📄 pcidpprivate.asm
字号:
; 187 :
; 188 : // Delete all allocated entries in the linked list.
; 189 : DeleteAllEntries(ObjExt);
push esi
call _DeleteAllEntries@4
; 190 :
; 191 : // Unmap physical memory.
; 192 : MmUnmapIoSpace(ObjExt->MemoryBase, ObjExt->MemoryAccessLength);
push DWORD PTR [esi+16]
push DWORD PTR [esi+24]
call DWORD PTR __imp__MmUnmapIoSpace@8
; 193 :
; 194 : return STATUS_SUCCESS;
xor eax, eax
pop esi
; 195 : }
ret 4
_StopDevice@4 ENDP
_TEXT ENDS
PUBLIC _CancelStopDevice@8
; COMDAT _CancelStopDevice@8
; File c:\kernel2000\pcidpprivate.c
_TEXT SEGMENT
$SG8485 DB '[PCIDP]->Entering CancelStopDevice...', 0aH, 00H
ORG $+1
$SG8499 DB '[PCIDP]->Leaving CancelStopDevice, status=%ld...', 0aH, 00H
_DeviceObject$ = 8
_Irp$ = 12
_ObjExt$ = 8
_CancelStopDevice@8 PROC NEAR ; COMDAT
; 201 : ){
push ebp
mov ebp, esp
; 202 : NTSTATUS NTStatus;
; 203 : PPCIDP_EXTENSION ObjExt = (PPCIDP_EXTENSION)DeviceObject->DeviceExtension;
mov eax, DWORD PTR _DeviceObject$[ebp]
push ebx
push esi
push edi
mov eax, DWORD PTR [eax+40]
; 204 :
; 205 : // Debug entry point
; 206 : DbgPrint("[PCIDP]->Entering CancelStopDevice...\n"); //debug
push OFFSET FLAT:$SG8485
mov DWORD PTR _ObjExt$[ebp], eax
call _DbgPrint
pop ecx
; 207 : DbgBreakPoint(); //debug
call _DbgBreakPoint@0
; 208 :
; 209 : // Let the lower level drivers handle the IRP first.
; 210 : IoCopyCurrentIrpStackLocationToNext(IN Irp);
mov ebx, DWORD PTR _Irp$[ebp]
push 7
pop ecx
; 211 :
; 212 : IoSetCompletionRoutine(
; 213 : IN Irp,
; 214 : IN DeviceCompletionRoutine,
; 215 : IN NULL, //Context
; 216 : IN TRUE, //InvokeOnSuccess
; 217 : IN TRUE, //InvokeOnError
; 218 : IN TRUE //InvokeOnCancel
; 219 : );
; 220 :
; 221 : NTStatus = IoCallDriver(ObjExt->NextLowerDeviceObject, Irp);
mov edx, ebx
mov esi, DWORD PTR [ebx+96]
lea eax, DWORD PTR [esi-36]
mov edi, eax
rep movsd
and BYTE PTR [eax+3], 0
mov eax, DWORD PTR [ebx+96]
mov esi, DWORD PTR _ObjExt$[ebp]
and DWORD PTR [eax-4], 0
sub eax, 36 ; 00000024H
mov DWORD PTR [eax+28], OFFSET FLAT:_DeviceCompletionRoutine@12
mov BYTE PTR [eax+3], 224 ; 000000e0H
mov ecx, DWORD PTR [esi+140]
call DWORD PTR __imp_@IofCallDriver@8
mov edi, eax
; 222 : if(NTStatus == STATUS_PENDING){
cmp edi, 259 ; 00000103H
jne SHORT $L8497
; 223 : KeWaitForSingleObject(
; 224 : IN &ObjExt->WaitEvent,
; 225 : IN Executive, //WaitReason
; 226 : IN KernelMode, //WaitMode
; 227 : IN FALSE, //Alertable
; 228 : IN NULL //Timeout
; 229 : );
xor eax, eax
add esi, 144 ; 00000090H
push eax
push eax
push eax
push eax
push esi
call DWORD PTR __imp__KeWaitForSingleObject@20
; 230 : NTStatus = Irp->IoStatus.Status;
mov edi, DWORD PTR [ebx+24]
$L8497:
; 231 : }
; 232 :
; 233 : // Debug exit point
; 234 : DbgPrint("[PCIDP]->Leaving CancelStopDevice, status=%ld...\n", NTStatus); //debug
push edi
push OFFSET FLAT:$SG8499
call _DbgPrint
pop ecx
pop ecx
; 235 : DbgBreakPoint(); //debug
call _DbgBreakPoint@0
; 236 :
; 237 : return NTStatus;
mov eax, edi
pop edi
pop esi
pop ebx
; 238 : }
pop ebp
ret 8
_CancelStopDevice@8 ENDP
_TEXT ENDS
PUBLIC _RemoveDevice@4
EXTRN __imp__MmUnlockPages@4:NEAR
EXTRN __imp__MmFreeContiguousMemory@4:NEAR
EXTRN __imp__RtlFreeUnicodeString@4:NEAR
EXTRN __imp__IoDeleteDevice@4:NEAR
EXTRN __imp__IoDetachDevice@4:NEAR
EXTRN __imp__IoFreeMdl@4:NEAR
; COMDAT _RemoveDevice@4
; File c:\kernel2000\pcidpprivate.c
_TEXT SEGMENT
$SG8505 DB '[PCIDP]->Entering RemoveDevice...', 0aH, 00H
_DeviceObject$ = 8
_RemoveDevice@4 PROC NEAR ; COMDAT
; 241 : NTSTATUS RemoveDevice(IN PDEVICE_OBJECT DeviceObject){
push ebx
; 242 :
; 243 : PPCIDP_EXTENSION ObjExt = (PPCIDP_EXTENSION)DeviceObject->DeviceExtension;
mov ebx, DWORD PTR _DeviceObject$[esp]
push esi
push edi
mov esi, DWORD PTR [ebx+40]
; 244 :
; 245 : // Debug entry point
; 246 : DbgPrint("[PCIDP]->Entering RemoveDevice...\n"); //debug
push OFFSET FLAT:$SG8505
call _DbgPrint
pop ecx
; 247 : DbgBreakPoint(); //debug
call _DbgBreakPoint@0
; 248 :
; 249 : // Free up DMA contiguous memory.
; 250 : MmUnlockPages(ObjExt->MDL);
push DWORD PTR [esi+128]
lea edi, DWORD PTR [esi+128]
call DWORD PTR __imp__MmUnlockPages@4
; 251 : IoFreeMdl(ObjExt->MDL);
push DWORD PTR [edi]
call DWORD PTR __imp__IoFreeMdl@4
; 252 : MmFreeContiguousMemory(ObjExt->VirtualDMAAddress);
push DWORD PTR [esi+120]
call DWORD PTR __imp__MmFreeContiguousMemory@4
; 253 :
; 254 : RtlFreeUnicodeString(&ObjExt->SymbolicLinkName);
lea eax, DWORD PTR [esi+132]
push eax
call DWORD PTR __imp__RtlFreeUnicodeString@4
; 255 :
; 256 : IoDetachDevice(ObjExt->NextLowerDeviceObject);
push DWORD PTR [esi+140]
call DWORD PTR __imp__IoDetachDevice@4
; 257 :
; 258 : IoDeleteDevice(DeviceObject);
push ebx
call DWORD PTR __imp__IoDeleteDevice@4
pop edi
pop esi
; 259 :
; 260 : return STATUS_SUCCESS;
xor eax, eax
pop ebx
; 261 : }
ret 4
_RemoveDevice@4 ENDP
_TEXT ENDS
EXTRN __imp__KeSetEvent@12:NEAR
; COMDAT _DeviceCompletionRoutine@12
; File c:\kernel2000\pcidpprivate.c
_TEXT SEGMENT
$SG8516 DB '[PCIDP]->Entering DeviceCompletionRoutine...', 0aH, 00H
_DeviceObject$ = 8
_DeviceCompletionRoutine@12 PROC NEAR ; COMDAT
; 269 : PPCIDP_EXTENSION ObjExt = (PPCIDP_EXTENSION)DeviceObject->DeviceExtension;
mov eax, DWORD PTR _DeviceObject$[esp-4]
push esi
; 270 :
; 271 : // Debug entry point
; 272 : DbgPrint("[PCIDP]->Entering DeviceCompletionRoutine...\n"); //debug
push OFFSET FLAT:$SG8516
mov esi, DWORD PTR [eax+40]
call _DbgPrint
pop ecx
; 273 : DbgBreakPoint(); //debug
call _DbgBreakPoint@0
; 274 :
; 275 : KeSetEvent(&ObjExt->WaitEvent, IO_NO_INCREMENT, FALSE);
push 0
add esi, 144 ; 00000090H
push 0
push esi
call DWORD PTR __imp__KeSetEvent@12
; 276 : return STATUS_MORE_PROCESSING_REQUIRED;
mov eax, -1073741802 ; c0000016H
pop esi
; 277 : }
ret 12 ; 0000000cH
_DeviceCompletionRoutine@12 ENDP
_TEXT ENDS
; COMDAT _GetResources@16
_TEXT SEGMENT
_Resources$ = 8
_CmResourceType$ = 12
_pLIdx$ = 16
_pDIdx$ = 20
_LIdx$ = -8
_DIdx$ = 12
_Found$ = -1
_GetResources@16 PROC NEAR ; COMDAT
; 285 : ){
push ebp
mov ebp, esp
push ecx
push ecx
; 290 :
; 291 : for(LIdx=0; LIdx<Resources->Count; LIdx++){
mov ecx, DWORD PTR _Resources$[ebp]
and BYTE PTR _Found$[ebp], 0
and DWORD PTR _LIdx$[ebp], 0
push ebx
mov ebx, DWORD PTR [ecx]
push esi
test ebx, ebx
push edi
jbe SHORT $L8684
; 286 : ULONG LIdx;
; 287 : ULONG DIdx;
; 288 : ULONG PRLCount;
; 289 : BOOLEAN Found = FALSE;
lea edx, DWORD PTR [ecx+20]
$L8531:
; 292 :
; 293 : PRLCount = Resources->List[LIdx].PartialResourceList.Count;
mov ecx, DWORD PTR [edx-4]
; 294 : for(DIdx=0; DIdx<PRLCount; DIdx++){
xor edi, edi
test ecx, ecx
jbe SHORT $L8536
; 292 :
; 293 : PRLCount = Resources->List[LIdx].PartialResourceList.Count;
mov esi, edx
$L8534:
; 295 : if(
; 296 : Resources->List[LIdx].PartialResourceList.PartialDescriptors[DIdx].Type ==
; 297 : CmResourceType
; 298 : ){
mov al, BYTE PTR [esi]
cmp al, BYTE PTR _CmResourceType$[ebp]
je SHORT $L8680
inc edi
add esi, 16 ; 00000010H
cmp edi, ecx
jb SHORT $L8534
; 300 : break;
; 301 : }
; 302 : }
; 303 : if(Found == TRUE)
jmp SHORT $L8536
$L8680:
; 299 : Found = TRUE;
mov BYTE PTR _Found$[ebp], 1
$L8536:
; 300 : break;
; 301 : }
; 302 : }
; 303 : if(Found == TRUE)
cmp BYTE PTR _Found$[ebp], 1
je SHORT $L8681
inc DWORD PTR _LIdx$[ebp]
add edx, 32 ; 00000020H
cmp DWORD PTR _LIdx$[ebp], ebx
jb SHORT $L8531
; 290 :
; 291 : for(LIdx=0; LIdx<Resources->Count; LIdx++){
jmp SHORT $L8681
$L8684:
mov edi, DWORD PTR _DIdx$[ebp]
$L8681:
; 304 : break;
; 305 : }
; 306 :
; 307 : *pLIdx = LIdx;
mov eax, DWORD PTR _pLIdx$[ebp]
mov ecx, DWORD PTR _LIdx$[ebp]
mov DWORD PTR [eax], ecx
; 308 : *pDIdx = DIdx;
mov eax, DWORD PTR _pDIdx$[ebp]
mov DWORD PTR [eax], edi
; 309 : return Found;
mov al, BYTE PTR _Found$[ebp]
pop edi
pop esi
pop ebx
; 310 : }
leave
ret 16 ; 00000010H
_GetResources@16 ENDP
_TEXT ENDS
PUBLIC _GetNextEntry@16
EXTRN __imp_@KfAcquireSpinLock@4:NEAR
EXTRN __imp_@KfReleaseSpinLock@8:NEAR
; COMDAT _GetNextEntry@16
_TEXT SEGMENT
_ObjExt$ = 8
_FirstLink$ = 12
_CurrentLink$ = 16
_Entry$ = 20
_Status$ = -1
_LListIrql$ = 11
_GetNextEntry@16 PROC NEAR ; COMDAT
; 322 : ){
push ebp
mov ebp, esp
push ecx
push ebx
; 323 :
; 324 : BOOLEAN Status = FALSE;
and BYTE PTR _Status$[ebp], 0
push esi
; 325 : KIRQL LListIrql;
; 326 : PLINKED_LIST CurrentLnk;
; 327 :
; 328 : KeAcquireSpinLock(&ObjExt->LListSpin, &LListIrql);
mov esi, DWORD PTR _ObjExt$[ebp]
push edi
lea ebx, DWORD PTR [esi+116]
mov ecx, ebx
call DWORD PTR __imp_@KfAcquireSpinLock@4
; 329 :
; 330 : if(*FirstLink == NULL){
mov edi, DWORD PTR _FirstLink$[ebp]
mov BYTE PTR _LListIrql$[ebp], al
mov eax, DWORD PTR _CurrentLink$[ebp]
cmp DWORD PTR [edi], 0
jne SHORT $L8554
; 331 : if(ObjExt->LLData.InsertedCount > 0){
cmp WORD PTR [esi+106], 0
jbe SHORT $L8554
; 332 : *FirstLink = ObjExt->LLData.CurrentLink;
mov ecx, DWORD PTR [esi+112]
mov DWORD PTR [edi], ecx
; 333 : *CurrentLink = *FirstLink;
mov DWORD PTR [eax], ecx
; 334 : CurrentLnk = *CurrentLink;
; 335 : if(CurrentLnk->Status == LL_INSERTED){
cmp BYTE PTR [ecx+8], 2
jne SHORT $L8554
; 336 : CurrentLnk->Status = LL_CHECKEDOUT;
; 337 : ObjExt->LLData.InsertedCount--;
; 338 : *Entry = &(CurrentLnk->RegisteredInterrupt);
mov eax, DWORD PTR _Entry$[ebp]
mov BYTE PTR [ecx+8], 4
dec WORD PTR [esi+106]
add ecx, 12 ; 0000000cH
mov DWORD PTR [eax], ecx
; 339 : Status = TRUE;
mov BYTE PTR _Status$[ebp], 1
; 340 : goto GetNextExit;
jmp SHORT $GetNextExit$8555
$L8554:
; 341 : }
; 342 : }
; 343 : }
; 344 :
; 345 : if(*FirstLink != NULL){
mov edi, DWORD PTR [edi]
test edi, edi
je SHORT $GetNextExit$8555
; 346 : CurrentLnk = *CurrentLink;
mov ecx, DWORD PTR [eax]
$L8693:
; 347 : CurrentLnk = CurrentLnk->Next;
mov ecx, DWORD PTR [ecx]
; 348 : while(CurrentLnk != *FirstLink){
cmp ecx, edi
je SHORT $L8560
; 349 : if(CurrentLnk->Status == LL_INSERTED){
cmp BYTE PTR [ecx+8], 2
jne SHORT $L8693
; 350 : CurrentLnk->Status = LL_CHECKEDOUT;
mov BYTE PTR [ecx+8], 4
; 351 : ObjExt->LLData.InsertedCount--;
dec WORD PTR [esi+106]
; 352 : *Entry = &(CurrentLnk->RegisteredInterrupt);
mov esi, DWORD PTR _Entry$[ebp]
lea edx, DWORD PTR [ecx+12]
; 353 : Status = TRUE;
mov BYTE PTR _Status$[ebp], 1
mov DWORD PTR [esi], edx
$L8560:
; 354 : break;
; 355 : }
; 356 : CurrentLnk = CurrentLnk->Next;
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -