📄 callback.asm
字号:
%include "util.mac"
%include "vxdn.inc"
%include "icedump.inc"
%include "wiat.inc"
%ifndef MAKEDEP
global AllocCallBacks
global SetCB
global entryV86CB
global entryPMCB
global entryPMR0
extern sdata
extern StaticEntryV86CB
extern StaticEntryPMCB
extern Service_CDPlayer
extern Service_Dump
extern Service_Load
extern Service_MP3Player
extern Service_Pedump
extern Service_SuspendResumeKill
extern Service_Trace
extern Service_TraceX
extern Service_BreakR3
extern Service_Imports
bits 32
segment _LTEXT
;-------------------------------------------------------------------------------
AllocCallBacks:
xor edx,edx ; refdata, not used
cmp dword [sdata+PMCB],byte 0
jnz .gotPMCB ; already allocated
mov esi,StaticEntryPMCB
VMMCall Allocate_PM_Call_Back
jnb @F
xor eax,eax ; oops...
@@
mov [sdata+PMCB+CallBack.offset],ax
shr eax,16
mov [sdata+PMCB+CallBack.segment],ax
.gotPMCB:
cmp dword [sdata+V86CB],byte 0
jnz .gotV86CB ; already allocated
mov esi,StaticEntryV86CB
VMMCall Allocate_V86_Call_Back
jnb @F
xor eax,eax ; oops...
@@
mov [sdata+V86CB+CallBack.offset],ax
shr eax,16
mov [sdata+V86CB+CallBack.segment],ax
.gotV86CB:
retn
;------------------------------------------------------------------------------
; out: ok: clc, error: stc
;------------------------------------------------------------------------------
; set up client CS:EIP to one of our callbacks
;------------------------------------------------------------------------------
SetCB:
push eax
push ebx
push ecx
push edx
; get CB address
movzx ebx,word [sdata+V86CB+CallBack.segment]
movzx ecx,word [sdata+V86CB+CallBack.offset]
mov edx,[dClient_EFLAGS] ; is client in V86 mode?
test byte [edx+2],2
jz .PM
.setCSEIP:
mov edx,[dClient_CS] ; set client CS
mov [edx],ebx
.setEIP:
mov edx,[dClient_EIP] ; set client (E)IP
mov [edx],ecx
mov edx,[oPAGEIN_INT3] ; set address of final INT3
mov [edx],eax
pop edx
pop ecx
pop ebx
pop eax
clc
retn
.PM:
; get CB address
mov eax,oINT3+4
sub eax,[wSelector_WINICE_Code]
movzx ebx,word [sdata+PMCB+CallBack.segment]
movzx ecx,word [sdata+PMCB+CallBack.offset]
mov edx,[dClient_CS] ; is client in ring-0?
test byte [edx],3
jnz .setCSEIP
mov ecx,entryPMR0
mov eax,oINT3
jmp short .setEIP
oINT3:
int3
entryV86CB:
pushad
pushfd
cld
mov edi,0xF0000 ; start of ROM BIOS
mov ecx,0x10000 ; length of area we search through
mov al,0xCC ; opcode of INT3
repnz scasb ; may cause page fault
jecxz .useClientStack ; damn, let's hack the stack instead
dec edi ; adjust EDI
shld ecx,edi,28 ; ECX: client CS
shrd ebx,edi,4 ; EBX: client IP
shr ebx,28
jmp short .setPAGEIN_INT3
.useClientStack:
movzx ecx,word [ebp+CRS.SS] ; get client SS
shrd edi,ecx,28 ; convert to linear address
movzx ebx,word [ebp+CRS.ESP] ; get client SP
dec bx ; 1 byte below the stack
add edi,ebx ; linear address of our INT3
stosb ; may cause page fault
.setPAGEIN_INT3:
mov edx,[oPAGEIN_INT3]
mov [edx],ebx ; store address of our INT3
jmp short setCSEIP
entryPMCB:
pushad
pushfd
cld
mov ecx,[wSelector_WINICE_Code] ; set client CS:EIP
movzx ecx,word [ecx]
mov ebx,[oPAGEIN_INT3] ; to an INT3
mov ebx,[ebx]
setCSEIP:
mov [ebp+CRS.CS],ecx
mov [ebp+CRS.EIP],ebx
jmp short service
;-------------------------------------------------------------------------------
entryPMR0:
pushfd
push cs
push dword oINT3 ; we'll return to an INT3
push dword service.retR0 ; 'fake' error code, must NOT be modified
pushad ; simulate Client Register Structure
mov ebp,esp ; on the stack
pushfd
cld
service:
; cmp dword [ebp+CRS.EAX],byte SERVICE_VERSION
; jnz @F
; mov dword [ebp+CRS.EAX],ICEDUMP_VERSION
; popfd
; popad
; retn
;@@
mov eax,[ebp+CRS.EAX]
cmp eax,byte SERVICE_MAX
jae .ret
jmp [ServiceTable+4*eax]
.ret:
popfd
popad
retn
.retR0:
iretd
segment _LDATA
align 4
ServiceTable:
dd service.ret
dd Service_Dump
dd Service_Load
dd Service_SuspendResumeKill
dd Service_SuspendResumeKill
dd Service_SuspendResumeKill
dd Service_SuspendResumeKill
dd Service_CDPlayer
dd Service_MP3Player
dd Service_Pedump
dd Service_Trace
dd Service_TraceX
dd Service_BreakR3
dd Service_Imports
%endif
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -