int GetKPCR(struct PmemMemoryInfo *info) { __int64 active_processors = KeQueryActiveProcessors(); int i; for (i=0; i < 32; i++) { info->KPCR[i].QuadPart = 0; }; for (i=0; i < 32; i++) { if (active_processors & ((__int64)1 << i)) { KeSetSystemAffinityThread((__int64)1 << i); #if _WIN64 || __amd64__ //64 bit uses gs and _KPCR.Self is at 0x18: info->KPCR[i].QuadPart = (uintptr_t)__readgsqword(0x18); #else //32 bit uses fs and _KPCR.SelfPcr is at 0x1c: info->KPCR[i].QuadPart = (uintptr_t)__readfsword(0x1c); #endif }; }; KeRevertToUserAffinityThread(); return 1; };
// Assumes that we are in Windows TIB NTSTATUS Dirtbox::FreeTib() { WORD Selector = __readfsword(NT_TIB_USER_POINTER); return FreeLdtEntry(Selector); }