Re: PXE entry invalid, so PXE boot hangs

To: Stephen Borrill <netbsd%precedence.co.uk@localhost>
Subject: Re: PXE entry invalid, so PXE boot hangs
From: Patrick Welche <prlw1%cam.ac.uk@localhost>
Date: Thu, 9 Apr 2015 21:26:24 +0100

On Wed, Apr 01, 2015 at 12:43:07PM +0100, Patrick Welche wrote:
...
> > Therefore, it looks like the structure found by memory scanning is incorrect
> > and perhaps we should implement Linux's plans A and B (C being the int 0x1a
> > function 0x5650 that we explicitly choose not to support). These involve
> > reading points from offsets relative to InitStack. Where does this
> > correspond to in NetBSD?
> 
> Is InitStack = 0xfffc ?

[all arch=i386]
According to the PXE spec v 2.1:

  4.4.5 Client State at Bootstrap Execution Time (Remote.0)

  The entire remote boot NBP is downloaded into base memory starting
  at location 0:7C00h. The PXE ROM code must then transfer control
  to the NBP by executing a far call to the beginning of the NBP.

  On entry to the NBP:

  - CS:IP must contain the value 0:7C00h.
  - ES:BX must contain the address of the PXENV+ structure.
  - SS:[SP+4] must contain the segment:offset address of the !PXE structure.
  - EDX is no longer used.
  - SS:SP is to contain the address of the beginning of the unused portion
    of the PXE services stack.
  - There must be at least 1.5KB of free stack space for the NBP.

NBP = Network Bootstrap Program

I assumed that pxeboot_ia32 was our NBP, but saving ES, BX, SS and SP
on entry to start in start_pxe.S shows that they are zero. We set them
in start_pxe.S, which is where I got 0xfffc in the earlier post.

Adding some printfs to a working set-up:

The values we set in start_pxe.S give:

es=0x9b06 bx=0xd0 ss=0x1dd5 sp=0xfffc
PXENV+ es:bx=0x9b130 "ÿÿÿÿÿÿ" 0xff
!PXE ss:[sp+4]=0x2dd50 ""

and the memory scan finds:

PXENV+ pxenv=0x93530 "PXENV+" 0x70
!PXE pxe=0x934d0 "!PXE"

Is it really pxeboot_ia32's job to set SS, SP and friends? (Apparently,
and it also chooses to use 07C0:0 rather than 0:7C00 right?) That
implies that pxeboot_ia32 isn't the NBP?

If it is pxeboot_ia32's job, how is it meant to figure out where the
!PXE structure is? Section 3.1, which is what the current code does?

  In general, a PXE installation can be discovered using either of
  two methods. The first method (which can only be used in real
  mode) is to use the installation check interrupt, Int 1Ah. The
  second is to scan base memory for the !PXE or PXENV+ structure.

Cheers,

Patrick

References:
- PXE entry invalid, so PXE boot hangs
  - From: Stephen Borrill
- Re: PXE entry invalid, so PXE boot hangs
  - From: Patrick Welche

Prev by Date: Re: More questions concerning module dependencies
Next by Date: Re: point2point network interfaces cannot receive ipv6 packets
Previous by Thread: Re: PXE entry invalid, so PXE boot hangs
Next by Thread: Help needed with a stubborn Gateway box!
Indexes:

Home | Main Index | Thread Index | Old Index