5

I need to control C-State configuration. Specifically, I'd probably like to execute the following asm code:

__asm
{
    rdmsr
    and eax, 0x00
    or eax, 0x01
    wrmsr
}

Currently, I got this exception on rdmsr line:

Unhandled exception at 0x00e3139e in MessWithCStates.exe: 0xC0000096: Privileged instruction.

How can I (permanently) elevate priviliges of my app so it could execute the code above? I use VS 2010.

NOTE: It is possible without writing a kernel-mode driver. See R/W Everything.

Lutosław
  • 606
  • 7
  • 24
  • 1
    Welcome to Stack Overflow! Despite your *NOTE*, I suspect this is not possible without writing a kernel-mode driver. [This page](http://www.mydigitallife.info/rw-everything-utility-free-download-to-access-and-dump-computer-hardware-info/) seems to imply that R/W-Everything uses a driver. – Robᵩ May 03 '11 at 22:42
  • Yeah. It shouldn't be possible to do MSR changes from within Ring3. Theoretically it could be attacked in couple of ways beyond writing a driver - but it seems that creating a kernel driver (WDK) would be the easiest way to go. – qdot May 03 '11 at 23:06
  • Programs like that embed the driver in the EXE, expand and load it at runtime. Classic SysInternals' trick. RDMSR requires ring 0 privileges, only drivers get that. – Hans Passant May 03 '11 at 23:08
  • 1
    I would agree that this cannot be done directly from user mode in any way. This will require a device driver. – Omnifarious May 04 '11 at 16:48
  • Thanks Alex, Rob, qdot, Hans ans Omnifarious for interesting and accurate respones. I am going to learn more about writing kernel-mode drivers. – Lutosław May 05 '11 at 20:14

1 Answers1

4

Chances are, you are running this code on an x86 processor within Ring 3. You do not have the privileges to execute this command. Period. This is a hardware limitation. The only way to execute that instruction is to go into Ring 0 and chances are, your OS won't let you do that. You will need to write a kernel-mode driver to accomplish this.

Edit: http://faydoc.tripod.com/cpu/rdmsr.htm has more info.