writing to address c000:0000

[biuseless]

writing to address c000:0000

some one asked if they could write to \device\physmem at the address
c0000

so i got hooked into this

i used physmembrowser (by four-f) to read the entries at that place

Code: Select all

000C0000:  55 AA 40 EB 3D 37 34 30-30 30 30 30 30 30 30 30  Uª@ë=74000000000
000C0010:  30 30 30 30 30 30 30 A2-34 01 9E 2A A2 2A 49 42  0000000¢4.ž*¢*IB
000C0020:  4D 20 56 47 41 20 43 6F-6D 70 61 74 69 62 6C 65  M VGA Compatible
000C0030:  20 42 49 4F 53 2E 20 05-00 00 4E 01 5E 01 6C 01   BIOS. ...N.^.l.

so it could read the place so it must be writable i thought
so was playing along
and i happened to open
debug (yeah the old debug.exe in dos box)

i could see the same info that physmembrowser returned being
available in debug too

so i thought i must be able to do an e and change the byte
well before trying i tried to google about disassembling bios
i couldnt find some eyecatching simple explanation
but one of the search queries led me this forum
so was reading through the collected wisdom
and happened to download the VGA SaveBios
by

Code: Select all

..!....Video BIOS Saver ver. 1.0..(C) Copyright
by Garavsky Andrew, 1997...Smell of South Software, Odessa..2:46

and had my videobin.bin saved
and looked through it
i saw it has the same info that the above both showed
at least the first 80 bytes were same ( i did not look further)

so now i was wary of doing
an e address list on debug because i was afraid of thrashing something
with which i have no understanding

but after some flip flops and coin throws i finally did it
and was expecting a bsod or some such awkward happenings

but i see nothing of that sort happened and worst
nothing was written either
and super worst is i get no error or crash of cmd.exe too
so i am wondering what actually happened during the
e
i happened to see a lot of flash talks and flashing utilities
and even some hotflash.html
if at all i have to write there should i use one of those utilities

is there some forum where bios tweaking is discussed

btw what can one tweak in these areas
actually i am interested why would the original poster be
interested in writing there
if he wants to write then he should be thinking about
writing some trampoline code that probably runs his code
restores old code and jumps back to do its original business

btw is any papers codes etc are availble on disassembling
the content in these areas

any or every comment posts and flames are welcome
but dont be too hard on flames

btw i am hoping i am posting in the right forum

thanks and regards

[biuseless]

wow 11 new posts between yesterday and today (aroung 19 hours )
and all answered by one bios guru
and all almost all answers are senseless post count increasing bullcrap replies like solved ??? success ??? monologue answers

anyway this was rollcall for today hope i roll call tommorow

[NickS]

From A000:0000 to F000:0000 was traditionally the "ROM BIOS" area. The PC BIOS was from F000:FFFF. CGA was driven by the PC BIOS; EGA started using C000:0000 to C000:7FFF for its code. People realised it would run faster if you put it in RAM. Some devices put RAM into this area, e.g. EMS memory boards allowing an 8086 to address up to 32 Mbytes below the 1 Mbyte limit!
A good view of the Upper Memory Area is at
http://www.pcguide.com/ref/ram/umaUpper-c.html and
http://www.pcguide.com/ref/ram/umaMap-c.html

[maman]

also, PCI expansion ROMs, i.e. the one found in PCI expansion cards such as video cards were copied to RAM and executed from there (AFAIK begins at C000:0000h), since it's faster and is a requirement based on the PCI specification itself.