On Mon, Jun 13, 2011 at 11:45:07AM -0400, John Baldwin wrote: > > Ouch. Well, these can be a PITA to disassemble. ndisasm from the devel/nasm > port is a good x86 disassembler that you can use. You will need to use dd > on /dev/mem to extract INT 15's entry point from the IDT. For example: > > # dd if=/dev/mem bs=4 iseek=0x15 count=1 | hd > 1+0 records in > 1+0 records out > 4 bytes transferred in 0.000021 secs (190650 bytes/sec) > 00000000 59 f8 00 f0 |Y...| > 00000004 > > On this machine that gives a pointer of 0xf000:f859 which is a raw physical > address of '0xff859'. You can then grab a block of that to disassemble like > so: > > # dd if=/dev/mem bs=1 iseek=0xff859 count=100 | ndisasm - > 00000000 EB00 jmp short 0x2 > 00000002 80FC87 cmp ah,0x87 > 00000005 7503 jnz 0xa > 00000007 E94CF9 jmp word 0xf956 > .... > > In this case I'd then need to look at what was at 0xff956, etc.
Following your suggestions I finally got through that code. I could understand just part of it. As I said I have almost no experience with ASM. I also disassebled the same function from another PC (same manufacturer) on which BTX/loader works. Only thing I could make out is that the 6005Pro BIOS has a part of it's code where it touches the cr[034] and msr registers. This code if surrounded by a check on a memory location which, when I dump it, makes the code run. I don't know if at machine boot this byte has a different value. There is an instruction near there which makes the code what I see it, but it's not in the code path from the bios function in question. I see that older BTX used to emulate all the operations on CR and MSR registers, so maybe that's why it went through. Any idea or help on a possible workaround? I'm not sure, but maybe rdmsr or wrmsr are generating exceptions which are not managed by BTX? I could be wrong, I really dont' know that much about the internals of CPUs. I obviously have the disassembled code available, but not posting it here because I'm not sure what policies there are about disassembled code on the lists. -- Guido Falsi <m...@madpilot.net> _______________________________________________ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
