jay
Reputation: 1071
How do I run my code after the default page fault handler of windows has done execution?
For some reason I want to run my code after the page fault handler of windows has executed to ensure the page is now located in physcial memory. I used code below as the new int 0E handler:
pushfd // eflags
push cs
call __Next
__Next:
add dword ptr [esp], 0x0E // eip
push dword ptr [esp + 0x0C] // error code
jmp OldInt0EHandler
// After the int 0e has run, EIP returns here.
// TODO: add code here after the code has done
add esp, 4
iretd
But I get BSOD when I replace the handler with my new one. How do I do it right?
Upvotes: 1
Views: 147
Answers (1)
Keeley Hoek
Reputation: 543
You will have to disable Windows kernel patch protection in order to do this. Otherwise, it will trigger the BOSD for (obvious) security reasons.
Upvotes: 1
Related Questions
- programmatically trigger BSOD
- Is it possible to “abort” when loading a register from memory rather the triggering a page fault?
- OS development - page fault handling and disk driver
- Restarting instruction after page fault
- Which stack does the page fault handler in an operating system run on
- Instruction pointer value after the page fault trap has been handled
- What is an easy way to trigger a page fault?
- Using your own page fault handler
- OS development: How to avoid an infinite loop after an exception routine
- catch crash in windows