-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathinit.kaba
527 lines (419 loc) · 9.35 KB
/
init.kaba
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
#----------------------------------------------------------------------------*\
#| Eusebius - Init |
#| -> A20-Gate aktivieren |
#| -> GDT laden |
#| -> Protected Mode starten (32 bit) |
#| -> Kernel-Image laden und starten |
#| |
#| zuletzt geaendert: 2008.09.16 (c) by MichiSoft TM |
#\*----------------------------------------------------------------------------
func @noframe main()
#------------------------------------------------------------- # 16 bit RealMode!!!
asm {
bits_16
# Debug
mov al, 'I'
mov ah, 0x0e
mov bx, 0x0000
int 0x10
#--------------------------------------------------------------
# gate 20A -> allow more than 1mb RAM :~~[
mov ax, 0x2401
int 0x15
in al, 0x92
or al, 0x02
out 0x92, al
# read amount of memory (RAM)
mov ax, 0xe801
int 0x15
mov [_var_mem_size], bx # #64kb
shr ax, 0x06
add [_var_mem_size], ax # #1kb
# Debug
mov al, 'a'
mov ah, 0x0e
mov bx, 0x0000
int 0x10
#--------------------------------------------------------------
# read memory map
mov si, 0x0000 # counter
mov ax, 0x0000
mov es, ax
mov di, 0x6000 # 00:6000
xor ebx, ebx
mov edx, 0x534d4150
mov eax, 0x0000e820
mov ecx, 0x00000018
int 0x15
# failed?
jb _read_mem_map_end
cmp eax, 0x534d4150
jnz _read_mem_map_end
_read_mem_map_loop:
inc si
mov ax, 0x0000
mov es, ax
add di, 0x0018
mov edx, 0x534d4150
mov eax, 0x0000e820
mov ecx, 0x00000018
int 0x15
# end of list? (carry flag)
jb _read_mem_map_end
# end of list? (ebx = 0)
cmp ebx, 0x00000000
jz _read_mem_map_end
cmp si, 0x0040 # max 64 entries
jl _read_mem_map_loop
_read_mem_map_end:
# save count
mov [0x5104], si
xor ax, ax
mov [0x5106], ax
# Debug
mov al, 'b'
mov ah, 0x0e
mov bx, 0x0000
int 0x10
#--------------------------------------------------------------
# load kernel image
# _reset_drive:
mov dl, 0x00
mov ah, 0x00
int 0x13
or ah, ah
#jnz _reset_drive
xor ax, ax
mov es, ax
# target address
mov ax, 0x1000
mov es, ax
mov bx, 0x0000 # 0x1000:0x0000 = 0x10000 real mode segmentation is ugly
mov ah, 0x02 # "ReadSector"
mov al, 0x80 # 128 sectors * 512 bytes = 64k
mov cx, 0x001d # sector 0x1d, cylinder 0
mov dx, 0x0080 # head 0, disc 0
int 0x13
# Debug
mov al, '1'
mov ah, 0x0e
mov bx, 0x0000
int 0x10
mov ax, 0x2000
mov es, ax
mov bx, 0x0000 # 0x20000
mov ah, 0x02 # "ReadSector"
mov al, 0x80 # 128 sectors * 512 bytes = 64k
mov cx, 0x001f # sector 0x1f, cylinder 0
mov dx, 0x0280 # head 2, disc 0
int 0x13
or ah, ah
#jnz _reset_drive
jnz _death_16
# Debug
mov al, '2'
mov ah, 0x0e
mov bx, 0x0000
int 0x10
mov ax, 0x3000
mov es, ax
mov bx, 0x0000 # 0x30000
mov ah, 0x02 # "ReadSector"
mov al, 0x80 # 128 sectors * 512 bytes = 64k
mov cx, 0x0021 # sector 0x21, cylinder 0
mov dx, 0x0480 # head 4, disc 0
int 0x13
or ah, ah
#jnz _reset_drive
jnz _death_16
# Debug
mov al, '3'
mov ah, 0x0e
mov bx, 0x0000
int 0x10
# mov ax, 0x4000
# mov es, ax
# mov bx, 0x0000 # 0x40000
# mov ah, 0x02 # "ReadSector"
# mov al, 0x80 # 128 sectors * 512 bytes = 64k
# mov cx, 0x0023 # sector 0x23, cylinder 0
# mov dx, 0x0680 # head 6, disc 0
# int 0x13
# or ah, ah
# #jnz _reset_drive
# jnz _death
# # Debug
# mov al, '4'
# mov ah, 0x0e
# mov bx, 0x0000
# int 0x10
# Debug
mov al, 'c'
mov ah, 0x0e
mov bx, 0x0000
int 0x10
#--------------------------------------------------------------
# load memory segments
lgdt [_gdtr]
# Debug
mov al, 'd'
mov ah, 0x0e
mov bx, 0x0000
int 0x10
#--------------------------------------------------------------
# activate 32bit protected mode
cli
# enable paging
mov eax, cr0
or al, 0x01
mov cr0, eax
# flush cpu prefetch
jmp _flush
_flush:
# prepare the segment registers
mov ax, 0x0010 # Descriptor[2]
mov ds, ax
mov es, ax
mov fs, ax
mov gs, ax
mov ss, ax
# Stack initialisieren
mov esp, 0x0017fff8 # < 2mb (because we will later only init 2mb of paging...)
# jump into 32bit ProtectedMode
jmp_far s48 [_pmode_ptr] # 0x0008:_pmode
#-------------------------------------------------------------
# protected mode!!!
_pmode:
bits_32
#jmp $
mov eax, 0x000b8000
mov [eax], 'P'
add eax, 0x00000001
mov [eax], 0x20
# for the stack/c calling
mov ebp, esp
mov eax, 0x000b8002
mov [eax], '1'
add eax, 0x00000001
mov [eax], 0x20
# save some variables
mov eax, [_var_mem_size]
shl eax, 0x06
mov [0x00005100], eax
xor eax, eax
#-------------------------------------------------------------
# prepare long mode (check cpuid)
# extended cpuid functions?
mov eax, 0x80000000
cpuid
cmp eax, 0x80000001
jb _death_32
# long mode available?
mov eax, 0x80000001
cpuid
test edx, 0x20000000 # 1 << 29
jz _death_32
#-------------------------------------------------------------
# prepare long mode (paging)
# disable paging
mov eax, cr0
and eax, 0x7fffffff # clear bit 31
mov cr0, eax
# clear tables
mov edi, 0x01001000
mov cr3, edi
xor eax, eax
# mov ecx, 0x00001000
_clear_table_entry:
mov [edi], eax
add edi, 0x00000004
cmp edi, 0x01005000
jnz _clear_table_entry
#rep
#stosd
mov edi, cr3
# PML4T @ 0x01001000
# PDPT @ 0x01002000
# PDT @ 0x01003000
# PT0 @ 0x01004000
# PT1 @ 0x01005000
# PML4T[0] -> PDPT
mov [edi], 0x01002003
# PDPT[0] -> PDT
add edi, 0x00001000
mov [edi], 0x01003003
add edi, 0x00001000
# mov ecx, 0x00000008 # link 8 PTs in PDT
# _link_pts_into_pdt:
# PDT[0] -> PT0
mov [edi], 0x01004003
# PDT[1] -> PT1
add edi, 0x00000008
mov [edi], 0x01005003
# PDT[2] -> PT2
add edi, 0x00000008
mov [edi], 0x01006003
# PDT[3] -> PT3
add edi, 0x00000008
mov [edi], 0x01007003
# PDT[4] -> PT4
add edi, 0x00000008
mov [edi], 0x01008003
# PDT[5] -> PT5
add edi, 0x00000008
mov [edi], 0x01009003
# PDT[6] -> PT6
add edi, 0x00000008
mov [edi], 0x0100a003
# PDT[7] -> PT7
add edi, 0x00000008
mov [edi], 0x0100b003
# PDT[8] -> PT8
add edi, 0x00000008
mov [edi], 0x0100c003
# PDT[9] -> PT9
add edi, 0x00000008
mov [edi], 0x0100d003
# PDT[10] -> PT10
add edi, 0x00000008
mov [edi], 0x0100e003
# PDT[11] -> PT11
add edi, 0x00000008
mov [edi], 0x0100f003
# dec ecx
# cmp ecx, 0x00000000
# jnz _link_pts_into_pdt
# identity map first 24mb (=6144 pages)
mov edi, 0x01004000
mov ebx, 0x00000003
mov ecx, 0x00001800 #512*12=6144 pages via 12 PTs
_set_table_entry:
mov [edi], ebx
add ebx, 0x00001000
add edi, 0x00000008
# loop _set_table_entry
dec ecx
cmp ecx, 0x00000000
jnz _set_table_entry
# enable PAE paging
mov eax, cr4
or eax, 0x00000020
mov cr4, eax
#-------------------------------------------------------------
# enter long mode
# activate long mode
mov ecx, 0xc0000080 # EFER MSR
rdmsr
or eax, 0x00000100 # LM bit
wrmsr
# enable paging
mov eax, cr0
or eax, 0x80000000 # PG bit
mov cr0, eax
# EFER.LMA=1 from now on!
jmp _XXX_FLUSH
_XXX_FLUSH:
#-------------------------------------------------------------
# enter 64 bit mode
# load 64 bit GDT
lgdt [_GDT64_POINTER]
# check... we seem to be fine...
mov ecx, 0xc0000080 # EFER MSR
rdmsr
mov ecx, eax
and ecx, 0x00000400 # LMA bit!
shr ecx, 0x08
add ecx, 0x002030
mov eax, 0x000b8004
mov [eax], ecx #'L'
mov eax, _lmode_ptr
jmp_far s48 [eax]
# jmp_far s48 [_lmode_ptr] # 0x0008:_long_mode direct (immediate) not allowed!
_64bit_mode:
bits_64
mov ax, 0x0010
mov ds, ax
mov ss, ax
mov ecx, 0x20412042
db 0x48
shl ecx, 0x20
db 0x48
shr ecx, 0x20
#xor rax, rax
mov eax, 0x000b8004
mov [eax], ecx
# jmp $
#-------------------------------------------------------------
# start kernel...
# -> Kernel starten
mov eax, 0x00010000
jmp eax
#-------------------------------------------------------------
# stuff
_death_16:
bits_16
mov al, 'X'
mov ah, 0x0e
mov bx, 0x0000
int 0x10
jmp $
_death_32:
bits_32
mov eax, 0x000b8000
mov [eax], 'X'
add eax, 0x00000001
mov [eax], 0x20
jmp $
_GDT64:
# null descriptor
dw 0x0000
dw 0x0000
db 0x00
db 0x00
db 0x00
db 0x00
# code
dw 0x0000
dw 0x0000
db 0x00
db 0x98 #0x9a # present+exec
db 0x20 # 64 bit
db 0x00
# data
dw 0x0000
dw 0x0000
db 0x00
db 0x92 #0x9a
db 0x00
db 0x00
_GDT64_POINTER:
dw 0x0017 # 8*3-1
dd _GDT64 #0x00000000
dd 0x00000000
# dq 0x0000000000000000 #_GDT64
#--------------------------------------------------------------
# data
# Variablen
_var_mem_size:
dd 0x00000000
_gdt:
# [0] 0x00 null descriptor
dd 0x00000000
dd 0x00000000
# [1] 0x08 code descriptor
dd 0x0000ffff
dd 0x00cf9a00
# [2] 0x10 data descriptor
dd 0x0000ffff
dd 0x00cf9200
_gdtr:
dw 0x0017 # 3 descriptors
dd _gdt
_pmode_ptr:
dd _pmode
dw 0x0008 # Descriptor[1] : ...
_lmode_ptr:
dd _64bit_mode
# dd 0x00000000
dw 0x0008
}