What page directory is used during an x86 interrupt handler?

Question

I am currently writing a small operating system that makes use of paging and multitasking and therefore is running user mode applications. Paging is already working perfectly fine.

But there's one thing I don't yet understand: Let's say my OS is executing in user mode and an interrupt occurs. Does the processor handle that interrupt handler within that user's virtual address space or do interrupt handlers use physical addressing? Or do I actively have to switch to the kernel page directory?

How does the processor know where to switch?

Answer 1

An interrupt doesn't change the page tables. The x86 page table format has a U/S (user/supervisor) bit in each page directory entry (https://wiki.osdev.org/Paging#Page_Directory). A supervisor-only mapping only works in ring 0, not in ring 3. i.e. it's a kernel-only mapping, saving the overhead of changing the page tables on every interrupt or system call.

(Meltdown is a hardware exploit that defeats it on most recent Intel CPUs, so OSes currently have to avoid leaving kernel memory mapped while user-space is running, if they boot on a vulnerable CPU. http://blog.stuffedcow.net/2018/05/meltdown-microarchitecture/)

So the kernel can reserve part of every process's virtual address space for its own use. For example Linux reserves the high half of virtual address space for kernel use. See https://www.kernel.org/doc/Documentation/x86/x86_64/mm.txt for the current x86-64 layout.

This design is called a "high half" kernel, for obvious reasons.

For 32-bit x86, Linux can use a 3:1 split with 3GiB of user-space virtual address space and only 1 for the kernel. This means the kernel usually can't map all the physical memory even on a 2GiB machine, which sucks. (A 64-bit kernel is definitely a good idea even if you want to run a 32-bit userspace for some reason.)