|
CLI and STI are privledged mode instructions, aren't they? Ordinary user processes can't use them if I am interpreting Intel's docs correctly.
As I recall, presuming you have de-protected your instruction page(s), you would still have to execute an instruction cache flush in order to retrieve the changed instructions, so it seems that there is plenty of room for mayhem. I suppose that depends on whether the debugger reads instructions directly from main memory or if it is actually reading instructions from cache (totally hardware dependant, I presume).
Dissabling keyboard and mouse should be within the user's purview, wouldn't it? That would be a nice trick as it might take a sharp-eyed cracker to notice that the 'single step' was actually a handful of instructions.
__________________
Free code: http://sol-biotech.com/code/.
It is not that old programmers are any smarter or code better, it is just that they have made the same stupid mistake so many times that it is second nature to fix it.
--Mitakeet
The reasonable man adapts himself to the world; the unreasonable one persists in trying to adapt the world to himself. Therefore, all progress depends on the unreasonable man.
--George Bernard Shaw
|