Intel 64 and IA-32 Architectures Software Developers Manual Volume 2B, Instruction Set Reference, N-Z
4-358 Vol. 2B
INSTRUCTION SET REFERENCE, N-Z
SWAPGS—Swap GS Base Register
Description
SWAPGS exchanges the current GS base register value with the value contained in
MSR address C0000102H (MSR_KERNELGSbase). KernelGSbase is guaranteed to be
canonical; so SWAPGS does not perform a canonical check. The SWAPGS instruction
is a privileged instruction intended for use by system software.
When using SYSCALL to implement system calls, there is no kernel stack at the OS
entry point. Neither is there a straightforward method to obtain a pointer to kernel
structures from which the kernel stack pointer could be read. Thus, the kernel can't
save general purpose registers or reference memory.
By design, SWAPGS does not require any general purpose registers or memory oper-
ands. No registers need to be saved before using the instruction. SWAPGS exchanges
the CPL 0 data pointer from the KernelGSbase MSR with the GS base register. The
kernel can then use the GS prefix on normal memory references to access kernel
data structures. Similarly, when the OS kernel is entered using an interrupt or excep-
tion (where the kernel stack is already set up), SWAPGS can be used to quickly get a
pointer to the kernel data structures.
The KernelGSbase MSR itself is only accessible using RDMSR/WRMSR instructions.
Those instructions are only accessible at privilege level 0. WRMSR will cause a
#GP(0) if the value to be written to KernelGSbase MSR is non-canonical.
See Table 4-5.
Opcode Instruction
64-Bit
Mode
Compat/
Leg Mode Description
0F 01 /7 SWAPGS Valid Invalid Exchanges the current GS base
register value with the value
contained in MSR address
C0000102H.
Table 4-5. SWAPGS Operation Parameters
Opcode ModR/M Byte Instruction
MOD REG R/M Not 64-bit
Mode
64-bit Mode
OF 01 MOD
≠ 11 111 xxx INVLPG INVLPG
11 111 000 #UD SWPGS
11 111
≠ 000 #UD #UD