defuse/gist:5765842

## gistfile1.txt
# Little program for testing return from interrupt privilege check.
.intel_syntax noprefix

.text
.global main
main:

    # Print the CS
    mov eax, cs
    push eax
    lea eax, cs_is
    push eax
    call printf
    add esp, 8

    # Set up the interrupt stack stuff, that iret restores.
    mov eax, ss
    push  eax
    mov eax, esp    # ss:esp
    push eax
    pushfd          # EFLAGS
    mov eax, cs
    # Clear the CPL bits in cs (ring 0)
    and eax, 0xFFFFFFFC
    push eax
    lea eax, rofl
    push eax        # cs:eip
    # The intel manual does not mention a privilege check when returning from
    # a ring 3 interrupt handler, so maybe this will actually work?
    # nope - generates a segfault on my machine.
    iret

    mov eax, 0
    ret

rofl:
    mov eax, 1
    mov ebx, 3
    int 0x80

cs_is: .asciz "cs is %d\n"
.data
gdtr: .byte 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
	# Little program for testing return from interrupt privilege check.
	.intel_syntax noprefix

	.text
	.global main
	main:

	# Print the CS
	mov eax, cs
	push eax
	lea eax, cs_is
	push eax
	call printf
	add esp, 8

	# Set up the interrupt stack stuff, that iret restores.
	mov eax, ss
	push eax
	mov eax, esp # ss:esp
	push eax
	pushfd # EFLAGS
	mov eax, cs
	# Clear the CPL bits in cs (ring 0)
	and eax, 0xFFFFFFFC
	push eax
	lea eax, rofl
	push eax # cs:eip
	# The intel manual does not mention a privilege check when returning from
	# a ring 3 interrupt handler, so maybe this will actually work?
	# nope - generates a segfault on my machine.
	iret

	mov eax, 0
	ret

	rofl:
	mov eax, 1
	mov ebx, 3
	int 0x80

	cs_is: .asciz "cs is %d\n"
	.data
	gdtr: .byte 0x00, 0x00, 0x00, 0x00, 0x00, 0x00