1

I use following code to read msr, but it crashed when running. I don't know why.

#include <stdio.h>
#include <stdlib.h>

int main()  
{    
    register long ecx asm("%ecx");
    register long eax asm("%eax");
    register long edx asm("%edx");

    asm("mov %1, %0":"=r"(ecx):"i"(0x1B0));
    asm("rdmsr");
    /*
    asm("xor %1, %0":"+r"(eax):"r"(eax));
    asm("xor %1, %0":"+r"(edx):"r"(edx));
    asm("mov %1, %0":"=r"(eax):"i"(0x01));
    printf("%ld %ld %ld",ecx,eax,edx);
    */
}
David Wohlferd
  • 7,110
  • 2
  • 29
  • 56
Larry.L.Li
  • 11
  • 3
  • The [docs](http://www.felixcloutier.com/x86/RDMSR.html) for rdmsr say `This instruction must be executed at privilege level 0.` In other words: You have to be a device driver or part of the kernel. – David Wohlferd Aug 04 '17 at 07:25
  • It means that i can't modify msr value by my code? But there is a tool named RWEverything can do this, do you know how does it work? Thanks for your answer! – Larry.L.Li Aug 04 '17 at 07:30
  • Possible duplicate of [Execute RDMSR and WRMSR instructions from C/C++ code](https://stackoverflow.com/questions/5875778/execute-rdmsr-and-wrmsr-instructions-from-c-c-code) – David Wohlferd Aug 04 '17 at 09:12
  • Maybe I have to learn about kernel level driver programming from start – Larry.L.Li Aug 04 '17 at 12:09
  • As [Hans](https://stackoverflow.com/questions/5875778/execute-rdmsr-and-wrmsr-instructions-from-c-c-code#comment6758001_5875778) points out, there's a trick programs use to load a driver as part of the program. Magic ensues. – David Wohlferd Aug 04 '17 at 23:19

1 Answers1

1

You can use the existing WinRing0.sys (32-bit) and WinRing0x64.sys (64-bit) drivers to allow MSR access from user space. You can find a copy here with an open and permissive license (the "WinRing0 license").

This ultimately offers you IOCTLs to read and write msrs from userspace. You can find some C# code that uses it here but there are plenty of other users of WinRing0 so there should be no shortage of examples.

You can also write your own driver, or compile one of the several other available ones that offer similar access, but the advantage of WinRin0 is that it is already signed, a process no longer really available to individuals and certainly not free.

BeeOnRope
  • 60,350
  • 16
  • 207
  • 386