i find if the programme have cli/sti it can not run in win2k/xp,

can someone tell me how to make the application run well in win2k/xp
Posted on 2004-09-14 06:05:30 by bailao
maybe you can't use cli\sti in ring3, but I'm not sure
Posted on 2004-09-14 06:29:11 by greenant
cli & sti are privilegede instructions, and thus can't be used from ring3 - the reason it works under 9x is that those instructions are emulated. You shouldn't use cli&sti from normal programs, but if you absolutely must...

http://www.asmcommunity.net/board/viewtopic.php?t=18859
Posted on 2004-09-14 06:39:56 by f0dder
> cli & sti are privilegede instructions, and thus can't be used from ring3

to be exact: it depends (on IOPL) if these instructions may be executed without generating exceptions. For NT platforms it is restricted to ring 0, thats true
Posted on 2004-09-14 10:51:56 by japheth
thanks,

but can someone tell me how the windows do with the cli/sti,

regards,
bailao
Posted on 2004-09-14 19:54:35 by bailao
thanks,

but can someone tell me how the windows do with the cli/sti,

regards,
bailao
Posted on 2004-09-14 19:54:37 by bailao
Try this:


pushf ; push FLAGS to stack
pop ax
or ax, <IF> ; set IF
and ax, <IF> ; clear IF
push ax
popf ; set FLAGS register

I don't tested the code, but i think it's work on 2k.
And you can use pushfd/popfd and eax for 32-bit EFLAGS set.
Posted on 2004-09-15 01:43:32 by Zord
Zord, your code is able to change the i/o privilege level? And this does work on 2k unless you should not be able to change your own iopl?
Dominik
Posted on 2004-09-15 02:20:14 by Dom
Zord, your code is able to change the i/o privilege level? And this does work on 2k unless you should not be able to change your own iopl?
Dominik


In fact, it does not work!
Try this:


; eflags.asm
; coded by bilbo - 15sep04
; made in MASM32 with command: buildc eflags

.486
.model flat, stdcall
option casemap: none
.code

include windows.inc
include masm32.inc

includelib kernel32.lib
includelib user32.lib
includelib masm32.lib

print_eax MACRO text:VARARG
LOCAL txt
LOCAL buffer
.data
txt db text, ' %#04x', 10, 0
buffer db 128 dup(?)
.code
invoke wsprintf, addr buffer, addr txt, eax
invoke StdOut, addr buffer
ENDM

start:
xor eax, eax

; read EFLAGS
pushf ; push FLAGS to stack
pop ax

; dump EFLAGS
print_eax "before clearing IF:"

and ax, 0FDFFh ; clear Interrupt Flag
push ax
popf ; set FLAGS register

; read EFLAGS
pushf ; push FLAGS to stack
pop ax

; dump EFLAGS
print_eax "after clearing IF:"
ret

end start


We are trying to reset the bit 9 of EFLAGS (0x200) but we cannot!
From Intel manual:
The CPL, IOPL, and the state of the VME flag in control register CR4 determine whether the IF flag can be modified by the CLI, STI, POPF, POPFD, and IRET instructions.


Regards, bilbo
Posted on 2004-09-15 11:35:04 by bilbo
POPFD does not change the IOPL when the CPL is not 0, nor does it change IF when the CPL > the IOPL. It also does not change VM and RF, which can only be changed by an IRETD or TSS jump. When VM is set and the IOPL doesn't equal 3, this instruction causes a GP fault if VME in CR4 is clear or the VIP flag is set, otherwise it updates VI according to bit 9 of the popped data item. When the IOPL is equal to 3, POPFD works normally.
Posted on 2004-09-15 13:05:50 by Sephiroth3