Changeset 4388 in vbox for trunk

Timestamp:

Aug 27, 2007 2:26:05 PM (17 years ago)

Author:

vboxsync

Message:

Shadow ROM emulation. Clear the RESERVED flag for ROM.

Location:

trunk

Files:

• include/VBox/mm.h (modified) (6 diffs)
• include/VBox/rem.h (modified) (1 diff)
• src/VBox/VMM/MM.cpp (modified) (1 diff)
• src/VBox/VMM/MMInternal.h (modified) (3 diffs)
• src/VBox/VMM/MMPhys.cpp (modified) (5 diffs)
• src/VBox/VMM/PDMDevice.cpp (modified) (2 diffs)
• src/VBox/VMM/PGM.cpp (modified) (1 diff)
• src/VBox/VMM/VM.cpp (modified) (1 diff)
• src/VBox/VMM/VMMAll/PGMAllPhys.cpp (modified) (3 diffs)
• src/recompiler/VBoxREMWrapper.cpp (modified) (3 diffs)
• src/recompiler/VBoxRecompiler.c (modified) (3 diffs)

trunk/include/VBox/mm.h

@@ -39 +39 @@
  * @{
  */
-/** Reserved - No RAM, but can be used for MMIO or ROM.
+/** Reserved - Not RAM, ROM nor MMIO2.
  * If this bit is cleared the memory is assumed to be some kind of RAM.
- * MMIO2 will for instance not set this flag, neither will ROM (wrong it's set :/). Normal MMIO
- * may set it but that depends on whether the RAM range was created specially
- * for the MMIO or not.
- * N.B. The current implementation will always reserve backing memory for reserved
- * ranges to simplify things.
+ * Normal MMIO may set it but that depends on whether the RAM range was
+ * created specially for the MMIO or not.
+ * 
+ * @remarks The current implementation will always reserve backing 
+ *          memory for reserved  ranges to simplify things.
  */
 #define MM_RAM_FLAGS_RESERVED           BIT(0)
@@ -51 +51 @@
  * The page have a HC physical address which contains the BIOS code. All write
  * access is trapped and ignored.
+ * 
+ * HACK: Writable shadow ROM is indicated by both ROM and MMIO2 being 
+ *       set. (We're out of bits.)
  */
 #define MM_RAM_FLAGS_ROM                BIT(1)
@@ -61 +64 @@
  * The virtualization is performed using real memory and only catching
  * a few accesses for like keeping track for dirty pages.
+ * @remark Involved in the shadow ROM hack.
  */
 #define MM_RAM_FLAGS_MMIO2              BIT(3)
@@ -659 +663 @@
 
 /**
+ * Reset notification.
+ * 
+ * MM will reload shadow ROMs into RAM at this point and make 
+ * the ROM writable.
+ * 
+ * @param   pVM             The VM handle.
+ */
+MMR3DECL(void) MMR3Reset(PVM pVM);
+
+/**
  * Convert HC Physical address to HC Virtual address.
  *
@@ -920 +934 @@
  *                              This must be cbRange bytes big.
  *                              It will be copied and doesn't have to stick around.
+ *                              It will be copied and doesn't have to stick around if fShadow is clear. 
+ * @param   fShadow             Whether to emulate ROM shadowing. This involves leaving
+ *                              the ROM writable for a while during the POST and refreshing
+ *                              it at reset. When this flag is set, the memory pointed to by
+ *                              pvBinary has to stick around for the lifespan of the VM.
  * @param   pszDesc             Pointer to description string. This must not be freed.
  * @remark  There is no way to remove the rom, automatically on device cleanup or
@@ -925 +944 @@
  * @thread  The Emulation Thread.
  */
-MMR3DECL(int) MMR3PhysRomRegister(PVM pVM, PPDMDEVINS pDevIns, RTGCPHYS GCPhys, RTUINT cbRange, const void *pvBinary, const char *pszDesc);
+MMR3DECL(int) MMR3PhysRomRegister(PVM pVM, PPDMDEVINS pDevIns, RTGCPHYS GCPhys, RTUINT cbRange, const void *pvBinary, bool fShadow, const char *pszDesc);
+
+/**
+ * Write-protects a shadow ROM range.
+ * 
+ * This is called late in the POST for shadow ROM ranges.
+ * 
+ * @returns VBox status code.
+ * @param   pVM         The VM handle.
+ * @param   GCPhys      Start of the registered shadow ROM range 
+ * @param   cbRange     The length of the registered shadow ROM range.
+ *                      This can be NULL (not sure about the BIOS interface yet).
+ */
+MMR3DECL(int) MMR3PhysRomProtect(PVM pVM, RTGCPHYS GCPhys, RTUINT cbRange);
 
 /**

trunk/include/VBox/rem.h

@@ -297 +297 @@
  * @param   cb          The size of the ROM.
  * @param   pvCopy      Pointer to the ROM copy.
- */
-REMR3DECL(void) REMR3NotifyPhysRomRegister(PVM pVM, RTGCPHYS GCPhys, RTUINT cb, void *pvCopy);
+ * @param   fShadow     Whether it's currently writable shadow ROM or normal readonly ROM.
+ *                      This function will be called when ever the protection of the 
+ *                      shadow ROM changes (at reset and end of POST).
+ */
+REMR3DECL(void) REMR3NotifyPhysRomRegister(PVM pVM, RTGCPHYS GCPhys, RTUINT cb, void *pvCopy, bool fShadow);
 
 /**

trunk/src/VBox/VMM/MM.cpp

@@ -336 +336 @@
 
 /**
+ * Reset notification.
+ * 
+ * MM will reload shadow ROMs into RAM at this point and make 
+ * the ROM writable.
+ * 
+ * @param   pVM             The VM handle.
+ */
+MMR3DECL(void) MMR3Reset(PVM pVM)
+{
+    mmR3PhysRomReset(pVM);
+}
+
+
+/**
  * Execute state save operation.
  *

trunk/src/VBox/VMM/MMInternal.h

@@ -503 +503 @@
 
 /**
+ * A registered Rom range.
+ * 
+ * This is used to track ROM registrations both for debug reasons
+ * and for resetting shadow ROM at reset.
+ * 
+ * This is allocated of the MMR3Heap and thus only accessibel from ring-3.
+ */
+typedef struct MMROMRANGE
+{
+    /** Pointer to the next */
+    struct MMROMRANGE  *pNext;
+    /** Address of the range. */
+    RTGCPHYS            GCPhys;
+    /** Size of the range. */
+    uint32_t            cbRange;
+    /** Shadow ROM? */
+    bool                fShadow;
+    /** Is the shadow ROM currently wriable? */
+    bool                fWritable;
+    /** The address of the virgin ROM image for shadow ROM. */
+    const void         *pvBinary;
+    /** The address of the guest RAM that's shadowing the ROM. (lazy bird) */
+    void               *pvCopy;
+    /** The ROM description. */
+    const char         *pszDesc;
+} MMROMRANGE;
+/** Pointer to a ROM range. */
+typedef MMROMRANGE *PMMROMRANGE;
+
+
+/**
  * Hypervisor memory mapping type.
  */
@@ -636 +667 @@
     /** Pointer to the base RAM. */
     HCPTRTYPE(void *)           pvRamBaseHC;
+    /** The head of the ROM ranges. */
+    R3PTRTYPE(PMMROMRANGE)      pRomHead;
 
     /** Pointer to the MM R3 Heap. */
@@ -660 +693 @@
 
 const char *mmR3GetTagName(MMTAG enmTag);
+
+void mmR3PhysRomReset(PVM pVM);
 
 /**

trunk/src/VBox/VMM/MMPhys.cpp

@@ -278 +278 @@
  *                              This must be cbRange bytes big.
  *                              It will be copied and doesn't have to stick around.
+ *                              It will be copied and doesn't have to stick around if fShadow is clear. 
+ * @param   fShadow             Whether to emulate ROM shadowing. This involves leaving
+ *                              the ROM writable for a while during the POST and refreshing
+ *                              it at reset. When this flag is set, the memory pointed to by
+ *                              pvBinary has to stick around for the lifespan of the VM.
  * @param   pszDesc             Pointer to description string. This must not be freed.
  * @remark  There is no way to remove the rom, automatically on device cleanup or
  *          manually from the device yet. At present I doubt we need such features...
  */
-MMR3DECL(int) MMR3PhysRomRegister(PVM pVM, PPDMDEVINS pDevIns, RTGCPHYS GCPhys, RTUINT cbRange, const void *pvBinary, const char *pszDesc)
+MMR3DECL(int) MMR3PhysRomRegister(PVM pVM, PPDMDEVINS pDevIns, RTGCPHYS GCPhys, RTUINT cbRange, const void *pvBinary, 
+                                  bool fShadow, const char *pszDesc)
 {
     /*
@@ -340 +346 @@
     memcpy(pvCopy, pvBinary, cbRange);
 
-    /** @note we rely on the MM_RAM_FLAGS_ROM flag in PGMPhysRead now. Don't change to reserved! */
-    /** @todo r=bird: Noone ever talked about changing *to* _RESERVED. The question is whether
-     * we should *clear* _RESERVED. I've no idea what the state of that flag is for ROM areas right
-     * now, but I will find out later. */
+    const unsigned fSet = fShadow ? MM_RAM_FLAGS_ROM | MM_RAM_FLAGS_MMIO2 : MM_RAM_FLAGS_ROM;
     for (; iPage < iPageEnd; iPage++)
-        pCur->aPhysPages[iPage].Phys |= MM_RAM_FLAGS_ROM; /** @todo should be clearing _RESERVED? */
-    int rc = PGMR3PhysSetFlags(pVM, GCPhys, cbRange, MM_RAM_FLAGS_ROM, ~0); /** @todo should be clearing _RESERVED? */
+    {
+        pCur->aPhysPages[iPage].Phys &= ~MM_RAM_FLAGS_RESERVED;
+        pCur->aPhysPages[iPage].Phys |= fSet;
+    }
+    int rc = PGMR3PhysSetFlags(pVM, GCPhys, cbRange, fSet, ~MM_RAM_FLAGS_RESERVED);
     AssertRC(rc);
     if (VBOX_SUCCESS(rc))
     {
         /*
-         * Prevent changes to the ROM memory when executing in raw mode by
-         * registering a GC only write access handler.
+         * To prevent the shadow page table mappings from being RW in raw-mode, we 
+         * must currently employ a little hack. We register an write access handler
+         * and thereby ensures a RO mapping of the pages. This is NOT very nice,
+         * and wasn't really my intention when writing the code, consider it a PGM bug.
          *
          * ASSUMES that REMR3NotifyPhysRomRegister doesn't call cpu_register_physical_memory
@@ -360 +368 @@
                                           NULL, NULL,
                                           NULL, "pgmGuestROMWriteHandler", 0,
-                                          NULL, "pgmGuestROMWriteHandler", 0, "ROM Write Access Handler");
+                                          NULL, "pgmGuestROMWriteHandler", 0, pszDesc);
         AssertRC(rc);
     }
 
-    REMR3NotifyPhysRomRegister(pVM, GCPhys, cbRange, pvCopy);
+    /*
+     * Create a ROM range it so we can make a 'info rom' thingy and more importantly
+     * reload and protect/unprotect shadow ROM correctly.
+     */
+    if (VBOX_SUCCESS(rc))
+    {
+        PMMROMRANGE pRomRange = (PMMROMRANGE)MMR3HeapAlloc(pVM, MM_TAG_MM, sizeof(*pRomRange));
+        AssertReturn(pRomRange, VERR_NO_MEMORY);
+        pRomRange->GCPhys = GCPhys;
+        pRomRange->cbRange = cbRange;
+        pRomRange->pszDesc = pszDesc;
+        pRomRange->fShadow = fShadow;
+        pRomRange->fWritable = fShadow;
+        pRomRange->pvBinary = fShadow ? pvBinary : NULL;
+        pRomRange->pvCopy = pvCopy;
+
+        /* sort it for 'info rom' readability.  */
+        PMMROMRANGE pPrev = NULL;
+        PMMROMRANGE pCur = pVM->mm.s.pRomHead;
+        while (pCur && pCur->GCPhys < GCPhys)
+        {
+            pPrev = pCur;
+            pCur = pCur->pNext;
+        }
+        pRomRange->pNext = pCur;
+        if (pPrev)
+            pPrev->pNext = pRomRange;
+        else
+            pVM->mm.s.pRomHead = pRomRange;
+    }
+
+    REMR3NotifyPhysRomRegister(pVM, GCPhys, cbRange, pvCopy, fShadow);
     return rc; /* we're sloppy with error cleanup here, but we're toast anyway if this fails. */
 }
@@ -438 +477 @@
  * This usually means the size of the first contigous block of physical memory.
  *
- * @returns
- * @param   pVM
+ * @returns The guest base RAM size.
+ * @param   pVM         The VM handle.
  * @thread  Any.
  */
@@ -447 +486 @@
 }
 
+
+/** 
+ * Called by MMR3Reset to reset the shadow ROM.
+ * 
+ * Resetting involves reloading the ROM into RAM and make it 
+ * wriable again (as it was made read only at the end of the POST).
+ * 
+ * @param   pVM         The VM handle.
+ */
+void mmR3PhysRomReset(PVM pVM)
+{
+    for (PMMROMRANGE pCur = pVM->mm.s.pRomHead; pCur; pCur = pCur->pNext)
+        if (pCur->fShadow)
+        {
+            memcpy(pCur->pvCopy, pCur->pvBinary, pCur->cbRange);
+            if (!pCur->fWritable)
+            {
+                int rc = PGMHandlerPhysicalDeregister(pVM, pCur->GCPhys);
+                AssertRC(rc);
+                pCur->fWritable = true;
+
+                rc = PGMR3PhysSetFlags(pVM, pCur->GCPhys, pCur->cbRange, MM_RAM_FLAGS_MMIO2, ~0); /* ROM -> ROM + MMIO2 */
+                AssertRC(rc);
+
+                REMR3NotifyPhysRomRegister(pVM, pCur->GCPhys, pCur->cbRange, pCur->pvCopy, true /* read-write now */);
+            }
+        }
+}
+
+
+/**
+ * Write-protects a shadow ROM range.
+ * 
+ * This is called late in the POST for shadow ROM ranges.
+ * 
+ * @returns VBox status code.
+ * @param   pVM         The VM handle.
+ * @param   GCPhys      Start of the registered shadow ROM range 
+ * @param   cbRange     The length of the registered shadow ROM range.
+ *                      This can be NULL (not sure about the BIOS interface yet).
+ */
+MMR3DECL(int) MMR3PhysRomProtect(PVM pVM, RTGCPHYS GCPhys, RTUINT cbRange)
+{
+    for (PMMROMRANGE pCur = pVM->mm.s.pRomHead; pCur; pCur = pCur->pNext)
+        if (    pCur->GCPhys == GCPhys 
+            &&  (   pCur->cbRange == cbRange 
+                 || !cbRange))
+        {
+            if (pCur->fWritable)
+            {
+                cbRange = pCur->cbRange;
+                int rc = PGMR3HandlerPhysicalRegister(pVM, PGMPHYSHANDLERTYPE_PHYSICAL_WRITE, GCPhys, GCPhys + cbRange - 1,
+                                                      NULL, NULL,
+                                                      NULL, "pgmGuestROMWriteHandler", 0,
+                                                      NULL, "pgmGuestROMWriteHandler", 0, pCur->pszDesc);
+                AssertRCReturn(rc, rc);
+                pCur->fWritable = false;
+
+                rc = PGMR3PhysSetFlags(pVM, GCPhys, cbRange, 0, ~MM_RAM_FLAGS_MMIO2); /* ROM + MMIO2 -> ROM */
+                AssertRCReturn(rc, rc);
+                /* Don't bother with the MM page flags here because I don't think they are 
+                   really used beyond conflict checking at ROM, RAM, Reservation, etc. */
+
+                REMR3NotifyPhysRomRegister(pVM, GCPhys, cbRange, pCur->pvCopy, false /* read-only now */);
+            }
+            return VINF_SUCCESS;
+        }
+    AssertMsgFailed(("GCPhys=%VGp cbRange=%#x\n", GCPhys, cbRange));
+    return VERR_INVALID_PARAMETER;
+}
+

trunk/src/VBox/VMM/PDMDevice.cpp

@@ -1488 +1488 @@
              pDevIns->pDevReg->szDeviceName, pDevIns->iInstance, GCPhysStart, cbRange, pvBinary, fShadow, pszDesc, pszDesc));
 
-AssertReturn(!fShadow, VERR_NOT_IMPLEMENTED); /* be patient. */
-    int rc = MMR3PhysRomRegister(pDevIns->Internal.s.pVMHC, pDevIns, GCPhysStart, cbRange, pvBinary, pszDesc);
+    int rc = MMR3PhysRomRegister(pDevIns->Internal.s.pVMHC, pDevIns, GCPhysStart, cbRange, pvBinary, fShadow, pszDesc);
 
     LogFlow(("pdmR3DevHlp_ROMRegister: caller='%s'/%d: returns %Vrc\n", pDevIns->pDevReg->szDeviceName, pDevIns->iInstance, rc));
@@ -3598 +3597 @@
              pDevIns->pDevReg->szDeviceName, pDevIns->iInstance, GCPhysStart, cbRange));
 
-AssertFailed(); /* be patient. */
-    int rc = VERR_NOT_IMPLEMENTED;
+    int rc = MMR3PhysRomProtect(pDevIns->Internal.s.pVMHC, GCPhysStart, cbRange);
 
     LogFlow(("pdmR3DevHlp_ROMProtectShadow: caller='%s'/%d: returns %Vrc\n", pDevIns->pDevReg->szDeviceName, pDevIns->iInstance, rc));

trunk/src/VBox/VMM/PGM.cpp

@@ -1282 +1282 @@
             if (pRam->aHCPhys[iPage] & (MM_RAM_FLAGS_RESERVED | MM_RAM_FLAGS_ROM | MM_RAM_FLAGS_MMIO | MM_RAM_FLAGS_MMIO2))
             {
+                /* shadow ram is reloaded elsewhere. */
                 Log4(("PGMR3Reset: not clearing phys page %RGp due to flags %RHp\n", pRam->GCPhys + (iPage << PAGE_SHIFT), pRam->aHCPhys[iPage] & (MM_RAM_FLAGS_RESERVED | MM_RAM_FLAGS_ROM | MM_RAM_FLAGS_MMIO)));
                 continue;

trunk/src/VBox/VMM/VM.cpp

@@ -1744 +1744 @@
     PGMR3Reset(pVM);                    /* We clear VM RAM in PGMR3Reset. It's vital PDMR3Reset is executed
                                          * _afterwards_. E.g. ACPI sets up RAM tables during init/reset. */
+    MMR3Reset(pVM);
     PDMR3Reset(pVM);
     SELMR3Reset(pVM);

trunk/src/VBox/VMM/VMMAll/PGMAllPhys.cpp

@@ -21 +21 @@
  * Since this flag is currently incorrectly kept set for ROM regions we will
  * have to ignore it for now so we don't break stuff.
+ * 
+ * @todo this has been fixed now I believe, remove this hack.
  */
 #define PGM_IGNORE_RAM_FLAGS_RESERVED
@@ -736 +738 @@
                         case MM_RAM_FLAGS_ROM:
                         case MM_RAM_FLAGS_ROM | MM_RAM_FLAGS_RESERVED:
+                        //case MM_RAM_FLAGS_ROM | MM_RAM_FLAGS_MMIO2: /* = shadow */ - //MMIO2 isn't in the mask.
                         case MM_RAM_FLAGS_PHYSICAL_WRITE:
-                        case MM_RAM_FLAGS_MMIO2 | MM_RAM_FLAGS_PHYSICAL_WRITE:
+                        case MM_RAM_FLAGS_MMIO2 | MM_RAM_FLAGS_PHYSICAL_WRITE: // MMIO2 isn't in the mask.
                         case MM_RAM_FLAGS_VIRTUAL_WRITE:
                         {
@@ -1000 +1003 @@
                 {
                     /*
-                     * Normal memory.
+                     * Normal memory, MMIO2 or writable shadow ROM.
                      */
                     case 0:
                     case MM_RAM_FLAGS_MMIO2:
+                    case MM_RAM_FLAGS_ROM | MM_RAM_FLAGS_MMIO2: /* shadow rom */
                     {
 #ifdef IN_GC

trunk/src/recompiler/VBoxREMWrapper.cpp

@@ -338 +338 @@
 static DECLCALLBACKPTR(void, pfnREMR3NotifyPhysRamChunkRegister)(PVM, RTGCPHYS, RTUINT, RTHCUINTPTR, unsigned);
 static DECLCALLBACKPTR(void, pfnREMR3NotifyPhysReserve)(PVM, RTGCPHYS, RTUINT);
-static DECLCALLBACKPTR(void, pfnREMR3NotifyPhysRomRegister)(PVM, RTGCPHYS, RTUINT, void *);
+static DECLCALLBACKPTR(void, pfnREMR3NotifyPhysRomRegister)(PVM, RTGCPHYS, RTUINT, void *, bool);
 static DECLCALLBACKPTR(void, pfnREMR3NotifyHandlerPhysicalModify)(PVM, PGMPHYSHANDLERTYPE, RTGCPHYS, RTGCPHYS, RTGCPHYS, bool, void *);
 static DECLCALLBACKPTR(void, pfnREMR3NotifyHandlerPhysicalRegister)(PVM, PGMPHYSHANDLERTYPE, RTGCPHYS, RTGCPHYS, bool);
@@ -411 +411 @@
     { REMPARMDESC_FLAGS_INT,        sizeof(RTUINT), NULL },
     { REMPARMDESC_FLAGS_INT,        sizeof(void *), NULL }
+    { REMPARMDESC_FLAGS_INT,        sizeof(bool), NULL }
 };
 static const REMPARMDESC g_aArgsNotifyHandlerPhysicalModify[] =
@@ -1982 +1983 @@
 }
 
-REMR3DECL(void) REMR3NotifyPhysRomRegister(PVM pVM, RTGCPHYS GCPhys, RTUINT cb, void *pvCopy)
+REMR3DECL(void) REMR3NotifyPhysRomRegister(PVM pVM, RTGCPHYS GCPhys, RTUINT cb, void *pvCopy, bool fShadow)
 {
 #ifndef USE_REM_STUBS
     Assert(VALID_PTR(pfnREMR3NotifyPhysRomRegister));
-    pfnREMR3NotifyPhysRomRegister(pVM, GCPhys, cb, pvCopy);
+    pfnREMR3NotifyPhysRomRegister(pVM, GCPhys, cb, pvCopy, fShadow);
 #endif
 }

trunk/src/recompiler/VBoxRecompiler.c

@@ -2790 +2790 @@
  * @param   cb          The size of the ROM.
  * @param   pvCopy      Pointer to the ROM copy.
- */
-REMR3DECL(void) REMR3NotifyPhysRomRegister(PVM pVM, RTGCPHYS GCPhys, RTUINT cb, void *pvCopy)
+ * @param   fShadow     Whether it's currently writable shadow ROM or normal readonly ROM.
+ *                      This function will be called when ever the protection of the 
+ *                      shadow ROM changes (at reset and end of POST).
+ */
+REMR3DECL(void) REMR3NotifyPhysRomRegister(PVM pVM, RTGCPHYS GCPhys, RTUINT cb, void *pvCopy, bool fShadow)
 {
 #if defined(PGM_DYNAMIC_RAM_ALLOC) && !defined(REM_PHYS_ADDR_IN_TLB)
     uint32_t i;
 #endif
-    Log(("REMR3NotifyPhysRomRegister: GCPhys=%VGp cb=%d pvCopy=%p\n", GCPhys, cb, pvCopy));
+    Log(("REMR3NotifyPhysRomRegister: GCPhys=%VGp cb=%d pvCopy=%p fShadow=%RTbool\n", GCPhys, cb, pvCopy, fShadow));
     VM_ASSERT_EMT(pVM);
 
@@ -2815 +2818 @@
 
 #ifdef REM_PHYS_ADDR_IN_TLB
-    cpu_register_physical_memory(GCPhys, cb, GCPhys | IO_MEM_ROM);
+    cpu_register_physical_memory(GCPhys, cb, GCPhys | (fShadow ? 0 : IO_MEM_ROM));
 #elif defined(PGM_DYNAMIC_RAM_ALLOC)
-    cpu_register_physical_memory(GCPhys, cb, GCPhys | IO_MEM_ROM);
+    cpu_register_physical_memory(GCPhys, cb, GCPhys | (fShadow ? 0 : IO_MEM_ROM));
     AssertRelease(pVM->rem.s.cPhysRegistrations < REM_MAX_PHYS_REGISTRATIONS);
     for (i = 0; i < pVM->rem.s.cPhysRegistrations; i++)
@@ -2837 +2840 @@
 #else
     AssertRelease(phys_ram_base);
-    cpu_register_physical_memory(GCPhys, cb, ((uintptr_t)pvCopy - (uintptr_t)phys_ram_base) | IO_MEM_ROM);
+    cpu_register_physical_memory(GCPhys, cb, ((uintptr_t)pvCopy - (uintptr_t)phys_ram_base) | (fShadow ? 0 : IO_MEM_ROM));
 #endif