KPCR

The name KPCR stands for (Kernel) Processor Control Region. The kernel keeps a KPCR (formally a _KPCR) for each logical processor. The KPCR for the boot processor is in space provided by the loader or is in the kernel’s own data, but the KPCR for each additional processor is at the start of a large-scale per-processor state that the kernel builds in one memory allocation. In version 6.0 and higher, these are laid out as follows:

• the KPCR for the processor, ending with one REQUEST_MAILBOX per processor in applicable versions;
• a Task State Segment (TSS), defining the current task on the processor;
• (x64 only) an 8KB stack for use while handling the Double Fault exception for the processor;
• (x64 only) an 8KB stack for use while handling the Machine Check exception for the processor;
• (x64 only) an 8KB stack for use while handling the Non-Maskable Interrupt (NMI) for this processor;
• an ETHREAD, representing the system thread for the processor’s initial execution;
• (x86 only) a TSS for handling the Double Fault exception for the processor;
• (x86 only) a TSS for handling the NMI for the processor;
• (x86 only) a 12KB stack for use while handling NMIs, double faults and Machine Check exceptions for the processor;
• the Global Descriptor Table (GDT) for the processor;
• the Interrupt Descriptor Table (IDT) for the processor.

The precise arrangement of these items is plainly meant to be the kernel’s own business. Explicit use of them, wherever they are for any processor, doesn’t look to be intended for any software other than the kernel and the HAL. They are listed here just for the general background of knowing what sorts of large-scale structures Windows keeps for each processor and to elaborate the architectural point that the KPCR is the means through which the kernel manages them.

The KPCR is highly specific to the processor architecture. Indeed, public symbol files confirm that Microsoft differentiates the x86 and x64 implementations not by conditional compilation but by defining them in separate headers. This note follows Microsoft and presents the x86 KPCR and x64 KPCR separately.