pcidpprivate.cod

一个amccs5933芯片的驱动程序开发源程序和部分文档

  0000f	50		 push	 eax
  00010	ff 15 00 00 00
	00		 call	 DWORD PTR __imp__IoDisconnectInterrupt@4
$L8473:

; 198  : 
; 199  : 	// Delete all allocated entries in the linked list.
; 200  : 	DeleteAllEntries(ObjExt);

  00016	56		 push	 esi
  00017	e8 00 00 00 00	 call	 _DeleteAllEntries@4

; 201  : 
; 202  : 	// Unmap physical memory.
; 203  : 	MmUnmapIoSpace(ObjExt->MemoryBase, ObjExt->MemoryAccessLength);

  0001c	ff 76 10	 push	 DWORD PTR [esi+16]
  0001f	ff 76 18	 push	 DWORD PTR [esi+24]
  00022	ff 15 00 00 00
	00		 call	 DWORD PTR __imp__MmUnmapIoSpace@8

; 204  : 
; 205  : 	return STATUS_SUCCESS;

  00028	33 c0		 xor	 eax, eax
  0002a	5e		 pop	 esi

; 206  : }

  0002b	c2 04 00	 ret	 4
_StopDevice@4 ENDP
_TEXT	ENDS
PUBLIC	_CancelStopDevice@8
;	COMDAT _CancelStopDevice@8
_TEXT	SEGMENT
_DeviceObject$ = 8
_Irp$ = 12
_ObjExt$ = 8
_CancelStopDevice@8 PROC NEAR				; COMDAT

; 212  : ){

  00000	55		 push	 ebp
  00001	8b ec		 mov	 ebp, esp

; 213  : 	NTSTATUS NTStatus;
; 214  : 	PPCIDP_EXTENSION ObjExt = (PPCIDP_EXTENSION)DeviceObject->DeviceExtension;

  00003	8b 45 08	 mov	 eax, DWORD PTR _DeviceObject$[ebp]
  00006	53		 push	 ebx

; 215  : 
; 216  : 	// Debug entry point
; 217  : 	//DbgPrint("[PCIDP]->Entering CancelStopDevice...\n");	//debug
; 218  : 	//DbgBreakPoint();	//debug
; 219  : 
; 220  : 	// Let the lower level drivers handle the IRP first.
; 221  : 	IoCopyCurrentIrpStackLocationToNext(IN Irp);

  00007	8b 5d 0c	 mov	 ebx, DWORD PTR _Irp$[ebp]
  0000a	56		 push	 esi
  0000b	8b 40 28	 mov	 eax, DWORD PTR [eax+40]
  0000e	57		 push	 edi
  0000f	8b 73 60	 mov	 esi, DWORD PTR [ebx+96]
  00012	89 45 08	 mov	 DWORD PTR _ObjExt$[ebp], eax
  00015	6a 07		 push	 7

; 222  : 
; 223  : 	IoSetCompletionRoutine(
; 224  : 		IN Irp,
; 225  : 		IN DeviceCompletionRoutine,
; 226  : 		IN NULL,			//Context
; 227  : 		IN TRUE,			//InvokeOnSuccess
; 228  : 		IN TRUE,			//InvokeOnError
; 229  : 		IN TRUE				//InvokeOnCancel
; 230  : 	);
; 231  : 
; 232  : 	NTStatus = IoCallDriver(ObjExt->NextLowerDeviceObject, Irp);

  00017	8b d3		 mov	 edx, ebx
  00019	8d 46 dc	 lea	 eax, DWORD PTR [esi-36]
  0001c	59		 pop	 ecx
  0001d	8b f8		 mov	 edi, eax
  0001f	f3 a5		 rep movsd
  00021	80 60 03 00	 and	 BYTE PTR [eax+3], 0
  00025	8b 43 60	 mov	 eax, DWORD PTR [ebx+96]
  00028	8b 75 08	 mov	 esi, DWORD PTR _ObjExt$[ebp]
  0002b	83 e8 24	 sub	 eax, 36			; 00000024H
  0002e	33 ff		 xor	 edi, edi
  00030	c7 40 1c 00 00
	00 00		 mov	 DWORD PTR [eax+28], OFFSET FLAT:_DeviceCompletionRoutine@12
  00037	89 78 20	 mov	 DWORD PTR [eax+32], edi
  0003a	c6 40 03 e0	 mov	 BYTE PTR [eax+3], 224	; 000000e0H
  0003e	8b 8e 8c 00 00
	00		 mov	 ecx, DWORD PTR [esi+140]
  00044	ff 15 00 00 00
	00		 call	 DWORD PTR __imp_@IofCallDriver@8

; 233  : 	if(NTStatus == STATUS_PENDING){

  0004a	3d 03 01 00 00	 cmp	 eax, 259		; 00000103H
  0004f	75 14		 jne	 SHORT $L8494

; 234  : 		KeWaitForSingleObject(
; 235  : 			IN &ObjExt->WaitEvent,
; 236  : 			IN Executive,				//WaitReason
; 237  : 			IN KernelMode,			//WaitMode
; 238  : 			IN FALSE,						//Alertable
; 239  : 			IN NULL							//Timeout
; 240  : 		);

  00051	57		 push	 edi
  00052	57		 push	 edi
  00053	57		 push	 edi
  00054	81 c6 90 00 00
	00		 add	 esi, 144		; 00000090H
  0005a	57		 push	 edi
  0005b	56		 push	 esi
  0005c	ff 15 00 00 00
	00		 call	 DWORD PTR __imp__KeWaitForSingleObject@20

; 241  : 		NTStatus = Irp->IoStatus.Status;

  00062	8b 43 18	 mov	 eax, DWORD PTR [ebx+24]
$L8494:
  00065	5f		 pop	 edi
  00066	5e		 pop	 esi
  00067	5b		 pop	 ebx

; 242  : 	}
; 243  : 
; 244  : 	// Debug exit point
; 245  : 	//DbgPrint("[PCIDP]->Leaving CancelStopDevice, status=0x%x...\n", NTStatus);	//debug
; 246  : 	//DbgBreakPoint();	//debug
; 247  : 
; 248  : 	return NTStatus;
; 249  : }

  00068	5d		 pop	 ebp
  00069	c2 08 00	 ret	 8
_CancelStopDevice@8 ENDP
_TEXT	ENDS
PUBLIC	_RemoveDevice@4
EXTRN	__imp__MmUnlockPages@4:NEAR
EXTRN	__imp__MmFreeContiguousMemory@4:NEAR
EXTRN	__imp__RtlFreeUnicodeString@4:NEAR
EXTRN	__imp__IoDeleteDevice@4:NEAR
EXTRN	__imp__IoDetachDevice@4:NEAR
EXTRN	__imp__IoFreeMdl@4:NEAR
;	COMDAT _RemoveDevice@4
_TEXT	SEGMENT
_DeviceObject$ = 8
_RemoveDevice@4 PROC NEAR				; COMDAT

; 252  : NTSTATUS RemoveDevice(IN PDEVICE_OBJECT DeviceObject){

  00000	53		 push	 ebx

; 253  : 
; 254  : 	PPCIDP_EXTENSION ObjExt = (PPCIDP_EXTENSION)DeviceObject->DeviceExtension;

  00001	8b 5c 24 08	 mov	 ebx, DWORD PTR _DeviceObject$[esp]
  00005	56		 push	 esi
  00006	57		 push	 edi
  00007	8b 73 28	 mov	 esi, DWORD PTR [ebx+40]

; 255  : 
; 256  : 	// Debug entry point
; 257  : 	//DbgPrint("[PCIDP]->Entering RemoveDevice...\n");	//debug
; 258  : 	//DbgBreakPoint();	//debug
; 259  : 
; 260  : 	// Free up DMA contiguous memory.
; 261  : 	MmUnlockPages(ObjExt->MDL);

  0000a	ff b6 80 00 00
	00		 push	 DWORD PTR [esi+128]
  00010	8d be 80 00 00
	00		 lea	 edi, DWORD PTR [esi+128]
  00016	ff 15 00 00 00
	00		 call	 DWORD PTR __imp__MmUnlockPages@4

; 262  : 	IoFreeMdl(ObjExt->MDL);

  0001c	ff 37		 push	 DWORD PTR [edi]
  0001e	ff 15 00 00 00
	00		 call	 DWORD PTR __imp__IoFreeMdl@4

; 263  : 	MmFreeContiguousMemory(ObjExt->VirtualDMAAddress);

  00024	ff 76 78	 push	 DWORD PTR [esi+120]
  00027	ff 15 00 00 00
	00		 call	 DWORD PTR __imp__MmFreeContiguousMemory@4

; 264  : 
; 265  : 	RtlFreeUnicodeString(&ObjExt->SymbolicLinkName);

  0002d	8d 86 84 00 00
	00		 lea	 eax, DWORD PTR [esi+132]
  00033	50		 push	 eax
  00034	ff 15 00 00 00
	00		 call	 DWORD PTR __imp__RtlFreeUnicodeString@4

; 266  : 
; 267  : 	IoDetachDevice(ObjExt->NextLowerDeviceObject);

  0003a	ff b6 8c 00 00
	00		 push	 DWORD PTR [esi+140]
  00040	ff 15 00 00 00
	00		 call	 DWORD PTR __imp__IoDetachDevice@4

; 268  : 
; 269  : 	IoDeleteDevice(DeviceObject);

  00046	53		 push	 ebx
  00047	ff 15 00 00 00
	00		 call	 DWORD PTR __imp__IoDeleteDevice@4
  0004d	5f		 pop	 edi
  0004e	5e		 pop	 esi

; 270  : 
; 271  : 	return STATUS_SUCCESS;

  0004f	33 c0		 xor	 eax, eax
  00051	5b		 pop	 ebx

; 272  : }

  00052	c2 04 00	 ret	 4
_RemoveDevice@4 ENDP
_TEXT	ENDS
EXTRN	__imp__KeSetEvent@12:NEAR
;	COMDAT _DeviceCompletionRoutine@12
_TEXT	SEGMENT
_DeviceObject$ = 8
_DeviceCompletionRoutine@12 PROC NEAR			; COMDAT

; 280  : 	PPCIDP_EXTENSION ObjExt = (PPCIDP_EXTENSION)DeviceObject->DeviceExtension;
; 281  : 
; 282  : 	KeSetEvent(&ObjExt->WaitEvent, IO_NO_INCREMENT, FALSE);

  00000	8b 44 24 04	 mov	 eax, DWORD PTR _DeviceObject$[esp-4]
  00004	6a 00		 push	 0
  00006	6a 00		 push	 0
  00008	8b 40 28	 mov	 eax, DWORD PTR [eax+40]
  0000b	05 90 00 00 00	 add	 eax, 144		; 00000090H
  00010	50		 push	 eax
  00011	ff 15 00 00 00
	00		 call	 DWORD PTR __imp__KeSetEvent@12

; 283  : 	return STATUS_MORE_PROCESSING_REQUIRED;

  00017	b8 16 00 00 c0	 mov	 eax, -1073741802	; c0000016H

; 284  : }

  0001c	c2 0c 00	 ret	 12			; 0000000cH
_DeviceCompletionRoutine@12 ENDP
_TEXT	ENDS
;	COMDAT _GetResources@16
_TEXT	SEGMENT
_Resources$ = 8
_CmResourceType$ = 12
_pLIdx$ = 16
_pDIdx$ = 20
_LIdx$ = -8
_DIdx$ = 12
_Found$ = -1
_GetResources@16 PROC NEAR				; COMDAT

; 292  : ){

  00000	55		 push	 ebp
  00001	8b ec		 mov	 ebp, esp
  00003	51		 push	 ecx
  00004	51		 push	 ecx

; 297  : 
; 298  : 	// Debug entry point
; 299  : 	//DbgPrint("[PCIDP]->Entering GetResources...\n");	//debug
; 300  : 	//DbgBreakPoint();	//debug
; 301  : 
; 302  : 	for(LIdx=0; LIdx<Resources->Count; LIdx++){

  00005	8b 4d 08	 mov	 ecx, DWORD PTR _Resources$[ebp]
  00008	80 65 ff 00	 and	 BYTE PTR _Found$[ebp], 0
  0000c	83 65 f8 00	 and	 DWORD PTR _LIdx$[ebp], 0
  00010	53		 push	 ebx
  00011	8b 19		 mov	 ebx, DWORD PTR [ecx]
  00013	56		 push	 esi
  00014	85 db		 test	 ebx, ebx
  00016	57		 push	 edi
  00017	76 36		 jbe	 SHORT $L8677

; 293  : 	ULONG LIdx;
; 294  : 	ULONG DIdx;
; 295  : 	ULONG PRLCount;
; 296  : 	BOOLEAN Found = FALSE;

  00019	8d 51 14	 lea	 edx, DWORD PTR [ecx+20]
$L8525:

; 303  : 
; 304  : 		PRLCount = Resources->List[LIdx].PartialResourceList.Count;

  0001c	8b 4a fc	 mov	 ecx, DWORD PTR [edx-4]

; 305  : 		for(DIdx=0; DIdx<PRLCount; DIdx++){

  0001f	33 ff		 xor	 edi, edi
  00021	85 c9		 test	 ecx, ecx
  00023	76 17		 jbe	 SHORT $L8530

; 303  : 
; 304  : 		PRLCount = Resources->List[LIdx].PartialResourceList.Count;

  00025	8b f2		 mov	 esi, edx
$L8528:

; 306  : 			if(
; 307  : 				Resources->List[LIdx].PartialResourceList.PartialDescriptors[DIdx].Type ==
; 308  : 				CmResourceType
; 309  : 			){

  00027	8a 06		 mov	 al, BYTE PTR [esi]
  00029	3a 45 0c	 cmp	 al, BYTE PTR _CmResourceType$[ebp]
  0002c	74 0a		 je	 SHORT $L8673
  0002e	47		 inc	 edi
  0002f	83 c6 10	 add	 esi, 16			; 00000010H
  00032	3b f9		 cmp	 edi, ecx
  00034	72 f1		 jb	 SHORT $L8528

; 313  : 				break;
; 314  : 			}
; 315  : 		}
; 316  : 		if(Found == TRUE)

  00036	eb 04		 jmp	 SHORT $L8530
$L8673:

; 310  : 				//DbgPrint("[PCIDP]->&Resources: 0x%x...\n", &Resources->List[LIdx].PartialResourceList.PartialDescriptors[DIdx]);	//debug
; 311  : 				//DbgBreakPoint();	//debug
; 312  : 				Found = TRUE;

  00038	c6 45 ff 01	 mov	 BYTE PTR _Found$[ebp], 1
$L8530:

; 313  : 				break;
; 314  : 			}
; 315  : 		}
; 316  : 		if(Found == TRUE)

  0003c	80 7d ff 01	 cmp	 BYTE PTR _Found$[ebp], 1
  00040	74 10		 je	 SHORT $L8674
  00042	ff 45 f8	 inc	 DWORD PTR _LIdx$[ebp]
  00045	83 c2 20	 add	 edx, 32			; 00000020H
  00048	39 5d f8	 cmp	 DWORD PTR _LIdx$[ebp], ebx
  0004b	72 cf		 jb	 SHORT $L8525

; 297  : 
; 298  : 	// Debug entry point
; 299  : 	//DbgPrint("[PCIDP]->Entering GetResources...\n");	//debug
; 300  : 	//DbgBreakPoint();	//debug
; 301  : 
; 302  : 	for(LIdx=0; LIdx<Resources->Count; LIdx++){

  0004d	eb 03		 jmp	 SHORT $L8674
$L8677:
  0004f	8b 7d 0c	 mov	 edi, DWORD PTR _DIdx$[ebp]
$L8674:

; 317  : 			break;
; 318  : 	}
; 319  : 
; 320  : 	*pLIdx = LIdx;

  00052	8b 45 10	 mov	 eax, DWORD PTR _pLIdx$[ebp]
  00055	8b 4d f8	 mov	 ecx, DWORD PTR _LIdx$[ebp]
  00058	89 08		 mov	 DWORD PTR [eax], ecx

; 321  : 	*pDIdx = DIdx;

  0005a	8b 45 14	 mov	 eax, DWORD PTR _pDIdx$[ebp]
  0005d	89 38		 mov	 DWORD PTR [eax], edi

; 322  : 	return Found;

  0005f	8a 45 ff	 mov	 al, BYTE PTR _Found$[ebp]
  00062	5f		 pop	 edi
  00063	5e		 pop	 esi
  00064	5b		 pop	 ebx

; 323  : }

  00065	c9		 leave
  00066	c2 10 00	 ret	 16			; 00000010H
_GetResources@16 ENDP
_TEXT	ENDS
PUBLIC	_GetNextEntry@16
EXTRN	__imp_@KfAcquireSpinLock@4:NEAR
EXTRN	__imp_@KfReleaseSpinLock@8:NEAR
;	COMDAT _GetNextEntry@16
_TEXT	SEGMENT
_ObjExt$ = 8
_FirstLink$ = 12
_CurrentLink$ = 16
_Entry$ = 20
_Status$ = -1
_LListIrql$ = 11
_GetNextEntry@16 PROC NEAR				; COMDAT

; 335  : ){

  00000	55		 push	 ebp
  00001	8b ec		 mov	 ebp, esp
  00003	51		 push	 ecx
  00004	53		 push	 ebx

; 336  : 
; 337  : 	BOOLEAN Status = FALSE;

  00005	80 65 ff 00	 and	 BYTE PTR _Status$[ebp], 0
  00009	56		 push	 esi

; 338  : 	KIRQL LListIrql;
; 339  : 	PLINKED_LIST CurrentLnk;
; 340  : 
; 341  : 	KeAcquireSpinLock(&ObjExt->LListSpin, &LListIrql);

  0000a	8b 75 08	 mov	 esi, DWORD PTR _ObjExt$[ebp]
  0000d	57		 push	 edi
  0000e	8d 5e 74	 lea	 ebx, DWORD PTR [esi+116]
  00011	8b cb		 mov	 ecx, ebx
  00013	ff 15 00 00 00
	00		 call	 DWORD PTR __imp_@KfAcquireSpinLock@4

; 342  : 
; 343  : 	if(*FirstLink == NULL){

  00019	8b 7d 0c	 mov	 edi, DWORD PTR _FirstLink$[ebp]
  0001c	88 45 0b	 mov	 BYTE PTR _LListIrql$[ebp], al
  0001f	8b 45 10	 mov	 eax, DWORD PTR _CurrentLink$[ebp]
  00022	83 3f 00	 cmp	 DWORD PTR [edi], 0
  00025	75 2a		 jne	 SHORT $L8548

; 344  : 		if(ObjExt->LLData.InsertedCount > 0){

  00027	66 83 7e 6a 00	 cmp	 WORD PTR [esi+106], 0
  0002c	76 23		 jbe	 SHORT $L8548

; 345  : 			*FirstLink = ObjExt->LLData.CurrentLink;

  0002e	8b 4e 70	 mov	 ecx, DWORD PTR [esi+112]
  00031	89 0f		 mov	 DWORD PTR [edi], ecx

; 346  : 			*CurrentLink = *FirstLink;

  00033	89 08		 mov	 DWORD PTR [eax], ecx

; 347  : 			CurrentLnk = *CurrentLink;
; 348  : 			if(CurrentLnk->Status == LL_INSERTED){

  00035	80 79 08 02	 cmp	 BYTE PTR [ecx+8], 2
  00039	75 16		 jne	 SHORT $L8548

; 349  : 				CurrentLnk->Status = LL_CHECKEDOUT;
; 350  : 				ObjExt->LLData.InsertedCount--;
; 351  : 				*Entry = &(CurrentLnk->RegisteredInterrupt);

  0003b	8b 45 14	 mov	 eax, DWORD PTR _Entry$[ebp]
  0003e	c6 41 08 04	 mov	 BYTE PTR [ecx+8], 4
  00042	66 ff 4e 6a	 dec	 WORD PTR [esi+106]
  00046	83 c1 0c	 add	 ecx, 12			; 0000000cH
  00049	89 08		 mov	 DWORD PTR [eax], ecx

; 352  : 				Status = TRUE;

  0004b	c6 45 ff 01	 mov	 BYTE PTR _Status$[ebp], 1

; 353  : 				goto GetNextExit;

  0004f	eb 2a		 jmp	 SHORT $GetNextExit$8549
$L8548:

; 354  : 			}
; 355  : 		}
; 356  : 	}
; 357  : 
; 358  : 	if(*FirstLink != NULL){

  00051	8b 3f		 mov	 edi, DWORD PTR [edi]
  00053	85 ff		 test	 edi, edi
  00055	74 24		 je	 SHORT $GetNextExit$8549

; 359  : 		CurrentLnk = *CurrentLink;

  00057	8b 08		 mov	 ecx, DWORD PTR [eax]
$L8686:

; 360  : 		CurrentLnk = CurrentLnk->Next;

  00059	8b 09		 mov	 ecx, DWORD PTR [ecx]

; 361  : 		while(CurrentLnk != *FirstLink){

  0005b	3b cf		 cmp	 ecx, edi
  0005d	74 1a		 je	 SHORT $L8554

; 362  : 			if(CurrentLnk->Status == LL_INSERTED){

  0005f	80 79 08 02	 cmp	 BYTE PTR [ecx+8], 2
  00063	75 f4		 jne	 SHORT $L8686

; 363  : 				CurrentLnk->Status = LL_CHECKEDOUT;

  00065	c6 41 08 04	 mov	 BYTE PTR [ecx+8], 4

; 364  : 				ObjExt->LLData.InsertedCount--;

  00069	66 ff 4e 6a	 dec	 WORD PTR [esi+106]

; 365  : 				*Entry = &(CurrentLnk->RegisteredInterrupt);

  0006d	8b 75 14	 mov	 esi, DWORD PTR _Entry$[ebp]
  00070	8d 51 0c	 lea	 edx, DWORD PTR [ecx+12]

; 366  : 				Status = TRUE;

  00073	c6 45 ff 01	 mov	 BYTE PTR _Status$[ebp], 1
  00077	89 16		 mov	 DWORD PTR [esi], edx
$L8554:

; 367  : 				break;
; 368  : 			}
; 369  : 			CurrentLnk = CurrentLnk->Next;
; 370  : 		}
; 371  : 		*CurrentLink = CurrentLnk;

  00079	89 08		 mov	 DWORD PTR [eax], ecx
$GetNextExit$8549:

; 372  : 	}
; 373  : 
; 374  : 	GetNextExit:
; 375  : 	//ObjExt->MemoryBase[0x1C57] = ObjExt->LLData.InsertedCount;	//debug
; 376  : 	KeReleaseSpinLock(&ObjExt->LListSpin, LListIrql);

  0007b	8a 55 0b	 mov	 dl, BYTE PTR _LListIrql$[ebp]
  0007e	8b cb		 mov	 ecx, ebx
  00080	ff 15 00 00 00
	00		 call	 DWORD PTR __imp_@KfReleaseSpinLock@8