hi all,
i'm a newbie assembly programmer.
i wanna use DR7 like this :
mov eax,dr7
cmp eax,0
...
but this code doesn't run ... i guess this code must be ran in Ring-0 mode but idon't know how to switch ring-3 to ring-0.
plz help me .
sorry for my bad english :red
drx regs in ring 3 are generally only accessible inside a structured exception handler... ring 0 as u said is a different story
you could also try using GetThreadContext/SetThreadContext
(Intel Instruction Set manuals) MOV—Move to/from Debug Registers...
Quote
Moves the contents of a debug register (DR0, DR1, DR2, DR3, DR4, DR5, DR6, or DR7) to a
general-purpose register or vice versa. The operand size for these instructions is always 32 bits,
regardless of the operand-size attribute.
The instructions must be executed at privilege level 0 or in real-address mode.
When the debug extension (DE) flag in register CR4 is clear, these instructions operate on debug
registers in a manner that is compatible with Intel386 and Intel486 processors. In this mode,
references to DR4 and DR5 refer to DR6 and DR7, respectively. When the DE set in CR4 is set,
attempts to reference DR4 and DR5 result in an undefined opcode (#UD) exception. (The CR4
register was added to the IA-32 Architecture beginning with the Pentium processor.)