/POSIX">http://en.wikipedia.org/wiki/POSIX</a></li>
<li>A list of system calls used in Linux: <a href="http://bluemaster.iu.hio.no/edu/dark/lin-asm/syscalls.html">http://bluemaster.iu.hio.no/edu/dark/lin-asm/syscalls.html</a></li>
<li>The Wikipedia page on system calls: <a href="http://en.wikipedia.org/wiki/System_call">http://en.wikipedia.org/wiki/System_call</a></li>
<li>The Intel manual <span class="citation">[33]</span> sections on interrupts (chapter 6) and TSS (chapter 7) are where you get all the details you need.</li>
</ul>
<h1 id="multitasking"><span class="header-section-number">14</span> Multitasking</h1>
<p>How do you make multiple processes appear to run at the same time? Today, this question has two answers:</p>
<ul>
<li>With the availability of multi-core processors, or on system with multiple processors, two processes can actually run at the same time by running two processes on different cores or processors.</li>
<li>Fake it. That is, switch rapidly (faster than a human can notice) between the processes. At any given moment there is only one process executing, but the rapid switching gives the impression that they are running “at the same time”.</li>
</ul>
<p>Since the operating system created in this book does not support multi-core processors or multiple processors the only option is to fake it. The part of the operating system responsible for rapidly switching between the processes is called the <em>scheduling algorithm</em>.</p>
<h2 id="creating-new-processes"><span class="header-section-number">14.1</span> Creating New Processes</h2>
<p>Creating new processes is usually done with two different system calls: <code>fork</code> and <code>exec</code>. <code>fork</code> creates an exact copy of the currently running process, while <code>exec</code> replaces the current process with one that is specified by a path to the location of a program in the file system. Of these two we recommend that you start implementing <code>exec</code>, since this system call will do almost exactly the same steps as described in the section <a href="#setting-up-for-user-mode">“Setting up for user mode”</a> in the chapter <a href="#user-mode">“User Mode”</a>.</p>
<h2 id="cooperative-scheduling-with-yielding"><span class="header-section-number">14.2</span> Cooperative Scheduling with Yielding</h2>
<p>The easiest way to achieve rapid switching between processes is if the processes themselves are responsible for the switching. The processes run for a while and then tell the OS (via a system call) that it can now switch to another process. Giving up the control of CPU to another process is called <em>yielding</em> and when the processes themselves are responsible for the scheduling it’s called <em>cooperative scheduling</em>, since all the processes must cooperate with each other.</p>
<p>When a process yields the process’ entire state must be saved (all the registers), preferably on the kernel heap in a structure that represents a process. When changing to a new process all the registers must be restored from the saved values.</p>
<p>Scheduling can be implemented by keeping a list of which processes are running. The system call <code>yield</code> should then run the next process in the list and put the current one last (other schemes are possible, but this is a simple one).</p>
<p>The transfer of control to the new process is done via the <code>iret</code> assembly code instruction in exactly the same way as explained in the section <a href="#entering-user-mode">“Entering user mode”</a> in the chapter <a href="#user-mode">“User Mode”</a>.</p>
<p>We <strong>strongly</strong> recommend that you start to implement support for multiple processes by implementing cooperative scheduling. We further recommend that you have a working solution for both <code>exec</code>, <code>fork</code> and <code>yield</code> before implementing preemptive scheduling. Since cooperative scheduling is deterministic, it is much easier to debug than preemptive scheduling.</p>
<h2 id="preemptive-scheduling-with-interrupts"><span class="header-section-number">14.3</span> Preemptive Scheduling with Interrupts</h2>
<p>Instead of letting the processes themselves manage when to change to another process the OS can switch processes automatically after a short period of time. The OS can set up the <em>programmable interval timer</em> (PIT) to raise an interrupt after a short period of time, for example 20 ms. In the interrupt handler for the PIT interrupt the OS will change the running process to a new one. This way the processes themselves don’t need to worry about scheduling. This kind of scheduling is called <em>preemptive scheduling</em>.</p>
<h3 id="programmable-interval-timer"><span class="header-section-number">14.3.1</span> Programmable Interval Timer</h3>
<p>To be able to do preemptive scheduling the PIT must first be configured to raise interrupts every <em>x</em> milliseconds, where <em>x</em> should be configurable.</p>
<p>The configuration of the PIT is very similar to the configuration of other hardware devices: a byte is sent to an I/O port. The command port of the PIT is <code>0x43</code>. To read about all the configuration options, see the article about the PIT on OSDev <span class="citation">[39]</span>. We use the following options:</p>
<ul>
<li>Raise interrupts (use channel 0)</li>
<li>Send the divider as low byte then high byte (see next section for an explanation)</li>
<li>Use a square wave</li>
<li>Use binary mode</li>
</ul>
<p>This results in the configuration byte <code>00110110</code>.</p>
<p>Setting the interval for how often interrupts are to be raised is done via a <em>divider</em>, the same way as for the serial port. Instead of sending the PIT a value (e.g. in milliseconds) that says how often an interrupt should be raised you send the divider. The PIT operates at 1193182 Hz as default. Sending the divider 10 results in the PIT running at <code>1193182 / 10 = 119318</code> Hz. The divider can only be 16 bits, so it is only possible to configure the timer’s frequency between 1193182 Hz and <code>1193182 / 65535 = 18.2</code> Hz. We recommend that you create a function that takes an interval in milliseconds and converts it to the correct divider.</p>
<p>The divider is sent to the channel 0 data I/O port of the PIT, but since only one byte can be sent at at a time, the lowest 8 bits of the divider has to sent first, then the highest 8 bits of the divider can be sent. The channel 0 data I/O port is located at <code>0x40</code>. Again, see the article on OSDev <span class="citation">[39]</span> for more details.</p>
<h3 id="separate-kernel-stacks-for-processes"><span class="header-section-number">14.3.2</span> Separate Kernel Stacks for Processes</h3>
<p>If all processes uses the same kernel stack (the stack exposed by the TSS) there will be trouble if a process is interrupted while still in kernel mode. The process that is being switched to will now use the same kernel stack and will overwrite what the previous process have written on the stack (remember that TSS data structure points to the <em>beginning</em> of the stack).</p>
<p>To solve this problem every process should have it’s own kernel stack, the same way that each process have their own user mode stack. When switching process the TSS must be updated to point to the new process’ kernel stack.</p>
<h3 id="difficulties-with-preemptive-scheduling"><span class="header-section-number">14.3.3</span> Difficulties with Preemptive Scheduling</h3>
<p>When using preemptive scheduling one problem arises that doesn’t exist with cooperative scheduling. With cooperative scheduling every time a process yields, it must be in user mode (privilege level 3), since yield is a system call. With preemptive scheduling, the processes can be interrupted in either user mode or kernel mode (privilege level 0), since the process itself does not control when it gets interrupted.</p>
<p>Interrupting a process in kernel mode is a little bit different than interrupting a process in user mode, due to the way the CPU sets up the stack at interrupts. If a privilege level change occurred (the process was interrupted in user mode) the CPU will push the value of the process <code>ss</code> and <code>esp</code> register on the stack. If <em>no</em> privilege level change occurs (the process was interrupted in kernel mode) the CPU won’t push the <code>esp</code> register on the stack. Furthermore, if there was no privilege level change, the CPU won’t change stack to the one defined it the TSS.</p>
<p>This problem is solved by calculating what the value of <code>esp</code> was <em>before</em> the interrupt. Since you know that the CPU pushes 3 things on the stack when no privilege change happens and you know how much you have pushed on the stack, you can calculate what the value of <code>esp</code> was at the time of the interrupt. This is possible since the CPU won’t change stacks if there is no privilege level change, so the content of <code>esp</code> will be the same as at the time of the interrupt.</p>
<p>To further complicate things, one must think of how to handle case when switching to a new process that should be running in kernel mode. Since <code>iret</code> is being used without a privilege level change the CPU won’t update the value of <code>esp</code> with the one placed on the stack - you must update <code>esp</code> yourself.</p>
<h2 id="further-reading-11"><span class="header-section-number">14.4</span> Further Reading</h2>
<ul>
<li>For more information about different scheduling algorithms, see <a href="http://wiki.osdev.org/Scheduling_Algorithms">http://wiki.osdev.org/Scheduling_Algorithms</a></li>
</ul>
<div class="references">
<h1><span class="header-section-number">14.4</span> References</h1>
<p>[1] Andrew Tanenbaum, 2007. <em>Modern operating systems, 3rd edition</em>. Prentice Hall, Inc.,</p>
<p>[2] <em>The royal institute of technology</em>, <a href="http://www.kth.se">http://www.kth.se</a>,</p>
<p>[3] Wikipedia, <em>Hexadecimal</em>, <a href="http://en.wikipedia.org/wiki/Hexadecimal">http://en.wikipedia.org/wiki/Hexadecimal</a>,</p>
<p>[4] OSDev, <em>OSDev</em>, <a href="http://wiki.osdev.org/Main_Page">http://wiki.osdev.org/Main_Page</a>,</p>
<p>[5] James Molloy, <em>James m’s kernel development tutorial</em>, <a href="http://www.jamesmolloy.co.uk/tutorial_html/">http://www.jamesmolloy.co.uk/tutorial_html/</a>,</p>
<p>[6] Canonical Ltd, <em>Ubuntu</em>, <a href="http://www.ubuntu.com/">http://www.ubuntu.com/</a>,</p>
<p>[7] Oracle, <em>Oracle vM virtualBox</em>, <a href="http://www.virtualbox.org/">http://www.virtualbox.org/</a>,</p>
<p>[8] Dennis M. Ritchie Brian W. Kernighan, 1988. <em>The c programming language, second edition</em>. Prentice Hall, Inc.,</p>
<p>[9] Wikipedia, <em>C (programming language)</em>, <a href="http://en.wikipedia.org/wiki/C_(programming_language)">http://en.wikipedia.org/wiki/C_(programming_language)</a>,</p>
<p>[10] Free Software Foundation, <em>GCC, the gNU compiler collection</em>, <a href="http://gcc.gnu.org/">http://gcc.gnu.org/</a>,</p>
<p>[11] NASM, <em>NASM: The netwide assembler</em>, <a href="http://www.nasm.us/">http://www.nasm.us/</a>,</p>
<p>[12] Wikipedia, <em>Bash</em>, <a href="http://en.wikipedia.org/wiki/Bash_%28Unix_shell%29">http://en.wikipedia.org/wiki/Bash_%28Unix_shell%29</a>,</p>
<p>[13] Free Software Foundation, <em>GNU make</em>, <a href="http://www.gnu.org/software/make/">http://www.gnu.org/software/make/</a>,</p>
<p>[14] Volker Ruppert, <em>bochs: The open souce iA-32 emulation project</em>, <a href="http://bochs.sourceforge.net/">http://bochs.sourceforge.net/</a>,</p>
<p>[15] QEMU, <em>QEMU</em>, <a href="http://wiki.qemu.org/Main_Page">http://wiki.qemu.org/Main_Page</a>,</p>
<p>[16] Wikipedia, <em>BIOS</em>, <a href="https://en.wikipedia.org/wiki/BIOS">https://en.wikipedia.org/wiki/BIOS</a>,</p>
<p>[17] Free Software Foundation, <em>GNU gRUB</em>, <a href="http://www.gnu.org/software/grub/">http://www.gnu.org/software/grub/</a>,</p>
<p>[18] Wikipedia, <em>Executable and linkable format</em>, <a href="http://en.wikipedia.org/wiki/Executable_and_Linkable_Format">http://en.wikipedia.org/wiki/Executable_and_Linkable_Format</a>,</p>
<p>[19] Free Software Foundation, <em>Multiboot specification version 0.6.96</em>, <a href="http://www.gnu.org/software/
           grub/manual/multiboot/multiboot.html">http://www.gnu.org/software/
           grub/manual/multiboot/multiboot.html</a>,</p>
<p>[20] GNU, <em>GNU binutils</em>, <a href="http://www.gnu.org/software/binutils/">http://www.gnu.org/software/binutils/</a>,</p>
<p>[21] Lars Nodeen, <em>Bug #426419: configure: error: GRUB requires a working absolute objcopy</em>, <a href="https://bugs.launchpad.net/ubuntu/+source/grub/+bug/426419">https://bugs.launchpad.net/ubuntu/+source/grub/+bug/426419</a>,</p>
<p>[22] Wikipedia, <em>ISO image</em>, <a href="http://en.wikipedia.org/wiki/ISO_image">http://en.wikipedia.org/wiki/ISO_image</a>,</p>
<p>[23] Bochs, <em>bochsrc</em>, <a href="http://bochs.sourceforge.net/doc/docbook/user/bochsrc.html">http://bochs.sourceforge.net/doc/docbook/user/bochsrc.html</a>,</p>
<p>[24] NASM, <em>RESB and friends: Declaring uninitialized data</em>, <a href="http://www.nasm.us/doc/nasmdoc3.htm">http://www.nasm.us/doc/nasmdoc3.htm</a>,</p>
<p>[25] Wikipedia, <em>x86 calling conventions</em>, <a href="http://en.wikipedia.org/wiki/X86_calling_conventions">http://en.wikipedia.org/wiki/X86_calling_conventions</a>,</p>
<p>[26] Wikipedia, <em>Framebuffer</em>, <a href="http://en.wikipedia.org/wiki/Framebuffer">http://en.wikipedia.org/wiki/Framebuffer</a>,</p>
<p>[27] Wikipedia, <em>VGA-compatible text mode</em>, <a href="http://en.wikipedia.org/wiki/VGA-compatible_text_mode">http://en.wikipedia.org/wiki/VGA-compatible_text_mode</a>,</p>
<p>[28] Wikipedia, <em>ASCII</em>, <a href="https://en.wikipedia.org/wiki/Ascii">https://en.wikipedia.org/wiki/Ascii</a>,</p>
<p>[29] OSDev, <em>VGA hardware</em>, <a href="http://wiki.osdev.org/VGA_Hardware">http://wiki.osdev.org/VGA_Hardware</a>,</p>
<p>[30] Wikipedia, <em>Serial port</em>, <a href="http://en.wikipedia.org/wiki/Serial_port">http://en.wikipedia.org/wiki/Serial_port</a>,</p>
<p>[31] OSDev, <em>Serial ports</em>, <a href="http://wiki.osdev.org/Serial_ports">http://wiki.osdev.org/Serial_ports</a>,</p>
<p>[32] WikiBooks, <em>Serial programming/8250 uART programming</em>, <a href="http://en.wikibooks.org/wiki/Serial_Programming/
      8250_UART_Programming">http://en.wikibooks.org/wiki/Serial_Programming/
      8250_UART_Programming</a>,</p>
<p>[33] Intel, <em>Intel 64 and iA-32 architectures software developer’s manual vol. 3A</em>, <a href="http://www.intel.com/content/
www/us/en/architecture-and-technology/64-ia-32-architectures-software-developer-vol-3a-part-1-manual.html/">http://www.intel.com/content/
www/us/en/architecture-and-technology/64-ia-32-architectures-software-developer-vol-3a-part-1-manual.html/</a>,</p>
<p>[34] NASM, <em>Multi-line macros</em>, <a href="http://www.nasm.us/doc/nasmdoc4.html#section-4.3">http://www.nasm.us/doc/nasmdoc4.html#section-4.3</a>,</p>
<p>[35] SIGOPS, <em>i386 interrupt handling</em>, <a href="http://www.acm.uiuc.edu/sigops/roll_your_own/i386/irq.html">http://www.acm.uiuc.edu/sigops/roll_your_own/i386/irq.html</a>,</p>
<p>[36] Andries Brouwer, <em>Keyboard scancodes</em>, <a href="http://www.win.tue.nl/">http://www.win.tue.nl/</a>,</p>
<p>[37] Steve Chamberlain, <em>Using ld, the gNU linker</em>, <a href="http://www.math.utah.edu/docs/info/ld_toc.html">http://www.math.utah.edu/docs/info/ld_toc.html</a>,</p>
<p>[38] OSDev, <em>Page frame allocation</em>, <a href="http://wiki.osdev.org/Page_Frame_Allocation">http://wiki.osdev.org/Page_Frame_Allocation</a>,</p>
<p>[39] OSDev, <em>Programmable interval timer</em>, <a href="http://wiki.osdev.org/Programmable_Interval_Timer">http://wiki.osdev.org/Programmable_Interval_Timer</a>,</p>
</div>
<div class="footnotes">
<hr />
<ol>
<li id="fn1"><p>The bootloader must fit into the <em>master boot record</em> (MBR) boot sector of a hard drive, which is only 512 bytes large.<a href="#fnref1">↩</a></p></li>
</ol>
</div>
</div>
</div>

<script type="text/javascript">
    (function() {
        var tables = document.getElementsByTagName("table");
        for (var i = 0; i < tables.length; ++i) {
            var table = tables[i];
            if (table.getElementsByTagName("caption").length > 0) {
                table.className += " has_caption";
            }
        }
     })();
</script>
</body>
</html>