archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/base/ntos/ke/i386/callout.asm

451 lines
16 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. title "Call Out to User Mode"
  2. ;++
  3. ;
  4. ; Copyright (c) 1994 Microsoft Corporation
  5. ;
  6. ; Module Name:
  7. ;
  8. ; callout.asm
  9. ;
  10. ; Abstract:
  11. ;
  12. ; This module implements the code necessary to call out from kernel
  13. ; mode to user mode.
  14. ;
  15. ; Author:
  16. ;
  17. ; David N. Cutler (davec) 1-Nov-1994
  18. ;
  19. ; Environment:
  20. ;
  21. ; Kernel mode only.
  22. ;
  23. ; Revision History:
  24. ;
  25. ;--
  27. .386p
  28. .xlist
  29. include ks386.inc
  30. include i386\kimacro.inc
  31. include callconv.inc
  32. .list
  34. extrn _KiServiceExit:PROC
  35. extrn _KeUserCallbackDispatcher:DWORD
  37. EXTRNP _MmGrowKernelStack,1
  39. _TEXT SEGMENT DWORD PUBLIC 'CODE'
  40. ASSUME DS:FLAT, ES:FLAT, SS:FLAT, FS:NOTHING, GS:NOTHING
  42. page ,132
  43. subttl "Call User Mode Function"
  44. ;++
  45. ;
  46. ; NTSTATUS
  47. ; KiCallUserMode (
  48. ; IN PVOID *Outputbuffer,
  49. ; IN PULONG OutputLength
  50. ; )
  51. ;
  52. ; Routine Description:
  53. ;
  54. ; This function calls a user mode function from kernel mode.
  55. ;
  56. ; N.B. This function calls out to user mode and the NtCallbackReturn
  57. ; function returns back to the caller of this function. Therefore,
  58. ; the stack layout must be consistent between the two routines.
  59. ;
  60. ; Arguments:
  61. ;
  62. ; OutputBuffer - Supplies a pointer to the variable that receivies
  63. ; the address of the output buffer.
  64. ;
  65. ; OutputLength - Supplies a pointer to a variable that receives
  66. ; the length of the output buffer.
  67. ;
  68. ; Return Value:
  69. ;
  70. ; The final status of the call out function is returned as the status
  71. ; of the function.
  72. ;
  73. ; N.B. This function does not return to its caller. A return to the
  74. ; caller is executed when a NtCallbackReturn system service is
  75. ; executed.
  76. ;
  77. ; N.B. This function does return to its caller if a kernel stack
  78. ; expansion is required and the attempted expansion fails.
  79. ;
  80. ;--
  82. ;
  83. ; To support the debugger, the callback stack frame is now defined in i386.h.
  84. ; If the stack frame is changed, i386.h must be updated and geni386
  85. ; rebuilt and run, then rebuild this file and ntos\kd.
  86. ;
  87. ; The FPO record below must also be updated to correctly represent
  88. ; the stack frame.
  89. ;
  91. cPublicProc _KiCallUserMode, 2
  93. .FPO (3, 2, 4, 4, 0, 0)
  95. ;
  96. ; Save nonvolatile registers.
  97. ;
  99. push ebp ; save nonvolatile registers
  100. push ebx ;
  101. push esi ;
  102. push edi ;
  104. ;
  105. ; Check if sufficient room is available on the kernel stack for another
  106. ; system call.
  107. ;
  109. mov ebx,PCR[PcPrcbData + PbCurrentThread] ; get current thread address
  110. lea eax,[esp]-KERNEL_LARGE_STACK_COMMIT ; compute bottom address
  111. cmp eax,[ebx]+ThStackLimit ; check if limit exceeded
  112. jae short Kcb10 ; if ae, limit not exceeded
  113. stdCall _MmGrowKernelStack,<esp> ; attempt to grow kernel stack
  114. or eax, eax ; check for successful completion
  115. jne Kcb20 ; if ne, attempt to grow failed
  117. ;
  118. ; Get the address of the current thread and save the previous trap frame
  119. ; and calback stack addresses in the current frame. Also save the new
  120. ; callback stack address in the thread object.
  121. ;
  123. Kcb10: push [ebx].ThCallbackStack ; save callback stack address
  124. mov edx,[ebx].ThTrapFrame ; get current trap frame address
  125. push edx ; save trap frame address
  126. mov esi,[ebx].ThInitialStack ; get initial stack address
  127. push esi ; save initial stack address
  128. mov [ebx].ThCallbackStack,esp ; save callback stack address
  130. KcbPrologEnd: ; help for the debugger
  132. ;
  133. ; Copy the numeric save area from the previous save area to the new save
  134. ; area and establish a new initial kernel stack.
  135. ;
  137. ;
  138. ; Make sure that the destination NPX Save area is 16-byte aligned
  139. ; as required by fxsave\fxrstor
  140. ;
  141. and esp, 0fffffff0h
  142. mov edi,esp ; set new initial stack address
  143. sub esp,NPX_FRAME_LENGTH ; compute destination NPX save area
  144. sub esi,NPX_FRAME_LENGTH ; compute source NPX save area
  145. cli ; disable interrupts
  146. mov ecx,[esi].FpControlWord ; copy NPX state to new frame
  147. mov [esp].FpControlWord,ecx ;
  148. mov ecx,[esi].FpStatusWord ;
  149. mov [esp].FpStatusWord,ecx ;
  150. mov ecx,[esi].FpTagWord ;
  151. mov [esp].FpTagWord,ecx ;
  152. mov ecx,[esi].FxMXCsr ;
  153. mov [esp].FxMXCsr,ecx ;
  154. mov ecx,[esi].FpCr0NpxState ;
  155. mov [esp].FpCr0NpxState,ecx ;
  156. mov esi,PCR[PcTss] ; get address of task switch segment
  157. mov [ebx].ThInitialStack,edi ; reset initial stack address
  158. mov ecx, esp
  159. sub esp,TsV86Gs - TsHardwareSegSs ; bias for missing V86 fields
  160. test dword ptr [edx].TsEFlags,EFLAGS_V86_MASK ; is this a V86 frame?
  161. jne @f
  162. mov ecx, esp ; Use adjusted esp (normal case)
  163. @@: mov [esi].TssEsp0,ecx ; set kernel entry stack address
  165. ;
  166. ; Construct a trap frame to facilitate the transfer into user mode via
  167. ; the standard system call exit.
  168. ;
  170. sub esp,TsHardwareSegSs + 4 ; allocate trap frame
  171. mov ebp,esp ; set address of trap frame
  172. mov ecx,(TsHardwareSegSs - TsSegFs + 4) / 4; set repeat count
  173. lea edi,[esp].TsSegFs ; set destination address
  174. lea esi,[edx].TsSegFs ; set source address
  175. rep movsd ; copy trap information
  177. mov edi, [edx].TsDr7 ; Fetch control register
  178. test edi, DR7_ACTIVE ; Do we need to restore Debug reg?
  179. mov [esp].TsDr7, edi ; Save away Dr7
  180. jnz short Kcb18 ; Yes, go save them.
  182. Kcb15: mov eax,_KeUserCallbackDispatcher ; st address of callback dispatchr
  183. mov [esp].TsEip,eax ;
  184. mov eax,PCR[PcExceptionList] ; get current exception list
  185. mov [esp].TsExceptionList,eax ; set previous exception list
  186. mov eax,[edx].TsPreviousPreviousMode ; get previous mode
  187. mov [esp].TsPreviousPreviousMode,eax ; set previous mode
  188. sti ; enable interrupts
  190. SET_DEBUG_DATA ; set system call debug data for exit
  192. jmp _KiServiceExit ; exit through service dispatch
  194. Kcb18:
  195. mov ecx,(TsDr6 - TsDr0 + 4) / 4; set repeat count
  196. lea edi,[esp].TsDr0 ; set destination address
  197. lea esi,[edx].TsDr0 ; set source address
  198. rep movsd ; copy trap information
  199. jmp short Kcb15
  201. ;
  202. ; An attempt to grow the kernel stack failed.
  203. ;
  205. Kcb20: pop edi ; restore nonvolitile register
  206. pop esi ;
  207. pop ebx ;
  208. pop ebp ;
  209. stdRET _KiCallUserMode
  211. stdENDP _KiCallUserMode
  213. page ,132
  214. subttl "Switch Kernel Stack"
  215. ;++
  216. ;
  217. ; PVOID
  218. ; KeSwitchKernelStack (
  219. ; IN PVOID StackBase,
  220. ; IN PVOID StackLimit
  221. ; )
  222. ;
  223. ; Routine Description:
  224. ;
  225. ; This function switches to the specified large kernel stack.
  226. ;
  227. ; N.B. This function can ONLY be called when there are no variables
  228. ; in the stack that refer to other variables in the stack, i.e.,
  229. ; there are no pointers into the stack.
  230. ;
  231. ; Arguments:
  232. ;
  233. ; StackBase (esp + 4) - Supplies a pointer to the base of the new kernel
  234. ; stack.
  235. ;
  236. ; StackLimit (esp + 8) - Suplies a pointer to the limit of the new kernel
  237. ; stack.
  238. ;
  239. ; Return Value:
  240. ;
  241. ; The old kernel stack is returned as the function value.
  242. ;
  243. ;--
  245. SsStkBs equ 4 ; new kernel stack base address
  246. SsStkLm equ 8 ; new kernel stack limit address
  248. cPublicProc _KeSwitchKernelStack, 2
  250. ;
  251. ; Save the address of the new stack and copy the old stack to the new
  252. ; stack.
  253. ;
  255. push esi ; save string move registers
  256. push edi ;
  257. mov edx,PCR[PcPrcbData + PbCurrentThread] ; get current thread address
  258. mov edi,[esp]+SsStkBs + 8 ; get new kernel stack base address
  259. mov ecx,[edx].ThStackBase ; get current stack base address
  260. sub ebp,ecx ; relocate the callers frame pointer
  261. add ebp,edi ;
  262. mov eax,[edx].ThTrapFrame ; relocate the current trap frame address
  263. sub eax,ecx ;
  264. add eax,edi ;
  265. mov [edx].ThTrapFrame,eax ;
  266. sub ecx,esp ; compute length of copy
  267. sub edi,ecx ; set destination address of copy
  268. mov esi,esp ; set source address of copy
  269. push edi ; save new stack pointer address
  270. rep movsb ; copy old stack to new stack
  271. pop edi ; restore new stack pointer address
  273. ;
  274. ; Switch to the new kernel stack and return the address of the old kernel
  275. ; stack.
  276. ;
  278. mov eax,[edx].ThStackBase ; get old kernel stack base address
  279. mov ecx,[esp]+SsStkBs + 8 ; get new kernel stack base address
  280. mov esi,[esp]+SsStkLm + 8 ; get new kernel stack limit address
  281. cli ; disable interrupts
  282. mov [edx].ThStackBase,ecx ; set new kernel stack base address
  283. mov [edx].ThStackLimit,esi ; set new kernel stack limit address
  284. mov byte ptr [edx].ThLargeStack, 1 ; set large stack TRUE
  285. mov [edx].ThInitialStack,ecx ; set new initial stack address
  286. sub ecx,NPX_FRAME_lENGTH ; compute NPX save area address
  287. mov esi,[edx].ThTrapFrame ; Get current trap frame address
  288. mov edx,PCR[PcTss] ; get address of task switch segment
  289. test dword ptr [esi]+TsEFlags,EFLAGS_V86_MASK ; is this a V86 frame?
  290. jne @f
  291. sub ecx,TsV86Gs - TsHardwareSegSs ; bias for missing V86 fields
  292. @@: mov [edx].TssEsp0,ecx ; set kernel entry stack address
  293. mov esp,edi ; set new stack pointer address
  294. sti ;
  295. pop edi ; restore string move registers
  296. pop esi ;
  297. stdRET _KeSwitchKernelStack
  299. stdENDP _KeSwitchKernelStack
  301. page ,132
  302. subttl "Get User Mode Stack Address"
  303. ;++
  304. ;
  305. ; PULONG
  306. ; KiGetUserModeStackAddress (
  307. ; VOID
  308. ; )
  309. ;
  310. ; Routine Description:
  311. ;
  312. ; This function returns the address of the user stack address in the
  313. ; current trap frame.
  314. ;
  315. ; Arguments:
  316. ;
  317. ; None.
  318. ;
  319. ; Return Value:
  320. ;
  321. ; The address of the user stack address.
  322. ;
  323. ;--
  325. cPublicProc _KiGetUserModeStackAddress, 0
  327. mov eax,PCR[PcPrcbData + PbCurrentThread] ; get current thread address
  328. mov eax,[eax].ThTrapFrame ; get current trap frame address
  329. lea eax,[eax].TsHardwareEsp ; get address of stack address
  330. stdRET _KiGetUserModeStackAddress
  332. stdENDP _KiGetUserModeStackAddress
  334. page ,132
  335. subttl "Return from User Mode Callback"
  336. ;++
  337. ;
  338. ; NTSTATUS
  339. ; NtCallbackReturn (
  340. ; IN PVOID OutputBuffer OPTIONAL,
  341. ; IN ULONG OutputLength,
  342. ; IN NTSTATUS Status
  343. ; )
  344. ;
  345. ; Routine Description:
  346. ;
  347. ; This function returns from a user mode callout to the kernel
  348. ; mode caller of the user mode callback function.
  349. ;
  350. ; N.B. This function returns to the function that called out to user
  351. ; mode and the KiCallUserMode function calls out to user mode.
  352. ; Therefore, the stack layout must be consistent between the
  353. ; two routines.
  354. ;
  355. ; Arguments:
  356. ;
  357. ; OutputBuffer - Supplies an optional pointer to an output buffer.
  358. ;
  359. ; OutputLength - Supplies the length of the output buffer.
  360. ;
  361. ; Status - Supplies the status value returned to the caller of the
  362. ; callback function.
  363. ;
  364. ; Return Value:
  365. ;
  366. ; If the callback return cannot be executed, then an error status is
  367. ; returned. Otherwise, the specified callback status is returned to
  368. ; the caller of the callback function.
  369. ;
  370. ; N.B. This function returns to the function that called out to user
  371. ; mode is a callout is currently active.
  372. ;
  373. ;--
  375. cPublicProc _NtCallbackReturn, 3
  377. mov eax,PCR[PcPrcbData + PbCurrentThread] ; get current thread address
  378. mov ecx,[eax].ThCallbackStack ; get callback stack address
  379. test ecx, ecx
  380. je CbExit ; if zero, no callback stack present
  382. ;
  383. ; Restore the current exception list from the saved exception list in the
  384. ; current trap frame, restore the trap frame and callback stack addresses,
  385. ; store the output buffer address and length, and set the service status.
  386. ;
  388. mov ebx,[eax].ThTrapFrame ; get current trap frame address
  389. mov edx,[ebx].TsExceptionList ; get saved exception list address
  390. mov PCR[PcExceptionList],edx ; restore exception list address
  391. mov edi,[esp] + 4 ; get output buffer address
  392. mov esi,[esp] + 8 ; get output buffer length
  393. mov ebp,[esp] + 12 ; get callout service status
  394. mov ebx,[ecx].CuOutBf ; get address to store output buffer
  395. mov [ebx],edi ; store output buffer address
  396. mov ebx,[ecx].CuOutLn ; get address to store output length
  397. mov [ebx],esi ; store output buffer length
  398. mov ebx,[ecx] ; get previous initial stack address
  399. cli ; disable interrupt
  400. mov esi,[eax].ThInitialStack ; get source NPX save area address
  401. mov [eax].ThInitialStack,ebx ; restore initial stack address
  402. sub esi,NPX_FRAME_LENGTH ; compute destination NPX save area
  403. sub ebx,NPX_FRAME_LENGTH ; compute destination NPX save area
  404. mov edx,[esi].FpControlWord ; copy NPX state to previous frame
  405. mov [ebx].FpControlWord,edx ;
  406. mov edx,[esi].FpStatusWord ;
  407. mov [ebx].FpStatusWord,edx ;
  408. mov edx,[esi].FpTagWord ;
  409. mov [ebx].FpTagWord,edx ;
  410. mov edx,[esi].FxMXCsr ;
  411. mov [ebx].FxMXCsr,edx ;
  412. mov edx,[esi].FpCr0NpxState ;
  413. mov [ebx].FpCr0NpxState,edx ;
  414. mov edx,PCR[PcTss] ; get address of task switch segment
  415. lea esp, [ecx+4] ; trim stack back to callback frame
  416. pop edi
  417. test dword ptr [edi]+TsEFlags,EFLAGS_V86_MASK ; is this a V86 frame?
  418. jne @f
  419. sub ebx,TsV86Gs - TsHardwareSegSs ; bias for missing V86 fields
  420. @@: test [edi].TsDr7, DR7_ACTIVE
  421. mov [edx].TssEsp0,ebx ; restore kernel entry stack address
  422. setnz byte ptr [eax].ThDebugActive ; Set debug active to match saved DR7
  423. mov [eax].ThTrapFrame, edi ; restore current trap frame address
  424. sti ; enable interrupts
  425. pop [eax].ThCallbackStack ; restore callback stack address
  426. mov eax,ebp ; set callback service status
  428. ;
  429. ; Restore nonvolatile registers, clean call parameters from stack, and
  430. ; return to callback caller.
  431. ;
  433. pop edi ; restore nonvolatile registers
  434. pop esi ;
  435. pop ebx ;
  436. pop ebp ;
  437. pop edx ; save return address
  438. add esp,8 ; remove parameters from stack
  439. jmp edx ; return to callback caller
  441. ;
  442. ; No callback is currently active.
  443. ;
  445. CbExit: mov eax,STATUS_NO_CALLBACK_ACTIVE ; set service status
  446. stdRET _NtCallBackReturn
  448. stdENDP _NtCallbackReturn
  450. _TEXT ends
  451. end