Does anyone know more about this? I thought that only the extended BIOS data may be used by SMM. I need to take this detail into account but it should not be a big deal. Tactically finding another reason to handle page 0 in a special way and solving the problem as a side effect.linux/arch/x86/boot/compressed/head_32.S wrote:Page 0 is deliberately kept safe, since System Management Mode code in laptops may need to access the BIOS data stored there. This is also useful for future device drivers that either access the BIOS via VM86 mode.
BIOS data area and SMM
BIOS data area and SMM
- bellezzasolo
- Member
- Posts: 110
- Joined: Sun Feb 20, 2011 2:01 pm
Re: BIOS data area and SMM
The intel manuals don't document this. As SMM is reliant on the firmware, I'd leave any memory not explicitly marked as reclaimable in the low MB untouched. In my OS, I do this anyway to allow real mode code execution, using the original IVT.
I'd consult this for bits of memory that are usable.
http://wiki.osdev.org/Memory_Map
I'd consult this for bits of memory that are usable.
http://wiki.osdev.org/Memory_Map
Whoever said you can't do OS development on Windows?
https://github.com/ChaiSoft/ChaiOS
https://github.com/ChaiSoft/ChaiOS
Re: BIOS data area and SMM
Hi,
I'd also wonder if the (assumed) problem was caused by something using VM86 mode (OS doesn't cease using the BIOS) and/or the OS failing to disable "PS/2 emulation for USB devices" before using page 0. Note that there seems to be more problems than just page 0 (e.g. reports of suspend/resume and/or integrated graphics on sandy bridge CPUs corrupting the first 64 KiB of RAM), and to mitigate firmware/hardware bugs Linux developers seem to have built an entire system for disabling a configurable number of low memory pages and (optionally) periodically checking to see if RAM within that area was corrupted by BIOS.
Cheers,
Brendan
As far as I know; SMM shouldn't touch page 0 and shouldn't assume page 0 has been left intact after the OS has ceased using the BIOS. I suspect that once upon a time a Linux developer found a computer with buggy firmware that doesn't comply with "should", and this is the result.Antti wrote:Does anyone know more about this? I thought that only the extended BIOS data may be used by SMM. I need to take this detail into account but it should not be a big deal. Tactically finding another reason to handle page 0 in a special way and solving the problem as a side effect.linux/arch/x86/boot/compressed/head_32.S wrote:Page 0 is deliberately kept safe, since System Management Mode code in laptops may need to access the BIOS data stored there. This is also useful for future device drivers that either access the BIOS via VM86 mode.
I'd also wonder if the (assumed) problem was caused by something using VM86 mode (OS doesn't cease using the BIOS) and/or the OS failing to disable "PS/2 emulation for USB devices" before using page 0. Note that there seems to be more problems than just page 0 (e.g. reports of suspend/resume and/or integrated graphics on sandy bridge CPUs corrupting the first 64 KiB of RAM), and to mitigate firmware/hardware bugs Linux developers seem to have built an entire system for disabling a configurable number of low memory pages and (optionally) periodically checking to see if RAM within that area was corrupted by BIOS.
Cheers,
Brendan
For all things; perfection is, and will always remain, impossible to achieve in practice. However; by striving for perfection we create things that are as perfect as practically possible. Let the pursuit of perfection be our guide.
- Kazinsal
- Member
- Posts: 559
- Joined: Wed Jul 13, 2011 7:38 pm
- Libera.chat IRC: Kazinsal
- Location: Vancouver
- Contact:
Re: BIOS data area and SMM
I suspect also that the comment dates back at least two if not two and a half decades, considering it implies System Management Mode is a primarily laptop thing, and originally it was only on the 386SL (an incredibly popular laptop CPU well into the early 1990s) and 486SL until being integrated into all 486DX and DX variants from late 1993 onwards.Brendan wrote:I suspect that once upon a time a Linux developer found a computer with buggy firmware that doesn't comply with "should", and this is the result.
Re: BIOS data area and SMM
In the strictest sense, is using Long Mode safe at all?
The "PS/2 emulation for USB devices" seems to be a big problem for many reasons. I need to reconsider my boot infrastructure because it seems that using Long Mode too early may be unsafe. Unfortunately, this includes many hobby operating systems because I am almost sure that Long Mode is used before disabling the PS/2 emulation. Perhaps I need to disable it during the boot phases but doing so could be a good idea anyway. Later initialization phases could assume that emulation is disabled. Only real PS/2 hardware (checked if really available) may be supported until USB support is ready and this is a disadvantage, of course, but it could significantly speed up the development of the native USB support.
The "PS/2 emulation for USB devices" seems to be a big problem for many reasons. I need to reconsider my boot infrastructure because it seems that using Long Mode too early may be unsafe. Unfortunately, this includes many hobby operating systems because I am almost sure that Long Mode is used before disabling the PS/2 emulation. Perhaps I need to disable it during the boot phases but doing so could be a good idea anyway. Later initialization phases could assume that emulation is disabled. Only real PS/2 hardware (checked if really available) may be supported until USB support is ready and this is a disadvantage, of course, but it could significantly speed up the development of the native USB support.
At least Linux 1.0 had the same comment, so yes. At the time of its heyday, mainstream operating systems for PCs most likely keeped the BDA available at run time.Kazinsal wrote:I suspect also that the comment dates back at least two if not two and a half decades, considering it implies System Management Mode is a primarily laptop thing
Re: BIOS data area and SMM
SMM is independent of long mode. Enabling long mode early is not problematic. Linux also enables long mode before looking at PCI.
managarm: Microkernel-based OS capable of running a Wayland desktop (Discord: https://discord.gg/7WB6Ur3). My OS-dev projects: [mlibc: Portable C library for managarm, qword, Linux, Sigma, ...] [LAI: AML interpreter] [xbstrap: Build system for OS distributions].
Re: BIOS data area and SMM
Unfortunately, this is questionable.Korona wrote:SMM is independent of long mode.
I'd really like to know the answer to this specific question: are the "PS/2 emulation" bugs waken up only if a CPU executing in long mode tries to read/write ports 0x60 or 0x64 which triggers the SMI handlers (but are interrupts involved in this scenario too)? There is a huge difference. I'm really worried about the "passive" state after entering long mode, i.e. a state in which "traditional" BIOS firmware is not in control (but obviously SMM still is) and the operating system / initialization code itself has not done anything yet. I'd understand the following scenario: emulation enabled, long mode, port read/write, and crash. If just being in long mode doing nothing crashes the computer... oh well.
Re: BIOS data area and SMM
Hi,
Note that long mode was introduced in about 2000 (and I guess there may be "teething problems" in firmware involving "PS/2 emulation" and long mode for computers created at/near the introduction of long mode); and ACPI was introduced in about 1999 (and there are "teething problems" in firmware involving ACPI for computers created at/near the introduction of ACPI); and these time-frames are close enough to overlap (e.g. computers from around 2000 where firmware has problems with both long mode and ACPI). If an OS supports older 32-bit CPUs (e.g. and has a 32-bit kernel, etc) it should be relatively easy to force the OS to use 32-bit (e.g. using automated blacklist/whitelist approach and/or heuristics, and/or a manual user setting); and if the OS doesn't support older 32-bit CPUs then 64-bit computers from around 2000 are only slightly newer than computers the OS developer has already decided are too old to care about and it probably wouldn't matter much if the OS developer didn't support a few more old computers.
I should also mention that I'm relatively sceptical of some of the problems Linux sees - often it's too hard to know if they're just working around symptoms of Linux doing something incredibly silly (e.g. not disabling "PS/2 emulation" in USB controllers before starting PS/2 drivers). For this reason I'd be tempted to ignore some of the problems Linux seems to have with firmware (until/unless I have similar problems with my OS).
Cheers,
Brendan
For "PS/2 emulation for USB devices" I'd assume firmware may need to try to figure out which instruction caused the SMI (e.g. was it "in al,dx" or "in ax,dx" or ...?) so that it can emulate that instruction. This could involve doing a manual page table walk to find the instruction in physical memory, which implies that firmware's SMM code would need to support all the different paging modes and all of their features (large pages, "no-execute", ...); including things like "instruction split across page boundary" and including emulating page faults (e.g. "insb" writing to a not-present page).Antti wrote:Unfortunately, this is questionable.Korona wrote:SMM is independent of long mode.
I'd really like to know the answer to this specific question: are the "PS/2 emulation" bugs waken up only if a CPU executing in long mode tries to read/write ports 0x60 or 0x64 which triggers the SMI handlers (but are interrupts involved in this scenario too)?
Are you accessing the PS/2 chip's IO ports while in this passive state?Antti wrote:There is a huge difference. I'm really worried about the "passive" state after entering long mode, i.e. a state in which "traditional" BIOS firmware is not in control (but obviously SMM still is) and the operating system / initialization code itself has not done anything yet.
Excluding "PS/2 emulation for USB devices" and "suspend/resume"; for everything else that SMM is used for (power management, ECC "scrubbing" in some computers, etc) the firmware's SMM code has no reason to care what the OS is doing (or which mode the CPU was in, etc).Antti wrote:I'd understand the following scenario: emulation enabled, long mode, port read/write, and crash. If just being in long mode doing nothing crashes the computer... oh well.
Note that long mode was introduced in about 2000 (and I guess there may be "teething problems" in firmware involving "PS/2 emulation" and long mode for computers created at/near the introduction of long mode); and ACPI was introduced in about 1999 (and there are "teething problems" in firmware involving ACPI for computers created at/near the introduction of ACPI); and these time-frames are close enough to overlap (e.g. computers from around 2000 where firmware has problems with both long mode and ACPI). If an OS supports older 32-bit CPUs (e.g. and has a 32-bit kernel, etc) it should be relatively easy to force the OS to use 32-bit (e.g. using automated blacklist/whitelist approach and/or heuristics, and/or a manual user setting); and if the OS doesn't support older 32-bit CPUs then 64-bit computers from around 2000 are only slightly newer than computers the OS developer has already decided are too old to care about and it probably wouldn't matter much if the OS developer didn't support a few more old computers.
I should also mention that I'm relatively sceptical of some of the problems Linux sees - often it's too hard to know if they're just working around symptoms of Linux doing something incredibly silly (e.g. not disabling "PS/2 emulation" in USB controllers before starting PS/2 drivers). For this reason I'd be tempted to ignore some of the problems Linux seems to have with firmware (until/unless I have similar problems with my OS).
Cheers,
Brendan
For all things; perfection is, and will always remain, impossible to achieve in practice. However; by striving for perfection we create things that are as perfect as practically possible. Let the pursuit of perfection be our guide.
Re: BIOS data area and SMM
Brendan wrote:I'd assume firmware may need to try to figure out which instruction caused the SMI
It is very reasonable to assume that doing all that is error-prone. Also, if we look at "SMRAM State-Save Area" format, maybe the old firmware was not very familiar with the new version ("AMD64") when it needed to read things from it for the emulation purposes. Or it simply wasn't tested very well because the whole architecture was new.Brendan wrote:could involve doing a manual page table walk
"No"Brendan wrote:Are you accessing the PS/2 chip's IO ports while in this passive state?
Re: BIOS data area and SMM
To answer to a question "what are the minimum requirements?", I'd answer that "it depends on what features you want". A lot of work has been done so that the earliest PCs should be included. From the boot loader's perspective, there are three main categories (those may contain subcategories but the boot loader is not aware of them):Brendan wrote:If an OS supports older 32-bit CPUs (e.g. and has a 32-bit kernel, etc) it should be relatively easy to force the OS to use 32-bit
- From "8086" to pre-Pentium. A 16-bit "toy thing" that communicates with the real OS via serial cable like a terminal but there are some native features also.
- From "Pentium" onwards. Modern 32-bit kernel(s) but details are not available yet.
- From "x86-64" onwards. Modern (BIOS/UEFI) 64-bit kernel(s) but details are not available yet.
Re: BIOS data area and SMM
IIRC the BIOS emulates the keyboard by passing data to the "real" PS/2 controller (using commands 0xD2 and 0xD3). It does not emulate the whole PS/2 controller in SMM. It does not need to know the instruction that caused the read/write.
Do you realize that SMI's disable long mode and re-enter real-mode? Did you ever encounter SMM crashing your code or do you have any evidence that it might happen? I have not ever seen something like this.Antti wrote:Unfortunately, this is questionable.Korona wrote:SMM is independent of long mode.
I'd really like to know the answer to this specific question: are the "PS/2 emulation" bugs waken up only if a CPU executing in long mode tries to read/write ports 0x60 or 0x64 which triggers the SMI handlers (but are interrupts involved in this scenario too)? There is a huge difference. I'm really worried about the "passive" state after entering long mode, i.e. a state in which "traditional" BIOS firmware is not in control (but obviously SMM still is) and the operating system / initialization code itself has not done anything yet. I'd understand the following scenario: emulation enabled, long mode, port read/write, and crash. If just being in long mode doing nothing crashes the computer... oh well.
managarm: Microkernel-based OS capable of running a Wayland desktop (Discord: https://discord.gg/7WB6Ur3). My OS-dev projects: [mlibc: Portable C library for managarm, qword, Linux, Sigma, ...] [LAI: AML interpreter] [xbstrap: Build system for OS distributions].
Re: BIOS data area and SMM
Yes. That is the answer relevant in this context (ignoring possible terminology inaccuracies and the difference between observable behavior and implementation details).Korona wrote:Do you realize that SMI's disable long mode and re-enter real-mode?
I did not encounter SMM crashing. I don't have proper hardware (early 64-bit systems) to do any tests and the only evidence I have is this.Korona wrote:Did you ever encounter SMM crashing your code or do you have any evidence that it might happen?
I fully agree that it might not be true, e.g. the crashes were a combination of different factors. However, I firmly believe that some kind of problems were real and the quote is authentic and I understood it correctly.Vojtech Pavlik wrote:If AMD64 64-bit mode is enabled, again system crashes often happen, because the SMM BIOS isn't expecting the CPU to be in 64-bit mode
Re: BIOS data area and SMM
Hi,
Cheers,
Brendan
For a higher threshold for selecting the "x86-64" category (to avoid using long mode on "more likely to be buggy" computers from near the introduction of long mode); I'd consider using the existence of CMPXCHG16b, PREFETCHW and LAHF/SAHF instructions. The reason for CMPXCHG16b is that it's highly useful for lock-free and block-free algorithms (e.g. atomically update a pair of pointers), and the reason for the others is that CMPXCHG16B alone doesn't create a high enough threshold and it matches the requirements for 64-bit Windows 8.1 and Windows 10.Antti wrote:The boot code chooses the branch and now I should investigate how to put higher threshold for selecting the "x86-64" category. What would be a good CPU feature flag for skipping all those early chips? That could work-around more problems than just this and I would accept that those computers were seen as 32-bit. Please note that I'm doing this for the pre-Pentium category too (all those are 16-bit). I'm going to fully concentrate on (relatively) modern OSDev so the "Pentium" is the minimum requirement in practice.
Cheers,
Brendan
For all things; perfection is, and will always remain, impossible to achieve in practice. However; by striving for perfection we create things that are as perfect as practically possible. Let the pursuit of perfection be our guide.