IDT检测（支持多核cpu,兼容xp vista）

本文主要是介绍IDT检测（支持多核cpu,兼容xp vista），希望对大家解决编程问题提供一定的参考价值，需要的开发者们随着小编来一起学习吧！

获取idt信息再简单不过，只是随手实验的代码。欢迎各种飘过

ms的某些改动真是很烦人，没多大用处，又给兼容带来许多麻烦，大概ms以为vista会大卖，xp是淘汰货不用兼容了吧！我晕。（win7界面很难看。。学Ubuntu没学好吧....）

1. DbgPrin 用不了，查了查资料

Enable output of DbgPrint/KdPrint messages by default --Open the key "HKLM\SYSTEM\CCS\Control\Session Manager\Debug Print Filter". Under this key, create a value with the name "DEFAULT" Set the value of this key equal to the DWORD value 8 to enable xxx_INFO_LEVEL output as well as xxx_ERROR_LEVEL output. Or try setting the mask to 0xF so you get all output. You must reboot for these changes to take effect.各种吃饱了没事干。

2.获取cpu数目的方式变了，具体方法看下文。

  1 #define MAKELONG(a, b) ((unsigned long) (((unsigned short) (a)) | ((unsigned long) ((unsigned short) (b))) << 16)) 2 3 4 VOID ShowIDTinfo( 5                  IN struct _KDPC  *Dpc, 6                  IN ULONG cpuNum, 7                  IN PVOID  SystemArgument1, 8                  IN PVOID  SystemArgument2); 9 typedef struct _IDTENTRY 10 { 11     unsigned short LowOffset; 12     unsigned short selector; 13     unsigned char unused_lo; 14     unsigned char segment_type:4;    //0x0E is an interrupt gate 15     unsigned char system_segment_flag:1; 16     unsigned char DPL:2;           // descriptor privilege level 17     unsigned char P:1;              /* present */ 18     unsigned short HiOffset; 19 } IDTENTRY,*PIDTENTRY; 20 21 /* sidt returns idt in this format */ 22 typedef struct _IDTINFO 23 { 24     unsigned short IDTLimit; 25     unsigned short LowIDTbase; 26     unsigned short HiIDTbase; 27 } IDTINFO,*PIDTINFO; 28 typedef  ULONG (NTAPI *fnKeQueryActiveProcessorCount)(OUT PKAFFINITY  ActiveProcessors); 29 ULONG g_dwBuildNumber; 30 //记录完成dpc的数量 31 volatile LONG g_FinshedDPC = 0; 32 //入口函数 33 extern "C" NTSTATUS DriverEntry(IN PDRIVER_OBJECT pDriverObject,IN PUNICODE_STRING pRegistryPath) 34 { 35     NTSTATUS status; 36 37     //注册驱动调用函数入口 38     pDriverObject->DriverUnload = (PDRIVER_UNLOAD)DriverUnload; 39     pDriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL]= DriverIOCtrl    ; 40     pDriverObject->MajorFunction[IRP_MJ_CLOSE]= DriverDispatch    ; 41     pDriverObject->MajorFunction[IRP_MJ_CREATE]= DriverDispatch    ; 42     pDriverObject->MajorFunction[IRP_MJ_READ]= DriverDispatch    ; 43     pDriverObject->MajorFunction[IRP_MJ_WRITE]= DriverDispatch    ; 44 45 46     //创建设备 47     status = CreateDevice(pDriverObject); 48 49     ULONG count = 0; 50     UNICODE_STRING  ustr; 51     PKDPC pdpc; 52     PsGetVersion(0,0,&g_dwBuildNumber,0); 53     //__asm int 3 54     //动态获取地址，因为获取cpu数目的方法在vista sp1即以后版本有所改变， 55     //如果直接使用KeQueryActiveProcessorCount将导致驱动在xp下无法加载 56     if (g_dwBuildNumber == 2600 || g_dwBuildNumber == 6000) 57     { 58         RtlInitUnicodeString(&ustr,L"KeNumberProcessors"); 59         PVOID p = MmGetSystemRoutineAddress(&ustr); 60         if (p!=0) 61         { 62             count = *(ULONG *)p; 63         }     64     } 65     else 66     { 67         KAFFINITY procs; 68         RtlInitUnicodeString(&ustr,L"KeQueryActiveProcessorCount"); 69         fnKeQueryActiveProcessorCount MyQueryActiveProcessorCount = (fnKeQueryActiveProcessorCount)MmGetSystemRoutineAddress(&ustr); 70         if (MyQueryActiveProcessorCount != 0) 71         { 72             count = MyQueryActiveProcessorCount(&procs); 73         } 74 75     } 76     if (count==1) 77     { 78         ShowIDTinfo(0,0,0,0); 79     } 80     else 81     { 82         ULONG currrent_pro_num = KeGetCurrentProcessorNumber(); 83         ShowIDTinfo(0,currrent_pro_num,0,0); 84         g_FinshedDPC = 1; 85         PKDPC temp_dpc; 86         temp_dpc = (PKDPC)ExAllocatePoolWithTag(NonPagedPool,sizeof(KDPC)*count,'rm'); 87         pdpc = temp_dpc; 88         if (temp_dpc == NULL) 89             return status; 90         for (ULONG i = 0;i<count;i++,*temp_dpc++) 91         { 92             if (i!=currrent_pro_num) 93             { 94                 //传入一个cpu号就好 95                 KeInitializeDpc(temp_dpc,(PKDEFERRED_ROUTINE)ShowIDTinfo,(PVOID)i); 96                 KeSetTargetProcessorDpc(temp_dpc,i); 97                 KeInsertQueueDpc(temp_dpc,NULL,NULL); 98 99             } 
100              
101 
102         } 
103         //等待所有的dpc历程完事儿 
104         while(InterlockedCompareExchange(&g_FinshedDPC,count,count) != count) 
105         { 
106             __asm nop 
107         } 
108         ExFreePoolWithTag(pdpc,'rm'); 
109     } 
110 
111     return status; 
112 } 
113 
114 VOID ShowIDTinfo( 
115                  IN struct _KDPC  *Dpc, 
116                  IN ULONG cpuNum, 
117                  IN PVOID  SystemArgument1, 
118                  IN PVOID  SystemArgument2) 
119  { 
120      IDTINFO idt_info; 
121   
122      __asm sidt  idt_info 
123   
124      PIDTENTRY pIDTen =( PIDTENTRY)MAKELONG(idt_info.LowIDTbase,idt_info.HiIDTbase); 
125      PIDTENTRY pIDTtmp; 
126      ULONG addr; 
127   
128      for (ULONG i=0;i<0xFF;i++) 
129      { 
130          pIDTtmp = &pIDTen[i]; 
131          addr = MAKELONG(pIDTtmp->LowOffset,pIDTtmp->HiOffset); 
132         DbgPrint("CPU:%d       Index:%d       Addr:0x%x   DPL:%d\n",cpuNum,i,addr,pIDTtmp->DPL);         
133      } 
134 
135     InterlockedIncrement(&g_FinshedDPC); 
136   
137  }

恩，就这样，利用dpc可以指定执行的cpu数目来搞。

这篇关于IDT检测（支持多核cpu,兼容xp vista）的文章就介绍到这儿，希望我们推荐的文章对编程师们有所帮助！