From: brieno AT earthlink DOT net (brien oberstein) To: djgpp AT delorie DOT com Newsgroups: comp.os.msdos.djgpp Subject: Re: hooking mscdex (int 2f/ah=15) under windows Date: Mon, 11 Nov 1996 15:59:28 GMT Message-ID: <32874d52.5603410@news.earthlink.net> References: On Tue, 12 Nov 1996 06:42:39 GMT, Eli Zaretskii wrote: >On Mon, 11 Nov 1996, brien oberstein wrote: > >> i was wondering if someone could elaborate a little on how windows >> deals with certain interrupts. > >Which version of Windows is that? If that's 3.11 or 95, please tell if >you have 32-bit File Access enabled. I'm running in a dos box under '95. Some drives use "compatibility mode" file system because I'm running Stacker, but the CDROM should be using 32 bit file access, I think. >> i'm trying to hook some mscdex >> functions (int 2fh, ah=15h). i wrote a 16 bit real mode asm program >> to do it, but the interrupts never reach the handler (specifically I >> tried looking for ax=1500h). > >Int 2Fh/AX=1500h is the MSCDEX installation check. How do you know that >Windows calls this function? Maybe it has some other ways of knowing >that MSCDEX is installed? Can you elaborate about what you are trying to >accomplish? I call int 2f/ax=1500h MYSELF and it never gets through to the handler I just installed! Weird, huh. Check out the 16 bit asm program "hook.asm" I've attached. When TARGETAX = 1500h the handler is not reached (as a sanity check you can change TARGETAX = 6500h and see that the handler gets called). >Also, how do you install that ``16 bit real mode asm program'' as the >handler for Int 2Fh? Can you present a code fragment which does that? > >> so then i read about how hardware >> interrupts are handled in the faq (protected mode handler first, then >> if necessary reflected to real mode) and wrote a djgpp protected mode >> hook, but it doesn't seem to be reached. > >This is irrelevant. Int 2Fh is a *software* interrupt, and so is not >reflected to PM. You should only use the real-mode interrupt hook. Hehehe. Are you sure? I've been fooling around with the protected mode hook that I've written and come across a strange result. I install a protected mode handler for int 2fh as per the faq. If I call int86(0x2f, &r, &r) the handler gets called! If I use _go32_dpmi_simulate_int(0x2f, &r) the handler is not called. I also try spawning a small 16 bit program which just generates an int 2f, and the protected mode handler is not called. Whats the explanation for the int86() generated interrupt getting through to the PM handler? >> the conclusion that i've drawn is that windows services a fault on the >> (real mode) int 2f/ah=15 request, processes it, and NO interrupt >> handler ever gets called! > >You are jumping to conclusions too fast, IMHO. really. maybe you can give me an alternate explanation. ;;-=-=-=-=-=-=-=-=-=- CUT HERE hook.asm -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= ;;; this demonstrates that under windows95 (dpmi) ;;; cdrom extensions are not reflected to real mode TARGETAX equ 1500h ; never goes to int handler ;;TARGETAX equ 6500h ; goes to int handler .186 .model tiny .code org 100h start: mov ah, 9 mov dx, offset testmsg int 21h ;; get old 2f vector mov ax, 352fh int 21h mov word ptr [old2f], bx mov word ptr [old2f+2], es ;; install our 2f handler mov ax, 252fh mov dx, offset handle2f int 21h ;; generate int 2f mov ax, TARGETAX xor bx, bx int 2fh ;; restore old 2f vector mov ax, 252fh lds dx, [old2f] int 21h ;; exit int 20h testmsg db "this is a test of hooking int 2f", 0dh, 0ah, "$" got2f db "got 2f!", 0dh, 0ah, "$" old2f dd ? handle2f proc cmp ax, TARGETAX jne chain2f pusha push ds push cs pop ds mov ah, 9 mov dx, offset got2f int 21h pop ds popa chain2f: jmp [old2f] handle2f endp end start ;;-=-=-=-=-=-=-=-=-=- CUT HERE phook.c -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= /* attempt to catch int 2f mscdex calls */ #include #include #include #include #include typedef unsigned long ulong; _go32_dpmi_seginfo old2f; static volatile int calls = 0; int unhook(void) { _go32_dpmi_set_protected_mode_interrupt_vector(0x2f,&old2f); return 1; } static void handle2f(void) { calls++; } int hook(void) { int retval = 0; _go32_dpmi_seginfo my2f; if (!_go32_dpmi_lock_code(handle2f, (ulong)hook - (ulong)handle2f)) { if(_go32_dpmi_lock_data((void *)&calls,sizeof(int))) goto beout; } /* get old vector */ if (_go32_dpmi_get_protected_mode_interrupt_vector(0x2f,&old2f) != 0) goto beout; /* set up the wrapper */ my2f.pm_offset = (int)handle2f; my2f.pm_selector = _my_cs(); if (_go32_dpmi_allocate_iret_wrapper(&my2f) != 0) goto beout_unhook; /* set up the chain */ if (_go32_dpmi_chain_protected_mode_interrupt_vector(0x2f, &my2f) != 0) goto beout_unhook; if (_go32_dpmi_set_protected_mode_interrupt_vector(0x2f, &my2f) != 0) goto beout_unhook; retval = 1; beout: return retval; beout_unhook: unhook(); goto beout; } /* 3 different ways of generating an int 2f ax=1500 */ void gen2f(void) { #if 0 printf("using spawn() method to generate int 2f\n"); spawnl(P_WAIT, "hook.com", "hook.com", 0); #else #if 1 { union REGS r; printf("using int86() method to generate int 2f\n"); r.w.ax = 0x1500; r.w.bx = 0; int86(0x2f, &r, &r); printf("bx = %d\n", r.w.bx); r.w.ax = 0x6600; int86(0x2f, &r, &r); } #else { _go32_dpmi_registers r; printf("using dpmi method to generate int 2f\n"); r.x.ax = 0x1500; r.x.bx = 0; r.x.ss = r.x.sp = 0; _go32_dpmi_simulate_int(0x2f, &r); printf("bx = %d\n", r.x.bx); } #endif #endif } int main() { /* try a protected mode vector hook */ if (!hook()) { printf("hook failed\n"); goto beout; } printf("hook succeeded\n"); /* generate an int 2f */ gen2f(); unhook(); printf("handler called %d times\n", calls); beout: return 0; } ;;-=-=-=-=-=-=-=-=-=- CUT HERE -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=