openclos.cod

怎样在win2000下构造驱动程序znsoft_Serial2000_demo.ZIP

	00 c0		 mov	 DWORD PTR [edi+24], -1073741670 ; c000009aH
  00173	89 5f 1c	 mov	 DWORD PTR [edi+28], ebx
  00176	ff 15 00 00 00
	00		 call	 DWORD PTR __imp_@InterlockedDecrement@4
  0017c	bb 9a 00 00 c0	 mov	 ebx, -1073741670	; c000009aH
  00181	e9 46 01 00 00	 jmp	 $L15092
$L14825:

; 248  :         SerialCompleteRequest(extension, Irp, IO_NO_INCREMENT);
; 249  : 
; 250  :         return STATUS_INSUFFICIENT_RESOURCES;
; 251  : 
; 252  :     }
; 253  : 
; 254  :     //
; 255  :     // Ok, it looks like we really are going to open.  Lock down the
; 256  :     // driver.
; 257  :     //
; 258  :     SerialLockPagableSectionByHandle(SerialGlobals.PAGESER_Handle);

  00186	ff 35 08 00 00
	00		 push	 DWORD PTR _SerialGlobals+8
  0018c	ff 15 00 00 00
	00		 call	 DWORD PTR __imp__MmLockPagableSectionByHandle@4

; 259  : 
; 260  :     //
; 261  :     // Power up the stack
; 262  :     //
; 263  : 
; 264  :     (void)SerialGotoPowerState(DeviceObject, extension, PowerDeviceD0);

  00192	6a 01		 push	 1
  00194	56		 push	 esi
  00195	ff 75 08	 push	 DWORD PTR _DeviceObject$[ebp]
  00198	e8 00 00 00 00	 call	 _SerialGotoPowerState@12

; 265  : 
; 266  :     //
; 267  :     // Not currently waiting for wake up
; 268  :     //
; 269  : 
; 270  :     extension->SendWaitWake = FALSE;
; 271  : 
; 272  :     //
; 273  :     // On a new open we "flush" the read queue by initializing the
; 274  :     // count of characters.
; 275  :     //
; 276  : 
; 277  :     extension->CharsInInterruptBuffer = 0;
; 278  :     extension->LastCharSlot = extension->InterruptReadBuffer +
; 279  :                               (extension->BufferSize - 1);

  0019d	8b 86 04 01 00
	00		 mov	 eax, DWORD PTR [esi+260]
  001a3	8b 8e e8 00 00
	00		 mov	 ecx, DWORD PTR [esi+232]

; 280  : 
; 281  :     extension->ReadBufferBase = extension->InterruptReadBuffer;

  001a9	89 8e ec 00 00
	00		 mov	 DWORD PTR [esi+236], ecx

; 282  :     extension->CurrentCharSlot = extension->InterruptReadBuffer;

  001af	89 8e f4 00 00
	00		 mov	 DWORD PTR [esi+244], ecx
  001b5	8d 54 01 ff	 lea	 edx, DWORD PTR [ecx+eax-1]

; 283  :     extension->FirstReadableChar = extension->InterruptReadBuffer;

  001b9	89 8e fc 00 00
	00		 mov	 DWORD PTR [esi+252], ecx

; 284  : 
; 285  :     extension->TotalCharsQueued = 0;
; 286  : 
; 287  :     //
; 288  :     // We set up the default xon/xoff limits.
; 289  :     //
; 290  : 
; 291  :     extension->HandFlow.XoffLimit = extension->BufferSize >> 3;

  001bf	8b c8		 mov	 ecx, eax
  001c1	89 96 f8 00 00
	00		 mov	 DWORD PTR [esi+248], edx
  001c7	c1 e9 03	 shr	 ecx, 3
  001ca	89 8e 80 01 00
	00		 mov	 DWORD PTR [esi+384], ecx

; 292  :     extension->HandFlow.XonLimit = extension->BufferSize >> 1;
; 293  : 
; 294  :     extension->WmiCommData.XoffXmitThreshold = extension->HandFlow.XoffLimit;

  001d0	89 8e cc 05 00
	00		 mov	 DWORD PTR [esi+1484], ecx

; 295  :     extension->WmiCommData.XonXmitThreshold = extension->HandFlow.XonLimit;
; 296  : 
; 297  :     extension->BufferSizePt8 = ((3*(extension->BufferSize>>2))+
; 298  :                                    (extension->BufferSize>>4));

  001d6	8b c8		 mov	 ecx, eax
  001d8	8b d0		 mov	 edx, eax
  001da	c1 e9 02	 shr	 ecx, 2

; 299  : 
; 300  :     //
; 301  :     // Mark the device as busy for WMI
; 302  :     //
; 303  : 
; 304  :     extension->WmiCommData.IsBusy = TRUE;
; 305  : 
; 306  :     extension->IrpMaskLocation = NULL;
; 307  :     extension->HistoryMask = 0;
; 308  :     extension->IsrWaitMask = 0;
; 309  : 
; 310  :     extension->SendXonChar = FALSE;
; 311  :     extension->SendXoffChar = FALSE;
; 312  : 
; 313  : #if !DBG
; 314  :     //
; 315  :     // Clear out the statistics.
; 316  :     //
; 317  : 
; 318  :     KeSynchronizeExecution(
; 319  :         extension->Interrupt,
; 320  :         SerialClearStats,
; 321  :         extension
; 322  :         );

  001dd	56		 push	 esi
  001de	68 00 00 00 00	 push	 OFFSET FLAT:_SerialClearStats@4
  001e3	ff b6 a0 00 00
	00		 push	 DWORD PTR [esi+160]
  001e9	8d 0c 49	 lea	 ecx, DWORD PTR [ecx+ecx*2]
  001ec	c1 e8 04	 shr	 eax, 4
  001ef	d1 ea		 shr	 edx, 1
  001f1	03 c8		 add	 ecx, eax
  001f3	88 9e 84 05 00
	00		 mov	 BYTE PTR [esi+1412], bl
  001f9	89 9e f0 00 00
	00		 mov	 DWORD PTR [esi+240], ebx
  001ff	89 9e 28 01 00
	00		 mov	 DWORD PTR [esi+296], ebx
  00205	89 96 7c 01 00
	00		 mov	 DWORD PTR [esi+380], edx
  0020b	89 96 d4 05 00
	00		 mov	 DWORD PTR [esi+1492], edx
  00211	89 8e 08 01 00
	00		 mov	 DWORD PTR [esi+264], ecx
  00217	c6 86 f0 05 00
	00 01		 mov	 BYTE PTR [esi+1520], 1
  0021e	89 9e 18 01 00
	00		 mov	 DWORD PTR [esi+280], ebx
  00224	89 9e 14 01 00
	00		 mov	 DWORD PTR [esi+276], ebx
  0022a	89 9e 10 01 00
	00		 mov	 DWORD PTR [esi+272], ebx
  00230	88 9e db 01 00
	00		 mov	 BYTE PTR [esi+475], bl
  00236	88 9e dc 01 00
	00		 mov	 BYTE PTR [esi+476], bl
  0023c	ff 15 00 00 00
	00		 call	 DWORD PTR __imp__KeSynchronizeExecution@12

; 323  : #endif
; 324  : 
; 325  :     //
; 326  :     // The escape char replacement must be reset upon every open.
; 327  :     //
; 328  : 
; 329  :     extension->EscapeChar = 0;
; 330  : 
; 331  :     if (!extension->PermitShare) {

  00242	39 9e 54 01 00
	00		 cmp	 DWORD PTR [esi+340], ebx
  00248	88 9e da 01 00
	00		 mov	 BYTE PTR [esi+474], bl
  0024e	75 28		 jne	 SHORT $L14833

; 332  : 
; 333  :         if (!extension->InterruptShareable) {

  00250	38 9e e0 01 00
	00		 cmp	 BYTE PTR [esi+480], bl
  00256	75 20		 jne	 SHORT $L14833

; 334  : 
; 335  :             checkOpen.Extension = extension;
; 336  :             checkOpen.StatusOfOpen = &Irp->IoStatus.Status;

  00258	8d 47 18	 lea	 eax, DWORD PTR [edi+24]
  0025b	89 75 f8	 mov	 DWORD PTR _checkOpen$[ebp], esi
  0025e	89 45 fc	 mov	 DWORD PTR _checkOpen$[ebp+4], eax

; 337  : 
; 338  :             KeSynchronizeExecution(
; 339  :                 extension->Interrupt,
; 340  :                 SerialCheckOpen,
; 341  :                 &checkOpen
; 342  :                 );

  00261	8d 45 f8	 lea	 eax, DWORD PTR _checkOpen$[ebp]
  00264	50		 push	 eax
  00265	68 00 00 00 00	 push	 OFFSET FLAT:_SerialCheckOpen@4
  0026a	ff b6 a0 00 00
	00		 push	 DWORD PTR [esi+160]
  00270	ff 15 00 00 00
	00		 call	 DWORD PTR __imp__KeSynchronizeExecution@12

; 343  : 
; 344  :         } else {

  00276	eb 15		 jmp	 SHORT $L14837
$L14833:

; 345  : 
; 346  :             KeSynchronizeExecution(
; 347  :                 extension->Interrupt,
; 348  :                 SerialMarkOpen,
; 349  :                 extension
; 350  :                 );
; 351  : 
; 352  :             Irp->IoStatus.Status = STATUS_SUCCESS;
; 353  : 
; 354  :         }
; 355  : 
; 356  :     } else {
; 357  : 
; 358  :         //
; 359  :         // Synchronize with the ISR and let it know that the device
; 360  :         // has been successfully opened.
; 361  :         //
; 362  : 
; 363  :         KeSynchronizeExecution(
; 364  :             extension->Interrupt,
; 365  :             SerialMarkOpen,
; 366  :             extension
; 367  :             );

  00278	56		 push	 esi
  00279	68 00 00 00 00	 push	 OFFSET FLAT:_SerialMarkOpen@4
  0027e	ff b6 a0 00 00
	00		 push	 DWORD PTR [esi+160]
  00284	ff 15 00 00 00
	00		 call	 DWORD PTR __imp__KeSynchronizeExecution@12

; 368  : 
; 369  :         Irp->IoStatus.Status = STATUS_SUCCESS;

  0028a	89 5f 18	 mov	 DWORD PTR [edi+24], ebx
$L14837:

; 370  : 
; 371  :     }
; 372  : 
; 373  :     //
; 374  :     // We have been marked open, so now the PnP state can change
; 375  :     //
; 376  : 
; 377  :     ExReleaseFastMutex(&extension->OpenMutex);

  0028d	8d 8e 34 05 00
	00		 lea	 ecx, DWORD PTR [esi+1332]
  00293	ff 15 00 00 00
	00		 call	 DWORD PTR __imp_@ExReleaseFastMutex@4

; 378  : 
; 379  :     localStatus = Irp->IoStatus.Status;

  00299	8b 47 18	 mov	 eax, DWORD PTR [edi+24]

; 380  :     Irp->IoStatus.Information=0L;

  0029c	89 5f 1c	 mov	 DWORD PTR [edi+28], ebx

; 381  : 
; 382  :     SerialDump(
; 383  :         SERIRPPATH,
; 384  :         ("SERIAL: Complete Irp: %x\n",Irp)
; 385  :         );
; 386  : 
; 387  :     if (!NT_SUCCESS(localStatus)) {

  0029f	3b c3		 cmp	 eax, ebx
  002a1	89 45 0c	 mov	 DWORD PTR _localStatus$[ebp], eax
  002a4	7d 23		 jge	 SHORT $L14843

; 388  :        if (extension->InterruptReadBuffer != NULL) {

  002a6	8b 86 e8 00 00
	00		 mov	 eax, DWORD PTR [esi+232]
  002ac	3b c3		 cmp	 eax, ebx
  002ae	74 0d		 je	 SHORT $L14845

; 389  :           ExFreePool(extension->InterruptReadBuffer);

  002b0	50		 push	 eax
  002b1	ff 15 00 00 00
	00		 call	 DWORD PTR __imp__ExFreePool@4

; 390  :           extension->InterruptReadBuffer = NULL;

  002b7	89 9e e8 00 00
	00		 mov	 DWORD PTR [esi+232], ebx
$L14845:

; 391  :        }
; 392  : 
; 393  :        InterlockedDecrement(&extension->OpenCount);

  002bd	8d 8e e8 04 00
	00		 lea	 ecx, DWORD PTR [esi+1256]
  002c3	ff 15 00 00 00
	00		 call	 DWORD PTR __imp_@InterlockedDecrement@4
$L14843:
  002c9	8b 5d 0c	 mov	 ebx, DWORD PTR _localStatus$[ebp]
$L15092:

; 394  :     }
; 395  : 
; 396  :     SerialCompleteRequest(extension, Irp, IO_NO_INCREMENT);

  002cc	32 d2		 xor	 dl, dl
  002ce	8b cf		 mov	 ecx, edi
  002d0	ff 15 00 00 00
	00		 call	 DWORD PTR __imp_@IofCompleteRequest@8
  002d6	56		 push	 esi
  002d7	e8 00 00 00 00	 call	 _SerialIRPEpilogue@4

; 397  : 
; 398  :     return localStatus;

  002dc	8b c3		 mov	 eax, ebx
  002de	5f		 pop	 edi
  002df	5b		 pop	 ebx
$L14791:
  002e0	5e		 pop	 esi

; 399  : 
; 400  : }

  002e1	c9		 leave
  002e2	c2 08 00	 ret	 8
_SerialCreateOpen@8 ENDP
PAGESRP0	ENDS
PUBLIC	_SerialDrainUART@8
EXTRN	__imp__KeDelayExecutionThread@12:NEAR
EXTRN	__imp__READ_PORT_UCHAR@4:NEAR
; Function compile flags: /Ogsy
;	COMDAT _SerialDrainUART@8
PAGESRP0	SEGMENT
_PDevExt$ = 8
_PDrainTime$ = 12
_SerialDrainUART@8 PROC NEAR				; COMDAT

; 405  : {

  00000	56		 push	 esi

; 406  :    PAGED_CODE();
; 407  : 
; 408  :    //
; 409  :    // Wait until all characters have been emptied out of the hardware.
; 410  :    //
; 411  : 
; 412  :    while ((READ_LINE_STATUS(PDevExt->Controller) &
; 413  :            (SERIAL_LSR_THRE | SERIAL_LSR_TEMT))
; 414  :            != (SERIAL_LSR_THRE | SERIAL_LSR_TEMT)) {

  00001	8b 74 24 08	 mov	 esi, DWORD PTR _PDevExt$[esp]
  00005	57		 push	 edi
  00006	8b 3d 00 00 00
	00		 mov	 edi, DWORD PTR __imp__READ_PORT_UCHAR@4
  0000c	eb 0e		 jmp	 SHORT $L15100
$L14854:

; 415  : 
; 416  :         KeDelayExecutionThread(KernelMode, FALSE, PDrainTime);

  0000e	ff 74 24 10	 push	 DWORD PTR _PDrainTime$[esp+4]
  00012	6a 00		 push	 0
  00014	6a 00		 push	 0
  00016	ff 15 00 00 00
	00		 call	 DWORD PTR __imp__KeDelayExecutionThread@12
$L15100:
  0001c	8b 86 98 00 00
	00		 mov	 eax, DWORD PTR [esi+152]
  00022	83 c0 05	 add	 eax, 5
  00025	50		 push	 eax
  00026	ff d7		 call	 edi
  00028	24 60		 and	 al, 96			; 00000060H
  0002a	3c 60		 cmp	 al, 96			; 00000060H
  0002c	75 e0		 jne	 SHORT $L14854
  0002e	5f		 pop	 edi
  0002f	5e		 pop	 esi

; 417  :     }
; 418  : }

  00030	c2 08 00	 ret	 8
_SerialDrainUART@8 ENDP
PAGESRP0	ENDS
PUBLIC	_SerialClose@8
PUBLIC	_SerialGetCharTime@4
PUBLIC	_SerialMarkClose@4
EXTRN	__imp__MmUnlockPagableImageSection@4:NEAR
EXTRN	__imp__KeWaitForSingleObject@20:NEAR
EXTRN	_SerialMarkHardwareBroken@4:NEAR
EXTRN	__imp__IoCancelIrp@4:NEAR
EXTRN	_SerialClrDTR@4:NEAR
EXTRN	_SerialClrRTS@4:NEAR
EXTRN	_SerialTurnOffBreak@4:NEAR
EXTRN	__allmul:NEAR
EXTRN	__imp__WRITE_PORT_UCHAR@8:NEAR
; Function compile flags: /Ogsy
;	COMDAT _SerialClose@8
PAGESER	SEGMENT
_DeviceObject$ = 8
_Irp$ = 12
_tenCharDelay$ = -28
_charTime$ = -20
_flushCount$ = -4
_SerialClose@8 PROC NEAR				; COMDAT

; 445  : {

  00000	55		 push	 ebp
  00001	8b ec		 mov	 ebp, esp
  00003	83 ec 1c	 sub	 esp, 28			; 0000001cH

; 446  : 
; 447  :     //
; 448  :     // This "timer value" is used to wait 10 character times
; 449  :     // after the hardware is empty before we actually "run down"
; 450  :     // all of the flow control/break junk.
; 451  :     //
; 452  :     LARGE_INTEGER tenCharDelay;
; 453  : 
; 454  :     //