wok view linld/stuff/src/MEMTOP.ASM @ rev 24334
polkit: CVE-2021-4034
| author | Pascal Bellard <pascal.bellard@slitaz.org> |
|---|---|
| date | Fri Jan 28 11:07:11 2022 +0000 (2022-01-28) |
| parents | 61df94a0fa43 |
| children | be9fc3c4c575 |
line source
1 ;***************************************************************
2 ;****** This file is distributed under GPL
3 ;***************************************************************
4 ideal
5 %PAGESIZE 255
6 %crefref
7 %noincl
8 %nomacs
10 include "common.inc"
12 ifdef NO386
13 p8086
14 else
15 p386
16 endif
18 group DGROUP _TEXT
19 assume cs:DGROUP,ds:DGROUP
22 segment _TEXT byte public use16 'CODE'
24 ;***************************************************************
25 ;u32 memtopz();
26 ;***************************************************************
27 proc _memtopz near
28 ;***************************************************************
29 ;u32 memtop_e820()
30 ;***************************************************************
31 ; proc _memtop_e820 near
33 ifdef INT15_E820
35 struc e820 ;struct e820 {
36 base dd ?,? ; 0 u64 base;
37 length dd ?,? ; 8 u64 length;
38 type db ?,?,?,? ;16 u32 type; 1=available
39 ends e820 ;};
41 p386
42 push ds
43 pop es
44 push di
45 xor ebx,ebx
46 @@e820lp:
47 mov eax,0E820h
48 mov edx,534D4150h ; 'SMAP'
49 xor ecx,ecx
50 mov cl,size e820
51 extrn buf4k:byte
52 mov di,offset buf4k
53 int 15h
54 jc @@err_e820
55 ;cmp eax,534D4150h ; 'SMAP'
56 ;jne @@err_e820
57 cmp [(e820 di).type],1
58 jnz @@notavail
59 mov eax,[(e820 di).base]
60 add eax,[(e820 di).length]
61 push eax
62 pop ax
63 pop dx
64 or dh,dh ; > 16M
65 je @@notavail
66 pop di
67 ret
68 @@notavail:
69 or bx,bx
70 jne @@e820lp
71 @@err_e820:
72 pop di
73 endif
75 ; endp _memtop_e820
77 ;***************************************************************
78 ;u32 memtop_e801()
79 ;***************************************************************
80 ; proc _memtop_e801 near
82 xor cx,cx ;fix to work around buggy
83 xor dx,dx ; BIOSes which dont clear/set
84 mov ax,0E801h ;ax=1kbs in 1-16M bx=64kbs above 16M extended
85 int 15h ;cx=1kbs in 1-16M dx=64kbs above 16M configured
86 xchg ax,cx ;kludge to handle BIOSes
87 jcxz @@use_cxdx ; which report their extended
88 ; memory in AX/BX rather than
89 ; CX/DX. The spec I have read
90 @@use_axbx: mov dx,bx ; seems to indicate AX/BX
91 xchg ax,cx ; are more reasonable anyway...
92 @@use_cxdx: ;now: dx=64k units above 16m
93 ; ax=1k units above 1m below 16m (max 3c00h)
94 or dx,dx
95 jz @@below16M
96 xor ax,ax ;ignore info on low 16M (assume full)
97 inc dh ;account for low 16M
98 ret
99 @@below16M:
100 or ax,ax
101 jnz tokb ;dx=0 here, ax=kbs above 1m
102 @@err:
103 ; ret
104 ; endp _memtop_e801
107 ;***************************************************************
108 ;u32 memtop_88()
109 ;***************************************************************
110 ; proc _memtop_88 near
112 mov ah,88h
113 int 15h ;ax=kbs above 1m
114 test ax,ax ; error: ax=0
115 jnz tokb ;happens on big mem systems
117 ;***************************************************************
118 ;u32 memtop_cmos()
119 ;***************************************************************
121 ;memtop_cmos:
122 pushf
123 call rdcmos17
124 popf
125 tokb:
126 mov cl,10 ;multiply by 1024
127 ifndef NO386
128 add ah,4h ;account for 1024 low kb
129 setc dl ; (optimized to death)
130 shld dx,ax,cl
131 shl ax,cl ; (kbytes -> bytes)
132 ret
133 else
134 xor dx,dx
135 add ah,4h ;account for 1024 low kb
136 adc dx,dx ; (optimized to death)
137 db 0A9h ; test ax,0C28Ch
138 global N_LXLSH@ES:near
139 N_LXLSH@ES:
140 mov dx,es
141 global N_LXLSH@:near
142 N_LXLSH@:
143 mov ch,0
144 @@lp:
145 shl ax,1
146 rcl dx,1
147 loop @@lp
148 ret
149 global N_LXLSH@4:near
150 N_LXLSH@4:
151 xor dx,dx
152 mov cl,4
153 jmp N_LXLSH@
154 endif
156 ; endp _memtop_88
158 ; proc _memtopz near
160 ; call _memtop_e801
161 ; jnz @@ok
162 ; call _memtop_88
163 ; jnz @@ok
164 ; jmp memtop_cmos
166 rdcmos17: cli
167 mov al,18h ; read bytes 17-18 from CMOS
168 call @@rdcmos
169 mov ah,al
170 mov al,17h
171 @@rdcmos: out 70h,al
172 call @@ret
173 in al,71h
174 @@ret:
175 ret
178 ;***************************************************************
179 ;u32 memtop();
180 ;***************************************************************
181 global _memtop:near
182 _memtop:
183 call _memtopz
184 mov cx,40h ; min 4m
185 ; If reported mem is ridiculously low, presume
186 ; we had trouble detecting memory size
187 cmp dx,cx
188 jb @@set
189 extrn _cmdnum:dword
190 _topmem = _cmdnum+8
191 mov cx,[word _topmem+2]
192 inc cx ; jcxnz
193 loop @@topmemset
194 mov ch,10h ; default = max 256m
195 @@topmemset:
196 ; Kernel can have trouble with initrd at very high addr:
197 ; limit mem top to 256m
198 cmp dh,ch
199 jb @@done
200 @@set:
201 xchg ax,cx
202 cwd
203 xchg ax,dx
204 @@done:
205 ; Round down to page boundary.
206 ; Or else initrd's tail may end up in last, partial page.
207 ; Kernel will refuse to use such initrd.
208 and ax,0f000h
209 ;@@ok:
210 ret
212 endp _memtopz
214 ;***************************************************************
215 ;void hook_int15_88();
216 ;***************************************************************
217 global _hook_int15_88:near
218 proc _hook_int15_88 near
220 ifndef xmm_hook
221 ;mov ax,4300h
222 ;int 2fh
223 ;cmp al,80h ; 80h = XMS driver installed
224 ;je @@skip
225 endif
226 saved15:
227 xor bx,bx
228 mov es,bx
229 ifndef NO386
230 push cs
231 push offset int15_88
232 pop eax
233 xchg eax,[es:bx+15*4]
234 mov [dword saved15],eax
235 else
236 mov ax,offset int15_88
237 call saved15z
238 mov ax,cs
239 inc bx
240 inc bx
241 saved15z:
242 xchg ax,[es:bx+15*4]
243 mov [word bx+saved15],ax
244 endif
245 ;push ds
246 ;pop es
247 @@skip:
248 ret
249 int15_88:
250 cmp ah,88h
251 je @@do88
252 jmp [dword saved15]
253 @@do88:
254 pushf
255 call [dword saved15]
256 or ax,ax
257 jnz @@iret
259 ;****** Read extended mem size (CMOS bytes 17h,18h (lo,hi))
260 call rdcmos17
261 @@iret:
262 iret
264 endp _hook_int15_88
266 ends _TEXT
268 end
270 ;###### END OF FILE ############################################