calling real mode interrupt from SMM
I want to call a real mode interrupt from SMM. SMM is essentially flat real mode (4GB limit instead of 64k).
How do I go about executing the BIOS interrupts? I don't know if I have to switch back to real mode and execute the code, or set up an IDT. I've tried to execute the code directly by pushing EFLAGS, CS, and IP on the stack, jumping to the memory address, but this locks up (unless I'm doing it wrong).
How do I go about executing the BIOS interrupts? I don't know if I have to switch back to real mode and execute the code, or set up an IDT. I've tried to execute the code directly by pushing EFLAGS, CS, and IP on the stack, jumping to the memory address, but this locks up (unless I'm doing it wrong).
Example code is the best. The problem with SMM is that the processor initiates the mode, so I don't have tables of GDT etc. to play with, and don't know if it's safe to modify the SMM GDT.
Howdy, Stranger!
It looks like you're new here. If you want to get involved, click one of these buttons!
Categories
- 140.8K All Categories
- 103.6K Programming Languages
- 6.4K Assembler Developer
- 401 Assembly Code Share
- 239 Getting started in assembly
- 4.6K x86 Assembly
- 1.9K Basic
- 97 Qbasic
- 39.9K C and C++
- 5.6K Beginner C/C++
- 330 C/C++ on Linux/Unix
- 450 C/C++ Windows API
- 522 C++ Builder
- 253 C++ Game Development
- 3.3K C++ MFC
- 103 C++.NET
- 404 Visual C++
- 2.9K C#
- 7.9K Delphi and Kylix
- 334 Advanced Delphi
- 360 Delphi beginners
- 4 Haskell
- 9.7K Java
- 56 Enterprise JavaBeans
- 1.3K Java Beginners
- 304 Java Server Pages
- 4.1K Pascal
- 1.3K Perl
- 11 Perl 6
- 2K PHP
- 546 Python
- 37 Ruby
- 4.4K VB.NET
- 258 Advanced VB.Net
- 1.6K VBA
- 20.9K Visual Basic
- 767 Access databases and VB
- 831 Advance Visual Basic
- 1.2K Beginner VB
- 2.6K Game programming
- 315 Console programming
- 90 DirectX Game dev
- 1 Minecraft
- 112 Newbie Game Programmers
- 2 Oculus Rift
- 9K Applications
- 1.8K Computer Graphics
- 279 3D Graphics
- 129 DirectX
- 125 OpenGL
- 740 Computer Hardware
- 9 Cooling & Overclocking
- 3.4K Database & SQL
- 1.1K Access
- 91 ADO Programming
- 288 MySQL
- 358 Oracle
- 440 SQL-Server
- 535 Electronics development
- 1.6K Matlab
- 628 Sound & Music
- 25 DirectSound
- 257 XML Development
- 3.3K Classifieds
- 200 Co-operative Projects
- 198 For sale
- 190 FreeLance Software City
- 1.9K Jobs Available
- 603 Jobs Wanted
- 209 Wanted
- 2.9K Microsoft .NET
- 1.8K ASP.NET
- 1.1K .NET General
- 22 .NET WEB-Services
- 129 .NET WinForms
- 14 .NET XML
- 50 ADO.NET
- 144 C# & VB.NET School Support
- 3.4K Miscellaneous
- 4 Join the Team
- 354 Comments on this site
- 69 Computer Emulators
- 2.1K General programming
- 187 New programming languages
- 621 Off topic board
- 200 Mobile & Wireless
- 72 Android
- 126 Palm Pilot
- 338 Multimedia
- 154 Demo programming
- 184 MP3 programming
- 0 Bash scripts
- 27 Cloud Computing
- 1 Witsbits Go Cloud
- 53 FreeBSD
- 1.7K LINUX programming
- 1 Awk scripting
- 332 Linux Support
- 0 Sed scripting
- 370 MS-DOS
- 0 Shell scripting
- 321 Windows CE & Pocket PC
- 4.1K Windows programming
- 177 COM/DCOM
- 61 Networking And Security
- 17 Windows 2003 Server
- 6 Windows Vista
- 176 Windows XP
- 941 Software Development
- 417 Algorithms
- 68 Object Orientation
- 24 RUP & UML
- 92 Project Management
- 95 Quality & Testing
- 268 Security
- 63 Evil Scripting
- 81 Hacking
- 7.7K WEB-Development
- 1.8K Active Server Pages
- 61 AJAX
- 4 Bootstrap Themes
- 55 CGI Development
- 28 ColdFusion
- 224 Flash development
- 1.4K HTML & WEB-Design
- 1.4K Internet Development
- 131 Mobile Internet & Messaging
- 211 Wireless development
- 2.2K JavaScript
- 37 JQuery
- 304 WEB Servers
- 153 Apache
- 79 IIS
- 150 WEB-Services / SOAP
Comments
rewrite it by tracing the interrupt, and dumping the code. The lock-up
usually occurs when it tries to reference a real memory location.
All you should need to do is fix-up the memory locations, and you
can call it as a normal procedure.
URL:http://acheronx.ml.org/home/
: rewrite it by tracing the interrupt, and dumping the code. The lock-up
: usually occurs when it tries to reference a real memory location.
: All you should need to do is fix-up the memory locations, and you
: can call it as a normal procedure.
A real mode context switch shouldn't be a problem (I'm gonna find out today). The question is "Can I get the processor back into the state when SMM was entered?" I would think that I should also be able to create a 16-bit code and 16-bit data segment, push CS and DS, load CS and DS with those selectors, do the BIOS call, then pop DS and CS. In that case, I would have to modify the LDT or GDT, which I don't think is a safe thing to do in SMM, seeing as how I don't control the CPU state. Documentation says this is a bad thing as well. The other issue is if I need to ADD to the GDT or LDT, and I'm given the limit and base of each in the SMM state save map, how can I be assured that adding to them won't stomp on memory? There's no guarantee that there is enough room in memory where the GDT and LDT is stored for me to add entries.
What I need to do is detect the amount of RAM in a system and dump a complete memory image to disk when SMI goes low. The only way to do this is through BIOS calls. My stand-alone programs work, now it's just a matter of incorporating them into SMM.
(1) Is SMM, you don't have to mess with GDT/ LDT/ etc, because address computation is performed the same way as in real mode (value in seg register shifted left 4 bits plus offset). The locations in SMRAM are used to store the values of these registers in the program that was interrupted. A RSM instruction restores everything (includign GDT/ LDT) from the save area.
(2) The default data/code size in 16 bits, so don't push EFLAGS but FLAGS, etc. In fact, the only difference between real mode and SMM is that limits for segments are set to 4Meg instead of 64k, so you can use the operand-size prefix to address all the memory.
(3) The interrupt table is the same as for real mode. However, Intel says that using INT/ INTO/ etc in SMM is not recomended.
(4) A problem I see is that a processor's pin signals that it is in SMM, and the external chips may decode memory accesses to address other physical memory than in real mode (to prevent overwritting the SMRAM). Another problem is that the BIOS may relocate the SMRAM, so the entry into the SMI handler is not at the default address (I haven't found how to figure out the current SMRAM base address).
(5) Software switching out of SMM: only with the RSM instruction, which restores everything from the save area in SMRAM.
(6) Switch into SMM (when restoring from hd): only by SMI. You can use the "auto interrupt" mecanism of the local APIC to generate a SMI by software.
In case you dont't have the Intel 32bit Processors manuals, you can download them from the link below. Volume 3 contains a detailed description of SMM (and the local APIC too).
URL:http://developer.intel.com/design/pentiumii/xeon/manuals/