Index
> Windows > Drivers for 98/2000Goto page Previous 1, 2, 3, 4, 5 Next |
| Author |
|
|
comrade 15 Sep 2003, 12:24
Cool, thanks. When you update on fasm homepage? Please include 'to' directive too (or anything you wish to rename it too).
 |
|||
15 Sep 2003, 12:24 |
|
|
comrade 15 Sep 2003, 18:44
I see you made 20h alignment for native portable executables, but is it possible to also add 'to' directive (output file) and 'align' directive in case I do not want standard alignment.
|
|||
|
15 Sep 2003, 18:44 |
|
|
comrade 15 Sep 2003, 18:53
I added to directive, but is it possible to make align directive? Attached edits from your latest package on flatassembler.net (I just downloaded).
|
|||||||||||
|
15 Sep 2003, 18:53 |
|
|
Tomasz Grysztar 15 Sep 2003, 19:03
Won't be just simpler to add auto generation of .sys extension to fasmw?
About the alignment: if you want to make such extension, you have to just modify the values under offsets 38h and 3Ch in PE header, which correspond to section and file alignment - note that when section alignment is less that 1000h, it must be equal to the file alignment (and Win32 seems to require file offsets of sections to be equal to their RVA addresses in such case, so I had to force fasm to do it this way). For the native PEs alignment is currently set in lines 758-759 of FORMATS.INC. BTW: If you manage to make some working KMD with fasm's PE formatter, could you post it here? |
|||
|
15 Sep 2003, 19:03 |
|
|
comrade 15 Sep 2003, 19:15
I am trying.
In school right now. Class over. |
|||
|
15 Sep 2003, 19:15 |
|
|
BiDark 16 Sep 2003, 14:37
Help me!
I have noticed that the code and data section in .sys files from Microsoft has 'not pageable' section characteristic, BTW I don't know why I've got the some symbol in the relocation's section name in my test  Last edited by BiDark on 17 Sep 2003, 07:15; edited 1 time in total |
|||
|
16 Sep 2003, 14:37 |
|
|
Tomasz Grysztar 16 Sep 2003, 20:28
I've fixed it and added the "nopageable" flag for section definitions - check out the updated 1.49 release.
|
|||
|
16 Sep 2003, 20:28 |
|
|
BiDark 17 Sep 2003, 07:06
Okey here it is!
The loader source is masm compatible (comes from Four-F's examples source and i'm lazy to convert it). There driver souce only is in Fasm format. I can't disable the OriginalThunk field (it's keep getting reboot if it doesn't exist), so I decide to write my own and set OriginalThunk=FirstThunk and mark the import section as 'notpageable' flag. Originally the IAT of Microsoft .sys (it's actually is the FirstThunk and named as '.rdata') is saparated to another section but I don't want that so combined to the import section. BTW, auto generate .sys when the 'DLL native format' is selected is a good idea, that makes the DLL and SYS differ each others
|
|||||||||||
|
17 Sep 2003, 07:06 |
|
|
Tomasz Grysztar 17 Sep 2003, 08:39
Thanks for the example.
Only very little change was needed in fasmw to generate sys extenstion for native DLLs. |
|||
|
17 Sep 2003, 08:39 |
|
|
Tomasz Grysztar 17 Sep 2003, 08:59
This is how the import sections should be done to be the same as in the original .sys files you're talking about:
Code: section '.rdata' readable notpageable data 12 ImportLookup: dd rva szRead_port_uc dd rva szWrite_port_uc dd rva szHalmakebeep dd 0 end data section 'INIT' import readable notpageable dd rva ImportLookup dd 0 dd 0 dd rva szHal_dll dd rva ImportAddress times 5 dd 0 ImportAddress: imp_READ_PORT_UCHAR dd rva szRead_port_uc imp_WRITE_PORT_UCHAR dd rva szWrite_port_uc imp_HalMakeBeep dd rva szHalmakebeep szHalmakebeep dw 0 db 'HalMakeBeep',0 szRead_port_uc dw 0 db 'READ_PORT_UCHAR',0 szWrite_port_uc dw 0 db 'WRITE_PORT_UCHAR',0 szHal_dll db 'HAL.dll',0 You can also use "data import" in order to combine those two resources into one section. With some macros it would be easier to maintain, you can try to modify standard import macros to generate the structures as above. |
|||
|
17 Sep 2003, 08:59 |
|
|
BiDark 17 Sep 2003, 11:05
That's why I had combine the two into one section (INIT section) and set it to share the same thunk table (may save some space? the system memory for the drivers is expensive?).
Okey, modified it already, thanks. |
|||
|
17 Sep 2003, 11:05 |
|
|
comrade 22 Sep 2003, 02:45
I tried, but I think its still wrong .sys
 |
|||
|
22 Sep 2003, 02:45 |
|
|
Tomasz Grysztar 22 Sep 2003, 07:57
Details?
|
|||
|
22 Sep 2003, 07:57 |
|
|
Kevin_Zheng 22 Sep 2003, 12:30
Hi,Privalov:
I found must present the 'reloc' section, the sys file is OK. Please see the belowing code: Code: format PE DLL native 4.0 at 10000h entry main include '%include%\win32a.inc' section '.text' code readable executable notpageable proc MakeBeep1,dwPitch enter cli mov al,0B6h out 43h,al mov eax,[dwPitch] out 42h,al mov al,ah out 42h,al in al,61h or al,3 out 61h,al sti mov eax,1800000h .delay_loop: dec eax or eax,eax jnz .delay_loop cli in al,61h and al,0FCh out 61h,al sti return proc MakeBeep2,dwPitch enter cli push 0B6h push 43h call [imp_WRITE_PORT_UCHAR] mov eax,[dwPitch] push 0 movzx ax,al push ax push 42h call [imp_WRITE_PORT_UCHAR] mov eax,[dwPitch] push 0 mov al,ah movzx ax,al push ax push 42h call [imp_WRITE_PORT_UCHAR] push 61h call [imp_READ_PORT_UCHAR] or al,3 push 0 movzx ax,al push ax push 61h call [imp_WRITE_PORT_UCHAR] sti mov eax,1800000h .delay_loop: dec eax or eax,eax jnz .delay_loop cli push 61h call [imp_READ_PORT_UCHAR] and al,0FCh push 0 movzx ax,al push ax push 61h call [imp_WRITE_PORT_UCHAR] sti return proc main,pDriverObject,pDriverPath enter push 474h call MakeBeep1 push 389h call MakeBeep2 push 620h call [imp_HalMakeBeep] mov eax,1800000h .delay_loop: dec eax or eax,eax jnz .delay_loop push 0 call [imp_HalMakeBeep] mov eax,0C0000182h return section '.rdata' readable notpageable data 12 ImportLookup: dd rva szRead_port_uc dd rva szWrite_port_uc dd rva szHalmakebeep dd 0 end data section 'INIT' import readable notpageable dd rva ImportLookup dd 0 dd 0 dd rva szHal_dll dd rva ImportAddress times 5 dd 0 ImportAddress: imp_READ_PORT_UCHAR dd rva szRead_port_uc imp_WRITE_PORT_UCHAR dd rva szWrite_port_uc imp_HalMakeBeep dd rva szHalmakebeep szHalmakebeep dw 0 db 'HalMakeBeep',0 szRead_port_uc dw 0 db 'READ_PORT_UCHAR',0 szWrite_port_uc dw 0 db 'WRITE_PORT_UCHAR',0 szHal_dll db 'HAL.dll',0 section '.reloc' data fixups readable discardable And others, I have collect all the files, please used the build.bat for building all the files.
|
|||||||||||
|
22 Sep 2003, 12:30 |
|
|
Tomasz Grysztar 22 Sep 2003, 13:56
Yes, of course it must contain the fixups - it was already discussed here (and BiDark's example has the relocation section).
|
|||
|
22 Sep 2003, 13:56 |
|
|
BiDark 25 Sep 2003, 04:10
Ah..., I found out that when specified 'PE native' alone it doesn't produce .sys format. I have put 'DLL' by accident sorry hehe, so whether it have the 'DLL' flag or not it should produce .sys file (becuase the original doesn't have 'DLL' flag specified in File Header.
And others, If you have troble with 'Unable to load the driver' message, try this. Goto HKLM\System\ControlSet001\Service and find the 'beeper' entry, delete it and restart the machine. |
|||
|
25 Sep 2003, 04:10 |
|
|
Tomasz Grysztar 25 Sep 2003, 09:09
BiDark wrote: Ah..., I found out that when specified 'PE native' alone it doesn't produce .sys format. It does. Or maybe do you mean that the .sys extension is not generated by FASMW in that case? |
|||
|
25 Sep 2003, 09:09 |
|
|
BiDark 25 Sep 2003, 10:46
Privalov wrote:
Yes, FASMW doesn't generates .sys extension when specified the 'PE native' format without the 'DLL' flag, It generates .exe insteed. It should generates .sys in this case, sorry about my english hehe. |
|||
|
25 Sep 2003, 10:46 |
|
|
comrade 15 Oct 2003, 04:01
Code: data 12 ImportLookup: dd rva szRead_port_uc dd rva szWrite_port_uc dd rva szHalmakebeep dd 0 end data What does data do? |
|||
|
15 Oct 2003, 04:01 |
|
| Goto page Previous 1, 2, 3, 4, 5 Next < Last Thread | Next Thread > |
Forum Rules:
|