address of int80 idt

[bugghy]

	Hy, I'm working on an improved rk detector and I've got some problems.
I use this code to get the address of int80's idt (interrupt description
table)

struct idtr
{
  unsigned short limit;
  unsigned int base;
} __attribute__ ((packed));


void find_int80()
{
  struct idtr idtr;
  memset(&idtr, 0, sizeof(struct idtr));
  asm ("sidt %0" : "=m" (idtr));
  printf("idtr.base=0x%08x\n", idtr.base);
  kmem_read(fd, &idt, sizeof(idt), idtr.base + 0x80 * sizeof(struct
idt));
  ...
}

The problem is that on some kernels 2.4.22 (and I think on 2.6.7, 2.2.26
and 2.4.26 too) on vmware sidt returns a bogus address for idtr.base:
idtr.base=0xffc6a370 (2.4.22) 


If I try to read from /dev/kmem from this address it doesn't work.

I printed the contents of struct idtr after the sidt call, here it is:
ff 07 70 a3 c6 ff

What could be the problem? Is there any solution for this? Most of the
time works but not on my (2.4.22) vmware. And if this is not a bug, what
would be another method of doing this ?

PS: Please cc me the answer as I'm not on this mailling list.

	Thanks in advance,
		Bugghy


-- 
------------------------
- Software is like sex -
-     it's better when -
-          it's free   -
-     Linus Torvalds   -
------------------------

Attachment: signature.asc
Description: This is a digitally signed message part