OSDev.org

Hi all

I am trying to develop a interrupt hook for int 13h.
i am setting up the hook at boot time in the MBR then
i load the load the first active partition and jump to it.

Well the problem is that i am just making a wrapper for now and trying to run it in bochs it gives me a disk access error.

I am not able to figure it out.

Here is my ISR Code:
-------------------------------------------
/* This is the New interrupt 13h handler. */
void interrupt new_int13(    unsigned bp, unsigned di,
unsigned si, unsigned ds,
unsigned es, unsigned dx,
unsigned cx, unsigned bx,
unsigned ax, unsigned ip,
unsigned cs, unsigned flags)
{
_AX=ax;
_BX=bx;
_CX=cx;
_DX=dx;
_ES=es;

(*old_int13)(); // Call Old Handler

ax = _AX; // Return value of AX
bx = _BX; // Return value of BX
cx = _CX; // Return value of CX
dx = _DX; // Return value of DX
es = _ES; // Return value of ES
di = _DI; // Return value of DI
flags = _FLAGS; // Return the Flags

}

/* code in turboC 3.0 */
-------------------------------------------

then i tried it in assembly here is the assembly code


-------------------------------------

/* NASM. */
_new_int13:

   push fs
   push ax
   push cs
   pop fs
   pop ax
   pushf
   call far [fs:word _old_int13]
   pop fs

iret

-----------------------------------
this works in bochs and not on the actual system.

can anyone help me with this.
i think most of the viruses are written this way.... ;D

Thanks
INder.

Wouldn't this fit OS development better?

Second one, you don't pop the flags you've pushed before the long jump. I think that should be required, but I'm not entirely sure.

Also, you make a long call with a short return. You probably mess up the registers in the code of new_int13 for the call to old_int13.

Your assembly code makes a far call, which is not equal to an interrupt call. I think you should remove the flag push and kidnap a different irq number for the purpose of calling it. That'd be easier...



Note, what are you trying to accomplish?

i was'nt sure if this would fit in OS development or not?

What i am trying to do here is to hook the BIOS interrupt 13h at boot time(in MBR) so that i could monitor the interrupt.

What i have done is saved the address of the old interrupt 13h in a variable '_old_int13' and put the address of the new interrupt handler in its place '_new_int13'.

And i aim at calling the origanal interrupt 13h when i have done all the processing.

so i am siulating an interrupt call by
pushf
call far cs:_old_int13

so now after the iret in the interrupt handler the control will return to my ISR.

Am i missing something here. ::)