Use the real-mode address ffff:0010 to access the linear address 0x100000, and so test whether or not the A20 gate is enabled without requiring a switch into flat real mode (or some other addressing mode). This speeds up CPU mode transitions, and also avoids breaking the NBP from IBM's Tivoli Provisioning Manager for Operating System Deployment. This NBP makes some calls to iPXE in VM86 mode rather than true real mode and does not correctly emulate our transition into flat real mode. Interestingly, Tivoli's VMM *does* allow us to switch into protected mode (though it patches our GDT so that we execute in ring 1 rather than ring 0). However, paging is still disabled and we have a 4GB segment limit. Being in ring 1 does not, therefore, restrict us in any meaningful way; this has been verified by deliberately writing garbage over Tivoli's own GDT (at address 0x02201010) during a nominally VM86-mode PXE API call. It's unclear precisely what protection this VMM is supposed to be offering. Suggested-by: Joshua Oreman <oremanj@rwcr.net> Signed-off-by: Michael Brown <mcb30@ipxe.org>

13 years ago · 87723a0f11
--- a/src/arch/i386/transitions/libflat.S
+++ b/src/arch/i386/transitions/libflat.S
@@ -165,14 +165,23 @@ test_a20_long:
 
				
				 	pushl	%ecx
			
 
				
				 	movl	$TEST_A20_LONG_MAX_RETRIES, %ecx
			
 
				
				 1:	pushw	%ax
			
 
				
				+	pushw	%ds
			
 
				
				+	pushw	%es
			
 
				
				 
			
 
				
				-	/* Flatten real mode so we can access the test pattern's 1MB offset */
			
 
				
				-	call	flatten_real_mode
			
 
				
				+	/* Set up segment registers for access across the 1MB boundary */
			
 
				
				+	xorw	%ax, %ax
			
 
				
				+	movw	%ax, %ds
			
 
				
				+	decw	%ax
			
 
				
				+	movw	%ax, %es
			
 
				
				 
			
 
				
				 2:	/* Modify and check test pattern; succeed if we see a difference */
			
 
				
				-	incw	%cs:test_a20_data
			
 
				
				-	addr32 movw %cs:(test_a20_data + 0x100000 ), %ax
			
 
				
				-	cmpw	%cs:test_a20_data, %ax
			
 
				
				+	pushfw
			
 
				
				+	cli
			
 
				
				+	xchgw	%ds:0, %cx
			
 
				
				+	movw	%es:0x10, %ax
			
 
				
				+	xchgw	%ds:0, %cx
			
 
				
				+	popfw
			
 
				
				+	cmpw	%ax, %cx
			
 
				
				 	clc
			
 
				
				 	jnz	99f
			
 
				
				 
			
@@ -182,17 +191,13 @@ test_a20_long:
 
				
				 	stc
			
 
				
				 
			
 
				
				 99:	/* Restore registers and return */
			
 
				
				+	popw	%es
			
 
				
				+	popw	%ds
			
 
				
				 	popw	%ax
			
 
				
				 	popl	%ecx
			
 
				
				 	ret
			
 
				
				 	.size	test_a20_long, . - test_a20_long
			
 
				
				 
			
 
				
				-	.section ".text16.early.data", "aw", @progbits
			
 
				
				-	.align	2
			
 
				
				-test_a20_data:
			
 
				
				-	.word	0xdead
			
 
				
				-	.size	test_a20_data, . - test_a20_data
			
 
				
				-
			
 
				
				 /****************************************************************************
			
 
				
				  * enable_a20_bios
			
 
				
				  *
			
@@ -414,6 +419,7 @@ enable_a20_method:
 
				
				 access_highmem:
			
 
				
				 	/* Enable A20 line */
			
 
				
				 	call	enable_a20
			
 
				
				-	/* CPU will be in flat real mode as a result of this call */
			
 
				
				+	/* Set up 4GB limits */
			
 
				
				+	call	flatten_real_mode
			
 
				
				 	lret
			
 
				
				 	.size	access_highmem, . - access_highmem