2 * setup.S Copyright (C) 1991, 1992 Linus Torvalds
4 * setup.s is responsible for getting the system data from the BIOS,
5 * and putting them into the appropriate places in system memory.
6 * both setup.s and system has been loaded by the bootblock.
8 * This code asks the bios for memory/disk/other parameters, and
9 * puts them in a "safe" place: 0x90000-0x901FF, ie where the
10 * boot-block used to be. It is then up to the protected mode
11 * system to read them from there before the area is overwritten
14 * Move PS/2 aux init code to psaux.c
15 * (troyer@saifr00.cfsat.Honeywell.COM) 03Oct92
17 * some changes and additional features by Christoph Niemann,
18 * March 1993/June 1994 (Christoph.Niemann@linux.org)
20 * add APM BIOS checking by Stephen Rothwell, May 1994
21 * (sfr@canb.auug.org.au)
23 * High load stuff, initrd support and position independency
24 * by Hans Lermen & Werner Almesberger, February 1996
25 * <lermen@elserv.ffm.fgan.de>, <almesber@lrc.epfl.ch>
27 * Video handling moved to video.S by Martin Mares, March 1996
28 * <mj@k332.feld.cvut.cz>
30 * Extended memory detection scheme retwiddled by orc@pell.chi.il.us (david
31 * parsons) to avoid loadlin confusion, July 1997
33 * Transcribed from Intel (as86) -> AT&T (gas) by Chris Noe, May 1999.
34 * <stiker@northlink.com>
36 * Fix to work around buggy BIOSes which don't use carry bit correctly
37 * and/or report extended memory in CX/DX for e801h memory size detection
38 * call. As a result the kernel got wrong figures. The int15/e801h docs
39 * from Ralf Brown interrupt list seem to indicate AX/BX should be used
40 * anyway. So to avoid breaking many machines (presumably there was a reason
41 * to orginally use CX/DX instead of AX/BX), we do a kludge to see
42 * if CX/DX have been changed in the e801 call and if so use AX/BX .
43 * Michael Miller, April 2001 <michaelm@mjmm.org>
45 * New A20 code ported from SYSLINUX by H. Peter Anvin. AMD Elan bugfixes
46 * by Robert Schwebel, December 2001 <robert@schwebel.de>
49 #include <linux/config.h>
50 #include <asm/segment.h>
51 #include <linux/version.h>
52 #include <linux/compile.h>
57 /* Signature words to ensure LILO loaded us right */
61 INITSEG = DEF_INITSEG # 0x9000, we move boot here, out of the way
62 SYSSEG = DEF_SYSSEG # 0x1000, system loaded at 0x10000 (65536).
63 SETUPSEG = DEF_SETUPSEG # 0x9020, this is the current segment
64 # ... and the former contents of CS
66 DELTA_INITSEG = SETUPSEG - INITSEG # 0x0020
69 .globl begtext, begdata, begbss, endtext, enddata, endbss
82 # This is the setup header, and it must start at %cs:2 (old 0x9020:2)
84 .ascii "HdrS" # header signature
85 .word 0x0204 # header version number (>= 0x0105)
86 # or else old loadlin-1.5 will fail)
87 realmode_swtch: .word 0, 0 # default_switch, SETUPSEG
88 start_sys_seg: .word SYSSEG
89 .word kernel_version # pointing to kernel version string
90 # above section of header is compatible
91 # with loadlin-1.5 (header v1.5). Don't
94 type_of_loader: .byte 0 # = 0, old one (LILO, Loadlin,
95 # Bootlin, SYSLX, bootsect...)
96 # See Documentation/i386/boot.txt for
99 # flags, unused bits must be zero (RFU) bit within loadflags
101 LOADED_HIGH = 1 # If set, the kernel is loaded high
102 CAN_USE_HEAP = 0x80 # If set, the loader also has set
103 # heap_end_ptr to tell how much
104 # space behind setup.S can be used for
106 # Only the loader knows what is free
107 #ifndef __BIG_KERNEL__
113 setup_move_size: .word 0x8000 # size to move, when setup is not
114 # loaded at 0x90000. We will move setup
115 # to 0x90000 then just before jumping
116 # into the kernel. However, only the
117 # loader knows how much data behind
118 # us also needs to be loaded.
120 code32_start: # here loaders can put a different
121 # start address for 32-bit code.
122 #ifndef __BIG_KERNEL__
123 .long 0x1000 # 0x1000 = default for zImage
125 .long 0x100000 # 0x100000 = default for big kernel
128 ramdisk_image: .long 0 # address of loaded ramdisk image
129 # Here the loader puts the 32-bit
130 # address where it loaded the image.
131 # This only will be read by the kernel.
133 ramdisk_size: .long 0 # its size in bytes
138 heap_end_ptr: .word modelist+1024 # (Header version 0x0201 or later)
139 # space from here (exclusive) down to
140 # end of setup code can be used by setup
141 # for local heap purposes.
144 cmd_line_ptr: .long 0 # (Header version 0x0202 or later)
145 # If nonzero, a 32-bit pointer
146 # to the kernel command line.
147 # The command line should be
148 # located between the start of
149 # setup and the end of low
150 # memory (0xa0000), or it may
151 # get overwritten before it
152 # gets read. If this field is
153 # used, there is no longer
154 # anything magical about the
155 # 0x90000 segment; the setup
156 # can be located anywhere in
157 # low memory 0x10000 or higher.
159 ramdisk_max: .long (-__PAGE_OFFSET-(512 << 20)-1) & 0x7fffffff
160 # (Header version 0x0203 or later)
161 # The highest safe address for
162 # the contents of an initrd
164 trampoline: call start_of_setup
166 # The offset at this point is 0x240
167 .space (0xeff-0x240+1) # E820 & EDD space (ending at 0xeff)
168 # End of setup header #####################################################
171 # Bootlin depends on this being done early
176 #ifdef SAFE_RESET_DISK_CONTROLLER
177 # Reset the disk controller.
183 # Set %ds = %cs, we know that SETUPSEG = %cs at this point
184 movw %cs, %ax # aka SETUPSEG
186 # Check signature at end of setup
187 cmpw $SIG1, setup_sig1
190 cmpw $SIG2, setup_sig2
195 # Routine to print asciiz string at ds:si
207 prtsp2: call prtspc # Print double space
208 prtspc: movb $0x20, %al # Print single space (note: fall-thru)
210 # Part of above routine, this one just prints ascii al
221 beep: movb $0x07, %al
224 no_sig_mess: .string "No setup signature found ..."
229 # We now have to find the rest of the setup code/data
231 movw %cs, %ax # SETUPSEG
232 subw $DELTA_INITSEG, %ax # INITSEG
235 movb (497), %bl # get setup sect from bootsect
236 subw $4, %bx # LILO loads 4 sectors of setup
237 shlw $8, %bx # convert to words (1sect=2^8 words)
239 shrw $3, %bx # convert to segment
241 movw %bx, %cs:start_sys_seg
242 # Move rest of setup code/data to here
243 movw $2048, %di # four sectors loaded by LILO
251 movw %cs, %ax # aka SETUPSEG
253 cmpw $SIG1, setup_sig1
256 cmpw $SIG2, setup_sig2
270 movw %cs, %ax # aka SETUPSEG
271 subw $DELTA_INITSEG, %ax # aka INITSEG
273 # Check if an old loader tries to load a big-kernel
274 testb $LOADED_HIGH, %cs:loadflags # Do we have a big kernel?
275 jz loader_ok # No, no danger for old loaders.
277 cmpb $0, %cs:type_of_loader # Do we have a loader that
279 jnz loader_ok # Yes, continue.
281 pushw %cs # No, we have an old loader,
283 lea loader_panic_mess, %si
288 loader_panic_mess: .string "Wrong loader, giving up..."
291 # Get memory size (extended mem, kB)
295 #ifndef STANDARD_MEMORY_BIOS_CALL
297 # Try three different memory detection schemes. First, try
298 # e820h, which lets us assemble a memory map, then try e801h,
299 # which returns a 32-bit memory size, and finally 88h, which
303 # the memory map from hell. e820h returns memory classified into
304 # a whole bunch of different types, and allows memory holes and
305 # everything. We scan through this memory map and build a list
306 # of the first 32 memory areas, which we return at [E820MAP].
307 # This is documented at http://www.acpi.info/, in the ACPI 2.0 specification.
309 #define SMAP 0x534d4150
312 xorl %ebx, %ebx # continuation counter
313 movw $E820MAP, %di # point into the whitelist
314 # so we can have the bios
315 # directly write into it.
318 movl $0x0000e820, %eax # e820, upper word zeroed
319 movl $SMAP, %edx # ascii 'SMAP'
320 movl $20, %ecx # size of the e820rec
321 pushw %ds # data record.
323 int $0x15 # make the call
324 jc bail820 # fall to e801 if it fails
326 cmpl $SMAP, %eax # check the return is `SMAP'
327 jne bail820 # fall to e801 if it fails
329 # cmpl $1, 16(%di) # is this usable memory?
332 # If this is usable memory, we save it by simply advancing %di by
336 movb (E820NR), %al # up to 128 entries
345 cmpl $0, %ebx # check to see if
346 jne jmpe820 # %ebx is set to EOF
351 # memory size is in 1k chunksizes, to avoid confusing loadlin.
352 # we store the 0xe801 memory size in a completely different place,
353 # because it will most likely be longer than 16 bits.
354 # (use 1e0 because that's what Larry Augustine uses in his
355 # alternative new memory detection scheme, and it's sensible
356 # to write everything into the same place.)
359 stc # fix to work around buggy
360 xorw %cx,%cx # BIOSes which don't clear/set
361 xorw %dx,%dx # carry on pass/error of
362 # e801h memory size call
363 # or merely pass cx,dx though
364 # without changing them.
369 cmpw $0x0, %cx # Kludge to handle BIOSes
370 jne e801usecxdx # which report their extended
371 cmpw $0x0, %dx # memory in AX/BX rather than
372 jne e801usecxdx # CX/DX. The spec I have read
373 movw %ax, %cx # seems to indicate AX/BX
374 movw %bx, %dx # are more reasonable anyway...
377 andl $0xffff, %edx # clear sign extend
378 shll $6, %edx # and go from 64k to 1k chunks
379 movl %edx, (0x1e0) # store extended memory size
380 andl $0xffff, %ecx # clear sign extend
381 addl %ecx, (0x1e0) # and add lower memory into
384 # Ye Olde Traditional Methode. Returns the memory size (up to 16mb or
385 # 64mb, depending on the bios) in ax.
393 # Set the keyboard repeat rate to the max
398 # Check for video adapter and its parameters and allow the
399 # user to browse video modes.
400 call video # NOTE: we need %ds pointing
407 movw %cs, %ax # aka SETUPSEG
408 subw $DELTA_INITSEG, %ax # aka INITSEG
426 # Check that there IS a hd1 :-)
436 movw %cs, %ax # aka SETUPSEG
437 subw $DELTA_INITSEG, %ax # aka INITSEG
446 # check for Micro Channel (MCA) bus
447 movw %cs, %ax # aka SETUPSEG
448 subw $DELTA_INITSEG, %ax # aka INITSEG
451 movw %ax, (0xa0) # set table length to 0
454 int $0x15 # moves feature table to es:bx
460 movw %cs, %ax # aka SETUPSEG
461 subw $DELTA_INITSEG, %ax # aka INITSEG
466 addw $2, %cx # table length is a short
470 movw $0x10, %cx # we keep only first 16 bytes
476 #ifdef CONFIG_X86_VOYAGER
477 movb $0xff, 0x40 # flag on config found
480 int $0x15 # put voyager config info at es:di
482 movw $0x40, %si # place voyager info in apm table
494 # Check for PS/2 pointing device
495 movw %cs, %ax # aka SETUPSEG
496 subw $DELTA_INITSEG, %ax # aka INITSEG
498 movw $0, (0x1ff) # default is no pointing device
499 int $0x11 # int 0x11: equipment list
500 testb $0x04, %al # check if mouse installed
503 movw $0xAA, (0x1ff) # device present
506 #if defined(CONFIG_X86_SPEEDSTEP_SMI) || defined(CONFIG_X86_SPEEDSTEP_SMI_MODULE)
507 movl $0x0000E980, %eax # IST Support
508 movl $0x47534943, %edx # Request value
517 #if defined(CONFIG_APM) || defined(CONFIG_APM_MODULE)
518 # Then check for an APM BIOS...
519 # %ds points to the bootsector
520 movw $0, 0x40 # version = 0 means no APM BIOS
521 movw $0x05300, %ax # APM BIOS installation check
524 jc done_apm_bios # Nope, no APM BIOS
526 cmpw $0x0504d, %bx # Check for "PM" signature
527 jne done_apm_bios # No signature, no APM BIOS
529 andw $0x02, %cx # Is 32 bit supported?
530 je done_apm_bios # No 32-bit, no (good) APM BIOS
532 movw $0x05304, %ax # Disconnect first just in case
534 int $0x15 # ignore return code
535 movw $0x05303, %ax # 32 bit connect
537 xorw %cx, %cx # paranoia :-)
539 xorl %esi, %esi # ...
542 jc no_32_apm_bios # Ack, error.
544 movw %ax, (66) # BIOS code segment
545 movl %ebx, (68) # BIOS entry point offset
546 movw %cx, (72) # BIOS 16 bit code segment
547 movw %dx, (74) # BIOS data segment
548 movl %esi, (78) # BIOS code segment lengths
549 movw %di, (82) # BIOS data segment length
550 # Redo the installation check as the 32 bit connect
551 # modifies the flags returned on some BIOSs
552 movw $0x05300, %ax # APM BIOS installation check
554 xorw %cx, %cx # paranoia
556 jc apm_disconnect # error -> shouldn't happen
558 cmpw $0x0504d, %bx # check for "PM" signature
559 jne apm_disconnect # no sig -> shouldn't happen
561 movw %ax, (64) # record the APM BIOS version
562 movw %cx, (76) # and flags
565 apm_disconnect: # Tidy up
566 movw $0x05304, %ax # Disconnect
568 int $0x15 # ignore return code
573 andw $0xfffd, (76) # remove 32 bit support bit
579 # Now we want to move to protected mode ...
580 cmpw $0, %cs:realmode_swtch
583 lcall *%cs:realmode_swtch
592 # we get the code32 start address and modify the below 'jmpi'
593 # (loader may have changed it)
594 movl %cs:code32_start, %eax
595 movl %eax, %cs:code32
597 # Now we move the system to its rightful place ... but we check if we have a
598 # big-kernel. In that case we *must* not move it ...
599 testb $LOADED_HIGH, %cs:loadflags
600 jz do_move0 # .. then we have a normal low
602 # .. or else we have a high
604 jmp end_move # ... and we skip moving
607 movw $0x100, %ax # start of destination segment
608 movw %cs, %bp # aka SETUPSEG
609 subw $DELTA_INITSEG, %bp # aka INITSEG
610 movw %cs:start_sys_seg, %bx # start of source segment
613 movw %ax, %es # destination segment
614 incb %ah # instead of add ax,#0x100
615 movw %bx, %ds # source segment
622 cmpw %bp, %bx # assume start_sys_seg > 0x200,
623 # so we will perhaps read one
624 # page more than needed, but
625 # never overwrite INITSEG
626 # because destination is a
627 # minimum one page below source
631 # then we load the segment descriptors
632 movw %cs, %ax # aka SETUPSEG
635 # Check whether we need to be downward compatible with version <=201
636 cmpl $0, cmd_line_ptr
637 jne end_move_self # loader uses version >=202 features
638 cmpb $0x20, type_of_loader
639 je end_move_self # bootsect loader, we know of it
641 # Boot loader doesnt support boot protocol version 2.02.
642 # If we have our code not at 0x90000, we need to move it there now.
643 # We also then need to move the params behind it (commandline)
644 # Because we would overwrite the code on the current IP, we move
645 # it in two steps, jumping high after the first one.
650 cli # make sure we really have
651 # interrupts disabled !
652 # because after this the stack
654 subw $DELTA_INITSEG, %ax # aka INITSEG
660 subw %ax, %dx # this will go into %ss after
664 movw $INITSEG, %ax # real INITSEG
666 movw %cs:setup_move_size, %cx
667 std # we have to move up, so we use
668 # direction down because the
673 subw $move_self_here+0x200, %cx
676 ljmp $SETUPSEG, $move_self_here
679 movw $move_self_here+0x200, %cx
685 end_move_self: # now we are at the right place
688 # Enable A20. This is at the very best an annoying procedure.
689 # A20 code ported from SYSLINUX 1.52-1.63 by H. Peter Anvin.
690 # AMD Elan bug fix by Robert Schwebel.
693 #if defined(CONFIG_X86_ELAN)
694 movb $0x02, %al # alternate A20 gate
695 outb %al, $0x92 # this works on SC410/SC520
703 A20_TEST_LOOPS = 32 # Iterations per wait
704 A20_ENABLE_LOOPS = 255 # Total loops to try
707 #ifndef CONFIG_X86_VOYAGER
710 # First, see if we are on a system with no A20 gate.
715 # Next, try the BIOS (INT 0x15, AX=0x2401)
718 pushfl # Be paranoid about flags
725 # Try enabling A20 through the keyboard controller
726 #endif /* CONFIG_X86_VOYAGER */
730 #ifndef CONFIG_X86_VOYAGER
731 call a20_test # Just in case the BIOS worked
732 jnz a20_done # but had a delayed reaction.
735 movb $0xD1, %al # command write
739 movb $0xDF, %al # A20 on
743 #ifndef CONFIG_X86_VOYAGER
744 # Wait until a20 really *is* enabled; it can take a fair amount of
745 # time on certain systems; Toshiba Tecras are known to have this
752 loop a20_kbc_wait_loop
754 # Final attempt: use "configuration port A"
756 inb $0x92, %al # Configuration Port A
757 orb $0x02, %al # "fast A20" version
758 andb $0xFE, %al # don't accidentally reset
761 # Wait for configuration port A to take effect
767 loop a20_fast_wait_loop
769 # A20 is still not responding. Try frobbing it again.
774 movw $a20_err_msg, %si
782 .byte A20_ENABLE_LOOPS
785 .ascii "linux: fatal error: A20 gate not responding!"
788 # If we get here, all is good
791 #endif /* CONFIG_X86_VOYAGER */
793 lidt idt_48 # load idt with 0,0
794 xorl %eax, %eax # Compute gdt_base
795 movw %ds, %ax # (Convert %ds:gdt to a linear ptr)
798 movl %eax, (gdt_48+2)
799 lgdt gdt_48 # load gdt with whatever is
802 # make sure any possible coprocessor is properly reset..
810 # well, that went ok, I hope. Now we mask all interrupts - the rest
811 # is done in init_IRQ().
812 movb $0xFF, %al # mask all interrupts for now
816 movb $0xFB, %al # mask all irq's but irq2 which
817 outb %al, $0x21 # is cascaded
819 # Well, that certainly wasn't fun :-(. Hopefully it works, and we don't
820 # need no steenking BIOS anyway (except for the initial loading :-).
821 # The BIOS-routine wants lots of unnecessary data, and it's less
822 # "interesting" anyway. This is how REAL programmers do it.
824 # Well, now's the time to actually move into protected mode. To make
825 # things as simple as possible, we do no register set-up or anything,
826 # we let the gnu-compiled 32-bit programs do that. We just jump to
827 # absolute address 0x1000 (or the loader supplied one),
828 # in 32-bit protected mode.
830 # Note that the short jump isn't strictly needed, although there are
831 # reasons why it might be a good idea. It won't hurt in any case.
832 movw $1, %ax # protected mode (PE) bit
833 lmsw %ax # This is it!
837 xorw %bx, %bx # Flag to indicate a boot
838 xorl %esi, %esi # Pointer to real-mode code
840 subw $DELTA_INITSEG, %si
841 shll $4, %esi # Convert to 32-bit pointer
843 # jump to startup_32 in arch/i386/boot/compressed/head.S
845 # NOTE: For high loaded big kernels we need a
846 # jmpi 0x100000,__BOOT_CS
848 # but we yet haven't reloaded the CS register, so the default size
849 # of the target offset still is 16 bit.
850 # However, using an operand prefix (0x66), the CPU will properly
851 # take our 48 bit far pointer. (INTeL 80386 Programmer's Reference
852 # Manual, Mixing 16-bit and 32-bit code, page 16-6)
854 .byte 0x66, 0xea # prefix + jmpi-opcode
855 code32: .long 0x1000 # will be set to 0x100000
859 # Here's a bunch of information about your current kernel..
860 kernel_version: .ascii UTS_RELEASE
862 .ascii LINUX_COMPILE_BY
864 .ascii LINUX_COMPILE_HOST
869 # This is the default real mode switch routine.
870 # to be called just before protected mode transition
872 cli # no interrupts allowed !
873 movb $0x80, %al # disable NMI for bootup
879 #ifndef CONFIG_X86_VOYAGER
880 # This routine tests whether or not A20 is enabled. If so, it
883 # The memory address used, 0x200, is the int $0x80 vector, which
886 A20_TEST_ADDR = 4*0x80
892 movw %cx, %fs # Low memory
894 movw %cx, %gs # High memory area
895 movw $A20_TEST_LOOPS, %cx
896 movw %fs:(A20_TEST_ADDR), %ax
900 movw %ax, %fs:(A20_TEST_ADDR)
901 call delay # Serialize and make delay constant
902 cmpw %gs:(A20_TEST_ADDR+0x10), %ax
905 popw %fs:(A20_TEST_ADDR)
910 #endif /* CONFIG_X86_VOYAGER */
912 # This routine checks that the keyboard command queue is empty
913 # (after emptying the output buffers)
915 # Some machines have delusions that the keyboard buffer is always full
916 # with no keyboard attached...
918 # If there is no keyboard controller, we will usually get 0xff
919 # to all the reads. With each IO taking a microsecond and
920 # a timeout of 100,000 iterations, this can take about half a
921 # second ("delay" == outb to port 0x80). That should be ok,
922 # and should also be plenty of time for a real keyboard controller
932 jz empty_8042_end_loop
936 inb $0x64, %al # 8042 status port
937 testb $1, %al # output buffer?
941 inb $0x60, %al # read it
945 testb $2, %al # is input buffer full?
946 jnz empty_8042_loop # yes - loop
951 # Read the cmos clock. Return the seconds in al
956 movb %dh, %al # %dh contains the seconds
965 # Delay is needed after doing I/O
972 # NOTE: The intel manual says gdt should be sixteen bytes aligned for
973 # efficiency reasons. However, there are machines which are known not
974 # to boot with misaligned GDTs, so alter this at your peril! If you alter
975 # GDT_ENTRY_BOOT_CS (in asm/segment.h) remember to leave at least two
976 # empty GDT entries (one for NULL and one reserved).
978 # NOTE: On some CPUs, the GDT must be 8 byte aligned. This is
979 # true for the Voyager Quad CPU card which will not boot without
980 # This directive. 16 byte aligment is recommended by intel.
984 .fill GDT_ENTRY_BOOT_CS,8,0
986 .word 0xFFFF # 4Gb - (0x100000*0x1000 = 4Gb)
987 .word 0 # base address = 0
988 .word 0x9A00 # code read/exec
989 .word 0x00CF # granularity = 4096, 386
990 # (+5th nibble of limit)
992 .word 0xFFFF # 4Gb - (0x100000*0x1000 = 4Gb)
993 .word 0 # base address = 0
994 .word 0x9200 # data read/write
995 .word 0x00CF # granularity = 4096, 386
996 # (+5th nibble of limit)
1000 .word 0 # alignment byte
1002 .word 0 # idt limit = 0
1003 .word 0, 0 # idt base = 0L
1005 .word 0 # alignment byte
1007 .word gdt_end - gdt - 1 # gdt limit
1008 .word 0, 0 # gdt base (filled in later)
1010 # Include video setup & detection code
1014 # Setup signature -- must be last
1015 setup_sig1: .word SIG1
1016 setup_sig2: .word SIG2
1018 # After this point, there is some free space which is used by the video mode
1019 # handling code to store the temporary mode table (not used by the kernel).
projects / linux-2.6 / blob