phoenix(BIOS) NVRM 的数据结构 bios(逆向工程)

header  7

 sig NAPI                 4 byte

offset next data      2 byte

magic code              1 byte

然后是8个字节

 

如 

 

Extended System Configuration Data

 

"ESCD"

dwoffetset

dw offsetlength

csRestoreMemConfigFromEscdJ proc far    ; CODE XREF: csRestoreMemConfigFromCmosJReturnj
seg000:5027                 mov     eax, 564E5343h
seg000:502D                 mov     di, offset loc_F5033
seg000:5030                 jmp     csPerformESCDReadJDI
seg000:5033 ; ---------------------------------------------------------------------------
seg000:5033
seg000:5033 loc_F5033:                              ; DATA XREF: csRestoreMemConfigFromEscdJ+6o
seg000:5033                 mov     ax, 0
seg000:5036                 mov     es, ax
seg000:5038                 mov     edi, esi
seg000:503B                 mov     si, offset pnp030XDevNode
seg000:503E                 mov     cx, 5
seg000:5041
seg000:5041 loc_F5041:                              ; CODE XREF: csRestoreMemConfigFromEscdJ+36j
seg000:5041                 mov     edx, edi
seg000:5044                 mov     ah, es:[edi]
seg000:5048                 mov     al, cs:[si]
seg000:504B                 db      66h
seg000:504B                 bswap   esi
seg000:504E                 mov     bx, offset loc_F5054
seg000:5051                 jmp     csRegWriteJBX
seg000:5054 ; ---------------------------------------------------------------------------
seg000:5054
seg000:5054 loc_F5054:                              ; DATA XREF: csRestoreMemConfigFromEscdJ+27o
seg000:5054                 db      66h
seg000:5054                 bswap   esi
seg000:5057                 inc     si
seg000:5058                 mov     edi, edx
seg000:505B                 inc     edi
seg000:505D                 loop    loc_F5041
seg000:505F                 jmp     csRestoreMemConfigFromEscdJReturn
seg000:505F csRestoreMemConfigFromEscdJ endp

 BIOS Boot Specification ipl

 

"BBSI"

dwoffetset

dw offsetlength

 

 multiBootReadNvData proc near           ; CODE XREF: multiBootInitFarJ+57p
seg000:B4E3                 pushad
seg000:B4E5                 call    multiBootGetNvsSegSize
seg000:B4E8                 movzx   eax, cx
seg000:B4EC                 mov     cx, 6
seg000:B4EF                 mov     edx, 80000022h
seg000:B4F5                 add     eax, 10h
seg000:B4F9                 shr     eax, 4
seg000:B4FD                 push    cx
seg000:B4FE                 push    edx
seg000:B500                 push    eax
seg000:B502                 push    0
seg000:B504                 call    far ptr 5029h:2DBCh
seg000:B509                 add     sp, 0Ch
seg000:B50C                 call    sub_B55D
seg000:B50F                 jz      short loc_B528
seg000:B511                 push    0
seg000:B513                 pop     es
seg000:B514                 mov     edi, edx
seg000:B517                 mov     eax, 49534242h//  BBSI magic code
seg000:B51D                 call    far ptr 5029h:0C21Ah
seg000:B522                 mov     bp, sp
seg000:B524                 mov     [bp+8], edi
seg000:B528
seg000:B528 loc_B528:                               ; CODE XREF: multiBootReadNvData+2Cj
seg000:B528                 popad
seg000:B52A                 retn
seg000:B52A multiBootReadNvData endp

你可能感兴趣的:(phoenix(BIOS) NVRM 的数据结构 bios(逆向工程))