X86 内存布局分析(Memory map)

http://blog.csdn.net/huangkangying/article/details/8495163

This article describes the contents of the computer's physical memory at the moment that the BIOS jumps to your bootloader code.

本文主要描述从BIOS代码工作到OS bootloader之前的计算机物理内存分析。

Contents

[hide]

• 1 "Low" memory (< 1 MiB)
  • 1.1 Overview
  • 1.2 BIOS Data Area (BDA)
  • 1.3 Extended BIOS Data Area (EBDA)
  • 1.4 ROM Area
• 2 "Upper" Memory (> 1 MiB)
• 3 Comments
• 4 See Also
  • 4.1 External Links

"Low" memory (< 1 MiB)

低地址内存(< 1MB )

When a typical x86 PC boots it will be in Real Mode, with an active BIOS. During the time the CPU remains in Real Mode, IRQ0 (the clock) will fire repeatedly, and the hardware that is used to boot the PC (floppy, hard disk, CD, Network card, USB) will also generate IRQs. This means that during the PC boot process, the Real Mode IVT (see below) must be carefully preserved, because it is being used.

When the IVT is activated by an IRQ, it will call a BIOS routine to handle the IRQ. Bootloaders will also access BIOS functions. This means that the two memory workspaces that the BIOS uses (the BDA and the EBDA) must also be carefully preserved during boot. Also, every time the BIOS handles an IRQ0 (18 times a second), several bytes in the BDA get overwritten by the BIOS -- so do not attempt to store anything there while IRQs are active in Real Mode.

After all the BIOS functions have been called, and your kernel is loaded into memory somewhere, the bootloader or kernel may exit Real Mode forever (often by going into 32bit Protected Mode). If the kernel never uses Real Mode again, then the first 0x500 bytes of memory in the PC may be reused and overwritten. (However, it is very common to temporarily return to Real Mode in order to change the Video Display Mode.)

When the CPU is in Protected Mode, System Management Mode (SMM) is still invisibly active, and cannot be shut off. SMM also seems to use the EBDA. So the EBDA memory area should never be overwritten.

Note: the EBDA is a variable-sized memory area (on different BIOSes). If it exists, it is always immediately below 0xA0000 in memory. It is absolutely guaranteed to be less than 128 KiB in size. It is often 1 KiB. The biggest ones ever actually seen are 8 KiB. You can determine the size of the EBDA by using BIOS function INT 12h, or (often) by examining the word at 0x40E in the BDA (see below). Both of those methods will tell you the location of the bottom of the EBDA.

It should also be noted that your bootloader code is probably loaded and running in memory at physical addresses 0x7C00 through 0x7DFF. So that memory area is likely to also be unusable until execution has been transferred to a second stage bootloader, or to your kernel.

Overview

(all values except KiBs are in hex)

startendsizetypedescriptionLow Memory (the first MiB)00000000000003FF400 (1 KiB)RAM - partially unusable (see above)Real Mode IVT (Interrupt Vector Table)00000400000004FF100RAM - partially unusable (see above)BDA (BIOS data area)0000050000007BFF7700 (almost 30 KiB)RAM (guaranteed free for use)Conventional memory00007C00 (typical location)00007DFF200RAM - partially unusable (see above)Your OS BootSector00007E000007FFFF7FB00 (481 KiB)RAM (guaranteed free for use)Conventional memory000800000009FBFF1FC00 (approximately 120 KiB)RAM (free for use, if it exists)Conventional memory0009FC00 (typical location)0009FFFF400RAM (unusable)EBDA (Extended BIOS Data Area)000A0000000FFFFF60000various (unusable)ROM Area (384 KiB)

 

BIOS Data Area (BDA)

The BDA is only partially standardized, and almost all the values stored there are completely obsolete and uninteresting. The following is a partial list. See the External Links references below for more detail.

address (size)description400 (word)IO port for COM1 serial408 (word)IO port for LPT1 parallel40E (word)EBDA base address >> 4 (usually!)410 (word)packed bit flags for detected hardware449 (byte)Display Mode463 (2 bytes, taken as a word)base IO port for video46C (word)# of IRQ0 timer ticks since boot475 (byte)# of hard disk drives detected497 (byte)last keyboard LED/Shift key state

 

Extended BIOS Data Area (EBDA)

You may see "maps" of the EBDA if you search the web. However, those maps are for the original IBM BIOS EBDA. They do not apply to any current EBDA, used by any current BIOS. The EBDA area is not standardized. It does contain data that your OS will need, but you must do a bytewise pattern search to find those tables. (See PlugNPlay.)

 

ROM Area

startendsizeregion/exceptiondescriptionStandard usage of the ROM Area000A0000000AFFFF10000video RAMVGA framebuffer (64 KiB)000B0000000B7FFF8000video RAMVGA text monochrome (32 KiB)000B8000000BFFFF8000video RAMVGA text color (32 KiB)000C0000000C7FFF8000ROMVideo BIOS (32 KiB is typical size)000C8000000EFFFF28000ROMs and unusable spaceMapped hardware & Misc.000F0000000FFFFF10000ROMMotherboard BIOS (64 KiB is typical size)

 

"Upper" Memory (> 1 MiB)

The region of RAM above 1 MiB is not standardized, well-defined, or contiguous. There are likely to be regions of it that contain memory mapped hardware, that nothing but a device driver should ever access. There are likely to be regions of it that contain ACPI tables which your initialization code will probably want to read, and that then can be overwritten and reused. Some ACPI areas cannot be "reclaimed" this way. Some of the computer's RAM may extend above 4 GiB.

Use the BIOS function INT 15h, EAX=0xE820 to get a reliable map of Upper Memory.

 

startendsizeregion/exceptiondescriptionHigh Memory00100000003FFFFF00300000RAM -- guaranteed free for use¹Extended memory0040000000EFFFFF00900000 (if it all exists)RAM -- free for useExtended memory00F0000000FFFFFF100000Possible memory mapped hardwareISA Memory Hole 15-16MB (only with ISA bus?)01000000 ???????? ???????? (whatever exists)RAM -- free for useMore Extended memoryC000000 (sometimes)FFFFFFF4000000various (unusable except by drivers)PnP NVRAM?, LAPIC, BIOS, ...10000000 (possible mem above 4 GiB) ???????? ???????? (whatever exists)RAM -- free for use (PAE/64bit)More Extended memory

¹: Free for use except that your bootloader (ie. GRUB) may have loaded your "modules" here, and you don't want to overwrite those.

 

Comments

See Also

External Links

• http://www.nondot.org/sabre/os/files/Booting/BIOS_SEG.txt -- detailed BIOS Data Area map
• http://www.bioscentral.com/misc/bda.htm -- another detailed BIOS Data Area map
• Geezer's memory layout description