4-8
PROCEDURE CALLS, INTERRUPTS, AND EXCEPTIONS
in any of the general-purpose registers that it will need when it resumes execution after a return.
These values can be saved on the stack or in memory in one of the data segments.
The PUSHA and POPA instruction facilitates saving and restoring the contents of the general-
purpose registers. PUSHA pushes the values in all the general-purpose registers on the stack in
the following order: EAX, ECX, EDX, EBX, ESP (the value prior to executing the PUSHA
instruction), EBP, ESI, and EDI. The POPA instruction pops all the register values saved with a
PUSHA instruction (except the ESI value) from the stack to their respective registers.
If a called procedure changes the state of any of the segment registers explicitly, it should restore
them to their former value before executing a return to the calling procedure.
If a calling procedure needs to maintain the state of the EFLAGS register it can save and restore
all or part of the register using the PUSHF/PUSHFD and POPF/POPFD instructions. The
PUSHF instruction pushes the lower word of the EFLAGS register on the stack, while the
PUSHFD instruction pushes the entire register. The POPF instruction pops a word from the
stack into the lower word of the EFLAGS register, while the POPFD instruction pops a double
word from the stack into the register.
4.3.5.Calls to Other Privilege Levels
The IAs protection mechanism recognizes four privilege levels, numbered from 0 to 3, where
greater numbers mean lesser privileges. The primary reason to use these privilege levels is to
improve the reliability of operating systems. For example, Figure 4-3 shows how privilege
levels can be interpreted as rings of protection.
In this example, the highest privilege level 0 (at the center of the diagram) is used for segments
that contain the most critical code modules in the system, usually the kernel of an operating
system. The outer rings (with progressively lower privileges) are used for segments that contain
code modules for less critical software.
Code modules in lower privilege segments can only access modules operating at higher privi-
lege segments by means of a tightly controlled and protected interface called a gate. Attempts
to access higher privilege segments without going through a protection gate and without having
sufficient access rights causes a general-protection exception (#GP) to be generated.
