Titled “Forbidden, Undocumented and other Crazy Kernel-mode stuff”
I will let your imagination run wild.
As you may guess, it is a tough week so far 
Jamey
Jamey Kirby wrote:
Titled “Forbidden, Undocumented and other Crazy Kernel-mode stuff”
I will let your imagination run wild.
When can I rent the DVD?
–
Walter Oney, Consulting and Training
Basic and Advanced Driver Programming Seminars
Now teaming with John Hyde for USB Device Engineering Seminars
Check out our schedule at http://www.oneysoft.com
Rest assured there will be no red Swingline staplers in his movie.
Jamey
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Walter Oney
Sent: Wednesday, October 09, 2002 12:17 PM
To: NT Developers Interest List
Subject: [ntdev] Re: I am going to write a book
Jamey Kirby wrote:
Titled “Forbidden, Undocumented and other Crazy Kernel-mode stuff”
I will let your imagination run wild.
When can I rent the DVD?
–
Walter Oney, Consulting and Training
Basic and Advanced Driver Programming Seminars
Now teaming with John Hyde for USB Device Engineering Seminars
Check out our schedule at http://www.oneysoft.com
You are currently subscribed to ntdev as: xxxxx@storagecraft.com
To unsubscribe send a blank email to %%email.unsub%%
Suggestions
Topics like how to modify GDT, IDT, add your own software interrupt, add
your own native service are already published but could be presented more
clearly.
Some APIs Microsoft saying are only for internal use would be of great
interest.
Something like how to hack into thread scheduler so we can have more control
over when and what to or not to do a thread context switch should be of the
greatest usefulness (to realtime development in kernel).
Bi
-----Original Message-----
From: Jamey Kirby [mailto:xxxxx@storagecraft.com]
Sent: Wednesday, October 09, 2002 12:31 PM
To: NT Developers Interest List
Subject: [ntdev] Re: I am going to write a book
Rest assured there will be no red Swingline staplers in his movie.
Jamey
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Walter Oney
Sent: Wednesday, October 09, 2002 12:17 PM
To: NT Developers Interest List
Subject: [ntdev] Re: I am going to write a book
Jamey Kirby wrote:
Titled “Forbidden, Undocumented and other Crazy Kernel-mode stuff”
I will let your imagination run wild.
When can I rent the DVD?
–
Walter Oney, Consulting and Training
Basic and Advanced Driver Programming Seminars
Now teaming with John Hyde for USB Device Engineering Seminars
Check out our schedule at http://www.oneysoft.com
You are currently subscribed to ntdev as: xxxxx@storagecraft.com
To unsubscribe send a blank email to %%email.unsub%%
You are currently subscribed to ntdev as: xxxxx@appstream.com
To unsubscribe send a blank email to %%email.unsub%%
I’ve a driver, written as an exercise, that sets up its own GDT, LDT,
etc, goes to 16-bit real mode and (the hard part) back to 32-bit flat
virtual. I have to say, however, that although the techniques are
interesting (to me), I’ve not found a practical use.
–
If replying by e-mail, please remove “nospam.” from the address.
James Antognini
Hi, all
I would like to know about whether the thread call the fcuntion at which
IRQL from memory.dmp.
If anyone know about it, Would you tell me about it?
I know supported !apc on XP or .Net Server.
Thanks in advance,
Futoshi
James Antognini wrote:
I’ve a driver, written as an exercise, that sets up its own GDT, LDT,
etc, goes to 16-bit real mode and (the hard part) back to 32-bit flat
virtual. I have to say, however, that although the techniques are
interesting (to me), I’ve not found a practical use.
If you’re actually going to real mode and back (as opposed to X86 mode),
I’m impressed. Welcome to the exclusive club of certified stunt
programmers. Your membership card (along with a bill for dues) will be
in the mail shortly.
–
Walter Oney, Consulting and Training
Basic and Advanced Driver Programming Seminars
Now teaming with John Hyde for USB Device Engineering Seminars
Check out our schedule at http://www.oneysoft.com
>> as opposed to X86 mode
What is X86 mode ?
Dan
----- Original Message -----
From: “Walter Oney”
Newsgroups: ntdev
To: “NT Developers Interest List”
Sent: Thursday, October 10, 2002 12:26 PM
Subject: [ntdev] Re: I am going to write a book
> James Antognini wrote:
> > I’ve a driver, written as an exercise, that sets up its own GDT, LDT,
> > etc, goes to 16-bit real mode and (the hard part) back to 32-bit flat
> > virtual. I have to say, however, that although the techniques are
> > interesting (to me), I’ve not found a practical use.
>
> If you’re actually going to real mode and back (as opposed to X86 mode),
> I’m impressed. Welcome to the exclusive club of certified stunt
> programmers. Your membership card (along with a bill for dues) will be
> in the mail shortly.
>
> –
> Walter Oney, Consulting and Training
> Basic and Advanced Driver Programming Seminars
> Now teaming with John Hyde for USB Device Engineering Seminars
> Check out our schedule at http://www.oneysoft.com
>
> —
> You are currently subscribed to ntdev as: xxxxx@rdsor.ro
> To unsubscribe send a blank email to %%email.unsub%%
>
Dan Partelly wrote:
What is X86 mode ?
It’s V86 mode (virtual 8086 mode), but misspelled. It’s kind of like a
secret handshake for CSP members, who are supposed to read what was
intended instead of what was actually typed 
–
Walter Oney, Consulting and Training
Basic and Advanced Driver Programming Seminars
Now teaming with John Hyde for USB Device Engineering Seminars
Check out our schedule at http://www.oneysoft.com
Cool. Then I wanna join as well, for I put the CPU in Ia32 mode. =)
Ciao, Dan
“Walter Oney” wrote in message news:xxxxx@ntdev…
>
> Dan Partelly wrote:
> > What is X86 mode ?
>
> It’s V86 mode (virtual 8086 mode), but misspelled. It’s kind of like a
> secret handshake for CSP members, who are supposed to read what was
> intended instead of what was actually typed
>
> –
> Walter Oney, Consulting and Training
> Basic and Advanced Driver Programming Seminars
> Now teaming with John Hyde for USB Device Engineering Seminars
> Check out our schedule at http://www.oneysoft.com
>
>
Dan Partelly wrote:
Cool. Then I wanna join as well, for I put the CPU in Ia32 mode. =)
So, you must have figured out how to access CR9, too. Good going!
–
Walter Oney, Consulting and Training
Basic and Advanced Driver Programming Seminars
Now teaming with John Hyde for USB Device Engineering Seminars
Check out our schedule at http://www.oneysoft.com
Hi, Walter, Dan Partelly, Tony Mason and all the gurus out there:
I am far from qaulfied to join CSP, not even the minor league if there were
one (may saving the membership fee as a side benefit). I would be very
interesting to know if any CSP member has hacked the inner of the thread
scheduling. I once did some realtime thing (in user mode, which I have a
ample reason not to bring it to kernel mode) on Win2k but not resulting
satified result. I wished that I could somehow set a variable in TLS of a
thread, visible in ETHREAD, so that the thread scheduler would not preempt
the thread for the moment. By that I mean at least it extends a few more
quatums to the thread and not allow higher priority thread to preempt it
until the extended quatums expired. I wish there were some filter driver
like thing in kernel that allows you to modify thread scheduling policy a
little bit dynamically.
Does Microsoft pay-to-play policy (providing source code) cover thread
scheduler?
Thanks.
Bi
-----Original Message-----
From: Walter Oney [mailto:xxxxx@oneysoft.com]
Sent: Thursday, October 10, 2002 5:09 AM
To: NT Developers Interest List
Subject: [ntdev] Re: I am going to write a book
Dan Partelly wrote:
What is X86 mode ?
It’s V86 mode (virtual 8086 mode), but misspelled. It’s kind of like a
secret handshake for CSP members, who are supposed to read what was
intended instead of what was actually typed
–
Walter Oney, Consulting and Training
Basic and Advanced Driver Programming Seminars
Now teaming with John Hyde for USB Device Engineering Seminars
Check out our schedule at http://www.oneysoft.com
You are currently subscribed to ntdev as: xxxxx@appstream.com
To unsubscribe send a blank email to %%email.unsub%%
It’s real-address mode. I followed the instructions in “Intel
Architecture Software Developer’s Manual,” vol. 3, section 8.8.2,
“Switching Back to Real-Address Mode,” pp. 8-14 and -15.
The hard part was the debugging, because either things worked entirely
or they didn’t, and the latter usual meant a triple fault and reboot; so
it was almost impossible to get state information. I really needed a
hypervisor debugger, like IBM’s VM, which can emulate almost anything on
the S/390 platform. Maybe VMWare would have worked, but I didn’t have
that.
–
If replying by e-mail, please remove “nospam.” from the address.
James Antognini
Sorry, I meant “IDT.” A different animal entirely from “LDT.”
–
If replying by e-mail, please remove “nospam.” from the address.
James Antognini
I can’t wait to read, and when the DVD comes out, watch “F.U.C.K.” the
book and movie. And, no, it does not stand for “for unlawful carnal
knowledge” either!
And personally, I hope the movie features Milton and his red swingline
extensively…
Must’ve been a very tough week.
Kudos to the real-mode trick. Bonus points to someone who can write a
virtual IA64 emulator for 32bit NT. Hell, on a P4-2.5Ghz it would
probably run a 64bit app faster than a real Itanium could!
Oh, and wouldn’t it be LOVELY if VMWare really did offer a full
vm-debugger too with their product!!! You know, set debug traps on CR
modification, that sort of thing…
-p
Titled “Forbidden, Undocumented and other Crazy Kernel-mode stuff”
I will let your imagination run wild.
As you may guess, it is a tough week so far
Jamey
When I mentioned IDT, I meant to setup some software interrupt handler for
private use. Such as sending an interrupt to itself or another processor.
Bi
-----Original Message-----
From: James Antognini [mailto:xxxxx@mindspring.nospam.com]
Sent: Thursday, October 10, 2002 1:01 PM
To: NT Developers Interest List
Subject: [ntdev] Re: I am going to write a book
Sorry, I meant “IDT.” A different animal entirely from “LDT.”
–
If replying by e-mail, please remove “nospam.” from the address.
James Antognini
You are currently subscribed to ntdev as: xxxxx@appstream.com
To unsubscribe send a blank email to %%email.unsub%%
I only know VMWare will allow you to run Windows and Linux on the same PC at
same time. I always wonder now a day isn’t it cheaper to buy another PC for
that purpose.
I don’t know exactly how it does it. However, for performance reason, I
guess VMWare may not traps access to register (single step all the time) or
memory for that matter. I suspect it only traps MMIO and IOIO to devices.
Otherwise the performance penalty would be enormous.
I once wrote some device functional models for a software simulator for PC
which includes IA32 CPU model. It is a full software simulator that can boot
to almost any OSes including Windows. In this simulator, one can debug
absolutely anything using GDB. It is an amazing thing. The only problem is
that it is extramely slow, as you would expect, and it takes 40+ mins to
boot to desktop of Windows OS. It feels like running Windows on a 100KHz 386
processor.
Bi
-----Original Message-----
From: Paul Bunn [mailto:xxxxx@ultrabac.com]
Sent: Thursday, October 10, 2002 1:08 PM
To: NT Developers Interest List
Subject: [ntdev] Re: I am going to write a book
I can’t wait to read, and when the DVD comes out, watch “F.U.C.K.” the
book and movie. And, no, it does not stand for “for unlawful carnal
knowledge” either!
And personally, I hope the movie features Milton and his red swingline
extensively…
Must’ve been a very tough week.
Kudos to the real-mode trick. Bonus points to someone who can write a
virtual IA64 emulator for 32bit NT. Hell, on a P4-2.5Ghz it would
probably run a 64bit app faster than a real Itanium could!
Oh, and wouldn’t it be LOVELY if VMWare really did offer a full
vm-debugger too with their product!!! You know, set debug traps on CR
modification, that sort of thing…
-p
Titled “Forbidden, Undocumented and other Crazy Kernel-mode stuff”
I will let your imagination run wild.
As you may guess, it is a tough week so far
Jamey
You are currently subscribed to ntdev as: xxxxx@appstream.com
To unsubscribe send a blank email to %%email.unsub%%
I would recommend using a hardware ICE unit from American Arium. An ITP
from them or Intel may be sufficient as well. What really blows my mind is
that Microsoft never uses them… It’s a BIOS developers best friend, and
it would be awesome for kernel development as well.
-Justin
At 09:39 AM 10/10/2002, you wrote:
It’s real-address mode. I followed the instructions in “Intel
Architecture Software Developer’s Manual,” vol. 3, section 8.8.2,
“Switching Back to Real-Address Mode,” pp. 8-14 and -15.The hard part was the debugging, because either things worked entirely
or they didn’t, and the latter usual meant a triple fault and reboot; so
it was almost impossible to get state information. I really needed a
hypervisor debugger, like IBM’s VM, which can emulate almost anything on
the S/390 platform. Maybe VMWare would have worked, but I didn’t have
that.–
If replying by e-mail, please remove “nospam.” from the address.James Antognini
You are currently subscribed to ntdev as: zeppelin@io.com
To unsubscribe send a blank email to %%email.unsub%%
The 64bit emulator already exists. I worked on some of the 870 chipset
emulation for it. It is my understanding that is/was available to the
public from Intel.
-Justin
At 10:08 AM 10/10/2002, you wrote:
I can’t wait to read, and when the DVD comes out, watch “F.U.C.K.” the
book and movie. And, no, it does not stand for “for unlawful carnal
knowledge” either!
And personally, I hope the movie features Milton and his red swingline
extensively…
Must’ve been a very tough week.Kudos to the real-mode trick. Bonus points to someone who can write a
virtual IA64 emulator for 32bit NT. Hell, on a P4-2.5Ghz it would
probably run a 64bit app faster than a real Itanium could!Oh, and wouldn’t it be LOVELY if VMWare really did offer a full
vm-debugger too with their product!!! You know, set debug traps on CR
modification, that sort of thing…-p
> Titled “Forbidden, Undocumented and other Crazy Kernel-mode stuff”
>
> I will let your imagination run wild.
>
> As you may guess, it is a tough week so far
>
> Jamey
You are currently subscribed to ntdev as: zeppelin@io.com
To unsubscribe send a blank email to %%email.unsub%%
Here is the link:
http://www.intel.com/technology/itj/q41999/articles/art_2.htm
The 64bit emulator already exists. I worked on some of the 870 chipset
emulation for it. It is my understanding that is/was available to the
public from Intel.
-Justin
At 10:08 AM 10/10/2002, you wrote:
I can’t wait to read, and when the DVD comes out, watch “F.U.C.K.” the
book and movie. And, no, it does not stand for “for unlawful carnal
knowledge” either!
And personally, I hope the movie features Milton and his red swingline
extensively…
Must’ve been a very tough week.Kudos to the real-mode trick. Bonus points to someone who can write a
virtual IA64 emulator for 32bit NT. Hell, on a P4-2.5Ghz it would
probably run a 64bit app faster than a real Itanium could!Oh, and wouldn’t it be LOVELY if VMWare really did offer a full
vm-debugger too with their product!!! You know, set debug traps on CR
modification, that sort of thing…-p
> Titled “Forbidden, Undocumented and other Crazy Kernel-mode stuff”
>
> I will let your imagination run wild.
>
> As you may guess, it is a tough week so far
>
> Jamey
You are currently subscribed to ntdev as: zeppelin@io.com
To unsubscribe send a blank email to %%email.unsub%%