有没有为Win32的API，这将允许我使用ES，GS，FS？ [英] Is there an API for Win32 which will allow me to use ES, GS, FS?

问题描述

我想用ES，FS和GS在汇编程序，让我有3个独立的地址空间。

I would like to use ES, FS, and GS in an assembler program to allow me to have 3 separate address spaces.

有一个Win32 API，它会设置的LDT，给我的价值观为适当的选择？

Is there a Win32 API which will setup the LDT and give me the values for the appropriate selectors?

推荐答案

答案是：是的，但

你想要的API实际上是在NT内核，被称为NtSetLdtEntries。不存在用于它的报头。没有它的任何文件。存根是ntdll.lib，这不是SDK的一部分。你必须做什么，我没有和周围的摸索逆向工程站点间和手动绑定的东西，直到我可以使它正常工作。

The API you want is actually in the NT kernel and is called NtSetLdtEntries. There isn't a header for it. There isn't any documentation for it. The stubs are in ntdll.lib, which isn't part of the SDK. You have to do what I did and grope around among reverse engineering sites and manually bind things until I could make it work.

有更糟糕。不能使用GS，因为Windows在内部使用它;每当你做出一个系统调用，它会随意将其设置为0（我的认为的它也可以随意将其设置为0的中断）。如果您尝试使用调试GS一个程序时，Windows将其设置为0断点！

There's worse. You can't use GS, as Windows uses it internally; whenever you make a system call, it'll arbitrarily set it to 0 (and I think it may also randomly set it to 0 on interrupts). If you try to debug a program using GS, Windows will set it to 0 on breakpoints!

ES和FS都很好。我想。

ES and FS are fine. I think.

下面是我写的一个无证文件，使用这些东西。如果你是勇敢的，你可能能够提取足够的信息从它做一些有用的东西。祝你好运...

Here is an undocumented file I wrote that uses all this stuff. If you're brave, you may be able to extract enough information from it to do something useful. Good luck...

<一个href=\"http://lbw.git.sourceforge.net/git/gitweb.cgi?p=lbw/lbw;a=blob;f=src/syscalls/thread.cc;hb=a3b44871bd89009e644894431cbc6534fe033369\" rel=\"nofollow\">http://lbw.git.sourceforge.net/git/gitweb.cgi?p=lbw/lbw;a=blob;f=src/syscalls/thread.cc;hb=a3b44871bd89009e644894431cbc6534fe033369

这篇关于有没有为Win32的API，这将允许我使用ES，GS，FS？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！