Advertisement
Guest User

Untitled

a guest
Jun 24th, 2017
496
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1.  
  2.  
  3. How It Works -- DOS Floppy Disk Boot Sector
  4.  
  5.  
  6.  
  7. Version 1a
  8.  
  9.  
  10.  
  11. by Hale Landis <hlandis@ibm.net>
  12.  
  13.  
  14.  
  15.  
  16.  
  17. THE "HOW IT WORKS" SERIES
  18.  
  19.  
  20.  
  21. This is one of several How It Works documents. The series
  22.  
  23. currently includes the following:
  24.  
  25.  
  26.  
  27. * How It Works -- CHS Translation
  28.  
  29. * How It Works -- Master Boot Record
  30.  
  31. * How It Works -- DOS Floppy Boot Sector
  32.  
  33. * How It Works -- OS2 Boot Sector
  34.  
  35. * How It Works -- Partition Tables
  36.  
  37.  
  38.  
  39.  
  40.  
  41. DOS FLOPPY DISK BOOT SECTOR
  42.  
  43.  
  44.  
  45. This article is a disassembly of a floppy disk boot sector for a
  46.  
  47. DOS floppy. The boot sector of a floppy disk is located at
  48.  
  49. cylinder 0, head 0, sector 1. This sector is created by a floppy
  50.  
  51. disk formating program, such as the DOS FORMAT program. The boot
  52.  
  53. sector of a FAT hard disk partition has a similar layout and
  54.  
  55. function. Basically a bootable FAT hard disk partition looks
  56.  
  57. like a big floppy during the early stages of the system's boot
  58.  
  59. processing.
  60.  
  61.  
  62.  
  63. At the completion of your system's Power On Self Test (POST), INT
  64.  
  65. 19 is called. Usually INT 19 tries to read a boot sector from
  66.  
  67. the first floppy drive. If a boot sector is found on the floppy
  68.  
  69. disk, the that boot sector is read into memory at location
  70.  
  71. 0000:7C00 and INT 19 jumps to memory location 0000:7C00.
  72.  
  73. However, if no boot sector is found on the first floppy drive,
  74.  
  75. INT 19 tries to read the MBR from the first hard drive. If an
  76.  
  77. MBR is found it is read into memory at location 0000:7c00 and INT
  78.  
  79. 19 jumps to memory location 0000:7c00. The small program in the
  80.  
  81. MBR will attempt to locate an active (bootable) partition in its
  82.  
  83. partition table. If such a partition is found, the boot sector
  84.  
  85. of that partition is read into memory at location 0000:7C00 and
  86.  
  87. the MBR program jumps to memory location 0000:7C00. Each
  88.  
  89. operating system has its own boot sector format. The small
  90.  
  91. program in the boot sector must locate the first part of the
  92.  
  93. operating system's kernel loader program (or perhaps the kernel
  94.  
  95. itself or perhaps a "boot manager program") and read that into
  96.  
  97. memory.
  98.  
  99.  
  100.  
  101. INT 19 is also called when the CTRL-ALT-DEL keys are used. On
  102.  
  103. most systems, CTRL-ALT-DEL causes an short version of the POST to
  104.  
  105. be executed before INT 19 is called.
  106.  
  107.  
  108.  
  109. =====
  110.  
  111.  
  112.  
  113. Where stuff is:
  114.  
  115.  
  116.  
  117. The BIOS Parameter Block (BPB) starts at offset 0.
  118.  
  119. The boot sector program starts at offset 3e.
  120.  
  121. The messages issued by this program start at offset 19e.
  122.  
  123. The DOS hidden file names start at offset 1e6.
  124.  
  125. The boot sector signature is at offset 1fe.
  126.  
  127.  
  128.  
  129. Here is a summary of what this thing does:
  130.  
  131.  
  132.  
  133. 1) Copy Diskette Parameter Table which is pointed to by INT 1E.
  134.  
  135. 2) Alter the copy of the Diskette Parameter Table.
  136.  
  137. 3) Alter INT 1E to point to altered Diskette Parameter Table.
  138.  
  139. 4) Do INT 13 AH=00, disk reset call.
  140.  
  141. 5) Compute sector address of root directory.
  142.  
  143. 6) Read first sector of root directory into 0000:0500.
  144.  
  145. 7) Confirm that first two directory entries are for IO.SYS
  146.  
  147. and MSDOS.SYS.
  148.  
  149. 8) Read first 3 sectors of IO.SYS into 0000:0700 (or 0070:0000).
  150.  
  151. 9) Leave some information in the registers and jump to
  152.  
  153. IO.SYS at 0070:0000.
  154.  
  155.  
  156.  
  157. NOTE:
  158.  
  159.  
  160.  
  161. This program uses the CHS based INT 13H AH=02 to read the FAT
  162.  
  163. root directory and to read the IO.SYS file. If the drive is
  164.  
  165. >528MB, this CHS must be a translated CHS (or L-CHS, see my
  166.  
  167. BIOS TYPES document). Except for internal computations no
  168.  
  169. addresses in LBA form are used, another reason why LBA doesn't
  170.  
  171. solve the >528MB problem.
  172.  
  173.  
  174.  
  175. =====
  176.  
  177.  
  178.  
  179. Here is the entire sector in hex and ascii.
  180.  
  181.  
  182.  
  183. OFFSET 0 1 2 3 4 5 6 7 8 9 A B C D E F *0123456789ABCDEF*
  184.  
  185. 000000 eb3c904d 53444f53 352e3000 02010100 *.<.MSDOS5.0.....*
  186.  
  187. 000010 02e00040 0bf00900 12000200 00000000 *...@............*
  188.  
  189. 000020 00000000 0000295a 5418264e 4f204e41 *......)ZT.&NO NA*
  190.  
  191. 000030 4d452020 20204641 54313220 2020fa33 *ME FAT12 .3*
  192.  
  193. 000040 c08ed0bc 007c1607 bb780036 c5371e56 *.....|...x.6.7.V*
  194.  
  195. 000050 1653bf3e 7cb90b00 fcf3a406 1fc645fe *.S.>|.........E.*
  196.  
  197. 000060 0f8b0e18 7c884df9 894702c7 073e7cfb *....|.M..G...>|.*
  198.  
  199. 000070 cd137279 33c03906 137c7408 8b0e137c *..ry3.9..|t....|*
  200.  
  201. 000080 890e207c a0107cf7 26167c03 061c7c13 *.. |..|.&.|...|.*
  202.  
  203. 000090 161e7c03 060e7c83 d200a350 7c891652 *..|...|....P|..R*
  204.  
  205. 0000a0 7ca3497c 89164b7c b82000f7 26117c8b *|.I|..K|. ..&.|.*
  206.  
  207. 0000b0 1e0b7c03 c348f7f3 0106497c 83164b7c *..|..H....I|..K|*
  208.  
  209. 0000c0 00bb0005 8b16527c a1507ce8 9200721d *......R|.P|...r.*
  210.  
  211. 0000d0 b001e8ac 0072168b fbb90b00 bee67df3 *.....r........}.*
  212.  
  213. 0000e0 a6750a8d 7f20b90b 00f3a674 18be9e7d *.u... .....t...}*
  214.  
  215. 0000f0 e85f0033 c0cd165e 1f8f048f 4402cd19 *._.3...^....D...*
  216.  
  217. 000100 585858eb e88b471a 48488a1e 0d7c32ff *XXX...G.HH...|2.*
  218.  
  219. 000110 f7e30306 497c1316 4b7cbb00 07b90300 *....I|..K|......*
  220.  
  221. 000120 505251e8 3a0072d8 b001e854 00595a58 *PRQ.:.r....T.YZX*
  222.  
  223. 000130 72bb0501 0083d200 031e0b7c e2e28a2e *r..........|....*
  224.  
  225. 000140 157c8a16 247c8b1e 497ca14b 7cea0000 *.|..$|..I|.K|...*
  226.  
  227. 000150 7000ac0a c07429b4 0ebb0700 cd10ebf2 *p....t).........*
  228.  
  229. 000160 3b16187c 7319f736 187cfec2 88164f7c *;..|s..6.|....O|*
  230.  
  231. 000170 33d2f736 1a7c8816 257ca34d 7cf8c3f9 *3..6.|..%|.M|...*
  232.  
  233. 000180 c3b4028b 164d7cb1 06d2e60a 364f7c8b *.....M|.....6O|.*
  234.  
  235. 000190 ca86e98a 16247c8a 36257ccd 13c30d0a *.....$|.6%|.....*
  236.  
  237. 0001a0 4e6f6e2d 53797374 656d2064 69736b20 *Non-System disk *
  238.  
  239. 0001b0 6f722064 69736b20 6572726f 720d0a52 *or disk error..R*
  240.  
  241. 0001c0 65706c61 63652061 6e642070 72657373 *eplace and press*
  242.  
  243. 0001d0 20616e79 206b6579 20776865 6e207265 * any key when re*
  244.  
  245. 0001e0 6164790d 0a00494f 20202020 20205359 *ady...IO SY*
  246.  
  247. 0001f0 534d5344 4f532020 20535953 000055aa *SMSDOS SYS..U.*
  248.  
  249.  
  250.  
  251. =====
  252.  
  253.  
  254.  
  255. The first 62 bytes of a boot sector are known as the BIOS
  256.  
  257. Parameter Block (BPB). Here is the layout of the BPB fields
  258.  
  259. and the values they are assigned in this boot sector:
  260.  
  261.  
  262.  
  263. db JMP instruction at 7c00 size 2 = eb3c
  264.  
  265. db NOP instruction 7c02 1 90
  266.  
  267. db OEMname 7c03 8 'MSDOS5.0'
  268.  
  269. dw bytesPerSector 7c0b 2 0200
  270.  
  271. db sectPerCluster 7c0d 1 01
  272.  
  273. dw reservedSectors 7c0e 2 0001
  274.  
  275. db numFAT 7c10 1 02
  276.  
  277. dw numRootDirEntries 7c11 2 00e0
  278.  
  279. dw numSectors 7c13 2 0b40 (ignore numSectorsHuge)
  280.  
  281. db mediaType 7c15 1 f0
  282.  
  283. dw numFATsectors 7c16 2 0009
  284.  
  285. dw sectorsPerTrack 7c18 2 0012
  286.  
  287. dw numHeads 7c1a 2 0002
  288.  
  289. dd numHiddenSectors 7c1c 4 00000000
  290.  
  291. dd numSectorsHuge 7c20 4 00000000
  292.  
  293. db driveNum 7c24 1 00
  294.  
  295. db reserved 7c25 1 00
  296.  
  297. db signature 7c26 1 29
  298.  
  299. dd volumeID 7c27 4 5a541826
  300.  
  301. db volumeLabel 7c2b 11 'NO NAME '
  302.  
  303. db fileSysType 7c36 8 'FAT12 '
  304.  
  305.  
  306.  
  307. =====
  308.  
  309.  
  310.  
  311. Here is the boot sector...
  312.  
  313.  
  314.  
  315. The first 3 bytes of the BPB are JMP and NOP instructions.
  316.  
  317.  
  318.  
  319. 0000:7C00 EB3C JMP START
  320.  
  321. 0000:7C02 90 NOP
  322.  
  323.  
  324.  
  325. Here is the rest of the BPB.
  326.  
  327.  
  328.  
  329. 0000:7C00 ......4d 53444f53 352e3000 02010100 * MSDOS5.0.....*
  330.  
  331. 0000:7C10 02e00040 0bf00900 12000200 00000000 *...@............*
  332.  
  333. 0000:7C20 00000000 0000295a 5418264e 4f204e41 *......)ZT.&NO NA*
  334.  
  335. 0000:7C30 4d452020 20204641 54313220 2020.... *ME FAT12 *
  336.  
  337.  
  338.  
  339. Now pay attention here...
  340.  
  341.  
  342.  
  343. The 11 bytes starting at 0000:7c3e are immediately overlaid by
  344.  
  345. information copied from another part of memory. That
  346.  
  347. information is the Diskette Parameter Table. This data is
  348.  
  349. pointed to by INT 1E. This data is:
  350.  
  351.  
  352.  
  353. 7c3e = Step rate and head unload time.
  354.  
  355. 7c3f = Head load time and DMA mode flag.
  356.  
  357. 7c40 = Delay for motor turn off.
  358.  
  359. 7c41 = Bytes per sector.
  360.  
  361. 7c42 = Sectors per track.
  362.  
  363. 7c43 = Intersector gap length.
  364.  
  365. 7c44 = Data length.
  366.  
  367. 7c45 = Intersector gap length during format.
  368.  
  369. 7c46 = Format byte value.
  370.  
  371. 7c47 = Head settling time.
  372.  
  373. 7c48 = Delay until motor at normal speed.
  374.  
  375.  
  376.  
  377. The 11 bytes starting at 0000:7c49 are also overlaid by the
  378.  
  379. following data:
  380.  
  381.  
  382.  
  383. 7c49 - 7c4c = diskette sector address (as LBA)
  384.  
  385. of the data area.
  386.  
  387. 7c4d - 7c4e = cylinder number to read from.
  388.  
  389. 7c4f - 7c4f = sector number to read from.
  390.  
  391. 7c50 - 7c53 = diskette sector address (as LBA)
  392.  
  393. of the root directory.
  394.  
  395.  
  396.  
  397. START: START OF BOOT SECTOR PROGRAM
  398.  
  399.  
  400.  
  401. 0000:7C3E FA CLI interrupts off
  402.  
  403. 0000:7C3F 33C0 XOR AX,AX set AX to zero
  404.  
  405. 0000:7C41 8ED0 MOV SS,AX SS is now zero
  406.  
  407. 0000:7C43 BC007C MOV SP,7C00 SP is now 7c00
  408.  
  409. 0000:7C46 16 PUSH SS also set ES
  410.  
  411. 0000:7C47 07 POP ES to zero
  412.  
  413.  
  414.  
  415. The INT 1E vector is at 0000:0078.
  416.  
  417. Get the address that the vector points to
  418.  
  419. into the DS:SI registers.
  420.  
  421.  
  422.  
  423. 0000:7C48 BB7800 MOV BX,0078 BX is now 78
  424.  
  425. 0000:7C4B 36 SS:
  426.  
  427. 0000:7C4C C537 LDS SI,[BX] DS:SI is now [0:78]
  428.  
  429. 0000:7C4E 1E PUSH DS save DS:SI --
  430.  
  431. 0000:7C4F 56 PUSH SI saves param tbl addr
  432.  
  433. 0000:7C50 16 PUSH SS save SS:BX --
  434.  
  435. 0000:7C51 53 PUSH BX saves INT 1E address
  436.  
  437.  
  438.  
  439. Move the diskette param table to 0000:7c3e.
  440.  
  441.  
  442.  
  443. 0000:7C52 BF3E7C MOV DI,7C3E DI is address of START
  444.  
  445. 0000:7C55 B90B00 MOV CX,000B count is 11
  446.  
  447. 0000:7C58 FC CLD clear direction
  448.  
  449. 0000:7C59 F3 REPZ move the diskette param
  450.  
  451. 0000:7C5A A4 MOVSB table to 0000:7c3e
  452.  
  453. 0000:7C5B 06 PUSH ES also set DS
  454.  
  455. 0000:7C5C 1F POP DS to zero
  456.  
  457.  
  458.  
  459. Alter some of the diskette param table data.
  460.  
  461.  
  462.  
  463. 0000:7C5D C645FE0F MOV BYTE PTR [DI-02],0F change head settle time
  464.  
  465. at 0000:7c47
  466.  
  467. 0000:7C61 8B0E187C MOV CX,[7C18] sectors per track
  468.  
  469. 0000:7C65 884DF9 MOV [DI-07],CL save at 0000:7c42
  470.  
  471.  
  472.  
  473. Change INT 1E so that it points to the
  474.  
  475. altered Diskette param table at 0000:7c3e.
  476.  
  477.  
  478.  
  479. 0000:7C68 894702 MOV [BX+02],AX change INT 1E segment
  480.  
  481. 0000:7C6B C7073E7C MOV WORD PTR [BX],7C3E change INT 1E offset
  482.  
  483.  
  484.  
  485. Call INT 13 with AX=0000, disk reset, so
  486.  
  487. that the new diskette param table is used.
  488.  
  489.  
  490.  
  491. 0000:7C6F FB STI interrupts on
  492.  
  493. 0000:7C70 CD13 INT 13 do diskette reset call
  494.  
  495. 0000:7C72 7279 JB TALK jmp if any error
  496.  
  497.  
  498.  
  499. Detemine the starting sector address of
  500.  
  501. the root directory as an LBA.
  502.  
  503.  
  504.  
  505. 0000:7C74 33C0 XOR AX,AX AX is now zero
  506.  
  507. 0000:7C76 3906137C CMP [7C13],AX number sectros zero?
  508.  
  509. 0000:7C7A 7408 JZ SMALL_DISK yes
  510.  
  511. 0000:7C7C 8B0E137C MOV CX,[7C13] number of sectors
  512.  
  513. 0000:7C80 890E207C MOV [7C20],CX save in huge num sects
  514.  
  515.  
  516.  
  517. SMALL_DISK:
  518.  
  519.  
  520.  
  521. 0000:7C84 A0107C MOV AL,[7C10] number of FAT tables
  522.  
  523. 0000:7C87 F726167C MUL WORD PTR [7C16] number of fat sectors
  524.  
  525. 0000:7C8B 03061C7C ADD AX,[7C1C] number of hidden sectors
  526.  
  527. 0000:7C8F 13161E7C ADC DX,[7C1E] number of hidden sectors
  528.  
  529. 0000:7C93 03060E7C ADD AX,[7C0E] number of reserved sectors
  530.  
  531. 0000:7C97 83D200 ADC DX,+00 number of reserved sectors
  532.  
  533. 0000:7C9A A3507C MOV [7C50],AX save start addr
  534.  
  535. 0000:7C9D 8916527C MOV [7C52],DX of root dir (as LBA)
  536.  
  537. 0000:7CA1 A3497C MOV [7C49],AX save start addr
  538.  
  539. 0000:7CA4 89164B7C MOV [7C4B],DX of root dir (as LBA)
  540.  
  541.  
  542.  
  543. Determine sector address of first sector
  544.  
  545. in the data area as an LBA.
  546.  
  547.  
  548.  
  549. 0000:7CA8 B82000 MOV AX,0020 size of a dir entry (32)
  550.  
  551. 0000:7CAB F726117C MUL WORD PTR [7C11] number of root dir entries
  552.  
  553. 0000:7CAF 8B1E0B7C MOV BX,[7C0B] bytes per sector
  554.  
  555. 0000:7CB3 03C3 ADD AX,BX
  556.  
  557. 0000:7CB5 48 DEC AX
  558.  
  559. 0000:7CB6 F7F3 DIV BX
  560.  
  561. 0000:7CB8 0106497C ADD [7C49],AX add to start addr
  562.  
  563. 0000:7CBC 83164B7C00 ADC WORD PTR [7C4B],+00 of root dir (as LBA)
  564.  
  565.  
  566.  
  567. Read the first root dir sector into 0000:0500.
  568.  
  569.  
  570.  
  571. 0000:7CC1 BB0005 MOV BX,0500 addr to read into
  572.  
  573. 0000:7CC4 8B16527C MOV DX,[7C52] get start of address
  574.  
  575. 0000:7CC8 A1507C MOV AX,[7C50] of root dir (as LBA)
  576.  
  577. 0000:7CCB E89200 CALL CONVERT call conversion routine
  578.  
  579. 0000:7CCE 721D JB TALK jmp is any error
  580.  
  581. 0000:7CD0 B001 MOV AL,01 read 1 sector
  582.  
  583. 0000:7CD2 E8AC00 CALL READ_SECTORS read 1st root dir sector
  584.  
  585. 0000:7CD5 7216 JB TALK jmp if any error
  586.  
  587. 0000:7CD7 8BFB MOV DI,BX addr of 1st dir entry
  588.  
  589. 0000:7CD9 B90B00 MOV CX,000B count is 11
  590.  
  591. 0000:7CDC BEE67D MOV SI,7DE6 addr of file names
  592.  
  593. 0000:7CDF F3 REPZ is this "IO.SYS"?
  594.  
  595. 0000:7CE0 A6 CMPSB
  596.  
  597. 0000:7CE1 750A JNZ TALK no
  598.  
  599. 0000:7CE3 8D7F20 LEA DI,[BX+20] addr of next dir entry
  600.  
  601. 0000:7CE6 B90B00 MOV CX,000B count is 11
  602.  
  603. 0000:7CE9 F3 REPZ is this "MSDOS.SYS"?
  604.  
  605. 0000:7CEA A6 CMPSB
  606.  
  607. 0000:7CEB 7418 JZ FOUND_FILES they are equal
  608.  
  609.  
  610.  
  611. TALK:
  612.  
  613.  
  614.  
  615. Display "Non-System disk..." message,
  616.  
  617. wait for user to hit a key, restore
  618.  
  619. the INT 1E vector and then
  620.  
  621. call INT 19 to start boot processing
  622.  
  623. all over again.
  624.  
  625.  
  626.  
  627. 0000:7CED BE9E7D MOV SI,7D9E "Non-System disk..."
  628.  
  629. 0000:7CF0 E85F00 CALL MSG_LOOP display message
  630.  
  631. 0000:7CF3 33C0 XOR AX,AX INT 16 function
  632.  
  633. 0000:7CF5 CD16 INT 16 read keyboard
  634.  
  635. 0000:7CF7 5E POP SI get INT 1E vector's
  636.  
  637. 0000:7CF8 1F POP DS address
  638.  
  639. 0000:7CF9 8F04 POP [SI] restore the INT 1E
  640.  
  641. 0000:7CFB 8F4402 POP [SI+02] vector's data
  642.  
  643. 0000:7CFE CD19 INT 19 CALL INT 19 to try again
  644.  
  645.  
  646.  
  647. SETUP_TALK:
  648.  
  649.  
  650.  
  651. 0000:7D00 58 POP AX pop junk off stack
  652.  
  653. 0000:7D01 58 POP AX pop junk off stack
  654.  
  655. 0000:7D02 58 POP AX pop junk off stack
  656.  
  657. 0000:7D03 EBE8 JMP TALK now talk to the user
  658.  
  659.  
  660.  
  661. FOUND_FILES:
  662.  
  663.  
  664.  
  665. Compute the sector address of the first
  666.  
  667. sector of IO.SYS.
  668.  
  669.  
  670.  
  671. 0000:7D05 8B471A MOV AX,[BX+1A] get starting cluster num
  672.  
  673. 0000:7D08 48 DEC AX subtract 1
  674.  
  675. 0000:7D09 48 DEC AX subtract 1
  676.  
  677. 0000:7D0A 8A1E0D7C MOV BL,[7C0D] sectors per cluster
  678.  
  679. 0000:7D0E 32FF XOR BH,BH
  680.  
  681. 0000:7D10 F7E3 MUL BX multiply
  682.  
  683. 0000:7D12 0306497C ADD AX,[7C49] add start addr of
  684.  
  685. 0000:7D16 13164B7C ADC DX,[7C4B] root dir (as LBA)
  686.  
  687.  
  688.  
  689. Read IO.SYS into memory at 0000:0700. IO.SYS
  690.  
  691. is 3 sectors long.
  692.  
  693.  
  694.  
  695. 0000:7D1A BB0007 MOV BX,0700 address to read into
  696.  
  697. 0000:7D1D B90300 MOV CX,0003 read 3 sectors
  698.  
  699.  
  700.  
  701. READ_LOOP:
  702.  
  703.  
  704.  
  705. Read the first 3 sectors of IO.SYS
  706.  
  707. (IO.SYS is much longer than 3 sectors).
  708.  
  709.  
  710.  
  711. 0000:7D20 50 PUSH AX save AX
  712.  
  713. 0000:7D21 52 PUSH DX save DX
  714.  
  715. 0000:7D22 51 PUSH CX save CX
  716.  
  717. 0000:7D23 E83A00 CALL CONVERT call conversion routine
  718.  
  719. 0000:7D26 72D8 JB SETUP_TALK jmp if error
  720.  
  721. 0000:7D28 B001 MOV AL,01 read one sector
  722.  
  723. 0000:7D2A E85400 CALL READ_SECTORS read one sector
  724.  
  725. 0000:7D2D 59 POP CX restore CX
  726.  
  727. 0000:7D2E 5A POP DX restore DX
  728.  
  729. 0000:7D2F 58 POP AX restore AX
  730.  
  731. 0000:7D30 72BB JB TALK jmp if any INT 13 error
  732.  
  733. 0000:7D32 050100 ADD AX,0001 add one to the sector addr
  734.  
  735. 0000:7D35 83D200 ADC DX,+00 add one to the sector addr
  736.  
  737. 0000:7D38 031E0B7C ADD BX,[7C0B] incr mem addr by sect size
  738.  
  739. 0000:7D3C E2E2 LOOP READ_LOOP read next sector
  740.  
  741.  
  742.  
  743. Leave information in the AX, BX, CX and DX
  744.  
  745. registers for IO.SYS to use. Finally,
  746.  
  747. jump to IO.SYS at 0070:0000.
  748.  
  749.  
  750.  
  751. 0000:7D3E 8A2E157C MOV CH,[7C15] media type
  752.  
  753. 0000:7D42 8A16247C MOV DL,[7C24] drive number
  754.  
  755. 0000:7D46 8B1E497C MOV BX,[7C49] get start addr of
  756.  
  757. 0000:7D4A A14B7C MOV AX,[7C4B] root dir (as LBA)
  758.  
  759. 0000:7D4D EA00007000 JMP 0070:0000 JUMP TO 0070:0000
  760.  
  761.  
  762.  
  763. MSG_LOOP:
  764.  
  765.  
  766.  
  767. This routine displays a message using
  768.  
  769. INT 10 one character at a time.
  770.  
  771. The message address is in DS:SI.
  772.  
  773.  
  774.  
  775. 0000:7D52 AC LODSB get message character
  776.  
  777. 0000:7D53 0AC0 OR AL,AL end of message?
  778.  
  779. 0000:7D55 7429 JZ RETURN jmp if yes
  780.  
  781. 0000:7D57 B40E MOV AH,0E display one character
  782.  
  783. 0000:7D59 BB0700 MOV BX,0007 video attrbiutes
  784.  
  785. 0000:7D5C CD10 INT 10 display one character
  786.  
  787. 0000:7D5E EBF2 JMP MSG_LOOP do again
  788.  
  789.  
  790.  
  791. CONVERT:
  792.  
  793. This routine
  794.  
  795. converts a sector address (an LBA) to
  796.  
  797. a CHS address. The LBA is in DX:AX.
  798.  
  799.  
  800.  
  801. 0000:7D60 3B16187C CMP DX,[7C18] hi part of LBA > sectPerTrk?
  802.  
  803. 0000:7D64 7319 JNB SET_CARRY jmp if yes
  804.  
  805. 0000:7D66 F736187C DIV WORD PTR [7C18] div by sectors per track
  806.  
  807. 0000:7D6A FEC2 INC DL add 1 to sector number
  808.  
  809. 0000:7D6C 88164F7C MOV [7C4F],DL save sector number
  810.  
  811. 0000:7D70 33D2 XOR DX,DX zero DX
  812.  
  813. 0000:7D72 F7361A7C DIV WORD PTR [7C1A] div number of heads
  814.  
  815. 0000:7D76 8816257C MOV [7C25],DL save head number
  816.  
  817. 0000:7D7A A34D7C MOV [7C4D],AX save cylinder number
  818.  
  819. 0000:7D7D F8 CLC clear carry
  820.  
  821. 0000:7D7E C3 RET return
  822.  
  823.  
  824.  
  825. SET_CARRY:
  826.  
  827.  
  828.  
  829. 0000:7D7F F9 STC set carry
  830.  
  831.  
  832.  
  833. RETURN:
  834.  
  835.  
  836.  
  837. 0000:7D80 C3 RET return
  838.  
  839.  
  840.  
  841. READ_SECTORS:
  842.  
  843.  
  844.  
  845. The caller of this routine supplies:
  846.  
  847. AL = number of sectors to read
  848.  
  849. ES:BX = memory location to read into
  850.  
  851. and CHS address to read from in
  852.  
  853. memory locations 7c25 and 7C4d-7c4f.
  854.  
  855.  
  856.  
  857. 0000:7D81 B402 MOV AH,02 INT 13 read sectors
  858.  
  859. 0000:7D83 8B164D7C MOV DX,[7C4D] get cylinder number
  860.  
  861. 0000:7D87 B106 MOV CL,06 shift count
  862.  
  863. 0000:7D89 D2E6 SHL DH,CL shift upper cyl left 6 bits
  864.  
  865. 0000:7D8B 0A364F7C OR DH,[7C4F] or in sector number
  866.  
  867. 0000:7D8F 8BCA MOV CX,DX move to CX
  868.  
  869. 0000:7D91 86E9 XCHG CH,CL CH=cyl lo, CL=cyl hi + sect
  870.  
  871. 0000:7D93 8A16247C MOV DL,[7C24] drive number
  872.  
  873. 0000:7D97 8A36257C MOV DH,[7C25] head number
  874.  
  875. 0000:7D9B CD13 INT 13 read sectors
  876.  
  877. 0000:7D9D C3 RET return
  878.  
  879.  
  880.  
  881. Data not used.
  882.  
  883.  
  884.  
  885. 0000:7D90 ca86e98a 16247c8a 36257ccd 13c3.... *.....$|.6%|... *
  886.  
  887.  
  888.  
  889. Messages here.
  890.  
  891.  
  892.  
  893. 0000:7D90 ........ ........ ........ ....0d0a * ..*
  894.  
  895. 0000:7Da0 4e6f6e2d 53797374 656d2064 69736b20 *Non-System disk *
  896.  
  897. 0000:7Db0 6f722064 69736b20 6572726f 720d0a52 *or disk error..R*
  898.  
  899. 0000:7Dc0 65706c61 63652061 6e642070 72657373 *eplace and press*
  900.  
  901. 0000:7Dd0 20616e79 206b6579 20776865 6e207265 * any key when re*
  902.  
  903. 0000:7De0 6164790d 0a00.... ........ ........ *ady... *
  904.  
  905.  
  906.  
  907. MS DOS hidden file names (first two root directory entries).
  908.  
  909.  
  910.  
  911. 0000:7De0 ........ ....494f 20202020 20205359 * IO SY*
  912.  
  913. 0000:7Df0 534d5344 4f532020 20535953 000055aa *SMSDOS SYS..U.*
  914.  
  915.  
  916.  
  917. The last two bytes contain a 55AAH signature.
  918.  
  919.  
  920.  
  921. 0000:7Df0 ........ ........ ........ ....55aa * U.*
  922.  
  923.  
  924.  
  925. /end/
Advertisement
Advertisement
Advertisement
RAW Paste Data Copied
Advertisement