Is there any way to save\load Interrupt Descriptor Table on x64 Vista SP2 (AMD64) without Blue Screen? Here is my code in MASM that makes Blue Screen:
IDTINFO struct
word idtLimit ?
dword lowIDTBase ?
dword highIDTBase ?
IDTINFO ends
getInterruptDescriptorTable proto :DWORD
.code
getInterruptDescriptorTable PROC idtInfo_arg:DWORD
local idtInfo_locl :IDTINFO
sidt idtInfo_locl
lea eax, idtInfo_locl
push [eax]
mov eax, idtInfo_arg
pop [eax]
getInterruptDescriptorTable endp
end
Well, I'm new at Assembly language, so there can be some obvious mistakes.
EDIT This is how prototype in .h file looks like:
extern void getInterruptDescriptorTable(IDTINFO*);
Here, call in .c file:
IDTINFO idtInfo = {0};
getInterruptDescriptorTable(&idtInfo);
IDTINFO structure in C:
typedef struct
{
unsigned short idtLimit;
unsigned int lowIDTBase;
unsigned int highIDTBase;
} IDTINFO;
x64 systems are protected by patch guard mechanism. You can`t path idt without bsod: http://en.wikipedia.org/wiki/Kernel_Patch_Protection