主题:怎样把网卡的rom读出来写到文件里?

源码摘自:http://book.77169.org/ask24/how169848.htm

386p
desc struc
limitl dw 0
basel dw 0
basem db 0
attr db 0
limith db 0
baseh db 0
desc ends
vdesc struc
limit dw 0
base dd 0
vdesc ends
d segment
buffer dw 16*1024 dup(?) ；缓冲区保存读出的rom
n db 'd:/rom.bin',0
gdt label byte ；GDT表
dummy desc <>
code16 desc <0ffffh,,,9ah,8fh,> ；16位代码段描述符
data desc <0ffffh,,,92h,8fh,> ；16位数据段描述符
rom desc <0ffffh,0,0,92h,8fh,10h> ；ROM的段描述符,基地址D0000000
gdtlen equ $-gdt ;段选择子
code16_sel equ code16-gdt
data_sel equ data-gdt
rom_sel equ rom-gdt
gdtr vdesc <gdtlen-1,>
d ends
code segment use16
assume cs:code,ds:d,es:d
s:
mov ax,d
mov ds,ax
mov es,ax
mov bx,10h
mul bx
mov word ptr data.basel,ax ;初始化数据段描述符
mov byte ptr data.basem,dl
mov byte ptr data.baseh,dh
add ax,offset gdt
adc dx,0
mov word ptr gdtr.base,ax
mov word ptr gdtr.base+2,dx
lgdt qword ptr gdtr ;初始化GDTR

mov ax,cs
mul bx
mov word ptr code16.basel,ax ;初始化代码段描述符
mov byte ptr code16.basem,dl
mov byte ptr code16.baseh,dh
cli
in al,92h
or al,2
out 92h,al ;使能A20
mov eax,cr0
or eax,1h
mov cr0,eax ;CR0.PE置1
db 0eah ;跳转进入保护模式
dw offset protect
dw code16_sel
protect:
mov ax,rom_sel
mov ds,ax
mov ax,data_sel
mov es,ax
mov eax,80021830h ;总线2，设备3，功能0,偏移30h的网卡配置空间ROM基址寄存器
mov dx,0cf8h
out dx,eax
mov eax,10000001h ;将ROM映射到D0000000h
mov dx,0cfch
out dx,eax
mov eax,80021804h ;配置空间命令寄存器
mov dx,0cf8h
out dx,eax
mov dx,0cfch
in eax,dx
or eax,2 ;内存空间访问使能位置1
out dx,eax
mov cx,4000h
cld
mov si,0
mov di,offset buffer
rep movsw ;把ROM拷贝到buffer
mov eax,80021830h
mov dx,0cf8h
out dx,eax
xor eax,eax
mov dx,0cfch
out dx,eax ;恢复ROM基址寄存器
mov eax,cr0
and eax,0fffffffeh
mov cr0,eax
db 0eah ;返回实模式
dw offset real
dw seg real
real:mov ax,d
mov ds,ax
mov es,ax
in al,92h
and al,0fdh
out 92h,al ;屏蔽A20
sti
mov ax,3c00h ;以下把buffer保存到D:/rom.bin
xor cx,cx
mov dx,offset n
int 21h
mov ax,3d01h
int 21h
mov bx,ax
mov cx,8000h
mov dx,offset buffer
mov ax,4000h
int 21h
mov ax,3e00h
int 21h
mov ax,4c00h
int 21h
code ends
END s

终于搞定了。原来段选择子要在进入保护模式后才装入，否则处理器将从段选择子寄存器的影子寄存器中得到不正确信息。