| blob | 9677d809e5c28d6ec7d7daae960d99fb7da7f9f9 |
1 /*
2 * setup.S Copyright (C) 1991, 1992 Linus Torvalds
3 *
4 * setup.s is responsible for getting the system data from the BIOS,
5 * and putting them into the appropriate places in system memory.
6 * both setup.s and system has been loaded by the bootblock.
7 *
8 * This code asks the bios for memory/disk/other parameters, and
9 * puts them in a "safe" place: 0x90000-0x901FF, ie where the
10 * boot-block used to be. It is then up to the protected mode
11 * system to read them from there before the area is overwritten
12 * for buffer-blocks.
13 *
14 * Move PS/2 aux init code to psaux.c
15 * (troyer@saifr00.cfsat.Honeywell.COM) 03Oct92
16 *
17 * some changes and additional features by Christoph Niemann,
18 * March 1993/June 1994 (Christoph.Niemann@linux.org)
19 *
20 * add APM BIOS checking by Stephen Rothwell, May 1994
21 * (sfr@canb.auug.org.au)
22 *
23 * High load stuff, initrd support and position independency
24 * by Hans Lermen & Werner Almesberger, February 1996
25 * <lermen@elserv.ffm.fgan.de>, <almesber@lrc.epfl.ch>
26 *
27 * Video handling moved to video.S by Martin Mares, March 1996
28 * <mj@k332.feld.cvut.cz>
29 *
30 * Extended memory detection scheme retwiddled by orc@pell.chi.il.us (david
31 * parsons) to avoid loadlin confusion, July 1997
32 *
33 * Transcribed from Intel (as86) -> AT&T (gas) by Chris Noe, May 1999.
34 * <stiker@northlink.com>
35 *
36 * Fix to work around buggy BIOSes which don't use carry bit correctly
37 * and/or report extended memory in CX/DX for e801h memory size detection
38 * call. As a result the kernel got wrong figures. The int15/e801h docs
39 * from Ralf Brown interrupt list seem to indicate AX/BX should be used
40 * anyway. So to avoid breaking many machines (presumably there was a reason
41 * to orginally use CX/DX instead of AX/BX), we do a kludge to see
42 * if CX/DX have been changed in the e801 call and if so use AX/BX .
43 * Michael Miller, April 2001 <michaelm@mjmm.org>
44 *
45 * New A20 code ported from SYSLINUX by H. Peter Anvin. AMD Elan bugfixes
46 * by Robert Schwebel, December 2001 <robert@schwebel.de>
47 *
48 * BIOS Enhanced Disk Drive support
49 * by Matt Domsch <Matt_Domsch@dell.com> October 2002
50 * conformant to T13 Committee www.t13.org
51 * projects 1572D, 1484D, 1386D, 1226DT
52 * disk signature read by Matt Domsch <Matt_Domsch@dell.com>
53 * and Andrew Wilks <Andrew_Wilks@dell.com> September 2003
54 */
56 #include <asm/segment.h>
57 #include <linux/utsrelease.h>
58 #include <linux/compile.h>
59 #include <asm/boot.h>
60 #include <asm/e820.h>
61 #include <asm/edd.h>
62 #include <asm/page.h>
64 #undef __BOOT_CS
65 #define __BOOT_CS 0x10
66 #undef __BOOT_DS
67 #define __BOOT_DS 0x18
68 #undef __KERNEL_CS
69 #define __KERNEL_CS 0x10
70 #define __MAXMEM (-__PAGE_OFFSET-(512 << 20)-1) & 0x7fffffff
72 /* Signature words to ensure LILO loaded us right */
73 #define SIG1 0xAA55
74 #define SIG2 0x5A5A
76 INITSEG = DEF_INITSEG # 0x9000, we move boot here, out of the way
77 SYSSEG = DEF_SYSSEG # 0x1000, system loaded at 0x10000 (65536).
78 SETUPSEG = DEF_SETUPSEG # 0x9020, this is the current segment
79 # ... and the former contents of CS
81 DELTA_INITSEG = SETUPSEG - INITSEG # 0x0020
83 .code16
84 .globl begtext, begdata, begbss, endtext, enddata, endbss
86 .text
87 begtext:
88 .data
89 begdata:
90 .bss
91 begbss:
92 .text
94 start:
95 jmp trampoline
97 # This is the setup header, and it must start at %cs:2 (old 0x9020:2)
99 .ascii "HdrS" # header signature
100 .word 0x0204 # header version number (>= 0x0105)
101 # or else old loadlin-1.5 will fail)
102 realmode_swtch: .word 0, 0 # default_switch, SETUPSEG
103 start_sys_seg: .word SYSSEG
104 .word kernel_version # pointing to kernel version string
105 # above section of header is compatible
106 # with loadlin-1.5 (header v1.5). Don't
107 # change it.
109 type_of_loader: .byte 0 # = 0, old one (LILO, Loadlin,
110 # Bootlin, SYSLX, bootsect...)
111 # See Documentation/i386/boot.txt for
112 # assigned ids
114 # flags, unused bits must be zero (RFU) bit within loadflags
115 loadflags:
116 LOADED_HIGH = 1 # If set, the kernel is loaded high
117 CAN_USE_HEAP = 0x80 # If set, the loader also has set
118 # heap_end_ptr to tell how much
119 # space behind setup.S can be used for
120 # heap purposes.
121 # Only the loader knows what is free
122 #ifndef __BIG_KERNEL__
123 .byte 0
124 #else
125 .byte LOADED_HIGH
126 #endif
128 setup_move_size: .word 0x8000 # size to move, when setup is not
129 # loaded at 0x90000. We will move setup
130 # to 0x90000 then just before jumping
131 # into the kernel. However, only the
132 # loader knows how much data behind
133 # us also needs to be loaded.
135 code32_start: # here loaders can put a different
136 # start address for 32-bit code.
137 #ifndef __BIG_KERNEL__
138 .long 0x1000 # 0x1000 = default for zImage
139 #else
140 .long 0x100000 # 0x100000 = default for big kernel
141 #endif
143 ramdisk_image: .long 0 # address of loaded ramdisk image
144 # Here the loader puts the 32-bit
145 # address where it loaded the image.
146 # This only will be read by the kernel.
148 ramdisk_size: .long 0 # its size in bytes
150 bootsect_kludge:
151 .word bootsect_helper, SETUPSEG
153 heap_end_ptr: .word modelist+1024 # (Header version 0x0201 or later)
154 # space from here (exclusive) down to
155 # end of setup code can be used by setup
156 # for local heap purposes.
158 pad1: .word 0
159 cmd_line_ptr: .long 0 # (Header version 0x0202 or later)
160 # If nonzero, a 32-bit pointer
161 # to the kernel command line.
162 # The command line should be
163 # located between the start of
164 # setup and the end of low
165 # memory (0xa0000), or it may
166 # get overwritten before it
167 # gets read. If this field is
168 # used, there is no longer
169 # anything magical about the
170 # 0x90000 segment; the setup
171 # can be located anywhere in
172 # low memory 0x10000 or higher.
174 ramdisk_max: .long __MAXMEM # (Header version 0x0203 or later)
175 # The highest safe address for
176 # the contents of an initrd
178 trampoline: call start_of_setup
179 .space 1024
180 # End of setup header #####################################################
182 start_of_setup:
183 # Bootlin depends on this being done early
184 movw $0x01500, %ax
185 movb $0x81, %dl
186 int $0x13
188 #ifdef SAFE_RESET_DISK_CONTROLLER
189 # Reset the disk controller.
190 movw $0x0000, %ax
191 movb $0x80, %dl
192 int $0x13
193 #endif
195 # Set %ds = %cs, we know that SETUPSEG = %cs at this point
196 movw %cs, %ax # aka SETUPSEG
197 movw %ax, %ds
198 # Check signature at end of setup
199 cmpw $SIG1, setup_sig1
200 jne bad_sig
202 cmpw $SIG2, setup_sig2
203 jne bad_sig
205 jmp good_sig1
207 # Routine to print asciiz string at ds:si
208 prtstr:
209 lodsb
210 andb %al, %al
211 jz fin
213 call prtchr
214 jmp prtstr
216 fin: ret
218 # Space printing
219 prtsp2: call prtspc # Print double space
220 prtspc: movb $0x20, %al # Print single space (note: fall-thru)
222 # Part of above routine, this one just prints ascii al
223 prtchr: pushw %ax
224 pushw %cx
225 xorb %bh, %bh
226 movw $0x01, %cx
227 movb $0x0e, %ah
228 int $0x10
229 popw %cx
230 popw %ax
231 ret
233 beep: movb $0x07, %al
234 jmp prtchr
236 no_sig_mess: .string "No setup signature found ..."
238 good_sig1:
239 jmp good_sig
241 # We now have to find the rest of the setup code/data
242 bad_sig:
243 movw %cs, %ax # SETUPSEG
244 subw $DELTA_INITSEG, %ax # INITSEG
245 movw %ax, %ds
246 xorb %bh, %bh
247 movb (497), %bl # get setup sect from bootsect
248 subw $4, %bx # LILO loads 4 sectors of setup
249 shlw $8, %bx # convert to words (1sect=2^8 words)
250 movw %bx, %cx
251 shrw $3, %bx # convert to segment
252 addw $SYSSEG, %bx
253 movw %bx, %cs:start_sys_seg
254 # Move rest of setup code/data to here
255 movw $2048, %di # four sectors loaded by LILO
256 subw %si, %si
257 pushw %cs
258 popw %es
259 movw $SYSSEG, %ax
260 movw %ax, %ds
261 rep
262 movsw
263 movw %cs, %ax # aka SETUPSEG
264 movw %ax, %ds
265 cmpw $SIG1, setup_sig1
266 jne no_sig
268 cmpw $SIG2, setup_sig2
269 jne no_sig
271 jmp good_sig
273 no_sig:
274 lea no_sig_mess, %si
275 call prtstr
277 no_sig_loop:
278 hlt
279 jmp no_sig_loop
281 good_sig:
282 movw %cs, %ax # aka SETUPSEG
283 subw $DELTA_INITSEG, %ax # aka INITSEG
284 movw %ax, %ds
285 # Check if an old loader tries to load a big-kernel
286 testb $LOADED_HIGH, %cs:loadflags # Do we have a big kernel?
287 jz loader_ok # No, no danger for old loaders.
289 cmpb $0, %cs:type_of_loader # Do we have a loader that
290 # can deal with us?
291 jnz loader_ok # Yes, continue.
293 pushw %cs # No, we have an old loader,
294 popw %ds # die.
295 lea loader_panic_mess, %si
296 call prtstr
298 jmp no_sig_loop
300 loader_panic_mess: .string "Wrong loader, giving up..."
302 loader_ok:
303 # Get memory size (extended mem, kB)
305 xorl %eax, %eax
306 movl %eax, (0x1e0)
307 #ifndef STANDARD_MEMORY_BIOS_CALL
308 movb %al, (E820NR)
309 # Try three different memory detection schemes. First, try
310 # e820h, which lets us assemble a memory map, then try e801h,
311 # which returns a 32-bit memory size, and finally 88h, which
312 # returns 0-64m
314 # method E820H:
315 # the memory map from hell. e820h returns memory classified into
316 # a whole bunch of different types, and allows memory holes and
317 # everything. We scan through this memory map and build a list
318 # of the first 32 memory areas, which we return at [E820MAP].
319 # This is documented at http://www.teleport.com/~acpi/acpihtml/topic245.htm
321 #define SMAP 0x534d4150
323 meme820:
324 xorl %ebx, %ebx # continuation counter
325 movw $E820MAP, %di # point into the whitelist
326 # so we can have the bios
327 # directly write into it.
329 jmpe820:
330 movl $0x0000e820, %eax # e820, upper word zeroed
331 movl $SMAP, %edx # ascii 'SMAP'
332 movl $20, %ecx # size of the e820rec
333 pushw %ds # data record.
334 popw %es
335 int $0x15 # make the call
336 jc bail820 # fall to e801 if it fails
338 cmpl $SMAP, %eax # check the return is `SMAP'
339 jne bail820 # fall to e801 if it fails
341 # cmpl $1, 16(%di) # is this usable memory?
342 # jne again820
344 # If this is usable memory, we save it by simply advancing %di by
345 # sizeof(e820rec).
346 #
347 good820:
348 movb (E820NR), %al # up to 32 entries
349 cmpb $E820MAX, %al
350 jnl bail820
352 incb (E820NR)
353 movw %di, %ax
354 addw $20, %ax
355 movw %ax, %di
356 again820:
357 cmpl $0, %ebx # check to see if
358 jne jmpe820 # %ebx is set to EOF
359 bail820:
362 # method E801H:
363 # memory size is in 1k chunksizes, to avoid confusing loadlin.
364 # we store the 0xe801 memory size in a completely different place,
365 # because it will most likely be longer than 16 bits.
366 # (use 1e0 because that's what Larry Augustine uses in his
367 # alternative new memory detection scheme, and it's sensible
368 # to write everything into the same place.)
370 meme801:
371 stc # fix to work around buggy
372 xorw %cx,%cx # BIOSes which don't clear/set
373 xorw %dx,%dx # carry on pass/error of
374 # e801h memory size call
375 # or merely pass cx,dx though
376 # without changing them.
377 movw $0xe801, %ax
378 int $0x15
379 jc mem88
381 cmpw $0x0, %cx # Kludge to handle BIOSes
382 jne e801usecxdx # which report their extended
383 cmpw $0x0, %dx # memory in AX/BX rather than
384 jne e801usecxdx # CX/DX. The spec I have read
385 movw %ax, %cx # seems to indicate AX/BX
386 movw %bx, %dx # are more reasonable anyway...
388 e801usecxdx:
389 andl $0xffff, %edx # clear sign extend
390 shll $6, %edx # and go from 64k to 1k chunks
391 movl %edx, (0x1e0) # store extended memory size
392 andl $0xffff, %ecx # clear sign extend
393 addl %ecx, (0x1e0) # and add lower memory into
394 # total size.
396 # Ye Olde Traditional Methode. Returns the memory size (up to 16mb or
397 # 64mb, depending on the bios) in ax.
398 mem88:
400 #endif
401 movb $0x88, %ah
402 int $0x15
403 movw %ax, (2)
405 # Set the keyboard repeat rate to the max
406 movw $0x0305, %ax
407 xorw %bx, %bx
408 int $0x16
410 # Check for video adapter and its parameters and allow the
411 # user to browse video modes.
412 call video # NOTE: we need %ds pointing
413 # to bootsector
415 # Get hd0 data...
416 xorw %ax, %ax
417 movw %ax, %ds
418 ldsw (4 * 0x41), %si
419 movw %cs, %ax # aka SETUPSEG
420 subw $DELTA_INITSEG, %ax # aka INITSEG
421 pushw %ax
422 movw %ax, %es
423 movw $0x0080, %di
424 movw $0x10, %cx
425 pushw %cx
426 cld
427 rep
428 movsb
429 # Get hd1 data...
430 xorw %ax, %ax
431 movw %ax, %ds
432 ldsw (4 * 0x46), %si
433 popw %cx
434 popw %es
435 movw $0x0090, %di
436 rep
437 movsb
438 # Check that there IS a hd1 :-)
439 movw $0x01500, %ax
440 movb $0x81, %dl
441 int $0x13
442 jc no_disk1
444 cmpb $3, %ah
445 je is_disk1
447 no_disk1:
448 movw %cs, %ax # aka SETUPSEG
449 subw $DELTA_INITSEG, %ax # aka INITSEG
450 movw %ax, %es
451 movw $0x0090, %di
452 movw $0x10, %cx
453 xorw %ax, %ax
454 cld
455 rep
456 stosb
457 is_disk1:
458 # check for Micro Channel (MCA) bus
459 movw %cs, %ax # aka SETUPSEG
460 subw $DELTA_INITSEG, %ax # aka INITSEG
461 movw %ax, %ds
462 xorw %ax, %ax
463 movw %ax, (0xa0) # set table length to 0
464 movb $0xc0, %ah
465 stc
466 int $0x15 # moves feature table to es:bx
467 jc no_mca
469 pushw %ds
470 movw %es, %ax
471 movw %ax, %ds
472 movw %cs, %ax # aka SETUPSEG
473 subw $DELTA_INITSEG, %ax # aka INITSEG
474 movw %ax, %es
475 movw %bx, %si
476 movw $0xa0, %di
477 movw (%si), %cx
478 addw $2, %cx # table length is a short
479 cmpw $0x10, %cx
480 jc sysdesc_ok
482 movw $0x10, %cx # we keep only first 16 bytes
483 sysdesc_ok:
484 rep
485 movsb
486 popw %ds
487 no_mca:
488 # Check for PS/2 pointing device
489 movw %cs, %ax # aka SETUPSEG
490 subw $DELTA_INITSEG, %ax # aka INITSEG
491 movw %ax, %ds
492 movb $0, (0x1ff) # default is no pointing device
493 int $0x11 # int 0x11: equipment list
494 testb $0x04, %al # check if mouse installed
495 jz no_psmouse
497 movb $0xAA, (0x1ff) # device present
498 no_psmouse:
500 #if defined(CONFIG_APM) || defined(CONFIG_APM_MODULE)
501 # Then check for an APM BIOS...
502 # %ds points to the bootsector
503 movw $0, 0x40 # version = 0 means no APM BIOS
504 movw $0x05300, %ax # APM BIOS installation check
505 xorw %bx, %bx
506 int $0x15
507 jc done_apm_bios # Nope, no APM BIOS
509 cmpw $0x0504d, %bx # Check for "PM" signature
510 jne done_apm_bios # No signature, no APM BIOS
512 andw $0x02, %cx # Is 32 bit supported?
513 je done_apm_bios # No 32-bit, no (good) APM BIOS
515 movw $0x05304, %ax # Disconnect first just in case
516 xorw %bx, %bx
517 int $0x15 # ignore return code
518 movw $0x05303, %ax # 32 bit connect
519 xorl %ebx, %ebx
520 xorw %cx, %cx # paranoia :-)
521 xorw %dx, %dx # ...
522 xorl %esi, %esi # ...
523 xorw %di, %di # ...
524 int $0x15
525 jc no_32_apm_bios # Ack, error.
527 movw %ax, (66) # BIOS code segment
528 movl %ebx, (68) # BIOS entry point offset
529 movw %cx, (72) # BIOS 16 bit code segment
530 movw %dx, (74) # BIOS data segment
531 movl %esi, (78) # BIOS code segment lengths
532 movw %di, (82) # BIOS data segment length
533 # Redo the installation check as the 32 bit connect
534 # modifies the flags returned on some BIOSs
535 movw $0x05300, %ax # APM BIOS installation check
536 xorw %bx, %bx
537 xorw %cx, %cx # paranoia
538 int $0x15
539 jc apm_disconnect # error -> shouldn't happen
541 cmpw $0x0504d, %bx # check for "PM" signature
542 jne apm_disconnect # no sig -> shouldn't happen
544 movw %ax, (64) # record the APM BIOS version
545 movw %cx, (76) # and flags
546 jmp done_apm_bios
548 apm_disconnect: # Tidy up
549 movw $0x05304, %ax # Disconnect
550 xorw %bx, %bx
551 int $0x15 # ignore return code
553 jmp done_apm_bios
555 no_32_apm_bios:
556 andw $0xfffd, (76) # remove 32 bit support bit
557 done_apm_bios:
558 #endif
560 #if defined(CONFIG_EDD) || defined(CONFIG_EDD_MODULE)
561 # Read the first sector of device 80h and store the 4-byte signature
562 movl $0xFFFFFFFF, %eax
563 movl %eax, (DISK80_SIG_BUFFER) # assume failure
564 movb $READ_SECTORS, %ah
565 movb $1, %al # read 1 sector
566 movb $0x80, %dl # from device 80
567 movb $0, %dh # at head 0
568 movw $1, %cx # cylinder 0, sector 0
569 pushw %es
570 pushw %ds
571 popw %es
572 movw $EDDBUF, %bx
573 int $0x13
574 jc disk_sig_done
575 movl (EDDBUF+MBR_SIG_OFFSET), %eax
576 movl %eax, (DISK80_SIG_BUFFER) # store success
577 disk_sig_done:
578 popw %es
580 # Do the BIOS Enhanced Disk Drive calls
581 # This consists of two calls:
582 # int 13h ah=41h "Check Extensions Present"
583 # int 13h ah=48h "Get Device Parameters"
584 #
585 # A buffer of size EDDMAXNR*(EDDEXTSIZE+EDDPARMSIZE) is reserved for our use
586 # in the empty_zero_page at EDDBUF. The first four bytes of which are
587 # used to store the device number, interface support map and version
588 # results from fn41. The following 74 bytes are used to store
589 # the results from fn48. Starting from device 80h, fn41, then fn48
590 # are called and their results stored in EDDBUF+n*(EDDEXTSIZE+EDDPARMIZE).
591 # Then the pointer is incremented to store the data for the next call.
592 # This repeats until either a device doesn't exist, or until EDDMAXNR
593 # devices have been stored.
594 # The one tricky part is that ds:si always points four bytes into
595 # the structure, and the fn41 results are stored at offsets
596 # from there. This removes the need to increment the pointer for
597 # every store, and leaves it ready for the fn48 call.
598 # A second one-byte buffer, EDDNR, in the empty_zero_page stores
599 # the number of BIOS devices which exist, up to EDDMAXNR.
600 # In setup.c, copy_edd() stores both empty_zero_page buffers away
601 # for later use, as they would get overwritten otherwise.
602 # This code is sensitive to the size of the structs in edd.h
603 edd_start:
604 # %ds points to the bootsector
605 # result buffer for fn48
606 movw $EDDBUF+EDDEXTSIZE, %si # in ds:si, fn41 results
607 # kept just before that
608 movb $0, (EDDNR) # zero value at EDDNR
609 movb $0x80, %dl # BIOS device 0x80
611 edd_check_ext:
612 movb $CHECKEXTENSIONSPRESENT, %ah # Function 41
613 movw $EDDMAGIC1, %bx # magic
614 int $0x13 # make the call
615 jc edd_done # no more BIOS devices
617 cmpw $EDDMAGIC2, %bx # is magic right?
618 jne edd_next # nope, next...
620 movb %dl, %ds:-4(%si) # store device number
621 movb %ah, %ds:-3(%si) # store version
622 movw %cx, %ds:-2(%si) # store extensions
623 incb (EDDNR) # note that we stored something
625 edd_get_device_params:
626 movw $EDDPARMSIZE, %ds:(%si) # put size
627 movb $GETDEVICEPARAMETERS, %ah # Function 48
628 int $0x13 # make the call
629 # Don't check for fail return
630 # it doesn't matter.
631 movw %si, %ax # increment si
632 addw $EDDPARMSIZE+EDDEXTSIZE, %ax
633 movw %ax, %si
635 edd_next:
636 incb %dl # increment to next device
637 cmpb $EDDMAXNR, (EDDNR) # Out of space?
638 jb edd_check_ext # keep looping
640 edd_done:
641 #endif
643 # Now we want to move to protected mode ...
644 cmpw $0, %cs:realmode_swtch
645 jz rmodeswtch_normal
647 lcall %cs:realmode_swtch
649 jmp rmodeswtch_end
651 rmodeswtch_normal:
652 pushw %cs
653 call default_switch
655 rmodeswtch_end:
656 # we get the code32 start address and modify the below 'jmpi'
657 # (loader may have changed it)
658 movl %cs:code32_start, %eax
659 movl %eax, %cs:code32
661 # Now we move the system to its rightful place ... but we check if we have a
662 # big-kernel. In that case we *must* not move it ...
663 testb $LOADED_HIGH, %cs:loadflags
664 jz do_move0 # .. then we have a normal low
665 # loaded zImage
666 # .. or else we have a high
667 # loaded bzImage
668 jmp end_move # ... and we skip moving
670 do_move0:
671 movw $0x100, %ax # start of destination segment
672 movw %cs, %bp # aka SETUPSEG
673 subw $DELTA_INITSEG, %bp # aka INITSEG
674 movw %cs:start_sys_seg, %bx # start of source segment
675 cld
676 do_move:
677 movw %ax, %es # destination segment
678 incb %ah # instead of add ax,#0x100
679 movw %bx, %ds # source segment
680 addw $0x100, %bx
681 subw %di, %di
682 subw %si, %si
683 movw $0x800, %cx
684 rep
685 movsw
686 cmpw %bp, %bx # assume start_sys_seg > 0x200,
687 # so we will perhaps read one
688 # page more than needed, but
689 # never overwrite INITSEG
690 # because destination is a
691 # minimum one page below source
692 jb do_move
694 end_move:
695 # then we load the segment descriptors
696 movw %cs, %ax # aka SETUPSEG
697 movw %ax, %ds
699 # Check whether we need to be downward compatible with version <=201
700 cmpl $0, cmd_line_ptr
701 jne end_move_self # loader uses version >=202 features
702 cmpb $0x20, type_of_loader
703 je end_move_self # bootsect loader, we know of it
705 # Boot loader doesnt support boot protocol version 2.02.
706 # If we have our code not at 0x90000, we need to move it there now.
707 # We also then need to move the params behind it (commandline)
708 # Because we would overwrite the code on the current IP, we move
709 # it in two steps, jumping high after the first one.
710 movw %cs, %ax
711 cmpw $SETUPSEG, %ax
712 je end_move_self
714 cli # make sure we really have
715 # interrupts disabled !
716 # because after this the stack
717 # should not be used
718 subw $DELTA_INITSEG, %ax # aka INITSEG
719 movw %ss, %dx
720 cmpw %ax, %dx
721 jb move_self_1
723 addw $INITSEG, %dx
724 subw %ax, %dx # this will go into %ss after
725 # the move
726 move_self_1:
727 movw %ax, %ds
728 movw $INITSEG, %ax # real INITSEG
729 movw %ax, %es
730 movw %cs:setup_move_size, %cx
731 std # we have to move up, so we use
732 # direction down because the
733 # areas may overlap
734 movw %cx, %di
735 decw %di
736 movw %di, %si
737 subw $move_self_here+0x200, %cx
738 rep
739 movsb
740 ljmp $SETUPSEG, $move_self_here
742 move_self_here:
743 movw $move_self_here+0x200, %cx
744 rep
745 movsb
746 movw $SETUPSEG, %ax
747 movw %ax, %ds
748 movw %dx, %ss
749 end_move_self: # now we are at the right place
751 #
752 # Enable A20. This is at the very best an annoying procedure.
753 # A20 code ported from SYSLINUX 1.52-1.63 by H. Peter Anvin.
754 # AMD Elan bug fix by Robert Schwebel.
755 #
757 #if defined(CONFIG_MELAN)
758 movb $0x02, %al # alternate A20 gate
759 outb %al, $0x92 # this works on SC410/SC520
760 a20_elan_wait:
761 call a20_test
762 jz a20_elan_wait
763 jmp a20_done
764 #endif
767 A20_TEST_LOOPS = 32 # Iterations per wait
768 A20_ENABLE_LOOPS = 255 # Total loops to try
771 a20_try_loop:
773 # First, see if we are on a system with no A20 gate.
774 a20_none:
775 call a20_test
776 jnz a20_done
778 # Next, try the BIOS (INT 0x15, AX=0x2401)
779 a20_bios:
780 movw $0x2401, %ax
781 pushfl # Be paranoid about flags
782 int $0x15
783 popfl
785 call a20_test
786 jnz a20_done
788 # Try enabling A20 through the keyboard controller
789 a20_kbc:
790 call empty_8042
792 call a20_test # Just in case the BIOS worked
793 jnz a20_done # but had a delayed reaction.
795 movb $0xD1, %al # command write
796 outb %al, $0x64
797 call empty_8042
799 movb $0xDF, %al # A20 on
800 outb %al, $0x60
801 call empty_8042
803 # Wait until a20 really *is* enabled; it can take a fair amount of
804 # time on certain systems; Toshiba Tecras are known to have this
805 # problem.
806 a20_kbc_wait:
807 xorw %cx, %cx
808 a20_kbc_wait_loop:
809 call a20_test
810 jnz a20_done
811 loop a20_kbc_wait_loop
813 # Final attempt: use "configuration port A"
814 a20_fast:
815 inb $0x92, %al # Configuration Port A
816 orb $0x02, %al # "fast A20" version
817 andb $0xFE, %al # don't accidentally reset
818 outb %al, $0x92
820 # Wait for configuration port A to take effect
821 a20_fast_wait:
822 xorw %cx, %cx
823 a20_fast_wait_loop:
824 call a20_test
825 jnz a20_done
826 loop a20_fast_wait_loop
828 # A20 is still not responding. Try frobbing it again.
829 #
830 decb (a20_tries)
831 jnz a20_try_loop
833 movw $a20_err_msg, %si
834 call prtstr
836 a20_die:
837 hlt
838 jmp a20_die
840 a20_tries:
841 .byte A20_ENABLE_LOOPS
843 a20_err_msg:
844 .ascii "linux: fatal error: A20 gate not responding!"
845 .byte 13, 10, 0
847 # If we get here, all is good
848 a20_done:
850 # set up gdt and idt
851 lidt idt_48 # load idt with 0,0
852 xorl %eax, %eax # Compute gdt_base
853 movw %ds, %ax # (Convert %ds:gdt to a linear ptr)
854 shll $4, %eax
855 addl $gdt, %eax
856 movl %eax, (gdt_48+2)
857 lgdt gdt_48 # load gdt with whatever is
858 # appropriate
860 # make sure any possible coprocessor is properly reset..
861 xorw %ax, %ax
862 outb %al, $0xf0
863 call delay
865 outb %al, $0xf1
866 call delay
868 # well, that went ok, I hope. Now we mask all interrupts - the rest
869 # is done in init_IRQ().
870 movb $0xFF, %al # mask all interrupts for now
871 outb %al, $0xA1
872 call delay
874 movb $0xFB, %al # mask all irq's but irq2 which
875 outb %al, $0x21 # is cascaded
877 # Well, that certainly wasn't fun :-(. Hopefully it works, and we don't
878 # need no steenking BIOS anyway (except for the initial loading :-).
879 # The BIOS-routine wants lots of unnecessary data, and it's less
880 # "interesting" anyway. This is how REAL programmers do it.
881 #
882 # Well, now's the time to actually move into protected mode. To make
883 # things as simple as possible, we do no register set-up or anything,
884 # we let the gnu-compiled 32-bit programs do that. We just jump to
885 # absolute address 0x1000 (or the loader supplied one),
886 # in 32-bit protected mode.
887 #
888 # Note that the short jump isn't strictly needed, although there are
889 # reasons why it might be a good idea. It won't hurt in any case.
890 movw $1, %ax # protected mode (PE) bit
891 lmsw %ax # This is it!
892 jmp flush_instr
894 flush_instr:
895 xorw %bx, %bx # Flag to indicate a boot
896 xorl %esi, %esi # Pointer to real-mode code
897 movw %cs, %si
898 subw $DELTA_INITSEG, %si
899 shll $4, %esi # Convert to 32-bit pointer
900 # NOTE: For high loaded big kernels we need a
901 # jmpi 0x100000,__KERNEL_CS
902 #
903 # but we yet haven't reloaded the CS register, so the default size
904 # of the target offset still is 16 bit.
905 # However, using an operand prefix (0x66), the CPU will properly
906 # take our 48 bit far pointer. (INTeL 80386 Programmer's Reference
907 # Manual, Mixing 16-bit and 32-bit code, page 16-6)
909 .byte 0x66, 0xea # prefix + jmpi-opcode
910 code32: .long 0x1000 # will be set to 0x100000
911 # for big kernels
912 .word __KERNEL_CS
914 # Here's a bunch of information about your current kernel..
915 kernel_version: .ascii UTS_RELEASE
916 .ascii " ("
917 .ascii LINUX_COMPILE_BY
918 .ascii "@"
919 .ascii LINUX_COMPILE_HOST
920 .ascii ") "
921 .ascii UTS_VERSION
922 .byte 0
924 # This is the default real mode switch routine.
925 # to be called just before protected mode transition
926 default_switch:
927 cli # no interrupts allowed !
928 movb $0x80, %al # disable NMI for bootup
929 # sequence
930 outb %al, $0x70
931 lret
933 # This routine only gets called, if we get loaded by the simple
934 # bootsect loader _and_ have a bzImage to load.
935 # Because there is no place left in the 512 bytes of the boot sector,
936 # we must emigrate to code space here.
937 bootsect_helper:
938 cmpw $0, %cs:bootsect_es
939 jnz bootsect_second
941 movb $0x20, %cs:type_of_loader
942 movw %es, %ax
943 shrw $4, %ax
944 movb %ah, %cs:bootsect_src_base+2
945 movw %es, %ax
946 movw %ax, %cs:bootsect_es
947 subw $SYSSEG, %ax
948 lret # nothing else to do for now
950 bootsect_second:
951 pushw %cx
952 pushw %si
953 pushw %bx
954 testw %bx, %bx # 64K full?
955 jne bootsect_ex
957 movw $0x8000, %cx # full 64K, INT15 moves words
958 pushw %cs
959 popw %es
960 movw $bootsect_gdt, %si
961 movw $0x8700, %ax
962 int $0x15
963 jc bootsect_panic # this, if INT15 fails
965 movw %cs:bootsect_es, %es # we reset %es to always point
966 incb %cs:bootsect_dst_base+2 # to 0x10000
967 bootsect_ex:
968 movb %cs:bootsect_dst_base+2, %ah
969 shlb $4, %ah # we now have the number of
970 # moved frames in %ax
971 xorb %al, %al
972 popw %bx
973 popw %si
974 popw %cx
975 lret
977 bootsect_gdt:
978 .word 0, 0, 0, 0
979 .word 0, 0, 0, 0
981 bootsect_src:
982 .word 0xffff
984 bootsect_src_base:
985 .byte 0x00, 0x00, 0x01 # base = 0x010000
986 .byte 0x93 # typbyte
987 .word 0 # limit16,base24 =0
989 bootsect_dst:
990 .word 0xffff
992 bootsect_dst_base:
993 .byte 0x00, 0x00, 0x10 # base = 0x100000
994 .byte 0x93 # typbyte
995 .word 0 # limit16,base24 =0
996 .word 0, 0, 0, 0 # BIOS CS
997 .word 0, 0, 0, 0 # BIOS DS
999 bootsect_es:
1000 .word 0
1002 bootsect_panic:
1003 pushw %cs
1004 popw %ds
1005 cld
1006 leaw bootsect_panic_mess, %si
1007 call prtstr
1009 bootsect_panic_loop:
1010 jmp bootsect_panic_loop
1012 bootsect_panic_mess:
1013 .string "INT15 refuses to access high mem, giving up."
1016 # This routine tests whether or not A20 is enabled. If so, it
1017 # exits with zf = 0.
1018 #
1019 # The memory address used, 0x200, is the int $0x80 vector, which
1020 # should be safe.
1022 A20_TEST_ADDR = 4*0x80
1024 a20_test:
1025 pushw %cx
1026 pushw %ax
1027 xorw %cx, %cx
1028 movw %cx, %fs # Low memory
1029 decw %cx
1030 movw %cx, %gs # High memory area
1031 movw $A20_TEST_LOOPS, %cx
1032 movw %fs:(A20_TEST_ADDR), %ax
1033 pushw %ax
1034 a20_test_wait:
1035 incw %ax
1036 movw %ax, %fs:(A20_TEST_ADDR)
1037 call delay # Serialize and make delay constant
1038 cmpw %gs:(A20_TEST_ADDR+0x10), %ax
1039 loope a20_test_wait
1041 popw %fs:(A20_TEST_ADDR)
1042 popw %ax
1043 popw %cx
1044 ret
1046 # This routine checks that the keyboard command queue is empty
1047 # (after emptying the output buffers)
1048 #
1049 # Some machines have delusions that the keyboard buffer is always full
1050 # with no keyboard attached...
1051 #
1052 # If there is no keyboard controller, we will usually get 0xff
1053 # to all the reads. With each IO taking a microsecond and
1054 # a timeout of 100,000 iterations, this can take about half a
1055 # second ("delay" == outb to port 0x80). That should be ok,
1056 # and should also be plenty of time for a real keyboard controller
1057 # to empty.
1058 #
1060 empty_8042:
1061 pushl %ecx
1062 movl $100000, %ecx
1064 empty_8042_loop:
1065 decl %ecx
1066 jz empty_8042_end_loop
1068 call delay
1070 inb $0x64, %al # 8042 status port
1071 testb $1, %al # output buffer?
1072 jz no_output
1074 call delay
1075 inb $0x60, %al # read it
1076 jmp empty_8042_loop
1078 no_output:
1079 testb $2, %al # is input buffer full?
1080 jnz empty_8042_loop # yes - loop
1081 empty_8042_end_loop:
1082 popl %ecx
1083 ret
1085 # Read the cmos clock. Return the seconds in al
1086 gettime:
1087 pushw %cx
1088 movb $0x02, %ah
1089 int $0x1a
1090 movb %dh, %al # %dh contains the seconds
1091 andb $0x0f, %al
1092 movb %dh, %ah
1093 movb $0x04, %cl
1094 shrb %cl, %ah
1095 aad
1096 popw %cx
1097 ret
1099 # Delay is needed after doing I/O
1100 delay:
1101 outb %al,$0x80
1102 ret
1104 # Descriptor tables
1105 gdt:
1106 .word 0, 0, 0, 0 # dummy
1107 .word 0, 0, 0, 0 # unused
1109 .word 0xFFFF # 4Gb - (0x100000*0x1000 = 4Gb)
1110 .word 0 # base address = 0
1111 .word 0x9A00 # code read/exec
1112 .word 0x00CF # granularity = 4096, 386
1113 # (+5th nibble of limit)
1115 .word 0xFFFF # 4Gb - (0x100000*0x1000 = 4Gb)
1116 .word 0 # base address = 0
1117 .word 0x9200 # data read/write
1118 .word 0x00CF # granularity = 4096, 386
1119 # (+5th nibble of limit)
1120 idt_48:
1121 .word 0 # idt limit = 0
1122 .word 0, 0 # idt base = 0L
1123 gdt_48:
1124 .word 0x8000 # gdt limit=2048,
1125 # 256 GDT entries
1127 .word 0, 0 # gdt base (filled in later)
1129 # Include video setup & detection code
1131 #include "video.S"
1133 # Setup signature -- must be last
1134 setup_sig1: .word SIG1
1135 setup_sig2: .word SIG2
1137 # After this point, there is some free space which is used by the video mode
1138 # handling code to store the temporary mode table (not used by the kernel).
1140 modelist:
1142 .text
1143 endtext:
1144 .data
1145 enddata:
1146 .bss
1147 endbss: