The Image Management BIOS
The Purpose of the Image Management BIOS
The Intel® documentation describes a BIOS tasked with handling several functions. These functions permit an application to issue a request to the BIOS:
To enable the system BIOS's Microcode Update capability.
To determine if the system BIOS's Microcode Update capability is currently enabled or disabled.
To write a new Microcode Update image from system RAM memory into the system's non-volatile memory.
To read a Microcode Update image from the system's non-volatile memory and place it into a specified area of system RAM memory.
It should be stressed that this BIOS manages the non-volatile memory within which one or more Micro Update images can be stored. It also is used to enable or disable the BIOS's ability to perform Microcode Updates to the processor(s). This BIOS in no way handles the actual updating of the processor(s). That is the province of the loader program described earlier (see “The Microcode Update Loader” on page 637).
The BIOS Interface
The Microcode Update image management BIOS is called by executing an INT 15 with the processor in Real Mode. Before executing the INT 15, the programmer must preload the processor's registers as indicated in Table 25-2 on page 641. A detailed description of each of the Sub-Functions can be found in “Detailed Function Call Description” on page 641.
| Register | Contains | Description |
|---|---|---|
| AX | D042h | This identifies the Microcode Update image management BIOS as the target. |
| BL | Sub-Function | This 8-bit value identifies the action being requested:
|
| Additional parameters that must be passed in the register set are defined by the Sub-Function requested. | ||
Detailed Function Call Description
The Presence Detect Function Call
Table 25-3 on page 642 defines the input and output parameters when making the Presence Detect call to determine if the Microcode Update image management BIOS is implemented.
| Register | Contains | Description |
|---|---|---|
| Input Parameters | ||
| AX | D042h | This identifies the Microcode Update image management BIOS as the target. |
| BL | Sub-Function | 00h. Test for the presence of the Microcode Update image management BIOS. |
| Output Parameters | ||
| CF | EFlags[CF]
| |
| AH | Return Code | Contains one of the following indications:
|
| AL | OEM Error | Additional OEM Information. The OEM Error is provided for the OEM to return additional error information specific to the platform. If the BIOS provides no additional information about the error, the OEM Error must be set to SUCCESS (see Table 25-7 on page 652). |
| EBX | Signature Part 1 | Part one of the signature: consists of the ASCII character string “INTE”'. This is the signature of the Microcode Update image management BIOS (also see the next row in this table). |
| ECX | Signature Part 2 | Part two of the signature: consists of the ASCII character string “LPEP”. |
| EDX | Loader Version | The version number of the Microcode Update loader program incorporated within the system BIOS. |
| SI | Update Count | Reflects the number of 2048 byte blocks available for storage within non-volatile RAM. It must return a value >= the number of unique Microcode Update images currently stored within the BIOS's non-volatile memory. |
| Return Code | Value | Description |
|---|---|---|
| SUCCESS | 00H | Function completed successfully. |
| NOT_IMPLEMENTED | 86H | The requested function is not implemented. |
| ERASE_FAILURE | 90H | A failure due to the inability to erase the BIOS's non-volatile memory. |
| WRITE_FAILURE | 91H | A failure because of the inability to write to the BIOS's non-volatile memory. |
| READ_FAILURE | 92H | A failure due to the inability to read from the BIOS's non-volatile memory. |
| STORAGE_FULL | 93H | The BIOS's non-volatile memory is unable to accommodate the new update image because all available update areas in non-volatile memory currently contain update images that are needed for processors in the system. |
| CPU_NOT_PRESENT | 94H | CPU_NOT_PRESENT = A processor with the stepping indicated in the proposed new image does not currently exist in the system. |
| INVALID_HEADER | 95H | INVALID_HEADER = The update header contains a header or requires a loader version that is not recognized by the BIOS. |
| INVALID_HEADER_CS | 96h | The update image does not checksum correctly. |
| SECURITY_FAILURE | 97H | The processor rejected the update. |
| INVALID_REVISION | 98H | The same or a more recent revision of the proposed new update image already exists in non-volatile memory. |
| UPDATE_NUM_INVALID | 99H | The update number exceeds the maximum number of update blocks implemented by the BIOS |
The caller must verify that all three of the following return parameters are true:
EFlags[CF] must be cleared to zero.
The Return Code in AH must indicate SUCCESS.
The ECX:EDX register pair must contain the ASCII character string 'INTELPEP'. This is the signature of the Microcode Update image management BIOS.
The Write Microcode Update Data Function Call
The Write Microcode Update Data function call is used to add a new Microcode Update image to the BIOS's non-volatile memory. Table 25-4 on page 644 defines the input and output parameters when making the Write Microcode Update Data call.
| Register | Contains | Description |
|---|---|---|
| Input Parameters | ||
| AX | D042h | This identifies the Microcode Update image management BIOS as the target. |
| BL | Sub-Function | 01h. Request to transfer a Microcode Update image from system RAM memory to the BIOS's non-volatile memory. |
| ES:DI | Update Address | Real Mode pointer to the Microcode Update image in system RAM memory. This buffer is 2048 bytes in length. It should be noted that the Intel® documentation incorrectly says that the ED:DI register pair is used, but there is no such thing as the ED register. |
| CX | Scratch Pad1 | When making a call to the BIOS with a request to write a new Microcode Update image to or to read an image from the BIOS's non-volatile memory, the calling program is responsible for providing three 64KB areas of system RAM memory for the BIOS to use. These three areas of memory can be used as scratchpad memory by the BIOS for any purpose, but only for the duration of the function call. The calling program places real mode segment pointers to the RAM blocks in CX, DX and SI. |
| DX | Scratch Pad2 | |
| SI | Scratch Pad3 | |
| SS:SP | Stack pointer | The stack provided to the BIOS by the caller must be at least 32KB in size. |
| Output Parameters | ||
| CF | EFlags[CF]
| |
| AH | Return Code | Contains one of the following indications:
|
| AL | OEM Error | Additional OEM Information. The OEM Error is provided for the OEM to return additional error information specific to the platform. If the BIOS provides no additional information about the error, the OEM Error must be set to SUCCESS (see Table 25-7 on page 652). |
The following rules apply:
The calling program does not select into which of the 2048-byte storage blocks of the BIOS's non-volatile memory the new image will be written. That is the responsibility of the BIOS.
Before accepting the new image, the BIOS must verify the integrity of the new image. The checks must be performed in the following order:
- The Header Version field in the new image must be one that is recognized by the BIOS (see Figure 25-1 on page 633 and Table 25-1 on page 634).
- The Loader Revision field in the new image (see Figure 25-1 on page 633) must be the same as that of the loader program contained in the system BIOS.
- The new 2048-byte image must checksum to zero (the 32-bit sum of all 512 dwords in the image, including the header, must = 0).
The BIOS must ensure that only a single update image exists in the BIOS's non-volatile memory for any given processor stepping. If the non-volatile memory block selected to be overwritten already contains an update image, the following additional criteria must be met before overwriting it:
- All of the following fields (see Figure 25-1 on page 633) in the new image's header must be identical to those fields within the image to be overwritten:
- The processor Type, Family, Model and Stepping fields.
- The Processor Flags field.
- The value in the Update Revision field of the new image must be > the value in the Update Revision field of the image to be overwritten.
If there are no unused image storage areas available in the BIOS's non-volatile memory and the criteria specified in the previous bullet item are not met, the BIOS can choose to overwrite an update image that currently resides in non-volatile memory. This can only be done, however, if the image to be overwritten targets a processor stepping (via the Stepping field in its Header) wherein no processor currently installed in the system matches that stepping value. The BIOS accomplishes this by scanning the update images that are currently in non-volatile memory and comparing their Stepping field values to the Stepping values currently specified in the MP Table (see “The APIC, the MPS and ACPI” on page 1597). The MP Table entries represent the processors that are currently installed in the system.
As a final step before accepting the new image into its non-volatile memory, the BIOS must verify the authenticity of the image by loading it into the target processor and verifying that the processor accepts it. This process was described in “Authenticating the Image” on page 638.
Figure 25-4 on page 647 illustrates the process the BIOS uses to choose which block of its non-volatile memory the new image is written to and to ensure the integrity of the new image before it writes it into its non-volatile memory.
Figure 25-4. BIOS Actions When Performing the Write Microcode Update Data Function
The Microcode Update Control Function Call
The Microcode Update Control function call permits the caller to request that the BIOS perform one of the following:
Enable the system BIOS's Microcode Update capability.
Return an indication as to whether or not the system BIOS's Microcode Update capability is currently enabled or disabled.
The caller cannot request that the system BIOS's Microcode Update capability be disabled (this would pose a security risk).
The Intel® documentation contains the following statement:
“The READ_FAILURE error code returned by this function has meaning only if the control function is implemented in the BIOS NVRAM. The state of this feature (enabled/disabled) can also be implemented using CMOS RAM bits where READ failure errors cannot occur.”
The author is at a loss as to how to interpret this (maybe it's just me, maybe not).
| Register | Contains | Description |
|---|---|---|
| Input Parameters | ||
| AX | D042h | This identifies the Microcode Update image management BIOS as the target. |
| BL | Sub-Function | 02h. Microcode Update Control. |
| BH | Task | Must contain one of the following values:
|
| CX | Scratch Pad1 | When making a call to the BIOS with a request to write a new Microcode Update image to or to read an image from the BIOS's non-volatile memory, the calling program is responsible for providing three 64KB areas of system RAM memory for the BIOS to use. These three areas of memory can be used as scratchpad memory by the BIOS for any purpose, but only for the duration of the function call. The calling program places real mode segment pointers to the RAM blocks in CX, DX and SI. |
| DX | Scratch Pad2 | |
| SI | Scratch Pad3 | |
| SS:SP | Stack pointer | The stack provided to the BIOS by the caller must be at least 32KB in size. |
| Output Parameters | ||
| CF | EFlags[CF]
| |
| AH | Return Code | Contains one of the following indications:
|
| AL | OEM Error | Additional OEM Information. The OEM Error is provided for the OEM to return additional error information specific to the platform. If the BIOS provides no additional information about the error, the OEM Error must be set to SUCCESS (see Table 25-7 on page 652). |
| BL | Update Status | The current state of the BIOS's Microcode Update capability. It should be noted that the Intel® documentation does not define the return values that indicate enabled or disabled. |
The Read Microcode Update Data Function Call
When this request issued to the BIOS, the BIOS reads the requested update image (the update image number is specified by the caller as one of the input parameters) from its non-volatile memory and writes it into a system RAM buffer specified by the caller.
A 2048-byte block of the BIOS's non-volatile memory is considered unused and available for storing a new image if, when the image is read using this function, its Header Version field contains the value FFFFFFFFh.
| Register | Contains | Description |
|---|---|---|
| Input Parameters | ||
| AX | D042h | This identifies the Microcode Update image management BIOS as the target. |
| BL | Sub-Function | 03h. Request to transfer a Microcode Update image from the BIOS's non-volatile memory to system RAM memory. |
| ES:DI | Buffer Address | Real Mode pointer to the system RAM buffer in which the requested Microcode Update image will be written. This buffer is 2048 bytes in length. |
| CX | Scratch Pad1 | When making a call to the BIOS with a request to write a new Microcode Update image to or to read an image from the BIOS's non-volatile memory, the calling program is responsible for providing three 64KB areas of system RAM memory for the BIOS to use. These three areas of memory can be used as scratchpad memory by the BIOS for any purpose, but only for the duration of the function call. The calling program places real mode segment pointers to the RAM blocks in CX, DX and SI. It should be noted that the Intel® documentation incorrectly defines the GPRs used to supply these parameters as ECX and DX, when they should be CX, DX and SI. |
| DX | Scratch Pad2 | |
| SI | Scratch Pad3 | |
| SS:SP | Stack pointer | The stack provided to the BIOS by the caller must be at least 32KB in size. |
| BH | Microcode Image Number | The index number of the Microcode Image to be read. This value is zero based and must be < the Update Count returned by the Presence Test function (see Table 25-3 on page 642). It should be noted that the Intel® documentation may be in error regarding the register used for this parameter. That documentation indicates that the SI register is used for this purpose, but the author thinks this is incorrect. Since all of the GPRs are used to supply the other parameters, the BH register may be the proper register in which to supply the Microcode Image Number parameter. |
| Output Parameters | ||
| CF | EFlags[CF]
| |
| AH | Return Code | Contains one of the following indications:
|
| AL | OEM Error | Additional OEM Information. The OEM Error is provided for the OEM to return additional error information specific to the platform. If the BIOS provides no additional information about the error, the OEM Error must be set to SUCCESS (see Table 25-7 on page 652). |