Hi all, I am reading seaBios code, and I have a question about the shadow memory copy part. In fw/shadow.c:make_bios_writable_intel() reads pam0 to see if shadow memory is already readable (if pam0's fourth bit is set), if pam0 shows shadow memory is not readable running __make_bios_writable_intel from high-memory flash location (statements marked green below). But in my understanding the entry point of bios is 0xffff:fff0, then it jumps to 0xf000:e05b, which points to memory space in shadowing, but before __make_bios_writable_intel copying bios from high-memory flash to shadow memory, shadow memory is disabled, so these codes are forwarded to high-memory flash, including code to read pam0 before invoking __make_bios_writable_intel (statement marked red below). Why these codes are not relocate to high-memory flash, but only the invocation of __make_bios_writable_intel is need to be relocated? If shadow ram is present and readable, how cpu execute bios codes in 0xf000:xxxx before copying them to shadow ram?

60 static void 61 make_bios_writable_intel(u16 bdf, u32 pam0) 62 { 63 int reg = pci_config_readb(bdf, pam0); 64 if (!(reg & 0x10)) { 65 // QEMU doesn't fully implement the piix shadow capabilities - 66 // if ram isn't backing the bios segment when shadowing is 67 // disabled, the code itself won't be in memory. So, run the 68 // code from the high-memory flash location. 69 u32 pos = (u32)__make_bios_writable_intel + BIOS_SRC_OFFSET; 70 void (*func)(u16 bdf, u32 pam0) = (void*)pos; 71 func(bdf, pam0); 72 return; 73 } 74 // Ram already present - just enable writes 75 __make_bios_writable_intel(bdf, pam0); 76 }

Thanks