Method and apparatus for providing seamless hooking and intercepting of selected kernel and HAL exported entry points

Method and apparatus for providing seamless hooking and intercepting of selected kernel and HAL exported entry points

In a computer system having at least one host processor, a method and apparatus for providing seamless hooking and interception of selected entrypoints includes finding the IDT for each CPU which can include scanning the HAL image for the HAL PCR list. Saving the interrupt handler currently mapped i...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
1. Verfasser: BONOLA THOMAS J
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:In a computer system having at least one host processor, a method and apparatus for providing seamless hooking and interception of selected entrypoints includes finding the IDT for each CPU which can include scanning the HAL image for the HAL PCR list. Saving the interrupt handler currently mapped in the CPU's interrupt descriptor table. Patching the original interrupt into the new interrupt handler. Storing the new interrupt exception into the CPU's interrupt descriptor table. Hooking a select entrypoint by first determining if the entrypoint begins with a one byte instruction code. If it does, saving the address of the original entrypoint, saving the original first one byte instruction, and patching the new interrupt intercept routine to jump to the original entrypoint's next instruction.