msr register in win_xp?......help

OSR_Community_User · July 22, 2003, 9:17am

Hi,
I need to read info from the msr registers [model-specific registers].
The command in asm is RDMSR.Now The problem is that i am trying to issue a
Ring 0 instruction from Ring 3, and that give me a GP(#0) fault.
i’m writhing in c++ for win xp.
the algorithm on a high level to achieve the required functionality:

Create Ring 0 driver that calls RDMSR
Output MSR information to a file
Read file
Parse the information out.

To perform step 1:
i need to Create a Dll or Sys file
Load into Registry.

i am new with ddk, can some one help me with that?//////
my e-mail is:
xxxxx@hotmail.com.
thank’s.

Marc-Antoine_Ruel · July 22, 2003, 10:11am

Here’s some infos to give you a quick start. It may not be complete or exact. Use it at your own risk!

Do a backup of your hardisk, you will probably blue screen. Get 2 computer if you can.
Get the DDK.
Get DebugView from www.sysinternals.com. Learn to use KdPrint(()).
Take any simple DDK sample and empty it. Only keep the DriverEntry function.
Create an installer. You have to use the OpenSCManager()/CreateService() to load dynamically a driver. Read the docs.
Here’s a *start*. It is not complete!

// Pseudo code!
NTSTATUS DriverEntry(IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING pRegistryPath)
{
OBJECT_ATTRIBUTES ObjectAttributes;
NTSTATUS status;
UNICODE_STRING Path;
HANDLE hKey;
RtlInitUnicodeString(&Path, L"RegKey");
InitializeObjectAttributes(&ObjectAttributes, &Path, OBJ_KERNEL_HANDLE, pRegistryPath, NULL);
status = ZwOpenKey(&hKey, KEY_READ, &ObjectAttributes);
if (NT_SUCCESS(status))
{
DWORD msr = 0;
__try
{
// Do MSR stuff
}
__except()
{
}
ZwSetValueKey(hKey, …);
ZwClose(hKey);
}
return STATUS_SUCCESS;
}

You may have to add some DriverObject->MajorFunction[IRP_MJ_XXX] = XxxDispatchXXX; to the driver so it works.
Don’t forget to STOP your driver.
Create a user app that reads the key in the registry.
“HKLM\SYSTEM\CurrentControlSet\Services\YOURDRIVER\RegKey”
Please tell me your driver’s name so I do not load it on my computer.

M-A

-----Original Message-----
From: eyal [mailto:xxxxx@hotmail.com]
Sent: 22 juillet, 2003 09:17
To: Windows System Software Developers Interest List
Subject: [ntdev] msr register in win_xp?..help

Hi,
I need to read info from the msr registers [model-specific registers].
The command in asm is RDMSR.Now The problem is that i am trying to issue a
Ring 0 instruction from Ring 3, and that give me a GP(#0) fault.
i’m writhing in c++ for win xp.
the algorithm on a high level to achieve the required functionality:

Create Ring 0 driver that calls RDMSR
Output MSR information to a file
Read file
Parse the information out.

To perform step 1:
i need to Create a Dll or Sys file
Load into Registry.

i am new with ddk, can some one help me with that?//////
my e-mail is:
xxxxx@hotmail.com.
thank’s.

You are currently subscribed to ntdev as: xxxxx@pyxis.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

Don_Burn_1 · July 22, 2003, 10:31am

The problem with your code is that the solution would only allow the MSR to
be read once, I don’t think that would be particularily useful. Since you
provide no ability to even unload the driver, if the value wants to be read
again you have to reboot.

The orignal requestor framed the problem poorly, doing the work with a file
(or the registry as you showed it) is a poor method versus using an IOCTL
with an input to specify the MSR and an output of the value. Take the IOCTL
sample of the current DDK and start with that. You should have to change
the name of the device, make an IOCTL for the request and change the device
IO control routine (use the buffered portion as you prototype) to do the MSR
instructions.

Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting

----- Original Message -----
From: “Marc-Antoine Ruel”
To: “Windows System Software Developers Interest List”
Sent: Tuesday, July 22, 2003 10:11 AM
Subject: [ntdev] RE: msr register in win_xp?..help

Here’s some infos to give you a quick start. It may not be complete or
exact. Use it at your own risk!

1. Do a backup of your hardisk, you will probably blue screen. Get 2
computer if you can.
2. Get the DDK.
3. Get DebugView from www.sysinternals.com. Learn to use KdPrint(()).
4. Take any simple DDK sample and empty it. Only keep the DriverEntry
function.
5. Create an installer. You have to use the OpenSCManager()/CreateService()
to load dynamically a driver. Read the docs.
6. Here’s a start. It is not complete!

// Pseudo code!
NTSTATUS DriverEntry(IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING
pRegistryPath)
{
OBJECT_ATTRIBUTES ObjectAttributes;
NTSTATUS status;
UNICODE_STRING Path;
HANDLE hKey;
RtlInitUnicodeString(&Path, L"RegKey");
InitializeObjectAttributes(&ObjectAttributes, &Path, OBJ_KERNEL_HANDLE,
pRegistryPath, NULL);
status = ZwOpenKey(&hKey, KEY_READ, &ObjectAttributes);
if (NT_SUCCESS(status))
{
DWORD msr = 0;
try
{
// Do MSR stuff
}
except()
{
}
ZwSetValueKey(hKey, …);
ZwClose(hKey);
}
return STATUS_SUCCESS;
}

7. You may have to add some DriverObject->MajorFunction[IRP_MJ_XXX] =
XxxDispatchXXX; to the driver so it works.
8. Don’t forget to STOP your driver.
9. Create a user app that reads the key in the registry.
“HKLM\SYSTEM\CurrentControlSet\Services\YOURDRIVER\RegKey”
10. Please tell me your driver’s name so I do not load it on my computer.

M-A

-----Original Message-----
From: eyal [mailto:xxxxx@hotmail.com]
Sent: 22 juillet, 2003 09:17
To: Windows System Software Developers Interest List
Subject: [ntdev] msr register in win_xp?..help

Hi,
I need to read info from the msr registers [model-specific registers].
The command in asm is RDMSR.Now The problem is that i am trying to issue a
Ring 0 instruction from Ring 3, and that give me a GP(#0) fault.
i’m writhing in c++ for win xp.
the algorithm on a high level to achieve the required functionality:

1) Create Ring 0 driver that calls RDMSR
2) Output MSR information to a file
3) Read file
4) Parse the information out.

To perform step 1:
i need to Create a Dll or Sys file
Load into Registry.

i am new with ddk, can some one help me with that?//////
my e-mail is:
xxxxx@hotmail.com.
thank’s.

—
You are currently subscribed to ntdev as: xxxxx@pyxis.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

—
You are currently subscribed to ntdev as: xxxxx@acm.org
To unsubscribe send a blank email to xxxxx@lists.osr.com

Maxim_S_Shatskih · July 22, 2003, 5:11pm

> 1) Create Ring 0 driver that calls RDMSR

Output MSR information to a file

Read file

Parse the information out.

No. Write a driver which will execute RDMSR and return the result in IOCTL
buffer.

Max

OSR_Community_User · July 23, 2003, 4:31am

hi max,
can u plese seand me an example how to do this.
i am new with ddk and i dont now what aioctl to take?/.
thank’s
xxxxx@hotmail.com

OSR_Community_User · July 23, 2003, 8:46am

From the mouth of babes …

There is no IOCTL to take since you have to define it for your driver. Like
90% of all drivers written there is no current defined device driver to do
what you want to do so you have write it, and you get to “invent” all the
interfaces and Io control calls you need to succeed the task.

If you have the DDK, then you already have tons of examples that an
experienced engineer can use to produce such a driver. If you don’t have the
DDK then get one, a subscription to MSDN, and purchase one or more of the
books referenced here.

–
Gary G. Little
Seagate Technologies, LLC
xxxxx@seagate.com

“eyal” wrote in message news:xxxxx@ntdev…
>
> hi max,
> can u plese seand me an example how to do this.
> i am new with ddk and i dont now what aioctl to take?/.
> thank’s
> xxxxx@hotmail.com
>
>