📄 ntldr其他相关函数分析.mht
字号:
[_IDTregister] ; =B1=A3=B4=E6IDT<SPAN style=3D"DISPLAY: =
none"> wg=1Av=16]=1AO@,=20
</SPAN> <BR> push [saveDS] =
;=20
push this so we can get to it later<SPAN style=3D"DISPLAY: none">=20
r\eX8u&(]I </SPAN> <BR> mov =20
ax,SuDataSelector<SPAN style=3D"DISPLAY: none"> <1G =
=17_rV=10<=20
</SPAN> <BR> mov es,ax<SPAN=20
style=3D"DISPLAY: none"> ar=18S=12MF{O </SPAN> <BR> =
mov =20
fs,ax<SPAN style=3D"DISPLAY: none"> U=11\~k;k=14~!=20
</SPAN> <BR> mov gs,ax<SPAN=20
style=3D"DISPLAY: none"> !qYJ:|,=1E*+ </SPAN> <BR><SPAN=20
style=3D"DISPLAY: none">v<h@5=143=1Cw </SPAN> <BR> =
mov=20
eax,cr0 ;=C7=D0=BB=BB<SPAN style=3D"DISPLAY: =
none"> v)7=07_zD=110}=20
</SPAN> <BR> and eax, not =
(ENABLE_PAGING +=20
PROT_MODE)<SPAN style=3D"DISPLAY: none"> WP^=14. CGEk =
</SPAN> <BR> =20
mov cr0,eax<SPAN style=3D"DISPLAY: none"> y =
f=17lO}=04=20
</SPAN> <BR><SPAN style=3D"DISPLAY: none">'#0]4s=1C=06>~=20
</SPAN> <BR>;<SPAN style=3D"DISPLAY: none"> =
=03MSJ=08z=18O=1F=03=20
</SPAN> <BR>; flush the pipeline<SPAN style=3D"DISPLAY: =
none"> D=1DC=07=1FD=20
H|i </SPAN> <BR>;<SPAN style=3D"DISPLAY: none"> =
[&O:_s^p=3Dk=20
</SPAN> <BR> jmp far ptr here<SPAN=20
style=3D"DISPLAY: none"> `=12H0=1B'cG8=14 =
</SPAN> <BR>here:<SPAN=20
style=3D"DISPLAY: none"> j Uz=18Yk{b5 </SPAN> <BR>;<SPAN=20
style=3D"DISPLAY: none"> =12O$\'B=13 ub </SPAN> <BR>; =
=CB=A2=D0=C2 TLB=A3=A8=B8=DF=CB=D9=BB=BA=B4=E6=A3=A9<SPAN=20
style=3D"DISPLAY: none"> =02WbR|p=12=08F </SPAN> <BR>;=20
=
=B8=DF=CB=D9=BB=BA=B4=E6=B5=C4=CB=A2=D0=C2=CD=A8=B9=FD=D7=B0=C8=EB=B4=A6=C0=
=ED=C6=F7=BF=D8=D6=C6=BC=C4=B4=E6=C6=F7CR3=CD=EA=B3=C9<SPAN =
style=3D"DISPLAY: none"> +l=07 Vv=071u]=20
</SPAN> <BR>;<SPAN style=3D"DISPLAY: none"> /AQV=06J^=06!A=20
</SPAN> <BR>; =D6=B1=B5=BD=D4=DA =
osLoader=20
=
=D6=D0=D2=B3=C4=BF=C2=BC=B1=BB=B7=D6=C5=E4=A3=AC=CE=D2=C3=C7=B2=BB=D6=AA=B5=
=C0=CB=FB=D4=DA=C4=C4=C0=EF=A3=AC=CB=F9=D2=D4=CE=D2=C3=C7=B2=BB=CF=EB=C7=E5=
=B3=FD CR3=A3=AC=B5=AB=CA=C7=CE=D2=C3=C7=BF=C9<SPAN style=3D"DISPLAY: =
none">=20
Tc!=10=14V;=114E </SPAN> <BR>; =
=D2=D4=CB=A2=D0=C2 TLB<SPAN=20
style=3D"DISPLAY: none"> IEV=17=12&s=1DH~ </SPAN> <BR>; =
=20
=
=B4=FA=C2=EB=B5=C4=D7=A2=CA=CD=CE=D2=C3=BB=D3=D0=BF=B4=C3=F7=B0=D7=A3=
=AC=B2=BB=D6=AA=B5=C0=CE=AA=CA=B2=C3=B4=D4=DA=D5=E2=C0=EF=CC=ED=BC=D3=C1=CB=
=BC=B8=CC=F5=BF=D5=D6=B8=C1=EE=A3=AC=D2=F2=CE=AA=CB=A2=D0=C2=B8=DF=CB=D9=BB=
=BA=B4=E6=D6=BB=D0=E8=D2=AA<SPAN=20
style=3D"DISPLAY: none"> u`83=19#(=10+` </SPAN> <BR>; =
=20
=D6=B4=D0=D0=C8=E7=CF=C2=D6=B8=C1=EE=BC=B4=BF=C9=A3=BA<SPAN =
style=3D"DISPLAY: none"> tP=12=06 }W=19q=10 </SPAN> <BR>; =20
mov eax,cr3<SPAN =
style=3D"DISPLAY: none">=20
,=16=0FH i=05%=10 </SPAN> <BR>; =
mov=20
cr3,eax<SPAN style=3D"DISPLAY: none"> A%A_ !O8Te =
</SPAN> <BR>; =20
=
=C8=E7=B9=FB=C4=E3=D6=AA=B5=C0=C7=EB=C1=AA=CF=B5=CE=D2=A3=A8<A=20
=
href=3D"mailto:zl21_spawn@163.com">zl21_spawn@163.com</A>=A3=A9<SPAN=20
style=3D"DISPLAY: none"> -2*`=11`=13}=04=04 </SPAN> <BR><SPAN =
style=3D"DISPLAY: none">OyF=1Az=17?V=1CM </SPAN> <BR> =
mov =20
eax,cr3<SPAN style=3D"DISPLAY: none"> "=1BHg9ca=070 =
</SPAN> <BR><SPAN=20
style=3D"DISPLAY: none">=1E=0E=19=1B9?0=06h=15 =
</SPAN> <BR> nop =20
; Fill - =
Ensure 13=20
non-page split<SPAN style=3D"DISPLAY: none"> SURo)w=04c~=01=20
</SPAN> <BR> nop =
=20
; accesses before CR3 load<SPAN=20
style=3D"DISPLAY: none"> >&+G5E=13/s =
</SPAN> <BR> nop=20
; =
(P6=20
errata #11 stepping B0)<SPAN style=3D"DISPLAY: none"> !S 86tn=04(=20
</SPAN> <BR> nop<SPAN style=3D"DISPLAY: none">=20
<=01t\|y5P=08x </SPAN> <BR><SPAN style=3D"DISPLAY: =
none">xM=14{4"y][=20
</SPAN> <BR> mov cr3,eax<SPAN=20
style=3D"DISPLAY: none"> :aLuV>=1BmQ2 </SPAN> <BR>;<SPAN=20
style=3D"DISPLAY: none"> >hlL=15=1A=179{% </SPAN> <BR>; =
=C7=D0=BB=BB=B5=BD=CA=B5=C4=A3=CA=BD=D1=B0=D6=B7<SPAN=20
style=3D"DISPLAY: none"> v4*LDF[Rrx </SPAN> <BR>;<SPAN=20
style=3D"DISPLAY: none"> =1EG"u=04vCi] </SPAN> <BR>;=20
=
=CF=C2=C3=E6=D5=E2=B6=CE=B4=FA=C2=EB=CA=C7=CA=B9=D3=C3=C1=CBOpCode=A3=AC=CB=
=FB=B5=C4=CE=B1=D6=B8=C1=EE=CA=C7=A3=BA<SPAN style=3D"DISPLAY: none"> =
:ye=11/ l2=01=20
</SPAN> <BR>; jmp 020000h,offset rmode<SPAN style=3D"DISPLAY: =
none">=20
=16=06\Z~=04=167Ls </SPAN> <BR>; =
=D5=E2=CC=F5=D6=B8=C1=EE=B5=C4=D7=F7=D3=C3=D3=D0=B6=FE=A3=BA<SPAN =
style=3D"DISPLAY: none">=20
=053=15%=0E9Lja=07 </SPAN> <BR>; =
=D2=BB=B7=BD=C3=E6=C7=E5=D6=B8=C1=EE=D4=A4=C8=A1=B6=D3=C1=D0=A3=AC=C1=ED=D2=
=BB=B7=BD=C3=E6=B0=D1=CA=B5=C4=A3=CA=BD=CF=C2=B4=FA=C2=EB=B6=CE=B5=C4=B6=CE=
=D6=B5=CB=CDCS<SPAN=20
style=3D"DISPLAY: none"> O=1E=19#??Q j5 </SPAN> <BR>;=20
=
=D6=C1=D3=DA=CE=AA=CA=B2=C3=B4=CA=B9=D3=C3OpCode,=B6=F8=C3=BB=D3=D0=CA=B9=
=D3=C3=CE=B1=D6=B8=C1=EE=A3=AC=CE=D2=B2=BB=C7=E5=B3=FE=A3=AC=C8=E7=B9=FB=C4=
=E3=D6=AA=B5=C0=A3=AC=C7=EB=C1=AA=CF=B5=CE=D2=A3=A8<A=20
=
href=3D"mailto:zl21_spawn@163.com">zl21_spawn@163.com</A>=A3=A9<SPAN=20
style=3D"DISPLAY: none"> (3x\J=1FdTD_ </SPAN> <BR> =
db =20
0EAh ; JMP FAR =
PTR<SPAN=20
style=3D"DISPLAY: none"> uBT]Xl=12]C{ </SPAN> <BR> =
dw =20
offset _TEXT:rmode ; 2000:rmode<SPAN=20
style=3D"DISPLAY: none"> =0E=1DgK0 & d=05 =
</SPAN> <BR> dw=20
02000h<SPAN style=3D"DISPLAY: none"> /ERYipbDv;=20
</SPAN> <BR>rmode:<SPAN style=3D"DISPLAY: none"> =
#~6Y=14moK|=11=20
</SPAN> <BR> pop ax =
;SaveDS<SPAN=20
style=3D"DISPLAY: none"> IVl0M=1A=1Dlb4 </SPAN> <BR> =
mov=20
ds,ax<SPAN style=3D"DISPLAY: none"> ova%Gs-=15C!=20
</SPAN> <BR> mov ss,ax<SPAN=20
style=3D"DISPLAY: none"> =18l'C3r L"^ </SPAN> <BR>;<SPAN=20
style=3D"DISPLAY: none"> f=1AVR6=1E=3D|=18+ </SPAN> <BR>; =
=CE=AA=CA=B5=C4=A3=CA=BD=B1=EA=BC=C7 video =D6=B8=D5=EB<SPAN=20
style=3D"DISPLAY: none"> qCg_=18#=1E=01fC </SPAN> <BR>;<SPAN=20
style=3D"DISPLAY: none"> AjFdCbmB=1CA </SPAN> <BR> =
mov=20
si,offset _ScreenStart<SPAN style=3D"DISPLAY: none"> =
q=11~>}=07 [U=20
</SPAN> <BR> mov word ptr =
[si+2],0b800h<SPAN=20
style=3D"DISPLAY: none"> 'B=3DC9=01 =02: </SPAN> <BR> =
mov =20
si,offset _vp<SPAN style=3D"DISPLAY: none"> =08^K=17=13:w *=20
</SPAN> <BR> mov word ptr =
[si+2],0b800h<SPAN=20
style=3D"DISPLAY: none"> =15=1F=1F>=18=04m*J =
</SPAN> <BR>;<SPAN=20
style=3D"DISPLAY: none"> V%=17o=190UM(=12 </SPAN> <BR>; =
=BC=D3=D4=D8IDT<SPAN=20
style=3D"DISPLAY: none"> WZ=1DH%bXxv+ </SPAN> <BR> =
lidt=20
fword ptr [_IDTregisterZero]<SPAN style=3D"DISPLAY: none"> =
"YD=14$=1A=10`/=05=20
</SPAN> <BR>;<SPAN style=3D"DISPLAY: none"> =15Lg{`/f=1Am9=20
</SPAN> <BR>; =BF=AA=D6=D0=B6=CF<SPAN style=3D"DISPLAY: =
none"> |2[Uj#{=03k=01=20
</SPAN> <BR> sti<SPAN style=3D"DISPLAY: none"> =
=0F]r7=1A2\*I=20
</SPAN> <BR> ret<SPAN style=3D"DISPLAY: none"> =
5R9=182H9=11=08=17=20
</SPAN> <BR>_RealMode endp<SPAN style=3D"DISPLAY: none"> r =
zbsD;Z]=15=20
</SPAN> <BR><SPAN style=3D"DISPLAY: none">,=1BC)8E=1B5L=20
=
</SPAN> <BR>_EnableProtectPaging=BA=AF=CA=FD=B7=D6=CE=F6=A3=BA<SPAN =
style=3D"DISPLAY: none">=20
@Q=16=15I>Y=08.Q=20
=
</SPAN> <BR>=B8=C3=BA=AF=CA=FD=B5=C4=CF=EA=CF=B8=B7=D6=CE=F6=CE=D2=B2=
=BB=D4=D9=BD=E9=C9=DC=A3=AC=C4=E3=BF=C9=D2=D4=B2=CE=BF=BC_RealMode=BA=AF=CA=
=FD=B7=D6=CE=F6=D2=BB=BD=DA=A3=AC=B4=F3=B2=BF=B7=D6=CA=C7_RealMode=BA=AF=CA=
=FD=B5=C4=B7=B4=CF=F2=B2=D9=D7=F7=A3=AC<SPAN=20
style=3D"DISPLAY: none"> 3G~@~6y%-P =
</SPAN> <BR>=C4=E3=BF=C9=D2=D4=B2=CE=D5=D5=B2=CE=BF=BC=D7=CA=C1=CF=A1=
=B6=B1=A3=BB=A4=C4=A3=CA=BD=B1=E0=B3=CC=A1=B7<SPAN=20
style=3D"DISPLAY: none"> oEp=04nm=1ED{+ </SPAN> <BR>;++<SPAN=20
style=3D"DISPLAY: none"> pP-~A"uTAI </SPAN> <BR>;=20
_EnableProtectPaging<SPAN style=3D"DISPLAY: none"> =
p!zBP=05=01=05/K=20
</SPAN> <BR>;<SPAN style=3D"DISPLAY: none"> =
V=04D&=16H@c"=02=20
</SPAN> <BR>; =BC=D3=D4=D8 386 =
=B1=A3=BB=A4=C4=A3=CA=BD=BC=C4=B4=E6=C6=F7.<SPAN style=3D"DISPLAY: =
none"> =08Y0iE=12=07F:Z=20
</SPAN> <BR>; =BC=D3=D4=D8=B7=D6=D2=B3=BC=C4=B4=E6=C6=F7<SPAN =
style=3D"DISPLAY: none"> ojE=13 7K=06~=20
</SPAN> <BR>;<SPAN style=3D"DISPLAY: none"> eX =04}!yoa=02=20
</SPAN> <BR>;--<SPAN style=3D"DISPLAY: none"> ^v%W7FAgm=12=20
</SPAN> <BR><SPAN style=3D"DISPLAY: =
none">=0E}$!x%=0E&=05=17=20
</SPAN> <BR>public _EnableProtectPaging<SPAN =
style=3D"DISPLAY: none">=20
*=17 =1D=18G=11?z% </SPAN> <BR>_EnableProtectPaging proc =
near<SPAN=20
style=3D"DISPLAY: none"> 9=1DE;lnWRn6 </SPAN> <BR>;<SPAN=20
style=3D"DISPLAY: none"> Edr@=0Fbj@7# </SPAN> <BR>; Sanitize =
ES and GS=20
and clean out any junk in the upper 16bits<SPAN style=3D"DISPLAY: =
none">=20
=0E=1A{$y=0F`1 g </SPAN> <BR>; of the flags that may have =
been left by the=20
bios, before we go protected<SPAN style=3D"DISPLAY: none"> =
Hx]+=12F=14H*=19=20
</SPAN> <BR>;<SPAN style=3D"DISPLAY: none"> $dL=13,vRwHQ=20
</SPAN> <BR> push dword ptr 0<SPAN=20
style=3D"DISPLAY: none"> =18/a x}aX"w </SPAN> <BR> =
=20
popfd<SPAN style=3D"DISPLAY: none"> =0E=07j1s` tv- =
</SPAN> <BR> =20
mov bx,sp<SPAN style=3D"DISPLAY: none"> =
sjxSX:=17@5a=20
</SPAN> <BR> mov dx,[bx+2] ; are =
we=20
enabling prot/paging for the first time?<SPAN style=3D"DISPLAY: =
none"> Xj=20
Y=01=05 Qq=3D </SPAN> <BR> xor =
ax,ax<SPAN=20
style=3D"DISPLAY: none"> "HK{i9+=03'=17 </SPAN> <BR> =
mov=20
gs,ax<SPAN style=3D"DISPLAY: none"> iV=14~V"=1EV"=20
</SPAN> <BR> mov es,ax<SPAN=20
style=3D"DISPLAY: none"> *A> Ki's=04 </SPAN> <BR><SPAN=20
style=3D"DISPLAY: none">=04VlcxI es </SPAN> <BR><SPAN=20
style=3D"DISPLAY: none">=3Ds+=05[=16)}g> =
</SPAN> <BR>;<SPAN=20
style=3D"DISPLAY: none"> {PS[BeP=08mg </SPAN> <BR>; FS must =
contain the=20
selector of the PCR when we call the kernel<SPAN style=3D"DISPLAY: =
none">=20
=16!=01c=1F>d =03 </SPAN> <BR>;<SPAN style=3D"DISPLAY: =
none"> Y=12;5=15=181b>=05=20
</SPAN> <BR> push PCR_Selector<SPAN=20
style=3D"DISPLAY: none"> /f|a9=3DN_R=08 </SPAN> <BR> =
pop=20
fs<SPAN style=3D"DISPLAY: none"> =02sJ`wAa{=12v =
</SPAN> <BR>;<SPAN=20
style=3D"DISPLAY: none"> =3Dz8xZDT=18=1D=19 </SPAN> <BR>; =
Load the gdtr and=20
idtr.<SPAN style=3D"DISPLAY: none"> CX l`J/m=03l =
</SPAN> <BR>; We disable=20
interrupts here since we can't handle interrups with the<SPAN=20
style=3D"DISPLAY: none"> =15S=15Sj=1Bj}=18f </SPAN> <BR>; idt =
loaded while were=20
in real mode and before we switch to protmode.<SPAN =
style=3D"DISPLAY: none">=20
7 Ke; k=030=0E </SPAN> <BR><SPAN style=3D"DISPLAY: =
none">_=17=0F=05mP}E=14=20
</SPAN> <BR> cli<SPAN style=3D"DISPLAY: none"> =
vz0u]iVZ=12=01=20
</SPAN> <BR> lgdt fword ptr =
[_GDTregister]<SPAN=20
style=3D"DISPLAY: none"> M =04eLl%GVB </SPAN> <BR> =
lidt=20
fword ptr [_IDTregister]<SPAN style=3D"DISPLAY: none"> =
=07=14D<PIk \2=20
</SPAN> <BR><SPAN style=3D"DISPLAY: none">=17seiyy=11RtS=20
</SPAN> <BR><SPAN style=3D"DISPLAY: none">=13=15A =
=0F=10=16qU`=20
</SPAN> <BR>;<SPAN style=3D"DISPLAY: none"> =
=06e4<e%=1D=05L=20
</SPAN> <BR>; We have to stamp the segment portion of any =
real-mode=20
far pointer with<SPAN style=3D"DISPLAY: none"> $@50"c78Bv =
</SPAN> <BR>;=20
the corresponding selector values before we go protected.<SPAN=20
style=3D"DISPLAY: none"> K7=13."~7=19 P </SPAN> <BR>;<SPAN=20
style=3D"DISPLAY: none"> =1D~1P=17C\.G> </SPAN> <BR> =
mov=20
si,offset _ScreenStart<SPAN style=3D"DISPLAY: none"> =
.,'=20
a#o$=19h </SPAN> <BR> mov word ptr =
[si+2],VideoSelector<SPAN style=3D"DISPLAY: none"> I 2=3D "4L`=20
</SPAN> <BR> mov si,offset =
_vp<SPAN=20
style=3D"DISPLAY: none"> QI=1CkT=06R{F? </SPAN> <BR> =
mov=20
word ptr [si+2],VideoSelector<SPAN style=3D"DISPLAY: =
none">=20
)=10W=0E.=1Ds(=1A@ </SPAN> <BR><SPAN style=3D"DISPLAY: =
none">XP"?s=15tw=1A'=20
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -