Reverse engineering Windows drivers.

J. Scott Kasten jsk en titan.tetracon-eng.net
Dom Ene 30 16:21:12 CST 2000


Well, there's good and bad here.  Programs do exist for the purpose
of pulling appart drivers and bios routines.

However, they tend to be of limited utility.  Often, the code is
obfuscated in such a way that it's almost impossible to pull apart
such as hiding jump/branch instructions in the middle of data tables
so they don't get dissassembled, etc...

Next, there are often lots of little code snippets that get called
hundreds of times, thus making it difficult to follow very deap.

Asside from that, video cards have litterally hundreds of registers.

Even if you wade though all that, you have to keep in mind that some
registers are read only/write only.  I.E. you may have a read only
and a write only register paired at the same address.  Writing sets
one, reading reads the other.  Thus even a debugger may not let you
get full status info on the card.

I once spent a couple weeks writting an x86 emulator to step through
video BIOS, but it was such a pain as to not be worth it.  I think the
best thing you can really do is look at the XFREE sources if they
support the card you are interested in.  Other than that, your best
bet is to try and contact the manufacturer and see if you can work out
something with them.

I know this isn't much help, but short of using a logic anlayser, 
don't waste your time unless you can get legitimate source code.

On Sun, Jan 30, 2000 at 01:07:49PM -0800, Patrick Roberts wrote:
> I'm trying to find some correct settings for my video card that I'm writing a
> utility for.  Can anyone recommend some freeware that:
> 
> 1) Disassembles windows programs/drivers/dlls under linux (or do I HAVE to buy
> and install Windows...God forbid!)
> 
> 2) Under Windows, can access the PCI regs and can dump the contents of hardware
> mapped memory to a file.
> 
>   My thinking is that if I know the regs, a Windows user could set up the card
> with the mode I'm trying to get, then could dump his reg contents to a file and
> I could use this file to see what I'm setting wrong.  Or does it not work like
> that?
> 
> Thanks for any help :)
> 
> -PR
> 
> 
> BTW- Thanks to all who pointed me to the /dev/mem mmap() hardware access
> technique.
> 
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo en vger.rutgers.edu
> Please read the FAQ at http://www.tux.org/lkml/

-- 
J. Scott Kasten

jsk AT tetracon-eng DOT net

"That wasn't an attack.  It was preemptive retaliation!"

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo en vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/



Más información sobre la lista de distribución Ayuda