I may have found a way to access the DoC at 4GiB. recap:
after reset, CS selector base is 0xffff0000, IP is 0xfff0, causing code to be executed at 0xfffffff0. DS, ES, FS, GS, SS selector bases are all 0. Normally, data accesses are relative to DS, except string instr dest, for which it is ES, or stack (EBP) which is relative to SS. (But they're all 0 to start with) now, it seems that since 8086 you can use segment override prefixes to specify a different segment that the memory operand is relative to. (not for use with branch instructions) for CS, the segment override prefix is 0x2e, but in assembly a CS: is put before the memory operand. example in AT&T syntax (I hope) .org 0xfff0 .code16 movw $0xabcd, %si movw (%si), %ax ; load word at 0x0000abcd to %ax becomes org 0xfff0 .code16 movw $0xabcd, %si movw %cs:(%si), ax ; load word at 0xffffabcd to %ax note that the second one takes one more byte for the instruction due to the segment override prefix byte. This could be used to avoid a few instructions in ipl.S for loading segment registers, and also may allow using the E and F segments for LinuxBIOS code, by first setting the northbridge to decode reads and writes to RAM. (The DoC can stil be read *and* written to using the 4GiB alias with the above technique) Of course that would take extra instructions somewhere, and won't work for systems that have the BIOS Lock "feature" I mentioned in a previous post. (they don't decode writes to the 4GiB alias). Jeremy ----- Original Message ----- From: "ollie" <[EMAIL PROTECTED]> To: "Jeremy Jackson" <[EMAIL PROTECTED]> Cc: "Ronald G Minnich" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Monday, April 01, 2002 10:19 PM Subject: Re: far call discussion > Jeremy Jackson wrote: > > >Yes that's the one. > > > >Wouldnt' it be advantageous to be able to execute from high > >alias while setting up ram? Then you could uncompress directly > >on top of yourself... I mean to the 0xf000-0xffff address, > >like the vendor bios does to shadow itsself. No need to > >move yourself around. Everyone (ie linux kernel) expects > >to leave that area alone. > > > I don't think it is viable for DoC. To access DoC, you have two choices > 1. Mapping DoC near 4GB, to access DoC you have to enter protect or > big real mode. > 2. Mapping DoC near 1MB, it is not possible to do the "read from > flash write to DRAM" trick > since every command transaction need both read and write to goto > flash. > > But it is possible to stay CS = 4GB - 64KB and DS = 1MB - 64KB and > shadow LinuxBIOS (ES) to > somewhere below 1MB. > > Ollie > >
