setupldr源代码分析加载drvmain.sdb和查询winnt.sif中的data节的EMSPort的值和显示蓝底白字Windows Setup
setupldr源代码分析加载drvmain.sdb和查询winnt.sif中的data节的EMSPort的值和显示蓝底白字Windows Setup
setupldr源代码分析加载drvmain.sdb和查询winnt.sif中的data节的EMSPort的值和显示蓝底白字Windows Setup
//
// Let the kernel deal with failure to load this driver database.
//
BlLoaderBlock->Extension->DrvDBImage = NULL;
BlLoaderBlock->Extension->DrvDBSize = 0;
DrvMainSdb.Buffer = DRIVER_DATABASE_FILENAME;
DrvMainSdb.MaximumLength = sizeof(DRIVER_DATABASE_FILENAME); // MaxLength is size of buffer
DrvMainSdb.Length = sizeof(DRIVER_DATABASE_FILENAME) - sizeof(WCHAR); // Length does not include \0
BlLoadDrvDB( BootDeviceId,
NULL, // BlFindMessage(SL_DRVMAINSDB_NAME),
BootPath,
&DrvMainSdb,
&BlLoaderBlock->Extension->DrvDBImage,
&BlLoaderBlock->Extension->DrvDBSize,
BadFileName);
kd> kc
#
00 setupldr!BlLoadFileImage
01 setupldr!SlInit
02 setupldr!BlStartup
03 setupldr!NtProcessStartup
WARNING: Frame IP not in any known module. Following frames may be wrong.
04 0x0
05 0x0
kd> dv
DeviceId = 0xa
DeviceName = 0x00000000 ""
Directory = 0x8021cb48 "\I386\"
FileName = 0x00060d9c "drvmain.sdb"
MemoryType = LoaderRegistryData (0n19)
Image = 0x8007709c
ImageSize = 0x800770a0
BadFileName = 0x00348298 ""
size = 0
actualBase = 0x8021cb48
sizeRead = 8
infName = char [256] ""
fileId = 0x60d9c
fileInfo = struct _FILE_INFORMATION
//
// Get the fully qualified name for the file being loaded.
//
sprintf(&infName[0], "%s%wZ", Directory, FileName);
kd> dv infName
infName = char [256] "\I386\drvmain.sdb"
//
// Display the name of file being loaded.
//
BlOutputLoadMessage(DeviceName, infName, NULL);
//
// Open the file.
//
status = BlOpen(DeviceId, infName, ArcOpenReadOnly, &fileId);
if (status == ESUCCESS) {
BlUpdateBootStatus();
//
// Find out size of INF file.
//
status = BlGetFileInformation(fileId, &fileInfo);
if (status == ESUCCESS) {
kd> dv fileInfo
fileInfo = struct _FILE_INFORMATION
kd> dx -r1 (*((setupldr!_FILE_INFORMATION *)0x60b4c))
(*((setupldr!_FILE_INFORMATION *)0x60b4c)) [Type: _FILE_INFORMATION]
[+0x000] StartingAddress : {0} [Type: _LARGE_INTEGER]
[+0x008] EndingAddress : {12050} [Type: _LARGE_INTEGER]
[+0x010] CurrentPosition : {0} [Type: _LARGE_INTEGER]
[+0x018] Type : ArcSystem (0) [Type: _CONFIGURATION_TYPE]
[+0x01c] FileNameLength : 0xb [Type: unsigned long]
[+0x020] Attributes : 0x1 [Type: unsigned char]
[+0x021] FileName : "drvmain.sdb" [Type: char [32]]
pageCount = (ULONG)(ROUND_TO_PAGES(size) >> PAGE_SHIFT);
status = BlAllocateDescriptor( MemoryType, // Descriptor gets reclaimed by MM.
0,
pageCount,
&actualBase);
if (status == ESUCCESS) {
buffer = (PCHAR)(KSEG0_BASE | (actualBase << PAGE_SHIFT));
//
// Read the file in.
//
status = BlRead(fileId, buffer, size, &sizeRead);
if (status == ESUCCESS) {
//
// If the file was successfully read, return the
// desired parameters.
//
if (Image) {
*Image = buffer;
}
if (ImageSize) {
*ImageSize = sizeRead;
}
}
kd> dv
DeviceId = 0xa
DeviceName = 0x00002f12 "
FileName = 0x00000000
MemoryType = LoaderRegistryData (0n19)
Image = 0x8007709c
ImageSize = 0x800770a0
BadFileName = 0x00348298 ""
size = 0x2f12
actualBase = 0xc
sizeRead = 0x2f12
infName = char [256] "\I386\drvmain.sdb"
fileId = 0
fileInfo = struct _FILE_INFORMATION
kd> dx -r1 ((setupldr!void * *)0x8007709c)
((setupldr!void * *)0x8007709c) : 0x8007709c [Type: void * *]
0x8000c000 [Type: void *]
kd> db 0x8000c000
8000c000 02 00 00 00 12 ad 03 00-73 64 62 66 02 78 fe 05 ........sdbf.x..
8000c010 00 00 03 78 d8 02 00 00-02 38 07 70 03 38 01 60 ...x.....8.p.8.`
8000c020 16 40 01 00 00 00 01 98-c4 02 00 00 2e 54 41 44 .@...........TAD
8000c030 4d 4d 34 30 42 06 00 00-43 49 51 48 43 52 41 30 MM40B...CIQHCRA0
8000c040 92 06 00 00 45 50 41 54-54 4c 44 30 e2 06 00 00 ....EPATTLD0....
8000c050 49 51 4d 42 41 58 45 30-32 07 00 00 45 54 59 42 IQMBAXE02...ETYB
8000c060 41 58 45 30 82 07 00 00-49 51 4d 44 4e 41 54 30 AXE0....IQMDNAT0
8000c070 22 08 00 00 43 49 51 44-4e 41 54 30 72 08 00 00 "...CIQDNAT0r...
kd> db 0x8000c000+80
8000c080 43 49 51 47 4e 41 57 30-c2 08 00 00 4b 32 4c 54 CIQGNAW0....K2LT
8000c090 43 4e 49 41 62 09 00 00-2e 4c 32 4b 4e 45 4c 41 CNIAb....L2KNELA
8000c0a0 ca 09 00 00 2e 55 32 4b-4e 45 4c 41 32 0a 00 00 .....U2KNELA2...
8000c0b0 2e 52 54 4c 49 46 50 41-9a 0a 00 00 56 52 44 4b .RTLIFPA....VRDK
8000c0c0 43 41 4c 42 02 0b 00 00-2e 44 53 56 34 52 44 43 CALB.....DSV4RDC
8000c0d0 52 0b 00 00 2e 4b 32 5f-34 52 44 43 b0 0b 00 00 R....K2_4RDC....
8000c0e0 4b 32 57 4c 41 52 44 43-0e 0c 00 00 59 53 2e 46 K2WLARDC....YS.F
8000c0f0 44 55 44 43 76 0c 00 00-52 54 46 43 46 51 50 43 DUDCv...RTFCFQPC
kd> db 0x8000c000+80*2
8000c100 ae 0d 00 00 00 53 59 53-2e 45 4e 44 16 0e 00 00 .....SYS.END....
8000c110 2e 30 30 30 32 45 4e 44-66 0e 00 00 4b 53 44 42 .0002ENDf...KSDB
8000c120 53 55 50 45 b6 0e 00 00-2e 41 52 45 53 49 54 45 SUPE.....ARESITE
8000c130 1e 0f 00 00 4e 45 52 45-53 49 54 45 6e 0f 00 00 ....NERESITEn...
8000c140 44 50 52 45 53 49 54 45-be 0f 00 00 59 53 2e 4e DPRESITE....YS.N
8000c150 41 49 56 45 0e 10 00 00-59 53 2e 53 46 49 58 45 AIVE....YS.SFIXE
8000c160 76 10 00 00 2e 56 52 53-57 4e 50 46 da 10 00 00 v....VRSWNPF....
8000c170 48 43 4e 49 46 4c 41 48-42 11 00 00 32 42 53 55 HCNIFLAHB...2BSU
kd> db 0x8000c000+80*3
8000c180 5f 49 50 48 92 11 00 00-52 54 4c 46 5f 4f 4e 49 _IPH....RTLF_ONI
8000c190 fa 11 00 00 2e 4b 53 49-44 4d 4f 49 5e 12 00 00 .....KSIDMOI^...
8000c1a0 58 45 54 4c 46 50 53 4d-c2 12 00 00 31 4c 32 50 XETLFPSM....1L2P
8000c1b0 42 53 55 4d 2a 13 00 00-31 55 32 50 42 53 55 4d BSUM*...1U2PBSUM
8000c1c0 92 13 00 00 44 49 48 46-4d 43 45 4e fa 13 00 00 ....DIHFMCEN....
8000c1d0 2e 34 39 33 31 50 49 4e-62 14 00 00 53 2e 35 4e .4931PINb...S.5N
8000c1e0 41 4d 54 4f ca 14 00 00-53 2e 56 52 44 56 41 50 AMTO....S.VRDVAP
8000c1f0 32 15 00 00 44 52 51 45-53 54 52 50 82 15 00 00 2...DRQESTRP....
kd> db 0x8000c000+80*4
8000c200 53 2e 30 33 36 38 56 50-e0 15 00 00 2e 54 50 4f S.0368VP.....TPO
8000c210 49 53 43 53 48 16 00 00-2e 4c 4b 32 41 43 44 53 ISCSH....LK2ACDS
8000c220 98 16 00 00 2e 55 4b 32-41 43 44 53 00 17 00 00 .....UK2ACDS....
8000c230 4c 54 53 56 45 44 44 53-68 17 00 00 55 54 53 56 LTSVEDDSh...UTSV
8000c240 45 44 44 53 d0 17 00 00-52 45 56 49 52 44 44 53 EDDS....REVIRDDS
8000c250 38 18 00 00 34 39 33 31-59 4e 4f 53 88 18 00 00 8...4931YNOS....
8000c260 2e 58 44 53 59 4e 4f 53-d4 18 00 00 53 59 53 2e .XDSYNOS....SYS.
8000c270 50 45 54 53 24 19 00 00-54 4e 45 56 45 4d 59 53 PETS$...TNEVEMYS
kd> db 0x8000c000+80*5
8000c280 70 19 00 00 2e 49 50 41-54 41 52 54 c0 19 00 00 p....IPATART....
8000c290 53 2e 49 53 43 53 52 54-10 1a 00 00 52 44 41 45 S.ISCSRT....RDAE
8000c2a0 52 46 44 55 60 1a 00 00-53 2e 32 57 32 33 41 56 RFDU`...S.2W23AV
8000c2b0 98 1b 00 00 54 4e 41 54-41 44 53 56 e8 1b 00 00 ....TNATADSV....
8000c2c0 46 53 48 43 41 4e 49 57-38 1c 00 00 42 53 55 43 FSHCANIW8...BSUC
8000c2d0 41 4e 49 57 84 1c 00 00-59 53 2e 47 58 43 41 59 ANIW....YS.GXCAY
8000c2e0 f2 1c 00 00 53 2e 43 47-58 43 41 59 42 1d 00 00 ....S.CGXCAYB...
8000c2f0 03 78 1a 03 00 00 02 38-07 70 03 38 04 90 01 98 .x.....8.p.8....
kd> db 0x8000c000+80*6
8000c300 0c 03 00 00 4d ae bc 1b-b8 d2 68 05 6e 0f 00 00 ....M.....h.n...
8000c310 01 4b 4d 40 bb 59 87 05-9a 0a 00 00 2a 4b 57 f0 .KM@.Y......*KW.
8000c320 a3 bb 8c 06 62 09 00 00-60 33 6f e8 7f 99 3b 1a ....b...`3o...;.
8000c330 42 06 00 00 55 08 02 c1-70 a4 a4 1a 02 0b 00 00 B...U...p.......
8000c340 bc ae b3 ef bd 44 e9 1d-76 10 00 00 d9 8a 8e 37 .....D..v......7
8000c350 6e 60 f5 1d 30 1b 00 00-fc f2 92 d2 e2 81 74 21 n`..0.........t!
8000c360 32 0a 00 00 bc 3b 40 74-4e 24 64 27 d4 18 00 00 2....;@tN$d'....
8000c370 3c fb bf 2a e6 98 4d 32-62 14 00 00 1a 7d db f7 <..*..M2b....}..
kd> db 0x8000c000+80*7
8000c380 d3 98 54 32 52 0b 00 00-1c 30 c6 fd 15 4e 22 34 ..T2R....0...N"4
8000c390 ae 0d 00 00 ff 96 ff 88-8d ae 54 38 38 18 00 00 ..........T88...
8000c3a0 44 bc 0b 89 7d 8e 9f 39-c2 12 00 00 48 c0 d0 b6 D...}..9....H...
8000c3b0 69 5d 8b 3d 66 0e 00 00-0c 4e 89 10 61 47 bb 3d i].=f....N..aG.=
8000c3c0 0e 0c 00 00 c1 4a 1f f5-47 eb dc 3d d2 07 00 00 .....J..G..=....
8000c3d0 c5 02 5a 3c 31 b8 72 3e-c2 08 00 00 a4 70 e2 b2 ..Z<1.r>.....p..
8000c3e0 b5 e7 f5 3f 92 06 00 00-6d 6f dc 51 97 b6 4e 42 ...?....mo.Q..NB
8000c3f0 22 08 00 00 ce 23 bb 91-67 f0 17 48 82 07 00 00 "....#..g..H....
kd> db 0x8000c000+80*8
8000c400 b8 e2 32 33 90 29 90 48-24 19 00 00 25 ab 18 92 ..23.).H$...%...
8000c410 58 55 f1 4b d0 17 00 00-d1 91 40 73 a9 0b 6d 4c XU.K......@s..mL
8000c420 de 0c 00 00 79 b5 8c 5e-5d 4f 78 4e 12 09 00 00 ....y..^]OxN....
8000c430 09 76 29 24 f8 ac 80 54-92 11 00 00 aa 66 b1 38 .v)$...T.....f.8
8000c440 0d 04 98 59 48 16 00 00-70 37 77 47 63 49 6b 5a ...YH...p7wGcIkZ
8000c450 98 1b 00 00 eb 96 3c 72-f0 25 02 65 10 1a 00 00 ......<r.%.e....
8000c460 e2 e7 36 51 7e 3f 2a 66-38 1c 00 00 88 b2 87 13 ..6Q~?*f8.......
8000c470 b7 19 32 67 42 11 00 00-a6 95 92 89 76 fc 1c 6e ..2gB.......v..n
kd> db 0x8000c000+80*9
8000c480 1e 0f 00 00 b4 e3 81 84-b4 bb 88 6e ca 09 00 00 ...........n....
8000c490 72 e2 80 55 c1 d3 f6 6e-b6 0e 00 00 cd 19 e1 4b r..U...n.......K
8000c4a0 45 ff 20 7c 32 15 00 00-80 fd 76 61 ab e3 b5 82 E. |2.....va....
8000c4b0 00 17 00 00 1e 6b 28 17-c3 86 a0 85 e0 15 00 00 .....k(.........
8000c4c0 86 71 0b 45 7c 63 d0 90-42 1d 00 00 d8 b2 2c 9b .q.E|c..B.....,.
8000c4d0 dc 14 1d 91 92 13 00 00-75 7c 2a 0a 4b f9 77 98 ........u|*.K.w.
8000c4e0 5e 12 00 00 1c b4 70 d7-db 6f 99 9c 70 19 00 00 ^.....p..o..p...
8000c4f0 02 5d a4 e7 1e 80 9f 9e-c8 1a 00 00 53 6c bd 6f .]..........Sl.o
kd> db 0x8000c000+80*a
8000c500 42 d2 de 9f fa 11 00 00-54 de 08 60 cc fc 65 a3 B.......T..`..e.
8000c510 84 1c 00 00 e3 35 70 c6-e3 12 c2 a3 fa 13 00 00 .....5p.........
8000c520 38 d1 98 76 eb 71 fe ab-2a 13 00 00 ec 2b fd 80 8..v.q..*....+..
8000c530 2a db 11 ad 46 0d 00 00-3f 05 13 da d8 d8 70 b0 *...F...?.....p.
8000c540 c0 19 00 00 f3 9f 62 fb-04 91 bb b4 82 15 00 00 ......b.........
8000c550 de a0 c1 e8 0e 58 51 bb-ca 14 00 00 a6 1f 72 7b .....XQ.......r{
8000c560 40 1b 59 c6 60 1a 00 00-da c6 24 f5 ca ba e9 ce @.Y.`.....$.....
8000c570 be 0f 00 00 47 3d 77 fa-06 48 8f cf 72 08 00 00 ....G=w..H..r...
kd> db 0x8000c000+80*b
8000c580 b6 da 40 ad 05 0a 2f d2-f2 1c 00 00 18 2a 66 95 ..@.../......*f.
8000c590 d4 4a ea da 76 0c 00 00-aa eb 73 33 72 02 40 dd .J..v.....s3r.@.
8000c5a0 88 18 00 00 43 cc 3d 66-8c 70 85 de 16 0e 00 00 ....C.=f.p......
8000c5b0 0f 5d 60 f4 4c 2a f6 df-0e 10 00 00 95 1e 55 8a .]`.L*........U.
8000c5c0 a7 5b 27 e0 32 07 00 00-07 c7 96 b9 96 6e 7a e6 .['.2........nz.
8000c5d0 68 17 00 00 c7 ce 51 f9-9f 23 a5 e7 98 16 00 00 h.....Q..#......
8000c5e0 b5 1a ee 0f 80 49 e9 ec-b0 0b 00 00 9b 60 47 06 .....I.......`G.
8000c5f0 61 03 41 f0 da 10 00 00-b2 cc fb 23 c5 dd fc fa a.A........#....
kd> db 0x8000c000+80*c
8000c600 e8 1b 00 00 34 bc 31 f3-f7 7b 00 fe e2 06 00 00 ....4.1..{......
8000c610 01 70 7c 17 00 00 01 50-c2 6c 04 80 1d 07 db 01 .p|....P.l......
8000c620 22 60 06 00 00 00 01 60-1e 00 00 00 07 90 10 00 "`.....`........
8000c630 00 00 28 22 ab f9 12 33-73 4a b6 f9 93 6d 70 e1 ..("...3sJ...mp.
8000c640 12 ef 07 70 4a 00 00 00-01 60 74 00 00 00 06 60 ...pJ....`t....`
8000c650 92 00 00 00 05 60 c4 00-00 00 04 90 10 00 00 00 .....`..........
8000c660 e9 1f 1b eb 2a 80 9e 49-89 2c 74 03 55 19 a5 53 ....*..I.,t.U..S
8000c670 0d 70 06 00 00 00 15 40-b9 c3 00 00 08 70 10 00 .p.....@.....p..
kd> db 0x8000c000+80*d
8000c680 00 00 01 60 fa 00 00 00-06 50 ff ff ff ff ff ff ...`.....P......
8000c690 04 00 07 70 4a 00 00 00-01 60 04 01 00 00 06 60 ...pJ....`.....`
8000c6a0 92 00 00 00 05 60 c4 00-00 00 04 90 10 00 00 00 .....`..........
8000c6b0 0b 37 40 ca 45 c1 d2 45-af 47 a2 78 f0 26 27 7a .7@.E..E.G.x.&'z
8000c6c0 0d 70 06 00 00 00 15 40-b9 c3 00 00 08 70 10 00 .p.....@.....p..
8000c6d0 00 00 01 60 fa 00 00 00-06 50 ff ff ff ff ff ff ...`.....P......
8000c6e0 04 00 07 70 4a 00 00 00-01 60 24 01 00 00 06 60 ...pJ....`$....`
8000c6f0 92 00 00 00 05 60 c4 00-00 00 04 90 10 00 00 00 .....`..........
kd> db 0x8000c000+80*f
8000c780 04 00 07 70 4a 00 00 00-01 60 66 01 00 00 06 60 ...pJ....`f....`
8000c790 92 00 00 00 05 60 c4 00-00 00 04 90 10 00 00 00 .....`..........
8000c7a0 6d d4 0a 91 cf 5a 90 4c-a3 f7 b1 00 a8 aa 87 04 m....Z.L........
8000c7b0 0d 70 06 00 00 00 15 40-b9 c3 00 00 08 70 10 00 .p.....@.....p..
8000c7c0 00 00 01 60 fa 00 00 00-06 50 ff ff ff ff ff ff ...`.....P......
8000c7d0 04 00 07 70 4a 00 00 00-01 60 88 01 00 00 06 60 ...pJ....`.....`
8000c7e0 92 00 00 00 05 60 c4 00-00 00 04 90 10 00 00 00 .....`..........
8000c7f0 4a ff 23 c5 e4 27 9a 46-8b b5 3c 30 a3 cc 46 7b J.#..'.F..<0..F{
kd> db 0x8000c000+80*10
8000c800 0d 70 06 00 00 00 15 40-b9 c3 00 00 08 70 10 00 .p.....@.....p..
8000c810 00 00 01 60 fa 00 00 00-06 50 ff ff ff ff ff ff ...`.....P......
8000c820 04 00 07 70 4a 00 00 00-01 60 aa 01 00 00 06 60 ...pJ....`.....`
8000c830 92 00 00 00 05 60 c4 00-00 00 04 90 10 00 00 00 .....`..........
8000c840 d8 5e 76 38 c8 22 41 42-b5 31 aa 69 5f 94 0f 00 .^v8."AB.1.i_...
8000c850 0d 70 06 00 00 00 15 40-b9 c3 00 00 08 70 10 00 .p.....@.....p..
8000c860 00 00 01 60 fa 00 00 00-06 50 ff ff ff ff ff ff ...`.....P......
8000c870 04 00 07 70 4a 00 00 00-01 60 cc 01 00 00 06 60 ...pJ....`.....`
kd> db 0x8000c000+80*20
8000d000 fa 00 00 00 06 50 ff ff-ff ff 05 00 02 00 07 70 .....P.........p
8000d010 62 00 00 00 01 60 9a 07-00 00 06 60 b4 07 00 00 b....`.....`....
8000d020 05 60 e6 07 00 00 04 90-10 00 00 00 b4 46 32 1f .`...........F2.
8000d030 11 bc 40 41 bb 1b 52 eb-5d 96 b6 9e 0d 70 06 00 ..@A..R.]....p..
8000d040 00 00 15 40 5a c3 00 00-08 70 10 00 00 00 01 60 ...@Z....p.....`
8000d050 fa 00 00 00 06 50 af 00-93 08 00 00 05 00 0f 70 .....P.........p
8000d060 12 00 00 00 01 60 6e 02-00 00 18 40 04 00 00 00 .....`n....@....
8000d070 19 40 01 00 00 00 07 70-5e 00 00 00 01 60 12 08 .@.....p^....`..
kd> dx -r1 ((setupldr!unsigned long *)0x800770a0)
((setupldr!unsigned long *)0x800770a0) : 0x800770a0 : 0x2f12 [Type: unsigned long *]
0x2f12 [Type: unsigned long]
kd> ?0x2f12
Evaluate expression: 12050 = 00002f12
11.7 KB (12,050 字节)
kd> dv setupldr!BlLoaderBlock
setupldr!BlLoaderBlock = 0x80077000
kd> dx -r1 ((setupldr!_LOADER_PARAMETER_BLOCK *)0x80077000)
((setupldr!_LOADER_PARAMETER_BLOCK *)0x80077000) : 0x80077000 [Type: _LOADER_PARAMETER_BLOCK *]
[+0x000] LoadOrderListHead [Type: _LIST_ENTRY]
[+0x008] MemoryDescriptorListHead [Type: _LIST_ENTRY]
[+0x010] BootDriverListHead [Type: _LIST_ENTRY]
[+0x018] KernelStack : 0x0 [Type: unsigned long]
[+0x01c] Prcb : 0x0 [Type: unsigned long]
[+0x020] Process : 0x0 [Type: unsigned long]
[+0x024] Thread : 0x0 [Type: unsigned long]
[+0x028] RegistryLength : 0x0 [Type: unsigned long]
[+0x02c] RegistryBase : 0x0 [Type: void *]
[+0x030] ConfigurationRoot : 0x80078988 [Type: _CONFIGURATION_COMPONENT_DATA *]
[+0x034] ArcBootDeviceName : 0x8021cb28 : "multi(0)disk(0)cdrom(159)" [Type: char *]
[+0x038] ArcHalDeviceName : 0x0 [Type: char *]
[+0x03c] NtBootPathName : 0x0 [Type: char *]
[+0x040] NtHalPathName : 0x0 [Type: char *]
[+0x044] LoadOptions : 0x80152090 : "/FASTDETECT /NOGUIBOOT /NODEBUG" [Type: char *]
[+0x048] NlsData : 0x0 [Type: _NLS_DATA_BLOCK *]
[+0x04c] ArcDiskInformation : 0x0 [Type: _ARC_DISK_INFORMATION *]
[+0x050] OemFontFile : 0x0 [Type: void *]
[+0x054] SetupLoaderBlock : 0x80078600 [Type: _SETUP_LOADER_BLOCK *]
[+0x058] Extension : 0x80077068 [Type: _LOADER_PARAMETER_EXTENSION *]
[+0x05c] u [Type: __unnamed]
kd> dx -r1 ((setupldr!_LOADER_PARAMETER_EXTENSION *)0x80077068)
((setupldr!_LOADER_PARAMETER_EXTENSION *)0x80077068) : 0x80077068 [Type: _LOADER_PARAMETER_EXTENSION *]
[+0x000] Size : 0x50 [Type: unsigned long]
[+0x004] Profile [Type: _PROFILE_PARAMETER_BLOCK]
[+0x014] MajorVersion : 0x5 [Type: unsigned long]
[+0x018] MinorVersion : 0x2 [Type: unsigned long]
[+0x01c] InfFileImage : 0x80001000 [Type: void *]
[+0x020] InfFileSize : 0xa92f [Type: unsigned long]
[+0x024] TriageDumpBlock : 0x0 [Type: void *]
[+0x028] LoaderPagesSpanned : 0x0 [Type: unsigned long]
[+0x02c] HeadlessLoaderBlock : 0x0 [Type: _HEADLESS_LOADER_BLOCK *]
[+0x030] SMBiosEPSHeader : 0x0 [Type: _SMBIOS_TABLE_HEADER *]
[+0x034] DrvDBImage : 0x8000c000 [Type: void *]
[+0x038] DrvDBSize : 0x2f12 [Type: unsigned long]
[+0x03c] NetworkLoaderBlock : 0x0 [Type: _NETWORK_LOADER_BLOCK *]
[+0x040] HalpIRQLToTPR : 0x0 [Type: unsigned char *]
[+0x044] HalpVectorToIRQL : 0x0 [Type: unsigned char *]
[+0x048] FirmwareDescriptorListHead [Type: _LIST_ENTRY]
kd> dv FloppyUsed
FloppyUsed = 0x01 ''
虚拟机有软盘autoinst.flp
//
// If the BIOS told us to redirect, we'd be doing it right now. However,
// the user may have told us some specific settings. If that's the case,
// override anything we're doing now with the settings from the user.
//
if( WinntSifHandle ) {
p = SlGetSectionKeyIndex(WinntSifHandle, WINNT_DATA_A, WINNT_U_HEADLESS_REDIRECT_A, 0);
if (p != NULL) {
if (!_strnicmp(p, "com", 3)) {
kd> kc 5
#
00 setupldr!SlGetSectionKeyIndex
01 setupldr!SlInit
02 setupldr!BlStartup
03 setupldr!NtProcessStartup
WARNING: Frame IP not in any known module. Following frames may be wrong.
04 0x0
kd> dv
INFHandle = 0x8021ddf8
SectionName = 0x0032550c "data"
Key = 0x00325504 "EMSPort"
ValueIndex = 0
kd> dv
INFHandle = 0x8021ddf8
SectionName = 0x0032550c "data"
Key = 0x00325504 "EMSPort"
ValueIndex = 0
kd> dt INF 0x8021ddf8
Symbol INF not found.
kd> dt _INF 0x8021ddf8
setupldr!_inf
+0x000 pSection : 0x8021ea48 _section
kd> dx -r1 ((setupldr!_section *)0x8021ea48)
((setupldr!_section *)0x8021ea48) : 0x8021ea48 [Type: _section *]
[+0x000] pNext : 0x8021e920 [Type: _section *]
[+0x004] pName : 0x8021e36d : "VMwareData" [Type: char *]
[+0x008] pLine : 0x8021ea58 [Type: _line *]
kd> dx -r1 ((setupldr!_section *)0x8021e920)
((setupldr!_section *)0x8021e920) : 0x8021e920 [Type: _section *]
[+0x000] pNext : 0x8021e868 [Type: _section *]
[+0x004] pName : 0x8021e335 : "GuiRunOnce" [Type: char *]
[+0x008] pLine : 0x8021e930 [Type: _line *]
kd> dx -r1 ((setupldr!_section *)0x8021e868)
((setupldr!_section *)0x8021e868) : 0x8021e868 [Type: _section *]
[+0x000] pNext : 0x8021e820 [Type: _section *]
[+0x004] pName : 0x8021e2ff : "Display" [Type: char *]
[+0x008] pLine : 0x8021e878 [Type: _line *]
kd> dx -r1 ((setupldr!_section *)0x8021e820)
((setupldr!_section *)0x8021e820) : 0x8021e820 [Type: _section *]
[+0x000] pNext : 0x8021e7d8 [Type: _section *]
[+0x004] pName : 0x8021e2db : "Branding" [Type: char *]
[+0x008] pLine : 0x8021e830 [Type: _line *]
kd> dx -r1 ((setupldr!_section *)0x8021e7d8)
((setupldr!_section *)0x8021e7d8) : 0x8021e7d8 [Type: _section *]
[+0x000] pNext : 0x8021e790 [Type: _section *]
[+0x004] pName : 0x8021e2b3 : "Networking" [Type: char *]
[+0x008] pLine : 0x8021e7e8 [Type: _line *]
kd> dx -r1 ((setupldr!_section *)0x8021e790)
((setupldr!_section *)0x8021e790) : 0x8021e790 [Type: _section *]
[+0x000] pNext : 0x8021e710 [Type: _section *]
[+0x004] pName : 0x8021e28c : "Identification" [Type: char *]
[+0x008] pLine : 0x8021e7a0 [Type: _line *]
kd> dx -r1 ((setupldr!_section *)0x8021e710)
((setupldr!_section *)0x8021e710) : 0x8021e710 [Type: _section *]
[+0x000] pNext : 0x8021e620 [Type: _section *]
[+0x004] pName : 0x8021e258 : "LicenseFilePrintData" [Type: char *]
[+0x008] pLine : 0x8021e720 [Type: _line *]
kd> dx -r1 ((setupldr!_section *)0x8021e620)
((setupldr!_section *)0x8021e620) : 0x8021e620 [Type: _section *]
[+0x000] pNext : 0x8021e050 [Type: _section *]
[+0x004] pName : 0x8021e224 : "UserData" [Type: char *]
[+0x008] pLine : 0x8021e630 [Type: _line *]
kd> dx -r1 ((setupldr!_line *)0x8021e630)
((setupldr!_line *)0x8021e630) : 0x8021e630 [Type: _line *]
[+0x000] pNext : 0x8021e668 [Type: _line *]
[+0x004] pName : 0x8021e22d : "ProductKey" [Type: char *]
[+0x008] InternalValues [Type: char * [10]]
[+0x030] pFirstExternalValue : 0x0 [Type: _value *]
kd> dx -r1 ((setupldr!_line *)0x8021e668)
((setupldr!_line *)0x8021e668) : 0x8021e668 [Type: _line *]
[+0x000] pNext : 0x8021e6a0 [Type: _line *]
[+0x004] pName : 0x8021e238 : "FullName" [Type: char *]
[+0x008] InternalValues [Type: char * [10]]
[+0x030] pFirstExternalValue : 0x0 [Type: _value *]
kd> dx -r1 ((setupldr!_line *)0x8021e6a0)
((setupldr!_line *)0x8021e6a0) : 0x8021e6a0 [Type: _line *]
[+0x000] pNext : 0x8021e6d8 [Type: _line *]
[+0x004] pName : 0x8021e241 : "OrgName" [Type: char *]
[+0x008] InternalValues [Type: char * [10]]
[+0x030] pFirstExternalValue : 0x0 [Type: _value *]
kd> dx -r1 ((setupldr!_line *)0x8021e6d8)
((setupldr!_line *)0x8021e6d8) : 0x8021e6d8 [Type: _line *]
[+0x000] pNext : 0x0 [Type: _line *]
[+0x004] pName : 0x8021e249 : "ComputerName" [Type: char *]
[+0x008] InternalValues [Type: char * [10]]
[+0x030] pFirstExternalValue : 0x0 [Type: _value *]
kd> dx -r1 ((setupldr!_section *)0x8021e050)
((setupldr!_section *)0x8021e050) : 0x8021e050 [Type: _section *]
[+0x000] pNext : 0x8021deb8 [Type: _section *]
[+0x004] pName : 0x8021add6 : "GuiUnattended" [Type: char *]
[+0x008] pLine : 0x8021e060 [Type: _line *]
kd> dx -r1 ((setupldr!_section *)0x8021deb8)
((setupldr!_section *)0x8021deb8) : 0x8021deb8 [Type: _section *]
[+0x000] pNext : 0x8021de00 [Type: _section *]
[+0x004] pName : 0x8021ad3c : "Unattended" [Type: char *]
[+0x008] pLine : 0x8021dec8 [Type: _line *]
kd> dx -r1 ((setupldr!_section *)0x8021de00)
((setupldr!_section *)0x8021de00) : 0x8021de00 [Type: _section *]
[+0x000] pNext : 0x0 [Type: _section *]
[+0x004] pName : 0x8021ad06 : "Data" [Type: char *]
[+0x008] pLine : 0x8021de10 [Type: _line *]
kd> dx -r1 ((setupldr!_line *)0x8021de10)
((setupldr!_line *)0x8021de10) : 0x8021de10 [Type: _line *]
[+0x000] pNext : 0x8021de48 [Type: _line *]
[+0x004] pName : 0x8021ad0b : "AutoPartition" [Type: char *]
[+0x008] InternalValues [Type: char * [10]]
[+0x030] pFirstExternalValue : 0x0 [Type: _value *]
kd> dx -r1 ((setupldr!_line *)0x8021de48)
((setupldr!_line *)0x8021de48) : 0x8021de48 [Type: _line *]
[+0x000] pNext : 0x8021de80 [Type: _line *]
[+0x004] pName : 0x8021ad1b : "MsDosInitiated" [Type: char *]
[+0x008] InternalValues [Type: char * [10]]
[+0x030] pFirstExternalValue : 0x0 [Type: _value *]
kd> dx -r1 ((setupldr!_line *)0x8021de80)
((setupldr!_line *)0x8021de80) : 0x8021de80 [Type: _line *]
[+0x000] pNext : 0x0 [Type: _line *]
[+0x004] pName : 0x8021ad2a : "UnattendedInstall" [Type: char *]
[+0x008] InternalValues [Type: char * [10]]
[+0x030] pFirstExternalValue : 0x0 [Type: _value *]
kd> gu
eax=00000000 ebx=00000000 ecx=00325504 edx=00000000 esi=003254f6 edi=003482a3
eip=00326f14 esp=00060bc0 ebp=00060df4 iopl=0 nv up di pl zr na pe nc
cs=0008 ss=0010 ds=0010 es=0010 fs=0030 gs=0000 efl=00000046
setupldr!SlInit+0xece:
00326f14 8bf0 mov esi,eax
if( WinntSifHandle ) {
p = SlGetSectionKeyIndex(WinntSifHandle, WINNT_DATA_A, WINNT_U_HEADLESS_REDIRECT_A, 0);eax=00000000
if( (LoaderRedirectionInformation.PortNumber) || (LoaderRedirectionInformation.PortAddress) ) {
。。。
} else {
BlLoaderBlock->Extension->HeadlessLoaderBlock = NULL; 这个
}
if (UseRegularBackground) {
} else {
SlSetCurrentAttribute(DEFATT);
SlSetStatusAttribute(DEFSTATTR);
SlClearDisplay();
SlWriteHeaderText(SL_WELCOME_HEADER);
SlClearClientArea();
}
kd> x setupldr!UseRegularBackground
003435e4 setupldr!UseRegularBackground = 0x00 ''
有“AI”的1024 = 2048,欢迎大家加入2048 AI社区
更多推荐
0
0- 0
已为社区贡献4条内容
所有评论(0)