By: chpieKeyboard Interrupt Hooking by manipulating the I/O APIC tested on the winXP, Pentium D Hyper-threading Enabled.
Summary :: Using the 8259a compatible PIC to be deliver the interrupt signal by Delivery mode of the I/O APIC to be the ExtINT, the interrupt related by the IRQ 1 able to be not refer the I/O APIC's Redirection Table.
- It is higher priority of the hooking than the direct modification of the I/O APIC's vector. - The vector can be hidden on the thread getting the keyboard vector from the I/O APIC.
Flow ::
1. IRQ 1 Assert !!! 2. The I/O APIC receives the signal and refers the I/O Redirection table. 3. Sending the signal from the destination Local APIC. 4. Local APIC pass the signal to the processor for its delivery mode ExtINT 5. A processor receives the signal. 6. The processor Assert the INTA signal. 7. The I/O APIC acknowledged. 8. The processor Assert the second INTA signal. 9. The I/O APIC delivers the signal to the 8259a compatible PIC for ExtINT to its Delivery mode. 10. 8259a compatible PIC sends 2 bytes after second INTA pulse. 11. The processor execute 2 bytes sended. 12. our interrupt handler executed.
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.xiaopingtou.cn//data/attach/topic/topicKPo7gB.jpg', '推荐 40259574 的文章《Keyboard Interrupt Hook using I/O APIC》','https://www.xiaopingtou.net/article-62474.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}