# Advanced Operating Systems and Virtualization

[5] Interrupts Management



#### **Outline**

- 1. Introduction
- 2. IRQs and Inter-Processor Interrupts
- 3. The IDT and the Activation Scheme
- 4. Exception Handling
  - 1. Fixups and Page Fault Handler
- 5. Interrupts Handling
  - 1. I/O Interrupts
  - Inter-Processor Interrupts (IPIs)
- 6. Software Interrupts (SoftIRQs)
- 7. Tasklets
- 8. Work Queues

5. Interrupts Management

**5.1** 

5. Interrupts Management

### Introduction



### **Interrupts and Exceptions**

An interrupt is usually defined as an event that alters the sequence of instructions executed by a processor. These events are actually electrical signals generated by hardware circuits. There are two kinds of interrupts:

- **synchronous** interrupts are produced by the CPU control unit while executing instructions, they are generated after the execution of an instruction. They are usually generated by
  - programming errors, in this case the kernel delivers a signal to the program (e.g. SIGKILL)
  - unusual conditions in which the kernel must find a solution, e.g. the Page Fault (when you request a page that is not allocated) or a system call via sysenter
- asynchronous interrupts are generated by other hardware devices at arbitrary times with respect the CPU clock signals. They are usually generated by timers and I/O devices, like the keystrokes for instance.

Intel usually calls the former *exceptions* and the latter *interrupts*. In the slides we will refer to Interrupt Signals for referring to exceptions and interrupts.

## The Role of the Interrupt Signals

When an interrupts signal arrives the CPU must necessarily stop what it's currently doing and switch to a new activity. This is done by saving the current value of the program counter (EIP + CS) in the Kernel Mode stack and places the address of the interrupt type into the program counter. This is called the **context switch** but differently to the switching to another process the code to which we switch is not a process but kernel code that **runs at expense** of the same process that was running when the interrupt occurred.



The Interrupt Handler is **lighter than a process**.

# The Role of the Interrupt Signals



Figure 14-2: Handling an interrupt.

Mauerer, Wolfgang. *Professional Linux kernel architecture*. John Wiley & Sons, 2010.

# The Role of the Interrupt Signals

Interrupt handling is one of the most sensitive tasks performed by the kernel because it must satisfy the following constraints:

- since the interrupts can come at any time when the kernel has even to go on with the
  process it was executing so it must go out of the interrupt as soon as possible and defer
  the demanding work to be executed later. Interrupts has always a critical part and a
  deferrable part (top-half/bottom-half);
- since the interrupts can come at any time the kernel might be handling one of them while another one occurs (nesting), this should be allowed much as possible since keeps I/O devices busy;
- even if nesting is allowed (2) there should be present critical regions in which interrupts
  must be temporarily disabled and these regions must be used only in case of strict
  necessity.

#### Classification

The Intel Documentation classifies interrupts and exceptions as follows:

#### - Interrupts

- <u>Maskable Interrupts</u>. All interrupts requests (IRQs) issued by I/O devices are maskable. When an interrupt is masked is temporarily ignored by the CPU.
- Non-maskable Interrupts. A few critical events are non-maskable, like hw failures

#### - Exceptions

- <u>Processor-detected exceptions</u> are generated when the CPU detects an anomalous condition, according to the eip (Instruction Pointer) value they are divided in:
  - **Faults** can generally be corrected, eip is the address that caused the fault so the instruction will be re-executed returning from the Int. Handler
  - **Traps** are reported immediately after the execution of trapping instruction, eip points to the next instruction after the trapping one. Traps were essentially used for debugging purposes
  - **Aborts** represents serious errors, the eip cannot be restored to a precise position returning from the Int. Handler, process will be terminated
- <u>Programmed Exceptions</u> occurs at the request of the programmer, they are triggered by the instructions int, int3, into and bound. These interrupts are treated like <u>traps</u> and they are often called also software interrupts they are used for implementing syscall or debugging purposes.

5. Interrupts Management

# IRQs and Inter-Processor Interrupts



### **IRQs** and **Interrupts**

Each hardware device controller capable of issuing interrupts requests usually has a single output line designated as the Interrupt Request line (IRQ). All of these lines are connected to the input pins of a hardware circuit called the **Programmable Interrupt Controller** (PIC - usually Intel 8259A with the 8086 processor) which performs the following actions:

- monitors the IRQ lines and if two or more lines are enabled selects the one that has lower pin number
- 2. If a raised signal occur on a IRQ line:
  - a. the signal is converted to a vector
  - b. stores the vector in an Interrupt Controller I/O port so the CPU can read it
  - c. sends a signal to the INTR pin of the processor
  - d. waits untils the CPU acknowledges the interrupt signal by writing into one of the PIC ports, this clears the INTR line
- 3. Go to 1



### IRQs and Interrupts

The n-th IRQ line is associated with the vector n+32. Each IRQ line can be selectively disabled, disabled interrupts are not lost, since the PIC send them to the CPU as soon as they will be re-enabled. Enabling and disabling interrupts is not the same as masking and unmasking:

- **enabling/disabling** is done by communicating with the PIC
- **masking/unmasking** is done by clearing and setting the IF flag in the EFLAGS register, that is done with cli and sti assembly instructions

#### **Multicore Processors**

If we are on a single CPU the output line of the PIC can be connected to the INTR line of the CPU, directly. On multicore systems, Intel introduced a new PIC controller, called the APIC (Advanced Programmable Interrupt Controller), each microprocessor has a Local-APIC with:

- 32bit registers
- internal clock and local timer
- two additional lines LINTO and LINT1 reserved for local APIC interrupts.

All the LAPICs are connected to an external I/O APIC.



Bovet, Daniel P., and Marco Cesati. *Understanding the Linux Kernel: from I/O ports to process management*. "O'Reilly Media, Inc.", 2005.

#### **Multicore Processors**

The I/O APIC has 24IRQ lines, a 24-entry Interrupt Redirection Table, programmable registers and a message unit for sending and receiving APIC messages over the bus. The interrupt priority is not given by the lowest number but it is written in the redirection table, that in the end translates external interrupts into a message to one or more APIC units. External interrupts can be distributed in two ways:

- Static Distribution. The IRQ signal is delivered to the LAPICs listed in the proper entry of the redirection table
- 2. **Dynamic Distribution**. The IRQ signal is delivered to the LAPIC of the processor that is executing the process with lowest priority. This is done by programming the TPR register inside the LAPIC.

A multi-APIC system also allows to generate inter-processor interrupts (IPI), by using the ICR register. The IPIs are a critical part of a SMP system, in Linux they are used for exchanging messages between the CPUs.

5. Interrupts Management

# The IDT and the Activation Scheme



# Back to the beginning



#### The IDT

The Interrupt Descriptor Table associates each interrupt or exception vector with address of the corresponding interrupt or exception handler. Similarly to the GDT, each entry of the table corresponds to an interrupt or exception vector and consists of 8-byte descriptor (on x86 or 16-byte on x86\_64). Thus we need 256\*8=2048 bytes to store the table. The IDT is pointed by the IDTR register so it can be anywhere in memory.

As we already discussed there are different types of entries:

- **Interrupt Gate** entries, includes the segment selector and the offset inside the segment for the handler, while transferring the control the CPU **clears the IF flag** thus disabling the maskable interrupts. These gates are used to handle interrupts.
- **Trap Gate** entries, same as Interrupt Gates but the **IF flag is not cleared**. These gates are used to handle exceptions.
- *Task Gate* entries, includes the TSS selector of the process that must replace the current when an interrupt occurs. These gates were intended to be used for process switch, today they are no more used.

#### **Traps**

Differently from interrupts, trap management does not automatically reset the interruptible-state of a CPU core (IF), therefore critical sections in the trap handler must explicitly mask and then re-enable interrupts (cli and sti instructions).

For SMP/multi-core machines this **might not be enough** to guarantee correctness (atomicity) while handling the trap. The kernel uses **spinlocks**, based on atomic test-and-set primitives:

- cmpxchg
- xchg
- use the prefix lock before the instruction (e.g. lock incl)

#### V5.11

#### Interrupt/Gate Descriptor

#### On 64-bit architecture



Figure 6-8. 64-Bit IDT Gate Descriptors

```
84
      struct gate struct {
                u16
                                    offset low;
86
                u16
                                    segment;
              → struct idt bits bits;
88
                u16
                                    offset middle;
89
      #ifdef CONFIG X86 64
90
                u32
                                    offset high;
91
                u32
                                    reserved;
      #endif
93
      } attribute ((packed));
  https://elixir.bootlin.com/linux/v5.11/source/arch/x86/include/asm/desc_defs.h#L84
      → struct idt bits {
                  u16
                                    ist
                                    zero
                                     type
                                    dpl
  74
           attribute ((packed));
```

https://elixir.bootlin.com/linux/v5.11/source/arch/x86/include/asm/desc\_defs.h#L69

#### **IDT Entries**

| Range                              | Use                                    |  |
|------------------------------------|----------------------------------------|--|
| 0-19                               | Nonmaskable interrupts and exception   |  |
| 20-31                              | Intel-reserved                         |  |
| 32-127                             | External interrupts (IRQs)             |  |
| 128 (0x80)                         | Programmed exception for system calls  |  |
| 129-238                            | External interrupts (IRQs)             |  |
| 239                                | Local APIC timer interrupt             |  |
| 240-250                            | 0-250 Reserved by Linux for future use |  |
| 251-255 Inter-processor interrupts |                                        |  |

## Hardware Handling of Interrupts/Exceptions

#### Process -> Interrupt Handler

The check if an interrupt arrived is done after the execution of every asm instruction. Then, if the check is positive, the following steps are executed:

- 1. determining the vector i (o<= i <= 255) associated with the interrupt/exception
- 2. read the i entry in the IDT referred by IDTR
- 3. get the base address of the GDT from GDTR and read the segment descriptor for that
- 4. If <u>CPL < segment DPL</u> --> **General Protection Error**
- 5. If programmed exception and if gate DPL < CPL -> General Protection Error
- 6. If CPL is different from segment DPL (there is a context switch)
  - a. the TR register is read to access to the TSS segment of the running process
  - b. SS and ESP registers are loaded with proper values associated to the new privilege level (remind the TSS structure)
  - c. In this new stack, the old SS and ESP are saved
- 7. If there was a **fault** CS and EIP are loaded with the logical address of the instruction that caused the exception so that it can be executed again
- 8. EFLAGS, CS and EIP are saved in the stack
- 9. If the exception carries an **error code** it is saved in the stack
- 10. CS and EIP are loaded with the reference to the Interrupt Handler from the i entry of IDT

# Hardware Handling of Interrupts/Exceptions

#### Interrupt Handler -> Process

After the interrupt, the iret asm instruction is called. If you pushed an error code in the stack you need to pop it before executing iret. Then the iret instruction:

- Loads the CS, EIP and EFLAGS registers with the values saved in the stack
- 2. Checks if the interrupted process had the same privilege of the Interrupt Handler (looking at the CPL of the handler and the current CPL). If so, iret concludes the execution
- 3. Loads SS and ESP from the stack returning to the stack of the old privilege level
- 4. Examines the content of DS, ES, FS and GS registers. If any of these registers contains a DPL lower than the CPL then the register is cleared, this is done for security reasons.



**Interrupt Stack Frame** 

#### **Nested Execution of Ex./Int. Handlers**

Every interrupt or exception gives rise to a kernel control path or separate sequence of instructions that execute in Kernel Mode on behalf of the current process. These paths may arbitrarily nested by another interrupt handler, thus giving rise to a nested execution of kernel control paths.



Figure 4-3. An example of nested execution of kernel control paths

Bovet, Daniel P., and Marco Cesati. Understanding the Linux Kernel: from I/O ports to process management. "O'Reilly Media, Inc.", 2005.

#### **Nested Execution of Ex./Int. Handlers**

The price to pay for allowing nested kernel control path is that an interrupt handler **must never block,** i.e. no process switch can be done while an interrupt handler is running because we have saved the context in the Kernel Stack of the previous process.

In general, most exceptions are raised when in User Mode, however the **Page Fault** exception can occur in Kernel Mode, when a page is not in RAM (e.g. swapped). When there is a Page Fault, the current process must be put in sleep therefore the Page Fault exception never gives rises to further exceptions.

An interrupt handler **may preempt both** other interrupt handlers and exceptions but an exception handler never preempts an interrupt handler, the only "exception" is the Page Fault, but Interrupt Handlers never performs operations that gives rise to page faults.

In multiprocessor systems there are several parallel kernel control paths, so an exception may start on a CPU and end on another due to the process switch.

5. Interrupts Management

# **Exception Handling**



## **Exceptions Handling**

Most of the exceptions are interpreted by Linux as error conditions. When one of them occurs, the kernel sends a **signal** to the process that caused the exception. But it is not always the case.

In some cases Linux exploits exceptions to manage hardware resources more efficiently, for example the Page Fault.

*Table 4-1. Signals sent by the exception handlers* 

| #  | Exception                   | Exception handler                        | Signal  |
|----|-----------------------------|------------------------------------------|---------|
| 0  | Divide error                | <pre>divide_error()</pre>                | SIGFPE  |
| 1  | Debug                       | debug()                                  | SIGTRAP |
| 2  | NMI                         | nmi()                                    | None    |
| 3  | Breakpoint                  | int3()                                   | SIGTRAP |
| 4  | Overflow                    | <pre>overflow()</pre>                    | SIGSEGV |
| 5  | Bounds check                | bounds()                                 | SIGSEGV |
| 6  | Invalid opcode              | <pre>invalid_op()</pre>                  | SIGILL  |
| 7  | Device not available        | <pre>device_not_available()</pre>        | None    |
| 8  | Double fault                | <pre>doublefault_fn()</pre>              | None    |
| 9  | Coprocessor segment overrun | <pre>coprocessor_segment_overrun()</pre> | SIGFPE  |
| 10 | Invalid TSS                 | <pre>invalid_TSS()</pre>                 | SIGSEGV |
| 11 | Segment not present         | <pre>segment_not_present()</pre>         | SIGBUS  |
| 12 | Stack segment fault         | <pre>stack_segment()</pre>               | SIGBUS  |
| 13 | General protection          | <pre>general_protection()</pre>          | SIGSEGV |
| 14 | Page Fault                  | <pre>page_fault()</pre>                  | SIGSEGV |
| 15 | Intel-reserved              | None                                     | None    |
| 16 | Floating-point error        | <pre>coprocessor_error()</pre>           | SIGFPE  |
| 17 | Alignment check             | alignment_check()                        | SIGBUS  |
| 18 | Machine check               | <pre>machine_check()</pre>               | None    |
| 19 | SIMD floating point         | <pre>simd_coprocessor_error()</pre>      | SIGFPE  |

Bovet, Daniel P., and Marco Cesati. *Understanding the Linux Kernel: from I/O ports to process management*. " O'Reilly Media, Inc.", 2005.

#### **Structure**

```
824
      void init trap init(void)
825
              set intr gate(0, &divide error);
836
837
               set_intr_gate_ist(2, &nmi, NMI_STACK);
838
               /* int4 can be called from all */
839
               set system intr gate(4, &overflow);
840
              set intr gate(5, &bounds);
841
               set intr gate(6, &invalid op);
842
               set intr gate(7, &device not available);
843
      #ifdef CONFIG X86 32
844
               set task gate(8, GDT ENTRY DOUBLEFAULT TSS);
845
      #else
               set intr gate ist(8, &double fault, DOUBLEFAULT STACK);
846
847
      #endif
848
               set intr gate(9, &coprocessor segment overrun);
849
              set intr gate(10, &invalid TSS);
870
      #ifdef CONFIG X86 32
               set_system_trap_gate(SYSCALL_VECTOR, &system_call);
871
               set bit(SYSCALL VECTOR, used vectors);
872
873
      #endif
881
```

https://elixir.bootlin.com/linux/v2.6.39.4/source/arch/x86/kernel/traps.c#L824

The standard structure of an exception is the following:

- save the content of most registers in the kernel mode stack
- handle the exception by mean of a C function
- 3. exit with
   ret\_from\_exception()
   function

The C functions which handle the exceptions are registered during trap\_init().

Remind the system\_call handler.

#### The "Modern" Initial IDT

```
static const initconst struct idt data def idts[] = {
        INTG(X86 TRAP DE.
                                         asm exc divide error),
        INTG(X86 TRAP NMI.
                                         asm exc nmi),
        INTG(X86 TRAP BR,
                                         asm exc bounds),
        INTG(X86 TRAP UD.
                                         asm exc invalid op).
        INTG(X86 TRAP NM.
                                         asm exc device not available),
        INTG(X86 TRAP OLD MF,
                                         asm exc coproc segment overrun),
        INTG(X86 TRAP TS.
                                         asm exc invalid tss).
        INTG(X86 TRAP NP.
                                         asm exc segment not present),
        INTG(X86 TRAP SS,
                                         asm exc stack segment),
        INTG(X86 TRAP GP.
                                         asm exc general protection),
        INTG(X86 TRAP SPURIOUS,
                                         asm exc spurious interrupt bug),
        INTG(X86 TRAP MF,
                                         asm exc coprocessor error),
        INTG(X86 TRAP AC.
                                         asm exc alignment check),
        INTG(X86 TRAP XF,
                                         asm exc simd coprocessor error),
#ifdef CONFIG X86 32
        TSKG(X86 TRAP DF,
                                         GDT ENTRY DOUBLEFAULT TSS),
#else
        INTG(X86 TRAP DF,
                                         asm exc double fault),
#endif
        INTG(X86 TRAP DB,
                                         asm exc debug),
#ifdef CONFIG X86 MCE
        INTG(X86 TRAP MC,
                                         asm exc machine check),
#endif
        SYSG(X86 TRAP OF,
                                         asm exc overflow),
#if defined(CONFIG IA32 EMULATION)
        SYSG(IA32 SYSCALL VECTOR,
                                         entry_INT80_compat),
#elif defined(CONFIG X86 32)
        SYSG(IA32 SYSCALL VECTOR,
                                         entry INT80 32),
#endif
```

```
/* Interrupt gate */
31
     #define INTG( vector, addr)
             G( vector, addr, DEFAULT STACK, GATE INTERRUPT, DPL0, KERNEL CS)
33
34
     /* System interrupt gate */
35
     #define SYSG( vector, addr)
36
             G( vector, addr, DEFAULT STACK, GATE INTERRUPT, DPL3, KERNEL CS)
37
38
39
      * Interrupt gate with interrupt stack. The ist index is the index in
      * the tss.ist[] array, but for the descriptor it needs to start at 1.
41
42
     #define ISTG( vector, addr, ist)
43
             G( vector, addr, ist + 1, GATE INTERRUPT, DPL0, KERNEL CS)
44
45
     /* Task gate */
46
     #define TSKG( vector, qdt)
47
             G( vector, NULL, DEFAULT STACK, GATE TASK, DPLO, gdt << 3)
48
```

https://elixir.bootlin.com/linux/v5.11/source/arch/x86/kernel/idt.c#L31

#### We have

- **Interrupt Gate**, has DPLo
- System Gate had DPL3 (<= v2.6)
- System Interrupt Gate, has DPL3
- Trap Gate had DPLo (<= v2.6)
- Task Gate has DPL3

https://elixir.bootlin.com/linux/v5.11/source/arch/x86/kernel/idt.c#L184

76

77

78

79

80

81

82

83

84

85

86

87

88

89

90

91

92

93

94

95

96

97 98

99

100

101 102

103

104

105

107

## The Double Fault Exception

The only task gate is referring to the Double Fault exception, because it denotes a serious kernel misbehaviour. Therefore, exception handler **does not trust** the value in **esp** register.

A Double Fault occurs when an exception is unhandled or when an exception occurs while the CPU is trying to call an exception handler. Normally, two exception at the same time are handled one after another, but in some cases that is not possible. For example, if a page fault occurs, but the exception handler is located in a not-present page, two page faults would occur and neither can be handled. A double fault would occur.

A double fault will always generate an error code with a value of zero. The saved instruction pointer is undefined. A double fault cannot be recovered. The faulting process must be terminated.

## **Exception Handlers**

The generic exception handler handler\_name is composed by the following assembly instructions:

```
handler_name:
    pushl $0 /* only for some exceptions */
    pushl $do_handler_name
    jmp error_code
```

#### Three operations:

- 1. push \$0, the control unit does not put in the stack the hw error code
- 2. push \$do\_handler\_name, that is the address of the exception handler
- 3. jump to error\_code, that is the same for every exception, the block performs a set of operations in order to prepare the call to do\_handler\_name. The invoked function receives its arguments on registers rather than in the stack (as \_\_switch\_to() that we will later).

#### do\_handler\_name()

The name of the functions which implements exception handling always starts with the prefix do\_. Most of these functions in the end call invoke do\_trap() to store the hardware error code and the exception vector in the process descriptor and then send a suitable signal (see Table earlier).

```
current->thread.error_code = error_code;
current->thread.trap_no = vector;
force_sig(sig_number, current);
```

The signal is handled in user mode, if the programmer defined a signal handler, otherwise in Kernel Mode and the kernel usually kills the process.

The exception handler **must determine** if the error happened in User Mode or in Kernel Mode and in this latter case if it was due to an invalid argument passed to a system call, because in this particular case the kernel uses a **Fix-Up code**. In any other case the kernel call the function **die()** which prints a dump in the screen and kills the process (remember the kernel *oops*).

5. Interrupts Management

4. Exception Handling

# Fixups and Page Fault Handler



# **Accessing Memory and System Calls**

In general, there may be the case that when a user space process calls a system call it passes a parameter to a memory area. When this pointer is passed to Kernel Space the kernel may check it in on of the two ways:

- check if the address belongs to the process address space
- check if the address is lower than PAGE\_OFFSET

The first, more time consuming, was used by the earlier versions of the kernel, from 2.2 the second check is performed. Obviously this is a very coarse checking so the idea is to the defer as later as possible the true check. The check is done by access\_ok() macro.

```
int access_ok(const void * addr, unsigned long size)
{
   unsigned long a = (unsigned long) addr;
   if (a + size < a ||
        a + size > current_thread_info()->addr_limit.seg)
        return 0;
   return 1;
}
```

# The Page Fault

access\_ok() only performs a coarse check but if it passes then the address can be still not be valid for that process, therefor a Page Fault can be raised when:

- the kernel attempts to address a page belonging to the process address space but the frame does not exist or it is read-only;
- 2. the kernel addresses a page belonging to its address space but the corresponding entry in the Page Table has **not** been yet **initialized**;
- there is bug in the kernel or an hardware error;
- 4. a system call service routine attempts to read or write into a memory area whose address has been passed as a system call parameter by it does not belong to the process address space.

In the first case the kernel checks if the linear address belongs to the process, in the second case it is again easy to recognize by looking at the Master Kernel Page Table entry. But how the other two cases?

## The Exception Tables

Only a small group of functions and macros are used to access the process address space within the kernel (e.g. get\_user(), ...), thus if the exception is caused by an invalid parameter the instruction that caused it **must be included** in one of the functions.

For this reason, the addresses of these functions are put in a exception table and the do\_page\_fault() handler will look at the table: if it includes the address of instruction that triggered the exception the error is caused by a system call parameter, otherwise by a more serious bug.

The kernel exception table is stored in the \_\_ex\_table section of the kernel and each entry contains:

- insn that is the address of an instruction that accesses the process address space
- fixup that is the address of the assembly code which solves the problem. These instructions in general are put in the .fixup section of the kernel code segment

#### The Exception Tables

The do\_page\_fault() executes the following statements:

```
if ((fixup = search_exception_tables(regs->eip))) {
    regs->eip = fixup->fixup;
    return 1;
}
```

#### **Generating the Exception Table**

The GNU Assembler allows to specify the content of a section with the label ".section" and "a" stands for add to the kernel binary image.

```
.section __ex_table, "a"
    .long faulty_instruction_address, fixup_code_address
.previous
In the section
.fixup
.fixup
```

Bovet, Daniel P., and Marco Cesati. Understanding the Linux Kernel: from I/O ports to process management. "O'Reilly Media, Inc.", 2005.

## The Kernel Exception Table

#### Example

```
get user 1:
    [...]
1: movzbl (%eax), %edx
    [\ldots]
get user 2:
    [\ldots]
2: movzwl -1(%eax), %edx
    [\ldots]
get user 4:
    [...]
3: movl -3(%eax), %edx
    [...]
bad get user:
    xorl %edx, %edx
    movl $-EFAULT, %eax
    ret
.section ex table, "a"
    .long 1b, bad get user
    .long 2b, bad get user
    .long 3b, bad get user
.previous
```

This is the example of the exception table for the get\_user functions, obviously the exceptions table are also defined for other functions, like for example strlen\_user(string).

```
#define __get_user_size(x, ptr, size, retval, errret)
                                                                       retval = 0:
                                                                       __chk_user_ptr(ptr);
                           general,
                                                                       switch (size) {
                                                                                get user asm(x, ptr, retval, "b", "b", "=q", errret);
                        expanded
are
                                                                       case 2:
                                                                               _get_user_asm(x, ptr, retval, "w", "w", "=r", errret); '
the one on the right.
                                                                       case 4:
                                                                               get user asm(x, ptr, retval, "l", "k", "=r", errret);
                                                                              break:
                                                                       case 8:
                                                                               get user asm u64(x, ptr, retval, errret);
The
                                                                              (x) = __get_user_bad();
of
                     .section
                                                              } while (0)
that
                         the
                                                 COd( 376
                                                               #define get user asm(x, addr, err, itype, rtype, ltype, errret)
                                                                       asm volatile("1:
                                                                                             mov"itype" %2,%"rtype"1\n"
                                                                                   "2:\n"
table code.
                                                                                   ".section .fixup,\"ax\"\n"
                                                                                             mov %3,%0\n"
                                                                                   " xor"itype" %"rtype"1,%"rtype"1\n"
                                                                                   " imp 2b\n"
                                                                                   ".previous\n"
  https://elixir.bootlin.com/linux/v2.6.39.4/source/arch/x86/in
                                                                                    ASM EXTABLE(1b, 3b)
                               clude/asm/uaccess.h#L354
                                                                                   : "=r" (err), ltype(x)
                                                                                   : "m" ( m(addr)), "i" (errret), "0" (err))
```

## Fixup activation steps

#### Recap

- access to invalid address e.g. from get\_user()
- 2. MMU generates exception
- CPU calls do\_page\_fault
- do page fault calls search\_exception\_table()
- 5. search\_exception\_table looks up the address of current->eip in the exception table and returns the address of the associated fault handle code, the fixup.
- 6. **do\_page\_fault** modifies its own return address to point to the fault handle code and returns.
- 7. execution continues in the fault handling code:
  - a. EAX becomes EFAULT (== -14)
  - b. DL becomes zero (the value we "read" from user space)
  - c. execution continues at local label 2 (address of the instruction immediately after the faulting user access).

5.5

5. Interrupts Management

# **Interrupts Handling**



## **Interrupts Classification**

As we discussed, most exceptions are handled simply by sending a unix signal to the process that caused the exception. So the action to be taken will be executed as soon as the process receives the signal, this does not hold for interrupts since they can also arrive long after the process to which they are related so a signal does not make sense.

The interrupt handling changes according to the type of the interrupt raised:

- **I/O Interrupts** are received every time that an I/O device requests attention to the kernel. The interrupt handler must query the device to setup proper actions;
- **Timer Interrupts**. The LAPIC timer has issued an interrupt, this notifies the kernel that some time has passed
- **Inter-processor Interrupts** (**IPI**). A CPU issued an interrupt to another CPU. On multicore systems, we must ensure, for instance, that different cores synchronize with each other in some circumstances

#### 5.5.1

5. Interrupts Management5. Interrupts Handling

# I/O Interrupts



# I/O Interrupts Handling

An I/O Interrupt Handler must be enough flexible to service several devices at the same time, but the IRO lines are in general shared by multiple devices, so reading only the IRO line number it will be not sufficient to understand which device issued it.

There are two different situations:

- IRQ Sharing. The interrupt handler executes several interrupt service routines (ISRs), each routine is related to each device that shares the IRQ line. Every ISRs is always executed.
- 2. **IRQ Dynamic Allocation**. An IRQ line is associated with a device at the last possible moment, for instance only when device is in use. In this way two devices cannot obviously use the same line at the same time.

In any case, when handling an interrupt not every action that you need to perform has the same priority, this because when you handle an interrupt on a line all the other signals are ignored. Therefore the handling must be as quick as possible.

# I/O Interrupts Handling

Linux differentiates in three categories the actions that should be carried out in a interrupt handler:

- 1. **Critical**. Actions like acknowledging the IRQ to the PIC, updating the data structure shared by the device and the CPU. These action are critical and quick, they must be executed immediately with maskable interrupts disabled (you cannot be interrupted).
- 2. Non-Critical. Actions like updated the data structure accessed only by the CPU (e.g. understanding which key has been pressed on the keyboard). These action can finish quickly and they are executed immediately but with the interrupts enabled (you can be interrupted).
- 3. **Non-Critical Deferrable**. Actions like copying a buffer content into the process address space (e.g. sending the keyboard line buffer to the terminal handler process). These actions may be delayed for a long time interval, the user process will wait (e.g. sleep) for the data. These actions are executed by means of separate functions (*SoftIRQs* and *Tasklets*).

## Flow of operation

In any case, the Interrupt Handler performs the following operations:

- save the IRQ value and the register in the kernel mode stack
- send the ack to the PIC, thus allowing further interrupts on that line
- execute the ISRs for all the devices that shares that IRQ line
- 4. terminate with ret\_from\_intr()

Table 4-3. An example of IRQ assignment to I/O devices

| IRQ | INT | Hardware device                     |
|-----|-----|-------------------------------------|
| 0   | 32  | Timer                               |
| 1   | 33  | Keyboard                            |
| 2   | 34  | PIC cascading                       |
| 3   | 35  | Second serial port                  |
| 4   | 36  | First serial port                   |
| 6   | 38  | Floppy disk                         |
| 8   | 40  | System clock                        |
| 10  | 42  | Network interface                   |
| 11  | 43  | USB port, sound card                |
| 12  | 44  | PS/2 mouse                          |
| 13  | 45  | Mathematical coprocessor            |
| 14  | 46  | EIDE disk controller's first chain  |
| 15  | 47  | EIDE disk controller's second chain |

## **Interrupt Handling**



Figure 4-4. I/O interrupt handling

#### **IRQ** Data Structures



Figure 4-5. IRQ descriptors

## **Multiple Kernel Mode stacks**

The struct that represents a process (that we will later) is couple with a data structure which represents the Kernel Mode stack. If it is declared (at compile time) as 8KB size, the stack will be used for any kind of kernel activity, otherwise if we declare it as 4KB size three types of stacks will be used (a C union):

- the **exception** stack, used for handling exceptions (including system calls). One for each process;
- the hard IRQ stack, used for handling interrupts. One for each CPU;
- the **soft IRQ** stack, used for handling deferrable activities (SoftIRQs and Tasklets). One for each CPU.

## **Interrupt Handler Activation**

```
Interrupt
|
```

pushl \$n-256
jmp common\_interrupt

common\_interrupt:
 SAVE\_ALL
 movl %esp,%eax
 call do\_IRQ
 jmp ret from intr

As in the exceptions, when the CPU receives the interrupts it starts executing the code found in the corresponding gate of the IDT. For doing this, there is a context switch and registers must be saved and restored.

Saving the registers is the first task of the interrupt handler, as in the exceptions there is a stub code that is executed before the true interrupt handler, that is do\_IRQ.

## **Modern Handler Activation**

In modern Linux kernel versions the do\_IRQ has been removed in favour of a more efficient implementation of handlers. The execution path is optimized for different types of interrupts, that are:

- Level type the signal voltage is above a certain threshold (e.g. > 5V)
- **Edge** type the signal is positive or negative
- **Simple** type simple interrupt handling with no chip interaction
- **Fast EOI** type the signal allows a fast End-of-Interrupt interaction
- **Per CPU** type interrupt is per cpu

The rest of the rationale behind the interrupts remains more or less the same.

https://www.kernel.org/doc/html/latest/core-api/genericirq.html http://www.cs.fsu.edu/~rosentha/linux/2.6.26.5/docs/DocBook/genericirg/cho4so3.html 5. Interrupts Management

5. Interrupts Handling

# Inter-Processor Interrupts (IPIs)



## Interrupts in multi-core machines

On single core machines, interrupt/trap events are managed by running operating system code on the single core in the system. This is sufficient to ensure consistency also in multithreaded applications. In multi-core systems, an interrupt/trap event is delivered to only one core:

- other cores might be running other threads of the same application, though. This can lead to race conditions or inconsistent state, due to the replication of hardware
- the hardware is time-shared across threads

We need a way to propagate an interrupt/trap event to other cores, if needed. The same problem holds for synchronous requests from userspace implemented without using traps (e.g., via the vDSO).

# **Memory Unmapping**

Example



From now on every time shared process on that CPU/Core will see a consistent state of the hardware as determined by the Kernel Code

But what about another thread in another CPU/Core?

#### **IPIs**

IPIs are interrupts also used to trigger the execution of specific operating system functions on other cores. IPI are used to enforce cross-core activities (e.g. request/reply protocols) allowing a specific core to trigger a change in the state of another. IPIs are generated at firmware level, but are processed at software level:

- **synchronous** at the sender
- **asynchronous** at the receiver

At least two priority levels are available:

- **High priority** leads to immediate processing of the IPI at the recipient (a single IPI is accepted and stands out at any point in time)
- **Low priority** generally lead to queueing the requests and process them in a serialized way

#### **IPIs Vectors**

We have already seen the registers to trigger IPIs and the underlying (L)APIC architecture.

#### Usages of IPIs are:

- waking up additional cores
- execution of the same function across all the CPU cores (cross-core kernel synchronization)
- change of the hardware state across multiple cores in the system (e.g. TLB)

The **immediate handling** of the IPI is allowed when there's no need to share data across cores, as for example the *system halt* due to a kernel panic.

The kernel provides a set of macros and functions to easily trigger IPIs, the different IPI kinds of interrupt are referred as IPIs Vectors.

The Linux kernel makes use of three kinds if inter-processor interrupts:

- CALL\_FUNCTION\_VECTOR (0xfb) it is sent to all CPUs but the sender forcing that CPU to run a function passed by the sender. The handler is called call\_function\_interrupt(). This is used for example for halting the system. This is interrupt is usually triggered by the function smp\_call\_function();
- RESCHEDULE\_VECTOR (0xfc) when a CPU receives this type of interrupt, the corresponding handler named reschedule\_interrupt() limits itself to acknowledging the interrupt, the rescheduling is done when returning from the interrupt;
- INVALIDATE\_TLB\_VECTOR (0xfd)- it is sent to all the CPU but the sender forcing them
  to invalidate the TLB, the handler is invalidate\_interrupt().

These vectors are issued by wrapper C functions that in the end call default\_send\_IPI\_all(), default\_send\_IPI\_allbutself(), default\_send\_IPI\_self(), default\_send\_IPI\_mask().

# **Registering IPI Functions**

IPIs are used to scheduled multiple cross-core tasks, but a single vector exists (CALL\_FUNCTION\_VECTOR). There is the need to register a specific action associated with the firing of an IPI. Older version of the kernel were relying on a global data structure protected by a lock, but this solution hampers scalability and performance.

From Kernel 5.0, there is a per-CPU linked list of registered functions and associated data to process. Concurrent access relies on the lock-free list.



5.6

5. Interrupts Management

# Software Interrupts (SoftIRQs)



## **Deferred Work**

We already introduced the necessity of deferring the non-critical work when handling an interrupt. The basic idea behind this strategy takes the name of top-half/bottom-half:

- the top-half executes a minimal amount of work which is mandatory to later finalize the whole interrupt management. The top-half code is managed according to a non-interruptible scheme and it is in charge of scheduling the bottom-half task by queuing a record into a proper data structure;
- the **bottom-half** finalizes the work to be done for completing the interrupt handling. The bottom-half executes the deferred work with interrupts enabled.

# **Top/Bottom Halves**



## SoftIRQs and Tasklets

Linux uses two kinds of non-urgent and interruptible kernel functions:

- the deferrable functions, that are softIRQs and tasklets;
- those executed by means of some work queues.

Tasklets are built on top the SoftIRQs and the term softirq which often appears in the kernel source refers to both of them. The main differences between these two kinds of deferrable functions are:

- SoftIROs are statically allocated, they can run concurrently on several CPUs (even if they are of the different type, they are reentrant functions and must explicitly protect their data structures with spinlocks;
- Tasklets are initialized at runtime (for instance when mounting a kernel module), they do
  not need to worry about race conditions on data structures since they are strictly
  controlled by the kernel. Tasklets of the same type are always serialized, they cannot run
  concurrently, they do not need to be reentrant.

## **Main Steps**

The main steps carried out on a deferrable function are the following.

- Initialization. Define a new deferrable function, this is done when the kernel boots or when a module is loaded.
- Activation. Marks the function as "pending" to be run the next time the kernel schedules
  a round of executions of deferrable functions.
- 3. **Masking**. Selectively disable a function so that it will be not executed even if activated.
- 4. Execution. Executes a pending deferrable function with other functions of the same type.

SoftIRQs are also called *software interrupts* but keep in mind that they are different from the programmed exceptions.

Linux uses a limited number of softirqs. In general, Tasklets are used because are easier to write and they do not need to be reentrant.

```
/* PLEASE, avoid to allocate new softirgs, if you need not really high
531
         frequency threaded job scheduling. For almost all the purposes
532
          tasklets are more than enough. F.e. all serial device BHs et
533
          al. should be converted to tasklets, not to softiras.
534
535
536
537
       enum
538
                                          High priority tasklets
539
              HI SOFTIRQ=0,
540
              TIMER_SOFTIRQ,
                                           Transmit/Receive packets
541
              NET_TX_SOFTIRQ,
542
              NET RX SOFTIRQ,
                                          to/from NICs
543
              BLOCK_SOFTIRQ,
544
              IRQ_POLL_SOFTIRQ,
                                          Normal tasklets
545
              TASKLET_SOFTIRQ,-
546
               SCHED_SOFTIRQ,
547
              HRTIMER_SOFTIRQ,
                             /* Preferable RCU should always be the last softing */
548
              RCU SOFTIRO.
549
550
              NR_SOFTIRQS
551
      };
```

https://elixir.bootlin.com/linux/latest/source/include/linux/interrupt.h#L531

## /proc/softirqs

| ~\$ cat /proc/so   | ftirqs |        |        |        |        |        |        |        |
|--------------------|--------|--------|--------|--------|--------|--------|--------|--------|
|                    | CPU0   | CPU1   | CPU2   | CPU3   | CPU4   | CPU5   | CPU6   | CPU7   |
| HI:                | 5      | 0      | Θ      | Θ      | Θ      | Θ      | 0      | Θ      |
| TIMER:             | 332519 | 310498 | 289555 | 272913 | 282535 | 279467 | 282895 | 270979 |
| NET_TX:            | 2320   | 0      | 0      | 2      | 1      | 1      | 0      | 0      |
| <pre>NET_RX:</pre> | 270221 | 225    | 338    | 281    | 311    | 262    | 430    | 265    |
| BLOCK:             | 134282 | 32     | 40     | 10     | 12     | 7      | 8      | 8      |
| BLOCK_IOPOLL:      | 0      | 0      | 0      | 0      | 0      | 0      | 0      | Θ      |
| TASKLET:           | 196835 | 2      | 3      | 0      | 0      | 0      | 0      | Θ      |
| SCHED:             | 161852 | 146745 | 129539 | 126064 | 127998 | 128014 | 120243 | 117391 |
| HRTIMER:           | 0      | 0      | 0      | 0      | 0      | 0      | 0      | 0      |
| RCU:               | 337707 | 289397 | 251874 | 239796 | 254377 | 254898 | 267497 | 256624 |

#### **Data Structures**

The vector softing contains the description of each available SoftIRQ

```
55 static struct softirq_action softirq_vec[NR_SOFTIRQS] __cacheline_aligned_in_smp;
```

The softirq\_action data structure contains the pointer to the softirq function (void\*).

#### Initialization

The initialization of softirgs is done at boot time with the function open\_softirg()

```
void open_softirq(int nr, void (*action)(struct softirq_action *))

487 {
    softirq_vec[nr].action = action;
489 }
```

https://oxax.gitbooks.io/linux-insides/content/Interrupts/linux-interrupts-9.html

#### Activation

The SoftIROs are activated by means of the function raise\_softirq()

```
470     void raise_softirq(unsigned int nr)
471     {
472          unsigned long flags;
473
474          local_irq_save(flags);
475          raise_softirq_irqoff(nr);
476          local_irq_restore(flags);
477     }
https://elixir.bootlin.com/linux/latest/source/kernel/softirq.c#L470
```

Restore the saved state of IF flag of EFLAGS register and re-enable interrupts on local CPU

Save the state of IF flag of EFLAGS register and disable interrupts on local CPU

Mark the interrupt as pending (in the local cpu bitmap) and wake softired if not in interrupt context

```
inline void raise_softirg_irqoff(unsigned int nr)
453
454
               __raise_softirq_irqoff(nr);
455
456
457
                 * If we're in an interrupt or softirg, we're done
458
                 * (this also catches softirg-disabled code). We will
459
                 * actually run the softirg once we return from
460
                 * the irg or softirg.
461
462
                 * Otherwise we wake up ksoftirgd to make sure we
463
                 * schedule the softirg soon.
464
465
                if (!in interrupt())
466
                        wakeup_softirqd();
467
468
          https://elixir.bootlin.com/linux/latest/source/kernel/softirg.c#L453
```

#### **Activation**

The checks for pending softirq should be performed periodically but without too much overhead. Here's a list of significant points in the kernel in which the check is done:

- when softirgs are enabled on local CPU;
- when do\_IRQ() finished processing;
- after a timer interrupt on LAPIC;
- after a CALL\_FUNCTION\_VECTOR;
- when a ksoftirqd/n kernel thread is wakened.

#### Execution - do\_softirq()

If there is a pending softirq then the function do\_softirq() is invoked. The function:

1. checks if invoked in a interrupt context or softirgs are disabled, if yes returns

2. executes local\_irq\_save()

3. checks if there are pending softirq

4. calls do\_softirq\_own\_stack this function switches to needed and calls \_\_do\_softirq()

calls local\_irq\_restore()

```
asmlinkage __visible void do_softirq(void)
233
234
235
                u32 pending:
                unsigned long flags;
236
237
238
                if (in_interrupt())
239
                         return:
240
241
                local_irg_save(flags);
242
243
                pending = local softirg pending();
244
                if (pending && !ksoftirgd running(pending))
245
246
                         do_softirq_own_stack();
247
248
                local irg restore(flags);
249
           https://elixir.bootlin.com/linux/latest/source/kernel/softirg.c#L233
```

#### Execution - \_\_do\_softirq()

The \_\_do\_softirq() reads the bit mask of the local CPU and executes the deferrable functions corresponding to every set bit. While executing a softirq, another softirq may pop up and in order to avoid that \_\_do\_softirq() never regain control to user processes it only executes a **fixed number of iterations**, the remaining softirqs will be handled by ksoftirqd daemon.

The function \_\_do\_softirq():

- 1. initializes the iteration counter to 10
- 2. copies the bitmap of the local cpu
- 3. disable softirgs in the local cpu, since softirg are executed serially
- 4. clears the bitmap of local cpu
- 5. executes local irg enable()
- 9
- 6. executes the action for every set bit
- 7. executes local\_irq\_disable() 10.
- 8. copies the bitmap<sub>11</sub>.
- if another softirq has been activated and iterations > o jump to 4.
- if there are more softirq invokes wakeup\_softirqd()
  - Re-enfable softirbein the local people cpu

## ksoftirqd

In modern kernel versions, each CPU has its own ksoftirqd/n kernel thread (where n is the logical number of the CPU). Each ksoftirqd runs the ksoftirq() function which essentially executes the following loop:

```
for(;;) {
    set_current_state(TASK_INTERRUPTIBLE);
    schedule();
    /* now in TASK_RUNNING state */
    while (local_softirq_pending()) {
        preempt_disable();
        do_softirq();
        preempt_enable();
        cond_resched();
    }
}
```

# ksoftirqd

| root 13 0.0 0.0 0 0? S Apr05 0:00 [ksoftirg | . , -  |
|---------------------------------------------|--------|
| ·                                           | ıd/11  |
| root 19 0.0 0.0 0 0? S Apr05 0:00 [ksoftirq | 10/ 7] |
| root 24 0.0 0.0 0 0? S Apr05 0:00 [ksoftirq | ıd/2]  |
| root 29 0.0 0.0 0 0? S Apr05 0:00 [ksoftirq | ıd/3]  |
| root 34 0.0 0.0 0 0? S Apr05 0:00 [ksoftirq | ıd/4]  |
| root 39 0.0 0.0 0 0? S Apr05 0:00 [ksoftirq | ıd/5]  |
| root 44 0.0 0.0 0 0? S Apr05 0:00 [ksoftirq | ıd/6]  |
| root 49 0.0 0.0 0 0? S Apr05 0:00 [ksoftirq | ıd/7]  |

5-7

5. Interrupts Management

# **Tasklets**



## **Tasklets**

Tasklets are the preferred way to implement deferrable functions in I/O drivers or in kernel modules. As already introduced, tasklets are built on top of two softirqs named HI\_SOFTIRQ and TASKLET\_SOFTIRQ, they differ only in priority since several tasklets may be associated with the same softirq, each carrying its own function.

For using a tasklet you need to allocate the tasklet\_struct by means of the macro DECLARE\_TASKLET and then call one of the following functions to enable/disable it:

- tasklet\_enable(struct tasklet\_struct \*tasklet)
- tasklet\_hi\_enable( struct tasklet\_struct \*);
- tasklet\_disable(struct tasklet\_struct \*tasklet)
- void tasklet\_schedule(struct tasklet\_struct \*tasklet)

Unless a tasklet reactivates itself, every tasklet activation triggers **at most one** execution of the tasklet function. Management of tasklets is such that a tasklet of the same kind cannot be run concurrently on two different cores

#### How Tasklets are run

Tasklets are run using Soft IRQs. Enable functions are mapped to Soft IRQs lines:

- tasklet\_enable() mapped to TASKLET\_SOFTIRQ
- tasklet\_hi\_enable() mapped to HI\_SOFTIRQ

No real difference between the two, except that do\_softirq() processes HI\_SOFTIRQ before TASKLET\_SOFTIRQ. All non-disabled Tasklets are executed, before the corresponding SoftIRQ action completes.

Remember that they are run with HardIRQs enabled.

#### **Modern API**

In the latest version of the kernel the Tasklets API is deprecated in favour of Threaded IRQs.

```
/* Tasklets --- multithreaded analogue of BHs.

596
597
This API is deprecated. Please consider using threaded IRQs instead:
598
https://lore.kernel.org/lkml/20200716081538.2sivhkj4hcyrusem@linutronix.de
599
https://elixir.bootlin.com/linux/latest/source/include/linux/interrupt.h#L595
```

The Tasklet API (but also the SoftIRQ) will be removed because the top-half of an IRQ is executed in a kernel thread by using the function request\_threaded\_irq() for allocating a IRQ line.

For further information see <a href="https://lwn.net/Articles/302043/">https://lwn.net/Articles/302043/</a>.

5.8

5. Interrupts Management

## **Work Queues**



## **Work Queues**

The worker queues have been introduced in Linux 2.6. They are similar to the deferrable functions, but they are run by ad-hoc kernel-level worker threads.

Worker Queues always run in **process context** and they can perform blocking operations but this does not mean that they can access user address space (as the deferrable functions). Executing in process context is the only way for performing blocking operations (e.g. accessing data to disk), remind that no process switch can occur in interrupt context.

A work queue is defined by the workqueue\_struct whose field worklist points to a doubly linked list of pending functions.

#### **APIs**

#### Creating a queue

The function create\_workqueue("foo") allows to create a new work queue and also creates n worker threads (where n is the number of CPUs). You can use the function create\_singlethread\_workqueue() for creating a work queue with only one thread. You can destroy the queue with the function destroy\_workqueue().

After creating a queue you can use:

- queue\_work() for inserting a function (packaged in a work\_struct) to the queue
- queue\_delayed\_work() for inserting a function that will be executed when after the passed time delay

A worker thread continuously loop inside the function worker\_thread() that most of the time is sleeping if there is no function to be executed.

Sometimes it may be necessary to wait until all pending functions are executed, in that case, the function flush\_workqueue() can be used.

#### **APIs**

#### The predefined work queue

In most cases, creating a whole set of worker threads in order to run a function is overkill. Therefore, the kernel offers a predefined work queue called *events*, which can be freely used by every kernel developer.

To use the predefined queue you can use the following functions:

*Table 4-14. Helper functions for the predefined work queue* 

| Predefined work queue function        | Equivalent standard work queue function                        |  |  |  |  |
|---------------------------------------|----------------------------------------------------------------|--|--|--|--|
| <pre>schedule_work(w)</pre>           | queue_work(keventd_wq,w)                                       |  |  |  |  |
| <pre>schedule_delayed_work(w,d)</pre> | <pre>queue_delayed_work(keventd_wq,w,d)(on any CPU)</pre>      |  |  |  |  |
| schedule_delayed_work_on(cpu,w,d)     | <pre>queue_delayed_work(keventd_wq,w,d) (on a given CPU)</pre> |  |  |  |  |
| flush_scheduled_work()                | flush_workqueue(keventd_wq)                                    |  |  |  |  |

## kworkers

```
[gpm@fedora-xps ~]$ ps -aux | grep kworker
                                       0 ?
root
                  0.0
                       0.0
                                                   Ι<
                                                        Apr05
                                                                0:00 [kworker/0:0H-events highpri]
                  0.0
                       0.0
                                       0 ?
                                                  Ι<
                                                        Apr05
                                                                0:00 [kworker/1:0H-events highpri]
root
                  0.0
                       0.0
root
              26
                                       0 ?
                                                   Ι<
                                                        Apr05
                                                                0:00 [kworker/2:0H-events highpri]
                  0.0
                       0.0
                                       0 ?
                                                        Apr05
                                                                0:00 [kworker/3:0H-events highpri]
root
              31
                                                   Ι<
              36
                  0.0
                       0.0
                                       0 ?
                                                  Ι<
                                                        Apr05
                                                                0:00 [kworker/4:0H-events highpri]
root
                  0.0
                       0.0
                                       0 ?
                                                  Ι<
                                                        Apr05
                                                                0:00 [kworker/5:0H-events highpri]
root
                                       0 ?
                  0.0
                       0.0
                                                   Ι<
                                                        Apr05
                                                                0:00 [kworker/6:0H-events highpri]
root
root
              51
                  0.0
                       0.0
                                       0 ?
                                                   Ι<
                                                        Apr05
                                                                0:00 [kworker/7:0H-events highpri]
             137
                  0.0
                       0.0
                                       0 ?
                                                  Ι<
                                                        Apr05
                                                                0:00 [kworker/6:1H-events highpri]
root
             152
root
                  0.0
                       0.0
                                       0 ?
                                                  Ι<
                                                        Apr05
                                                                0:00 [kworker/3:1H-events highpri]
             233
                  0.0
                       0.0
                                       0 ?
                                                  Ι<
                                                        Apr05
                                                                0:00 [kworker/4:1H-events highpri]
root
                  0.0
                       0.0
                                                                0:00 [kworker/5:1H-kblockd]
             310
                                       0 ?
                                                  Ι<
                                                        Apr05
root
root
             328
                  0.0
                       0.0
                                       0 ?
                                                  Ι<
                                                        Apr05
                                                                0:00 [kworker/7:1H-events highpri]
             376
                  0.0
                       0.0
                                       0 ?
                                                  Ι<
                                                        Apr05
                                                                0:00 [kworker/0:1H-kblockd]
root
root
             467
                  0.0
                       0.0
                                       0 ?
                                                  Ι<
                                                        Apr05
                                                                0:00 [kworker/2:1H-events highpri]
             556
                  0.0
                       0.0
                                       0 ?
                                                  Ι<
                                                        Apr05
                                                                0:00 [kworker/1:1H-events highpri]
root
root
           70810
                  0.0
                       0.0
                                       0 ?
                                                  Ι
                                                        Apr05
                                                                0:00 [kworker/5:0-events power efficient]
root
           72123
                  0.0
                       0.0
                                       0 ?
                                                  Ι
                                                        Apr05
                                                                0:00 [kworker/1:2-cgroup destroy]
root
           73440
                  0.0
                       0.0
                                       0 ?
                                                        Apr05
                                                                0:00 [kworker/6:1-events]
           73920
                  0.0
                       0.0
                                       0 ?
                                                                0:01 [kworker/u17:0-rb allocator]
root
                                                  Ι<
                                                       Apr05
                                                                0:00 [kworker/u16:4-i915]
           75463
                  0.0
                       0.0
                                       0 ?
                                                   Ι
                                                        Apr05
root
           75552 0.0
                       0.0
                                       0 ?
                                                   Ι<
                                                       Apr05
                                                                0:02 [kworker/u17:1-i915 flip]
root
```

# Advanced Operating Systems and Virtualization

[5] Interrupts Management

LECTURER

Gabriele Proietti Mattia

BASED ON WORK BY

http://www.ce.uniroma2.it/~pellegrini/



