[gPXE-devel] [PATCH] [romprefix] Consider PCI3 init-time segment in BIOS area insane
Michael Brown
mbrown at fensystems.co.uk
Thu May 27 04:15:47 EDT 2010
On Thursday 27 May 2010 07:55:36 Joshua Oreman wrote:
> [I'm not sure if the generalization here is correct, and I don't have
> access to the PCI3 specification. Could someone with more PCI
> knowledge comment? --Josh]
>
> At least one BIOS invokes the gPXE ROM with %cs = 0xCE00 (a perfectly
> valid runtime segment) and %gs = 0xE000 (a very dangerous runtime
> segment). The proper action in response to this bug is to not relocate
> to %gs, just as we would if %gs were outside the BIOS area or the
> runtime and init-time segments overlapped. The init-time segment should
> always be in conventional memory for a compliant PCI3 system.
PCI 3.0 spec states:
"POST Firmware will place the Expansion ROM in RAM at an address that may
not be the final run-time execution address. This address will be below the
1-MB address boundary."
and also
"Prior versions of the PCI Specifications have described the address where
Expansion ROMs will be placed as typically being from 0C0000h up to
0E0000h. This version of the specification now expands that region to be
from A0000h to FFFFFh inclusively. The PCI 3.0 compliant system firmware
will place the PCI 3.0 compliant Expansion ROM code at any aligned address
within this expanded range."
so technically {init=0xce00,runtime=0xe000} is a valid combination, though
unusual.
Which BIOS does this? Does it actually fail if we relocate to 0xe000? Is the
segment at 0xe000 writable at init-time? (If the runtime segment is non-
writable, that might be a suitable test to use instead.)
Michael
More information about the gPXE-devel
mailing list