Direct port I/O under NT without a driver

I've played today with ZwSetInformationProcess and found Process UserModeIOPL information class that can be used to grant direct IO permission to a process. However, it needs that the current account has SeTcbPrivilege granted - "Work as a part of operating system". Code enables this privilege for current account, but changes are visible after next logon. One question follows - if there are no changes till relogin, why GetTokenInformation returs that this privilege is enabled? But call to ZwSetInformationProcess returns STATUS_PRIVILEGE_NOT_HELD.

ry.pl/~omega/progs/DirectIO.rar

I granted SeTcbPrivilege and set it but not work for my winxp+sp1
Are there some thing I missed?

Don't work in my XP SP1

Exception information
Code: 0xc0000096
Address: 0x040140e

Add your user to "As a part of OS" programmly or handly in "local policy". Than set SE_TCB_PRIVILEDGE in your programm, that's all. Work in XP.

Quote:

Originally Posted by nskSem

Add your user to "As a part of OS" programmly or handly in "local policy". Than set SE_TCB_PRIVILEDGE in your programm, that's all. Work in XP.

a tittle odd even your demo code on fasm board I got
EFlags : 00010246 ExceptionCode:C0000096 if dbg attach it eflags will be xxxx3xxx If I run it with dbg, 0xC0000096 exception occured with eflags xxxx0xxx, press f9 key then become xxxx3xxx

Exception is generated when first running this, without relogging, as explained above (not sure why though). After logout/login all is OK here (xp sp2).

Quote:

Originally Posted by omega_red

Exception is generated when first running this, without relogging, as explained above (not sure why though). After logout/login all is OK here (xp sp2).

thank for your helping. well, i re-loggined! is hardware related? my pc is intel 2.8cg disabling ht. the interesting thing is if i run or attach it with any debugger the iopl will become 3. if run without debugger, context iopl got 0

any idea to help ? thanks for advance

the port i tried : 295h 296h

with Token privileges: 20
SeTcbPrivilege
SeAssignPrimaryTokenPrivilege
SeChangeNotifyPrivilege
SeSecurityPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeSystemtimePrivilege
SeShutdownPrivilege
SeRemoteShutdownPrivilege
SeTakeOwnershipPrivilege
SeDebugPrivilege
SeSystemEnvironmentPrivilege
SeSystemProfilePrivilege
SeProfileSingleProcessPrivilege
SeIncreaseBasePriorityPrivilege
SeLoadDriverPrivilege
SeCreatePagefilePrivilege
SeIncreaseQuotaPrivilege
SeUndockPrivilege
SeManageVolumePrivilege

ZwSetInformationProcess result: 0h (seem ok)

Trying direct IO...EFlags : 00010246 ExceptionCode:C0000096 (context iopl == 0 ?)

This exception is really weird.
I'm trying to figure out what is happening...