Question after reading "Undocumented Undocumented Windows NT"

Question after reading "Undocumented Undocumented Windows NT"

Post by leon80021 » Fri, 11 May 2007 17:36:16


Hi all:
I hope someone here has read the chapter "Adding New Software
Interrupts", I could understand most part of the code presented in
this chapter, But there's one thing I don't understand, that is in the
driver code (callgate.c) "CreateCallGate" what's the role the code
descriptor plays? And also, how to build the source code including
assembly code, I guess the assembly part should build separately by
MASM, I've tried with "nmake /f *.mak", but to no avail so far.

Thanks
 
 
 

Question after reading "Undocumented Undocumented Windows NT"

Post by leon80021 » Fri, 11 May 2007 17:44:08

The code descriptor's initialization looks like this:

ring0_desc.limit_0_15 = 0xFFFF;
ring0_desc.base_0_15 = 0;
ring0_desc.base_16_23 = 0;
ring0_desc.readable = 1;
ring0_desc.conforming = 0;
ring0_desc.code_data = 1;
ring0_desc.app_system = 1;
ring0_desc.dpl = 0;
ring0_desc.present = 1;
ring0_desc.limit_16_19 = 0xF;
ring0_desc.always_0 = 0;
ring0_desc.seg_16_32 = 1;
ring0_desc.granularity = 1;
ring0_desc.base_24_31 = 0;

 
 
 

Question after reading "Undocumented Undocumented Windows NT"

Post by Don Bur » Fri, 11 May 2007 19:42:44

Terrible book with a lot if inaccuracies. The technique you are using
should not be used in production code.


--
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting
Website: http://www.yqcomputer.com/
Blog: http://www.yqcomputer.com/
Remove StopSpam to reply