GDT modification
in [Win32 API]
|
From: [Jongware] on 19 Feb 2010 09:08 David Given wrote: > I have some deeply strange code that I have just discovered is accessing > some values via GDT segment descriptors. > > The library that I am implementing has an API for allocating a new > segment descriptor from the operating system, and setting it up to point > at a block of memory in user space; so, once %es has been loaded with > the new segment descriptor, accessing %es:0 is equivalent to accessing > the first byte of this block of memory, etc. > > Does Windows (or, preferably, the Windows NT kernel) have an API for > this? I'm actually from a Unix background, so I don't know the Windows > terminology for these things, so I don't know what keywords to search > for to get information... GDT, LDT :-) Not an answer; but I have seen MS own VC compiler perform a /similar/ trick using the fs: register -- it typically accesses stuff like fs:[0]. I have a vague notion it was somehow related to TSL (= thread local storage, IIRC). I have no idea how the underlying system works -- for example, where, how and for what the fs: segment gets its "active" value before stepping into the thread. However, just idly thinking about it: fs: sounds more like a sane choice for a system like this (and yours) than es: -- that one is highly likely to be in use for stuff such as string comparing and moving (the lods/stos/scas/cmps family of operands). > This is all 32-bit code and doesn't have to be portable. You mean, between Linux & Windows? What a relief -- it sounds like extremely low level close-to-metal stuff such as system kernels and drivers. Speaking of which: you could wander over to the Microsoft site and browse a bit through their Device Driver Kit -- DDK -- as it is quite more probably a segment register specification pops up in there than it is in the 'regular' APIs (personally, I've never encountered a register spec in the regular APIs ;o) You could also try to post in a DDK dedicated group -- no harm in trying. [Jw]
|
Pages: 1 Prev: HKLM\SOFTWARE\Microsoft\Cryptography\RNG\Seed vs. CryptGenRandom Next: LDT modification |