📄 pcidppublic.asm
字号:
mov ecx, DWORD PTR [eax+4]
call DWORD PTR __imp_@IofCompleteRequest@8
; 431 :
; 432 : //ObjExt->MemoryBase[0x1C63]++; //debug
; 433 :
; 434 : FreeEntry(ObjExt, CurrentLink);
push DWORD PTR _CurrentLink$[ebp]
push edi
call _FreeEntry@8
; 435 : }
; 436 : else
jmp SHORT $L8627
$L8618:
; 437 : PutBackEntry(ObjExt, CurrentLink);
push DWORD PTR _CurrentLink$[ebp]
push edi
call _PutBackEntry@8
$L8627:
lea eax, DWORD PTR _RegisteredInt$[ebp]
push eax
lea eax, DWORD PTR _CurrentLink$[ebp]
push eax
lea eax, DWORD PTR _FirstLink$[ebp]
push eax
push edi
call _GetNextEntry@16
cmp al, 1
je $L8616
pop esi
; 438 : }
; 439 : }
; 440 : else
jmp SHORT $L8630
$L8610:
; 441 : NTStatus = STATUS_NO_MEMORY;
mov DWORD PTR _NTStatus$[ebp], -1073741801 ; c0000017H
; 442 :
; 443 : }
; 444 : else
jmp SHORT $L8630
$L8609:
; 445 : NTStatus = STATUS_INVALID_BUFFER_SIZE;
mov DWORD PTR _NTStatus$[ebp], -1073741306 ; c0000206H
$L8630:
; 446 :
; 447 : Irp->IoStatus.Status = NTStatus;
mov eax, DWORD PTR _Irp$[ebp]
mov ecx, DWORD PTR _NTStatus$[ebp]
pop edi
pop ebx
mov DWORD PTR [eax+24], ecx
; 448 : }
leave
ret 16 ; 00000010H
_PCIDPUnMapDMA@16 ENDP
_TEXT ENDS
PUBLIC _PCIDPGetPCIRegs@20
EXTRN _DeviceCompletionRoutine@12:NEAR
EXTRN __imp__KeWaitForSingleObject@20:NEAR
EXTRN __imp_@IofCallDriver@8:NEAR
; COMDAT _PCIDPGetPCIRegs@20
_TEXT SEGMENT
_DeviceObject$ = 8
_FileObject$ = 12
_Irp$ = 16
_IoBuffer$ = 20
_OutputBufferLength$ = 24
_PCIDPGetPCIRegs@20 PROC NEAR ; COMDAT
; 461 : ){
push ebp
mov ebp, esp
; 462 :
; 463 : // Define variables.
; 464 : NTSTATUS NTStatus;
; 465 : PPCIDP_EXTENSION ObjExt;
; 466 : PIO_STACK_LOCATION NextIrpStack;
; 467 :
; 468 : // Initialize variables.
; 469 : ObjExt = (PPCIDP_EXTENSION)DeviceObject->DeviceExtension;
mov eax, DWORD PTR _DeviceObject$[ebp]
; 470 :
; 471 : // Check for adequate output buffer space.
; 472 : if(OutputBufferLength >= sizeof(PCIDP00_GET_PCI_CONFIG_REGS_RECV)){
mov ecx, DWORD PTR _OutputBufferLength$[ebp]
push ebx
push esi
mov esi, DWORD PTR [eax+40]
cmp ecx, 64 ; 00000040H
jb SHORT $L8648
; 473 :
; 474 : // Now get the PCI register space.
; 475 : NextIrpStack = IoGetNextIrpStackLocation(Irp);
mov edx, DWORD PTR _Irp$[ebp]
push edi
; 476 : NextIrpStack->MajorFunction = IRP_MJ_PNP;
; 477 : NextIrpStack->MinorFunction = IRP_MN_READ_CONFIG;
; 478 : NextIrpStack->Flags = 0;
; 479 : NextIrpStack->Parameters.ReadWriteConfig.WhichSpace = 0;
; 480 : NextIrpStack->Parameters.ReadWriteConfig.Buffer = IoBuffer;
mov edi, DWORD PTR _IoBuffer$[ebp]
xor ebx, ebx
mov eax, DWORD PTR [edx+96]
mov BYTE PTR [eax-36], 27 ; 0000001bH
sub eax, 36 ; 00000024H
mov BYTE PTR [eax+1], 15 ; 0000000fH
mov BYTE PTR [eax+2], bl
mov DWORD PTR [eax+4], ebx
mov DWORD PTR [eax+8], edi
; 481 : NextIrpStack->Parameters.ReadWriteConfig.Offset = 0;
mov DWORD PTR [eax+12], ebx
; 482 : NextIrpStack->Parameters.ReadWriteConfig.Length = OutputBufferLength;
mov DWORD PTR [eax+16], ecx
; 483 : NextIrpStack->DeviceObject = ObjExt->NextLowerDeviceObject;
mov ecx, DWORD PTR [esi+140]
mov DWORD PTR [eax+20], ecx
; 484 : NextIrpStack->FileObject = FileObject;
mov ecx, DWORD PTR _FileObject$[ebp]
mov DWORD PTR [eax+24], ecx
; 485 :
; 486 : IoSetCompletionRoutine(
; 487 : IN Irp,
; 488 : IN DeviceCompletionRoutine,
; 489 : IN NULL, //Context
; 490 : IN TRUE, //InvokeOnSuccess
; 491 : IN TRUE, //InvokeOnError
; 492 : IN TRUE //InvokeOnCancel
; 493 : );
mov eax, DWORD PTR [edx+96]
sub eax, 36 ; 00000024H
mov DWORD PTR [eax+28], OFFSET FLAT:_DeviceCompletionRoutine@12
mov DWORD PTR [eax+32], ebx
mov BYTE PTR [eax+3], 224 ; 000000e0H
; 494 : NTStatus = IoCallDriver(ObjExt->NextLowerDeviceObject, Irp);
mov ecx, DWORD PTR [esi+140]
call DWORD PTR __imp_@IofCallDriver@8
; 495 : if(NTStatus == STATUS_PENDING){
cmp eax, 259 ; 00000103H
pop edi
jne SHORT $L8657
; 496 : KeWaitForSingleObject(
; 497 : IN &ObjExt->WaitEvent,
; 498 : IN Executive, //WaitReason
; 499 : IN KernelMode, //WaitMode
; 500 : IN FALSE, //Alertable
; 501 : IN NULL //Timeout
; 502 : );
push ebx
push ebx
push ebx
add esi, 144 ; 00000090H
push ebx
push esi
call DWORD PTR __imp__KeWaitForSingleObject@20
; 503 : }
; 504 : }
; 505 :
; 506 : else{
jmp SHORT $L8657
$L8648:
; 507 : NTStatus = STATUS_INVALID_BUFFER_SIZE;
; 508 : Irp->IoStatus.Status = NTStatus;
mov eax, DWORD PTR _Irp$[ebp]
; 509 : Irp->IoStatus.Information = 0;
and DWORD PTR [eax+28], 0
mov DWORD PTR [eax+24], -1073741306 ; c0000206H
$L8657:
pop esi
pop ebx
; 510 : }
; 511 : }
pop ebp
ret 20 ; 00000014H
_PCIDPGetPCIRegs@20 ENDP
_TEXT ENDS
PUBLIC _PCIDPSetPCIRegs@20
; COMDAT _PCIDPSetPCIRegs@20
_TEXT SEGMENT
_DeviceObject$ = 8
_FileObject$ = 12
_Irp$ = 16
_IoBuffer$ = 20
_InputBufferLength$ = 24
_PCIDPSetPCIRegs@20 PROC NEAR ; COMDAT
; 524 : ){
push ebp
mov ebp, esp
; 525 :
; 526 : // Define variables.
; 527 : NTSTATUS NTStatus;
; 528 : PPCIDP_EXTENSION ObjExt;
; 529 : PIO_STACK_LOCATION NextIrpStack;
; 530 :
; 531 : // Initialize variables.
; 532 : ObjExt = (PPCIDP_EXTENSION)DeviceObject->DeviceExtension;
mov eax, DWORD PTR _DeviceObject$[ebp]
; 533 :
; 534 : // Check for adequate input buffer space.
; 535 : if(InputBufferLength >= sizeof(PCIDP00_SET_PCI_CONFIG_REGS_SEND)){
mov ecx, DWORD PTR _InputBufferLength$[ebp]
push ebx
push esi
mov esi, DWORD PTR [eax+40]
cmp ecx, 64 ; 00000040H
jb SHORT $L8675
; 536 :
; 537 : // Now set the PCI register space.
; 538 : NextIrpStack = IoGetNextIrpStackLocation(Irp);
mov edx, DWORD PTR _Irp$[ebp]
push edi
; 539 : NextIrpStack->MajorFunction = IRP_MJ_PNP;
; 540 : NextIrpStack->MinorFunction = IRP_MN_WRITE_CONFIG;
; 541 : NextIrpStack->Flags = 0;
; 542 : NextIrpStack->Parameters.ReadWriteConfig.WhichSpace = 0;
; 543 : NextIrpStack->Parameters.ReadWriteConfig.Buffer = IoBuffer;
mov edi, DWORD PTR _IoBuffer$[ebp]
xor ebx, ebx
mov eax, DWORD PTR [edx+96]
mov BYTE PTR [eax-36], 27 ; 0000001bH
sub eax, 36 ; 00000024H
mov BYTE PTR [eax+1], 16 ; 00000010H
mov BYTE PTR [eax+2], bl
mov DWORD PTR [eax+4], ebx
mov DWORD PTR [eax+8], edi
; 544 : NextIrpStack->Parameters.ReadWriteConfig.Offset = 0;
mov DWORD PTR [eax+12], ebx
; 545 : NextIrpStack->Parameters.ReadWriteConfig.Length = InputBufferLength;
mov DWORD PTR [eax+16], ecx
; 546 : NextIrpStack->DeviceObject = ObjExt->NextLowerDeviceObject;
mov ecx, DWORD PTR [esi+140]
mov DWORD PTR [eax+20], ecx
; 547 : NextIrpStack->FileObject = FileObject;
mov ecx, DWORD PTR _FileObject$[ebp]
mov DWORD PTR [eax+24], ecx
; 548 :
; 549 : IoSetCompletionRoutine(
; 550 : IN Irp,
; 551 : IN DeviceCompletionRoutine,
; 552 : IN NULL, //Context
; 553 : IN TRUE, //InvokeOnSuccess
; 554 : IN TRUE, //InvokeOnError
; 555 : IN TRUE //InvokeOnCancel
; 556 : );
mov eax, DWORD PTR [edx+96]
sub eax, 36 ; 00000024H
mov DWORD PTR [eax+28], OFFSET FLAT:_DeviceCompletionRoutine@12
mov DWORD PTR [eax+32], ebx
mov BYTE PTR [eax+3], 224 ; 000000e0H
; 557 : NTStatus = IoCallDriver(ObjExt->NextLowerDeviceObject, Irp);
mov ecx, DWORD PTR [esi+140]
call DWORD PTR __imp_@IofCallDriver@8
; 558 : if(NTStatus == STATUS_PENDING){
cmp eax, 259 ; 00000103H
pop edi
jne SHORT $L8684
; 559 : KeWaitForSingleObject(
; 560 : IN &ObjExt->WaitEvent,
; 561 : IN Executive, //WaitReason
; 562 : IN KernelMode, //WaitMode
; 563 : IN FALSE, //Alertable
; 564 : IN NULL //Timeout
; 565 : );
push ebx
push ebx
push ebx
add esi, 144 ; 00000090H
push ebx
push esi
call DWORD PTR __imp__KeWaitForSingleObject@20
; 566 : }
; 567 : }
; 568 :
; 569 : else{
jmp SHORT $L8684
$L8675:
; 570 : NTStatus = STATUS_INVALID_BUFFER_SIZE;
; 571 : Irp->IoStatus.Status = NTStatus;
mov eax, DWORD PTR _Irp$[ebp]
; 572 : Irp->IoStatus.Information = 0;
and DWORD PTR [eax+28], 0
mov DWORD PTR [eax+24], -1073741306 ; c0000206H
$L8684:
pop esi
pop ebx
; 573 : }
; 574 : }
pop ebp
ret 20 ; 00000014H
_PCIDPSetPCIRegs@20 ENDP
_TEXT ENDS
PUBLIC _PCIDPRegisterInterrupt@20
EXTRN _PCIDPCancelInterrupt@8:NEAR
; COMDAT _PCIDPRegisterInterrupt@20
_TEXT SEGMENT
_DeviceObject$ = 8
_Irp$ = 12
_IoBuffer$ = 16
_InputBufferLength$ = 20
_CancelSpin$ = 16
_MemoryBase$ = -4
_Type$ = 8
_PCIDPRegisterInterrupt@20 PROC NEAR ; COMDAT
; 587 : ){
push ebp
mov ebp, esp
push ecx
; 588 :
; 589 : // Define variables.
; 590 : NTSTATUS NTStatus;
; 591 : PPCIDP00_REGISTER_INTERRUPT_SEND IoInput;
; 592 : PPCIDP_EXTENSION ObjExt;
; 593 : KIRQL CancelSpin;
; 594 : PULONG MemoryBase;
; 595 : PLINKED_LIST LLEntry;
; 596 : ULONG Type;
; 597 : ULONG HINTPattern;
; 598 :
; 599 : // Initialize variables.
; 600 : IoInput = (PPCIDP00_REGISTER_INTERRUPT_SEND)IoBuffer;
; 601 : ObjExt = (PPCIDP_EXTENSION)DeviceObject->DeviceExtension;
mov eax, DWORD PTR _DeviceObject$[ebp]
push ebx
; 602 : MemoryBase = ObjExt->MemoryBase;
; 603 :
; 604 : // Check that call was made via the PCIDP API.
; 605 : if((IoInput->InterruptType & 0xF0C00000) != 0xF0C00000){
mov ecx, -255852544 ; f0c00000H
push esi
mov ebx, DWORD PTR [eax+40]
push edi
mov edi, DWORD PTR _Irp$[ebp]
mov eax, DWORD PTR [ebx+24]
mov DWORD PTR _MemoryBase$[ebp], eax
mov eax, DWORD PTR _IoBuffer$[ebp]
mov eax, DWORD PTR [eax]
mov edx, eax
and edx, ecx
cmp edx, ecx
je SHORT $L8707
; 606 : NTStatus = STATUS_ACCESS_DENIED;
mov eax, -1073741790 ; c0000022H
; 607 : goto ExitA;
jmp $ExitA$8709
$L8707:
; 608 : }
; 609 : Type = IoInput->InterruptType & 0x000003FF;
and eax, 1023 ; 000003ffH
; 610 :
; 611 : // Check to make sure the board has the interrupt pin enabled.
; 612 : if(ObjExt->InterruptObject == 0){
cmp DWORD PTR [ebx+32], 0
mov DWORD PTR _Type$[ebp], eax
jne SHORT $L8710
; 613 : NTStatus = STATUS_BIOS_FAILED_TO_CONNECT_INTERRUPT;
mov eax, -1073741458 ; c000016eH
; 614 : goto ExitA;
jmp $ExitA$8709
$L8710:
; 615 : }
; 616 :
; 617 : // Make sure the buffer lengths are of sufficient size to handle
; 618 : // the transactions.
; 619 : if(InputBufferLength < sizeof(PCIDP00_REGISTER_INTERRUPT_SEND)){
cmp DWORD PTR _InputBufferLength$[ebp], 4
jae SHORT $L8713
; 620 : NTStatus = STATUS_INVALID_BUFFER_SIZE;
mov eax, -1073741306 ; c0000206H
; 621 : goto ExitA;
jmp $ExitA$8709
$L8713:
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -