[Soekris] Buggy BIOS , int 15h, ah=87h (continuation)

Yuri Karaban tech at askold.net
Fri May 13 19:35:02 UTC 2005


Pcengines has the same bug.

As I understand soekris bios has the same background as pcengines
tinybios.

Look at tinybios int 1587 handler

---------------------[cut]----------------
01  int1587:        push    ax
02          push    bx
03          push    si
04          push    di
05          push    ds
06          push    es
07          call    cs_a20on        ;enable A20 gate
08          cld
09          and     ecx,0000ffffh
10          mov     edi,[es:si+1ah] ;24 bit destination address
11          and     edi,00ffffffh   ;mask high bits
12          mov     esi,[es:si+12h] ;24 bit destination address
13          and     esi,00ffffffh   ;mask high bits
14                  
15          ; enter unreal mode
--------------------[cut]-----------------

On lines 10 and 12 it load first 32 bits of descriptor.

And masks higher 8, it is correct. Because first 24 bits of descriptor
is the base addres of selector and high 8 bits is selector
permissions.

But it does not load high 8 bits (32-24) of base address.

This byte located at [es:si+1fh] for destination and at [es:si+17h]
for source address.

PS. Please CC replies to my email adress, because I'm not subscriber




More information about the Soekris-tech mailing list