[coreboot] Patch set updated for coreboot: 5417528 Rename devices -> device

Stefan Reinauer (stefan.reinauer@coreboot.org) gerrit at coreboot.org
Fri Nov 30 23:27:34 CET 2012


Stefan Reinauer (stefan.reinauer at coreboot.org) just uploaded a new patch set to gerrit, which you can find at http://review.coreboot.org/1960

-gerrit

commit 5417528297d39dfff2f4beffb59b9398823199af
Author: Stefan Reinauer <reinauer at chromium.org>
Date:   Fri Nov 30 12:34:04 2012 -0800

    Rename devices -> device
    
    to match src/include/device
    
    Change-Id: I5d0e5b4361c34881a3b81347aac48738cb5b9af0
    Signed-off-by: Stefan Reinauer <reinauer at google.com>
---
 Makefile.inc                                |    4 +-
 src/Kconfig                                 |    2 +-
 src/arch/x86/include/arch/interrupt.h       |    2 +-
 src/device/Kconfig                          |  449 +++
 src/device/Makefile.inc                     |   24 +
 src/device/agp_device.c                     |   75 +
 src/device/cardbus_device.c                 |  184 +
 src/device/cpu_device.c                     |   71 +
 src/device/device.c                         | 1157 ++++++
 src/device/device_romstage.c                |   80 +
 src/device/device_util.c                    |  870 +++++
 src/device/hypertransport.c                 |  692 ++++
 src/device/oprom/Makefile.inc               |   23 +
 src/device/oprom/include/vbe.h              |  117 +
 src/device/oprom/include/x86emu/fpu_regs.h  |  115 +
 src/device/oprom/include/x86emu/regs.h      |  372 ++
 src/device/oprom/include/x86emu/types.h     |   89 +
 src/device/oprom/include/x86emu/x86emu.h    |  197 +
 src/device/oprom/realmode/Makefile.inc      |   23 +
 src/device/oprom/realmode/x86.c             |  490 +++
 src/device/oprom/realmode/x86.h             |   49 +
 src/device/oprom/realmode/x86_asm.S         |  413 ++
 src/device/oprom/realmode/x86_interrupts.c  |  235 ++
 src/device/oprom/x86emu/LICENSE             |   17 +
 src/device/oprom/x86emu/Makefile.inc        |    7 +
 src/device/oprom/x86emu/debug.c             |  434 +++
 src/device/oprom/x86emu/debug.h             |  234 ++
 src/device/oprom/x86emu/decode.c            | 1149 ++++++
 src/device/oprom/x86emu/decode.h            |   88 +
 src/device/oprom/x86emu/fpu.c               |  951 +++++
 src/device/oprom/x86emu/fpu.h               |   61 +
 src/device/oprom/x86emu/ops.c               | 5510 +++++++++++++++++++++++++++
 src/device/oprom/x86emu/ops.h               |   47 +
 src/device/oprom/x86emu/ops2.c              | 1984 ++++++++++
 src/device/oprom/x86emu/prim_asm.h          |  971 +++++
 src/device/oprom/x86emu/prim_ops.c          | 2496 ++++++++++++
 src/device/oprom/x86emu/prim_ops.h          |  232 ++
 src/device/oprom/x86emu/sys.c               |  406 ++
 src/device/oprom/x86emu/x86emui.h           |  103 +
 src/device/oprom/yabel/Makefile.inc         |    9 +
 src/device/oprom/yabel/biosemu.c            |  395 ++
 src/device/oprom/yabel/biosemu.h            |   53 +
 src/device/oprom/yabel/compat/Makefile.inc  |    1 +
 src/device/oprom/yabel/compat/functions.c   |   59 +
 src/device/oprom/yabel/compat/of.h          |   55 +
 src/device/oprom/yabel/compat/rtas.h        |   45 +
 src/device/oprom/yabel/compat/time.h        |   18 +
 src/device/oprom/yabel/debug.c              |   54 +
 src/device/oprom/yabel/debug.h              |  105 +
 src/device/oprom/yabel/device.c             |  471 +++
 src/device/oprom/yabel/device.h             |  185 +
 src/device/oprom/yabel/interrupt.c          |  678 ++++
 src/device/oprom/yabel/interrupt.h          |   21 +
 src/device/oprom/yabel/io.c                 |  577 +++
 src/device/oprom/yabel/io.h                 |   30 +
 src/device/oprom/yabel/mem.c                |  501 +++
 src/device/oprom/yabel/mem.h                |   36 +
 src/device/oprom/yabel/pmm.c                |  442 +++
 src/device/oprom/yabel/pmm.h                |   46 +
 src/device/oprom/yabel/vbe.c                |  774 ++++
 src/device/oprom/yabel/vbe.h                |   23 +
 src/device/pci_device.c                     | 1325 +++++++
 src/device/pci_ops.c                        |  149 +
 src/device/pci_rom.c                        |  174 +
 src/device/pciexp_device.c                  |  252 ++
 src/device/pcix_device.c                    |  150 +
 src/device/pnp_device.c                     |  304 ++
 src/device/root_device.c                    |  166 +
 src/device/smbus_ops.c                      |  137 +
 src/devices/Kconfig                         |  449 ---
 src/devices/Makefile.inc                    |   24 -
 src/devices/agp_device.c                    |   75 -
 src/devices/cardbus_device.c                |  184 -
 src/devices/cpu_device.c                    |   71 -
 src/devices/device.c                        | 1157 ------
 src/devices/device_romstage.c               |   80 -
 src/devices/device_util.c                   |  870 -----
 src/devices/hypertransport.c                |  692 ----
 src/devices/oprom/Makefile.inc              |   23 -
 src/devices/oprom/include/vbe.h             |  117 -
 src/devices/oprom/include/x86emu/fpu_regs.h |  115 -
 src/devices/oprom/include/x86emu/regs.h     |  372 --
 src/devices/oprom/include/x86emu/types.h    |   89 -
 src/devices/oprom/include/x86emu/x86emu.h   |  197 -
 src/devices/oprom/realmode/Makefile.inc     |   23 -
 src/devices/oprom/realmode/x86.c            |  490 ---
 src/devices/oprom/realmode/x86.h            |   49 -
 src/devices/oprom/realmode/x86_asm.S        |  413 --
 src/devices/oprom/realmode/x86_interrupts.c |  235 --
 src/devices/oprom/x86emu/LICENSE            |   17 -
 src/devices/oprom/x86emu/Makefile.inc       |    7 -
 src/devices/oprom/x86emu/debug.c            |  434 ---
 src/devices/oprom/x86emu/debug.h            |  234 --
 src/devices/oprom/x86emu/decode.c           | 1149 ------
 src/devices/oprom/x86emu/decode.h           |   88 -
 src/devices/oprom/x86emu/fpu.c              |  951 -----
 src/devices/oprom/x86emu/fpu.h              |   61 -
 src/devices/oprom/x86emu/ops.c              | 5510 ---------------------------
 src/devices/oprom/x86emu/ops.h              |   47 -
 src/devices/oprom/x86emu/ops2.c             | 1984 ----------
 src/devices/oprom/x86emu/prim_asm.h         |  971 -----
 src/devices/oprom/x86emu/prim_ops.c         | 2496 ------------
 src/devices/oprom/x86emu/prim_ops.h         |  232 --
 src/devices/oprom/x86emu/sys.c              |  406 --
 src/devices/oprom/x86emu/x86emui.h          |  103 -
 src/devices/oprom/yabel/Makefile.inc        |    9 -
 src/devices/oprom/yabel/biosemu.c           |  395 --
 src/devices/oprom/yabel/biosemu.h           |   53 -
 src/devices/oprom/yabel/compat/Makefile.inc |    1 -
 src/devices/oprom/yabel/compat/functions.c  |   59 -
 src/devices/oprom/yabel/compat/of.h         |   55 -
 src/devices/oprom/yabel/compat/rtas.h       |   45 -
 src/devices/oprom/yabel/compat/time.h       |   18 -
 src/devices/oprom/yabel/debug.c             |   54 -
 src/devices/oprom/yabel/debug.h             |  105 -
 src/devices/oprom/yabel/device.c            |  471 ---
 src/devices/oprom/yabel/device.h            |  185 -
 src/devices/oprom/yabel/interrupt.c         |  678 ----
 src/devices/oprom/yabel/interrupt.h         |   21 -
 src/devices/oprom/yabel/io.c                |  577 ---
 src/devices/oprom/yabel/io.h                |   30 -
 src/devices/oprom/yabel/mem.c               |  501 ---
 src/devices/oprom/yabel/mem.h               |   36 -
 src/devices/oprom/yabel/pmm.c               |  442 ---
 src/devices/oprom/yabel/pmm.h               |   46 -
 src/devices/oprom/yabel/vbe.c               |  774 ----
 src/devices/oprom/yabel/vbe.h               |   23 -
 src/devices/pci_device.c                    | 1325 -------
 src/devices/pci_ops.c                       |  149 -
 src/devices/pci_rom.c                       |  174 -
 src/devices/pciexp_device.c                 |  252 --
 src/devices/pcix_device.c                   |  150 -
 src/devices/pnp_device.c                    |  304 --
 src/devices/root_device.c                   |  166 -
 src/devices/smbus_ops.c                     |  137 -
 src/northbridge/via/cx700/vga.c             |    2 +-
 src/northbridge/via/vt8623/vga.c            |    2 +-
 src/northbridge/via/vx800/vga.c             |    2 +-
 util/genprof/README                         |    2 +-
 util/vgabios/Makefile                       |    2 +-
 140 files changed, 27659 insertions(+), 27659 deletions(-)

diff --git a/Makefile.inc b/Makefile.inc
index 927548e..b0a5341 100644
--- a/Makefile.inc
+++ b/Makefile.inc
@@ -48,7 +48,7 @@ PHONY+= clean-abuild coreboot lint lint-stable build-dirs
 
 #######################################################################
 # root source directories of coreboot
-subdirs-y := src/lib src/console src/devices src/ec src/southbridge
+subdirs-y := src/lib src/console src/device src/ec src/southbridge
 subdirs-y += src/northbridge src/superio src/drivers src/cpu src/vendorcode
 subdirs-y += util/cbfstool util/sconfig util/nvramtool
 subdirs-y += src/arch/$(ARCHDIR-y)
@@ -184,7 +184,7 @@ COREBOOT_EXTRA_VERSION := -$(call strip_quotes,$(CONFIG_LOCALVERSION))
 endif
 
 INCLUDES := -Isrc -Isrc/include -I$(obj) -Isrc/arch/$(ARCHDIR-y)/include
-INCLUDES += -Isrc/devices/oprom/include
+INCLUDES += -Isrc/device/oprom/include
 # abspath is a workaround for romcc
 INCLUDES += -include $(src)/include/kconfig.h
 
diff --git a/src/Kconfig b/src/Kconfig
index 29731b3..ef7fcf6 100644
--- a/src/Kconfig
+++ b/src/Kconfig
@@ -238,7 +238,7 @@ source src/ec/Kconfig
 
 endmenu
 
-source src/devices/Kconfig
+source src/device/Kconfig
 
 menu "Generic Drivers"
 source src/drivers/Kconfig
diff --git a/src/arch/x86/include/arch/interrupt.h b/src/arch/x86/include/arch/interrupt.h
index ad9493d..7a58ce8 100644
--- a/src/arch/x86/include/arch/interrupt.h
+++ b/src/arch/x86/include/arch/interrupt.h
@@ -25,7 +25,7 @@
 #if CONFIG_PCI_OPTION_ROM_RUN_REALMODE
 extern void mainboard_interrupt_handlers(int intXX, void *intXX_func);
 #elif CONFIG_PCI_OPTION_ROM_RUN_YABEL
-#include <devices/oprom/yabel/biosemu.h>
+#include <device/oprom/yabel/biosemu.h>
 #else
 static inline void mainboard_interrupt_handlers(int intXX, void *intXX_func) { }
 #endif
diff --git a/src/device/Kconfig b/src/device/Kconfig
new file mode 100644
index 0000000..700516b
--- /dev/null
+++ b/src/device/Kconfig
@@ -0,0 +1,449 @@
+##
+## This file is part of the coreboot project.
+##
+## Copyright (C) 2007-2010 coresystems GmbH
+## (Written by Stefan Reinauer <stepan at coresystems.de> for coresystems GmbH)
+##
+## This program is free software; you can redistribute it and/or modify
+## it under the terms of the GNU General Public License as published by
+## the Free Software Foundation; version 2 of the License.
+##
+## This program is distributed in the hope that it will be useful,
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+## GNU General Public License for more details.
+##
+## You should have received a copy of the GNU General Public License
+## along with this program; if not, write to the Free Software
+## Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
+##
+
+menu "Devices"
+# TODO: Explain differences (if any) for onboard cards.
+config VGA_ROM_RUN
+	bool "Run VGA Option ROMs"
+	default n if PAYLOAD_SEABIOS
+	default y if !PAYLOAD_SEABIOS
+	depends on !PAYLOAD_SEABIOS || EXPERT
+	help
+	  Execute VGA Option ROMs in coreboot if found. This is required
+	  to enable PCI/AGP/PCI-E video cards when not using a SeaBIOS
+	  payload.
+
+	  When using a SeaBIOS payload it runs all option ROMs with much
+	  more complete BIOS interrupt services available than coreboot,
+	  which some option ROMs require in order to function correctly.
+
+	  If unsure, say N when using SeaBIOS as payload, Y otherwise.
+
+config S3_VGA_ROM_RUN
+	bool "Re-run VGA Option ROMs on S3 resume"
+	default y
+	depends on VGA_ROM_RUN && HAVE_ACPI_RESUME
+	help
+	  Execute VGA Option ROMs in coreboot when resuming from S3 suspend.
+
+	  When using a SeaBIOS payload it runs all option ROMs with much
+	  more complete BIOS interrupt services available than coreboot,
+	  which some option ROMs require in order to function correctly.
+
+	  If unsure, say N when using SeaBIOS as payload, Y otherwise.
+
+config PCI_ROM_RUN
+	bool "Run non-VGA Option ROMs"
+	default n if PAYLOAD_SEABIOS
+	default y if !PAYLOAD_SEABIOS
+	depends on !PAYLOAD_SEABIOS || EXPERT
+	help
+	  Execute non-VGA PCI Option ROMs in coreboot if found.
+
+	  Examples include IDE/SATA controller Option ROMs and Option ROMs
+	  for network cards (NICs).
+
+	  When using a SeaBIOS payload it runs all option ROMs with much
+	  more complete BIOS interrupt services available than coreboot,
+	  which some option ROMs require in order to function correctly.
+
+	  If unsure, say N when using SeaBIOS as payload, Y otherwise.
+
+config ON_DEVICE_ROM_RUN
+	bool "Run Option ROMs on PCI devices"
+	default n if PAYLOAD_SEABIOS
+	default y if !PAYLOAD_SEABIOS
+	depends on !PAYLOAD_SEABIOS || EXPERT
+	help
+	  Execute Option ROMs stored on PCI/PCIe/AGP devices in coreboot.
+
+	  If disabled, only Option ROMs stored in CBFS will be executed by
+	  coreboot. If you are concerned about security, you might want to
+	  disable this option, but it might leave your system in a state of
+	  degraded functionality.
+
+	  When using a SeaBIOS payload it runs all option ROMs with much
+	  more complete BIOS interrupt services available than coreboot,
+	  which some option ROMs require in order to function correctly.
+
+	  If unsure, say N when using SeaBIOS as payload, Y otherwise.
+
+choice
+	prompt "Option ROM execution type"
+	default PCI_OPTION_ROM_RUN_YABEL if !ARCH_X86
+	default PCI_OPTION_ROM_RUN_REALMODE if ARCH_X86
+	depends on PCI_ROM_RUN || VGA_ROM_RUN || GEODE_VSA
+
+config PCI_OPTION_ROM_RUN_REALMODE
+	prompt "Native mode"
+	bool
+	depends on ARCH_X86
+	help
+	  If you select this option, PCI Option ROMs will be executed
+	  natively on the CPU in real mode. No CPU emulation is involved,
+	  so this is the fastest, but also the least secure option.
+	  (only works on x86/x64 systems)
+
+config PCI_OPTION_ROM_RUN_YABEL
+	prompt "Secure mode"
+	bool
+	depends on !GEODE_VSA
+	help
+	  If you select this option, the x86emu CPU emulator will be used to
+	  execute PCI Option ROMs.
+
+	  This option prevents Option ROMs from doing dirty tricks with the
+	  system (such as installing SMM modules or hypervisors), but it is
+	  also significantly slower than the native Option ROM initialization
+	  method.
+
+	  This is the default choice for non-x86 systems.
+
+endchoice
+
+config YABEL_PCI_ACCESS_OTHER_DEVICES
+	prompt "Allow Option ROMs to access other devices"
+	bool
+	depends on PCI_OPTION_ROM_RUN_YABEL
+	help
+	  Per default, YABEL only allows Option ROMs to access the PCI device
+	  that they are associated with. However, this causes trouble for some
+	  onboard graphics chips whose Option ROM needs to reconfigure the
+	  north bridge.
+
+config YABEL_PCI_FAKE_WRITING_OTHER_DEVICES_CONFIG
+	prompt "Fake success on writing other device's config space"
+	bool
+	depends on YABEL_PCI_ACCESS_OTHER_DEVICES
+	help
+	  By default, YABEL aborts when the Option ROM tries to write to other
+	  devices' config spaces. With this option enabled, the write doesn't
+	  follow through, but the Option ROM is allowed to go on.
+	  This can create issues such as hanging Option ROMs (if it depends on
+	  that other register changing to the written value), so test for
+	  impact before using this option.
+
+config YABEL_VIRTMEM_LOCATION
+	prompt "Location of YABEL's virtual memory"
+	hex
+	depends on PCI_OPTION_ROM_RUN_YABEL && EXPERT
+	default 0x1000000
+	help
+	  YABEL requires 1MB memory for its CPU emulation. This memory is
+	  normally located at 16MB.
+
+config YABEL_VIRTMEM_LOCATION
+	hex
+	depends on PCI_OPTION_ROM_RUN_YABEL && !EXPERT
+	default 0x1000000
+
+config YABEL_DIRECTHW
+	prompt "Direct hardware access"
+	bool
+	depends on PCI_OPTION_ROM_RUN_YABEL
+	help
+	  YABEL consists of two parts: It uses x86emu for the CPU emulation and
+	  additionally provides a PC system emulation that filters bad device
+	  and memory access (such as PCI config space access to other devices
+	  than the initialized one).
+
+	  When choosing this option, x86emu will pass through all hardware
+	  accesses to memory and I/O devices to the underlying memory and I/O
+	  addresses. While this option prevents Option ROMs from doing dirty
+	  tricks with the CPU (such as installing SMM modules or hypervisors),
+	  they can still access all devices in the system.
+	  Enable this option for a good compromise between security and speed.
+
+config MULTIPLE_VGA_ADAPTERS
+	bool
+	default n
+
+config PCI
+	bool
+	default n
+
+config PCI_64BIT_PREF_MEM
+	bool
+	depends on PCI
+	default n
+
+config HYPERTRANSPORT_PLUGIN_SUPPORT
+	bool
+	depends on PCI
+	default n
+
+config PCIX_PLUGIN_SUPPORT
+	bool
+	depends on PCI
+	default y
+
+config PCIEXP_PLUGIN_SUPPORT
+	bool
+	depends on PCI
+	default y
+
+config AGP_PLUGIN_SUPPORT
+	bool
+	depends on PCI
+	default y
+
+config CARDBUS_PLUGIN_SUPPORT
+	bool
+	depends on PCI
+	default y
+
+config PCIEXP_COMMON_CLOCK
+	prompt "Enable PCIe Common Clock"
+	bool
+	default n
+	help
+	  Detect and enable Common Clock on PCIe links.
+
+config PCIEXP_ASPM
+	prompt "Enable PCIe ASPM"
+	bool
+	default n
+	help
+	  Detect and enable ASPM on PCIe links.
+
+config PCI_BUS_SEGN_BITS
+	int
+	default 0
+endmenu
+
+menu "VGA BIOS"
+
+config VGA_BIOS
+	bool "Add a VGA BIOS image"
+	help
+	  Select this option if you have a VGA BIOS image that you would
+	  like to add to your ROM.
+
+	  You will be able to specify the location and file name of the
+	  image later.
+
+config VGA_BIOS_FILE
+	string "VGA BIOS path and filename"
+	depends on VGA_BIOS
+	default "vgabios.bin"
+	help
+	  The path and filename of the file to use as VGA BIOS.
+
+config VGA_BIOS_ID
+	string "VGA device PCI IDs"
+	depends on VGA_BIOS
+	default "1106,3230"
+	help
+	  The comma-separated PCI vendor and device ID that would associate
+	  your VGA BIOS to your video card.
+
+	  Example: 1106,3230
+
+	  In the above example 1106 is the PCI vendor ID (in hex, but without
+	  the "0x" prefix) and 3230 specifies the PCI device ID of the
+	  video card (also in hex, without "0x" prefix).
+
+config INTEL_MBI
+	bool "Add an MBI image"
+	depends on NORTHBRIDGE_INTEL_I82830
+	help
+	  Select this option if you have an Intel MBI image that you would
+	  like to add to your ROM.
+
+	  You will be able to specify the location and file name of the
+	  image later.
+
+config MBI_FILE
+	string "Intel MBI path and filename"
+	depends on INTEL_MBI
+	default "mbi.bin"
+	help
+	  The path and filename of the file to use as VGA BIOS.
+
+endmenu
+
+menu "Display"
+	depends on PCI_OPTION_ROM_RUN_YABEL || PCI_OPTION_ROM_RUN_REALMODE
+
+config FRAMEBUFFER_SET_VESA_MODE
+	prompt "Set VESA framebuffer mode"
+	bool
+	depends on PCI_OPTION_ROM_RUN_YABEL || PCI_OPTION_ROM_RUN_REALMODE
+	help
+	  Set VESA framebuffer mode (needed for bootsplash)
+
+choice
+	prompt "VESA framebuffer video mode"
+	default FRAMEBUFFER_VESA_MODE_117
+	depends on FRAMEBUFFER_SET_VESA_MODE
+	help
+	  This option sets the resolution used for the coreboot framebuffer (and
+	  bootsplash screen).
+
+config FRAMEBUFFER_VESA_MODE_100
+	bool "640x400 256-color"
+
+config FRAMEBUFFER_VESA_MODE_101
+	bool "640x480 256-color"
+
+config FRAMEBUFFER_VESA_MODE_102
+	bool "800x600 16-color"
+
+config FRAMEBUFFER_VESA_MODE_103
+	bool "800x600 256-color"
+
+config FRAMEBUFFER_VESA_MODE_104
+	bool "1024x768 16-color"
+
+config FRAMEBUFFER_VESA_MODE_105
+	bool "1024x7686 256-color"
+
+config FRAMEBUFFER_VESA_MODE_106
+	bool "1280x1024 16-color"
+
+config FRAMEBUFFER_VESA_MODE_107
+	bool "1280x1024 256-color"
+
+config FRAMEBUFFER_VESA_MODE_108
+	bool "80x60 text"
+
+config FRAMEBUFFER_VESA_MODE_109
+	bool "132x25 text"
+
+config FRAMEBUFFER_VESA_MODE_10A
+	bool "132x43 text"
+
+config FRAMEBUFFER_VESA_MODE_10B
+	bool "132x50 text"
+
+config FRAMEBUFFER_VESA_MODE_10C
+	bool "132x60 text"
+
+config FRAMEBUFFER_VESA_MODE_10D
+	bool "320x200 32k-color (1:5:5:5)"
+
+config FRAMEBUFFER_VESA_MODE_10E
+	bool "320x200 64k-color (5:6:5)"
+
+config FRAMEBUFFER_VESA_MODE_10F
+	bool "320x200 16.8M-color (8:8:8)"
+
+config FRAMEBUFFER_VESA_MODE_110
+	bool "640x480 32k-color (1:5:5:5)"
+
+config FRAMEBUFFER_VESA_MODE_111
+	bool "640x480 64k-color (5:6:5)"
+
+config FRAMEBUFFER_VESA_MODE_112
+	bool "640x480 16.8M-color (8:8:8)"
+
+config FRAMEBUFFER_VESA_MODE_113
+	bool "800x600 32k-color (1:5:5:5)"
+
+config FRAMEBUFFER_VESA_MODE_114
+	bool "800x600 64k-color (5:6:5)"
+
+config FRAMEBUFFER_VESA_MODE_115
+	bool "800x600 16.8M-color (8:8:8)"
+
+config FRAMEBUFFER_VESA_MODE_116
+	bool "1024x768 32k-color (1:5:5:5)"
+
+config FRAMEBUFFER_VESA_MODE_117
+	bool "1024x768 64k-color (5:6:5)"
+
+config FRAMEBUFFER_VESA_MODE_118
+	bool "1024x768 16.8M-color (8:8:8)"
+
+config FRAMEBUFFER_VESA_MODE_119
+	bool "1280x1024 32k-color (1:5:5:5)"
+
+config FRAMEBUFFER_VESA_MODE_11A
+	bool "1280x1024 64k-color (5:6:5)"
+
+config FRAMEBUFFER_VESA_MODE_11B
+	bool "1280x1024 16.8M-color (8:8:8)"
+
+config FRAMEBUFFER_VESA_MODE_USER
+	bool "Manually select VESA mode"
+
+endchoice
+
+# Map the config names to an integer (KB).
+config FRAMEBUFFER_VESA_MODE
+	prompt "VESA mode" if FRAMEBUFFER_VESA_MODE_USER
+	hex
+	default 0x100 if FRAMEBUFFER_VESA_MODE_100
+	default 0x101 if FRAMEBUFFER_VESA_MODE_101
+	default 0x102 if FRAMEBUFFER_VESA_MODE_102
+	default 0x103 if FRAMEBUFFER_VESA_MODE_103
+	default 0x104 if FRAMEBUFFER_VESA_MODE_104
+	default 0x105 if FRAMEBUFFER_VESA_MODE_105
+	default 0x106 if FRAMEBUFFER_VESA_MODE_106
+	default 0x107 if FRAMEBUFFER_VESA_MODE_107
+	default 0x108 if FRAMEBUFFER_VESA_MODE_108
+	default 0x109 if FRAMEBUFFER_VESA_MODE_109
+	default 0x10A if FRAMEBUFFER_VESA_MODE_10A
+	default 0x10B if FRAMEBUFFER_VESA_MODE_10B
+	default 0x10C if FRAMEBUFFER_VESA_MODE_10C
+	default 0x10D if FRAMEBUFFER_VESA_MODE_10D
+	default 0x10E if FRAMEBUFFER_VESA_MODE_10E
+	default 0x10F if FRAMEBUFFER_VESA_MODE_10F
+	default 0x110 if FRAMEBUFFER_VESA_MODE_110
+	default 0x111 if FRAMEBUFFER_VESA_MODE_111
+	default 0x112 if FRAMEBUFFER_VESA_MODE_112
+	default 0x113 if FRAMEBUFFER_VESA_MODE_113
+	default 0x114 if FRAMEBUFFER_VESA_MODE_114
+	default 0x115 if FRAMEBUFFER_VESA_MODE_115
+	default 0x116 if FRAMEBUFFER_VESA_MODE_116
+	default 0x117 if FRAMEBUFFER_VESA_MODE_117
+	default 0x118 if FRAMEBUFFER_VESA_MODE_118
+	default 0x119 if FRAMEBUFFER_VESA_MODE_119
+	default 0x11A if FRAMEBUFFER_VESA_MODE_11A
+	default 0x11B if FRAMEBUFFER_VESA_MODE_11B
+	default 0x117 if FRAMEBUFFER_VESA_MODE_USER
+
+config FRAMEBUFFER_KEEP_VESA_MODE
+	prompt "Keep VESA framebuffer"
+	bool
+	depends on PCI_OPTION_ROM_RUN_YABEL || PCI_OPTION_ROM_RUN_REALMODE
+	help
+	  This option keeps the framebuffer mode set after coreboot finishes
+	  execution. If this option is enabled, coreboot will pass a
+	  framebuffer entry in its coreboot table and the payload will need a
+	  framebuffer driver. If this option is disabled, coreboot will switch
+	  back to text mode before handing control to a payload.
+
+config BOOTSPLASH
+	prompt "Show graphical bootsplash"
+	bool
+	depends on FRAMEBUFFER_SET_VESA_MODE
+	help
+	  This option shows a graphical bootsplash screen. The grapics are
+	  loaded from the CBFS file bootsplash.jpg.
+
+config BOOTSPLASH_FILE
+	string "Bootsplash path and filename"
+	depends on BOOTSPLASH
+	default "bootsplash.jpg"
+	help
+	  The path and filename of the file to use as graphical bootsplash
+	  screen. The file format has to be jpg.
+endmenu
diff --git a/src/device/Makefile.inc b/src/device/Makefile.inc
new file mode 100644
index 0000000..9fe156b
--- /dev/null
+++ b/src/device/Makefile.inc
@@ -0,0 +1,24 @@
+ramstage-y += device.c
+ramstage-y += root_device.c
+ramstage-y += cpu_device.c
+ramstage-y += device_util.c
+ramstage-$(CONFIG_PCI) += pci_device.c
+ramstage-$(CONFIG_HYPERTRANSPORT_PLUGIN_SUPPORT) += hypertransport.c
+ramstage-$(CONFIG_PCIX_PLUGIN_SUPPORT) += pcix_device.c
+ramstage-$(CONFIG_PCIEXP_PLUGIN_SUPPORT) += pciexp_device.c
+ramstage-$(CONFIG_AGP_PLUGIN_SUPPORT) += agp_device.c
+ramstage-$(CONFIG_CARDBUS_PLUGIN_SUPPORT) += cardbus_device.c
+ramstage-$(CONFIG_ARCH_X86) += pnp_device.c
+ramstage-$(CONFIG_PCI) += pci_ops.c
+ramstage-y += smbus_ops.c
+
+romstage-y+= device_romstage.c
+
+subdirs-y += oprom
+
+ifeq ($(CONFIG_PCI_ROM_RUN),y)
+ramstage-y += pci_rom.c
+else
+ramstage-$(CONFIG_VGA_ROM_RUN) += pci_rom.c
+endif
+
diff --git a/src/device/agp_device.c b/src/device/agp_device.c
new file mode 100644
index 0000000..7e510f8
--- /dev/null
+++ b/src/device/agp_device.c
@@ -0,0 +1,75 @@
+/*
+ * This file is part of the coreboot project.
+ *
+ * Copyright (C) 2005 Linux Networx
+ * (Written by Eric Biederman <ebiederman at lnxi.com> for Linux Networx)
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; version 2 of the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
+ */
+
+#include <console/console.h>
+#include <device/device.h>
+#include <device/pci.h>
+#include <device/pci_ids.h>
+#include <device/agp.h>
+
+static void agp_tune_dev(device_t dev)
+{
+	unsigned int cap;
+
+	cap = pci_find_capability(dev, PCI_CAP_ID_AGP);
+	if (!cap)
+		return;
+
+	/* The OS is responsible for AGP tuning so do nothing here. */
+}
+
+unsigned int agp_scan_bus(struct bus *bus, unsigned int min_devfn,
+			  unsigned int max_devfn, unsigned int max)
+{
+	device_t child;
+
+	max = pci_scan_bus(bus, min_devfn, max_devfn, max);
+
+	for (child = bus->children; child; child = child->sibling) {
+		if ((child->path.pci.devfn < min_devfn) ||
+		    (child->path.pci.devfn > max_devfn)) {
+			continue;
+		}
+		agp_tune_dev(child);
+	}
+
+	return max;
+}
+
+unsigned int agp_scan_bridge(device_t dev, unsigned int max)
+{
+	return do_pci_scan_bridge(dev, max, agp_scan_bus);
+}
+
+/** Default device operations for AGP bridges. */
+static struct pci_operations agp_bus_ops_pci = {
+	.set_subsystem = 0,
+};
+
+struct device_operations default_agp_ops_bus = {
+	.read_resources   = pci_bus_read_resources,
+	.set_resources    = pci_dev_set_resources,
+	.enable_resources = pci_bus_enable_resources,
+	.init             = 0,
+	.scan_bus         = agp_scan_bridge,
+	.enable           = 0,
+	.reset_bus        = pci_bus_reset,
+	.ops_pci          = &agp_bus_ops_pci,
+};
diff --git a/src/device/cardbus_device.c b/src/device/cardbus_device.c
new file mode 100644
index 0000000..0b07e34
--- /dev/null
+++ b/src/device/cardbus_device.c
@@ -0,0 +1,184 @@
+/*
+ * This file is part of the coreboot project.
+ *
+ * Copyright (C) 2005 Linux Networx
+ * (Written by Eric Biederman <ebiederman at lnxi.com> for Linux Networx)
+ * Copyright (C) 2005 Ronald G. Minnich <rminnich at gmail.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; version 2 of the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
+ */
+
+#include <console/console.h>
+#include <device/device.h>
+#include <device/pci.h>
+#include <device/pci_ids.h>
+#include <device/cardbus.h>
+
+/*
+ * I don't think this code is quite correct but it is close.
+ * Anyone with a cardbus bridge and a little time should be able
+ * to make it usable quickly. -- Eric Biederman 24 March 2005
+ */
+
+/*
+ * IO should be max 256 bytes. However, since we may have a P2P bridge below
+ * a cardbus bridge, we need 4K.
+ */
+#define CARDBUS_IO_SIZE		4096
+#define CARDBUS_MEM_SIZE	(32 * 1024 * 1024)
+
+static void cardbus_record_bridge_resource(device_t dev, resource_t moving,
+		resource_t min_size, unsigned int index, unsigned long type)
+{
+	struct resource *resource;
+	unsigned long gran;
+	resource_t step;
+
+	/* Initialize the constraints on the current bus. */
+	resource = NULL;
+	if (!moving)
+		return;
+
+	resource = new_resource(dev, index);
+	resource->size = 0;
+	gran = 0;
+	step = 1;
+	while ((moving & step) == 0) {
+		gran += 1;
+		step <<= 1;
+	}
+	resource->gran = gran;
+	resource->align = gran;
+	resource->limit = moving | (step - 1);
+	resource->flags = type;
+
+	/* Don't let the minimum size exceed what we can put in the resource. */
+	if ((min_size - 1) > resource->limit)
+		min_size = resource->limit + 1;
+
+	resource->size = min_size;
+}
+
+static void cardbus_size_bridge_resource(device_t dev, unsigned int index)
+{
+	struct resource *resource;
+	resource_t min_size;
+
+	resource = find_resource(dev, index);
+	if (resource) {
+		min_size = resource->size;
+		/*
+		 * Always allocate at least the miniumum size to a
+		 * cardbus bridge in case a new card is plugged in.
+		 */
+		if (resource->size < min_size)
+			resource->size = min_size;
+	}
+}
+
+void cardbus_read_resources(device_t dev)
+{
+	resource_t moving_base, moving_limit, moving;
+	unsigned long type;
+	u16 ctl;
+
+	/* See if needs a card control registers base address. */
+
+	pci_get_resource(dev, PCI_BASE_ADDRESS_0);
+
+	compact_resources(dev);
+
+	/* See which bridge I/O resources are implemented. */
+	moving_base = pci_moving_config32(dev, PCI_CB_IO_BASE_0);
+	moving_limit = pci_moving_config32(dev, PCI_CB_IO_LIMIT_0);
+	moving = moving_base & moving_limit;
+
+	/* Initialize the I/O space constraints on the current bus. */
+	cardbus_record_bridge_resource(dev, moving, CARDBUS_IO_SIZE,
+				       PCI_CB_IO_BASE_0, IORESOURCE_IO);
+	cardbus_size_bridge_resource(dev, PCI_CB_IO_BASE_0);
+
+	/* See which bridge I/O resources are implemented. */
+	moving_base = pci_moving_config32(dev, PCI_CB_IO_BASE_1);
+	moving_limit = pci_moving_config32(dev, PCI_CB_IO_LIMIT_1);
+	moving = moving_base & moving_limit;
+
+	/* Initialize the I/O space constraints on the current bus. */
+	cardbus_record_bridge_resource(dev, moving, CARDBUS_IO_SIZE,
+				       PCI_CB_IO_BASE_1, IORESOURCE_IO);
+
+	/* If I can, enable prefetch for mem0. */
+	ctl = pci_read_config16(dev, PCI_CB_BRIDGE_CONTROL);
+	ctl &= ~PCI_CB_BRIDGE_CTL_PREFETCH_MEM0;
+	ctl &= ~PCI_CB_BRIDGE_CTL_PREFETCH_MEM1;
+	ctl |= PCI_CB_BRIDGE_CTL_PREFETCH_MEM0;
+	pci_write_config16(dev, PCI_CB_BRIDGE_CONTROL, ctl);
+	ctl = pci_read_config16(dev, PCI_CB_BRIDGE_CONTROL);
+
+	/* See which bridge memory resources are implemented. */
+	moving_base = pci_moving_config32(dev, PCI_CB_MEMORY_BASE_0);
+	moving_limit = pci_moving_config32(dev, PCI_CB_MEMORY_LIMIT_0);
+	moving = moving_base & moving_limit;
+
+	/* Initialize the memory space constraints on the current bus. */
+	type = IORESOURCE_MEM;
+	if (ctl & PCI_CB_BRIDGE_CTL_PREFETCH_MEM0)
+		type |= IORESOURCE_PREFETCH;
+	cardbus_record_bridge_resource(dev, moving, CARDBUS_MEM_SIZE,
+				       PCI_CB_MEMORY_BASE_0, type);
+	if (type & IORESOURCE_PREFETCH)
+		cardbus_size_bridge_resource(dev, PCI_CB_MEMORY_BASE_0);
+
+	/* See which bridge memory resources are implemented. */
+	moving_base = pci_moving_config32(dev, PCI_CB_MEMORY_BASE_1);
+	moving_limit = pci_moving_config32(dev, PCI_CB_MEMORY_LIMIT_1);
+	moving = moving_base & moving_limit;
+
+	/* Initialize the memory space constraints on the current bus. */
+	cardbus_record_bridge_resource(dev, moving, CARDBUS_MEM_SIZE,
+				       PCI_CB_MEMORY_BASE_1, IORESOURCE_MEM);
+	cardbus_size_bridge_resource(dev, PCI_CB_MEMORY_BASE_1);
+
+	compact_resources(dev);
+}
+
+void cardbus_enable_resources(device_t dev)
+{
+	u16 ctrl;
+
+	ctrl = pci_read_config16(dev, PCI_CB_BRIDGE_CONTROL);
+	ctrl |= (dev->link_list->bridge_ctrl & (
+			PCI_BRIDGE_CTL_PARITY |
+			PCI_BRIDGE_CTL_SERR |
+			PCI_BRIDGE_CTL_NO_ISA |
+			PCI_BRIDGE_CTL_VGA |
+			PCI_BRIDGE_CTL_MASTER_ABORT |
+			PCI_BRIDGE_CTL_BUS_RESET));
+	/* Error check */
+	ctrl |= (PCI_CB_BRIDGE_CTL_PARITY + PCI_CB_BRIDGE_CTL_SERR);
+	printk(BIOS_DEBUG, "%s bridge ctrl <- %04x\n", dev_path(dev), ctrl);
+	pci_write_config16(dev, PCI_BRIDGE_CONTROL, ctrl);
+
+	pci_dev_enable_resources(dev);
+}
+
+struct device_operations default_cardbus_ops_bus = {
+	.read_resources   = cardbus_read_resources,
+	.set_resources    = pci_dev_set_resources,
+	.enable_resources = cardbus_enable_resources,
+	.init             = 0,
+	.scan_bus         = pci_scan_bridge,
+	.enable           = 0,
+	.reset_bus        = pci_bus_reset,
+};
diff --git a/src/device/cpu_device.c b/src/device/cpu_device.c
new file mode 100644
index 0000000..b689f1a
--- /dev/null
+++ b/src/device/cpu_device.c
@@ -0,0 +1,71 @@
+/*
+ * This file is part of the coreboot project.
+ *
+ * Copyright (C) 2011 Advanced Micro Devices, Inc.
+ * Copyright (C) 2012 Kyösti Mälkki <kyosti.malkki at gmail.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; version 2 of the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
+ */
+
+#include <device/device.h>
+#include <console/console.h>
+#include <cpu/x86/lapic.h>
+
+void remap_bsp_lapic(struct bus *cpu_bus)
+{
+	struct device_path cpu_path;
+	device_t cpu;
+	u32 bsp_lapic_id = lapicid();
+
+	if (bsp_lapic_id) {
+		cpu_path.type = DEVICE_PATH_APIC;
+		cpu_path.apic.apic_id = 0;
+		cpu = find_dev_path(cpu_bus, &cpu_path);
+		if (cpu)
+			cpu->path.apic.apic_id = bsp_lapic_id;
+	}
+}
+
+device_t add_cpu_device(struct bus *cpu_bus, unsigned apic_id, int enabled)
+{
+	struct device_path cpu_path;
+	device_t cpu;
+
+	/* Build the cpu device path */
+	cpu_path.type = DEVICE_PATH_APIC;
+	cpu_path.apic.apic_id = apic_id;
+
+	/* Update CPU in devicetree. */
+	if (enabled)
+		cpu = alloc_find_dev(cpu_bus, &cpu_path);
+	else
+		cpu = find_dev_path(cpu_bus, &cpu_path);
+	if (!cpu)
+		return NULL;
+
+	cpu->enabled = enabled;
+	printk(BIOS_DEBUG, "CPU: %s %s\n",
+		dev_path(cpu), cpu->enabled?"enabled":"disabled");
+
+	return cpu;
+}
+
+void set_cpu_topology(device_t cpu, unsigned node, unsigned package, unsigned core, unsigned thread)
+{
+	cpu->path.apic.node_id = node;
+	cpu->path.apic.package_id = package;
+	cpu->path.apic.core_id = core;
+	cpu->path.apic.thread_id = thread;
+}
+
diff --git a/src/device/device.c b/src/device/device.c
new file mode 100644
index 0000000..07bbc7a
--- /dev/null
+++ b/src/device/device.c
@@ -0,0 +1,1157 @@
+/*
+ * This file is part of the coreboot project.
+ *
+ * It was originally based on the Linux kernel (arch/i386/kernel/pci-pc.c).
+ *
+ * Modifications are:
+ * Copyright (C) 2003 Eric Biederman <ebiederm at xmission.com>
+ * Copyright (C) 2003-2004 Linux Networx
+ * (Written by Eric Biederman <ebiederman at lnxi.com> for Linux Networx)
+ * Copyright (C) 2003 Ronald G. Minnich <rminnich at gmail.com>
+ * Copyright (C) 2004-2005 Li-Ta Lo <ollie at lanl.gov>
+ * Copyright (C) 2005-2006 Tyan
+ * (Written by Yinghai Lu <yhlu at tyan.com> for Tyan)
+ * Copyright (C) 2005-2006 Stefan Reinauer <stepan at openbios.org>
+ * Copyright (C) 2009 Myles Watson <mylesgw at gmail.com>
+ */
+
+/*
+ *      (c) 1999--2000 Martin Mares <mj at suse.cz>
+ */
+
+/*
+ * Lots of mods by Ron Minnich <rminnich at lanl.gov>, with
+ * the final architecture guidance from Tom Merritt <tjm at codegen.com>.
+ *
+ * In particular, we changed from the one-pass original version to
+ * Tom's recommended multiple-pass version. I wasn't sure about doing
+ * it with multiple passes, until I actually started doing it and saw
+ * the wisdom of Tom's recommendations...
+ *
+ * Lots of cleanups by Eric Biederman to handle bridges, and to
+ * handle resource allocation for non-PCI devices.
+ */
+
+#include <console/console.h>
+#include <arch/io.h>
+#include <device/device.h>
+#include <device/pci.h>
+#include <device/pci_ids.h>
+#include <stdlib.h>
+#include <string.h>
+#include <smp/spinlock.h>
+#if CONFIG_ARCH_X86
+#include <arch/ebda.h>
+#endif
+
+/** Linked list of ALL devices */
+struct device *all_devices = &dev_root;
+/** Pointer to the last device */
+extern struct device *last_dev;
+/** Linked list of free resources */
+struct resource *free_resources = NULL;
+
+/**
+ * Initialize all chips of statically known devices.
+ *
+ * Will be called before bus enumeration to initialize chips stated in the
+ * device tree.
+ */
+void dev_initialize_chips(void)
+{
+	struct device *dev;
+
+	for (dev = all_devices; dev; dev = dev->next) {
+		/* Initialize chip if we haven't yet. */
+		if (dev->chip_ops && dev->chip_ops->init &&
+				!dev->chip_ops->initialized) {
+			dev->chip_ops->init(dev->chip_info);
+			dev->chip_ops->initialized = 1;
+		}
+	}
+}
+
+DECLARE_SPIN_LOCK(dev_lock)
+
+#if CONFIG_GFXUMA
+/* IGD UMA memory */
+uint64_t uma_memory_base = 0;
+uint64_t uma_memory_size = 0;
+#endif
+
+/**
+ * Allocate a new device structure.
+ *
+ * Allocte a new device structure and attach it to the device tree as a
+ * child of the parent bus.
+ *
+ * @param parent Parent bus the newly created device should be attached to.
+ * @param path Path to the device to be created.
+ * @return Pointer to the newly created device structure.
+ *
+ * @see device_path
+ */
+static device_t __alloc_dev(struct bus *parent, struct device_path *path)
+{
+	device_t dev, child;
+
+	/* Find the last child of our parent. */
+	for (child = parent->children; child && child->sibling; /* */ )
+		child = child->sibling;
+
+	dev = malloc(sizeof(*dev));
+	if (dev == 0)
+		die("alloc_dev(): out of memory.\n");
+
+	memset(dev, 0, sizeof(*dev));
+	memcpy(&dev->path, path, sizeof(*path));
+
+	/* By default devices are enabled. */
+	dev->enabled = 1;
+
+	/* Add the new device to the list of children of the bus. */
+	dev->bus = parent;
+	if (child)
+		child->sibling = dev;
+	else
+		parent->children = dev;
+
+	/* Append a new device to the global device list.
+	 * The list is used to find devices once everything is set up.
+	 */
+	last_dev->next = dev;
+	last_dev = dev;
+
+	return dev;
+}
+
+device_t alloc_dev(struct bus *parent, struct device_path *path)
+{
+	device_t dev;
+	spin_lock(&dev_lock);
+	dev = __alloc_dev(parent, path);
+	spin_unlock(&dev_lock);
+	return dev;
+}
+
+/**
+ * See if a device structure already exists and if not allocate it.
+ *
+ * @param parent The bus to find the device on.
+ * @param path The relative path from the bus to the appropriate device.
+ * @return Pointer to a device structure for the device on bus at path.
+ */
+device_t alloc_find_dev(struct bus *parent, struct device_path *path)
+{
+	device_t child;
+	spin_lock(&dev_lock);
+	child = find_dev_path(parent, path);
+	if (!child)
+		child = __alloc_dev(parent, path);
+	spin_unlock(&dev_lock);
+	return child;
+}
+
+/**
+ * Round a number up to an alignment.
+ *
+ * @param val The starting value.
+ * @param roundup Alignment as a power of two.
+ * @return Rounded up number.
+ */
+static resource_t round(resource_t val, unsigned long pow)
+{
+	resource_t mask;
+	mask = (1ULL << pow) - 1ULL;
+	val += mask;
+	val &= ~mask;
+	return val;
+}
+
+/**
+ * Read the resources on all devices of a given bus.
+ *
+ * @param bus Bus to read the resources on.
+ */
+static void read_resources(struct bus *bus)
+{
+	struct device *curdev;
+
+	printk(BIOS_SPEW, "%s %s bus %x link: %d\n", dev_path(bus->dev),
+	       __func__, bus->secondary, bus->link_num);
+
+	/* Walk through all devices and find which resources they need. */
+	for (curdev = bus->children; curdev; curdev = curdev->sibling) {
+		struct bus *link;
+
+		if (!curdev->enabled)
+			continue;
+
+		if (!curdev->ops || !curdev->ops->read_resources) {
+			printk(BIOS_ERR, "%s missing read_resources\n",
+			       dev_path(curdev));
+			continue;
+		}
+		curdev->ops->read_resources(curdev);
+
+		/* Read in the resources behind the current device's links. */
+		for (link = curdev->link_list; link; link = link->next)
+			read_resources(link);
+	}
+	printk(BIOS_SPEW, "%s read_resources bus %d link: %d done\n",
+	       dev_path(bus->dev), bus->secondary, bus->link_num);
+}
+
+struct pick_largest_state {
+	struct resource *last;
+	struct device *result_dev;
+	struct resource *result;
+	int seen_last;
+};
+
+static void pick_largest_resource(void *gp, struct device *dev,
+				  struct resource *resource)
+{
+	struct pick_largest_state *state = gp;
+	struct resource *last;
+
+	last = state->last;
+
+	/* Be certain to pick the successor to last. */
+	if (resource == last) {
+		state->seen_last = 1;
+		return;
+	}
+	if (resource->flags & IORESOURCE_FIXED)
+		return;	/* Skip it. */
+	if (last && ((last->align < resource->align) ||
+		     ((last->align == resource->align) &&
+		      (last->size < resource->size)) ||
+		     ((last->align == resource->align) &&
+		      (last->size == resource->size) && (!state->seen_last)))) {
+		return;
+	}
+	if (!state->result ||
+	    (state->result->align < resource->align) ||
+	    ((state->result->align == resource->align) &&
+	     (state->result->size < resource->size))) {
+		state->result_dev = dev;
+		state->result = resource;
+	}
+}
+
+static struct device *largest_resource(struct bus *bus,
+				       struct resource **result_res,
+				       unsigned long type_mask,
+				       unsigned long type)
+{
+	struct pick_largest_state state;
+
+	state.last = *result_res;
+	state.result_dev = NULL;
+	state.result = NULL;
+	state.seen_last = 0;
+
+	search_bus_resources(bus, type_mask, type, pick_largest_resource,
+			     &state);
+
+	*result_res = state.result;
+	return state.result_dev;
+}
+
+/**
+ * This function is the guts of the resource allocator.
+ *
+ * The problem.
+ *  - Allocate resource locations for every device.
+ *  - Don't overlap, and follow the rules of bridges.
+ *  - Don't overlap with resources in fixed locations.
+ *  - Be efficient so we don't have ugly strategies.
+ *
+ * The strategy.
+ * - Devices that have fixed addresses are the minority so don't
+ *   worry about them too much. Instead only use part of the address
+ *   space for devices with programmable addresses. This easily handles
+ *   everything except bridges.
+ *
+ * - PCI devices are required to have their sizes and their alignments
+ *   equal. In this case an optimal solution to the packing problem
+ *   exists. Allocate all devices from highest alignment to least
+ *   alignment or vice versa. Use this.
+ *
+ * - So we can handle more than PCI run two allocation passes on bridges. The
+ *   first to see how large the resources are behind the bridge, and what
+ *   their alignment requirements are. The second to assign a safe address to
+ *   the devices behind the bridge. This allows us to treat a bridge as just
+ *   a device with a couple of resources, and not need to special case it in
+ *   the allocator. Also this allows handling of other types of bridges.
+ *
+ * @param bus The bus we are traversing.
+ * @param bridge The bridge resource which must contain the bus' resources.
+ * @param type_mask This value gets ANDed with the resource type.
+ * @param type This value must match the result of the AND.
+ * @return TODO
+ */
+static void compute_resources(struct bus *bus, struct resource *bridge,
+			      unsigned long type_mask, unsigned long type)
+{
+	struct device *dev;
+	struct resource *resource;
+	resource_t base;
+	base = round(bridge->base, bridge->align);
+
+	printk(BIOS_SPEW,  "%s %s_%s: base: %llx size: %llx align: %d gran: %d"
+	       " limit: %llx\n", dev_path(bus->dev), __func__,
+	       (type & IORESOURCE_IO) ? "io" : (type & IORESOURCE_PREFETCH) ?
+	       "prefmem" : "mem", base, bridge->size, bridge->align,
+	       bridge->gran, bridge->limit);
+
+	/* For each child which is a bridge, compute the resource needs. */
+	for (dev = bus->children; dev; dev = dev->sibling) {
+		struct resource *child_bridge;
+
+		if (!dev->link_list)
+			continue;
+
+		/* Find the resources with matching type flags. */
+		for (child_bridge = dev->resource_list; child_bridge;
+		     child_bridge = child_bridge->next) {
+			struct bus* link;
+
+			if (!(child_bridge->flags & IORESOURCE_BRIDGE)
+			    || (child_bridge->flags & type_mask) != type)
+				continue;
+
+			/*
+			 * Split prefetchable memory if combined. Many domains
+			 * use the same address space for prefetchable memory
+			 * and non-prefetchable memory. Bridges below them need
+			 * it separated. Add the PREFETCH flag to the type_mask
+			 * and type.
+			 */
+			link = dev->link_list;
+			while (link && link->link_num !=
+					IOINDEX_LINK(child_bridge->index))
+				link = link->next;
+
+			if (link == NULL) {
+				printk(BIOS_ERR, "link %ld not found on %s\n",
+				       IOINDEX_LINK(child_bridge->index),
+				       dev_path(dev));
+			}
+
+			compute_resources(link, child_bridge,
+					  type_mask | IORESOURCE_PREFETCH,
+					  type | (child_bridge->flags &
+						  IORESOURCE_PREFETCH));
+		}
+	}
+
+	/* Remember we haven't found anything yet. */
+	resource = NULL;
+
+	/*
+	 * Walk through all the resources on the current bus and compute the
+	 * amount of address space taken by them. Take granularity and
+	 * alignment into account.
+	 */
+	while ((dev = largest_resource(bus, &resource, type_mask, type))) {
+
+		/* Size 0 resources can be skipped. */
+		if (!resource->size)
+			continue;
+
+		/* Propagate the resource alignment to the bridge resource. */
+		if (resource->align > bridge->align)
+			bridge->align = resource->align;
+
+		/* Propagate the resource limit to the bridge register. */
+		if (bridge->limit > resource->limit)
+			bridge->limit = resource->limit;
+
+		/* Warn if it looks like APICs aren't declared. */
+		if ((resource->limit == 0xffffffff) &&
+		    (resource->flags & IORESOURCE_ASSIGNED)) {
+			printk(BIOS_ERR,
+			       "Resource limit looks wrong! (no APIC?)\n");
+			printk(BIOS_ERR, "%s %02lx limit %08llx\n",
+			       dev_path(dev), resource->index, resource->limit);
+		}
+
+		if (resource->flags & IORESOURCE_IO) {
+			/*
+			 * Don't allow potential aliases over the legacy PCI
+			 * expansion card addresses. The legacy PCI decodes
+			 * only 10 bits, uses 0x100 - 0x3ff. Therefore, only
+			 * 0x00 - 0xff can be used out of each 0x400 block of
+			 * I/O space.
+			 */
+			if ((base & 0x300) != 0) {
+				base = (base & ~0x3ff) + 0x400;
+			}
+			/*
+			 * Don't allow allocations in the VGA I/O range.
+			 * PCI has special cases for that.
+			 */
+			else if ((base >= 0x3b0) && (base <= 0x3df)) {
+				base = 0x3e0;
+			}
+		}
+		/* Base must be aligned. */
+		base = round(base, resource->align);
+		resource->base = base;
+		base += resource->size;
+
+		printk(BIOS_SPEW, "%s %02lx *  [0x%llx - 0x%llx] %s\n",
+		       dev_path(dev), resource->index, resource->base,
+		       resource->base + resource->size - 1,
+		       (resource->flags & IORESOURCE_IO) ? "io" :
+		       (resource->flags & IORESOURCE_PREFETCH) ?
+		        "prefmem" : "mem");
+	}
+
+	/*
+	 * A PCI bridge resource does not need to be a power of two size, but
+	 * it does have a minimum granularity. Round the size up to that
+	 * minimum granularity so we know not to place something else at an
+	 * address postitively decoded by the bridge.
+	 */
+	bridge->size = round(base, bridge->gran) -
+		       round(bridge->base, bridge->align);
+
+	printk(BIOS_SPEW, "%s %s_%s: base: %llx size: %llx align: %d gran: %d"
+	       " limit: %llx done\n", dev_path(bus->dev), __func__,
+	       (bridge->flags & IORESOURCE_IO) ? "io" :
+	       (bridge->flags & IORESOURCE_PREFETCH) ? "prefmem" : "mem",
+	       base, bridge->size, bridge->align, bridge->gran, bridge->limit);
+}
+
+/**
+ * This function is the second part of the resource allocator.
+ *
+ * See the compute_resources function for a more detailed explanation.
+ *
+ * This function assigns the resources a value.
+ *
+ * @param bus The bus we are traversing.
+ * @param bridge The bridge resource which must contain the bus' resources.
+ * @param type_mask This value gets ANDed with the resource type.
+ * @param type This value must match the result of the AND.
+ *
+ * @see compute_resources
+ */
+static void allocate_resources(struct bus *bus, struct resource *bridge,
+			       unsigned long type_mask, unsigned long type)
+{
+	struct device *dev;
+	struct resource *resource;
+	resource_t base;
+	base = bridge->base;
+
+	printk(BIOS_SPEW, "%s %s_%s: base:%llx size:%llx align:%d gran:%d "
+	       "limit:%llx\n", dev_path(bus->dev), __func__,
+	       (type & IORESOURCE_IO) ? "io" : (type & IORESOURCE_PREFETCH) ?
+	       "prefmem" : "mem",
+	       base, bridge->size, bridge->align, bridge->gran, bridge->limit);
+
+	/* Remember we haven't found anything yet. */
+	resource = NULL;
+
+	/*
+	 * Walk through all the resources on the current bus and allocate them
+	 * address space.
+	 */
+	while ((dev = largest_resource(bus, &resource, type_mask, type))) {
+
+		/* Propagate the bridge limit to the resource register. */
+		if (resource->limit > bridge->limit)
+			resource->limit = bridge->limit;
+
+		/* Size 0 resources can be skipped. */
+		if (!resource->size) {
+			/* Set the base to limit so it doesn't confuse tolm. */
+			resource->base = resource->limit;
+			resource->flags |= IORESOURCE_ASSIGNED;
+			continue;
+		}
+
+		if (resource->flags & IORESOURCE_IO) {
+			/*
+			 * Don't allow potential aliases over the legacy PCI
+			 * expansion card addresses. The legacy PCI decodes
+			 * only 10 bits, uses 0x100 - 0x3ff. Therefore, only
+			 * 0x00 - 0xff can be used out of each 0x400 block of
+			 * I/O space.
+			 */
+			if ((base & 0x300) != 0) {
+				base = (base & ~0x3ff) + 0x400;
+			}
+			/*
+			 * Don't allow allocations in the VGA I/O range.
+			 * PCI has special cases for that.
+			 */
+			else if ((base >= 0x3b0) && (base <= 0x3df)) {
+				base = 0x3e0;
+			}
+		}
+
+		if ((round(base, resource->align) + resource->size - 1) <=
+		    resource->limit) {
+			/* Base must be aligned. */
+			base = round(base, resource->align);
+			resource->base = base;
+			resource->flags |= IORESOURCE_ASSIGNED;
+			resource->flags &= ~IORESOURCE_STORED;
+			base += resource->size;
+		} else {
+			printk(BIOS_ERR, "!! Resource didn't fit !!\n");
+			printk(BIOS_ERR, "   aligned base %llx size %llx "
+			       "limit %llx\n", round(base, resource->align),
+			       resource->size, resource->limit);
+			printk(BIOS_ERR, "   %llx needs to be <= %llx "
+			       "(limit)\n", (round(base, resource->align) +
+				resource->size) - 1, resource->limit);
+			printk(BIOS_ERR, "   %s%s %02lx *  [0x%llx - 0x%llx]"
+			       " %s\n", (resource->flags & IORESOURCE_ASSIGNED)
+			       ? "Assigned: " : "", dev_path(dev),
+			       resource->index, resource->base,
+			       resource->base + resource->size - 1,
+			       (resource->flags & IORESOURCE_IO) ? "io"
+			       : (resource->flags & IORESOURCE_PREFETCH)
+			       ? "prefmem" : "mem");
+		}
+
+		printk(BIOS_SPEW, "%s%s %02lx *  [0x%llx - 0x%llx] %s\n",
+		       (resource->flags & IORESOURCE_ASSIGNED) ? "Assigned: "
+		       : "", dev_path(dev), resource->index, resource->base,
+		       resource->size ? resource->base + resource->size - 1 :
+		       resource->base, (resource->flags & IORESOURCE_IO)
+		       ? "io" : (resource->flags & IORESOURCE_PREFETCH)
+		       ? "prefmem" : "mem");
+	}
+
+	/*
+	 * A PCI bridge resource does not need to be a power of two size, but
+	 * it does have a minimum granularity. Round the size up to that
+	 * minimum granularity so we know not to place something else at an
+	 * address positively decoded by the bridge.
+	 */
+
+	bridge->flags |= IORESOURCE_ASSIGNED;
+
+	printk(BIOS_SPEW, "%s %s_%s: next_base: %llx size: %llx align: %d "
+	       "gran: %d done\n", dev_path(bus->dev), __func__,
+	       (type & IORESOURCE_IO) ? "io" : (type & IORESOURCE_PREFETCH) ?
+	       "prefmem" : "mem", base, bridge->size, bridge->align,
+	       bridge->gran);
+
+	/* For each child which is a bridge, allocate_resources. */
+	for (dev = bus->children; dev; dev = dev->sibling) {
+		struct resource *child_bridge;
+
+		if (!dev->link_list)
+			continue;
+
+		/* Find the resources with matching type flags. */
+		for (child_bridge = dev->resource_list; child_bridge;
+		     child_bridge = child_bridge->next) {
+			struct bus* link;
+
+			if (!(child_bridge->flags & IORESOURCE_BRIDGE) ||
+			    (child_bridge->flags & type_mask) != type)
+				continue;
+
+			/*
+			 * Split prefetchable memory if combined. Many domains
+			 * use the same address space for prefetchable memory
+			 * and non-prefetchable memory. Bridges below them need
+			 * it separated. Add the PREFETCH flag to the type_mask
+			 * and type.
+			 */
+			link = dev->link_list;
+			while (link && link->link_num !=
+			               IOINDEX_LINK(child_bridge->index))
+				link = link->next;
+			if (link == NULL)
+				printk(BIOS_ERR, "link %ld not found on %s\n",
+				       IOINDEX_LINK(child_bridge->index),
+				       dev_path(dev));
+
+			allocate_resources(link, child_bridge,
+					   type_mask | IORESOURCE_PREFETCH,
+					   type | (child_bridge->flags &
+						   IORESOURCE_PREFETCH));
+		}
+	}
+}
+
+#if CONFIG_PCI_64BIT_PREF_MEM
+#define MEM_MASK (IORESOURCE_PREFETCH | IORESOURCE_MEM)
+#else
+#define MEM_MASK (IORESOURCE_MEM)
+#endif
+
+#define IO_MASK   (IORESOURCE_IO)
+#define PREF_TYPE (IORESOURCE_PREFETCH | IORESOURCE_MEM)
+#define MEM_TYPE  (IORESOURCE_MEM)
+#define IO_TYPE   (IORESOURCE_IO)
+
+struct constraints {
+	struct resource pref, io, mem;
+};
+
+static void constrain_resources(struct device *dev, struct constraints* limits)
+{
+	struct device *child;
+	struct resource *res;
+	struct resource *lim;
+	struct bus *link;
+
+	printk(BIOS_SPEW, "%s: %s\n", __func__, dev_path(dev));
+
+	/* Constrain limits based on the fixed resources of this device. */
+	for (res = dev->resource_list; res; res = res->next) {
+		if (!(res->flags & IORESOURCE_FIXED))
+			continue;
+		if (!res->size) {
+			/* It makes no sense to have 0-sized, fixed resources.*/
+			printk(BIOS_ERR, "skipping %s@%lx fixed resource, "
+			       "size=0!\n", dev_path(dev), res->index);
+			continue;
+		}
+
+		/* PREFETCH, MEM, or I/O - skip any others. */
+		if ((res->flags & MEM_MASK) == PREF_TYPE)
+			lim = &limits->pref;
+		else if ((res->flags & MEM_MASK) == MEM_TYPE)
+			lim = &limits->mem;
+		else if ((res->flags & IO_MASK) == IO_TYPE)
+			lim = &limits->io;
+		else
+			continue;
+
+		/*
+		 * Is it a fixed resource outside the current known region?
+		 * If so, we don't have to consider it - it will be handled
+		 * correctly and doesn't affect current region's limits.
+		 */
+		if (((res->base + res->size -1) < lim->base)
+		    || (res->base > lim->limit))
+			continue;
+
+		/*
+		 * Choose to be above or below fixed resources. This check is
+		 * signed so that "negative" amounts of space are handled
+		 * correctly.
+		 */
+		if ((signed long long)(lim->limit - (res->base + res->size -1))
+		    > (signed long long)(res->base - lim->base))
+			lim->base = res->base + res->size;
+		else
+			lim->limit = res->base -1;
+	}
+
+	/* Descend into every enabled child and look for fixed resources. */
+	for (link = dev->link_list; link; link = link->next) {
+		for (child = link->children; child; child = child->sibling) {
+			if (child->enabled)
+				constrain_resources(child, limits);
+		}
+	}
+}
+
+static void avoid_fixed_resources(struct device *dev)
+{
+	struct constraints limits;
+	struct resource *res;
+
+	printk(BIOS_SPEW, "%s: %s\n", __func__, dev_path(dev));
+
+	/* Initialize constraints to maximum size. */
+	limits.pref.base = 0;
+	limits.pref.limit = 0xffffffffffffffffULL;
+	limits.io.base = 0;
+	limits.io.limit = 0xffffffffffffffffULL;
+	limits.mem.base = 0;
+	limits.mem.limit = 0xffffffffffffffffULL;
+
+	/* Constrain the limits to dev's initial resources. */
+	for (res = dev->resource_list; res; res = res->next) {
+		if ((res->flags & IORESOURCE_FIXED))
+			continue;
+		printk(BIOS_SPEW, "%s:@%s %02lx limit %08llx\n", __func__,
+		       dev_path(dev), res->index, res->limit);
+		if ((res->flags & MEM_MASK) == PREF_TYPE &&
+		    (res->limit < limits.pref.limit))
+			limits.pref.limit = res->limit;
+		if ((res->flags & MEM_MASK) == MEM_TYPE &&
+		    (res->limit < limits.mem.limit))
+			limits.mem.limit = res->limit;
+		if ((res->flags & IO_MASK) == IO_TYPE &&
+		    (res->limit < limits.io.limit))
+			limits.io.limit = res->limit;
+	}
+
+	/* Look through the tree for fixed resources and update the limits. */
+	constrain_resources(dev, &limits);
+
+	/* Update dev's resources with new limits. */
+	for (res = dev->resource_list; res; res = res->next) {
+		struct resource *lim;
+
+		if ((res->flags & IORESOURCE_FIXED))
+			continue;
+
+		/* PREFETCH, MEM, or I/O - skip any others. */
+		if ((res->flags & MEM_MASK) == PREF_TYPE)
+			lim = &limits.pref;
+		else if ((res->flags & MEM_MASK) == MEM_TYPE)
+			lim = &limits.mem;
+		else if ((res->flags & IO_MASK) == IO_TYPE)
+			lim = &limits.io;
+		else
+			continue;
+
+		printk(BIOS_SPEW, "%s2: %s@%02lx limit %08llx\n", __func__,
+			     dev_path(dev), res->index, res->limit);
+		printk(BIOS_SPEW, "\tlim->base %08llx lim->limit %08llx\n",
+			     lim->base, lim->limit);
+
+		/* Is the resource outside the limits? */
+		if (lim->base > res->base)
+			res->base = lim->base;
+		if (res->limit > lim->limit)
+			res->limit = lim->limit;
+	}
+}
+
+device_t vga_pri = 0;
+static void set_vga_bridge_bits(void)
+{
+	/*
+	 * FIXME: Modify set_vga_bridge() so it is less PCI centric!
+	 * This function knows too much about PCI stuff, it should be just
+	 * an iterator/visitor.
+	 */
+
+	/* FIXME: Handle the VGA palette snooping. */
+	struct device *dev, *vga, *vga_onboard;
+	struct bus *bus;
+
+	bus = 0;
+	vga = 0;
+	vga_onboard = 0;
+
+	dev = NULL;
+	while ((dev = dev_find_class(PCI_CLASS_DISPLAY_VGA << 8, dev))) {
+		if (!dev->enabled)
+			continue;
+
+		printk(BIOS_DEBUG, "found VGA at %s\n", dev_path(dev));
+
+		if (dev->on_mainboard) {
+			vga_onboard = dev;
+		} else {
+			vga = dev;
+		}
+
+		/* It isn't safe to enable all VGA cards. */
+		dev->command &= ~(PCI_COMMAND_MEMORY | PCI_COMMAND_IO);
+	}
+
+	if (!vga)
+		vga = vga_onboard;
+
+	if (CONFIG_ONBOARD_VGA_IS_PRIMARY && vga_onboard)
+		vga = vga_onboard;
+
+	/* If we prefer plugin VGA over chipset VGA, the chipset might
+	   want to know. */
+	if (!CONFIG_ONBOARD_VGA_IS_PRIMARY && (vga != vga_onboard) &&
+		vga_onboard && vga_onboard->ops && vga_onboard->ops->disable) {
+		printk(BIOS_DEBUG, "Use plugin graphics over integrated.\n");
+		vga_onboard->ops->disable(vga_onboard);
+	}
+
+	if (vga) {
+		/* VGA is first add-on card or the only onboard VGA. */
+		printk(BIOS_DEBUG, "Setting up VGA for %s\n", dev_path(vga));
+		/* All legacy VGA cards have MEM & I/O space registers. */
+		vga->command |= (PCI_COMMAND_MEMORY | PCI_COMMAND_IO);
+		vga_pri = vga;
+		bus = vga->bus;
+	}
+
+	/* Now walk up the bridges setting the VGA enable. */
+	while (bus) {
+		printk(BIOS_DEBUG, "Setting PCI_BRIDGE_CTL_VGA for bridge %s\n",
+		       dev_path(bus->dev));
+		bus->bridge_ctrl |= PCI_BRIDGE_CTL_VGA;
+		bus = (bus == bus->dev->bus) ? 0 : bus->dev->bus;
+	}
+}
+
+/**
+ * Assign the computed resources to the devices on the bus.
+ *
+ * Use the device specific set_resources() method to store the computed
+ * resources to hardware. For bridge devices, the set_resources() method
+ * has to recurse into every down stream buses.
+ *
+ * Mutual recursion:
+ *	assign_resources() -> device_operation::set_resources()
+ *	device_operation::set_resources() -> assign_resources()
+ *
+ * @param bus Pointer to the structure for this bus.
+ */
+void assign_resources(struct bus *bus)
+{
+	struct device *curdev;
+
+	printk(BIOS_SPEW, "%s assign_resources, bus %d link: %d\n",
+	       dev_path(bus->dev), bus->secondary, bus->link_num);
+
+	for (curdev = bus->children; curdev; curdev = curdev->sibling) {
+		if (!curdev->enabled || !curdev->resource_list)
+			continue;
+
+		if (!curdev->ops || !curdev->ops->set_resources) {
+			printk(BIOS_ERR, "%s missing set_resources\n",
+			       dev_path(curdev));
+			continue;
+		}
+		curdev->ops->set_resources(curdev);
+	}
+	printk(BIOS_SPEW, "%s assign_resources, bus %d link: %d\n",
+	       dev_path(bus->dev), bus->secondary, bus->link_num);
+}
+
+/**
+ * Enable the resources for devices on a link.
+ *
+ * Enable resources of the device by calling the device specific
+ * enable_resources() method.
+ *
+ * The parent's resources should be enabled first to avoid having enabling
+ * order problem. This is done by calling the parent's enable_resources()
+ * method before its childrens' enable_resources() methods.
+ *
+ * @param link The link whose devices' resources are to be enabled.
+ */
+static void enable_resources(struct bus *link)
+{
+	struct device *dev;
+	struct bus *c_link;
+
+	for (dev = link->children; dev; dev = dev->sibling) {
+		if (dev->enabled && dev->ops && dev->ops->enable_resources)
+			dev->ops->enable_resources(dev);
+	}
+
+	for (dev = link->children; dev; dev = dev->sibling) {
+		for (c_link = dev->link_list; c_link; c_link = c_link->next)
+			enable_resources(c_link);
+	}
+}
+
+/**
+ * Reset all of the devices on a bus and clear the bus's reset_needed flag.
+ *
+ * @param bus Pointer to the bus structure.
+ * @return 1 if the bus was successfully reset, 0 otherwise.
+ */
+int reset_bus(struct bus *bus)
+{
+	if (bus && bus->dev && bus->dev->ops && bus->dev->ops->reset_bus) {
+		bus->dev->ops->reset_bus(bus);
+		bus->reset_needed = 0;
+		return 1;
+	}
+	return 0;
+}
+
+/**
+ * Scan for devices on a bus.
+ *
+ * If there are bridges on the bus, recursively scan the buses behind the
+ * bridges. If the setting up and tuning of the bus causes a reset to be
+ * required, reset the bus and scan it again.
+ *
+ * @param busdev Pointer to the bus device.
+ * @param max Current bus number.
+ * @return The maximum bus number found, after scanning all subordinate buses.
+ */
+unsigned int scan_bus(struct device *busdev, unsigned int max)
+{
+	unsigned int new_max;
+	int do_scan_bus;
+
+	if (!busdev || !busdev->enabled || !busdev->ops ||
+	    !busdev->ops->scan_bus) {
+		return max;
+	}
+
+	do_scan_bus = 1;
+	while (do_scan_bus) {
+		struct bus *link;
+		new_max = busdev->ops->scan_bus(busdev, max);
+		do_scan_bus = 0;
+		for (link = busdev->link_list; link; link = link->next) {
+			if (link->reset_needed) {
+				if (reset_bus(link))
+					do_scan_bus = 1;
+				else
+					busdev->bus->reset_needed = 1;
+			}
+		}
+	}
+	return new_max;
+}
+
+/**
+ * Determine the existence of devices and extend the device tree.
+ *
+ * Most of the devices in the system are listed in the mainboard devicetree.cb
+ * file. The device structures for these devices are generated at compile
+ * time by the config tool and are organized into the device tree. This
+ * function determines if the devices created at compile time actually exist
+ * in the physical system.
+ *
+ * For devices in the physical system but not listed in devicetree.cb,
+ * the device structures have to be created at run time and attached to the
+ * device tree.
+ *
+ * This function starts from the root device 'dev_root', scans the buses in
+ * the system recursively, and modifies the device tree according to the
+ * result of the probe.
+ *
+ * This function has no idea how to scan and probe buses and devices at all.
+ * It depends on the bus/device specific scan_bus() method to do it. The
+ * scan_bus() method also has to create the device structure and attach
+ * it to the device tree.
+ */
+void dev_enumerate(void)
+{
+	struct device *root;
+
+	printk(BIOS_INFO, "Enumerating buses...\n");
+
+	root = &dev_root;
+
+	show_all_devs(BIOS_SPEW, "Before device enumeration.");
+	printk(BIOS_SPEW, "Compare with tree...\n");
+	show_devs_tree(root, BIOS_SPEW, 0, 0);
+
+	if (root->chip_ops && root->chip_ops->enable_dev)
+		root->chip_ops->enable_dev(root);
+
+	if (!root->ops || !root->ops->scan_bus) {
+		printk(BIOS_ERR, "dev_root missing scan_bus operation");
+		return;
+	}
+	scan_bus(root, 0);
+	printk(BIOS_INFO, "done\n");
+}
+
+/**
+ * Configure devices on the devices tree.
+ *
+ * Starting at the root of the device tree, travel it recursively in two
+ * passes. In the first pass, we compute and allocate resources (ranges)
+ * requried by each device. In the second pass, the resources ranges are
+ * relocated to their final position and stored to the hardware.
+ *
+ * I/O resources grow upward. MEM resources grow downward.
+ *
+ * Since the assignment is hierarchical we set the values into the dev_root
+ * struct.
+ */
+void dev_configure(void)
+{
+	struct resource *res;
+	struct device *root;
+	struct device *child;
+
+	set_vga_bridge_bits();
+
+	printk(BIOS_INFO, "Allocating resources...\n");
+
+	root = &dev_root;
+
+	/*
+	 * Each domain should create resources which contain the entire address
+	 * space for IO, MEM, and PREFMEM resources in the domain. The
+	 * allocation of device resources will be done from this address space.
+	 */
+
+	/* Read the resources for the entire tree. */
+
+	printk(BIOS_INFO, "Reading resources...\n");
+	read_resources(root->link_list);
+	printk(BIOS_INFO, "Done reading resources.\n");
+
+	print_resource_tree(root, BIOS_SPEW, "After reading.");
+
+	/* Compute resources for all domains. */
+	for (child = root->link_list->children; child; child = child->sibling) {
+		if (!(child->path.type == DEVICE_PATH_PCI_DOMAIN))
+			continue;
+		for (res = child->resource_list; res; res = res->next) {
+			if (res->flags & IORESOURCE_FIXED)
+				continue;
+			if (res->flags & IORESOURCE_PREFETCH) {
+				compute_resources(child->link_list,
+						  res, MEM_MASK, PREF_TYPE);
+				continue;
+			}
+			if (res->flags & IORESOURCE_MEM) {
+				compute_resources(child->link_list,
+						  res, MEM_MASK, MEM_TYPE);
+				continue;
+			}
+			if (res->flags & IORESOURCE_IO) {
+				compute_resources(child->link_list,
+						  res, IO_MASK, IO_TYPE);
+				continue;
+			}
+		}
+	}
+
+	/* For all domains. */
+	for (child = root->link_list->children; child; child=child->sibling)
+		if (child->path.type == DEVICE_PATH_PCI_DOMAIN)
+			avoid_fixed_resources(child);
+
+	/*
+	 * Now we need to adjust the resources. MEM resources need to start at
+	 * the highest address managable.
+	 */
+	for (child = root->link_list->children; child; child = child->sibling) {
+		if (child->path.type != DEVICE_PATH_PCI_DOMAIN)
+			continue;
+		for (res = child->resource_list; res; res = res->next) {
+			if (!(res->flags & IORESOURCE_MEM) ||
+			    res->flags & IORESOURCE_FIXED)
+				continue;
+			res->base = resource_max(res);
+		}
+	}
+
+	/* Store the computed resource allocations into device registers ... */
+	printk(BIOS_INFO, "Setting resources...\n");
+	for (child = root->link_list->children; child; child = child->sibling) {
+		if (!(child->path.type == DEVICE_PATH_PCI_DOMAIN))
+			continue;
+		for (res = child->resource_list; res; res = res->next) {
+			if (res->flags & IORESOURCE_FIXED)
+				continue;
+			if (res->flags & IORESOURCE_PREFETCH) {
+				allocate_resources(child->link_list,
+						   res, MEM_MASK, PREF_TYPE);
+				continue;
+			}
+			if (res->flags & IORESOURCE_MEM) {
+				allocate_resources(child->link_list,
+						   res, MEM_MASK, MEM_TYPE);
+				continue;
+			}
+			if (res->flags & IORESOURCE_IO) {
+				allocate_resources(child->link_list,
+						   res, IO_MASK, IO_TYPE);
+				continue;
+			}
+		}
+	}
+	assign_resources(root->link_list);
+	printk(BIOS_INFO, "Done setting resources.\n");
+	print_resource_tree(root, BIOS_SPEW, "After assigning values.");
+
+	printk(BIOS_INFO, "Done allocating resources.\n");
+}
+
+/**
+ * Enable devices on the device tree.
+ *
+ * Starting at the root, walk the tree and enable all devices/bridges by
+ * calling the device's enable_resources() method.
+ */
+void dev_enable(void)
+{
+	struct bus *link;
+
+	printk(BIOS_INFO, "Enabling resources...\n");
+
+	/* Now enable everything. */
+	for (link = dev_root.link_list; link; link = link->next)
+		enable_resources(link);
+
+	printk(BIOS_INFO, "done.\n");
+}
+
+/**
+ * Initialize a specific device.
+ *
+ * The parent should be initialized first to avoid having an ordering problem.
+ * This is done by calling the parent's init() method before its childrens'
+ * init() methods.
+ *
+ * @param dev The device to be initialized.
+ */
+static void init_dev(struct device *dev)
+{
+	if (!dev->enabled)
+		return;
+
+	if (!dev->initialized && dev->ops && dev->ops->init) {
+		if (dev->path.type == DEVICE_PATH_I2C) {
+			printk(BIOS_DEBUG, "smbus: %s[%d]->",
+			       dev_path(dev->bus->dev), dev->bus->link_num);
+		}
+
+		printk(BIOS_DEBUG, "%s init\n", dev_path(dev));
+		dev->initialized = 1;
+		dev->ops->init(dev);
+	}
+}
+
+static void init_link(struct bus *link)
+{
+	struct device *dev;
+	struct bus *c_link;
+
+	for (dev = link->children; dev; dev = dev->sibling)
+		init_dev(dev);
+
+	for (dev = link->children; dev; dev = dev->sibling) {
+		for (c_link = dev->link_list; c_link; c_link = c_link->next)
+			init_link(c_link);
+	}
+}
+
+/**
+ * Initialize all devices in the global device tree.
+ *
+ * Starting at the root device, call the device's init() method to do
+ * device-specific setup, then call each child's init() method.
+ */
+void dev_initialize(void)
+{
+	struct bus *link;
+
+	printk(BIOS_INFO, "Initializing devices...\n");
+
+#if CONFIG_ARCH_X86
+	/* Ensure EBDA is prepared before Option ROMs. */
+	setup_default_ebda();
+#endif
+
+	/* First call the mainboard init. */
+	init_dev(&dev_root);
+
+	/* Now initialize everything. */
+	for (link = dev_root.link_list; link; link = link->next)
+		init_link(link);
+
+	printk(BIOS_INFO, "Devices initialized\n");
+	show_all_devs(BIOS_SPEW, "After init.");
+}
diff --git a/src/device/device_romstage.c b/src/device/device_romstage.c
new file mode 100644
index 0000000..475f94a
--- /dev/null
+++ b/src/device/device_romstage.c
@@ -0,0 +1,80 @@
+/*
+ * This file is part of the coreboot project.
+ *
+ * Copyright (C) 2003-2004 Linux Networx
+ * (Written by Eric Biederman <ebiederman at lnxi.com> for Linux Networx)
+ * Copyright (C) 2003 Greg Watson <jarrah at users.sourceforge.net>
+ * Copyright (C) 2004 Li-Ta Lo <ollie at lanl.gov>
+ * Copyright (C) 2005-2006 Tyan
+ * (Written by Yinghai Lu <yhlu at tyan.com> for Tyan)
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; version 2 of the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
+ */
+
+#include <device/device.h>
+#include <device/path.h>
+#include <device/pci.h>
+#include <device/resource.h>
+
+/** Linked list of ALL devices */
+ROMSTAGE_CONST struct device * ROMSTAGE_CONST all_devices = &dev_root;
+
+/**
+ * Given a PCI bus and a devfn number, find the device structure.
+ *
+ * @param bus The bus number.
+ * @param devfn A device/function number.
+ * @return Pointer to the device structure (if found), 0 otherwise.
+ */
+ROMSTAGE_CONST struct device *dev_find_slot(unsigned int bus,
+						unsigned int devfn)
+{
+	ROMSTAGE_CONST struct device *dev, *result;
+
+	result = 0;
+	for (dev = all_devices; dev; dev = dev->next) {
+		if ((dev->path.type == DEVICE_PATH_PCI) &&
+		    (dev->bus->secondary == bus) &&
+		    (dev->path.pci.devfn == devfn)) {
+			result = dev;
+			break;
+		}
+	}
+	return result;
+}
+
+/**
+ * Given an SMBus bus and a device number, find the device structure.
+ *
+ * @param bus The bus number.
+ * @param addr A device number.
+ * @return Pointer to the device structure (if found), 0 otherwise.
+ */
+ROMSTAGE_CONST struct device *dev_find_slot_on_smbus(unsigned int bus,
+							unsigned int addr)
+{
+	ROMSTAGE_CONST struct device *dev, *result;
+
+	result = 0;
+	for (dev = all_devices; dev; dev = dev->next) {
+		if ((dev->path.type == DEVICE_PATH_I2C) &&
+		    (dev->bus->secondary == bus) &&
+		    (dev->path.i2c.device == addr)) {
+			result = dev;
+			break;
+		}
+	}
+	return result;
+}
+
diff --git a/src/device/device_util.c b/src/device/device_util.c
new file mode 100644
index 0000000..224c58e
--- /dev/null
+++ b/src/device/device_util.c
@@ -0,0 +1,870 @@
+/*
+ * This file is part of the coreboot project.
+ *
+ * Copyright (C) 2003-2004 Linux Networx
+ * (Written by Eric Biederman <ebiederman at lnxi.com> for Linux Networx)
+ * Copyright (C) 2003 Greg Watson <jarrah at users.sourceforge.net>
+ * Copyright (C) 2004 Li-Ta Lo <ollie at lanl.gov>
+ * Copyright (C) 2005-2006 Tyan
+ * (Written by Yinghai Lu <yhlu at tyan.com> for Tyan)
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; version 2 of the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
+ */
+
+#include <console/console.h>
+#include <device/device.h>
+#include <device/path.h>
+#include <device/pci.h>
+#include <device/resource.h>
+#include <string.h>
+
+/**
+ * See if a device structure exists for path.
+ *
+ * @param parent The bus to find the device on.
+ * @param path The relative path from the bus to the appropriate device.
+ * @return Pointer to a device structure for the device on bus at path
+ *         or 0/NULL if no device is found.
+ */
+device_t find_dev_path(struct bus *parent, struct device_path *path)
+{
+	device_t child;
+	for (child = parent->children; child; child = child->sibling) {
+		if (path_eq(path, &child->path))
+			break;
+	}
+	return child;
+}
+
+/**
+ * Given a PCI bus and a devfn number, find the device structure.
+ *
+ * @param bus The bus number.
+ * @param devfn A device/function number.
+ * @return Pointer to the device structure (if found), 0 otherwise.
+ */
+struct device *dev_find_slot(unsigned int bus, unsigned int devfn)
+{
+	struct device *dev, *result;
+
+	result = 0;
+	for (dev = all_devices; dev; dev = dev->next) {
+		if ((dev->path.type == DEVICE_PATH_PCI) &&
+		    (dev->bus->secondary == bus) &&
+		    (dev->path.pci.devfn == devfn)) {
+			result = dev;
+			break;
+		}
+	}
+	return result;
+}
+
+/**
+ * Given an SMBus bus and a device number, find the device structure.
+ *
+ * @param bus The bus number.
+ * @param addr A device number.
+ * @return Pointer to the device structure (if found), 0 otherwise.
+ */
+struct device *dev_find_slot_on_smbus(unsigned int bus, unsigned int addr)
+{
+	struct device *dev, *result;
+
+	result = 0;
+	for (dev = all_devices; dev; dev = dev->next) {
+		if ((dev->path.type == DEVICE_PATH_I2C) &&
+		    (dev->bus->secondary == bus) &&
+		    (dev->path.i2c.device == addr)) {
+			result = dev;
+			break;
+		}
+	}
+	return result;
+}
+
+/**
+ * Given a Local APIC ID, find the device structure.
+ *
+ * @param apic_id The Local APIC ID number.
+ * @return Pointer to the device structure (if found), 0 otherwise.
+ */
+device_t dev_find_lapic(unsigned apic_id)
+{
+	device_t dev, result = NULL;
+
+	for (dev = all_devices; dev; dev = dev->next) {
+		if (dev->path.type == DEVICE_PATH_APIC &&
+		    dev->path.apic.apic_id == apic_id) {
+			result = dev;
+			break;
+		}
+	}
+	return result;
+}
+
+/**
+ * Find a device of a given vendor and type.
+ *
+ * @param vendor A PCI vendor ID (e.g. 0x8086 for Intel).
+ * @param device A PCI device ID.
+ * @param from Pointer to the device structure, used as a starting point in
+ *             the linked list of all_devices, which can be 0 to start at the
+ *             head of the list (i.e. all_devices).
+ * @return Pointer to the device struct.
+ */
+struct device *dev_find_device(u16 vendor, u16 device, struct device *from)
+{
+	if (!from)
+		from = all_devices;
+	else
+		from = from->next;
+
+	while (from && (from->vendor != vendor || from->device != device))
+		from = from->next;
+
+	return from;
+}
+
+/**
+ * Find a device of a given class.
+ *
+ * @param class Class of the device.
+ * @param from Pointer to the device structure, used as a starting point in
+ *             the linked list of all_devices, which can be 0 to start at the
+ *             head of the list (i.e. all_devices).
+ * @return Pointer to the device struct.
+ */
+struct device *dev_find_class(unsigned int class, struct device *from)
+{
+	if (!from)
+		from = all_devices;
+	else
+		from = from->next;
+
+	while (from && (from->class & 0xffffff00) != class)
+		from = from->next;
+
+	return from;
+}
+
+/*
+ * Warning: This function uses a static buffer. Don't call it more than once
+ * from the same print statement!
+ */
+const char *dev_path(device_t dev)
+{
+	static char buffer[DEVICE_PATH_MAX];
+
+	buffer[0] = '\0';
+	if (!dev) {
+		memcpy(buffer, "<null>", 7);
+	} else {
+		switch(dev->path.type) {
+		case DEVICE_PATH_ROOT:
+			memcpy(buffer, "Root Device", 12);
+			break;
+		case DEVICE_PATH_PCI:
+#if CONFIG_PCI_BUS_SEGN_BITS
+			sprintf(buffer, "PCI: %04x:%02x:%02x.%01x",
+				dev->bus->secondary >> 8,
+				dev->bus->secondary & 0xff,
+				PCI_SLOT(dev->path.pci.devfn),
+				PCI_FUNC(dev->path.pci.devfn));
+#else
+			sprintf(buffer, "PCI: %02x:%02x.%01x",
+				dev->bus->secondary,
+				PCI_SLOT(dev->path.pci.devfn),
+				PCI_FUNC(dev->path.pci.devfn));
+#endif
+			break;
+		case DEVICE_PATH_PNP:
+			sprintf(buffer, "PNP: %04x.%01x",
+				dev->path.pnp.port, dev->path.pnp.device);
+			break;
+		case DEVICE_PATH_I2C:
+			sprintf(buffer, "I2C: %02x:%02x",
+				dev->bus->secondary,
+				dev->path.i2c.device);
+			break;
+		case DEVICE_PATH_APIC:
+			sprintf(buffer, "APIC: %02x",
+				dev->path.apic.apic_id);
+			break;
+		case DEVICE_PATH_IOAPIC:
+			sprintf(buffer, "IOAPIC: %02x",
+				dev->path.ioapic.ioapic_id);
+			break;
+		case DEVICE_PATH_PCI_DOMAIN:
+			sprintf(buffer, "PCI_DOMAIN: %04x",
+				dev->path.pci_domain.domain);
+			break;
+		case DEVICE_PATH_APIC_CLUSTER:
+			sprintf(buffer, "APIC_CLUSTER: %01x",
+				dev->path.apic_cluster.cluster);
+			break;
+		case DEVICE_PATH_CPU:
+			sprintf(buffer, "CPU: %02x", dev->path.cpu.id);
+			break;
+		case DEVICE_PATH_CPU_BUS:
+			sprintf(buffer, "CPU_BUS: %02x", dev->path.cpu_bus.id);
+			break;
+		default:
+			printk(BIOS_ERR, "Unknown device path type: %d\n",
+			       dev->path.type);
+			break;
+		}
+	}
+	return buffer;
+}
+
+const char *dev_name(device_t dev)
+{
+	if (dev->name)
+		return dev->name;
+	else if (dev->chip_ops && dev->chip_ops->name)
+		return dev->chip_ops->name;
+	else
+		return "unknown";
+}
+
+const char *bus_path(struct bus *bus)
+{
+	static char buffer[BUS_PATH_MAX];
+	sprintf(buffer, "%s,%d", dev_path(bus->dev), bus->link_num);
+	return buffer;
+}
+
+int path_eq(struct device_path *path1, struct device_path *path2)
+{
+	int equal = 0;
+
+	if (path1->type != path2->type)
+		return 0;
+
+	switch (path1->type) {
+	case DEVICE_PATH_NONE:
+		break;
+	case DEVICE_PATH_ROOT:
+		equal = 1;
+		break;
+	case DEVICE_PATH_PCI:
+		equal = (path1->pci.devfn == path2->pci.devfn);
+		break;
+	case DEVICE_PATH_PNP:
+		equal = (path1->pnp.port == path2->pnp.port) &&
+			(path1->pnp.device == path2->pnp.device);
+		break;
+	case DEVICE_PATH_I2C:
+		equal = (path1->i2c.device == path2->i2c.device);
+		break;
+	case DEVICE_PATH_APIC:
+		equal = (path1->apic.apic_id == path2->apic.apic_id);
+		break;
+	case DEVICE_PATH_PCI_DOMAIN:
+		equal = (path1->pci_domain.domain == path2->pci_domain.domain);
+		break;
+	case DEVICE_PATH_APIC_CLUSTER:
+		equal = (path1->apic_cluster.cluster
+			 == path2->apic_cluster.cluster);
+		break;
+	case DEVICE_PATH_CPU:
+		equal = (path1->cpu.id == path2->cpu.id);
+		break;
+	case DEVICE_PATH_CPU_BUS:
+		equal = (path1->cpu_bus.id == path2->cpu_bus.id);
+		break;
+	default:
+		printk(BIOS_ERR, "Uknown device type: %d\n", path1->type);
+		break;
+	}
+
+	return equal;
+}
+
+/**
+ * Allocate 64 more resources to the free list.
+ *
+ * @return TODO.
+ */
+static int allocate_more_resources(void)
+{
+	int i;
+	struct resource *new_res_list;
+
+	new_res_list = malloc(64 * sizeof(*new_res_list));
+
+	if (new_res_list == NULL)
+		return 0;
+
+	memset(new_res_list, 0, 64 * sizeof(*new_res_list));
+
+	for (i = 0; i < 64 - 1; i++)
+		new_res_list[i].next = &new_res_list[i+1];
+
+	free_resources = new_res_list;
+	return 1;
+}
+
+/**
+ * Remove resource res from the device's list and add it to the free list.
+ *
+ * @param dev TODO
+ * @param res TODO
+ * @param prev TODO
+ * @return TODO.
+ */
+static void free_resource(device_t dev, struct resource *res,
+			  struct resource *prev)
+{
+	if (prev)
+		prev->next = res->next;
+	else
+		dev->resource_list = res->next;
+
+	res->next = free_resources;
+	free_resources = res;
+}
+
+/**
+ * See if we have unused but allocated resource structures.
+ *
+ * If so remove the allocation.
+ *
+ * @param dev The device to find the resource on.
+ */
+void compact_resources(device_t dev)
+{
+	struct resource *res, *next, *prev = NULL;
+
+	/* Move all of the free resources to the end */
+	for (res = dev->resource_list; res; res = next) {
+		next = res->next;
+		if (!res->flags)
+			free_resource(dev, res, prev);
+		else
+			prev = res;
+	}
+}
+
+/**
+ * See if a resource structure already exists for a given index.
+ *
+ * @param dev The device to find the resource on.
+ * @param index The index of the resource on the device.
+ * @return The resource, if it already exists.
+ */
+struct resource *probe_resource(device_t dev, unsigned index)
+{
+	struct resource *res;
+
+	/* See if there is a resource with the appropriate index */
+	for (res = dev->resource_list; res; res = res->next) {
+		if (res->index == index)
+			break;
+	}
+
+	return res;
+}
+
+/**
+ * See if a resource structure already exists for a given index and if not
+ * allocate one.
+ *
+ * Then initialize the initialize the resource to default values.
+ *
+ * @param dev The device to find the resource on.
+ * @param index The index of the resource on the device.
+ * @return TODO.
+ */
+struct resource *new_resource(device_t dev, unsigned index)
+{
+	struct resource *resource, *tail;
+
+	/* First move all of the free resources to the end. */
+	compact_resources(dev);
+
+	/* See if there is a resource with the appropriate index. */
+	resource = probe_resource(dev, index);
+	if (!resource) {
+		if (free_resources == NULL && !allocate_more_resources())
+			die("Couldn't allocate more resources.");
+
+		resource = free_resources;
+		free_resources = free_resources->next;
+		memset(resource, 0, sizeof(*resource));
+		resource->next = NULL;
+		tail = dev->resource_list;
+		if (tail) {
+			while (tail->next) tail = tail->next;
+			tail->next = resource;
+		} else {
+			dev->resource_list = resource;
+		}
+	}
+
+	/* Initialize the resource values. */
+	if (!(resource->flags & IORESOURCE_FIXED)) {
+		resource->flags = 0;
+		resource->base = 0;
+	}
+	resource->size  = 0;
+	resource->limit = 0;
+	resource->index = index;
+	resource->align = 0;
+	resource->gran  = 0;
+
+	return resource;
+}
+
+/**
+ * Return an existing resource structure for a given index.
+ *
+ * @param dev The device to find the resource on.
+ * @param index The index of the resource on the device.
+ * return TODO.
+ */
+struct resource *find_resource(device_t dev, unsigned index)
+{
+	struct resource *resource;
+
+	/* See if there is a resource with the appropriate index. */
+	resource = probe_resource(dev, index);
+	if (!resource) {
+		printk(BIOS_EMERG, "%s missing resource: %02x\n",
+		       dev_path(dev), index);
+		die("");
+	}
+	return resource;
+}
+
+/**
+ * Round a number up to the next multiple of gran.
+ *
+ * @param val The starting value.
+ * @param gran Granularity we are aligning the number to.
+ * @return The aligned value.
+ */
+static resource_t align_up(resource_t val, unsigned long gran)
+{
+	resource_t mask;
+	mask = (1ULL << gran) - 1ULL;
+	val += mask;
+	val &= ~mask;
+	return val;
+}
+
+/**
+ * Round a number up to the previous multiple of gran.
+ *
+ * @param val The starting value.
+ * @param gran Granularity we are aligning the number to.
+ * @return The aligned value.
+ */
+static resource_t align_down(resource_t val, unsigned long gran)
+{
+	resource_t mask;
+	mask = (1ULL << gran) - 1ULL;
+	val &= ~mask;
+	return val;
+}
+
+/**
+ * Compute the maximum address that is part of a resource.
+ *
+ * @param resource The resource whose limit is desired.
+ * @return The end.
+ */
+resource_t resource_end(struct resource *resource)
+{
+	resource_t base, end;
+
+	/* Get the base address. */
+	base = resource->base;
+
+	/*
+	 * For a non bridge resource granularity and alignment are the same.
+	 * For a bridge resource align is the largest needed alignment below
+	 * the bridge. While the granularity is simply how many low bits of
+	 * the address cannot be set.
+	 */
+
+	/* Get the end (rounded up). */
+	end = base + align_up(resource->size, resource->gran) - 1;
+
+	return end;
+}
+
+/**
+ * Compute the maximum legal value for resource->base.
+ *
+ * @param resource The resource whose maximum is desired.
+ * @return The maximum.
+ */
+resource_t resource_max(struct resource *resource)
+{
+	resource_t max;
+
+	max = align_down(resource->limit - resource->size + 1, resource->align);
+
+	return max;
+}
+
+/**
+ * Return the resource type of a resource.
+ *
+ * @param resource The resource type to decode.
+ * @return TODO.
+ */
+const char *resource_type(struct resource *resource)
+{
+	static char buffer[RESOURCE_TYPE_MAX];
+	sprintf(buffer, "%s%s%s%s",
+		((resource->flags & IORESOURCE_READONLY) ? "ro" : ""),
+		((resource->flags & IORESOURCE_PREFETCH) ? "pref" : ""),
+		((resource->flags == 0) ? "unused" :
+		(resource->flags & IORESOURCE_IO) ? "io" :
+		(resource->flags & IORESOURCE_DRQ) ? "drq" :
+		(resource->flags & IORESOURCE_IRQ) ? "irq" :
+		(resource->flags & IORESOURCE_MEM) ? "mem" : "??????"),
+		((resource->flags & IORESOURCE_PCI64) ? "64" : ""));
+	return buffer;
+}
+
+/**
+ * Print the resource that was just stored.
+ *
+ * @param dev The device the stored resorce lives on.
+ * @param resource The resource that was just stored.
+ * @param comment TODO
+ */
+void report_resource_stored(device_t dev, struct resource *resource,
+			    const char *comment)
+{
+	char buf[10];
+	unsigned long long base, end;
+
+	if (!(resource->flags & IORESOURCE_STORED))
+		return;
+
+	base = resource->base;
+	end = resource_end(resource);
+	buf[0] = '\0';
+
+	if (resource->flags & IORESOURCE_PCI_BRIDGE) {
+#if CONFIG_PCI_BUS_SEGN_BITS
+		sprintf(buf, "bus %04x:%02x ", dev->bus->secondary >> 8,
+			dev->link_list->secondary & 0xff);
+#else
+		sprintf(buf, "bus %02x ", dev->link_list->secondary);
+#endif
+	}
+	printk(BIOS_DEBUG, "%s %02lx <- [0x%010llx - 0x%010llx] size 0x%08llx "
+	       "gran 0x%02x %s%s%s\n", dev_path(dev), resource->index,
+		base, end, resource->size, resource->gran, buf,
+		resource_type(resource), comment);
+}
+
+void search_bus_resources(struct bus *bus, unsigned long type_mask,
+			  unsigned long type, resource_search_t search,
+			  void *gp)
+{
+	struct device *curdev;
+
+	for (curdev = bus->children; curdev; curdev = curdev->sibling) {
+		struct resource *res;
+
+		/* Ignore disabled devices. */
+		if (!curdev->enabled)
+			continue;
+
+		for (res = curdev->resource_list; res; res = res->next) {
+			/* If it isn't the right kind of resource ignore it. */
+			if ((res->flags & type_mask) != type)
+				continue;
+
+			/* If it is a subtractive resource recurse. */
+			if (res->flags & IORESOURCE_SUBTRACTIVE) {
+				struct bus * subbus;
+				for (subbus = curdev->link_list; subbus;
+				     subbus = subbus->next)
+					if (subbus->link_num
+					== IOINDEX_SUBTRACTIVE_LINK(res->index))
+						break;
+				if (!subbus) /* Why can subbus be NULL?  */
+					break;
+				search_bus_resources(subbus, type_mask, type,
+						     search, gp);
+				continue;
+			}
+			search(gp, curdev, res);
+		}
+	}
+}
+
+void search_global_resources(unsigned long type_mask, unsigned long type,
+			     resource_search_t search, void *gp)
+{
+	struct device *curdev;
+
+	for (curdev = all_devices; curdev; curdev = curdev->next) {
+		struct resource *res;
+
+		/* Ignore disabled devices. */
+		if (!curdev->enabled)
+			continue;
+
+		for (res = curdev->resource_list; res; res = res->next) {
+			/* If it isn't the right kind of resource ignore it. */
+			if ((res->flags & type_mask) != type)
+				continue;
+
+			/* If it is a subtractive resource ignore it. */
+			if (res->flags & IORESOURCE_SUBTRACTIVE)
+				continue;
+
+			search(gp, curdev, res);
+		}
+	}
+}
+
+void dev_set_enabled(device_t dev, int enable)
+{
+	if (dev->enabled == enable)
+		return;
+
+	dev->enabled = enable;
+	if (dev->ops && dev->ops->enable) {
+		dev->ops->enable(dev);
+	} else if (dev->chip_ops && dev->chip_ops->enable_dev) {
+		dev->chip_ops->enable_dev(dev);
+	}
+}
+
+void disable_children(struct bus *bus)
+{
+	device_t child;
+
+	for (child = bus->children; child; child = child->sibling) {
+		struct bus *link;
+		for (link = child->link_list; link; link = link->next)
+			disable_children(link);
+		dev_set_enabled(child, 0);
+	}
+}
+
+static void resource_tree(struct device *root, int debug_level, int depth)
+{
+	int i = 0;
+	struct device *child;
+	struct bus *link;
+	struct resource *res;
+	char indent[30];	/* If your tree has more levels, it's wrong. */
+
+	for (i = 0; i < depth + 1 && i < 29; i++)
+		indent[i] = ' ';
+	indent[i] = '\0';
+
+ 	do_printk(BIOS_DEBUG, "%s%s", indent, dev_path(root));
+ 	if (root->link_list && root->link_list->children)
+ 		do_printk(BIOS_DEBUG, " child on link 0 %s",
+ 			  dev_path(root->link_list->children));
+ 	do_printk(BIOS_DEBUG, "\n");
+
+	for (res = root->resource_list; res; res = res->next) {
+		do_printk(debug_level, "%s%s resource base %llx size %llx "
+			  "align %d gran %d limit %llx flags %lx index %lx\n",
+			  indent, dev_path(root), res->base, res->size,
+			  res->align, res->gran, res->limit, res->flags,
+			  res->index);
+	}
+
+	for (link = root->link_list; link; link = link->next) {
+		for (child = link->children; child; child = child->sibling)
+			resource_tree(child, debug_level, depth + 1);
+	}
+}
+
+void print_resource_tree(struct device *root, int debug_level, const char *msg)
+{
+	/* Bail if root is null. */
+	if (!root) {
+		do_printk(debug_level, "%s passed NULL for root!\n", __func__);
+		return;
+	}
+
+	/* Bail if not printing to screen. */
+	if (!do_printk(debug_level, "Show resources in subtree (%s)...%s\n",
+		       dev_path(root), msg))
+		return;
+
+	resource_tree(root, debug_level, 0);
+}
+
+void show_devs_tree(struct device *dev, int debug_level, int depth, int linknum)
+{
+	char depth_str[20] = "";
+	int i;
+	struct device *sibling;
+	struct bus *link;
+
+	for (i = 0; i < depth; i++)
+		depth_str[i] = ' ';
+	depth_str[i] = '\0';
+
+	do_printk(debug_level, "%s%s: enabled %d\n",
+		  depth_str, dev_path(dev), dev->enabled);
+
+	for (link = dev->link_list; link; link = link->next) {
+		for (sibling = link->children; sibling;
+		     sibling = sibling->sibling)
+			show_devs_tree(sibling, debug_level, depth + 1, i);
+	}
+}
+
+void show_all_devs_tree(int debug_level, const char *msg)
+{
+	/* Bail if not printing to screen. */
+	if (!do_printk(debug_level, "Show all devs in tree form...%s\n", msg))
+		return;
+	show_devs_tree(all_devices, debug_level, 0, -1);
+}
+
+void show_devs_subtree(struct device *root, int debug_level, const char *msg)
+{
+	/* Bail if not printing to screen. */
+	if (!do_printk(debug_level, "Show all devs in subtree %s...%s\n",
+		       dev_path(root), msg))
+		return;
+	do_printk(debug_level, "%s\n", msg);
+	show_devs_tree(root, debug_level, 0, -1);
+}
+
+void show_all_devs(int debug_level, const char *msg)
+{
+	struct device *dev;
+
+	/* Bail if not printing to screen. */
+	if (!do_printk(debug_level, "Show all devs...%s\n", msg))
+		return;
+	for (dev = all_devices; dev; dev = dev->next) {
+		do_printk(debug_level, "%s: enabled %d\n",
+			  dev_path(dev), dev->enabled);
+	}
+}
+
+void show_one_resource(int debug_level, struct device *dev,
+		       struct resource *resource, const char *comment)
+{
+	char buf[10];
+	unsigned long long base, end;
+	base = resource->base;
+	end = resource_end(resource);
+	buf[0] = '\0';
+
+/*
+	if (resource->flags & IORESOURCE_BRIDGE) {
+#if CONFIG_PCI_BUS_SEGN_BITS
+		sprintf(buf, "bus %04x:%02x ", dev->bus->secondary >> 8,
+			dev->link[0].secondary & 0xff);
+#else
+		sprintf(buf, "bus %02x ", dev->link[0].secondary);
+#endif
+	}
+*/
+
+	do_printk(debug_level, "%s %02lx <- [0x%010llx - 0x%010llx] "
+		  "size 0x%08llx gran 0x%02x %s%s%s\n", dev_path(dev),
+		  resource->index, base, end, resource->size, resource->gran,
+		  buf, resource_type(resource), comment);
+}
+
+void show_all_devs_resources(int debug_level, const char* msg)
+{
+	struct device *dev;
+
+	if (!do_printk(debug_level, "Show all devs with resources...%s\n", msg))
+		return;
+
+	for (dev = all_devices; dev; dev = dev->next) {
+		struct resource *res;
+		do_printk(debug_level, "%s: enabled %d\n",
+			  dev_path(dev), dev->enabled);
+		for (res = dev->resource_list; res; res = res->next)
+			show_one_resource(debug_level, dev, res, "");
+	}
+}
+
+void fixed_mem_resource(device_t dev, unsigned long index,
+		  unsigned long basek, unsigned long sizek, unsigned long type)
+{
+	struct resource *resource;
+
+	if (!sizek)
+		return;
+
+	resource = new_resource(dev, index);
+	resource->base = ((resource_t)basek) << 10;
+	resource->size = ((resource_t)sizek) << 10;
+	resource->flags = IORESOURCE_MEM | IORESOURCE_FIXED |
+		 IORESOURCE_STORED | IORESOURCE_ASSIGNED;
+
+	resource->flags |= type;
+}
+
+void tolm_test(void *gp, struct device *dev, struct resource *new)
+{
+	struct resource **best_p = gp;
+	struct resource *best;
+
+	best = *best_p;
+
+	if (!best || (best->base > new->base))
+		best = new;
+
+	*best_p = best;
+}
+
+u32 find_pci_tolm(struct bus *bus)
+{
+	struct resource *min = NULL;
+	u32 tolm;
+
+	search_bus_resources(bus, IORESOURCE_MEM, IORESOURCE_MEM,
+			     tolm_test, &min);
+
+	tolm = 0xffffffffUL;
+
+	if (min && tolm > min->base)
+		tolm = min->base;
+
+	return tolm;
+}
+
+/* Count of enabled CPUs */
+int dev_count_cpu(void)
+{
+	device_t cpu;
+	int count = 0;
+
+	for (cpu = all_devices; cpu; cpu = cpu->next) {
+		if ((cpu->path.type != DEVICE_PATH_APIC) ||
+		    (cpu->bus->dev->path.type != DEVICE_PATH_APIC_CLUSTER))
+			continue;
+		if (!cpu->enabled)
+			continue;
+		count++;
+	}
+
+	return count;
+}
diff --git a/src/device/hypertransport.c b/src/device/hypertransport.c
new file mode 100644
index 0000000..a6320fe
--- /dev/null
+++ b/src/device/hypertransport.c
@@ -0,0 +1,692 @@
+/*
+ * This file is part of the coreboot project.
+ *
+ * Copyright (C) 2003-2004 Linux Networx
+ * (Written by Eric Biederman <ebiederman at lnxi.com> for Linux Networx)
+ * Copyright (C) 2004 David Hendricks <sc at flagen.com>
+ * Copyright (C) 2004 Li-Ta Lo <ollie at lanl.gov>
+ * Copyright (C) 2005-2006 Tyan
+ * (Written by Yinghai Lu <yhlu at tyan.com> for Tyan)
+ * Copyright (C) 2005-2006 Stefan Reinauer <stepan at openbios.org>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; version 2 of the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
+ */
+
+#include <lib.h>
+#include <console/console.h>
+#include <device/device.h>
+#include <device/path.h>
+#include <device/pci.h>
+#include <device/pci_ids.h>
+#include <device/hypertransport.h>
+
+/*
+ * The hypertransport link is already optimized in pre-RAM code so don't do
+ * it again.
+ */
+#define OPT_HT_LINK 0
+
+#if OPT_HT_LINK == 1
+#include <cpu/amd/model_fxx_rev.h>
+#endif
+
+static device_t ht_scan_get_devs(device_t *old_devices)
+{
+	device_t first, last;
+
+	first = *old_devices;
+	last = first;
+
+	/*
+	 * Extract the chain of devices to (first through last) for the next
+	 * hypertransport device.
+	 */
+	while (last && last->sibling &&
+	       (last->sibling->path.type == DEVICE_PATH_PCI) &&
+	       (last->sibling->path.pci.devfn > last->path.pci.devfn))
+	{
+		last = last->sibling;
+	}
+
+	if (first) {
+		device_t child;
+
+		/* Unlink the chain from the list of old devices. */
+		*old_devices = last->sibling;
+		last->sibling = 0;
+
+		/* Now add the device to the list of devices on the bus. */
+		/* Find the last child of our parent. */
+		for (child = first->bus->children; child && child->sibling; )
+			child = child->sibling;
+
+		/* Place the chain on the list of children of their parent. */
+		if (child)
+			child->sibling = first;
+		else
+			first->bus->children = first;
+	}
+	return first;
+}
+
+#if OPT_HT_LINK == 1
+static unsigned ht_read_freq_cap(device_t dev, unsigned pos)
+{
+	/* Handle bugs in valid hypertransport frequency reporting. */
+	unsigned freq_cap;
+
+	freq_cap = pci_read_config16(dev, pos);
+	freq_cap &= ~(1 << HT_FREQ_VENDOR); /* Ignore Vendor HT frequencies. */
+
+	/* AMD 8131 Errata 48. */
+	if ((dev->vendor == PCI_VENDOR_ID_AMD) &&
+	    (dev->device == PCI_DEVICE_ID_AMD_8131_PCIX)) {
+		freq_cap &= ~(1 << HT_FREQ_800Mhz);
+	}
+
+	/* AMD 8151 Errata 23. */
+	if ((dev->vendor == PCI_VENDOR_ID_AMD) &&
+	    (dev->device == PCI_DEVICE_ID_AMD_8151_SYSCTRL)) {
+		freq_cap &= ~(1 << HT_FREQ_800Mhz);
+	}
+
+	/* AMD K8 unsupported 1GHz? */
+	if ((dev->vendor == PCI_VENDOR_ID_AMD) && (dev->device == 0x1100)) {
+#if CONFIG_K8_HT_FREQ_1G_SUPPORT
+
+#if !CONFIG_K8_REV_F_SUPPORT
+		/* Only e0 later suupport 1GHz HT. */
+		if (is_cpu_pre_e0())
+			freq_cap &= ~(1 << HT_FREQ_1000Mhz);
+#endif
+
+#else
+		freq_cap &= ~(1 << HT_FREQ_1000Mhz);
+#endif
+	}
+
+	return freq_cap;
+}
+#endif
+
+struct ht_link {
+	struct device *dev;
+	unsigned pos;
+	unsigned char ctrl_off, config_off, freq_off, freq_cap_off;
+};
+
+static int ht_setup_link(struct ht_link *prev, device_t dev, unsigned pos)
+{
+#if OPT_HT_LINK == 1
+	static const u8 link_width_to_pow2[] = { 3, 4, 0, 5, 1, 2, 0, 0 };
+	static const u8 pow2_to_link_width[] = { 7, 4, 5, 0, 1, 3 };
+	unsigned present_width_cap, upstream_width_cap;
+	unsigned present_freq_cap, upstream_freq_cap;
+	unsigned ln_present_width_in, ln_upstream_width_in;
+	unsigned ln_present_width_out, ln_upstream_width_out;
+	unsigned freq, old_freq;
+	unsigned present_width, upstream_width, old_width;
+#endif
+	struct ht_link cur[1];
+	int reset_needed;
+	int linkb_to_host;
+
+	/* Set the hypertransport link width and frequency. */
+	reset_needed = 0;
+	/*
+	 * See which side of the device our previous write to set the unitid
+	 * came from.
+	 */
+	cur->dev = dev;
+	cur->pos = pos;
+	linkb_to_host =
+	  (pci_read_config16(cur->dev, cur->pos + PCI_CAP_FLAGS) >> 10) & 1;
+
+	if (!linkb_to_host) {
+		cur->ctrl_off     = PCI_HT_CAP_SLAVE_CTRL0;
+		cur->config_off   = PCI_HT_CAP_SLAVE_WIDTH0;
+		cur->freq_off     = PCI_HT_CAP_SLAVE_FREQ0;
+		cur->freq_cap_off = PCI_HT_CAP_SLAVE_FREQ_CAP0;
+	} else {
+		cur->ctrl_off     = PCI_HT_CAP_SLAVE_CTRL1;
+		cur->config_off   = PCI_HT_CAP_SLAVE_WIDTH1;
+		cur->freq_off     = PCI_HT_CAP_SLAVE_FREQ1;
+		cur->freq_cap_off = PCI_HT_CAP_SLAVE_FREQ_CAP1;
+	}
+
+#if OPT_HT_LINK == 1
+	/* Read the capabilities. */
+	present_freq_cap =
+		ht_read_freq_cap(cur->dev, cur->pos + cur->freq_cap_off);
+	upstream_freq_cap =
+		ht_read_freq_cap(prev->dev, prev->pos + prev->freq_cap_off);
+	present_width_cap =
+		pci_read_config8(cur->dev, cur->pos + cur->config_off);
+	upstream_width_cap =
+		pci_read_config8(prev->dev, prev->pos + prev->config_off);
+
+	/* Calculate the highest useable frequency. */
+	freq = log2(present_freq_cap & upstream_freq_cap);
+
+	/* Calculate the highest width. */
+	ln_upstream_width_in = link_width_to_pow2[upstream_width_cap & 7];
+	ln_present_width_out = link_width_to_pow2[(present_width_cap >> 4) & 7];
+	if (ln_upstream_width_in > ln_present_width_out)
+		ln_upstream_width_in = ln_present_width_out;
+	upstream_width = pow2_to_link_width[ln_upstream_width_in];
+	present_width  = pow2_to_link_width[ln_upstream_width_in] << 4;
+
+	ln_upstream_width_out =
+		link_width_to_pow2[(upstream_width_cap >> 4) & 7];
+	ln_present_width_in = link_width_to_pow2[present_width_cap & 7];
+	if (ln_upstream_width_out > ln_present_width_in)
+		ln_upstream_width_out = ln_present_width_in;
+	upstream_width |= pow2_to_link_width[ln_upstream_width_out] << 4;
+	present_width  |= pow2_to_link_width[ln_upstream_width_out];
+
+	/* Set the current device. */
+	old_freq = pci_read_config8(cur->dev, cur->pos + cur->freq_off);
+	old_freq &= 0x0f;
+	if (freq != old_freq) {
+		unsigned new_freq;
+		pci_write_config8(cur->dev, cur->pos + cur->freq_off, freq);
+		reset_needed = 1;
+		printk(BIOS_SPEW, "HyperT FreqP old %x new %x\n",old_freq,freq);
+		new_freq = pci_read_config8(cur->dev, cur->pos + cur->freq_off);
+		new_freq &= 0x0f;
+		if (new_freq != freq) {
+			printk(BIOS_ERR, "%s Hypertransport frequency would "
+			       "not set. Wanted: %x, got: %x\n",
+			       dev_path(dev), freq, new_freq);
+		}
+	}
+	old_width = pci_read_config8(cur->dev, cur->pos + cur->config_off + 1);
+	if (present_width != old_width) {
+		unsigned new_width;
+		pci_write_config8(cur->dev, cur->pos + cur->config_off + 1,
+				  present_width);
+		reset_needed = 1;
+		printk(BIOS_SPEW, "HyperT widthP old %x new %x\n",
+		       old_width, present_width);
+		new_width = pci_read_config8(cur->dev,
+					     cur->pos + cur->config_off + 1);
+		if (new_width != present_width) {
+			printk(BIOS_ERR, "%s Hypertransport width would not "
+			       "set. Wanted: %x, got: %x\n",
+			       dev_path(dev), present_width, new_width);
+		}
+	}
+
+	/* Set the upstream device. */
+	old_freq = pci_read_config8(prev->dev, prev->pos + prev->freq_off);
+	old_freq &= 0x0f;
+	if (freq != old_freq) {
+		unsigned new_freq;
+		pci_write_config8(prev->dev, prev->pos + prev->freq_off, freq);
+		reset_needed = 1;
+		printk(BIOS_SPEW, "HyperT freqU old %x new %x\n",
+		       old_freq, freq);
+		new_freq =
+		  pci_read_config8(prev->dev, prev->pos + prev->freq_off);
+		new_freq &= 0x0f;
+		if (new_freq != freq) {
+			printk(BIOS_ERR, "%s Hypertransport frequency would "
+			       "not set. Wanted: %x, got: %x\n",
+			       dev_path(prev->dev), freq, new_freq);
+		}
+	}
+	old_width =
+		pci_read_config8(prev->dev, prev->pos + prev->config_off + 1);
+	if (upstream_width != old_width) {
+		unsigned new_width;
+		pci_write_config8(prev->dev, prev->pos + prev->config_off + 1,
+				  upstream_width);
+		reset_needed = 1;
+		printk(BIOS_SPEW, "HyperT widthU old %x new %x\n", old_width,
+		       upstream_width);
+		new_width = pci_read_config8(prev->dev,
+					     prev->pos + prev->config_off + 1);
+		if (new_width != upstream_width) {
+			printk(BIOS_ERR, "%s Hypertransport width would not "
+			       "set. Wanted: %x, got: %x\n",
+			       dev_path(prev->dev), upstream_width, new_width);
+		}
+	}
+#endif
+
+	/*
+	 * Remember the current link as the previous link, but look at the
+	 * other offsets.
+	 */
+	prev->dev = cur->dev;
+	prev->pos = cur->pos;
+	if (cur->ctrl_off == PCI_HT_CAP_SLAVE_CTRL0) {
+		prev->ctrl_off     = PCI_HT_CAP_SLAVE_CTRL1;
+		prev->config_off   = PCI_HT_CAP_SLAVE_WIDTH1;
+		prev->freq_off     = PCI_HT_CAP_SLAVE_FREQ1;
+		prev->freq_cap_off = PCI_HT_CAP_SLAVE_FREQ_CAP1;
+	} else {
+		prev->ctrl_off     = PCI_HT_CAP_SLAVE_CTRL0;
+		prev->config_off   = PCI_HT_CAP_SLAVE_WIDTH0;
+		prev->freq_off     = PCI_HT_CAP_SLAVE_FREQ0;
+		prev->freq_cap_off = PCI_HT_CAP_SLAVE_FREQ_CAP0;
+	}
+
+	return reset_needed;
+}
+
+static unsigned ht_lookup_slave_capability(struct device *dev)
+{
+	unsigned pos;
+
+	pos = 0;
+	do {
+		pos = pci_find_next_capability(dev, PCI_CAP_ID_HT, pos);
+		if (pos) {
+			u16 flags;
+			flags = pci_read_config16(dev, pos + PCI_CAP_FLAGS);
+			printk(BIOS_SPEW, "flags: 0x%04x\n", flags);
+			if ((flags >> 13) == 0) {
+				/* Entry is a slave secondary, success... */
+				break;
+			}
+		}
+	} while (pos);
+
+	return pos;
+}
+
+static void ht_collapse_early_enumeration(struct bus *bus,
+					  unsigned offset_unitid)
+{
+	unsigned int devfn;
+	struct ht_link prev;
+	u16 ctrl;
+
+	/* Initialize the hypertransport enumeration state. */
+	prev.dev = bus->dev;
+	prev.pos = bus->cap;
+	prev.ctrl_off     = PCI_HT_CAP_HOST_CTRL;
+	prev.config_off   = PCI_HT_CAP_HOST_WIDTH;
+	prev.freq_off     = PCI_HT_CAP_HOST_FREQ;
+	prev.freq_cap_off = PCI_HT_CAP_HOST_FREQ_CAP;
+
+	/* Wait until the link initialization is complete. */
+	do {
+		ctrl = pci_read_config16(prev.dev, prev.pos + prev.ctrl_off);
+
+		/* Is this the end of the hypertransport chain? */
+		if (ctrl & (1 << 6))
+			return;
+
+		/* Has the link failed? */
+		if (ctrl & (1 << 4)) {
+			/*
+			 * Either the link has failed, or we have a CRC error.
+			 * Sometimes this can happen due to link retrain, so
+			 * lets knock it down and see if its transient.
+			 */
+			ctrl |= ((1 << 4) | (1 << 8)); /* Link fail + CRC */
+			pci_write_config16(prev.dev, prev.pos + prev.ctrl_off,
+					   ctrl);
+			ctrl = pci_read_config16(prev.dev,
+						 prev.pos + prev.ctrl_off);
+			if (ctrl & ((1 << 4) | (1 << 8))) {
+				printk(BIOS_ALERT, "Detected error on "
+				       "Hypertransport link\n");
+				return;
+			}
+		}
+	} while ((ctrl & (1 << 5)) == 0);
+
+	/* Actually, only for one HT device HT chain, and unitid is 0. */
+#if !CONFIG_HT_CHAIN_UNITID_BASE
+	if (offset_unitid)
+		return;
+#endif
+
+	/* Check if is already collapsed. */
+	if ((!offset_unitid) || (offset_unitid
+	    && (!((CONFIG_HT_CHAIN_END_UNITID_BASE == 0)
+	    && (CONFIG_HT_CHAIN_END_UNITID_BASE
+	    < CONFIG_HT_CHAIN_UNITID_BASE))))) {
+
+		struct device dummy;
+		u32 id;
+
+		dummy.bus = bus;
+		dummy.path.type = DEVICE_PATH_PCI;
+		dummy.path.pci.devfn = PCI_DEVFN(0, 0);
+
+		id = pci_read_config32(&dummy, PCI_VENDOR_ID);
+		if (!((id == 0xffffffff) || (id == 0x00000000)
+		    || (id == 0x0000ffff) || (id == 0xffff0000))) {
+			return;
+		}
+	}
+
+	/* Spin through the devices and collapse any early HT enumeration. */
+	for (devfn = PCI_DEVFN(1, 0); devfn <= 0xff; devfn += 8) {
+		struct device dummy;
+		u32 id;
+		unsigned pos, flags;
+
+		dummy.bus = bus;
+		dummy.path.type = DEVICE_PATH_PCI;
+		dummy.path.pci.devfn = devfn;
+
+		id = pci_read_config32(&dummy, PCI_VENDOR_ID);
+		if ((id == 0xffffffff) || (id == 0x00000000)
+		    || (id == 0x0000ffff) || (id == 0xffff0000)) {
+			continue;
+		}
+
+		dummy.vendor = id & 0xffff;
+		dummy.device = (id >> 16) & 0xffff;
+		dummy.hdr_type = pci_read_config8(&dummy, PCI_HEADER_TYPE);
+
+		pos = ht_lookup_slave_capability(&dummy);
+		if (!pos)
+			continue;
+
+		/* Clear the unitid. */
+		flags = pci_read_config16(&dummy, pos + PCI_CAP_FLAGS);
+		flags &= ~0x1f;
+		pci_write_config16(&dummy, pos + PCI_CAP_FLAGS, flags);
+		printk(BIOS_SPEW, "Collapsing %s [%04x/%04x]\n",
+		       dev_path(&dummy), dummy.vendor, dummy.device);
+	}
+}
+
+unsigned int hypertransport_scan_chain(struct bus *bus, unsigned min_devfn,
+				       unsigned max_devfn, unsigned int max,
+				       unsigned *ht_unitid_base,
+				       unsigned offset_unitid)
+{
+	/*
+	 * Even CONFIG_HT_CHAIN_UNITID_BASE == 0, we still can go through this
+	 * function, because of end_of_chain check. Also, we need it to
+	 * optimize link.
+	 */
+	unsigned int next_unitid, last_unitid, min_unitid, max_unitid;
+	device_t old_devices, dev, func, last_func = 0;
+	struct ht_link prev;
+	int ht_dev_num = 0;
+
+	min_unitid = (offset_unitid) ? CONFIG_HT_CHAIN_UNITID_BASE : 1;
+
+#if CONFIG_HT_CHAIN_END_UNITID_BASE != 0x20
+        /*
+	 * Let's record the device of last HT device, so we can set the unitid
+	 * to CONFIG_HT_CHAIN_END_UNITID_BASE.
+	 */
+	unsigned int real_last_unitid = 0, end_used = 0;
+	u8 real_last_pos = 0;
+	device_t real_last_dev = NULL;
+#endif
+
+	/* Restore the hypertransport chain to it's unitialized state. */
+	ht_collapse_early_enumeration(bus, offset_unitid);
+
+	/* See which static device nodes I have. */
+	old_devices = bus->children;
+	bus->children = 0;
+
+	/* Initialize the hypertransport enumeration state. */
+	prev.dev = bus->dev;
+	prev.pos = bus->cap;
+
+	prev.ctrl_off     = PCI_HT_CAP_HOST_CTRL;
+	prev.config_off   = PCI_HT_CAP_HOST_WIDTH;
+	prev.freq_off     = PCI_HT_CAP_HOST_FREQ;
+	prev.freq_cap_off = PCI_HT_CAP_HOST_FREQ_CAP;
+
+	/* If present, assign unitid to a hypertransport chain. */
+	last_unitid = min_unitid -1;
+	max_unitid = next_unitid = min_unitid;
+	do {
+		u8 pos;
+		u16 flags, ctrl;
+		unsigned int count, static_count;
+
+		last_unitid = next_unitid;
+
+		/* Wait until the link initialization is complete. */
+		do {
+			ctrl = pci_read_config16(prev.dev,
+						 prev.pos + prev.ctrl_off);
+
+			/* End of chain? */
+			if (ctrl & (1 << 6))
+				goto end_of_chain;
+
+			if (ctrl & ((1 << 4) | (1 << 8))) {
+				/*
+				 * Either the link has failed, or we have a CRC
+				 * error. Sometimes this can happen due to link
+				 * retrain, so lets knock it down and see if
+				 * it's transient.
+				 */
+				ctrl |= ((1 << 4) | (1 <<8)); // Link fail + CRC
+				pci_write_config16(prev.dev,
+					prev.pos + prev.ctrl_off, ctrl);
+				ctrl = pci_read_config16(prev.dev,
+						prev.pos + prev.ctrl_off);
+				if (ctrl & ((1 << 4) | (1 << 8))) {
+					printk(BIOS_ALERT, "Detected error on "
+					       "hypertransport link\n");
+					goto end_of_chain;
+				}
+			}
+		} while ((ctrl & (1 << 5)) == 0);
+
+
+		/* Get and setup the device_structure. */
+		dev = ht_scan_get_devs(&old_devices);
+
+		/* See if a device is present and setup the device structure. */
+		dev = pci_probe_dev(dev, bus, 0);
+		if (!dev || !dev->enabled)
+			break;
+
+		/* Find the hypertransport link capability. */
+		pos = ht_lookup_slave_capability(dev);
+		if (pos == 0) {
+			printk(BIOS_ERR, "%s Hypertransport link capability "
+			       "not found", dev_path(dev));
+			break;
+		}
+
+		/* Update the unitid of the current device. */
+		flags = pci_read_config16(dev, pos + PCI_CAP_FLAGS);
+
+		/*
+		 * If the devices has a unitid set and is at devfn 0 we are
+		 * done. This can happen with shadow hypertransport devices,
+		 * or if we have reached the bottom of a HT device chain.
+		 */
+		if (flags & 0x1f)
+			break;
+
+		flags &= ~0x1f; /* Mask out base Unit ID. */
+
+		count = (flags >> 5) & 0x1f; /* Het unit count. */
+
+#if CONFIG_HT_CHAIN_END_UNITID_BASE != 0x20
+		if (offset_unitid) {
+			/* max_devfn will be (0x17<<3)|7 or (0x1f<<3)|7. */
+			if (next_unitid > (max_devfn >> 3)) {
+				if (!end_used) {
+			                next_unitid =
+					  CONFIG_HT_CHAIN_END_UNITID_BASE;
+					end_used = 1;
+				} else {
+					goto end_of_chain;
+				}
+			}
+		}
+#endif
+
+		flags |= next_unitid & 0x1f;
+		pci_write_config16(dev, pos + PCI_CAP_FLAGS, flags);
+
+		/* Update the unitid in the device structure. */
+		static_count = 1;
+		for (func = dev; func; func = func->sibling) {
+			func->path.pci.devfn += (next_unitid << 3);
+			static_count = (func->path.pci.devfn >> 3)
+				        - (dev->path.pci.devfn >> 3) + 1;
+			last_func = func;
+		}
+
+		/* Compute the number of unitids consumed. */
+		printk(BIOS_SPEW, "%s count: %04x static_count: %04x\n",
+		       dev_path(dev), count, static_count);
+		if (count < static_count)
+			count = static_count;
+
+		/* Update the unitid of the next device. */
+		ht_unitid_base[ht_dev_num] = next_unitid;
+		ht_dev_num++;
+
+#if CONFIG_HT_CHAIN_END_UNITID_BASE != 0x20
+		if (offset_unitid) {
+			real_last_pos = pos;
+			real_last_unitid = next_unitid;
+			real_last_dev = dev;
+		}
+#endif
+		next_unitid += count;
+		if (next_unitid > max_unitid)
+			max_unitid = next_unitid;
+
+		/* Setup the hypetransport link. */
+		bus->reset_needed |= ht_setup_link(&prev, dev, pos);
+
+		printk(BIOS_DEBUG, "%s [%04x/%04x] %s next_unitid: %04x\n",
+		       dev_path(dev), dev->vendor, dev->device,
+		       (dev->enabled? "enabled" : "disabled"), next_unitid);
+
+	} while (last_unitid != next_unitid);
+
+end_of_chain:
+
+#if OPT_HT_LINK == 1
+	if (bus->reset_needed)
+		printk(BIOS_INFO, "HyperT reset needed\n");
+	else
+		printk(BIOS_DEBUG, "HyperT reset not needed\n");
+#endif
+
+#if CONFIG_HT_CHAIN_END_UNITID_BASE != 0x20
+	if (offset_unitid && (ht_dev_num > 1)
+	    && (real_last_unitid != CONFIG_HT_CHAIN_END_UNITID_BASE)
+	    && !end_used) {
+		u16 flags;
+		flags = pci_read_config16(real_last_dev,
+					  real_last_pos + PCI_CAP_FLAGS);
+		flags &= ~0x1f;
+		flags |= CONFIG_HT_CHAIN_END_UNITID_BASE & 0x1f;
+		pci_write_config16(real_last_dev,
+				   real_last_pos + PCI_CAP_FLAGS, flags);
+
+		for (func = real_last_dev; func; func = func->sibling) {
+			func->path.pci.devfn -= ((real_last_unitid
+				- CONFIG_HT_CHAIN_END_UNITID_BASE) << 3);
+			last_func = func;
+		}
+
+		/* Update last one. */
+		ht_unitid_base[ht_dev_num-1] = CONFIG_HT_CHAIN_END_UNITID_BASE;
+
+		printk(BIOS_DEBUG, " unitid: %04x --> %04x\n",
+		       real_last_unitid, CONFIG_HT_CHAIN_END_UNITID_BASE);
+	}
+#endif
+	next_unitid = max_unitid;
+
+	if (next_unitid > 0x20)
+		next_unitid = 0x20;
+
+	if ((bus->secondary == 0) && (next_unitid > 0x18))
+		next_unitid = 0x18; /* Avoid K8 on bus 0. */
+
+	/*
+	 * Die if any leftover static devices are are found. There's probably
+	 * a problem in devicetree.cb.
+	 */
+	if (old_devices) {
+		device_t left;
+		for (left = old_devices; left; left = left->sibling)
+			printk(BIOS_DEBUG, "%s\n", dev_path(left));
+
+		printk(BIOS_ERR, "HT: Leftover static devices. "
+		       "Check your devicetree.cb\n");
+
+		/*
+		 * Put back the leftover static device, and let pci_scan_bus()
+		 * disable it.
+		 */
+		if (last_func && !last_func->sibling)
+			last_func->sibling = old_devices;
+	}
+
+	/* Now that nothing is overlapping it is safe to scan the children. */
+	max = pci_scan_bus(bus, 0x00, ((next_unitid - 1) << 3) | 7, max);
+	return max;
+}
+
+/**
+ * Scan a PCI bridge and the buses behind the bridge.
+ *
+ * Determine the existence of buses behind the bridge. Set up the bridge
+ * according to the result of the scan.
+ *
+ * This function is the default scan_bus() method for PCI bridge devices.
+ *
+ * @param bus TODO
+ * @param min_devfn TODO
+ * @param max_devfn TODO
+ * @param max The highest bus number assgined up to now.
+ * @return The maximum bus number found, after scanning all subordinate busses.
+ */
+static unsigned int hypertransport_scan_chain_x(struct bus *bus,
+	unsigned int min_devfn, unsigned int max_devfn, unsigned int max)
+{
+	unsigned int ht_unitid_base[4];
+	unsigned int offset_unitid = 1;
+	return hypertransport_scan_chain(bus, min_devfn, max_devfn, max,
+					 ht_unitid_base, offset_unitid);
+}
+
+unsigned int ht_scan_bridge(struct device *dev, unsigned int max)
+{
+	return do_pci_scan_bridge(dev, max, hypertransport_scan_chain_x);
+}
+
+/** Default device operations for hypertransport bridges */
+static struct pci_operations ht_bus_ops_pci = {
+	.set_subsystem = 0,
+};
+
+struct device_operations default_ht_ops_bus = {
+	.read_resources   = pci_bus_read_resources,
+	.set_resources    = pci_dev_set_resources,
+	.enable_resources = pci_bus_enable_resources,
+	.init             = 0,
+	.scan_bus         = ht_scan_bridge,
+	.enable           = 0,
+	.reset_bus        = pci_bus_reset,
+	.ops_pci          = &ht_bus_ops_pci,
+};
diff --git a/src/device/oprom/Makefile.inc b/src/device/oprom/Makefile.inc
new file mode 100644
index 0000000..aa4a74d
--- /dev/null
+++ b/src/device/oprom/Makefile.inc
@@ -0,0 +1,23 @@
+##
+## This file is part of the coreboot project.
+##
+## Copyright (C) 2007-2010 coresystems GmbH
+##
+## This program is free software; you can redistribute it and/or modify
+## it under the terms of the GNU General Public License as published by
+## the Free Software Foundation; version 2 of the License.
+##
+## This program is distributed in the hope that it will be useful,
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+## GNU General Public License for more details.
+##
+## You should have received a copy of the GNU General Public License
+## along with this program; if not, write to the Free Software
+## Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
+##
+
+subdirs-$(CONFIG_PCI_OPTION_ROM_RUN_YABEL) += x86emu
+subdirs-$(CONFIG_PCI_OPTION_ROM_RUN_YABEL) += yabel
+subdirs-$(CONFIG_PCI_OPTION_ROM_RUN_REALMODE) += realmode
+
diff --git a/src/device/oprom/include/vbe.h b/src/device/oprom/include/vbe.h
new file mode 100644
index 0000000..ab26d59
--- /dev/null
+++ b/src/device/oprom/include/vbe.h
@@ -0,0 +1,117 @@
+/******************************************************************************
+ * Copyright (c) 2004, 2008 IBM Corporation
+ * Copyright (c) 2009 Pattrick Hueper <phueper at hueper.net>
+ * All rights reserved.
+ * This program and the accompanying materials
+ * are made available under the terms of the BSD License
+ * which accompanies this distribution, and is available at
+ * http://www.opensource.org/licenses/bsd-license.php
+ *
+ * Contributors:
+ *     IBM Corporation - initial implementation
+ *****************************************************************************/
+
+// these structs are for input from and output to OF
+typedef struct {
+	u8 display_type;	// 0=NONE, 1= analog, 2=digital
+	u16 screen_width;
+	u16 screen_height;
+	u16 screen_linebytes;	// bytes per line in framebuffer, may be more than screen_width
+	u8 color_depth;	// color depth in bpp
+	u32 framebuffer_address;
+	u8 edid_block_zero[128];
+} __attribute__ ((__packed__)) screen_info_t;
+
+typedef struct {
+	u8 signature[4];
+	u16 size_reserved;
+	u8 monitor_number;
+	u16 max_screen_width;
+	u8 color_depth;
+} __attribute__ ((__packed__)) screen_info_input_t;
+
+// these structs only store a subset of the VBE defined fields
+// only those needed.
+typedef struct {
+	char signature[4];
+	u16 version;
+	u8 *oem_string_ptr;
+	u32 capabilities;
+	u16 video_mode_list[256];	// lets hope we never have more than 256 video modes...
+	u16 total_memory;
+} vbe_info_t;
+
+typedef struct {
+	u16 mode_attributes; // 00
+	u8 win_a_attributes; // 02
+	u8 win_b_attributes; // 03
+	u16 win_granularity; // 04
+	u16 win_size;        // 06
+	u16 win_a_segment;   // 08
+	u16 win_b_segment;   // 0a
+	u32 win_func_ptr;    // 0c
+	u16 bytes_per_scanline; // 10
+	u16 x_resolution;    // 12
+	u16 y_resolution;    // 14
+	u8 x_charsize;       // 16
+	u8 y_charsize;       // 17
+	u8 number_of_planes; // 18
+	u8 bits_per_pixel;   // 19
+	u8 number_of_banks;  // 20
+	u8 memory_model;     // 21
+	u8 bank_size;        // 22
+	u8 number_of_image_pages; // 23
+	u8 reserved_page;
+	u8 red_mask_size;
+	u8 red_mask_pos;
+	u8 green_mask_size;
+	u8 green_mask_pos;
+	u8 blue_mask_size;
+	u8 blue_mask_pos;
+	u8 reserved_mask_size;
+	u8 reserved_mask_pos;
+	u8 direct_color_mode_info;
+	u32 phys_base_ptr;
+	u32 offscreen_mem_offset;
+	u16 offscreen_mem_size;
+	u8 reserved[206];
+} __attribute__ ((__packed__)) vesa_mode_info_t;
+
+typedef struct {
+	u16 video_mode;
+	union {
+		vesa_mode_info_t vesa;
+		u8 mode_info_block[256];
+	};
+	// our crap
+	//u16 attributes;
+	//u16 linebytes;
+	//u16 x_resolution;
+	//u16 y_resolution;
+	//u8 x_charsize;
+	//u8 y_charsize;
+	//u8 bits_per_pixel;
+	//u8 memory_model;
+	//u32 framebuffer_address;
+} vbe_mode_info_t;
+
+typedef struct {
+	u8 port_number;	// i.e. monitor number
+	u8 edid_transfer_time;
+	u8 ddc_level;
+	u8 edid_block_zero[128];
+} vbe_ddc_info_t;
+
+struct lb_framebuffer;
+
+void vbe_set_graphics(void);
+// A way to check if mode information collected by vbe_set_graphics is valid
+// and fill_lb_framebuffer will have real information to use.
+int vbe_mode_info_valid(void);
+void vbe_textmode_console(void);
+void fill_lb_framebuffer(struct lb_framebuffer *framebuffer);
+
+#define VESA_GET_INFO		0x4f00
+#define VESA_GET_MODE_INFO	0x4f01
+#define VESA_SET_MODE		0x4f02
+
diff --git a/src/device/oprom/include/x86emu/fpu_regs.h b/src/device/oprom/include/x86emu/fpu_regs.h
new file mode 100644
index 0000000..7c7df85
--- /dev/null
+++ b/src/device/oprom/include/x86emu/fpu_regs.h
@@ -0,0 +1,115 @@
+/****************************************************************************
+*
+*						Realmode X86 Emulator Library
+*
+*            	Copyright (C) 1996-1999 SciTech Software, Inc.
+* 				     Copyright (C) David Mosberger-Tang
+* 					   Copyright (C) 1999 Egbert Eich
+*
+*  ========================================================================
+*
+*  Permission to use, copy, modify, distribute, and sell this software and
+*  its documentation for any purpose is hereby granted without fee,
+*  provided that the above copyright notice appear in all copies and that
+*  both that copyright notice and this permission notice appear in
+*  supporting documentation, and that the name of the authors not be used
+*  in advertising or publicity pertaining to distribution of the software
+*  without specific, written prior permission.  The authors makes no
+*  representations about the suitability of this software for any purpose.
+*  It is provided "as is" without express or implied warranty.
+*
+*  THE AUTHORS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
+*  INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
+*  EVENT SHALL THE AUTHORS BE LIABLE FOR ANY SPECIAL, INDIRECT OR
+*  CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
+*  USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
+*  OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+*  PERFORMANCE OF THIS SOFTWARE.
+*
+*  ========================================================================
+*
+* Language:		ANSI C
+* Environment:	Any
+* Developer:    Kendall Bennett
+*
+* Description:  Header file for FPU register definitions.
+*
+****************************************************************************/
+
+#ifndef __X86EMU_FPU_REGS_H
+#define __X86EMU_FPU_REGS_H
+
+#ifdef X86_FPU_SUPPORT
+
+#pragma	pack(1)
+
+/* Basic 8087 register can hold any of the following values: */
+
+union x86_fpu_reg_u {
+    s8                  tenbytes[10];
+    double              dval;
+    float               fval;
+    s16                 sval;
+    s32                 lval;
+	};
+
+struct x86_fpu_reg {
+	union x86_fpu_reg_u reg;
+	char                tag;
+	};
+
+/*
+ * Since we are not going to worry about the problems of aliasing
+ * registers, every time a register is modified, its result type is
+ * set in the tag fields for that register.  If some operation
+ * attempts to access the type in a way inconsistent with its current
+ * storage format, then we flag the operation.  If common, we'll
+ * attempt the conversion.
+ */
+
+#define  X86_FPU_VALID          0x80
+#define  X86_FPU_REGTYP(r)      ((r) & 0x7F)
+
+#define  X86_FPU_WORD           0x0
+#define  X86_FPU_SHORT          0x1
+#define  X86_FPU_LONG           0x2
+#define  X86_FPU_FLOAT          0x3
+#define  X86_FPU_DOUBLE         0x4
+#define  X86_FPU_LDBL           0x5
+#define  X86_FPU_BSD            0x6
+
+#define  X86_FPU_STKTOP  0
+
+struct x86_fpu_registers {
+    struct x86_fpu_reg  x86_fpu_stack[8];
+    int                 x86_fpu_flags;
+    int                 x86_fpu_config;         /* rounding modes, etc. */
+    short               x86_fpu_tos, x86_fpu_bos;
+	};
+
+#pragma	pack()
+
+/*
+ * There are two versions of the following macro.
+ *
+ * One version is for opcode D9, for which there are more than 32
+ * instructions encoded in the second byte of the opcode.
+ *
+ * The other version, deals with all the other 7 i87 opcodes, for
+ * which there are only 32 strings needed to describe the
+ * instructions.
+ */
+
+#endif /* X86_FPU_SUPPORT */
+
+#if CONFIG_X86EMU_DEBUG
+# define DECODE_PRINTINSTR32(t,mod,rh,rl)     	\
+	DECODE_PRINTF(t[(mod<<3)+(rh)]);
+# define DECODE_PRINTINSTR256(t,mod,rh,rl)    	\
+	DECODE_PRINTF(t[(mod<<6)+(rh<<3)+(rl)]);
+#else
+# define DECODE_PRINTINSTR32(t,mod,rh,rl)
+# define DECODE_PRINTINSTR256(t,mod,rh,rl)
+#endif
+
+#endif /* __X86EMU_FPU_REGS_H */
diff --git a/src/device/oprom/include/x86emu/regs.h b/src/device/oprom/include/x86emu/regs.h
new file mode 100644
index 0000000..d738974
--- /dev/null
+++ b/src/device/oprom/include/x86emu/regs.h
@@ -0,0 +1,372 @@
+/****************************************************************************
+*
+*						Realmode X86 Emulator Library
+*
+*            	Copyright (C) 1996-1999 SciTech Software, Inc.
+* 				     Copyright (C) David Mosberger-Tang
+* 					   Copyright (C) 1999 Egbert Eich
+*
+*  ========================================================================
+*
+*  Permission to use, copy, modify, distribute, and sell this software and
+*  its documentation for any purpose is hereby granted without fee,
+*  provided that the above copyright notice appear in all copies and that
+*  both that copyright notice and this permission notice appear in
+*  supporting documentation, and that the name of the authors not be used
+*  in advertising or publicity pertaining to distribution of the software
+*  without specific, written prior permission.  The authors makes no
+*  representations about the suitability of this software for any purpose.
+*  It is provided "as is" without express or implied warranty.
+*
+*  THE AUTHORS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
+*  INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
+*  EVENT SHALL THE AUTHORS BE LIABLE FOR ANY SPECIAL, INDIRECT OR
+*  CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
+*  USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
+*  OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+*  PERFORMANCE OF THIS SOFTWARE.
+*
+*  ========================================================================
+*
+* Language:		ANSI C
+* Environment:	Any
+* Developer:    Kendall Bennett
+*
+* Description:  Header file for x86 register definitions.
+*
+****************************************************************************/
+/* $XFree86: xc/extras/x86emu/include/x86emu/regs.h,v 1.3 2001/10/28 03:32:25 tsi Exp $ */
+
+#ifndef __X86EMU_REGS_H
+#define __X86EMU_REGS_H
+
+/*---------------------- Macros and type definitions ----------------------*/
+
+#pragma pack(1)
+
+/*
+ * General EAX, EBX, ECX, EDX type registers.  Note that for
+ * portability, and speed, the issue of byte swapping is not addressed
+ * in the registers.  All registers are stored in the default format
+ * available on the host machine.  The only critical issue is that the
+ * registers should line up EXACTLY in the same manner as they do in
+ * the 386.  That is:
+ *
+ * EAX & 0xff  === AL
+ * EAX & 0xffff == AX
+ *
+ * etc.  The result is that alot of the calculations can then be
+ * done using the native instruction set fully.
+ */
+
+#ifdef	__BIG_ENDIAN__
+
+typedef struct {
+    u32 e_reg;
+	} I32_reg_t;
+
+typedef struct {
+	u16 filler0, x_reg;
+	} I16_reg_t;
+
+typedef struct {
+	u8 filler0, filler1, h_reg, l_reg;
+	} I8_reg_t;
+
+#else /* !__BIG_ENDIAN__ */
+
+typedef struct {
+    u32 e_reg;
+	} I32_reg_t;
+
+typedef struct {
+	u16 x_reg;
+	} I16_reg_t;
+
+typedef struct {
+	u8 l_reg, h_reg;
+	} I8_reg_t;
+
+#endif /* BIG_ENDIAN */
+
+typedef union {
+	I32_reg_t   I32_reg;
+	I16_reg_t   I16_reg;
+	I8_reg_t    I8_reg;
+	} i386_general_register;
+
+struct i386_general_regs {
+	i386_general_register A, B, C, D;
+	};
+
+typedef struct i386_general_regs Gen_reg_t;
+
+struct i386_special_regs {
+	i386_general_register SP, BP, SI, DI, IP;
+	u32 FLAGS;
+	};
+
+/*
+ * Segment registers here represent the 16 bit quantities
+ * CS, DS, ES, SS.
+ */
+
+struct i386_segment_regs {
+    u16 CS, DS, SS, ES, FS, GS;
+	};
+
+/* 8 bit registers */
+#define R_AH  gen.A.I8_reg.h_reg
+#define R_AL  gen.A.I8_reg.l_reg
+#define R_BH  gen.B.I8_reg.h_reg
+#define R_BL  gen.B.I8_reg.l_reg
+#define R_CH  gen.C.I8_reg.h_reg
+#define R_CL  gen.C.I8_reg.l_reg
+#define R_DH  gen.D.I8_reg.h_reg
+#define R_DL  gen.D.I8_reg.l_reg
+
+/* 16 bit registers */
+#define R_AX  gen.A.I16_reg.x_reg
+#define R_BX  gen.B.I16_reg.x_reg
+#define R_CX  gen.C.I16_reg.x_reg
+#define R_DX  gen.D.I16_reg.x_reg
+
+/* 32 bit extended registers */
+#define R_EAX  gen.A.I32_reg.e_reg
+#define R_EBX  gen.B.I32_reg.e_reg
+#define R_ECX  gen.C.I32_reg.e_reg
+#define R_EDX  gen.D.I32_reg.e_reg
+
+/* special registers */
+#define R_SP  spc.SP.I16_reg.x_reg
+#define R_BP  spc.BP.I16_reg.x_reg
+#define R_SI  spc.SI.I16_reg.x_reg
+#define R_DI  spc.DI.I16_reg.x_reg
+#define R_IP  spc.IP.I16_reg.x_reg
+#define R_FLG spc.FLAGS
+
+/* special registers */
+#define R_SP  spc.SP.I16_reg.x_reg
+#define R_BP  spc.BP.I16_reg.x_reg
+#define R_SI  spc.SI.I16_reg.x_reg
+#define R_DI  spc.DI.I16_reg.x_reg
+#define R_IP  spc.IP.I16_reg.x_reg
+#define R_FLG spc.FLAGS
+
+/* special registers */
+#define R_ESP  spc.SP.I32_reg.e_reg
+#define R_EBP  spc.BP.I32_reg.e_reg
+#define R_ESI  spc.SI.I32_reg.e_reg
+#define R_EDI  spc.DI.I32_reg.e_reg
+#define R_EIP  spc.IP.I32_reg.e_reg
+#define R_EFLG spc.FLAGS
+
+/* segment registers */
+#define R_CS  seg.CS
+#define R_DS  seg.DS
+#define R_SS  seg.SS
+#define R_ES  seg.ES
+#define R_FS  seg.FS
+#define R_GS  seg.GS
+
+/* flag conditions   */
+#define FB_CF 0x0001            /* CARRY flag  */
+#define FB_PF 0x0004            /* PARITY flag */
+#define FB_AF 0x0010            /* AUX  flag   */
+#define FB_ZF 0x0040            /* ZERO flag   */
+#define FB_SF 0x0080            /* SIGN flag   */
+#define FB_TF 0x0100            /* TRAP flag   */
+#define FB_IF 0x0200            /* INTERRUPT ENABLE flag */
+#define FB_DF 0x0400            /* DIR flag    */
+#define FB_OF 0x0800            /* OVERFLOW flag */
+
+/* 80286 and above always have bit#1 set */
+#define F_ALWAYS_ON  (0x0002)   /* flag bits always on */
+
+/*
+ * Define a mask for only those flag bits we will ever pass back
+ * (via PUSHF)
+ */
+#define F_MSK (FB_CF|FB_PF|FB_AF|FB_ZF|FB_SF|FB_TF|FB_IF|FB_DF|FB_OF)
+
+/* following bits masked in to a 16bit quantity */
+
+#define F_CF 0x0001             /* CARRY flag  */
+#define F_PF 0x0004             /* PARITY flag */
+#define F_AF 0x0010             /* AUX  flag   */
+#define F_ZF 0x0040             /* ZERO flag   */
+#define F_SF 0x0080             /* SIGN flag   */
+#define F_TF 0x0100             /* TRAP flag   */
+#define F_IF 0x0200             /* INTERRUPT ENABLE flag */
+#define F_DF 0x0400             /* DIR flag    */
+#define F_OF 0x0800             /* OVERFLOW flag */
+
+#define TOGGLE_FLAG(flag)     	(M.x86.R_FLG ^= (flag))
+#define SET_FLAG(flag)        	(M.x86.R_FLG |= (flag))
+#define CLEAR_FLAG(flag)      	(M.x86.R_FLG &= ~(flag))
+#define ACCESS_FLAG(flag)     	(M.x86.R_FLG & (flag))
+#define CLEARALL_FLAG(m)    	(M.x86.R_FLG = 0)
+
+#define CONDITIONAL_SET_FLAG(COND,FLAG) \
+  if (COND) SET_FLAG(FLAG); else CLEAR_FLAG(FLAG)
+
+#define F_PF_CALC 0x010000      /* PARITY flag has been calced    */
+#define F_ZF_CALC 0x020000      /* ZERO flag has been calced      */
+#define F_SF_CALC 0x040000      /* SIGN flag has been calced      */
+
+#define F_ALL_CALC      0xff0000        /* All have been calced   */
+
+/*
+ * Emulator machine state.
+ * Segment usage control.
+ */
+#define SYSMODE_SEG_DS_SS       0x00000001
+#define SYSMODE_SEGOVR_CS       0x00000002
+#define SYSMODE_SEGOVR_DS       0x00000004
+#define SYSMODE_SEGOVR_ES       0x00000008
+#define SYSMODE_SEGOVR_FS       0x00000010
+#define SYSMODE_SEGOVR_GS       0x00000020
+#define SYSMODE_SEGOVR_SS       0x00000040
+#define SYSMODE_PREFIX_REPE     0x00000080
+#define SYSMODE_PREFIX_REPNE    0x00000100
+#define SYSMODE_PREFIX_DATA     0x00000200
+#define SYSMODE_PREFIX_ADDR     0x00000400
+//phueper: for REP(E|NE) Instructions, we need to decide wether it should be using
+//the 32bit ECX register as or the 16bit CX register as count register
+#define SYSMODE_32BIT_REP       0x00000800
+#define SYSMODE_INTR_PENDING    0x10000000
+#define SYSMODE_EXTRN_INTR      0x20000000
+#define SYSMODE_HALTED          0x40000000
+
+#define SYSMODE_SEGMASK (SYSMODE_SEG_DS_SS      | \
+						 SYSMODE_SEGOVR_CS      | \
+						 SYSMODE_SEGOVR_DS      | \
+						 SYSMODE_SEGOVR_ES      | \
+						 SYSMODE_SEGOVR_FS      | \
+						 SYSMODE_SEGOVR_GS      | \
+						 SYSMODE_SEGOVR_SS)
+#define SYSMODE_CLRMASK (SYSMODE_SEG_DS_SS      | \
+						 SYSMODE_SEGOVR_CS      | \
+						 SYSMODE_SEGOVR_DS      | \
+						 SYSMODE_SEGOVR_ES      | \
+						 SYSMODE_SEGOVR_FS      | \
+						 SYSMODE_SEGOVR_GS      | \
+						 SYSMODE_SEGOVR_SS      | \
+						 SYSMODE_PREFIX_DATA    | \
+						 SYSMODE_PREFIX_ADDR    | \
+						 SYSMODE_32BIT_REP)
+
+#define  INTR_SYNCH           0x1
+#define  INTR_ASYNCH          0x2
+#define  INTR_HALTED          0x4
+
+typedef struct {
+    struct i386_general_regs    gen;
+    struct i386_special_regs    spc;
+    struct i386_segment_regs    seg;
+    /*
+     * MODE contains information on:
+     *  REPE prefix             2 bits  repe,repne
+     *  SEGMENT overrides       5 bits  normal,DS,SS,CS,ES
+     *  Delayed flag set        3 bits  (zero, signed, parity)
+     *  reserved                6 bits
+     *  interrupt #             8 bits  instruction raised interrupt
+     *  BIOS video segregs      4 bits
+     *  Interrupt Pending       1 bits
+     *  Extern interrupt        1 bits
+     *  Halted                  1 bits
+     */
+    u32                         mode;
+    volatile int                intr;   /* mask of pending interrupts */
+    volatile int                         debug;
+#if CONFIG_X86EMU_DEBUG
+    int                         check;
+    u16                         saved_ip;
+    u16                         saved_cs;
+    int                         enc_pos;
+    int                         enc_str_pos;
+    char                        decode_buf[32]; /* encoded byte stream  */
+    char                        decoded_buf[256]; /* disassembled strings */
+#endif
+    u8                          intno;
+    u8                          __pad[3];
+	} X86EMU_regs;
+
+/****************************************************************************
+REMARKS:
+Structure maintaining the emulator machine state.
+
+MEMBERS:
+mem_base		- Base real mode memory for the emulator
+abseg			- Base for the absegment
+mem_size		- Size of the real mode memory block for the emulator
+private			- private data pointer
+x86			- X86 registers
+****************************************************************************/
+typedef struct {
+	unsigned long	mem_base;
+	unsigned long	mem_size;
+	unsigned long	abseg;
+	void*        	private;
+	X86EMU_regs		x86;
+	} X86EMU_sysEnv;
+
+#pragma pack()
+
+/*----------------------------- Global Variables --------------------------*/
+
+#ifdef  __cplusplus
+extern "C" {            			/* Use "C" linkage when in C++ mode */
+#endif
+
+/* Global emulator machine state.
+ *
+ * We keep it global to avoid pointer dereferences in the code for speed.
+ */
+
+extern    X86EMU_sysEnv	_X86EMU_env;
+#define   M             _X86EMU_env
+
+#define X86_EAX M.x86.R_EAX
+#define X86_EBX M.x86.R_EBX
+#define X86_ECX M.x86.R_ECX
+#define X86_EDX M.x86.R_EDX
+#define X86_ESI M.x86.R_ESI
+#define X86_EDI M.x86.R_EDI
+#define X86_EBP M.x86.R_EBP
+#define X86_EIP M.x86.R_EIP
+#define X86_ESP M.x86.R_ESP
+#define X86_EFLAGS M.x86.R_EFLG
+
+#define X86_FLAGS M.x86.R_FLG
+#define X86_AX M.x86.R_AX
+#define X86_BX M.x86.R_BX
+#define X86_CX M.x86.R_CX
+#define X86_DX M.x86.R_DX
+#define X86_SI M.x86.R_SI
+#define X86_DI M.x86.R_DI
+#define X86_BP M.x86.R_BP
+#define X86_IP M.x86.R_IP
+#define X86_SP M.x86.R_SP
+#define X86_CS M.x86.R_CS
+#define X86_DS M.x86.R_DS
+#define X86_ES M.x86.R_ES
+#define X86_SS M.x86.R_SS
+#define X86_FS M.x86.R_FS
+#define X86_GS M.x86.R_GS
+
+#define X86_AL M.x86.R_AL
+#define X86_BL M.x86.R_BL
+#define X86_CL M.x86.R_CL
+#define X86_DL M.x86.R_DL
+
+#define X86_AH M.x86.R_AH
+#define X86_BH M.x86.R_BH
+#define X86_CH M.x86.R_CH
+#define X86_DH M.x86.R_DH
+
+#ifdef  __cplusplus
+}                       			/* End of "C" linkage for C++   	*/
+#endif
+
+#endif /* __X86EMU_REGS_H */
diff --git a/src/device/oprom/include/x86emu/types.h b/src/device/oprom/include/x86emu/types.h
new file mode 100644
index 0000000..5485eea
--- /dev/null
+++ b/src/device/oprom/include/x86emu/types.h
@@ -0,0 +1,89 @@
+/****************************************************************************
+*
+*						Realmode X86 Emulator Library
+*
+*            	Copyright (C) 1996-1999 SciTech Software, Inc.
+* 				     Copyright (C) David Mosberger-Tang
+* 					   Copyright (C) 1999 Egbert Eich
+*
+*  ========================================================================
+*
+*  Permission to use, copy, modify, distribute, and sell this software and
+*  its documentation for any purpose is hereby granted without fee,
+*  provided that the above copyright notice appear in all copies and that
+*  both that copyright notice and this permission notice appear in
+*  supporting documentation, and that the name of the authors not be used
+*  in advertising or publicity pertaining to distribution of the software
+*  without specific, written prior permission.  The authors makes no
+*  representations about the suitability of this software for any purpose.
+*  It is provided "as is" without express or implied warranty.
+*
+*  THE AUTHORS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
+*  INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
+*  EVENT SHALL THE AUTHORS BE LIABLE FOR ANY SPECIAL, INDIRECT OR
+*  CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
+*  USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
+*  OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+*  PERFORMANCE OF THIS SOFTWARE.
+*
+*  ========================================================================
+*
+* Language:		ANSI C
+* Environment:	Any
+* Developer:    Kendall Bennett
+*
+* Description:  Header file for x86 emulator type definitions.
+*
+****************************************************************************/
+
+/* $XFree86: xc/extras/x86emu/include/x86emu/types.h,v 1.4 2000/09/26 15:56:44 tsi Exp $ */
+
+#ifndef __X86EMU_TYPES_H
+#define __X86EMU_TYPES_H
+
+//#ifndef IN_MODULE
+//#include <sys/types.h>
+//#endif
+
+/*
+ * The following kludge is an attempt to work around typedef conflicts with
+ * <sys/types.h>.
+ */
+#define u8   x86emuu8
+#define u16  x86emuu16
+#define u32  x86emuu32
+#define u64  x86emuu64
+#define s8   x86emus8
+#define s16  x86emus16
+#define s32  x86emus32
+#define s64  x86emus64
+#define uint x86emuuint
+#define sint x86emusint
+
+/*---------------------- Macros and type definitions ----------------------*/
+
+/* Currently only for Linux/32bit */
+#if defined(__GNUC__) && !defined(NO_LONG_LONG)
+#define __HAS_LONG_LONG__
+#endif
+
+typedef unsigned char 		u8;
+typedef unsigned short 		u16;
+typedef unsigned int 		u32;
+#ifdef __HAS_LONG_LONG__
+typedef unsigned long long 	u64;
+#endif
+
+typedef signed char 		s8;
+typedef signed short 		s16;
+typedef signed int 		s32;
+#ifdef __HAS_LONG_LONG__
+typedef signed long long 	s64;
+#endif
+
+typedef unsigned int		uint;
+typedef signed int 		sint;
+
+typedef u16 X86EMU_pioAddr;
+
+#endif	/* __X86EMU_TYPES_H */
diff --git a/src/device/oprom/include/x86emu/x86emu.h b/src/device/oprom/include/x86emu/x86emu.h
new file mode 100644
index 0000000..3ceee49
--- /dev/null
+++ b/src/device/oprom/include/x86emu/x86emu.h
@@ -0,0 +1,197 @@
+/****************************************************************************
+*
+*						Realmode X86 Emulator Library
+*
+*            	Copyright (C) 1996-1999 SciTech Software, Inc.
+* 				     Copyright (C) David Mosberger-Tang
+* 					   Copyright (C) 1999 Egbert Eich
+*
+*  ========================================================================
+*
+*  Permission to use, copy, modify, distribute, and sell this software and
+*  its documentation for any purpose is hereby granted without fee,
+*  provided that the above copyright notice appear in all copies and that
+*  both that copyright notice and this permission notice appear in
+*  supporting documentation, and that the name of the authors not be used
+*  in advertising or publicity pertaining to distribution of the software
+*  without specific, written prior permission.  The authors makes no
+*  representations about the suitability of this software for any purpose.
+*  It is provided "as is" without express or implied warranty.
+*
+*  THE AUTHORS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
+*  INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
+*  EVENT SHALL THE AUTHORS BE LIABLE FOR ANY SPECIAL, INDIRECT OR
+*  CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
+*  USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
+*  OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+*  PERFORMANCE OF THIS SOFTWARE.
+*
+*  ========================================================================
+*
+* Language:		ANSI C
+* Environment:	Any
+* Developer:    Kendall Bennett
+*
+* Description:  Header file for public specific functions.
+*               Any application linking against us should only
+*               include this header
+*
+****************************************************************************/
+/* $XFree86: xc/extras/x86emu/include/x86emu.h,v 1.2 2000/11/21 23:10:25 tsi Exp $ */
+
+#ifndef __X86EMU_X86EMU_H
+#define __X86EMU_X86EMU_H
+
+#include <stddef.h>
+#include <console/console.h>
+#if CONFIG_X86EMU_DEBUG
+#define DEBUG
+#endif
+
+#include "types.h"
+#define	X86API
+#define	X86APIP	*
+#include "regs.h"
+
+/*---------------------- Macros and type definitions ----------------------*/
+
+#pragma	pack(1)
+
+/****************************************************************************
+REMARKS:
+Data structure containing ponters to programmed I/O functions used by the
+emulator. This is used so that the user program can hook all programmed
+I/O for the emulator to handled as necessary by the user program. By
+default the emulator contains simple functions that do not do access the
+hardware in any way. To allow the emualtor access the hardware, you will
+need to override the programmed I/O functions using the X86EMU_setupPioFuncs
+function.
+
+HEADER:
+x86emu.h
+
+MEMBERS:
+inb		- Function to read a byte from an I/O port
+inw		- Function to read a word from an I/O port
+inl     - Function to read a dword from an I/O port
+outb	- Function to write a byte to an I/O port
+outw    - Function to write a word to an I/O port
+outl    - Function to write a dword to an I/O port
+****************************************************************************/
+typedef struct {
+	u8  	(X86APIP inb)(X86EMU_pioAddr addr);
+	u16 	(X86APIP inw)(X86EMU_pioAddr addr);
+	u32 	(X86APIP inl)(X86EMU_pioAddr addr);
+	void 	(X86APIP outb)(X86EMU_pioAddr addr, u8 val);
+	void 	(X86APIP outw)(X86EMU_pioAddr addr, u16 val);
+	void 	(X86APIP outl)(X86EMU_pioAddr addr, u32 val);
+	} X86EMU_pioFuncs;
+
+/****************************************************************************
+REMARKS:
+Data structure containing ponters to memory access functions used by the
+emulator. This is used so that the user program can hook all memory
+access functions as necessary for the emulator. By default the emulator
+contains simple functions that only access the internal memory of the
+emulator. If you need specialised functions to handle access to different
+types of memory (ie: hardware framebuffer accesses and BIOS memory access
+etc), you will need to override this using the X86EMU_setupMemFuncs
+function.
+
+HEADER:
+x86emu.h
+
+MEMBERS:
+rdb		- Function to read a byte from an address
+rdw		- Function to read a word from an address
+rdl     - Function to read a dword from an address
+wrb		- Function to write a byte to an address
+wrw    	- Function to write a word to an address
+wrl    	- Function to write a dword to an address
+****************************************************************************/
+typedef struct {
+	u8  	(X86APIP rdb)(u32 addr);
+	u16 	(X86APIP rdw)(u32 addr);
+	u32 	(X86APIP rdl)(u32 addr);
+	void 	(X86APIP wrb)(u32 addr, u8 val);
+	void 	(X86APIP wrw)(u32 addr, u16 val);
+	void	(X86APIP wrl)(u32 addr, u32 val);
+	} X86EMU_memFuncs;
+
+/****************************************************************************
+  Here are the default memory read and write
+  function in case they are needed as fallbacks.
+***************************************************************************/
+extern u8 X86API rdb(u32 addr);
+extern u16 X86API rdw(u32 addr);
+extern u32 X86API rdl(u32 addr);
+extern void X86API wrb(u32 addr, u8 val);
+extern void X86API wrw(u32 addr, u16 val);
+extern void X86API wrl(u32 addr, u32 val);
+
+#pragma	pack()
+
+/*--------------------- type definitions -----------------------------------*/
+
+typedef void (X86APIP X86EMU_intrFuncs)(int num);
+extern X86EMU_intrFuncs _X86EMU_intrTab[256];
+
+/*-------------------------- Function Prototypes --------------------------*/
+
+#ifdef  __cplusplus
+extern "C" {            			/* Use "C" linkage when in C++ mode */
+#endif
+
+void 	X86EMU_setupMemFuncs(X86EMU_memFuncs *funcs);
+void 	X86EMU_setupPioFuncs(X86EMU_pioFuncs *funcs);
+void 	X86EMU_setupIntrFuncs(X86EMU_intrFuncs funcs[]);
+void 	X86EMU_prepareForInt(int num);
+
+void X86EMU_setMemBase(void *base, size_t size);
+
+/* decode.c */
+
+void 	X86EMU_exec(void);
+void 	X86EMU_halt_sys(void);
+
+#if CONFIG_X86EMU_DEBUG
+#define	HALT_SYS()	\
+    	printf("halt_sys: in %s\n", __func__);	\
+	X86EMU_halt_sys();
+#else
+#define	HALT_SYS()	X86EMU_halt_sys()
+#endif
+
+/* Debug options */
+
+#define DEBUG_DECODE_F          0x000001 /* print decoded instruction  */
+#define DEBUG_TRACE_F           0x000002 /* dump regs before/after execution */
+#define DEBUG_STEP_F            0x000004
+#define DEBUG_DISASSEMBLE_F     0x000008
+#define DEBUG_BREAK_F           0x000010
+#define DEBUG_SVC_F             0x000020
+#define DEBUG_FS_F              0x000080
+#define DEBUG_PROC_F            0x000100
+#define DEBUG_SYSINT_F          0x000200 /* bios system interrupts. */
+#define DEBUG_TRACECALL_F       0x000400
+#define DEBUG_INSTRUMENT_F      0x000800
+#define DEBUG_MEM_TRACE_F       0x001000
+#define DEBUG_IO_TRACE_F        0x002000
+#define DEBUG_TRACECALL_REGS_F  0x004000
+#define DEBUG_DECODE_NOPRINT_F  0x008000
+#define DEBUG_SAVE_IP_CS_F      0x010000
+#define DEBUG_TRACEJMP_F        0x020000
+#define DEBUG_TRACEJMP_REGS_F   0x040000
+#define DEBUG_SYS_F             (DEBUG_SVC_F|DEBUG_FS_F|DEBUG_PROC_F)
+
+void 	X86EMU_trace_regs(void);
+void 	X86EMU_trace_xregs(void);
+void 	X86EMU_dump_memory(u16 seg, u16 off, u32 amt);
+int 	X86EMU_trace_on(void);
+int 	X86EMU_trace_off(void);
+
+#ifdef  __cplusplus
+}                       			/* End of "C" linkage for C++   	*/
+#endif
+
+#endif /* __X86EMU_X86EMU_H */
diff --git a/src/device/oprom/realmode/Makefile.inc b/src/device/oprom/realmode/Makefile.inc
new file mode 100644
index 0000000..fafeb2c
--- /dev/null
+++ b/src/device/oprom/realmode/Makefile.inc
@@ -0,0 +1,23 @@
+##
+## This file is part of the coreboot project.
+##
+## Copyright (C) 2012 secunet Security Networks AG
+##
+## This program is free software; you can redistribute it and/or modify
+## it under the terms of the GNU General Public License as published by
+## the Free Software Foundation; version 2 of the License.
+##
+## This program is distributed in the hope that it will be useful,
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+## GNU General Public License for more details.
+##
+## You should have received a copy of the GNU General Public License
+## along with this program; if not, write to the Free Software
+## Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
+##
+
+ramstage-$(CONFIG_PCI_OPTION_ROM_RUN_REALMODE) += x86.c
+ramstage-$(CONFIG_PCI_OPTION_ROM_RUN_REALMODE) += x86_asm.S
+ramstage-$(CONFIG_PCI_OPTION_ROM_RUN_REALMODE) += x86_interrupts.c
+
diff --git a/src/device/oprom/realmode/x86.c b/src/device/oprom/realmode/x86.c
new file mode 100644
index 0000000..6a82a69
--- /dev/null
+++ b/src/device/oprom/realmode/x86.c
@@ -0,0 +1,490 @@
+/*
+ * This file is part of the coreboot project.
+ *
+ * Copyright (C) 2007 Advanced Micro Devices, Inc.
+ * Copyright (C) 2009-2010 coresystems GmbH
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; version 2 of the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+
+#include <device/pci.h>
+#include <string.h>
+
+#include <arch/io.h>
+#include <arch/registers.h>
+#include <console/console.h>
+#include <arch/interrupt.h>
+#include <cbfs.h>
+#include <delay.h>
+#include <pc80/i8259.h>
+#include "x86.h"
+#include "vbe.h"
+#include <lib/jpeg.h>
+/* we use x86emu's register file representation */
+#include <x86emu/regs.h>
+
+/* to have a common register file for interrupt handlers */
+X86EMU_sysEnv _X86EMU_env;
+
+void (*realmode_call)(u32 addr, u32 eax, u32 ebx, u32 ecx, u32 edx,
+		u32 esi, u32 edi) __attribute__((regparm(0))) =
+						(void *)&__realmode_call;
+
+void (*realmode_interrupt)(u32 intno, u32 eax, u32 ebx, u32 ecx, u32 edx,
+		u32 esi, u32 edi) __attribute__((regparm(0))) =
+						(void *)&__realmode_interrupt;
+
+static void setup_rombios(void)
+{
+	const char date[] = "06/11/99";
+	memcpy((void *)0xffff5, &date, 8);
+
+	const char ident[] = "PCI_ISA";
+	memcpy((void *)0xfffd9, &ident, 7);
+
+	/* system model: IBM-AT */
+	write8(0xffffe, 0xfc);
+}
+
+static int (*intXX_handler[256])(void) = { NULL };
+
+static int intXX_exception_handler(void)
+{
+	/* compatibility shim */
+	struct eregs reg_info = {
+		.eax=X86_EAX,
+		.ecx=X86_ECX,
+		.edx=X86_EDX,
+		.ebx=X86_EBX,
+		.esp=X86_ESP,
+		.ebp=X86_EBP,
+		.esi=X86_ESI,
+		.edi=X86_EDI,
+		.vector=M.x86.intno,
+		.error_code=0, // FIXME: fill in
+		.eip=X86_EIP,
+		.cs=X86_CS,
+		.eflags=X86_EFLAGS
+	};
+	struct eregs *regs = &reg_info;
+
+	printk(BIOS_INFO, "Oops, exception %d while executing option rom\n",
+			regs->vector);
+	x86_exception(regs);	// Call coreboot exception handler
+
+	return 0;		// Never really returns
+}
+
+static int intXX_unknown_handler(void)
+{
+	printk(BIOS_INFO, "Unsupported software interrupt #0x%x eax 0x%x\n",
+			M.x86.intno, X86_EAX);
+
+	return -1;
+}
+
+/* setup interrupt handlers for mainboard */
+void mainboard_interrupt_handlers(int intXX, void *intXX_func)
+{
+	intXX_handler[intXX] = intXX_func;
+}
+
+static void setup_interrupt_handlers(void)
+{
+	int i;
+
+	/* The first 16 intXX functions are not BIOS services,
+	 * but the CPU-generated exceptions ("hardware interrupts")
+	 */
+	for (i = 0; i < 0x10; i++)
+		intXX_handler[i] = &intXX_exception_handler;
+
+	/* Mark all other intXX calls as unknown first */
+	for (i = 0x10; i < 0x100; i++)
+	{
+		/* If the mainboard_interrupt_handler isn't called first.
+		 */
+		if(!intXX_handler[i])
+		{
+			/* Now set the default functions that are actually
+			 * needed to initialize the option roms. This is
+			 * very slick, as it allows us to implement mainboard
+			 * specific interrupt handlers, such as the int15.
+			 */
+			switch (i) {
+			case 0x10:
+				intXX_handler[0x10] = &int10_handler;
+				break;
+			case 0x12:
+				intXX_handler[0x12] = &int12_handler;
+				break;
+			case 0x16:
+				intXX_handler[0x16] = &int16_handler;
+				break;
+			case 0x1a:
+				intXX_handler[0x1a] = &int1a_handler;
+				break;
+			default:
+				intXX_handler[i] = &intXX_unknown_handler;
+				break;
+			}
+		}
+	}
+}
+
+static void write_idt_stub(void *target, u8 intnum)
+{
+	unsigned char *codeptr;
+	codeptr = (unsigned char *) target;
+	memcpy(codeptr, &__idt_handler, (size_t)&__idt_handler_size);
+	codeptr[3] = intnum; /* modify int# in the code stub. */
+}
+
+static void setup_realmode_idt(void)
+{
+	struct realmode_idt *idts = (struct realmode_idt *) 0;
+	int i;
+
+	/* Copy IDT stub code for each interrupt. This might seem wasteful
+	 * but it is really simple
+	 */
+	 for (i = 0; i < 256; i++) {
+		idts[i].cs = 0;
+		idts[i].offset = 0x1000 + (i * (u32)&__idt_handler_size);
+		write_idt_stub((void *)((u32 )idts[i].offset), i);
+	}
+
+	/* Many option ROMs use the hard coded interrupt entry points in the
+	 * system bios. So install them at the known locations.
+	 */
+
+	/* int42 is the relocated int10 */
+	write_idt_stub((void *)0xff065, 0x42);
+	/* BIOS Int 11 Handler F000:F84D */
+	write_idt_stub((void *)0xff84d, 0x11);
+	/* BIOS Int 12 Handler F000:F841 */
+	write_idt_stub((void *)0xff841, 0x12);
+	/* BIOS Int 13 Handler F000:EC59 */
+	write_idt_stub((void *)0xfec59, 0x13);
+	/* BIOS Int 14 Handler F000:E739 */
+	write_idt_stub((void *)0xfe739, 0x14);
+	/* BIOS Int 15 Handler F000:F859 */
+	write_idt_stub((void *)0xff859, 0x15);
+	/* BIOS Int 16 Handler F000:E82E */
+	write_idt_stub((void *)0xfe82e, 0x16);
+	/* BIOS Int 17 Handler F000:EFD2 */
+	write_idt_stub((void *)0xfefd2, 0x17);
+	/* ROM BIOS Int 1A Handler F000:FE6E */
+	write_idt_stub((void *)0xffe6e, 0x1a);
+}
+
+#if CONFIG_FRAMEBUFFER_SET_VESA_MODE
+vbe_mode_info_t mode_info;
+static int mode_info_valid;
+
+int vbe_mode_info_valid(void)
+{
+	return mode_info_valid;
+}
+
+static u8 vbe_get_mode_info(vbe_mode_info_t * mi)
+{
+	printk(BIOS_DEBUG, "VBE: Getting information about VESA mode %04x\n",
+		mi->video_mode);
+	char *buffer = (char *)&__buffer;
+	u16 buffer_seg = (((unsigned long)buffer) >> 4) & 0xff00;
+	u16 buffer_adr = ((unsigned long)buffer) & 0xffff;
+	realmode_interrupt(0x10, VESA_GET_MODE_INFO, 0x0000,
+			mi->video_mode, 0x0000, buffer_seg, buffer_adr);
+	memcpy(mi->mode_info_block, buffer, sizeof(vbe_mode_info_t));
+	mode_info_valid = 1;
+	return 0;
+}
+
+static u8 vbe_set_mode(vbe_mode_info_t * mi)
+{
+	printk(BIOS_DEBUG, "VBE: Setting VESA mode %04x\n", mi->video_mode);
+	// request linear framebuffer mode
+	mi->video_mode |= (1 << 14);
+	// request clearing of framebuffer
+	mi->video_mode &= ~(1 << 15);
+	realmode_interrupt(0x10, VESA_SET_MODE, mi->video_mode,
+			0x0000, 0x0000, 0x0000, 0x0000);
+	return 0;
+}
+
+/* These two functions could probably even be generic between
+ * yabel and x86 native. TBD later.
+ */
+void vbe_set_graphics(void)
+{
+	mode_info.video_mode = (1 << 14) | CONFIG_FRAMEBUFFER_VESA_MODE;
+	vbe_get_mode_info(&mode_info);
+	unsigned char *framebuffer =
+		(unsigned char *)mode_info.vesa.phys_base_ptr;
+	printk(BIOS_DEBUG, "VBE: resolution:  %dx%d@%d\n",
+		le16_to_cpu(mode_info.vesa.x_resolution),
+		le16_to_cpu(mode_info.vesa.y_resolution),
+		mode_info.vesa.bits_per_pixel);
+	printk(BIOS_DEBUG, "VBE: framebuffer: %p\n", framebuffer);
+	if (!framebuffer) {
+		printk(BIOS_DEBUG, "VBE: Mode does not support linear "
+			"framebuffer\n");
+		return;
+	}
+
+	vbe_set_mode(&mode_info);
+#if CONFIG_BOOTSPLASH
+	struct jpeg_decdata *decdata;
+	decdata = malloc(sizeof(*decdata));
+	unsigned char *jpeg = cbfs_find_file("bootsplash.jpg",
+						CBFS_TYPE_BOOTSPLASH);
+	if (!jpeg) {
+		printk(BIOS_DEBUG, "VBE: No bootsplash found.\n");
+		return;
+	}
+	int ret = 0;
+	ret = jpeg_decode(jpeg, framebuffer, 1024, 768, 16, decdata);
+#endif
+}
+
+void vbe_textmode_console(void)
+{
+	delay(2);
+	realmode_interrupt(0x10, 0x0003, 0x0000, 0x0000,
+				0x0000, 0x0000, 0x0000);
+}
+
+void fill_lb_framebuffer(struct lb_framebuffer *framebuffer)
+{
+	framebuffer->physical_address = mode_info.vesa.phys_base_ptr;
+
+	framebuffer->x_resolution = le16_to_cpu(mode_info.vesa.x_resolution);
+	framebuffer->y_resolution = le16_to_cpu(mode_info.vesa.y_resolution);
+	framebuffer->bytes_per_line =
+				le16_to_cpu(mode_info.vesa.bytes_per_scanline);
+	framebuffer->bits_per_pixel = mode_info.vesa.bits_per_pixel;
+
+	framebuffer->red_mask_pos = mode_info.vesa.red_mask_pos;
+	framebuffer->red_mask_size = mode_info.vesa.red_mask_size;
+
+	framebuffer->green_mask_pos = mode_info.vesa.green_mask_pos;
+	framebuffer->green_mask_size = mode_info.vesa.green_mask_size;
+
+	framebuffer->blue_mask_pos = mode_info.vesa.blue_mask_pos;
+	framebuffer->blue_mask_size = mode_info.vesa.blue_mask_size;
+
+	framebuffer->reserved_mask_pos = mode_info.vesa.reserved_mask_pos;
+	framebuffer->reserved_mask_size = mode_info.vesa.reserved_mask_size;
+}
+#endif
+
+void run_bios(struct device *dev, unsigned long addr)
+{
+	u32 num_dev = (dev->bus->secondary << 8) | dev->path.pci.devfn;
+
+	/* Setting up required hardware.
+	 * Removing this will cause random illegal instruction exceptions
+	 * in some option roms.
+	 */
+	setup_i8259();
+
+	/* Set up some legacy information in the F segment */
+	setup_rombios();
+
+	/* Set up C interrupt handlers */
+	setup_interrupt_handlers();
+
+	/* Set up real-mode IDT */
+	setup_realmode_idt();
+
+	memcpy(REALMODE_BASE, &__realmode_code, (size_t)&__realmode_code_size);
+	printk(BIOS_SPEW, "Real mode stub @%p: %d bytes\n", REALMODE_BASE,
+			(u32)&__realmode_code_size);
+
+	printk(BIOS_DEBUG, "Calling Option ROM...\n");
+	/* TODO ES:DI Pointer to System BIOS PnP Installation Check Structure */
+	/* Option ROM entry point is at OPROM start + 3 */
+	realmode_call(addr + 0x0003, num_dev, 0xffff, 0x0000, 0xffff, 0x0, 0x0);
+	printk(BIOS_DEBUG, "... Option ROM returned.\n");
+
+#if CONFIG_FRAMEBUFFER_SET_VESA_MODE
+	vbe_set_graphics();
+#endif
+}
+
+#if CONFIG_GEODE_VSA
+#include <cpu/amd/lxdef.h>
+#include <cpu/amd/vr.h>
+#include <cbfs.h>
+
+#define VSA2_BUFFER		0x60000
+#define VSA2_ENTRY_POINT	0x60020
+
+// TODO move to a header file.
+void do_vsmbios(void);
+
+/* VSA virtual register helper */
+static u32 VSA_vrRead(u16 classIndex)
+{
+	u32 eax, ebx, ecx, edx;
+	asm volatile (
+		"movw	$0x0AC1C, %%dx\n"
+		"orl	$0x0FC530000, %%eax\n"
+		"outl	%%eax, %%dx\n"
+		"addb	$2, %%dl\n"
+		"inw	%%dx, %%ax\n"
+		: "=a" (eax), "=b"(ebx), "=c"(ecx), "=d"(edx)
+		: "a"(classIndex)
+	);
+
+	return eax;
+}
+
+void do_vsmbios(void)
+{
+	printk(BIOS_DEBUG, "Preparing for VSA...\n");
+
+	/* Set up C interrupt handlers */
+	setup_interrupt_handlers();
+
+	/* Setting up realmode IDT */
+	setup_realmode_idt();
+
+	memcpy(REALMODE_BASE, &__realmode_code, (size_t)&__realmode_code_size);
+	printk(BIOS_SPEW, "VSA: Real mode stub @%p: %d bytes\n", REALMODE_BASE,
+			(u32)&__realmode_code_size);
+
+	if ((unsigned int)cbfs_load_stage("vsa") != VSA2_ENTRY_POINT) {
+		printk(BIOS_ERR, "Failed to load VSA.\n");
+		return;
+	}
+
+	unsigned char *buf = (unsigned char *)VSA2_BUFFER;
+	printk(BIOS_DEBUG, "VSA: Buffer @%p *[0k]=%02x\n", buf, buf[0]);
+	printk(BIOS_DEBUG, "VSA: Signature *[0x20-0x23] is %02x:%02x:%02x:%02x\n",
+		     buf[0x20], buf[0x21], buf[0x22], buf[0x23]);
+
+	/* Check for code to emit POST code at start of VSA. */
+	if ((buf[0x20] != 0xb0) || (buf[0x21] != 0x10) ||
+	    (buf[0x22] != 0xe6) || (buf[0x23] != 0x80)) {
+		printk(BIOS_WARNING, "VSA: Signature incorrect. Install failed.\n");
+		return;
+	}
+
+	printk(BIOS_DEBUG, "Calling VSA module...\n");
+
+	/* ECX gets SMM, EDX gets SYSMEM */
+	realmode_call(VSA2_ENTRY_POINT, 0x0, 0x0, MSR_GLIU0_SMM,
+			MSR_GLIU0_SYSMEM, 0x0, 0x0);
+
+	printk(BIOS_DEBUG, "... VSA module returned.\n");
+
+	/* Restart timer 1 */
+	outb(0x56, 0x43);
+	outb(0x12, 0x41);
+
+	/* Check that VSA is running OK */
+	if (VSA_vrRead(SIGNATURE) == VSA2_SIGNATURE)
+		printk(BIOS_DEBUG, "VSM: VSA2 VR signature verified.\n");
+	else
+		printk(BIOS_ERR, "VSM: VSA2 VR signature not valid. Install failed.\n");
+}
+#endif
+
+/* interrupt_handler() is called from assembler code only,
+ * so there is no use in putting the prototype into a header file.
+ */
+int __attribute__((regparm(0))) interrupt_handler(u32 intnumber,
+	    u32 gsfs, u32 dses,
+	    u32 edi, u32 esi,
+	    u32 ebp, u32 esp,
+	    u32 ebx, u32 edx,
+	    u32 ecx, u32 eax,
+	    u32 cs_ip, u16 stackflags);
+
+int __attribute__((regparm(0))) interrupt_handler(u32 intnumber,
+	    u32 gsfs, u32 dses,
+	    u32 edi, u32 esi,
+	    u32 ebp, u32 esp,
+	    u32 ebx, u32 edx,
+	    u32 ecx, u32 eax,
+	    u32 cs_ip, u16 stackflags)
+{
+	u32 ip;
+	u32 cs;
+	u32 flags;
+	int ret = 0;
+
+	ip = cs_ip & 0xffff;
+	cs = cs_ip >> 16;
+	flags = stackflags;
+
+#if CONFIG_REALMODE_DEBUG
+	printk(BIOS_DEBUG, "oprom: INT# 0x%x\n", intnumber);
+	printk(BIOS_DEBUG, "oprom: eax: %08x ebx: %08x ecx: %08x edx: %08x\n",
+		      eax, ebx, ecx, edx);
+	printk(BIOS_DEBUG, "oprom: ebp: %08x esp: %08x edi: %08x esi: %08x\n",
+		     ebp, esp, edi, esi);
+	printk(BIOS_DEBUG, "oprom:  ip: %04x      cs: %04x   flags: %08x\n",
+		     ip, cs, flags);
+#endif
+
+	// Fetch arguments from the stack and put them to a place
+	// suitable for the interrupt handlers
+	X86_EAX = eax;
+	X86_ECX = ecx;
+	X86_EDX = edx;
+	X86_EBX = ebx;
+	X86_ESP = esp;
+	X86_EBP = ebp;
+	X86_ESI = esi;
+	X86_EDI = edi;
+	M.x86.intno = intnumber;
+	/* TODO: error_code must be stored somewhere */
+	X86_EIP = ip;
+	X86_CS = cs;
+	X86_EFLAGS = flags;
+
+	// Call the interrupt handler for this int#
+	ret = intXX_handler[intnumber]();
+
+	// Put registers back on the stack. The assembler code
+	// will later pop them.
+	// What happens here is that we force (volatile!) changing
+	// the values of the parameters of this function. We do this
+	// because we know that they stay alive on the stack after
+	// we leave this function. Don't say this is bollocks.
+	*(volatile u32 *)&eax = X86_EAX;
+	*(volatile u32 *)&ecx = X86_ECX;
+	*(volatile u32 *)&edx = X86_EDX;
+	*(volatile u32 *)&ebx = X86_EBX;
+	*(volatile u32 *)&esi = X86_ESI;
+	*(volatile u32 *)&edi = X86_EDI;
+	flags = X86_EFLAGS;
+
+	/* Pass success or error back to our caller via the CARRY flag */
+	if (ret) {
+		flags &= ~1; // no error: clear carry
+	}else{
+		printk(BIOS_DEBUG,"int%02x call returned error.\n", intnumber);
+		flags |= 1;  // error: set carry
+	}
+	*(volatile u16 *)&stackflags = flags;
+
+	/* The assembler code doesn't actually care for the return value,
+	 * but keep it around so its expectations are met */
+	return ret;
+}
+
diff --git a/src/device/oprom/realmode/x86.h b/src/device/oprom/realmode/x86.h
new file mode 100644
index 0000000..7dfa60f
--- /dev/null
+++ b/src/device/oprom/realmode/x86.h
@@ -0,0 +1,49 @@
+/*
+ * This file is part of the coreboot project.
+ *
+ * Copyright (C) 2007 Advanced Micro Devices, Inc.
+ * Copyright (C) 2009-2010 coresystems GmbH
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; version 2 of the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+
+#define REALMODE_BASE ((void *)0x600)
+
+struct realmode_idt {
+	u16 offset, cs;
+};
+
+void x86_exception(struct eregs *info);
+
+/* From x86_asm.S */
+extern unsigned char __idt_handler, __idt_handler_size;
+extern unsigned char __realmode_code, __realmode_code_size;
+extern unsigned char __realmode_call, __realmode_interrupt;
+extern unsigned char __buffer;
+
+extern void (*realmode_call)(u32 addr, u32 eax, u32 ebx, u32 ecx, u32 edx,
+		u32 esi, u32 edi) __attribute__((regparm(0)));
+
+extern void (*realmode_interrupt)(u32 intno, u32 eax, u32 ebx, u32 ecx, u32 edx,
+		u32 esi, u32 edi) __attribute__((regparm(0)));
+
+#define FAKE_MEMORY_SIZE (1024*1024) // only 1MB
+#define INITIAL_EBDA_SEGMENT 0xF600
+#define INITIAL_EBDA_SIZE 0x400
+
+int int10_handler(void);
+int int12_handler(void);
+int int16_handler(void);
+int int1a_handler(void);
+
diff --git a/src/device/oprom/realmode/x86_asm.S b/src/device/oprom/realmode/x86_asm.S
new file mode 100644
index 0000000..56ebb3a
--- /dev/null
+++ b/src/device/oprom/realmode/x86_asm.S
@@ -0,0 +1,413 @@
+/*
+ * This file is part of the coreboot project.
+ *
+ * Copyright (C) 2009-2010 coresystems GmbH
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; version 2 of the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+
+#define REALMODE_BASE		0x600
+#define RELOCATED(x)	(x - __realmode_code + REALMODE_BASE)
+
+/* CR0 bits */
+#define PE		(1 << 0)
+
+/* This is the intXX interrupt handler stub code. It gets copied
+ * to the IDT and to some fixed addresses in the F segment. Before
+ * the code can used, it gets patched up by the C function copying
+ * it: byte 3 (the $0 in movb $0, %al) is overwritten with the int#.
+ */
+
+	.code16
+	.globl __idt_handler
+__idt_handler:
+	pushal
+	movb 	$0, %al /* This instruction gets modified */
+	ljmp 	$0, $__interrupt_handler_16bit
+	.globl __idt_handler_size
+__idt_handler_size = ( . - __idt_handler)
+
+
+/* In order to be independent of coreboot's position in RAM
+ * we relocate a part of the code to the low megabyte, so the
+ * CPU can use it in real-mode. This code lives at __realmode_code.
+ */
+	.globl __realmode_code
+__realmode_code:
+
+/* Realmode IDT pointer structure. */
+	.globl __realmode_idt
+__realmode_idt = RELOCATED(.)
+	.word 1023	/* 16 bit limit */
+	.long 0		/* 24 bit base */
+	.word 0
+
+/* Preserve old stack */
+__stack = RELOCATED(.)
+	.long 0
+
+/* Register store for realmode_call and realmode_interrupt */
+__registers = RELOCATED(.)
+	.long 0 /*  0 - EAX */
+	.long 0 /*  4 - EBX */
+	.long 0 /*  8 - ECX */
+	.long 0 /* 12 - EDX */
+	.long 0 /* 16 - ESI */
+	.long 0 /* 20 - EDI */
+
+/* 256 byte buffer, used by int10 */
+	.globl __buffer
+__buffer = RELOCATED(.)
+	.skip 256
+
+	.code32
+	.globl __realmode_call
+__realmode_call = RELOCATED(.)
+	/* save all registers to the stack */
+	pusha
+	pushf
+
+	/* Move the protected mode stack pointer to a safe place */
+	movl	%esp, __stack
+	movl	%esp, %ebp
+
+	/* This function is called with regparm=0 and we have to
+	 * skip the 36 byte from pushf+pusha. Hence start at 40.
+	 */
+
+	/* entry point */
+	movl	40(%ebp), %eax
+	mov	%ax, __lcall_instr + 1
+	andl	$0xffff0000, %eax
+	shrl	$4, %eax
+	mov	%ax, __lcall_instr + 3
+
+	/* initial register values */
+	movl	44(%ebp), %eax
+	movl	%eax, __registers +  0 /* eax */
+	movl	48(%ebp), %eax
+	movl	%eax, __registers +  4 /* ebx */
+	movl	52(%ebp), %eax
+	movl	%eax, __registers +  8 /* ecx */
+	movl	56(%ebp), %eax
+	movl	%eax, __registers + 12 /* edx */
+	movl	60(%ebp), %eax
+	movl	%eax, __registers + 16 /* esi */
+	movl	64(%ebp), %eax
+	movl	%eax, __registers + 20 /* edi */
+
+	/* Activate the right segment descriptor real mode. */
+	ljmp	$0x28, $RELOCATED(1f)
+1:
+.code16
+	/* 16 bit code from here on... */
+
+	/* Load the segment registers w/ properly configured
+	 * segment descriptors. They will retain these
+	 * configurations (limits, writability, etc.) once
+	 * protected mode is turned off.
+	 */
+	mov	$0x30, %ax
+	mov	%ax, %ds
+	mov	%ax, %es
+	mov	%ax, %fs
+	mov	%ax, %gs
+	mov	%ax, %ss
+
+	/* Turn off protection */
+	movl	%cr0, %eax
+	andl	$~PE, %eax
+	movl	%eax, %cr0
+
+	/* Now really going into real mode */
+	ljmp	$0, $RELOCATED(1f)
+1:
+	/* Setup a stack: Put the stack at the end of page zero.
+	 * That way we can easily share it between real and
+	 * protected, since the 16 bit ESP at segment 0 will
+	 * work for any case. */
+	mov	$0x0, %ax
+	mov	%ax, %ss
+	movl	$0x1000, %eax
+	movl	%eax, %esp
+
+	/* Load 16 bit IDT */
+	xor	%ax, %ax
+	mov	%ax, %ds
+	lidt	__realmode_idt
+
+	/* initialize registers for option rom lcall */
+	movl	__registers +  0, %eax
+	movl	__registers +  4, %ebx
+	movl	__registers +  8, %ecx
+	movl	__registers + 12, %edx
+	movl	__registers + 16, %esi
+	movl	__registers + 20, %edi
+
+	/* Set all segments to 0x0000, ds to 0x0040 */
+	push	%ax
+	xor	%ax, %ax
+	mov	%ax, %es
+	mov	%ax, %fs
+	mov	%ax, %gs
+	mov	$0x40, %ax
+	mov	%ax, %ds
+	pop	%ax
+
+	/* ************************************ */
+__lcall_instr = RELOCATED(.)
+	.byte 0x9a
+	.word 0x0000, 0x0000
+	/* ************************************ */
+
+	/* If we got here, we are just about done.
+	 * Need to get back to protected mode.
+	 */
+	movl	%cr0, %eax
+	orl	$PE, %eax
+	movl	%eax, %cr0
+
+	/* Now that we are in protected mode
+	 * jump to a 32 bit code segment.
+	 */
+	data32	ljmp	$0x10, $RELOCATED(1f)
+1:
+	.code32
+	mov	$0x18, %ax
+	mov	%ax, %ds
+	mov	%ax, %es
+	mov	%ax, %fs
+	mov	%ax, %gs
+	mov	%ax, %ss
+
+	/* restore proper idt */
+	lidt	idtarg
+
+	/* restore stack pointer, eflags and register values */
+	movl	__stack, %esp
+	popf
+	popa
+
+	/* and exit */
+	// TODO return AX from OPROM call
+	ret
+
+	.globl __realmode_interrupt
+__realmode_interrupt = RELOCATED(.)
+	/* save all registers to the stack */
+	pusha
+	pushf
+
+	/* save the stack pointer */
+	movl	%esp, __stack
+	movl	%esp, %ebp
+
+	/* This function is called with regparm=0 and we have to
+	 * skip the 36 byte from pushf+pusha. Hence start at 40.
+	 */
+
+	/* prepare interrupt calling code */
+	movl	40(%ebp), %eax
+	movb	%al, __intXX_instr + 1 /* intno */
+
+	/* initial register values */
+	movl	44(%ebp), %eax
+	movl	%eax, __registers +  0 /* eax */
+	movl	48(%ebp), %eax
+	movl	%eax, __registers +  4 /* ebx */
+	movl	52(%ebp), %eax
+	movl	%eax, __registers +  8 /* ecx */
+	movl	56(%ebp), %eax
+	movl	%eax, __registers + 12 /* edx */
+	movl	60(%ebp), %eax
+	movl	%eax, __registers + 16 /* esi */
+	movl	64(%ebp), %eax
+	movl	%eax, __registers + 20 /* edi */
+
+	/*  This configures CS properly for real mode. */
+	ljmp 	$0x28, $RELOCATED(1f)
+1:
+	.code16 /* 16 bit code from here on... */
+
+	/* Load the segment registers w/ properly configured segment
+	 * descriptors.  They will retain these configurations (limits,
+	 * writability, etc.) once protected mode is turned off.
+	 */
+	mov	$0x30, %ax
+	mov	%ax, %ds
+	mov	%ax, %es
+	mov	%ax, %fs
+	mov	%ax, %gs
+	mov	%ax, %ss
+
+	/* Turn off protected mode */
+	movl	%cr0, %eax
+	andl	$~PE, %eax
+	movl	%eax, %cr0
+
+	/* Now really going into real mode */
+	data32 ljmp	$0, $RELOCATED(1f)
+1:
+
+	/* put the stack at the end of page zero.  That way we can easily
+	 * share it between real mode and protected mode, because %esp and
+	 * %ss:%sp point to the same memory.
+	 */
+	/* setup a stack */
+	mov	$0x0, %ax
+	mov	%ax, %ss
+	movl	$0x1000, %eax
+	movl	%eax, %esp
+
+	/* Load 16-bit intXX IDT */
+	xor	%ax, %ax
+	mov	%ax, %ds
+	lidt	__realmode_idt
+
+	/* initialize registers for intXX call */
+	movl	__registers +  0, %eax
+	movl	__registers +  4, %ebx
+	movl	__registers +  8, %ecx
+	movl	__registers + 12, %edx
+	movl	__registers + 16, %esi
+	movl	__registers + 20, %edi
+
+	/* Set all segments to 0x0000 */
+	push	%ax
+	xor	%ax, %ax
+	mov	%ax, %ds
+	mov	%ax, %es
+	mov	%ax, %fs
+	mov	%ax, %gs
+	pop	%ax
+
+__intXX_instr = RELOCATED(.)
+	.byte 0xcd, 0x00 /* This becomes intXX */
+
+	/* Ok, the job is done, now go back to protected mode coreboot */
+	movl	%cr0, %eax
+	orl	$PE, %eax
+	movl	%eax, %cr0
+
+	/* Now that we are in protected mode jump to a 32-bit code segment. */
+	data32	ljmp	$0x10, $RELOCATED(1f)
+1:
+	.code32
+	mov	$0x18, %ax
+	mov	%ax, %ds
+	mov	%ax, %es
+	mov	%ax, %fs
+	mov	%ax, %gs
+	mov	%ax, %ss
+
+	/* restore coreboot's 32-bit IDT */
+	lidt	idtarg
+
+	/* restore stack pointer, eflags and register values and exit */
+	movl	__stack, %esp
+	popf
+	popa
+	ret
+
+/* This is the 16-bit interrupt entry point called by the IDT stub code.
+ *
+ * Before this code code is called, %eax is pushed to the stack, and the
+ * interrupt number is loaded into %al. On return this function cleans up
+ * for its caller.
+ */
+	.code16
+__interrupt_handler_16bit = RELOCATED(.)
+	push	%ds
+	push	%es
+	push	%fs
+	push	%gs
+
+	/* Clear DF to not break ABI assumptions */
+	cld
+
+	/* Clean up the interrupt number. We could have done this in the stub,
+	 * but it would have cost 2 more bytes per stub entry.
+	 */
+	andl	$0xff, %eax
+	pushl	%eax		/* ... and make it the first parameter */
+
+	/* Switch to protected mode */
+	movl    %cr0, %eax
+	orl	$PE, %eax
+	movl	%eax, %cr0
+
+	/* ... and jump to a 32 bit code segment. */
+	data32 ljmp    $0x10, $RELOCATED(1f)
+1:
+	.code32
+	mov	$0x18, %ax
+	mov	%ax, %ds
+	mov	%ax, %es
+	mov	%ax, %fs
+	mov	%ax, %gs
+	mov	%ax, %ss
+
+	lidt	idtarg
+
+	/* Call the C interrupt handler */
+	movl	$interrupt_handler, %eax
+	call	*%eax
+
+	/* Now return to real mode ... */
+	ljmp	$0x28, $RELOCATED(1f)
+1:
+	.code16
+	/* Load the segment registers with properly configured segment
+	 * descriptors.  They will retain these configurations (limits,
+	 * writability, etc.) once protected mode is turned off.
+	 */
+	mov	$0x30, %ax
+	mov	%ax, %ds
+	mov	%ax, %es
+	mov	%ax, %fs
+	mov	%ax, %gs
+	mov	%ax, %ss
+
+	/* Disable Protected Mode */
+	movl	%cr0, %eax
+	andl	$~PE, %eax
+	movl	%eax, %cr0
+
+	/* Now really going into real mode */
+	ljmp $0,  $RELOCATED(1f)
+1:
+	/* Restore real-mode stack segment */
+	mov	$0x0, %ax
+	mov	%ax, %ss
+
+	/* Restore 16 bit IDT */
+	xor	%ax, %ax
+	mov	%ax, %ds
+	lidt	__realmode_idt
+
+	/* Restore all registers, including those
+	 * manipulated by the C handler
+	 */
+	popl	%eax
+	pop	%gs
+	pop	%fs
+	pop	%es
+	pop	%ds
+	popal
+	iret
+
+	.globl __realmode_code_size
+__realmode_code_size = (. - __realmode_code)
+
+	.code32
diff --git a/src/device/oprom/realmode/x86_interrupts.c b/src/device/oprom/realmode/x86_interrupts.c
new file mode 100644
index 0000000..b3764f9
--- /dev/null
+++ b/src/device/oprom/realmode/x86_interrupts.c
@@ -0,0 +1,235 @@
+/*
+ * This file is part of the coreboot project.
+ *
+ * Copyright (C) 2001 Ronald G. Minnich
+ * Copyright (C) 2005 Nick.Barker9 at btinternet.com
+ * Copyright (C) 2007-2009 coresystems GmbH
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; version 2 of the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+
+#include <device/pci.h>
+#include <device/pci_ids.h>
+#include <device/pci_ops.h>
+#include <string.h>
+#include <console/console.h>
+#include <arch/io.h>
+#include <arch/registers.h>
+#include "x86.h"
+/* we use x86emu's register file representation */
+#include <x86emu/regs.h>
+
+// errors go in AH. Just set these up so that word assigns
+// will work. KISS.
+enum {
+	PCIBIOS_SUCCESSFUL = 0x0000,
+	PCIBIOS_UNSUPPORTED = 0x8100,
+	PCIBIOS_BADVENDOR = 0x8300,
+	PCIBIOS_NODEV = 0x8600,
+	PCIBIOS_BADREG = 0x8700
+};
+
+int int10_handler(void)
+{
+	int res=0;
+	static u8 cursor_row=0, cursor_col=0;
+	switch((X86_EAX & 0xff00)>>8) {
+	case 0x01: // Set cursor shape
+		res = 1;
+		break;
+	case 0x02: // Set cursor position
+		if (cursor_row != ((X86_EDX >> 8) & 0xff) ||
+		    cursor_col >= (X86_EDX & 0xff)) {
+			printk(BIOS_INFO, "\n");
+		}
+		cursor_row = (X86_EDX >> 8) & 0xff;
+		cursor_col = X86_EDX & 0xff;
+		res = 1;
+		break;
+	case 0x03: // Get cursor position
+		X86_EAX &= 0x00ff;
+		X86_ECX = 0x0607;
+		X86_EDX = (cursor_row << 8) | cursor_col;
+		res = 1;
+		break;
+	case 0x06: // Scroll up
+		printk(BIOS_INFO, "\n");
+		res = 1;
+		break;
+	case 0x08: // Get Character and Mode at Cursor Position
+		X86_EAX = 0x0f00 | 'A'; // White on black 'A'
+		res = 1;
+		break;
+	case 0x09: // Write Character and attribute
+	case 0x0e: // Write Character
+		printk(BIOS_INFO, "%c", X86_EAX & 0xff);
+		res = 1;
+		break;
+	case 0x0f: // Get video mode
+		X86_EAX = 0x5002; //80x25
+		X86_EBX &= 0x00ff;
+		res = 1;
+		break;
+        default:
+		printk(BIOS_WARNING, "Unknown INT10 function %04x!\n",
+				X86_EAX & 0xffff);
+		break;
+	}
+	return res;
+}
+
+int int12_handler(void)
+{
+	X86_EAX = 64 * 1024;
+	return 1;
+}
+
+int int16_handler(void)
+{
+	int res=0;
+	switch((X86_EAX & 0xff00)>>8) {
+	case 0x00: // Check for Keystroke
+		X86_EAX = 0x6120; // Space Bar, Space
+		res = 1;
+		break;
+	case 0x01: // Check for Keystroke
+		X86_EFLAGS |= 1<<6; // Zero Flag set (no key available)
+		res = 1;
+		break;
+        default:
+		printk(BIOS_WARNING, "Unknown INT16 function %04x!\n",
+				X86_EAX & 0xffff);
+		break;
+	}
+	return res;
+}
+
+#define PCI_CONFIG_SPACE_TYPE1	(1 << 0)
+#define PCI_SPECIAL_CYCLE_TYPE1	(1 << 4)
+
+int int1a_handler(void)
+{
+	unsigned short func = (unsigned short)X86_EAX;
+	int retval = 1;
+	unsigned short devid, vendorid, devfn;
+	/* Use short to get rid of gabage in upper half of 32-bit register */
+	short devindex;
+	unsigned char bus;
+	struct device *dev;
+	u32 dword;
+	u16 word;
+	u8 byte, reg;
+
+	switch (func) {
+	case 0xb101: /* PCIBIOS Check */
+		X86_EDX = 0x20494350;	/* ' ICP' */
+		X86_EAX &= 0xffff0000; /* Clear AH / AL */
+		X86_EAX |= PCI_CONFIG_SPACE_TYPE1 | PCI_SPECIAL_CYCLE_TYPE1;
+		// last bus in the system. Hard code to 255 for now.
+		// dev_enumerate() does not seem to tell us (publically)
+		X86_ECX = 0xff;
+		X86_EDI = 0x00000000;	/* protected mode entry */
+		retval = 1;
+		break;
+	case 0xb102: /* Find Device */
+		devid = X86_ECX;
+		vendorid = X86_EDX;
+		devindex = X86_ESI;
+		dev = 0;
+		while ((dev = dev_find_device(vendorid, devid, dev))) {
+			if (devindex <= 0)
+				break;
+			devindex--;
+		}
+		if (dev) {
+			unsigned short busdevfn;
+			X86_EAX &= 0xffff00ff; /* Clear AH */
+			X86_EAX |= PCIBIOS_SUCCESSFUL;
+			// busnum is an unsigned char;
+			// devfn is an int, so we mask it off.
+			busdevfn = (dev->bus->secondary << 8)
+			    | (dev->path.pci.devfn & 0xff);
+			printk(BIOS_DEBUG, "0x%x: return 0x%x\n", func, busdevfn);
+			X86_EBX = busdevfn;
+			retval = 1;
+		} else {
+			X86_EAX &= 0xffff00ff; /* Clear AH */
+			X86_EAX |= PCIBIOS_NODEV;
+			retval = 0;
+		}
+		break;
+	case 0xb10a: /* Read Config Dword */
+	case 0xb109: /* Read Config Word */
+	case 0xb108: /* Read Config Byte */
+	case 0xb10d: /* Write Config Dword */
+	case 0xb10c: /* Write Config Word */
+	case 0xb10b: /* Write Config Byte */
+		devfn = X86_EBX & 0xff;
+		bus = X86_EBX >> 8;
+		reg = X86_EDI;
+		dev = dev_find_slot(bus, devfn);
+		if (!dev) {
+			printk(BIOS_DEBUG, "0x%x: BAD DEVICE bus %d devfn 0x%x\n", func, bus, devfn);
+			// Or are we supposed to return PCIBIOS_NODEV?
+			X86_EAX &= 0xffff00ff; /* Clear AH */
+			X86_EAX |= PCIBIOS_BADREG;
+			retval = 0;
+			return retval;
+		}
+		switch (func) {
+		case 0xb108: /* Read Config Byte */
+			byte = pci_read_config8(dev, reg);
+			X86_ECX = byte;
+			break;
+		case 0xb109: /* Read Config Word */
+			word = pci_read_config16(dev, reg);
+			X86_ECX = word;
+			break;
+		case 0xb10a: /* Read Config Dword */
+			dword = pci_read_config32(dev, reg);
+			X86_ECX = dword;
+			break;
+		case 0xb10b: /* Write Config Byte */
+			byte = X86_ECX;
+			pci_write_config8(dev, reg, byte);
+			break;
+		case 0xb10c: /* Write Config Word */
+			word = X86_ECX;
+			pci_write_config16(dev, reg, word);
+			break;
+		case 0xb10d: /* Write Config Dword */
+			dword = X86_ECX;
+			pci_write_config32(dev, reg, dword);
+			break;
+		}
+
+#if CONFIG_REALMODE_DEBUG
+		printk(BIOS_DEBUG, "0x%x: bus %d devfn 0x%x reg 0x%x val 0x%x\n",
+			     func, bus, devfn, reg, X86_ECX);
+#endif
+		X86_EAX &= 0xffff00ff; /* Clear AH */
+		X86_EAX |= PCIBIOS_SUCCESSFUL;
+		retval = 1;
+		break;
+	default:
+		printk(BIOS_ERR, "UNSUPPORTED PCIBIOS FUNCTION 0x%x\n", func);
+		X86_EAX &= 0xffff00ff; /* Clear AH */
+		X86_EAX |= PCIBIOS_UNSUPPORTED;
+		retval = 0;
+		break;
+	}
+
+	return retval;
+}
+
diff --git a/src/device/oprom/x86emu/LICENSE b/src/device/oprom/x86emu/LICENSE
new file mode 100644
index 0000000..a3ede4a
--- /dev/null
+++ b/src/device/oprom/x86emu/LICENSE
@@ -0,0 +1,17 @@
+                         License information
+                         -------------------
+
+The x86emu library is under a BSD style license, comaptible
+with the XFree86 and X licenses used by XFree86. The
+original x86emu libraries were under the GNU General Public
+License. Due to license incompatibilities between the GPL
+and the XFree86 license, the original authors of the code
+decided to allow a license change. If you have submitted
+code to the original x86emu project, and you don't agree
+with the license change, please contact us and let you
+know. Your code will be removed to comply with your wishes.
+
+If you have any questions about this, please send email to
+x86emu at linuxlabs.com or KendallB at scitechsoft.com for
+clarification.
+
diff --git a/src/device/oprom/x86emu/Makefile.inc b/src/device/oprom/x86emu/Makefile.inc
new file mode 100644
index 0000000..620e5f8
--- /dev/null
+++ b/src/device/oprom/x86emu/Makefile.inc
@@ -0,0 +1,7 @@
+ramstage-y += debug.c
+ramstage-y += decode.c
+ramstage-y += fpu.c
+ramstage-y += ops.c
+ramstage-y += ops2.c
+ramstage-y += prim_ops.c
+ramstage-y += sys.c
diff --git a/src/device/oprom/x86emu/debug.c b/src/device/oprom/x86emu/debug.c
new file mode 100644
index 0000000..b3f4b6e
--- /dev/null
+++ b/src/device/oprom/x86emu/debug.c
@@ -0,0 +1,434 @@
+/****************************************************************************
+*
+*                       Realmode X86 Emulator Library
+*
+*               Copyright (C) 1991-2004 SciTech Software, Inc.
+*                    Copyright (C) David Mosberger-Tang
+*                      Copyright (C) 1999 Egbert Eich
+*
+*  ========================================================================
+*
+*  Permission to use, copy, modify, distribute, and sell this software and
+*  its documentation for any purpose is hereby granted without fee,
+*  provided that the above copyright notice appear in all copies and that
+*  both that copyright notice and this permission notice appear in
+*  supporting documentation, and that the name of the authors not be used
+*  in advertising or publicity pertaining to distribution of the software
+*  without specific, written prior permission.  The authors makes no
+*  representations about the suitability of this software for any purpose.
+*  It is provided "as is" without express or implied warranty.
+*
+*  THE AUTHORS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
+*  INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
+*  EVENT SHALL THE AUTHORS BE LIABLE FOR ANY SPECIAL, INDIRECT OR
+*  CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
+*  USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
+*  OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+*  PERFORMANCE OF THIS SOFTWARE.
+*
+*  ========================================================================
+*
+* Language:     ANSI C
+* Environment:  Any
+* Developer:    Kendall Bennett
+*
+* Description:  This file contains the code to handle debugging of the
+*               emulator.
+*
+****************************************************************************/
+
+#include "x86emui.h"
+
+/*----------------------------- Implementation ----------------------------*/
+
+#ifdef DEBUG
+
+static void     print_encoded_bytes (u16 s, u16 o);
+static void     print_decoded_instruction (void);
+int      parse_line (char *s, int *ps, int *n);
+
+/* should look something like debug's output. */
+void X86EMU_trace_regs (void)
+{
+    if (DEBUG_TRACE()) {
+	if (M.x86.mode & (SYSMODE_PREFIX_DATA | SYSMODE_PREFIX_ADDR)) {
+	        x86emu_dump_xregs();
+	} else {
+	        x86emu_dump_regs();
+	}
+    }
+    if (DEBUG_DECODE() && ! DEBUG_DECODE_NOPRINT()) {
+        printf("%04x:%04x ",M.x86.saved_cs, M.x86.saved_ip);
+        print_encoded_bytes( M.x86.saved_cs, M.x86.saved_ip);
+        print_decoded_instruction();
+    }
+}
+
+void X86EMU_trace_xregs (void)
+{
+    if (DEBUG_TRACE()) {
+        x86emu_dump_xregs();
+    }
+}
+
+void x86emu_just_disassemble (void)
+{
+    /*
+     * This routine called if the flag DEBUG_DISASSEMBLE is set kind
+     * of a hack!
+     */
+    printf("%04x:%04x ",M.x86.saved_cs, M.x86.saved_ip);
+    print_encoded_bytes( M.x86.saved_cs, M.x86.saved_ip);
+    print_decoded_instruction();
+}
+
+void disassemble_forward (u16 seg, u16 off, int n)
+{
+    X86EMU_sysEnv tregs;
+    int i;
+    u8 op1;
+    /*
+     * hack, hack, hack.  What we do is use the exact machinery set up
+     * for execution, except that now there is an additional state
+     * flag associated with the "execution", and we are using a copy
+     * of the register struct.  All the major opcodes, once fully
+     * decoded, have the following two steps: TRACE_REGS(r,m);
+     * SINGLE_STEP(r,m); which disappear if DEBUG is not defined to
+     * the preprocessor.  The TRACE_REGS macro expands to:
+     *
+     * if (debug&DEBUG_DISASSEMBLE)
+     *     {just_disassemble(); goto EndOfInstruction;}
+     *     if (debug&DEBUG_TRACE) trace_regs(r,m);
+     *
+     * ......  and at the last line of the routine.
+     *
+     * EndOfInstruction: end_instr();
+     *
+     * Up to the point where TRACE_REG is expanded, NO modifications
+     * are done to any register EXCEPT the IP register, for fetch and
+     * decoding purposes.
+     *
+     * This was done for an entirely different reason, but makes a
+     * nice way to get the system to help debug codes.
+     */
+    tregs = M;
+    tregs.x86.R_IP = off;
+    tregs.x86.R_CS = seg;
+
+    /* reset the decoding buffers */
+    tregs.x86.enc_str_pos = 0;
+    tregs.x86.enc_pos = 0;
+
+    /* turn on the "disassemble only, no execute" flag */
+    tregs.x86.debug |= DEBUG_DISASSEMBLE_F;
+
+    /* DUMP NEXT n instructions to screen in straight_line fashion */
+    /*
+     * This looks like the regular instruction fetch stream, except
+     * that when this occurs, each fetched opcode, upon seeing the
+     * DEBUG_DISASSEMBLE flag set, exits immediately after decoding
+     * the instruction.  XXX --- CHECK THAT MEM IS NOT AFFECTED!!!
+     * Note the use of a copy of the register structure...
+     */
+    for (i=0; i<n; i++) {
+        op1 = (*sys_rdb)(((u32)M.x86.R_CS<<4) + (M.x86.R_IP++));
+        (x86emu_optab[op1])(op1);
+    }
+    /* end major hack mode. */
+}
+
+void x86emu_check_ip_access (void)
+{
+    /* NULL as of now */
+}
+
+void x86emu_check_sp_access (void)
+{
+}
+
+void x86emu_check_mem_access (u32 dummy)
+{
+    /*  check bounds, etc */
+}
+
+void x86emu_check_data_access (uint dummy1, uint dummy2)
+{
+    /*  check bounds, etc */
+}
+
+void x86emu_inc_decoded_inst_len (int x)
+{
+    M.x86.enc_pos += x;
+}
+
+void x86emu_decode_printf (const char *x)
+{
+    sprintf(M.x86.decoded_buf+M.x86.enc_str_pos,"%s",x);
+    M.x86.enc_str_pos += strlen(x);
+}
+
+void x86emu_decode_printf2 (const char *x, int y)
+{
+    char temp[100];
+    sprintf(temp,x,y);
+    sprintf(M.x86.decoded_buf+M.x86.enc_str_pos,"%s",temp);
+    M.x86.enc_str_pos += strlen(temp);
+}
+
+void x86emu_end_instr (void)
+{
+    M.x86.enc_str_pos = 0;
+    M.x86.enc_pos = 0;
+}
+
+static void print_encoded_bytes (u16 s, u16 o)
+{
+    int i;
+    char buf1[64];
+    for (i=0; i< M.x86.enc_pos; i++) {
+        sprintf(buf1+2*i,"%02x", fetch_data_byte_abs(s,o+i));
+    }
+    printf("%-20s ",buf1);
+}
+
+static void print_decoded_instruction (void)
+{
+    printf("%s", M.x86.decoded_buf);
+}
+
+void x86emu_print_int_vect (u16 iv)
+{
+    u16 seg,off;
+
+    if (iv > 256) return;
+    seg   = fetch_data_word_abs(0,iv*4);
+    off   = fetch_data_word_abs(0,iv*4+2);
+    printf("%04x:%04x ", seg, off);
+}
+
+void X86EMU_dump_memory (u16 seg, u16 off, u32 amt)
+{
+    u32 start = off & 0xfffffff0;
+    u32 end  = (off+16) & 0xfffffff0;
+    u32 i;
+    u32 current;
+
+    current = start;
+    while (end <= off + amt) {
+        printf("%04x:%04x ", seg, start);
+        for (i=start; i< off; i++)
+          printf("   ");
+        for (       ; i< end; i++)
+          printf("%02x ", fetch_data_byte_abs(seg,i));
+        printf("\n");
+        start = end;
+        end = start + 16;
+    }
+}
+
+void x86emu_single_step (void)
+{
+#if 0
+    char s[1024];
+    int ps[10];
+    int ntok;
+    int cmd;
+    int done;
+        int segment;
+    int offset;
+    static int breakpoint;
+    static int noDecode = 1;
+
+    char *p;
+
+        if (DEBUG_BREAK()) {
+                if (M.x86.saved_ip != breakpoint) {
+                        return;
+                } else {
+              M.x86.debug &= ~DEBUG_DECODE_NOPRINT_F;
+                        M.x86.debug |= DEBUG_TRACE_F;
+                        M.x86.debug &= ~DEBUG_BREAK_F;
+                        print_decoded_instruction ();
+                        X86EMU_trace_regs();
+                }
+        }
+    done=0;
+    offset = M.x86.saved_ip;
+    while (!done) {
+        printf("-");
+        p = fgets(s, 1023, stdin);
+        cmd = parse_line(s, ps, &ntok);
+        switch(cmd) {
+          case 'u':
+            disassemble_forward(M.x86.saved_cs,(u16)offset,10);
+            break;
+          case 'd':
+                            if (ntok == 2) {
+                                    segment = M.x86.saved_cs;
+                                    offset = ps[1];
+                                    X86EMU_dump_memory(segment,(u16)offset,16);
+                                    offset += 16;
+                            } else if (ntok == 3) {
+                                    segment = ps[1];
+                                    offset = ps[2];
+                                    X86EMU_dump_memory(segment,(u16)offset,16);
+                                    offset += 16;
+                            } else {
+                                    segment = M.x86.saved_cs;
+                                    X86EMU_dump_memory(segment,(u16)offset,16);
+                                    offset += 16;
+                            }
+            break;
+          case 'c':
+            M.x86.debug ^= DEBUG_TRACECALL_F;
+            break;
+          case 's':
+            M.x86.debug ^= DEBUG_SVC_F | DEBUG_SYS_F | DEBUG_SYSINT_F;
+            break;
+          case 'r':
+            X86EMU_trace_regs();
+            break;
+          case 'x':
+            X86EMU_trace_xregs();
+            break;
+          case 'g':
+            if (ntok == 2) {
+                breakpoint = ps[1];
+        if (noDecode) {
+                        M.x86.debug |= DEBUG_DECODE_NOPRINT_F;
+        } else {
+                        M.x86.debug &= ~DEBUG_DECODE_NOPRINT_F;
+        }
+        M.x86.debug &= ~DEBUG_TRACE_F;
+        M.x86.debug |= DEBUG_BREAK_F;
+        done = 1;
+            }
+            break;
+          case 'q':
+          M.x86.debug |= DEBUG_EXIT;
+          return;
+      case 'P':
+          noDecode = (noDecode)?0:1;
+          printf("Toggled decoding to %s\n",(noDecode)?"FALSE":"TRUE");
+          break;
+          case 't':
+      case 0:
+            done = 1;
+            break;
+        }
+    }
+#endif
+}
+
+int X86EMU_trace_on(void)
+{
+    return M.x86.debug |= DEBUG_STEP_F | DEBUG_DECODE_F | DEBUG_TRACE_F;
+}
+
+int X86EMU_trace_off(void)
+{
+    return M.x86.debug &= ~(DEBUG_STEP_F | DEBUG_DECODE_F | DEBUG_TRACE_F);
+}
+
+int parse_line (char *s, int *ps, int *n)
+{
+#if 0
+    int cmd;
+
+    *n = 0;
+    while(*s == ' ' || *s == '\t') s++;
+    ps[*n] = *s;
+    switch (*s) {
+      case '\n':
+        *n += 1;
+        return 0;
+      default:
+        cmd = *s;
+        *n += 1;
+    }
+
+    while (1) {
+        while (*s != ' ' && *s != '\t' && *s != '\n')  s++;
+
+        if (*s == '\n')
+            return cmd;
+
+        while(*s == ' ' || *s == '\t') s++;
+
+        sscanf(s,"%x",&ps[*n]);
+        *n += 1;
+    }
+#else
+    return 0;
+#endif
+}
+
+#endif /* DEBUG */
+
+void x86emu_dump_regs (void)
+{
+    printf("\tAX=%04x  ", M.x86.R_AX );
+    printf("BX=%04x  ", M.x86.R_BX );
+    printf("CX=%04x  ", M.x86.R_CX );
+    printf("DX=%04x  ", M.x86.R_DX );
+    printf("SP=%04x  ", M.x86.R_SP );
+    printf("BP=%04x  ", M.x86.R_BP );
+    printf("SI=%04x  ", M.x86.R_SI );
+    printf("DI=%04x\n", M.x86.R_DI );
+    printf("\tDS=%04x  ", M.x86.R_DS );
+    printf("ES=%04x  ", M.x86.R_ES );
+    printf("SS=%04x  ", M.x86.R_SS );
+    printf("CS=%04x  ", M.x86.R_CS );
+    printf("IP=%04x   ", M.x86.R_IP );
+    if (ACCESS_FLAG(F_OF))    printf("OV ");     /* CHECKED... */
+    else                        printf("NV ");
+    if (ACCESS_FLAG(F_DF))    printf("DN ");
+    else                        printf("UP ");
+    if (ACCESS_FLAG(F_IF))    printf("EI ");
+    else                        printf("DI ");
+    if (ACCESS_FLAG(F_SF))    printf("NG ");
+    else                        printf("PL ");
+    if (ACCESS_FLAG(F_ZF))    printf("ZR ");
+    else                        printf("NZ ");
+    if (ACCESS_FLAG(F_AF))    printf("AC ");
+    else                        printf("NA ");
+    if (ACCESS_FLAG(F_PF))    printf("PE ");
+    else                        printf("PO ");
+    if (ACCESS_FLAG(F_CF))    printf("CY ");
+    else                        printf("NC ");
+    printf("\n");
+}
+
+void x86emu_dump_xregs (void)
+{
+    printf("\tEAX=%08x  ", M.x86.R_EAX );
+    printf("EBX=%08x  ", M.x86.R_EBX );
+    printf("ECX=%08x  ", M.x86.R_ECX );
+    printf("EDX=%08x  \n", M.x86.R_EDX );
+    printf("\tESP=%08x  ", M.x86.R_ESP );
+    printf("EBP=%08x  ", M.x86.R_EBP );
+    printf("ESI=%08x  ", M.x86.R_ESI );
+    printf("EDI=%08x\n", M.x86.R_EDI );
+    printf("\tDS=%04x  ", M.x86.R_DS );
+    printf("ES=%04x  ", M.x86.R_ES );
+    printf("SS=%04x  ", M.x86.R_SS );
+    printf("CS=%04x  ", M.x86.R_CS );
+    printf("EIP=%08x\n\t", M.x86.R_EIP );
+    if (ACCESS_FLAG(F_OF))    printf("OV ");     /* CHECKED... */
+    else                        printf("NV ");
+    if (ACCESS_FLAG(F_DF))    printf("DN ");
+    else                        printf("UP ");
+    if (ACCESS_FLAG(F_IF))    printf("EI ");
+    else                        printf("DI ");
+    if (ACCESS_FLAG(F_SF))    printf("NG ");
+    else                        printf("PL ");
+    if (ACCESS_FLAG(F_ZF))    printf("ZR ");
+    else                        printf("NZ ");
+    if (ACCESS_FLAG(F_AF))    printf("AC ");
+    else                        printf("NA ");
+    if (ACCESS_FLAG(F_PF))    printf("PE ");
+    else                        printf("PO ");
+    if (ACCESS_FLAG(F_CF))    printf("CY ");
+    else                        printf("NC ");
+    printf("\n");
+}
diff --git a/src/device/oprom/x86emu/debug.h b/src/device/oprom/x86emu/debug.h
new file mode 100644
index 0000000..1b2c3a3
--- /dev/null
+++ b/src/device/oprom/x86emu/debug.h
@@ -0,0 +1,234 @@
+/****************************************************************************
+*
+*						Realmode X86 Emulator Library
+*
+*            	Copyright (C) 1996-1999 SciTech Software, Inc.
+* 				     Copyright (C) David Mosberger-Tang
+* 					   Copyright (C) 1999 Egbert Eich
+*
+*  ========================================================================
+*
+*  Permission to use, copy, modify, distribute, and sell this software and
+*  its documentation for any purpose is hereby granted without fee,
+*  provided that the above copyright notice appear in all copies and that
+*  both that copyright notice and this permission notice appear in
+*  supporting documentation, and that the name of the authors not be used
+*  in advertising or publicity pertaining to distribution of the software
+*  without specific, written prior permission.  The authors makes no
+*  representations about the suitability of this software for any purpose.
+*  It is provided "as is" without express or implied warranty.
+*
+*  THE AUTHORS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
+*  INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
+*  EVENT SHALL THE AUTHORS BE LIABLE FOR ANY SPECIAL, INDIRECT OR
+*  CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
+*  USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
+*  OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+*  PERFORMANCE OF THIS SOFTWARE.
+*
+*  ========================================================================
+*
+* Language:		ANSI C
+* Environment:	Any
+* Developer:    Kendall Bennett
+*
+* Description:  Header file for debug definitions.
+*
+****************************************************************************/
+/* $XFree86: xc/extras/x86emu/src/x86emu/x86emu/debug.h,v 1.4 2000/11/21 23:10:27 tsi Exp $ */
+
+#ifndef __X86EMU_DEBUG_H
+#define __X86EMU_DEBUG_H
+
+/*---------------------- Macros and type definitions ----------------------*/
+
+#ifdef CONFIG_DEFAULT_CONSOLE_LOGLEVEL
+/* printf is not available in coreboot... use printk */
+#define printf(x...) printk(BIOS_DEBUG, x)
+#endif
+
+/* checks to be enabled for "runtime" */
+
+#define CHECK_IP_FETCH_F                0x1
+#define CHECK_SP_ACCESS_F               0x2
+#define CHECK_MEM_ACCESS_F              0x4 /*using regular linear pointer */
+#define CHECK_DATA_ACCESS_F             0x8 /*using segment:offset*/
+
+#ifdef DEBUG
+# define CHECK_IP_FETCH()              	(M.x86.check & CHECK_IP_FETCH_F)
+# define CHECK_SP_ACCESS()             	(M.x86.check & CHECK_SP_ACCESS_F)
+# define CHECK_MEM_ACCESS()            	(M.x86.check & CHECK_MEM_ACCESS_F)
+# define CHECK_DATA_ACCESS()           	(M.x86.check & CHECK_DATA_ACCESS_F)
+#else
+# define CHECK_IP_FETCH()
+# define CHECK_SP_ACCESS()
+# define CHECK_MEM_ACCESS()
+# define CHECK_DATA_ACCESS()
+#endif
+
+#ifdef DEBUG
+# define DEBUG_INSTRUMENT()    	(M.x86.debug & DEBUG_INSTRUMENT_F)
+# define DEBUG_DECODE()        	(M.x86.debug & DEBUG_DECODE_F)
+# define DEBUG_TRACE()         	(M.x86.debug & DEBUG_TRACE_F)
+# define DEBUG_STEP()          	(M.x86.debug & DEBUG_STEP_F)
+# define DEBUG_DISASSEMBLE()   	(M.x86.debug & DEBUG_DISASSEMBLE_F)
+# define DEBUG_BREAK()         	(M.x86.debug & DEBUG_BREAK_F)
+# define DEBUG_SVC()           	(M.x86.debug & DEBUG_SVC_F)
+# define DEBUG_SAVE_IP_CS()     (M.x86.debug & DEBUG_SAVE_IP_CS_F)
+
+# define DEBUG_FS()            	(M.x86.debug & DEBUG_FS_F)
+# define DEBUG_PROC()          	(M.x86.debug & DEBUG_PROC_F)
+# define DEBUG_SYSINT()        	(M.x86.debug & DEBUG_SYSINT_F)
+# define DEBUG_TRACECALL()     	(M.x86.debug & DEBUG_TRACECALL_F)
+# define DEBUG_TRACECALLREGS() 	(M.x86.debug & DEBUG_TRACECALL_REGS_F)
+# define DEBUG_TRACEJMP()       (M.x86.debug & DEBUG_TRACEJMP_F)
+# define DEBUG_TRACEJMPREGS()   (M.x86.debug & DEBUG_TRACEJMP_REGS_F)
+# define DEBUG_SYS()           	(M.x86.debug & DEBUG_SYS_F)
+# define DEBUG_MEM_TRACE()     	(M.x86.debug & DEBUG_MEM_TRACE_F)
+# define DEBUG_IO_TRACE()      	(M.x86.debug & DEBUG_IO_TRACE_F)
+# define DEBUG_DECODE_NOPRINT() (M.x86.debug & DEBUG_DECODE_NOPRINT_F)
+#else
+# define DEBUG_INSTRUMENT()    	0
+# define DEBUG_DECODE()        	0
+# define DEBUG_TRACE()         	0
+# define DEBUG_STEP()          	0
+# define DEBUG_DISASSEMBLE()   	0
+# define DEBUG_BREAK()         	0
+# define DEBUG_SVC()           	0
+# define DEBUG_SAVE_IP_CS()     0
+# define DEBUG_FS()            	0
+# define DEBUG_PROC()          	0
+# define DEBUG_SYSINT()        	0
+# define DEBUG_TRACECALL()     	0
+# define DEBUG_TRACECALLREGS() 	0
+# define DEBUG_TRACEJMP()       0
+# define DEBUG_TRACEJMPREGS()   0
+# define DEBUG_SYS()           	0
+# define DEBUG_MEM_TRACE()     	0
+# define DEBUG_IO_TRACE()      	0
+# define DEBUG_DECODE_NOPRINT() 0
+#endif
+
+#ifdef DEBUG
+
+# define DECODE_PRINTF(x)     	if (DEBUG_DECODE()) \
+									x86emu_decode_printf(x)
+# define DECODE_PRINTF2(x,y)  	if (DEBUG_DECODE()) \
+									x86emu_decode_printf2(x,y)
+
+/*
+ * The following allow us to look at the bytes of an instruction.  The
+ * first INCR_INSTRN_LEN, is called everytime bytes are consumed in
+ * the decoding process.  The SAVE_IP_CS is called initially when the
+ * major opcode of the instruction is accessed.
+ */
+#define INC_DECODED_INST_LEN(x)                    	\
+	if (DEBUG_DECODE())  	                       	\
+		x86emu_inc_decoded_inst_len(x)
+
+#define SAVE_IP_CS(x,y)                               			\
+	if (DEBUG_DECODE() | DEBUG_TRACECALL() | DEBUG_BREAK() \
+              | DEBUG_IO_TRACE() | DEBUG_SAVE_IP_CS()) { \
+		M.x86.saved_cs = x;                          			\
+		M.x86.saved_ip = y;                          			\
+	}
+#else
+# define INC_DECODED_INST_LEN(x)
+# define DECODE_PRINTF(x)
+# define DECODE_PRINTF2(x,y)
+# define SAVE_IP_CS(x,y)
+#endif
+
+#ifdef DEBUG
+#define TRACE_REGS()                                   		\
+	if (DEBUG_DISASSEMBLE()) {                         		\
+		x86emu_just_disassemble();                        	\
+		goto EndOfTheInstructionProcedure;             		\
+	}                                                   	\
+	if (DEBUG_TRACE() || DEBUG_DECODE()) X86EMU_trace_regs()
+#else
+# define TRACE_REGS()
+#endif
+
+#ifdef DEBUG
+# define SINGLE_STEP()		if (DEBUG_STEP()) x86emu_single_step()
+#else
+# define SINGLE_STEP()
+#endif
+
+#define TRACE_AND_STEP()	\
+	TRACE_REGS();			\
+	SINGLE_STEP()
+
+#ifdef DEBUG
+# define START_OF_INSTR()
+# define END_OF_INSTR()		EndOfTheInstructionProcedure: x86emu_end_instr();
+# define END_OF_INSTR_NO_TRACE()	x86emu_end_instr();
+#else
+# define START_OF_INSTR()
+# define END_OF_INSTR()
+# define END_OF_INSTR_NO_TRACE()
+#endif
+
+#ifdef DEBUG
+# define  CALL_TRACE(u,v,w,x,s)                                 \
+	if (DEBUG_TRACECALLREGS())									\
+		x86emu_dump_regs();                                     \
+	if (DEBUG_TRACECALL())                                     	\
+		printf("%04x:%04x: CALL %s%04x:%04x\n", u , v, s, w, x);
+# define RETURN_TRACE(u,v,w,x,s)                                    \
+	if (DEBUG_TRACECALLREGS())									\
+		x86emu_dump_regs();                                     \
+	if (DEBUG_TRACECALL())                                     	\
+		printf("%04x:%04x: RET %s %04x:%04x\n",u,v,s,w,x);
+# define  JMP_TRACE(u,v,w,x,s)                                 \
+   if (DEBUG_TRACEJMPREGS()) \
+      x86emu_dump_regs(); \
+   if (DEBUG_TRACEJMP()) \
+      printf("%04x:%04x: JMP %s%04x:%04x\n", u , v, s, w, x);
+#else
+# define CALL_TRACE(u,v,w,x,s)
+# define RETURN_TRACE(u,v,w,x,s)
+# define  JMP_TRACE(u,v,w,x,s)
+#endif
+
+#ifdef DEBUG
+#define	DB(x)	x
+#else
+#define	DB(x)
+#endif
+
+#ifdef DEBUG
+#define X86EMU_DEBUG_ONLY(x) x
+#else
+#define X86EMU_DEBUG_ONLY(x) X86EMU_UNUSED(x)
+#endif
+
+/*-------------------------- Function Prototypes --------------------------*/
+
+#ifdef  __cplusplus
+extern "C" {            			/* Use "C" linkage when in C++ mode */
+#endif
+
+void x86emu_inc_decoded_inst_len (int x);
+void x86emu_decode_printf (const char *x);
+void x86emu_decode_printf2 (const char *x, int y);
+void x86emu_just_disassemble (void);
+void x86emu_single_step (void);
+void x86emu_end_instr (void);
+void x86emu_dump_regs (void);
+void x86emu_dump_xregs (void);
+void x86emu_print_int_vect (u16 iv);
+void x86emu_instrument_instruction (void);
+void x86emu_check_ip_access (void);
+void x86emu_check_sp_access (void);
+void x86emu_check_mem_access (u32 p);
+void x86emu_check_data_access (uint s, uint o);
+
+void disassemble_forward (u16 seg, u16 off, int n);
+
+#ifdef  __cplusplus
+}                       			/* End of "C" linkage for C++   	*/
+#endif
+
+#endif /* __X86EMU_DEBUG_H */
diff --git a/src/device/oprom/x86emu/decode.c b/src/device/oprom/x86emu/decode.c
new file mode 100644
index 0000000..ed96dc6
--- /dev/null
+++ b/src/device/oprom/x86emu/decode.c
@@ -0,0 +1,1149 @@
+/****************************************************************************
+*
+*                       Realmode X86 Emulator Library
+*
+*               Copyright (C) 1991-2004 SciTech Software, Inc.
+*                    Copyright (C) David Mosberger-Tang
+*                      Copyright (C) 1999 Egbert Eich
+*
+*  ========================================================================
+*
+*  Permission to use, copy, modify, distribute, and sell this software and
+*  its documentation for any purpose is hereby granted without fee,
+*  provided that the above copyright notice appear in all copies and that
+*  both that copyright notice and this permission notice appear in
+*  supporting documentation, and that the name of the authors not be used
+*  in advertising or publicity pertaining to distribution of the software
+*  without specific, written prior permission.  The authors makes no
+*  representations about the suitability of this software for any purpose.
+*  It is provided "as is" without express or implied warranty.
+*
+*  THE AUTHORS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
+*  INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
+*  EVENT SHALL THE AUTHORS BE LIABLE FOR ANY SPECIAL, INDIRECT OR
+*  CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
+*  USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
+*  OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+*  PERFORMANCE OF THIS SOFTWARE.
+*
+*  ========================================================================
+*
+* Language:     ANSI C
+* Environment:  Any
+* Developer:    Kendall Bennett
+*
+* Description:  This file includes subroutines which are related to
+*               instruction decoding and accessess of immediate data via IP.  etc.
+*
+****************************************************************************/
+
+#include "x86emui.h"
+
+/*----------------------------- Implementation ----------------------------*/
+
+/****************************************************************************
+REMARKS:
+Handles any pending asychronous interrupts.
+****************************************************************************/
+static void x86emu_intr_handle(void)
+{
+    u8  intno;
+
+    if (M.x86.intr & INTR_SYNCH) {
+        intno = M.x86.intno;
+        if (_X86EMU_intrTab[intno]) {
+            (*_X86EMU_intrTab[intno])(intno);
+        } else {
+            push_word((u16)M.x86.R_FLG);
+            CLEAR_FLAG(F_IF);
+            CLEAR_FLAG(F_TF);
+            push_word(M.x86.R_CS);
+            M.x86.R_CS = mem_access_word(intno * 4 + 2);
+            push_word(M.x86.R_IP);
+            M.x86.R_IP = mem_access_word(intno * 4);
+            M.x86.intr = 0;
+        }
+    }
+}
+
+/****************************************************************************
+PARAMETERS:
+intrnum - Interrupt number to raise
+
+REMARKS:
+Raise the specified interrupt to be handled before the execution of the
+next instruction.
+****************************************************************************/
+void x86emu_intr_raise(
+    u8 intrnum)
+{
+    printf("%s, raising exeception %x\n", __func__, intrnum);
+    x86emu_dump_regs();
+    M.x86.intno = intrnum;
+    M.x86.intr |= INTR_SYNCH;
+}
+
+/****************************************************************************
+REMARKS:
+Main execution loop for the emulator. We return from here when the system
+halts, which is normally caused by a stack fault when we return from the
+original real mode call.
+****************************************************************************/
+void X86EMU_exec(void)
+{
+    u8 op1;
+
+    M.x86.intr = 0;
+    DB(x86emu_end_instr();)
+
+    for (;;) {
+DB(     if (CHECK_IP_FETCH())
+            x86emu_check_ip_access();)
+        /* If debugging, save the IP and CS values. */
+        SAVE_IP_CS(M.x86.R_CS, M.x86.R_IP);
+        INC_DECODED_INST_LEN(1);
+        if (M.x86.intr) {
+            if (M.x86.intr & INTR_HALTED) {
+DB(             if (M.x86.R_SP != 0) {
+                    printf("halted\n");
+                    X86EMU_trace_regs();
+                    }
+                else {
+                    if (M.x86.debug)
+                        printf("Service completed successfully\n");
+                    })
+                return;
+            }
+            if (((M.x86.intr & INTR_SYNCH) && (M.x86.intno == 0 || M.x86.intno == 2)) ||
+                !ACCESS_FLAG(F_IF)) {
+                x86emu_intr_handle();
+            }
+        }
+        op1 = (*sys_rdb)(((u32)M.x86.R_CS << 4) + (M.x86.R_IP++));
+        (*x86emu_optab[op1])(op1);
+        //if (M.x86.debug & DEBUG_EXIT) {
+        //    M.x86.debug &= ~DEBUG_EXIT;
+        //    return;
+        //}
+    }
+}
+
+/****************************************************************************
+REMARKS:
+Halts the system by setting the halted system flag.
+****************************************************************************/
+void X86EMU_halt_sys(void)
+{
+    M.x86.intr |= INTR_HALTED;
+}
+
+/****************************************************************************
+PARAMETERS:
+mod     - Mod value from decoded byte
+regh    - Reg h value from decoded byte
+regl    - Reg l value from decoded byte
+
+REMARKS:
+Raise the specified interrupt to be handled before the execution of the
+next instruction.
+
+NOTE: Do not inline this function, as (*sys_rdb) is already inline!
+****************************************************************************/
+void fetch_decode_modrm(
+    int *mod,
+    int *regh,
+    int *regl)
+{
+    int fetched;
+
+DB( if (CHECK_IP_FETCH())
+        x86emu_check_ip_access();)
+    fetched = (*sys_rdb)(((u32)M.x86.R_CS << 4) + (M.x86.R_IP++));
+    INC_DECODED_INST_LEN(1);
+    *mod  = (fetched >> 6) & 0x03;
+    *regh = (fetched >> 3) & 0x07;
+    *regl = (fetched >> 0) & 0x07;
+}
+
+/****************************************************************************
+RETURNS:
+Immediate byte value read from instruction queue
+
+REMARKS:
+This function returns the immediate byte from the instruction queue, and
+moves the instruction pointer to the next value.
+
+NOTE: Do not inline this function, as (*sys_rdb) is already inline!
+****************************************************************************/
+u8 fetch_byte_imm(void)
+{
+    u8 fetched;
+
+DB( if (CHECK_IP_FETCH())
+        x86emu_check_ip_access();)
+    fetched = (*sys_rdb)(((u32)M.x86.R_CS << 4) + (M.x86.R_IP++));
+    INC_DECODED_INST_LEN(1);
+    return fetched;
+}
+
+/****************************************************************************
+RETURNS:
+Immediate word value read from instruction queue
+
+REMARKS:
+This function returns the immediate byte from the instruction queue, and
+moves the instruction pointer to the next value.
+
+NOTE: Do not inline this function, as (*sys_rdw) is already inline!
+****************************************************************************/
+u16 fetch_word_imm(void)
+{
+    u16 fetched;
+
+DB( if (CHECK_IP_FETCH())
+        x86emu_check_ip_access();)
+    fetched = (*sys_rdw)(((u32)M.x86.R_CS << 4) + (M.x86.R_IP));
+    M.x86.R_IP += 2;
+    INC_DECODED_INST_LEN(2);
+    return fetched;
+}
+
+/****************************************************************************
+RETURNS:
+Immediate lone value read from instruction queue
+
+REMARKS:
+This function returns the immediate byte from the instruction queue, and
+moves the instruction pointer to the next value.
+
+NOTE: Do not inline this function, as (*sys_rdw) is already inline!
+****************************************************************************/
+u32 fetch_long_imm(void)
+{
+    u32 fetched;
+
+DB( if (CHECK_IP_FETCH())
+        x86emu_check_ip_access();)
+    fetched = (*sys_rdl)(((u32)M.x86.R_CS << 4) + (M.x86.R_IP));
+    M.x86.R_IP += 4;
+    INC_DECODED_INST_LEN(4);
+    return fetched;
+}
+
+/****************************************************************************
+RETURNS:
+Value of the default data segment
+
+REMARKS:
+Inline function that returns the default data segment for the current
+instruction.
+
+On the x86 processor, the default segment is not always DS if there is
+no segment override. Address modes such as -3[BP] or 10[BP+SI] all refer to
+addresses relative to SS (ie: on the stack). So, at the minimum, all
+decodings of addressing modes would have to set/clear a bit describing
+whether the access is relative to DS or SS.  That is the function of the
+cpu-state-varible M.x86.mode. There are several potential states:
+
+    repe prefix seen  (handled elsewhere)
+    repne prefix seen  (ditto)
+
+    cs segment override
+    ds segment override
+    es segment override
+    fs segment override
+    gs segment override
+    ss segment override
+
+    ds/ss select (in absense of override)
+
+Each of the above 7 items are handled with a bit in the mode field.
+****************************************************************************/
+_INLINE u32 get_data_segment(void)
+{
+#define GET_SEGMENT(segment)
+    switch (M.x86.mode & SYSMODE_SEGMASK) {
+      case 0:                   /* default case: use ds register */
+      case SYSMODE_SEGOVR_DS:
+      case SYSMODE_SEGOVR_DS | SYSMODE_SEG_DS_SS:
+        return  M.x86.R_DS;
+      case SYSMODE_SEG_DS_SS:   /* non-overridden, use ss register */
+        return  M.x86.R_SS;
+      case SYSMODE_SEGOVR_CS:
+      case SYSMODE_SEGOVR_CS | SYSMODE_SEG_DS_SS:
+        return  M.x86.R_CS;
+      case SYSMODE_SEGOVR_ES:
+      case SYSMODE_SEGOVR_ES | SYSMODE_SEG_DS_SS:
+        return  M.x86.R_ES;
+      case SYSMODE_SEGOVR_FS:
+      case SYSMODE_SEGOVR_FS | SYSMODE_SEG_DS_SS:
+        return  M.x86.R_FS;
+      case SYSMODE_SEGOVR_GS:
+      case SYSMODE_SEGOVR_GS | SYSMODE_SEG_DS_SS:
+        return  M.x86.R_GS;
+      case SYSMODE_SEGOVR_SS:
+      case SYSMODE_SEGOVR_SS | SYSMODE_SEG_DS_SS:
+        return  M.x86.R_SS;
+      default:
+#ifdef  DEBUG
+        printf("error: should not happen:  multiple overrides.\n");
+#endif
+        HALT_SYS();
+        return 0;
+    }
+}
+
+/****************************************************************************
+PARAMETERS:
+offset  - Offset to load data from
+
+RETURNS:
+Byte value read from the absolute memory location.
+
+NOTE: Do not inline this function as (*sys_rdX) is already inline!
+****************************************************************************/
+u8 fetch_data_byte(
+    uint offset)
+{
+#ifdef DEBUG
+    if (CHECK_DATA_ACCESS())
+        x86emu_check_data_access((u16)get_data_segment(), offset);
+#endif
+    return (*sys_rdb)((get_data_segment() << 4) + offset);
+}
+
+/****************************************************************************
+PARAMETERS:
+offset  - Offset to load data from
+
+RETURNS:
+Word value read from the absolute memory location.
+
+NOTE: Do not inline this function as (*sys_rdX) is already inline!
+****************************************************************************/
+u16 fetch_data_word(
+    uint offset)
+{
+#ifdef DEBUG
+    if (CHECK_DATA_ACCESS())
+        x86emu_check_data_access((u16)get_data_segment(), offset);
+#endif
+    return (*sys_rdw)((get_data_segment() << 4) + offset);
+}
+
+/****************************************************************************
+PARAMETERS:
+offset  - Offset to load data from
+
+RETURNS:
+Long value read from the absolute memory location.
+
+NOTE: Do not inline this function as (*sys_rdX) is already inline!
+****************************************************************************/
+u32 fetch_data_long(
+    uint offset)
+{
+#ifdef DEBUG
+    if (CHECK_DATA_ACCESS())
+        x86emu_check_data_access((u16)get_data_segment(), offset);
+#endif
+    return (*sys_rdl)((get_data_segment() << 4) + offset);
+}
+
+/****************************************************************************
+PARAMETERS:
+segment - Segment to load data from
+offset  - Offset to load data from
+
+RETURNS:
+Byte value read from the absolute memory location.
+
+NOTE: Do not inline this function as (*sys_rdX) is already inline!
+****************************************************************************/
+u8 fetch_data_byte_abs(
+    uint segment,
+    uint offset)
+{
+#ifdef DEBUG
+    if (CHECK_DATA_ACCESS())
+        x86emu_check_data_access(segment, offset);
+#endif
+    return (*sys_rdb)(((u32)segment << 4) + offset);
+}
+
+/****************************************************************************
+PARAMETERS:
+segment - Segment to load data from
+offset  - Offset to load data from
+
+RETURNS:
+Word value read from the absolute memory location.
+
+NOTE: Do not inline this function as (*sys_rdX) is already inline!
+****************************************************************************/
+u16 fetch_data_word_abs(
+    uint segment,
+    uint offset)
+{
+#ifdef DEBUG
+    if (CHECK_DATA_ACCESS())
+        x86emu_check_data_access(segment, offset);
+#endif
+    return (*sys_rdw)(((u32)segment << 4) + offset);
+}
+
+/****************************************************************************
+PARAMETERS:
+segment - Segment to load data from
+offset  - Offset to load data from
+
+RETURNS:
+Long value read from the absolute memory location.
+
+NOTE: Do not inline this function as (*sys_rdX) is already inline!
+****************************************************************************/
+u32 fetch_data_long_abs(
+    uint segment,
+    uint offset)
+{
+#ifdef DEBUG
+    if (CHECK_DATA_ACCESS())
+        x86emu_check_data_access(segment, offset);
+#endif
+    return (*sys_rdl)(((u32)segment << 4) + offset);
+}
+
+/****************************************************************************
+PARAMETERS:
+offset  - Offset to store data at
+val     - Value to store
+
+REMARKS:
+Writes a word value to an segmented memory location. The segment used is
+the current 'default' segment, which may have been overridden.
+
+NOTE: Do not inline this function as (*sys_wrX) is already inline!
+****************************************************************************/
+void store_data_byte(
+    uint offset,
+    u8 val)
+{
+#ifdef DEBUG
+    if (CHECK_DATA_ACCESS())
+        x86emu_check_data_access((u16)get_data_segment(), offset);
+#endif
+    (*sys_wrb)((get_data_segment() << 4) + offset, val);
+}
+
+/****************************************************************************
+PARAMETERS:
+offset  - Offset to store data at
+val     - Value to store
+
+REMARKS:
+Writes a word value to an segmented memory location. The segment used is
+the current 'default' segment, which may have been overridden.
+
+NOTE: Do not inline this function as (*sys_wrX) is already inline!
+****************************************************************************/
+void store_data_word(
+    uint offset,
+    u16 val)
+{
+#ifdef DEBUG
+    if (CHECK_DATA_ACCESS())
+        x86emu_check_data_access((u16)get_data_segment(), offset);
+#endif
+    (*sys_wrw)((get_data_segment() << 4) + offset, val);
+}
+
+/****************************************************************************
+PARAMETERS:
+offset  - Offset to store data at
+val     - Value to store
+
+REMARKS:
+Writes a long value to an segmented memory location. The segment used is
+the current 'default' segment, which may have been overridden.
+
+NOTE: Do not inline this function as (*sys_wrX) is already inline!
+****************************************************************************/
+void store_data_long(
+    uint offset,
+    u32 val)
+{
+#ifdef DEBUG
+    if (CHECK_DATA_ACCESS())
+        x86emu_check_data_access((u16)get_data_segment(), offset);
+#endif
+    (*sys_wrl)((get_data_segment() << 4) + offset, val);
+}
+
+/****************************************************************************
+PARAMETERS:
+segment - Segment to store data at
+offset  - Offset to store data at
+val     - Value to store
+
+REMARKS:
+Writes a byte value to an absolute memory location.
+
+NOTE: Do not inline this function as (*sys_wrX) is already inline!
+****************************************************************************/
+void store_data_byte_abs(
+    uint segment,
+    uint offset,
+    u8 val)
+{
+#ifdef DEBUG
+    if (CHECK_DATA_ACCESS())
+        x86emu_check_data_access(segment, offset);
+#endif
+    (*sys_wrb)(((u32)segment << 4) + offset, val);
+}
+
+/****************************************************************************
+PARAMETERS:
+segment - Segment to store data at
+offset  - Offset to store data at
+val     - Value to store
+
+REMARKS:
+Writes a word value to an absolute memory location.
+
+NOTE: Do not inline this function as (*sys_wrX) is already inline!
+****************************************************************************/
+void store_data_word_abs(
+    uint segment,
+    uint offset,
+    u16 val)
+{
+#ifdef DEBUG
+    if (CHECK_DATA_ACCESS())
+        x86emu_check_data_access(segment, offset);
+#endif
+    (*sys_wrw)(((u32)segment << 4) + offset, val);
+}
+
+/****************************************************************************
+PARAMETERS:
+segment - Segment to store data at
+offset  - Offset to store data at
+val     - Value to store
+
+REMARKS:
+Writes a long value to an absolute memory location.
+
+NOTE: Do not inline this function as (*sys_wrX) is already inline!
+****************************************************************************/
+void store_data_long_abs(
+    uint segment,
+    uint offset,
+    u32 val)
+{
+#ifdef DEBUG
+    if (CHECK_DATA_ACCESS())
+        x86emu_check_data_access(segment, offset);
+#endif
+    (*sys_wrl)(((u32)segment << 4) + offset, val);
+}
+
+/****************************************************************************
+PARAMETERS:
+reg - Register to decode
+
+RETURNS:
+Pointer to the appropriate register
+
+REMARKS:
+Return a pointer to the register given by the R/RM field of the
+modrm byte, for byte operands. Also enables the decoding of instructions.
+****************************************************************************/
+u8* decode_rm_byte_register(
+    int reg)
+{
+    switch (reg) {
+      case 0:
+        DECODE_PRINTF("AL");
+        return &M.x86.R_AL;
+      case 1:
+        DECODE_PRINTF("CL");
+        return &M.x86.R_CL;
+      case 2:
+        DECODE_PRINTF("DL");
+        return &M.x86.R_DL;
+      case 3:
+        DECODE_PRINTF("BL");
+        return &M.x86.R_BL;
+      case 4:
+        DECODE_PRINTF("AH");
+        return &M.x86.R_AH;
+      case 5:
+        DECODE_PRINTF("CH");
+        return &M.x86.R_CH;
+      case 6:
+        DECODE_PRINTF("DH");
+        return &M.x86.R_DH;
+      case 7:
+        DECODE_PRINTF("BH");
+        return &M.x86.R_BH;
+    }
+    HALT_SYS();
+    return NULL;                /* NOT REACHED OR REACHED ON ERROR */
+}
+
+/****************************************************************************
+PARAMETERS:
+reg - Register to decode
+
+RETURNS:
+Pointer to the appropriate register
+
+REMARKS:
+Return a pointer to the register given by the R/RM field of the
+modrm byte, for word operands.  Also enables the decoding of instructions.
+****************************************************************************/
+u16* decode_rm_word_register(
+    int reg)
+{
+    switch (reg) {
+      case 0:
+        DECODE_PRINTF("AX");
+        return &M.x86.R_AX;
+      case 1:
+        DECODE_PRINTF("CX");
+        return &M.x86.R_CX;
+      case 2:
+        DECODE_PRINTF("DX");
+        return &M.x86.R_DX;
+      case 3:
+        DECODE_PRINTF("BX");
+        return &M.x86.R_BX;
+      case 4:
+        DECODE_PRINTF("SP");
+        return &M.x86.R_SP;
+      case 5:
+        DECODE_PRINTF("BP");
+        return &M.x86.R_BP;
+      case 6:
+        DECODE_PRINTF("SI");
+        return &M.x86.R_SI;
+      case 7:
+        DECODE_PRINTF("DI");
+        return &M.x86.R_DI;
+    }
+    HALT_SYS();
+    return NULL;                /* NOTREACHED OR REACHED ON ERROR */
+}
+
+/****************************************************************************
+PARAMETERS:
+reg - Register to decode
+
+RETURNS:
+Pointer to the appropriate register
+
+REMARKS:
+Return a pointer to the register given by the R/RM field of the
+modrm byte, for dword operands.  Also enables the decoding of instructions.
+****************************************************************************/
+u32* decode_rm_long_register(
+    int reg)
+{
+    switch (reg) {
+      case 0:
+        DECODE_PRINTF("EAX");
+        return &M.x86.R_EAX;
+      case 1:
+        DECODE_PRINTF("ECX");
+        return &M.x86.R_ECX;
+      case 2:
+        DECODE_PRINTF("EDX");
+        return &M.x86.R_EDX;
+      case 3:
+        DECODE_PRINTF("EBX");
+        return &M.x86.R_EBX;
+      case 4:
+        DECODE_PRINTF("ESP");
+        return &M.x86.R_ESP;
+      case 5:
+        DECODE_PRINTF("EBP");
+        return &M.x86.R_EBP;
+      case 6:
+        DECODE_PRINTF("ESI");
+        return &M.x86.R_ESI;
+      case 7:
+        DECODE_PRINTF("EDI");
+        return &M.x86.R_EDI;
+    }
+    HALT_SYS();
+    return NULL;                /* NOTREACHED OR REACHED ON ERROR */
+}
+
+/****************************************************************************
+PARAMETERS:
+reg - Register to decode
+
+RETURNS:
+Pointer to the appropriate register
+
+REMARKS:
+Return a pointer to the register given by the R/RM field of the
+modrm byte, for word operands, modified from above for the weirdo
+special case of segreg operands.  Also enables the decoding of instructions.
+****************************************************************************/
+u16* decode_rm_seg_register(
+    int reg)
+{
+    switch (reg) {
+      case 0:
+        DECODE_PRINTF("ES");
+        return &M.x86.R_ES;
+      case 1:
+        DECODE_PRINTF("CS");
+        return &M.x86.R_CS;
+      case 2:
+        DECODE_PRINTF("SS");
+        return &M.x86.R_SS;
+      case 3:
+        DECODE_PRINTF("DS");
+        return &M.x86.R_DS;
+      case 4:
+        DECODE_PRINTF("FS");
+        return &M.x86.R_FS;
+      case 5:
+        DECODE_PRINTF("GS");
+        return &M.x86.R_GS;
+      case 6:
+      case 7:
+        DECODE_PRINTF("ILLEGAL SEGREG");
+        break;
+    }
+    HALT_SYS();
+    return NULL;                /* NOT REACHED OR REACHED ON ERROR */
+}
+
+/****************************************************************************
+PARAMETERS:
+scale - scale value of SIB byte
+index - index value of SIB byte
+
+RETURNS:
+Value of scale * index
+
+REMARKS:
+Decodes scale/index of SIB byte and returns relevant offset part of
+effective address.
+****************************************************************************/
+static unsigned decode_sib_si(
+    int scale,
+    int index)
+{
+    scale = 1 << scale;
+    if (scale > 1) {
+        DECODE_PRINTF2("[%d*", scale);
+    } else {
+        DECODE_PRINTF("[");
+    }
+    switch (index) {
+      case 0:
+        DECODE_PRINTF("EAX]");
+        return M.x86.R_EAX * index;
+      case 1:
+        DECODE_PRINTF("ECX]");
+        return M.x86.R_ECX * index;
+      case 2:
+        DECODE_PRINTF("EDX]");
+        return M.x86.R_EDX * index;
+      case 3:
+        DECODE_PRINTF("EBX]");
+        return M.x86.R_EBX * index;
+      case 4:
+        DECODE_PRINTF("0]");
+        return 0;
+      case 5:
+        DECODE_PRINTF("EBP]");
+        return M.x86.R_EBP * index;
+      case 6:
+        DECODE_PRINTF("ESI]");
+        return M.x86.R_ESI * index;
+      case 7:
+        DECODE_PRINTF("EDI]");
+        return M.x86.R_EDI * index;
+    }
+    HALT_SYS();
+    return 0;                   /* NOT REACHED OR REACHED ON ERROR */
+}
+
+/****************************************************************************
+PARAMETERS:
+mod - MOD value of preceding ModR/M byte
+
+RETURNS:
+Offset in memory for the address decoding
+
+REMARKS:
+Decodes SIB addressing byte and returns calculated effective address.
+****************************************************************************/
+static unsigned decode_sib_address(
+    int mod)
+{
+    int sib   = fetch_byte_imm();
+    int ss    = (sib >> 6) & 0x03;
+    int index = (sib >> 3) & 0x07;
+    int base  = sib & 0x07;
+    int offset = 0;
+    int displacement;
+
+    switch (base) {
+      case 0:
+        DECODE_PRINTF("[EAX]");
+        offset = M.x86.R_EAX;
+        break;
+      case 1:
+        DECODE_PRINTF("[ECX]");
+        offset = M.x86.R_ECX;
+        break;
+      case 2:
+        DECODE_PRINTF("[EDX]");
+        offset = M.x86.R_EDX;
+        break;
+      case 3:
+        DECODE_PRINTF("[EBX]");
+        offset = M.x86.R_EBX;
+        break;
+      case 4:
+        DECODE_PRINTF("[ESP]");
+        offset = M.x86.R_ESP;
+        break;
+      case 5:
+        switch (mod) {
+          case 0:
+            displacement = (s32)fetch_long_imm();
+            DECODE_PRINTF2("[%d]", displacement);
+            offset = displacement;
+            break;
+          case 1:
+            displacement = (s8)fetch_byte_imm();
+            DECODE_PRINTF2("[%d][EBP]", displacement);
+            offset = M.x86.R_EBP + displacement;
+            break;
+          case 2:
+            displacement = (s32)fetch_long_imm();
+            DECODE_PRINTF2("[%d][EBP]", displacement);
+            offset = M.x86.R_EBP + displacement;
+            break;
+          default:
+            HALT_SYS();
+        }
+        DECODE_PRINTF("[EAX]");
+        offset = M.x86.R_EAX;
+        break;
+      case 6:
+        DECODE_PRINTF("[ESI]");
+        offset = M.x86.R_ESI;
+        break;
+      case 7:
+        DECODE_PRINTF("[EDI]");
+        offset = M.x86.R_EDI;
+        break;
+      default:
+        HALT_SYS();
+    }
+    offset += decode_sib_si(ss, index);
+    return offset;
+}
+
+/****************************************************************************
+PARAMETERS:
+rm  - RM value to decode
+
+RETURNS:
+Offset in memory for the address decoding
+
+REMARKS:
+Return the offset given by mod=00 addressing.  Also enables the
+decoding of instructions.
+
+NOTE:   The code which specifies the corresponding segment (ds vs ss)
+        below in the case of [BP+..].  The assumption here is that at the
+        point that this subroutine is called, the bit corresponding to
+        SYSMODE_SEG_DS_SS will be zero.  After every instruction
+        except the segment override instructions, this bit (as well
+        as any bits indicating segment overrides) will be clear.  So
+        if a SS access is needed, set this bit.  Otherwise, DS access
+        occurs (unless any of the segment override bits are set).
+****************************************************************************/
+unsigned decode_rm00_address(
+    int rm)
+{
+    unsigned offset;
+
+    if (M.x86.mode & SYSMODE_PREFIX_ADDR) {
+        /* 32-bit addressing */
+        switch (rm) {
+          case 0:
+            DECODE_PRINTF("[EAX]");
+            return M.x86.R_EAX;
+          case 1:
+            DECODE_PRINTF("[ECX]");
+            return M.x86.R_ECX;
+          case 2:
+            DECODE_PRINTF("[EDX]");
+            return M.x86.R_EDX;
+          case 3:
+            DECODE_PRINTF("[EBX]");
+            return M.x86.R_EBX;
+          case 4:
+            return decode_sib_address(0);
+          case 5:
+            offset = fetch_long_imm();
+            DECODE_PRINTF2("[%08x]", offset);
+            return offset;
+          case 6:
+            DECODE_PRINTF("[ESI]");
+            return M.x86.R_ESI;
+          case 7:
+            DECODE_PRINTF("[EDI]");
+            return M.x86.R_EDI;
+        }
+    } else {
+        /* 16-bit addressing */
+        switch (rm) {
+          case 0:
+            DECODE_PRINTF("[BX+SI]");
+            return (M.x86.R_BX + M.x86.R_SI) & 0xffff;
+          case 1:
+            DECODE_PRINTF("[BX+DI]");
+            return (M.x86.R_BX + M.x86.R_DI) & 0xffff;
+          case 2:
+            DECODE_PRINTF("[BP+SI]");
+            M.x86.mode |= SYSMODE_SEG_DS_SS;
+            return (M.x86.R_BP + M.x86.R_SI) & 0xffff;
+          case 3:
+            DECODE_PRINTF("[BP+DI]");
+            M.x86.mode |= SYSMODE_SEG_DS_SS;
+            return (M.x86.R_BP + M.x86.R_DI) & 0xffff;
+          case 4:
+            DECODE_PRINTF("[SI]");
+            return M.x86.R_SI;
+          case 5:
+            DECODE_PRINTF("[DI]");
+            return M.x86.R_DI;
+          case 6:
+            offset = fetch_word_imm();
+            DECODE_PRINTF2("[%04x]", offset);
+            return offset;
+          case 7:
+            DECODE_PRINTF("[BX]");
+            return M.x86.R_BX;
+        }
+    }
+    HALT_SYS();
+    return 0;
+}
+
+/****************************************************************************
+PARAMETERS:
+rm  - RM value to decode
+
+RETURNS:
+Offset in memory for the address decoding
+
+REMARKS:
+Return the offset given by mod=01 addressing.  Also enables the
+decoding of instructions.
+****************************************************************************/
+unsigned decode_rm01_address(
+    int rm)
+{
+    int displacement;
+
+    if (M.x86.mode & SYSMODE_PREFIX_ADDR) {
+        /* 32-bit addressing */
+        if (rm != 4)
+            displacement = (s8)fetch_byte_imm();
+        else
+            displacement = 0;
+
+        switch (rm) {
+          case 0:
+            DECODE_PRINTF2("%d[EAX]", displacement);
+            return M.x86.R_EAX + displacement;
+          case 1:
+            DECODE_PRINTF2("%d[ECX]", displacement);
+            return M.x86.R_ECX + displacement;
+          case 2:
+            DECODE_PRINTF2("%d[EDX]", displacement);
+            return M.x86.R_EDX + displacement;
+          case 3:
+            DECODE_PRINTF2("%d[EBX]", displacement);
+            return M.x86.R_EBX + displacement;
+          case 4: {
+            int offset = decode_sib_address(1);
+            displacement = (s8)fetch_byte_imm();
+            DECODE_PRINTF2("[%d]", displacement);
+            return offset + displacement;
+          }
+          case 5:
+            DECODE_PRINTF2("%d[EBP]", displacement);
+            return M.x86.R_EBP + displacement;
+          case 6:
+            DECODE_PRINTF2("%d[ESI]", displacement);
+            return M.x86.R_ESI + displacement;
+          case 7:
+            DECODE_PRINTF2("%d[EDI]", displacement);
+            return M.x86.R_EDI + displacement;
+        }
+    } else {
+        /* 16-bit addressing */
+        displacement = (s8)fetch_byte_imm();
+        switch (rm) {
+          case 0:
+            DECODE_PRINTF2("%d[BX+SI]", displacement);
+            return (M.x86.R_BX + M.x86.R_SI + displacement) & 0xffff;
+          case 1:
+            DECODE_PRINTF2("%d[BX+DI]", displacement);
+            return (M.x86.R_BX + M.x86.R_DI + displacement) & 0xffff;
+          case 2:
+            DECODE_PRINTF2("%d[BP+SI]", displacement);
+            M.x86.mode |= SYSMODE_SEG_DS_SS;
+            return (M.x86.R_BP + M.x86.R_SI + displacement) & 0xffff;
+          case 3:
+            DECODE_PRINTF2("%d[BP+DI]", displacement);
+            M.x86.mode |= SYSMODE_SEG_DS_SS;
+            return (M.x86.R_BP + M.x86.R_DI + displacement) & 0xffff;
+          case 4:
+            DECODE_PRINTF2("%d[SI]", displacement);
+            return (M.x86.R_SI + displacement) & 0xffff;
+          case 5:
+            DECODE_PRINTF2("%d[DI]", displacement);
+            return (M.x86.R_DI + displacement) & 0xffff;
+          case 6:
+            DECODE_PRINTF2("%d[BP]", displacement);
+            M.x86.mode |= SYSMODE_SEG_DS_SS;
+            return (M.x86.R_BP + displacement) & 0xffff;
+          case 7:
+            DECODE_PRINTF2("%d[BX]", displacement);
+            return (M.x86.R_BX + displacement) & 0xffff;
+        }
+    }
+    HALT_SYS();
+    return 0;                   /* SHOULD NOT HAPPEN */
+}
+
+/****************************************************************************
+PARAMETERS:
+rm  - RM value to decode
+
+RETURNS:
+Offset in memory for the address decoding
+
+REMARKS:
+Return the offset given by mod=10 addressing.  Also enables the
+decoding of instructions.
+****************************************************************************/
+unsigned decode_rm10_address(
+    int rm)
+{
+    if (M.x86.mode & SYSMODE_PREFIX_ADDR) {
+        int displacement;
+
+        /* 32-bit addressing */
+        if (rm != 4)
+            displacement = (s32)fetch_long_imm();
+        else
+            displacement = 0;
+
+        switch (rm) {
+          case 0:
+            DECODE_PRINTF2("%d[EAX]", displacement);
+            return M.x86.R_EAX + displacement;
+          case 1:
+            DECODE_PRINTF2("%d[ECX]", displacement);
+            return M.x86.R_ECX + displacement;
+          case 2:
+            DECODE_PRINTF2("%d[EDX]", displacement);
+            return M.x86.R_EDX + displacement;
+          case 3:
+            DECODE_PRINTF2("%d[EBX]", displacement);
+            return M.x86.R_EBX + displacement;
+          case 4: {
+            int offset = decode_sib_address(2);
+            displacement = (s32)fetch_long_imm();
+            DECODE_PRINTF2("[%d]", displacement);
+            return offset + displacement;
+          }
+          case 5:
+            DECODE_PRINTF2("%d[EBP]", displacement);
+            return M.x86.R_EBP + displacement;
+          case 6:
+            DECODE_PRINTF2("%d[ESI]", displacement);
+            return M.x86.R_ESI + displacement;
+          case 7:
+            DECODE_PRINTF2("%d[EDI]", displacement);
+            return M.x86.R_EDI + displacement;
+        }
+    } else {
+        int displacement = (s16)fetch_word_imm();
+
+        /* 16-bit addressing */
+        switch (rm) {
+          case 0:
+            DECODE_PRINTF2("%d[BX+SI]", displacement);
+            return (M.x86.R_BX + M.x86.R_SI + displacement) & 0xffff;
+          case 1:
+            DECODE_PRINTF2("%d[BX+DI]", displacement);
+            return (M.x86.R_BX + M.x86.R_DI + displacement) & 0xffff;
+          case 2:
+            DECODE_PRINTF2("%d[BP+SI]", displacement);
+            M.x86.mode |= SYSMODE_SEG_DS_SS;
+            return (M.x86.R_BP + M.x86.R_SI + displacement) & 0xffff;
+          case 3:
+            DECODE_PRINTF2("%d[BP+DI]", displacement);
+            M.x86.mode |= SYSMODE_SEG_DS_SS;
+            return (M.x86.R_BP + M.x86.R_DI + displacement) & 0xffff;
+          case 4:
+            DECODE_PRINTF2("%d[SI]", displacement);
+            return (M.x86.R_SI + displacement) & 0xffff;
+          case 5:
+            DECODE_PRINTF2("%d[DI]", displacement);
+            return (M.x86.R_DI + displacement) & 0xffff;
+          case 6:
+            DECODE_PRINTF2("%d[BP]", displacement);
+            M.x86.mode |= SYSMODE_SEG_DS_SS;
+            return (M.x86.R_BP + displacement) & 0xffff;
+          case 7:
+            DECODE_PRINTF2("%d[BX]", displacement);
+            return (M.x86.R_BX + displacement) & 0xffff;
+        }
+    }
+    HALT_SYS();
+    return 0;                   /* SHOULD NOT HAPPEN */
+}
+
+
+/****************************************************************************
+PARAMETERS:
+mod - modifier
+rm  - RM value to decode
+
+RETURNS:
+Offset in memory for the address decoding, multiplexing calls to
+the decode_rmXX_address functions
+
+REMARKS:
+Return the offset given by "mod" addressing.
+****************************************************************************/
+
+unsigned decode_rmXX_address(int mod, int rm)
+{
+  if(mod == 0)
+    return decode_rm00_address(rm);
+  if(mod == 1)
+    return decode_rm01_address(rm);
+  return decode_rm10_address(rm);
+}
+
+
+
diff --git a/src/device/oprom/x86emu/decode.h b/src/device/oprom/x86emu/decode.h
new file mode 100644
index 0000000..99ed7f6
--- /dev/null
+++ b/src/device/oprom/x86emu/decode.h
@@ -0,0 +1,88 @@
+/****************************************************************************
+*
+*						Realmode X86 Emulator Library
+*
+*            	Copyright (C) 1996-1999 SciTech Software, Inc.
+* 				     Copyright (C) David Mosberger-Tang
+* 					   Copyright (C) 1999 Egbert Eich
+*
+*  ========================================================================
+*
+*  Permission to use, copy, modify, distribute, and sell this software and
+*  its documentation for any purpose is hereby granted without fee,
+*  provided that the above copyright notice appear in all copies and that
+*  both that copyright notice and this permission notice appear in
+*  supporting documentation, and that the name of the authors not be used
+*  in advertising or publicity pertaining to distribution of the software
+*  without specific, written prior permission.  The authors makes no
+*  representations about the suitability of this software for any purpose.
+*  It is provided "as is" without express or implied warranty.
+*
+*  THE AUTHORS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
+*  INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
+*  EVENT SHALL THE AUTHORS BE LIABLE FOR ANY SPECIAL, INDIRECT OR
+*  CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
+*  USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
+*  OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+*  PERFORMANCE OF THIS SOFTWARE.
+*
+*  ========================================================================
+*
+* Language:		ANSI C
+* Environment:	Any
+* Developer:    Kendall Bennett
+*
+* Description:  Header file for instruction decoding logic.
+*
+****************************************************************************/
+
+#ifndef __X86EMU_DECODE_H
+#define __X86EMU_DECODE_H
+
+/*---------------------- Macros and type definitions ----------------------*/
+
+/* Instruction Decoding Stuff */
+
+#define FETCH_DECODE_MODRM(mod,rh,rl) 	fetch_decode_modrm(&mod,&rh,&rl)
+#define DECODE_RM_BYTE_REGISTER(r)    	decode_rm_byte_register(r)
+#define DECODE_RM_WORD_REGISTER(r)    	decode_rm_word_register(r)
+#define DECODE_RM_LONG_REGISTER(r)    	decode_rm_long_register(r)
+#define DECODE_CLEAR_SEGOVR()         	M.x86.mode &= ~SYSMODE_CLRMASK
+
+/*-------------------------- Function Prototypes --------------------------*/
+
+#ifdef  __cplusplus
+extern "C" {            			/* Use "C" linkage when in C++ mode */
+#endif
+
+void 	x86emu_intr_raise (u8 type);
+void    fetch_decode_modrm (int *mod,int *regh,int *regl);
+u8      fetch_byte_imm (void);
+u16     fetch_word_imm (void);
+u32     fetch_long_imm (void);
+u8      fetch_data_byte (uint offset);
+u8      fetch_data_byte_abs (uint segment, uint offset);
+u16     fetch_data_word (uint offset);
+u16     fetch_data_word_abs (uint segment, uint offset);
+u32     fetch_data_long (uint offset);
+u32     fetch_data_long_abs (uint segment, uint offset);
+void    store_data_byte (uint offset, u8 val);
+void    store_data_byte_abs (uint segment, uint offset, u8 val);
+void    store_data_word (uint offset, u16 val);
+void    store_data_word_abs (uint segment, uint offset, u16 val);
+void    store_data_long (uint offset, u32 val);
+void    store_data_long_abs (uint segment, uint offset, u32 val);
+u8* 	decode_rm_byte_register(int reg);
+u16* 	decode_rm_word_register(int reg);
+u32* 	decode_rm_long_register(int reg);
+u16* 	decode_rm_seg_register(int reg);
+unsigned decode_rm00_address(int rm);
+unsigned decode_rm01_address(int rm);
+unsigned decode_rm10_address(int rm);
+unsigned decode_rmXX_address(int mod, int rm);
+
+#ifdef  __cplusplus
+}                       			/* End of "C" linkage for C++   	*/
+#endif
+
+#endif /* __X86EMU_DECODE_H */
diff --git a/src/device/oprom/x86emu/fpu.c b/src/device/oprom/x86emu/fpu.c
new file mode 100644
index 0000000..7edebd4
--- /dev/null
+++ b/src/device/oprom/x86emu/fpu.c
@@ -0,0 +1,951 @@
+/****************************************************************************
+*
+*                       Realmode X86 Emulator Library
+*
+*               Copyright (C) 1991-2004 SciTech Software, Inc.
+*                    Copyright (C) David Mosberger-Tang
+*                      Copyright (C) 1999 Egbert Eich
+*
+*  ========================================================================
+*
+*  Permission to use, copy, modify, distribute, and sell this software and
+*  its documentation for any purpose is hereby granted without fee,
+*  provided that the above copyright notice appear in all copies and that
+*  both that copyright notice and this permission notice appear in
+*  supporting documentation, and that the name of the authors not be used
+*  in advertising or publicity pertaining to distribution of the software
+*  without specific, written prior permission.  The authors makes no
+*  representations about the suitability of this software for any purpose.
+*  It is provided "as is" without express or implied warranty.
+*
+*  THE AUTHORS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
+*  INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
+*  EVENT SHALL THE AUTHORS BE LIABLE FOR ANY SPECIAL, INDIRECT OR
+*  CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
+*  USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
+*  OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+*  PERFORMANCE OF THIS SOFTWARE.
+*
+*  ========================================================================
+*
+* Language:     ANSI C
+* Environment:  Any
+* Developer:    Kendall Bennett
+*
+* Description:  This file contains the code to implement the decoding and
+*               emulation of the FPU instructions.
+*
+****************************************************************************/
+
+#include "x86emui.h"
+
+/*----------------------------- Implementation ----------------------------*/
+
+/* opcode=0xd8 */
+void x86emuOp_esc_coprocess_d8(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("ESC D8\n");
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR_NO_TRACE();
+}
+
+#ifdef X86EMU_FPU_PRESENT
+#define X86EMU_FPU_ONLY(x) x
+#else
+#define X86EMU_FPU_ONLY(x) X86EMU_UNUSED(x)
+#endif
+
+#ifdef DEBUG
+
+static const char *x86emu_fpu_op_d9_tab[] = {
+    "FLD\tDWORD PTR ", "ESC_D9\t", "FST\tDWORD PTR ", "FSTP\tDWORD PTR ",
+    "FLDENV\t", "FLDCW\t", "FSTENV\t", "FSTCW\t",
+
+    "FLD\tDWORD PTR ", "ESC_D9\t", "FST\tDWORD PTR ", "FSTP\tDWORD PTR ",
+    "FLDENV\t", "FLDCW\t", "FSTENV\t", "FSTCW\t",
+
+    "FLD\tDWORD PTR ", "ESC_D9\t", "FST\tDWORD PTR ", "FSTP\tDWORD PTR ",
+    "FLDENV\t", "FLDCW\t", "FSTENV\t", "FSTCW\t",
+};
+
+static const char *x86emu_fpu_op_d9_tab1[] = {
+    "FLD\t", "FLD\t", "FLD\t", "FLD\t",
+    "FLD\t", "FLD\t", "FLD\t", "FLD\t",
+
+    "FXCH\t", "FXCH\t", "FXCH\t", "FXCH\t",
+    "FXCH\t", "FXCH\t", "FXCH\t", "FXCH\t",
+
+    "FNOP", "ESC_D9", "ESC_D9", "ESC_D9",
+    "ESC_D9", "ESC_D9", "ESC_D9", "ESC_D9",
+
+    "FSTP\t", "FSTP\t", "FSTP\t", "FSTP\t",
+    "FSTP\t", "FSTP\t", "FSTP\t", "FSTP\t",
+
+    "FCHS", "FABS", "ESC_D9", "ESC_D9",
+    "FTST", "FXAM", "ESC_D9", "ESC_D9",
+
+    "FLD1", "FLDL2T", "FLDL2E", "FLDPI",
+    "FLDLG2", "FLDLN2", "FLDZ", "ESC_D9",
+
+    "F2XM1", "FYL2X", "FPTAN", "FPATAN",
+    "FXTRACT", "ESC_D9", "FDECSTP", "FINCSTP",
+
+    "FPREM", "FYL2XP1", "FSQRT", "ESC_D9",
+    "FRNDINT", "FSCALE", "ESC_D9", "ESC_D9",
+};
+
+#endif /* DEBUG */
+
+/* opcode=0xd9 */
+void x86emuOp_esc_coprocess_d9(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rl, rh;
+    uint X86EMU_FPU_ONLY(destoffset);
+    u8 X86EMU_FPU_ONLY(stkelem);
+
+    START_OF_INSTR();
+    FETCH_DECODE_MODRM(mod, rh, rl);
+#ifdef DEBUG
+    if (mod != 3) {
+        DECODE_PRINTINSTR32(x86emu_fpu_op_d9_tab, mod, rh, rl);
+    } else {
+        DECODE_PRINTF(x86emu_fpu_op_d9_tab1[(rh << 3) + rl]);
+    }
+#endif
+    switch (mod) {
+      case 0:
+        destoffset = decode_rm00_address(rl);
+        DECODE_PRINTF("\n");
+        break;
+      case 1:
+        destoffset = decode_rm01_address(rl);
+        DECODE_PRINTF("\n");
+        break;
+      case 2:
+        destoffset = decode_rm10_address(rl);
+        DECODE_PRINTF("\n");
+        break;
+      case 3:                   /* register to register */
+        stkelem = (u8)rl;
+        if (rh < 4) {
+                DECODE_PRINTF2("ST(%d)\n", stkelem);
+        } else {
+                DECODE_PRINTF("\n");
+        }
+        break;
+    }
+#ifdef X86EMU_FPU_PRESENT
+    /* execute */
+    switch (mod) {
+      case 3:
+        switch (rh) {
+          case 0:
+            x86emu_fpu_R_fld(X86EMU_FPU_STKTOP, stkelem);
+            break;
+          case 1:
+            x86emu_fpu_R_fxch(X86EMU_FPU_STKTOP, stkelem);
+            break;
+          case 2:
+            switch (rl) {
+              case 0:
+                x86emu_fpu_R_nop();
+                break;
+              default:
+                x86emu_fpu_illegal();
+                break;
+            }
+          case 3:
+            x86emu_fpu_R_fstp(X86EMU_FPU_STKTOP, stkelem);
+            break;
+          case 4:
+            switch (rl) {
+            case 0:
+                x86emu_fpu_R_fchs(X86EMU_FPU_STKTOP);
+                break;
+            case 1:
+                x86emu_fpu_R_fabs(X86EMU_FPU_STKTOP);
+                break;
+            case 4:
+                x86emu_fpu_R_ftst(X86EMU_FPU_STKTOP);
+                break;
+            case 5:
+                x86emu_fpu_R_fxam(X86EMU_FPU_STKTOP);
+                break;
+            default:
+                /* 2,3,6,7 */
+                x86emu_fpu_illegal();
+                break;
+            }
+            break;
+
+          case 5:
+            switch (rl) {
+              case 0:
+                x86emu_fpu_R_fld1(X86EMU_FPU_STKTOP);
+                break;
+              case 1:
+                x86emu_fpu_R_fldl2t(X86EMU_FPU_STKTOP);
+                break;
+              case 2:
+                x86emu_fpu_R_fldl2e(X86EMU_FPU_STKTOP);
+                break;
+              case 3:
+                x86emu_fpu_R_fldpi(X86EMU_FPU_STKTOP);
+                break;
+              case 4:
+                x86emu_fpu_R_fldlg2(X86EMU_FPU_STKTOP);
+                break;
+              case 5:
+                x86emu_fpu_R_fldln2(X86EMU_FPU_STKTOP);
+                break;
+              case 6:
+                x86emu_fpu_R_fldz(X86EMU_FPU_STKTOP);
+                break;
+              default:
+                /* 7 */
+                x86emu_fpu_illegal();
+                break;
+            }
+            break;
+
+          case 6:
+            switch (rl) {
+              case 0:
+                x86emu_fpu_R_f2xm1(X86EMU_FPU_STKTOP);
+                break;
+              case 1:
+                x86emu_fpu_R_fyl2x(X86EMU_FPU_STKTOP);
+                break;
+              case 2:
+                x86emu_fpu_R_fptan(X86EMU_FPU_STKTOP);
+                break;
+              case 3:
+                x86emu_fpu_R_fpatan(X86EMU_FPU_STKTOP);
+                break;
+              case 4:
+                x86emu_fpu_R_fxtract(X86EMU_FPU_STKTOP);
+                break;
+              case 5:
+                x86emu_fpu_illegal();
+                break;
+              case 6:
+                x86emu_fpu_R_decstp();
+                break;
+              case 7:
+                x86emu_fpu_R_incstp();
+                break;
+            }
+            break;
+
+          case 7:
+            switch (rl) {
+              case 0:
+                x86emu_fpu_R_fprem(X86EMU_FPU_STKTOP);
+                break;
+              case 1:
+                x86emu_fpu_R_fyl2xp1(X86EMU_FPU_STKTOP);
+                break;
+              case 2:
+                x86emu_fpu_R_fsqrt(X86EMU_FPU_STKTOP);
+                break;
+              case 3:
+                x86emu_fpu_illegal();
+                break;
+              case 4:
+                x86emu_fpu_R_frndint(X86EMU_FPU_STKTOP);
+                break;
+              case 5:
+                x86emu_fpu_R_fscale(X86EMU_FPU_STKTOP);
+                break;
+              case 6:
+              case 7:
+              default:
+                x86emu_fpu_illegal();
+                break;
+            }
+            break;
+
+          default:
+            switch (rh) {
+              case 0:
+                x86emu_fpu_M_fld(X86EMU_FPU_FLOAT, destoffset);
+                break;
+              case 1:
+                x86emu_fpu_illegal();
+                break;
+              case 2:
+                x86emu_fpu_M_fst(X86EMU_FPU_FLOAT, destoffset);
+                break;
+              case 3:
+                x86emu_fpu_M_fstp(X86EMU_FPU_FLOAT, destoffset);
+                break;
+              case 4:
+                x86emu_fpu_M_fldenv(X86EMU_FPU_WORD, destoffset);
+                break;
+              case 5:
+                x86emu_fpu_M_fldcw(X86EMU_FPU_WORD, destoffset);
+                break;
+              case 6:
+                x86emu_fpu_M_fstenv(X86EMU_FPU_WORD, destoffset);
+                break;
+              case 7:
+                x86emu_fpu_M_fstcw(X86EMU_FPU_WORD, destoffset);
+                break;
+            }
+        }
+    }
+#endif /* X86EMU_FPU_PRESENT */
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR_NO_TRACE();
+}
+
+#ifdef DEBUG
+
+static const char *x86emu_fpu_op_da_tab[] = {
+    "FIADD\tDWORD PTR ", "FIMUL\tDWORD PTR ", "FICOM\tDWORD PTR ",
+    "FICOMP\tDWORD PTR ",
+    "FISUB\tDWORD PTR ", "FISUBR\tDWORD PTR ", "FIDIV\tDWORD PTR ",
+    "FIDIVR\tDWORD PTR ",
+
+    "FIADD\tDWORD PTR ", "FIMUL\tDWORD PTR ", "FICOM\tDWORD PTR ",
+    "FICOMP\tDWORD PTR ",
+    "FISUB\tDWORD PTR ", "FISUBR\tDWORD PTR ", "FIDIV\tDWORD PTR ",
+    "FIDIVR\tDWORD PTR ",
+
+    "FIADD\tDWORD PTR ", "FIMUL\tDWORD PTR ", "FICOM\tDWORD PTR ",
+    "FICOMP\tDWORD PTR ",
+    "FISUB\tDWORD PTR ", "FISUBR\tDWORD PTR ", "FIDIV\tDWORD PTR ",
+    "FIDIVR\tDWORD PTR ",
+
+    "ESC_DA ", "ESC_DA ", "ESC_DA ", "ESC_DA ",
+    "ESC_DA     ", "ESC_DA ", "ESC_DA   ", "ESC_DA ",
+};
+
+#endif /* DEBUG */
+
+/* opcode=0xda */
+void x86emuOp_esc_coprocess_da(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rl, rh;
+    uint X86EMU_FPU_ONLY(destoffset);
+    u8 X86EMU_FPU_ONLY(stkelem);
+
+    START_OF_INSTR();
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    DECODE_PRINTINSTR32(x86emu_fpu_op_da_tab, mod, rh, rl);
+    switch (mod) {
+      case 0:
+        destoffset = decode_rm00_address(rl);
+        DECODE_PRINTF("\n");
+        break;
+      case 1:
+        destoffset = decode_rm01_address(rl);
+        DECODE_PRINTF("\n");
+        break;
+      case 2:
+        destoffset = decode_rm10_address(rl);
+        DECODE_PRINTF("\n");
+        break;
+      case 3:           /* register to register */
+        stkelem = (u8)rl;
+        DECODE_PRINTF2("\tST(%d),ST\n", stkelem);
+        break;
+    }
+#ifdef X86EMU_FPU_PRESENT
+    switch (mod) {
+      case 3:
+        x86emu_fpu_illegal();
+        break;
+      default:
+        switch (rh) {
+          case 0:
+            x86emu_fpu_M_iadd(X86EMU_FPU_SHORT, destoffset);
+            break;
+          case 1:
+            x86emu_fpu_M_imul(X86EMU_FPU_SHORT, destoffset);
+            break;
+          case 2:
+            x86emu_fpu_M_icom(X86EMU_FPU_SHORT, destoffset);
+            break;
+          case 3:
+            x86emu_fpu_M_icomp(X86EMU_FPU_SHORT, destoffset);
+            break;
+          case 4:
+            x86emu_fpu_M_isub(X86EMU_FPU_SHORT, destoffset);
+            break;
+          case 5:
+            x86emu_fpu_M_isubr(X86EMU_FPU_SHORT, destoffset);
+            break;
+          case 6:
+            x86emu_fpu_M_idiv(X86EMU_FPU_SHORT, destoffset);
+            break;
+          case 7:
+            x86emu_fpu_M_idivr(X86EMU_FPU_SHORT, destoffset);
+            break;
+        }
+    }
+#endif
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR_NO_TRACE();
+}
+
+#ifdef DEBUG
+
+static const char *x86emu_fpu_op_db_tab[] = {
+    "FILD\tDWORD PTR ", "ESC_DB\t19", "FIST\tDWORD PTR ", "FISTP\tDWORD PTR ",
+    "ESC_DB\t1C", "FLD\tTBYTE PTR ", "ESC_DB\t1E", "FSTP\tTBYTE PTR ",
+
+    "FILD\tDWORD PTR ", "ESC_DB\t19", "FIST\tDWORD PTR ", "FISTP\tDWORD PTR ",
+    "ESC_DB\t1C", "FLD\tTBYTE PTR ", "ESC_DB\t1E", "FSTP\tTBYTE PTR ",
+
+    "FILD\tDWORD PTR ", "ESC_DB\t19", "FIST\tDWORD PTR ", "FISTP\tDWORD PTR ",
+    "ESC_DB\t1C", "FLD\tTBYTE PTR ", "ESC_DB\t1E", "FSTP\tTBYTE PTR ",
+};
+
+#endif /* DEBUG */
+
+/* opcode=0xdb */
+void x86emuOp_esc_coprocess_db(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rl, rh;
+    uint X86EMU_FPU_ONLY(destoffset);
+
+    START_OF_INSTR();
+    FETCH_DECODE_MODRM(mod, rh, rl);
+#ifdef DEBUG
+    if (mod != 3) {
+        DECODE_PRINTINSTR32(x86emu_fpu_op_db_tab, mod, rh, rl);
+    } else if (rh == 4) {       /* === 11 10 0 nnn */
+        switch (rl) {
+          case 0:
+            DECODE_PRINTF("FENI\n");
+            break;
+          case 1:
+            DECODE_PRINTF("FDISI\n");
+            break;
+          case 2:
+            DECODE_PRINTF("FCLEX\n");
+            break;
+          case 3:
+            DECODE_PRINTF("FINIT\n");
+            break;
+        }
+    } else {
+        DECODE_PRINTF2("ESC_DB %0x\n", (mod << 6) + (rh << 3) + (rl));
+    }
+#endif /* DEBUG */
+    switch (mod) {
+      case 0:
+        destoffset = decode_rm00_address(rl);
+        break;
+      case 1:
+        destoffset = decode_rm01_address(rl);
+        break;
+      case 2:
+        destoffset = decode_rm10_address(rl);
+        break;
+      case 3:                   /* register to register */
+        break;
+    }
+#ifdef X86EMU_FPU_PRESENT
+    /* execute */
+    switch (mod) {
+      case 3:
+        switch (rh) {
+          case 4:
+            switch (rl) {
+              case 0:
+                x86emu_fpu_R_feni();
+                break;
+              case 1:
+                x86emu_fpu_R_fdisi();
+                break;
+              case 2:
+                x86emu_fpu_R_fclex();
+                break;
+              case 3:
+                x86emu_fpu_R_finit();
+                break;
+              default:
+                x86emu_fpu_illegal();
+                break;
+            }
+            break;
+          default:
+            x86emu_fpu_illegal();
+            break;
+        }
+        break;
+      default:
+        switch (rh) {
+          case 0:
+            x86emu_fpu_M_fild(X86EMU_FPU_SHORT, destoffset);
+            break;
+          case 1:
+            x86emu_fpu_illegal();
+            break;
+          case 2:
+            x86emu_fpu_M_fist(X86EMU_FPU_SHORT, destoffset);
+            break;
+          case 3:
+            x86emu_fpu_M_fistp(X86EMU_FPU_SHORT, destoffset);
+            break;
+          case 4:
+            x86emu_fpu_illegal();
+            break;
+          case 5:
+            x86emu_fpu_M_fld(X86EMU_FPU_LDBL, destoffset);
+            break;
+                      case 6:
+            x86emu_fpu_illegal();
+            break;
+          case 7:
+            x86emu_fpu_M_fstp(X86EMU_FPU_LDBL, destoffset);
+            break;
+        }
+    }
+#endif
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR_NO_TRACE();
+}
+
+#ifdef DEBUG
+static const char *x86emu_fpu_op_dc_tab[] = {
+    "FADD\tQWORD PTR ", "FMUL\tQWORD PTR ", "FCOM\tQWORD PTR ",
+    "FCOMP\tQWORD PTR ",
+    "FSUB\tQWORD PTR ", "FSUBR\tQWORD PTR ", "FDIV\tQWORD PTR ",
+    "FDIVR\tQWORD PTR ",
+
+    "FADD\tQWORD PTR ", "FMUL\tQWORD PTR ", "FCOM\tQWORD PTR ",
+    "FCOMP\tQWORD PTR ",
+    "FSUB\tQWORD PTR ", "FSUBR\tQWORD PTR ", "FDIV\tQWORD PTR ",
+    "FDIVR\tQWORD PTR ",
+
+    "FADD\tQWORD PTR ", "FMUL\tQWORD PTR ", "FCOM\tQWORD PTR ",
+    "FCOMP\tQWORD PTR ",
+    "FSUB\tQWORD PTR ", "FSUBR\tQWORD PTR ", "FDIV\tQWORD PTR ",
+    "FDIVR\tQWORD PTR ",
+
+    "FADD\t", "FMUL\t", "FCOM\t", "FCOMP\t",
+    "FSUBR\t", "FSUB\t", "FDIVR\t", "FDIV\t",
+};
+#endif /* DEBUG */
+
+/* opcode=0xdc */
+void x86emuOp_esc_coprocess_dc(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rl, rh;
+    uint X86EMU_FPU_ONLY(destoffset);
+    u8 X86EMU_FPU_ONLY(stkelem);
+
+    START_OF_INSTR();
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    DECODE_PRINTINSTR32(x86emu_fpu_op_dc_tab, mod, rh, rl);
+    switch (mod) {
+      case 0:
+        destoffset = decode_rm00_address(rl);
+        DECODE_PRINTF("\n");
+        break;
+      case 1:
+        destoffset = decode_rm01_address(rl);
+        DECODE_PRINTF("\n");
+        break;
+      case 2:
+        destoffset = decode_rm10_address(rl);
+        DECODE_PRINTF("\n");
+        break;
+      case 3:                   /* register to register */
+        stkelem = (u8)rl;
+        DECODE_PRINTF2("\tST(%d),ST\n", stkelem);
+        break;
+    }
+#ifdef X86EMU_FPU_PRESENT
+    /* execute */
+    switch (mod) {
+      case 3:
+        switch (rh) {
+          case 0:
+            x86emu_fpu_R_fadd(stkelem, X86EMU_FPU_STKTOP);
+            break;
+          case 1:
+            x86emu_fpu_R_fmul(stkelem, X86EMU_FPU_STKTOP);
+            break;
+          case 2:
+            x86emu_fpu_R_fcom(stkelem, X86EMU_FPU_STKTOP);
+            break;
+          case 3:
+            x86emu_fpu_R_fcomp(stkelem, X86EMU_FPU_STKTOP);
+            break;
+          case 4:
+            x86emu_fpu_R_fsubr(stkelem, X86EMU_FPU_STKTOP);
+            break;
+          case 5:
+            x86emu_fpu_R_fsub(stkelem, X86EMU_FPU_STKTOP);
+            break;
+          case 6:
+            x86emu_fpu_R_fdivr(stkelem, X86EMU_FPU_STKTOP);
+            break;
+          case 7:
+            x86emu_fpu_R_fdiv(stkelem, X86EMU_FPU_STKTOP);
+            break;
+        }
+        break;
+      default:
+        switch (rh) {
+          case 0:
+            x86emu_fpu_M_fadd(X86EMU_FPU_DOUBLE, destoffset);
+            break;
+          case 1:
+            x86emu_fpu_M_fmul(X86EMU_FPU_DOUBLE, destoffset);
+            break;
+          case 2:
+            x86emu_fpu_M_fcom(X86EMU_FPU_DOUBLE, destoffset);
+            break;
+          case 3:
+            x86emu_fpu_M_fcomp(X86EMU_FPU_DOUBLE, destoffset);
+            break;
+          case 4:
+            x86emu_fpu_M_fsub(X86EMU_FPU_DOUBLE, destoffset);
+            break;
+          case 5:
+            x86emu_fpu_M_fsubr(X86EMU_FPU_DOUBLE, destoffset);
+            break;
+          case 6:
+            x86emu_fpu_M_fdiv(X86EMU_FPU_DOUBLE, destoffset);
+            break;
+          case 7:
+            x86emu_fpu_M_fdivr(X86EMU_FPU_DOUBLE, destoffset);
+            break;
+        }
+    }
+#endif
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR_NO_TRACE();
+}
+
+#ifdef DEBUG
+
+static const char *x86emu_fpu_op_dd_tab[] = {
+    "FLD\tQWORD PTR ", "ESC_DD\t29,", "FST\tQWORD PTR ", "FSTP\tQWORD PTR ",
+    "FRSTOR\t", "ESC_DD\t2D,", "FSAVE\t", "FSTSW\t",
+
+    "FLD\tQWORD PTR ", "ESC_DD\t29,", "FST\tQWORD PTR ", "FSTP\tQWORD PTR ",
+    "FRSTOR\t", "ESC_DD\t2D,", "FSAVE\t", "FSTSW\t",
+
+    "FLD\tQWORD PTR ", "ESC_DD\t29,", "FST\tQWORD PTR ", "FSTP\tQWORD PTR ",
+    "FRSTOR\t", "ESC_DD\t2D,", "FSAVE\t", "FSTSW\t",
+
+    "FFREE\t", "FXCH\t", "FST\t", "FSTP\t",
+    "ESC_DD\t2C,", "ESC_DD\t2D,", "ESC_DD\t2E,", "ESC_DD\t2F,",
+};
+
+#endif /* DEBUG */
+
+/* opcode=0xdd */
+void x86emuOp_esc_coprocess_dd(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rl, rh;
+    uint X86EMU_FPU_ONLY(destoffset);
+    u8 X86EMU_FPU_ONLY(stkelem);
+
+    START_OF_INSTR();
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    DECODE_PRINTINSTR32(x86emu_fpu_op_dd_tab, mod, rh, rl);
+    switch (mod) {
+      case 0:
+        destoffset = decode_rm00_address(rl);
+        DECODE_PRINTF("\n");
+        break;
+      case 1:
+        destoffset = decode_rm01_address(rl);
+        DECODE_PRINTF("\n");
+        break;
+      case 2:
+        destoffset = decode_rm10_address(rl);
+        DECODE_PRINTF("\n");
+        break;
+      case 3:                   /* register to register */
+        stkelem = (u8)rl;
+        DECODE_PRINTF2("\tST(%d),ST\n", stkelem);
+        break;
+    }
+#ifdef X86EMU_FPU_PRESENT
+    switch (mod) {
+      case 3:
+        switch (rh) {
+          case 0:
+            x86emu_fpu_R_ffree(stkelem);
+            break;
+          case 1:
+            x86emu_fpu_R_fxch(stkelem);
+            break;
+          case 2:
+            x86emu_fpu_R_fst(stkelem);  /* register version */
+            break;
+          case 3:
+            x86emu_fpu_R_fstp(stkelem); /* register version */
+            break;
+          default:
+            x86emu_fpu_illegal();
+            break;
+        }
+        break;
+      default:
+        switch (rh) {
+          case 0:
+            x86emu_fpu_M_fld(X86EMU_FPU_DOUBLE, destoffset);
+            break;
+          case 1:
+            x86emu_fpu_illegal();
+            break;
+          case 2:
+            x86emu_fpu_M_fst(X86EMU_FPU_DOUBLE, destoffset);
+            break;
+          case 3:
+            x86emu_fpu_M_fstp(X86EMU_FPU_DOUBLE, destoffset);
+            break;
+          case 4:
+            x86emu_fpu_M_frstor(X86EMU_FPU_WORD, destoffset);
+            break;
+          case 5:
+            x86emu_fpu_illegal();
+            break;
+          case 6:
+            x86emu_fpu_M_fsave(X86EMU_FPU_WORD, destoffset);
+            break;
+          case 7:
+            x86emu_fpu_M_fstsw(X86EMU_FPU_WORD, destoffset);
+            break;
+        }
+    }
+#endif
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR_NO_TRACE();
+}
+
+#ifdef DEBUG
+
+static const char *x86emu_fpu_op_de_tab[] =
+{
+    "FIADD\tWORD PTR ", "FIMUL\tWORD PTR ", "FICOM\tWORD PTR ",
+    "FICOMP\tWORD PTR ",
+    "FISUB\tWORD PTR ", "FISUBR\tWORD PTR ", "FIDIV\tWORD PTR ",
+    "FIDIVR\tWORD PTR ",
+
+    "FIADD\tWORD PTR ", "FIMUL\tWORD PTR ", "FICOM\tWORD PTR ",
+    "FICOMP\tWORD PTR ",
+    "FISUB\tWORD PTR ", "FISUBR\tWORD PTR ", "FIDIV\tWORD PTR ",
+    "FIDIVR\tWORD PTR ",
+
+    "FIADD\tWORD PTR ", "FIMUL\tWORD PTR ", "FICOM\tWORD PTR ",
+    "FICOMP\tWORD PTR ",
+    "FISUB\tWORD PTR ", "FISUBR\tWORD PTR ", "FIDIV\tWORD PTR ",
+    "FIDIVR\tWORD PTR ",
+
+    "FADDP\t", "FMULP\t", "FCOMP\t", "FCOMPP\t",
+    "FSUBRP\t", "FSUBP\t", "FDIVRP\t", "FDIVP\t",
+};
+
+#endif /* DEBUG */
+
+/* opcode=0xde */
+void x86emuOp_esc_coprocess_de(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rl, rh;
+    uint X86EMU_FPU_ONLY(destoffset);
+    u8 X86EMU_FPU_ONLY(stkelem);
+
+    START_OF_INSTR();
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    DECODE_PRINTINSTR32(x86emu_fpu_op_de_tab, mod, rh, rl);
+    switch (mod) {
+      case 0:
+        destoffset = decode_rm00_address(rl);
+        DECODE_PRINTF("\n");
+        break;
+      case 1:
+        destoffset = decode_rm01_address(rl);
+        DECODE_PRINTF("\n");
+        break;
+      case 2:
+        destoffset = decode_rm10_address(rl);
+        DECODE_PRINTF("\n");
+        break;
+      case 3:                   /* register to register */
+        stkelem = (u8)rl;
+        DECODE_PRINTF2("\tST(%d),ST\n", stkelem);
+        break;
+    }
+#ifdef X86EMU_FPU_PRESENT
+    switch (mod) {
+      case 3:
+        switch (rh) {
+          case 0:
+            x86emu_fpu_R_faddp(stkelem, X86EMU_FPU_STKTOP);
+            break;
+          case 1:
+            x86emu_fpu_R_fmulp(stkelem, X86EMU_FPU_STKTOP);
+            break;
+          case 2:
+            x86emu_fpu_R_fcomp(stkelem, X86EMU_FPU_STKTOP);
+            break;
+          case 3:
+            if (stkelem == 1)
+              x86emu_fpu_R_fcompp(stkelem, X86EMU_FPU_STKTOP);
+            else
+              x86emu_fpu_illegal();
+            break;
+          case 4:
+            x86emu_fpu_R_fsubrp(stkelem, X86EMU_FPU_STKTOP);
+            break;
+          case 5:
+            x86emu_fpu_R_fsubp(stkelem, X86EMU_FPU_STKTOP);
+            break;
+          case 6:
+            x86emu_fpu_R_fdivrp(stkelem, X86EMU_FPU_STKTOP);
+            break;
+          case 7:
+            x86emu_fpu_R_fdivp(stkelem, X86EMU_FPU_STKTOP);
+            break;
+        }
+        break;
+      default:
+        switch (rh) {
+          case 0:
+            x86emu_fpu_M_fiadd(X86EMU_FPU_WORD, destoffset);
+            break;
+          case 1:
+            x86emu_fpu_M_fimul(X86EMU_FPU_WORD, destoffset);
+            break;
+          case 2:
+            x86emu_fpu_M_ficom(X86EMU_FPU_WORD, destoffset);
+            break;
+          case 3:
+            x86emu_fpu_M_ficomp(X86EMU_FPU_WORD, destoffset);
+            break;
+          case 4:
+            x86emu_fpu_M_fisub(X86EMU_FPU_WORD, destoffset);
+            break;
+          case 5:
+            x86emu_fpu_M_fisubr(X86EMU_FPU_WORD, destoffset);
+            break;
+          case 6:
+            x86emu_fpu_M_fidiv(X86EMU_FPU_WORD, destoffset);
+            break;
+          case 7:
+            x86emu_fpu_M_fidivr(X86EMU_FPU_WORD, destoffset);
+            break;
+        }
+    }
+#endif
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR_NO_TRACE();
+}
+
+#ifdef DEBUG
+
+static const char *x86emu_fpu_op_df_tab[] = {
+    /* mod == 00 */
+    "FILD\tWORD PTR ", "ESC_DF\t39\n", "FIST\tWORD PTR ", "FISTP\tWORD PTR ",
+    "FBLD\tTBYTE PTR ", "FILD\tQWORD PTR ", "FBSTP\tTBYTE PTR ",
+    "FISTP\tQWORD PTR ",
+
+    /* mod == 01 */
+    "FILD\tWORD PTR ", "ESC_DF\t39 ", "FIST\tWORD PTR ", "FISTP\tWORD PTR ",
+    "FBLD\tTBYTE PTR ", "FILD\tQWORD PTR ", "FBSTP\tTBYTE PTR ",
+    "FISTP\tQWORD PTR ",
+
+    /* mod == 10 */
+    "FILD\tWORD PTR ", "ESC_DF\t39 ", "FIST\tWORD PTR ", "FISTP\tWORD PTR ",
+    "FBLD\tTBYTE PTR ", "FILD\tQWORD PTR ", "FBSTP\tTBYTE PTR ",
+    "FISTP\tQWORD PTR ",
+
+    /* mod == 11 */
+    "FFREE\t", "FXCH\t", "FST\t", "FSTP\t",
+    "ESC_DF\t3C,", "ESC_DF\t3D,", "ESC_DF\t3E,", "ESC_DF\t3F,"
+};
+
+#endif /* DEBUG */
+
+/* opcode=0xdf */
+void x86emuOp_esc_coprocess_df(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rl, rh;
+    uint X86EMU_FPU_ONLY(destoffset);
+    u8 X86EMU_FPU_ONLY(stkelem);
+
+    START_OF_INSTR();
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    DECODE_PRINTINSTR32(x86emu_fpu_op_df_tab, mod, rh, rl);
+    switch (mod) {
+      case 0:
+        destoffset = decode_rm00_address(rl);
+        DECODE_PRINTF("\n");
+        break;
+      case 1:
+        destoffset = decode_rm01_address(rl);
+        DECODE_PRINTF("\n");
+        break;
+      case 2:
+        destoffset = decode_rm10_address(rl);
+        DECODE_PRINTF("\n");
+        break;
+      case 3:                   /* register to register */
+        stkelem = (u8)rl;
+        DECODE_PRINTF2("\tST(%d)\n", stkelem);
+        break;
+    }
+#ifdef X86EMU_FPU_PRESENT
+    switch (mod) {
+      case 3:
+        switch (rh) {
+          case 0:
+            x86emu_fpu_R_ffree(stkelem);
+            break;
+          case 1:
+            x86emu_fpu_R_fxch(stkelem);
+            break;
+          case 2:
+            x86emu_fpu_R_fst(stkelem);  /* register version */
+            break;
+          case 3:
+            x86emu_fpu_R_fstp(stkelem); /* register version */
+            break;
+          default:
+            x86emu_fpu_illegal();
+            break;
+        }
+        break;
+      default:
+        switch (rh) {
+          case 0:
+            x86emu_fpu_M_fild(X86EMU_FPU_WORD, destoffset);
+            break;
+          case 1:
+            x86emu_fpu_illegal();
+            break;
+          case 2:
+            x86emu_fpu_M_fist(X86EMU_FPU_WORD, destoffset);
+            break;
+          case 3:
+            x86emu_fpu_M_fistp(X86EMU_FPU_WORD, destoffset);
+            break;
+          case 4:
+            x86emu_fpu_M_fbld(X86EMU_FPU_BSD, destoffset);
+            break;
+          case 5:
+            x86emu_fpu_M_fild(X86EMU_FPU_LONG, destoffset);
+            break;
+          case 6:
+            x86emu_fpu_M_fbstp(X86EMU_FPU_BSD, destoffset);
+            break;
+          case 7:
+            x86emu_fpu_M_fistp(X86EMU_FPU_LONG, destoffset);
+            break;
+        }
+    }
+#endif
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR_NO_TRACE();
+}
diff --git a/src/device/oprom/x86emu/fpu.h b/src/device/oprom/x86emu/fpu.h
new file mode 100644
index 0000000..5fb2714
--- /dev/null
+++ b/src/device/oprom/x86emu/fpu.h
@@ -0,0 +1,61 @@
+/****************************************************************************
+*
+*						Realmode X86 Emulator Library
+*
+*            	Copyright (C) 1996-1999 SciTech Software, Inc.
+* 				     Copyright (C) David Mosberger-Tang
+* 					   Copyright (C) 1999 Egbert Eich
+*
+*  ========================================================================
+*
+*  Permission to use, copy, modify, distribute, and sell this software and
+*  its documentation for any purpose is hereby granted without fee,
+*  provided that the above copyright notice appear in all copies and that
+*  both that copyright notice and this permission notice appear in
+*  supporting documentation, and that the name of the authors not be used
+*  in advertising or publicity pertaining to distribution of the software
+*  without specific, written prior permission.  The authors makes no
+*  representations about the suitability of this software for any purpose.
+*  It is provided "as is" without express or implied warranty.
+*
+*  THE AUTHORS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
+*  INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
+*  EVENT SHALL THE AUTHORS BE LIABLE FOR ANY SPECIAL, INDIRECT OR
+*  CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
+*  USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
+*  OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+*  PERFORMANCE OF THIS SOFTWARE.
+*
+*  ========================================================================
+*
+* Language:		ANSI C
+* Environment:	Any
+* Developer:    Kendall Bennett
+*
+* Description:  Header file for FPU instruction decoding.
+*
+****************************************************************************/
+
+#ifndef __X86EMU_FPU_H
+#define __X86EMU_FPU_H
+
+#ifdef  __cplusplus
+extern "C" {            			/* Use "C" linkage when in C++ mode */
+#endif
+
+/* these have to be defined, whether 8087 support compiled in or not. */
+
+extern void x86emuOp_esc_coprocess_d8 (u8 op1);
+extern void x86emuOp_esc_coprocess_d9 (u8 op1);
+extern void x86emuOp_esc_coprocess_da (u8 op1);
+extern void x86emuOp_esc_coprocess_db (u8 op1);
+extern void x86emuOp_esc_coprocess_dc (u8 op1);
+extern void x86emuOp_esc_coprocess_dd (u8 op1);
+extern void x86emuOp_esc_coprocess_de (u8 op1);
+extern void x86emuOp_esc_coprocess_df (u8 op1);
+
+#ifdef  __cplusplus
+}                       			/* End of "C" linkage for C++   	*/
+#endif
+
+#endif /* __X86EMU_FPU_H */
diff --git a/src/device/oprom/x86emu/ops.c b/src/device/oprom/x86emu/ops.c
new file mode 100644
index 0000000..6917a08
--- /dev/null
+++ b/src/device/oprom/x86emu/ops.c
@@ -0,0 +1,5510 @@
+/****************************************************************************
+*
+*						Realmode X86 Emulator Library
+*
+*            	Copyright (C) 1991-2004 SciTech Software, Inc.
+* 				     Copyright (C) David Mosberger-Tang
+* 					   Copyright (C) 1999 Egbert Eich
+*
+*  ========================================================================
+*
+*  Permission to use, copy, modify, distribute, and sell this software and
+*  its documentation for any purpose is hereby granted without fee,
+*  provided that the above copyright notice appear in all copies and that
+*  both that copyright notice and this permission notice appear in
+*  supporting documentation, and that the name of the authors not be used
+*  in advertising or publicity pertaining to distribution of the software
+*  without specific, written prior permission.  The authors makes no
+*  representations about the suitability of this software for any purpose.
+*  It is provided "as is" without express or implied warranty.
+*
+*  THE AUTHORS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
+*  INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
+*  EVENT SHALL THE AUTHORS BE LIABLE FOR ANY SPECIAL, INDIRECT OR
+*  CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
+*  USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
+*  OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+*  PERFORMANCE OF THIS SOFTWARE.
+*
+*  ========================================================================
+*
+* Language:		ANSI C
+* Environment:	Any
+* Developer:    Kendall Bennett
+*
+* Description:  This file includes subroutines to implement the decoding
+*               and emulation of all the x86 processor instructions.
+*
+* There are approximately 250 subroutines in here, which correspond
+* to the 256 byte-"opcodes" found on the 8086.  The table which
+* dispatches this is found in the files optab.[ch].
+*
+* Each opcode proc has a comment preceeding it which gives it's table
+* address.  Several opcodes are missing (undefined) in the table.
+*
+* Each proc includes information for decoding (DECODE_PRINTF and
+* DECODE_PRINTF2), debugging (TRACE_REGS, SINGLE_STEP), and misc
+* functions (START_OF_INSTR, END_OF_INSTR).
+*
+* Many of the procedures are *VERY* similar in coding.  This has
+* allowed for a very large amount of code to be generated in a fairly
+* short amount of time (i.e. cut, paste, and modify).  The result is
+* that much of the code below could have been folded into subroutines
+* for a large reduction in size of this file.  The downside would be
+* that there would be a penalty in execution speed.  The file could
+* also have been *MUCH* larger by inlining certain functions which
+* were called.  This could have resulted even faster execution.  The
+* prime directive I used to decide whether to inline the code or to
+* modularize it, was basically: 1) no unnecessary subroutine calls,
+* 2) no routines more than about 200 lines in size, and 3) modularize
+* any code that I might not get right the first time.  The fetch_*
+* subroutines fall into the latter category.  The The decode_* fall
+* into the second category.  The coding of the "switch(mod){ .... }"
+* in many of the subroutines below falls into the first category.
+* Especially, the coding of {add,and,or,sub,...}_{byte,word}
+* subroutines are an especially glaring case of the third guideline.
+* Since so much of the code is cloned from other modules (compare
+* opcode #00 to opcode #01), making the basic operations subroutine
+* calls is especially important; otherwise mistakes in coding an
+* "add" would represent a nightmare in maintenance.
+*
+****************************************************************************/
+
+#include "x86emui.h"
+
+/*----------------------------- Implementation ----------------------------*/
+
+/* constant arrays to do several instructions in just one function */
+
+#ifdef DEBUG
+static const char *x86emu_GenOpName[8] = {
+    "ADD", "OR", "ADC", "SBB", "AND", "SUB", "XOR", "CMP"};
+#endif
+
+/* used by several opcodes  */
+static u8 (*genop_byte_operation[])(u8 d, u8 s) =
+{
+    add_byte,           /* 00 */
+    or_byte,            /* 01 */
+    adc_byte,           /* 02 */
+    sbb_byte,           /* 03 */
+    and_byte,           /* 04 */
+    sub_byte,           /* 05 */
+    xor_byte,           /* 06 */
+    cmp_byte,           /* 07 */
+};
+
+static u16 (*genop_word_operation[])(u16 d, u16 s) =
+{
+    add_word,           /*00 */
+    or_word,            /*01 */
+    adc_word,           /*02 */
+    sbb_word,           /*03 */
+    and_word,           /*04 */
+    sub_word,           /*05 */
+    xor_word,           /*06 */
+    cmp_word,           /*07 */
+};
+
+static u32 (*genop_long_operation[])(u32 d, u32 s) =
+{
+    add_long,           /*00 */
+    or_long,            /*01 */
+    adc_long,           /*02 */
+    sbb_long,           /*03 */
+    and_long,           /*04 */
+    sub_long,           /*05 */
+    xor_long,           /*06 */
+    cmp_long,           /*07 */
+};
+
+/* used by opcodes 80, c0, d0, and d2. */
+static u8(*opcD0_byte_operation[])(u8 d, u8 s) =
+{
+    rol_byte,
+    ror_byte,
+    rcl_byte,
+    rcr_byte,
+    shl_byte,
+    shr_byte,
+    shl_byte,           /* sal_byte === shl_byte  by definition */
+    sar_byte,
+};
+
+/* used by opcodes c1, d1, and d3. */
+static u16(*opcD1_word_operation[])(u16 s, u8 d) =
+{
+    rol_word,
+    ror_word,
+    rcl_word,
+    rcr_word,
+    shl_word,
+    shr_word,
+    shl_word,           /* sal_byte === shl_byte  by definition */
+    sar_word,
+};
+
+/* used by opcodes c1, d1, and d3. */
+static u32 (*opcD1_long_operation[])(u32 s, u8 d) =
+{
+    rol_long,
+    ror_long,
+    rcl_long,
+    rcr_long,
+    shl_long,
+    shr_long,
+    shl_long,           /* sal_byte === shl_byte  by definition */
+    sar_long,
+};
+
+#ifdef DEBUG
+
+static const char *opF6_names[8] =
+  { "TEST\t", "", "NOT\t", "NEG\t", "MUL\t", "IMUL\t", "DIV\t", "IDIV\t" };
+
+#endif
+
+/****************************************************************************
+PARAMETERS:
+op1 - Instruction op code
+
+REMARKS:
+Handles illegal opcodes.
+****************************************************************************/
+static void x86emuOp_illegal_op(
+    u8 op1)
+{
+    START_OF_INSTR();
+    if (M.x86.R_SP != 0) {
+        DECODE_PRINTF("ILLEGAL X86 OPCODE\n");
+        TRACE_REGS();
+        DB( printf("%04x:%04x: %02X ILLEGAL X86 OPCODE!\n",
+            M.x86.R_CS, M.x86.R_IP-1,op1));
+        HALT_SYS();
+        }
+    else {
+        /* If we get here, it means the stack pointer is back to zero
+         * so we are just returning from an emulator service call
+         * so therte is no need to display an error message. We trap
+         * the emulator with an 0xF1 opcode to finish the service
+         * call.
+         */
+        X86EMU_halt_sys();
+        }
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcodes 0x00, 0x08, 0x10, 0x18, 0x20, 0x28, 0x30, 0x38
+****************************************************************************/
+static void x86emuOp_genop_byte_RM_R(u8 op1)
+{
+    int mod, rl, rh;
+    uint destoffset;
+    u8 *destreg, *srcreg;
+    u8 destval;
+
+    op1 = (op1 >> 3) & 0x7;
+
+    START_OF_INSTR();
+    DECODE_PRINTF(x86emu_GenOpName[op1]);
+    DECODE_PRINTF("\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if(mod<3)
+        { destoffset = decode_rmXX_address(mod,rl);
+        DECODE_PRINTF(",");
+        destval = fetch_data_byte(destoffset);
+        srcreg = DECODE_RM_BYTE_REGISTER(rh);
+        DECODE_PRINTF("\n");
+        TRACE_AND_STEP();
+        destval = genop_byte_operation[op1](destval, *srcreg);
+        if (op1 != 7)
+            store_data_byte(destoffset, destval);
+        }
+    else
+        {                       /* register to register */
+        destreg = DECODE_RM_BYTE_REGISTER(rl);
+        DECODE_PRINTF(",");
+        srcreg = DECODE_RM_BYTE_REGISTER(rh);
+        DECODE_PRINTF("\n");
+        TRACE_AND_STEP();
+        *destreg = genop_byte_operation[op1](*destreg, *srcreg);
+        }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcodes 0x01, 0x09, 0x11, 0x19, 0x21, 0x29, 0x31, 0x39
+****************************************************************************/
+static void x86emuOp_genop_word_RM_R(u8 op1)
+{
+    int mod, rl, rh;
+    uint destoffset;
+
+    op1 = (op1 >> 3) & 0x7;
+
+    START_OF_INSTR();
+    DECODE_PRINTF(x86emu_GenOpName[op1]);
+    DECODE_PRINTF("\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+
+    if(mod<3) {
+        destoffset = decode_rmXX_address(mod,rl);
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 destval;
+            u32 *srcreg;
+
+            DECODE_PRINTF(",");
+            destval = fetch_data_long(destoffset);
+            srcreg = DECODE_RM_LONG_REGISTER(rh);
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            destval = genop_long_operation[op1](destval, *srcreg);
+            if (op1 != 7)
+                store_data_long(destoffset, destval);
+        } else {
+            u16 destval;
+            u16 *srcreg;
+
+            DECODE_PRINTF(",");
+            destval = fetch_data_word(destoffset);
+            srcreg = DECODE_RM_WORD_REGISTER(rh);
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            destval = genop_word_operation[op1](destval, *srcreg);
+            if (op1 != 7)
+                store_data_word(destoffset, destval);
+        }
+    } else {                    /* register to register */
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 *destreg, *srcreg;
+
+            destreg = DECODE_RM_LONG_REGISTER(rl);
+            DECODE_PRINTF(",");
+            srcreg = DECODE_RM_LONG_REGISTER(rh);
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            *destreg = genop_long_operation[op1](*destreg, *srcreg);
+        } else {
+            u16 *destreg, *srcreg;
+
+            destreg = DECODE_RM_WORD_REGISTER(rl);
+            DECODE_PRINTF(",");
+            srcreg = DECODE_RM_WORD_REGISTER(rh);
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            *destreg = genop_word_operation[op1](*destreg, *srcreg);
+        }
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcodes 0x02, 0x0a, 0x12, 0x1a, 0x22, 0x2a, 0x32, 0x3a
+****************************************************************************/
+static void x86emuOp_genop_byte_R_RM(u8 op1)
+{
+    int mod, rl, rh;
+    u8 *destreg, *srcreg;
+    uint srcoffset;
+    u8 srcval;
+
+    op1 = (op1 >> 3) & 0x7;
+
+    START_OF_INSTR();
+    DECODE_PRINTF(x86emu_GenOpName[op1]);
+    DECODE_PRINTF("\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (mod < 3) {
+        destreg = DECODE_RM_BYTE_REGISTER(rh);
+        DECODE_PRINTF(",");
+        srcoffset = decode_rmXX_address(mod,rl);
+        srcval = fetch_data_byte(srcoffset);
+    } else {     /* register to register */
+        destreg = DECODE_RM_BYTE_REGISTER(rh);
+        DECODE_PRINTF(",");
+        srcreg = DECODE_RM_BYTE_REGISTER(rl);
+        srcval = *srcreg;
+    }
+    DECODE_PRINTF("\n");
+    TRACE_AND_STEP();
+    *destreg = genop_byte_operation[op1](*destreg, srcval);
+
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcodes 0x03, 0x0b, 0x13, 0x1b, 0x23, 0x2b, 0x33, 0x3b
+****************************************************************************/
+static void x86emuOp_genop_word_R_RM(u8 op1)
+{
+    int mod, rl, rh;
+    uint srcoffset;
+    u32 *destreg32, srcval;
+    u16 *destreg;
+
+    op1 = (op1 >> 3) & 0x7;
+
+    START_OF_INSTR();
+    DECODE_PRINTF(x86emu_GenOpName[op1]);
+    DECODE_PRINTF("\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (mod < 3) {
+        srcoffset = decode_rmXX_address(mod,rl);
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            destreg32 = DECODE_RM_LONG_REGISTER(rh);
+            DECODE_PRINTF(",");
+            srcval = fetch_data_long(srcoffset);
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            *destreg32 = genop_long_operation[op1](*destreg32, srcval);
+        } else {
+            destreg = DECODE_RM_WORD_REGISTER(rh);
+            DECODE_PRINTF(",");
+            srcval = fetch_data_word(srcoffset);
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            *destreg = genop_word_operation[op1](*destreg, srcval);
+        }
+    } else {                     /* register to register */
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 *srcreg;
+            destreg32 = DECODE_RM_LONG_REGISTER(rh);
+            DECODE_PRINTF(",");
+            srcreg = DECODE_RM_LONG_REGISTER(rl);
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            *destreg32 = genop_long_operation[op1](*destreg32, *srcreg);
+        } else {
+            u16 *srcreg;
+            destreg = DECODE_RM_WORD_REGISTER(rh);
+            DECODE_PRINTF(",");
+            srcreg = DECODE_RM_WORD_REGISTER(rl);
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            *destreg = genop_word_operation[op1](*destreg, *srcreg);
+        }
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcodes 0x04, 0x0c, 0x14, 0x1c, 0x24, 0x2c, 0x34, 0x3c
+****************************************************************************/
+static void x86emuOp_genop_byte_AL_IMM(u8 op1)
+{
+    u8 srcval;
+
+    op1 = (op1 >> 3) & 0x7;
+
+    START_OF_INSTR();
+    DECODE_PRINTF(x86emu_GenOpName[op1]);
+    DECODE_PRINTF("\tAL,");
+    srcval = fetch_byte_imm();
+    DECODE_PRINTF2("%x\n", srcval);
+    TRACE_AND_STEP();
+    M.x86.R_AL = genop_byte_operation[op1](M.x86.R_AL, srcval);
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcodes 0x05, 0x0d, 0x15, 0x1d, 0x25, 0x2d, 0x35, 0x3d
+****************************************************************************/
+static void x86emuOp_genop_word_AX_IMM(u8 op1)
+{
+    u32 srcval;
+
+    op1 = (op1 >> 3) & 0x7;
+
+    START_OF_INSTR();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        DECODE_PRINTF(x86emu_GenOpName[op1]);
+        DECODE_PRINTF("\tEAX,");
+        srcval = fetch_long_imm();
+    } else {
+        DECODE_PRINTF(x86emu_GenOpName[op1]);
+        DECODE_PRINTF("\tAX,");
+        srcval = fetch_word_imm();
+    }
+    DECODE_PRINTF2("%x\n", srcval);
+    TRACE_AND_STEP();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        M.x86.R_EAX = genop_long_operation[op1](M.x86.R_EAX, srcval);
+    } else {
+        M.x86.R_AX = genop_word_operation[op1](M.x86.R_AX, (u16)srcval);
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x06
+****************************************************************************/
+static void x86emuOp_push_ES(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("PUSH\tES\n");
+    TRACE_AND_STEP();
+    push_word(M.x86.R_ES);
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x07
+****************************************************************************/
+static void x86emuOp_pop_ES(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("POP\tES\n");
+    TRACE_AND_STEP();
+    M.x86.R_ES = pop_word();
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x0e
+****************************************************************************/
+static void x86emuOp_push_CS(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("PUSH\tCS\n");
+    TRACE_AND_STEP();
+    push_word(M.x86.R_CS);
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x0f. Escape for two-byte opcode (286 or better)
+****************************************************************************/
+static void x86emuOp_two_byte(u8 X86EMU_UNUSED(op1))
+{
+    u8 op2 = (*sys_rdb)(((u32)M.x86.R_CS << 4) + (M.x86.R_IP++));
+    INC_DECODED_INST_LEN(1);
+    (*x86emu_optab2[op2])(op2);
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x16
+****************************************************************************/
+static void x86emuOp_push_SS(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("PUSH\tSS\n");
+    TRACE_AND_STEP();
+    push_word(M.x86.R_SS);
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x17
+****************************************************************************/
+static void x86emuOp_pop_SS(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("POP\tSS\n");
+    TRACE_AND_STEP();
+    M.x86.R_SS = pop_word();
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x1e
+****************************************************************************/
+static void x86emuOp_push_DS(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("PUSH\tDS\n");
+    TRACE_AND_STEP();
+    push_word(M.x86.R_DS);
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x1f
+****************************************************************************/
+static void x86emuOp_pop_DS(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("POP\tDS\n");
+    TRACE_AND_STEP();
+    M.x86.R_DS = pop_word();
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x26
+****************************************************************************/
+static void x86emuOp_segovr_ES(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("ES:\n");
+    TRACE_AND_STEP();
+    M.x86.mode |= SYSMODE_SEGOVR_ES;
+    /*
+     * note the lack of DECODE_CLEAR_SEGOVR(r) since, here is one of 4
+     * opcode subroutines we do not want to do this.
+     */
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x27
+****************************************************************************/
+static void x86emuOp_daa(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("DAA\n");
+    TRACE_AND_STEP();
+    M.x86.R_AL = daa_byte(M.x86.R_AL);
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x2e
+****************************************************************************/
+static void x86emuOp_segovr_CS(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("CS:\n");
+    TRACE_AND_STEP();
+    M.x86.mode |= SYSMODE_SEGOVR_CS;
+    /* note no DECODE_CLEAR_SEGOVR here. */
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x2f
+****************************************************************************/
+static void x86emuOp_das(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("DAS\n");
+    TRACE_AND_STEP();
+    M.x86.R_AL = das_byte(M.x86.R_AL);
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x36
+****************************************************************************/
+static void x86emuOp_segovr_SS(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("SS:\n");
+    TRACE_AND_STEP();
+    M.x86.mode |= SYSMODE_SEGOVR_SS;
+    /* no DECODE_CLEAR_SEGOVR ! */
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x37
+****************************************************************************/
+static void x86emuOp_aaa(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("AAA\n");
+    TRACE_AND_STEP();
+    M.x86.R_AX = aaa_word(M.x86.R_AX);
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x3e
+****************************************************************************/
+static void x86emuOp_segovr_DS(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("DS:\n");
+    TRACE_AND_STEP();
+    M.x86.mode |= SYSMODE_SEGOVR_DS;
+    /* NO DECODE_CLEAR_SEGOVR! */
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x3f
+****************************************************************************/
+static void x86emuOp_aas(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("AAS\n");
+    TRACE_AND_STEP();
+    M.x86.R_AX = aas_word(M.x86.R_AX);
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x40 - 0x47
+****************************************************************************/
+static void x86emuOp_inc_register(u8 op1)
+{
+    START_OF_INSTR();
+    op1 &= 0x7;
+    DECODE_PRINTF("INC\t");
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        u32 *reg;
+        reg = DECODE_RM_LONG_REGISTER(op1);
+        DECODE_PRINTF("\n");
+        TRACE_AND_STEP();
+        *reg = inc_long(*reg);
+    } else {
+        u16 *reg;
+        reg = DECODE_RM_WORD_REGISTER(op1);
+        DECODE_PRINTF("\n");
+        TRACE_AND_STEP();
+        *reg = inc_word(*reg);
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x48 - 0x4F
+****************************************************************************/
+static void x86emuOp_dec_register(u8 op1)
+{
+    START_OF_INSTR();
+    op1 &= 0x7;
+    DECODE_PRINTF("DEC\t");
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        u32 *reg;
+        reg = DECODE_RM_LONG_REGISTER(op1);
+        DECODE_PRINTF("\n");
+        TRACE_AND_STEP();
+        *reg = dec_long(*reg);
+    } else {
+        u16 *reg;
+        reg = DECODE_RM_WORD_REGISTER(op1);
+        DECODE_PRINTF("\n");
+        TRACE_AND_STEP();
+        *reg = dec_word(*reg);
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x50 - 0x57
+****************************************************************************/
+static void x86emuOp_push_register(u8 op1)
+{
+    START_OF_INSTR();
+    op1 &= 0x7;
+    DECODE_PRINTF("PUSH\t");
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        u32 *reg;
+        reg = DECODE_RM_LONG_REGISTER(op1);
+        DECODE_PRINTF("\n");
+        TRACE_AND_STEP();
+        push_long(*reg);
+    } else {
+        u16 *reg;
+        reg = DECODE_RM_WORD_REGISTER(op1);
+        DECODE_PRINTF("\n");
+        TRACE_AND_STEP();
+        push_word(*reg);
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x58 - 0x5F
+****************************************************************************/
+static void x86emuOp_pop_register(u8 op1)
+{
+    START_OF_INSTR();
+    op1 &= 0x7;
+    DECODE_PRINTF("POP\t");
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        u32 *reg;
+        reg = DECODE_RM_LONG_REGISTER(op1);
+        DECODE_PRINTF("\n");
+        TRACE_AND_STEP();
+        *reg = pop_long();
+    } else {
+        u16 *reg;
+        reg = DECODE_RM_WORD_REGISTER(op1);
+        DECODE_PRINTF("\n");
+        TRACE_AND_STEP();
+        *reg = pop_word();
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x60
+****************************************************************************/
+static void x86emuOp_push_all(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        DECODE_PRINTF("PUSHAD\n");
+    } else {
+        DECODE_PRINTF("PUSHA\n");
+    }
+    TRACE_AND_STEP();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        u32 old_sp = M.x86.R_ESP;
+
+        push_long(M.x86.R_EAX);
+        push_long(M.x86.R_ECX);
+        push_long(M.x86.R_EDX);
+        push_long(M.x86.R_EBX);
+        push_long(old_sp);
+        push_long(M.x86.R_EBP);
+        push_long(M.x86.R_ESI);
+        push_long(M.x86.R_EDI);
+    } else {
+        u16 old_sp = M.x86.R_SP;
+
+        push_word(M.x86.R_AX);
+        push_word(M.x86.R_CX);
+        push_word(M.x86.R_DX);
+        push_word(M.x86.R_BX);
+        push_word(old_sp);
+        push_word(M.x86.R_BP);
+        push_word(M.x86.R_SI);
+        push_word(M.x86.R_DI);
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x61
+****************************************************************************/
+static void x86emuOp_pop_all(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        DECODE_PRINTF("POPAD\n");
+    } else {
+        DECODE_PRINTF("POPA\n");
+    }
+    TRACE_AND_STEP();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        M.x86.R_EDI = pop_long();
+        M.x86.R_ESI = pop_long();
+        M.x86.R_EBP = pop_long();
+        M.x86.R_ESP += 4;              /* skip ESP */
+        M.x86.R_EBX = pop_long();
+        M.x86.R_EDX = pop_long();
+        M.x86.R_ECX = pop_long();
+        M.x86.R_EAX = pop_long();
+    } else {
+        M.x86.R_DI = pop_word();
+        M.x86.R_SI = pop_word();
+        M.x86.R_BP = pop_word();
+        M.x86.R_SP += 2;               /* skip SP */
+        M.x86.R_BX = pop_word();
+        M.x86.R_DX = pop_word();
+        M.x86.R_CX = pop_word();
+        M.x86.R_AX = pop_word();
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/*opcode 0x62   ILLEGAL OP, calls x86emuOp_illegal_op() */
+/*opcode 0x63   ILLEGAL OP, calls x86emuOp_illegal_op() */
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x64
+****************************************************************************/
+static void x86emuOp_segovr_FS(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("FS:\n");
+    TRACE_AND_STEP();
+    M.x86.mode |= SYSMODE_SEGOVR_FS;
+    /*
+     * note the lack of DECODE_CLEAR_SEGOVR(r) since, here is one of 4
+     * opcode subroutines we do not want to do this.
+     */
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x65
+****************************************************************************/
+static void x86emuOp_segovr_GS(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("GS:\n");
+    TRACE_AND_STEP();
+    M.x86.mode |= SYSMODE_SEGOVR_GS;
+    /*
+     * note the lack of DECODE_CLEAR_SEGOVR(r) since, here is one of 4
+     * opcode subroutines we do not want to do this.
+     */
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x66 - prefix for 32-bit register
+****************************************************************************/
+static void x86emuOp_prefix_data(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("DATA:\n");
+    TRACE_AND_STEP();
+    M.x86.mode |= SYSMODE_PREFIX_DATA;
+    /* note no DECODE_CLEAR_SEGOVR here. */
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x67 - prefix for 32-bit address
+****************************************************************************/
+static void x86emuOp_prefix_addr(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("ADDR:\n");
+    TRACE_AND_STEP();
+    M.x86.mode |= SYSMODE_PREFIX_ADDR;
+    /* note no DECODE_CLEAR_SEGOVR here. */
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x68
+****************************************************************************/
+static void x86emuOp_push_word_IMM(u8 X86EMU_UNUSED(op1))
+{
+    u32 imm;
+
+    START_OF_INSTR();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        imm = fetch_long_imm();
+    } else {
+        imm = fetch_word_imm();
+    }
+    DECODE_PRINTF2("PUSH\t%x\n", imm);
+    TRACE_AND_STEP();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        push_long(imm);
+    } else {
+        push_word((u16)imm);
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x69
+****************************************************************************/
+static void x86emuOp_imul_word_IMM(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rl, rh;
+    uint srcoffset;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("IMUL\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (mod < 3) {
+        srcoffset = decode_rmXX_address(mod, rl);
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 *destreg;
+            u32 srcval;
+            u32 res_lo,res_hi;
+            s32 imm;
+
+            destreg = DECODE_RM_LONG_REGISTER(rh);
+            DECODE_PRINTF(",");
+            srcval = fetch_data_long(srcoffset);
+            imm = fetch_long_imm();
+            DECODE_PRINTF2(",%d\n", (s32)imm);
+            TRACE_AND_STEP();
+            imul_long_direct(&res_lo,&res_hi,(s32)srcval,(s32)imm);
+            if ((((res_lo & 0x80000000) == 0) && (res_hi == 0x00000000)) ||
+                (((res_lo & 0x80000000) != 0) && (res_hi == 0xFFFFFFFF))) {
+                CLEAR_FLAG(F_CF);
+                CLEAR_FLAG(F_OF);
+            } else {
+                SET_FLAG(F_CF);
+                SET_FLAG(F_OF);
+            }
+            *destreg = (u32)res_lo;
+        } else {
+            u16 *destreg;
+            u16 srcval;
+            u32 res;
+            s16 imm;
+
+            destreg = DECODE_RM_WORD_REGISTER(rh);
+            DECODE_PRINTF(",");
+            srcval = fetch_data_word(srcoffset);
+            imm = fetch_word_imm();
+            DECODE_PRINTF2(",%d\n", (s32)imm);
+            TRACE_AND_STEP();
+            res = (s16)srcval * (s16)imm;
+            if ((((res & 0x8000) == 0) && ((res >> 16) == 0x0000)) ||
+                (((res & 0x8000) != 0) && ((res >> 16) == 0xFFFF))) {
+                CLEAR_FLAG(F_CF);
+                CLEAR_FLAG(F_OF);
+            } else {
+                SET_FLAG(F_CF);
+                SET_FLAG(F_OF);
+            }
+            *destreg = (u16)res;
+        }
+    } else {                     /* register to register */
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 *destreg,*srcreg;
+            u32 res_lo,res_hi;
+            s32 imm;
+
+            destreg = DECODE_RM_LONG_REGISTER(rh);
+            DECODE_PRINTF(",");
+            srcreg = DECODE_RM_LONG_REGISTER(rl);
+            imm = fetch_long_imm();
+            DECODE_PRINTF2(",%d\n", (s32)imm);
+            TRACE_AND_STEP();
+            imul_long_direct(&res_lo,&res_hi,(s32)*srcreg,(s32)imm);
+            if ((((res_lo & 0x80000000) == 0) && (res_hi == 0x00000000)) ||
+                (((res_lo & 0x80000000) != 0) && (res_hi == 0xFFFFFFFF))) {
+                CLEAR_FLAG(F_CF);
+                CLEAR_FLAG(F_OF);
+            } else {
+                SET_FLAG(F_CF);
+                SET_FLAG(F_OF);
+            }
+            *destreg = (u32)res_lo;
+        } else {
+            u16 *destreg,*srcreg;
+            u32 res;
+            s16 imm;
+
+            destreg = DECODE_RM_WORD_REGISTER(rh);
+            DECODE_PRINTF(",");
+            srcreg = DECODE_RM_WORD_REGISTER(rl);
+            imm = fetch_word_imm();
+            DECODE_PRINTF2(",%d\n", (s32)imm);
+            res = (s16)*srcreg * (s16)imm;
+            if ((((res & 0x8000) == 0) && ((res >> 16) == 0x0000)) ||
+                (((res & 0x8000) != 0) && ((res >> 16) == 0xFFFF))) {
+                CLEAR_FLAG(F_CF);
+                CLEAR_FLAG(F_OF);
+            } else {
+                SET_FLAG(F_CF);
+                SET_FLAG(F_OF);
+            }
+            *destreg = (u16)res;
+        }
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x6a
+****************************************************************************/
+static void x86emuOp_push_byte_IMM(u8 X86EMU_UNUSED(op1))
+{
+    s16 imm;
+
+    START_OF_INSTR();
+    imm = (s8)fetch_byte_imm();
+    DECODE_PRINTF2("PUSH\t%d\n", imm);
+    TRACE_AND_STEP();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        push_long(imm);
+    } else {
+        push_word(imm);
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x6b
+****************************************************************************/
+static void x86emuOp_imul_byte_IMM(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rl, rh;
+    uint srcoffset;
+    s8  imm;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("IMUL\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (mod < 3) {
+        srcoffset = decode_rmXX_address(mod, rl);
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 *destreg;
+            u32 srcval;
+            u32 res_lo,res_hi;
+
+            destreg = DECODE_RM_LONG_REGISTER(rh);
+            DECODE_PRINTF(",");
+            srcval = fetch_data_long(srcoffset);
+            imm = fetch_byte_imm();
+            DECODE_PRINTF2(",%d\n", (s32)imm);
+            TRACE_AND_STEP();
+            imul_long_direct(&res_lo,&res_hi,(s32)srcval,(s32)imm);
+            if ((((res_lo & 0x80000000) == 0) && (res_hi == 0x00000000)) ||
+                (((res_lo & 0x80000000) != 0) && (res_hi == 0xFFFFFFFF))) {
+                CLEAR_FLAG(F_CF);
+                CLEAR_FLAG(F_OF);
+            } else {
+                SET_FLAG(F_CF);
+                SET_FLAG(F_OF);
+            }
+            *destreg = (u32)res_lo;
+        } else {
+            u16 *destreg;
+            u16 srcval;
+            u32 res;
+
+            destreg = DECODE_RM_WORD_REGISTER(rh);
+            DECODE_PRINTF(",");
+            srcval = fetch_data_word(srcoffset);
+            imm = fetch_byte_imm();
+            DECODE_PRINTF2(",%d\n", (s32)imm);
+            TRACE_AND_STEP();
+            res = (s16)srcval * (s16)imm;
+            if ((((res & 0x8000) == 0) && ((res >> 16) == 0x0000)) ||
+                (((res & 0x8000) != 0) && ((res >> 16) == 0xFFFF))) {
+                CLEAR_FLAG(F_CF);
+                CLEAR_FLAG(F_OF);
+            } else {
+                SET_FLAG(F_CF);
+                SET_FLAG(F_OF);
+            }
+            *destreg = (u16)res;
+        }
+    } else {                     /* register to register */
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 *destreg,*srcreg;
+            u32 res_lo,res_hi;
+
+            destreg = DECODE_RM_LONG_REGISTER(rh);
+            DECODE_PRINTF(",");
+            srcreg = DECODE_RM_LONG_REGISTER(rl);
+            imm = fetch_byte_imm();
+            DECODE_PRINTF2(",%d\n", (s32)imm);
+            TRACE_AND_STEP();
+            imul_long_direct(&res_lo,&res_hi,(s32)*srcreg,(s32)imm);
+            if ((((res_lo & 0x80000000) == 0) && (res_hi == 0x00000000)) ||
+                (((res_lo & 0x80000000) != 0) && (res_hi == 0xFFFFFFFF))) {
+                CLEAR_FLAG(F_CF);
+                CLEAR_FLAG(F_OF);
+            } else {
+                SET_FLAG(F_CF);
+                SET_FLAG(F_OF);
+            }
+            *destreg = (u32)res_lo;
+        } else {
+            u16 *destreg,*srcreg;
+            u32 res;
+
+            destreg = DECODE_RM_WORD_REGISTER(rh);
+            DECODE_PRINTF(",");
+            srcreg = DECODE_RM_WORD_REGISTER(rl);
+            imm = fetch_byte_imm();
+            DECODE_PRINTF2(",%d\n", (s32)imm);
+            TRACE_AND_STEP();
+            res = (s16)*srcreg * (s16)imm;
+            if ((((res & 0x8000) == 0) && ((res >> 16) == 0x0000)) ||
+                (((res & 0x8000) != 0) && ((res >> 16) == 0xFFFF))) {
+                CLEAR_FLAG(F_CF);
+                CLEAR_FLAG(F_OF);
+            } else {
+                SET_FLAG(F_CF);
+                SET_FLAG(F_OF);
+            }
+            *destreg = (u16)res;
+        }
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x6c
+****************************************************************************/
+static void x86emuOp_ins_byte(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("INSB\n");
+    ins(1);
+    TRACE_AND_STEP();
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x6d
+****************************************************************************/
+static void x86emuOp_ins_word(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        DECODE_PRINTF("INSD\n");
+        ins(4);
+    } else {
+        DECODE_PRINTF("INSW\n");
+        ins(2);
+    }
+    TRACE_AND_STEP();
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x6e
+****************************************************************************/
+static void x86emuOp_outs_byte(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("OUTSB\n");
+    outs(1);
+    TRACE_AND_STEP();
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x6f
+****************************************************************************/
+static void x86emuOp_outs_word(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        DECODE_PRINTF("OUTSD\n");
+        outs(4);
+    } else {
+        DECODE_PRINTF("OUTSW\n");
+        outs(2);
+    }
+    TRACE_AND_STEP();
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x70 - 0x7F
+****************************************************************************/
+static void x86emuOp_jump_near_cond(u8 op1)
+{
+    s8 offset;
+    u16 target;
+    int cond;
+
+    /* jump to byte offset if overflow flag is set */
+    START_OF_INSTR();
+    cond = x86emu_check_jump_condition(op1 & 0xF);
+    offset = (s8)fetch_byte_imm();
+    target = (u16)(M.x86.R_IP + (s16)offset);
+    DECODE_PRINTF2("%x\n", target);
+    TRACE_AND_STEP();
+    if (cond) {
+        M.x86.R_IP = target;
+	JMP_TRACE(M.x86.saved_cs, M.x86.saved_ip, M.x86.R_CS, M.x86.R_IP, " NEAR COND ");
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x80
+****************************************************************************/
+static void x86emuOp_opc80_byte_RM_IMM(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rl, rh;
+    u8 *destreg;
+    uint destoffset;
+    u8 imm;
+    u8 destval;
+
+    /*
+     * Weirdo special case instruction format.  Part of the opcode
+     * held below in "RH".  Doubly nested case would result, except
+     * that the decoded instruction
+     */
+    START_OF_INSTR();
+    FETCH_DECODE_MODRM(mod, rh, rl);
+#ifdef DEBUG
+    if (DEBUG_DECODE()) {
+        /* XXX DECODE_PRINTF may be changed to something more
+           general, so that it is important to leave the strings
+           in the same format, even though the result is that the
+           above test is done twice. */
+
+        switch (rh) {
+        case 0:
+            DECODE_PRINTF("ADD\t");
+            break;
+        case 1:
+            DECODE_PRINTF("OR\t");
+            break;
+        case 2:
+            DECODE_PRINTF("ADC\t");
+            break;
+        case 3:
+            DECODE_PRINTF("SBB\t");
+            break;
+        case 4:
+            DECODE_PRINTF("AND\t");
+            break;
+        case 5:
+            DECODE_PRINTF("SUB\t");
+            break;
+        case 6:
+            DECODE_PRINTF("XOR\t");
+            break;
+        case 7:
+            DECODE_PRINTF("CMP\t");
+            break;
+        }
+    }
+#endif
+    /* know operation, decode the mod byte to find the addressing
+       mode. */
+    if (mod < 3) {
+        DECODE_PRINTF("BYTE PTR ");
+        destoffset = decode_rmXX_address(mod, rl);
+        DECODE_PRINTF(",");
+        destval = fetch_data_byte(destoffset);
+        imm = fetch_byte_imm();
+        DECODE_PRINTF2("%x\n", imm);
+        TRACE_AND_STEP();
+        destval = (*genop_byte_operation[rh]) (destval, imm);
+        if (rh != 7)
+            store_data_byte(destoffset, destval);
+    } else {                     /* register to register */
+        destreg = DECODE_RM_BYTE_REGISTER(rl);
+        DECODE_PRINTF(",");
+        imm = fetch_byte_imm();
+        DECODE_PRINTF2("%x\n", imm);
+        TRACE_AND_STEP();
+        *destreg = (*genop_byte_operation[rh]) (*destreg, imm);
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x81
+****************************************************************************/
+static void x86emuOp_opc81_word_RM_IMM(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rl, rh;
+    uint destoffset;
+
+    /*
+     * Weirdo special case instruction format.  Part of the opcode
+     * held below in "RH".  Doubly nested case would result, except
+     * that the decoded instruction
+     */
+    START_OF_INSTR();
+    FETCH_DECODE_MODRM(mod, rh, rl);
+#ifdef DEBUG
+    if (DEBUG_DECODE()) {
+        /* XXX DECODE_PRINTF may be changed to something more
+           general, so that it is important to leave the strings
+           in the same format, even though the result is that the
+           above test is done twice. */
+
+        switch (rh) {
+        case 0:
+            DECODE_PRINTF("ADD\t");
+            break;
+        case 1:
+            DECODE_PRINTF("OR\t");
+            break;
+        case 2:
+            DECODE_PRINTF("ADC\t");
+            break;
+        case 3:
+            DECODE_PRINTF("SBB\t");
+            break;
+        case 4:
+            DECODE_PRINTF("AND\t");
+            break;
+        case 5:
+            DECODE_PRINTF("SUB\t");
+            break;
+        case 6:
+            DECODE_PRINTF("XOR\t");
+            break;
+        case 7:
+            DECODE_PRINTF("CMP\t");
+            break;
+        }
+    }
+#endif
+    /*
+     * Know operation, decode the mod byte to find the addressing
+     * mode.
+     */
+    if (mod < 3) {
+        DECODE_PRINTF("DWORD PTR ");
+        destoffset = decode_rmXX_address(mod, rl);
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 destval,imm;
+
+            DECODE_PRINTF(",");
+            destval = fetch_data_long(destoffset);
+            imm = fetch_long_imm();
+            DECODE_PRINTF2("%x\n", imm);
+            TRACE_AND_STEP();
+            destval = (*genop_long_operation[rh]) (destval, imm);
+            if (rh != 7)
+                store_data_long(destoffset, destval);
+        } else {
+            u16 destval,imm;
+
+            DECODE_PRINTF(",");
+            destval = fetch_data_word(destoffset);
+            imm = fetch_word_imm();
+            DECODE_PRINTF2("%x\n", imm);
+            TRACE_AND_STEP();
+            destval = (*genop_word_operation[rh]) (destval, imm);
+            if (rh != 7)
+                store_data_word(destoffset, destval);
+        }
+    } else {                     /* register to register */
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 *destreg, imm;
+
+            destreg = DECODE_RM_LONG_REGISTER(rl);
+            DECODE_PRINTF(",");
+            imm = fetch_long_imm();
+            DECODE_PRINTF2("%x\n", imm);
+            TRACE_AND_STEP();
+            *destreg = (*genop_long_operation[rh]) (*destreg, imm);
+        } else {
+            u16 *destreg, imm;
+
+            destreg = DECODE_RM_WORD_REGISTER(rl);
+            DECODE_PRINTF(",");
+            imm = fetch_word_imm();
+            DECODE_PRINTF2("%x\n", imm);
+            TRACE_AND_STEP();
+            *destreg = (*genop_word_operation[rh]) (*destreg, imm);
+        }
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x82
+****************************************************************************/
+static void x86emuOp_opc82_byte_RM_IMM(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rl, rh;
+    u8 *destreg;
+    uint destoffset;
+    u8 imm;
+    u8 destval;
+
+    /*
+     * Weirdo special case instruction format.  Part of the opcode
+     * held below in "RH".  Doubly nested case would result, except
+     * that the decoded instruction Similar to opcode 81, except that
+     * the immediate byte is sign extended to a word length.
+     */
+    START_OF_INSTR();
+    FETCH_DECODE_MODRM(mod, rh, rl);
+#ifdef DEBUG
+    if (DEBUG_DECODE()) {
+        /* XXX DECODE_PRINTF may be changed to something more
+           general, so that it is important to leave the strings
+           in the same format, even though the result is that the
+           above test is done twice. */
+        switch (rh) {
+        case 0:
+            DECODE_PRINTF("ADD\t");
+            break;
+        case 1:
+            DECODE_PRINTF("OR\t");
+            break;
+        case 2:
+            DECODE_PRINTF("ADC\t");
+            break;
+        case 3:
+            DECODE_PRINTF("SBB\t");
+            break;
+        case 4:
+            DECODE_PRINTF("AND\t");
+            break;
+        case 5:
+            DECODE_PRINTF("SUB\t");
+            break;
+        case 6:
+            DECODE_PRINTF("XOR\t");
+            break;
+        case 7:
+            DECODE_PRINTF("CMP\t");
+            break;
+        }
+    }
+#endif
+    /* know operation, decode the mod byte to find the addressing
+       mode. */
+    if (mod < 3) {
+        DECODE_PRINTF("BYTE PTR ");
+        destoffset = decode_rmXX_address(mod, rl);
+        destval = fetch_data_byte(destoffset);
+        imm = fetch_byte_imm();
+        DECODE_PRINTF2(",%x\n", imm);
+        TRACE_AND_STEP();
+        destval = (*genop_byte_operation[rh]) (destval, imm);
+        if (rh != 7)
+            store_data_byte(destoffset, destval);
+    } else {                     /* register to register */
+        destreg = DECODE_RM_BYTE_REGISTER(rl);
+        imm = fetch_byte_imm();
+        DECODE_PRINTF2(",%x\n", imm);
+        TRACE_AND_STEP();
+        *destreg = (*genop_byte_operation[rh]) (*destreg, imm);
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x83
+****************************************************************************/
+static void x86emuOp_opc83_word_RM_IMM(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rl, rh;
+    uint destoffset;
+
+    /*
+     * Weirdo special case instruction format.  Part of the opcode
+     * held below in "RH".  Doubly nested case would result, except
+     * that the decoded instruction Similar to opcode 81, except that
+     * the immediate byte is sign extended to a word length.
+     */
+    START_OF_INSTR();
+    FETCH_DECODE_MODRM(mod, rh, rl);
+#ifdef DEBUG
+    if (DEBUG_DECODE()) {
+        /* XXX DECODE_PRINTF may be changed to something more
+           general, so that it is important to leave the strings
+           in the same format, even though the result is that the
+           above test is done twice. */
+       switch (rh) {
+        case 0:
+            DECODE_PRINTF("ADD\t");
+            break;
+        case 1:
+            DECODE_PRINTF("OR\t");
+            break;
+        case 2:
+            DECODE_PRINTF("ADC\t");
+            break;
+        case 3:
+            DECODE_PRINTF("SBB\t");
+            break;
+        case 4:
+            DECODE_PRINTF("AND\t");
+            break;
+        case 5:
+            DECODE_PRINTF("SUB\t");
+            break;
+        case 6:
+            DECODE_PRINTF("XOR\t");
+            break;
+        case 7:
+            DECODE_PRINTF("CMP\t");
+            break;
+        }
+    }
+#endif
+    /* know operation, decode the mod byte to find the addressing
+       mode. */
+    if (mod < 3) {
+        DECODE_PRINTF("DWORD PTR ");
+        destoffset = decode_rmXX_address(mod,rl);
+
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 destval,imm;
+
+            destval = fetch_data_long(destoffset);
+            imm = (s8) fetch_byte_imm();
+            DECODE_PRINTF2(",%x\n", imm);
+            TRACE_AND_STEP();
+            destval = (*genop_long_operation[rh]) (destval, imm);
+            if (rh != 7)
+                store_data_long(destoffset, destval);
+        } else {
+            u16 destval,imm;
+
+            destval = fetch_data_word(destoffset);
+            imm = (s8) fetch_byte_imm();
+            DECODE_PRINTF2(",%x\n", imm);
+            TRACE_AND_STEP();
+            destval = (*genop_word_operation[rh]) (destval, imm);
+            if (rh != 7)
+                store_data_word(destoffset, destval);
+        }
+    } else {                     /* register to register */
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 *destreg, imm;
+
+            destreg = DECODE_RM_LONG_REGISTER(rl);
+            imm = (s8) fetch_byte_imm();
+            DECODE_PRINTF2(",%x\n", imm);
+            TRACE_AND_STEP();
+            *destreg = (*genop_long_operation[rh]) (*destreg, imm);
+        } else {
+            u16 *destreg, imm;
+
+            destreg = DECODE_RM_WORD_REGISTER(rl);
+            imm = (s8) fetch_byte_imm();
+            DECODE_PRINTF2(",%x\n", imm);
+            TRACE_AND_STEP();
+            *destreg = (*genop_word_operation[rh]) (*destreg, imm);
+        }
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x84
+****************************************************************************/
+static void x86emuOp_test_byte_RM_R(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rl, rh;
+    u8 *destreg, *srcreg;
+    uint destoffset;
+    u8 destval;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("TEST\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (mod < 3) {
+        destoffset = decode_rmXX_address(mod, rl);
+        DECODE_PRINTF(",");
+        destval = fetch_data_byte(destoffset);
+        srcreg = DECODE_RM_BYTE_REGISTER(rh);
+        DECODE_PRINTF("\n");
+        TRACE_AND_STEP();
+        test_byte(destval, *srcreg);
+    } else {                     /* register to register */
+        destreg = DECODE_RM_BYTE_REGISTER(rl);
+        DECODE_PRINTF(",");
+        srcreg = DECODE_RM_BYTE_REGISTER(rh);
+        DECODE_PRINTF("\n");
+        TRACE_AND_STEP();
+        test_byte(*destreg, *srcreg);
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x85
+****************************************************************************/
+static void x86emuOp_test_word_RM_R(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rl, rh;
+    uint destoffset;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("TEST\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (mod < 3) {
+        destoffset = decode_rmXX_address(mod, rl);
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 destval;
+            u32 *srcreg;
+
+            DECODE_PRINTF(",");
+            destval = fetch_data_long(destoffset);
+            srcreg = DECODE_RM_LONG_REGISTER(rh);
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            test_long(destval, *srcreg);
+        } else {
+            u16 destval;
+            u16 *srcreg;
+
+            DECODE_PRINTF(",");
+            destval = fetch_data_word(destoffset);
+            srcreg = DECODE_RM_WORD_REGISTER(rh);
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            test_word(destval, *srcreg);
+        }
+    } else {                     /* register to register */
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 *destreg,*srcreg;
+
+            destreg = DECODE_RM_LONG_REGISTER(rl);
+            DECODE_PRINTF(",");
+            srcreg = DECODE_RM_LONG_REGISTER(rh);
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            test_long(*destreg, *srcreg);
+        } else {
+            u16 *destreg,*srcreg;
+
+            destreg = DECODE_RM_WORD_REGISTER(rl);
+            DECODE_PRINTF(",");
+            srcreg = DECODE_RM_WORD_REGISTER(rh);
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            test_word(*destreg, *srcreg);
+        }
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x86
+****************************************************************************/
+static void x86emuOp_xchg_byte_RM_R(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rl, rh;
+    u8 *destreg, *srcreg;
+    uint destoffset;
+    u8 destval;
+    u8 tmp;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("XCHG\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (mod < 3) {
+        destoffset = decode_rmXX_address(mod, rl);
+        DECODE_PRINTF(",");
+        destval = fetch_data_byte(destoffset);
+        srcreg = DECODE_RM_BYTE_REGISTER(rh);
+        DECODE_PRINTF("\n");
+        TRACE_AND_STEP();
+        tmp = *srcreg;
+        *srcreg = destval;
+        destval = tmp;
+        store_data_byte(destoffset, destval);
+    } else {                     /* register to register */
+        destreg = DECODE_RM_BYTE_REGISTER(rl);
+        DECODE_PRINTF(",");
+        srcreg = DECODE_RM_BYTE_REGISTER(rh);
+        DECODE_PRINTF("\n");
+        TRACE_AND_STEP();
+        tmp = *srcreg;
+        *srcreg = *destreg;
+        *destreg = tmp;
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x87
+****************************************************************************/
+static void x86emuOp_xchg_word_RM_R(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rl, rh;
+    uint destoffset;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("XCHG\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (mod < 3) {
+        destoffset = decode_rmXX_address(mod, rl);
+        DECODE_PRINTF(",");
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 *srcreg;
+            u32 destval,tmp;
+
+            destval = fetch_data_long(destoffset);
+            srcreg = DECODE_RM_LONG_REGISTER(rh);
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            tmp = *srcreg;
+            *srcreg = destval;
+            destval = tmp;
+            store_data_long(destoffset, destval);
+        } else {
+            u16 *srcreg;
+            u16 destval,tmp;
+
+            destval = fetch_data_word(destoffset);
+            srcreg = DECODE_RM_WORD_REGISTER(rh);
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            tmp = *srcreg;
+            *srcreg = destval;
+            destval = tmp;
+            store_data_word(destoffset, destval);
+        }
+    } else {                     /* register to register */
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 *destreg,*srcreg;
+            u32 tmp;
+
+            destreg = DECODE_RM_LONG_REGISTER(rl);
+            DECODE_PRINTF(",");
+            srcreg = DECODE_RM_LONG_REGISTER(rh);
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            tmp = *srcreg;
+            *srcreg = *destreg;
+            *destreg = tmp;
+        } else {
+            u16 *destreg,*srcreg;
+            u16 tmp;
+
+            destreg = DECODE_RM_WORD_REGISTER(rl);
+            DECODE_PRINTF(",");
+            srcreg = DECODE_RM_WORD_REGISTER(rh);
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            tmp = *srcreg;
+            *srcreg = *destreg;
+            *destreg = tmp;
+        }
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x88
+****************************************************************************/
+static void x86emuOp_mov_byte_RM_R(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rl, rh;
+    u8 *destreg, *srcreg;
+    uint destoffset;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("MOV\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (mod < 3) {
+        destoffset = decode_rmXX_address(mod, rl);
+        DECODE_PRINTF(",");
+        srcreg = DECODE_RM_BYTE_REGISTER(rh);
+        DECODE_PRINTF("\n");
+        TRACE_AND_STEP();
+        store_data_byte(destoffset, *srcreg);
+    } else {                     /* register to register */
+        destreg = DECODE_RM_BYTE_REGISTER(rl);
+        DECODE_PRINTF(",");
+        srcreg = DECODE_RM_BYTE_REGISTER(rh);
+        DECODE_PRINTF("\n");
+        TRACE_AND_STEP();
+        *destreg = *srcreg;
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x89
+****************************************************************************/
+static void x86emuOp_mov_word_RM_R(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rl, rh;
+    uint destoffset;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("MOV\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (mod < 3) {
+        destoffset = decode_rmXX_address(mod, rl);
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 *srcreg;
+
+            DECODE_PRINTF(",");
+            srcreg = DECODE_RM_LONG_REGISTER(rh);
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            store_data_long(destoffset, *srcreg);
+        } else {
+            u16 *srcreg;
+
+            DECODE_PRINTF(",");
+            srcreg = DECODE_RM_WORD_REGISTER(rh);
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            store_data_word(destoffset, *srcreg);
+        }
+    } else {                     /* register to register */
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 *destreg,*srcreg;
+
+            destreg = DECODE_RM_LONG_REGISTER(rl);
+            DECODE_PRINTF(",");
+            srcreg = DECODE_RM_LONG_REGISTER(rh);
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            *destreg = *srcreg;
+        } else {
+            u16 *destreg,*srcreg;
+
+            destreg = DECODE_RM_WORD_REGISTER(rl);
+            DECODE_PRINTF(",");
+            srcreg = DECODE_RM_WORD_REGISTER(rh);
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            *destreg = *srcreg;
+        }
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x8a
+****************************************************************************/
+static void x86emuOp_mov_byte_R_RM(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rl, rh;
+    u8 *destreg, *srcreg;
+    uint srcoffset;
+    u8 srcval;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("MOV\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (mod < 3) {
+        destreg = DECODE_RM_BYTE_REGISTER(rh);
+        DECODE_PRINTF(",");
+        srcoffset = decode_rmXX_address(mod, rl);
+        srcval = fetch_data_byte(srcoffset);
+        DECODE_PRINTF("\n");
+        TRACE_AND_STEP();
+        *destreg = srcval;
+    } else {                     /* register to register */
+        destreg = DECODE_RM_BYTE_REGISTER(rh);
+        DECODE_PRINTF(",");
+        srcreg = DECODE_RM_BYTE_REGISTER(rl);
+        DECODE_PRINTF("\n");
+        TRACE_AND_STEP();
+        *destreg = *srcreg;
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x8b
+****************************************************************************/
+static void x86emuOp_mov_word_R_RM(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rl, rh;
+    uint srcoffset;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("MOV\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (mod < 3) {
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 *destreg;
+            u32 srcval;
+
+            destreg = DECODE_RM_LONG_REGISTER(rh);
+            DECODE_PRINTF(",");
+            srcoffset = decode_rmXX_address(mod, rl);
+            srcval = fetch_data_long(srcoffset);
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            *destreg = srcval;
+        } else {
+            u16 *destreg;
+            u16 srcval;
+
+            destreg = DECODE_RM_WORD_REGISTER(rh);
+            DECODE_PRINTF(",");
+            srcoffset = decode_rmXX_address(mod, rl);
+            srcval = fetch_data_word(srcoffset);
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            *destreg = srcval;
+        }
+    } else {                     /* register to register */
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 *destreg, *srcreg;
+
+            destreg = DECODE_RM_LONG_REGISTER(rh);
+            DECODE_PRINTF(",");
+            srcreg = DECODE_RM_LONG_REGISTER(rl);
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            *destreg = *srcreg;
+        } else {
+            u16 *destreg, *srcreg;
+
+            destreg = DECODE_RM_WORD_REGISTER(rh);
+            DECODE_PRINTF(",");
+            srcreg = DECODE_RM_WORD_REGISTER(rl);
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            *destreg = *srcreg;
+        }
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x8c
+****************************************************************************/
+static void x86emuOp_mov_word_RM_SR(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rl, rh;
+    u16 *destreg, *srcreg;
+    uint destoffset;
+    u16 destval;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("MOV\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (mod < 3) {
+        destoffset = decode_rmXX_address(mod, rl);
+        DECODE_PRINTF(",");
+        srcreg = decode_rm_seg_register(rh);
+        DECODE_PRINTF("\n");
+        TRACE_AND_STEP();
+        destval = *srcreg;
+        store_data_word(destoffset, destval);
+    } else {                     /* register to register */
+        destreg = DECODE_RM_WORD_REGISTER(rl);
+        DECODE_PRINTF(",");
+        srcreg = decode_rm_seg_register(rh);
+        DECODE_PRINTF("\n");
+        TRACE_AND_STEP();
+        *destreg = *srcreg;
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x8d
+****************************************************************************/
+static void x86emuOp_lea_word_R_M(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rl, rh;
+    uint destoffset;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("LEA\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (mod < 3) {
+        if (M.x86.mode & SYSMODE_PREFIX_ADDR) {
+            u32 *srcreg = DECODE_RM_LONG_REGISTER(rh);
+            DECODE_PRINTF(",");
+            destoffset = decode_rmXX_address(mod, rl);
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            *srcreg = (u32)destoffset;
+	} else {
+            u16 *srcreg = DECODE_RM_WORD_REGISTER(rh);
+            DECODE_PRINTF(",");
+            destoffset = decode_rmXX_address(mod, rl);
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            *srcreg = (u16)destoffset;
+        }
+    }
+    /* else { undefined.  Do nothing. } */
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x8e
+****************************************************************************/
+static void x86emuOp_mov_word_SR_RM(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rl, rh;
+    u16 *destreg, *srcreg;
+    uint srcoffset;
+    u16 srcval;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("MOV\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (mod < 3) {
+        destreg = decode_rm_seg_register(rh);
+        DECODE_PRINTF(",");
+        srcoffset = decode_rmXX_address(mod, rl);
+        srcval = fetch_data_word(srcoffset);
+        DECODE_PRINTF("\n");
+        TRACE_AND_STEP();
+        *destreg = srcval;
+    } else {                     /* register to register */
+        destreg = decode_rm_seg_register(rh);
+        DECODE_PRINTF(",");
+        srcreg = DECODE_RM_WORD_REGISTER(rl);
+        DECODE_PRINTF("\n");
+        TRACE_AND_STEP();
+        *destreg = *srcreg;
+    }
+    /*
+     * Clean up, and reset all the R_xSP pointers to the correct
+     * locations.  This is about 3x too much overhead (doing all the
+     * segreg ptrs when only one is needed, but this instruction
+     * *cannot* be that common, and this isn't too much work anyway.
+     */
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x8f
+****************************************************************************/
+static void x86emuOp_pop_RM(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rl, rh;
+    uint destoffset;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("POP\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (rh != 0) {
+        DECODE_PRINTF("ILLEGAL DECODE OF OPCODE 8F\n");
+        HALT_SYS();
+    }
+    if (mod < 3) {
+        destoffset = decode_rmXX_address(mod, rl);
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 destval;
+
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            destval = pop_long();
+            store_data_long(destoffset, destval);
+        } else {
+            u16 destval;
+
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            destval = pop_word();
+            store_data_word(destoffset, destval);
+        }
+    } else {                    /* register to register */
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 *destreg;
+
+            destreg = DECODE_RM_LONG_REGISTER(rl);
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            *destreg = pop_long();
+        } else {
+            u16 *destreg;
+
+            destreg = DECODE_RM_WORD_REGISTER(rl);
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            *destreg = pop_word();
+        }
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x90
+****************************************************************************/
+static void x86emuOp_nop(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("NOP\n");
+    TRACE_AND_STEP();
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x91-0x97
+****************************************************************************/
+static void x86emuOp_xchg_word_AX_register(u8 X86EMU_UNUSED(op1))
+{
+    u32 tmp;
+
+    op1 &= 0x7;
+
+    START_OF_INSTR();
+
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        u32 *reg32;
+        DECODE_PRINTF("XCHG\tEAX,");
+        reg32 = DECODE_RM_LONG_REGISTER(op1);
+        DECODE_PRINTF("\n");
+        TRACE_AND_STEP();
+        tmp = M.x86.R_EAX;
+        M.x86.R_EAX = *reg32;
+        *reg32 = tmp;
+    } else {
+        u16 *reg16;
+        DECODE_PRINTF("XCHG\tAX,");
+        reg16 = DECODE_RM_WORD_REGISTER(op1);
+        DECODE_PRINTF("\n");
+        TRACE_AND_STEP();
+        tmp = M.x86.R_AX;
+        M.x86.R_AX = *reg16;
+        *reg16 = (u16)tmp;
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x98
+****************************************************************************/
+static void x86emuOp_cbw(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        DECODE_PRINTF("CWDE\n");
+    } else {
+        DECODE_PRINTF("CBW\n");
+    }
+    TRACE_AND_STEP();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        if (M.x86.R_AX & 0x8000) {
+            M.x86.R_EAX |= 0xffff0000;
+        } else {
+            M.x86.R_EAX &= 0x0000ffff;
+        }
+    } else {
+        if (M.x86.R_AL & 0x80) {
+            M.x86.R_AH = 0xff;
+        } else {
+            M.x86.R_AH = 0x0;
+        }
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x99
+****************************************************************************/
+static void x86emuOp_cwd(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        DECODE_PRINTF("CDQ\n");
+    } else {
+        DECODE_PRINTF("CWD\n");
+    }
+    DECODE_PRINTF("CWD\n");
+    TRACE_AND_STEP();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        if (M.x86.R_EAX & 0x80000000) {
+            M.x86.R_EDX = 0xffffffff;
+        } else {
+            M.x86.R_EDX = 0x0;
+        }
+    } else {
+        if (M.x86.R_AX & 0x8000) {
+            M.x86.R_DX = 0xffff;
+        } else {
+            M.x86.R_DX = 0x0;
+        }
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x9a
+****************************************************************************/
+static void x86emuOp_call_far_IMM(u8 X86EMU_UNUSED(op1))
+{
+    u32 farseg, faroff;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("CALL\t");
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        faroff = fetch_long_imm();
+        farseg = fetch_word_imm();
+    } else {
+        faroff = fetch_word_imm();
+        farseg = fetch_word_imm();
+    }
+    DECODE_PRINTF2("%04x:", farseg);
+    DECODE_PRINTF2("%04x\n", faroff);
+    CALL_TRACE(M.x86.saved_cs, M.x86.saved_ip, farseg, faroff, "FAR ");
+
+    /* XXX
+     *
+     * Hooked interrupt vectors calling into our "BIOS" will cause
+     * problems unless all intersegment stuff is checked for BIOS
+     * access.  Check needed here.  For moment, let it alone.
+     */
+    TRACE_AND_STEP();
+    push_word(M.x86.R_CS);
+    M.x86.R_CS = farseg;
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        push_long(M.x86.R_EIP);
+    } else {
+        push_word(M.x86.R_IP);
+    }
+    M.x86.R_EIP = faroff & 0xffff;
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x9b
+****************************************************************************/
+static void x86emuOp_wait(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("WAIT");
+    TRACE_AND_STEP();
+    /* NADA.  */
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x9c
+****************************************************************************/
+static void x86emuOp_pushf_word(u8 X86EMU_UNUSED(op1))
+{
+    u32 flags;
+
+    START_OF_INSTR();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        DECODE_PRINTF("PUSHFD\n");
+    } else {
+        DECODE_PRINTF("PUSHF\n");
+    }
+    TRACE_AND_STEP();
+
+    /* clear out *all* bits not representing flags, and turn on real bits */
+    flags = (M.x86.R_EFLG & F_MSK) | F_ALWAYS_ON;
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        push_long(flags);
+    } else {
+        push_word((u16)flags);
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x9d
+****************************************************************************/
+static void x86emuOp_popf_word(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        DECODE_PRINTF("POPFD\n");
+    } else {
+        DECODE_PRINTF("POPF\n");
+    }
+    TRACE_AND_STEP();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        M.x86.R_EFLG = pop_long();
+    } else {
+        M.x86.R_FLG = pop_word();
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x9e
+****************************************************************************/
+static void x86emuOp_sahf(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("SAHF\n");
+    TRACE_AND_STEP();
+    /* clear the lower bits of the flag register */
+    M.x86.R_FLG &= 0xffffff00;
+    /* or in the AH register into the flags register */
+    M.x86.R_FLG |= M.x86.R_AH;
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x9f
+****************************************************************************/
+static void x86emuOp_lahf(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("LAHF\n");
+    TRACE_AND_STEP();
+	M.x86.R_AH = (u8)(M.x86.R_FLG & 0xff);
+    /*undocumented TC++ behavior??? Nope.  It's documented, but
+       you have too look real hard to notice it. */
+    M.x86.R_AH |= 0x2;
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xa0
+****************************************************************************/
+static void x86emuOp_mov_AL_M_IMM(u8 X86EMU_UNUSED(op1))
+{
+    u16 offset;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("MOV\tAL,");
+    offset = fetch_word_imm();
+    DECODE_PRINTF2("[%04x]\n", offset);
+    TRACE_AND_STEP();
+    M.x86.R_AL = fetch_data_byte(offset);
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xa1
+****************************************************************************/
+static void x86emuOp_mov_AX_M_IMM(u8 X86EMU_UNUSED(op1))
+{
+    u16 offset;
+
+    START_OF_INSTR();
+    offset = fetch_word_imm();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        DECODE_PRINTF2("MOV\tEAX,[%04x]\n", offset);
+    } else {
+        DECODE_PRINTF2("MOV\tAX,[%04x]\n", offset);
+    }
+    TRACE_AND_STEP();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        M.x86.R_EAX = fetch_data_long(offset);
+    } else {
+        M.x86.R_AX = fetch_data_word(offset);
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xa2
+****************************************************************************/
+static void x86emuOp_mov_M_AL_IMM(u8 X86EMU_UNUSED(op1))
+{
+    u16 offset;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("MOV\t");
+    offset = fetch_word_imm();
+    DECODE_PRINTF2("[%04x],AL\n", offset);
+    TRACE_AND_STEP();
+    store_data_byte(offset, M.x86.R_AL);
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xa3
+****************************************************************************/
+static void x86emuOp_mov_M_AX_IMM(u8 X86EMU_UNUSED(op1))
+{
+    u16 offset;
+
+    START_OF_INSTR();
+    offset = fetch_word_imm();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        DECODE_PRINTF2("MOV\t[%04x],EAX\n", offset);
+    } else {
+        DECODE_PRINTF2("MOV\t[%04x],AX\n", offset);
+    }
+    TRACE_AND_STEP();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        store_data_long(offset, M.x86.R_EAX);
+    } else {
+        store_data_word(offset, M.x86.R_AX);
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xa4
+****************************************************************************/
+static void x86emuOp_movs_byte(u8 X86EMU_UNUSED(op1))
+{
+    u8  val;
+    u32 count;
+    int inc;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("MOVS\tBYTE\n");
+    if (ACCESS_FLAG(F_DF))   /* down */
+        inc = -1;
+    else
+        inc = 1;
+    TRACE_AND_STEP();
+    count = 1;
+    if (M.x86.mode & (SYSMODE_PREFIX_REPE | SYSMODE_PREFIX_REPNE)) {
+        /* dont care whether REPE or REPNE */
+        /* move them until (E)CX is ZERO. */
+        count = (M.x86.mode & SYSMODE_32BIT_REP) ? M.x86.R_ECX : M.x86.R_CX;
+        M.x86.R_CX = 0;
+	if (M.x86.mode & SYSMODE_32BIT_REP)
+            M.x86.R_ECX = 0;
+        M.x86.mode &= ~(SYSMODE_PREFIX_REPE | SYSMODE_PREFIX_REPNE);
+    }
+    while (count--) {
+        val = fetch_data_byte(M.x86.R_SI);
+        store_data_byte_abs(M.x86.R_ES, M.x86.R_DI, val);
+        M.x86.R_SI += inc;
+        M.x86.R_DI += inc;
+        if (M.x86.intr & INTR_HALTED)
+            break;
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xa5
+****************************************************************************/
+static void x86emuOp_movs_word(u8 X86EMU_UNUSED(op1))
+{
+    u32 val;
+    int inc;
+    u32 count;
+
+    START_OF_INSTR();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        DECODE_PRINTF("MOVS\tDWORD\n");
+        if (ACCESS_FLAG(F_DF))      /* down */
+            inc = -4;
+        else
+            inc = 4;
+    } else {
+        DECODE_PRINTF("MOVS\tWORD\n");
+        if (ACCESS_FLAG(F_DF))      /* down */
+            inc = -2;
+        else
+            inc = 2;
+    }
+    TRACE_AND_STEP();
+    count = 1;
+    if (M.x86.mode & (SYSMODE_PREFIX_REPE | SYSMODE_PREFIX_REPNE)) {
+        /* dont care whether REPE or REPNE */
+        /* move them until (E)CX is ZERO. */
+        count = (M.x86.mode & SYSMODE_32BIT_REP) ? M.x86.R_ECX : M.x86.R_CX;
+        M.x86.R_CX = 0;
+	if (M.x86.mode & SYSMODE_32BIT_REP)
+            M.x86.R_ECX = 0;
+        M.x86.mode &= ~(SYSMODE_PREFIX_REPE | SYSMODE_PREFIX_REPNE);
+    }
+    while (count--) {
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            val = fetch_data_long(M.x86.R_SI);
+            store_data_long_abs(M.x86.R_ES, M.x86.R_DI, val);
+        } else {
+            val = fetch_data_word(M.x86.R_SI);
+            store_data_word_abs(M.x86.R_ES, M.x86.R_DI, (u16)val);
+        }
+        M.x86.R_SI += inc;
+        M.x86.R_DI += inc;
+        if (M.x86.intr & INTR_HALTED)
+            break;
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xa6
+****************************************************************************/
+static void x86emuOp_cmps_byte(u8 X86EMU_UNUSED(op1))
+{
+    s8 val1, val2;
+    int inc;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("CMPS\tBYTE\n");
+    TRACE_AND_STEP();
+    if (ACCESS_FLAG(F_DF))   /* down */
+        inc = -1;
+    else
+        inc = 1;
+
+    if (M.x86.mode & (SYSMODE_PREFIX_REPE | SYSMODE_PREFIX_REPNE)) {
+        /* REPE  */
+        /* move them until (E)CX is ZERO. */
+        while (((M.x86.mode & SYSMODE_32BIT_REP) ? M.x86.R_ECX : M.x86.R_CX) != 0) {
+            val1 = fetch_data_byte(M.x86.R_SI);
+            val2 = fetch_data_byte_abs(M.x86.R_ES, M.x86.R_DI);
+                     cmp_byte(val1, val2);
+            if (M.x86.mode & SYSMODE_32BIT_REP)
+                M.x86.R_ECX -= 1;
+            else
+                M.x86.R_CX -= 1;
+            M.x86.R_SI += inc;
+            M.x86.R_DI += inc;
+            if ( (M.x86.mode & SYSMODE_PREFIX_REPE) && (ACCESS_FLAG(F_ZF) == 0) ) break;
+            if ( (M.x86.mode & SYSMODE_PREFIX_REPNE) && ACCESS_FLAG(F_ZF) ) break;
+            if (M.x86.intr & INTR_HALTED)
+                break;
+        }
+        M.x86.mode &= ~(SYSMODE_PREFIX_REPE | SYSMODE_PREFIX_REPNE);
+    } else {
+        val1 = fetch_data_byte(M.x86.R_SI);
+        val2 = fetch_data_byte_abs(M.x86.R_ES, M.x86.R_DI);
+        cmp_byte(val1, val2);
+        M.x86.R_SI += inc;
+        M.x86.R_DI += inc;
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xa7
+****************************************************************************/
+static void x86emuOp_cmps_word(u8 X86EMU_UNUSED(op1))
+{
+    u32 val1,val2;
+    int inc;
+
+    START_OF_INSTR();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        DECODE_PRINTF("CMPS\tDWORD\n");
+        inc = 4;
+    } else {
+        DECODE_PRINTF("CMPS\tWORD\n");
+        inc = 2;
+    }
+    if (ACCESS_FLAG(F_DF))   /* down */
+        inc = -inc;
+
+    TRACE_AND_STEP();
+    if (M.x86.mode & (SYSMODE_PREFIX_REPE | SYSMODE_PREFIX_REPNE)) {
+        /* REPE  */
+        /* move them until (E)CX is ZERO. */
+        while (((M.x86.mode & SYSMODE_32BIT_REP) ? M.x86.R_ECX : M.x86.R_CX) != 0) {
+            if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+                val1 = fetch_data_long(M.x86.R_SI);
+                val2 = fetch_data_long_abs(M.x86.R_ES, M.x86.R_DI);
+                cmp_long(val1, val2);
+            } else {
+                val1 = fetch_data_word(M.x86.R_SI);
+                val2 = fetch_data_word_abs(M.x86.R_ES, M.x86.R_DI);
+                cmp_word((u16)val1, (u16)val2);
+            }
+            if (M.x86.mode & SYSMODE_32BIT_REP)
+                M.x86.R_ECX -= 1;
+            else
+                M.x86.R_CX -= 1;
+            M.x86.R_SI += inc;
+            M.x86.R_DI += inc;
+            if ( (M.x86.mode & SYSMODE_PREFIX_REPE) && ACCESS_FLAG(F_ZF) == 0 ) break;
+            if ( (M.x86.mode & SYSMODE_PREFIX_REPNE) && ACCESS_FLAG(F_ZF) ) break;
+            if (M.x86.intr & INTR_HALTED)
+                break;
+        }
+        M.x86.mode &= ~(SYSMODE_PREFIX_REPE | SYSMODE_PREFIX_REPNE);
+    } else {
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            val1 = fetch_data_long(M.x86.R_SI);
+            val2 = fetch_data_long_abs(M.x86.R_ES, M.x86.R_DI);
+            cmp_long(val1, val2);
+        } else {
+            val1 = fetch_data_word(M.x86.R_SI);
+            val2 = fetch_data_word_abs(M.x86.R_ES, M.x86.R_DI);
+            cmp_word((u16)val1, (u16)val2);
+        }
+        M.x86.R_SI += inc;
+        M.x86.R_DI += inc;
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xa8
+****************************************************************************/
+static void x86emuOp_test_AL_IMM(u8 X86EMU_UNUSED(op1))
+{
+    int imm;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("TEST\tAL,");
+    imm = fetch_byte_imm();
+    DECODE_PRINTF2("%04x\n", imm);
+    TRACE_AND_STEP();
+	test_byte(M.x86.R_AL, (u8)imm);
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xa9
+****************************************************************************/
+static void x86emuOp_test_AX_IMM(u8 X86EMU_UNUSED(op1))
+{
+    u32 srcval;
+
+    START_OF_INSTR();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        DECODE_PRINTF("TEST\tEAX,");
+        srcval = fetch_long_imm();
+    } else {
+        DECODE_PRINTF("TEST\tAX,");
+        srcval = fetch_word_imm();
+    }
+    DECODE_PRINTF2("%x\n", srcval);
+    TRACE_AND_STEP();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        test_long(M.x86.R_EAX, srcval);
+    } else {
+        test_word(M.x86.R_AX, (u16)srcval);
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xaa
+****************************************************************************/
+static void x86emuOp_stos_byte(u8 X86EMU_UNUSED(op1))
+{
+    int inc;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("STOS\tBYTE\n");
+    if (ACCESS_FLAG(F_DF))   /* down */
+        inc = -1;
+    else
+        inc = 1;
+    TRACE_AND_STEP();
+    if (M.x86.mode & (SYSMODE_PREFIX_REPE | SYSMODE_PREFIX_REPNE)) {
+        /* dont care whether REPE or REPNE */
+        /* move them until (E)CX is ZERO. */
+        while (((M.x86.mode & SYSMODE_32BIT_REP) ? M.x86.R_ECX : M.x86.R_CX) != 0) {
+            store_data_byte_abs(M.x86.R_ES, M.x86.R_DI, M.x86.R_AL);
+            if (M.x86.mode & SYSMODE_32BIT_REP)
+                M.x86.R_ECX -= 1;
+            else
+                M.x86.R_CX -= 1;
+            M.x86.R_DI += inc;
+            if (M.x86.intr & INTR_HALTED)
+                break;
+        }
+        M.x86.mode &= ~(SYSMODE_PREFIX_REPE | SYSMODE_PREFIX_REPNE);
+    } else {
+        store_data_byte_abs(M.x86.R_ES, M.x86.R_DI, M.x86.R_AL);
+        M.x86.R_DI += inc;
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xab
+****************************************************************************/
+static void x86emuOp_stos_word(u8 X86EMU_UNUSED(op1))
+{
+    int inc;
+    u32 count;
+
+    START_OF_INSTR();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        DECODE_PRINTF("STOS\tDWORD\n");
+        if (ACCESS_FLAG(F_DF))   /* down */
+            inc = -4;
+        else
+            inc = 4;
+    } else {
+        DECODE_PRINTF("STOS\tWORD\n");
+        if (ACCESS_FLAG(F_DF))   /* down */
+            inc = -2;
+        else
+            inc = 2;
+    }
+    TRACE_AND_STEP();
+    count = 1;
+    if (M.x86.mode & (SYSMODE_PREFIX_REPE | SYSMODE_PREFIX_REPNE)) {
+        /* dont care whether REPE or REPNE */
+        /* move them until (E)CX is ZERO. */
+        count = (M.x86.mode & SYSMODE_32BIT_REP) ? M.x86.R_ECX : M.x86.R_CX;
+        M.x86.R_CX = 0;
+	if (M.x86.mode & SYSMODE_32BIT_REP)
+            M.x86.R_ECX = 0;
+        M.x86.mode &= ~(SYSMODE_PREFIX_REPE | SYSMODE_PREFIX_REPNE);
+    }
+    while (count--) {
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            store_data_long_abs(M.x86.R_ES, M.x86.R_DI, M.x86.R_EAX);
+        } else {
+            store_data_word_abs(M.x86.R_ES, M.x86.R_DI, M.x86.R_AX);
+        }
+        M.x86.R_DI += inc;
+        if (M.x86.intr & INTR_HALTED)
+            break;
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xac
+****************************************************************************/
+static void x86emuOp_lods_byte(u8 X86EMU_UNUSED(op1))
+{
+    int inc;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("LODS\tBYTE\n");
+    TRACE_AND_STEP();
+    if (ACCESS_FLAG(F_DF))   /* down */
+        inc = -1;
+    else
+        inc = 1;
+    if (M.x86.mode & (SYSMODE_PREFIX_REPE | SYSMODE_PREFIX_REPNE)) {
+        /* dont care whether REPE or REPNE */
+        /* move them until (E)CX is ZERO. */
+        while (((M.x86.mode & SYSMODE_32BIT_REP) ? M.x86.R_ECX : M.x86.R_CX) != 0) {
+            M.x86.R_AL = fetch_data_byte(M.x86.R_SI);
+            if (M.x86.mode & SYSMODE_32BIT_REP)
+                M.x86.R_ECX -= 1;
+            else
+                M.x86.R_CX -= 1;
+            M.x86.R_SI += inc;
+            if (M.x86.intr & INTR_HALTED)
+                break;
+        }
+        M.x86.mode &= ~(SYSMODE_PREFIX_REPE | SYSMODE_PREFIX_REPNE);
+    } else {
+        M.x86.R_AL = fetch_data_byte(M.x86.R_SI);
+        M.x86.R_SI += inc;
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xad
+****************************************************************************/
+static void x86emuOp_lods_word(u8 X86EMU_UNUSED(op1))
+{
+    int inc;
+    u32 count;
+
+    START_OF_INSTR();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        DECODE_PRINTF("LODS\tDWORD\n");
+        if (ACCESS_FLAG(F_DF))   /* down */
+            inc = -4;
+        else
+            inc = 4;
+    } else {
+        DECODE_PRINTF("LODS\tWORD\n");
+        if (ACCESS_FLAG(F_DF))   /* down */
+            inc = -2;
+        else
+            inc = 2;
+    }
+    TRACE_AND_STEP();
+    count = 1;
+    if (M.x86.mode & (SYSMODE_PREFIX_REPE | SYSMODE_PREFIX_REPNE)) {
+        /* dont care whether REPE or REPNE */
+        /* move them until (E)CX is ZERO. */
+        count = (M.x86.mode & SYSMODE_32BIT_REP) ? M.x86.R_ECX : M.x86.R_CX;
+        M.x86.R_CX = 0;
+	if (M.x86.mode & SYSMODE_32BIT_REP)
+            M.x86.R_ECX = 0;
+        M.x86.mode &= ~(SYSMODE_PREFIX_REPE | SYSMODE_PREFIX_REPNE);
+    }
+    while (count--) {
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            M.x86.R_EAX = fetch_data_long(M.x86.R_SI);
+        } else {
+            M.x86.R_AX = fetch_data_word(M.x86.R_SI);
+        }
+        M.x86.R_SI += inc;
+        if (M.x86.intr & INTR_HALTED)
+            break;
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xae
+****************************************************************************/
+static void x86emuOp_scas_byte(u8 X86EMU_UNUSED(op1))
+{
+    s8 val2;
+    int inc;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("SCAS\tBYTE\n");
+    TRACE_AND_STEP();
+    if (ACCESS_FLAG(F_DF))   /* down */
+        inc = -1;
+    else
+        inc = 1;
+    if (M.x86.mode & SYSMODE_PREFIX_REPE) {
+        /* REPE  */
+        /* move them until (E)CX is ZERO. */
+        while (((M.x86.mode & SYSMODE_32BIT_REP) ? M.x86.R_ECX : M.x86.R_CX) != 0) {
+            val2 = fetch_data_byte_abs(M.x86.R_ES, M.x86.R_DI);
+            cmp_byte(M.x86.R_AL, val2);
+            if (M.x86.mode & SYSMODE_32BIT_REP)
+                M.x86.R_ECX -= 1;
+            else
+                M.x86.R_CX -= 1;
+            M.x86.R_DI += inc;
+            if (ACCESS_FLAG(F_ZF) == 0)
+                break;
+            if (M.x86.intr & INTR_HALTED)
+                break;
+        }
+        M.x86.mode &= ~SYSMODE_PREFIX_REPE;
+    } else if (M.x86.mode & SYSMODE_PREFIX_REPNE) {
+        /* REPNE  */
+        /* move them until (E)CX is ZERO. */
+        while (((M.x86.mode & SYSMODE_32BIT_REP) ? M.x86.R_ECX : M.x86.R_CX) != 0) {
+            val2 = fetch_data_byte_abs(M.x86.R_ES, M.x86.R_DI);
+            cmp_byte(M.x86.R_AL, val2);
+            if (M.x86.mode & SYSMODE_32BIT_REP)
+                M.x86.R_ECX -= 1;
+            else
+                M.x86.R_CX -= 1;
+            M.x86.R_DI += inc;
+            if (ACCESS_FLAG(F_ZF))
+                break;          /* zero flag set means equal */
+            if (M.x86.intr & INTR_HALTED)
+                break;
+        }
+        M.x86.mode &= ~SYSMODE_PREFIX_REPNE;
+    } else {
+        val2 = fetch_data_byte_abs(M.x86.R_ES, M.x86.R_DI);
+        cmp_byte(M.x86.R_AL, val2);
+        M.x86.R_DI += inc;
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xaf
+****************************************************************************/
+static void x86emuOp_scas_word(u8 X86EMU_UNUSED(op1))
+{
+    int inc;
+    u32 val;
+
+    START_OF_INSTR();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        DECODE_PRINTF("SCAS\tDWORD\n");
+        if (ACCESS_FLAG(F_DF))   /* down */
+            inc = -4;
+        else
+            inc = 4;
+    } else {
+        DECODE_PRINTF("SCAS\tWORD\n");
+        if (ACCESS_FLAG(F_DF))   /* down */
+            inc = -2;
+        else
+            inc = 2;
+    }
+    TRACE_AND_STEP();
+    if (M.x86.mode & SYSMODE_PREFIX_REPE) {
+        /* REPE  */
+        /* move them until (E)CX is ZERO. */
+        while (((M.x86.mode & SYSMODE_32BIT_REP) ? M.x86.R_ECX : M.x86.R_CX) != 0) {
+            if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+                val = fetch_data_long_abs(M.x86.R_ES, M.x86.R_DI);
+                cmp_long(M.x86.R_EAX, val);
+            } else {
+                val = fetch_data_word_abs(M.x86.R_ES, M.x86.R_DI);
+                cmp_word(M.x86.R_AX, (u16)val);
+            }
+            if (M.x86.mode & SYSMODE_32BIT_REP)
+                M.x86.R_ECX -= 1;
+            else
+                M.x86.R_CX -= 1;
+            M.x86.R_DI += inc;
+            if (ACCESS_FLAG(F_ZF) == 0)
+                break;
+            if (M.x86.intr & INTR_HALTED)
+                break;
+        }
+        M.x86.mode &= ~SYSMODE_PREFIX_REPE;
+    } else if (M.x86.mode & SYSMODE_PREFIX_REPNE) {
+        /* REPNE  */
+        /* move them until (E)CX is ZERO. */
+        while (((M.x86.mode & SYSMODE_32BIT_REP) ? M.x86.R_ECX : M.x86.R_CX) != 0) {
+            if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+                val = fetch_data_long_abs(M.x86.R_ES, M.x86.R_DI);
+                cmp_long(M.x86.R_EAX, val);
+            } else {
+                val = fetch_data_word_abs(M.x86.R_ES, M.x86.R_DI);
+                cmp_word(M.x86.R_AX, (u16)val);
+            }
+            if (M.x86.mode & SYSMODE_32BIT_REP)
+                M.x86.R_ECX -= 1;
+            else
+                M.x86.R_CX -= 1;
+            M.x86.R_DI += inc;
+            if (ACCESS_FLAG(F_ZF))
+                break;          /* zero flag set means equal */
+            if (M.x86.intr & INTR_HALTED)
+                break;
+        }
+        M.x86.mode &= ~SYSMODE_PREFIX_REPNE;
+    } else {
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            val = fetch_data_long_abs(M.x86.R_ES, M.x86.R_DI);
+            cmp_long(M.x86.R_EAX, val);
+        } else {
+            val = fetch_data_word_abs(M.x86.R_ES, M.x86.R_DI);
+            cmp_word(M.x86.R_AX, (u16)val);
+        }
+        M.x86.R_DI += inc;
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xb0 - 0xb7
+****************************************************************************/
+static void x86emuOp_mov_byte_register_IMM(u8 op1)
+{
+    u8 imm, *ptr;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("MOV\t");
+    ptr = DECODE_RM_BYTE_REGISTER(op1 & 0x7);
+    DECODE_PRINTF(",");
+    imm = fetch_byte_imm();
+    DECODE_PRINTF2("%x\n", imm);
+    TRACE_AND_STEP();
+    *ptr = imm;
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xb8 - 0xbf
+****************************************************************************/
+static void x86emuOp_mov_word_register_IMM(u8 X86EMU_UNUSED(op1))
+{
+    u32 srcval;
+
+    op1 &= 0x7;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("MOV\t");
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        u32 *reg32;
+        reg32 = DECODE_RM_LONG_REGISTER(op1);
+        srcval = fetch_long_imm();
+        DECODE_PRINTF2(",%x\n", srcval);
+        TRACE_AND_STEP();
+        *reg32 = srcval;
+    } else {
+        u16 *reg16;
+        reg16 = DECODE_RM_WORD_REGISTER(op1);
+        srcval = fetch_word_imm();
+        DECODE_PRINTF2(",%x\n", srcval);
+        TRACE_AND_STEP();
+        *reg16 = (u16)srcval;
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xc0
+****************************************************************************/
+static void x86emuOp_opcC0_byte_RM_MEM(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rl, rh;
+    u8 *destreg;
+    uint destoffset;
+    u8 destval;
+    u8 amt;
+
+    /*
+     * Yet another weirdo special case instruction format.  Part of
+     * the opcode held below in "RH".  Doubly nested case would
+     * result, except that the decoded instruction
+     */
+    START_OF_INSTR();
+    FETCH_DECODE_MODRM(mod, rh, rl);
+#ifdef DEBUG
+    if (DEBUG_DECODE()) {
+        /* XXX DECODE_PRINTF may be changed to something more
+           general, so that it is important to leave the strings
+           in the same format, even though the result is that the
+           above test is done twice. */
+
+        switch (rh) {
+        case 0:
+            DECODE_PRINTF("ROL\t");
+            break;
+        case 1:
+            DECODE_PRINTF("ROR\t");
+            break;
+        case 2:
+            DECODE_PRINTF("RCL\t");
+            break;
+        case 3:
+            DECODE_PRINTF("RCR\t");
+            break;
+        case 4:
+            DECODE_PRINTF("SHL\t");
+            break;
+        case 5:
+            DECODE_PRINTF("SHR\t");
+            break;
+        case 6:
+            DECODE_PRINTF("SAL\t");
+            break;
+        case 7:
+            DECODE_PRINTF("SAR\t");
+            break;
+        }
+    }
+#endif
+    /* know operation, decode the mod byte to find the addressing
+       mode. */
+    if (mod < 3) {
+        DECODE_PRINTF("BYTE PTR ");
+        destoffset = decode_rmXX_address(mod, rl);
+        amt = fetch_byte_imm();
+        DECODE_PRINTF2(",%x\n", amt);
+        destval = fetch_data_byte(destoffset);
+        TRACE_AND_STEP();
+        destval = (*opcD0_byte_operation[rh]) (destval, amt);
+        store_data_byte(destoffset, destval);
+    } else {                     /* register to register */
+        destreg = DECODE_RM_BYTE_REGISTER(rl);
+        amt = fetch_byte_imm();
+        DECODE_PRINTF2(",%x\n", amt);
+        TRACE_AND_STEP();
+        destval = (*opcD0_byte_operation[rh]) (*destreg, amt);
+        *destreg = destval;
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xc1
+****************************************************************************/
+static void x86emuOp_opcC1_word_RM_MEM(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rl, rh;
+    uint destoffset;
+    u8 amt;
+
+    /*
+     * Yet another weirdo special case instruction format.  Part of
+     * the opcode held below in "RH".  Doubly nested case would
+     * result, except that the decoded instruction
+     */
+    START_OF_INSTR();
+    FETCH_DECODE_MODRM(mod, rh, rl);
+#ifdef DEBUG
+    if (DEBUG_DECODE()) {
+        /* XXX DECODE_PRINTF may be changed to something more
+           general, so that it is important to leave the strings
+           in the same format, even though the result is that the
+           above test is done twice. */
+
+        switch (rh) {
+        case 0:
+            DECODE_PRINTF("ROL\t");
+            break;
+        case 1:
+            DECODE_PRINTF("ROR\t");
+            break;
+        case 2:
+            DECODE_PRINTF("RCL\t");
+            break;
+        case 3:
+            DECODE_PRINTF("RCR\t");
+            break;
+        case 4:
+            DECODE_PRINTF("SHL\t");
+            break;
+        case 5:
+            DECODE_PRINTF("SHR\t");
+            break;
+        case 6:
+            DECODE_PRINTF("SAL\t");
+            break;
+        case 7:
+            DECODE_PRINTF("SAR\t");
+            break;
+        }
+    }
+#endif
+    /* know operation, decode the mod byte to find the addressing
+       mode. */
+    if (mod < 3) {
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 destval;
+
+            DECODE_PRINTF("DWORD PTR ");
+            destoffset = decode_rmXX_address(mod, rl);
+            amt = fetch_byte_imm();
+            DECODE_PRINTF2(",%x\n", amt);
+            destval = fetch_data_long(destoffset);
+            TRACE_AND_STEP();
+            destval = (*opcD1_long_operation[rh]) (destval, amt);
+            store_data_long(destoffset, destval);
+        } else {
+            u16 destval;
+
+            DECODE_PRINTF("WORD PTR ");
+            destoffset = decode_rmXX_address(mod, rl);
+            amt = fetch_byte_imm();
+            DECODE_PRINTF2(",%x\n", amt);
+            destval = fetch_data_word(destoffset);
+            TRACE_AND_STEP();
+            destval = (*opcD1_word_operation[rh]) (destval, amt);
+            store_data_word(destoffset, destval);
+        }
+    } else {                     /* register to register */
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 *destreg;
+
+            destreg = DECODE_RM_LONG_REGISTER(rl);
+            amt = fetch_byte_imm();
+            DECODE_PRINTF2(",%x\n", amt);
+            TRACE_AND_STEP();
+            *destreg = (*opcD1_long_operation[rh]) (*destreg, amt);
+        } else {
+            u16 *destreg;
+
+            destreg = DECODE_RM_WORD_REGISTER(rl);
+            amt = fetch_byte_imm();
+            DECODE_PRINTF2(",%x\n", amt);
+            TRACE_AND_STEP();
+            *destreg = (*opcD1_word_operation[rh]) (*destreg, amt);
+        }
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xc2
+****************************************************************************/
+static void x86emuOp_ret_near_IMM(u8 X86EMU_UNUSED(op1))
+{
+    u16 imm;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("RET\t");
+    imm = fetch_word_imm();
+    DECODE_PRINTF2("%x\n", imm);
+	TRACE_AND_STEP();
+    M.x86.R_IP = pop_word();
+	RETURN_TRACE(M.x86.saved_cs,M.x86.saved_ip, M.x86.R_CS, M.x86.R_IP, "NEAR");
+    M.x86.R_SP += imm;
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xc3
+****************************************************************************/
+static void x86emuOp_ret_near(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("RET\n");
+	TRACE_AND_STEP();
+    M.x86.R_IP = pop_word();
+	RETURN_TRACE(M.x86.saved_cs,M.x86.saved_ip, M.x86.R_CS, M.x86.R_IP, "NEAR");
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xc4
+****************************************************************************/
+static void x86emuOp_les_R_IMM(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rh, rl;
+    u16 *dstreg;
+    uint srcoffset;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("LES\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (mod < 3) {
+        dstreg = DECODE_RM_WORD_REGISTER(rh);
+        DECODE_PRINTF(",");
+        srcoffset = decode_rmXX_address(mod, rl);
+        DECODE_PRINTF("\n");
+        TRACE_AND_STEP();
+        *dstreg = fetch_data_word(srcoffset);
+        M.x86.R_ES = fetch_data_word(srcoffset + 2);
+    }
+    /* else UNDEFINED!                   register to register */
+
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xc5
+****************************************************************************/
+static void x86emuOp_lds_R_IMM(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rh, rl;
+    u16 *dstreg;
+    uint srcoffset;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("LDS\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (mod < 3) {
+        dstreg = DECODE_RM_WORD_REGISTER(rh);
+        DECODE_PRINTF(",");
+        srcoffset = decode_rmXX_address(mod, rl);
+        DECODE_PRINTF("\n");
+        TRACE_AND_STEP();
+        *dstreg = fetch_data_word(srcoffset);
+        M.x86.R_DS = fetch_data_word(srcoffset + 2);
+    }
+    /* else UNDEFINED! */
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xc6
+****************************************************************************/
+static void x86emuOp_mov_byte_RM_IMM(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rl, rh;
+    u8 *destreg;
+    uint destoffset;
+    u8 imm;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("MOV\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (rh != 0) {
+        DECODE_PRINTF("ILLEGAL DECODE OF OPCODE c6\n");
+        HALT_SYS();
+    }
+    if (mod < 3) {
+        DECODE_PRINTF("BYTE PTR ");
+        destoffset = decode_rmXX_address(mod, rl);
+        imm = fetch_byte_imm();
+        DECODE_PRINTF2(",%2x\n", imm);
+        TRACE_AND_STEP();
+        store_data_byte(destoffset, imm);
+    } else {                     /* register to register */
+        destreg = DECODE_RM_BYTE_REGISTER(rl);
+        imm = fetch_byte_imm();
+        DECODE_PRINTF2(",%2x\n", imm);
+        TRACE_AND_STEP();
+        *destreg = imm;
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xc7
+****************************************************************************/
+static void x86emuOp_mov_word_RM_IMM(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rl, rh;
+    uint destoffset;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("MOV\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (rh != 0) {
+        DECODE_PRINTF("ILLEGAL DECODE OF OPCODE 8F\n");
+        HALT_SYS();
+    }
+    if (mod < 3) {
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 imm;
+
+            DECODE_PRINTF("DWORD PTR ");
+            destoffset = decode_rmXX_address(mod, rl);
+            imm = fetch_long_imm();
+            DECODE_PRINTF2(",%x\n", imm);
+            TRACE_AND_STEP();
+            store_data_long(destoffset, imm);
+        } else {
+            u16 imm;
+
+            DECODE_PRINTF("WORD PTR ");
+            destoffset = decode_rmXX_address(mod, rl);
+            imm = fetch_word_imm();
+            DECODE_PRINTF2(",%x\n", imm);
+            TRACE_AND_STEP();
+            store_data_word(destoffset, imm);
+        }
+    } else {                     /* register to register */
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+			u32 *destreg;
+			u32 imm;
+
+            destreg = DECODE_RM_LONG_REGISTER(rl);
+            imm = fetch_long_imm();
+            DECODE_PRINTF2(",%x\n", imm);
+            TRACE_AND_STEP();
+            *destreg = imm;
+        } else {
+			u16 *destreg;
+			u16 imm;
+
+            destreg = DECODE_RM_WORD_REGISTER(rl);
+            imm = fetch_word_imm();
+            DECODE_PRINTF2(",%x\n", imm);
+            TRACE_AND_STEP();
+            *destreg = imm;
+        }
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xc8
+****************************************************************************/
+static void x86emuOp_enter(u8 X86EMU_UNUSED(op1))
+{
+    u16 local,frame_pointer;
+    u8  nesting;
+    int i;
+
+    START_OF_INSTR();
+    local = fetch_word_imm();
+    nesting = fetch_byte_imm();
+    DECODE_PRINTF2("ENTER %x\n", local);
+    DECODE_PRINTF2(",%x\n", nesting);
+    TRACE_AND_STEP();
+    push_word(M.x86.R_BP);
+    frame_pointer = M.x86.R_SP;
+    if (nesting > 0) {
+        for (i = 1; i < nesting; i++) {
+            M.x86.R_BP -= 2;
+            push_word(fetch_data_word_abs(M.x86.R_SS, M.x86.R_BP));
+            }
+        push_word(frame_pointer);
+        }
+    M.x86.R_BP = frame_pointer;
+    M.x86.R_SP = (u16)(M.x86.R_SP - local);
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xc9
+****************************************************************************/
+static void x86emuOp_leave(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("LEAVE\n");
+    TRACE_AND_STEP();
+    M.x86.R_SP = M.x86.R_BP;
+    M.x86.R_BP = pop_word();
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xca
+****************************************************************************/
+static void x86emuOp_ret_far_IMM(u8 X86EMU_UNUSED(op1))
+{
+    u16 imm;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("RETF\t");
+    imm = fetch_word_imm();
+    DECODE_PRINTF2("%x\n", imm);
+	TRACE_AND_STEP();
+    M.x86.R_IP = pop_word();
+    M.x86.R_CS = pop_word();
+	RETURN_TRACE(M.x86.saved_cs,M.x86.saved_ip, M.x86.R_CS, M.x86.R_IP, "FAR");
+    M.x86.R_SP += imm;
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xcb
+****************************************************************************/
+static void x86emuOp_ret_far(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("RETF\n");
+	TRACE_AND_STEP();
+    M.x86.R_IP = pop_word();
+    M.x86.R_CS = pop_word();
+	RETURN_TRACE(M.x86.saved_cs,M.x86.saved_ip, M.x86.R_CS, M.x86.R_IP, "FAR");
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xcc
+****************************************************************************/
+static void x86emuOp_int3(u8 X86EMU_UNUSED(op1))
+{
+    u16 X86EMU_UNUSED(tmp);
+
+    START_OF_INSTR();
+    DECODE_PRINTF("INT 3\n");
+    tmp = (u16) mem_access_word(3 * 4 + 2);
+    /* access the segment register */
+    TRACE_AND_STEP();
+	if (_X86EMU_intrTab[3]) {
+		(*_X86EMU_intrTab[3])(3);
+    } else {
+        push_word((u16)M.x86.R_FLG);
+        CLEAR_FLAG(F_IF);
+        CLEAR_FLAG(F_TF);
+        push_word(M.x86.R_CS);
+        M.x86.R_CS = mem_access_word(3 * 4 + 2);
+        push_word(M.x86.R_IP);
+        M.x86.R_IP = mem_access_word(3 * 4);
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xcd
+****************************************************************************/
+static void x86emuOp_int_IMM(u8 X86EMU_UNUSED(op1))
+{
+    u16 X86EMU_UNUSED(tmp);
+    u8 intnum;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("INT\t");
+    intnum = fetch_byte_imm();
+    DECODE_PRINTF2("%x\n", intnum);
+    tmp = mem_access_word(intnum * 4 + 2);
+    TRACE_AND_STEP();
+	if (_X86EMU_intrTab[intnum]) {
+		(*_X86EMU_intrTab[intnum])(intnum);
+    } else {
+        push_word((u16)M.x86.R_FLG);
+        CLEAR_FLAG(F_IF);
+        CLEAR_FLAG(F_TF);
+        push_word(M.x86.R_CS);
+        M.x86.R_CS = mem_access_word(intnum * 4 + 2);
+        push_word(M.x86.R_IP);
+        M.x86.R_IP = mem_access_word(intnum * 4);
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xce
+****************************************************************************/
+static void x86emuOp_into(u8 X86EMU_UNUSED(op1))
+{
+    u16 X86EMU_UNUSED(tmp);
+
+    START_OF_INSTR();
+    DECODE_PRINTF("INTO\n");
+    TRACE_AND_STEP();
+    if (ACCESS_FLAG(F_OF)) {
+        tmp = mem_access_word(4 * 4 + 2);
+		if (_X86EMU_intrTab[4]) {
+			(*_X86EMU_intrTab[4])(4);
+        } else {
+            push_word((u16)M.x86.R_FLG);
+            CLEAR_FLAG(F_IF);
+            CLEAR_FLAG(F_TF);
+            push_word(M.x86.R_CS);
+            M.x86.R_CS = mem_access_word(4 * 4 + 2);
+            push_word(M.x86.R_IP);
+            M.x86.R_IP = mem_access_word(4 * 4);
+        }
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xcf
+****************************************************************************/
+static void x86emuOp_iret(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("IRET\n");
+
+    TRACE_AND_STEP();
+
+    M.x86.R_IP = pop_word();
+    M.x86.R_CS = pop_word();
+    M.x86.R_FLG = pop_word();
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xd0
+****************************************************************************/
+static void x86emuOp_opcD0_byte_RM_1(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rl, rh;
+    u8 *destreg;
+    uint destoffset;
+    u8 destval;
+
+    /*
+     * Yet another weirdo special case instruction format.  Part of
+     * the opcode held below in "RH".  Doubly nested case would
+     * result, except that the decoded instruction
+     */
+    START_OF_INSTR();
+    FETCH_DECODE_MODRM(mod, rh, rl);
+#ifdef DEBUG
+    if (DEBUG_DECODE()) {
+        /* XXX DECODE_PRINTF may be changed to something more
+           general, so that it is important to leave the strings
+           in the same format, even though the result is that the
+           above test is done twice. */
+        switch (rh) {
+        case 0:
+            DECODE_PRINTF("ROL\t");
+            break;
+        case 1:
+            DECODE_PRINTF("ROR\t");
+            break;
+        case 2:
+            DECODE_PRINTF("RCL\t");
+            break;
+        case 3:
+            DECODE_PRINTF("RCR\t");
+            break;
+        case 4:
+            DECODE_PRINTF("SHL\t");
+            break;
+        case 5:
+            DECODE_PRINTF("SHR\t");
+            break;
+        case 6:
+            DECODE_PRINTF("SAL\t");
+            break;
+        case 7:
+            DECODE_PRINTF("SAR\t");
+            break;
+        }
+    }
+#endif
+    /* know operation, decode the mod byte to find the addressing
+       mode. */
+    if (mod < 3) {
+        DECODE_PRINTF("BYTE PTR ");
+        destoffset = decode_rmXX_address(mod, rl);
+        DECODE_PRINTF(",1\n");
+        destval = fetch_data_byte(destoffset);
+        TRACE_AND_STEP();
+        destval = (*opcD0_byte_operation[rh]) (destval, 1);
+        store_data_byte(destoffset, destval);
+    } else {                     /* register to register */
+        destreg = DECODE_RM_BYTE_REGISTER(rl);
+        DECODE_PRINTF(",1\n");
+        TRACE_AND_STEP();
+        destval = (*opcD0_byte_operation[rh]) (*destreg, 1);
+        *destreg = destval;
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xd1
+****************************************************************************/
+static void x86emuOp_opcD1_word_RM_1(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rl, rh;
+    uint destoffset;
+
+    /*
+     * Yet another weirdo special case instruction format.  Part of
+     * the opcode held below in "RH".  Doubly nested case would
+     * result, except that the decoded instruction
+     */
+    START_OF_INSTR();
+    FETCH_DECODE_MODRM(mod, rh, rl);
+#ifdef DEBUG
+    if (DEBUG_DECODE()) {
+        /* XXX DECODE_PRINTF may be changed to something more
+           general, so that it is important to leave the strings
+           in the same format, even though the result is that the
+           above test is done twice. */
+        switch (rh) {
+        case 0:
+            DECODE_PRINTF("ROL\t");
+            break;
+        case 1:
+            DECODE_PRINTF("ROR\t");
+            break;
+        case 2:
+            DECODE_PRINTF("RCL\t");
+            break;
+        case 3:
+            DECODE_PRINTF("RCR\t");
+            break;
+        case 4:
+            DECODE_PRINTF("SHL\t");
+            break;
+        case 5:
+            DECODE_PRINTF("SHR\t");
+            break;
+        case 6:
+            DECODE_PRINTF("SAL\t");
+            break;
+        case 7:
+            DECODE_PRINTF("SAR\t");
+            break;
+        }
+    }
+#endif
+    /* know operation, decode the mod byte to find the addressing
+       mode. */
+    if (mod < 3) {
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 destval;
+
+            DECODE_PRINTF("DWORD PTR ");
+            destoffset = decode_rmXX_address(mod, rl);
+            DECODE_PRINTF(",1\n");
+            destval = fetch_data_long(destoffset);
+            TRACE_AND_STEP();
+            destval = (*opcD1_long_operation[rh]) (destval, 1);
+            store_data_long(destoffset, destval);
+        } else {
+            u16 destval;
+
+            DECODE_PRINTF("WORD PTR ");
+            destoffset = decode_rmXX_address(mod, rl);
+            DECODE_PRINTF(",1\n");
+            destval = fetch_data_word(destoffset);
+            TRACE_AND_STEP();
+            destval = (*opcD1_word_operation[rh]) (destval, 1);
+            store_data_word(destoffset, destval);
+        }
+    } else {                     /* register to register */
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+			u32 destval;
+			u32 *destreg;
+
+            destreg = DECODE_RM_LONG_REGISTER(rl);
+            DECODE_PRINTF(",1\n");
+            TRACE_AND_STEP();
+            destval = (*opcD1_long_operation[rh]) (*destreg, 1);
+            *destreg = destval;
+        } else {
+			u16 destval;
+			u16 *destreg;
+
+            destreg = DECODE_RM_WORD_REGISTER(rl);
+            DECODE_PRINTF(",1\n");
+            TRACE_AND_STEP();
+            destval = (*opcD1_word_operation[rh]) (*destreg, 1);
+            *destreg = destval;
+        }
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xd2
+****************************************************************************/
+static void x86emuOp_opcD2_byte_RM_CL(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rl, rh;
+    u8 *destreg;
+    uint destoffset;
+    u8 destval;
+    u8 amt;
+
+    /*
+     * Yet another weirdo special case instruction format.  Part of
+     * the opcode held below in "RH".  Doubly nested case would
+     * result, except that the decoded instruction
+     */
+    START_OF_INSTR();
+    FETCH_DECODE_MODRM(mod, rh, rl);
+#ifdef DEBUG
+    if (DEBUG_DECODE()) {
+        /* XXX DECODE_PRINTF may be changed to something more
+           general, so that it is important to leave the strings
+           in the same format, even though the result is that the
+           above test is done twice. */
+        switch (rh) {
+        case 0:
+            DECODE_PRINTF("ROL\t");
+            break;
+        case 1:
+            DECODE_PRINTF("ROR\t");
+            break;
+        case 2:
+            DECODE_PRINTF("RCL\t");
+            break;
+        case 3:
+            DECODE_PRINTF("RCR\t");
+            break;
+        case 4:
+            DECODE_PRINTF("SHL\t");
+            break;
+        case 5:
+            DECODE_PRINTF("SHR\t");
+            break;
+        case 6:
+            DECODE_PRINTF("SAL\t");
+            break;
+        case 7:
+            DECODE_PRINTF("SAR\t");
+            break;
+        }
+    }
+#endif
+    /* know operation, decode the mod byte to find the addressing
+       mode. */
+    amt = M.x86.R_CL;
+    if (mod < 3) {
+        DECODE_PRINTF("BYTE PTR ");
+        destoffset = decode_rmXX_address(mod, rl);
+        DECODE_PRINTF(",CL\n");
+        destval = fetch_data_byte(destoffset);
+        TRACE_AND_STEP();
+        destval = (*opcD0_byte_operation[rh]) (destval, amt);
+        store_data_byte(destoffset, destval);
+    } else {                     /* register to register */
+        destreg = DECODE_RM_BYTE_REGISTER(rl);
+        DECODE_PRINTF(",CL\n");
+        TRACE_AND_STEP();
+        destval = (*opcD0_byte_operation[rh]) (*destreg, amt);
+        *destreg = destval;
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xd3
+****************************************************************************/
+static void x86emuOp_opcD3_word_RM_CL(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rl, rh;
+    uint destoffset;
+    u8 amt;
+
+    /*
+     * Yet another weirdo special case instruction format.  Part of
+     * the opcode held below in "RH".  Doubly nested case would
+     * result, except that the decoded instruction
+     */
+    START_OF_INSTR();
+    FETCH_DECODE_MODRM(mod, rh, rl);
+#ifdef DEBUG
+    if (DEBUG_DECODE()) {
+        /* XXX DECODE_PRINTF may be changed to something more
+           general, so that it is important to leave the strings
+           in the same format, even though the result is that the
+           above test is done twice. */
+        switch (rh) {
+        case 0:
+            DECODE_PRINTF("ROL\t");
+            break;
+        case 1:
+            DECODE_PRINTF("ROR\t");
+            break;
+        case 2:
+            DECODE_PRINTF("RCL\t");
+            break;
+        case 3:
+            DECODE_PRINTF("RCR\t");
+            break;
+        case 4:
+            DECODE_PRINTF("SHL\t");
+            break;
+        case 5:
+            DECODE_PRINTF("SHR\t");
+            break;
+        case 6:
+            DECODE_PRINTF("SAL\t");
+            break;
+        case 7:
+            DECODE_PRINTF("SAR\t");
+            break;
+        }
+    }
+#endif
+    /* know operation, decode the mod byte to find the addressing
+       mode. */
+    amt = M.x86.R_CL;
+    if (mod < 3) {
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 destval;
+
+            DECODE_PRINTF("DWORD PTR ");
+            destoffset = decode_rmXX_address(mod, rl);
+            DECODE_PRINTF(",CL\n");
+            destval = fetch_data_long(destoffset);
+            TRACE_AND_STEP();
+            destval = (*opcD1_long_operation[rh]) (destval, amt);
+            store_data_long(destoffset, destval);
+        } else {
+            u16 destval;
+
+            DECODE_PRINTF("WORD PTR ");
+            destoffset = decode_rmXX_address(mod, rl);
+            DECODE_PRINTF(",CL\n");
+            destval = fetch_data_word(destoffset);
+            TRACE_AND_STEP();
+            destval = (*opcD1_word_operation[rh]) (destval, amt);
+            store_data_word(destoffset, destval);
+        }
+    } else {                     /* register to register */
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 *destreg;
+
+            destreg = DECODE_RM_LONG_REGISTER(rl);
+            DECODE_PRINTF(",CL\n");
+            TRACE_AND_STEP();
+            *destreg = (*opcD1_long_operation[rh]) (*destreg, amt);
+        } else {
+            u16 *destreg;
+
+            destreg = DECODE_RM_WORD_REGISTER(rl);
+            DECODE_PRINTF(",CL\n");
+            TRACE_AND_STEP();
+            *destreg = (*opcD1_word_operation[rh]) (*destreg, amt);
+        }
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xd4
+****************************************************************************/
+static void x86emuOp_aam(u8 X86EMU_UNUSED(op1))
+{
+    u8 a;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("AAM\n");
+    a = fetch_byte_imm();      /* this is a stupid encoding. */
+    if (a != 10) {
+        DECODE_PRINTF("ERROR DECODING AAM\n");
+        TRACE_REGS();
+        HALT_SYS();
+    }
+    TRACE_AND_STEP();
+    /* note the type change here --- returning AL and AH in AX. */
+    M.x86.R_AX = aam_word(M.x86.R_AL);
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xd5
+****************************************************************************/
+static void x86emuOp_aad(u8 X86EMU_UNUSED(op1))
+{
+    u8 X86EMU_UNUSED(a);
+
+    START_OF_INSTR();
+    DECODE_PRINTF("AAD\n");
+    a = fetch_byte_imm();
+    TRACE_AND_STEP();
+    M.x86.R_AX = aad_word(M.x86.R_AX);
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/* opcode 0xd6 ILLEGAL OPCODE */
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xd7
+****************************************************************************/
+static void x86emuOp_xlat(u8 X86EMU_UNUSED(op1))
+{
+    u16 addr;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("XLAT\n");
+    TRACE_AND_STEP();
+	addr = (u16)(M.x86.R_BX + (u8)M.x86.R_AL);
+    M.x86.R_AL = fetch_data_byte(addr);
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/* instuctions  D8 .. DF are in i87_ops.c */
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xe0
+****************************************************************************/
+static void x86emuOp_loopne(u8 X86EMU_UNUSED(op1))
+{
+    s16 ip;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("LOOPNE\t");
+    ip = (s8) fetch_byte_imm();
+    ip += (s16) M.x86.R_IP;
+    DECODE_PRINTF2("%04x\n", ip);
+    TRACE_AND_STEP();
+    if (M.x86.mode & SYSMODE_PREFIX_ADDR)
+        M.x86.R_ECX -= 1;
+    else
+        M.x86.R_CX -= 1;
+    if (((M.x86.mode & SYSMODE_PREFIX_ADDR) ? M.x86.R_ECX : M.x86.R_CX) != 0 && !ACCESS_FLAG(F_ZF))      /* (E)CX != 0 and !ZF */
+        M.x86.R_IP = ip;
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xe1
+****************************************************************************/
+static void x86emuOp_loope(u8 X86EMU_UNUSED(op1))
+{
+    s16 ip;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("LOOPE\t");
+    ip = (s8) fetch_byte_imm();
+    ip += (s16) M.x86.R_IP;
+    DECODE_PRINTF2("%04x\n", ip);
+    TRACE_AND_STEP();
+    if (M.x86.mode & SYSMODE_PREFIX_ADDR)
+        M.x86.R_ECX -= 1;
+    else
+        M.x86.R_CX -= 1;
+    if (((M.x86.mode & SYSMODE_PREFIX_ADDR) ? M.x86.R_ECX : M.x86.R_CX) != 0 && ACCESS_FLAG(F_ZF))      /* (E)CX != 0 and ZF */
+        M.x86.R_IP = ip;
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xe2
+****************************************************************************/
+static void x86emuOp_loop(u8 X86EMU_UNUSED(op1))
+{
+    s16 ip;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("LOOP\t");
+    ip = (s8) fetch_byte_imm();
+    ip += (s16) M.x86.R_IP;
+    DECODE_PRINTF2("%04x\n", ip);
+    TRACE_AND_STEP();
+    if (M.x86.mode & SYSMODE_PREFIX_ADDR)
+        M.x86.R_ECX -= 1;
+    else
+        M.x86.R_CX -= 1;
+    if (((M.x86.mode & SYSMODE_PREFIX_ADDR) ? M.x86.R_ECX : M.x86.R_CX) != 0)      /* (E)CX != 0 */
+        M.x86.R_IP = ip;
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xe3
+****************************************************************************/
+static void x86emuOp_jcxz(u8 X86EMU_UNUSED(op1))
+{
+    u16 target;
+    s8  offset;
+
+    /* jump to byte offset if overflow flag is set */
+    START_OF_INSTR();
+    DECODE_PRINTF("JCXZ\t");
+    offset = (s8)fetch_byte_imm();
+    target = (u16)(M.x86.R_IP + offset);
+    DECODE_PRINTF2("%x\n", target);
+    TRACE_AND_STEP();
+    if (M.x86.R_CX == 0) {
+        M.x86.R_IP = target;
+	JMP_TRACE(M.x86.saved_cs, M.x86.saved_ip, M.x86.R_CS, M.x86.R_IP, " CXZ ");
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xe4
+****************************************************************************/
+static void x86emuOp_in_byte_AL_IMM(u8 X86EMU_UNUSED(op1))
+{
+    u8 port;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("IN\t");
+	port = (u8) fetch_byte_imm();
+    DECODE_PRINTF2("%x,AL\n", port);
+    TRACE_AND_STEP();
+    M.x86.R_AL = (*sys_inb)(port);
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xe5
+****************************************************************************/
+static void x86emuOp_in_word_AX_IMM(u8 X86EMU_UNUSED(op1))
+{
+    u8 port;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("IN\t");
+	port = (u8) fetch_byte_imm();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        DECODE_PRINTF2("EAX,%x\n", port);
+    } else {
+        DECODE_PRINTF2("AX,%x\n", port);
+    }
+    TRACE_AND_STEP();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        M.x86.R_EAX = (*sys_inl)(port);
+    } else {
+        M.x86.R_AX = (*sys_inw)(port);
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xe6
+****************************************************************************/
+static void x86emuOp_out_byte_IMM_AL(u8 X86EMU_UNUSED(op1))
+{
+    u8 port;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("OUT\t");
+	port = (u8) fetch_byte_imm();
+    DECODE_PRINTF2("%x,AL\n", port);
+    TRACE_AND_STEP();
+    (*sys_outb)(port, M.x86.R_AL);
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xe7
+****************************************************************************/
+static void x86emuOp_out_word_IMM_AX(u8 X86EMU_UNUSED(op1))
+{
+    u8 port;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("OUT\t");
+	port = (u8) fetch_byte_imm();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        DECODE_PRINTF2("%x,EAX\n", port);
+    } else {
+        DECODE_PRINTF2("%x,AX\n", port);
+    }
+    TRACE_AND_STEP();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        (*sys_outl)(port, M.x86.R_EAX);
+    } else {
+        (*sys_outw)(port, M.x86.R_AX);
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xe8
+****************************************************************************/
+static void x86emuOp_call_near_IMM(u8 X86EMU_UNUSED(op1))
+{
+    s16 ip16 = 0; /* Initialize to keep GCC silent */
+    s32 ip32 = 0;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("CALL\t");
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        ip32 = (s32) fetch_long_imm();
+        ip32 += (s16) M.x86.R_IP;    /* CHECK SIGN */
+        DECODE_PRINTF2("%04x\n", (u16)ip32);
+        CALL_TRACE(M.x86.saved_cs, M.x86.saved_ip, M.x86.R_CS, ip32, "");
+    } else {
+        ip16 = (s16) fetch_word_imm();
+        ip16 += (s16) M.x86.R_IP;    /* CHECK SIGN */
+        DECODE_PRINTF2("%04x\n", ip16);
+        CALL_TRACE(M.x86.saved_cs, M.x86.saved_ip, M.x86.R_CS, ip16, "");
+    }
+    TRACE_AND_STEP();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        push_long(M.x86.R_EIP);
+        M.x86.R_EIP = ip32 & 0xffff;
+    } else {
+        push_word(M.x86.R_IP);
+        M.x86.R_EIP = ip16;
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xe9
+****************************************************************************/
+static void x86emuOp_jump_near_IMM(u8 X86EMU_UNUSED(op1))
+{
+    u32 ip;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("JMP\t");
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        ip = (u32)fetch_long_imm();
+	ip += (u32)M.x86.R_EIP;
+	DECODE_PRINTF2("%08x\n", (u32)ip);
+        JMP_TRACE(M.x86.saved_cs, M.x86.saved_ip, M.x86.R_CS, ip, " NEAR ");
+	TRACE_AND_STEP();
+	M.x86.R_EIP = (u32)ip;
+    } else {
+        ip = (s16)fetch_word_imm();
+        ip += (s16)M.x86.R_IP;
+        DECODE_PRINTF2("%04x\n", (u16)ip);
+        JMP_TRACE(M.x86.saved_cs, M.x86.saved_ip, M.x86.R_CS, ip, " NEAR ");
+        TRACE_AND_STEP();
+        M.x86.R_IP = (u16)ip;
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xea
+****************************************************************************/
+static void x86emuOp_jump_far_IMM(u8 X86EMU_UNUSED(op1))
+{
+    u16 cs;
+    u32 ip;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("JMP\tFAR ");
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        ip = fetch_long_imm();
+    } else {
+        ip = fetch_word_imm();
+    }
+    cs = fetch_word_imm();
+    DECODE_PRINTF2("%04x:", cs);
+    DECODE_PRINTF2("%04x\n", ip);
+    JMP_TRACE(M.x86.saved_cs, M.x86.saved_ip, cs, ip, " FAR ");
+    TRACE_AND_STEP();
+    M.x86.R_EIP = ip & 0xffff;
+    M.x86.R_CS = cs;
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xeb
+****************************************************************************/
+static void x86emuOp_jump_byte_IMM(u8 X86EMU_UNUSED(op1))
+{
+    u16 target;
+    s8 offset;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("JMP\t");
+    offset = (s8)fetch_byte_imm();
+    target = (u16)(M.x86.R_IP + offset);
+    DECODE_PRINTF2("%x\n", target);
+    JMP_TRACE(M.x86.saved_cs, M.x86.saved_ip, M.x86.R_CS, target, " BYTE ");
+    TRACE_AND_STEP();
+    M.x86.R_IP = target;
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xec
+****************************************************************************/
+static void x86emuOp_in_byte_AL_DX(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("IN\tAL,DX\n");
+    TRACE_AND_STEP();
+    M.x86.R_AL = (*sys_inb)(M.x86.R_DX);
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xed
+****************************************************************************/
+static void x86emuOp_in_word_AX_DX(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        DECODE_PRINTF("IN\tEAX,DX\n");
+    } else {
+        DECODE_PRINTF("IN\tAX,DX\n");
+    }
+    TRACE_AND_STEP();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        M.x86.R_EAX = (*sys_inl)(M.x86.R_DX);
+    } else {
+        M.x86.R_AX = (*sys_inw)(M.x86.R_DX);
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xee
+****************************************************************************/
+static void x86emuOp_out_byte_DX_AL(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("OUT\tDX,AL\n");
+    TRACE_AND_STEP();
+    (*sys_outb)(M.x86.R_DX, M.x86.R_AL);
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xef
+****************************************************************************/
+static void x86emuOp_out_word_DX_AX(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        DECODE_PRINTF("OUT\tDX,EAX\n");
+    } else {
+        DECODE_PRINTF("OUT\tDX,AX\n");
+    }
+    TRACE_AND_STEP();
+    if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+        (*sys_outl)(M.x86.R_DX, M.x86.R_EAX);
+    } else {
+        (*sys_outw)(M.x86.R_DX, M.x86.R_AX);
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xf0
+****************************************************************************/
+static void x86emuOp_lock(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("LOCK:\n");
+    TRACE_AND_STEP();
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/*opcode 0xf1 ILLEGAL OPERATION */
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xf2
+****************************************************************************/
+static void x86emuOp_repne(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("REPNE\n");
+    TRACE_AND_STEP();
+    M.x86.mode |= SYSMODE_PREFIX_REPNE;
+    if (M.x86.mode & SYSMODE_PREFIX_ADDR)
+        M.x86.mode |= SYSMODE_32BIT_REP;
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xf3
+****************************************************************************/
+static void x86emuOp_repe(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("REPE\n");
+    TRACE_AND_STEP();
+    M.x86.mode |= SYSMODE_PREFIX_REPE;
+    if (M.x86.mode & SYSMODE_PREFIX_ADDR)
+        M.x86.mode |= SYSMODE_32BIT_REP;
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xf4
+****************************************************************************/
+static void x86emuOp_halt(u8 X86EMU_UNUSED(op1))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("HALT\n");
+    TRACE_AND_STEP();
+    HALT_SYS();
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xf5
+****************************************************************************/
+static void x86emuOp_cmc(u8 X86EMU_UNUSED(op1))
+{
+    /* complement the carry flag. */
+    START_OF_INSTR();
+    DECODE_PRINTF("CMC\n");
+    TRACE_AND_STEP();
+    TOGGLE_FLAG(F_CF);
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xf6
+****************************************************************************/
+static void x86emuOp_opcF6_byte_RM(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rl, rh;
+    u8 *destreg;
+    uint destoffset;
+    u8 destval, srcval;
+
+    /* long, drawn out code follows.  Double switch for a total
+       of 32 cases.  */
+    START_OF_INSTR();
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    DECODE_PRINTF(opF6_names[rh]);
+    if (mod < 3) {
+        DECODE_PRINTF("BYTE PTR ");
+        destoffset = decode_rmXX_address(mod, rl);
+        destval = fetch_data_byte(destoffset);
+
+        switch (rh) {
+        case 0:         /* test byte imm */
+            DECODE_PRINTF(",");
+            srcval = fetch_byte_imm();
+            DECODE_PRINTF2("%02x\n", srcval);
+            TRACE_AND_STEP();
+            test_byte(destval, srcval);
+            break;
+        case 1:
+            DECODE_PRINTF("ILLEGAL OP MOD=00 RH=01 OP=F6\n");
+            HALT_SYS();
+            break;
+        case 2:
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            destval = not_byte(destval);
+            store_data_byte(destoffset, destval);
+            break;
+        case 3:
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            destval = neg_byte(destval);
+            store_data_byte(destoffset, destval);
+            break;
+        case 4:
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            mul_byte(destval);
+            break;
+        case 5:
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            imul_byte(destval);
+            break;
+        case 6:
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            div_byte(destval);
+            break;
+        default:
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            idiv_byte(destval);
+            break;
+        }
+    } else {                     /* mod=11 */
+        destreg = DECODE_RM_BYTE_REGISTER(rl);
+        switch (rh) {
+        case 0:         /* test byte imm */
+            DECODE_PRINTF(",");
+            srcval = fetch_byte_imm();
+            DECODE_PRINTF2("%02x\n", srcval);
+            TRACE_AND_STEP();
+            test_byte(*destreg, srcval);
+            break;
+        case 1:
+            DECODE_PRINTF("ILLEGAL OP MOD=00 RH=01 OP=F6\n");
+            HALT_SYS();
+            break;
+        case 2:
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            *destreg = not_byte(*destreg);
+            break;
+        case 3:
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            *destreg = neg_byte(*destreg);
+            break;
+        case 4:
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            mul_byte(*destreg);      /*!!!  */
+            break;
+        case 5:
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            imul_byte(*destreg);
+            break;
+        case 6:
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            div_byte(*destreg);
+            break;
+        default:
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            idiv_byte(*destreg);
+            break;
+        }
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xf7
+****************************************************************************/
+static void x86emuOp_opcF7_word_RM(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rl, rh;
+    uint destoffset;
+
+    START_OF_INSTR();
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    DECODE_PRINTF(opF6_names[rh]);
+    if (mod < 3) {
+
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 destval, srcval;
+
+            DECODE_PRINTF("DWORD PTR ");
+            destoffset = decode_rmXX_address(mod, rl);
+            destval = fetch_data_long(destoffset);
+
+            switch (rh) {
+            case 0:
+                DECODE_PRINTF(",");
+                srcval = fetch_long_imm();
+                DECODE_PRINTF2("%x\n", srcval);
+                TRACE_AND_STEP();
+                test_long(destval, srcval);
+                break;
+            case 1:
+                DECODE_PRINTF("ILLEGAL OP MOD=00 RH=01 OP=F7\n");
+                HALT_SYS();
+                break;
+            case 2:
+                DECODE_PRINTF("\n");
+                TRACE_AND_STEP();
+                destval = not_long(destval);
+                store_data_long(destoffset, destval);
+                break;
+            case 3:
+                DECODE_PRINTF("\n");
+                TRACE_AND_STEP();
+                destval = neg_long(destval);
+                store_data_long(destoffset, destval);
+                break;
+            case 4:
+                DECODE_PRINTF("\n");
+                TRACE_AND_STEP();
+                mul_long(destval);
+                break;
+            case 5:
+                DECODE_PRINTF("\n");
+                TRACE_AND_STEP();
+                imul_long(destval);
+                break;
+            case 6:
+                DECODE_PRINTF("\n");
+                TRACE_AND_STEP();
+                div_long(destval);
+                break;
+            case 7:
+                DECODE_PRINTF("\n");
+                TRACE_AND_STEP();
+                idiv_long(destval);
+                break;
+            }
+        } else {
+            u16 destval, srcval;
+
+            DECODE_PRINTF("WORD PTR ");
+            destoffset = decode_rmXX_address(mod, rl);
+            destval = fetch_data_word(destoffset);
+
+            switch (rh) {
+            case 0:         /* test word imm */
+                DECODE_PRINTF(",");
+                srcval = fetch_word_imm();
+                DECODE_PRINTF2("%x\n", srcval);
+                TRACE_AND_STEP();
+                test_word(destval, srcval);
+                break;
+            case 1:
+                DECODE_PRINTF("ILLEGAL OP MOD=00 RH=01 OP=F7\n");
+                HALT_SYS();
+                break;
+            case 2:
+                DECODE_PRINTF("\n");
+                TRACE_AND_STEP();
+                destval = not_word(destval);
+                store_data_word(destoffset, destval);
+                break;
+            case 3:
+                DECODE_PRINTF("\n");
+                TRACE_AND_STEP();
+                destval = neg_word(destval);
+                store_data_word(destoffset, destval);
+                break;
+            case 4:
+                DECODE_PRINTF("\n");
+                TRACE_AND_STEP();
+                mul_word(destval);
+                break;
+            case 5:
+                DECODE_PRINTF("\n");
+                TRACE_AND_STEP();
+                imul_word(destval);
+                break;
+            case 6:
+                DECODE_PRINTF("\n");
+                TRACE_AND_STEP();
+                div_word(destval);
+                break;
+            case 7:
+                DECODE_PRINTF("\n");
+                TRACE_AND_STEP();
+                idiv_word(destval);
+                break;
+            }
+        }
+
+    } else {                     /* mod=11 */
+
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 *destreg;
+            u32 srcval;
+
+            destreg = DECODE_RM_LONG_REGISTER(rl);
+
+            switch (rh) {
+            case 0:         /* test word imm */
+                DECODE_PRINTF(",");
+                srcval = fetch_long_imm();
+                DECODE_PRINTF2("%x\n", srcval);
+                TRACE_AND_STEP();
+                test_long(*destreg, srcval);
+                break;
+            case 1:
+                DECODE_PRINTF("ILLEGAL OP MOD=00 RH=01 OP=F6\n");
+                HALT_SYS();
+                break;
+            case 2:
+                DECODE_PRINTF("\n");
+                TRACE_AND_STEP();
+                *destreg = not_long(*destreg);
+                break;
+            case 3:
+                DECODE_PRINTF("\n");
+                TRACE_AND_STEP();
+                *destreg = neg_long(*destreg);
+                break;
+            case 4:
+                DECODE_PRINTF("\n");
+                TRACE_AND_STEP();
+                mul_long(*destreg);      /*!!!  */
+                break;
+            case 5:
+                DECODE_PRINTF("\n");
+                TRACE_AND_STEP();
+                imul_long(*destreg);
+                break;
+            case 6:
+                DECODE_PRINTF("\n");
+                TRACE_AND_STEP();
+                div_long(*destreg);
+                break;
+            case 7:
+                DECODE_PRINTF("\n");
+                TRACE_AND_STEP();
+                idiv_long(*destreg);
+                break;
+            }
+        } else {
+            u16 *destreg;
+            u16 srcval;
+
+            destreg = DECODE_RM_WORD_REGISTER(rl);
+
+            switch (rh) {
+            case 0:         /* test word imm */
+                DECODE_PRINTF(",");
+                srcval = fetch_word_imm();
+                DECODE_PRINTF2("%x\n", srcval);
+                TRACE_AND_STEP();
+                test_word(*destreg, srcval);
+                break;
+            case 1:
+                DECODE_PRINTF("ILLEGAL OP MOD=00 RH=01 OP=F6\n");
+                HALT_SYS();
+                break;
+            case 2:
+                DECODE_PRINTF("\n");
+                TRACE_AND_STEP();
+                *destreg = not_word(*destreg);
+                break;
+            case 3:
+                DECODE_PRINTF("\n");
+                TRACE_AND_STEP();
+                *destreg = neg_word(*destreg);
+                break;
+            case 4:
+                DECODE_PRINTF("\n");
+                TRACE_AND_STEP();
+                mul_word(*destreg);      /*!!!  */
+                break;
+            case 5:
+                DECODE_PRINTF("\n");
+                TRACE_AND_STEP();
+                imul_word(*destreg);
+                break;
+            case 6:
+                DECODE_PRINTF("\n");
+                TRACE_AND_STEP();
+                div_word(*destreg);
+                break;
+            case 7:
+                DECODE_PRINTF("\n");
+                TRACE_AND_STEP();
+                idiv_word(*destreg);
+                break;
+            }
+        }
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xf8
+****************************************************************************/
+static void x86emuOp_clc(u8 X86EMU_UNUSED(op1))
+{
+    /* clear the carry flag. */
+    START_OF_INSTR();
+    DECODE_PRINTF("CLC\n");
+    TRACE_AND_STEP();
+    CLEAR_FLAG(F_CF);
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xf9
+****************************************************************************/
+static void x86emuOp_stc(u8 X86EMU_UNUSED(op1))
+{
+    /* set the carry flag. */
+    START_OF_INSTR();
+    DECODE_PRINTF("STC\n");
+    TRACE_AND_STEP();
+    SET_FLAG(F_CF);
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xfa
+****************************************************************************/
+static void x86emuOp_cli(u8 X86EMU_UNUSED(op1))
+{
+    /* clear interrupts. */
+    START_OF_INSTR();
+    DECODE_PRINTF("CLI\n");
+    TRACE_AND_STEP();
+    CLEAR_FLAG(F_IF);
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xfb
+****************************************************************************/
+static void x86emuOp_sti(u8 X86EMU_UNUSED(op1))
+{
+    /* enable  interrupts. */
+    START_OF_INSTR();
+    DECODE_PRINTF("STI\n");
+    TRACE_AND_STEP();
+    SET_FLAG(F_IF);
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xfc
+****************************************************************************/
+static void x86emuOp_cld(u8 X86EMU_UNUSED(op1))
+{
+    /* clear interrupts. */
+    START_OF_INSTR();
+    DECODE_PRINTF("CLD\n");
+    TRACE_AND_STEP();
+    CLEAR_FLAG(F_DF);
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xfd
+****************************************************************************/
+static void x86emuOp_std(u8 X86EMU_UNUSED(op1))
+{
+    /* clear interrupts. */
+    START_OF_INSTR();
+    DECODE_PRINTF("STD\n");
+    TRACE_AND_STEP();
+    SET_FLAG(F_DF);
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xfe
+****************************************************************************/
+static void x86emuOp_opcFE_byte_RM(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rh, rl;
+    u8 destval;
+    uint destoffset;
+    u8 *destreg;
+
+    /* Yet another special case instruction. */
+    START_OF_INSTR();
+    FETCH_DECODE_MODRM(mod, rh, rl);
+#ifdef DEBUG
+    if (DEBUG_DECODE()) {
+        /* XXX DECODE_PRINTF may be changed to something more
+           general, so that it is important to leave the strings
+           in the same format, even though the result is that the
+           above test is done twice. */
+
+        switch (rh) {
+        case 0:
+            DECODE_PRINTF("INC\t");
+            break;
+        case 1:
+            DECODE_PRINTF("DEC\t");
+            break;
+        case 2:
+        case 3:
+        case 4:
+        case 5:
+        case 6:
+        case 7:
+            DECODE_PRINTF2("ILLEGAL OP MAJOR OP 0xFE MINOR OP %x \n", mod);
+            HALT_SYS();
+            break;
+        }
+    }
+#endif
+    if (mod < 3) {
+        DECODE_PRINTF("BYTE PTR ");
+        destoffset = decode_rmXX_address(mod, rl);
+        DECODE_PRINTF("\n");
+        destval = fetch_data_byte(destoffset);
+        TRACE_AND_STEP();
+        if (rh == 0)
+          destval = inc_byte(destval);
+        else
+          destval = dec_byte(destval);
+        store_data_byte(destoffset, destval);
+    } else {
+        destreg = DECODE_RM_BYTE_REGISTER(rl);
+        DECODE_PRINTF("\n");
+        TRACE_AND_STEP();
+        if (rh == 0)
+          *destreg = inc_byte(*destreg);
+        else
+          *destreg = dec_byte(*destreg);
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0xff
+****************************************************************************/
+static void x86emuOp_opcFF_word_RM(u8 X86EMU_UNUSED(op1))
+{
+    int mod, rh, rl;
+    uint destoffset = 0;
+	u16 *destreg;
+	u32 *destreg32;
+	u16 destval,destval2;
+	u32 destval32;
+
+    /* Yet another special case instruction. */
+    START_OF_INSTR();
+    FETCH_DECODE_MODRM(mod, rh, rl);
+#ifdef DEBUG
+    if (DEBUG_DECODE()) {
+        /* XXX DECODE_PRINTF may be changed to something more
+           general, so that it is important to leave the strings
+           in the same format, even though the result is that the
+           above test is done twice. */
+
+        switch (rh) {
+        case 0:
+            if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+                DECODE_PRINTF("INC\tDWORD PTR ");
+            } else {
+                DECODE_PRINTF("INC\tWORD PTR ");
+            }
+            break;
+        case 1:
+            if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+                DECODE_PRINTF("DEC\tDWORD PTR ");
+            } else {
+                DECODE_PRINTF("DEC\tWORD PTR ");
+            }
+            break;
+        case 2:
+            DECODE_PRINTF("CALL\t ");
+            break;
+        case 3:
+            DECODE_PRINTF("CALL\tFAR ");
+            break;
+        case 4:
+            DECODE_PRINTF("JMP\t");
+            break;
+        case 5:
+            DECODE_PRINTF("JMP\tFAR ");
+            break;
+        case 6:
+            DECODE_PRINTF("PUSH\t");
+            break;
+        case 7:
+            DECODE_PRINTF("ILLEGAL DECODING OF OPCODE FF\t");
+            HALT_SYS();
+            break;
+        }
+    }
+#endif
+    if (mod < 3) {
+        destoffset = decode_rmXX_address(mod, rl);
+        DECODE_PRINTF("\n");
+        switch (rh) {
+        case 0:         /* inc word ptr ... */
+            if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+                destval32 = fetch_data_long(destoffset);
+                TRACE_AND_STEP();
+                destval32 = inc_long(destval32);
+                store_data_long(destoffset, destval32);
+            } else {
+                destval = fetch_data_word(destoffset);
+                TRACE_AND_STEP();
+                destval = inc_word(destval);
+                store_data_word(destoffset, destval);
+            }
+            break;
+        case 1:         /* dec word ptr ... */
+            if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+                destval32 = fetch_data_long(destoffset);
+                TRACE_AND_STEP();
+                destval32 = dec_long(destval32);
+                store_data_long(destoffset, destval32);
+            } else {
+                destval = fetch_data_word(destoffset);
+                TRACE_AND_STEP();
+                destval = dec_word(destval);
+                store_data_word(destoffset, destval);
+            }
+            break;
+        case 2:         /* call word ptr ... */
+            destval = fetch_data_word(destoffset);
+            TRACE_AND_STEP();
+            push_word(M.x86.R_IP);
+            M.x86.R_IP = destval;
+            break;
+        case 3:         /* call far ptr ... */
+            destval = fetch_data_word(destoffset);
+            destval2 = fetch_data_word(destoffset + 2);
+            TRACE_AND_STEP();
+            push_word(M.x86.R_CS);
+            M.x86.R_CS = destval2;
+            push_word(M.x86.R_IP);
+            M.x86.R_IP = destval;
+            break;
+        case 4:         /* jmp word ptr ... */
+            destval = fetch_data_word(destoffset);
+            JMP_TRACE(M.x86.saved_cs, M.x86.saved_ip, M.x86.R_CS, destval, " WORD ");
+            TRACE_AND_STEP();
+            M.x86.R_IP = destval;
+            break;
+        case 5:         /* jmp far ptr ... */
+            destval = fetch_data_word(destoffset);
+            destval2 = fetch_data_word(destoffset + 2);
+            JMP_TRACE(M.x86.saved_cs, M.x86.saved_ip, destval2, destval, " FAR ");
+            TRACE_AND_STEP();
+            M.x86.R_IP = destval;
+            M.x86.R_CS = destval2;
+            break;
+        case 6:         /*  push word ptr ... */
+            if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+                destval32 = fetch_data_long(destoffset);
+                TRACE_AND_STEP();
+                push_long(destval32);
+            } else {
+                destval = fetch_data_word(destoffset);
+                TRACE_AND_STEP();
+                push_word(destval);
+            }
+            break;
+        }
+    } else {
+        switch (rh) {
+        case 0:
+            if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+                destreg32 = DECODE_RM_LONG_REGISTER(rl);
+                DECODE_PRINTF("\n");
+                TRACE_AND_STEP();
+                *destreg32 = inc_long(*destreg32);
+            } else {
+                destreg = DECODE_RM_WORD_REGISTER(rl);
+                DECODE_PRINTF("\n");
+                TRACE_AND_STEP();
+                *destreg = inc_word(*destreg);
+            }
+            break;
+        case 1:
+            if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+                destreg32 = DECODE_RM_LONG_REGISTER(rl);
+                DECODE_PRINTF("\n");
+                TRACE_AND_STEP();
+                *destreg32 = dec_long(*destreg32);
+            } else {
+                destreg = DECODE_RM_WORD_REGISTER(rl);
+                DECODE_PRINTF("\n");
+                TRACE_AND_STEP();
+                *destreg = dec_word(*destreg);
+            }
+            break;
+        case 2:         /* call word ptr ... */
+            destreg = DECODE_RM_WORD_REGISTER(rl);
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            push_word(M.x86.R_IP);
+            M.x86.R_IP = *destreg;
+            break;
+        case 3:         /* jmp far ptr ... */
+            DECODE_PRINTF("OPERATION UNDEFINED 0XFF \n");
+            TRACE_AND_STEP();
+            HALT_SYS();
+            break;
+
+        case 4:         /* jmp  ... */
+            destreg = DECODE_RM_WORD_REGISTER(rl);
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            M.x86.R_IP = (u16) (*destreg);
+            break;
+        case 5:         /* jmp far ptr ... */
+            DECODE_PRINTF("OPERATION UNDEFINED 0XFF \n");
+            TRACE_AND_STEP();
+            HALT_SYS();
+            break;
+        case 6:
+            if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+                destreg32 = DECODE_RM_LONG_REGISTER(rl);
+                DECODE_PRINTF("\n");
+                TRACE_AND_STEP();
+                push_long(*destreg32);
+            } else {
+                destreg = DECODE_RM_WORD_REGISTER(rl);
+                DECODE_PRINTF("\n");
+                TRACE_AND_STEP();
+                push_word(*destreg);
+            }
+            break;
+        }
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/***************************************************************************
+ * Single byte operation code table:
+ **************************************************************************/
+void (*x86emu_optab[256])(u8) =
+{
+/*  0x00 */ x86emuOp_genop_byte_RM_R,
+/*  0x01 */ x86emuOp_genop_word_RM_R,
+/*  0x02 */ x86emuOp_genop_byte_R_RM,
+/*  0x03 */ x86emuOp_genop_word_R_RM,
+/*  0x04 */ x86emuOp_genop_byte_AL_IMM,
+/*  0x05 */ x86emuOp_genop_word_AX_IMM,
+/*  0x06 */ x86emuOp_push_ES,
+/*  0x07 */ x86emuOp_pop_ES,
+
+/*  0x08 */ x86emuOp_genop_byte_RM_R,
+/*  0x09 */ x86emuOp_genop_word_RM_R,
+/*  0x0a */ x86emuOp_genop_byte_R_RM,
+/*  0x0b */ x86emuOp_genop_word_R_RM,
+/*  0x0c */ x86emuOp_genop_byte_AL_IMM,
+/*  0x0d */ x86emuOp_genop_word_AX_IMM,
+/*  0x0e */ x86emuOp_push_CS,
+/*  0x0f */ x86emuOp_two_byte,
+
+/*  0x10 */ x86emuOp_genop_byte_RM_R,
+/*  0x11 */ x86emuOp_genop_word_RM_R,
+/*  0x12 */ x86emuOp_genop_byte_R_RM,
+/*  0x13 */ x86emuOp_genop_word_R_RM,
+/*  0x14 */ x86emuOp_genop_byte_AL_IMM,
+/*  0x15 */ x86emuOp_genop_word_AX_IMM,
+/*  0x16 */ x86emuOp_push_SS,
+/*  0x17 */ x86emuOp_pop_SS,
+
+/*  0x18 */ x86emuOp_genop_byte_RM_R,
+/*  0x19 */ x86emuOp_genop_word_RM_R,
+/*  0x1a */ x86emuOp_genop_byte_R_RM,
+/*  0x1b */ x86emuOp_genop_word_R_RM,
+/*  0x1c */ x86emuOp_genop_byte_AL_IMM,
+/*  0x1d */ x86emuOp_genop_word_AX_IMM,
+/*  0x1e */ x86emuOp_push_DS,
+/*  0x1f */ x86emuOp_pop_DS,
+
+/*  0x20 */ x86emuOp_genop_byte_RM_R,
+/*  0x21 */ x86emuOp_genop_word_RM_R,
+/*  0x22 */ x86emuOp_genop_byte_R_RM,
+/*  0x23 */ x86emuOp_genop_word_R_RM,
+/*  0x24 */ x86emuOp_genop_byte_AL_IMM,
+/*  0x25 */ x86emuOp_genop_word_AX_IMM,
+/*  0x26 */ x86emuOp_segovr_ES,
+/*  0x27 */ x86emuOp_daa,
+
+/*  0x28 */ x86emuOp_genop_byte_RM_R,
+/*  0x29 */ x86emuOp_genop_word_RM_R,
+/*  0x2a */ x86emuOp_genop_byte_R_RM,
+/*  0x2b */ x86emuOp_genop_word_R_RM,
+/*  0x2c */ x86emuOp_genop_byte_AL_IMM,
+/*  0x2d */ x86emuOp_genop_word_AX_IMM,
+/*  0x2e */ x86emuOp_segovr_CS,
+/*  0x2f */ x86emuOp_das,
+
+/*  0x30 */ x86emuOp_genop_byte_RM_R,
+/*  0x31 */ x86emuOp_genop_word_RM_R,
+/*  0x32 */ x86emuOp_genop_byte_R_RM,
+/*  0x33 */ x86emuOp_genop_word_R_RM,
+/*  0x34 */ x86emuOp_genop_byte_AL_IMM,
+/*  0x35 */ x86emuOp_genop_word_AX_IMM,
+/*  0x36 */ x86emuOp_segovr_SS,
+/*  0x37 */ x86emuOp_aaa,
+
+/*  0x38 */ x86emuOp_genop_byte_RM_R,
+/*  0x39 */ x86emuOp_genop_word_RM_R,
+/*  0x3a */ x86emuOp_genop_byte_R_RM,
+/*  0x3b */ x86emuOp_genop_word_R_RM,
+/*  0x3c */ x86emuOp_genop_byte_AL_IMM,
+/*  0x3d */ x86emuOp_genop_word_AX_IMM,
+/*  0x3e */ x86emuOp_segovr_DS,
+/*  0x3f */ x86emuOp_aas,
+
+/*  0x40 */ x86emuOp_inc_register,
+/*  0x41 */ x86emuOp_inc_register,
+/*  0x42 */ x86emuOp_inc_register,
+/*  0x43 */ x86emuOp_inc_register,
+/*  0x44 */ x86emuOp_inc_register,
+/*  0x45 */ x86emuOp_inc_register,
+/*  0x46 */ x86emuOp_inc_register,
+/*  0x47 */ x86emuOp_inc_register,
+
+/*  0x48 */ x86emuOp_dec_register,
+/*  0x49 */ x86emuOp_dec_register,
+/*  0x4a */ x86emuOp_dec_register,
+/*  0x4b */ x86emuOp_dec_register,
+/*  0x4c */ x86emuOp_dec_register,
+/*  0x4d */ x86emuOp_dec_register,
+/*  0x4e */ x86emuOp_dec_register,
+/*  0x4f */ x86emuOp_dec_register,
+
+/*  0x50 */ x86emuOp_push_register,
+/*  0x51 */ x86emuOp_push_register,
+/*  0x52 */ x86emuOp_push_register,
+/*  0x53 */ x86emuOp_push_register,
+/*  0x54 */ x86emuOp_push_register,
+/*  0x55 */ x86emuOp_push_register,
+/*  0x56 */ x86emuOp_push_register,
+/*  0x57 */ x86emuOp_push_register,
+
+/*  0x58 */ x86emuOp_pop_register,
+/*  0x59 */ x86emuOp_pop_register,
+/*  0x5a */ x86emuOp_pop_register,
+/*  0x5b */ x86emuOp_pop_register,
+/*  0x5c */ x86emuOp_pop_register,
+/*  0x5d */ x86emuOp_pop_register,
+/*  0x5e */ x86emuOp_pop_register,
+/*  0x5f */ x86emuOp_pop_register,
+
+/*  0x60 */ x86emuOp_push_all,
+/*  0x61 */ x86emuOp_pop_all,
+/*  0x62 */ x86emuOp_illegal_op,   /* bound */
+/*  0x63 */ x86emuOp_illegal_op,   /* arpl */
+/*  0x64 */ x86emuOp_segovr_FS,
+/*  0x65 */ x86emuOp_segovr_GS,
+/*  0x66 */ x86emuOp_prefix_data,
+/*  0x67 */ x86emuOp_prefix_addr,
+
+/*  0x68 */ x86emuOp_push_word_IMM,
+/*  0x69 */ x86emuOp_imul_word_IMM,
+/*  0x6a */ x86emuOp_push_byte_IMM,
+/*  0x6b */ x86emuOp_imul_byte_IMM,
+/*  0x6c */ x86emuOp_ins_byte,
+/*  0x6d */ x86emuOp_ins_word,
+/*  0x6e */ x86emuOp_outs_byte,
+/*  0x6f */ x86emuOp_outs_word,
+
+/*  0x70 */ x86emuOp_jump_near_cond,
+/*  0x71 */ x86emuOp_jump_near_cond,
+/*  0x72 */ x86emuOp_jump_near_cond,
+/*  0x73 */ x86emuOp_jump_near_cond,
+/*  0x74 */ x86emuOp_jump_near_cond,
+/*  0x75 */ x86emuOp_jump_near_cond,
+/*  0x76 */ x86emuOp_jump_near_cond,
+/*  0x77 */ x86emuOp_jump_near_cond,
+
+/*  0x78 */ x86emuOp_jump_near_cond,
+/*  0x79 */ x86emuOp_jump_near_cond,
+/*  0x7a */ x86emuOp_jump_near_cond,
+/*  0x7b */ x86emuOp_jump_near_cond,
+/*  0x7c */ x86emuOp_jump_near_cond,
+/*  0x7d */ x86emuOp_jump_near_cond,
+/*  0x7e */ x86emuOp_jump_near_cond,
+/*  0x7f */ x86emuOp_jump_near_cond,
+
+/*  0x80 */ x86emuOp_opc80_byte_RM_IMM,
+/*  0x81 */ x86emuOp_opc81_word_RM_IMM,
+/*  0x82 */ x86emuOp_opc82_byte_RM_IMM,
+/*  0x83 */ x86emuOp_opc83_word_RM_IMM,
+/*  0x84 */ x86emuOp_test_byte_RM_R,
+/*  0x85 */ x86emuOp_test_word_RM_R,
+/*  0x86 */ x86emuOp_xchg_byte_RM_R,
+/*  0x87 */ x86emuOp_xchg_word_RM_R,
+
+/*  0x88 */ x86emuOp_mov_byte_RM_R,
+/*  0x89 */ x86emuOp_mov_word_RM_R,
+/*  0x8a */ x86emuOp_mov_byte_R_RM,
+/*  0x8b */ x86emuOp_mov_word_R_RM,
+/*  0x8c */ x86emuOp_mov_word_RM_SR,
+/*  0x8d */ x86emuOp_lea_word_R_M,
+/*  0x8e */ x86emuOp_mov_word_SR_RM,
+/*  0x8f */ x86emuOp_pop_RM,
+
+/*  0x90 */ x86emuOp_nop,
+/*  0x91 */ x86emuOp_xchg_word_AX_register,
+/*  0x92 */ x86emuOp_xchg_word_AX_register,
+/*  0x93 */ x86emuOp_xchg_word_AX_register,
+/*  0x94 */ x86emuOp_xchg_word_AX_register,
+/*  0x95 */ x86emuOp_xchg_word_AX_register,
+/*  0x96 */ x86emuOp_xchg_word_AX_register,
+/*  0x97 */ x86emuOp_xchg_word_AX_register,
+
+/*  0x98 */ x86emuOp_cbw,
+/*  0x99 */ x86emuOp_cwd,
+/*  0x9a */ x86emuOp_call_far_IMM,
+/*  0x9b */ x86emuOp_wait,
+/*  0x9c */ x86emuOp_pushf_word,
+/*  0x9d */ x86emuOp_popf_word,
+/*  0x9e */ x86emuOp_sahf,
+/*  0x9f */ x86emuOp_lahf,
+
+/*  0xa0 */ x86emuOp_mov_AL_M_IMM,
+/*  0xa1 */ x86emuOp_mov_AX_M_IMM,
+/*  0xa2 */ x86emuOp_mov_M_AL_IMM,
+/*  0xa3 */ x86emuOp_mov_M_AX_IMM,
+/*  0xa4 */ x86emuOp_movs_byte,
+/*  0xa5 */ x86emuOp_movs_word,
+/*  0xa6 */ x86emuOp_cmps_byte,
+/*  0xa7 */ x86emuOp_cmps_word,
+/*  0xa8 */ x86emuOp_test_AL_IMM,
+/*  0xa9 */ x86emuOp_test_AX_IMM,
+/*  0xaa */ x86emuOp_stos_byte,
+/*  0xab */ x86emuOp_stos_word,
+/*  0xac */ x86emuOp_lods_byte,
+/*  0xad */ x86emuOp_lods_word,
+/*  0xac */ x86emuOp_scas_byte,
+/*  0xad */ x86emuOp_scas_word,
+
+/*  0xb0 */ x86emuOp_mov_byte_register_IMM,
+/*  0xb1 */ x86emuOp_mov_byte_register_IMM,
+/*  0xb2 */ x86emuOp_mov_byte_register_IMM,
+/*  0xb3 */ x86emuOp_mov_byte_register_IMM,
+/*  0xb4 */ x86emuOp_mov_byte_register_IMM,
+/*  0xb5 */ x86emuOp_mov_byte_register_IMM,
+/*  0xb6 */ x86emuOp_mov_byte_register_IMM,
+/*  0xb7 */ x86emuOp_mov_byte_register_IMM,
+
+/*  0xb8 */ x86emuOp_mov_word_register_IMM,
+/*  0xb9 */ x86emuOp_mov_word_register_IMM,
+/*  0xba */ x86emuOp_mov_word_register_IMM,
+/*  0xbb */ x86emuOp_mov_word_register_IMM,
+/*  0xbc */ x86emuOp_mov_word_register_IMM,
+/*  0xbd */ x86emuOp_mov_word_register_IMM,
+/*  0xbe */ x86emuOp_mov_word_register_IMM,
+/*  0xbf */ x86emuOp_mov_word_register_IMM,
+
+/*  0xc0 */ x86emuOp_opcC0_byte_RM_MEM,
+/*  0xc1 */ x86emuOp_opcC1_word_RM_MEM,
+/*  0xc2 */ x86emuOp_ret_near_IMM,
+/*  0xc3 */ x86emuOp_ret_near,
+/*  0xc4 */ x86emuOp_les_R_IMM,
+/*  0xc5 */ x86emuOp_lds_R_IMM,
+/*  0xc6 */ x86emuOp_mov_byte_RM_IMM,
+/*  0xc7 */ x86emuOp_mov_word_RM_IMM,
+/*  0xc8 */ x86emuOp_enter,
+/*  0xc9 */ x86emuOp_leave,
+/*  0xca */ x86emuOp_ret_far_IMM,
+/*  0xcb */ x86emuOp_ret_far,
+/*  0xcc */ x86emuOp_int3,
+/*  0xcd */ x86emuOp_int_IMM,
+/*  0xce */ x86emuOp_into,
+/*  0xcf */ x86emuOp_iret,
+
+/*  0xd0 */ x86emuOp_opcD0_byte_RM_1,
+/*  0xd1 */ x86emuOp_opcD1_word_RM_1,
+/*  0xd2 */ x86emuOp_opcD2_byte_RM_CL,
+/*  0xd3 */ x86emuOp_opcD3_word_RM_CL,
+/*  0xd4 */ x86emuOp_aam,
+/*  0xd5 */ x86emuOp_aad,
+/*  0xd6 */ x86emuOp_illegal_op,   /* Undocumented SETALC instruction */
+/*  0xd7 */ x86emuOp_xlat,
+/*  0xd8 */ x86emuOp_esc_coprocess_d8,
+/*  0xd9 */ x86emuOp_esc_coprocess_d9,
+/*  0xda */ x86emuOp_esc_coprocess_da,
+/*  0xdb */ x86emuOp_esc_coprocess_db,
+/*  0xdc */ x86emuOp_esc_coprocess_dc,
+/*  0xdd */ x86emuOp_esc_coprocess_dd,
+/*  0xde */ x86emuOp_esc_coprocess_de,
+/*  0xdf */ x86emuOp_esc_coprocess_df,
+
+/*  0xe0 */ x86emuOp_loopne,
+/*  0xe1 */ x86emuOp_loope,
+/*  0xe2 */ x86emuOp_loop,
+/*  0xe3 */ x86emuOp_jcxz,
+/*  0xe4 */ x86emuOp_in_byte_AL_IMM,
+/*  0xe5 */ x86emuOp_in_word_AX_IMM,
+/*  0xe6 */ x86emuOp_out_byte_IMM_AL,
+/*  0xe7 */ x86emuOp_out_word_IMM_AX,
+
+/*  0xe8 */ x86emuOp_call_near_IMM,
+/*  0xe9 */ x86emuOp_jump_near_IMM,
+/*  0xea */ x86emuOp_jump_far_IMM,
+/*  0xeb */ x86emuOp_jump_byte_IMM,
+/*  0xec */ x86emuOp_in_byte_AL_DX,
+/*  0xed */ x86emuOp_in_word_AX_DX,
+/*  0xee */ x86emuOp_out_byte_DX_AL,
+/*  0xef */ x86emuOp_out_word_DX_AX,
+
+/*  0xf0 */ x86emuOp_lock,
+/*  0xf1 */ x86emuOp_illegal_op,
+/*  0xf2 */ x86emuOp_repne,
+/*  0xf3 */ x86emuOp_repe,
+/*  0xf4 */ x86emuOp_halt,
+/*  0xf5 */ x86emuOp_cmc,
+/*  0xf6 */ x86emuOp_opcF6_byte_RM,
+/*  0xf7 */ x86emuOp_opcF7_word_RM,
+
+/*  0xf8 */ x86emuOp_clc,
+/*  0xf9 */ x86emuOp_stc,
+/*  0xfa */ x86emuOp_cli,
+/*  0xfb */ x86emuOp_sti,
+/*  0xfc */ x86emuOp_cld,
+/*  0xfd */ x86emuOp_std,
+/*  0xfe */ x86emuOp_opcFE_byte_RM,
+/*  0xff */ x86emuOp_opcFF_word_RM,
+};
diff --git a/src/device/oprom/x86emu/ops.h b/src/device/oprom/x86emu/ops.h
new file mode 100644
index 0000000..825b9ea
--- /dev/null
+++ b/src/device/oprom/x86emu/ops.h
@@ -0,0 +1,47 @@
+/****************************************************************************
+*
+*						Realmode X86 Emulator Library
+*
+*            	Copyright (C) 1996-1999 SciTech Software, Inc.
+* 				     Copyright (C) David Mosberger-Tang
+* 					   Copyright (C) 1999 Egbert Eich
+*
+*  ========================================================================
+*
+*  Permission to use, copy, modify, distribute, and sell this software and
+*  its documentation for any purpose is hereby granted without fee,
+*  provided that the above copyright notice appear in all copies and that
+*  both that copyright notice and this permission notice appear in
+*  supporting documentation, and that the name of the authors not be used
+*  in advertising or publicity pertaining to distribution of the software
+*  without specific, written prior permission.  The authors makes no
+*  representations about the suitability of this software for any purpose.
+*  It is provided "as is" without express or implied warranty.
+*
+*  THE AUTHORS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
+*  INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
+*  EVENT SHALL THE AUTHORS BE LIABLE FOR ANY SPECIAL, INDIRECT OR
+*  CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
+*  USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
+*  OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+*  PERFORMANCE OF THIS SOFTWARE.
+*
+*  ========================================================================
+*
+* Language:		ANSI C
+* Environment:	Any
+* Developer:    Kendall Bennett
+*
+* Description:  Header file for operand decoding functions.
+*
+****************************************************************************/
+
+#ifndef __X86EMU_OPS_H
+#define __X86EMU_OPS_H
+
+extern void (*x86emu_optab[0x100])(u8 op1);
+extern void (*x86emu_optab2[0x100])(u8 op2);
+
+int x86emu_check_jump_condition(u8 op);
+
+#endif /* __X86EMU_OPS_H */
diff --git a/src/device/oprom/x86emu/ops2.c b/src/device/oprom/x86emu/ops2.c
new file mode 100644
index 0000000..95ec09a
--- /dev/null
+++ b/src/device/oprom/x86emu/ops2.c
@@ -0,0 +1,1984 @@
+/****************************************************************************
+*
+*                       Realmode X86 Emulator Library
+*
+*               Copyright (C) 1991-2004 SciTech Software, Inc.
+*                    Copyright (C) David Mosberger-Tang
+*                      Copyright (C) 1999 Egbert Eich
+*
+*  ========================================================================
+*
+*  Permission to use, copy, modify, distribute, and sell this software and
+*  its documentation for any purpose is hereby granted without fee,
+*  provided that the above copyright notice appear in all copies and that
+*  both that copyright notice and this permission notice appear in
+*  supporting documentation, and that the name of the authors not be used
+*  in advertising or publicity pertaining to distribution of the software
+*  without specific, written prior permission.  The authors makes no
+*  representations about the suitability of this software for any purpose.
+*  It is provided "as is" without express or implied warranty.
+*
+*  THE AUTHORS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
+*  INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
+*  EVENT SHALL THE AUTHORS BE LIABLE FOR ANY SPECIAL, INDIRECT OR
+*  CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
+*  USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
+*  OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+*  PERFORMANCE OF THIS SOFTWARE.
+*
+*  ========================================================================
+*
+* Language:     ANSI C
+* Environment:  Any
+* Developer:    Kendall Bennett
+*
+* Description:  This file includes subroutines to implement the decoding
+*               and emulation of all the x86 extended two-byte processor
+*               instructions.
+*
+****************************************************************************/
+
+#include "x86emui.h"
+
+/*----------------------------- Implementation ----------------------------*/
+
+/****************************************************************************
+PARAMETERS:
+op1 - Instruction op code
+
+REMARKS:
+Handles illegal opcodes.
+****************************************************************************/
+static void x86emuOp2_illegal_op(u8 op2)
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("ILLEGAL EXTENDED X86 OPCODE\n");
+    TRACE_REGS();
+    printf("%04x:%04x: %02X ILLEGAL EXTENDED X86 OPCODE!\n",
+        M.x86.R_CS, M.x86.R_IP-2, op2);
+    HALT_SYS();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+ * REMARKS:
+ * Handles opcode 0x0f,0x01
+ * ****************************************************************************/
+
+static void x86emuOp2_opc_01(u8 op2)
+{
+  int mod, rl, rh;
+  u16 *destreg;
+  uint destoffset;
+
+  START_OF_INSTR();
+  FETCH_DECODE_MODRM(mod, rh, rl);
+
+  switch(rh) {
+  case 4: // SMSW (Store Machine Status Word)
+          // Decode the mod byte to find the addressing
+          // Dummy implementation: Always returns 0x10 (initial value as per intel manual volume 3, figure 8-1)
+#define SMSW_INITIAL_VALUE	0x10
+    DECODE_PRINTF("SMSW\t");
+    switch (mod) {
+    case 0:
+      destoffset = decode_rm00_address(rl);
+      store_data_word(destoffset, SMSW_INITIAL_VALUE);
+      break;
+    case 1:
+      destoffset = decode_rm01_address(rl);
+      store_data_word(destoffset, SMSW_INITIAL_VALUE);
+      break;
+    case 2:
+      destoffset = decode_rm10_address(rl);
+      store_data_word(destoffset, SMSW_INITIAL_VALUE);
+      break;
+    case 3:
+      destreg = DECODE_RM_WORD_REGISTER(rl);
+      *destreg = SMSW_INITIAL_VALUE;
+      break;
+    }
+    TRACE_AND_STEP();
+    DECODE_CLEAR_SEGOVR();
+    DECODE_PRINTF("\n");
+    break;
+  default:
+    DECODE_PRINTF("ILLEGAL EXTENDED X86 OPCODE IN 0F 01\n");
+    TRACE_REGS();
+    printf("%04x:%04x: %02X ILLEGAL EXTENDED X86 OPCODE!\n",
+        M.x86.R_CS, M.x86.R_IP-2, op2);
+    HALT_SYS();
+    break;
+  }
+
+  END_OF_INSTR();
+}
+
+/****************************************************************************
+ * REMARKS:
+ * Handles opcode 0x0f,0x08
+ * ****************************************************************************/
+static void x86emuOp2_invd(u8 op2)
+{
+  START_OF_INSTR();
+  DECODE_PRINTF("INVD\n");
+  TRACE_AND_STEP();
+  DECODE_CLEAR_SEGOVR();
+  END_OF_INSTR();
+}
+
+/****************************************************************************
+ * REMARKS:
+ * Handles opcode 0x0f,0x09
+ * ****************************************************************************/
+static void x86emuOp2_wbinvd(u8 op2)
+{
+  START_OF_INSTR();
+  DECODE_PRINTF("WBINVD\n");
+  TRACE_AND_STEP();
+  DECODE_CLEAR_SEGOVR();
+  END_OF_INSTR();
+}
+
+/****************************************************************************
+ * REMARKS:
+ * Handles opcode 0x0f,0x30
+ * ****************************************************************************/
+static void x86emuOp2_wrmsr(u8 op2)
+{
+  /* dummy implementation, does nothing */
+
+  START_OF_INSTR();
+  DECODE_PRINTF("WRMSR\n");
+  TRACE_AND_STEP();
+  DECODE_CLEAR_SEGOVR();
+  END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x0f,0x31
+****************************************************************************/
+static void x86emuOp2_rdtsc(u8 X86EMU_UNUSED(op2))
+{
+#ifdef __HAS_LONG_LONG__
+  static u64 counter = 0;
+#else
+  static u32 counter = 0;
+#endif
+
+  counter += 0x10000;
+
+  /* read timestamp counter */
+  /*
+   * Note that instead of actually trying to accurately measure this, we just
+   * increase the counter by a fixed amount every time we hit one of these
+   * instructions.  Feel free to come up with a better method.
+   */
+  START_OF_INSTR();
+  DECODE_PRINTF("RDTSC\n");
+  TRACE_AND_STEP();
+#ifdef __HAS_LONG_LONG__
+  M.x86.R_EAX = counter & 0xffffffff;
+  M.x86.R_EDX = counter >> 32;
+#else
+  M.x86.R_EAX = counter;
+  M.x86.R_EDX = 0;
+#endif
+  DECODE_CLEAR_SEGOVR();
+  END_OF_INSTR();
+}
+
+/****************************************************************************
+ * REMARKS:
+ * Handles opcode 0x0f,0x32
+ * ****************************************************************************/
+static void x86emuOp2_rdmsr(u8 op2)
+{
+  /* dummy implementation, always return 0 */
+
+  START_OF_INSTR();
+  DECODE_PRINTF("RDMSR\n");
+  TRACE_AND_STEP();
+  M.x86.R_EDX = 0;
+  M.x86.R_EAX = 0;
+  DECODE_CLEAR_SEGOVR();
+  END_OF_INSTR();
+}
+
+#define xorl(a,b)   (((a) && !(b)) || (!(a) && (b)))
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x0f,0x80-0x8F
+****************************************************************************/
+int x86emu_check_jump_condition(u8 op)
+{
+    switch (op) {
+      case 0x0:
+        DECODE_PRINTF("JO\t");
+        return ACCESS_FLAG(F_OF);
+      case 0x1:
+        DECODE_PRINTF("JNO\t");
+        return !ACCESS_FLAG(F_OF);
+        break;
+      case 0x2:
+        DECODE_PRINTF("JB\t");
+        return ACCESS_FLAG(F_CF);
+        break;
+      case 0x3:
+        DECODE_PRINTF("JNB\t");
+        return !ACCESS_FLAG(F_CF);
+        break;
+      case 0x4:
+        DECODE_PRINTF("JZ\t");
+        return ACCESS_FLAG(F_ZF);
+        break;
+      case 0x5:
+        DECODE_PRINTF("JNZ\t");
+        return !ACCESS_FLAG(F_ZF);
+        break;
+      case 0x6:
+        DECODE_PRINTF("JBE\t");
+        return ACCESS_FLAG(F_CF) || ACCESS_FLAG(F_ZF);
+        break;
+      case 0x7:
+        DECODE_PRINTF("JNBE\t");
+        return !(ACCESS_FLAG(F_CF) || ACCESS_FLAG(F_ZF));
+        break;
+      case 0x8:
+        DECODE_PRINTF("JS\t");
+        return ACCESS_FLAG(F_SF);
+        break;
+      case 0x9:
+        DECODE_PRINTF("JNS\t");
+        return !ACCESS_FLAG(F_SF);
+        break;
+      case 0xa:
+        DECODE_PRINTF("JP\t");
+        return ACCESS_FLAG(F_PF);
+        break;
+      case 0xb:
+        DECODE_PRINTF("JNP\t");
+        return !ACCESS_FLAG(F_PF);
+        break;
+      case 0xc:
+        DECODE_PRINTF("JL\t");
+        return xorl(ACCESS_FLAG(F_SF), ACCESS_FLAG(F_OF));
+        break;
+      case 0xd:
+        DECODE_PRINTF("JNL\t");
+        return !xorl(ACCESS_FLAG(F_SF), ACCESS_FLAG(F_OF));
+        break;
+      case 0xe:
+        DECODE_PRINTF("JLE\t");
+        return (xorl(ACCESS_FLAG(F_SF), ACCESS_FLAG(F_OF)) ||
+                ACCESS_FLAG(F_ZF));
+        break;
+      default:
+        DECODE_PRINTF("JNLE\t");
+        return !(xorl(ACCESS_FLAG(F_SF), ACCESS_FLAG(F_OF)) ||
+                 ACCESS_FLAG(F_ZF));
+    }
+}
+
+static void x86emuOp2_long_jump(u8 op2)
+{
+    s32 target;
+    int cond;
+
+    /* conditional jump to word offset. */
+    START_OF_INSTR();
+    cond = x86emu_check_jump_condition(op2 & 0xF);
+    target = (s16) fetch_word_imm();
+    target += (s16) M.x86.R_IP;
+    DECODE_PRINTF2("%04x\n", target);
+    TRACE_AND_STEP();
+    if (cond) {
+        M.x86.R_IP = (u16)target;
+	JMP_TRACE(M.x86.saved_cs, M.x86.saved_ip, M.x86.R_CS, M.x86.R_IP, " LONG COND ");
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x0f,0xC8-0xCF
+****************************************************************************/
+static s32 x86emu_bswap(s32 reg)
+{
+   // perform the byte swap
+   s32 temp = reg;
+   reg = (temp & 0xFF000000) >> 24 |
+         (temp & 0xFF0000) >> 8 |
+         (temp & 0xFF00) << 8 |
+         (temp & 0xFF) << 24;
+   return reg;
+}
+
+static void x86emuOp2_bswap(u8 op2)
+{
+    /* byte swap 32 bit register */
+    START_OF_INSTR();
+    DECODE_PRINTF("BSWAP\t");
+    switch (op2) {
+      case 0xc8:
+        DECODE_PRINTF("EAX\n");
+        M.x86.R_EAX = x86emu_bswap(M.x86.R_EAX);
+        break;
+      case 0xc9:
+        DECODE_PRINTF("ECX\n");
+        M.x86.R_ECX = x86emu_bswap(M.x86.R_ECX);
+        break;
+      case 0xca:
+        DECODE_PRINTF("EDX\n");
+        M.x86.R_EDX = x86emu_bswap(M.x86.R_EDX);
+        break;
+      case 0xcb:
+        DECODE_PRINTF("EBX\n");
+        M.x86.R_EBX = x86emu_bswap(M.x86.R_EBX);
+        break;
+      case 0xcc:
+        DECODE_PRINTF("ESP\n");
+        M.x86.R_ESP = x86emu_bswap(M.x86.R_ESP);
+        break;
+      case 0xcd:
+        DECODE_PRINTF("EBP\n");
+        M.x86.R_EBP = x86emu_bswap(M.x86.R_EBP);
+        break;
+      case 0xce:
+        DECODE_PRINTF("ESI\n");
+        M.x86.R_ESI = x86emu_bswap(M.x86.R_ESI);
+        break;
+      case 0xcf:
+        DECODE_PRINTF("EDI\n");
+        M.x86.R_EDI = x86emu_bswap(M.x86.R_EDI);
+        break;
+    }
+    TRACE_AND_STEP();
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x0f,0x90-0x9F
+****************************************************************************/
+static void x86emuOp2_set_byte(u8 op2)
+{
+    int mod, rl, rh;
+    uint destoffset;
+    u8  *destreg;
+    const char *X86EMU_DEBUG_ONLY(name) = NULL;
+    int cond = 0;
+
+    START_OF_INSTR();
+    switch (op2) {
+      case 0x90:
+        name = "SETO\t";
+        cond =  ACCESS_FLAG(F_OF);
+        break;
+      case 0x91:
+        name = "SETNO\t";
+        cond = !ACCESS_FLAG(F_OF);
+        break;
+      case 0x92:
+        name = "SETB\t";
+        cond = ACCESS_FLAG(F_CF);
+        break;
+      case 0x93:
+        name = "SETNB\t";
+        cond = !ACCESS_FLAG(F_CF);
+        break;
+      case 0x94:
+        name = "SETZ\t";
+        cond = ACCESS_FLAG(F_ZF);
+        break;
+      case 0x95:
+        name = "SETNZ\t";
+        cond = !ACCESS_FLAG(F_ZF);
+        break;
+      case 0x96:
+        name = "SETBE\t";
+        cond = ACCESS_FLAG(F_CF) || ACCESS_FLAG(F_ZF);
+        break;
+      case 0x97:
+        name = "SETNBE\t";
+        cond = !(ACCESS_FLAG(F_CF) || ACCESS_FLAG(F_ZF));
+        break;
+      case 0x98:
+        name = "SETS\t";
+        cond = ACCESS_FLAG(F_SF);
+        break;
+      case 0x99:
+        name = "SETNS\t";
+        cond = !ACCESS_FLAG(F_SF);
+        break;
+      case 0x9a:
+        name = "SETP\t";
+        cond = ACCESS_FLAG(F_PF);
+        break;
+      case 0x9b:
+        name = "SETNP\t";
+        cond = !ACCESS_FLAG(F_PF);
+        break;
+      case 0x9c:
+        name = "SETL\t";
+        cond = xorl(ACCESS_FLAG(F_SF), ACCESS_FLAG(F_OF));
+        break;
+      case 0x9d:
+        name = "SETNL\t";
+        cond = !xorl(ACCESS_FLAG(F_SF), ACCESS_FLAG(F_OF));
+        break;
+      case 0x9e:
+        name = "SETLE\t";
+        cond = (xorl(ACCESS_FLAG(F_SF), ACCESS_FLAG(F_OF)) ||
+                ACCESS_FLAG(F_ZF));
+        break;
+      case 0x9f:
+        name = "SETNLE\t";
+        cond = !(xorl(ACCESS_FLAG(F_SF), ACCESS_FLAG(F_OF)) ||
+                 ACCESS_FLAG(F_ZF));
+        break;
+    }
+    DECODE_PRINTF(name);
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (mod < 3) {
+        destoffset = decode_rmXX_address(mod, rl);
+        TRACE_AND_STEP();
+        store_data_byte(destoffset, cond ? 0x01 : 0x00);
+    } else {                     /* register to register */
+        destreg = DECODE_RM_BYTE_REGISTER(rl);
+        TRACE_AND_STEP();
+        *destreg = cond ? 0x01 : 0x00;
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x0f,0xa0
+****************************************************************************/
+static void x86emuOp2_push_FS(u8 X86EMU_UNUSED(op2))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("PUSH\tFS\n");
+    TRACE_AND_STEP();
+    push_word(M.x86.R_FS);
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x0f,0xa1
+****************************************************************************/
+static void x86emuOp2_pop_FS(u8 X86EMU_UNUSED(op2))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("POP\tFS\n");
+    TRACE_AND_STEP();
+    M.x86.R_FS = pop_word();
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS: CPUID takes EAX/ECX as inputs, writes EAX/EBX/ECX/EDX as output
+Handles opcode 0x0f,0xa2
+****************************************************************************/
+static void x86emuOp2_cpuid(u8 X86EMU_UNUSED(op2))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("CPUID\n");
+    TRACE_AND_STEP();
+    x86emu_cpuid();
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x0f,0xa3
+****************************************************************************/
+static void x86emuOp2_bt_R(u8 X86EMU_UNUSED(op2))
+{
+    int mod, rl, rh;
+    uint srcoffset;
+    int bit,disp;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("BT\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (mod < 3) {
+        srcoffset = decode_rmXX_address(mod, rl);
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 srcval;
+            u32 *shiftreg;
+
+            DECODE_PRINTF(",");
+            shiftreg = DECODE_RM_LONG_REGISTER(rh);
+            TRACE_AND_STEP();
+            bit = *shiftreg & 0x1F;
+            disp = (s16)*shiftreg >> 5;
+            srcval = fetch_data_long(srcoffset+disp);
+            CONDITIONAL_SET_FLAG(srcval & (0x1 << bit),F_CF);
+        } else {
+            u16 srcval;
+            u16 *shiftreg;
+
+            DECODE_PRINTF(",");
+            shiftreg = DECODE_RM_WORD_REGISTER(rh);
+            TRACE_AND_STEP();
+            bit = *shiftreg & 0xF;
+            disp = (s16)*shiftreg >> 4;
+            srcval = fetch_data_word(srcoffset+disp);
+            CONDITIONAL_SET_FLAG(srcval & (0x1 << bit),F_CF);
+        }
+    } else {                     /* register to register */
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 *srcreg,*shiftreg;
+
+            srcreg = DECODE_RM_LONG_REGISTER(rl);
+            DECODE_PRINTF(",");
+            shiftreg = DECODE_RM_LONG_REGISTER(rh);
+            TRACE_AND_STEP();
+            bit = *shiftreg & 0x1F;
+            CONDITIONAL_SET_FLAG(*srcreg & (0x1 << bit),F_CF);
+        } else {
+            u16 *srcreg,*shiftreg;
+
+            srcreg = DECODE_RM_WORD_REGISTER(rl);
+            DECODE_PRINTF(",");
+            shiftreg = DECODE_RM_WORD_REGISTER(rh);
+            TRACE_AND_STEP();
+            bit = *shiftreg & 0xF;
+            CONDITIONAL_SET_FLAG(*srcreg & (0x1 << bit),F_CF);
+        }
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x0f,0xa4
+****************************************************************************/
+static void x86emuOp2_shld_IMM(u8 X86EMU_UNUSED(op2))
+{
+    int mod, rl, rh;
+    uint destoffset;
+    u8 shift;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("SHLD\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (mod < 3) {
+        destoffset = decode_rmXX_address(mod, rl);
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 destval;
+            u32 *shiftreg;
+
+            DECODE_PRINTF(",");
+            shiftreg = DECODE_RM_LONG_REGISTER(rh);
+            DECODE_PRINTF(",");
+            shift = fetch_byte_imm();
+            DECODE_PRINTF2("%d\n", shift);
+            TRACE_AND_STEP();
+            destval = fetch_data_long(destoffset);
+            destval = shld_long(destval,*shiftreg,shift);
+            store_data_long(destoffset, destval);
+        } else {
+            u16 destval;
+            u16 *shiftreg;
+
+            DECODE_PRINTF(",");
+            shiftreg = DECODE_RM_WORD_REGISTER(rh);
+            DECODE_PRINTF(",");
+            shift = fetch_byte_imm();
+            DECODE_PRINTF2("%d\n", shift);
+            TRACE_AND_STEP();
+            destval = fetch_data_word(destoffset);
+            destval = shld_word(destval,*shiftreg,shift);
+            store_data_word(destoffset, destval);
+        }
+    } else {                     /* register to register */
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 *destreg,*shiftreg;
+
+            destreg = DECODE_RM_LONG_REGISTER(rl);
+            DECODE_PRINTF(",");
+            shiftreg = DECODE_RM_LONG_REGISTER(rh);
+            DECODE_PRINTF(",");
+            shift = fetch_byte_imm();
+            DECODE_PRINTF2("%d\n", shift);
+            TRACE_AND_STEP();
+            *destreg = shld_long(*destreg,*shiftreg,shift);
+        } else {
+            u16 *destreg,*shiftreg;
+
+            destreg = DECODE_RM_WORD_REGISTER(rl);
+            DECODE_PRINTF(",");
+            shiftreg = DECODE_RM_WORD_REGISTER(rh);
+            DECODE_PRINTF(",");
+            shift = fetch_byte_imm();
+            DECODE_PRINTF2("%d\n", shift);
+            TRACE_AND_STEP();
+            *destreg = shld_word(*destreg,*shiftreg,shift);
+        }
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x0f,0xa5
+****************************************************************************/
+static void x86emuOp2_shld_CL(u8 X86EMU_UNUSED(op2))
+{
+    int mod, rl, rh;
+    uint destoffset;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("SHLD\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (mod < 3) {
+        destoffset = decode_rmXX_address(mod, rl);
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 destval;
+            u32 *shiftreg;
+
+            DECODE_PRINTF(",");
+            shiftreg = DECODE_RM_LONG_REGISTER(rh);
+            DECODE_PRINTF(",CL\n");
+            TRACE_AND_STEP();
+            destval = fetch_data_long(destoffset);
+            destval = shld_long(destval,*shiftreg,M.x86.R_CL);
+            store_data_long(destoffset, destval);
+        } else {
+            u16 destval;
+            u16 *shiftreg;
+
+            DECODE_PRINTF(",");
+            shiftreg = DECODE_RM_WORD_REGISTER(rh);
+            DECODE_PRINTF(",CL\n");
+            TRACE_AND_STEP();
+            destval = fetch_data_word(destoffset);
+            destval = shld_word(destval,*shiftreg,M.x86.R_CL);
+            store_data_word(destoffset, destval);
+        }
+    } else {                     /* register to register */
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 *destreg,*shiftreg;
+
+            destreg = DECODE_RM_LONG_REGISTER(rl);
+            DECODE_PRINTF(",");
+            shiftreg = DECODE_RM_LONG_REGISTER(rh);
+            DECODE_PRINTF(",CL\n");
+            TRACE_AND_STEP();
+            *destreg = shld_long(*destreg,*shiftreg,M.x86.R_CL);
+        } else {
+            u16 *destreg,*shiftreg;
+
+            destreg = DECODE_RM_WORD_REGISTER(rl);
+            DECODE_PRINTF(",");
+            shiftreg = DECODE_RM_WORD_REGISTER(rh);
+            DECODE_PRINTF(",CL\n");
+            TRACE_AND_STEP();
+            *destreg = shld_word(*destreg,*shiftreg,M.x86.R_CL);
+        }
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x0f,0xa8
+****************************************************************************/
+static void x86emuOp2_push_GS(u8 X86EMU_UNUSED(op2))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("PUSH\tGS\n");
+    TRACE_AND_STEP();
+    push_word(M.x86.R_GS);
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x0f,0xa9
+****************************************************************************/
+static void x86emuOp2_pop_GS(u8 X86EMU_UNUSED(op2))
+{
+    START_OF_INSTR();
+    DECODE_PRINTF("POP\tGS\n");
+    TRACE_AND_STEP();
+    M.x86.R_GS = pop_word();
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x0f,0xab
+****************************************************************************/
+static void x86emuOp2_bts_R(u8 X86EMU_UNUSED(op2))
+{
+    int mod, rl, rh;
+    uint srcoffset;
+    int bit,disp;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("BTS\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (mod < 3) {
+        srcoffset = decode_rmXX_address(mod, rl);
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 srcval,mask;
+            u32 *shiftreg;
+
+            DECODE_PRINTF(",");
+            shiftreg = DECODE_RM_LONG_REGISTER(rh);
+            TRACE_AND_STEP();
+            bit = *shiftreg & 0x1F;
+            disp = (s16)*shiftreg >> 5;
+            srcval = fetch_data_long(srcoffset+disp);
+            mask = (0x1 << bit);
+            CONDITIONAL_SET_FLAG(srcval & mask,F_CF);
+            store_data_long(srcoffset+disp, srcval | mask);
+        } else {
+            u16 srcval,mask;
+            u16 *shiftreg;
+
+            DECODE_PRINTF(",");
+            shiftreg = DECODE_RM_WORD_REGISTER(rh);
+            TRACE_AND_STEP();
+            bit = *shiftreg & 0xF;
+            disp = (s16)*shiftreg >> 4;
+            srcval = fetch_data_word(srcoffset+disp);
+            mask = (u16)(0x1 << bit);
+            CONDITIONAL_SET_FLAG(srcval & mask,F_CF);
+            store_data_word(srcoffset+disp, srcval | mask);
+        }
+    } else {                     /* register to register */
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 *srcreg,*shiftreg;
+            u32 mask;
+
+            srcreg = DECODE_RM_LONG_REGISTER(rl);
+            DECODE_PRINTF(",");
+            shiftreg = DECODE_RM_LONG_REGISTER(rh);
+            TRACE_AND_STEP();
+            bit = *shiftreg & 0x1F;
+            mask = (0x1 << bit);
+            CONDITIONAL_SET_FLAG(*srcreg & mask,F_CF);
+            *srcreg |= mask;
+        } else {
+            u16 *srcreg,*shiftreg;
+            u16 mask;
+
+            srcreg = DECODE_RM_WORD_REGISTER(rl);
+            DECODE_PRINTF(",");
+            shiftreg = DECODE_RM_WORD_REGISTER(rh);
+            TRACE_AND_STEP();
+            bit = *shiftreg & 0xF;
+            mask = (u16)(0x1 << bit);
+            CONDITIONAL_SET_FLAG(*srcreg & mask,F_CF);
+            *srcreg |= mask;
+        }
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x0f,0xac
+****************************************************************************/
+static void x86emuOp2_shrd_IMM(u8 X86EMU_UNUSED(op2))
+{
+    int mod, rl, rh;
+    uint destoffset;
+    u8 shift;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("SHLD\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (mod < 3) {
+        destoffset = decode_rmXX_address(mod, rl);
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 destval;
+            u32 *shiftreg;
+
+            DECODE_PRINTF(",");
+            shiftreg = DECODE_RM_LONG_REGISTER(rh);
+            DECODE_PRINTF(",");
+            shift = fetch_byte_imm();
+            DECODE_PRINTF2("%d\n", shift);
+            TRACE_AND_STEP();
+            destval = fetch_data_long(destoffset);
+            destval = shrd_long(destval,*shiftreg,shift);
+            store_data_long(destoffset, destval);
+        } else {
+            u16 destval;
+            u16 *shiftreg;
+
+            DECODE_PRINTF(",");
+            shiftreg = DECODE_RM_WORD_REGISTER(rh);
+            DECODE_PRINTF(",");
+            shift = fetch_byte_imm();
+            DECODE_PRINTF2("%d\n", shift);
+            TRACE_AND_STEP();
+            destval = fetch_data_word(destoffset);
+            destval = shrd_word(destval,*shiftreg,shift);
+            store_data_word(destoffset, destval);
+        }
+    } else {                     /* register to register */
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 *destreg,*shiftreg;
+
+            destreg = DECODE_RM_LONG_REGISTER(rl);
+            DECODE_PRINTF(",");
+            shiftreg = DECODE_RM_LONG_REGISTER(rh);
+            DECODE_PRINTF(",");
+            shift = fetch_byte_imm();
+            DECODE_PRINTF2("%d\n", shift);
+            TRACE_AND_STEP();
+            *destreg = shrd_long(*destreg,*shiftreg,shift);
+        } else {
+            u16 *destreg,*shiftreg;
+
+            destreg = DECODE_RM_WORD_REGISTER(rl);
+            DECODE_PRINTF(",");
+            shiftreg = DECODE_RM_WORD_REGISTER(rh);
+            DECODE_PRINTF(",");
+            shift = fetch_byte_imm();
+            DECODE_PRINTF2("%d\n", shift);
+            TRACE_AND_STEP();
+            *destreg = shrd_word(*destreg,*shiftreg,shift);
+        }
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x0f,0xad
+****************************************************************************/
+static void x86emuOp2_shrd_CL(u8 X86EMU_UNUSED(op2))
+{
+    int mod, rl, rh;
+    uint destoffset;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("SHLD\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (mod < 3) {
+        destoffset = decode_rmXX_address(mod, rl);
+        DECODE_PRINTF(",");
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 destval;
+            u32 *shiftreg;
+
+            shiftreg = DECODE_RM_LONG_REGISTER(rh);
+            DECODE_PRINTF(",CL\n");
+            TRACE_AND_STEP();
+            destval = fetch_data_long(destoffset);
+            destval = shrd_long(destval,*shiftreg,M.x86.R_CL);
+            store_data_long(destoffset, destval);
+        } else {
+            u16 destval;
+            u16 *shiftreg;
+
+            shiftreg = DECODE_RM_WORD_REGISTER(rh);
+            DECODE_PRINTF(",CL\n");
+            TRACE_AND_STEP();
+            destval = fetch_data_word(destoffset);
+            destval = shrd_word(destval,*shiftreg,M.x86.R_CL);
+            store_data_word(destoffset, destval);
+        }
+    } else {                     /* register to register */
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 *destreg,*shiftreg;
+
+            destreg = DECODE_RM_LONG_REGISTER(rl);
+            DECODE_PRINTF(",");
+            shiftreg = DECODE_RM_LONG_REGISTER(rh);
+            DECODE_PRINTF(",CL\n");
+            TRACE_AND_STEP();
+            *destreg = shrd_long(*destreg,*shiftreg,M.x86.R_CL);
+        } else {
+            u16 *destreg,*shiftreg;
+
+            destreg = DECODE_RM_WORD_REGISTER(rl);
+            DECODE_PRINTF(",");
+            shiftreg = DECODE_RM_WORD_REGISTER(rh);
+            DECODE_PRINTF(",CL\n");
+            TRACE_AND_STEP();
+            *destreg = shrd_word(*destreg,*shiftreg,M.x86.R_CL);
+        }
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x0f,0xaf
+****************************************************************************/
+static void x86emuOp2_imul_R_RM(u8 X86EMU_UNUSED(op2))
+{
+    int mod, rl, rh;
+    uint srcoffset;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("IMUL\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (mod < 3) {
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 *destreg;
+            u32 srcval;
+            u32 res_lo,res_hi;
+
+            destreg = DECODE_RM_LONG_REGISTER(rh);
+            DECODE_PRINTF(",");
+            srcoffset = decode_rmXX_address(mod, rl);
+            srcval = fetch_data_long(srcoffset);
+            TRACE_AND_STEP();
+            imul_long_direct(&res_lo,&res_hi,(s32)*destreg,(s32)srcval);
+            if (res_hi != 0) {
+                SET_FLAG(F_CF);
+                SET_FLAG(F_OF);
+            } else {
+                CLEAR_FLAG(F_CF);
+                CLEAR_FLAG(F_OF);
+            }
+            *destreg = (u32)res_lo;
+        } else {
+            u16 *destreg;
+            u16 srcval;
+            u32 res;
+
+            destreg = DECODE_RM_WORD_REGISTER(rh);
+            DECODE_PRINTF(",");
+            srcoffset = decode_rmXX_address(mod, rl);
+            srcval = fetch_data_word(srcoffset);
+            TRACE_AND_STEP();
+            res = (s16)*destreg * (s16)srcval;
+            if (res > 0xFFFF) {
+                SET_FLAG(F_CF);
+                SET_FLAG(F_OF);
+            } else {
+                CLEAR_FLAG(F_CF);
+                CLEAR_FLAG(F_OF);
+            }
+            *destreg = (u16)res;
+        }
+    } else {                     /* register to register */
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 *destreg,*srcreg;
+            u32 res_lo,res_hi;
+
+            destreg = DECODE_RM_LONG_REGISTER(rh);
+            DECODE_PRINTF(",");
+            srcreg = DECODE_RM_LONG_REGISTER(rl);
+            TRACE_AND_STEP();
+            imul_long_direct(&res_lo,&res_hi,(s32)*destreg,(s32)*srcreg);
+            if (res_hi != 0) {
+                SET_FLAG(F_CF);
+                SET_FLAG(F_OF);
+            } else {
+                CLEAR_FLAG(F_CF);
+                CLEAR_FLAG(F_OF);
+            }
+            *destreg = (u32)res_lo;
+        } else {
+            u16 *destreg,*srcreg;
+            u32 res;
+
+            destreg = DECODE_RM_WORD_REGISTER(rh);
+            DECODE_PRINTF(",");
+            srcreg = DECODE_RM_WORD_REGISTER(rl);
+            res = (s16)*destreg * (s16)*srcreg;
+            if (res > 0xFFFF) {
+                SET_FLAG(F_CF);
+                SET_FLAG(F_OF);
+            } else {
+                CLEAR_FLAG(F_CF);
+                CLEAR_FLAG(F_OF);
+            }
+            *destreg = (u16)res;
+        }
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x0f,0xb2
+****************************************************************************/
+static void x86emuOp2_lss_R_IMM(u8 X86EMU_UNUSED(op2))
+{
+    int mod, rh, rl;
+    u16 *dstreg;
+    uint srcoffset;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("LSS\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (mod < 3) {
+        dstreg = DECODE_RM_WORD_REGISTER(rh);
+        DECODE_PRINTF(",");
+        srcoffset = decode_rmXX_address(mod, rl);
+        DECODE_PRINTF("\n");
+        TRACE_AND_STEP();
+        *dstreg = fetch_data_word(srcoffset);
+        M.x86.R_SS = fetch_data_word(srcoffset + 2);
+    } else {                     /* register to register */
+        /* UNDEFINED! */
+        TRACE_AND_STEP();
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x0f,0xb3
+****************************************************************************/
+static void x86emuOp2_btr_R(u8 X86EMU_UNUSED(op2))
+{
+    int mod, rl, rh;
+    uint srcoffset;
+    int bit,disp;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("BTR\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (mod < 3) {
+        srcoffset = decode_rmXX_address(mod, rl);
+        DECODE_PRINTF(",");
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 srcval,mask;
+            u32 *shiftreg;
+
+            shiftreg = DECODE_RM_LONG_REGISTER(rh);
+            TRACE_AND_STEP();
+            bit = *shiftreg & 0x1F;
+            disp = (s16)*shiftreg >> 5;
+            srcval = fetch_data_long(srcoffset+disp);
+            mask = (0x1 << bit);
+            CONDITIONAL_SET_FLAG(srcval & mask,F_CF);
+            store_data_long(srcoffset+disp, srcval & ~mask);
+        } else {
+            u16 srcval,mask;
+            u16 *shiftreg;
+
+            shiftreg = DECODE_RM_WORD_REGISTER(rh);
+            TRACE_AND_STEP();
+            bit = *shiftreg & 0xF;
+            disp = (s16)*shiftreg >> 4;
+            srcval = fetch_data_word(srcoffset+disp);
+            mask = (u16)(0x1 << bit);
+            CONDITIONAL_SET_FLAG(srcval & mask,F_CF);
+            store_data_word(srcoffset+disp, (u16)(srcval & ~mask));
+        }
+    } else {                     /* register to register */
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 *srcreg,*shiftreg;
+            u32 mask;
+
+            srcreg = DECODE_RM_LONG_REGISTER(rl);
+            DECODE_PRINTF(",");
+            shiftreg = DECODE_RM_LONG_REGISTER(rh);
+            TRACE_AND_STEP();
+            bit = *shiftreg & 0x1F;
+            mask = (0x1 << bit);
+            CONDITIONAL_SET_FLAG(*srcreg & mask,F_CF);
+            *srcreg &= ~mask;
+        } else {
+            u16 *srcreg,*shiftreg;
+            u16 mask;
+
+            srcreg = DECODE_RM_WORD_REGISTER(rl);
+            DECODE_PRINTF(",");
+            shiftreg = DECODE_RM_WORD_REGISTER(rh);
+            TRACE_AND_STEP();
+            bit = *shiftreg & 0xF;
+            mask = (u16)(0x1 << bit);
+            CONDITIONAL_SET_FLAG(*srcreg & mask,F_CF);
+            *srcreg &= ~mask;
+        }
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x0f,0xb4
+****************************************************************************/
+static void x86emuOp2_lfs_R_IMM(u8 X86EMU_UNUSED(op2))
+{
+    int mod, rh, rl;
+    u16 *dstreg;
+    uint srcoffset;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("LFS\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (mod < 3) {
+        dstreg = DECODE_RM_WORD_REGISTER(rh);
+        DECODE_PRINTF(",");
+        srcoffset = decode_rmXX_address(mod, rl);
+        DECODE_PRINTF("\n");
+        TRACE_AND_STEP();
+        *dstreg = fetch_data_word(srcoffset);
+        M.x86.R_FS = fetch_data_word(srcoffset + 2);
+    } else {                     /* register to register */
+        /* UNDEFINED! */
+        TRACE_AND_STEP();
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x0f,0xb5
+****************************************************************************/
+static void x86emuOp2_lgs_R_IMM(u8 X86EMU_UNUSED(op2))
+{
+    int mod, rh, rl;
+    u16 *dstreg;
+    uint srcoffset;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("LGS\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (mod < 3) {
+        dstreg = DECODE_RM_WORD_REGISTER(rh);
+        DECODE_PRINTF(",");
+        srcoffset = decode_rmXX_address(mod, rl);
+        DECODE_PRINTF("\n");
+        TRACE_AND_STEP();
+        *dstreg = fetch_data_word(srcoffset);
+        M.x86.R_GS = fetch_data_word(srcoffset + 2);
+    } else {                     /* register to register */
+        /* UNDEFINED! */
+        TRACE_AND_STEP();
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x0f,0xb6
+****************************************************************************/
+static void x86emuOp2_movzx_byte_R_RM(u8 X86EMU_UNUSED(op2))
+{
+    int mod, rl, rh;
+    uint srcoffset;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("MOVZX\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (mod < 3) {
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 *destreg;
+            u32 srcval;
+
+            destreg = DECODE_RM_LONG_REGISTER(rh);
+            DECODE_PRINTF(",");
+            srcoffset = decode_rmXX_address(mod, rl);
+            srcval = fetch_data_byte(srcoffset);
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            *destreg = srcval;
+        } else {
+            u16 *destreg;
+            u16 srcval;
+
+            destreg = DECODE_RM_WORD_REGISTER(rh);
+            DECODE_PRINTF(",");
+            srcoffset = decode_rmXX_address(mod, rl);
+            srcval = fetch_data_byte(srcoffset);
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            *destreg = srcval;
+        }
+    } else {                     /* register to register */
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 *destreg;
+            u8  *srcreg;
+
+            destreg = DECODE_RM_LONG_REGISTER(rh);
+            DECODE_PRINTF(",");
+            srcreg = DECODE_RM_BYTE_REGISTER(rl);
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            *destreg = *srcreg;
+        } else {
+            u16 *destreg;
+            u8  *srcreg;
+
+            destreg = DECODE_RM_WORD_REGISTER(rh);
+            DECODE_PRINTF(",");
+            srcreg = DECODE_RM_BYTE_REGISTER(rl);
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            *destreg = *srcreg;
+        }
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x0f,0xb7
+****************************************************************************/
+static void x86emuOp2_movzx_word_R_RM(u8 X86EMU_UNUSED(op2))
+{
+    int mod, rl, rh;
+    uint srcoffset;
+    u32 *destreg;
+    u32 srcval;
+    u16 *srcreg;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("MOVZX\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (mod < 3) {
+        destreg = DECODE_RM_LONG_REGISTER(rh);
+        DECODE_PRINTF(",");
+        srcoffset = decode_rmXX_address(mod, rl);
+        srcval = fetch_data_word(srcoffset);
+        DECODE_PRINTF("\n");
+        TRACE_AND_STEP();
+        *destreg = srcval;
+    } else {                     /* register to register */
+        destreg = DECODE_RM_LONG_REGISTER(rh);
+        DECODE_PRINTF(",");
+        srcreg = DECODE_RM_WORD_REGISTER(rl);
+        DECODE_PRINTF("\n");
+        TRACE_AND_STEP();
+        *destreg = *srcreg;
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x0f,0xba
+****************************************************************************/
+static void x86emuOp2_btX_I(u8 X86EMU_UNUSED(op2))
+{
+    int mod, rl, rh;
+    uint srcoffset;
+    u8 shift;
+    int bit;
+
+    START_OF_INSTR();
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    switch (rh) {
+    case 4:
+        DECODE_PRINTF("BT\t");
+        break;
+    case 5:
+        DECODE_PRINTF("BTS\t");
+        break;
+    case 6:
+        DECODE_PRINTF("BTR\t");
+        break;
+    case 7:
+        DECODE_PRINTF("BTC\t");
+        break;
+    default:
+        DECODE_PRINTF("ILLEGAL EXTENDED X86 OPCODE\n");
+        TRACE_REGS();
+        printf("%04x:%04x: %02X%02X ILLEGAL EXTENDED X86 OPCODE EXTENSION!\n",
+                M.x86.R_CS, M.x86.R_IP-3,op2, (mod<<6)|(rh<<3)|rl);
+        HALT_SYS();
+    }
+    if (mod < 3) {
+
+        srcoffset = decode_rmXX_address(mod, rl);
+        shift = fetch_byte_imm();
+        DECODE_PRINTF2(",%d\n", shift);
+        TRACE_AND_STEP();
+
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 srcval, mask;
+
+            bit = shift & 0x1F;
+            srcval = fetch_data_long(srcoffset);
+            mask = (0x1 << bit);
+            CONDITIONAL_SET_FLAG(srcval & mask,F_CF);
+            switch (rh) {
+            case 5:
+                store_data_long(srcoffset, srcval | mask);
+                break;
+            case 6:
+                store_data_long(srcoffset, srcval & ~mask);
+                break;
+            case 7:
+                store_data_long(srcoffset, srcval ^ mask);
+                break;
+            default:
+                break;
+            }
+        } else {
+            u16 srcval, mask;
+
+            bit = shift & 0xF;
+            srcval = fetch_data_word(srcoffset);
+            mask = (0x1 << bit);
+            CONDITIONAL_SET_FLAG(srcval & mask,F_CF);
+            switch (rh) {
+            case 5:
+                store_data_word(srcoffset, srcval | mask);
+                break;
+            case 6:
+                store_data_word(srcoffset, srcval & ~mask);
+                break;
+            case 7:
+                store_data_word(srcoffset, srcval ^ mask);
+                break;
+            default:
+                break;
+            }
+        }
+    } else {                     /* register to register */
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 *srcreg;
+            u32 mask;
+
+            srcreg = DECODE_RM_LONG_REGISTER(rl);
+            shift = fetch_byte_imm();
+            DECODE_PRINTF2(",%d\n", shift);
+            TRACE_AND_STEP();
+            bit = shift & 0x1F;
+            mask = (0x1 << bit);
+            CONDITIONAL_SET_FLAG(*srcreg & mask,F_CF);
+            switch (rh) {
+            case 5:
+                *srcreg |= mask;
+                break;
+            case 6:
+                *srcreg &= ~mask;
+                break;
+            case 7:
+                *srcreg ^= mask;
+                break;
+            default:
+                break;
+            }
+        } else {
+            u16 *srcreg;
+            u16 mask;
+
+            srcreg = DECODE_RM_WORD_REGISTER(rl);
+            shift = fetch_byte_imm();
+            DECODE_PRINTF2(",%d\n", shift);
+            TRACE_AND_STEP();
+            bit = shift & 0xF;
+            mask = (0x1 << bit);
+            CONDITIONAL_SET_FLAG(*srcreg & mask,F_CF);
+            switch (rh) {
+            case 5:
+                *srcreg |= mask;
+                break;
+            case 6:
+                *srcreg &= ~mask;
+                break;
+            case 7:
+                *srcreg ^= mask;
+                break;
+            default:
+                break;
+            }
+        }
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x0f,0xbb
+****************************************************************************/
+static void x86emuOp2_btc_R(u8 X86EMU_UNUSED(op2))
+{
+    int mod, rl, rh;
+    uint srcoffset;
+    int bit,disp;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("BTC\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (mod < 3) {
+        srcoffset = decode_rmXX_address(mod, rl);
+        DECODE_PRINTF(",");
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 srcval,mask;
+            u32 *shiftreg;
+
+            shiftreg = DECODE_RM_LONG_REGISTER(rh);
+            TRACE_AND_STEP();
+            bit = *shiftreg & 0x1F;
+            disp = (s16)*shiftreg >> 5;
+            srcval = fetch_data_long(srcoffset+disp);
+            mask = (0x1 << bit);
+            CONDITIONAL_SET_FLAG(srcval & mask,F_CF);
+            store_data_long(srcoffset+disp, srcval ^ mask);
+        } else {
+            u16 srcval,mask;
+            u16 *shiftreg;
+
+            shiftreg = DECODE_RM_WORD_REGISTER(rh);
+            TRACE_AND_STEP();
+            bit = *shiftreg & 0xF;
+            disp = (s16)*shiftreg >> 4;
+            srcval = fetch_data_word(srcoffset+disp);
+            mask = (u16)(0x1 << bit);
+            CONDITIONAL_SET_FLAG(srcval & mask,F_CF);
+            store_data_word(srcoffset+disp, (u16)(srcval ^ mask));
+        }
+    } else {                     /* register to register */
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 *srcreg,*shiftreg;
+            u32 mask;
+
+            srcreg = DECODE_RM_LONG_REGISTER(rl);
+            DECODE_PRINTF(",");
+            shiftreg = DECODE_RM_LONG_REGISTER(rh);
+            TRACE_AND_STEP();
+            bit = *shiftreg & 0x1F;
+            mask = (0x1 << bit);
+            CONDITIONAL_SET_FLAG(*srcreg & mask,F_CF);
+            *srcreg ^= mask;
+        } else {
+            u16 *srcreg,*shiftreg;
+            u16 mask;
+
+            srcreg = DECODE_RM_WORD_REGISTER(rl);
+            DECODE_PRINTF(",");
+            shiftreg = DECODE_RM_WORD_REGISTER(rh);
+            TRACE_AND_STEP();
+            bit = *shiftreg & 0xF;
+            mask = (u16)(0x1 << bit);
+            CONDITIONAL_SET_FLAG(*srcreg & mask,F_CF);
+            *srcreg ^= mask;
+        }
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x0f,0xbc
+****************************************************************************/
+static void x86emuOp2_bsf(u8 X86EMU_UNUSED(op2))
+{
+    int mod, rl, rh;
+    uint srcoffset;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("BSF\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (mod < 3) {
+        srcoffset = decode_rmXX_address(mod, rl);
+        DECODE_PRINTF(",");
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 srcval, *dstreg;
+
+            dstreg = DECODE_RM_LONG_REGISTER(rh);
+            TRACE_AND_STEP();
+            srcval = fetch_data_long(srcoffset);
+            CONDITIONAL_SET_FLAG(srcval == 0, F_ZF);
+            for(*dstreg = 0; *dstreg < 32; (*dstreg)++)
+                if ((srcval >> *dstreg) & 1) break;
+        } else {
+            u16 srcval, *dstreg;
+
+            dstreg = DECODE_RM_WORD_REGISTER(rh);
+            TRACE_AND_STEP();
+            srcval = fetch_data_word(srcoffset);
+            CONDITIONAL_SET_FLAG(srcval == 0, F_ZF);
+            for(*dstreg = 0; *dstreg < 16; (*dstreg)++)
+                if ((srcval >> *dstreg) & 1) break;
+        }
+    } else {             /* register to register */
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 srcval, *dstreg;
+
+            srcval = *DECODE_RM_LONG_REGISTER(rl);
+            DECODE_PRINTF(",");
+            dstreg = DECODE_RM_LONG_REGISTER(rh);
+            TRACE_AND_STEP();
+            CONDITIONAL_SET_FLAG(srcval == 0, F_ZF);
+            for(*dstreg = 0; *dstreg < 32; (*dstreg)++)
+                if ((srcval >> *dstreg) & 1) break;
+        } else {
+            u16 srcval, *dstreg;
+
+            srcval = *DECODE_RM_WORD_REGISTER(rl);
+            DECODE_PRINTF(",");
+            dstreg = DECODE_RM_WORD_REGISTER(rh);
+            TRACE_AND_STEP();
+            CONDITIONAL_SET_FLAG(srcval == 0, F_ZF);
+            for(*dstreg = 0; *dstreg < 16; (*dstreg)++)
+                if ((srcval >> *dstreg) & 1) break;
+        }
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x0f,0xbd
+****************************************************************************/
+static void x86emuOp2_bsr(u8 X86EMU_UNUSED(op2))
+{
+    int mod, rl, rh;
+    uint srcoffset;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("BSR\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (mod < 3) {
+        srcoffset = decode_rmXX_address(mod, rl);
+        DECODE_PRINTF(",");
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 srcval, *dstreg;
+
+            dstreg = DECODE_RM_LONG_REGISTER(rh);
+            TRACE_AND_STEP();
+            srcval = fetch_data_long(srcoffset);
+            CONDITIONAL_SET_FLAG(srcval == 0, F_ZF);
+            for(*dstreg = 31; *dstreg > 0; (*dstreg)--)
+                if ((srcval >> *dstreg) & 1) break;
+        } else {
+            u16 srcval, *dstreg;
+
+            dstreg = DECODE_RM_WORD_REGISTER(rh);
+            TRACE_AND_STEP();
+            srcval = fetch_data_word(srcoffset);
+            CONDITIONAL_SET_FLAG(srcval == 0, F_ZF);
+            for(*dstreg = 15; *dstreg > 0; (*dstreg)--)
+                if ((srcval >> *dstreg) & 1) break;
+        }
+    } else {             /* register to register */
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 srcval, *dstreg;
+
+            srcval = *DECODE_RM_LONG_REGISTER(rl);
+            DECODE_PRINTF(",");
+            dstreg = DECODE_RM_LONG_REGISTER(rh);
+            TRACE_AND_STEP();
+            CONDITIONAL_SET_FLAG(srcval == 0, F_ZF);
+            for(*dstreg = 31; *dstreg > 0; (*dstreg)--)
+                if ((srcval >> *dstreg) & 1) break;
+        } else {
+            u16 srcval, *dstreg;
+
+            srcval = *DECODE_RM_WORD_REGISTER(rl);
+            DECODE_PRINTF(",");
+            dstreg = DECODE_RM_WORD_REGISTER(rh);
+            TRACE_AND_STEP();
+            CONDITIONAL_SET_FLAG(srcval == 0, F_ZF);
+            for(*dstreg = 15; *dstreg > 0; (*dstreg)--)
+                if ((srcval >> *dstreg) & 1) break;
+        }
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x0f,0xbe
+****************************************************************************/
+static void x86emuOp2_movsx_byte_R_RM(u8 X86EMU_UNUSED(op2))
+{
+    int mod, rl, rh;
+    uint srcoffset;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("MOVSX\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (mod < 3) {
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 *destreg;
+            u32 srcval;
+
+            destreg = DECODE_RM_LONG_REGISTER(rh);
+            DECODE_PRINTF(",");
+            srcoffset = decode_rmXX_address(mod, rl);
+            srcval = (s32)((s8)fetch_data_byte(srcoffset));
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            *destreg = srcval;
+        } else {
+            u16 *destreg;
+            u16 srcval;
+
+            destreg = DECODE_RM_WORD_REGISTER(rh);
+            DECODE_PRINTF(",");
+            srcoffset = decode_rmXX_address(mod, rl);
+            srcval = (s16)((s8)fetch_data_byte(srcoffset));
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            *destreg = srcval;
+        }
+    } else {                     /* register to register */
+        if (M.x86.mode & SYSMODE_PREFIX_DATA) {
+            u32 *destreg;
+            u8  *srcreg;
+
+            destreg = DECODE_RM_LONG_REGISTER(rh);
+            DECODE_PRINTF(",");
+            srcreg = DECODE_RM_BYTE_REGISTER(rl);
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            *destreg = (s32)((s8)*srcreg);
+        } else {
+            u16 *destreg;
+            u8  *srcreg;
+
+            destreg = DECODE_RM_WORD_REGISTER(rh);
+            DECODE_PRINTF(",");
+            srcreg = DECODE_RM_BYTE_REGISTER(rl);
+            DECODE_PRINTF("\n");
+            TRACE_AND_STEP();
+            *destreg = (s16)((s8)*srcreg);
+        }
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/****************************************************************************
+REMARKS:
+Handles opcode 0x0f,0xbf
+****************************************************************************/
+static void x86emuOp2_movsx_word_R_RM(u8 X86EMU_UNUSED(op2))
+{
+    int mod, rl, rh;
+    uint srcoffset;
+    u32 *destreg;
+    u32 srcval;
+    u16 *srcreg;
+
+    START_OF_INSTR();
+    DECODE_PRINTF("MOVSX\t");
+    FETCH_DECODE_MODRM(mod, rh, rl);
+    if (mod < 3) {
+        destreg = DECODE_RM_LONG_REGISTER(rh);
+        DECODE_PRINTF(",");
+        srcoffset = decode_rmXX_address(mod, rl);
+        srcval = (s32)((s16)fetch_data_word(srcoffset));
+        DECODE_PRINTF("\n");
+        TRACE_AND_STEP();
+        *destreg = srcval;
+    } else {                     /* register to register */
+        destreg = DECODE_RM_LONG_REGISTER(rh);
+        DECODE_PRINTF(",");
+        srcreg = DECODE_RM_WORD_REGISTER(rl);
+        DECODE_PRINTF("\n");
+        TRACE_AND_STEP();
+        *destreg = (s32)((s16)*srcreg);
+    }
+    DECODE_CLEAR_SEGOVR();
+    END_OF_INSTR();
+}
+
+/***************************************************************************
+ * Double byte operation code table:
+ **************************************************************************/
+void (*x86emu_optab2[256])(u8) =
+{
+/*  0x00 */ x86emuOp2_illegal_op,  /* Group F (ring 0 PM)      */
+/*  0x01 */ x86emuOp2_opc_01,      /* Group G (ring 0 PM)      */
+/*  0x02 */ x86emuOp2_illegal_op,  /* lar (ring 0 PM)          */
+/*  0x03 */ x86emuOp2_illegal_op,  /* lsl (ring 0 PM)          */
+/*  0x04 */ x86emuOp2_illegal_op,
+/*  0x05 */ x86emuOp2_illegal_op,  /* loadall (undocumented)   */
+/*  0x06 */ x86emuOp2_illegal_op,  /* clts (ring 0 PM)         */
+/*  0x07 */ x86emuOp2_illegal_op,  /* loadall (undocumented)   */
+/*  0x08 */ x86emuOp2_invd,        /* invd (ring 0 PM)         */
+/*  0x09 */ x86emuOp2_wbinvd,      /* wbinvd (ring 0 PM)       */
+/*  0x0a */ x86emuOp2_illegal_op,
+/*  0x0b */ x86emuOp2_illegal_op,
+/*  0x0c */ x86emuOp2_illegal_op,
+/*  0x0d */ x86emuOp2_illegal_op,
+/*  0x0e */ x86emuOp2_illegal_op,
+/*  0x0f */ x86emuOp2_illegal_op,
+
+/*  0x10 */ x86emuOp2_illegal_op,
+/*  0x11 */ x86emuOp2_illegal_op,
+/*  0x12 */ x86emuOp2_illegal_op,
+/*  0x13 */ x86emuOp2_illegal_op,
+/*  0x14 */ x86emuOp2_illegal_op,
+/*  0x15 */ x86emuOp2_illegal_op,
+/*  0x16 */ x86emuOp2_illegal_op,
+/*  0x17 */ x86emuOp2_illegal_op,
+/*  0x18 */ x86emuOp2_illegal_op,
+/*  0x19 */ x86emuOp2_illegal_op,
+/*  0x1a */ x86emuOp2_illegal_op,
+/*  0x1b */ x86emuOp2_illegal_op,
+/*  0x1c */ x86emuOp2_illegal_op,
+/*  0x1d */ x86emuOp2_illegal_op,
+/*  0x1e */ x86emuOp2_illegal_op,
+/*  0x1f */ x86emuOp2_illegal_op,
+
+/*  0x20 */ x86emuOp2_illegal_op,  /* mov reg32,creg (ring 0 PM) */
+/*  0x21 */ x86emuOp2_illegal_op,  /* mov reg32,dreg (ring 0 PM) */
+/*  0x22 */ x86emuOp2_illegal_op,  /* mov creg,reg32 (ring 0 PM) */
+/*  0x23 */ x86emuOp2_illegal_op,  /* mov dreg,reg32 (ring 0 PM) */
+/*  0x24 */ x86emuOp2_illegal_op,  /* mov reg32,treg (ring 0 PM) */
+/*  0x25 */ x86emuOp2_illegal_op,
+/*  0x26 */ x86emuOp2_illegal_op,  /* mov treg,reg32 (ring 0 PM) */
+/*  0x27 */ x86emuOp2_illegal_op,
+/*  0x28 */ x86emuOp2_illegal_op,
+/*  0x29 */ x86emuOp2_illegal_op,
+/*  0x2a */ x86emuOp2_illegal_op,
+/*  0x2b */ x86emuOp2_illegal_op,
+/*  0x2c */ x86emuOp2_illegal_op,
+/*  0x2d */ x86emuOp2_illegal_op,
+/*  0x2e */ x86emuOp2_illegal_op,
+/*  0x2f */ x86emuOp2_illegal_op,
+
+/*  0x30 */ x86emuOp2_wrmsr,
+/*  0x31 */ x86emuOp2_rdtsc,
+/*  0x32 */ x86emuOp2_rdmsr,
+/*  0x33 */ x86emuOp2_illegal_op,
+/*  0x34 */ x86emuOp2_illegal_op,
+/*  0x35 */ x86emuOp2_illegal_op,
+/*  0x36 */ x86emuOp2_illegal_op,
+/*  0x37 */ x86emuOp2_illegal_op,
+/*  0x38 */ x86emuOp2_illegal_op,
+/*  0x39 */ x86emuOp2_illegal_op,
+/*  0x3a */ x86emuOp2_illegal_op,
+/*  0x3b */ x86emuOp2_illegal_op,
+/*  0x3c */ x86emuOp2_illegal_op,
+/*  0x3d */ x86emuOp2_illegal_op,
+/*  0x3e */ x86emuOp2_illegal_op,
+/*  0x3f */ x86emuOp2_illegal_op,
+
+/*  0x40 */ x86emuOp2_illegal_op,
+/*  0x41 */ x86emuOp2_illegal_op,
+/*  0x42 */ x86emuOp2_illegal_op,
+/*  0x43 */ x86emuOp2_illegal_op,
+/*  0x44 */ x86emuOp2_illegal_op,
+/*  0x45 */ x86emuOp2_illegal_op,
+/*  0x46 */ x86emuOp2_illegal_op,
+/*  0x47 */ x86emuOp2_illegal_op,
+/*  0x48 */ x86emuOp2_illegal_op,
+/*  0x49 */ x86emuOp2_illegal_op,
+/*  0x4a */ x86emuOp2_illegal_op,
+/*  0x4b */ x86emuOp2_illegal_op,
+/*  0x4c */ x86emuOp2_illegal_op,
+/*  0x4d */ x86emuOp2_illegal_op,
+/*  0x4e */ x86emuOp2_illegal_op,
+/*  0x4f */ x86emuOp2_illegal_op,
+
+/*  0x50 */ x86emuOp2_illegal_op,
+/*  0x51 */ x86emuOp2_illegal_op,
+/*  0x52 */ x86emuOp2_illegal_op,
+/*  0x53 */ x86emuOp2_illegal_op,
+/*  0x54 */ x86emuOp2_illegal_op,
+/*  0x55 */ x86emuOp2_illegal_op,
+/*  0x56 */ x86emuOp2_illegal_op,
+/*  0x57 */ x86emuOp2_illegal_op,
+/*  0x58 */ x86emuOp2_illegal_op,
+/*  0x59 */ x86emuOp2_illegal_op,
+/*  0x5a */ x86emuOp2_illegal_op,
+/*  0x5b */ x86emuOp2_illegal_op,
+/*  0x5c */ x86emuOp2_illegal_op,
+/*  0x5d */ x86emuOp2_illegal_op,
+/*  0x5e */ x86emuOp2_illegal_op,
+/*  0x5f */ x86emuOp2_illegal_op,
+
+/*  0x60 */ x86emuOp2_illegal_op,
+/*  0x61 */ x86emuOp2_illegal_op,
+/*  0x62 */ x86emuOp2_illegal_op,
+/*  0x63 */ x86emuOp2_illegal_op,
+/*  0x64 */ x86emuOp2_illegal_op,
+/*  0x65 */ x86emuOp2_illegal_op,
+/*  0x66 */ x86emuOp2_illegal_op,
+/*  0x67 */ x86emuOp2_illegal_op,
+/*  0x68 */ x86emuOp2_illegal_op,
+/*  0x69 */ x86emuOp2_illegal_op,
+/*  0x6a */ x86emuOp2_illegal_op,
+/*  0x6b */ x86emuOp2_illegal_op,
+/*  0x6c */ x86emuOp2_illegal_op,
+/*  0x6d */ x86emuOp2_illegal_op,
+/*  0x6e */ x86emuOp2_illegal_op,
+/*  0x6f */ x86emuOp2_illegal_op,
+
+/*  0x70 */ x86emuOp2_illegal_op,
+/*  0x71 */ x86emuOp2_illegal_op,
+/*  0x72 */ x86emuOp2_illegal_op,
+/*  0x73 */ x86emuOp2_illegal_op,
+/*  0x74 */ x86emuOp2_illegal_op,
+/*  0x75 */ x86emuOp2_illegal_op,
+/*  0x76 */ x86emuOp2_illegal_op,
+/*  0x77 */ x86emuOp2_illegal_op,
+/*  0x78 */ x86emuOp2_illegal_op,
+/*  0x79 */ x86emuOp2_illegal_op,
+/*  0x7a */ x86emuOp2_illegal_op,
+/*  0x7b */ x86emuOp2_illegal_op,
+/*  0x7c */ x86emuOp2_illegal_op,
+/*  0x7d */ x86emuOp2_illegal_op,
+/*  0x7e */ x86emuOp2_illegal_op,
+/*  0x7f */ x86emuOp2_illegal_op,
+
+/*  0x80 */ x86emuOp2_long_jump,
+/*  0x81 */ x86emuOp2_long_jump,
+/*  0x82 */ x86emuOp2_long_jump,
+/*  0x83 */ x86emuOp2_long_jump,
+/*  0x84 */ x86emuOp2_long_jump,
+/*  0x85 */ x86emuOp2_long_jump,
+/*  0x86 */ x86emuOp2_long_jump,
+/*  0x87 */ x86emuOp2_long_jump,
+/*  0x88 */ x86emuOp2_long_jump,
+/*  0x89 */ x86emuOp2_long_jump,
+/*  0x8a */ x86emuOp2_long_jump,
+/*  0x8b */ x86emuOp2_long_jump,
+/*  0x8c */ x86emuOp2_long_jump,
+/*  0x8d */ x86emuOp2_long_jump,
+/*  0x8e */ x86emuOp2_long_jump,
+/*  0x8f */ x86emuOp2_long_jump,
+
+/*  0x90 */ x86emuOp2_set_byte,
+/*  0x91 */ x86emuOp2_set_byte,
+/*  0x92 */ x86emuOp2_set_byte,
+/*  0x93 */ x86emuOp2_set_byte,
+/*  0x94 */ x86emuOp2_set_byte,
+/*  0x95 */ x86emuOp2_set_byte,
+/*  0x96 */ x86emuOp2_set_byte,
+/*  0x97 */ x86emuOp2_set_byte,
+/*  0x98 */ x86emuOp2_set_byte,
+/*  0x99 */ x86emuOp2_set_byte,
+/*  0x9a */ x86emuOp2_set_byte,
+/*  0x9b */ x86emuOp2_set_byte,
+/*  0x9c */ x86emuOp2_set_byte,
+/*  0x9d */ x86emuOp2_set_byte,
+/*  0x9e */ x86emuOp2_set_byte,
+/*  0x9f */ x86emuOp2_set_byte,
+
+/*  0xa0 */ x86emuOp2_push_FS,
+/*  0xa1 */ x86emuOp2_pop_FS,
+/*  0xa2 */ x86emuOp2_cpuid,
+/*  0xa3 */ x86emuOp2_bt_R,
+/*  0xa4 */ x86emuOp2_shld_IMM,
+/*  0xa5 */ x86emuOp2_shld_CL,
+/*  0xa6 */ x86emuOp2_illegal_op,
+/*  0xa7 */ x86emuOp2_illegal_op,
+/*  0xa8 */ x86emuOp2_push_GS,
+/*  0xa9 */ x86emuOp2_pop_GS,
+/*  0xaa */ x86emuOp2_illegal_op,
+/*  0xab */ x86emuOp2_bts_R,
+/*  0xac */ x86emuOp2_shrd_IMM,
+/*  0xad */ x86emuOp2_shrd_CL,
+/*  0xae */ x86emuOp2_illegal_op,
+/*  0xaf */ x86emuOp2_imul_R_RM,
+
+/*  0xb0 */ x86emuOp2_illegal_op,  /* TODO: cmpxchg */
+/*  0xb1 */ x86emuOp2_illegal_op,  /* TODO: cmpxchg */
+/*  0xb2 */ x86emuOp2_lss_R_IMM,
+/*  0xb3 */ x86emuOp2_btr_R,
+/*  0xb4 */ x86emuOp2_lfs_R_IMM,
+/*  0xb5 */ x86emuOp2_lgs_R_IMM,
+/*  0xb6 */ x86emuOp2_movzx_byte_R_RM,
+/*  0xb7 */ x86emuOp2_movzx_word_R_RM,
+/*  0xb8 */ x86emuOp2_illegal_op,
+/*  0xb9 */ x86emuOp2_illegal_op,
+/*  0xba */ x86emuOp2_btX_I,
+/*  0xbb */ x86emuOp2_btc_R,
+/*  0xbc */ x86emuOp2_bsf,
+/*  0xbd */ x86emuOp2_bsr,
+/*  0xbe */ x86emuOp2_movsx_byte_R_RM,
+/*  0xbf */ x86emuOp2_movsx_word_R_RM,
+
+/*  0xc0 */ x86emuOp2_illegal_op,  /* TODO: xadd */
+/*  0xc1 */ x86emuOp2_illegal_op,  /* TODO: xadd */
+/*  0xc2 */ x86emuOp2_illegal_op,
+/*  0xc3 */ x86emuOp2_illegal_op,
+/*  0xc4 */ x86emuOp2_illegal_op,
+/*  0xc5 */ x86emuOp2_illegal_op,
+/*  0xc6 */ x86emuOp2_illegal_op,
+/*  0xc7 */ x86emuOp2_illegal_op,
+/*  0xc8 */ x86emuOp2_bswap,
+/*  0xc9 */ x86emuOp2_bswap,
+/*  0xca */ x86emuOp2_bswap,
+/*  0xcb */ x86emuOp2_bswap,
+/*  0xcc */ x86emuOp2_bswap,
+/*  0xcd */ x86emuOp2_bswap,
+/*  0xce */ x86emuOp2_bswap,
+/*  0xcf */ x86emuOp2_bswap,
+
+/*  0xd0 */ x86emuOp2_illegal_op,
+/*  0xd1 */ x86emuOp2_illegal_op,
+/*  0xd2 */ x86emuOp2_illegal_op,
+/*  0xd3 */ x86emuOp2_illegal_op,
+/*  0xd4 */ x86emuOp2_illegal_op,
+/*  0xd5 */ x86emuOp2_illegal_op,
+/*  0xd6 */ x86emuOp2_illegal_op,
+/*  0xd7 */ x86emuOp2_illegal_op,
+/*  0xd8 */ x86emuOp2_illegal_op,
+/*  0xd9 */ x86emuOp2_illegal_op,
+/*  0xda */ x86emuOp2_illegal_op,
+/*  0xdb */ x86emuOp2_illegal_op,
+/*  0xdc */ x86emuOp2_illegal_op,
+/*  0xdd */ x86emuOp2_illegal_op,
+/*  0xde */ x86emuOp2_illegal_op,
+/*  0xdf */ x86emuOp2_illegal_op,
+
+/*  0xe0 */ x86emuOp2_illegal_op,
+/*  0xe1 */ x86emuOp2_illegal_op,
+/*  0xe2 */ x86emuOp2_illegal_op,
+/*  0xe3 */ x86emuOp2_illegal_op,
+/*  0xe4 */ x86emuOp2_illegal_op,
+/*  0xe5 */ x86emuOp2_illegal_op,
+/*  0xe6 */ x86emuOp2_illegal_op,
+/*  0xe7 */ x86emuOp2_illegal_op,
+/*  0xe8 */ x86emuOp2_illegal_op,
+/*  0xe9 */ x86emuOp2_illegal_op,
+/*  0xea */ x86emuOp2_illegal_op,
+/*  0xeb */ x86emuOp2_illegal_op,
+/*  0xec */ x86emuOp2_illegal_op,
+/*  0xed */ x86emuOp2_illegal_op,
+/*  0xee */ x86emuOp2_illegal_op,
+/*  0xef */ x86emuOp2_illegal_op,
+
+/*  0xf0 */ x86emuOp2_illegal_op,
+/*  0xf1 */ x86emuOp2_illegal_op,
+/*  0xf2 */ x86emuOp2_illegal_op,
+/*  0xf3 */ x86emuOp2_illegal_op,
+/*  0xf4 */ x86emuOp2_illegal_op,
+/*  0xf5 */ x86emuOp2_illegal_op,
+/*  0xf6 */ x86emuOp2_illegal_op,
+/*  0xf7 */ x86emuOp2_illegal_op,
+/*  0xf8 */ x86emuOp2_illegal_op,
+/*  0xf9 */ x86emuOp2_illegal_op,
+/*  0xfa */ x86emuOp2_illegal_op,
+/*  0xfb */ x86emuOp2_illegal_op,
+/*  0xfc */ x86emuOp2_illegal_op,
+/*  0xfd */ x86emuOp2_illegal_op,
+/*  0xfe */ x86emuOp2_illegal_op,
+/*  0xff */ x86emuOp2_illegal_op,
+};
diff --git a/src/device/oprom/x86emu/prim_asm.h b/src/device/oprom/x86emu/prim_asm.h
new file mode 100644
index 0000000..4fa8d55
--- /dev/null
+++ b/src/device/oprom/x86emu/prim_asm.h
@@ -0,0 +1,971 @@
+/****************************************************************************
+*
+*						Realmode X86 Emulator Library
+*
+*            	Copyright (C) 1996-1999 SciTech Software, Inc.
+* 				     Copyright (C) David Mosberger-Tang
+* 					   Copyright (C) 1999 Egbert Eich
+*
+*  ========================================================================
+*
+*  Permission to use, copy, modify, distribute, and sell this software and
+*  its documentation for any purpose is hereby granted without fee,
+*  provided that the above copyright notice appear in all copies and that
+*  both that copyright notice and this permission notice appear in
+*  supporting documentation, and that the name of the authors not be used
+*  in advertising or publicity pertaining to distribution of the software
+*  without specific, written prior permission.  The authors makes no
+*  representations about the suitability of this software for any purpose.
+*  It is provided "as is" without express or implied warranty.
+*
+*  THE AUTHORS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
+*  INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
+*  EVENT SHALL THE AUTHORS BE LIABLE FOR ANY SPECIAL, INDIRECT OR
+*  CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
+*  USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
+*  OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+*  PERFORMANCE OF THIS SOFTWARE.
+*
+*  ========================================================================
+*
+* Language:		Watcom C++ 10.6 or later
+* Environment:	Any
+* Developer:    Kendall Bennett
+*
+* Description:  Inline assembler versions of the primitive operand
+*				functions for faster performance. At the moment this is
+*				x86 inline assembler, but these functions could be replaced
+*				with native inline assembler for each supported processor
+*				platform.
+*
+****************************************************************************/
+/* $XFree86: xc/extras/x86emu/src/x86emu/x86emu/prim_asm.h,v 1.3 2000/04/19 15:48:15 tsi Exp $ */
+
+#ifndef	__X86EMU_PRIM_ASM_H
+#define	__X86EMU_PRIM_ASM_H
+
+#ifdef	__WATCOMC__
+
+#ifndef	VALIDATE
+#define	__HAVE_INLINE_ASSEMBLER__
+#endif
+
+u32		get_flags_asm(void);
+#pragma aux get_flags_asm =			\
+	"pushf"                         \
+	"pop	eax"                  	\
+	value [eax]                     \
+	modify exact [eax];
+
+u16     aaa_word_asm(u32 *flags,u16 d);
+#pragma aux aaa_word_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"aaa"                  			\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [ax] 				\
+	value [ax]                      \
+	modify exact [ax];
+
+u16     aas_word_asm(u32 *flags,u16 d);
+#pragma aux aas_word_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"aas"                  			\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [ax] 				\
+	value [ax]                      \
+	modify exact [ax];
+
+u16     aad_word_asm(u32 *flags,u16 d);
+#pragma aux aad_word_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"aad"                  			\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [ax] 				\
+	value [ax]                      \
+	modify exact [ax];
+
+u16     aam_word_asm(u32 *flags,u8 d);
+#pragma aux aam_word_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"aam"                  			\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [al] 				\
+	value [ax]                      \
+	modify exact [ax];
+
+u8      adc_byte_asm(u32 *flags,u8 d, u8 s);
+#pragma aux adc_byte_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"adc	al,bl"                  \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [al] [bl]            \
+	value [al]                      \
+	modify exact [al bl];
+
+u16     adc_word_asm(u32 *flags,u16 d, u16 s);
+#pragma aux adc_word_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"adc	ax,bx"                  \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [ax] [bx]            \
+	value [ax]                      \
+	modify exact [ax bx];
+
+u32     adc_long_asm(u32 *flags,u32 d, u32 s);
+#pragma aux adc_long_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"adc	eax,ebx"                \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [eax] [ebx]          \
+	value [eax]                     \
+	modify exact [eax ebx];
+
+u8      add_byte_asm(u32 *flags,u8 d, u8 s);
+#pragma aux add_byte_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"add	al,bl"                  \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [al] [bl]            \
+	value [al]                      \
+	modify exact [al bl];
+
+u16     add_word_asm(u32 *flags,u16 d, u16 s);
+#pragma aux add_word_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"add	ax,bx"                  \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [ax] [bx]            \
+	value [ax]                      \
+	modify exact [ax bx];
+
+u32     add_long_asm(u32 *flags,u32 d, u32 s);
+#pragma aux add_long_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"add	eax,ebx"                \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [eax] [ebx]          \
+	value [eax]                     \
+	modify exact [eax ebx];
+
+u8      and_byte_asm(u32 *flags,u8 d, u8 s);
+#pragma aux and_byte_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"and	al,bl"                  \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [al] [bl]            \
+	value [al]                      \
+	modify exact [al bl];
+
+u16     and_word_asm(u32 *flags,u16 d, u16 s);
+#pragma aux and_word_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"and	ax,bx"                  \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [ax] [bx]            \
+	value [ax]                      \
+	modify exact [ax bx];
+
+u32     and_long_asm(u32 *flags,u32 d, u32 s);
+#pragma aux and_long_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"and	eax,ebx"                \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [eax] [ebx]          \
+	value [eax]                     \
+	modify exact [eax ebx];
+
+u8      cmp_byte_asm(u32 *flags,u8 d, u8 s);
+#pragma aux cmp_byte_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"cmp	al,bl"                  \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [al] [bl]            \
+	value [al]                      \
+	modify exact [al bl];
+
+u16     cmp_word_asm(u32 *flags,u16 d, u16 s);
+#pragma aux cmp_word_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"cmp	ax,bx"                  \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [ax] [bx]            \
+	value [ax]                      \
+	modify exact [ax bx];
+
+u32     cmp_long_asm(u32 *flags,u32 d, u32 s);
+#pragma aux cmp_long_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"cmp	eax,ebx"                \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [eax] [ebx]          \
+	value [eax]                     \
+	modify exact [eax ebx];
+
+u8      daa_byte_asm(u32 *flags,u8 d);
+#pragma aux daa_byte_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"daa"                  			\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [al]            		\
+	value [al]                      \
+	modify exact [al];
+
+u8      das_byte_asm(u32 *flags,u8 d);
+#pragma aux das_byte_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"das"                  			\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [al]            		\
+	value [al]                      \
+	modify exact [al];
+
+u8      dec_byte_asm(u32 *flags,u8 d);
+#pragma aux dec_byte_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"dec	al"                  	\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [al]            		\
+	value [al]                      \
+	modify exact [al];
+
+u16     dec_word_asm(u32 *flags,u16 d);
+#pragma aux dec_word_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"dec	ax"                  	\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [ax]            		\
+	value [ax]                      \
+	modify exact [ax];
+
+u32     dec_long_asm(u32 *flags,u32 d);
+#pragma aux dec_long_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"dec	eax"                	\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [eax]          		\
+	value [eax]                     \
+	modify exact [eax];
+
+u8      inc_byte_asm(u32 *flags,u8 d);
+#pragma aux inc_byte_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"inc	al"                  	\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [al]            		\
+	value [al]                      \
+	modify exact [al];
+
+u16     inc_word_asm(u32 *flags,u16 d);
+#pragma aux inc_word_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"inc	ax"                  	\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [ax]            		\
+	value [ax]                      \
+	modify exact [ax];
+
+u32     inc_long_asm(u32 *flags,u32 d);
+#pragma aux inc_long_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"inc	eax"                	\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [eax]          		\
+	value [eax]                     \
+	modify exact [eax];
+
+u8      or_byte_asm(u32 *flags,u8 d, u8 s);
+#pragma aux or_byte_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"or	al,bl"                  	\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [al] [bl]            \
+	value [al]                      \
+	modify exact [al bl];
+
+u16     or_word_asm(u32 *flags,u16 d, u16 s);
+#pragma aux or_word_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"or	ax,bx"                  	\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [ax] [bx]            \
+	value [ax]                      \
+	modify exact [ax bx];
+
+u32     or_long_asm(u32 *flags,u32 d, u32 s);
+#pragma aux or_long_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"or	eax,ebx"                	\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [eax] [ebx]          \
+	value [eax]                     \
+	modify exact [eax ebx];
+
+u8      neg_byte_asm(u32 *flags,u8 d);
+#pragma aux neg_byte_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"neg	al"                  	\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [al]            		\
+	value [al]                      \
+	modify exact [al];
+
+u16     neg_word_asm(u32 *flags,u16 d);
+#pragma aux neg_word_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"neg	ax"                  	\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [ax]            		\
+	value [ax]                      \
+	modify exact [ax];
+
+u32     neg_long_asm(u32 *flags,u32 d);
+#pragma aux neg_long_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"neg	eax"                	\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [eax]          		\
+	value [eax]                     \
+	modify exact [eax];
+
+u8      not_byte_asm(u32 *flags,u8 d);
+#pragma aux not_byte_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"not	al"                  	\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [al]            		\
+	value [al]                      \
+	modify exact [al];
+
+u16     not_word_asm(u32 *flags,u16 d);
+#pragma aux not_word_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"not	ax"                  	\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [ax]            		\
+	value [ax]                      \
+	modify exact [ax];
+
+u32     not_long_asm(u32 *flags,u32 d);
+#pragma aux not_long_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"not	eax"                	\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [eax]          		\
+	value [eax]                     \
+	modify exact [eax];
+
+u8      rcl_byte_asm(u32 *flags,u8 d, u8 s);
+#pragma aux rcl_byte_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"rcl	al,cl"                  \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [al] [cl]            \
+	value [al]                      \
+	modify exact [al cl];
+
+u16     rcl_word_asm(u32 *flags,u16 d, u8 s);
+#pragma aux rcl_word_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"rcl	ax,cl"                  \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [ax] [cl]            \
+	value [ax]                      \
+	modify exact [ax cl];
+
+u32     rcl_long_asm(u32 *flags,u32 d, u8 s);
+#pragma aux rcl_long_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"rcl	eax,cl"                	\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [eax] [cl]          	\
+	value [eax]                     \
+	modify exact [eax cl];
+
+u8      rcr_byte_asm(u32 *flags,u8 d, u8 s);
+#pragma aux rcr_byte_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"rcr	al,cl"                  \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [al] [cl]            \
+	value [al]                      \
+	modify exact [al cl];
+
+u16     rcr_word_asm(u32 *flags,u16 d, u8 s);
+#pragma aux rcr_word_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"rcr	ax,cl"                  \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [ax] [cl]            \
+	value [ax]                      \
+	modify exact [ax cl];
+
+u32     rcr_long_asm(u32 *flags,u32 d, u8 s);
+#pragma aux rcr_long_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"rcr	eax,cl"                	\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [eax] [cl]          	\
+	value [eax]                     \
+	modify exact [eax cl];
+
+u8      rol_byte_asm(u32 *flags,u8 d, u8 s);
+#pragma aux rol_byte_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"rol	al,cl"                  \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [al] [cl]            \
+	value [al]                      \
+	modify exact [al cl];
+
+u16     rol_word_asm(u32 *flags,u16 d, u8 s);
+#pragma aux rol_word_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"rol	ax,cl"                  \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [ax] [cl]            \
+	value [ax]                      \
+	modify exact [ax cl];
+
+u32     rol_long_asm(u32 *flags,u32 d, u8 s);
+#pragma aux rol_long_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"rol	eax,cl"                	\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [eax] [cl]          	\
+	value [eax]                     \
+	modify exact [eax cl];
+
+u8      ror_byte_asm(u32 *flags,u8 d, u8 s);
+#pragma aux ror_byte_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"ror	al,cl"                  \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [al] [cl]            \
+	value [al]                      \
+	modify exact [al cl];
+
+u16     ror_word_asm(u32 *flags,u16 d, u8 s);
+#pragma aux ror_word_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"ror	ax,cl"                  \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [ax] [cl]            \
+	value [ax]                      \
+	modify exact [ax cl];
+
+u32     ror_long_asm(u32 *flags,u32 d, u8 s);
+#pragma aux ror_long_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"ror	eax,cl"                	\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [eax] [cl]          	\
+	value [eax]                     \
+	modify exact [eax cl];
+
+u8      shl_byte_asm(u32 *flags,u8 d, u8 s);
+#pragma aux shl_byte_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"shl	al,cl"                  \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [al] [cl]            \
+	value [al]                      \
+	modify exact [al cl];
+
+u16     shl_word_asm(u32 *flags,u16 d, u8 s);
+#pragma aux shl_word_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"shl	ax,cl"                  \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [ax] [cl]            \
+	value [ax]                      \
+	modify exact [ax cl];
+
+u32     shl_long_asm(u32 *flags,u32 d, u8 s);
+#pragma aux shl_long_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"shl	eax,cl"                	\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [eax] [cl]          	\
+	value [eax]                     \
+	modify exact [eax cl];
+
+u8      shr_byte_asm(u32 *flags,u8 d, u8 s);
+#pragma aux shr_byte_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"shr	al,cl"                  \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [al] [cl]            \
+	value [al]                      \
+	modify exact [al cl];
+
+u16     shr_word_asm(u32 *flags,u16 d, u8 s);
+#pragma aux shr_word_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"shr	ax,cl"                  \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [ax] [cl]            \
+	value [ax]                      \
+	modify exact [ax cl];
+
+u32     shr_long_asm(u32 *flags,u32 d, u8 s);
+#pragma aux shr_long_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"shr	eax,cl"                	\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [eax] [cl]          	\
+	value [eax]                     \
+	modify exact [eax cl];
+
+u8      sar_byte_asm(u32 *flags,u8 d, u8 s);
+#pragma aux sar_byte_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"sar	al,cl"                  \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [al] [cl]            \
+	value [al]                      \
+	modify exact [al cl];
+
+u16     sar_word_asm(u32 *flags,u16 d, u8 s);
+#pragma aux sar_word_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"sar	ax,cl"                  \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [ax] [cl]            \
+	value [ax]                      \
+	modify exact [ax cl];
+
+u32     sar_long_asm(u32 *flags,u32 d, u8 s);
+#pragma aux sar_long_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"sar	eax,cl"                	\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [eax] [cl]          	\
+	value [eax]                     \
+	modify exact [eax cl];
+
+u16		shld_word_asm(u32 *flags,u16 d, u16 fill, u8 s);
+#pragma aux shld_word_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"shld	ax,dx,cl"               \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [ax] [dx] [cl]       \
+	value [ax]                      \
+	modify exact [ax dx cl];
+
+u32     shld_long_asm(u32 *flags,u32 d, u32 fill, u8 s);
+#pragma aux shld_long_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"shld	eax,edx,cl"             \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [eax] [edx] [cl]     \
+	value [eax]                     \
+	modify exact [eax edx cl];
+
+u16		shrd_word_asm(u32 *flags,u16 d, u16 fill, u8 s);
+#pragma aux shrd_word_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"shrd	ax,dx,cl"               \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [ax] [dx] [cl]       \
+	value [ax]                      \
+	modify exact [ax dx cl];
+
+u32     shrd_long_asm(u32 *flags,u32 d, u32 fill, u8 s);
+#pragma aux shrd_long_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"shrd	eax,edx,cl"             \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [eax] [edx] [cl]     \
+	value [eax]                     \
+	modify exact [eax edx cl];
+
+u8      sbb_byte_asm(u32 *flags,u8 d, u8 s);
+#pragma aux sbb_byte_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"sbb	al,bl"                  \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [al] [bl]            \
+	value [al]                      \
+	modify exact [al bl];
+
+u16     sbb_word_asm(u32 *flags,u16 d, u16 s);
+#pragma aux sbb_word_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"sbb	ax,bx"                  \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [ax] [bx]            \
+	value [ax]                      \
+	modify exact [ax bx];
+
+u32     sbb_long_asm(u32 *flags,u32 d, u32 s);
+#pragma aux sbb_long_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"sbb	eax,ebx"                \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [eax] [ebx]          \
+	value [eax]                     \
+	modify exact [eax ebx];
+
+u8      sub_byte_asm(u32 *flags,u8 d, u8 s);
+#pragma aux sub_byte_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"sub	al,bl"                  \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [al] [bl]            \
+	value [al]                      \
+	modify exact [al bl];
+
+u16     sub_word_asm(u32 *flags,u16 d, u16 s);
+#pragma aux sub_word_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"sub	ax,bx"                  \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [ax] [bx]            \
+	value [ax]                      \
+	modify exact [ax bx];
+
+u32     sub_long_asm(u32 *flags,u32 d, u32 s);
+#pragma aux sub_long_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"sub	eax,ebx"                \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [eax] [ebx]          \
+	value [eax]                     \
+	modify exact [eax ebx];
+
+void	test_byte_asm(u32 *flags,u8 d, u8 s);
+#pragma aux test_byte_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"test	al,bl"                  \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [al] [bl]            \
+	modify exact [al bl];
+
+void	test_word_asm(u32 *flags,u16 d, u16 s);
+#pragma aux test_word_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"test	ax,bx"                  \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [ax] [bx]            \
+	modify exact [ax bx];
+
+void	test_long_asm(u32 *flags,u32 d, u32 s);
+#pragma aux test_long_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"test	eax,ebx"                \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [eax] [ebx]          \
+	modify exact [eax ebx];
+
+u8      xor_byte_asm(u32 *flags,u8 d, u8 s);
+#pragma aux xor_byte_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"xor	al,bl"                  \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [al] [bl]            \
+	value [al]                      \
+	modify exact [al bl];
+
+u16     xor_word_asm(u32 *flags,u16 d, u16 s);
+#pragma aux xor_word_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"xor	ax,bx"                  \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [ax] [bx]            \
+	value [ax]                      \
+	modify exact [ax bx];
+
+u32     xor_long_asm(u32 *flags,u32 d, u32 s);
+#pragma aux xor_long_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"xor	eax,ebx"                \
+	"pushf"                         \
+	"pop	[edi]"            		\
+	parm [edi] [eax] [ebx]          \
+	value [eax]                     \
+	modify exact [eax ebx];
+
+void    imul_byte_asm(u32 *flags,u16 *ax,u8 d,u8 s);
+#pragma aux imul_byte_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"imul	bl"                  	\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	"mov	[esi],ax"				\
+	parm [edi] [esi] [al] [bl]      \
+	modify exact [esi ax bl];
+
+void    imul_word_asm(u32 *flags,u16 *ax,u16 *dx,u16 d,u16 s);
+#pragma aux imul_word_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"imul	bx"                  	\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	"mov	[esi],ax"				\
+	"mov	[ecx],dx"				\
+	parm [edi] [esi] [ecx] [ax] [bx]\
+	modify exact [esi edi ax bx dx];
+
+void    imul_long_asm(u32 *flags,u32 *eax,u32 *edx,u32 d,u32 s);
+#pragma aux imul_long_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"imul	ebx"                  	\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	"mov	[esi],eax"				\
+	"mov	[ecx],edx"				\
+	parm [edi] [esi] [ecx] [eax] [ebx] \
+	modify exact [esi edi eax ebx edx];
+
+void    mul_byte_asm(u32 *flags,u16 *ax,u8 d,u8 s);
+#pragma aux mul_byte_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"mul	bl"                  	\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	"mov	[esi],ax"				\
+	parm [edi] [esi] [al] [bl]      \
+	modify exact [esi ax bl];
+
+void    mul_word_asm(u32 *flags,u16 *ax,u16 *dx,u16 d,u16 s);
+#pragma aux mul_word_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"mul	bx"                  	\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	"mov	[esi],ax"				\
+	"mov	[ecx],dx"				\
+	parm [edi] [esi] [ecx] [ax] [bx]\
+	modify exact [esi edi ax bx dx];
+
+void    mul_long_asm(u32 *flags,u32 *eax,u32 *edx,u32 d,u32 s);
+#pragma aux mul_long_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"mul	ebx"                  	\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	"mov	[esi],eax"				\
+	"mov	[ecx],edx"				\
+	parm [edi] [esi] [ecx] [eax] [ebx] \
+	modify exact [esi edi eax ebx edx];
+
+void	idiv_byte_asm(u32 *flags,u8 *al,u8 *ah,u16 d,u8 s);
+#pragma aux idiv_byte_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"idiv	bl"                  	\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	"mov	[esi],al"				\
+	"mov	[ecx],ah"				\
+	parm [edi] [esi] [ecx] [ax] [bl]\
+	modify exact [esi edi ax bl];
+
+void	idiv_word_asm(u32 *flags,u16 *ax,u16 *dx,u16 dlo,u16 dhi,u16 s);
+#pragma aux idiv_word_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"idiv	bx"                  	\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	"mov	[esi],ax"				\
+	"mov	[ecx],dx"				\
+	parm [edi] [esi] [ecx] [ax] [dx] [bx]\
+	modify exact [esi edi ax dx bx];
+
+void	idiv_long_asm(u32 *flags,u32 *eax,u32 *edx,u32 dlo,u32 dhi,u32 s);
+#pragma aux idiv_long_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"idiv	ebx"                  	\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	"mov	[esi],eax"				\
+	"mov	[ecx],edx"				\
+	parm [edi] [esi] [ecx] [eax] [edx] [ebx]\
+	modify exact [esi edi eax edx ebx];
+
+void	div_byte_asm(u32 *flags,u8 *al,u8 *ah,u16 d,u8 s);
+#pragma aux div_byte_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"div	bl"                  	\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	"mov	[esi],al"				\
+	"mov	[ecx],ah"				\
+	parm [edi] [esi] [ecx] [ax] [bl]\
+	modify exact [esi edi ax bl];
+
+void	div_word_asm(u32 *flags,u16 *ax,u16 *dx,u16 dlo,u16 dhi,u16 s);
+#pragma aux div_word_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"div	bx"                  	\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	"mov	[esi],ax"				\
+	"mov	[ecx],dx"				\
+	parm [edi] [esi] [ecx] [ax] [dx] [bx]\
+	modify exact [esi edi ax dx bx];
+
+void	div_long_asm(u32 *flags,u32 *eax,u32 *edx,u32 dlo,u32 dhi,u32 s);
+#pragma aux div_long_asm =			\
+	"push	[edi]"            		\
+	"popf"                         	\
+	"div	ebx"                  	\
+	"pushf"                         \
+	"pop	[edi]"            		\
+	"mov	[esi],eax"				\
+	"mov	[ecx],edx"				\
+	parm [edi] [esi] [ecx] [eax] [edx] [ebx]\
+	modify exact [esi edi eax edx ebx];
+
+#endif
+
+#endif /* __X86EMU_PRIM_ASM_H */
diff --git a/src/device/oprom/x86emu/prim_ops.c b/src/device/oprom/x86emu/prim_ops.c
new file mode 100644
index 0000000..20e7597
--- /dev/null
+++ b/src/device/oprom/x86emu/prim_ops.c
@@ -0,0 +1,2496 @@
+/****************************************************************************
+*
+*                       Realmode X86 Emulator Library
+*
+*               Copyright (C) 1991-2004 SciTech Software, Inc.
+*                    Copyright (C) David Mosberger-Tang
+*                      Copyright (C) 1999 Egbert Eich
+*
+*  ========================================================================
+*
+*  Permission to use, copy, modify, distribute, and sell this software and
+*  its documentation for any purpose is hereby granted without fee,
+*  provided that the above copyright notice appear in all copies and that
+*  both that copyright notice and this permission notice appear in
+*  supporting documentation, and that the name of the authors not be used
+*  in advertising or publicity pertaining to distribution of the software
+*  without specific, written prior permission.  The authors makes no
+*  representations about the suitability of this software for any purpose.
+*  It is provided "as is" without express or implied warranty.
+*
+*  THE AUTHORS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
+*  INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
+*  EVENT SHALL THE AUTHORS BE LIABLE FOR ANY SPECIAL, INDIRECT OR
+*  CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
+*  USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
+*  OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+*  PERFORMANCE OF THIS SOFTWARE.
+*
+*  ========================================================================
+*
+* Language:     ANSI C
+* Environment:  Any
+* Developer:    Kendall Bennett
+*
+* Description:  This file contains the code to implement the primitive
+*               machine operations used by the emulation code in ops.c
+*
+* Carry Chain Calculation
+*
+* This represents a somewhat expensive calculation which is
+* apparently required to emulate the setting of the OF and AF flag.
+* The latter is not so important, but the former is.  The overflow
+* flag is the XOR of the top two bits of the carry chain for an
+* addition (similar for subtraction).  Since we do not want to
+* simulate the addition in a bitwise manner, we try to calculate the
+* carry chain given the two operands and the result.
+*
+* So, given the following table, which represents the addition of two
+* bits, we can derive a formula for the carry chain.
+*
+* a   b   cin   r     cout
+* 0   0   0     0     0
+* 0   0   1     1     0
+* 0   1   0     1     0
+* 0   1   1     0     1
+* 1   0   0     1     0
+* 1   0   1     0     1
+* 1   1   0     0     1
+* 1   1   1     1     1
+*
+* Construction of table for cout:
+*
+* ab
+* r  \  00   01   11  10
+* |------------------
+* 0  |   0    1    1   1
+* 1  |   0    0    1   0
+*
+* By inspection, one gets:  cc = ab +  r'(a + b)
+*
+* That represents alot of operations, but NO CHOICE....
+*
+* Borrow Chain Calculation.
+*
+* The following table represents the subtraction of two bits, from
+* which we can derive a formula for the borrow chain.
+*
+* a   b   bin   r     bout
+* 0   0   0     0     0
+* 0   0   1     1     1
+* 0   1   0     1     1
+* 0   1   1     0     1
+* 1   0   0     1     0
+* 1   0   1     0     0
+* 1   1   0     0     0
+* 1   1   1     1     1
+*
+* Construction of table for cout:
+*
+* ab
+* r  \  00   01   11  10
+* |------------------
+* 0  |   0    1    0   0
+* 1  |   1    1    1   0
+*
+* By inspection, one gets:  bc = a'b +  r(a' + b)
+*
+****************************************************************************/
+
+#define PRIM_OPS_NO_REDEFINE_ASM
+#include "x86emui.h"
+
+#define abs(x) ({                               \
+                int __x = (x);                  \
+                (__x < 0) ? -__x : __x;         \
+        })
+
+#define labs(x) ({                              \
+                long __x = (x);                 \
+                (__x < 0) ? -__x : __x;         \
+        })
+
+/*------------------------- Global Variables ------------------------------*/
+
+static u32 x86emu_parity_tab[8] =
+{
+    0x96696996,
+    0x69969669,
+    0x69969669,
+    0x96696996,
+    0x69969669,
+    0x96696996,
+    0x96696996,
+    0x69969669,
+};
+
+#define PARITY(x)   (((x86emu_parity_tab[(x) / 32] >> ((x) % 32)) & 1) == 0)
+#define XOR2(x)     (((x) ^ ((x)>>1)) & 0x1)
+
+/*----------------------------- Implementation ----------------------------*/
+
+
+/*--------- Side effects helper functions -------*/
+
+/****************************************************************************
+REMARKS:
+implements side efects for byte operations that don't overflow
+****************************************************************************/
+
+static void set_parity_flag(u32 res)
+{
+    CONDITIONAL_SET_FLAG(PARITY(res & 0xFF), F_PF);
+}
+
+static void set_szp_flags_8(u8 res)
+{
+    CONDITIONAL_SET_FLAG(res & 0x80, F_SF);
+    CONDITIONAL_SET_FLAG(res == 0, F_ZF);
+    set_parity_flag(res);
+}
+
+static void set_szp_flags_16(u16 res)
+{
+    CONDITIONAL_SET_FLAG(res & 0x8000, F_SF);
+    CONDITIONAL_SET_FLAG(res == 0, F_ZF);
+    set_parity_flag(res);
+}
+
+static void set_szp_flags_32(u32 res)
+{
+    CONDITIONAL_SET_FLAG(res & 0x80000000, F_SF);
+    CONDITIONAL_SET_FLAG(res == 0, F_ZF);
+    set_parity_flag(res);
+}
+
+static void no_carry_byte_side_eff(u8 res)
+{
+    CLEAR_FLAG(F_OF);
+    CLEAR_FLAG(F_CF);
+    CLEAR_FLAG(F_AF);
+    set_szp_flags_8(res);
+}
+
+static void no_carry_word_side_eff(u16 res)
+{
+    CLEAR_FLAG(F_OF);
+    CLEAR_FLAG(F_CF);
+    CLEAR_FLAG(F_AF);
+    set_szp_flags_16(res);
+}
+
+static void no_carry_long_side_eff(u32 res)
+{
+    CLEAR_FLAG(F_OF);
+    CLEAR_FLAG(F_CF);
+    CLEAR_FLAG(F_AF);
+    set_szp_flags_32(res);
+}
+
+static void calc_carry_chain(int bits, u32 d, u32 s, u32 res, int set_carry)
+{
+    u32 cc;
+
+    cc = (s & d) | ((~res) & (s | d));
+    CONDITIONAL_SET_FLAG(XOR2(cc >> (bits - 2)), F_OF);
+    CONDITIONAL_SET_FLAG(cc & 0x8, F_AF);
+    if (set_carry) {
+        CONDITIONAL_SET_FLAG(res & (1 << bits), F_CF);
+    }
+}
+
+static void calc_borrow_chain(int bits, u32 d, u32 s, u32 res, int set_carry)
+{
+    u32 bc;
+
+    bc = (res & (~d | s)) | (~d & s);
+    CONDITIONAL_SET_FLAG(XOR2(bc >> (bits - 2)), F_OF);
+    CONDITIONAL_SET_FLAG(bc & 0x8, F_AF);
+    if (set_carry) {
+        CONDITIONAL_SET_FLAG(bc & (1 << (bits - 1)), F_CF);
+    }
+}
+
+/****************************************************************************
+REMARKS:
+Implements the AAA instruction and side effects.
+****************************************************************************/
+u16 aaa_word(u16 d)
+{
+    u16 res;
+    if ((d & 0xf) > 0x9 || ACCESS_FLAG(F_AF)) {
+        d += 0x6;
+        d += 0x100;
+        SET_FLAG(F_AF);
+        SET_FLAG(F_CF);
+    } else {
+        CLEAR_FLAG(F_CF);
+        CLEAR_FLAG(F_AF);
+    }
+    res = (u16)(d & 0xFF0F);
+    set_szp_flags_16(res);
+    return res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the AAA instruction and side effects.
+****************************************************************************/
+u16 aas_word(u16 d)
+{
+    u16 res;
+    if ((d & 0xf) > 0x9 || ACCESS_FLAG(F_AF)) {
+        d -= 0x6;
+        d -= 0x100;
+        SET_FLAG(F_AF);
+        SET_FLAG(F_CF);
+    } else {
+        CLEAR_FLAG(F_CF);
+        CLEAR_FLAG(F_AF);
+    }
+    res = (u16)(d & 0xFF0F);
+    set_szp_flags_16(res);
+    return res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the AAD instruction and side effects.
+****************************************************************************/
+u16 aad_word(u16 d)
+{
+    u16 l;
+    u8 hb, lb;
+
+    hb = (u8)((d >> 8) & 0xff);
+    lb = (u8)((d & 0xff));
+    l = (u16)((lb + 10 * hb) & 0xFF);
+
+    no_carry_byte_side_eff(l & 0xFF);
+    return l;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the AAM instruction and side effects.
+****************************************************************************/
+u16 aam_word(u8 d)
+{
+    u16 h, l;
+
+    h = (u16)(d / 10);
+    l = (u16)(d % 10);
+    l |= (u16)(h << 8);
+
+    no_carry_byte_side_eff(l & 0xFF);
+    return l;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the ADC instruction and side effects.
+****************************************************************************/
+u8 adc_byte(u8 d, u8 s)
+{
+    u32 res;   /* all operands in native machine order */
+
+    res = d + s;
+    if (ACCESS_FLAG(F_CF)) res++;
+
+    set_szp_flags_8(res);
+    calc_carry_chain(8,s,d,res,1);
+
+    return (u8)res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the ADC instruction and side effects.
+****************************************************************************/
+u16 adc_word(u16 d, u16 s)
+{
+    u32 res;   /* all operands in native machine order */
+
+    res = d + s;
+    if (ACCESS_FLAG(F_CF))
+        res++;
+
+    set_szp_flags_16((u16)res);
+    calc_carry_chain(16,s,d,res,1);
+
+    return (u16)res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the ADC instruction and side effects.
+****************************************************************************/
+u32 adc_long(u32 d, u32 s)
+{
+    u32 lo;    /* all operands in native machine order */
+    u32 hi;
+    u32 res;
+
+    lo = (d & 0xFFFF) + (s & 0xFFFF);
+    res = d + s;
+
+    if (ACCESS_FLAG(F_CF)) {
+        lo++;
+        res++;
+    }
+
+    hi = (lo >> 16) + (d >> 16) + (s >> 16);
+
+    set_szp_flags_32(res);
+    calc_carry_chain(32,s,d,res,0);
+
+    CONDITIONAL_SET_FLAG(hi & 0x10000, F_CF);
+
+    return res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the ADD instruction and side effects.
+****************************************************************************/
+u8 add_byte(u8 d, u8 s)
+{
+    u32 res;   /* all operands in native machine order */
+
+    res = d + s;
+    set_szp_flags_8((u8)res);
+    calc_carry_chain(8,s,d,res,1);
+
+    return (u8)res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the ADD instruction and side effects.
+****************************************************************************/
+u16 add_word(u16 d, u16 s)
+{
+    u32 res;   /* all operands in native machine order */
+
+    res = d + s;
+    set_szp_flags_16((u16)res);
+    calc_carry_chain(16,s,d,res,1);
+
+    return (u16)res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the ADD instruction and side effects.
+****************************************************************************/
+u32 add_long(u32 d, u32 s)
+{
+    u32 res;
+
+    res = d + s;
+    set_szp_flags_32(res);
+    calc_carry_chain(32,s,d,res,0);
+
+    CONDITIONAL_SET_FLAG(res < d || res < s, F_CF);
+
+    return res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the AND instruction and side effects.
+****************************************************************************/
+u8 and_byte(u8 d, u8 s)
+{
+    u8 res;    /* all operands in native machine order */
+
+    res = d & s;
+
+    no_carry_byte_side_eff(res);
+    return res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the AND instruction and side effects.
+****************************************************************************/
+u16 and_word(u16 d, u16 s)
+{
+    u16 res;   /* all operands in native machine order */
+
+    res = d & s;
+
+    no_carry_word_side_eff(res);
+    return res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the AND instruction and side effects.
+****************************************************************************/
+u32 and_long(u32 d, u32 s)
+{
+    u32 res;   /* all operands in native machine order */
+
+    res = d & s;
+    no_carry_long_side_eff(res);
+    return res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the CMP instruction and side effects.
+****************************************************************************/
+u8 cmp_byte(u8 d, u8 s)
+{
+    u32 res;   /* all operands in native machine order */
+
+    res = d - s;
+    set_szp_flags_8((u8)res);
+    calc_borrow_chain(8, d, s, res, 1);
+
+    return d;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the CMP instruction and side effects.
+****************************************************************************/
+u16 cmp_word(u16 d, u16 s)
+{
+    u32 res;   /* all operands in native machine order */
+
+    res = d - s;
+    set_szp_flags_16((u16)res);
+    calc_borrow_chain(16, d, s, res, 1);
+
+    return d;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the CMP instruction and side effects.
+****************************************************************************/
+u32 cmp_long(u32 d, u32 s)
+{
+    u32 res;   /* all operands in native machine order */
+
+    res = d - s;
+    set_szp_flags_32(res);
+    calc_borrow_chain(32, d, s, res, 1);
+
+    return d;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the DAA instruction and side effects.
+****************************************************************************/
+u8 daa_byte(u8 d)
+{
+    u32 res = d;
+    if ((d & 0xf) > 9 || ACCESS_FLAG(F_AF)) {
+        res += 6;
+        SET_FLAG(F_AF);
+    }
+    if (res > 0x9F || ACCESS_FLAG(F_CF)) {
+        res += 0x60;
+        SET_FLAG(F_CF);
+    }
+    set_szp_flags_8((u8)res);
+    return (u8)res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the DAS instruction and side effects.
+****************************************************************************/
+u8 das_byte(u8 d)
+{
+    if ((d & 0xf) > 9 || ACCESS_FLAG(F_AF)) {
+        d -= 6;
+        SET_FLAG(F_AF);
+    }
+    if (d > 0x9F || ACCESS_FLAG(F_CF)) {
+        d -= 0x60;
+        SET_FLAG(F_CF);
+    }
+    set_szp_flags_8(d);
+    return d;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the DEC instruction and side effects.
+****************************************************************************/
+u8 dec_byte(u8 d)
+{
+    u32 res;   /* all operands in native machine order */
+
+    res = d - 1;
+    set_szp_flags_8((u8)res);
+    calc_borrow_chain(8, d, 1, res, 0);
+
+    return (u8)res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the DEC instruction and side effects.
+****************************************************************************/
+u16 dec_word(u16 d)
+{
+    u32 res;   /* all operands in native machine order */
+
+    res = d - 1;
+    set_szp_flags_16((u16)res);
+    calc_borrow_chain(16, d, 1, res, 0);
+
+    return (u16)res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the DEC instruction and side effects.
+****************************************************************************/
+u32 dec_long(u32 d)
+{
+    u32 res;   /* all operands in native machine order */
+
+    res = d - 1;
+
+    set_szp_flags_32(res);
+    calc_borrow_chain(32, d, 1, res, 0);
+
+    return res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the INC instruction and side effects.
+****************************************************************************/
+u8 inc_byte(u8 d)
+{
+    u32 res;   /* all operands in native machine order */
+
+    res = d + 1;
+    set_szp_flags_8((u8)res);
+    calc_carry_chain(8, d, 1, res, 0);
+
+    return (u8)res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the INC instruction and side effects.
+****************************************************************************/
+u16 inc_word(u16 d)
+{
+    u32 res;   /* all operands in native machine order */
+
+    res = d + 1;
+    set_szp_flags_16((u16)res);
+    calc_carry_chain(16, d, 1, res, 0);
+
+    return (u16)res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the INC instruction and side effects.
+****************************************************************************/
+u32 inc_long(u32 d)
+{
+    u32 res;   /* all operands in native machine order */
+
+    res = d + 1;
+    set_szp_flags_32(res);
+    calc_carry_chain(32, d, 1, res, 0);
+
+    return res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the OR instruction and side effects.
+****************************************************************************/
+u8 or_byte(u8 d, u8 s)
+{
+    u8 res;    /* all operands in native machine order */
+
+    res = d | s;
+    no_carry_byte_side_eff(res);
+
+    return res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the OR instruction and side effects.
+****************************************************************************/
+u16 or_word(u16 d, u16 s)
+{
+    u16 res;   /* all operands in native machine order */
+
+    res = d | s;
+    no_carry_word_side_eff(res);
+    return res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the OR instruction and side effects.
+****************************************************************************/
+u32 or_long(u32 d, u32 s)
+{
+    u32 res;   /* all operands in native machine order */
+
+    res = d | s;
+    no_carry_long_side_eff(res);
+    return res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the OR instruction and side effects.
+****************************************************************************/
+u8 neg_byte(u8 s)
+{
+    u8 res;
+
+    CONDITIONAL_SET_FLAG(s != 0, F_CF);
+    res = (u8)-s;
+    set_szp_flags_8(res);
+    calc_borrow_chain(8, 0, s, res, 0);
+
+    return res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the OR instruction and side effects.
+****************************************************************************/
+u16 neg_word(u16 s)
+{
+    u16 res;
+
+    CONDITIONAL_SET_FLAG(s != 0, F_CF);
+    res = (u16)-s;
+    set_szp_flags_16((u16)res);
+    calc_borrow_chain(16, 0, s, res, 0);
+
+    return res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the OR instruction and side effects.
+****************************************************************************/
+u32 neg_long(u32 s)
+{
+    u32 res;
+
+    CONDITIONAL_SET_FLAG(s != 0, F_CF);
+    res = (u32)-s;
+    set_szp_flags_32(res);
+    calc_borrow_chain(32, 0, s, res, 0);
+
+    return res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the NOT instruction and side effects.
+****************************************************************************/
+u8 not_byte(u8 s)
+{
+    return ~s;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the NOT instruction and side effects.
+****************************************************************************/
+u16 not_word(u16 s)
+{
+    return ~s;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the NOT instruction and side effects.
+****************************************************************************/
+u32 not_long(u32 s)
+{
+    return ~s;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the RCL instruction and side effects.
+****************************************************************************/
+u8 rcl_byte(u8 d, u8 s)
+{
+    unsigned int res, cnt, mask, cf;
+
+    /* s is the rotate distance.  It varies from 0 - 8. */
+    /* have
+
+       CF  B_7 B_6 B_5 B_4 B_3 B_2 B_1 B_0
+
+       want to rotate through the carry by "s" bits.  We could
+       loop, but that's inefficient.  So the width is 9,
+       and we split into three parts:
+
+       The new carry flag   (was B_n)
+       the stuff in B_n-1 .. B_0
+       the stuff in B_7 .. B_n+1
+
+       The new rotate is done mod 9, and given this,
+       for a rotation of n bits (mod 9) the new carry flag is
+       then located n bits from the MSB.  The low part is
+       then shifted up cnt bits, and the high part is or'd
+       in.  Using CAPS for new values, and lowercase for the
+       original values, this can be expressed as:
+
+       IF n > 0
+       1) CF <-  b_(8-n)
+       2) B_(7) .. B_(n)  <-  b_(8-(n+1)) .. b_0
+       3) B_(n-1) <- cf
+       4) B_(n-2) .. B_0 <-  b_7 .. b_(8-(n-1))
+     */
+    res = d;
+    if ((cnt = s % 9) != 0) {
+        /* extract the new CARRY FLAG. */
+        /* CF <-  b_(8-n)             */
+        cf = (d >> (8 - cnt)) & 0x1;
+
+        /* get the low stuff which rotated
+           into the range B_7 .. B_cnt */
+        /* B_(7) .. B_(n)  <-  b_(8-(n+1)) .. b_0  */
+        /* note that the right hand side done by the mask */
+        res = (d << cnt) & 0xff;
+
+        /* now the high stuff which rotated around
+           into the positions B_cnt-2 .. B_0 */
+        /* B_(n-2) .. B_0 <-  b_7 .. b_(8-(n-1)) */
+        /* shift it downward, 7-(n-2) = 9-n positions.
+           and mask off the result before or'ing in.
+         */
+        mask = (1 << (cnt - 1)) - 1;
+        res |= (d >> (9 - cnt)) & mask;
+
+        /* if the carry flag was set, or it in.  */
+        if (ACCESS_FLAG(F_CF)) {     /* carry flag is set */
+            /*  B_(n-1) <- cf */
+            res |= 1 << (cnt - 1);
+        }
+        /* set the new carry flag, based on the variable "cf" */
+        CONDITIONAL_SET_FLAG(cf, F_CF);
+        /* OVERFLOW is set *IFF* cnt==1, then it is the
+           xor of CF and the most significant bit.  Blecck. */
+        /* parenthesized this expression since it appears to
+           be causing OF to be misset */
+        CONDITIONAL_SET_FLAG(cnt == 1 && XOR2(cf + ((res >> 6) & 0x2)),
+                             F_OF);
+
+    }
+    return (u8)res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the RCL instruction and side effects.
+****************************************************************************/
+u16 rcl_word(u16 d, u8 s)
+{
+    unsigned int res, cnt, mask, cf;
+
+    res = d;
+    if ((cnt = s % 17) != 0) {
+        cf = (d >> (16 - cnt)) & 0x1;
+        res = (d << cnt) & 0xffff;
+        mask = (1 << (cnt - 1)) - 1;
+        res |= (d >> (17 - cnt)) & mask;
+        if (ACCESS_FLAG(F_CF)) {
+            res |= 1 << (cnt - 1);
+        }
+        CONDITIONAL_SET_FLAG(cf, F_CF);
+        CONDITIONAL_SET_FLAG(cnt == 1 && XOR2(cf + ((res >> 14) & 0x2)),
+                             F_OF);
+    }
+    return (u16)res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the RCL instruction and side effects.
+****************************************************************************/
+u32 rcl_long(u32 d, u8 s)
+{
+    u32 res, cnt, mask, cf;
+
+    res = d;
+    if ((cnt = s % 33) != 0) {
+        cf = (d >> (32 - cnt)) & 0x1;
+        res = (d << cnt) & 0xffffffff;
+        mask = (1 << (cnt - 1)) - 1;
+        res |= (d >> (33 - cnt)) & mask;
+        if (ACCESS_FLAG(F_CF)) {     /* carry flag is set */
+            res |= 1 << (cnt - 1);
+        }
+        CONDITIONAL_SET_FLAG(cf, F_CF);
+        CONDITIONAL_SET_FLAG(cnt == 1 && XOR2(cf + ((res >> 30) & 0x2)),
+                             F_OF);
+    }
+    return res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the RCR instruction and side effects.
+****************************************************************************/
+u8 rcr_byte(u8 d, u8 s)
+{
+    u32 res, cnt;
+    u32 mask, cf, ocf = 0;
+
+    /* rotate right through carry */
+    /*
+       s is the rotate distance.  It varies from 0 - 8.
+       d is the byte object rotated.
+
+       have
+
+       CF  B_7 B_6 B_5 B_4 B_3 B_2 B_1 B_0
+
+       The new rotate is done mod 9, and given this,
+       for a rotation of n bits (mod 9) the new carry flag is
+       then located n bits from the LSB.  The low part is
+       then shifted up cnt bits, and the high part is or'd
+       in.  Using CAPS for new values, and lowercase for the
+       original values, this can be expressed as:
+
+       IF n > 0
+       1) CF <-  b_(n-1)
+       2) B_(8-(n+1)) .. B_(0)  <-  b_(7) .. b_(n)
+       3) B_(8-n) <- cf
+       4) B_(7) .. B_(8-(n-1)) <-  b_(n-2) .. b_(0)
+     */
+    res = d;
+    if ((cnt = s % 9) != 0) {
+        /* extract the new CARRY FLAG. */
+        /* CF <-  b_(n-1)              */
+        if (cnt == 1) {
+            cf = d & 0x1;
+            /* note hackery here.  Access_flag(..) evaluates to either
+               0 if flag not set
+               non-zero if flag is set.
+               doing access_flag(..) != 0 casts that into either
+               0..1 in any representation of the flags register
+               (i.e. packed bit array or unpacked.)
+             */
+            ocf = ACCESS_FLAG(F_CF) != 0;
+        } else
+            cf = (d >> (cnt - 1)) & 0x1;
+
+        /* B_(8-(n+1)) .. B_(0)  <-  b_(7) .. b_n  */
+        /* note that the right hand side done by the mask
+           This is effectively done by shifting the
+           object to the right.  The result must be masked,
+           in case the object came in and was treated
+           as a negative number.  Needed??? */
+
+        mask = (1 << (8 - cnt)) - 1;
+        res = (d >> cnt) & mask;
+
+        /* now the high stuff which rotated around
+           into the positions B_cnt-2 .. B_0 */
+        /* B_(7) .. B_(8-(n-1)) <-  b_(n-2) .. b_(0) */
+        /* shift it downward, 7-(n-2) = 9-n positions.
+           and mask off the result before or'ing in.
+         */
+        res |= (d << (9 - cnt));
+
+        /* if the carry flag was set, or it in.  */
+        if (ACCESS_FLAG(F_CF)) {     /* carry flag is set */
+            /*  B_(8-n) <- cf */
+            res |= 1 << (8 - cnt);
+        }
+        /* set the new carry flag, based on the variable "cf" */
+        CONDITIONAL_SET_FLAG(cf, F_CF);
+        /* OVERFLOW is set *IFF* cnt==1, then it is the
+           xor of CF and the most significant bit.  Blecck. */
+        /* parenthesized... */
+        if (cnt == 1) {
+            CONDITIONAL_SET_FLAG(XOR2(ocf + ((d >> 6) & 0x2)),
+                                 F_OF);
+        }
+    }
+    return (u8)res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the RCR instruction and side effects.
+****************************************************************************/
+u16 rcr_word(u16 d, u8 s)
+{
+    u32 res, cnt;
+    u32 mask, cf, ocf = 0;
+
+    /* rotate right through carry */
+    res = d;
+    if ((cnt = s % 17) != 0) {
+        if (cnt == 1) {
+            cf = d & 0x1;
+            ocf = ACCESS_FLAG(F_CF) != 0;
+        } else
+            cf = (d >> (cnt - 1)) & 0x1;
+        mask = (1 << (16 - cnt)) - 1;
+        res = (d >> cnt) & mask;
+        res |= (d << (17 - cnt));
+        if (ACCESS_FLAG(F_CF)) {
+            res |= 1 << (16 - cnt);
+        }
+        CONDITIONAL_SET_FLAG(cf, F_CF);
+        if (cnt == 1) {
+            CONDITIONAL_SET_FLAG(XOR2(ocf + ((d >> 14) & 0x2)),
+                                 F_OF);
+        }
+    }
+    return (u16)res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the RCR instruction and side effects.
+****************************************************************************/
+u32 rcr_long(u32 d, u8 s)
+{
+    u32 res, cnt;
+    u32 mask, cf, ocf = 0;
+
+    /* rotate right through carry */
+    res = d;
+    if ((cnt = s % 33) != 0) {
+        if (cnt == 1) {
+            cf = d & 0x1;
+            ocf = ACCESS_FLAG(F_CF) != 0;
+        } else
+            cf = (d >> (cnt - 1)) & 0x1;
+        mask = (1 << (32 - cnt)) - 1;
+        res = (d >> cnt) & mask;
+        if (cnt != 1)
+            res |= (d << (33 - cnt));
+        if (ACCESS_FLAG(F_CF)) {     /* carry flag is set */
+            res |= 1 << (32 - cnt);
+        }
+        CONDITIONAL_SET_FLAG(cf, F_CF);
+        if (cnt == 1) {
+            CONDITIONAL_SET_FLAG(XOR2(ocf + ((d >> 30) & 0x2)),
+                                 F_OF);
+        }
+    }
+    return res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the ROL instruction and side effects.
+****************************************************************************/
+u8 rol_byte(u8 d, u8 s)
+{
+    unsigned int res, cnt, mask;
+
+    /* rotate left */
+    /*
+       s is the rotate distance.  It varies from 0 - 8.
+       d is the byte object rotated.
+
+       have
+
+       CF  B_7 ... B_0
+
+       The new rotate is done mod 8.
+       Much simpler than the "rcl" or "rcr" operations.
+
+       IF n > 0
+       1) B_(7) .. B_(n)  <-  b_(8-(n+1)) .. b_(0)
+       2) B_(n-1) .. B_(0) <-  b_(7) .. b_(8-n)
+     */
+    res = d;
+    if ((cnt = s % 8) != 0) {
+        /* B_(7) .. B_(n)  <-  b_(8-(n+1)) .. b_(0) */
+        res = (d << cnt);
+
+        /* B_(n-1) .. B_(0) <-  b_(7) .. b_(8-n) */
+        mask = (1 << cnt) - 1;
+        res |= (d >> (8 - cnt)) & mask;
+
+        /* set the new carry flag, Note that it is the low order
+           bit of the result!!!                               */
+        CONDITIONAL_SET_FLAG(res & 0x1, F_CF);
+        /* OVERFLOW is set *IFF* s==1, then it is the
+           xor of CF and the most significant bit.  Blecck. */
+        CONDITIONAL_SET_FLAG(s == 1 &&
+                             XOR2((res & 0x1) + ((res >> 6) & 0x2)),
+                             F_OF);
+    } if (s != 0) {
+        /* set the new carry flag, Note that it is the low order
+           bit of the result!!!                               */
+        CONDITIONAL_SET_FLAG(res & 0x1, F_CF);
+    }
+    return (u8)res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the ROL instruction and side effects.
+****************************************************************************/
+u16 rol_word(u16 d, u8 s)
+{
+    unsigned int res, cnt, mask;
+
+    res = d;
+    if ((cnt = s % 16) != 0) {
+        res = (d << cnt);
+        mask = (1 << cnt) - 1;
+        res |= (d >> (16 - cnt)) & mask;
+        CONDITIONAL_SET_FLAG(res & 0x1, F_CF);
+        CONDITIONAL_SET_FLAG(s == 1 &&
+                             XOR2((res & 0x1) + ((res >> 14) & 0x2)),
+                             F_OF);
+    } if (s != 0) {
+        /* set the new carry flag, Note that it is the low order
+           bit of the result!!!                               */
+        CONDITIONAL_SET_FLAG(res & 0x1, F_CF);
+    }
+    return (u16)res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the ROL instruction and side effects.
+****************************************************************************/
+u32 rol_long(u32 d, u8 s)
+{
+    u32 res, cnt, mask;
+
+    res = d;
+    if ((cnt = s % 32) != 0) {
+        res = (d << cnt);
+        mask = (1 << cnt) - 1;
+        res |= (d >> (32 - cnt)) & mask;
+        CONDITIONAL_SET_FLAG(res & 0x1, F_CF);
+        CONDITIONAL_SET_FLAG(s == 1 &&
+                             XOR2((res & 0x1) + ((res >> 30) & 0x2)),
+                             F_OF);
+    } if (s != 0) {
+        /* set the new carry flag, Note that it is the low order
+           bit of the result!!!                               */
+        CONDITIONAL_SET_FLAG(res & 0x1, F_CF);
+    }
+    return res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the ROR instruction and side effects.
+****************************************************************************/
+u8 ror_byte(u8 d, u8 s)
+{
+    unsigned int res, cnt, mask;
+
+    /* rotate right */
+    /*
+       s is the rotate distance.  It varies from 0 - 8.
+       d is the byte object rotated.
+
+       have
+
+       B_7 ... B_0
+
+       The rotate is done mod 8.
+
+       IF n > 0
+       1) B_(8-(n+1)) .. B_(0)  <-  b_(7) .. b_(n)
+       2) B_(7) .. B_(8-n) <-  b_(n-1) .. b_(0)
+     */
+    res = d;
+    if ((cnt = s % 8) != 0) {           /* not a typo, do nada if cnt==0 */
+        /* B_(7) .. B_(8-n) <-  b_(n-1) .. b_(0) */
+        res = (d << (8 - cnt));
+
+        /* B_(8-(n+1)) .. B_(0)  <-  b_(7) .. b_(n) */
+        mask = (1 << (8 - cnt)) - 1;
+        res |= (d >> (cnt)) & mask;
+
+        /* set the new carry flag, Note that it is the low order
+           bit of the result!!!                               */
+        CONDITIONAL_SET_FLAG(res & 0x80, F_CF);
+        /* OVERFLOW is set *IFF* s==1, then it is the
+           xor of the two most significant bits.  Blecck. */
+        CONDITIONAL_SET_FLAG(s == 1 && XOR2(res >> 6), F_OF);
+    } else if (s != 0) {
+        /* set the new carry flag, Note that it is the low order
+           bit of the result!!!                               */
+        CONDITIONAL_SET_FLAG(res & 0x80, F_CF);
+    }
+    return (u8)res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the ROR instruction and side effects.
+****************************************************************************/
+u16 ror_word(u16 d, u8 s)
+{
+    unsigned int res, cnt, mask;
+
+    res = d;
+    if ((cnt = s % 16) != 0) {
+        res = (d << (16 - cnt));
+        mask = (1 << (16 - cnt)) - 1;
+        res |= (d >> (cnt)) & mask;
+        CONDITIONAL_SET_FLAG(res & 0x8000, F_CF);
+        CONDITIONAL_SET_FLAG(s == 1 && XOR2(res >> 14), F_OF);
+    } else if (s != 0) {
+        /* set the new carry flag, Note that it is the low order
+           bit of the result!!!                               */
+        CONDITIONAL_SET_FLAG(res & 0x8000, F_CF);
+    }
+    return (u16)res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the ROR instruction and side effects.
+****************************************************************************/
+u32 ror_long(u32 d, u8 s)
+{
+    u32 res, cnt, mask;
+
+    res = d;
+    if ((cnt = s % 32) != 0) {
+        res = (d << (32 - cnt));
+        mask = (1 << (32 - cnt)) - 1;
+        res |= (d >> (cnt)) & mask;
+        CONDITIONAL_SET_FLAG(res & 0x80000000, F_CF);
+        CONDITIONAL_SET_FLAG(s == 1 && XOR2(res >> 30), F_OF);
+    } else if (s != 0) {
+        /* set the new carry flag, Note that it is the low order
+           bit of the result!!!                               */
+        CONDITIONAL_SET_FLAG(res & 0x80000000, F_CF);
+    }
+    return res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the SHL instruction and side effects.
+****************************************************************************/
+u8 shl_byte(u8 d, u8 s)
+{
+    unsigned int cnt, res, cf;
+
+    if (s < 8) {
+        cnt = s % 8;
+
+        /* last bit shifted out goes into carry flag */
+        if (cnt > 0) {
+            res = d << cnt;
+            cf = d & (1 << (8 - cnt));
+            CONDITIONAL_SET_FLAG(cf, F_CF);
+            set_szp_flags_8((u8)res);
+        } else {
+            res = (u8) d;
+        }
+
+        if (cnt == 1) {
+            /* Needs simplification. */
+            CONDITIONAL_SET_FLAG(
+                                    (((res & 0x80) == 0x80) ^
+                                     (ACCESS_FLAG(F_CF) != 0)),
+            /* was (M.x86.R_FLG&F_CF)==F_CF)), */
+                                    F_OF);
+        } else {
+            CLEAR_FLAG(F_OF);
+        }
+    } else {
+        res = 0;
+        CONDITIONAL_SET_FLAG((d << (s-1)) & 0x80, F_CF);
+        CLEAR_FLAG(F_OF);
+        CLEAR_FLAG(F_SF);
+        SET_FLAG(F_PF);
+        SET_FLAG(F_ZF);
+    }
+    return (u8)res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the SHL instruction and side effects.
+****************************************************************************/
+u16 shl_word(u16 d, u8 s)
+{
+    unsigned int cnt, res, cf;
+
+    if (s < 16) {
+        cnt = s % 16;
+        if (cnt > 0) {
+            res = d << cnt;
+            cf = d & (1 << (16 - cnt));
+            CONDITIONAL_SET_FLAG(cf, F_CF);
+            set_szp_flags_16((u16)res);
+        } else {
+            res = (u16) d;
+        }
+
+        if (cnt == 1) {
+            CONDITIONAL_SET_FLAG(
+                                    (((res & 0x8000) == 0x8000) ^
+                                     (ACCESS_FLAG(F_CF) != 0)),
+                                    F_OF);
+        } else {
+            CLEAR_FLAG(F_OF);
+        }
+    } else {
+        res = 0;
+        CONDITIONAL_SET_FLAG((d << (s-1)) & 0x8000, F_CF);
+        CLEAR_FLAG(F_OF);
+        CLEAR_FLAG(F_SF);
+        SET_FLAG(F_PF);
+        SET_FLAG(F_ZF);
+    }
+    return (u16)res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the SHL instruction and side effects.
+****************************************************************************/
+u32 shl_long(u32 d, u8 s)
+{
+    unsigned int cnt, res, cf;
+
+    if (s < 32) {
+        cnt = s % 32;
+        if (cnt > 0) {
+            res = d << cnt;
+            cf = d & (1 << (32 - cnt));
+            CONDITIONAL_SET_FLAG(cf, F_CF);
+            set_szp_flags_32((u32)res);
+        } else {
+            res = d;
+        }
+        if (cnt == 1) {
+            CONDITIONAL_SET_FLAG((((res & 0x80000000) == 0x80000000) ^
+                                  (ACCESS_FLAG(F_CF) != 0)), F_OF);
+        } else {
+            CLEAR_FLAG(F_OF);
+        }
+    } else {
+        res = 0;
+        CONDITIONAL_SET_FLAG((d << (s-1)) & 0x80000000, F_CF);
+        CLEAR_FLAG(F_OF);
+        CLEAR_FLAG(F_SF);
+        SET_FLAG(F_PF);
+        SET_FLAG(F_ZF);
+    }
+    return res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the SHR instruction and side effects.
+****************************************************************************/
+u8 shr_byte(u8 d, u8 s)
+{
+    unsigned int cnt, res, cf;
+
+    if (s < 8) {
+        cnt = s % 8;
+        if (cnt > 0) {
+            cf = d & (1 << (cnt - 1));
+            res = d >> cnt;
+            CONDITIONAL_SET_FLAG(cf, F_CF);
+            set_szp_flags_8((u8)res);
+        } else {
+            res = (u8) d;
+        }
+
+        if (cnt == 1) {
+            CONDITIONAL_SET_FLAG(XOR2(res >> 6), F_OF);
+        } else {
+            CLEAR_FLAG(F_OF);
+        }
+    } else {
+        res = 0;
+        CONDITIONAL_SET_FLAG((d >> (s-1)) & 0x1, F_CF);
+        CLEAR_FLAG(F_OF);
+        CLEAR_FLAG(F_SF);
+        SET_FLAG(F_PF);
+        SET_FLAG(F_ZF);
+    }
+    return (u8)res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the SHR instruction and side effects.
+****************************************************************************/
+u16 shr_word(u16 d, u8 s)
+{
+    unsigned int cnt, res, cf;
+
+    if (s < 16) {
+        cnt = s % 16;
+        if (cnt > 0) {
+            cf = d & (1 << (cnt - 1));
+            res = d >> cnt;
+            CONDITIONAL_SET_FLAG(cf, F_CF);
+            set_szp_flags_16((u16)res);
+        } else {
+            res = d;
+        }
+
+        if (cnt == 1) {
+            CONDITIONAL_SET_FLAG(XOR2(res >> 14), F_OF);
+        } else {
+            CLEAR_FLAG(F_OF);
+        }
+    } else {
+        res = 0;
+        CLEAR_FLAG(F_CF);
+        CLEAR_FLAG(F_OF);
+        SET_FLAG(F_ZF);
+        CLEAR_FLAG(F_SF);
+        CLEAR_FLAG(F_PF);
+    }
+    return (u16)res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the SHR instruction and side effects.
+****************************************************************************/
+u32 shr_long(u32 d, u8 s)
+{
+    unsigned int cnt, res, cf;
+
+    if (s < 32) {
+        cnt = s % 32;
+        if (cnt > 0) {
+            cf = d & (1 << (cnt - 1));
+            res = d >> cnt;
+            CONDITIONAL_SET_FLAG(cf, F_CF);
+            set_szp_flags_32((u32)res);
+        } else {
+            res = d;
+        }
+        if (cnt == 1) {
+            CONDITIONAL_SET_FLAG(XOR2(res >> 30), F_OF);
+        } else {
+            CLEAR_FLAG(F_OF);
+        }
+    } else {
+        res = 0;
+        CLEAR_FLAG(F_CF);
+        CLEAR_FLAG(F_OF);
+        SET_FLAG(F_ZF);
+        CLEAR_FLAG(F_SF);
+        CLEAR_FLAG(F_PF);
+    }
+    return res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the SAR instruction and side effects.
+****************************************************************************/
+u8 sar_byte(u8 d, u8 s)
+{
+    unsigned int cnt, res, cf, mask, sf;
+
+    res = d;
+    sf = d & 0x80;
+    cnt = s % 8;
+    if (cnt > 0 && cnt < 8) {
+        mask = (1 << (8 - cnt)) - 1;
+        cf = d & (1 << (cnt - 1));
+        res = (d >> cnt) & mask;
+        CONDITIONAL_SET_FLAG(cf, F_CF);
+        if (sf) {
+            res |= ~mask;
+        }
+        set_szp_flags_8((u8)res);
+    } else if (cnt >= 8) {
+        if (sf) {
+            res = 0xff;
+            SET_FLAG(F_CF);
+            CLEAR_FLAG(F_ZF);
+            SET_FLAG(F_SF);
+            SET_FLAG(F_PF);
+        } else {
+            res = 0;
+            CLEAR_FLAG(F_CF);
+            SET_FLAG(F_ZF);
+            CLEAR_FLAG(F_SF);
+            CLEAR_FLAG(F_PF);
+        }
+    }
+    return (u8)res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the SAR instruction and side effects.
+****************************************************************************/
+u16 sar_word(u16 d, u8 s)
+{
+    unsigned int cnt, res, cf, mask, sf;
+
+    sf = d & 0x8000;
+    cnt = s % 16;
+    res = d;
+    if (cnt > 0 && cnt < 16) {
+        mask = (1 << (16 - cnt)) - 1;
+        cf = d & (1 << (cnt - 1));
+        res = (d >> cnt) & mask;
+        CONDITIONAL_SET_FLAG(cf, F_CF);
+        if (sf) {
+            res |= ~mask;
+        }
+        set_szp_flags_16((u16)res);
+    } else if (cnt >= 16) {
+        if (sf) {
+            res = 0xffff;
+            SET_FLAG(F_CF);
+            CLEAR_FLAG(F_ZF);
+            SET_FLAG(F_SF);
+            SET_FLAG(F_PF);
+        } else {
+            res = 0;
+            CLEAR_FLAG(F_CF);
+            SET_FLAG(F_ZF);
+            CLEAR_FLAG(F_SF);
+            CLEAR_FLAG(F_PF);
+        }
+    }
+    return (u16)res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the SAR instruction and side effects.
+****************************************************************************/
+u32 sar_long(u32 d, u8 s)
+{
+    u32 cnt, res, cf, mask, sf;
+
+    sf = d & 0x80000000;
+    cnt = s % 32;
+    res = d;
+    if (cnt > 0 && cnt < 32) {
+        mask = (1 << (32 - cnt)) - 1;
+        cf = d & (1 << (cnt - 1));
+        res = (d >> cnt) & mask;
+        CONDITIONAL_SET_FLAG(cf, F_CF);
+        if (sf) {
+            res |= ~mask;
+        }
+        set_szp_flags_32(res);
+    } else if (cnt >= 32) {
+        if (sf) {
+            res = 0xffffffff;
+            SET_FLAG(F_CF);
+            CLEAR_FLAG(F_ZF);
+            SET_FLAG(F_SF);
+            SET_FLAG(F_PF);
+        } else {
+            res = 0;
+            CLEAR_FLAG(F_CF);
+            SET_FLAG(F_ZF);
+            CLEAR_FLAG(F_SF);
+            CLEAR_FLAG(F_PF);
+        }
+    }
+    return res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the SHLD instruction and side effects.
+****************************************************************************/
+u16 shld_word (u16 d, u16 fill, u8 s)
+{
+    unsigned int cnt, res, cf;
+
+    if (s < 16) {
+        cnt = s % 16;
+        if (cnt > 0) {
+            res = (d << cnt) | (fill >> (16-cnt));
+            cf = d & (1 << (16 - cnt));
+            CONDITIONAL_SET_FLAG(cf, F_CF);
+            set_szp_flags_16((u16)res);
+        } else {
+            res = d;
+        }
+        if (cnt == 1) {
+            CONDITIONAL_SET_FLAG((((res & 0x8000) == 0x8000) ^
+                                  (ACCESS_FLAG(F_CF) != 0)), F_OF);
+        } else {
+            CLEAR_FLAG(F_OF);
+        }
+    } else {
+        res = 0;
+        CONDITIONAL_SET_FLAG((d << (s-1)) & 0x8000, F_CF);
+        CLEAR_FLAG(F_OF);
+        CLEAR_FLAG(F_SF);
+        SET_FLAG(F_PF);
+        SET_FLAG(F_ZF);
+    }
+    return (u16)res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the SHLD instruction and side effects.
+****************************************************************************/
+u32 shld_long (u32 d, u32 fill, u8 s)
+{
+    unsigned int cnt, res, cf;
+
+    if (s < 32) {
+        cnt = s % 32;
+        if (cnt > 0) {
+            res = (d << cnt) | (fill >> (32-cnt));
+            cf = d & (1 << (32 - cnt));
+            CONDITIONAL_SET_FLAG(cf, F_CF);
+            set_szp_flags_32((u32)res);
+        } else {
+            res = d;
+        }
+        if (cnt == 1) {
+            CONDITIONAL_SET_FLAG((((res & 0x80000000) == 0x80000000) ^
+                                  (ACCESS_FLAG(F_CF) != 0)), F_OF);
+        } else {
+            CLEAR_FLAG(F_OF);
+        }
+    } else {
+        res = 0;
+        CONDITIONAL_SET_FLAG((d << (s-1)) & 0x80000000, F_CF);
+        CLEAR_FLAG(F_OF);
+        CLEAR_FLAG(F_SF);
+        SET_FLAG(F_PF);
+        SET_FLAG(F_ZF);
+    }
+    return res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the SHRD instruction and side effects.
+****************************************************************************/
+u16 shrd_word (u16 d, u16 fill, u8 s)
+{
+    unsigned int cnt, res, cf;
+
+    if (s < 16) {
+        cnt = s % 16;
+        if (cnt > 0) {
+            cf = d & (1 << (cnt - 1));
+            res = (d >> cnt) | (fill << (16 - cnt));
+            CONDITIONAL_SET_FLAG(cf, F_CF);
+            set_szp_flags_16((u16)res);
+        } else {
+            res = d;
+        }
+
+        if (cnt == 1) {
+            CONDITIONAL_SET_FLAG(XOR2(res >> 14), F_OF);
+        } else {
+            CLEAR_FLAG(F_OF);
+        }
+    } else {
+        res = 0;
+        CLEAR_FLAG(F_CF);
+        CLEAR_FLAG(F_OF);
+        SET_FLAG(F_ZF);
+        CLEAR_FLAG(F_SF);
+        CLEAR_FLAG(F_PF);
+    }
+    return (u16)res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the SHRD instruction and side effects.
+****************************************************************************/
+u32 shrd_long (u32 d, u32 fill, u8 s)
+{
+    unsigned int cnt, res, cf;
+
+    if (s < 32) {
+        cnt = s % 32;
+        if (cnt > 0) {
+            cf = d & (1 << (cnt - 1));
+            res = (d >> cnt) | (fill << (32 - cnt));
+            CONDITIONAL_SET_FLAG(cf, F_CF);
+            set_szp_flags_32((u32)res);
+        } else {
+            res = d;
+        }
+        if (cnt == 1) {
+            CONDITIONAL_SET_FLAG(XOR2(res >> 30), F_OF);
+        } else {
+            CLEAR_FLAG(F_OF);
+        }
+    } else {
+        res = 0;
+        CLEAR_FLAG(F_CF);
+        CLEAR_FLAG(F_OF);
+        SET_FLAG(F_ZF);
+        CLEAR_FLAG(F_SF);
+        CLEAR_FLAG(F_PF);
+    }
+    return res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the SBB instruction and side effects.
+****************************************************************************/
+u8 sbb_byte(u8 d, u8 s)
+{
+    u32 res;   /* all operands in native machine order */
+    u32 bc;
+
+    if (ACCESS_FLAG(F_CF))
+        res = d - s - 1;
+    else
+        res = d - s;
+    set_szp_flags_8((u8)res);
+
+    /* calculate the borrow chain.  See note at top */
+    bc = (res & (~d | s)) | (~d & s);
+    CONDITIONAL_SET_FLAG(bc & 0x80, F_CF);
+    CONDITIONAL_SET_FLAG(XOR2(bc >> 6), F_OF);
+    CONDITIONAL_SET_FLAG(bc & 0x8, F_AF);
+    return (u8)res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the SBB instruction and side effects.
+****************************************************************************/
+u16 sbb_word(u16 d, u16 s)
+{
+    u32 res;   /* all operands in native machine order */
+    u32 bc;
+
+    if (ACCESS_FLAG(F_CF))
+        res = d - s - 1;
+    else
+        res = d - s;
+    set_szp_flags_16((u16)res);
+
+    /* calculate the borrow chain.  See note at top */
+    bc = (res & (~d | s)) | (~d & s);
+    CONDITIONAL_SET_FLAG(bc & 0x8000, F_CF);
+    CONDITIONAL_SET_FLAG(XOR2(bc >> 14), F_OF);
+    CONDITIONAL_SET_FLAG(bc & 0x8, F_AF);
+    return (u16)res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the SBB instruction and side effects.
+****************************************************************************/
+u32 sbb_long(u32 d, u32 s)
+{
+    u32 res;   /* all operands in native machine order */
+    u32 bc;
+
+    if (ACCESS_FLAG(F_CF))
+        res = d - s - 1;
+    else
+        res = d - s;
+
+    set_szp_flags_32(res);
+
+    /* calculate the borrow chain.  See note at top */
+    bc = (res & (~d | s)) | (~d & s);
+    CONDITIONAL_SET_FLAG(bc & 0x80000000, F_CF);
+    CONDITIONAL_SET_FLAG(XOR2(bc >> 30), F_OF);
+    CONDITIONAL_SET_FLAG(bc & 0x8, F_AF);
+    return res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the SUB instruction and side effects.
+****************************************************************************/
+u8 sub_byte(u8 d, u8 s)
+{
+    u32 res;   /* all operands in native machine order */
+    u32 bc;
+
+    res = d - s;
+    set_szp_flags_8((u8)res);
+
+    /* calculate the borrow chain.  See note at top */
+    bc = (res & (~d | s)) | (~d & s);
+    CONDITIONAL_SET_FLAG(bc & 0x80, F_CF);
+    CONDITIONAL_SET_FLAG(XOR2(bc >> 6), F_OF);
+    CONDITIONAL_SET_FLAG(bc & 0x8, F_AF);
+    return (u8)res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the SUB instruction and side effects.
+****************************************************************************/
+u16 sub_word(u16 d, u16 s)
+{
+    u32 res;   /* all operands in native machine order */
+    u32 bc;
+
+    res = d - s;
+    set_szp_flags_16((u16)res);
+
+    /* calculate the borrow chain.  See note at top */
+    bc = (res & (~d | s)) | (~d & s);
+    CONDITIONAL_SET_FLAG(bc & 0x8000, F_CF);
+    CONDITIONAL_SET_FLAG(XOR2(bc >> 14), F_OF);
+    CONDITIONAL_SET_FLAG(bc & 0x8, F_AF);
+    return (u16)res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the SUB instruction and side effects.
+****************************************************************************/
+u32 sub_long(u32 d, u32 s)
+{
+    u32 res;   /* all operands in native machine order */
+    u32 bc;
+
+    res = d - s;
+    set_szp_flags_32(res);
+
+    /* calculate the borrow chain.  See note at top */
+    bc = (res & (~d | s)) | (~d & s);
+    CONDITIONAL_SET_FLAG(bc & 0x80000000, F_CF);
+    CONDITIONAL_SET_FLAG(XOR2(bc >> 30), F_OF);
+    CONDITIONAL_SET_FLAG(bc & 0x8, F_AF);
+    return res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the TEST instruction and side effects.
+****************************************************************************/
+void test_byte(u8 d, u8 s)
+{
+    u32 res;   /* all operands in native machine order */
+
+    res = d & s;
+
+    CLEAR_FLAG(F_OF);
+    set_szp_flags_8((u8)res);
+    /* AF == dont care */
+    CLEAR_FLAG(F_CF);
+}
+
+/****************************************************************************
+REMARKS:
+Implements the TEST instruction and side effects.
+****************************************************************************/
+void test_word(u16 d, u16 s)
+{
+    u32 res;   /* all operands in native machine order */
+
+    res = d & s;
+
+    CLEAR_FLAG(F_OF);
+    set_szp_flags_16((u16)res);
+    /* AF == dont care */
+    CLEAR_FLAG(F_CF);
+}
+
+/****************************************************************************
+REMARKS:
+Implements the TEST instruction and side effects.
+****************************************************************************/
+void test_long(u32 d, u32 s)
+{
+    u32 res;   /* all operands in native machine order */
+
+    res = d & s;
+
+    CLEAR_FLAG(F_OF);
+    set_szp_flags_32(res);
+    /* AF == dont care */
+    CLEAR_FLAG(F_CF);
+}
+
+/****************************************************************************
+REMARKS:
+Implements the XOR instruction and side effects.
+****************************************************************************/
+u8 xor_byte(u8 d, u8 s)
+{
+    u8 res;    /* all operands in native machine order */
+
+    res = d ^ s;
+    no_carry_byte_side_eff(res);
+    return res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the XOR instruction and side effects.
+****************************************************************************/
+u16 xor_word(u16 d, u16 s)
+{
+    u16 res;   /* all operands in native machine order */
+
+    res = d ^ s;
+    no_carry_word_side_eff(res);
+    return res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the XOR instruction and side effects.
+****************************************************************************/
+u32 xor_long(u32 d, u32 s)
+{
+    u32 res;   /* all operands in native machine order */
+
+    res = d ^ s;
+    no_carry_long_side_eff(res);
+    return res;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the IMUL instruction and side effects.
+****************************************************************************/
+void imul_byte(u8 s)
+{
+    s16 res = (s16)((s8)M.x86.R_AL * (s8)s);
+
+    M.x86.R_AX = res;
+    if (((M.x86.R_AL & 0x80) == 0 && M.x86.R_AH == 0x00) ||
+        ((M.x86.R_AL & 0x80) != 0 && M.x86.R_AH == 0xFF)) {
+        CLEAR_FLAG(F_CF);
+        CLEAR_FLAG(F_OF);
+    } else {
+        SET_FLAG(F_CF);
+        SET_FLAG(F_OF);
+    }
+}
+
+/****************************************************************************
+REMARKS:
+Implements the IMUL instruction and side effects.
+****************************************************************************/
+void imul_word(u16 s)
+{
+    s32 res = (s16)M.x86.R_AX * (s16)s;
+
+    M.x86.R_AX = (u16)res;
+    M.x86.R_DX = (u16)(res >> 16);
+    if (((M.x86.R_AX & 0x8000) == 0 && M.x86.R_DX == 0x0000) ||
+        ((M.x86.R_AX & 0x8000) != 0 && M.x86.R_DX == 0xFFFF)) {
+        CLEAR_FLAG(F_CF);
+        CLEAR_FLAG(F_OF);
+    } else {
+        SET_FLAG(F_CF);
+        SET_FLAG(F_OF);
+    }
+}
+
+/****************************************************************************
+REMARKS:
+Implements the IMUL instruction and side effects.
+****************************************************************************/
+void imul_long_direct(u32 *res_lo, u32* res_hi,u32 d, u32 s)
+{
+#ifdef  __HAS_LONG_LONG__
+    s64 res = (s64)(s32)d * (s64)(s32)s;
+
+    *res_lo = (u32)res;
+    *res_hi = (u32)(res >> 32);
+#else
+    u32 d_lo,d_hi,d_sign;
+    u32 s_lo,s_hi,s_sign;
+    u32 rlo_lo,rlo_hi,rhi_lo;
+
+    if ((d_sign = d & 0x80000000) != 0)
+        d = -d;
+    d_lo = d & 0xFFFF;
+    d_hi = d >> 16;
+    if ((s_sign = s & 0x80000000) != 0)
+        s = -s;
+    s_lo = s & 0xFFFF;
+    s_hi = s >> 16;
+    rlo_lo = d_lo * s_lo;
+    rlo_hi = (d_hi * s_lo + d_lo * s_hi) + (rlo_lo >> 16);
+    rhi_lo = d_hi * s_hi + (rlo_hi >> 16);
+    *res_lo = (rlo_hi << 16) | (rlo_lo & 0xFFFF);
+    *res_hi = rhi_lo;
+    if (d_sign != s_sign) {
+        d = ~*res_lo;
+        s = (((d & 0xFFFF) + 1) >> 16) + (d >> 16);
+        *res_lo = ~*res_lo+1;
+        *res_hi = ~*res_hi+(s >> 16);
+        }
+#endif
+}
+
+/****************************************************************************
+REMARKS:
+Implements the IMUL instruction and side effects.
+****************************************************************************/
+void imul_long(u32 s)
+{
+    imul_long_direct(&M.x86.R_EAX,&M.x86.R_EDX,M.x86.R_EAX,s);
+    if (((M.x86.R_EAX & 0x80000000) == 0 && M.x86.R_EDX == 0x00000000) ||
+        ((M.x86.R_EAX & 0x80000000) != 0 && M.x86.R_EDX == 0xFFFFFFFF)) {
+        CLEAR_FLAG(F_CF);
+        CLEAR_FLAG(F_OF);
+    } else {
+        SET_FLAG(F_CF);
+        SET_FLAG(F_OF);
+    }
+}
+
+/****************************************************************************
+REMARKS:
+Implements the MUL instruction and side effects.
+****************************************************************************/
+void mul_byte(u8 s)
+{
+    u16 res = (u16)(M.x86.R_AL * s);
+
+    M.x86.R_AX = res;
+    if (M.x86.R_AH == 0) {
+        CLEAR_FLAG(F_CF);
+        CLEAR_FLAG(F_OF);
+    } else {
+        SET_FLAG(F_CF);
+        SET_FLAG(F_OF);
+    }
+}
+
+/****************************************************************************
+REMARKS:
+Implements the MUL instruction and side effects.
+****************************************************************************/
+void mul_word(u16 s)
+{
+    u32 res = M.x86.R_AX * s;
+
+    M.x86.R_AX = (u16)res;
+    M.x86.R_DX = (u16)(res >> 16);
+    if (M.x86.R_DX == 0) {
+        CLEAR_FLAG(F_CF);
+        CLEAR_FLAG(F_OF);
+    } else {
+        SET_FLAG(F_CF);
+        SET_FLAG(F_OF);
+    }
+}
+
+/****************************************************************************
+REMARKS:
+Implements the MUL instruction and side effects.
+****************************************************************************/
+void mul_long(u32 s)
+{
+#ifdef  __HAS_LONG_LONG__
+    u64 res = (u64)M.x86.R_EAX * s;
+
+    M.x86.R_EAX = (u32)res;
+    M.x86.R_EDX = (u32)(res >> 32);
+#else
+    u32 a,a_lo,a_hi;
+    u32 s_lo,s_hi;
+    u32 rlo_lo,rlo_hi,rhi_lo;
+
+    a = M.x86.R_EAX;
+    a_lo = a & 0xFFFF;
+    a_hi = a >> 16;
+    s_lo = s & 0xFFFF;
+    s_hi = s >> 16;
+    rlo_lo = a_lo * s_lo;
+    rlo_hi = (a_hi * s_lo + a_lo * s_hi) + (rlo_lo >> 16);
+    rhi_lo = a_hi * s_hi + (rlo_hi >> 16);
+    M.x86.R_EAX = (rlo_hi << 16) | (rlo_lo & 0xFFFF);
+    M.x86.R_EDX = rhi_lo;
+#endif
+    if (M.x86.R_EDX == 0) {
+        CLEAR_FLAG(F_CF);
+        CLEAR_FLAG(F_OF);
+    } else {
+        SET_FLAG(F_CF);
+        SET_FLAG(F_OF);
+    }
+}
+
+/****************************************************************************
+REMARKS:
+Implements the IDIV instruction and side effects.
+****************************************************************************/
+void idiv_byte(u8 s)
+{
+    s32 dvd, div, mod;
+
+    dvd = (s16)M.x86.R_AX;
+    if (s == 0) {
+        x86emu_intr_raise(0);
+        return;
+    }
+    div = dvd / (s8)s;
+    mod = dvd % (s8)s;
+    if (abs(div) > 0x7f) {
+        x86emu_intr_raise(0);
+        return;
+    }
+    M.x86.R_AL = (s8) div;
+    M.x86.R_AH = (s8) mod;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the IDIV instruction and side effects.
+****************************************************************************/
+void idiv_word(u16 s)
+{
+    s32 dvd, div, mod;
+
+    dvd = (((s32)M.x86.R_DX) << 16) | M.x86.R_AX;
+    if (s == 0) {
+        x86emu_intr_raise(0);
+        return;
+    }
+    div = dvd / (s16)s;
+    mod = dvd % (s16)s;
+    if (abs(div) > 0x7fff) {
+        x86emu_intr_raise(0);
+        return;
+    }
+    CLEAR_FLAG(F_CF);
+    CLEAR_FLAG(F_SF);
+    CONDITIONAL_SET_FLAG(div == 0, F_ZF);
+    set_parity_flag(mod);
+
+    M.x86.R_AX = (u16)div;
+    M.x86.R_DX = (u16)mod;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the IDIV instruction and side effects.
+****************************************************************************/
+void idiv_long(u32 s)
+{
+#ifdef  __HAS_LONG_LONG__
+    s64 dvd, div, mod;
+
+    dvd = (((s64)M.x86.R_EDX) << 32) | M.x86.R_EAX;
+    if (s == 0) {
+        x86emu_intr_raise(0);
+        return;
+    }
+    div = dvd / (s32)s;
+    mod = dvd % (s32)s;
+    if (abs(div) > 0x7fffffff) {
+        x86emu_intr_raise(0);
+        return;
+    }
+#else
+    s32 div = 0, mod;
+    s32 h_dvd = M.x86.R_EDX;
+    u32 l_dvd = M.x86.R_EAX;
+    u32 abs_s = s & 0x7FFFFFFF;
+    u32 abs_h_dvd = h_dvd & 0x7FFFFFFF;
+    u32 h_s = abs_s >> 1;
+    u32 l_s = abs_s << 31;
+    int counter = 31;
+    int carry;
+
+    if (s == 0) {
+        x86emu_intr_raise(0);
+        return;
+    }
+    do {
+        div <<= 1;
+        carry = (l_dvd >= l_s) ? 0 : 1;
+
+        if (abs_h_dvd < (h_s + carry)) {
+            h_s >>= 1;
+            l_s = abs_s << (--counter);
+            continue;
+        } else {
+            abs_h_dvd -= (h_s + carry);
+            l_dvd = carry ? ((0xFFFFFFFF - l_s) + l_dvd + 1)
+                : (l_dvd - l_s);
+            h_s >>= 1;
+            l_s = abs_s << (--counter);
+            div |= 1;
+            continue;
+        }
+
+    } while (counter > -1);
+    /* overflow */
+    if (abs_h_dvd || (l_dvd > abs_s)) {
+        x86emu_intr_raise(0);
+        return;
+    }
+    /* sign */
+    div |= ((h_dvd & 0x10000000) ^ (s & 0x10000000));
+    mod = l_dvd;
+
+#endif
+    CLEAR_FLAG(F_CF);
+    CLEAR_FLAG(F_AF);
+    CLEAR_FLAG(F_SF);
+    SET_FLAG(F_ZF);
+    set_parity_flag(mod);
+
+    M.x86.R_EAX = (u32)div;
+    M.x86.R_EDX = (u32)mod;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the DIV instruction and side effects.
+****************************************************************************/
+void div_byte(u8 s)
+{
+    u32 dvd, div, mod;
+
+    dvd = M.x86.R_AX;
+    if (s == 0) {
+        x86emu_intr_raise(0);
+        return;
+    }
+    div = dvd / (u8)s;
+    mod = dvd % (u8)s;
+    if (abs(div) > 0xff) {
+        x86emu_intr_raise(0);
+        return;
+    }
+    M.x86.R_AL = (u8)div;
+    M.x86.R_AH = (u8)mod;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the DIV instruction and side effects.
+****************************************************************************/
+void div_word(u16 s)
+{
+    u32 dvd, div, mod;
+
+    dvd = (((u32)M.x86.R_DX) << 16) | M.x86.R_AX;
+    if (s == 0) {
+        x86emu_intr_raise(0);
+        return;
+    }
+    div = dvd / (u16)s;
+    mod = dvd % (u16)s;
+    if (abs(div) > 0xffff) {
+        x86emu_intr_raise(0);
+        return;
+    }
+    CLEAR_FLAG(F_CF);
+    CLEAR_FLAG(F_SF);
+    CONDITIONAL_SET_FLAG(div == 0, F_ZF);
+    set_parity_flag(mod);
+
+    M.x86.R_AX = (u16)div;
+    M.x86.R_DX = (u16)mod;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the DIV instruction and side effects.
+****************************************************************************/
+void div_long(u32 s)
+{
+#ifdef  __HAS_LONG_LONG__
+    u64 dvd, div, mod;
+
+    dvd = (((u64)M.x86.R_EDX) << 32) | M.x86.R_EAX;
+    if (s == 0) {
+        x86emu_intr_raise(0);
+        return;
+    }
+    div = dvd / (u32)s;
+    mod = dvd % (u32)s;
+    if (abs(div) > 0xffffffff) {
+        x86emu_intr_raise(0);
+        return;
+    }
+#else
+    s32 div = 0, mod;
+    s32 h_dvd = M.x86.R_EDX;
+    u32 l_dvd = M.x86.R_EAX;
+
+    u32 h_s = s;
+    u32 l_s = 0;
+    int counter = 32;
+    int carry;
+
+    if (s == 0) {
+        x86emu_intr_raise(0);
+        return;
+    }
+    do {
+        div <<= 1;
+        carry = (l_dvd >= l_s) ? 0 : 1;
+
+        if (h_dvd < (h_s + carry)) {
+            h_s >>= 1;
+            l_s = s << (--counter);
+            continue;
+        } else {
+            h_dvd -= (h_s + carry);
+            l_dvd = carry ? ((0xFFFFFFFF - l_s) + l_dvd + 1)
+                : (l_dvd - l_s);
+            h_s >>= 1;
+            l_s = s << (--counter);
+            div |= 1;
+            continue;
+        }
+
+    } while (counter > -1);
+    /* overflow */
+    if (h_dvd || (l_dvd > s)) {
+        x86emu_intr_raise(0);
+        return;
+    }
+    mod = l_dvd;
+#endif
+    CLEAR_FLAG(F_CF);
+    CLEAR_FLAG(F_AF);
+    CLEAR_FLAG(F_SF);
+    SET_FLAG(F_ZF);
+    set_parity_flag(mod);
+
+    M.x86.R_EAX = (u32)div;
+    M.x86.R_EDX = (u32)mod;
+}
+
+/****************************************************************************
+REMARKS:
+Implements the IN string instruction and side effects.
+****************************************************************************/
+
+static void single_in(int size)
+{
+    if(size == 1)
+        store_data_byte_abs(M.x86.R_ES, M.x86.R_DI,(*sys_inb)(M.x86.R_DX));
+    else if (size == 2)
+        store_data_word_abs(M.x86.R_ES, M.x86.R_DI,(*sys_inw)(M.x86.R_DX));
+    else
+        store_data_long_abs(M.x86.R_ES, M.x86.R_DI,(*sys_inl)(M.x86.R_DX));
+}
+
+void ins(int size)
+{
+    int inc = size;
+
+    if (ACCESS_FLAG(F_DF)) {
+        inc = -size;
+    }
+    if (M.x86.mode & (SYSMODE_PREFIX_REPE | SYSMODE_PREFIX_REPNE)) {
+        /* dont care whether REPE or REPNE */
+        /* in until (E)CX is ZERO. */
+        u32 count = ((M.x86.mode & SYSMODE_32BIT_REP) ?
+                     M.x86.R_ECX : M.x86.R_CX);
+        while (count--) {
+          single_in(size);
+          M.x86.R_DI += inc;
+          }
+        M.x86.R_CX = 0;
+        if (M.x86.mode & SYSMODE_32BIT_REP) {
+            M.x86.R_ECX = 0;
+        }
+        M.x86.mode &= ~(SYSMODE_PREFIX_REPE | SYSMODE_PREFIX_REPNE);
+    } else {
+        single_in(size);
+        M.x86.R_DI += inc;
+    }
+}
+
+/****************************************************************************
+REMARKS:
+Implements the OUT string instruction and side effects.
+****************************************************************************/
+
+static void single_out(int size)
+{
+     if(size == 1)
+       (*sys_outb)(M.x86.R_DX,fetch_data_byte_abs(M.x86.R_ES, M.x86.R_SI));
+     else if (size == 2)
+       (*sys_outw)(M.x86.R_DX,fetch_data_word_abs(M.x86.R_ES, M.x86.R_SI));
+     else
+       (*sys_outl)(M.x86.R_DX,fetch_data_long_abs(M.x86.R_ES, M.x86.R_SI));
+}
+
+void outs(int size)
+{
+    int inc = size;
+
+    if (ACCESS_FLAG(F_DF)) {
+        inc = -size;
+    }
+    if (M.x86.mode & (SYSMODE_PREFIX_REPE | SYSMODE_PREFIX_REPNE)) {
+        /* dont care whether REPE or REPNE */
+        /* out until (E)CX is ZERO. */
+        u32 count = ((M.x86.mode & SYSMODE_32BIT_REP) ?
+                     M.x86.R_ECX : M.x86.R_CX);
+        while (count--) {
+          single_out(size);
+          M.x86.R_SI += inc;
+          }
+        M.x86.R_CX = 0;
+        if (M.x86.mode & SYSMODE_32BIT_REP) {
+            M.x86.R_ECX = 0;
+        }
+        M.x86.mode &= ~(SYSMODE_PREFIX_REPE | SYSMODE_PREFIX_REPNE);
+    } else {
+        single_out(size);
+        M.x86.R_SI += inc;
+    }
+}
+
+/****************************************************************************
+PARAMETERS:
+addr    - Address to fetch word from
+
+REMARKS:
+Fetches a word from emulator memory using an absolute address.
+****************************************************************************/
+u16 mem_access_word(int addr)
+{
+DB( if (CHECK_MEM_ACCESS())
+      x86emu_check_mem_access(addr);)
+    return (*sys_rdw)(addr);
+}
+
+/****************************************************************************
+REMARKS:
+Pushes a word onto the stack.
+
+NOTE: Do not inline this, as (*sys_wrX) is already inline!
+****************************************************************************/
+void push_word(u16 w)
+{
+DB( if (CHECK_SP_ACCESS())
+      x86emu_check_sp_access();)
+    M.x86.R_SP -= 2;
+    (*sys_wrw)(((u32)M.x86.R_SS << 4)  + M.x86.R_SP, w);
+}
+
+/****************************************************************************
+REMARKS:
+Pushes a long onto the stack.
+
+NOTE: Do not inline this, as (*sys_wrX) is already inline!
+****************************************************************************/
+void push_long(u32 w)
+{
+DB( if (CHECK_SP_ACCESS())
+      x86emu_check_sp_access();)
+    M.x86.R_SP -= 4;
+    (*sys_wrl)(((u32)M.x86.R_SS << 4)  + M.x86.R_SP, w);
+}
+
+/****************************************************************************
+REMARKS:
+Pops a word from the stack.
+
+NOTE: Do not inline this, as (*sys_rdX) is already inline!
+****************************************************************************/
+u16 pop_word(void)
+{
+    u16 res;
+
+DB( if (CHECK_SP_ACCESS())
+      x86emu_check_sp_access();)
+    res = (*sys_rdw)(((u32)M.x86.R_SS << 4)  + M.x86.R_SP);
+    M.x86.R_SP += 2;
+    return res;
+}
+
+/****************************************************************************
+REMARKS:
+Pops a long from the stack.
+
+NOTE: Do not inline this, as (*sys_rdX) is already inline!
+****************************************************************************/
+u32 pop_long(void)
+{
+    u32 res;
+
+DB( if (CHECK_SP_ACCESS())
+      x86emu_check_sp_access();)
+    res = (*sys_rdl)(((u32)M.x86.R_SS << 4)  + M.x86.R_SP);
+    M.x86.R_SP += 4;
+    return res;
+}
+
+/****************************************************************************
+REMARKS:
+CPUID takes EAX/ECX as inputs, writes EAX/EBX/ECX/EDX as output
+****************************************************************************/
+void x86emu_cpuid(void)
+{
+    u32 feature = M.x86.R_EAX;
+
+    switch (feature) {
+    case 0:
+        /* Regardless if we have real data from the hardware, the emulator
+         * will only support upto feature 1, which we set in register EAX.
+         * Registers EBX:EDX:ECX contain a string identifying the CPU.
+         */
+        M.x86.R_EAX = 1;
+        /* EBX:EDX:ECX = "GenuineIntel" */
+        M.x86.R_EBX = 0x756e6547;
+        M.x86.R_EDX = 0x49656e69;
+        M.x86.R_ECX = 0x6c65746e;
+        break;
+    case 1:
+        /* If we don't have x86 compatible hardware, we return values from an
+         * Intel 486dx4; which was one of the first processors to have CPUID.
+         */
+        M.x86.R_EAX = 0x00000480;
+        M.x86.R_EBX = 0x00000000;
+        M.x86.R_ECX = 0x00000000;
+        M.x86.R_EDX = 0x00000002;       /* VME */
+        /* In the case that we have hardware CPUID instruction, we make sure
+         * that the features reported are limited to TSC and VME.
+         */
+        M.x86.R_EDX &= 0x00000012;
+        break;
+    default:
+        /* Finally, we don't support any additional features.  Most CPUs
+         * return all zeros when queried for invalid or unsupported feature
+         * numbers.
+         */
+        M.x86.R_EAX = 0;
+        M.x86.R_EBX = 0;
+        M.x86.R_ECX = 0;
+        M.x86.R_EDX = 0;
+        break;
+    }
+}
+
diff --git a/src/device/oprom/x86emu/prim_ops.h b/src/device/oprom/x86emu/prim_ops.h
new file mode 100644
index 0000000..7230a71
--- /dev/null
+++ b/src/device/oprom/x86emu/prim_ops.h
@@ -0,0 +1,232 @@
+/****************************************************************************
+*
+*						Realmode X86 Emulator Library
+*
+*            	Copyright (C) 1996-1999 SciTech Software, Inc.
+* 				     Copyright (C) David Mosberger-Tang
+* 					   Copyright (C) 1999 Egbert Eich
+*
+*  ========================================================================
+*
+*  Permission to use, copy, modify, distribute, and sell this software and
+*  its documentation for any purpose is hereby granted without fee,
+*  provided that the above copyright notice appear in all copies and that
+*  both that copyright notice and this permission notice appear in
+*  supporting documentation, and that the name of the authors not be used
+*  in advertising or publicity pertaining to distribution of the software
+*  without specific, written prior permission.  The authors makes no
+*  representations about the suitability of this software for any purpose.
+*  It is provided "as is" without express or implied warranty.
+*
+*  THE AUTHORS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
+*  INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
+*  EVENT SHALL THE AUTHORS BE LIABLE FOR ANY SPECIAL, INDIRECT OR
+*  CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
+*  USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
+*  OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+*  PERFORMANCE OF THIS SOFTWARE.
+*
+*  ========================================================================
+*
+* Language:		ANSI C
+* Environment:	Any
+* Developer:    Kendall Bennett
+*
+* Description:  Header file for primitive operation functions.
+*
+****************************************************************************/
+
+#ifndef __X86EMU_PRIM_OPS_H
+#define __X86EMU_PRIM_OPS_H
+
+#include "prim_asm.h"
+
+#ifdef  __cplusplus
+extern "C" {            			/* Use "C" linkage when in C++ mode */
+#endif
+
+u16     aaa_word (u16 d);
+u16     aas_word (u16 d);
+u16     aad_word (u16 d);
+u16     aam_word (u8 d);
+u8      adc_byte (u8 d, u8 s);
+u16     adc_word (u16 d, u16 s);
+u32     adc_long (u32 d, u32 s);
+u8      add_byte (u8 d, u8 s);
+u16     add_word (u16 d, u16 s);
+u32     add_long (u32 d, u32 s);
+u8      and_byte (u8 d, u8 s);
+u16     and_word (u16 d, u16 s);
+u32     and_long (u32 d, u32 s);
+u8      cmp_byte (u8 d, u8 s);
+u16     cmp_word (u16 d, u16 s);
+u32     cmp_long (u32 d, u32 s);
+u8      daa_byte (u8 d);
+u8      das_byte (u8 d);
+u8      dec_byte (u8 d);
+u16     dec_word (u16 d);
+u32     dec_long (u32 d);
+u8      inc_byte (u8 d);
+u16     inc_word (u16 d);
+u32     inc_long (u32 d);
+u8      or_byte (u8 d, u8 s);
+u16     or_word (u16 d, u16 s);
+u32     or_long (u32 d, u32 s);
+u8      neg_byte (u8 s);
+u16     neg_word (u16 s);
+u32     neg_long (u32 s);
+u8      not_byte (u8 s);
+u16     not_word (u16 s);
+u32     not_long (u32 s);
+u8      rcl_byte (u8 d, u8 s);
+u16     rcl_word (u16 d, u8 s);
+u32     rcl_long (u32 d, u8 s);
+u8      rcr_byte (u8 d, u8 s);
+u16     rcr_word (u16 d, u8 s);
+u32     rcr_long (u32 d, u8 s);
+u8      rol_byte (u8 d, u8 s);
+u16     rol_word (u16 d, u8 s);
+u32     rol_long (u32 d, u8 s);
+u8      ror_byte (u8 d, u8 s);
+u16     ror_word (u16 d, u8 s);
+u32     ror_long (u32 d, u8 s);
+u8      shl_byte (u8 d, u8 s);
+u16     shl_word (u16 d, u8 s);
+u32     shl_long (u32 d, u8 s);
+u8      shr_byte (u8 d, u8 s);
+u16     shr_word (u16 d, u8 s);
+u32     shr_long (u32 d, u8 s);
+u8      sar_byte (u8 d, u8 s);
+u16     sar_word (u16 d, u8 s);
+u32     sar_long (u32 d, u8 s);
+u16     shld_word (u16 d, u16 fill, u8 s);
+u32     shld_long (u32 d, u32 fill, u8 s);
+u16     shrd_word (u16 d, u16 fill, u8 s);
+u32     shrd_long (u32 d, u32 fill, u8 s);
+u8      sbb_byte (u8 d, u8 s);
+u16     sbb_word (u16 d, u16 s);
+u32     sbb_long (u32 d, u32 s);
+u8      sub_byte (u8 d, u8 s);
+u16     sub_word (u16 d, u16 s);
+u32     sub_long (u32 d, u32 s);
+void    test_byte (u8 d, u8 s);
+void    test_word (u16 d, u16 s);
+void    test_long (u32 d, u32 s);
+u8      xor_byte (u8 d, u8 s);
+u16     xor_word (u16 d, u16 s);
+u32     xor_long (u32 d, u32 s);
+void    imul_byte (u8 s);
+void    imul_word (u16 s);
+void    imul_long (u32 s);
+void 	imul_long_direct(u32 *res_lo, u32* res_hi,u32 d, u32 s);
+void    mul_byte (u8 s);
+void    mul_word (u16 s);
+void    mul_long (u32 s);
+void    idiv_byte (u8 s);
+void    idiv_word (u16 s);
+void    idiv_long (u32 s);
+void    div_byte (u8 s);
+void    div_word (u16 s);
+void    div_long (u32 s);
+void    ins (int size);
+void    outs (int size);
+u16     mem_access_word (int addr);
+void    push_word (u16 w);
+void    push_long (u32 w);
+u16     pop_word (void);
+u32	pop_long (void);
+void	x86emu_cpuid (void);
+
+#if  defined(__HAVE_INLINE_ASSEMBLER__) && !defined(PRIM_OPS_NO_REDEFINE_ASM)
+
+#define	aaa_word(d)		aaa_word_asm(&M.x86.R_EFLG,d)
+#define aas_word(d)		aas_word_asm(&M.x86.R_EFLG,d)
+#define aad_word(d)		aad_word_asm(&M.x86.R_EFLG,d)
+#define aam_word(d)		aam_word_asm(&M.x86.R_EFLG,d)
+#define adc_byte(d,s)	adc_byte_asm(&M.x86.R_EFLG,d,s)
+#define adc_word(d,s)	adc_word_asm(&M.x86.R_EFLG,d,s)
+#define adc_long(d,s)	adc_long_asm(&M.x86.R_EFLG,d,s)
+#define add_byte(d,s) 	add_byte_asm(&M.x86.R_EFLG,d,s)
+#define add_word(d,s)	add_word_asm(&M.x86.R_EFLG,d,s)
+#define add_long(d,s)	add_long_asm(&M.x86.R_EFLG,d,s)
+#define and_byte(d,s)	and_byte_asm(&M.x86.R_EFLG,d,s)
+#define and_word(d,s)	and_word_asm(&M.x86.R_EFLG,d,s)
+#define and_long(d,s)	and_long_asm(&M.x86.R_EFLG,d,s)
+#define cmp_byte(d,s)	cmp_byte_asm(&M.x86.R_EFLG,d,s)
+#define cmp_word(d,s)	cmp_word_asm(&M.x86.R_EFLG,d,s)
+#define cmp_long(d,s)	cmp_long_asm(&M.x86.R_EFLG,d,s)
+#define daa_byte(d)		daa_byte_asm(&M.x86.R_EFLG,d)
+#define das_byte(d)		das_byte_asm(&M.x86.R_EFLG,d)
+#define dec_byte(d)		dec_byte_asm(&M.x86.R_EFLG,d)
+#define dec_word(d)		dec_word_asm(&M.x86.R_EFLG,d)
+#define dec_long(d)		dec_long_asm(&M.x86.R_EFLG,d)
+#define inc_byte(d)		inc_byte_asm(&M.x86.R_EFLG,d)
+#define inc_word(d)		inc_word_asm(&M.x86.R_EFLG,d)
+#define inc_long(d)		inc_long_asm(&M.x86.R_EFLG,d)
+#define or_byte(d,s)	or_byte_asm(&M.x86.R_EFLG,d,s)
+#define or_word(d,s)	or_word_asm(&M.x86.R_EFLG,d,s)
+#define or_long(d,s)	or_long_asm(&M.x86.R_EFLG,d,s)
+#define neg_byte(s)		neg_byte_asm(&M.x86.R_EFLG,s)
+#define neg_word(s)		neg_word_asm(&M.x86.R_EFLG,s)
+#define neg_long(s)		neg_long_asm(&M.x86.R_EFLG,s)
+#define not_byte(s)		not_byte_asm(&M.x86.R_EFLG,s)
+#define not_word(s)		not_word_asm(&M.x86.R_EFLG,s)
+#define not_long(s)		not_long_asm(&M.x86.R_EFLG,s)
+#define rcl_byte(d,s)	rcl_byte_asm(&M.x86.R_EFLG,d,s)
+#define rcl_word(d,s)	rcl_word_asm(&M.x86.R_EFLG,d,s)
+#define rcl_long(d,s)	rcl_long_asm(&M.x86.R_EFLG,d,s)
+#define rcr_byte(d,s)	rcr_byte_asm(&M.x86.R_EFLG,d,s)
+#define rcr_word(d,s)	rcr_word_asm(&M.x86.R_EFLG,d,s)
+#define rcr_long(d,s)	rcr_long_asm(&M.x86.R_EFLG,d,s)
+#define rol_byte(d,s)	rol_byte_asm(&M.x86.R_EFLG,d,s)
+#define rol_word(d,s)	rol_word_asm(&M.x86.R_EFLG,d,s)
+#define rol_long(d,s)	rol_long_asm(&M.x86.R_EFLG,d,s)
+#define ror_byte(d,s)	ror_byte_asm(&M.x86.R_EFLG,d,s)
+#define ror_word(d,s)	ror_word_asm(&M.x86.R_EFLG,d,s)
+#define ror_long(d,s)	ror_long_asm(&M.x86.R_EFLG,d,s)
+#define shl_byte(d,s)	shl_byte_asm(&M.x86.R_EFLG,d,s)
+#define shl_word(d,s)	shl_word_asm(&M.x86.R_EFLG,d,s)
+#define shl_long(d,s)	shl_long_asm(&M.x86.R_EFLG,d,s)
+#define shr_byte(d,s)	shr_byte_asm(&M.x86.R_EFLG,d,s)
+#define shr_word(d,s)	shr_word_asm(&M.x86.R_EFLG,d,s)
+#define shr_long(d,s)	shr_long_asm(&M.x86.R_EFLG,d,s)
+#define sar_byte(d,s)	sar_byte_asm(&M.x86.R_EFLG,d,s)
+#define sar_word(d,s)	sar_word_asm(&M.x86.R_EFLG,d,s)
+#define sar_long(d,s)	sar_long_asm(&M.x86.R_EFLG,d,s)
+#define shld_word(d,fill,s)	shld_word_asm(&M.x86.R_EFLG,d,fill,s)
+#define shld_long(d,fill,s)	shld_long_asm(&M.x86.R_EFLG,d,fill,s)
+#define shrd_word(d,fill,s)	shrd_word_asm(&M.x86.R_EFLG,d,fill,s)
+#define shrd_long(d,fill,s)	shrd_long_asm(&M.x86.R_EFLG,d,fill,s)
+#define sbb_byte(d,s)	sbb_byte_asm(&M.x86.R_EFLG,d,s)
+#define sbb_word(d,s)	sbb_word_asm(&M.x86.R_EFLG,d,s)
+#define sbb_long(d,s)	sbb_long_asm(&M.x86.R_EFLG,d,s)
+#define sub_byte(d,s)	sub_byte_asm(&M.x86.R_EFLG,d,s)
+#define sub_word(d,s)	sub_word_asm(&M.x86.R_EFLG,d,s)
+#define sub_long(d,s)	sub_long_asm(&M.x86.R_EFLG,d,s)
+#define test_byte(d,s)	test_byte_asm(&M.x86.R_EFLG,d,s)
+#define test_word(d,s)	test_word_asm(&M.x86.R_EFLG,d,s)
+#define test_long(d,s)	test_long_asm(&M.x86.R_EFLG,d,s)
+#define xor_byte(d,s)	xor_byte_asm(&M.x86.R_EFLG,d,s)
+#define xor_word(d,s)	xor_word_asm(&M.x86.R_EFLG,d,s)
+#define xor_long(d,s)	xor_long_asm(&M.x86.R_EFLG,d,s)
+#define imul_byte(s)	imul_byte_asm(&M.x86.R_EFLG,&M.x86.R_AX,M.x86.R_AL,s)
+#define imul_word(s)	imul_word_asm(&M.x86.R_EFLG,&M.x86.R_AX,&M.x86.R_DX,M.x86.R_AX,s)
+#define imul_long(s)	imul_long_asm(&M.x86.R_EFLG,&M.x86.R_EAX,&M.x86.R_EDX,M.x86.R_EAX,s)
+#define imul_long_direct(res_lo,res_hi,d,s)	imul_long_asm(&M.x86.R_EFLG,res_lo,res_hi,d,s)
+#define mul_byte(s)		mul_byte_asm(&M.x86.R_EFLG,&M.x86.R_AX,M.x86.R_AL,s)
+#define mul_word(s)		mul_word_asm(&M.x86.R_EFLG,&M.x86.R_AX,&M.x86.R_DX,M.x86.R_AX,s)
+#define mul_long(s)		mul_long_asm(&M.x86.R_EFLG,&M.x86.R_EAX,&M.x86.R_EDX,M.x86.R_EAX,s)
+#define idiv_byte(s)	idiv_byte_asm(&M.x86.R_EFLG,&M.x86.R_AL,&M.x86.R_AH,M.x86.R_AX,s)
+#define idiv_word(s)	idiv_word_asm(&M.x86.R_EFLG,&M.x86.R_AX,&M.x86.R_DX,M.x86.R_AX,M.x86.R_DX,s)
+#define idiv_long(s)	idiv_long_asm(&M.x86.R_EFLG,&M.x86.R_EAX,&M.x86.R_EDX,M.x86.R_EAX,M.x86.R_EDX,s)
+#define div_byte(s)		div_byte_asm(&M.x86.R_EFLG,&M.x86.R_AL,&M.x86.R_AH,M.x86.R_AX,s)
+#define div_word(s)		div_word_asm(&M.x86.R_EFLG,&M.x86.R_AX,&M.x86.R_DX,M.x86.R_AX,M.x86.R_DX,s)
+#define div_long(s)		div_long_asm(&M.x86.R_EFLG,&M.x86.R_EAX,&M.x86.R_EDX,M.x86.R_EAX,M.x86.R_EDX,s)
+
+#endif
+
+#ifdef  __cplusplus
+}                       			/* End of "C" linkage for C++   	*/
+#endif
+
+#endif /* __X86EMU_PRIM_OPS_H */
diff --git a/src/device/oprom/x86emu/sys.c b/src/device/oprom/x86emu/sys.c
new file mode 100644
index 0000000..7a9e392
--- /dev/null
+++ b/src/device/oprom/x86emu/sys.c
@@ -0,0 +1,406 @@
+/****************************************************************************
+*
+*						Realmode X86 Emulator Library
+*
+*            	Copyright (C) 1996-1999 SciTech Software, Inc.
+* 				     Copyright (C) David Mosberger-Tang
+* 					   Copyright (C) 1999 Egbert Eich
+*
+*  ========================================================================
+*
+*  Permission to use, copy, modify, distribute, and sell this software and
+*  its documentation for any purpose is hereby granted without fee,
+*  provided that the above copyright notice appear in all copies and that
+*  both that copyright notice and this permission notice appear in
+*  supporting documentation, and that the name of the authors not be used
+*  in advertising or publicity pertaining to distribution of the software
+*  without specific, written prior permission.  The authors makes no
+*  representations about the suitability of this software for any purpose.
+*  It is provided "as is" without express or implied warranty.
+*
+*  THE AUTHORS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
+*  INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
+*  EVENT SHALL THE AUTHORS BE LIABLE FOR ANY SPECIAL, INDIRECT OR
+*  CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
+*  USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
+*  OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+*  PERFORMANCE OF THIS SOFTWARE.
+*
+*  ========================================================================
+*
+* Language:		ANSI C
+* Environment:	Any
+* Developer:    Kendall Bennett
+*
+* Description:  This file includes subroutines which are related to
+*				programmed I/O and memory access. Included in this module
+*				are default functions with limited usefulness. For real
+*				uses these functions will most likely be overriden by the
+*				user library.
+*
+****************************************************************************/
+/* $XFree86: xc/extras/x86emu/src/x86emu/sys.c,v 1.5 2000/08/23 22:10:01 tsi Exp $ */
+
+#include <arch/io.h>
+#include <x86emu/x86emu.h>
+#include <x86emu/regs.h>
+#include "debug.h"
+#include "prim_ops.h"
+
+#ifdef IN_MODULE
+#include "xf86_ansic.h"
+#else
+#include <string.h>
+#endif
+/*------------------------- Global Variables ------------------------------*/
+
+X86EMU_sysEnv _X86EMU_env;	/* Global emulator machine state */
+X86EMU_intrFuncs _X86EMU_intrTab[256];
+
+/*----------------------------- Implementation ----------------------------*/
+
+/* compute a pointer. This replaces code scattered all over the place! */
+static u8 *mem_ptr(u32 addr, int size)
+{
+	u8 *retaddr = 0;
+
+	if (addr > M.mem_size - size) {
+		DB(printf("mem_ptr: address %#x out of range!\n", addr);)
+		    HALT_SYS();
+	}
+	if (addr < 0x200) {
+		//printf("%x:%x updating int vector 0x%x\n",
+		//       M.x86.R_CS, M.x86.R_IP, addr >> 2);
+	}
+	retaddr = (u8 *) (M.mem_base + addr);
+
+	return retaddr;
+}
+
+/****************************************************************************
+PARAMETERS:
+addr	- Emulator memory address to read
+
+RETURNS:
+Byte value read from emulator memory.
+
+REMARKS:
+Reads a byte value from the emulator memory.
+****************************************************************************/
+u8 X86API rdb(u32 addr)
+{
+	u8 val;
+	u8 *ptr;
+
+	ptr = mem_ptr(addr, 1);
+
+	val = *ptr;
+	DB(if (DEBUG_MEM_TRACE())
+	   printf("%#08x 1 -> %#x\n", addr, val);)
+		return val;
+}
+
+/****************************************************************************
+PARAMETERS:
+addr	- Emulator memory address to read
+
+RETURNS:
+Word value read from emulator memory.
+
+REMARKS:
+Reads a word value from the emulator memory.
+****************************************************************************/
+u16 X86API rdw(u32 addr)
+{
+	u16 val = 0;
+	u8 *ptr;
+
+	ptr = mem_ptr(addr, 2);
+	val = *(u16 *) (ptr);
+
+	DB(if (DEBUG_MEM_TRACE())
+	   printf("%#08x 2 -> %#x\n", addr, val);)
+	return val;
+}
+
+/****************************************************************************
+PARAMETERS:
+addr	- Emulator memory address to read
+
+RETURNS:
+Long value read from emulator memory.
+REMARKS:
+Reads a long value from the emulator memory.
+****************************************************************************/
+u32 X86API rdl(u32 addr)
+{
+	u32 val = 0;
+	u8 *ptr;
+
+	ptr = mem_ptr(addr, 4);
+       	val = *(u32 *) (ptr);
+
+	DB(if (DEBUG_MEM_TRACE())
+	   printf("%#08x 4 -> %#x\n", addr, val);)
+	return val;
+}
+
+/****************************************************************************
+PARAMETERS:
+addr	- Emulator memory address to read
+val		- Value to store
+
+REMARKS:
+Writes a byte value to emulator memory.
+****************************************************************************/
+void X86API wrb(u32 addr, u8 val)
+{
+	u8 *ptr;
+
+	ptr = mem_ptr(addr, 1);
+	*(u8 *) (ptr) = val;
+
+	DB(if (DEBUG_MEM_TRACE())
+	   printf("%#08x 1 <- %#x\n", addr, val);)
+}
+
+/****************************************************************************
+PARAMETERS:
+addr	- Emulator memory address to read
+val		- Value to store
+
+REMARKS:
+Writes a word value to emulator memory.
+****************************************************************************/
+void X86API wrw(u32 addr, u16 val)
+{
+	u8 *ptr;
+
+	ptr = mem_ptr(addr, 2);
+	*(u16 *) (ptr) = val;
+
+	DB(if (DEBUG_MEM_TRACE())
+	   printf("%#08x 2 <- %#x\n", addr, val);)
+}
+
+/****************************************************************************
+PARAMETERS:
+addr	- Emulator memory address to read
+val		- Value to store
+
+REMARKS:
+Writes a long value to emulator memory.
+****************************************************************************/
+void X86API wrl(u32 addr, u32 val)
+{
+	u8 *ptr;
+
+	ptr = mem_ptr(addr, 4);
+	*(u32 *) (ptr) = val;
+
+	DB(if (DEBUG_MEM_TRACE())
+	   printf("%#08x 4 <- %#x\n", addr, val);)
+
+
+}
+
+/****************************************************************************
+PARAMETERS:
+addr	- PIO address to read
+RETURN:
+0
+REMARKS:
+Default PIO byte read function. Doesn't perform real inb.
+****************************************************************************/
+static u8 X86API p_inb(X86EMU_pioAddr addr)
+{
+	DB(if (DEBUG_IO_TRACE())
+		printf("inb %#04x \n", addr);)
+	return inb(addr);
+}
+
+/****************************************************************************
+PARAMETERS:
+addr	- PIO address to read
+RETURN:
+0
+REMARKS:
+Default PIO word read function. Doesn't perform real inw.
+****************************************************************************/
+static u16 X86API p_inw(X86EMU_pioAddr addr)
+{
+	DB(if (DEBUG_IO_TRACE())
+		printf("inw %#04x \n", addr);)
+	return inw(addr);
+}
+
+/****************************************************************************
+PARAMETERS:
+addr	- PIO address to read
+RETURN:
+0
+REMARKS:
+Default PIO long read function. Doesn't perform real inl.
+****************************************************************************/
+static u32 X86API p_inl(X86EMU_pioAddr addr)
+{
+	DB(if (DEBUG_IO_TRACE())
+		printf("inl %#04x \n", addr);)
+	return inl(addr);
+}
+
+/****************************************************************************
+PARAMETERS:
+addr	- PIO address to write
+val     - Value to store
+REMARKS:
+Default PIO byte write function. Doesn't perform real outb.
+****************************************************************************/
+static void X86API p_outb(X86EMU_pioAddr addr, u8 val)
+{
+	DB(if (DEBUG_IO_TRACE())
+		printf("outb %#02x -> %#04x \n", val, addr);)
+	outb(val, addr);
+	return;
+}
+
+/****************************************************************************
+PARAMETERS:
+addr	- PIO address to write
+val     - Value to store
+REMARKS:
+Default PIO word write function. Doesn't perform real outw.
+****************************************************************************/
+static void X86API p_outw(X86EMU_pioAddr addr, u16 val)
+{
+	DB(if (DEBUG_IO_TRACE())
+		printf("outw %#04x -> %#04x \n", val, addr);)
+	outw(val, addr);
+	return;
+}
+
+/****************************************************************************
+PARAMETERS:
+addr	- PIO address to write
+val     - Value to store
+REMARKS:
+Default PIO ;ong write function. Doesn't perform real outl.
+****************************************************************************/
+static void X86API p_outl(X86EMU_pioAddr addr, u32 val)
+{
+	DB(if (DEBUG_IO_TRACE())
+	       printf("outl %#08x -> %#04x \n", val, addr);)
+
+	outl(val, addr);
+	return;
+}
+
+/*------------------------- Global Variables ------------------------------*/
+
+u8(X86APIP sys_rdb) (u32 addr) = rdb;
+u16(X86APIP sys_rdw) (u32 addr) = rdw;
+u32(X86APIP sys_rdl) (u32 addr) = rdl;
+void (X86APIP sys_wrb) (u32 addr, u8 val) = wrb;
+void (X86APIP sys_wrw) (u32 addr, u16 val) = wrw;
+void (X86APIP sys_wrl) (u32 addr, u32 val) = wrl;
+u8(X86APIP sys_inb) (X86EMU_pioAddr addr) = p_inb;
+u16(X86APIP sys_inw) (X86EMU_pioAddr addr) = p_inw;
+u32(X86APIP sys_inl) (X86EMU_pioAddr addr) = p_inl;
+void (X86APIP sys_outb) (X86EMU_pioAddr addr, u8 val) = p_outb;
+void (X86APIP sys_outw) (X86EMU_pioAddr addr, u16 val) = p_outw;
+void (X86APIP sys_outl) (X86EMU_pioAddr addr, u32 val) = p_outl;
+
+/*----------------------------- Setup -------------------------------------*/
+
+/****************************************************************************
+PARAMETERS:
+funcs	- New memory function pointers to make active
+
+REMARKS:
+This function is used to set the pointers to functions which access
+memory space, allowing the user application to override these functions
+and hook them out as necessary for their application.
+****************************************************************************/
+void X86EMU_setupMemFuncs(X86EMU_memFuncs * funcs)
+{
+	sys_rdb = funcs->rdb;
+	sys_rdw = funcs->rdw;
+	sys_rdl = funcs->rdl;
+	sys_wrb = funcs->wrb;
+	sys_wrw = funcs->wrw;
+	sys_wrl = funcs->wrl;
+}
+
+/****************************************************************************
+PARAMETERS:
+funcs	- New programmed I/O function pointers to make active
+
+REMARKS:
+This function is used to set the pointers to functions which access
+I/O space, allowing the user application to override these functions
+and hook them out as necessary for their application.
+****************************************************************************/
+void X86EMU_setupPioFuncs(X86EMU_pioFuncs * funcs)
+{
+	sys_inb = funcs->inb;
+	sys_inw = funcs->inw;
+	sys_inl = funcs->inl;
+	sys_outb = funcs->outb;
+	sys_outw = funcs->outw;
+	sys_outl = funcs->outl;
+}
+
+/****************************************************************************
+PARAMETERS:
+funcs	- New interrupt vector table to make active
+
+REMARKS:
+This function is used to set the pointers to functions which handle
+interrupt processing in the emulator, allowing the user application to
+hook interrupts as necessary for their application. Any interrupts that
+are not hooked by the user application, and reflected and handled internally
+in the emulator via the interrupt vector table. This allows the application
+to get control when the code being emulated executes specific software
+interrupts.
+****************************************************************************/
+void X86EMU_setupIntrFuncs(X86EMU_intrFuncs funcs[])
+{
+	int i;
+
+	for (i = 0; i < 256; i++)
+		_X86EMU_intrTab[i] = NULL;
+	if (funcs) {
+		for (i = 0; i < 256; i++)
+			_X86EMU_intrTab[i] = funcs[i];
+	}
+}
+
+/****************************************************************************
+PARAMETERS:
+int	- New software interrupt to prepare for
+
+REMARKS:
+This function is used to set up the emulator state to exceute a software
+interrupt. This can be used by the user application code to allow an
+interrupt to be hooked, examined and then reflected back to the emulator
+so that the code in the emulator will continue processing the software
+interrupt as per normal. This essentially allows system code to actively
+hook and handle certain software interrupts as necessary.
+****************************************************************************/
+void X86EMU_prepareForInt(int num)
+{
+	push_word((u16) M.x86.R_FLG);
+	CLEAR_FLAG(F_IF);
+	CLEAR_FLAG(F_TF);
+	push_word(M.x86.R_CS);
+	M.x86.R_CS = mem_access_word(num * 4 + 2);
+	push_word(M.x86.R_IP);
+	M.x86.R_IP = mem_access_word(num * 4);
+	M.x86.intr = 0;
+}
+
+void X86EMU_setMemBase(void *base, size_t size)
+{
+	M.mem_base = (unsigned long) base;
+	M.mem_size = size;
+}
diff --git a/src/device/oprom/x86emu/x86emui.h b/src/device/oprom/x86emu/x86emui.h
new file mode 100644
index 0000000..e34a1ba
--- /dev/null
+++ b/src/device/oprom/x86emu/x86emui.h
@@ -0,0 +1,103 @@
+/****************************************************************************
+*
+*						Realmode X86 Emulator Library
+*
+*            	Copyright (C) 1996-1999 SciTech Software, Inc.
+* 				     Copyright (C) David Mosberger-Tang
+* 					   Copyright (C) 1999 Egbert Eich
+*
+*  ========================================================================
+*
+*  Permission to use, copy, modify, distribute, and sell this software and
+*  its documentation for any purpose is hereby granted without fee,
+*  provided that the above copyright notice appear in all copies and that
+*  both that copyright notice and this permission notice appear in
+*  supporting documentation, and that the name of the authors not be used
+*  in advertising or publicity pertaining to distribution of the software
+*  without specific, written prior permission.  The authors makes no
+*  representations about the suitability of this software for any purpose.
+*  It is provided "as is" without express or implied warranty.
+*
+*  THE AUTHORS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
+*  INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
+*  EVENT SHALL THE AUTHORS BE LIABLE FOR ANY SPECIAL, INDIRECT OR
+*  CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
+*  USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
+*  OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+*  PERFORMANCE OF THIS SOFTWARE.
+*
+*  ========================================================================
+*
+* Language:		ANSI C
+* Environment:	Any
+* Developer:    Kendall Bennett
+*
+* Description:  Header file for system specific functions. These functions
+*				are always compiled and linked in the OS depedent libraries,
+*				and never in a binary portable driver.
+*
+****************************************************************************/
+
+/* $XFree86: xc/extras/x86emu/src/x86emu/x86emu/x86emui.h,v 1.4 2001/04/01 13:59:58 tsi Exp $ */
+
+#ifndef __X86EMU_X86EMUI_H
+#define __X86EMU_X86EMUI_H
+
+/* If we are compiling in C++ mode, we can compile some functions as
+ * inline to increase performance (however the code size increases quite
+ * dramatically in this case).
+ */
+
+#if	defined(__cplusplus) && !defined(_NO_INLINE)
+#define	_INLINE	inline
+#else
+#define	_INLINE static
+#endif
+
+/* Get rid of unused parameters in C++ compilation mode */
+
+#ifdef __cplusplus
+#define	X86EMU_UNUSED(v)
+#else
+#define	X86EMU_UNUSED(v)	v __attribute__((unused))
+#endif
+
+#include "x86emu/x86emu.h"
+#include "x86emu/regs.h"
+#include "debug.h"
+#include "decode.h"
+#include "ops.h"
+#include "prim_ops.h"
+#include "fpu.h"
+#include "x86emu/fpu_regs.h"
+
+#ifdef IN_MODULE
+#include <xf86_ansic.h>
+#else
+#include <string.h>
+#endif
+/*--------------------------- Inline Functions ----------------------------*/
+
+#ifdef  __cplusplus
+extern "C" {            			/* Use "C" linkage when in C++ mode */
+#endif
+
+extern u8  	(X86APIP sys_rdb)(u32 addr);
+extern u16 	(X86APIP sys_rdw)(u32 addr);
+extern u32 	(X86APIP sys_rdl)(u32 addr);
+extern void (X86APIP sys_wrb)(u32 addr,u8 val);
+extern void (X86APIP sys_wrw)(u32 addr,u16 val);
+extern void (X86APIP sys_wrl)(u32 addr,u32 val);
+
+extern u8  	(X86APIP sys_inb)(X86EMU_pioAddr addr);
+extern u16 	(X86APIP sys_inw)(X86EMU_pioAddr addr);
+extern u32 	(X86APIP sys_inl)(X86EMU_pioAddr addr);
+extern void (X86APIP sys_outb)(X86EMU_pioAddr addr,u8 val);
+extern void (X86APIP sys_outw)(X86EMU_pioAddr addr,u16 val);
+extern void	(X86APIP sys_outl)(X86EMU_pioAddr addr,u32 val);
+
+#ifdef  __cplusplus
+}                       			/* End of "C" linkage for C++   	*/
+#endif
+
+#endif /* __X86EMU_X86EMUI_H */
diff --git a/src/device/oprom/yabel/Makefile.inc b/src/device/oprom/yabel/Makefile.inc
new file mode 100644
index 0000000..f05998c
--- /dev/null
+++ b/src/device/oprom/yabel/Makefile.inc
@@ -0,0 +1,9 @@
+ramstage-y += biosemu.c
+ramstage-y += debug.c
+ramstage-y += device.c
+ramstage-y += interrupt.c
+ramstage-y += io.c
+ramstage-y += mem.c
+ramstage-y += pmm.c
+ramstage-y += vbe.c
+subdirs-y += compat
diff --git a/src/device/oprom/yabel/biosemu.c b/src/device/oprom/yabel/biosemu.c
new file mode 100644
index 0000000..2a2ca31
--- /dev/null
+++ b/src/device/oprom/yabel/biosemu.c
@@ -0,0 +1,395 @@
+/******************************************************************************
+ * Copyright (c) 2004, 2008 IBM Corporation
+ * Copyright (c) 2008, 2009 Pattrick Hueper <phueper at hueper.net>
+ * Copyright (c) 2010 coresystems GmbH
+ * All rights reserved.
+ * This program and the accompanying materials
+ * are made available under the terms of the BSD License
+ * which accompanies this distribution, and is available at
+ * http://www.opensource.org/licenses/bsd-license.php
+ *
+ * Contributors:
+ *     IBM Corporation - initial implementation
+ *****************************************************************************/
+
+#include <string.h>
+#include <types.h>
+
+#include "debug.h"
+
+#include <x86emu/x86emu.h>
+#include <x86emu/regs.h>
+#include "../x86emu/prim_ops.h"
+
+#include "biosemu.h"
+#include "io.h"
+#include "mem.h"
+#include "interrupt.h"
+#include "device.h"
+#include "pmm.h"
+
+#include <device/device.h>
+#include "compat/rtas.h"
+
+static X86EMU_memFuncs my_mem_funcs = {
+	my_rdb, my_rdw, my_rdl,
+	my_wrb, my_wrw, my_wrl
+};
+
+static X86EMU_pioFuncs my_pio_funcs = {
+	my_inb, my_inw, my_inl,
+	my_outb, my_outw, my_outl
+};
+
+/* interrupt function override array (see biosemu.h) */
+yabel_handleIntFunc yabel_intFuncArray[256];
+
+void
+mainboard_interrupt_handlers(int interrupt, yabel_handleIntFunc func)
+{
+	yabel_intFuncArray[interrupt] = func;
+}
+
+/* main entry into YABEL biosemu, arguments are:
+ * *biosmem = pointer to virtual memory
+ * biosmem_size = size of the virtual memory
+ * *dev = pointer to the device to be initialised
+ * rom_addr = address of the OptionROM to be executed, if this is = 0, YABEL
+ * 	will look for an ExpansionROM BAR and use the code from there.
+ */
+u32
+biosemu(u8 *biosmem, u32 biosmem_size, struct device * dev, unsigned long rom_addr)
+{
+	u8 *rom_image;
+	int i = 0;
+#if CONFIG_X86EMU_DEBUG
+	debug_flags = 0;
+#if CONFIG_X86EMU_DEBUG_JMP
+	debug_flags |= DEBUG_JMP;
+#endif
+#if CONFIG_X86EMU_DEBUG_TRACE
+	debug_flags |= DEBUG_TRACE_X86EMU;
+#endif
+#if CONFIG_X86EMU_DEBUG_PNP
+	debug_flags |= DEBUG_PNP;
+#endif
+#if CONFIG_X86EMU_DEBUG_DISK
+	debug_flags |= DEBUG_DISK;
+#endif
+#if CONFIG_X86EMU_DEBUG_PMM
+	debug_flags |= DEBUG_PMM;
+#endif
+#if CONFIG_X86EMU_DEBUG_VBE
+	debug_flags |= DEBUG_VBE;
+#endif
+#if CONFIG_X86EMU_DEBUG_INT10
+	debug_flags |= DEBUG_PRINT_INT10;
+#endif
+#if CONFIG_X86EMU_DEBUG_INTERRUPTS
+	debug_flags |= DEBUG_INTR;
+#endif
+#if CONFIG_X86EMU_DEBUG_CHECK_VMEM_ACCESS
+	debug_flags |= DEBUG_CHECK_VMEM_ACCESS;
+#endif
+#if CONFIG_X86EMU_DEBUG_MEM
+	debug_flags |= DEBUG_MEM;
+#endif
+#if CONFIG_X86EMU_DEBUG_IO
+	debug_flags |= DEBUG_IO;
+#endif
+
+#endif
+	if (biosmem_size < MIN_REQUIRED_VMEM_SIZE) {
+		printf("Error: Not enough virtual memory: %x, required: %x!\n",
+		       biosmem_size, MIN_REQUIRED_VMEM_SIZE);
+		return -1;
+	}
+	if (biosemu_dev_init(dev) != 0) {
+		printf("Error initializing device!\n");
+		return -1;
+	}
+	if (biosemu_dev_check_exprom(rom_addr) != 0) {
+		printf("Error: Device Expansion ROM invalid!\n");
+		return -1;
+	}
+	biosemu_add_special_memory(0, 0x500); // IVT + BDA
+	biosemu_add_special_memory(OPTION_ROM_CODE_SEGMENT << 4, 0x10000); // option ROM
+
+	rom_image = (u8 *) bios_device.img_addr;
+	DEBUG_PRINTF("executing rom_image from %p\n", rom_image);
+	DEBUG_PRINTF("biosmem at %p\n", biosmem);
+
+	DEBUG_PRINTF("Image Size: %d\n", bios_device.img_size);
+
+	// in case we jump somewhere unexpected, or execution is finished,
+	// fill the biosmem with hlt instructions (0xf4)
+	// But we have to be careful: If biosmem is 0x00000000 we're running
+	// in the lower 1MB and we must not wipe memory like that.
+	if (biosmem) {
+		DEBUG_PRINTF("Clearing biosmem\n");
+		memset(biosmem, 0xf4, biosmem_size);
+	}
+
+	X86EMU_setMemBase(biosmem, biosmem_size);
+
+	DEBUG_PRINTF("membase set: %08x, size: %08x\n", (int) M.mem_base,
+		     (int) M.mem_size);
+
+	// copy expansion ROM image to segment OPTION_ROM_CODE_SEGMENT
+	// NOTE: this sometimes fails, some bytes are 0x00... so we compare
+	// after copying and do some retries...
+	u8 *mem_img = (u8*)(OPTION_ROM_CODE_SEGMENT << 4);
+	u8 copy_count = 0;
+	u8 cmp_result = 0;
+	do {
+#if 0
+		set_ci();
+		memcpy(mem_img, rom_image, len);
+		clr_ci();
+#else
+		// memcpy fails... try copy byte-by-byte with set/clr_ci
+		u8 c;
+		for (i = 0; i < bios_device.img_size; i++) {
+			set_ci();
+			c = *(rom_image + i);
+			if (c != *(rom_image + i)) {
+				clr_ci();
+				printf("Copy failed at: %x/%x\n", i,
+				       bios_device.img_size);
+				printf("rom_image(%x): %x, mem_img(%x): %x\n",
+				       i, *(rom_image + i), i, *(mem_img + i));
+				break;
+			}
+			clr_ci();
+			my_wrb((u32)mem_img + i, c);
+		}
+#endif
+		copy_count++;
+		set_ci();
+		cmp_result = memcmp(mem_img, rom_image, bios_device.img_size);
+		clr_ci();
+	}
+	while ((copy_count < 5) && (cmp_result != 0));
+	if (cmp_result != 0) {
+		printf
+		    ("\nCopying Expansion ROM Image to Memory failed after %d retries! (%x)\n",
+		     copy_count, cmp_result);
+		dump(rom_image, 0x20);
+		dump(mem_img, 0x20);
+		return 0;
+	}
+	// setup default Interrupt Vectors
+	// some expansion ROMs seem to check for these addresses..
+	// each handler is only an IRET (0xCF) instruction
+	// ROM BIOS Int 10 Handler F000:F065
+	my_wrl(0x10 * 4, 0xf000f065);
+	my_wrb(0x000ff065, 0xcf);
+	// ROM BIOS Int 11 Handler F000:F84D
+	my_wrl(0x11 * 4, 0xf000f84d);
+	my_wrb(0x000ff84d, 0xcf);
+	// ROM BIOS Int 12 Handler F000:F841
+	my_wrl(0x12 * 4, 0xf000f841);
+	my_wrb(0x000ff841, 0xcf);
+	// ROM BIOS Int 13 Handler F000:EC59
+	my_wrl(0x13 * 4, 0xf000ec59);
+	my_wrb(0x000fec59, 0xcf);
+	// ROM BIOS Int 14 Handler F000:E739
+	my_wrl(0x14 * 4, 0xf000e739);
+	my_wrb(0x000fe739, 0xcf);
+	// ROM BIOS Int 15 Handler F000:F859
+	my_wrl(0x15 * 4, 0xf000f859);
+	my_wrb(0x000ff859, 0xcf);
+	// ROM BIOS Int 16 Handler F000:E82E
+	my_wrl(0x16 * 4, 0xf000e82e);
+	my_wrb(0x000fe82e, 0xcf);
+	// ROM BIOS Int 17 Handler F000:EFD2
+	my_wrl(0x17 * 4, 0xf000efd2);
+	my_wrb(0x000fefd2, 0xcf);
+	// ROM BIOS Int 1A Handler F000:FE6E
+	my_wrl(0x1a * 4, 0xf000fe6e);
+	my_wrb(0x000ffe6e, 0xcf);
+
+	// setup BIOS Data Area (0000:04xx, or 0040:00xx)
+	// we currently 0 this area, meaning "we dont have
+	// any hardware" :-) no serial/parallel ports, floppys, ...
+	memset(biosmem + 0x400, 0x0, 0x100);
+
+	// at offset 13h in BDA is the memory size in kbytes
+	my_wrw(0x413, biosmem_size / 1024);
+	// at offset 0eh in BDA is the segment of the Extended BIOS Data Area
+	// see setup further down
+	my_wrw(0x40e, INITIAL_EBDA_SEGMENT);
+	// TODO: setup BDA Video Data ( offset 49h-66h)
+	// e.g. to store video mode, cursor position, ...
+	// in int10 (done) handler and VBE Functions
+
+	// TODO: setup BDA Fixed Disk Data
+	// 74h: Fixed Disk Last Operation Status
+	// 75h: Fixed Disk Number of Disk Drives
+
+	// TODO: check BDA for further needed data...
+
+	//setup Extended BIOS Data Area
+	//we currently 0 this area
+	memset(biosmem + (INITIAL_EBDA_SEGMENT << 4), 0, INITIAL_EBDA_SIZE);
+	// at offset 0h in EBDA is the size of the EBDA in KB
+	my_wrw((INITIAL_EBDA_SEGMENT << 4) + 0x0, INITIAL_EBDA_SIZE / 1024);
+	//TODO: check for further needed EBDA data...
+
+	// setup  original ROM BIOS Area (F000:xxxx)
+	const char *date = "06/11/99";
+	for (i = 0; date[i]; i++)
+		my_wrb(0xffff5 + i, date[i]);
+	// set up eisa ident string
+	const char *ident = "PCI_ISA";
+	for (i = 0; ident[i]; i++)
+		my_wrb(0xfffd9 + i, ident[i]);
+
+	// write system model id for IBM-AT
+	// according to "Ralf Browns Interrupt List" Int15 AH=C0 Table 515,
+	// model FC is the original AT and also used in all DOSEMU Versions.
+	my_wrb(0xFFFFE, 0xfc);
+
+	//setup interrupt handler
+	X86EMU_intrFuncs intrFuncs[256];
+	for (i = 0; i < 256; i++)
+		intrFuncs[i] = handleInterrupt;
+	X86EMU_setupIntrFuncs(intrFuncs);
+	X86EMU_setupPioFuncs(&my_pio_funcs);
+	X86EMU_setupMemFuncs(&my_mem_funcs);
+
+	//setup PMM struct in BIOS_DATA_SEGMENT, offset 0x0
+	u8 pmm_length = pmm_setup(BIOS_DATA_SEGMENT, 0x0);
+	if (pmm_length <= 0) {
+		printf ("\nYABEL: Warning: PMM Area could not be setup. PMM not available (%x)\n",
+		     pmm_length);
+		return 0;
+	} else {
+		CHECK_DBG(DEBUG_PMM) {
+			/* test the PMM */
+			pmm_test();
+			/* and clean it again by calling pmm_setup... */
+			pmm_length = pmm_setup(BIOS_DATA_SEGMENT, 0x0);
+		}
+	}
+	// setup the CPU
+	M.x86.R_AH = bios_device.bus;
+	M.x86.R_AL = bios_device.devfn;
+	M.x86.R_DX = 0x80;
+	M.x86.R_EIP = 3;
+	M.x86.R_CS = OPTION_ROM_CODE_SEGMENT;
+
+	// Initialize stack and data segment
+	M.x86.R_SS = STACK_SEGMENT;
+	M.x86.R_SP = STACK_START_OFFSET;
+	M.x86.R_DS = DATA_SEGMENT;
+
+	// push a HLT instruction and a pointer to it onto the stack
+	// any return will pop the pointer and jump to the HLT, thus
+	// exiting (more or less) cleanly
+	push_word(0xf4f4);	// F4=HLT
+	push_word(M.x86.R_SS);
+	push_word(M.x86.R_SP + 2);
+
+	CHECK_DBG(DEBUG_TRACE_X86EMU) {
+		X86EMU_trace_on();
+#if 0
+	} else {
+		M.x86.debug |= DEBUG_SAVE_IP_CS_F;
+		M.x86.debug |= DEBUG_DECODE_F;
+		M.x86.debug |= DEBUG_DECODE_NOPRINT_F;
+#endif
+	}
+	CHECK_DBG(DEBUG_JMP) {
+		M.x86.debug |= DEBUG_TRACEJMP_F;
+		M.x86.debug |= DEBUG_TRACEJMP_REGS_F;
+		M.x86.debug |= DEBUG_TRACECALL_F;
+		M.x86.debug |= DEBUG_TRACECALL_REGS_F;
+	}
+
+	DEBUG_PRINTF("Executing Initialization Vector...\n");
+	X86EMU_exec();
+	DEBUG_PRINTF("done\n");
+
+	/* According to the PNP BIOS Spec, Option ROMs should upon exit, return
+	 * some boot device status in AX (see PNP BIOS Spec Section 3.3
+	 */
+	DEBUG_PRINTF_CS_IP("Option ROM Exit Status: %04x\n", M.x86.R_AX);
+#if CONFIG_X86EMU_DEBUG
+	DEBUG_PRINTF("Exit Status Decode:\n");
+	if (M.x86.R_AX & 0x100) {	// bit 8
+		DEBUG_PRINTF
+		    ("  IPL Device supporting INT 13h Block Device Format:\n");
+		switch (((M.x86.R_AX >> 4) & 0x3)) {	// bits 5:4
+		case 0:
+			DEBUG_PRINTF("    No IPL Device attached\n");
+			break;
+		case 1:
+			DEBUG_PRINTF("    IPL Device status unknown\n");
+			break;
+		case 2:
+			DEBUG_PRINTF("    IPL Device attached\n");
+			break;
+		case 3:
+			DEBUG_PRINTF("    IPL Device status RESERVED!!\n");
+			break;
+		}
+	}
+	if (M.x86.R_AX & 0x80) {	// bit 7
+		DEBUG_PRINTF
+		    ("  Output Device supporting INT 10h Character Output:\n");
+		switch (((M.x86.R_AX >> 4) & 0x3)) {	// bits 5:4
+		case 0:
+			DEBUG_PRINTF("    No Display Device attached\n");
+			break;
+		case 1:
+			DEBUG_PRINTF("    Display Device status unknown\n");
+			break;
+		case 2:
+			DEBUG_PRINTF("    Display Device attached\n");
+			break;
+		case 3:
+			DEBUG_PRINTF("    Display Device status RESERVED!!\n");
+			break;
+		}
+	}
+	if (M.x86.R_AX & 0x40) {	// bit 6
+		DEBUG_PRINTF
+		    ("  Input Device supporting INT 9h Character Input:\n");
+		switch (((M.x86.R_AX >> 4) & 0x3)) {	// bits 5:4
+		case 0:
+			DEBUG_PRINTF("    No Input Device attached\n");
+			break;
+		case 1:
+			DEBUG_PRINTF("    Input Device status unknown\n");
+			break;
+		case 2:
+			DEBUG_PRINTF("    Input Device attached\n");
+			break;
+		case 3:
+			DEBUG_PRINTF("    Input Device status RESERVED!!\n");
+			break;
+		}
+	}
+#endif
+	/* Check whether the stack is "clean" i.e. containing the HLT
+	 * instruction we pushed before executing and pointing to the original
+	 * stack address... indicating that the initialization probably was
+	 * successful
+	 */
+	if ((pop_word() == 0xf4f4) && (M.x86.R_SS == STACK_SEGMENT)
+	    && (M.x86.R_SP == STACK_START_OFFSET)) {
+		DEBUG_PRINTF("Stack is clean, initialization successfull!\n");
+	} else {
+		printf("Stack unclean, initialization probably NOT COMPLETE!\n");
+		DEBUG_PRINTF("SS:SP = %04x:%04x, expected: %04x:%04x\n",
+			     M.x86.R_SS, M.x86.R_SP, STACK_SEGMENT,
+			     STACK_START_OFFSET);
+	}
+
+	// TODO: according to the BIOS Boot Spec initializations may be ended using INT18h and setting
+	// the status.
+	// We need to implement INT18 accordingly, pseudo code is in specsbbs101.pdf page 30
+	// (also for Int19)
+	return 0;
+}
diff --git a/src/device/oprom/yabel/biosemu.h b/src/device/oprom/yabel/biosemu.h
new file mode 100644
index 0000000..4f5c4aa
--- /dev/null
+++ b/src/device/oprom/yabel/biosemu.h
@@ -0,0 +1,53 @@
+/******************************************************************************
+ * Copyright (c) 2004, 2008 IBM Corporation
+ * Copyright (c) 2009 Pattrick Hueper <phueper at hueper.net>
+ * All rights reserved.
+ * This program and the accompanying materials
+ * are made available under the terms of the BSD License
+ * which accompanies this distribution, and is available at
+ * http://www.opensource.org/licenses/bsd-license.php
+ *
+ * Contributors:
+ *     IBM Corporation - initial implementation
+ *****************************************************************************/
+
+#ifndef _BIOSEMU_BIOSEMU_H_
+#define _BIOSEMU_BIOSEMU_H_
+
+#define MIN_REQUIRED_VMEM_SIZE 0x100000	// 1MB
+
+//define default segments for different components
+#define STACK_SEGMENT 0x1000	//1000:xxxx
+#define STACK_START_OFFSET 0xfffe
+
+#define DATA_SEGMENT 0x2000
+#define VBE_SEGMENT 0x3000
+
+#define PMM_CONV_SEGMENT 0x4000	// 4000:xxxx is PMM conventional memory area, extended memory area
+				// will be anything beyound MIN_REQUIRED_MEMORY_SIZE
+#define PNP_DATA_SEGMENT 0x5000
+
+#define OPTION_ROM_CODE_SEGMENT 0xc000
+
+#define BIOS_DATA_SEGMENT 0xF000
+// both EBDA values are _initial_ values, they may (and will be) changed at runtime by option ROMs!!
+#define INITIAL_EBDA_SEGMENT 0xF600	// segment of the Extended BIOS Data Area
+#define INITIAL_EBDA_SIZE 0x400	// size of the EBDA (at least 1KB!! since size is stored in KB!)
+
+#define PMM_INT_NUM 0xFC	// we misuse INT FC for PMM functionality, at the PMM Entry Point
+				// Address, there will only be a call to this INT and a RETF
+#define PNP_INT_NUM 0xFD
+
+/* array of funtion pointers to override generic interrupt handlers
+ * a YABEL caller can add functions to this array before calling YABEL
+ * if a interrupt occurs, YABEL checks wether a function is set in
+ * this array and only runs the generic interrupt handler code, if
+ * the function pointer is NULL */
+typedef int (* yabel_handleIntFunc)(void);
+extern yabel_handleIntFunc yabel_intFuncArray[256];
+void mainboard_interrupt_handlers(int, yabel_handleIntFunc);
+
+struct device;
+
+u32 biosemu(u8 *biosmem, u32 biosmem_size, struct device *dev, unsigned long rom_addr);
+#endif
diff --git a/src/device/oprom/yabel/compat/Makefile.inc b/src/device/oprom/yabel/compat/Makefile.inc
new file mode 100644
index 0000000..8121c8b
--- /dev/null
+++ b/src/device/oprom/yabel/compat/Makefile.inc
@@ -0,0 +1 @@
+ramstage-y += functions.c
diff --git a/src/device/oprom/yabel/compat/functions.c b/src/device/oprom/yabel/compat/functions.c
new file mode 100644
index 0000000..542c81f
--- /dev/null
+++ b/src/device/oprom/yabel/compat/functions.c
@@ -0,0 +1,59 @@
+/****************************************************************************
+ * YABEL BIOS Emulator
+ *
+ * This program and the accompanying materials
+ * are made available under the terms of the BSD License
+ * which accompanies this distribution, and is available at
+ * http://www.opensource.org/licenses/bsd-license.php
+ *
+ * Copyright (c) 2008 Pattrick Hueper <phueper at hueper.net>
+ ****************************************************************************/
+
+/* this file contains functions provided by SLOF, that the current biosemu implementation needs
+ * they should go away  inthe future...
+ */
+
+#include <types.h>
+#include <string.h>
+#include <device/device.h>
+#include "../debug.h"
+#include "../biosemu.h"
+#include "../vbe.h"
+#include "../compat/time.h"
+
+#define VMEM_SIZE (1024 * 1024) /* 1 MB */
+
+#if !CONFIG_YABEL_DIRECTHW
+#if CONFIG_YABEL_VIRTMEM_LOCATION
+u8* vmem = (u8 *) CONFIG_YABEL_VIRTMEM_LOCATION;
+#else
+u8* vmem = (u8 *) (16*1024*1024); /* default to 16MB */
+#endif
+#else
+u8* vmem = NULL;
+#endif
+
+void run_bios(struct device * dev, unsigned long addr)
+{
+
+	biosemu(vmem, VMEM_SIZE, dev, addr);
+
+#if CONFIG_FRAMEBUFFER_SET_VESA_MODE
+	vbe_set_graphics();
+#endif
+}
+
+unsigned long tb_freq = 0;
+
+u64 get_time(void)
+{
+    u64 act;
+    u32 eax, edx;
+
+    __asm__ __volatile__(
+	"rdtsc"
+        : "=a"(eax), "=d"(edx)
+        : /* no inputs, no clobber */);
+    act = ((u64) edx << 32) | eax;
+    return act;
+}
diff --git a/src/device/oprom/yabel/compat/of.h b/src/device/oprom/yabel/compat/of.h
new file mode 100644
index 0000000..6a00f7a
--- /dev/null
+++ b/src/device/oprom/yabel/compat/of.h
@@ -0,0 +1,55 @@
+/******************************************************************************
+ * Copyright (c) 2004, 2008 IBM Corporation
+ * All rights reserved.
+ * This program and the accompanying materials
+ * are made available under the terms of the BSD License
+ * which accompanies this distribution, and is available at
+ * http://www.opensource.org/licenses/bsd-license.php
+ *
+ * Contributors:
+ *     IBM Corporation - initial implementation
+ *****************************************************************************/
+
+
+#ifndef OF_H
+#define OF_H
+#define p32 int
+#define p32cast (int) (unsigned long) (void*)
+
+#define phandle_t p32
+#define ihandle_t p32
+
+typedef struct
+{
+    unsigned int serv;
+    int nargs;
+    int nrets;
+    unsigned int args[16];
+} of_arg_t;
+
+
+phandle_t of_finddevice (const char *);
+phandle_t of_peer (phandle_t);
+phandle_t of_child (phandle_t);
+phandle_t of_parent (phandle_t);
+int of_getprop (phandle_t, const char *, void *, int);
+void * of_call_method_3 (const char *, ihandle_t, int);
+
+
+ihandle_t of_open (const char *);
+void of_close(ihandle_t);
+int of_read (ihandle_t , void*, int);
+int of_write (ihandle_t, void*, int);
+int of_seek (ihandle_t, int, int);
+
+void * of_claim(void *, unsigned int , unsigned int );
+void of_release(void *, unsigned int );
+
+int of_yield(void);
+void * of_set_callback(void *);
+
+int vpd_read(unsigned int , unsigned int , char *);
+int vpd_write(unsigned int , unsigned int , char *);
+int write_mm_log(char *, unsigned int , unsigned short );
+
+#endif
diff --git a/src/device/oprom/yabel/compat/rtas.h b/src/device/oprom/yabel/compat/rtas.h
new file mode 100644
index 0000000..25cabf4
--- /dev/null
+++ b/src/device/oprom/yabel/compat/rtas.h
@@ -0,0 +1,45 @@
+/******************************************************************************
+ * Copyright (c) 2004, 2008 IBM Corporation
+ * All rights reserved.
+ * This program and the accompanying materials
+ * are made available under the terms of the BSD License
+ * which accompanies this distribution, and is available at
+ * http://www.opensource.org/licenses/bsd-license.php
+ *
+ * Contributors:
+ *     IBM Corporation - initial implementation
+ *****************************************************************************/
+
+
+#ifndef RTAS_H
+#define RTAS_H
+
+#include "of.h"
+
+typedef struct dtime {
+        unsigned int year;
+        unsigned int month;
+        unsigned int day;
+        unsigned int hour;
+        unsigned int minute;
+        unsigned int second;
+        unsigned int nano;
+} dtime;
+
+typedef void (*thread_t) (int);
+
+int rtas_token(const char *);
+int rtas_call(int, int, int, int *, ...);
+void rtas_init(void);
+int rtas_pci_config_read (long long, int, int, int, int);
+int rtas_pci_config_write (long long, int, int, int, int, int);
+int rtas_set_time_of_day(dtime *);
+int rtas_get_time_of_day(dtime *);
+int rtas_ibm_update_flash_64(long long, long long);
+int rtas_ibm_update_flash_64_and_reboot(long long, long long);
+int rtas_system_reboot(void);
+int rtas_start_cpu (int, thread_t, int);
+int rtas_stop_self (void);
+int rtas_ibm_manage_flash(int);
+
+#endif
diff --git a/src/device/oprom/yabel/compat/time.h b/src/device/oprom/yabel/compat/time.h
new file mode 100644
index 0000000..18dba3a
--- /dev/null
+++ b/src/device/oprom/yabel/compat/time.h
@@ -0,0 +1,18 @@
+/****************************************************************************
+ * YABEL BIOS Emulator
+ *
+ * This program and the accompanying materials
+ * are made available under the terms of the BSD License
+ * which accompanies this distribution, and is available at
+ * http://www.opensource.org/licenses/bsd-license.php
+ *
+ * Copyright (c) 2008 Pattrick Hueper <phueper at hueper.net>
+ ****************************************************************************/
+
+#ifndef _BIOSEMU_COMPAT_TIME_H
+#define _BIOSEMU_COMPAT_TIME_H
+
+/* TODO: check how this works in x86 */
+extern unsigned long tb_freq;
+u64 get_time(void);
+#endif
diff --git a/src/device/oprom/yabel/debug.c b/src/device/oprom/yabel/debug.c
new file mode 100644
index 0000000..7cda8af
--- /dev/null
+++ b/src/device/oprom/yabel/debug.c
@@ -0,0 +1,54 @@
+/******************************************************************************
+ * Copyright (c) 2004, 2008 IBM Corporation
+ * Copyright (c) 2008, 2009 Pattrick Hueper <phueper at hueper.net>
+ * All rights reserved.
+ * This program and the accompanying materials
+ * are made available under the terms of the BSD License
+ * which accompanies this distribution, and is available at
+ * http://www.opensource.org/licenses/bsd-license.php
+ *
+ * Contributors:
+ *     IBM Corporation - initial implementation
+ *****************************************************************************/
+
+#include "debug.h"
+
+u32 debug_flags = 0;
+
+void
+dump(u8 * addr, u32 len)
+{
+	printf("\n%s(%p, %x):\n", __func__, addr, len);
+	while (len) {
+		unsigned int tmpCnt = len;
+		unsigned char x;
+		if (tmpCnt > 8)
+			tmpCnt = 8;
+		printf("\n%p: ", addr);
+		// print hex
+		while (tmpCnt--) {
+			set_ci();
+			x = *addr++;
+			clr_ci();
+			printf("%02x ", x);
+		}
+		tmpCnt = len;
+		if (tmpCnt > 8)
+			tmpCnt = 8;
+		len -= tmpCnt;
+		//reset addr ptr to print ascii
+		addr = addr - tmpCnt;
+		// print ascii
+		while (tmpCnt--) {
+			set_ci();
+			x = *addr++;
+			clr_ci();
+			if ((x < 32) || (x >= 127)) {
+				//non-printable char
+				x = '.';
+			}
+			printf("%c", x);
+		}
+	}
+	printf("\n");
+}
diff --git a/src/device/oprom/yabel/debug.h b/src/device/oprom/yabel/debug.h
new file mode 100644
index 0000000..9361553
--- /dev/null
+++ b/src/device/oprom/yabel/debug.h
@@ -0,0 +1,105 @@
+/******************************************************************************
+ * Copyright (c) 2004, 2008 IBM Corporation
+ * Copyright (c) 2009 Pattrick Hueper <phueper at hueper.net>
+ * All rights reserved.
+ * This program and the accompanying materials
+ * are made available under the terms of the BSD License
+ * which accompanies this distribution, and is available at
+ * http://www.opensource.org/licenses/bsd-license.php
+ *
+ * Contributors:
+ *     IBM Corporation - initial implementation
+ *****************************************************************************/
+#ifndef _BIOSEMU_DEBUG_H_
+#define _BIOSEMU_DEBUG_H_
+
+#include <types.h>
+
+extern u32 debug_flags;
+// from x86emu...needed for debugging
+extern void x86emu_dump_xregs(void);
+
+/* printf is not available in coreboot... use printk */
+#include <console/console.h>
+#include "x86emu/x86emu.h"
+#define printf(x...) printk(BIOS_DEBUG, x)
+
+/* PH: empty versions of set/clr_ci
+ * TODO: remove! */
+static inline void clr_ci(void) {};
+static inline void set_ci(void) {};
+
+/* debug_flags is a binary switch that allows you to select the following items
+ * to debug. 1=on 0=off. After you decide what you want to debug create the
+ * binary value, convert to hex and set the option. These options can be
+ * selected in Kconfig.
+ *
+ * |-DEBUG_JMP - print info about JMP and RETF opcodes from x86emu
+ * ||-DEBUG_TRACE_X86EMU - print _all_ opcodes that are executed by x86emu (WARNING: this will produce a LOT of output)
+ * |||-Currently unused
+ * ||||-Currently unused
+ * |||||-Currently unused
+ * ||||||-DEBUG_PNP - Print Plug And Play access made by option rom
+ * |||||||-DEBUG_DISK - Print Disk I/O related messages, currently unused
+ * ||||||||-DEBUG_PMM - Print messages related to POST Memory Manager (PMM)
+ * |||||||||-DEBUG_VBE - Print messages related to VESA BIOS Extension (VBE) functions
+ * ||||||||||-DEBUG_PRINT_INT10 - let INT10 (i.e. character output) calls print messages to Debug output
+ * |||||||||||-DEBUG_INTR - Print messages related to interrupt handling
+ * ||||||||||||-DEBUG_CHECK_VMEM_ACCESS - Print messages related to accesse to certain areas of the virtual Memory (e.g. BDA (BIOS Data Area) or Interrupt Vectors)
+ * |||||||||||||-DEBUG_MEM - Print memory access made by option rom (NOTE: this also includes accesses to fetch instructions)
+ * ||||||||||||||-DEBUG_IO - Print I/O access made by option rom
+ * 11000111111111 - Max Binary Value, Debug All (WARNING: - This could run for hours)
+ */
+
+#define DEBUG_IO 0x1
+#define DEBUG_MEM 0x2
+// set this to print messages for certain virtual memory accesses (Interrupt Vectors, ...)
+#define DEBUG_CHECK_VMEM_ACCESS 0x4
+#define DEBUG_INTR 0x8
+#define DEBUG_PRINT_INT10 0x10	// set to have the INT10 routine print characters
+#define DEBUG_VBE 0x20
+#define DEBUG_PMM 0x40
+#define DEBUG_DISK 0x80
+#define DEBUG_PNP 0x100
+
+#define DEBUG_TRACE_X86EMU 0x1000
+// set to enable tracing of JMPs in x86emu
+#define DEBUG_JMP 0x2000
+
+#if CONFIG_X86EMU_DEBUG
+
+#define CHECK_DBG(_flag) if (debug_flags & _flag)
+
+#define DEBUG_PRINTF(_x...) printf(_x);
+// prints the CS:IP before the printout, NOTE: actually its CS:IP of the _next_ instruction
+// to be executed, since the x86emu advances CS:IP _before_ actually executing an instruction
+#define DEBUG_PRINTF_CS_IP(_x...) DEBUG_PRINTF("%x:%x ", M.x86.R_CS, M.x86.R_IP); DEBUG_PRINTF(_x);
+
+#define DEBUG_PRINTF_IO(_x...) CHECK_DBG(DEBUG_IO) { DEBUG_PRINTF_CS_IP(_x) }
+#define DEBUG_PRINTF_MEM(_x...) CHECK_DBG(DEBUG_MEM) { DEBUG_PRINTF_CS_IP(_x) }
+#define DEBUG_PRINTF_INTR(_x...) CHECK_DBG(DEBUG_INTR) { DEBUG_PRINTF_CS_IP(_x) }
+#define DEBUG_PRINTF_VBE(_x...) CHECK_DBG(DEBUG_VBE) { DEBUG_PRINTF_CS_IP(_x) }
+#define DEBUG_PRINTF_PMM(_x...) CHECK_DBG(DEBUG_PMM) { DEBUG_PRINTF_CS_IP(_x) }
+#define DEBUG_PRINTF_DISK(_x...) CHECK_DBG(DEBUG_DISK) { DEBUG_PRINTF_CS_IP(_x) }
+#define DEBUG_PRINTF_PNP(_x...) CHECK_DBG(DEBUG_PNP) { DEBUG_PRINTF_CS_IP(_x) }
+
+#else
+
+#define CHECK_DBG(_flag) if (0)
+
+#define DEBUG_PRINTF(_x...)
+#define DEBUG_PRINTF_CS_IP(_x...)
+
+#define DEBUG_PRINTF_IO(_x...)
+#define DEBUG_PRINTF_MEM(_x...)
+#define DEBUG_PRINTF_INTR(_x...)
+#define DEBUG_PRINTF_VBE(_x...)
+#define DEBUG_PRINTF_PMM(_x...)
+#define DEBUG_PRINTF_DISK(_x...)
+#define DEBUG_PRINTF_PNP(_x...)
+
+#endif				//DEBUG
+
+void dump(u8 * addr, u32 len);
+
+#endif
diff --git a/src/device/oprom/yabel/device.c b/src/device/oprom/yabel/device.c
new file mode 100644
index 0000000..b09f50e
--- /dev/null
+++ b/src/device/oprom/yabel/device.c
@@ -0,0 +1,471 @@
+/******************************************************************************
+ * Copyright (c) 2004, 2008 IBM Corporation
+ * Copyright (c) 2008, 2009 Pattrick Hueper <phueper at hueper.net>
+ * All rights reserved.
+ * This program and the accompanying materials
+ * are made available under the terms of the BSD License
+ * which accompanies this distribution, and is available at
+ * http://www.opensource.org/licenses/bsd-license.php
+ *
+ * Contributors:
+ *     IBM Corporation - initial implementation
+ *****************************************************************************/
+
+
+#include "device.h"
+#include "compat/rtas.h"
+#include <string.h>
+#include "debug.h"
+
+#include <device/device.h>
+#include <device/pci.h>
+#include <device/pci_ops.h>
+#include <device/resource.h>
+
+/* the device we are working with... */
+biosemu_device_t bios_device;
+//max. 6 BARs and 1 Exp.ROM plus CfgSpace and 3 legacy ranges, plus 2 "special" memory ranges
+translate_address_t translate_address_array[13];
+u8 taa_last_entry;
+
+typedef struct {
+	u8 info;
+	u8 bus;
+	u8 devfn;
+	u8 cfg_space_offset;
+	u64 address;
+	u64 size;
+} __attribute__ ((__packed__)) assigned_address_t;
+
+#if CONFIG_PCI_OPTION_ROM_RUN_YABEL
+/* coreboot version */
+
+static void
+biosemu_dev_get_addr_info(void)
+{
+	int taa_index = 0;
+	struct resource *r;
+	u8 bus = bios_device.dev->bus->secondary;
+	u16 devfn = bios_device.dev->path.pci.devfn;
+
+	bios_device.bus =  bus;
+	bios_device.devfn = devfn;
+
+	DEBUG_PRINTF("bus: %x, devfn: %x\n", bus, devfn);
+	for (r = bios_device.dev->resource_list; r; r = r->next) {
+		translate_address_array[taa_index].info = r->flags;
+		translate_address_array[taa_index].bus = bus;
+		translate_address_array[taa_index].devfn = devfn;
+		translate_address_array[taa_index].cfg_space_offset =
+		    r->index;
+		translate_address_array[taa_index].address = r->base;
+		translate_address_array[taa_index].size = r->size;
+		/* dont translate addresses... all addresses are 1:1 */
+		translate_address_array[taa_index].address_offset = 0;
+		taa_index++;
+	}
+	/* Expansion ROM */
+	translate_address_array[taa_index].info = IORESOURCE_MEM | IORESOURCE_READONLY;
+	translate_address_array[taa_index].bus = bus;
+	translate_address_array[taa_index].devfn = devfn;
+	translate_address_array[taa_index].cfg_space_offset = 0x30;
+	translate_address_array[taa_index].address = bios_device.img_addr;
+	translate_address_array[taa_index].size = 0; /* TODO: do we need the size? */
+	/* dont translate addresses... all addresses are 1:1 */
+	translate_address_array[taa_index].address_offset = 0;
+	taa_index++;
+	/* legacy ranges if its a VGA card... */
+	if ((bios_device.dev->class & 0xFF0000) == 0x030000) {
+		DEBUG_PRINTF("%s: VGA device found, adding legacy resources... \n", __func__);
+		/* I/O 0x3B0-0x3BB */
+		translate_address_array[taa_index].info = IORESOURCE_FIXED | IORESOURCE_IO;
+		translate_address_array[taa_index].bus = bus;
+		translate_address_array[taa_index].devfn = devfn;
+		translate_address_array[taa_index].cfg_space_offset = 0;
+		translate_address_array[taa_index].address = 0x3b0;
+		translate_address_array[taa_index].size = 0xc;
+		/* dont translate addresses... all addresses are 1:1 */
+		translate_address_array[taa_index].address_offset = 0;
+		taa_index++;
+		/* I/O 0x3C0-0x3DF */
+		translate_address_array[taa_index].info = IORESOURCE_FIXED | IORESOURCE_IO;
+		translate_address_array[taa_index].bus = bus;
+		translate_address_array[taa_index].devfn = devfn;
+		translate_address_array[taa_index].cfg_space_offset = 0;
+		translate_address_array[taa_index].address = 0x3c0;
+		translate_address_array[taa_index].size = 0x20;
+		/* dont translate addresses... all addresses are 1:1 */
+		translate_address_array[taa_index].address_offset = 0;
+		taa_index++;
+		/* Mem 0xA0000-0xBFFFF */
+		translate_address_array[taa_index].info = IORESOURCE_FIXED | IORESOURCE_MEM;
+		translate_address_array[taa_index].bus = bus;
+		translate_address_array[taa_index].devfn = devfn;
+		translate_address_array[taa_index].cfg_space_offset = 0;
+		translate_address_array[taa_index].address = 0xa0000;
+		translate_address_array[taa_index].size = 0x20000;
+		/* dont translate addresses... all addresses are 1:1 */
+		translate_address_array[taa_index].address_offset = 0;
+		taa_index++;
+	}
+	// store last entry index of translate_address_array
+	taa_last_entry = taa_index - 1;
+#if CONFIG_X86EMU_DEBUG
+	//dump translate_address_array
+	printf("translate_address_array: \n");
+	translate_address_t ta;
+	int i;
+	for (i = 0; i <= taa_last_entry; i++) {
+		ta = translate_address_array[i];
+		printf
+		    ("%d: info: %08lx bus: %02x devfn: %02x cfg_space_offset: %02x\n\taddr: %016llx\n\toffs: %016llx\n\tsize: %016llx\n",
+		     i, ta.info, ta.bus, ta.devfn, ta.cfg_space_offset,
+		     ta.address, ta.address_offset, ta.size);
+	}
+#endif
+}
+#else
+// use translate_address_dev and get_puid from net-snk's net_support.c
+void translate_address_dev(u64 *, phandle_t);
+u64 get_puid(phandle_t node);
+
+
+// scan all adresses assigned to the device ("assigned-addresses" and "reg")
+// store in translate_address_array for faster translation using dev_translate_address
+void
+biosemu_dev_get_addr_info(void)
+{
+	// get bus/dev/fn from assigned-addresses
+	int32_t len;
+	//max. 6 BARs and 1 Exp.ROM plus CfgSpace and 3 legacy ranges
+	assigned_address_t buf[11];
+	len =
+	    of_getprop(bios_device.phandle, "assigned-addresses", buf,
+		       sizeof(buf));
+	bios_device.bus = buf[0].bus;
+	bios_device.devfn = buf[0].devfn;
+	DEBUG_PRINTF("bus: %x, devfn: %x\n", bios_device.bus,
+		     bios_device.devfn);
+	//store address translations for all assigned-addresses and regs in
+	//translate_address_array for faster translation later on...
+	int i = 0;
+	// index to insert data into translate_address_array
+	int taa_index = 0;
+	u64 address_offset;
+	for (i = 0; i < (len / sizeof(assigned_address_t)); i++, taa_index++) {
+		//copy all info stored in assigned-addresses
+		translate_address_array[taa_index].info = buf[i].info;
+		translate_address_array[taa_index].bus = buf[i].bus;
+		translate_address_array[taa_index].devfn = buf[i].devfn;
+		translate_address_array[taa_index].cfg_space_offset =
+		    buf[i].cfg_space_offset;
+		translate_address_array[taa_index].address = buf[i].address;
+		translate_address_array[taa_index].size = buf[i].size;
+		// translate first address and store it as address_offset
+		address_offset = buf[i].address;
+		translate_address_dev(&address_offset, bios_device.phandle);
+		translate_address_array[taa_index].address_offset =
+		    address_offset - buf[i].address;
+	}
+	//get "reg" property
+	len = of_getprop(bios_device.phandle, "reg", buf, sizeof(buf));
+	for (i = 0; i < (len / sizeof(assigned_address_t)); i++) {
+		if ((buf[i].size == 0) || (buf[i].cfg_space_offset != 0)) {
+			// we dont care for ranges with size 0 and
+			// BARs and Expansion ROM must be in assigned-addresses... so in reg
+			// we only look for those without config space offset set...
+			// i.e. the legacy ranges
+			continue;
+		}
+		//copy all info stored in assigned-addresses
+		translate_address_array[taa_index].info = buf[i].info;
+		translate_address_array[taa_index].bus = buf[i].bus;
+		translate_address_array[taa_index].devfn = buf[i].devfn;
+		translate_address_array[taa_index].cfg_space_offset =
+		    buf[i].cfg_space_offset;
+		translate_address_array[taa_index].address = buf[i].address;
+		translate_address_array[taa_index].size = buf[i].size;
+		// translate first address and store it as address_offset
+		address_offset = buf[i].address;
+		translate_address_dev(&address_offset, bios_device.phandle);
+		translate_address_array[taa_index].address_offset =
+		    address_offset - buf[i].address;
+		taa_index++;
+	}
+	// store last entry index of translate_address_array
+	taa_last_entry = taa_index - 1;
+#if CONFIG_X86EMU_DEBUG
+	//dump translate_address_array
+	printf("translate_address_array: \n");
+	translate_address_t ta;
+	for (i = 0; i <= taa_last_entry; i++) {
+		ta = translate_address_array[i];
+		printf
+		    ("%d: %02x%02x%02x%02x\n\taddr: %016llx\n\toffs: %016llx\n\tsize: %016llx\n",
+		     i, ta.info, ta.bus, ta.devfn, ta.cfg_space_offset,
+		     ta.address, ta.address_offset, ta.size);
+	}
+#endif
+}
+#endif
+
+// "special memory" is a hack to make some parts of memory fall through to real memory
+// (ie. no translation). Necessary if option ROMs attempt DMA there, map registers or
+// do similarily crazy things.
+void
+biosemu_add_special_memory(u32 start, u32 size)
+{
+	int taa_index = ++taa_last_entry;
+	translate_address_array[taa_index].info = IORESOURCE_FIXED | IORESOURCE_MEM;
+	translate_address_array[taa_index].bus = 0;
+	translate_address_array[taa_index].devfn = 0;
+	translate_address_array[taa_index].cfg_space_offset = 0;
+	translate_address_array[taa_index].address = start;
+	translate_address_array[taa_index].size = size;
+	/* dont translate addresses... all addresses are 1:1 */
+	translate_address_array[taa_index].address_offset = 0;
+}
+
+#if !CONFIG_PCI_OPTION_ROM_RUN_YABEL
+// to simulate accesses to legacy VGA Memory (0xA0000-0xBFFFF)
+// we look for the first prefetchable memory BAR, if no prefetchable BAR found,
+// we use the first memory BAR
+// dev_translate_addr will translate accesses to the legacy VGA Memory into the found vmem BAR
+static void
+biosemu_dev_find_vmem_addr(void)
+{
+	int i = 0;
+	translate_address_t ta;
+	s8 tai_np = -1, tai_p = -1;	// translate_address_array index for non-prefetchable and prefetchable memory
+	//search backwards to find first entry
+	for (i = taa_last_entry; i >= 0; i--) {
+		ta = translate_address_array[i];
+		if ((ta.cfg_space_offset >= 0x10)
+		    && (ta.cfg_space_offset <= 0x24)) {
+			//only BARs
+			if ((ta.info & 0x03) >= 0x02) {
+				//32/64bit memory
+				tai_np = i;
+				if ((ta.info & 0x40) != 0) {
+					// prefetchable
+					tai_p = i;
+				}
+			}
+		}
+	}
+	if (tai_p != -1) {
+		ta = translate_address_array[tai_p];
+		bios_device.vmem_addr = ta.address;
+		bios_device.vmem_size = ta.size;
+		DEBUG_PRINTF
+		    ("%s: Found prefetchable Virtual Legacy Memory BAR: %llx, size: %llx\n",
+		     __func__, bios_device.vmem_addr,
+		     bios_device.vmem_size);
+	} else if (tai_np != -1) {
+		ta = translate_address_array[tai_np];
+		bios_device.vmem_addr = ta.address;
+		bios_device.vmem_size = ta.size;
+		DEBUG_PRINTF
+		    ("%s: Found non-prefetchable Virtual Legacy Memory BAR: %llx, size: %llx",
+		     __func__, bios_device.vmem_addr,
+		     bios_device.vmem_size);
+	}
+	// disable vmem
+	//bios_device.vmem_size = 0;
+}
+
+void
+biosemu_dev_get_puid(void)
+{
+	// get puid
+	bios_device.puid = get_puid(bios_device.phandle);
+	DEBUG_PRINTF("puid: 0x%llx\n", bios_device.puid);
+}
+#endif
+
+static void
+biosemu_dev_get_device_vendor_id(void)
+{
+
+	u32 pci_config_0;
+#if CONFIG_PCI_OPTION_ROM_RUN_YABEL
+	pci_config_0 = pci_read_config32(bios_device.dev, 0x0);
+#else
+	pci_config_0 =
+	    rtas_pci_config_read(bios_device.puid, 4, bios_device.bus,
+				 bios_device.devfn, 0x0);
+#endif
+	bios_device.pci_device_id =
+	    (u16) ((pci_config_0 & 0xFFFF0000) >> 16);
+	bios_device.pci_vendor_id = (u16) (pci_config_0 & 0x0000FFFF);
+	DEBUG_PRINTF("PCI Device ID: %04x, PCI Vendor ID: %x\n",
+		     bios_device.pci_device_id, bios_device.pci_vendor_id);
+}
+
+/* Check whether the device has a valid Expansion ROM and search the PCI Data
+ * Structure and any Expansion ROM Header (using dev_scan_exp_header()) for
+ * needed information.  If the rom_addr parameter is != 0, it is the address of
+ * the Expansion ROM image and will be used, if it is == 0, the Expansion ROM
+ * BAR address will be used.
+ */
+u8
+biosemu_dev_check_exprom(unsigned long rom_base_addr)
+{
+	int i = 0;
+	translate_address_t ta;
+	u16 pci_ds_offset;
+	pci_data_struct_t pci_ds;
+	if (rom_base_addr == 0) {
+		// check for ExpROM Address (Offset 30) in taa
+		for (i = 0; i <= taa_last_entry; i++) {
+			ta = translate_address_array[i];
+			if (ta.cfg_space_offset == 0x30) {
+				//translated address
+				rom_base_addr = ta.address + ta.address_offset;
+				break;
+			}
+		}
+	}
+	/* In the ROM there could be multiple Expansion ROM Images... start
+	 * searching them for an x86 image.
+	 */
+	do {
+		if (rom_base_addr == 0) {
+			printf("Error: no Expansion ROM address found!\n");
+			return -1;
+		}
+		set_ci();
+		u16 rom_signature = in16le((void *) rom_base_addr);
+		clr_ci();
+		if (rom_signature != 0xaa55) {
+			printf
+			    ("Error: invalid Expansion ROM signature: %02x!\n",
+			     *((u16 *) rom_base_addr));
+			return -1;
+		}
+		set_ci();
+		// at offset 0x18 is the (16bit little-endian) pointer to the PCI Data Structure
+		pci_ds_offset = in16le((void *) (rom_base_addr + 0x18));
+		//copy the PCI Data Structure
+		memcpy(&pci_ds, (void *) (rom_base_addr + pci_ds_offset),
+		       sizeof(pci_ds));
+		clr_ci();
+#if CONFIG_X86EMU_DEBUG
+		DEBUG_PRINTF("PCI Data Structure @%lx:\n",
+			     rom_base_addr + pci_ds_offset);
+		dump((void *) &pci_ds, sizeof(pci_ds));
+#endif
+		if (strncmp((const char *) pci_ds.signature, "PCIR", 4) != 0) {
+			printf("Invalid PCI Data Structure found!\n");
+			break;
+		}
+		//little-endian conversion
+		pci_ds.vendor_id = in16le(&pci_ds.vendor_id);
+		pci_ds.device_id = in16le(&pci_ds.device_id);
+		pci_ds.img_length = in16le(&pci_ds.img_length);
+		pci_ds.pci_ds_length = in16le(&pci_ds.pci_ds_length);
+#ifdef DO_THIS_TEST_TWICE
+		if (pci_ds.vendor_id != bios_device.pci_vendor_id) {
+			printf
+			    ("Image has invalid Vendor ID: %04x, expected: %04x\n",
+			     pci_ds.vendor_id, bios_device.pci_vendor_id);
+			break;
+		}
+		if (pci_ds.device_id != bios_device.pci_device_id) {
+			printf
+			    ("Image has invalid Device ID: %04x, expected: %04x\n",
+			     pci_ds.device_id, bios_device.pci_device_id);
+			break;
+		}
+#endif
+		DEBUG_PRINTF("Image Length: %d\n", pci_ds.img_length * 512);
+		DEBUG_PRINTF("Image Code Type: %d\n", pci_ds.code_type);
+		if (pci_ds.code_type == 0) {
+			//x86 image
+			//store image address and image length in bios_device struct
+			bios_device.img_addr = rom_base_addr;
+			bios_device.img_size = pci_ds.img_length * 512;
+			// we found the image, exit the loop
+			break;
+		} else {
+			// no x86 image, check next image (if any)
+			rom_base_addr += pci_ds.img_length * 512;
+		}
+		if ((pci_ds.indicator & 0x80) == 0x80) {
+			//last image found, exit the loop
+			DEBUG_PRINTF("Last PCI Expansion ROM Image found.\n");
+			break;
+		}
+	}
+	while (bios_device.img_addr == 0);
+	// in case we did not find a valid x86 Expansion ROM Image
+	if (bios_device.img_addr == 0) {
+		printf("Error: no valid x86 Expansion ROM Image found!\n");
+		return -1;
+	}
+	return 0;
+}
+
+u8
+biosemu_dev_init(struct device * device)
+{
+	u8 rval = 0;
+	//init bios_device struct
+	DEBUG_PRINTF("%s\n", __func__);
+	memset(&bios_device, 0, sizeof(bios_device));
+
+#if !CONFIG_PCI_OPTION_ROM_RUN_YABEL
+	bios_device.ihandle = of_open(device_name);
+	if (bios_device.ihandle == 0) {
+		DEBUG_PRINTF("%s is no valid device!\n", device_name);
+		return -1;
+	}
+	bios_device.phandle = of_finddevice(device_name);
+#else
+	bios_device.dev = device;
+#endif
+	biosemu_dev_get_addr_info();
+#if !CONFIG_PCI_OPTION_ROM_RUN_YABEL
+	biosemu_dev_find_vmem_addr();
+	biosemu_dev_get_puid();
+#endif
+	biosemu_dev_get_device_vendor_id();
+	return rval;
+}
+
+// translate address function using translate_address_array assembled
+// by dev_get_addr_info... MUCH faster than calling translate_address_dev
+// and accessing client interface for every translation...
+// returns: 0 if addr not found in translate_address_array, 1 if found.
+u8
+biosemu_dev_translate_address(int type, unsigned long * addr)
+{
+	int i = 0;
+	translate_address_t ta;
+#if !CONFIG_PCI_OPTION_ROM_RUN_YABEL
+	/* we dont need this hack for coreboot... we can access legacy areas */
+	//check if it is an access to legacy VGA Mem... if it is, map the address
+	//to the vmem BAR and then translate it...
+	// (translation info provided by Ben Herrenschmidt)
+	// NOTE: the translation seems to only work for NVIDIA cards... but it is needed
+	// to make some NVIDIA cards work at all...
+	if ((bios_device.vmem_size > 0)
+	    && ((*addr >= 0xA0000) && (*addr < 0xB8000))) {
+		*addr = (*addr - 0xA0000) * 4 + 2 + bios_device.vmem_addr;
+	}
+	if ((bios_device.vmem_size > 0)
+	    && ((*addr >= 0xB8000) && (*addr < 0xC0000))) {
+		u8 shift = *addr & 1;
+		*addr &= 0xfffffffe;
+		*addr = (*addr - 0xB8000) * 4 + shift + bios_device.vmem_addr;
+	}
+#endif
+	for (i = 0; i <= taa_last_entry; i++) {
+		ta = translate_address_array[i];
+		if ((*addr >= ta.address) && (*addr <= (ta.address + ta.size)) && (ta.info & type)) {
+			*addr += ta.address_offset;
+			return 1;
+		}
+	}
+	return 0;
+}
diff --git a/src/device/oprom/yabel/device.h b/src/device/oprom/yabel/device.h
new file mode 100644
index 0000000..edee44d
--- /dev/null
+++ b/src/device/oprom/yabel/device.h
@@ -0,0 +1,185 @@
+/******************************************************************************
+ * Copyright (c) 2004, 2008 IBM Corporation
+ * Copyright (c) 2008, 2009 Pattrick Hueper <phueper at hueper.net>
+ * All rights reserved.
+ * This program and the accompanying materials
+ * are made available under the terms of the BSD License
+ * which accompanies this distribution, and is available at
+ * http://www.opensource.org/licenses/bsd-license.php
+ *
+ * Contributors:
+ *     IBM Corporation - initial implementation
+ *****************************************************************************/
+
+#ifndef DEVICE_LIB_H
+#define DEVICE_LIB_H
+
+#include <types.h>
+#include <arch/byteorder.h>
+#include "compat/of.h"
+#include "debug.h"
+
+
+// a Expansion Header Struct as defined in Plug and Play BIOS Spec 1.0a Chapter 3.2
+typedef struct {
+	char signature[4];	// signature
+	u8 structure_revision;
+	u8 length;		// in 16 byte blocks
+	u16 next_header_offset;	// offset to next Expansion Header as 16bit little-endian value, as offset from the start of the Expansion ROM
+	u8 reserved;
+	u8 checksum;	// the sum of all bytes of the Expansion Header must be 0
+	u32 device_id;	// PnP Device ID as 32bit little-endian value
+	u16 p_manufacturer_string;	//16bit little-endian offset from start of Expansion ROM
+	u16 p_product_string;	//16bit little-endian offset from start of Expansion ROM
+	u8 device_base_type;
+	u8 device_sub_type;
+	u8 device_if_type;
+	u8 device_indicators;
+	// the following vectors are all 16bit little-endian offsets from start of Expansion ROM
+	u16 bcv;		// Boot Connection Vector
+	u16 dv;		// Disconnect Vector
+	u16 bev;		// Bootstrap Entry Vector
+	u16 reserved_2;
+	u16 sriv;		// Static Resource Information Vector
+} __attribute__ ((__packed__)) exp_header_struct_t;
+
+// a PCI Data Struct as defined in PCI 2.3 Spec Chapter 6.3.1.2
+typedef struct {
+	u8 signature[4];	// signature, the String "PCIR"
+	u16 vendor_id;
+	u16 device_id;
+	u16 reserved;
+	u16 pci_ds_length;	// PCI Data Structure Length, 16bit little-endian value
+	u8 pci_ds_revision;
+	u8 class_code[3];
+	u16 img_length;	// length of the Exp.ROM Image, 16bit little-endian value in 512 bytes
+	u16 img_revision;
+	u8 code_type;
+	u8 indicator;
+	u16 reserved_2;
+} __attribute__ ((__packed__)) pci_data_struct_t;
+
+typedef struct {
+	u8 bus;
+	u8 devfn;
+#if CONFIG_PCI_OPTION_ROM_RUN_YABEL
+	struct device* dev;
+#else
+	u64 puid;
+	phandle_t phandle;
+	ihandle_t ihandle;
+#endif
+	// store the address of the BAR that is used to simulate
+	// legacy VGA memory accesses
+	u64 vmem_addr;
+	u64 vmem_size;
+	// used to buffer I/O Accesses, that do not access the I/O Range of the device...
+	// 64k might be overkill, but we can buffer all I/O accesses...
+	u8 io_buffer[64 * 1024];
+	u16 pci_vendor_id;
+	u16 pci_device_id;
+	// translated address of the "PC-Compatible" Expansion ROM Image for this device
+	unsigned long img_addr;
+	u32 img_size;	// size of the Expansion ROM Image (read from the PCI Data Structure)
+} biosemu_device_t;
+
+typedef struct {
+#if CONFIG_PCI_OPTION_ROM_RUN_YABEL
+	unsigned long info;
+#else
+	u8 info;
+#endif
+	u8 bus;
+	u8 devfn;
+	u8 cfg_space_offset;
+	u64 address;
+	u64 address_offset;
+	u64 size;
+} __attribute__ ((__packed__)) translate_address_t;
+
+// array to store address translations for this
+// device. Needed for faster address translation, so
+// not every I/O or Memory Access needs to call translate_address_dev
+// and access the device tree
+// 6 BARs, 1 Exp. ROM, 1 Cfg.Space, and 3 Legacy, plus 2 "special"
+// translations are supported... this should be enough for
+// most devices... for VGA it is enough anyways...
+extern translate_address_t translate_address_array[13];
+
+// index of last translate_address_array entry
+// set by get_dev_addr_info function
+extern u8 taa_last_entry;
+
+// add 1:1 mapped memory regions to translation table
+void biosemu_add_special_memory(u32 start, u32 size);
+
+/* the device we are working with... */
+extern biosemu_device_t bios_device;
+
+u8 biosemu_dev_init(struct device * device);
+// NOTE: for dev_check_exprom to work, biosemu_dev_init MUST be called first!
+u8 biosemu_dev_check_exprom(unsigned long rom_base_addr);
+
+u8 biosemu_dev_translate_address(int type, unsigned long * addr);
+
+/* endianness swap functions for 16 and 32 bit words
+ * copied from axon_pciconfig.c
+ */
+static inline void
+out32le(void *addr, u32 val)
+{
+#ifdef __i386
+	*((u32*) addr) = cpu_to_le32(val);
+#else
+	asm volatile ("stwbrx  %0, 0, %1"::"r" (val), "r"(addr));
+#endif
+}
+
+static inline u32
+in32le(void *addr)
+{
+	u32 val;
+#ifdef __i386
+	val = cpu_to_le32(*((u32 *) addr));
+#else
+	asm volatile ("lwbrx  %0, 0, %1":"=r" (val):"r"(addr));
+#endif
+	return val;
+}
+
+static inline void
+out16le(void *addr, u16 val)
+{
+#ifdef __i386
+	*((u16*) addr) = cpu_to_le16(val);
+#else
+	asm volatile ("sthbrx  %0, 0, %1"::"r" (val), "r"(addr));
+#endif
+}
+
+static inline u16
+in16le(void *addr)
+{
+	u16 val;
+#ifdef __i386
+	val = cpu_to_le16(*((u16*) addr));
+#else
+	asm volatile ("lhbrx %0, 0, %1":"=r" (val):"r"(addr));
+#endif
+	return val;
+}
+
+/* debug function, dumps HID1 and HID4 to detect whether caches are on/off */
+static inline void
+dumpHID(void)
+{
+	u64 hid;
+	//HID1 = 1009
+	__asm__ __volatile__("mfspr %0, 1009":"=r"(hid));
+	printf("HID1: %016llx\n", hid);
+	//HID4 = 1012
+	__asm__ __volatile__("mfspr %0, 1012":"=r"(hid));
+	printf("HID4: %016llx\n", hid);
+}
+
+#endif
diff --git a/src/device/oprom/yabel/interrupt.c b/src/device/oprom/yabel/interrupt.c
new file mode 100644
index 0000000..e5b4a3c
--- /dev/null
+++ b/src/device/oprom/yabel/interrupt.c
@@ -0,0 +1,678 @@
+/******************************************************************************
+ * Copyright (c) 2004, 2008 IBM Corporation
+ * Copyright (c) 2008, 2009 Pattrick Hueper <phueper at hueper.net>
+ * All rights reserved.
+ * This program and the accompanying materials
+ * are made available under the terms of the BSD License
+ * which accompanies this distribution, and is available at
+ * http://www.opensource.org/licenses/bsd-license.php
+ *
+ * Contributors:
+ *     IBM Corporation - initial implementation
+ *****************************************************************************/
+
+#include <types.h>
+#include "compat/rtas.h"
+
+#include "biosemu.h"
+#include "mem.h"
+#include "device.h"
+#include "debug.h"
+#include "pmm.h"
+#include "interrupt.h"
+
+#include <x86emu/x86emu.h>
+#include "../x86emu/prim_ops.h"
+
+#if CONFIG_PCI_OPTION_ROM_RUN_YABEL
+#include <device/pci.h>
+#include <device/pci_ops.h>
+#endif
+
+
+//setup to run the code at the address, that the Interrupt Vector points to...
+static void
+setupInt(int intNum)
+{
+	DEBUG_PRINTF_INTR("%s(%x): executing interrupt handler @%08x\n",
+			  __func__, intNum, my_rdl(intNum * 4));
+	// push current R_FLG... will be popped by IRET
+	push_word((u16) M.x86.R_FLG);
+	CLEAR_FLAG(F_IF);
+	CLEAR_FLAG(F_TF);
+	// push current CS:IP to the stack, will be popped by IRET
+	push_word(M.x86.R_CS);
+	push_word(M.x86.R_IP);
+	// set CS:IP to the interrupt handler address... so the next executed instruction will
+	// be the interrupt handler
+	M.x86.R_CS = my_rdw(intNum * 4 + 2);
+	M.x86.R_IP = my_rdw(intNum * 4);
+}
+
+// handle int10 (VGA BIOS Interrupt)
+static void
+handleInt10(void)
+{
+	// the data for INT10 is stored in BDA (0000:0400h) offset 49h-66h
+	// function number in AH
+	//DEBUG_PRINTF_CS_IP("%s:\n", __func__);
+	//x86emu_dump_xregs();
+	//if ((M.x86.R_IP == 0x32c2) && (M.x86.R_SI == 0x1ce2)){
+	//X86EMU_trace_on();
+	//M.x86.debug &= ~DEBUG_DECODE_NOPRINT_F;
+	//}
+	switch (M.x86.R_AH) {
+	case 0x00:
+		// set video mode
+		// BDA offset 49h is current video mode
+		my_wrb(0x449, M.x86.R_AL);
+		if (M.x86.R_AL > 7)
+			M.x86.R_AL = 0x20;
+		else if (M.x86.R_AL == 6)
+			M.x86.R_AL = 0x3f;
+		else
+			M.x86.R_AL = 0x30;
+		break;
+	case 0x01:
+		// set cursor shape
+		// ignore
+		break;
+	case 0x02:
+		// set cursor position
+		// BH: pagenumber, DX: cursor_pos (DH:row, DL:col)
+		// BDA offset 50h-60h are 8 cursor position words for
+		// eight possible video pages
+		my_wrw(0x450 + (M.x86.R_BH * 2), M.x86.R_DX);
+		break;
+	case 0x03:
+		//get cursor position
+		// BH: pagenumber
+		// BDA offset 50h-60h are 8 cursor position words for
+		// eight possible video pages
+		M.x86.R_AX = 0;
+		M.x86.R_CH = 0;	// start scan line ???
+		M.x86.R_CL = 0;	// end scan line ???
+		M.x86.R_DX = my_rdw(0x450 + (M.x86.R_BH * 2));
+		break;
+	case 0x05:
+		// set active page
+		// BDA offset 62h is current page number
+		my_wrb(0x462, M.x86.R_AL);
+		break;
+	case 0x06:
+		//scroll up windows
+		break;
+	case 0x07:
+		//scroll down windows
+		break;
+	case 0x08:
+		//read character and attribute at position
+		M.x86.R_AH = 0x07;	// white-on-black
+		M.x86.R_AL = 0x20;	// a space...
+		break;
+	case 0x09:
+		// write character and attribute
+		//AL: char, BH: page number, BL: attribute, CX: number of times to write
+		//BDA offset 62h is current page number
+		CHECK_DBG(DEBUG_PRINT_INT10) {
+			u32 i = 0;
+			if (M.x86.R_BH == my_rdb(0x462)) {
+				for (i = 0; i < M.x86.R_CX; i++)
+					printf("%c", M.x86.R_AL);
+			}
+		}
+		break;
+	case 0x0a:
+		// write character
+		//AL: char, BH: page number, BL: attribute, CX: number of times to write
+		//BDA offset 62h is current page number
+		CHECK_DBG(DEBUG_PRINT_INT10) {
+			u32 i = 0;
+			if (M.x86.R_BH == my_rdb(0x462)) {
+				for (i = 0; i < M.x86.R_CX; i++)
+					printf("%c", M.x86.R_AL);
+			}
+		}
+		break;
+	case 0x0e:
+		// teletype output: write character and advance cursor...
+		//AL: char, BH: page number, BL: attribute
+		//BDA offset 62h is current page number
+		CHECK_DBG(DEBUG_PRINT_INT10) {
+			// we ignore the pagenumber on this call...
+			//if (M.x86.R_BH == my_rdb(0x462))
+			{
+				printf("%c", M.x86.R_AL);
+				// for debugging, to read all lines
+				//if (M.x86.R_AL == 0xd) // carriage return
+				//      printf("\n");
+			}
+		}
+		break;
+	case 0x0f:
+		// get video mode
+		// BDA offset 49h is current video mode
+		// BDA offset 62h is current page number
+		// BDA offset 4ah is columns on screen
+		M.x86.R_AH = 80;	//number of character columns... we hardcode it to 80
+		M.x86.R_AL = my_rdb(0x449);
+		M.x86.R_BH = my_rdb(0x462);
+		break;
+	default:
+		printf("%s(): unknown function (%x) for int10 handler.\n",
+		       __func__, M.x86.R_AH);
+		DEBUG_PRINTF_INTR("AX=%04x BX=%04x CX=%04x DX=%04x\n",
+				  M.x86.R_AX, M.x86.R_BX, M.x86.R_CX,
+				  M.x86.R_DX);
+		HALT_SYS();
+		break;
+	}
+}
+
+// this table translates ASCII chars into their XT scan codes:
+static u8 keycode_table[256] = {
+	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	// 0 - 7
+	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	// 8 - 15
+	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	// 16 - 23
+	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	// 24 - 31
+	0x39, 0x02, 0x28, 0x04, 0x05, 0x06, 0x08, 0x28,	// 32 - 39
+	0x0a, 0x0b, 0x09, 0x2b, 0x33, 0x0d, 0x34, 0x35,	// 40 - 47
+	0x0b, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,	// 48 - 55
+	0x09, 0x0a, 0x27, 0x27, 0x33, 0x2b, 0x34, 0x35,	// 56 - 63
+	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	// 64 - 71
+	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	// 72 - 79
+	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	// 80 - 87
+	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	// 88 - 95
+	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	// 96 - 103
+	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	// 104 - 111
+	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	// 112 - 119
+	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	// 120 - 127
+	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	// ...
+	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+}
+
+;
+
+static void
+translate_keycode(u64 * keycode)
+{
+	u8 scan_code = 0;
+	u8 char_code = 0;
+	if (*keycode < 256) {
+		scan_code = keycode_table[*keycode];
+		char_code = (u8) * keycode & 0xff;
+	} else {
+		switch (*keycode) {
+		case 0x1b50:
+			// F1
+			scan_code = 0x3b;
+			char_code = 0x0;
+			break;
+		default:
+			printf("%s(): unknown multibyte keycode: %llx\n",
+			       __func__, *keycode);
+			break;
+		}
+	}
+	//assemble scan/char code in keycode
+	*keycode = (u64) ((((u16) scan_code) << 8) | char_code);
+}
+
+// handle int16 (Keyboard BIOS Interrupt)
+static void
+handleInt16(void)
+{
+	// keyboard buffer is in BIOS Memory Area:
+	// offset 0x1a (WORD) pointer to next char in keybuffer
+	// offset 0x1c (WORD) pointer to next insert slot in keybuffer
+	// offset 0x1e-0x3e: 16 WORD Ring Buffer
+	// since we currently always read the char from the FW buffer,
+	// we misuse the ring buffer, we use it as pointer to a u64 that stores
+	// multi-byte keys (e.g. special keys in VT100 terminal)
+	// and as long as a key is available (not 0) we dont read further keys
+	u64 *keycode = (u64 *) (M.mem_base + 0x41e);
+	s8 c;
+	// function number in AH
+	DEBUG_PRINTF_INTR("%s(): Keyboard Interrupt: function: %x.\n",
+			  __func__, M.x86.R_AH);
+	DEBUG_PRINTF_INTR("AX=%04x BX=%04x CX=%04x DX=%04x\n", M.x86.R_AX,
+			  M.x86.R_BX, M.x86.R_CX, M.x86.R_DX);
+	switch (M.x86.R_AH) {
+	case 0x00:
+		// get keystroke
+		if (*keycode) {
+			M.x86.R_AX = (u16) * keycode;
+			// clear keycode
+			*keycode = 0;
+		} else {
+			M.x86.R_AH = 0x61;	// scancode for space key
+			M.x86.R_AL = 0x20;	// a space
+		}
+		break;
+	case 0x01:
+		// check keystroke
+		// ZF set = no keystroke
+		// read first byte of key code
+		if (*keycode) {
+			// already read, but not yet taken
+			CLEAR_FLAG(F_ZF);
+			M.x86.R_AX = (u16) * keycode;
+		} else {
+			/* TODO: we need getchar... */
+			c = -1; //getchar();
+			if (c == -1) {
+				// no key available
+				SET_FLAG(F_ZF);
+			} else {
+				*keycode = c;
+
+				// since after an ESC it may take a while to receive the next char,
+				// we send something that is not shown on the screen, and then try to get
+				// the next char
+				// TODO: only after ESC?? what about other multibyte keys
+				printf("tt%c%c", 0x08, 0x08);	// 0x08 == Backspace
+
+				/* TODO: we need getchar... */
+				while ((c = -1 /*getchar()*/) != -1) {
+					*keycode = (*keycode << 8) | c;
+					DEBUG_PRINTF(" key read: %0llx\n",
+						     *keycode);
+				}
+				translate_keycode(keycode);
+				DEBUG_PRINTF(" translated key: %0llx\n",
+					     *keycode);
+				if (*keycode == 0) {
+					//not found
+					SET_FLAG(F_ZF);
+				} else {
+					CLEAR_FLAG(F_ZF);
+					M.x86.R_AX = (u16) * keycode;
+					//X86EMU_trace_on();
+					//M.x86.debug &= ~DEBUG_DECODE_NOPRINT_F;
+				}
+			}
+		}
+		break;
+	default:
+		printf("%s(): unknown function (%x) for int16 handler.\n",
+		       __func__, M.x86.R_AH);
+		DEBUG_PRINTF_INTR("AX=%04x BX=%04x CX=%04x DX=%04x\n",
+				  M.x86.R_AX, M.x86.R_BX, M.x86.R_CX,
+				  M.x86.R_DX);
+		HALT_SYS();
+		break;
+	}
+}
+
+// handle int1a (PCI BIOS Interrupt)
+static void
+handleInt1a(void)
+{
+	// function number in AX
+	u8 bus, devfn, offs;
+	struct device* dev;
+	switch (M.x86.R_AX) {
+	case 0xb101:
+		// Installation check
+		CLEAR_FLAG(F_CF);	// clear CF
+		M.x86.R_EDX = 0x20494350;	// " ICP" endian swapped "PCI "
+		M.x86.R_AL = 0x1;	// Config Space Mechanism 1 supported
+		M.x86.R_BX = 0x0210;	// PCI Interface Level Version 2.10
+		M.x86.R_CL = 0xff;	// number of last PCI Bus in system TODO: check!
+		break;
+	case 0xb102:
+		// Find PCI Device
+		// device_id in CX, vendor_id in DX
+		// device index in SI (i.e. if multiple devices with same vendor/device id
+		// are connected). We currently only support device index 0
+		//
+		DEBUG_PRINTF_INTR("%s(): function: %x: PCI Find Device\n",
+				  __func__, M.x86.R_AX);
+		/* FixME: support SI != 0 */
+#if CONFIG_YABEL_PCI_ACCESS_OTHER_DEVICES
+		dev = dev_find_device(M.x86.R_DX, M.x86.R_CX, 0);
+		if (dev != 0) {
+			DEBUG_PRINTF_INTR
+			    ("%s(): function %x: PCI Find Device --> 0x%04x\n",
+			     __func__, M.x86.R_AX, M.x86.R_BX);
+
+			M.x86.R_BH = dev->bus->secondary;
+			M.x86.R_BL = dev->path.pci.devfn;
+			M.x86.R_AH = 0x00; // return code: success
+			CLEAR_FLAG(F_CF);
+#else
+		// only allow the device to find itself...
+		if ((M.x86.R_CX == bios_device.pci_device_id)
+		   && (M.x86.R_DX == bios_device.pci_vendor_id)
+		   // device index must be 0
+		   && (M.x86.R_SI == 0)) {
+			CLEAR_FLAG(F_CF);
+			M.x86.R_AH = 0x00;      // return code: success
+			M.x86.R_BH = bios_device.bus;
+			M.x86.R_BL = bios_device.devfn;
+#endif
+		} else {
+			DEBUG_PRINTF_INTR
+			    ("%s(): function %x: invalid device/vendor/device index! (%04x/%04x/%02x expected: %04x/%04x/00) \n",
+			     __func__, M.x86.R_AX, M.x86.R_CX, M.x86.R_DX,
+			     M.x86.R_SI, bios_device.pci_device_id,
+			     bios_device.pci_vendor_id);
+
+			SET_FLAG(F_CF);
+			M.x86.R_AH = 0x86;	// return code: device not found
+		}
+		break;
+	case 0xb108:		//read configuration byte
+	case 0xb109:		//read configuration word
+	case 0xb10a:		//read configuration dword
+		bus = M.x86.R_BH;
+		devfn = M.x86.R_BL;
+		offs = M.x86.R_DI;
+		DEBUG_PRINTF_INTR("%s(): function: %x: PCI Config Read from device: bus: %02x, devfn: %02x, offset: %02x\n",
+				  __func__, M.x86.R_AX, bus, devfn, offs);
+#if CONFIG_YABEL_PCI_ACCESS_OTHER_DEVICES
+		dev = dev_find_slot(bus, devfn);
+		DEBUG_PRINTF_INTR("%s(): function: %x: dev_find_slot() returned: %s\n",
+				  __func__, M.x86.R_AX, dev_path(dev));
+		if (dev == 0) {
+			// fail accesses to non-existent devices...
+#else
+		dev = bios_device.dev;
+		if ((bus != bios_device.bus)
+		     || (devfn != bios_device.devfn)) {
+			// fail accesses to any device but ours...
+#endif
+			printf
+			    ("%s(): Config read access invalid device! bus: %02x (%02x), devfn: %02x (%02x), offs: %02x\n",
+			     __func__, bus, bios_device.bus, devfn,
+			     bios_device.devfn, offs);
+			SET_FLAG(F_CF);
+			M.x86.R_AH = 0x87;	//return code: bad pci register
+			HALT_SYS();
+			return;
+		} else {
+			switch (M.x86.R_AX) {
+			case 0xb108:
+				M.x86.R_CL =
+#if CONFIG_PCI_OPTION_ROM_RUN_YABEL
+					pci_read_config8(dev, offs);
+#else
+				    (u8) rtas_pci_config_read(bios_device.
+								   puid, 1,
+								   bus, devfn,
+								   offs);
+#endif
+				DEBUG_PRINTF_INTR
+				    ("%s(): function %x: PCI Config Read @%02x --> 0x%02x\n",
+				     __func__, M.x86.R_AX, offs,
+				     M.x86.R_CL);
+				break;
+			case 0xb109:
+				M.x86.R_CX =
+#if CONFIG_PCI_OPTION_ROM_RUN_YABEL
+					pci_read_config16(dev, offs);
+#else
+				    (u16) rtas_pci_config_read(bios_device.
+								    puid, 2,
+								    bus, devfn,
+								    offs);
+#endif
+				DEBUG_PRINTF_INTR
+				    ("%s(): function %x: PCI Config Read @%02x --> 0x%04x\n",
+				     __func__, M.x86.R_AX, offs,
+				     M.x86.R_CX);
+				break;
+			case 0xb10a:
+				M.x86.R_ECX =
+#if CONFIG_PCI_OPTION_ROM_RUN_YABEL
+					pci_read_config32(dev, offs);
+#else
+				    (u32) rtas_pci_config_read(bios_device.
+								    puid, 4,
+								    bus, devfn,
+								    offs);
+#endif
+				DEBUG_PRINTF_INTR
+				    ("%s(): function %x: PCI Config Read @%02x --> 0x%08x\n",
+				     __func__, M.x86.R_AX, offs,
+				     M.x86.R_ECX);
+				break;
+			}
+			CLEAR_FLAG(F_CF);
+			M.x86.R_AH = 0x0;	// return code: success
+		}
+		break;
+	case 0xb10b:		//write configuration byte
+	case 0xb10c:		//write configuration word
+	case 0xb10d:		//write configuration dword
+		bus = M.x86.R_BH;
+		devfn = M.x86.R_BL;
+		offs = M.x86.R_DI;
+		if ((bus != bios_device.bus)
+		    || (devfn != bios_device.devfn)) {
+			// fail accesses to any device but ours...
+			printf
+			    ("%s(): Config read access invalid! bus: %x (%x), devfn: %x (%x), offs: %x\n",
+			     __func__, bus, bios_device.bus, devfn,
+			     bios_device.devfn, offs);
+			SET_FLAG(F_CF);
+			M.x86.R_AH = 0x87;	//return code: bad pci register
+			HALT_SYS();
+			return;
+		} else {
+			switch (M.x86.R_AX) {
+			case 0xb10b:
+#if CONFIG_PCI_OPTION_ROM_RUN_YABEL
+					pci_write_config8(bios_device.dev, offs, M.x86.R_CL);
+#else
+				rtas_pci_config_write(bios_device.puid, 1, bus,
+						      devfn, offs, M.x86.R_CL);
+#endif
+				DEBUG_PRINTF_INTR
+				    ("%s(): function %x: PCI Config Write @%02x <-- 0x%02x\n",
+				     __func__, M.x86.R_AX, offs,
+				     M.x86.R_CL);
+				break;
+			case 0xb10c:
+#if CONFIG_PCI_OPTION_ROM_RUN_YABEL
+					pci_write_config16(bios_device.dev, offs, M.x86.R_CX);
+#else
+				rtas_pci_config_write(bios_device.puid, 2, bus,
+						      devfn, offs, M.x86.R_CX);
+#endif
+				DEBUG_PRINTF_INTR
+				    ("%s(): function %x: PCI Config Write @%02x <-- 0x%04x\n",
+				     __func__, M.x86.R_AX, offs,
+				     M.x86.R_CX);
+				break;
+			case 0xb10d:
+#if CONFIG_PCI_OPTION_ROM_RUN_YABEL
+					pci_write_config32(bios_device.dev, offs, M.x86.R_ECX);
+#else
+				rtas_pci_config_write(bios_device.puid, 4, bus,
+						      devfn, offs, M.x86.R_ECX);
+#endif
+				DEBUG_PRINTF_INTR
+				    ("%s(): function %x: PCI Config Write @%02x <-- 0x%08x\n",
+				     __func__, M.x86.R_AX, offs,
+				     M.x86.R_ECX);
+				break;
+			}
+			CLEAR_FLAG(F_CF);
+			M.x86.R_AH = 0x0;	// return code: success
+		}
+		break;
+	default:
+		printf("%s(): unknown function (%x) for int1a handler.\n",
+		       __func__, M.x86.R_AX);
+		DEBUG_PRINTF_INTR("AX=%04x BX=%04x CX=%04x DX=%04x\n",
+				  M.x86.R_AX, M.x86.R_BX, M.x86.R_CX,
+				  M.x86.R_DX);
+		HALT_SYS();
+		break;
+	}
+}
+
+// main Interrupt Handler routine, should be registered as x86emu interrupt handler
+void
+handleInterrupt(int intNum)
+{
+	u8 int_handled = 0;
+#ifndef DEBUG_PRINT_INT10
+	// this printf makes output by int 10 unreadable...
+	// so we only enable it, if int10 print is disabled
+	DEBUG_PRINTF_INTR("%s(%x)\n", __func__, intNum);
+#endif
+
+	/* check wether this interrupt has a function pointer set in yabel_intFuncArray and run that */
+	if (yabel_intFuncArray[intNum]) {
+		DEBUG_PRINTF_INTR("%s(%x) intHandler overridden, calling it...\n", __func__, intNum);
+		int_handled = (*yabel_intFuncArray[intNum])();
+	} else {
+		switch (intNum) {
+		case 0x10:		//BIOS video interrupt
+		case 0x42:		// INT 10h relocated by EGA/VGA BIOS
+		case 0x6d:		// INT 10h relocated by VGA BIOS
+			// get interrupt vector from IDT (4 bytes per Interrupt starting at address 0
+			if ((my_rdl(intNum * 4) == 0xF000F065) ||	//F000:F065 is default BIOS interrupt handler address
+			    (my_rdl(intNum * 4) == 0xF4F4F4F4))	//invalid
+			{
+#if 0
+				// ignore interrupt...
+				DEBUG_PRINTF_INTR
+				    ("%s(%x): invalid interrupt Vector (%08x) found, interrupt ignored...\n",
+				     __func__, intNum, my_rdl(intNum * 4));
+				DEBUG_PRINTF_INTR("AX=%04x BX=%04x CX=%04x DX=%04x\n",
+						  M.x86.R_AX, M.x86.R_BX, M.x86.R_CX,
+						  M.x86.R_DX);
+				//HALT_SYS();
+#endif
+				handleInt10();
+				int_handled = 1;
+			}
+			break;
+		case 0x16:
+			// Keyboard BIOS Interrupt
+			handleInt16();
+			int_handled = 1;
+			break;
+		case 0x1a:
+			// PCI BIOS Interrupt
+			handleInt1a();
+			int_handled = 1;
+			break;
+		case PMM_INT_NUM:
+			/* The self-defined PMM INT number, this is called by
+			 * the code in PMM struct, and it is handled by
+			 * pmm_handleInt()
+			 */
+			pmm_handleInt();
+			int_handled = 1;
+			break;
+		default:
+			printf("Interrupt %#x (Vector: %x) not implemented\n", intNum,
+			       my_rdl(intNum * 4));
+			DEBUG_PRINTF_INTR("AX=%04x BX=%04x CX=%04x DX=%04x\n",
+					  M.x86.R_AX, M.x86.R_BX, M.x86.R_CX,
+					  M.x86.R_DX);
+			int_handled = 1;
+			HALT_SYS();
+			break;
+		}
+	}
+	// if we did not handle the interrupt, jump to the interrupt vector...
+	if (!int_handled) {
+		setupInt(intNum);
+	}
+}
+
+// prepare and execute Interrupt 10 (VGA Interrupt)
+void
+runInt10(void)
+{
+	// Initialize stack and data segment
+	M.x86.R_SS = STACK_SEGMENT;
+	M.x86.R_DS = DATA_SEGMENT;
+	M.x86.R_SP = STACK_START_OFFSET;
+
+	// push a HLT instruction and a pointer to it onto the stack
+	// any return will pop the pointer and jump to the HLT, thus
+	// exiting (more or less) cleanly
+	push_word(0xf4f4);	//F4=HLT
+	//push_word(M.x86.R_SS);
+	//push_word(M.x86.R_SP + 2);
+
+	// setupInt will push the current CS and IP to the stack to return to it,
+	// but we want to halt, so set CS:IP to the HLT instruction we just pushed
+	// to the stack
+	M.x86.R_CS = M.x86.R_SS;
+	M.x86.R_IP = M.x86.R_SP;	// + 4;
+
+	CHECK_DBG(DEBUG_TRACE_X86EMU) {
+		X86EMU_trace_on();
+	}
+	CHECK_DBG(DEBUG_JMP) {
+		M.x86.debug |= DEBUG_TRACEJMP_REGS_F;
+		M.x86.debug |= DEBUG_TRACEJMP_REGS_F;
+		M.x86.debug |= DEBUG_TRACECALL_F;
+		M.x86.debug |= DEBUG_TRACECALL_REGS_F;
+	}
+	setupInt(0x10);
+	DEBUG_PRINTF_INTR("%s(): starting execution of INT10...\n",
+			  __func__);
+	X86EMU_exec();
+	DEBUG_PRINTF_INTR("%s(): execution finished\n", __func__);
+}
+
+// prepare and execute Interrupt 13 (Disk Interrupt)
+void
+runInt13(void)
+{
+	// Initialize stack and data segment
+	M.x86.R_SS = STACK_SEGMENT;
+	M.x86.R_DS = DATA_SEGMENT;
+	M.x86.R_SP = STACK_START_OFFSET;
+
+	// push a HLT instruction and a pointer to it onto the stack
+	// any return will pop the pointer and jump to the HLT, thus
+	// exiting (more or less) cleanly
+	push_word(0xf4f4);	//F4=HLT
+	//push_word(M.x86.R_SS);
+	//push_word(M.x86.R_SP + 2);
+
+	// setupInt will push the current CS and IP to the stack to return to it,
+	// but we want to halt, so set CS:IP to the HLT instruction we just pushed
+	// to the stack
+	M.x86.R_CS = M.x86.R_SS;
+	M.x86.R_IP = M.x86.R_SP;
+
+	CHECK_DBG(DEBUG_TRACE_X86EMU) {
+		X86EMU_trace_on();
+	}
+	CHECK_DBG(DEBUG_JMP) {
+		M.x86.debug |= DEBUG_TRACEJMP_REGS_F;
+		M.x86.debug |= DEBUG_TRACEJMP_REGS_F;
+		M.x86.debug |= DEBUG_TRACECALL_F;
+		M.x86.debug |= DEBUG_TRACECALL_REGS_F;
+	}
+
+	setupInt(0x13);
+	DEBUG_PRINTF_INTR("%s(): starting execution of INT13...\n",
+			  __func__);
+	X86EMU_exec();
+	DEBUG_PRINTF_INTR("%s(): execution finished\n", __func__);
+}
diff --git a/src/device/oprom/yabel/interrupt.h b/src/device/oprom/yabel/interrupt.h
new file mode 100644
index 0000000..11755e1
--- /dev/null
+++ b/src/device/oprom/yabel/interrupt.h
@@ -0,0 +1,21 @@
+/******************************************************************************
+ * Copyright (c) 2004, 2008 IBM Corporation
+ * All rights reserved.
+ * This program and the accompanying materials
+ * are made available under the terms of the BSD License
+ * which accompanies this distribution, and is available at
+ * http://www.opensource.org/licenses/bsd-license.php
+ *
+ * Contributors:
+ *     IBM Corporation - initial implementation
+ *****************************************************************************/
+#ifndef _BIOSEMU_INTERRUPT_H_
+#define _BIOSEMU_INTERRUPT_H_
+
+void handleInterrupt(int intNum);
+
+void runInt10(void);
+
+void runInt13(void);
+
+#endif
diff --git a/src/device/oprom/yabel/io.c b/src/device/oprom/yabel/io.c
new file mode 100644
index 0000000..5c19b51
--- /dev/null
+++ b/src/device/oprom/yabel/io.c
@@ -0,0 +1,577 @@
+/******************************************************************************
+ * Copyright (c) 2004, 2008 IBM Corporation
+ * Copyright (c) 2009 Pattrick Hueper <phueper at hueper.net>
+ * All rights reserved.
+ * This program and the accompanying materials
+ * are made available under the terms of the BSD License
+ * which accompanies this distribution, and is available at
+ * http://www.opensource.org/licenses/bsd-license.php
+ *
+ * Contributors:
+ *     IBM Corporation - initial implementation
+ *****************************************************************************/
+
+#include <types.h>
+#include "compat/rtas.h"
+#include "compat/time.h"
+#include "device.h"
+#include "debug.h"
+#include <x86emu/x86emu.h>
+#include "io.h"
+
+#if CONFIG_PCI_OPTION_ROM_RUN_YABEL
+#include <device/pci.h>
+#include <device/pci_ops.h>
+#include <device/resource.h>
+#endif
+
+#if CONFIG_ARCH_X86
+#include <arch/io.h>
+#else
+// these are not used, only needed for linking,  must be overridden using X86emu_setupPioFuncs
+// with the functions and struct below
+void
+outb(u8 val, u16 port)
+{
+	printf("WARNING: outb not implemented!\n");
+	HALT_SYS();
+}
+
+void
+outw(u16 val, u16 port)
+{
+	printf("WARNING: outw not implemented!\n");
+	HALT_SYS();
+}
+
+void
+outl(u32 val, u16 port)
+{
+	printf("WARNING: outl not implemented!\n");
+	HALT_SYS();
+}
+
+u8
+inb(u16 port)
+{
+	printf("WARNING: inb not implemented!\n");
+	HALT_SYS();
+	return 0;
+}
+
+u16
+inw(u16 port)
+{
+	printf("WARNING: inw not implemented!\n");
+	HALT_SYS();
+	return 0;
+}
+
+u32
+inl(u16 port)
+{
+	printf("WARNING: inl not implemented!\n");
+	HALT_SYS();
+	return 0;
+}
+#endif
+
+#if CONFIG_YABEL_DIRECTHW
+u8 my_inb(X86EMU_pioAddr addr)
+{
+	u8 val;
+
+	val = inb(addr);
+	DEBUG_PRINTF_IO("inb(0x%04x) = 0x%02x\n", addr, val);
+
+	return val;
+}
+
+u16 my_inw(X86EMU_pioAddr addr)
+{
+	u16 val;
+
+	val = inw(addr);
+	DEBUG_PRINTF_IO("inw(0x%04x) = 0x%04x\n", addr, val);
+
+	return val;
+}
+
+u32 my_inl(X86EMU_pioAddr addr)
+{
+	u32 val;
+
+	val = inl(addr);
+	DEBUG_PRINTF_IO("inl(0x%04x) = 0x%08x\n", addr, val);
+
+	return val;
+}
+
+void my_outb(X86EMU_pioAddr addr, u8 val)
+{
+	DEBUG_PRINTF_IO("outb(0x%02x, 0x%04x)\n", val, addr);
+	outb(val, addr);
+}
+
+void my_outw(X86EMU_pioAddr addr, u16 val)
+{
+	DEBUG_PRINTF_IO("outw(0x%04x, 0x%04x)\n", val, addr);
+	outw(val, addr);
+}
+
+void my_outl(X86EMU_pioAddr addr, u32 val)
+{
+	DEBUG_PRINTF_IO("outl(0x%08x, 0x%04x)\n", val, addr);
+	outl(val, addr);
+}
+
+#else
+
+static unsigned int
+read_io(void *addr, size_t sz)
+{
+        unsigned int ret;
+	/* since we are using inb instructions, we need the port number as 16bit value */
+	u16 port = (u16)(u32) addr;
+
+        switch (sz) {
+        case 1:
+		asm volatile ("inb %1, %b0" : "=a"(ret) : "d" (port));
+                break;
+        case 2:
+		asm volatile ("inw %1, %w0" : "=a"(ret) : "d" (port));
+                break;
+        case 4:
+		asm volatile ("inl %1, %0" : "=a"(ret) : "d" (port));
+                break;
+        default:
+                ret = 0;
+        }
+
+        return ret;
+}
+
+static int
+write_io(void *addr, unsigned int value, size_t sz)
+{
+	u16 port = (u16)(u32) addr;
+        switch (sz) {
+	/* since we are using inb instructions, we need the port number as 16bit value */
+        case 1:
+		asm volatile ("outb %b0, %1" : : "a"(value), "d" (port));
+                break;
+        case 2:
+		asm volatile ("outw %w0, %1" : : "a"(value), "d" (port));
+                break;
+        case 4:
+		asm volatile ("outl %0, %1" : : "a"(value), "d" (port));
+                break;
+        default:
+                return -1;
+        }
+
+        return 0;
+}
+
+u32 pci_cfg_read(X86EMU_pioAddr addr, u8 size);
+void pci_cfg_write(X86EMU_pioAddr addr, u32 val, u8 size);
+u8 handle_port_61h(void);
+
+u8
+my_inb(X86EMU_pioAddr addr)
+{
+	u8 rval = 0xFF;
+	unsigned long translated_addr = addr;
+	u8 translated = biosemu_dev_translate_address(IORESOURCE_IO, &translated_addr);
+	if (translated != 0) {
+		//translation successfull, access Device I/O (BAR or Legacy...)
+		DEBUG_PRINTF_IO("%s(%x): access to Device I/O\n", __func__,
+				addr);
+		//DEBUG_PRINTF_IO("%s(%04x): translated_addr: %llx\n", __func__, addr, translated_addr);
+		rval = read_io((void *)translated_addr, 1);
+		DEBUG_PRINTF_IO("%s(%04x) Device I/O --> %02x\n", __func__,
+				addr, rval);
+		return rval;
+	} else {
+		switch (addr) {
+		case 0x61:
+			//8254 KB Controller / Timer Port
+			// rval = handle_port_61h();
+			rval = inb(0x61);
+			//DEBUG_PRINTF_IO("%s(%04x) KB / Timer Port B --> %02x\n", __func__, addr, rval);
+			return rval;
+			break;
+		case 0xCFC:
+		case 0xCFD:
+		case 0xCFE:
+		case 0xCFF:
+			// PCI Config Mechanism 1 Ports
+			return (u8) pci_cfg_read(addr, 1);
+			break;
+		case 0x0a:
+			CHECK_DBG(DEBUG_INTR) {
+				X86EMU_trace_on();
+			}
+			M.x86.debug &= ~DEBUG_DECODE_NOPRINT_F;
+			//HALT_SYS();
+			// no break, intentional fall-through to default!!
+		default:
+			DEBUG_PRINTF_IO
+			    ("%s(%04x) reading from bios_device.io_buffer\n",
+			     __func__, addr);
+			rval = *((u8 *) (bios_device.io_buffer + addr));
+			DEBUG_PRINTF_IO("%s(%04x) I/O Buffer --> %02x\n",
+					__func__, addr, rval);
+			return rval;
+			break;
+		}
+	}
+}
+
+u16
+my_inw(X86EMU_pioAddr addr)
+{
+	unsigned long translated_addr = addr;
+	u8 translated = biosemu_dev_translate_address(IORESOURCE_IO, &translated_addr);
+	if (translated != 0) {
+		//translation successfull, access Device I/O (BAR or Legacy...)
+		DEBUG_PRINTF_IO("%s(%x): access to Device I/O\n", __func__,
+				addr);
+		//DEBUG_PRINTF_IO("%s(%04x): translated_addr: %llx\n", __func__, addr, translated_addr);
+		u16 rval;
+		if ((translated_addr & (u64) 0x1) == 0) {
+			// 16 bit aligned access...
+			u16 tempval = read_io((void *)translated_addr, 2);
+			//little endian conversion
+			rval = in16le((void *) &tempval);
+		} else {
+			// unaligned access, read single bytes, little-endian
+			rval = (read_io((void *)translated_addr, 1) << 8)
+				| (read_io((void *)(translated_addr + 1), 1));
+		}
+		DEBUG_PRINTF_IO("%s(%04x) Device I/O --> %04x\n", __func__,
+				addr, rval);
+		return rval;
+	} else {
+		switch (addr) {
+		case 0xCFC:
+		case 0xCFE:
+			//PCI Config Mechanism 1
+			return (u16) pci_cfg_read(addr, 2);
+			break;
+		default:
+			DEBUG_PRINTF_IO
+			    ("%s(%04x) reading from bios_device.io_buffer\n",
+			     __func__, addr);
+			u16 rval =
+			    in16le((void *) bios_device.io_buffer + addr);
+			DEBUG_PRINTF_IO("%s(%04x) I/O Buffer --> %04x\n",
+					__func__, addr, rval);
+			return rval;
+			break;
+		}
+	}
+}
+
+u32
+my_inl(X86EMU_pioAddr addr)
+{
+	unsigned long translated_addr = addr;
+	u8 translated = biosemu_dev_translate_address(IORESOURCE_IO, &translated_addr);
+	if (translated != 0) {
+		//translation successfull, access Device I/O (BAR or Legacy...)
+		DEBUG_PRINTF_IO("%s(%x): access to Device I/O\n", __func__,
+				addr);
+		//DEBUG_PRINTF_IO("%s(%04x): translated_addr: %llx\n", __func__, addr, translated_addr);
+		u32 rval;
+		if ((translated_addr & (u64) 0x3) == 0) {
+			// 32 bit aligned access...
+			u32 tempval = read_io((void *) translated_addr, 4);
+			//little endian conversion
+			rval = in32le((void *) &tempval);
+		} else {
+			// unaligned access, read single bytes, little-endian
+			rval = (read_io((void *)(translated_addr), 1) << 24)
+				| (read_io((void *)(translated_addr + 1), 1) << 16)
+				| (read_io((void *)(translated_addr + 2), 1) << 8)
+				| (read_io((void *)(translated_addr + 3), 1));
+		}
+		DEBUG_PRINTF_IO("%s(%04x) Device I/O --> %08x\n", __func__,
+				addr, rval);
+		return rval;
+	} else {
+		switch (addr) {
+		case 0xCFC:
+			//PCI Config Mechanism 1
+			return pci_cfg_read(addr, 4);
+			break;
+		default:
+			DEBUG_PRINTF_IO
+			    ("%s(%04x) reading from bios_device.io_buffer\n",
+			     __func__, addr);
+			u32 rval =
+			    in32le((void *) bios_device.io_buffer + addr);
+			DEBUG_PRINTF_IO("%s(%04x) I/O Buffer --> %08x\n",
+					__func__, addr, rval);
+			return rval;
+			break;
+		}
+	}
+}
+
+void
+my_outb(X86EMU_pioAddr addr, u8 val)
+{
+	unsigned long translated_addr = addr;
+	u8 translated = biosemu_dev_translate_address(IORESOURCE_IO, &translated_addr);
+	if (translated != 0) {
+		//translation successfull, access Device I/O (BAR or Legacy...)
+		DEBUG_PRINTF_IO("%s(%x, %x): access to Device I/O\n",
+				__func__, addr, val);
+		//DEBUG_PRINTF_IO("%s(%04x): translated_addr: %llx\n", __func__, addr, translated_addr);
+		write_io((void *) translated_addr, val, 1);
+		DEBUG_PRINTF_IO("%s(%04x) Device I/O <-- %02x\n", __func__,
+				addr, val);
+	} else {
+		switch (addr) {
+		case 0xCFC:
+		case 0xCFD:
+		case 0xCFE:
+		case 0xCFF:
+			// PCI Config Mechanism 1 Ports
+			pci_cfg_write(addr, val, 1);
+			break;
+		default:
+			DEBUG_PRINTF_IO
+			    ("%s(%04x,%02x) writing to bios_device.io_buffer\n",
+			     __func__, addr, val);
+			*((u8 *) (bios_device.io_buffer + addr)) = val;
+			break;
+		}
+	}
+}
+
+void
+my_outw(X86EMU_pioAddr addr, u16 val)
+{
+	unsigned long translated_addr = addr;
+	u8 translated = biosemu_dev_translate_address(IORESOURCE_IO, &translated_addr);
+	if (translated != 0) {
+		//translation successfull, access Device I/O (BAR or Legacy...)
+		DEBUG_PRINTF_IO("%s(%x, %x): access to Device I/O\n",
+				__func__, addr, val);
+		//DEBUG_PRINTF_IO("%s(%04x): translated_addr: %llx\n", __func__, addr, translated_addr);
+		if ((translated_addr & (u64) 0x1) == 0) {
+			// little-endian conversion
+			u16 tempval = in16le((void *) &val);
+			// 16 bit aligned access...
+			write_io((void *) translated_addr, tempval, 2);
+		} else {
+			// unaligned access, write single bytes, little-endian
+			write_io(((void *) (translated_addr + 1)),
+				(u8) ((val & 0xFF00) >> 8), 1);
+			write_io(((void *) translated_addr),
+				(u8) (val & 0x00FF), 1);
+		}
+		DEBUG_PRINTF_IO("%s(%04x) Device I/O <-- %04x\n", __func__,
+				addr, val);
+	} else {
+		switch (addr) {
+		case 0xCFC:
+		case 0xCFE:
+			// PCI Config Mechanism 1 Ports
+			pci_cfg_write(addr, val, 2);
+			break;
+		default:
+			DEBUG_PRINTF_IO
+			    ("%s(%04x,%04x) writing to bios_device.io_buffer\n",
+			     __func__, addr, val);
+			out16le((void *) bios_device.io_buffer + addr, val);
+			break;
+		}
+	}
+}
+
+void
+my_outl(X86EMU_pioAddr addr, u32 val)
+{
+	unsigned long translated_addr = addr;
+	u8 translated = biosemu_dev_translate_address(IORESOURCE_IO, &translated_addr);
+	if (translated != 0) {
+		//translation successfull, access Device I/O (BAR or Legacy...)
+		DEBUG_PRINTF_IO("%s(%x, %x): access to Device I/O\n",
+				__func__, addr, val);
+		//DEBUG_PRINTF_IO("%s(%04x): translated_addr: %llx\n", __func__, addr, translated_addr);
+		if ((translated_addr & (u64) 0x3) == 0) {
+			// little-endian conversion
+			u32 tempval = in32le((void *) &val);
+			// 32 bit aligned access...
+			write_io((void *) translated_addr,  tempval, 4);
+		} else {
+			// unaligned access, write single bytes, little-endian
+			write_io(((void *) translated_addr + 3),
+			    (u8) ((val & 0xFF000000) >> 24), 1);
+			write_io(((void *) translated_addr + 2),
+			    (u8) ((val & 0x00FF0000) >> 16), 1);
+			write_io(((void *) translated_addr + 1),
+			    (u8) ((val & 0x0000FF00) >> 8), 1);
+			write_io(((void *) translated_addr),
+			    (u8) (val & 0x000000FF), 1);
+		}
+		DEBUG_PRINTF_IO("%s(%04x) Device I/O <-- %08x\n", __func__,
+				addr, val);
+	} else {
+		switch (addr) {
+		case 0xCFC:
+			// PCI Config Mechanism 1 Ports
+			pci_cfg_write(addr, val, 4);
+			break;
+		default:
+			DEBUG_PRINTF_IO
+			    ("%s(%04x,%08x) writing to bios_device.io_buffer\n",
+			     __func__, addr, val);
+			out32le((void *) bios_device.io_buffer + addr, val);
+			break;
+		}
+	}
+}
+
+u32
+pci_cfg_read(X86EMU_pioAddr addr, u8 size)
+{
+	u32 rval = 0xFFFFFFFF;
+	struct device * dev;
+	if ((addr >= 0xCFC) && ((addr + size) <= 0xD00)) {
+		// PCI Configuration Mechanism 1 step 1
+		// write to 0xCF8, sets bus, device, function and Config Space offset
+		// later read from 0xCFC-0xCFF returns the value...
+		u8 bus, devfn, offs;
+		u32 port_cf8_val = my_inl(0xCF8);
+		if ((port_cf8_val & 0x80000000) != 0) {
+			//highest bit enables config space mapping
+			bus = (port_cf8_val & 0x00FF0000) >> 16;
+			devfn = (port_cf8_val & 0x0000FF00) >> 8;
+			offs = (port_cf8_val & 0x000000FF);
+			offs += (addr - 0xCFC);	// if addr is not 0xcfc, the offset is moved accordingly
+			DEBUG_PRINTF_INTR("%s(): PCI Config Read from device: bus: %02x, devfn: %02x, offset: %02x\n",
+				__func__, bus, devfn, offs);
+#if CONFIG_YABEL_PCI_ACCESS_OTHER_DEVICES
+			dev = dev_find_slot(bus, devfn);
+			DEBUG_PRINTF_INTR("%s(): dev_find_slot() returned: %s\n",
+				__func__, dev_path(dev));
+			if (dev == 0) {
+				// fail accesses to non-existent devices...
+#else
+			dev = bios_device.dev;
+			if ((bus != bios_device.bus)
+			     || (devfn != bios_device.devfn)) {
+				// fail accesses to any device but ours...
+#endif
+				printf
+				    ("%s(): Config read access invalid device! bus: %02x (%02x), devfn: %02x (%02x), offs: %02x\n",
+				     __func__, bus, bios_device.bus, devfn,
+				     bios_device.devfn, offs);
+				SET_FLAG(F_CF);
+				HALT_SYS();
+				return 0;
+			} else {
+#if CONFIG_PCI_OPTION_ROM_RUN_YABEL
+				switch (size) {
+					case 1:
+						rval = pci_read_config8(dev, offs);
+						break;
+					case 2:
+						rval = pci_read_config16(dev, offs);
+						break;
+					case 4:
+						rval = pci_read_config32(dev, offs);
+						break;
+				}
+#else
+				rval =
+				    (u32) rtas_pci_config_read(bios_device.
+								    puid, size,
+								    bus, devfn,
+								    offs);
+#endif
+				DEBUG_PRINTF_IO
+				    ("%s(%04x) PCI Config Read @%02x, size: %d --> 0x%08x\n",
+				     __func__, addr, offs, size, rval);
+			}
+		}
+	}
+	return rval;
+}
+
+void
+pci_cfg_write(X86EMU_pioAddr addr, u32 val, u8 size)
+{
+	if ((addr >= 0xCFC) && ((addr + size) <= 0xD00)) {
+		// PCI Configuration Mechanism 1 step 1
+		// write to 0xCF8, sets bus, device, function and Config Space offset
+		// later write to 0xCFC-0xCFF sets the value...
+		u8 bus, devfn, offs;
+		u32 port_cf8_val = my_inl(0xCF8);
+		if ((port_cf8_val & 0x80000000) != 0) {
+			//highest bit enables config space mapping
+			bus = (port_cf8_val & 0x00FF0000) >> 16;
+			devfn = (port_cf8_val & 0x0000FF00) >> 8;
+			offs = (port_cf8_val & 0x000000FF);
+			offs += (addr - 0xCFC);	// if addr is not 0xcfc, the offset is moved accordingly
+			if ((bus != bios_device.bus)
+			    || (devfn != bios_device.devfn)) {
+				// fail accesses to any device but ours...
+				printf
+				    ("Config write access invalid! PCI device %x:%x.%x, offs: %x\n",
+				     bus, devfn >> 3, devfn & 7, offs);
+#if !CONFIG_YABEL_PCI_FAKE_WRITING_OTHER_DEVICES_CONFIG
+				HALT_SYS();
+#endif
+			} else {
+#if CONFIG_PCI_OPTION_ROM_RUN_YABEL
+				switch (size) {
+					case 1:
+						pci_write_config8(bios_device.dev, offs, val);
+						break;
+					case 2:
+						pci_write_config16(bios_device.dev, offs, val);
+						break;
+					case 4:
+						pci_write_config32(bios_device.dev, offs, val);
+						break;
+				}
+#else
+				rtas_pci_config_write(bios_device.puid,
+						      size, bus, devfn, offs,
+						      val);
+#endif
+				DEBUG_PRINTF_IO
+				    ("%s(%04x) PCI Config Write @%02x, size: %d <-- 0x%08x\n",
+				     __func__, addr, offs, size, val);
+			}
+		}
+	}
+}
+
+u8
+handle_port_61h(void)
+{
+	static u64 last_time = 0;
+	u64 curr_time = get_time();
+	u64 time_diff;	// time since last call
+	u32 period_ticks;	// length of a period in ticks
+	u32 nr_periods;	//number of periods passed since last call
+	// bit 4 should toggle with every (DRAM) refresh cycle... (66kHz??)
+	time_diff = curr_time - last_time;
+	// at 66kHz a period is ~ 15 ns long, converted to ticks: (tb_freq is ticks/second)
+	// TODO: as long as the frequency does not change, we should not calculate this every time
+	period_ticks = (15 * tb_freq) / 1000000;
+	nr_periods = time_diff / period_ticks;
+	// if the number if ticks passed since last call is odd, we toggle bit 4
+	if ((nr_periods % 2) != 0) {
+		*((u8 *) (bios_device.io_buffer + 0x61)) ^= 0x10;
+	}
+	//finally read the value from the io_buffer
+	return *((u8 *) (bios_device.io_buffer + 0x61));
+}
+#endif
diff --git a/src/device/oprom/yabel/io.h b/src/device/oprom/yabel/io.h
new file mode 100644
index 0000000..6b2dcc4
--- /dev/null
+++ b/src/device/oprom/yabel/io.h
@@ -0,0 +1,30 @@
+/******************************************************************************
+ * Copyright (c) 2004, 2008 IBM Corporation
+ * All rights reserved.
+ * This program and the accompanying materials
+ * are made available under the terms of the BSD License
+ * which accompanies this distribution, and is available at
+ * http://www.opensource.org/licenses/bsd-license.php
+ *
+ * Contributors:
+ *     IBM Corporation - initial implementation
+ *****************************************************************************/
+
+#ifndef _BIOSEMU_IO_H_
+#define _BIOSEMU_IO_H_
+#include <x86emu/x86emu.h>
+#include <types.h>
+
+u8 my_inb(X86EMU_pioAddr addr);
+
+u16 my_inw(X86EMU_pioAddr addr);
+
+u32 my_inl(X86EMU_pioAddr addr);
+
+void my_outb(X86EMU_pioAddr addr, u8 val);
+
+void my_outw(X86EMU_pioAddr addr, u16 val);
+
+void my_outl(X86EMU_pioAddr addr, u32 val);
+
+#endif
diff --git a/src/device/oprom/yabel/mem.c b/src/device/oprom/yabel/mem.c
new file mode 100644
index 0000000..4b4a552
--- /dev/null
+++ b/src/device/oprom/yabel/mem.c
@@ -0,0 +1,501 @@
+/******************************************************************************
+ * Copyright (c) 2004, 2008 IBM Corporation
+ * Copyright (c) 2009 Pattrick Hueper <phueper at hueper.net>
+ * All rights reserved.
+ * This program and the accompanying materials
+ * are made available under the terms of the BSD License
+ * which accompanies this distribution, and is available at
+ * http://www.opensource.org/licenses/bsd-license.php
+ *
+ * Contributors:
+ *     IBM Corporation - initial implementation
+ *****************************************************************************/
+
+#include <types.h>
+#include "debug.h"
+#include "device.h"
+#include "x86emu/x86emu.h"
+#include "biosemu.h"
+#include "mem.h"
+#include "compat/time.h"
+
+#if !CONFIG_YABEL_DIRECTHW || !CONFIG_YABEL_DIRECTHW
+
+#if CONFIG_PCI_OPTION_ROM_RUN_YABEL
+#include <device/resource.h>
+#endif
+
+// define a check for access to certain (virtual) memory regions (interrupt handlers, BIOS Data Area, ...)
+#if CONFIG_X86EMU_DEBUG
+static u8 in_check = 0;	// to avoid recursion...
+
+static inline void DEBUG_CHECK_VMEM_READ(u32 _addr, u32 _rval)
+{
+	u16 ebda_segment;
+	u32 ebda_size;
+	if (!((debug_flags & DEBUG_CHECK_VMEM_ACCESS) && (in_check == 0)))
+		return;
+	in_check = 1;
+	/* determine ebda_segment and size
+	* since we are using my_rdx calls, make sure, this is after setting in_check! */
+	/* offset 03 in BDA is EBDA segment */
+	ebda_segment = my_rdw(0x40e);
+	/* first value in ebda is size in KB */
+	ebda_size = my_rdb(ebda_segment << 4) * 1024;
+	/* check Interrupt Vector Access (0000:0000h - 0000:0400h) */
+	if (_addr < 0x400) {
+		DEBUG_PRINTF_CS_IP("%s: read from Interrupt Vector %x --> %x\n",
+				__func__, _addr / 4, _rval);
+	}
+	/* access to BIOS Data Area (0000:0400h - 0000:0500h)*/
+	else if ((_addr >= 0x400) && (_addr < 0x500)) {
+		DEBUG_PRINTF_CS_IP("%s: read from BIOS Data Area: addr: %x --> %x\n",
+				__func__, _addr, _rval);
+		/* dump registers */
+		/* x86emu_dump_xregs(); */
+	}
+	/* access to first 64k of memory... */
+	else if (_addr < 0x10000) {
+		DEBUG_PRINTF_CS_IP("%s: read from segment 0000h: addr: %x --> %x\n",
+				__func__, _addr, _rval);
+		/* dump registers */
+		/* x86emu_dump_xregs(); */
+	}
+	/* read from PMM_CONV_SEGMENT */
+	else if ((_addr <= ((PMM_CONV_SEGMENT << 4) | 0xffff)) && (_addr >= (PMM_CONV_SEGMENT << 4))) {
+		DEBUG_PRINTF_CS_IP("%s: read from PMM Segment %04xh: addr: %x --> %x\n",
+				__func__, PMM_CONV_SEGMENT, _addr, _rval);
+		/* HALT_SYS(); */
+		/* dump registers */
+		/* x86emu_dump_xregs(); */
+	}
+	/* read from PNP_DATA_SEGMENT */
+	else if ((_addr <= ((PNP_DATA_SEGMENT << 4) | 0xffff)) && (_addr >= (PNP_DATA_SEGMENT << 4))) {
+		DEBUG_PRINTF_CS_IP("%s: read from PnP Data Segment %04xh: addr: %x --> %x\n",
+				__func__, PNP_DATA_SEGMENT, _addr, _rval);
+		/* HALT_SYS(); */
+		/* dump registers */
+		/* x86emu_dump_xregs(); */
+	}
+	/* read from EBDA Segment */
+	else if ((_addr <= ((ebda_segment << 4) | (ebda_size - 1))) && (_addr >= (ebda_segment << 4))) {
+		DEBUG_PRINTF_CS_IP("%s: read from Extended BIOS Data Area %04xh, size: %04x: addr: %x --> %x\n",
+				__func__, ebda_segment, ebda_size, _addr, _rval);
+	}
+	/* read from BIOS_DATA_SEGMENT */
+	else if ((_addr <= ((BIOS_DATA_SEGMENT << 4) | 0xffff)) && (_addr >= (BIOS_DATA_SEGMENT << 4))) {
+		DEBUG_PRINTF_CS_IP("%s: read from BIOS Data Segment %04xh: addr: %x --> %x\n",
+				__func__, BIOS_DATA_SEGMENT, _addr, _rval);
+		/* for PMM debugging */
+		/*if (_addr == BIOS_DATA_SEGMENT << 4) {
+			X86EMU_trace_on();
+			M.x86.debug &= ~DEBUG_DECODE_NOPRINT_F;
+		}*/
+		/* dump registers */
+		/* x86emu_dump_xregs(); */
+	}
+	in_check = 0;
+}
+
+static inline void DEBUG_CHECK_VMEM_WRITE(u32 _addr, u32 _val)
+{
+	u16 ebda_segment;
+	u32 ebda_size;
+	if (!((debug_flags & DEBUG_CHECK_VMEM_ACCESS) && (in_check == 0)))
+		return;
+	in_check = 1;
+	/* determine ebda_segment and size
+	 * since we are using my_rdx calls, make sure that this is after
+	 * setting in_check! */
+	/* offset 03 in BDA is EBDA segment */
+	ebda_segment = my_rdw(0x40e);
+	/* first value in ebda is size in KB */
+	ebda_size = my_rdb(ebda_segment << 4) * 1024;
+	/* check Interrupt Vector Access (0000:0000h - 0000:0400h) */
+	if (_addr < 0x400) {
+		DEBUG_PRINTF_CS_IP("%s: write to Interrupt Vector %x <-- %x\n",
+				__func__, _addr / 4, _val);
+	}
+	/* access to BIOS Data Area (0000:0400h - 0000:0500h)*/
+	else if ((_addr >= 0x400) && (_addr < 0x500)) {
+		DEBUG_PRINTF_CS_IP("%s: write to BIOS Data Area: addr: %x <-- %x\n",
+					__func__, _addr, _val);
+		/* dump registers */
+		/* x86emu_dump_xregs(); */
+	}
+	/* access to first 64k of memory...*/
+	else if (_addr < 0x10000) {
+		DEBUG_PRINTF_CS_IP("%s: write to segment 0000h: addr: %x <-- %x\n",
+				__func__, _addr, _val);
+	/* dump registers */
+		/* x86emu_dump_xregs(); */
+	}
+	/* write to PMM_CONV_SEGMENT... */
+	else if ((_addr <= ((PMM_CONV_SEGMENT << 4) | 0xffff)) && (_addr >= (PMM_CONV_SEGMENT << 4))) {
+		DEBUG_PRINTF_CS_IP("%s: write to PMM Segment %04xh: addr: %x <-- %x\n",
+				__func__, PMM_CONV_SEGMENT, _addr, _val);
+		/* dump registers */
+		/* x86emu_dump_xregs(); */
+	}
+	/* write to PNP_DATA_SEGMENT... */
+	else if ((_addr <= ((PNP_DATA_SEGMENT << 4) | 0xffff)) && (_addr >= (PNP_DATA_SEGMENT << 4))) {
+		DEBUG_PRINTF_CS_IP("%s: write to PnP Data Segment %04xh: addr: %x <-- %x\n",
+				__func__, PNP_DATA_SEGMENT, _addr, _val);
+		/* dump registers */
+		/* x86emu_dump_xregs(); */
+	}
+	/* write to EBDA Segment... */
+	else if ((_addr <= ((ebda_segment << 4) | (ebda_size - 1))) && (_addr >= (ebda_segment << 4))) {
+		DEBUG_PRINTF_CS_IP("%s: write to Extended BIOS Data Area %04xh, size: %04x: addr: %x <-- %x\n",
+				__func__, ebda_segment, ebda_size, _addr, _val);
+	}
+	/* write to BIOS_DATA_SEGMENT... */
+	else if ((_addr <= ((BIOS_DATA_SEGMENT << 4) | 0xffff)) && (_addr >= (BIOS_DATA_SEGMENT << 4))) {
+		DEBUG_PRINTF_CS_IP("%s: write to BIOS Data Segment %04xh: addr: %x <-- %x\n",
+				__func__, BIOS_DATA_SEGMENT, _addr, _val);
+		/* dump registers */
+		/* x86emu_dump_xregs(); */
+	}
+	/* write to current CS segment... */
+	else if ((_addr < ((M.x86.R_CS << 4) | 0xffff)) && (_addr > (M.x86.R_CS << 4))) {
+		DEBUG_PRINTF_CS_IP("%s: write to CS segment %04xh: addr: %x <-- %x\n",
+				__func__, M.x86.R_CS, _addr, _val);
+		/* dump registers */
+		/* x86emu_dump_xregs(); */
+	}
+	in_check = 0;
+}
+#else
+static inline void DEBUG_CHECK_VMEM_READ(u32 _addr, u32 _rval) {};
+static inline void DEBUG_CHECK_VMEM_WRITE(u32 _addr, u32 _val) {};
+#endif
+
+//update time in BIOS Data Area
+//DWord at offset 0x6c is the timer ticks since midnight, timer is running at 18Hz
+//byte at 0x70 is timer overflow (set if midnight passed since last call to interrupt 1a function 00
+//cur_val is the current value, of offset 6c...
+static void
+update_time(u32 cur_val)
+{
+	//for convenience, we let the start of timebase be at midnight, we currently dont support
+	//real daytime anyway...
+	u64 ticks_per_day = tb_freq * 60 * 24;
+	// at 18Hz a period is ~55ms, converted to ticks (tb_freq is ticks/second)
+	u32 period_ticks = (55 * tb_freq) / 1000;
+	u64 curr_time = get_time();
+	u64 ticks_since_midnight = curr_time % ticks_per_day;
+	u32 periods_since_midnight = ticks_since_midnight / period_ticks;
+	// if periods since midnight is smaller than last value, set overflow
+	// at BDA Offset 0x70
+	if (periods_since_midnight < cur_val) {
+		my_wrb(0x470, 1);
+	}
+	// store periods since midnight at BDA offset 0x6c
+	my_wrl(0x46c, periods_since_midnight);
+}
+
+// read byte from memory
+u8
+my_rdb(u32 addr)
+{
+	unsigned long translated_addr = addr;
+	u8 translated = biosemu_dev_translate_address(IORESOURCE_MEM, &translated_addr);
+	u8 rval;
+	if (translated != 0) {
+		//translation successfull, access VGA Memory (BAR or Legacy...)
+		DEBUG_PRINTF_MEM("%s(%08x): access to VGA Memory\n",
+				 __func__, addr);
+		//DEBUG_PRINTF_MEM("%s(%08x): translated_addr: %llx\n", __func__, addr, translated_addr);
+		set_ci();
+		rval = *((u8 *) translated_addr);
+		clr_ci();
+		DEBUG_PRINTF_MEM("%s(%08x) VGA --> %02x\n", __func__, addr,
+				 rval);
+		return rval;
+	} else if (addr > M.mem_size) {
+		DEBUG_PRINTF("%s(%08x): Memory Access out of range!\n",
+			     __func__, addr);
+		//disassemble_forward(M.x86.saved_cs, M.x86.saved_ip, 1);
+		HALT_SYS();
+	} else {
+		/* read from virtual memory */
+		rval = *((u8 *) (M.mem_base + addr));
+		DEBUG_CHECK_VMEM_READ(addr, rval);
+		return rval;
+	}
+	return -1;
+}
+
+//read word from memory
+u16
+my_rdw(u32 addr)
+{
+	unsigned long translated_addr = addr;
+	u8 translated = biosemu_dev_translate_address(IORESOURCE_MEM, &translated_addr);
+	u16 rval;
+	if (translated != 0) {
+		//translation successfull, access VGA Memory (BAR or Legacy...)
+		DEBUG_PRINTF_MEM("%s(%08x): access to VGA Memory\n",
+				 __func__, addr);
+		//DEBUG_PRINTF_MEM("%s(%08x): translated_addr: %llx\n", __func__, addr, translated_addr);
+		// check for legacy memory, because of the remapping to BARs, the reads must
+		// be byte reads...
+		if ((addr >= 0xa0000) && (addr < 0xc0000)) {
+			//read bytes a using my_rdb, because of the remapping to BARs
+			//words may not be contiguous in memory, so we need to translate
+			//every address...
+			rval = ((u8) my_rdb(addr)) |
+			    (((u8) my_rdb(addr + 1)) << 8);
+		} else {
+			if ((translated_addr & (u64) 0x1) == 0) {
+				// 16 bit aligned access...
+				set_ci();
+				rval = in16le((void *) translated_addr);
+				clr_ci();
+			} else {
+				// unaligned access, read single bytes
+				set_ci();
+				rval = (*((u8 *) translated_addr)) |
+				    (*((u8 *) translated_addr + 1) << 8);
+				clr_ci();
+			}
+		}
+		DEBUG_PRINTF_MEM("%s(%08x) VGA --> %04x\n", __func__, addr,
+				 rval);
+		return rval;
+	} else if (addr > M.mem_size) {
+		DEBUG_PRINTF("%s(%08x): Memory Access out of range!\n",
+			     __func__, addr);
+		//disassemble_forward(M.x86.saved_cs, M.x86.saved_ip, 1);
+		HALT_SYS();
+	} else {
+		/* read from virtual memory */
+		rval = in16le((void *) (M.mem_base + addr));
+		DEBUG_CHECK_VMEM_READ(addr, rval);
+		return rval;
+	}
+	return -1;
+}
+
+//read long from memory
+u32
+my_rdl(u32 addr)
+{
+	unsigned long translated_addr = addr;
+	u8 translated = biosemu_dev_translate_address(IORESOURCE_MEM, &translated_addr);
+	u32 rval;
+	if (translated != 0) {
+		//translation successfull, access VGA Memory (BAR or Legacy...)
+		DEBUG_PRINTF_MEM("%s(%x): access to VGA Memory\n",
+				 __func__, addr);
+		//DEBUG_PRINTF_MEM("%s(%08x): translated_addr: %llx\n", __func__, addr, translated_addr);
+		// check for legacy memory, because of the remapping to BARs, the reads must
+		// be byte reads...
+		if ((addr >= 0xa0000) && (addr < 0xc0000)) {
+			//read bytes a using my_rdb, because of the remapping to BARs
+			//dwords may not be contiguous in memory, so we need to translate
+			//every address...
+			rval = ((u8) my_rdb(addr)) |
+			    (((u8) my_rdb(addr + 1)) << 8) |
+			    (((u8) my_rdb(addr + 2)) << 16) |
+			    (((u8) my_rdb(addr + 3)) << 24);
+		} else {
+			if ((translated_addr & (u64) 0x3) == 0) {
+				// 32 bit aligned access...
+				set_ci();
+				rval = in32le((void *) translated_addr);
+				clr_ci();
+			} else {
+				// unaligned access, read single bytes
+				set_ci();
+				rval = (*((u8 *) translated_addr)) |
+				    (*((u8 *) translated_addr + 1) << 8) |
+				    (*((u8 *) translated_addr + 2) << 16) |
+				    (*((u8 *) translated_addr + 3) << 24);
+				clr_ci();
+			}
+		}
+		DEBUG_PRINTF_MEM("%s(%08x) VGA --> %08x\n", __func__, addr,
+				 rval);
+		//HALT_SYS();
+		return rval;
+	} else if (addr > M.mem_size) {
+		DEBUG_PRINTF("%s(%08x): Memory Access out of range!\n",
+			     __func__, addr);
+		//disassemble_forward(M.x86.saved_cs, M.x86.saved_ip, 1);
+		HALT_SYS();
+	} else {
+		/* read from virtual memory */
+		rval = in32le((void *) (M.mem_base + addr));
+		switch (addr) {
+		case 0x46c:
+			//BDA Time Data, update it, before reading
+			update_time(rval);
+			rval = in32le((void *) (M.mem_base + addr));
+			break;
+		}
+		DEBUG_CHECK_VMEM_READ(addr, rval);
+		return rval;
+	}
+	return -1;
+}
+
+//write byte to memory
+void
+my_wrb(u32 addr, u8 val)
+{
+	unsigned long translated_addr = addr;
+	u8 translated = biosemu_dev_translate_address(IORESOURCE_MEM, &translated_addr);
+	if (translated != 0) {
+		//translation successfull, access VGA Memory (BAR or Legacy...)
+		DEBUG_PRINTF_MEM("%s(%x, %x): access to VGA Memory\n",
+				 __func__, addr, val);
+		//DEBUG_PRINTF_MEM("%s(%08x): translated_addr: %llx\n", __func__, addr, translated_addr);
+		set_ci();
+		*((u8 *) translated_addr) = val;
+		clr_ci();
+	} else if (addr > M.mem_size) {
+		DEBUG_PRINTF("%s(%08x): Memory Access out of range!\n",
+			     __func__, addr);
+		//disassemble_forward(M.x86.saved_cs, M.x86.saved_ip, 1);
+		HALT_SYS();
+	} else {
+		/* write to virtual memory */
+		DEBUG_CHECK_VMEM_WRITE(addr, val);
+		*((u8 *) (M.mem_base + addr)) = val;
+	}
+}
+
+void
+my_wrw(u32 addr, u16 val)
+{
+	unsigned long translated_addr = addr;
+	u8 translated = biosemu_dev_translate_address(IORESOURCE_MEM, &translated_addr);
+	if (translated != 0) {
+		//translation successfull, access VGA Memory (BAR or Legacy...)
+		DEBUG_PRINTF_MEM("%s(%x, %x): access to VGA Memory\n",
+				 __func__, addr, val);
+		//DEBUG_PRINTF_MEM("%s(%08x): translated_addr: %llx\n", __func__, addr, translated_addr);
+		// check for legacy memory, because of the remapping to BARs, the reads must
+		// be byte reads...
+		if ((addr >= 0xa0000) && (addr < 0xc0000)) {
+			//read bytes a using my_rdb, because of the remapping to BARs
+			//words may not be contiguous in memory, so we need to translate
+			//every address...
+			my_wrb(addr, (u8) (val & 0x00FF));
+			my_wrb(addr + 1, (u8) ((val & 0xFF00) >> 8));
+		} else {
+			if ((translated_addr & (u64) 0x1) == 0) {
+				// 16 bit aligned access...
+				set_ci();
+				out16le((void *) translated_addr, val);
+				clr_ci();
+			} else {
+				// unaligned access, write single bytes
+				set_ci();
+				*((u8 *) translated_addr) =
+				    (u8) (val & 0x00FF);
+				*((u8 *) translated_addr + 1) =
+				    (u8) ((val & 0xFF00) >> 8);
+				clr_ci();
+			}
+		}
+	} else if (addr > M.mem_size) {
+		DEBUG_PRINTF("%s(%08x): Memory Access out of range!\n",
+			     __func__, addr);
+		//disassemble_forward(M.x86.saved_cs, M.x86.saved_ip, 1);
+		HALT_SYS();
+	} else {
+		/* write to virtual memory */
+		DEBUG_CHECK_VMEM_WRITE(addr, val);
+		out16le((void *) (M.mem_base + addr), val);
+	}
+}
+void
+my_wrl(u32 addr, u32 val)
+{
+	unsigned long translated_addr = addr;
+	u8 translated = biosemu_dev_translate_address(IORESOURCE_MEM, &translated_addr);
+	if (translated != 0) {
+		//translation successfull, access VGA Memory (BAR or Legacy...)
+		DEBUG_PRINTF_MEM("%s(%x, %x): access to VGA Memory\n",
+				 __func__, addr, val);
+		//DEBUG_PRINTF_MEM("%s(%08x): translated_addr: %llx\n",  __func__, addr, translated_addr);
+		// check for legacy memory, because of the remapping to BARs, the reads must
+		// be byte reads...
+		if ((addr >= 0xa0000) && (addr < 0xc0000)) {
+			//read bytes a using my_rdb, because of the remapping to BARs
+			//words may not be contiguous in memory, so we need to translate
+			//every address...
+			my_wrb(addr, (u8) (val & 0x000000FF));
+			my_wrb(addr + 1, (u8) ((val & 0x0000FF00) >> 8));
+			my_wrb(addr + 2, (u8) ((val & 0x00FF0000) >> 16));
+			my_wrb(addr + 3, (u8) ((val & 0xFF000000) >> 24));
+		} else {
+			if ((translated_addr & (u64) 0x3) == 0) {
+				// 32 bit aligned access...
+				set_ci();
+				out32le((void *) translated_addr, val);
+				clr_ci();
+			} else {
+				// unaligned access, write single bytes
+				set_ci();
+				*((u8 *) translated_addr) =
+				    (u8) (val & 0x000000FF);
+				*((u8 *) translated_addr + 1) =
+				    (u8) ((val & 0x0000FF00) >> 8);
+				*((u8 *) translated_addr + 2) =
+				    (u8) ((val & 0x00FF0000) >> 16);
+				*((u8 *) translated_addr + 3) =
+				    (u8) ((val & 0xFF000000) >> 24);
+				clr_ci();
+			}
+		}
+	} else if (addr > M.mem_size) {
+		DEBUG_PRINTF("%s(%08x): Memory Access out of range!\n",
+			     __func__, addr);
+		//disassemble_forward(M.x86.saved_cs, M.x86.saved_ip, 1);
+		HALT_SYS();
+	} else {
+		/* write to virtual memory */
+		DEBUG_CHECK_VMEM_WRITE(addr, val);
+		out32le((void *) (M.mem_base + addr), val);
+	}
+}
+#else
+u8
+my_rdb(u32 addr)
+{
+	return rdb(addr);
+}
+
+u16
+my_rdw(u32 addr)
+{
+	return rdw(addr);
+}
+
+u32
+my_rdl(u32 addr)
+{
+	return rdl(addr);
+}
+
+void
+my_wrb(u32 addr, u8 val)
+{
+	wrb(addr, val);
+}
+
+void
+my_wrw(u32 addr, u16 val)
+{
+	wrw(addr, val);
+}
+
+void
+my_wrl(u32 addr, u32 val)
+{
+	wrl(addr, val);
+}
+#endif
diff --git a/src/device/oprom/yabel/mem.h b/src/device/oprom/yabel/mem.h
new file mode 100644
index 0000000..dca8cfc
--- /dev/null
+++ b/src/device/oprom/yabel/mem.h
@@ -0,0 +1,36 @@
+/******************************************************************************
+ * Copyright (c) 2004, 2008 IBM Corporation
+ * All rights reserved.
+ * This program and the accompanying materials
+ * are made available under the terms of the BSD License
+ * which accompanies this distribution, and is available at
+ * http://www.opensource.org/licenses/bsd-license.php
+ *
+ * Contributors:
+ *     IBM Corporation - initial implementation
+ *****************************************************************************/
+
+#ifndef _BIOSEMU_MEM_H_
+#define _BIOSEMU_MEM_H_
+#include <x86emu/x86emu.h>
+#include <types.h>
+
+// read byte from memory
+u8 my_rdb(u32 addr);
+
+//read word from memory
+u16 my_rdw(u32 addr);
+
+//read long from memory
+u32 my_rdl(u32 addr);
+
+//write byte to memory
+void my_wrb(u32 addr, u8 val);
+
+//write word to memory
+void my_wrw(u32 addr, u16 val);
+
+//write long to memory
+void my_wrl(u32 addr, u32 val);
+
+#endif
diff --git a/src/device/oprom/yabel/pmm.c b/src/device/oprom/yabel/pmm.c
new file mode 100644
index 0000000..19d14d4
--- /dev/null
+++ b/src/device/oprom/yabel/pmm.c
@@ -0,0 +1,442 @@
+/****************************************************************************
+ * YABEL BIOS Emulator
+ *
+ * This program and the accompanying materials
+ * are made available under the terms of the BSD License
+ * which accompanies this distribution, and is available at
+ * http://www.opensource.org/licenses/bsd-license.php
+ *
+ * Copyright (c) 2008 Pattrick Hueper <phueper at hueper.net>
+ ****************************************************************************/
+
+#include <x86emu/x86emu.h>
+#include "../x86emu/prim_ops.h"
+#include <string.h>
+
+#include "biosemu.h"
+#include "pmm.h"
+#include "debug.h"
+#include "device.h"
+
+/* this struct is used to remember which PMM spaces
+ * have been assigned. MAX_PMM_AREAS defines how many
+ * PMM areas we can assign.
+ * All areas are assigned in PMM_CONV_SEGMENT
+ */
+typedef struct {
+	u32 handle;		/* handle that is returned to PMM caller */
+	u32 offset;		/* in PMM_CONV_SEGMENT */
+	u32 length;		/* length of this area */
+} pmm_allocation_t;
+
+#define MAX_PMM_AREAS 10
+
+/* array to store the above structs */
+static pmm_allocation_t pmm_allocation_array[MAX_PMM_AREAS];
+
+/* index into pmm_allocation_array */
+static u32 curr_pmm_allocation_index = 0;
+
+/* This function is used to setup the PMM struct in virtual memory
+ * at a certain offset, the length of the PMM struct is returned */
+u8 pmm_setup(u16 segment, u16 offset)
+{
+	/* setup the PMM structure */
+	pmm_information_t *pis =
+	    (pmm_information_t *) (M.mem_base + (((u32) segment) << 4) +
+				   offset);
+	memset(pis, 0, sizeof(pmm_information_t));
+	/* set signature to $PMM */
+	pis->signature[0] = '$';
+	pis->signature[1] = 'P';
+	pis->signature[2] = 'M';
+	pis->signature[3] = 'M';
+	/* revision as specified */
+	pis->struct_rev = 0x01;
+	/* internal length, excluding code */
+	pis->length = ((void *)&(pis->code) - (void *)&(pis->signature));
+	/* the code to be executed, pointed to by entry_point_offset */
+	pis->code[0] = 0xCD;	/* INT */
+	pis->code[1] = PMM_INT_NUM;	/* my selfdefined PMM INT number */
+	pis->code[2] = 0xCB;	/* RETF */
+	/* set the entry_point_offset, it should point to pis->code, segment is the segment of
+	 * this struct. Since pis->length is the length of the struct excluding code, offset+pis->length
+	 * points to the code... it's that simple ;-)
+	 */
+	out32le(&(pis->entry_point_offset),
+		(u32) segment << 16 | (u32) (offset + pis->length));
+	/* checksum calculation */
+	u8 i;
+	u8 checksum = 0;
+	for (i = 0; i < pis->length; i++) {
+		checksum += *(((u8 *) pis) + i);
+	}
+	pis->checksum = ((u8) 0) - checksum;
+	CHECK_DBG(DEBUG_PMM) {
+		DEBUG_PRINTF_PMM("PMM Structure:\n");
+		dump((void *)pis, sizeof(pmm_information_t));
+	}
+	return sizeof(pmm_information_t);
+}
+
+/* handle the selfdefined interrupt, this is executed, when the PMM Entry Point
+ * is executed, it must handle all PMM requests
+ */
+void pmm_handleInt()
+{
+	u32 rval = 0;
+	u16 function, flags;
+	u32 handle, length;
+	u32 i, j;
+	u32 buffer;
+	/* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+	 * according to the PMM Spec "the flags and all registers, except DX and AX
+	 * are preserved across calls to PMM"
+	 * so we save M.x86 and in :exit label we restore it, however, this means that no
+	 * returns must be used in this function, any exit must use goto exit!
+	 * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+	 */
+	X86EMU_regs backup_regs = M.x86;
+	pop_long();		/* pop the return address, this is already saved in INT handler, we don't need
+				   to remember this. */
+	function = pop_word();
+	switch (function) {
+	case 0:
+		/* function pmmAllocate */
+		length = pop_long();
+		length *= 16;	/* length is passed in "paragraphs" of 16 bytes each */
+		handle = pop_long();
+		flags = pop_word();
+		DEBUG_PRINTF_PMM
+		    ("%s: pmmAllocate: Length: %x, Handle: %x, Flags: %x\n",
+		     __func__, length, handle, flags);
+		if ((flags & 0x1) != 0) {
+			/* request to allocate in  conventional memory */
+			if (curr_pmm_allocation_index >= MAX_PMM_AREAS) {
+				printf
+				    ("%s: pmmAllocate: Maximum Number of allocatable areas reached (%d), cannot allocate more memory!\n",
+				     __func__, MAX_PMM_AREAS);
+				rval = 0;
+				goto exit;
+			}
+			/* some ROMs seem to be confused by offset 0, so lets start at 0x100 */
+			u32 next_offset = 0x100;
+			pmm_allocation_t *pmm_alloc =
+			    &(pmm_allocation_array[curr_pmm_allocation_index]);
+			if (curr_pmm_allocation_index != 0) {
+				/* we have already allocated... get the new next_offset
+				 * from the previous pmm_allocation_t */
+				next_offset =
+				    pmm_allocation_array
+				    [curr_pmm_allocation_index - 1].offset +
+				    pmm_allocation_array
+				    [curr_pmm_allocation_index - 1].length;
+			}
+			DEBUG_PRINTF_PMM("%s: next_offset: 0x%x\n",
+					 __func__, next_offset);
+			if (length == 0) {
+				/* largest possible block size requested, we have on segment
+				 * to allocate, so largest possible is segment size (0xFFFF)
+				 * minus next_offset
+				 */
+				rval = 0xFFFF - next_offset;
+				goto exit;
+			}
+			u32 align = 0;
+			if (((flags & 0x4) != 0) && (length > 0)) {
+				/* align to least significant bit set in length param */
+				u8 lsb = 0;
+				while (((length >> lsb) & 0x1) == 0) {
+					lsb++;
+				}
+				align = 1 << lsb;
+			}
+			/* always align at least to paragraph (16byte) boundary
+			 * hm... since the length is always in paragraphs, we cannot
+			 * align outside of paragraphs anyway... so this check might
+			 * be unnecessary...*/
+			if (align < 0x10) {
+				align = 0x10;
+			}
+			DEBUG_PRINTF_PMM("%s: align: 0x%x\n", __func__,
+					 align);
+			if ((next_offset & (align - 1)) != 0) {
+				/* not yet aligned... align! */
+				next_offset += align;
+				next_offset &= ~(align - 1);
+			}
+			if ((next_offset + length) > 0xFFFF) {
+				rval = 0;
+				printf
+				    ("%s: pmmAllocate: Not enough memory available for allocation!\n",
+				     __func__);
+				goto exit;
+			}
+			curr_pmm_allocation_index++;
+			/* remember the values in pmm_allocation_array */
+			pmm_alloc->handle = handle;
+			pmm_alloc->offset = next_offset;
+			pmm_alloc->length = length;
+			/* return the 32bit "physical" address, i.e. combination of segment and offset */
+			rval = ((u32) (PMM_CONV_SEGMENT << 16)) | next_offset;
+			DEBUG_PRINTF_PMM
+			    ("%s: pmmAllocate: allocated memory at %x\n",
+			     __func__, rval);
+		} else {
+			rval = 0;
+			printf
+			    ("%s: pmmAllocate: allocation in extended memory not supported!\n",
+			     __func__);
+		}
+		goto exit;
+	case 1:
+		/* function pmmFind */
+		handle = pop_long();	/* the handle to lookup */
+		DEBUG_PRINTF_PMM("%s: pmmFind: Handle: %x\n", __func__,
+				 handle);
+		i = 0;
+		for (i = 0; i < curr_pmm_allocation_index; i++) {
+			if (pmm_allocation_array[i].handle == handle) {
+				DEBUG_PRINTF_PMM
+				    ("%s: pmmFind: found allocated memory at %x\n",
+				     __func__, rval);
+				/* return the 32bit "physical" address, i.e. combination of segment and offset */
+				rval =
+				    ((u32) (PMM_CONV_SEGMENT << 16)) |
+				    pmm_allocation_array[i].offset;
+			}
+		}
+		if (rval == 0) {
+			DEBUG_PRINTF_PMM
+			    ("%s: pmmFind: handle (%x) not found!\n",
+			     __func__, handle);
+		}
+		goto exit;
+	case 2:
+		/* function pmmDeallocate */
+		buffer = pop_long();
+		/* since argument is the address of the PMM block (including the segment,
+		 * we need to remove the segment to get the offset
+		 */
+		buffer = buffer ^ ((u32) PMM_CONV_SEGMENT << 16);
+		DEBUG_PRINTF_PMM("%s: pmmDeallocate: PMM segment offset: %x\n",
+				 __func__, buffer);
+		i = 0;
+		/* rval = 0 means we deallocated the buffer, so set it to 1 in case we dont find it and
+		 * thus cannot deallocate
+		 */
+		rval = 1;
+		for (i = 0; i < curr_pmm_allocation_index; i++) {
+			DEBUG_PRINTF_PMM("%d: %x\n", i,
+					 pmm_allocation_array[i].handle);
+			if (pmm_allocation_array[i].offset == buffer) {
+				/* we found the requested buffer, rval = 0 */
+				rval = 0;
+				DEBUG_PRINTF_PMM
+				    ("%s: pmmDeallocate: found allocated memory at index: %d\n",
+				     __func__, i);
+				/* copy the remaining elements in pmm_allocation_array one position up */
+				j = i;
+				for (; j < curr_pmm_allocation_index; j++) {
+					pmm_allocation_array[j] =
+					    pmm_allocation_array[j + 1];
+				}
+				/* move curr_pmm_allocation_index one up, too */
+				curr_pmm_allocation_index--;
+				/* finally clean last element */
+				pmm_allocation_array[curr_pmm_allocation_index].
+				    handle = 0;
+				pmm_allocation_array[curr_pmm_allocation_index].
+				    offset = 0;
+				pmm_allocation_array[curr_pmm_allocation_index].
+				    length = 0;
+				break;
+			}
+		}
+		if (rval != 0) {
+			DEBUG_PRINTF_PMM
+			    ("%s: pmmDeallocate: offset (%x) not found, cannot deallocate!\n",
+			     __func__, buffer);
+		}
+		goto exit;
+	default:
+		/* invalid/unimplemented function */
+		printf("%s: invalid PMM function (0x%04x) called!\n",
+		       __func__, function);
+		/* PMM spec says if function is invalid, return 0xFFFFFFFF */
+		rval = 0xFFFFFFFF;
+		goto exit;
+	}
+exit:
+	/* exit handler of this function, restore registers, put return value in DX:AX */
+	M.x86 = backup_regs;
+	M.x86.R_DX = (u16) ((rval >> 16) & 0xFFFF);
+	M.x86.R_AX = (u16) (rval & 0xFFFF);
+	CHECK_DBG(DEBUG_PMM) {
+		DEBUG_PRINTF_PMM("%s: dump of pmm_allocation_array:\n",
+				 __func__);
+		for (i = 0; i < MAX_PMM_AREAS; i++) {
+			DEBUG_PRINTF_PMM
+			    ("%d:\n\thandle: %x\n\toffset: %x\n\tlength: %x\n",
+			     i, pmm_allocation_array[i].handle,
+			     pmm_allocation_array[i].offset,
+			     pmm_allocation_array[i].length);
+		}
+	}
+	return;
+}
+
+/* This function tests the pmm_handleInt() function above. */
+void pmm_test(void)
+{
+	u32 handle, length, addr;
+	u16 function, flags;
+	/*-------------------- Test simple allocation/find/deallocation ----------------------------- */
+	function = 0;		/* pmmAllocate */
+	handle = 0xdeadbeef;
+	length = 16;		/* in 16byte paragraphs, so we allocate 256 bytes... */
+	flags = 0x1;		/* conventional memory, unaligned */
+	/* setup stack for call to pmm_handleInt() */
+	push_word(flags);
+	push_long(handle);
+	push_long(length);
+	push_word(function);
+	push_long(0);		/* This is the return address for the ABI, unused in this implementation */
+	pmm_handleInt();
+	addr = ((u32) M.x86.R_DX << 16) | M.x86.R_AX;
+	DEBUG_PRINTF_PMM("%s: allocated memory at: %04x:%04x\n", __func__,
+			 M.x86.R_DX, M.x86.R_AX);
+	function = 1;		/* pmmFind */
+	push_long(handle);
+	push_word(function);
+	push_long(0);		/* This is the return address for the ABI, unused in this implementation */
+	pmm_handleInt();
+	DEBUG_PRINTF_PMM("%s: found memory at: %04x:%04x (expected: %08x)\n",
+			 __func__, M.x86.R_DX, M.x86.R_AX, addr);
+	function = 2;		/* pmmDeallocate */
+	push_long(addr);
+	push_word(function);
+	push_long(0);		/* This is the return address for the ABI, unused in this implementation */
+	pmm_handleInt();
+	DEBUG_PRINTF_PMM
+	    ("%s: freed memory rval: %04x:%04x (expected: 0000:0000)\n",
+	     __func__, M.x86.R_DX, M.x86.R_AX);
+	/*-------------------- Test aligned allocation/deallocation ----------------------------- */
+	function = 0;		/* pmmAllocate */
+	handle = 0xdeadbeef;
+	length = 257;		/* in 16byte paragraphs, so we allocate 4KB + 16 bytes... */
+	flags = 0x1;		/* conventional memory, unaligned */
+	/* setup stack for call to pmm_handleInt() */
+	push_word(flags);
+	push_long(handle);
+	push_long(length);
+	push_word(function);
+	push_long(0);		/* This is the return address for the ABI, unused in this implementation */
+	pmm_handleInt();
+	addr = ((u32) M.x86.R_DX << 16) | M.x86.R_AX;
+	DEBUG_PRINTF_PMM("%s: allocated memory at: %04x:%04x\n", __func__,
+			 M.x86.R_DX, M.x86.R_AX);
+	function = 0;		/* pmmAllocate */
+	handle = 0xf00d4b0b;
+	length = 128;		/* in 16byte paragraphs, so we allocate 2KB... */
+	flags = 0x5;		/* conventional memory, aligned */
+	/* setup stack for call to pmm_handleInt() */
+	push_word(flags);
+	push_long(handle);
+	push_long(length);
+	push_word(function);
+	push_long(0);		/* This is the return address for the ABI, unused in this implementation */
+	pmm_handleInt();
+	/* the address should be aligned to 0x800, so probably it is at offset 0x1800... */
+	addr = ((u32) M.x86.R_DX << 16) | M.x86.R_AX;
+	DEBUG_PRINTF_PMM("%s: allocated memory at: %04x:%04x\n", __func__,
+			 M.x86.R_DX, M.x86.R_AX);
+	function = 1;		/* pmmFind */
+	push_long(handle);
+	push_word(function);
+	push_long(0);		/* This is the return address for the ABI, unused in this implementation */
+	pmm_handleInt();
+	addr = ((u32) M.x86.R_DX << 16) | M.x86.R_AX;
+	function = 2;		/* pmmDeallocate */
+	push_long(addr);
+	push_word(function);
+	push_long(0);		/* This is the return address for the ABI, unused in this implementation */
+	pmm_handleInt();
+	DEBUG_PRINTF_PMM
+	    ("%s: freed memory rval: %04x:%04x (expected: 0000:0000)\n",
+	     __func__, M.x86.R_DX, M.x86.R_AX);
+	handle = 0xdeadbeef;
+	function = 1;		/* pmmFind */
+	push_long(handle);
+	push_word(function);
+	push_long(0);		/* This is the return address for the ABI, unused in this implementation */
+	pmm_handleInt();
+	addr = ((u32) M.x86.R_DX << 16) | M.x86.R_AX;
+	function = 2;		/* pmmDeallocate */
+	push_long(addr);
+	push_word(function);
+	push_long(0);		/* This is the return address for the ABI, unused in this implementation */
+	pmm_handleInt();
+	DEBUG_PRINTF_PMM
+	    ("%s: freed memory rval: %04x:%04x (expected: 0000:0000)\n",
+	     __func__, M.x86.R_DX, M.x86.R_AX);
+	/*-------------------- Test out of memory allocation ----------------------------- */
+	function = 0;		/* pmmAllocate */
+	handle = 0xdeadbeef;
+	length = 0;		/* length zero means, give me the largest possible block */
+	flags = 0x1;		/* conventional memory, unaligned */
+	/* setup stack for call to pmm_handleInt() */
+	push_word(flags);
+	push_long(handle);
+	push_long(length);
+	push_word(function);
+	push_long(0);		/* This is the return address for the ABI, unused in this implementation */
+	pmm_handleInt();
+	length = ((u32) M.x86.R_DX << 16) | M.x86.R_AX;
+	length /= 16;		/* length in paragraphs */
+	DEBUG_PRINTF_PMM("%s: largest possible length: %08x\n", __func__,
+			 length);
+	function = 0;		/* pmmAllocate */
+	flags = 0x1;		/* conventional memory, aligned */
+	/* setup stack for call to pmm_handleInt() */
+	push_word(flags);
+	push_long(handle);
+	push_long(length);
+	push_word(function);
+	push_long(0);		/* This is the return address for the ABI, unused in this implementation */
+	pmm_handleInt();
+	addr = ((u32) M.x86.R_DX << 16) | M.x86.R_AX;
+	DEBUG_PRINTF_PMM("%s: allocated memory at: %04x:%04x\n", __func__,
+			 M.x86.R_DX, M.x86.R_AX);
+	function = 0;		/* pmmAllocate */
+	length = 1;
+	handle = 0xf00d4b0b;
+	flags = 0x1;		/* conventional memory, aligned */
+	/* setup stack for call to pmm_handleInt() */
+	push_word(flags);
+	push_long(handle);
+	push_long(length);
+	push_word(function);
+	push_long(0);		/* This is the return address for the ABI, unused in this implementation */
+	pmm_handleInt();
+	/* this should fail, so 0x0 should be returned */
+	addr = ((u32) M.x86.R_DX << 16) | M.x86.R_AX;
+	DEBUG_PRINTF_PMM
+	    ("%s: allocated memory at: %04x:%04x expected: 0000:0000\n",
+	     __func__, M.x86.R_DX, M.x86.R_AX);
+	handle = 0xdeadbeef;
+	function = 1;		/* pmmFind */
+	push_long(handle);
+	push_word(function);
+	push_long(0);		/* This is the return address for the ABI, unused in this implementation */
+	pmm_handleInt();
+	addr = ((u32) M.x86.R_DX << 16) | M.x86.R_AX;
+	function = 2;		/* pmmDeallocate */
+	push_long(addr);
+	push_word(function);
+	push_long(0);		/* This is the return address for the ABI, unused in this implementation */
+	pmm_handleInt();
+	DEBUG_PRINTF_PMM
+	    ("%s: freed memory rval: %04x:%04x (expected: 0000:0000)\n",
+	     __func__, M.x86.R_DX, M.x86.R_AX);
+}
diff --git a/src/device/oprom/yabel/pmm.h b/src/device/oprom/yabel/pmm.h
new file mode 100644
index 0000000..3cc3c17
--- /dev/null
+++ b/src/device/oprom/yabel/pmm.h
@@ -0,0 +1,46 @@
+/****************************************************************************
+ * YABEL BIOS Emulator
+ *
+ * This program and the accompanying materials
+ * are made available under the terms of the BSD License
+ * which accompanies this distribution, and is available at
+ * http://www.opensource.org/licenses/bsd-license.php
+ *
+ * Copyright (c) 2008 Pattrick Hueper <phueper at hueper.net>
+ ****************************************************************************/
+
+#ifndef _YABEL_PMM_H_
+#define _YABEL_PMM_H_
+
+#include <types.h>
+
+/* PMM Structure see PMM Spec Version 1.01 Chapter 3.1.1
+ * (search web for specspmm101.pdf)
+ */
+typedef struct {
+	u8 signature[4];
+	u8 struct_rev;
+	u8 length;
+	u8 checksum;
+	u32 entry_point_offset;
+	u8 reserved[5];
+	/* Code is not part of the speced PMM struct, however, since I cannot
+	 * put the handling of PMM in the virtual memory (I dont want to hack it
+	 * together in x86 assembly ;-)) this code array is pointed to by
+	 * entry_point_offset, in code there is only a INT call and a RETF,
+	 * thus every PMM call will issue a PMM INT (only defined in YABEL,
+	 * see interrupt.c) and the INT Handler will do the actual PMM work.
+	 */
+	u8 code[3];
+} __attribute__ ((__packed__)) pmm_information_t;
+
+/* This function is used to setup the PMM struct in virtual memory
+ * at a certain offset */
+u8 pmm_setup(u16 segment, u16 offset);
+
+/* This is the INT Handler mentioned above, called by my special PMM INT. */
+void pmm_handleInt(void);
+
+void pmm_test(void);
+
+#endif				// _YABEL_PMM_H
diff --git a/src/device/oprom/yabel/vbe.c b/src/device/oprom/yabel/vbe.c
new file mode 100644
index 0000000..9dbe07c
--- /dev/null
+++ b/src/device/oprom/yabel/vbe.c
@@ -0,0 +1,774 @@
+/******************************************************************************
+ * Copyright (c) 2004, 2008 IBM Corporation
+ * Copyright (c) 2009 Pattrick Hueper <phueper at hueper.net>
+ * All rights reserved.
+ * This program and the accompanying materials
+ * are made available under the terms of the BSD License
+ * which accompanies this distribution, and is available at
+ * http://www.opensource.org/licenses/bsd-license.php
+ *
+ * Contributors:
+ *     IBM Corporation - initial implementation
+ *****************************************************************************/
+
+#include <string.h>
+#include <types.h>
+#if CONFIG_FRAMEBUFFER_SET_VESA_MODE
+#include <boot/coreboot_tables.h>
+#endif
+
+#include <arch/byteorder.h>
+
+#include "debug.h"
+
+#include <x86emu/x86emu.h>
+#include <x86emu/regs.h>
+#include "../x86emu/prim_ops.h"
+
+#include "biosemu.h"
+#include "io.h"
+#include "mem.h"
+#include "interrupt.h"
+#include "device.h"
+
+#include <cbfs.h>
+
+#include <delay.h>
+#include "../../src/lib/jpeg.h"
+
+#include <vbe.h>
+
+// pointer to VBEInfoBuffer, set by vbe_prepare
+u8 *vbe_info_buffer = 0;
+
+// virtual BIOS Memory
+u8 *biosmem;
+u32 biosmem_size;
+
+static inline u8
+vbe_prepare(void)
+{
+	vbe_info_buffer = biosmem + (VBE_SEGMENT << 4);	// segment:offset off VBE Data Area
+	//clear buffer
+	memset(vbe_info_buffer, 0, 512);
+	//set VbeSignature to "VBE2" to indicate VBE 2.0+ request
+	vbe_info_buffer[0] = 'V';
+	vbe_info_buffer[0] = 'B';
+	vbe_info_buffer[0] = 'E';
+	vbe_info_buffer[0] = '2';
+	// ES:DI store pointer to buffer in virtual mem see vbe_info_buffer above...
+	M.x86.R_EDI = 0x0;
+	M.x86.R_ES = VBE_SEGMENT;
+
+	return 0;		// successfull init
+}
+
+#if CONFIG_FRAMEBUFFER_SET_VESA_MODE
+// VBE Function 00h
+static u8
+vbe_info(vbe_info_t * info)
+{
+	vbe_prepare();
+	// call VBE function 00h (Info Function)
+	M.x86.R_EAX = 0x4f00;
+
+	// enable trace
+	CHECK_DBG(DEBUG_TRACE_X86EMU) {
+		X86EMU_trace_on();
+	}
+	// run VESA Interrupt
+	runInt10();
+
+	if (M.x86.R_AL != 0x4f) {
+		DEBUG_PRINTF_VBE("%s: VBE Info Function NOT supported! AL=%x\n",
+				 __func__, M.x86.R_AL);
+		return -1;
+	}
+
+	if (M.x86.R_AH != 0x0) {
+		DEBUG_PRINTF_VBE
+		    ("%s: VBE Info Function Return Code NOT OK! AH=%x\n",
+		     __func__, M.x86.R_AH);
+		return M.x86.R_AH;
+	}
+	//printf("VBE Info Dump:");
+	//dump(vbe_info_buffer, 64);
+
+	//offset 0: signature
+	info->signature[0] = vbe_info_buffer[0];
+	info->signature[1] = vbe_info_buffer[1];
+	info->signature[2] = vbe_info_buffer[2];
+	info->signature[3] = vbe_info_buffer[3];
+
+	// offset 4: 16bit le containing VbeVersion
+	info->version = in16le(vbe_info_buffer + 4);
+
+	// offset 6: 32bit le containg segment:offset of OEM String in virtual Mem.
+	info->oem_string_ptr =
+	    biosmem + ((in16le(vbe_info_buffer + 8) << 4) +
+		       in16le(vbe_info_buffer + 6));
+
+	// offset 10: 32bit le capabilities
+	info->capabilities = in32le(vbe_info_buffer + 10);
+
+	// offset 14: 32 bit le containing segment:offset of supported video mode table
+	u16 *video_mode_ptr;
+	video_mode_ptr =
+	    (u16 *) (biosmem +
+			  ((in16le(vbe_info_buffer + 16) << 4) +
+			   in16le(vbe_info_buffer + 14)));
+	u32 i = 0;
+	do {
+		info->video_mode_list[i] = in16le(video_mode_ptr + i);
+		i++;
+	}
+	while ((i <
+		(sizeof(info->video_mode_list) /
+		 sizeof(info->video_mode_list[0])))
+	       && (info->video_mode_list[i - 1] != 0xFFFF));
+
+	//offset 18: 16bit le total memory in 64KB blocks
+	info->total_memory = in16le(vbe_info_buffer + 18);
+
+	return 0;
+}
+
+static int mode_info_valid;
+
+int vbe_mode_info_valid(void)
+{
+	return mode_info_valid;
+}
+
+// VBE Function 01h
+static u8
+vbe_get_mode_info(vbe_mode_info_t * mode_info)
+{
+	vbe_prepare();
+	// call VBE function 01h (Return VBE Mode Info Function)
+	M.x86.R_EAX = 0x4f01;
+	M.x86.R_CX = mode_info->video_mode;
+
+	// enable trace
+	CHECK_DBG(DEBUG_TRACE_X86EMU) {
+		X86EMU_trace_on();
+	}
+	// run VESA Interrupt
+	runInt10();
+
+	if (M.x86.R_AL != 0x4f) {
+		DEBUG_PRINTF_VBE
+		    ("%s: VBE Return Mode Info Function NOT supported! AL=%x\n",
+		     __func__, M.x86.R_AL);
+		return -1;
+	}
+
+	if (M.x86.R_AH != 0x0) {
+		DEBUG_PRINTF_VBE
+		    ("%s: VBE Return Mode Info (mode: %04x) Function Return Code NOT OK! AH=%02x\n",
+		     __func__, mode_info->video_mode, M.x86.R_AH);
+		return M.x86.R_AH;
+	}
+
+	//pointer to mode_info_block is in ES:DI
+	memcpy(mode_info->mode_info_block,
+	       biosmem + ((M.x86.R_ES << 4) + M.x86.R_DI),
+	       sizeof(mode_info->mode_info_block));
+	mode_info_valid = 1;
+
+	//printf("Mode Info Dump:");
+	//dump(mode_info_block, 64);
+
+	return 0;
+}
+
+// VBE Function 02h
+static u8
+vbe_set_mode(vbe_mode_info_t * mode_info)
+{
+	vbe_prepare();
+	// call VBE function 02h (Set VBE Mode Function)
+	M.x86.R_EAX = 0x4f02;
+	M.x86.R_BX = mode_info->video_mode;
+	M.x86.R_BX |= 0x4000;	// set bit 14 to request linear framebuffer mode
+	M.x86.R_BX &= 0x7FFF;	// clear bit 15 to request clearing of framebuffer
+
+	DEBUG_PRINTF_VBE("%s: setting mode: 0x%04x\n", __func__,
+			 M.x86.R_BX);
+
+	// enable trace
+	CHECK_DBG(DEBUG_TRACE_X86EMU) {
+		X86EMU_trace_on();
+	}
+	// run VESA Interrupt
+	runInt10();
+
+	if (M.x86.R_AL != 0x4f) {
+		DEBUG_PRINTF_VBE
+		    ("%s: VBE Set Mode Function NOT supported! AL=%x\n",
+		     __func__, M.x86.R_AL);
+		return -1;
+	}
+
+	if (M.x86.R_AH != 0x0) {
+		DEBUG_PRINTF_VBE
+		    ("%s: mode: %x VBE Set Mode Function Return Code NOT OK! AH=%x\n",
+		     __func__, mode_info->video_mode, M.x86.R_AH);
+		return M.x86.R_AH;
+	}
+	return 0;
+}
+
+#if 0
+//VBE Function 08h
+static u8
+vbe_set_palette_format(u8 format)
+{
+	vbe_prepare();
+	// call VBE function 09h (Set/Get Palette Data Function)
+	M.x86.R_EAX = 0x4f08;
+	M.x86.R_BL = 0x00;	// set format
+	M.x86.R_BH = format;
+
+	DEBUG_PRINTF_VBE("%s: setting palette format: %d\n", __func__,
+			 format);
+
+	// enable trace
+	CHECK_DBG(DEBUG_TRACE_X86EMU) {
+		X86EMU_trace_on();
+	}
+	// run VESA Interrupt
+	runInt10();
+
+	if (M.x86.R_AL != 0x4f) {
+		DEBUG_PRINTF_VBE
+		    ("%s: VBE Set Palette Format Function NOT supported! AL=%x\n",
+		     __func__, M.x86.R_AL);
+		return -1;
+	}
+
+	if (M.x86.R_AH != 0x0) {
+		DEBUG_PRINTF_VBE
+		    ("%s: VBE Set Palette Format Function Return Code NOT OK! AH=%x\n",
+		     __func__, M.x86.R_AH);
+		return M.x86.R_AH;
+	}
+	return 0;
+}
+
+// VBE Function 09h
+static u8
+vbe_set_color(u16 color_number, u32 color_value)
+{
+	vbe_prepare();
+	// call VBE function 09h (Set/Get Palette Data Function)
+	M.x86.R_EAX = 0x4f09;
+	M.x86.R_BL = 0x00;	// set color
+	M.x86.R_CX = 0x01;	// set only one entry
+	M.x86.R_DX = color_number;
+	// ES:DI is address where color_value is stored, we store it at 2000:0000
+	M.x86.R_ES = 0x2000;
+	M.x86.R_DI = 0x0;
+
+	// store color value at ES:DI
+	out32le(biosmem + (M.x86.R_ES << 4) + M.x86.R_DI, color_value);
+
+	DEBUG_PRINTF_VBE("%s: setting color #%x: 0x%04x\n", __func__,
+			 color_number, color_value);
+
+	// enable trace
+	CHECK_DBG(DEBUG_TRACE_X86EMU) {
+		X86EMU_trace_on();
+	}
+	// run VESA Interrupt
+	runInt10();
+
+	if (M.x86.R_AL != 0x4f) {
+		DEBUG_PRINTF_VBE
+		    ("%s: VBE Set Palette Function NOT supported! AL=%x\n",
+		     __func__, M.x86.R_AL);
+		return -1;
+	}
+
+	if (M.x86.R_AH != 0x0) {
+		DEBUG_PRINTF_VBE
+		    ("%s: VBE Set Palette Function Return Code NOT OK! AH=%x\n",
+		     __func__, M.x86.R_AH);
+		return M.x86.R_AH;
+	}
+	return 0;
+}
+
+static u8
+vbe_get_color(u16 color_number, u32 * color_value)
+{
+	vbe_prepare();
+	// call VBE function 09h (Set/Get Palette Data Function)
+	M.x86.R_EAX = 0x4f09;
+	M.x86.R_BL = 0x00;	// get color
+	M.x86.R_CX = 0x01;	// get only one entry
+	M.x86.R_DX = color_number;
+	// ES:DI is address where color_value is stored, we store it at 2000:0000
+	M.x86.R_ES = 0x2000;
+	M.x86.R_DI = 0x0;
+
+	// enable trace
+	CHECK_DBG(DEBUG_TRACE_X86EMU) {
+		X86EMU_trace_on();
+	}
+	// run VESA Interrupt
+	runInt10();
+
+	if (M.x86.R_AL != 0x4f) {
+		DEBUG_PRINTF_VBE
+		    ("%s: VBE Set Palette Function NOT supported! AL=%x\n",
+		     __func__, M.x86.R_AL);
+		return -1;
+	}
+
+	if (M.x86.R_AH != 0x0) {
+		DEBUG_PRINTF_VBE
+		    ("%s: VBE Set Palette Function Return Code NOT OK! AH=%x\n",
+		     __func__, M.x86.R_AH);
+		return M.x86.R_AH;
+	}
+	// read color value from ES:DI
+	*color_value = in32le(biosmem + (M.x86.R_ES << 4) + M.x86.R_DI);
+
+	DEBUG_PRINTF_VBE("%s: getting color #%x --> 0x%04x\n", __func__,
+			 color_number, *color_value);
+
+	return 0;
+}
+
+// VBE Function 15h
+static u8
+vbe_get_ddc_info(vbe_ddc_info_t * ddc_info)
+{
+	vbe_prepare();
+	// call VBE function 15h (DDC Info Function)
+	M.x86.R_EAX = 0x4f15;
+	M.x86.R_BL = 0x00;	// get DDC Info
+	M.x86.R_CX = ddc_info->port_number;
+	M.x86.R_ES = 0x0;
+	M.x86.R_DI = 0x0;
+
+	// enable trace
+	CHECK_DBG(DEBUG_TRACE_X86EMU) {
+		X86EMU_trace_on();
+	}
+	// run VESA Interrupt
+	runInt10();
+
+	if (M.x86.R_AL != 0x4f) {
+		DEBUG_PRINTF_VBE
+		    ("%s: VBE Get DDC Info Function NOT supported! AL=%x\n",
+		     __func__, M.x86.R_AL);
+		return -1;
+	}
+
+	if (M.x86.R_AH != 0x0) {
+		DEBUG_PRINTF_VBE
+		    ("%s: port: %x VBE Get DDC Info Function Return Code NOT OK! AH=%x\n",
+		     __func__, ddc_info->port_number, M.x86.R_AH);
+		return M.x86.R_AH;
+	}
+	// BH = approx. time in seconds to transfer one EDID block
+	ddc_info->edid_transfer_time = M.x86.R_BH;
+	// BL = DDC Level
+	ddc_info->ddc_level = M.x86.R_BL;
+
+	vbe_prepare();
+	// call VBE function 15h (DDC Info Function)
+	M.x86.R_EAX = 0x4f15;
+	M.x86.R_BL = 0x01;	// read EDID
+	M.x86.R_CX = ddc_info->port_number;
+	M.x86.R_DX = 0x0;	// block number
+	// ES:DI is address where EDID is stored, we store it at 2000:0000
+	M.x86.R_ES = 0x2000;
+	M.x86.R_DI = 0x0;
+
+	// enable trace
+	CHECK_DBG(DEBUG_TRACE_X86EMU) {
+		X86EMU_trace_on();
+	}
+	// run VESA Interrupt
+	runInt10();
+
+	if (M.x86.R_AL != 0x4f) {
+		DEBUG_PRINTF_VBE
+		    ("%s: VBE Read EDID Function NOT supported! AL=%x\n",
+		     __func__, M.x86.R_AL);
+		return -1;
+	}
+
+	if (M.x86.R_AH != 0x0) {
+		DEBUG_PRINTF_VBE
+		    ("%s: port: %x VBE Read EDID Function Return Code NOT OK! AH=%x\n",
+		     __func__, ddc_info->port_number, M.x86.R_AH);
+		return M.x86.R_AH;
+	}
+
+	memcpy(ddc_info->edid_block_zero,
+	       biosmem + (M.x86.R_ES << 4) + M.x86.R_DI,
+	       sizeof(ddc_info->edid_block_zero));
+
+	return 0;
+}
+
+static u32
+vbe_get_info(void)
+{
+	u8 rval;
+	int i;
+
+	// XXX FIXME these need to be filled with sane values
+
+	// get a copy of input struct...
+	screen_info_input_t input;
+	// output is pointer to the address passed as argv[4]
+	screen_info_t local_output;
+	screen_info_t *output = &local_output;
+	// zero input
+	memset(&input, 0, sizeof(screen_info_input_t));
+	// zero output
+	memset(&output, 0, sizeof(screen_info_t));
+
+	vbe_info_t info;
+	rval = vbe_info(&info);
+	if (rval != 0)
+		return rval;
+
+	DEBUG_PRINTF_VBE("VbeSignature: %s\n", info.signature);
+	DEBUG_PRINTF_VBE("VbeVersion: 0x%04x\n", info.version);
+	DEBUG_PRINTF_VBE("OemString: %s\n", info.oem_string_ptr);
+	DEBUG_PRINTF_VBE("Capabilities:\n");
+	DEBUG_PRINTF_VBE("\tDAC: %s\n",
+			 (info.capabilities & 0x1) ==
+			 0 ? "fixed 6bit" : "switchable 6/8bit");
+	DEBUG_PRINTF_VBE("\tVGA: %s\n",
+			 (info.capabilities & 0x2) ==
+			 0 ? "compatible" : "not compatible");
+	DEBUG_PRINTF_VBE("\tRAMDAC: %s\n",
+			 (info.capabilities & 0x4) ==
+			 0 ? "normal" : "use blank bit in Function 09h");
+
+	// argv[4] may be a pointer with enough space to return screen_info_t
+	// as input, it must contain a screen_info_input_t with the following content:
+	// byte[0:3] = "DDC\0" (zero-terminated signature header)
+	// byte[4:5] = reserved space for the return struct... just in case we ever change
+	//             the struct and dont have reserved enough memory (and let's hope the struct
+	//             never gets larger than 64KB)
+	// byte[6] = monitor port number for DDC requests ("only" one byte... so lets hope we never have more than 255 monitors...
+	// byte[7:8] = max. screen width (OF may want to limit this)
+	// byte[9] = required color depth in bpp
+	if (strncmp((char *) input.signature, "DDC", 4) != 0) {
+		printf
+		    ("%s: Invalid input signature! expected: %s, is: %s\n",
+		     __func__, "DDC", input.signature);
+		return -1;
+	}
+	if (input.size_reserved != sizeof(screen_info_t)) {
+		printf
+		    ("%s: Size of return struct is wrong, required: %d, available: %d\n",
+		     __func__, (int) sizeof(screen_info_t),
+		     input.size_reserved);
+		return -1;
+	}
+
+	vbe_ddc_info_t ddc_info;
+	ddc_info.port_number = input.monitor_number;
+	vbe_get_ddc_info(&ddc_info);
+
+#if 0
+	DEBUG_PRINTF_VBE("DDC: edid_tranfer_time: %d\n",
+			 ddc_info.edid_transfer_time);
+	DEBUG_PRINTF_VBE("DDC: ddc_level: %x\n", ddc_info.ddc_level);
+	DEBUG_PRINTF_VBE("DDC: EDID: \n");
+	CHECK_DBG(DEBUG_VBE) {
+		dump(ddc_info.edid_block_zero,
+		     sizeof(ddc_info.edid_block_zero));
+	}
+#endif
+/* This could fail because of alignment issues, so use a longer form.
+	*((u64 *) ddc_info.edid_block_zero) != (u64) 0x00FFFFFFFFFFFF00ULL
+*/
+	if (ddc_info.edid_block_zero[0] != 0x00 ||
+	    ddc_info.edid_block_zero[1] != 0xFF ||
+	    ddc_info.edid_block_zero[2] != 0xFF ||
+	    ddc_info.edid_block_zero[3] != 0xFF ||
+	    ddc_info.edid_block_zero[4] != 0xFF ||
+	    ddc_info.edid_block_zero[5] != 0xFF ||
+	    ddc_info.edid_block_zero[6] != 0xFF ||
+	    ddc_info.edid_block_zero[7] != 0x00 ) {
+		// invalid EDID signature... probably no monitor
+
+		output->display_type = 0x0;
+		return 0;
+	} else if ((ddc_info.edid_block_zero[20] & 0x80) != 0) {
+		// digital display
+		output->display_type = 2;
+	} else {
+		// analog
+		output->display_type = 1;
+	}
+	DEBUG_PRINTF_VBE("DDC: found display type %d\n", output->display_type);
+	memcpy(output->edid_block_zero, ddc_info.edid_block_zero,
+	       sizeof(ddc_info.edid_block_zero));
+	i = 0;
+	vbe_mode_info_t mode_info;
+	vbe_mode_info_t best_mode_info;
+	// initialize best_mode to 0
+	memset(&best_mode_info, 0, sizeof(best_mode_info));
+	while ((mode_info.video_mode = info.video_mode_list[i]) != 0xFFFF) {
+		//DEBUG_PRINTF_VBE("%x: Mode: %04x\n", i, mode_info.video_mode);
+		vbe_get_mode_info(&mode_info);
+
+		// FIXME all these values are little endian!
+
+		DEBUG_PRINTF_VBE("Video Mode 0x%04x available, %s\n",
+				 mode_info.video_mode,
+				 (le16_to_cpu(mode_info.vesa.mode_attributes) & 0x1) ==
+				 0 ? "not supported" : "supported");
+		DEBUG_PRINTF_VBE("\tTTY: %s\n",
+				 (le16_to_cpu(mode_info.vesa.mode_attributes) & 0x4) ==
+				 0 ? "no" : "yes");
+		DEBUG_PRINTF_VBE("\tMode: %s %s\n",
+				 (le16_to_cpu(mode_info.vesa.mode_attributes) & 0x8) ==
+				 0 ? "monochrome" : "color",
+				 (le16_to_cpu(mode_info.vesa.mode_attributes) & 0x10) ==
+				 0 ? "text" : "graphics");
+		DEBUG_PRINTF_VBE("\tVGA: %s\n",
+				 (le16_to_cpu(mode_info.vesa.mode_attributes) & 0x20) ==
+				 0 ? "compatible" : "not compatible");
+		DEBUG_PRINTF_VBE("\tWindowed Mode: %s\n",
+				 (le16_to_cpu(mode_info.vesa.mode_attributes) & 0x40) ==
+				 0 ? "yes" : "no");
+		DEBUG_PRINTF_VBE("\tFramebuffer: %s\n",
+				 (le16_to_cpu(mode_info.vesa.mode_attributes) & 0x80) ==
+				 0 ? "no" : "yes");
+		DEBUG_PRINTF_VBE("\tResolution: %dx%d\n",
+				 le16_to_cpu(mode_info.vesa.x_resolution),
+				 le16_to_cpu(mode_info.vesa.y_resolution));
+		DEBUG_PRINTF_VBE("\tChar Size: %dx%d\n",
+				 mode_info.vesa.x_charsize, mode_info.vesa.y_charsize);
+		DEBUG_PRINTF_VBE("\tColor Depth: %dbpp\n",
+				 mode_info.vesa.bits_per_pixel);
+		DEBUG_PRINTF_VBE("\tMemory Model: 0x%x\n",
+				 mode_info.vesa.memory_model);
+		DEBUG_PRINTF_VBE("\tFramebuffer Offset: %08x\n",
+				 le32_to_cpu(mode_info.vesa.phys_base_ptr));
+
+		if ((mode_info.vesa.bits_per_pixel == input.color_depth)
+		    && (le16_to_cpu(mode_info.vesa.x_resolution) <= input.max_screen_width)
+		    && ((le16_to_cpu(mode_info.vesa.mode_attributes) & 0x80) != 0)	// framebuffer mode
+		    && ((le16_to_cpu(mode_info.vesa.mode_attributes) & 0x10) != 0)	// graphics
+		    && ((le16_to_cpu(mode_info.vesa.mode_attributes) & 0x8) != 0)	// color
+		    && (le16_to_cpu(mode_info.vesa.x_resolution) > le16_to_cpu(best_mode_info.vesa.x_resolution)))	// better than previous best_mode
+		{
+			// yiiiihaah... we found a new best mode
+			memcpy(&best_mode_info, &mode_info, sizeof(mode_info));
+		}
+		i++;
+	}
+
+	if (best_mode_info.video_mode != 0) {
+		DEBUG_PRINTF_VBE
+		    ("Best Video Mode found: 0x%x, %dx%d, %dbpp, framebuffer_address: 0x%x\n",
+		     best_mode_info.video_mode,
+		     best_mode_info.vesa.x_resolution,
+		     best_mode_info.vesa.y_resolution,
+		     best_mode_info.vesa.bits_per_pixel,
+		     le32_to_cpu(best_mode_info.vesa.phys_base_ptr));
+
+		//printf("Mode Info Dump:");
+		//dump(best_mode_info.mode_info_block, 64);
+
+		// set the video mode
+		vbe_set_mode(&best_mode_info);
+
+		if ((info.capabilities & 0x1) != 0) {
+			// switch to 8 bit palette format
+			vbe_set_palette_format(8);
+		}
+		// setup a palette:
+		// - first 216 colors are mixed colors for each component in 6 steps
+		//   (6*6*6=216)
+		// - then 10 shades of the three primary colors
+		// - then 10 shades of grey
+		// -------
+		// = 256 colors
+		//
+		// - finally black is color 0 and white color FF (because SLOF expects it
+		//   this way...)
+		// this resembles the palette that the kernel/X Server seems to expect...
+
+		u8 mixed_color_values[6] =
+		    { 0xFF, 0xDA, 0xB3, 0x87, 0x54, 0x00 };
+		u8 primary_color_values[10] =
+		    { 0xF3, 0xE7, 0xCD, 0xC0, 0xA5, 0x96, 0x77, 0x66, 0x3F,
+			0x27
+		};
+		u8 mc_size = sizeof(mixed_color_values);
+		u8 prim_size = sizeof(primary_color_values);
+
+		u8 curr_color_index;
+		u32 curr_color;
+
+		u8 r, g, b;
+		// 216 mixed colors
+		for (r = 0; r < mc_size; r++) {
+			for (g = 0; g < mc_size; g++) {
+				for (b = 0; b < mc_size; b++) {
+					curr_color_index =
+					    (r * mc_size * mc_size) +
+					    (g * mc_size) + b;
+					curr_color = 0;
+					curr_color |= ((u32) mixed_color_values[r]) << 16;	//red value
+					curr_color |= ((u32) mixed_color_values[g]) << 8;	//green value
+					curr_color |= (u32) mixed_color_values[b];	//blue value
+					vbe_set_color(curr_color_index,
+						      curr_color);
+				}
+			}
+		}
+
+		// 10 shades of each primary color
+		// red
+		for (r = 0; r < prim_size; r++) {
+			curr_color_index = mc_size * mc_size * mc_size + r;
+			curr_color = ((u32) primary_color_values[r]) << 16;
+			vbe_set_color(curr_color_index, curr_color);
+		}
+		//green
+		for (g = 0; g < prim_size; g++) {
+			curr_color_index =
+			    mc_size * mc_size * mc_size + prim_size + g;
+			curr_color = ((u32) primary_color_values[g]) << 8;
+			vbe_set_color(curr_color_index, curr_color);
+		}
+		//blue
+		for (b = 0; b < prim_size; b++) {
+			curr_color_index =
+			    mc_size * mc_size * mc_size + prim_size * 2 + b;
+			curr_color = (u32) primary_color_values[b];
+			vbe_set_color(curr_color_index, curr_color);
+		}
+		// 10 shades of grey
+		for (i = 0; i < prim_size; i++) {
+			curr_color_index =
+			    mc_size * mc_size * mc_size + prim_size * 3 + i;
+			curr_color = 0;
+			curr_color |= ((u32) primary_color_values[i]) << 16;	//red
+			curr_color |= ((u32) primary_color_values[i]) << 8;	//green
+			curr_color |= ((u32) primary_color_values[i]);	//blue
+			vbe_set_color(curr_color_index, curr_color);
+		}
+
+		// SLOF is using color 0x0 (black) and 0xFF (white) to draw to the screen...
+		vbe_set_color(0x00, 0x00000000);
+		vbe_set_color(0xFF, 0x00FFFFFF);
+
+		output->screen_width = le16_to_cpu(best_mode_info.vesa.x_resolution);
+		output->screen_height = le16_to_cpu(best_mode_info.vesa.y_resolution);
+		output->screen_linebytes = le16_to_cpu(best_mode_info.vesa.bytes_per_scanline);
+		output->color_depth = best_mode_info.vesa.bits_per_pixel;
+		output->framebuffer_address =
+		    le32_to_cpu(best_mode_info.vesa.phys_base_ptr);
+	} else {
+		printf("%s: No suitable video mode found!\n", __func__);
+		//unset display_type...
+		output->display_type = 0;
+	}
+	return 0;
+}
+#endif
+
+vbe_mode_info_t mode_info;
+
+void vbe_set_graphics(void)
+{
+	u8 rval;
+
+	vbe_info_t info;
+	rval = vbe_info(&info);
+	if (rval != 0)
+		return;
+
+	DEBUG_PRINTF_VBE("VbeSignature: %s\n", info.signature);
+	DEBUG_PRINTF_VBE("VbeVersion: 0x%04x\n", info.version);
+	DEBUG_PRINTF_VBE("OemString: %s\n", info.oem_string_ptr);
+	DEBUG_PRINTF_VBE("Capabilities:\n");
+	DEBUG_PRINTF_VBE("\tDAC: %s\n",
+			 (info.capabilities & 0x1) ==
+			 0 ? "fixed 6bit" : "switchable 6/8bit");
+	DEBUG_PRINTF_VBE("\tVGA: %s\n",
+			 (info.capabilities & 0x2) ==
+			 0 ? "compatible" : "not compatible");
+	DEBUG_PRINTF_VBE("\tRAMDAC: %s\n",
+			 (info.capabilities & 0x4) ==
+			 0 ? "normal" : "use blank bit in Function 09h");
+
+	mode_info.video_mode = (1 << 14) | CONFIG_FRAMEBUFFER_VESA_MODE;
+	vbe_get_mode_info(&mode_info);
+	vbe_set_mode(&mode_info);
+
+#if CONFIG_BOOTSPLASH
+	unsigned char *framebuffer =
+		(unsigned char *) le32_to_cpu(mode_info.vesa.phys_base_ptr);
+	DEBUG_PRINTF_VBE("FRAMEBUFFER: 0x%p\n", framebuffer);
+
+	struct jpeg_decdata *decdata;
+	decdata = malloc(sizeof(*decdata));
+
+	/* Switching Intel IGD to 1MB video memory will break this. Who
+	 * cares. */
+	// int imagesize = 1024*768*2;
+
+	unsigned char *jpeg = cbfs_find_file("bootsplash.jpg", CBFS_TYPE_BOOTSPLASH);
+	if (!jpeg) {
+		DEBUG_PRINTF_VBE("Could not find bootsplash.jpg\n");
+		return;
+	}
+	DEBUG_PRINTF_VBE("Splash at %p ...\n", jpeg);
+	dump(jpeg, 64);
+
+	int ret = 0;
+	DEBUG_PRINTF_VBE("Decompressing boot splash screen...\n");
+	ret = jpeg_decode(jpeg, framebuffer, 1024, 768, 16, decdata);
+	DEBUG_PRINTF_VBE("returns %x\n", ret);
+#endif
+}
+
+void fill_lb_framebuffer(struct lb_framebuffer *framebuffer)
+{
+	framebuffer->physical_address = le32_to_cpu(mode_info.vesa.phys_base_ptr);
+
+	framebuffer->x_resolution = le16_to_cpu(mode_info.vesa.x_resolution);
+	framebuffer->y_resolution = le16_to_cpu(mode_info.vesa.y_resolution);
+	framebuffer->bytes_per_line = le16_to_cpu(mode_info.vesa.bytes_per_scanline);
+	framebuffer->bits_per_pixel = mode_info.vesa.bits_per_pixel;
+
+	framebuffer->red_mask_pos = mode_info.vesa.red_mask_pos;
+	framebuffer->red_mask_size = mode_info.vesa.red_mask_size;
+
+	framebuffer->green_mask_pos = mode_info.vesa.green_mask_pos;
+	framebuffer->green_mask_size = mode_info.vesa.green_mask_size;
+
+	framebuffer->blue_mask_pos = mode_info.vesa.blue_mask_pos;
+	framebuffer->blue_mask_size = mode_info.vesa.blue_mask_size;
+
+	framebuffer->reserved_mask_pos = mode_info.vesa.reserved_mask_pos;
+	framebuffer->reserved_mask_size = mode_info.vesa.reserved_mask_size;
+}
+
+void vbe_textmode_console(void)
+{
+	/* Wait, just a little bit more, pleeeease ;-) */
+	delay(2);
+
+	M.x86.R_EAX = 0x0003;
+	runInt10();
+}
+
+#endif
diff --git a/src/device/oprom/yabel/vbe.h b/src/device/oprom/yabel/vbe.h
new file mode 100644
index 0000000..bf286bc
--- /dev/null
+++ b/src/device/oprom/yabel/vbe.h
@@ -0,0 +1,23 @@
+/******************************************************************************
+ * Copyright (c) 2004, 2008 IBM Corporation
+ * All rights reserved.
+ * This program and the accompanying materials
+ * are made available under the terms of the BSD License
+ * which accompanies this distribution, and is available at
+ * http://www.opensource.org/licenses/bsd-license.php
+ *
+ * Contributors:
+ *     IBM Corporation - initial implementation
+ *****************************************************************************/
+
+#ifndef _BIOSEMU_VBE_H_
+#define _BIOSEMU_VBE_H_
+
+struct lb_framebuffer;
+
+void vbe_set_graphics(void);
+int vbe_mode_info_valid(void);
+void fill_lb_framebuffer(struct lb_framebuffer *framebuffer);
+void vbe_textmode_console(void);
+
+#endif
diff --git a/src/device/pci_device.c b/src/device/pci_device.c
new file mode 100644
index 0000000..ff334fe
--- /dev/null
+++ b/src/device/pci_device.c
@@ -0,0 +1,1325 @@
+/*
+ * This file is part of the coreboot project.
+ *
+ * It was originally based on the Linux kernel (drivers/pci/pci.c).
+ *
+ * Modifications are:
+ * Copyright (C) 2003-2004 Linux Networx
+ * (Written by Eric Biederman <ebiederman at lnxi.com> for Linux Networx)
+ * Copyright (C) 2003-2006 Ronald G. Minnich <rminnich at gmail.com>
+ * Copyright (C) 2004-2005 Li-Ta Lo <ollie at lanl.gov>
+ * Copyright (C) 2005-2006 Tyan
+ * (Written by Yinghai Lu <yhlu at tyan.com> for Tyan)
+ * Copyright (C) 2005-2009 coresystems GmbH
+ * (Written by Stefan Reinauer <stepan at coresystems.de> for coresystems GmbH)
+ */
+
+/*
+ * PCI Bus Services, see include/linux/pci.h for further explanation.
+ *
+ * Copyright 1993 -- 1997 Drew Eckhardt, Frederic Potter,
+ * David Mosberger-Tang
+ *
+ * Copyright 1997 -- 1999 Martin Mares <mj at atrey.karlin.mff.cuni.cz>
+ */
+
+#include <console/console.h>
+#include <stdlib.h>
+#include <stdint.h>
+#include <string.h>
+#include <arch/io.h>
+#include <device/device.h>
+#include <device/pci.h>
+#include <device/pci_ids.h>
+#include <delay.h>
+#if CONFIG_HYPERTRANSPORT_PLUGIN_SUPPORT
+#include <device/hypertransport.h>
+#endif
+#if CONFIG_PCIX_PLUGIN_SUPPORT
+#include <device/pcix.h>
+#endif
+#if CONFIG_PCIEXP_PLUGIN_SUPPORT
+#include <device/pciexp.h>
+#endif
+#if CONFIG_AGP_PLUGIN_SUPPORT
+#include <device/agp.h>
+#endif
+#if CONFIG_CARDBUS_PLUGIN_SUPPORT
+#include <device/cardbus.h>
+#endif
+#if CONFIG_PC80_SYSTEM
+#include <pc80/i8259.h>
+#endif
+#if CONFIG_HAVE_ACPI_RESUME && !CONFIG_S3_VGA_ROM_RUN
+#include <arch/acpi.h>
+#endif
+#if CONFIG_CHROMEOS
+#include <vendorcode/google/chromeos/chromeos.h>
+#endif
+
+u8 pci_moving_config8(struct device *dev, unsigned int reg)
+{
+	u8 value, ones, zeroes;
+
+	value = pci_read_config8(dev, reg);
+
+	pci_write_config8(dev, reg, 0xff);
+	ones = pci_read_config8(dev, reg);
+
+	pci_write_config8(dev, reg, 0x00);
+	zeroes = pci_read_config8(dev, reg);
+
+	pci_write_config8(dev, reg, value);
+
+	return ones ^ zeroes;
+}
+
+u16 pci_moving_config16(struct device *dev, unsigned int reg)
+{
+	u16 value, ones, zeroes;
+
+	value = pci_read_config16(dev, reg);
+
+	pci_write_config16(dev, reg, 0xffff);
+	ones = pci_read_config16(dev, reg);
+
+	pci_write_config16(dev, reg, 0x0000);
+	zeroes = pci_read_config16(dev, reg);
+
+	pci_write_config16(dev, reg, value);
+
+	return ones ^ zeroes;
+}
+
+u32 pci_moving_config32(struct device *dev, unsigned int reg)
+{
+	u32 value, ones, zeroes;
+
+	value = pci_read_config32(dev, reg);
+
+	pci_write_config32(dev, reg, 0xffffffff);
+	ones = pci_read_config32(dev, reg);
+
+	pci_write_config32(dev, reg, 0x00000000);
+	zeroes = pci_read_config32(dev, reg);
+
+	pci_write_config32(dev, reg, value);
+
+	return ones ^ zeroes;
+}
+
+/**
+ * Given a device, a capability type, and a last position, return the next
+ * matching capability. Always start at the head of the list.
+ *
+ * @param dev Pointer to the device structure.
+ * @param cap PCI_CAP_LIST_ID of the PCI capability we're looking for.
+ * @param last Location of the PCI capability register to start from.
+ * @return The next matching capability.
+ */
+unsigned pci_find_next_capability(struct device *dev, unsigned cap,
+				  unsigned last)
+{
+	unsigned pos = 0;
+	u16 status;
+	unsigned reps = 48;
+
+	status = pci_read_config16(dev, PCI_STATUS);
+	if (!(status & PCI_STATUS_CAP_LIST))
+		return 0;
+
+	switch (dev->hdr_type & 0x7f) {
+	case PCI_HEADER_TYPE_NORMAL:
+	case PCI_HEADER_TYPE_BRIDGE:
+		pos = PCI_CAPABILITY_LIST;
+		break;
+	case PCI_HEADER_TYPE_CARDBUS:
+		pos = PCI_CB_CAPABILITY_LIST;
+		break;
+	default:
+		return 0;
+	}
+
+	pos = pci_read_config8(dev, pos);
+	while (reps-- && (pos >= 0x40)) { /* Loop through the linked list. */
+		int this_cap;
+
+		pos &= ~3;
+		this_cap = pci_read_config8(dev, pos + PCI_CAP_LIST_ID);
+		printk(BIOS_SPEW, "Capability: type 0x%02x @ 0x%02x\n",
+		       this_cap, pos);
+		if (this_cap == 0xff)
+			break;
+
+		if (!last && (this_cap == cap))
+			return pos;
+
+		if (last == pos)
+			last = 0;
+
+		pos = pci_read_config8(dev, pos + PCI_CAP_LIST_NEXT);
+	}
+	return 0;
+}
+
+/**
+ * Given a device, and a capability type, return the next matching
+ * capability. Always start at the head of the list.
+ *
+ * @param dev Pointer to the device structure.
+ * @param cap PCI_CAP_LIST_ID of the PCI capability we're looking for.
+ * @return The next matching capability.
+ */
+unsigned pci_find_capability(device_t dev, unsigned cap)
+{
+	return pci_find_next_capability(dev, cap, 0);
+}
+
+/**
+ * Given a device and register, read the size of the BAR for that register.
+ *
+ * @param dev Pointer to the device structure.
+ * @param index Address of the PCI configuration register.
+ * @return TODO
+ */
+struct resource *pci_get_resource(struct device *dev, unsigned long index)
+{
+	struct resource *resource;
+	unsigned long value, attr;
+	resource_t moving, limit;
+
+	/* Initialize the resources to nothing. */
+	resource = new_resource(dev, index);
+
+	/* Get the initial value. */
+	value = pci_read_config32(dev, index);
+
+	/* See which bits move. */
+	moving = pci_moving_config32(dev, index);
+
+	/* Initialize attr to the bits that do not move. */
+	attr = value & ~moving;
+
+	/* If it is a 64bit resource look at the high half as well. */
+	if (((attr & PCI_BASE_ADDRESS_SPACE_IO) == 0) &&
+	    ((attr & PCI_BASE_ADDRESS_MEM_LIMIT_MASK) ==
+	     PCI_BASE_ADDRESS_MEM_LIMIT_64)) {
+		/* Find the high bits that move. */
+		moving |=
+		    ((resource_t) pci_moving_config32(dev, index + 4)) << 32;
+	}
+
+	/* Find the resource constraints.
+	 * Start by finding the bits that move. From there:
+	 * - Size is the least significant bit of the bits that move.
+	 * - Limit is all of the bits that move plus all of the lower bits.
+	 * See PCI Spec 6.2.5.1.
+	 */
+	limit = 0;
+	if (moving) {
+		resource->size = 1;
+		resource->align = resource->gran = 0;
+		while (!(moving & resource->size)) {
+			resource->size <<= 1;
+			resource->align += 1;
+			resource->gran += 1;
+		}
+		resource->limit = limit = moving | (resource->size - 1);
+	}
+
+	/*
+	 * Some broken hardware has read-only registers that do not
+	 * really size correctly.
+	 *
+	 * Example: the Acer M7229 has BARs 1-4 normally read-only,
+	 * so BAR1 at offset 0x10 reads 0x1f1. If you size that register
+	 * by writing 0xffffffff to it, it will read back as 0x1f1 -- which
+	 * is a violation of the spec.
+	 *
+	 * We catch this case and ignore it by observing which bits move.
+	 *
+	 * This also catches the common case of unimplemented registers
+	 * that always read back as 0.
+	 */
+	if (moving == 0) {
+		if (value != 0) {
+			printk(BIOS_DEBUG, "%s register %02lx(%08lx), "
+			       "read-only ignoring it\n",
+			       dev_path(dev), index, value);
+		}
+		resource->flags = 0;
+	} else if (attr & PCI_BASE_ADDRESS_SPACE_IO) {
+		/* An I/O mapped base address. */
+		attr &= PCI_BASE_ADDRESS_IO_ATTR_MASK;
+		resource->flags |= IORESOURCE_IO;
+		/* I don't want to deal with 32bit I/O resources. */
+		resource->limit = 0xffff;
+	} else {
+		/* A Memory mapped base address. */
+		attr &= PCI_BASE_ADDRESS_MEM_ATTR_MASK;
+		resource->flags |= IORESOURCE_MEM;
+		if (attr & PCI_BASE_ADDRESS_MEM_PREFETCH)
+			resource->flags |= IORESOURCE_PREFETCH;
+		attr &= PCI_BASE_ADDRESS_MEM_LIMIT_MASK;
+		if (attr == PCI_BASE_ADDRESS_MEM_LIMIT_32) {
+			/* 32bit limit. */
+			resource->limit = 0xffffffffUL;
+		} else if (attr == PCI_BASE_ADDRESS_MEM_LIMIT_1M) {
+			/* 1MB limit. */
+			resource->limit = 0x000fffffUL;
+		} else if (attr == PCI_BASE_ADDRESS_MEM_LIMIT_64) {
+			/* 64bit limit. */
+			resource->limit = 0xffffffffffffffffULL;
+			resource->flags |= IORESOURCE_PCI64;
+		} else {
+			/* Invalid value. */
+			printk(BIOS_ERR, "Broken BAR with value %lx\n", attr);
+			printk(BIOS_ERR, " on dev %s at index %02lx\n",
+			       dev_path(dev), index);
+			resource->flags = 0;
+		}
+	}
+
+	/* Don't let the limit exceed which bits can move. */
+	if (resource->limit > limit)
+		resource->limit = limit;
+
+	return resource;
+}
+
+/**
+ * Given a device and an index, read the size of the BAR for that register.
+ *
+ * @param dev Pointer to the device structure.
+ * @param index Address of the PCI configuration register.
+ */
+static void pci_get_rom_resource(struct device *dev, unsigned long index)
+{
+	struct resource *resource;
+	unsigned long value;
+	resource_t moving;
+
+	/* Initialize the resources to nothing. */
+	resource = new_resource(dev, index);
+
+	/* Get the initial value. */
+	value = pci_read_config32(dev, index);
+
+	/* See which bits move. */
+	moving = pci_moving_config32(dev, index);
+
+	/* Clear the Enable bit. */
+	moving = moving & ~PCI_ROM_ADDRESS_ENABLE;
+
+	/* Find the resource constraints.
+	 * Start by finding the bits that move. From there:
+	 * - Size is the least significant bit of the bits that move.
+	 * - Limit is all of the bits that move plus all of the lower bits.
+	 * See PCI Spec 6.2.5.1.
+	 */
+	if (moving) {
+		resource->size = 1;
+		resource->align = resource->gran = 0;
+		while (!(moving & resource->size)) {
+			resource->size <<= 1;
+			resource->align += 1;
+			resource->gran += 1;
+		}
+		resource->limit = moving | (resource->size - 1);
+		resource->flags |= IORESOURCE_MEM | IORESOURCE_READONLY;
+	} else {
+		if (value != 0) {
+			printk(BIOS_DEBUG, "%s register %02lx(%08lx), "
+			       "read-only ignoring it\n",
+			       dev_path(dev), index, value);
+		}
+		resource->flags = 0;
+	}
+	compact_resources(dev);
+}
+
+/**
+ * Read the base address registers for a given device.
+ *
+ * @param dev Pointer to the dev structure.
+ * @param howmany How many registers to read (6 for device, 2 for bridge).
+ */
+static void pci_read_bases(struct device *dev, unsigned int howmany)
+{
+	unsigned long index;
+
+	for (index = PCI_BASE_ADDRESS_0;
+	     (index < PCI_BASE_ADDRESS_0 + (howmany << 2));) {
+		struct resource *resource;
+		resource = pci_get_resource(dev, index);
+		index += (resource->flags & IORESOURCE_PCI64) ? 8 : 4;
+	}
+
+	compact_resources(dev);
+}
+
+static void pci_record_bridge_resource(struct device *dev, resource_t moving,
+				       unsigned index, unsigned long type)
+{
+	struct resource *resource;
+	unsigned long gran;
+	resource_t step;
+
+	resource = NULL;
+
+	if (!moving)
+		return;
+
+	/* Initialize the constraints on the current bus. */
+	resource = new_resource(dev, index);
+	resource->size = 0;
+	gran = 0;
+	step = 1;
+	while ((moving & step) == 0) {
+		gran += 1;
+		step <<= 1;
+	}
+	resource->gran = gran;
+	resource->align = gran;
+	resource->limit = moving | (step - 1);
+	resource->flags = type | IORESOURCE_PCI_BRIDGE |
+			  IORESOURCE_BRIDGE;
+}
+
+static void pci_bridge_read_bases(struct device *dev)
+{
+	resource_t moving_base, moving_limit, moving;
+
+	/* See if the bridge I/O resources are implemented. */
+	moving_base = ((u32) pci_moving_config8(dev, PCI_IO_BASE)) << 8;
+	moving_base |=
+	  ((u32) pci_moving_config16(dev, PCI_IO_BASE_UPPER16)) << 16;
+
+	moving_limit = ((u32) pci_moving_config8(dev, PCI_IO_LIMIT)) << 8;
+	moving_limit |=
+	  ((u32) pci_moving_config16(dev, PCI_IO_LIMIT_UPPER16)) << 16;
+
+	moving = moving_base & moving_limit;
+
+	/* Initialize the I/O space constraints on the current bus. */
+	pci_record_bridge_resource(dev, moving, PCI_IO_BASE, IORESOURCE_IO);
+
+	/* See if the bridge prefmem resources are implemented. */
+	moving_base =
+	  ((resource_t) pci_moving_config16(dev, PCI_PREF_MEMORY_BASE)) << 16;
+	moving_base |=
+	  ((resource_t) pci_moving_config32(dev, PCI_PREF_BASE_UPPER32)) << 32;
+
+	moving_limit =
+	  ((resource_t) pci_moving_config16(dev, PCI_PREF_MEMORY_LIMIT)) << 16;
+	moving_limit |=
+	  ((resource_t) pci_moving_config32(dev, PCI_PREF_LIMIT_UPPER32)) << 32;
+
+	moving = moving_base & moving_limit;
+	/* Initialize the prefetchable memory constraints on the current bus. */
+	pci_record_bridge_resource(dev, moving, PCI_PREF_MEMORY_BASE,
+				   IORESOURCE_MEM | IORESOURCE_PREFETCH);
+
+	/* See if the bridge mem resources are implemented. */
+	moving_base = ((u32) pci_moving_config16(dev, PCI_MEMORY_BASE)) << 16;
+	moving_limit = ((u32) pci_moving_config16(dev, PCI_MEMORY_LIMIT)) << 16;
+
+	moving = moving_base & moving_limit;
+
+	/* Initialize the memory resources on the current bus. */
+	pci_record_bridge_resource(dev, moving, PCI_MEMORY_BASE,
+				   IORESOURCE_MEM);
+
+	compact_resources(dev);
+}
+
+void pci_dev_read_resources(struct device *dev)
+{
+	pci_read_bases(dev, 6);
+	pci_get_rom_resource(dev, PCI_ROM_ADDRESS);
+}
+
+void pci_bus_read_resources(struct device *dev)
+{
+	pci_bridge_read_bases(dev);
+	pci_read_bases(dev, 2);
+	pci_get_rom_resource(dev, PCI_ROM_ADDRESS1);
+}
+
+void pci_domain_read_resources(struct device *dev)
+{
+	struct resource *res;
+
+	/* Initialize the system-wide I/O space constraints. */
+	res = new_resource(dev, IOINDEX_SUBTRACTIVE(0, 0));
+	res->limit = 0xffffUL;
+	res->flags = IORESOURCE_IO | IORESOURCE_SUBTRACTIVE |
+		     IORESOURCE_ASSIGNED;
+
+	/* Initialize the system-wide memory resources constraints. */
+	res = new_resource(dev, IOINDEX_SUBTRACTIVE(1, 0));
+	res->limit = 0xffffffffULL;
+	res->flags = IORESOURCE_MEM | IORESOURCE_SUBTRACTIVE |
+		     IORESOURCE_ASSIGNED;
+}
+
+static void pci_set_resource(struct device *dev, struct resource *resource)
+{
+	resource_t base, end;
+
+	/* Make certain the resource has actually been assigned a value. */
+	if (!(resource->flags & IORESOURCE_ASSIGNED)) {
+		printk(BIOS_ERR, "ERROR: %s %02lx %s size: 0x%010llx not "
+		       "assigned\n", dev_path(dev), resource->index,
+		       resource_type(resource), resource->size);
+		return;
+	}
+
+	/* If this resource is fixed don't worry about it. */
+	if (resource->flags & IORESOURCE_FIXED)
+		return;
+
+	/* If I have already stored this resource don't worry about it. */
+	if (resource->flags & IORESOURCE_STORED)
+		return;
+
+	/* If the resource is subtractive don't worry about it. */
+	if (resource->flags & IORESOURCE_SUBTRACTIVE)
+		return;
+
+	/* Only handle PCI memory and I/O resources for now. */
+	if (!(resource->flags & (IORESOURCE_MEM | IORESOURCE_IO)))
+		return;
+
+	/* Enable the resources in the command register. */
+	if (resource->size) {
+		if (resource->flags & IORESOURCE_MEM)
+			dev->command |= PCI_COMMAND_MEMORY;
+		if (resource->flags & IORESOURCE_IO)
+			dev->command |= PCI_COMMAND_IO;
+		if (resource->flags & IORESOURCE_PCI_BRIDGE)
+			dev->command |= PCI_COMMAND_MASTER;
+	}
+
+	/* Get the base address. */
+	base = resource->base;
+
+	/* Get the end. */
+	end = resource_end(resource);
+
+	/* Now store the resource. */
+	resource->flags |= IORESOURCE_STORED;
+
+	/*
+	 * PCI bridges have no enable bit. They are disabled if the base of
+	 * the range is greater than the limit. If the size is zero, disable
+	 * by setting the base = limit and end = limit - 2^gran.
+	 */
+	if (resource->size == 0 && (resource->flags & IORESOURCE_PCI_BRIDGE)) {
+		base = resource->limit;
+		end = resource->limit - (1 << resource->gran);
+		resource->base = base;
+	}
+
+	if (!(resource->flags & IORESOURCE_PCI_BRIDGE)) {
+		unsigned long base_lo, base_hi;
+
+		/*
+		 * Some chipsets allow us to set/clear the I/O bit
+		 * (e.g. VIA 82C686A). So set it to be safe.
+		 */
+		base_lo = base & 0xffffffff;
+		base_hi = (base >> 32) & 0xffffffff;
+		if (resource->flags & IORESOURCE_IO)
+			base_lo |= PCI_BASE_ADDRESS_SPACE_IO;
+		pci_write_config32(dev, resource->index, base_lo);
+		if (resource->flags & IORESOURCE_PCI64)
+			pci_write_config32(dev, resource->index + 4, base_hi);
+	} else if (resource->index == PCI_IO_BASE) {
+		/* Set the I/O ranges. */
+		pci_write_config8(dev, PCI_IO_BASE, base >> 8);
+		pci_write_config16(dev, PCI_IO_BASE_UPPER16, base >> 16);
+		pci_write_config8(dev, PCI_IO_LIMIT, end >> 8);
+		pci_write_config16(dev, PCI_IO_LIMIT_UPPER16, end >> 16);
+	} else if (resource->index == PCI_MEMORY_BASE) {
+		/* Set the memory range. */
+		pci_write_config16(dev, PCI_MEMORY_BASE, base >> 16);
+		pci_write_config16(dev, PCI_MEMORY_LIMIT, end >> 16);
+	} else if (resource->index == PCI_PREF_MEMORY_BASE) {
+		/* Set the prefetchable memory range. */
+		pci_write_config16(dev, PCI_PREF_MEMORY_BASE, base >> 16);
+		pci_write_config32(dev, PCI_PREF_BASE_UPPER32, base >> 32);
+		pci_write_config16(dev, PCI_PREF_MEMORY_LIMIT, end >> 16);
+		pci_write_config32(dev, PCI_PREF_LIMIT_UPPER32, end >> 32);
+	} else {
+		/* Don't let me think I stored the resource. */
+		resource->flags &= ~IORESOURCE_STORED;
+		printk(BIOS_ERR, "ERROR: invalid resource->index %lx\n",
+		       resource->index);
+	}
+
+	report_resource_stored(dev, resource, "");
+}
+
+void pci_dev_set_resources(struct device *dev)
+{
+	struct resource *res;
+	struct bus *bus;
+	u8 line;
+
+	for (res = dev->resource_list; res; res = res->next)
+		pci_set_resource(dev, res);
+
+	for (bus = dev->link_list; bus; bus = bus->next) {
+		if (bus->children)
+			assign_resources(bus);
+	}
+
+	/* Set a default latency timer. */
+	pci_write_config8(dev, PCI_LATENCY_TIMER, 0x40);
+
+	/* Set a default secondary latency timer. */
+	if ((dev->hdr_type & 0x7f) == PCI_HEADER_TYPE_BRIDGE)
+		pci_write_config8(dev, PCI_SEC_LATENCY_TIMER, 0x40);
+
+	/* Zero the IRQ settings. */
+	line = pci_read_config8(dev, PCI_INTERRUPT_PIN);
+	if (line)
+		pci_write_config8(dev, PCI_INTERRUPT_LINE, 0);
+
+	/* Set the cache line size, so far 64 bytes is good for everyone. */
+	pci_write_config8(dev, PCI_CACHE_LINE_SIZE, 64 >> 2);
+}
+
+void pci_dev_enable_resources(struct device *dev)
+{
+	const struct pci_operations *ops;
+	u16 command;
+
+	/* Set the subsystem vendor and device ID for mainboard devices. */
+	ops = ops_pci(dev);
+	if (dev->on_mainboard && ops && ops->set_subsystem) {
+		printk(BIOS_DEBUG, "%s subsystem <- %04x/%04x\n",
+			dev_path(dev), dev->subsystem_vendor,
+			dev->subsystem_device);
+		ops->set_subsystem(dev, dev->subsystem_vendor,
+			dev->subsystem_device);
+	}
+	command = pci_read_config16(dev, PCI_COMMAND);
+	command |= dev->command;
+
+	/* v3 has
+	 * command |= (PCI_COMMAND_PARITY + PCI_COMMAND_SERR);	// Error check.
+	 */
+
+	printk(BIOS_DEBUG, "%s cmd <- %02x\n", dev_path(dev), command);
+	pci_write_config16(dev, PCI_COMMAND, command);
+}
+
+void pci_bus_enable_resources(struct device *dev)
+{
+	u16 ctrl;
+
+	/*
+	 * Enable I/O in command register if there is VGA card
+	 * connected with (even it does not claim I/O resource).
+	 */
+	if (dev->link_list->bridge_ctrl & PCI_BRIDGE_CTL_VGA)
+		dev->command |= PCI_COMMAND_IO;
+	ctrl = pci_read_config16(dev, PCI_BRIDGE_CONTROL);
+	ctrl |= dev->link_list->bridge_ctrl;
+	ctrl |= (PCI_BRIDGE_CTL_PARITY + PCI_BRIDGE_CTL_SERR); /* Error check. */
+	printk(BIOS_DEBUG, "%s bridge ctrl <- %04x\n", dev_path(dev), ctrl);
+	pci_write_config16(dev, PCI_BRIDGE_CONTROL, ctrl);
+
+	pci_dev_enable_resources(dev);
+}
+
+void pci_bus_reset(struct bus *bus)
+{
+	u16 ctl;
+
+	ctl = pci_read_config16(bus->dev, PCI_BRIDGE_CONTROL);
+	ctl |= PCI_BRIDGE_CTL_BUS_RESET;
+	pci_write_config16(bus->dev, PCI_BRIDGE_CONTROL, ctl);
+	mdelay(10);
+
+	ctl &= ~PCI_BRIDGE_CTL_BUS_RESET;
+	pci_write_config16(bus->dev, PCI_BRIDGE_CONTROL, ctl);
+	delay(1);
+}
+
+void pci_dev_set_subsystem(struct device *dev, unsigned vendor, unsigned device)
+{
+	pci_write_config32(dev, PCI_SUBSYSTEM_VENDOR_ID,
+			   ((device & 0xffff) << 16) | (vendor & 0xffff));
+}
+
+#if CONFIG_CHROMEOS
+int oprom_is_loaded = 0;
+#endif
+
+/** Default handler: only runs the relevant PCI BIOS. */
+void pci_dev_init(struct device *dev)
+{
+#if CONFIG_PCI_ROM_RUN || CONFIG_VGA_ROM_RUN
+	struct rom_header *rom, *ram;
+
+	if (CONFIG_PCI_ROM_RUN != 1 && /* Only execute VGA ROMs. */
+	    ((dev->class >> 8) != PCI_CLASS_DISPLAY_VGA))
+		return;
+
+	if (CONFIG_VGA_ROM_RUN != 1 && /* Only execute non-VGA ROMs. */
+	    ((dev->class >> 8) == PCI_CLASS_DISPLAY_VGA))
+		return;
+
+#if CONFIG_CHROMEOS
+	/* In ChromeOS we want to boot blazingly fast. Therefore
+	 * we don't run (VGA) option ROMs, unless we have to print
+	 * something on the screen before the kernel is loaded.
+	 */
+	if (!developer_mode_enabled() && !recovery_mode_enabled() &&
+	    !vboot_wants_oprom()) {
+		printk(BIOS_DEBUG, "Not loading VGA Option ROM\n");
+		return;
+	}
+#endif
+
+	rom = pci_rom_probe(dev);
+	if (rom == NULL)
+		return;
+
+	ram = pci_rom_load(dev, rom);
+	if (ram == NULL)
+		return;
+
+#if CONFIG_HAVE_ACPI_RESUME && !CONFIG_S3_VGA_ROM_RUN
+	/* If S3_VGA_ROM_RUN is disabled, skip running VGA option
+	 * ROMs when coming out of an S3 resume.
+	 */
+	if ((acpi_slp_type == 3) &&
+		((dev->class >> 8) == PCI_CLASS_DISPLAY_VGA))
+		return;
+#endif
+	run_bios(dev, (unsigned long)ram);
+#if CONFIG_CHROMEOS
+	oprom_is_loaded = 1;
+	printk(BIOS_DEBUG, "VGA Option ROM has been loaded\n");
+#endif
+#endif /* CONFIG_PCI_ROM_RUN || CONFIG_VGA_ROM_RUN */
+}
+
+/** Default device operation for PCI devices */
+static struct pci_operations pci_dev_ops_pci = {
+	.set_subsystem = pci_dev_set_subsystem,
+};
+
+struct device_operations default_pci_ops_dev = {
+	.read_resources   = pci_dev_read_resources,
+	.set_resources    = pci_dev_set_resources,
+	.enable_resources = pci_dev_enable_resources,
+	.init             = pci_dev_init,
+	.scan_bus         = 0,
+	.enable           = 0,
+	.ops_pci          = &pci_dev_ops_pci,
+};
+
+/** Default device operations for PCI bridges */
+static struct pci_operations pci_bus_ops_pci = {
+	.set_subsystem = 0,
+};
+
+struct device_operations default_pci_ops_bus = {
+	.read_resources   = pci_bus_read_resources,
+	.set_resources    = pci_dev_set_resources,
+	.enable_resources = pci_bus_enable_resources,
+	.init             = 0,
+	.scan_bus         = pci_scan_bridge,
+	.enable           = 0,
+	.reset_bus        = pci_bus_reset,
+	.ops_pci          = &pci_bus_ops_pci,
+};
+
+/**
+ * Detect the type of downstream bridge.
+ *
+ * This function is a heuristic to detect which type of bus is downstream
+ * of a PCI-to-PCI bridge. This functions by looking for various capability
+ * blocks to figure out the type of downstream bridge. PCI-X, PCI-E, and
+ * Hypertransport all seem to have appropriate capabilities.
+ *
+ * When only a PCI-Express capability is found the type is examined to see
+ * which type of bridge we have.
+ *
+ * @param dev Pointer to the device structure of the bridge.
+ * @return Appropriate bridge operations.
+ */
+static struct device_operations *get_pci_bridge_ops(device_t dev)
+{
+#if CONFIG_PCIX_PLUGIN_SUPPORT
+	unsigned int pcixpos;
+	pcixpos = pci_find_capability(dev, PCI_CAP_ID_PCIX);
+	if (pcixpos) {
+		printk(BIOS_DEBUG, "%s subordinate bus PCI-X\n", dev_path(dev));
+		return &default_pcix_ops_bus;
+	}
+#endif
+#if CONFIG_AGP_PLUGIN_SUPPORT
+	/* How do I detect a PCI to AGP bridge? */
+#endif
+#if CONFIG_HYPERTRANSPORT_PLUGIN_SUPPORT
+	unsigned int htpos = 0;
+	while ((htpos = pci_find_next_capability(dev, PCI_CAP_ID_HT, htpos))) {
+		u16 flags;
+		flags = pci_read_config16(dev, htpos + PCI_CAP_FLAGS);
+		if ((flags >> 13) == 1) {
+			/* Host or Secondary Interface */
+			printk(BIOS_DEBUG, "%s subordinate bus HT\n",
+			       dev_path(dev));
+			return &default_ht_ops_bus;
+		}
+	}
+#endif
+#if CONFIG_PCIEXP_PLUGIN_SUPPORT
+	unsigned int pciexpos;
+	pciexpos = pci_find_capability(dev, PCI_CAP_ID_PCIE);
+	if (pciexpos) {
+		u16 flags;
+		flags = pci_read_config16(dev, pciexpos + PCI_EXP_FLAGS);
+		switch ((flags & PCI_EXP_FLAGS_TYPE) >> 4) {
+		case PCI_EXP_TYPE_ROOT_PORT:
+		case PCI_EXP_TYPE_UPSTREAM:
+		case PCI_EXP_TYPE_DOWNSTREAM:
+			printk(BIOS_DEBUG, "%s subordinate bus PCI Express\n",
+			       dev_path(dev));
+			return &default_pciexp_ops_bus;
+		case PCI_EXP_TYPE_PCI_BRIDGE:
+			printk(BIOS_DEBUG, "%s subordinate PCI\n",
+			       dev_path(dev));
+			return &default_pci_ops_bus;
+		default:
+			break;
+		}
+	}
+#endif
+	return &default_pci_ops_bus;
+}
+
+/**
+ * Check if a device id matches a PCI driver entry.
+ *
+ * The driver entry can either point at a zero terminated array of acceptable
+ * device IDs, or include a single device ID.
+ *
+ * @driver pointer to the PCI driver entry being checked
+ * @device_id PCI device ID of the device being matched
+ */
+static int device_id_match(struct pci_driver *driver, unsigned short device_id)
+{
+	if (driver->devices) {
+		unsigned short check_id;
+		const unsigned short *device_list = driver->devices;
+		while ((check_id = *device_list++) != 0)
+			if (check_id == device_id)
+				return 1;
+	}
+
+	return (driver->device == device_id);
+}
+
+/**
+ * Set up PCI device operation.
+ *
+ * Check if it already has a driver. If not, use find_device_operations(),
+ * or set to a default based on type.
+ *
+ * @param dev Pointer to the device whose pci_ops you want to set.
+ * @see pci_drivers
+ */
+static void set_pci_ops(struct device *dev)
+{
+	struct pci_driver *driver;
+
+	if (dev->ops)
+		return;
+
+	/*
+	 * Look through the list of setup drivers and find one for
+	 * this PCI device.
+	 */
+	for (driver = &pci_drivers[0]; driver != &epci_drivers[0]; driver++) {
+		if ((driver->vendor == dev->vendor) &&
+		    device_id_match(driver, dev->device)) {
+			dev->ops = (struct device_operations *)driver->ops;
+			printk(BIOS_SPEW, "%s [%04x/%04x] %sops\n",
+			       dev_path(dev), driver->vendor, driver->device,
+			       (driver->ops->scan_bus ? "bus " : ""));
+			return;
+		}
+	}
+
+	/* If I don't have a specific driver use the default operations. */
+	switch (dev->hdr_type & 0x7f) {	/* Header type */
+	case PCI_HEADER_TYPE_NORMAL:
+		if ((dev->class >> 8) == PCI_CLASS_BRIDGE_PCI)
+			goto bad;
+		dev->ops = &default_pci_ops_dev;
+		break;
+	case PCI_HEADER_TYPE_BRIDGE:
+		if ((dev->class >> 8) != PCI_CLASS_BRIDGE_PCI)
+			goto bad;
+		dev->ops = get_pci_bridge_ops(dev);
+		break;
+#if CONFIG_CARDBUS_PLUGIN_SUPPORT
+	case PCI_HEADER_TYPE_CARDBUS:
+		dev->ops = &default_cardbus_ops_bus;
+		break;
+#endif
+default:
+bad:
+		if (dev->enabled) {
+			printk(BIOS_ERR, "%s [%04x/%04x/%06x] has unknown "
+			       "header type %02x, ignoring.\n", dev_path(dev),
+			       dev->vendor, dev->device,
+			       dev->class >> 8, dev->hdr_type);
+		}
+	}
+}
+
+/**
+ * See if we have already allocated a device structure for a given devfn.
+ *
+ * Given a linked list of PCI device structures and a devfn number, find the
+ * device structure correspond to the devfn, if present. This function also
+ * removes the device structure from the linked list.
+ *
+ * @param list The device structure list.
+ * @param devfn A device/function number.
+ * @return Pointer to the device structure found or NULL if we have not
+ *	   allocated a device for this devfn yet.
+ */
+static struct device *pci_scan_get_dev(struct device **list, unsigned int devfn)
+{
+	struct device *dev;
+
+	dev = 0;
+	for (; *list; list = &(*list)->sibling) {
+		if ((*list)->path.type != DEVICE_PATH_PCI) {
+			printk(BIOS_ERR, "child %s not a PCI device\n",
+			       dev_path(*list));
+			continue;
+		}
+		if ((*list)->path.pci.devfn == devfn) {
+			/* Unlink from the list. */
+			dev = *list;
+			*list = (*list)->sibling;
+			dev->sibling = NULL;
+			break;
+		}
+	}
+
+	/*
+	 * Just like alloc_dev() add the device to the list of devices on the
+	 * bus. When the list of devices was formed we removed all of the
+	 * parents children, and now we are interleaving static and dynamic
+	 * devices in order on the bus.
+	 */
+	if (dev) {
+		struct device *child;
+
+		/* Find the last child of our parent. */
+		for (child = dev->bus->children; child && child->sibling;)
+			child = child->sibling;
+
+		/* Place the device on the list of children of its parent. */
+		if (child)
+			child->sibling = dev;
+		else
+			dev->bus->children = dev;
+	}
+
+	return dev;
+}
+
+/**
+ * Scan a PCI bus.
+ *
+ * Determine the existence of a given PCI device. Allocate a new struct device
+ * if dev==NULL was passed in and the device exists in hardware.
+ *
+ * @param dev Pointer to the dev structure.
+ * @param bus Pointer to the bus structure.
+ * @param devfn A device/function number to look at.
+ * @return The device structure for the device (if found), NULL otherwise.
+ */
+device_t pci_probe_dev(device_t dev, struct bus *bus, unsigned devfn)
+{
+	u32 id, class;
+	u8 hdr_type;
+
+	/* Detect if a device is present. */
+	if (!dev) {
+		struct device dummy;
+
+		dummy.bus = bus;
+		dummy.path.type = DEVICE_PATH_PCI;
+		dummy.path.pci.devfn = devfn;
+
+		id = pci_read_config32(&dummy, PCI_VENDOR_ID);
+		/*
+		 * Have we found something? Some broken boards return 0 if a
+		 * slot is empty, but the expected answer is 0xffffffff.
+		 */
+		if (id == 0xffffffff)
+			return NULL;
+
+		if ((id == 0x00000000) || (id == 0x0000ffff) ||
+		    (id == 0xffff0000)) {
+			printk(BIOS_SPEW, "%s, bad id 0x%x\n",
+			       dev_path(&dummy), id);
+			return NULL;
+		}
+		dev = alloc_dev(bus, &dummy.path);
+	} else {
+		/*
+		 * Enable/disable the device. Once we have found the device-
+		 * specific operations this operations we will disable the
+		 * device with those as well.
+		 *
+		 * This is geared toward devices that have subfunctions
+		 * that do not show up by default.
+		 *
+		 * If a device is a stuff option on the motherboard
+		 * it may be absent and enable_dev() must cope.
+		 */
+		/* Run the magic enable sequence for the device. */
+		if (dev->chip_ops && dev->chip_ops->enable_dev)
+			dev->chip_ops->enable_dev(dev);
+
+		/* Now read the vendor and device ID. */
+		id = pci_read_config32(dev, PCI_VENDOR_ID);
+
+		/*
+		 * If the device does not have a PCI ID disable it. Possibly
+		 * this is because we have already disabled the device. But
+		 * this also handles optional devices that may not always
+		 * show up.
+		 */
+		/* If the chain is fully enumerated quit */
+		if ((id == 0xffffffff) || (id == 0x00000000) ||
+		    (id == 0x0000ffff) || (id == 0xffff0000)) {
+			if (dev->enabled) {
+				printk(BIOS_INFO, "PCI: Static device %s not "
+				       "found, disabling it.\n", dev_path(dev));
+				dev->enabled = 0;
+			}
+			return dev;
+		}
+	}
+
+	/* Read the rest of the PCI configuration information. */
+	hdr_type = pci_read_config8(dev, PCI_HEADER_TYPE);
+	class = pci_read_config32(dev, PCI_CLASS_REVISION);
+
+	/* Store the interesting information in the device structure. */
+	dev->vendor = id & 0xffff;
+	dev->device = (id >> 16) & 0xffff;
+	dev->hdr_type = hdr_type;
+
+	/* Class code, the upper 3 bytes of PCI_CLASS_REVISION. */
+	dev->class = class >> 8;
+
+	/* Architectural/System devices always need to be bus masters. */
+	if ((dev->class >> 16) == PCI_BASE_CLASS_SYSTEM)
+		dev->command |= PCI_COMMAND_MASTER;
+
+	/*
+	 * Look at the vendor and device ID, or at least the header type and
+	 * class and figure out which set of configuration methods to use.
+	 * Unless we already have some PCI ops.
+	 */
+	set_pci_ops(dev);
+
+	/* Now run the magic enable/disable sequence for the device. */
+	if (dev->ops && dev->ops->enable)
+		dev->ops->enable(dev);
+
+	/* Display the device. */
+	printk(BIOS_DEBUG, "%s [%04x/%04x] %s%s\n", dev_path(dev),
+	       dev->vendor, dev->device, dev->enabled ? "enabled" : "disabled",
+	       dev->ops ? "" : " No operations");
+
+	return dev;
+}
+
+/**
+ * Scan a PCI bus.
+ *
+ * Determine the existence of devices and bridges on a PCI bus. If there are
+ * bridges on the bus, recursively scan the buses behind the bridges.
+ *
+ * This function is the default scan_bus() method for the root device
+ * 'dev_root'.
+ *
+ * @param bus Pointer to the bus structure.
+ * @param min_devfn Minimum devfn to look at in the scan, usually 0x00.
+ * @param max_devfn Maximum devfn to look at in the scan, usually 0xff.
+ * @param max Current bus number.
+ * @return The maximum bus number found, after scanning all subordinate busses.
+ */
+unsigned int pci_scan_bus(struct bus *bus, unsigned min_devfn,
+			  unsigned max_devfn, unsigned int max)
+{
+	unsigned int devfn;
+	struct device *old_devices;
+	struct device *child;
+
+#if CONFIG_PCI_BUS_SEGN_BITS
+	printk(BIOS_DEBUG, "PCI: pci_scan_bus for bus %04x:%02x\n",
+	       bus->secondary >> 8, bus->secondary & 0xff);
+#else
+	printk(BIOS_DEBUG, "PCI: pci_scan_bus for bus %02x\n", bus->secondary);
+#endif
+
+	/* Maximum sane devfn is 0xFF. */
+	if (max_devfn > 0xff) {
+		printk(BIOS_ERR, "PCI: pci_scan_bus limits devfn %x - "
+		       "devfn %x\n", min_devfn, max_devfn);
+		printk(BIOS_ERR, "PCI: pci_scan_bus upper limit too big. "
+		       "Using 0xff.\n");
+		max_devfn=0xff;
+	}
+
+	old_devices = bus->children;
+	bus->children = NULL;
+
+	post_code(0x24);
+
+	/*
+	 * Probe all devices/functions on this bus with some optimization for
+	 * non-existence and single function devices.
+	 */
+	for (devfn = min_devfn; devfn <= max_devfn; devfn++) {
+		struct device *dev;
+
+		/* First thing setup the device structure. */
+		dev = pci_scan_get_dev(&old_devices, devfn);
+
+		/* See if a device is present and setup the device structure. */
+		dev = pci_probe_dev(dev, bus, devfn);
+
+		/*
+		 * If this is not a multi function device, or the device is
+		 * not present don't waste time probing another function.
+		 * Skip to next device.
+		 */
+		if ((PCI_FUNC(devfn) == 0x00) && (!dev
+		     || (dev->enabled && ((dev->hdr_type & 0x80) != 0x80)))) {
+			devfn += 0x07;
+		}
+	}
+
+	post_code(0x25);
+
+	/*
+	 * Warn if any leftover static devices are are found.
+	 * There's probably a problem in devicetree.cb.
+	 */
+	if (old_devices) {
+		device_t left;
+		printk(BIOS_WARNING, "PCI: Left over static devices:\n");
+		for (left = old_devices; left; left = left->sibling)
+			printk(BIOS_WARNING, "%s\n", dev_path(left));
+
+		printk(BIOS_WARNING, "PCI: Check your devicetree.cb.\n");
+	}
+
+	/*
+	 * For all children that implement scan_bus() (i.e. bridges)
+	 * scan the bus behind that child.
+	 */
+	for (child = bus->children; child; child = child->sibling)
+		max = scan_bus(child, max);
+
+	/*
+	 * We've scanned the bus and so we know all about what's on the other
+	 * side of any bridges that may be on this bus plus any devices.
+	 * Return how far we've got finding sub-buses.
+	 */
+	printk(BIOS_DEBUG, "PCI: pci_scan_bus returning with max=%03x\n", max);
+	post_code(0x55);
+	return max;
+}
+
+/**
+ * Scan a PCI bridge and the buses behind the bridge.
+ *
+ * Determine the existence of buses behind the bridge. Set up the bridge
+ * according to the result of the scan.
+ *
+ * This function is the default scan_bus() method for PCI bridge devices.
+ *
+ * @param dev Pointer to the bridge device.
+ * @param max The highest bus number assigned up to now.
+ * @param do_scan_bus TODO
+ * @return The maximum bus number found, after scanning all subordinate buses.
+ */
+unsigned int do_pci_scan_bridge(struct device *dev, unsigned int max,
+				unsigned int (*do_scan_bus) (struct bus * bus,
+							     unsigned min_devfn,
+							     unsigned max_devfn,
+							     unsigned int max))
+{
+	struct bus *bus;
+	u32 buses;
+	u16 cr;
+
+	printk(BIOS_SPEW, "%s for %s\n", __func__, dev_path(dev));
+
+	if (dev->link_list == NULL) {
+		struct bus *link;
+		link = malloc(sizeof(*link));
+		if (link == NULL)
+			die("Couldn't allocate a link!\n");
+		memset(link, 0, sizeof(*link));
+		link->dev = dev;
+		dev->link_list = link;
+	}
+
+	bus = dev->link_list;
+
+	/*
+	 * Set up the primary, secondary and subordinate bus numbers. We have
+	 * no idea how many buses are behind this bridge yet, so we set the
+	 * subordinate bus number to 0xff for the moment.
+	 */
+	bus->secondary = ++max;
+	bus->subordinate = 0xff;
+
+	/* Clear all status bits and turn off memory, I/O and master enables. */
+	cr = pci_read_config16(dev, PCI_COMMAND);
+	pci_write_config16(dev, PCI_COMMAND, 0x0000);
+	pci_write_config16(dev, PCI_STATUS, 0xffff);
+
+	/*
+	 * Read the existing primary/secondary/subordinate bus
+	 * number configuration.
+	 */
+	buses = pci_read_config32(dev, PCI_PRIMARY_BUS);
+
+	/*
+	 * Configure the bus numbers for this bridge: the configuration
+	 * transactions will not be propagated by the bridge if it is not
+	 * correctly configured.
+	 */
+	buses &= 0xff000000;
+	buses |= (((unsigned int)(dev->bus->secondary) << 0) |
+		  ((unsigned int)(bus->secondary) << 8) |
+		  ((unsigned int)(bus->subordinate) << 16));
+	pci_write_config32(dev, PCI_PRIMARY_BUS, buses);
+
+	/* Now we can scan all subordinate buses (those behind the bridge). */
+	max = do_scan_bus(bus, 0x00, 0xff, max);
+
+	/*
+	 * We know the number of buses behind this bridge. Set the subordinate
+	 * bus number to its real value.
+	 */
+	bus->subordinate = max;
+	buses = (buses & 0xff00ffff) | ((unsigned int)(bus->subordinate) << 16);
+	pci_write_config32(dev, PCI_PRIMARY_BUS, buses);
+	pci_write_config16(dev, PCI_COMMAND, cr);
+
+	printk(BIOS_SPEW, "%s returns max %d\n", __func__, max);
+	return max;
+}
+
+/**
+ * Scan a PCI bridge and the buses behind the bridge.
+ *
+ * Determine the existence of buses behind the bridge. Set up the bridge
+ * according to the result of the scan.
+ *
+ * This function is the default scan_bus() method for PCI bridge devices.
+ *
+ * @param dev Pointer to the bridge device.
+ * @param max The highest bus number assigned up to now.
+ * @return The maximum bus number found, after scanning all subordinate buses.
+ */
+unsigned int pci_scan_bridge(struct device *dev, unsigned int max)
+{
+	return do_pci_scan_bridge(dev, max, pci_scan_bus);
+}
+
+/**
+ * Scan a PCI domain.
+ *
+ * This function is the default scan_bus() method for PCI domains.
+ *
+ * @param dev Pointer to the domain.
+ * @param max The highest bus number assigned up to now.
+ * @return The maximum bus number found, after scanning all subordinate busses.
+ */
+unsigned int pci_domain_scan_bus(device_t dev, unsigned int max)
+{
+	max = pci_scan_bus(dev->link_list, PCI_DEVFN(0, 0), 0xff, max);
+	return max;
+}
+
+#if CONFIG_PC80_SYSTEM
+/**
+ * Assign IRQ numbers.
+ *
+ * This function assigns IRQs for all functions contained within the indicated
+ * device address. If the device does not exist or does not require interrupts
+ * then this function has no effect.
+ *
+ * This function should be called for each PCI slot in your system.
+ *
+ * @param bus Pointer to the bus structure.
+ * @param slot TODO
+ * @param pIntAtoD An array of IRQ #s that are assigned to PINTA through PINTD
+ *        of this slot. The particular IRQ #s that are passed in depend on the
+ *        routing inside your southbridge and on your board.
+ */
+void pci_assign_irqs(unsigned bus, unsigned slot,
+		     const unsigned char pIntAtoD[4])
+{
+	unsigned int funct;
+	device_t pdev;
+	u8 line, irq;
+
+	/* Each slot may contain up to eight functions. */
+	for (funct = 0; funct < 8; funct++) {
+		pdev = dev_find_slot(bus, (slot << 3) + funct);
+
+		if (!pdev)
+			continue;
+
+		line = pci_read_config8(pdev, PCI_INTERRUPT_PIN);
+
+		/* PCI spec says all values except 1..4 are reserved. */
+		if ((line < 1) || (line > 4))
+			continue;
+
+		irq = pIntAtoD[line - 1];
+
+		printk(BIOS_DEBUG, "Assigning IRQ %d to %d:%x.%d\n",
+		       irq, bus, slot, funct);
+
+		pci_write_config8(pdev, PCI_INTERRUPT_LINE,
+				  pIntAtoD[line - 1]);
+
+#ifdef PARANOID_IRQ_ASSIGNMENTS
+		irq = pci_read_config8(pdev, PCI_INTERRUPT_LINE);
+		printk(BIOS_DEBUG, "  Readback = %d\n", irq);
+#endif
+
+#if CONFIG_PC80_SYSTEM
+		/* Change to level triggered. */
+		i8259_configure_irq_trigger(pIntAtoD[line - 1],
+					    IRQ_LEVEL_TRIGGERED);
+#endif
+	}
+}
+#endif
diff --git a/src/device/pci_ops.c b/src/device/pci_ops.c
new file mode 100644
index 0000000..07da300
--- /dev/null
+++ b/src/device/pci_ops.c
@@ -0,0 +1,149 @@
+/*
+ * This file is part of the coreboot project.
+ *
+ * Copyright (C) 2004 Linux Networx
+ * (Written by Eric Biederman <ebiederman at lnxi.com> for Linux Networx)
+ * Copyright (C) 2009 coresystems GmbH
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; version 2 of the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
+ */
+
+#include <console/console.h>
+#include <arch/pciconf.h>
+#include <device/pci.h>
+#include <device/pci_ids.h>
+#include <device/pci_ops.h>
+
+/*
+ * The only consumer of the return value of get_pbus() is ops_pci_bus().
+ * ops_pci_bus() can handle being passed NULL and auto-picks working ops.
+ */
+static struct bus *get_pbus(device_t dev)
+{
+	struct bus *pbus = NULL;
+
+	if (!dev)
+		die("get_pbus: dev is NULL!\n");
+	else
+		pbus = dev->bus;
+
+	while (pbus && pbus->dev && !ops_pci_bus(pbus)) {
+		if (pbus == pbus->dev->bus) {
+			printk(BIOS_ALERT, "%s in endless loop looking for a "
+			       "parent bus with ops_pci_bus for %s, breaking "
+			       "out.\n", __func__, dev_path(dev));
+			break;
+		}
+		pbus = pbus->dev->bus;
+	}
+
+	if (!pbus || !pbus->dev || !pbus->dev->ops
+	    || !pbus->dev->ops->ops_pci_bus) {
+		/* This can happen before the device tree is fully set up. */
+
+		// printk(BIOS_EMERG, "%s: Cannot find PCI bus operations.\n",
+		// dev_path(dev));
+
+		pbus = NULL;
+	}
+
+	return pbus;
+}
+
+u8 pci_read_config8(device_t dev, unsigned int where)
+{
+	struct bus *pbus = get_pbus(dev);
+	return ops_pci_bus(pbus)->read8(pbus, dev->bus->secondary,
+					dev->path.pci.devfn, where);
+}
+
+u16 pci_read_config16(device_t dev, unsigned int where)
+{
+	struct bus *pbus = get_pbus(dev);
+	return ops_pci_bus(pbus)->read16(pbus, dev->bus->secondary,
+					 dev->path.pci.devfn, where);
+}
+
+u32 pci_read_config32(device_t dev, unsigned int where)
+{
+	struct bus *pbus = get_pbus(dev);
+	return ops_pci_bus(pbus)->read32(pbus, dev->bus->secondary,
+					 dev->path.pci.devfn, where);
+}
+
+void pci_write_config8(device_t dev, unsigned int where, u8 val)
+{
+	struct bus *pbus = get_pbus(dev);
+	ops_pci_bus(pbus)->write8(pbus, dev->bus->secondary,
+				  dev->path.pci.devfn, where, val);
+}
+
+void pci_write_config16(device_t dev, unsigned int where, u16 val)
+{
+	struct bus *pbus = get_pbus(dev);
+	ops_pci_bus(pbus)->write16(pbus, dev->bus->secondary,
+				   dev->path.pci.devfn, where, val);
+}
+
+void pci_write_config32(device_t dev, unsigned int where, u32 val)
+{
+	struct bus *pbus = get_pbus(dev);
+	ops_pci_bus(pbus)->write32(pbus, dev->bus->secondary,
+				   dev->path.pci.devfn, where, val);
+}
+
+#if CONFIG_MMCONF_SUPPORT
+u8 pci_mmio_read_config8(device_t dev, unsigned int where)
+{
+	struct bus *pbus = get_pbus(dev);
+	return pci_ops_mmconf.read8(pbus, dev->bus->secondary,
+				    dev->path.pci.devfn, where);
+}
+
+u16 pci_mmio_read_config16(device_t dev, unsigned int where)
+{
+	struct bus *pbus = get_pbus(dev);
+	return pci_ops_mmconf.read16(pbus, dev->bus->secondary,
+				     dev->path.pci.devfn, where);
+}
+
+u32 pci_mmio_read_config32(device_t dev, unsigned int where)
+{
+	struct bus *pbus = get_pbus(dev);
+	return pci_ops_mmconf.read32(pbus, dev->bus->secondary,
+				     dev->path.pci.devfn, where);
+}
+
+void pci_mmio_write_config8(device_t dev, unsigned int where, u8 val)
+{
+	struct bus *pbus = get_pbus(dev);
+	pci_ops_mmconf.write8(pbus, dev->bus->secondary, dev->path.pci.devfn,
+			      where, val);
+}
+
+void pci_mmio_write_config16(device_t dev, unsigned int where, u16 val)
+{
+	struct bus *pbus = get_pbus(dev);
+	pci_ops_mmconf.write16(pbus, dev->bus->secondary, dev->path.pci.devfn,
+			       where, val);
+}
+
+void pci_mmio_write_config32(device_t dev, unsigned int where, u32 val)
+{
+	struct bus *pbus = get_pbus(dev);
+	pci_ops_mmconf.write32(pbus, dev->bus->secondary, dev->path.pci.devfn,
+			       where, val);
+}
+
+#endif
diff --git a/src/device/pci_rom.c b/src/device/pci_rom.c
new file mode 100644
index 0000000..fe67515
--- /dev/null
+++ b/src/device/pci_rom.c
@@ -0,0 +1,174 @@
+/*
+ * This file is part of the coreboot project.
+ *
+ * Copyright (C) 2005 Li-Ta Lo <ollie at lanl.gov>
+ * Copyright (C) 2005 Tyan
+ * (Written by Yinghai Lu <yhlu at tyan.com> for Tyan)
+ * Copyright (C) 2005 Ronald G. Minnich <rminnich at gmail.com>
+ * Copyright (C) 2005-2007 Stefan Reinauer <stepan at openbios.org>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; version 2 of the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
+ */
+
+#include <console/console.h>
+#include <device/device.h>
+#include <device/pci.h>
+#include <device/pci_ids.h>
+#include <device/pci_ops.h>
+#include <string.h>
+#include <cbfs.h>
+
+struct rom_header *pci_rom_probe(struct device *dev)
+{
+	struct rom_header *rom_header;
+	struct pci_data *rom_data;
+
+	/* If it's in FLASH, then don't check device for ROM. */
+	rom_header = cbfs_load_optionrom(dev->vendor, dev->device, NULL);
+
+	u32 vendev = (dev->vendor << 16) | dev->device;
+	u32 mapped_vendev = vendev;
+
+	if (map_oprom_vendev)
+		mapped_vendev = map_oprom_vendev(vendev);
+
+	if (!rom_header) {
+		if (vendev != mapped_vendev) {
+			rom_header = cbfs_load_optionrom(mapped_vendev >> 16,
+					mapped_vendev & 0xffff , NULL);
+		}
+	}
+
+	if (rom_header) {
+		printk(BIOS_DEBUG, "In CBFS, ROM address for %s = %p\n",
+		       dev_path(dev), rom_header);
+	} else {
+		u32 rom_address;
+
+		rom_address = pci_read_config32(dev, PCI_ROM_ADDRESS);
+
+		if (rom_address == 0x00000000 || rom_address == 0xffffffff) {
+#if CONFIG_BOARD_EMULATION_QEMU_X86
+			if ((dev->class >> 8) == PCI_CLASS_DISPLAY_VGA)
+				rom_address = 0xc0000;
+			else
+#endif
+				return NULL;
+		} else {
+			/* Enable expansion ROM address decoding. */
+			pci_write_config32(dev, PCI_ROM_ADDRESS,
+					   rom_address|PCI_ROM_ADDRESS_ENABLE);
+		}
+
+#if CONFIG_ON_DEVICE_ROM_RUN
+		printk(BIOS_DEBUG, "Option ROM address for %s = %lx\n",
+		       dev_path(dev), (unsigned long)rom_address);
+		rom_header = (struct rom_header *)rom_address;
+#else
+		printk(BIOS_DEBUG, "Option ROM execution disabled "
+			"for %s\n", dev_path(dev));
+		return NULL;
+#endif
+	}
+
+	printk(BIOS_SPEW, "PCI expansion ROM, signature 0x%04x, "
+	       "INIT size 0x%04x, data ptr 0x%04x\n",
+	       le32_to_cpu(rom_header->signature),
+	       rom_header->size * 512, le32_to_cpu(rom_header->data));
+
+	if (le32_to_cpu(rom_header->signature) != PCI_ROM_HDR) {
+		printk(BIOS_ERR, "Incorrect expansion ROM header "
+		       "signature %04x\n", le32_to_cpu(rom_header->signature));
+		return NULL;
+	}
+
+	rom_data = (((void *)rom_header) + le32_to_cpu(rom_header->data));
+
+	printk(BIOS_SPEW, "PCI ROM image, vendor ID %04x, device ID %04x,\n",
+	       rom_data->vendor, rom_data->device);
+	/* If the device id is mapped, a mismatch is expected */
+	if ((dev->vendor != rom_data->vendor
+	    || dev->device != rom_data->device)
+	    && (vendev == mapped_vendev)) {
+		printk(BIOS_ERR, "ID mismatch: vendor ID %04x, "
+		       "device ID %04x\n", rom_data->vendor, rom_data->device);
+		return NULL;
+	}
+
+	printk(BIOS_SPEW, "PCI ROM image, Class Code %04x%02x, "
+	       "Code Type %02x\n", rom_data->class_hi, rom_data->class_lo,
+	       rom_data->type);
+
+	if (dev->class != ((rom_data->class_hi << 8) | rom_data->class_lo)) {
+		printk(BIOS_DEBUG, "Class Code mismatch ROM %08x, dev %08x\n",
+		       (rom_data->class_hi << 8) | rom_data->class_lo,
+		       dev->class);
+		// return NULL;
+	}
+
+	return rom_header;
+}
+
+static void *pci_ram_image_start = (void *)PCI_RAM_IMAGE_START;
+
+struct rom_header *pci_rom_load(struct device *dev,
+				struct rom_header *rom_header)
+{
+	struct pci_data * rom_data;
+	unsigned int rom_size;
+	unsigned int image_size=0;
+
+	do {
+		/* Get next image. */
+		rom_header = (struct rom_header *)((void *) rom_header
+							    + image_size);
+
+		rom_data = (struct pci_data *)((void *) rom_header
+				+ le32_to_cpu(rom_header->data));
+
+		image_size = le32_to_cpu(rom_data->ilen) * 512;
+	} while ((rom_data->type != 0) && (rom_data->indicator != 0)); // make sure we got x86 version
+
+	if (rom_data->type != 0)
+		return NULL;
+
+	rom_size = rom_header->size * 512;
+
+	/*
+	 * We check to see if the device thinks it is a VGA device not
+	 * whether the ROM image is for a VGA device because some
+	 * devices have a mismatch between the hardware and the ROM.
+	 */
+ 	if (PCI_CLASS_DISPLAY_VGA == (dev->class >> 8)) {
+#if !CONFIG_MULTIPLE_VGA_ADAPTERS
+		extern device_t vga_pri; /* Primary VGA device (device.c). */
+		if (dev != vga_pri) return NULL; /* Only one VGA supported. */
+#endif
+		if ((void *)PCI_VGA_RAM_IMAGE_START != rom_header) {
+			printk(BIOS_DEBUG, "Copying VGA ROM Image from %p to "
+			       "0x%x, 0x%x bytes\n", rom_header,
+			       PCI_VGA_RAM_IMAGE_START, rom_size);
+			memcpy((void *)PCI_VGA_RAM_IMAGE_START, rom_header,
+			       rom_size);
+		}
+		return (struct rom_header *) (PCI_VGA_RAM_IMAGE_START);
+	}
+
+	printk(BIOS_DEBUG, "Copying non-VGA ROM image from %p to %p, 0x%x "
+	       "bytes\n", rom_header, pci_ram_image_start, rom_size);
+
+	memcpy(pci_ram_image_start, rom_header, rom_size);
+	pci_ram_image_start += rom_size;
+	return (struct rom_header *) (pci_ram_image_start-rom_size);
+}
diff --git a/src/device/pciexp_device.c b/src/device/pciexp_device.c
new file mode 100644
index 0000000..36f3e6a
--- /dev/null
+++ b/src/device/pciexp_device.c
@@ -0,0 +1,252 @@
+/*
+ * This file is part of the coreboot project.
+ *
+ * Copyright (C) 2005 Linux Networx
+ * (Written by Eric Biederman <ebiederman at lnxi.com> for Linux Networx)
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; version 2 of the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
+ */
+
+#include <console/console.h>
+#include <delay.h>
+#include <device/device.h>
+#include <device/pci.h>
+#include <device/pci_ids.h>
+#include <device/pciexp.h>
+
+#if CONFIG_PCIEXP_COMMON_CLOCK
+/*
+ * Re-train a PCIe link
+ */
+#define PCIE_TRAIN_RETRY 10000
+static int pciexp_retrain_link(device_t dev, unsigned cap)
+{
+	unsigned try = PCIE_TRAIN_RETRY;
+	u16 lnk;
+
+	/* Start link retraining */
+	lnk = pci_read_config16(dev, cap + PCI_EXP_LNKCTL);
+	lnk |= PCI_EXP_LNKCTL_RL;
+	pci_write_config16(dev, cap + PCI_EXP_LNKCTL, lnk);
+
+	/* Wait for training to complete */
+	while (try--) {
+		lnk = pci_read_config16(dev, cap + PCI_EXP_LNKSTA);
+		if (!(lnk & PCI_EXP_LNKSTA_LT))
+			return 0;
+		udelay(100);
+	}
+
+	printk(BIOS_ERR, "%s: Link Retrain timeout\n", dev_path(dev));
+	return -1;
+}
+
+/*
+ * Check the Slot Clock Configuration for root port and endpoint
+ * and enable Common Clock Configuration if possible.  If CCC is
+ * enabled the link must be retrained.
+ */
+static void pciexp_enable_common_clock(device_t root, unsigned root_cap,
+				       device_t endp, unsigned endp_cap)
+{
+	u16 root_scc, endp_scc, lnkctl;
+
+	/* Get Slot Clock Configuration for root port */
+	root_scc = pci_read_config16(root, root_cap + PCI_EXP_LNKSTA);
+	root_scc &= PCI_EXP_LNKSTA_SLC;
+
+	/* Get Slot Clock Configuration for endpoint */
+	endp_scc = pci_read_config16(endp, endp_cap + PCI_EXP_LNKSTA);
+	endp_scc &= PCI_EXP_LNKSTA_SLC;
+
+	/* Enable Common Clock Configuration and retrain */
+	if (root_scc && endp_scc) {
+		printk(BIOS_INFO, "Enabling Common Clock Configuration\n");
+
+		/* Set in endpoint */
+		lnkctl = pci_read_config16(endp, endp_cap + PCI_EXP_LNKCTL);
+		lnkctl |= PCI_EXP_LNKCTL_CCC;
+		pci_write_config16(endp, endp_cap + PCI_EXP_LNKCTL, lnkctl);
+
+		/* Set in root port */
+		lnkctl = pci_read_config16(root, root_cap + PCI_EXP_LNKCTL);
+		lnkctl |= PCI_EXP_LNKCTL_CCC;
+		pci_write_config16(root, root_cap + PCI_EXP_LNKCTL, lnkctl);
+
+		/* Retrain link if CCC was enabled */
+		pciexp_retrain_link(root, root_cap);
+	}
+}
+#endif /* CONFIG_PCIEXP_COMMON_CLOCK */
+
+#if CONFIG_PCIEXP_ASPM
+/*
+ * Determine the ASPM L0s or L1 exit latency for a link
+ * by checking both root port and endpoint and returning
+ * the highest latency value.
+ */
+static int pciexp_aspm_latency(device_t root, unsigned root_cap,
+			       device_t endp, unsigned endp_cap,
+			       enum aspm_type type)
+{
+	int root_lat = 0, endp_lat = 0;
+	u32 root_lnkcap, endp_lnkcap;
+
+	root_lnkcap = pci_read_config32(root, root_cap + PCI_EXP_LNKCAP);
+	endp_lnkcap = pci_read_config32(endp, endp_cap + PCI_EXP_LNKCAP);
+
+	/* Make sure the link supports this ASPM type by checking
+	 * capability bits 11:10 with aspm_type offset by 1 */
+	if (!(root_lnkcap & (1 << (type + 9))) ||
+	    !(endp_lnkcap & (1 << (type + 9))))
+		return -1;
+
+	/* Find the one with higher latency */
+	switch (type) {
+	case PCIE_ASPM_L0S:
+		root_lat = (root_lnkcap & PCI_EXP_LNKCAP_L0SEL) >> 12;
+		endp_lat = (endp_lnkcap & PCI_EXP_LNKCAP_L0SEL) >> 12;
+		break;
+	case PCIE_ASPM_L1:
+		root_lat = (root_lnkcap & PCI_EXP_LNKCAP_L1EL) >> 15;
+		endp_lat = (endp_lnkcap & PCI_EXP_LNKCAP_L1EL) >> 15;
+		break;
+	default:
+		return -1;
+	}
+
+	return (endp_lat > root_lat) ? endp_lat : root_lat;
+}
+
+/*
+ * Enable ASPM on PCIe root port and endpoint.
+ *
+ * Returns APMC value:
+ *   -1 = Error
+ *    0 = no ASPM
+ *    1 = L0s Enabled
+ *    2 = L1 Enabled
+ *    3 = L0s and L1 Enabled
+ */
+static enum aspm_type pciexp_enable_aspm(device_t root, unsigned root_cap,
+					 device_t endp, unsigned endp_cap)
+{
+	const char *aspm_type_str[] = { "None", "L0s", "L1", "L0s and L1" };
+	enum aspm_type apmc = PCIE_ASPM_NONE;
+	int exit_latency, ok_latency;
+	u16 lnkctl;
+	u32 devcap;
+
+	/* Get endpoint device capabilities for acceptable limits */
+	devcap = pci_read_config32(endp, endp_cap + PCI_EXP_DEVCAP);
+
+	/* Enable L0s if it is within endpoint acceptable limit */
+	ok_latency = (devcap & PCI_EXP_DEVCAP_L0S) >> 6;
+	exit_latency = pciexp_aspm_latency(root, root_cap, endp, endp_cap,
+					   PCIE_ASPM_L0S);
+	if (exit_latency >= 0 && exit_latency <= ok_latency)
+		apmc |= PCIE_ASPM_L0S;
+
+	/* Enable L1 if it is within endpoint acceptable limit */
+	ok_latency = (devcap & PCI_EXP_DEVCAP_L1) >> 9;
+	exit_latency = pciexp_aspm_latency(root, root_cap, endp, endp_cap,
+					   PCIE_ASPM_L1);
+	if (exit_latency >= 0 && exit_latency <= ok_latency)
+		apmc |= PCIE_ASPM_L1;
+
+	if (apmc != PCIE_ASPM_NONE) {
+		/* Set APMC in root port first */
+		lnkctl = pci_read_config16(root, root_cap + PCI_EXP_LNKCTL);
+		lnkctl |= apmc;
+		pci_write_config16(root, root_cap + PCI_EXP_LNKCTL, lnkctl);
+
+		/* Set APMC in endpoint device next */
+		lnkctl = pci_read_config16(endp, endp_cap + PCI_EXP_LNKCTL);
+		lnkctl |= apmc;
+		pci_write_config16(endp, endp_cap + PCI_EXP_LNKCTL, lnkctl);
+	}
+
+	printk(BIOS_INFO, "ASPM: Enabled %s\n", aspm_type_str[apmc]);
+	return apmc;
+}
+#endif /* CONFIG_PCIEXP_ASPM */
+
+static void pciexp_tune_dev(device_t dev)
+{
+	device_t root = dev->bus->dev;
+	unsigned int root_cap, cap;
+
+	cap = pci_find_capability(dev, PCI_CAP_ID_PCIE);
+	if (!cap)
+		return;
+
+	root_cap = pci_find_capability(root, PCI_CAP_ID_PCIE);
+	if (!root_cap)
+		return;
+
+#if CONFIG_PCIEXP_COMMON_CLOCK
+	/* Check for and enable Common Clock */
+	pciexp_enable_common_clock(root, root_cap, dev, cap);
+#endif
+
+#if CONFIG_PCIEXP_ASPM
+	/* Check for and enable ASPM */
+	enum aspm_type apmc = pciexp_enable_aspm(root, root_cap, dev, cap);
+
+	if (apmc != PCIE_ASPM_NONE) {
+		/* Enable ASPM role based error reporting. */
+		u32 reg32 = pci_read_config32(dev, cap + PCI_EXP_DEVCAP);
+		reg32 |= PCI_EXP_DEVCAP_RBER;
+		pci_write_config32(dev, cap + PCI_EXP_DEVCAP, reg32);
+	}
+#endif
+}
+
+unsigned int pciexp_scan_bus(struct bus *bus, unsigned int min_devfn,
+			     unsigned int max_devfn, unsigned int max)
+{
+	device_t child;
+
+	max = pci_scan_bus(bus, min_devfn, max_devfn, max);
+
+	for (child = bus->children; child; child = child->sibling) {
+		if ((child->path.pci.devfn < min_devfn) ||
+		    (child->path.pci.devfn > max_devfn)) {
+			continue;
+		}
+		pciexp_tune_dev(child);
+	}
+	return max;
+}
+
+unsigned int pciexp_scan_bridge(device_t dev, unsigned int max)
+{
+	return do_pci_scan_bridge(dev, max, pciexp_scan_bus);
+}
+
+/** Default device operations for PCI Express bridges */
+static struct pci_operations pciexp_bus_ops_pci = {
+	.set_subsystem = 0,
+};
+
+struct device_operations default_pciexp_ops_bus = {
+	.read_resources   = pci_bus_read_resources,
+	.set_resources    = pci_dev_set_resources,
+	.enable_resources = pci_bus_enable_resources,
+	.init             = 0,
+	.scan_bus         = pciexp_scan_bridge,
+	.enable           = 0,
+	.reset_bus        = pci_bus_reset,
+	.ops_pci          = &pciexp_bus_ops_pci,
+};
diff --git a/src/device/pcix_device.c b/src/device/pcix_device.c
new file mode 100644
index 0000000..6bfd35d
--- /dev/null
+++ b/src/device/pcix_device.c
@@ -0,0 +1,150 @@
+/*
+ * This file is part of the coreboot project.
+ *
+ * Copyright (C) 2005 Linux Networx
+ * (Written by Eric Biederman <ebiederman at lnxi.com> for Linux Networx)
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; version 2 of the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
+ */
+
+#include <console/console.h>
+#include <device/device.h>
+#include <device/pci.h>
+#include <device/pci_ids.h>
+#include <device/pcix.h>
+
+static void pcix_tune_dev(device_t dev)
+{
+	u32 status;
+	u16 orig_cmd, cmd;
+	unsigned int cap, max_read, max_tran;
+
+	if (dev->hdr_type != PCI_HEADER_TYPE_NORMAL)
+		return;
+
+	cap = pci_find_capability(dev, PCI_CAP_ID_PCIX);
+	if (!cap)
+		return;
+
+	printk(BIOS_DEBUG, "%s PCI-X tuning\n", dev_path(dev));
+
+	status = pci_read_config32(dev, cap + PCI_X_STATUS);
+	orig_cmd = cmd = pci_read_config16(dev, cap + PCI_X_CMD);
+
+	max_read = (status & PCI_X_STATUS_MAX_READ) >> 21;
+	max_tran = (status & PCI_X_STATUS_MAX_SPLIT) >> 23;
+	if (max_read != ((cmd & PCI_X_CMD_MAX_READ) >> 2)) {
+		cmd &= ~PCI_X_CMD_MAX_READ;
+		cmd |= max_read << 2;
+	}
+	if (max_tran != ((cmd & PCI_X_CMD_MAX_SPLIT) >> 4)) {
+		cmd &= ~PCI_X_CMD_MAX_SPLIT;
+		cmd |= max_tran << 4;
+	}
+
+	/* Don't attempt to handle PCI-X errors. */
+	cmd &= ~PCI_X_CMD_DPERR_E;
+
+	/* Enable relaxed ordering. */
+	cmd |= PCI_X_CMD_ERO;
+
+	if (orig_cmd != cmd)
+		pci_write_config16(dev, cap + PCI_X_CMD, cmd);
+}
+
+static void pcix_tune_bus(struct bus *bus)
+{
+	device_t child;
+
+	for (child = bus->children; child; child = child->sibling)
+		pcix_tune_dev(child);
+}
+
+const char *pcix_speed(u16 sstatus)
+{
+	static const char conventional[] = "Conventional PCI";
+	static const char pcix_66mhz[] = "66MHz PCI-X";
+	static const char pcix_100mhz[] = "100MHz PCI-X";
+	static const char pcix_133mhz[] = "133MHz PCI-X";
+	static const char pcix_266mhz[] = "266MHz PCI-X";
+	static const char pcix_533mhz[] = "533MHZ PCI-X";
+	static const char unknown[] = "Unknown";
+	const char *result;
+
+	result = unknown;
+
+	switch (PCI_X_SSTATUS_MFREQ(sstatus)) {
+	case PCI_X_SSTATUS_CONVENTIONAL_PCI:
+		result = conventional;
+		break;
+	case PCI_X_SSTATUS_MODE1_66MHZ:
+		result = pcix_66mhz;
+		break;
+	case PCI_X_SSTATUS_MODE1_100MHZ:
+		result = pcix_100mhz;
+		break;
+	case PCI_X_SSTATUS_MODE1_133MHZ:
+		result = pcix_133mhz;
+		break;
+	case PCI_X_SSTATUS_MODE2_266MHZ_REF_66MHZ:
+	case PCI_X_SSTATUS_MODE2_266MHZ_REF_100MHZ:
+	case PCI_X_SSTATUS_MODE2_266MHZ_REF_133MHZ:
+		result = pcix_266mhz;
+		break;
+	case PCI_X_SSTATUS_MODE2_533MHZ_REF_66MHZ:
+	case PCI_X_SSTATUS_MODE2_533MHZ_REF_100MHZ:
+	case PCI_X_SSTATUS_MODE2_533MHZ_REF_133MHZ:
+		result = pcix_533mhz;
+		break;
+	}
+
+	return result;
+}
+
+unsigned int pcix_scan_bridge(device_t dev, unsigned int max)
+{
+	unsigned int pos;
+	u16 sstatus;
+
+	max = do_pci_scan_bridge(dev, max, pci_scan_bus);
+
+	/* Find the PCI-X capability. */
+	pos = pci_find_capability(dev, PCI_CAP_ID_PCIX);
+	sstatus = pci_read_config16(dev, pos + PCI_X_SEC_STATUS);
+
+	if (PCI_X_SSTATUS_MFREQ(sstatus) != PCI_X_SSTATUS_CONVENTIONAL_PCI)
+		pcix_tune_bus(dev->link_list);
+
+	/* Print the PCI-X bus speed. */
+	printk(BIOS_DEBUG, "PCI: %02x: %s\n", dev->link_list->secondary,
+	       pcix_speed(sstatus));
+
+	return max;
+}
+
+/** Default device operations for PCI-X bridges */
+static struct pci_operations pcix_bus_ops_pci = {
+	.set_subsystem = 0,
+};
+
+struct device_operations default_pcix_ops_bus = {
+	.read_resources   = pci_bus_read_resources,
+	.set_resources    = pci_dev_set_resources,
+	.enable_resources = pci_bus_enable_resources,
+	.init             = 0,
+	.scan_bus         = pcix_scan_bridge,
+	.enable           = 0,
+	.reset_bus        = pci_bus_reset,
+	.ops_pci          = &pcix_bus_ops_pci,
+};
diff --git a/src/device/pnp_device.c b/src/device/pnp_device.c
new file mode 100644
index 0000000..19b492d
--- /dev/null
+++ b/src/device/pnp_device.c
@@ -0,0 +1,304 @@
+/*
+ * This file is part of the coreboot project.
+ *
+ * Copyright (C) 2004 Linux Networx
+ * (Written by Eric Biederman <ebiederman at lnxi.com> for Linux Networx)
+ * Copyright (C) 2004 Li-Ta Lo <ollie at lanl.gov>
+ * Copyright (C) 2005 Tyan
+ * (Written by Yinghai Lu <yhlu at tyan.com> for Tyan)
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; version 2 of the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
+ */
+
+#include <console/console.h>
+#include <stdlib.h>
+#include <stdint.h>
+#include <string.h>
+#include <arch/io.h>
+#include <device/device.h>
+#include <device/pnp.h>
+
+/* PNP fundamental operations */
+
+void pnp_write_config(device_t dev, u8 reg, u8 value)
+{
+	outb(reg, dev->path.pnp.port);
+	outb(value, dev->path.pnp.port + 1);
+}
+
+u8 pnp_read_config(device_t dev, u8 reg)
+{
+	outb(reg, dev->path.pnp.port);
+	return inb(dev->path.pnp.port + 1);
+}
+
+void pnp_set_logical_device(device_t dev)
+{
+	pnp_write_config(dev, 0x07, dev->path.pnp.device & 0xff);
+}
+
+void pnp_set_enable(device_t dev, int enable)
+{
+	u8 tmp, bitpos;
+
+	tmp = pnp_read_config(dev, 0x30);
+
+	/* Handle virtual devices, which share the same LDN register. */
+	bitpos = (dev->path.pnp.device >> 8) & 0x7;
+
+	if (enable)
+		tmp |= (1 << bitpos);
+	else
+		tmp &= ~(1 << bitpos);
+
+	pnp_write_config(dev, 0x30, tmp);
+}
+
+int pnp_read_enable(device_t dev)
+{
+	u8 tmp, bitpos;
+
+	tmp = pnp_read_config(dev, 0x30);
+
+	/* Handle virtual devices, which share the same LDN register. */
+	bitpos = (dev->path.pnp.device >> 8) & 0x7;
+
+	return !!(tmp & (1 << bitpos));
+}
+
+void pnp_set_iobase(device_t dev, u8 index, u16 iobase)
+{
+	/* Index == 0x60 or 0x62. */
+	pnp_write_config(dev, index + 0, (iobase >> 8) & 0xff);
+	pnp_write_config(dev, index + 1, iobase & 0xff);
+}
+
+void pnp_set_irq(device_t dev, u8 index, u8 irq)
+{
+	/* Index == 0x70 or 0x72. */
+	pnp_write_config(dev, index, irq);
+}
+
+void pnp_set_drq(device_t dev, u8 index, u8 drq)
+{
+	/* Index == 0x74. */
+	pnp_write_config(dev, index, drq & 0xff);
+}
+
+/* PNP device operations */
+
+void pnp_read_resources(device_t dev)
+{
+	return;
+}
+
+static void pnp_set_resource(device_t dev, struct resource *resource)
+{
+	if (!(resource->flags & IORESOURCE_ASSIGNED)) {
+		printk(BIOS_ERR, "ERROR: %s %02lx %s size: 0x%010llx "
+		       "not assigned\n", dev_path(dev), resource->index,
+		       resource_type(resource), resource->size);
+		return;
+	}
+
+	/* Now store the resource. */
+	if (resource->flags & IORESOURCE_IO) {
+		pnp_set_iobase(dev, resource->index, resource->base);
+	} else if (resource->flags & IORESOURCE_DRQ) {
+		pnp_set_drq(dev, resource->index, resource->base);
+	} else if (resource->flags & IORESOURCE_IRQ) {
+		pnp_set_irq(dev, resource->index, resource->base);
+	} else {
+		printk(BIOS_ERR, "ERROR: %s %02lx unknown resource type\n",
+		       dev_path(dev), resource->index);
+		return;
+	}
+	resource->flags |= IORESOURCE_STORED;
+
+	report_resource_stored(dev, resource, "");
+}
+
+void pnp_set_resources(device_t dev)
+{
+	struct resource *res;
+
+	/* Select the logical device (LDN). */
+	pnp_set_logical_device(dev);
+
+	/* Paranoia says I should disable the device here... */
+	for (res = dev->resource_list; res; res = res->next)
+		pnp_set_resource(dev, res);
+}
+
+void pnp_enable_resources(device_t dev)
+{
+	pnp_set_logical_device(dev);
+	pnp_set_enable(dev, 1);
+}
+
+void pnp_enable(device_t dev)
+{
+	if (!dev->enabled) {
+		pnp_set_logical_device(dev);
+		pnp_set_enable(dev, 0);
+	}
+}
+
+struct device_operations pnp_ops = {
+	.read_resources   = pnp_read_resources,
+	.set_resources    = pnp_set_resources,
+	.enable_resources = pnp_enable_resources,
+	.enable           = pnp_enable,
+};
+
+/* PNP chip operations */
+
+static void pnp_get_ioresource(device_t dev, u8 index, struct io_info *info)
+{
+	struct resource *resource;
+	unsigned moving, gran, step;
+
+	if (!info->mask) {
+		printk(BIOS_ERR, "ERROR: device %s index %d has no mask.\n",
+				dev_path(dev), index);
+		return;
+	}
+
+	resource = new_resource(dev, index);
+
+	/* Initilize the resource. */
+	resource->limit = 0xffff;
+	resource->flags |= IORESOURCE_IO;
+
+	/* Get the resource size... */
+
+	moving = info->mask;
+	gran = 15;
+	step = 1 << gran;
+
+	/* Find the first bit that moves. */
+	while ((moving & step) == 0) {
+		gran--;
+		step >>= 1;
+	}
+
+	/* Now find the first bit that does not move. */
+	while ((moving & step) != 0) {
+		gran--;
+		step >>= 1;
+	}
+
+	/*
+	 * Of the moving bits the last bit in the first group,
+	 * tells us the size of this resource.
+	 */
+	if ((moving & step) == 0) {
+		gran++;
+		step <<= 1;
+	}
+
+	/* Set the resource size and alignment. */
+	resource->gran  = gran;
+	resource->align = gran;
+	resource->limit = info->mask | (step - 1);
+	resource->size  = 1 << gran;
+}
+
+static void get_resources(device_t dev, struct pnp_info *info)
+{
+	struct resource *resource;
+
+	if (info->flags & PNP_IO0)
+		pnp_get_ioresource(dev, PNP_IDX_IO0, &info->io0);
+	if (info->flags & PNP_IO1)
+		pnp_get_ioresource(dev, PNP_IDX_IO1, &info->io1);
+	if (info->flags & PNP_IO2)
+		pnp_get_ioresource(dev, PNP_IDX_IO2, &info->io2);
+	if (info->flags & PNP_IO3)
+		pnp_get_ioresource(dev, PNP_IDX_IO3, &info->io3);
+
+	if (info->flags & PNP_IRQ0) {
+		resource = new_resource(dev, PNP_IDX_IRQ0);
+		resource->size = 1;
+		resource->flags |= IORESOURCE_IRQ;
+	}
+	if (info->flags & PNP_IRQ1) {
+		resource = new_resource(dev, PNP_IDX_IRQ1);
+		resource->size = 1;
+		resource->flags |= IORESOURCE_IRQ;
+	}
+
+	if (info->flags & PNP_DRQ0) {
+		resource = new_resource(dev, PNP_IDX_DRQ0);
+		resource->size = 1;
+		resource->flags |= IORESOURCE_DRQ;
+	}
+	if (info->flags & PNP_DRQ1) {
+		resource = new_resource(dev, PNP_IDX_DRQ1);
+		resource->size = 1;
+		resource->flags |= IORESOURCE_DRQ;
+	}
+
+	/*
+	 * These are not IRQs, but set the flag to have the
+	 * resource allocator do the right thing.
+	 */
+	if (info->flags & PNP_EN) {
+		resource = new_resource(dev, PNP_IDX_EN);
+		resource->size = 1;
+		resource->flags |= IORESOURCE_IRQ;
+	}
+	if (info->flags & PNP_MSC0) {
+		resource = new_resource(dev, PNP_IDX_MSC0);
+		resource->size = 1;
+		resource->flags |= IORESOURCE_IRQ;
+	}
+	if (info->flags & PNP_MSC1) {
+		resource = new_resource(dev, PNP_IDX_MSC1);
+		resource->size = 1;
+		resource->flags |= IORESOURCE_IRQ;
+	}
+}
+
+void pnp_enable_devices(device_t base_dev, struct device_operations *ops,
+			unsigned int functions, struct pnp_info *info)
+{
+	struct device_path path;
+	device_t dev;
+	int i;
+
+	path.type = DEVICE_PATH_PNP;
+	path.pnp.port = base_dev->path.pnp.port;
+
+	/* Setup the ops and resources on the newly allocated devices. */
+	for (i = 0; i < functions; i++) {
+		/* Skip logical devices this Super I/O doesn't have. */
+		if (info[i].function == -1)
+			continue;
+
+		path.pnp.device = info[i].function;
+		dev = alloc_find_dev(base_dev->bus, &path);
+
+		/* Don't initialize a device multiple times. */
+		if (dev->ops)
+			continue;
+
+		if (info[i].ops == 0)
+			dev->ops = ops;
+		else
+			dev->ops = info[i].ops;
+
+		get_resources(dev, &info[i]);
+	}
+}
diff --git a/src/device/root_device.c b/src/device/root_device.c
new file mode 100644
index 0000000..8ff2fde
--- /dev/null
+++ b/src/device/root_device.c
@@ -0,0 +1,166 @@
+/*
+ * This file is part of the coreboot project.
+ *
+ * Copyright (C) 2003-2004 Linux Networx
+ * (Written by Eric Biederman <ebiederman at lnxi.com> for Linux Networx)
+ * Copyright (C) 2003 Ronald G. Minnich <rminnich at gmail.com>
+ * Copyright (C) 2004-2005 Li-Ta Lo <ollie at lanl.gov>
+ * Copyright (C) 2005 Tyan
+ * (Written by Yinghai Lu <yhlu at tyan.com> for Tyan)
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; version 2 of the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
+ */
+
+#include <console/console.h>
+#include <device/device.h>
+#include <device/pci.h>
+#include <reset.h>
+
+const char mainboard_name[] = CONFIG_MAINBOARD_VENDOR " " CONFIG_MAINBOARD_PART_NUMBER;
+
+/**
+ * Read the resources for the root device, that encompass the resources for
+ * the entire system.
+ *
+ * @param root Pointer to the device structure for the system root device.
+ */
+static void root_dev_read_resources(device_t root)
+{
+	printk(BIOS_ERR, "%s should never be called.\n", __func__);
+}
+
+/**
+ * Write the resources for every device.
+ *
+ * Write the resources for the root device, and every device under it which
+ * are all of the devices.
+ *
+ * @param root Pointer to the device structure for the system root device.
+ */
+static void root_dev_set_resources(device_t root)
+{
+	printk(BIOS_ERR, "%s should never be called.\n", __func__);
+}
+
+/**
+ * Scan devices on static buses.
+ *
+ * The enumeration of certain buses is purely static. The existence of
+ * devices on those buses can be completely determined at compile time
+ * and is specified in the config file. Typical examples are the 'PNP'
+ * devices on a legacy ISA/LPC bus. There is no need of probing of any kind,
+ * the only thing we have to do is to walk through the bus and
+ * enable or disable devices as indicated in the config file.
+ *
+ * On the other hand, some devices are virtual and their existence is
+ * artificial. They can not be probed at run time. One example is the
+ * debug device. Those virtual devices have to be listed in the config
+ * file under some static bus in order to be enumerated at run time.
+ *
+ * This function is the default scan_bus() method for the root device and
+ * LPC bridges.
+ *
+ * @param bus Pointer to the device to which the static buses are attached to.
+ * @param max Maximum bus number currently used before scanning.
+ * @return The largest bus number used.
+ */
+static int smbus_max = 0;
+unsigned int scan_static_bus(device_t bus, unsigned int max)
+{
+	device_t child;
+	struct bus *link;
+
+	printk(BIOS_SPEW, "%s for %s\n", __func__, dev_path(bus));
+
+	for (link = bus->link_list; link; link = link->next) {
+		/* For SMBus bus enumerate. */
+		child = link->children;
+
+		if (child && child->path.type == DEVICE_PATH_I2C)
+			link->secondary = ++smbus_max;
+
+		for (child = link->children; child; child = child->sibling) {
+			if (child->chip_ops && child->chip_ops->enable_dev)
+				child->chip_ops->enable_dev(child);
+
+			if (child->ops && child->ops->enable)
+				child->ops->enable(child);
+
+			if (child->path.type == DEVICE_PATH_I2C) {
+				printk(BIOS_DEBUG, "smbus: %s[%d]->",
+				       dev_path(child->bus->dev),
+				       child->bus->link_num);
+			}
+			printk(BIOS_DEBUG, "%s %s\n", dev_path(child),
+			       child->enabled ? "enabled" : "disabled");
+		}
+	}
+
+	for (link = bus->link_list; link; link = link->next) {
+		for (child = link->children; child; child = child->sibling) {
+			if (!child->ops || !child->ops->scan_bus)
+				continue;
+			printk(BIOS_SPEW, "%s scanning...\n", dev_path(child));
+			max = scan_bus(child, max);
+		}
+	}
+
+	printk(BIOS_SPEW, "%s for %s done\n", __func__, dev_path(bus));
+
+	return max;
+}
+
+static void root_dev_enable_resources(device_t dev)
+{
+}
+
+/**
+ * Scan root bus for generic systems.
+ *
+ * This function is the default scan_bus() method of the root device.
+ *
+ * @param root The root device structure.
+ * @param max The current bus number scanned so far, usually 0x00.
+ * @return The largest bus number used.
+ */
+static unsigned int root_dev_scan_bus(device_t root, unsigned int max)
+{
+	return scan_static_bus(root, max);
+}
+
+static void root_dev_init(device_t root)
+{
+}
+
+static void root_dev_reset(struct bus *bus)
+{
+	printk(BIOS_INFO, "Resetting board...\n");
+	hard_reset();
+}
+
+/**
+ * Default device operation for root device.
+ *
+ * This is the default device operation for root devices. These operations
+ * should be fully usable as is. However the chip_operations::enable_dev()
+ * of a motherboard can override this if you want non-default behavior.
+ */
+struct device_operations default_dev_ops_root = {
+	.read_resources   = root_dev_read_resources,
+	.set_resources    = root_dev_set_resources,
+	.enable_resources = root_dev_enable_resources,
+	.init             = root_dev_init,
+	.scan_bus         = root_dev_scan_bus,
+	.reset_bus        = root_dev_reset,
+};
diff --git a/src/device/smbus_ops.c b/src/device/smbus_ops.c
new file mode 100644
index 0000000..75ca42b
--- /dev/null
+++ b/src/device/smbus_ops.c
@@ -0,0 +1,137 @@
+/*
+ * This file is part of the coreboot project.
+ *
+ * Copyright (C) 2004 Tyan
+ * (Written by Yinghai Lu <yhlu at tyan.com> for Tyan)
+ * Copyright (C) 2004 Li-Ta Lo <ollie at lanl.gov>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; version 2 of the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
+ */
+
+#include <console/console.h>
+#include <stdint.h>
+#include <device/device.h>
+#include <device/path.h>
+#include <device/smbus.h>
+
+struct bus *get_pbus_smbus(device_t dev)
+{
+	struct bus *pbus = dev->bus;
+
+	while (pbus && pbus->dev && !ops_smbus_bus(pbus))
+		pbus = pbus->dev->bus;
+
+	if (!pbus || !pbus->dev || !pbus->dev->ops
+	    || !pbus->dev->ops->ops_smbus_bus) {
+		printk(BIOS_ALERT, "%s Cannot find SMBus bus operations",
+		       dev_path(dev));
+		die("");
+	}
+
+	return pbus;
+}
+
+/*
+ * Multi-level I2C MUX? May need to find the first I2C device and then set link
+ * down to current dev.
+ *
+ * 1 store get_pbus_smbus list link
+ * 2 reverse the link and call set link.
+ *
+ * @param dev TODO.
+ */
+int smbus_set_link(device_t dev)
+{
+	struct bus *pbus_a[4]; // 4 level mux only. Enough?
+	struct bus *pbus = dev->bus;
+	int pbus_num = 0;
+	int i;
+
+	while (pbus && pbus->dev && (pbus->dev->path.type == DEVICE_PATH_I2C)) {
+		pbus_a[pbus_num++] = pbus;
+		pbus = pbus->dev->bus;
+	}
+
+	// printk(BIOS_INFO, "smbus_set_link: ");
+	for (i = pbus_num - 1; i >= 0; i--) {
+		// printk(BIOS_INFO, " %s[%d] -> ", dev_path(pbus_a[i]->dev),
+		// pbus_a[i]->link);
+		if (ops_smbus_bus(get_pbus_smbus(pbus_a[i]->dev))) {
+			if (pbus_a[i]->dev->ops
+			    && pbus_a[i]->dev->ops->set_link)
+				pbus_a[i]->dev->ops->set_link(pbus_a[i]->dev,
+							pbus_a[i]->link_num);
+		}
+	}
+	// printk(BIOS_INFO, " %s\n", dev_path(dev));
+
+	return pbus_num;
+}
+
+int smbus_quick_read(device_t dev)
+{
+	return ops_smbus_bus(get_pbus_smbus(dev))->quick_read(dev);
+}
+
+int smbus_quick_write(device_t dev)
+{
+	return ops_smbus_bus(get_pbus_smbus(dev))->quick_write(dev);
+}
+
+int smbus_recv_byte(device_t dev)
+{
+	return ops_smbus_bus(get_pbus_smbus(dev))->recv_byte(dev);
+}
+
+int smbus_send_byte(device_t dev, u8 byte)
+{
+	return ops_smbus_bus(get_pbus_smbus(dev))->send_byte(dev, byte);
+}
+
+int smbus_read_byte(device_t dev, u8 addr)
+{
+	return ops_smbus_bus(get_pbus_smbus(dev))->read_byte(dev, addr);
+}
+
+int smbus_write_byte(device_t dev, u8 addr, u8 val)
+{
+	return ops_smbus_bus(get_pbus_smbus(dev))->write_byte(dev, addr, val);
+}
+
+int smbus_read_word(device_t dev, u8 addr)
+{
+	return ops_smbus_bus(get_pbus_smbus(dev))->read_word(dev, addr);
+}
+
+int smbus_write_word(device_t dev, u8 addr, u16 val)
+{
+	return ops_smbus_bus(get_pbus_smbus(dev))->write_word(dev, addr, val);
+}
+
+int smbus_process_call(device_t dev, u8 cmd, u16 data)
+{
+	return ops_smbus_bus(get_pbus_smbus(dev))->process_call(dev, cmd, data);
+}
+
+int smbus_block_read(device_t dev, u8 cmd, u8 bytes, u8 *buffer)
+{
+	return ops_smbus_bus(get_pbus_smbus(dev))->block_read(dev, cmd,
+							      bytes, buffer);
+}
+
+int smbus_block_write(device_t dev, u8 cmd, u8 bytes, const u8 *buffer)
+{
+	return ops_smbus_bus(get_pbus_smbus(dev))->block_write(dev, cmd,
+							       bytes, buffer);
+}
diff --git a/src/devices/Kconfig b/src/devices/Kconfig
deleted file mode 100644
index 700516b..0000000
--- a/src/devices/Kconfig
+++ /dev/null
@@ -1,449 +0,0 @@
-##
-## This file is part of the coreboot project.
-##
-## Copyright (C) 2007-2010 coresystems GmbH
-## (Written by Stefan Reinauer <stepan at coresystems.de> for coresystems GmbH)
-##
-## This program is free software; you can redistribute it and/or modify
-## it under the terms of the GNU General Public License as published by
-## the Free Software Foundation; version 2 of the License.
-##
-## This program is distributed in the hope that it will be useful,
-## but WITHOUT ANY WARRANTY; without even the implied warranty of
-## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-## GNU General Public License for more details.
-##
-## You should have received a copy of the GNU General Public License
-## along with this program; if not, write to the Free Software
-## Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
-##
-
-menu "Devices"
-# TODO: Explain differences (if any) for onboard cards.
-config VGA_ROM_RUN
-	bool "Run VGA Option ROMs"
-	default n if PAYLOAD_SEABIOS
-	default y if !PAYLOAD_SEABIOS
-	depends on !PAYLOAD_SEABIOS || EXPERT
-	help
-	  Execute VGA Option ROMs in coreboot if found. This is required
-	  to enable PCI/AGP/PCI-E video cards when not using a SeaBIOS
-	  payload.
-
-	  When using a SeaBIOS payload it runs all option ROMs with much
-	  more complete BIOS interrupt services available than coreboot,
-	  which some option ROMs require in order to function correctly.
-
-	  If unsure, say N when using SeaBIOS as payload, Y otherwise.
-
-config S3_VGA_ROM_RUN
-	bool "Re-run VGA Option ROMs on S3 resume"
-	default y
-	depends on VGA_ROM_RUN && HAVE_ACPI_RESUME
-	help
-	  Execute VGA Option ROMs in coreboot when resuming from S3 suspend.
-
-	  When using a SeaBIOS payload it runs all option ROMs with much
-	  more complete BIOS interrupt services available than coreboot,
-	  which some option ROMs require in order to function correctly.
-
-	  If unsure, say N when using SeaBIOS as payload, Y otherwise.
-
-config PCI_ROM_RUN
-	bool "Run non-VGA Option ROMs"
-	default n if PAYLOAD_SEABIOS
-	default y if !PAYLOAD_SEABIOS
-	depends on !PAYLOAD_SEABIOS || EXPERT
-	help
-	  Execute non-VGA PCI Option ROMs in coreboot if found.
-
-	  Examples include IDE/SATA controller Option ROMs and Option ROMs
-	  for network cards (NICs).
-
-	  When using a SeaBIOS payload it runs all option ROMs with much
-	  more complete BIOS interrupt services available than coreboot,
-	  which some option ROMs require in order to function correctly.
-
-	  If unsure, say N when using SeaBIOS as payload, Y otherwise.
-
-config ON_DEVICE_ROM_RUN
-	bool "Run Option ROMs on PCI devices"
-	default n if PAYLOAD_SEABIOS
-	default y if !PAYLOAD_SEABIOS
-	depends on !PAYLOAD_SEABIOS || EXPERT
-	help
-	  Execute Option ROMs stored on PCI/PCIe/AGP devices in coreboot.
-
-	  If disabled, only Option ROMs stored in CBFS will be executed by
-	  coreboot. If you are concerned about security, you might want to
-	  disable this option, but it might leave your system in a state of
-	  degraded functionality.
-
-	  When using a SeaBIOS payload it runs all option ROMs with much
-	  more complete BIOS interrupt services available than coreboot,
-	  which some option ROMs require in order to function correctly.
-
-	  If unsure, say N when using SeaBIOS as payload, Y otherwise.
-
-choice
-	prompt "Option ROM execution type"
-	default PCI_OPTION_ROM_RUN_YABEL if !ARCH_X86
-	default PCI_OPTION_ROM_RUN_REALMODE if ARCH_X86
-	depends on PCI_ROM_RUN || VGA_ROM_RUN || GEODE_VSA
-
-config PCI_OPTION_ROM_RUN_REALMODE
-	prompt "Native mode"
-	bool
-	depends on ARCH_X86
-	help
-	  If you select this option, PCI Option ROMs will be executed
-	  natively on the CPU in real mode. No CPU emulation is involved,
-	  so this is the fastest, but also the least secure option.
-	  (only works on x86/x64 systems)
-
-config PCI_OPTION_ROM_RUN_YABEL
-	prompt "Secure mode"
-	bool
-	depends on !GEODE_VSA
-	help
-	  If you select this option, the x86emu CPU emulator will be used to
-	  execute PCI Option ROMs.
-
-	  This option prevents Option ROMs from doing dirty tricks with the
-	  system (such as installing SMM modules or hypervisors), but it is
-	  also significantly slower than the native Option ROM initialization
-	  method.
-
-	  This is the default choice for non-x86 systems.
-
-endchoice
-
-config YABEL_PCI_ACCESS_OTHER_DEVICES
-	prompt "Allow Option ROMs to access other devices"
-	bool
-	depends on PCI_OPTION_ROM_RUN_YABEL
-	help
-	  Per default, YABEL only allows Option ROMs to access the PCI device
-	  that they are associated with. However, this causes trouble for some
-	  onboard graphics chips whose Option ROM needs to reconfigure the
-	  north bridge.
-
-config YABEL_PCI_FAKE_WRITING_OTHER_DEVICES_CONFIG
-	prompt "Fake success on writing other device's config space"
-	bool
-	depends on YABEL_PCI_ACCESS_OTHER_DEVICES
-	help
-	  By default, YABEL aborts when the Option ROM tries to write to other
-	  devices' config spaces. With this option enabled, the write doesn't
-	  follow through, but the Option ROM is allowed to go on.
-	  This can create issues such as hanging Option ROMs (if it depends on
-	  that other register changing to the written value), so test for
-	  impact before using this option.
-
-config YABEL_VIRTMEM_LOCATION
-	prompt "Location of YABEL's virtual memory"
-	hex
-	depends on PCI_OPTION_ROM_RUN_YABEL && EXPERT
-	default 0x1000000
-	help
-	  YABEL requires 1MB memory for its CPU emulation. This memory is
-	  normally located at 16MB.
-
-config YABEL_VIRTMEM_LOCATION
-	hex
-	depends on PCI_OPTION_ROM_RUN_YABEL && !EXPERT
-	default 0x1000000
-
-config YABEL_DIRECTHW
-	prompt "Direct hardware access"
-	bool
-	depends on PCI_OPTION_ROM_RUN_YABEL
-	help
-	  YABEL consists of two parts: It uses x86emu for the CPU emulation and
-	  additionally provides a PC system emulation that filters bad device
-	  and memory access (such as PCI config space access to other devices
-	  than the initialized one).
-
-	  When choosing this option, x86emu will pass through all hardware
-	  accesses to memory and I/O devices to the underlying memory and I/O
-	  addresses. While this option prevents Option ROMs from doing dirty
-	  tricks with the CPU (such as installing SMM modules or hypervisors),
-	  they can still access all devices in the system.
-	  Enable this option for a good compromise between security and speed.
-
-config MULTIPLE_VGA_ADAPTERS
-	bool
-	default n
-
-config PCI
-	bool
-	default n
-
-config PCI_64BIT_PREF_MEM
-	bool
-	depends on PCI
-	default n
-
-config HYPERTRANSPORT_PLUGIN_SUPPORT
-	bool
-	depends on PCI
-	default n
-
-config PCIX_PLUGIN_SUPPORT
-	bool
-	depends on PCI
-	default y
-
-config PCIEXP_PLUGIN_SUPPORT
-	bool
-	depends on PCI
-	default y
-
-config AGP_PLUGIN_SUPPORT
-	bool
-	depends on PCI
-	default y
-
-config CARDBUS_PLUGIN_SUPPORT
-	bool
-	depends on PCI
-	default y
-
-config PCIEXP_COMMON_CLOCK
-	prompt "Enable PCIe Common Clock"
-	bool
-	default n
-	help
-	  Detect and enable Common Clock on PCIe links.
-
-config PCIEXP_ASPM
-	prompt "Enable PCIe ASPM"
-	bool
-	default n
-	help
-	  Detect and enable ASPM on PCIe links.
-
-config PCI_BUS_SEGN_BITS
-	int
-	default 0
-endmenu
-
-menu "VGA BIOS"
-
-config VGA_BIOS
-	bool "Add a VGA BIOS image"
-	help
-	  Select this option if you have a VGA BIOS image that you would
-	  like to add to your ROM.
-
-	  You will be able to specify the location and file name of the
-	  image later.
-
-config VGA_BIOS_FILE
-	string "VGA BIOS path and filename"
-	depends on VGA_BIOS
-	default "vgabios.bin"
-	help
-	  The path and filename of the file to use as VGA BIOS.
-
-config VGA_BIOS_ID
-	string "VGA device PCI IDs"
-	depends on VGA_BIOS
-	default "1106,3230"
-	help
-	  The comma-separated PCI vendor and device ID that would associate
-	  your VGA BIOS to your video card.
-
-	  Example: 1106,3230
-
-	  In the above example 1106 is the PCI vendor ID (in hex, but without
-	  the "0x" prefix) and 3230 specifies the PCI device ID of the
-	  video card (also in hex, without "0x" prefix).
-
-config INTEL_MBI
-	bool "Add an MBI image"
-	depends on NORTHBRIDGE_INTEL_I82830
-	help
-	  Select this option if you have an Intel MBI image that you would
-	  like to add to your ROM.
-
-	  You will be able to specify the location and file name of the
-	  image later.
-
-config MBI_FILE
-	string "Intel MBI path and filename"
-	depends on INTEL_MBI
-	default "mbi.bin"
-	help
-	  The path and filename of the file to use as VGA BIOS.
-
-endmenu
-
-menu "Display"
-	depends on PCI_OPTION_ROM_RUN_YABEL || PCI_OPTION_ROM_RUN_REALMODE
-
-config FRAMEBUFFER_SET_VESA_MODE
-	prompt "Set VESA framebuffer mode"
-	bool
-	depends on PCI_OPTION_ROM_RUN_YABEL || PCI_OPTION_ROM_RUN_REALMODE
-	help
-	  Set VESA framebuffer mode (needed for bootsplash)
-
-choice
-	prompt "VESA framebuffer video mode"
-	default FRAMEBUFFER_VESA_MODE_117
-	depends on FRAMEBUFFER_SET_VESA_MODE
-	help
-	  This option sets the resolution used for the coreboot framebuffer (and
-	  bootsplash screen).
-
-config FRAMEBUFFER_VESA_MODE_100
-	bool "640x400 256-color"
-
-config FRAMEBUFFER_VESA_MODE_101
-	bool "640x480 256-color"
-
-config FRAMEBUFFER_VESA_MODE_102
-	bool "800x600 16-color"
-
-config FRAMEBUFFER_VESA_MODE_103
-	bool "800x600 256-color"
-
-config FRAMEBUFFER_VESA_MODE_104
-	bool "1024x768 16-color"
-
-config FRAMEBUFFER_VESA_MODE_105
-	bool "1024x7686 256-color"
-
-config FRAMEBUFFER_VESA_MODE_106
-	bool "1280x1024 16-color"
-
-config FRAMEBUFFER_VESA_MODE_107
-	bool "1280x1024 256-color"
-
-config FRAMEBUFFER_VESA_MODE_108
-	bool "80x60 text"
-
-config FRAMEBUFFER_VESA_MODE_109
-	bool "132x25 text"
-
-config FRAMEBUFFER_VESA_MODE_10A
-	bool "132x43 text"
-
-config FRAMEBUFFER_VESA_MODE_10B
-	bool "132x50 text"
-
-config FRAMEBUFFER_VESA_MODE_10C
-	bool "132x60 text"
-
-config FRAMEBUFFER_VESA_MODE_10D
-	bool "320x200 32k-color (1:5:5:5)"
-
-config FRAMEBUFFER_VESA_MODE_10E
-	bool "320x200 64k-color (5:6:5)"
-
-config FRAMEBUFFER_VESA_MODE_10F
-	bool "320x200 16.8M-color (8:8:8)"
-
-config FRAMEBUFFER_VESA_MODE_110
-	bool "640x480 32k-color (1:5:5:5)"
-
-config FRAMEBUFFER_VESA_MODE_111
-	bool "640x480 64k-color (5:6:5)"
-
-config FRAMEBUFFER_VESA_MODE_112
-	bool "640x480 16.8M-color (8:8:8)"
-
-config FRAMEBUFFER_VESA_MODE_113
-	bool "800x600 32k-color (1:5:5:5)"
-
-config FRAMEBUFFER_VESA_MODE_114
-	bool "800x600 64k-color (5:6:5)"
-
-config FRAMEBUFFER_VESA_MODE_115
-	bool "800x600 16.8M-color (8:8:8)"
-
-config FRAMEBUFFER_VESA_MODE_116
-	bool "1024x768 32k-color (1:5:5:5)"
-
-config FRAMEBUFFER_VESA_MODE_117
-	bool "1024x768 64k-color (5:6:5)"
-
-config FRAMEBUFFER_VESA_MODE_118
-	bool "1024x768 16.8M-color (8:8:8)"
-
-config FRAMEBUFFER_VESA_MODE_119
-	bool "1280x1024 32k-color (1:5:5:5)"
-
-config FRAMEBUFFER_VESA_MODE_11A
-	bool "1280x1024 64k-color (5:6:5)"
-
-config FRAMEBUFFER_VESA_MODE_11B
-	bool "1280x1024 16.8M-color (8:8:8)"
-
-config FRAMEBUFFER_VESA_MODE_USER
-	bool "Manually select VESA mode"
-
-endchoice
-
-# Map the config names to an integer (KB).
-config FRAMEBUFFER_VESA_MODE
-	prompt "VESA mode" if FRAMEBUFFER_VESA_MODE_USER
-	hex
-	default 0x100 if FRAMEBUFFER_VESA_MODE_100
-	default 0x101 if FRAMEBUFFER_VESA_MODE_101
-	default 0x102 if FRAMEBUFFER_VESA_MODE_102
-	default 0x103 if FRAMEBUFFER_VESA_MODE_103
-	default 0x104 if FRAMEBUFFER_VESA_MODE_104
-	default 0x105 if FRAMEBUFFER_VESA_MODE_105
-	default 0x106 if FRAMEBUFFER_VESA_MODE_106
-	default 0x107 if FRAMEBUFFER_VESA_MODE_107
-	default 0x108 if FRAMEBUFFER_VESA_MODE_108
-	default 0x109 if FRAMEBUFFER_VESA_MODE_109
-	default 0x10A if FRAMEBUFFER_VESA_MODE_10A
-	default 0x10B if FRAMEBUFFER_VESA_MODE_10B
-	default 0x10C if FRAMEBUFFER_VESA_MODE_10C
-	default 0x10D if FRAMEBUFFER_VESA_MODE_10D
-	default 0x10E if FRAMEBUFFER_VESA_MODE_10E
-	default 0x10F if FRAMEBUFFER_VESA_MODE_10F
-	default 0x110 if FRAMEBUFFER_VESA_MODE_110
-	default 0x111 if FRAMEBUFFER_VESA_MODE_111
-	default 0x112 if FRAMEBUFFER_VESA_MODE_112
-	default 0x113 if FRAMEBUFFER_VESA_MODE_113
-	default 0x114 if FRAMEBUFFER_VESA_MODE_114
-	default 0x115 if FRAMEBUFFER_VESA_MODE_115
-	default 0x116 if FRAMEBUFFER_VESA_MODE_116
-	default 0x117 if FRAMEBUFFER_VESA_MODE_117
-	default 0x118 if FRAMEBUFFER_VESA_MODE_118
-	default 0x119 if FRAMEBUFFER_VESA_MODE_119
-	default 0x11A if FRAMEBUFFER_VESA_MODE_11A
-	default 0x11B if FRAMEBUFFER_VESA_MODE_11B
-	default 0x117 if FRAMEBUFFER_VESA_MODE_USER
-
-config FRAMEBUFFER_KEEP_VESA_MODE
-	prompt "Keep VESA framebuffer"
-	bool
-	depends on PCI_OPTION_ROM_RUN_YABEL || PCI_OPTION_ROM_RUN_REALMODE
-	help
-	  This option keeps the framebuffer mode set after coreboot finishes
-	  execution. If this option is enabled, coreboot will pass a
-	  framebuffer entry in its coreboot table and the payload will need a
-	  framebuffer driver. If this option is disabled, coreboot will switch
-	  back to text mode before handing control to a payload.
-
-config BOOTSPLASH
-	prompt "Show graphical bootsplash"
-	bool
-	depends on FRAMEBUFFER_SET_VESA_MODE
-	help
-	  This option shows a graphical bootsplash screen. The grapics are
-	  loaded from the CBFS file bootsplash.jpg.
-
-config BOOTSPLASH_FILE
-	string "Bootsplash path and filename"
-	depends on BOOTSPLASH
-	default "bootsplash.jpg"
-	help
-	  The path and filename of the file to use as graphical bootsplash
-	  screen. The file format has to be jpg.
-endmenu
diff --git a/src/devices/Makefile.inc b/src/devices/Makefile.inc
deleted file mode 100644
index 9fe156b..0000000
--- a/src/devices/Makefile.inc
+++ /dev/null
@@ -1,24 +0,0 @@
-ramstage-y += device.c
-ramstage-y += root_device.c
-ramstage-y += cpu_device.c
-ramstage-y += device_util.c
-ramstage-$(CONFIG_PCI) += pci_device.c
-ramstage-$(CONFIG_HYPERTRANSPORT_PLUGIN_SUPPORT) += hypertransport.c
-ramstage-$(CONFIG_PCIX_PLUGIN_SUPPORT) += pcix_device.c
-ramstage-$(CONFIG_PCIEXP_PLUGIN_SUPPORT) += pciexp_device.c
-ramstage-$(CONFIG_AGP_PLUGIN_SUPPORT) += agp_device.c
-ramstage-$(CONFIG_CARDBUS_PLUGIN_SUPPORT) += cardbus_device.c
-ramstage-$(CONFIG_ARCH_X86) += pnp_device.c
-ramstage-$(CONFIG_PCI) += pci_ops.c
-ramstage-y += smbus_ops.c
-
-romstage-y+= device_romstage.c
-
-subdirs-y += oprom
-
-ifeq ($(CONFIG_PCI_ROM_RUN),y)
-ramstage-y += pci_rom.c
-else
-ramstage-$(CONFIG_VGA_ROM_RUN) += pci_rom.c
-endif
-
diff --git a/src/devices/agp_device.c b/src/devices/agp_device.c
deleted file mode 100644
index 7e510f8..0000000
--- a/src/devices/agp_device.c
+++ /dev/null
@@ -1,75 +0,0 @@
-/*
- * This file is part of the coreboot project.
- *
- * Copyright (C) 2005 Linux Networx
- * (Written by Eric Biederman <ebiederman at lnxi.com> for Linux Networx)
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; version 2 of the License.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
- */
-
-#include <console/console.h>
-#include <device/device.h>
-#include <device/pci.h>
-#include <device/pci_ids.h>
-#include <device/agp.h>
-
-static void agp_tune_dev(device_t dev)
-{
-	unsigned int cap;
-
-	cap = pci_find_capability(dev, PCI_CAP_ID_AGP);
-	if (!cap)
-		return;
-
-	/* The OS is responsible for AGP tuning so do nothing here. */
-}
-
-unsigned int agp_scan_bus(struct bus *bus, unsigned int min_devfn,
-			  unsigned int max_devfn, unsigned int max)
-{
-	device_t child;
-
-	max = pci_scan_bus(bus, min_devfn, max_devfn, max);
-
-	for (child = bus->children; child; child = child->sibling) {
-		if ((child->path.pci.devfn < min_devfn) ||
-		    (child->path.pci.devfn > max_devfn)) {
-			continue;
-		}
-		agp_tune_dev(child);
-	}
-
-	return max;
-}
-
-unsigned int agp_scan_bridge(device_t dev, unsigned int max)
-{
-	return do_pci_scan_bridge(dev, max, agp_scan_bus);
-}
-
-/** Default device operations for AGP bridges. */
-static struct pci_operations agp_bus_ops_pci = {
-	.set_subsystem = 0,
-};
-
-struct device_operations default_agp_ops_bus = {
-	.read_resources   = pci_bus_read_resources,
-	.set_resources    = pci_dev_set_resources,
-	.enable_resources = pci_bus_enable_resources,
-	.init             = 0,
-	.scan_bus         = agp_scan_bridge,
-	.enable           = 0,
-	.reset_bus        = pci_bus_reset,
-	.ops_pci          = &agp_bus_ops_pci,
-};
diff --git a/src/devices/cardbus_device.c b/src/devices/cardbus_device.c
deleted file mode 100644
index 0b07e34..0000000
--- a/src/devices/cardbus_device.c
+++ /dev/null
@@ -1,184 +0,0 @@
-/*
- * This file is part of the coreboot project.
- *
- * Copyright (C) 2005 Linux Networx
- * (Written by Eric Biederman <ebiederman at lnxi.com> for Linux Networx)
- * Copyright (C) 2005 Ronald G. Minnich <rminnich at gmail.com>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; version 2 of the License.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
- */
-
-#include <console/console.h>
-#include <device/device.h>
-#include <device/pci.h>
-#include <device/pci_ids.h>
-#include <device/cardbus.h>
-
-/*
- * I don't think this code is quite correct but it is close.
- * Anyone with a cardbus bridge and a little time should be able
- * to make it usable quickly. -- Eric Biederman 24 March 2005
- */
-
-/*
- * IO should be max 256 bytes. However, since we may have a P2P bridge below
- * a cardbus bridge, we need 4K.
- */
-#define CARDBUS_IO_SIZE		4096
-#define CARDBUS_MEM_SIZE	(32 * 1024 * 1024)
-
-static void cardbus_record_bridge_resource(device_t dev, resource_t moving,
-		resource_t min_size, unsigned int index, unsigned long type)
-{
-	struct resource *resource;
-	unsigned long gran;
-	resource_t step;
-
-	/* Initialize the constraints on the current bus. */
-	resource = NULL;
-	if (!moving)
-		return;
-
-	resource = new_resource(dev, index);
-	resource->size = 0;
-	gran = 0;
-	step = 1;
-	while ((moving & step) == 0) {
-		gran += 1;
-		step <<= 1;
-	}
-	resource->gran = gran;
-	resource->align = gran;
-	resource->limit = moving | (step - 1);
-	resource->flags = type;
-
-	/* Don't let the minimum size exceed what we can put in the resource. */
-	if ((min_size - 1) > resource->limit)
-		min_size = resource->limit + 1;
-
-	resource->size = min_size;
-}
-
-static void cardbus_size_bridge_resource(device_t dev, unsigned int index)
-{
-	struct resource *resource;
-	resource_t min_size;
-
-	resource = find_resource(dev, index);
-	if (resource) {
-		min_size = resource->size;
-		/*
-		 * Always allocate at least the miniumum size to a
-		 * cardbus bridge in case a new card is plugged in.
-		 */
-		if (resource->size < min_size)
-			resource->size = min_size;
-	}
-}
-
-void cardbus_read_resources(device_t dev)
-{
-	resource_t moving_base, moving_limit, moving;
-	unsigned long type;
-	u16 ctl;
-
-	/* See if needs a card control registers base address. */
-
-	pci_get_resource(dev, PCI_BASE_ADDRESS_0);
-
-	compact_resources(dev);
-
-	/* See which bridge I/O resources are implemented. */
-	moving_base = pci_moving_config32(dev, PCI_CB_IO_BASE_0);
-	moving_limit = pci_moving_config32(dev, PCI_CB_IO_LIMIT_0);
-	moving = moving_base & moving_limit;
-
-	/* Initialize the I/O space constraints on the current bus. */
-	cardbus_record_bridge_resource(dev, moving, CARDBUS_IO_SIZE,
-				       PCI_CB_IO_BASE_0, IORESOURCE_IO);
-	cardbus_size_bridge_resource(dev, PCI_CB_IO_BASE_0);
-
-	/* See which bridge I/O resources are implemented. */
-	moving_base = pci_moving_config32(dev, PCI_CB_IO_BASE_1);
-	moving_limit = pci_moving_config32(dev, PCI_CB_IO_LIMIT_1);
-	moving = moving_base & moving_limit;
-
-	/* Initialize the I/O space constraints on the current bus. */
-	cardbus_record_bridge_resource(dev, moving, CARDBUS_IO_SIZE,
-				       PCI_CB_IO_BASE_1, IORESOURCE_IO);
-
-	/* If I can, enable prefetch for mem0. */
-	ctl = pci_read_config16(dev, PCI_CB_BRIDGE_CONTROL);
-	ctl &= ~PCI_CB_BRIDGE_CTL_PREFETCH_MEM0;
-	ctl &= ~PCI_CB_BRIDGE_CTL_PREFETCH_MEM1;
-	ctl |= PCI_CB_BRIDGE_CTL_PREFETCH_MEM0;
-	pci_write_config16(dev, PCI_CB_BRIDGE_CONTROL, ctl);
-	ctl = pci_read_config16(dev, PCI_CB_BRIDGE_CONTROL);
-
-	/* See which bridge memory resources are implemented. */
-	moving_base = pci_moving_config32(dev, PCI_CB_MEMORY_BASE_0);
-	moving_limit = pci_moving_config32(dev, PCI_CB_MEMORY_LIMIT_0);
-	moving = moving_base & moving_limit;
-
-	/* Initialize the memory space constraints on the current bus. */
-	type = IORESOURCE_MEM;
-	if (ctl & PCI_CB_BRIDGE_CTL_PREFETCH_MEM0)
-		type |= IORESOURCE_PREFETCH;
-	cardbus_record_bridge_resource(dev, moving, CARDBUS_MEM_SIZE,
-				       PCI_CB_MEMORY_BASE_0, type);
-	if (type & IORESOURCE_PREFETCH)
-		cardbus_size_bridge_resource(dev, PCI_CB_MEMORY_BASE_0);
-
-	/* See which bridge memory resources are implemented. */
-	moving_base = pci_moving_config32(dev, PCI_CB_MEMORY_BASE_1);
-	moving_limit = pci_moving_config32(dev, PCI_CB_MEMORY_LIMIT_1);
-	moving = moving_base & moving_limit;
-
-	/* Initialize the memory space constraints on the current bus. */
-	cardbus_record_bridge_resource(dev, moving, CARDBUS_MEM_SIZE,
-				       PCI_CB_MEMORY_BASE_1, IORESOURCE_MEM);
-	cardbus_size_bridge_resource(dev, PCI_CB_MEMORY_BASE_1);
-
-	compact_resources(dev);
-}
-
-void cardbus_enable_resources(device_t dev)
-{
-	u16 ctrl;
-
-	ctrl = pci_read_config16(dev, PCI_CB_BRIDGE_CONTROL);
-	ctrl |= (dev->link_list->bridge_ctrl & (
-			PCI_BRIDGE_CTL_PARITY |
-			PCI_BRIDGE_CTL_SERR |
-			PCI_BRIDGE_CTL_NO_ISA |
-			PCI_BRIDGE_CTL_VGA |
-			PCI_BRIDGE_CTL_MASTER_ABORT |
-			PCI_BRIDGE_CTL_BUS_RESET));
-	/* Error check */
-	ctrl |= (PCI_CB_BRIDGE_CTL_PARITY + PCI_CB_BRIDGE_CTL_SERR);
-	printk(BIOS_DEBUG, "%s bridge ctrl <- %04x\n", dev_path(dev), ctrl);
-	pci_write_config16(dev, PCI_BRIDGE_CONTROL, ctrl);
-
-	pci_dev_enable_resources(dev);
-}
-
-struct device_operations default_cardbus_ops_bus = {
-	.read_resources   = cardbus_read_resources,
-	.set_resources    = pci_dev_set_resources,
-	.enable_resources = cardbus_enable_resources,
-	.init             = 0,
-	.scan_bus         = pci_scan_bridge,
-	.enable           = 0,
-	.reset_bus        = pci_bus_reset,
-};
diff --git a/src/devices/cpu_device.c b/src/devices/cpu_device.c
deleted file mode 100644
index b689f1a..0000000
--- a/src/devices/cpu_device.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * This file is part of the coreboot project.
- *
- * Copyright (C) 2011 Advanced Micro Devices, Inc.
- * Copyright (C) 2012 Kyösti Mälkki <kyosti.malkki at gmail.com>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; version 2 of the License.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
- */
-
-#include <device/device.h>
-#include <console/console.h>
-#include <cpu/x86/lapic.h>
-
-void remap_bsp_lapic(struct bus *cpu_bus)
-{
-	struct device_path cpu_path;
-	device_t cpu;
-	u32 bsp_lapic_id = lapicid();
-
-	if (bsp_lapic_id) {
-		cpu_path.type = DEVICE_PATH_APIC;
-		cpu_path.apic.apic_id = 0;
-		cpu = find_dev_path(cpu_bus, &cpu_path);
-		if (cpu)
-			cpu->path.apic.apic_id = bsp_lapic_id;
-	}
-}
-
-device_t add_cpu_device(struct bus *cpu_bus, unsigned apic_id, int enabled)
-{
-	struct device_path cpu_path;
-	device_t cpu;
-
-	/* Build the cpu device path */
-	cpu_path.type = DEVICE_PATH_APIC;
-	cpu_path.apic.apic_id = apic_id;
-
-	/* Update CPU in devicetree. */
-	if (enabled)
-		cpu = alloc_find_dev(cpu_bus, &cpu_path);
-	else
-		cpu = find_dev_path(cpu_bus, &cpu_path);
-	if (!cpu)
-		return NULL;
-
-	cpu->enabled = enabled;
-	printk(BIOS_DEBUG, "CPU: %s %s\n",
-		dev_path(cpu), cpu->enabled?"enabled":"disabled");
-
-	return cpu;
-}
-
-void set_cpu_topology(device_t cpu, unsigned node, unsigned package, unsigned core, unsigned thread)
-{
-	cpu->path.apic.node_id = node;
-	cpu->path.apic.package_id = package;
-	cpu->path.apic.core_id = core;
-	cpu->path.apic.thread_id = thread;
-}
-
diff --git a/src/devices/device.c b/src/devices/device.c
deleted file mode 100644
index 07bbc7a..0000000
--- a/src/devices/device.c
+++ /dev/null
@@ -1,1157 +0,0 @@
-/*
- * This file is part of the coreboot project.
- *
- * It was originally based on the Linux kernel (arch/i386/kernel/pci-pc.c).
- *
- * Modifications are:
- * Copyright (C) 2003 Eric Biederman <ebiederm at xmission.com>
- * Copyright (C) 2003-2004 Linux Networx
- * (Written by Eric Biederman <ebiederman at lnxi.com> for Linux Networx)
- * Copyright (C) 2003 Ronald G. Minnich <rminnich at gmail.com>
- * Copyright (C) 2004-2005 Li-Ta Lo <ollie at lanl.gov>
- * Copyright (C) 2005-2006 Tyan
- * (Written by Yinghai Lu <yhlu at tyan.com> for Tyan)
- * Copyright (C) 2005-2006 Stefan Reinauer <stepan at openbios.org>
- * Copyright (C) 2009 Myles Watson <mylesgw at gmail.com>
- */
-
-/*
- *      (c) 1999--2000 Martin Mares <mj at suse.cz>
- */
-
-/*
- * Lots of mods by Ron Minnich <rminnich at lanl.gov>, with
- * the final architecture guidance from Tom Merritt <tjm at codegen.com>.
- *
- * In particular, we changed from the one-pass original version to
- * Tom's recommended multiple-pass version. I wasn't sure about doing
- * it with multiple passes, until I actually started doing it and saw
- * the wisdom of Tom's recommendations...
- *
- * Lots of cleanups by Eric Biederman to handle bridges, and to
- * handle resource allocation for non-PCI devices.
- */
-
-#include <console/console.h>
-#include <arch/io.h>
-#include <device/device.h>
-#include <device/pci.h>
-#include <device/pci_ids.h>
-#include <stdlib.h>
-#include <string.h>
-#include <smp/spinlock.h>
-#if CONFIG_ARCH_X86
-#include <arch/ebda.h>
-#endif
-
-/** Linked list of ALL devices */
-struct device *all_devices = &dev_root;
-/** Pointer to the last device */
-extern struct device *last_dev;
-/** Linked list of free resources */
-struct resource *free_resources = NULL;
-
-/**
- * Initialize all chips of statically known devices.
- *
- * Will be called before bus enumeration to initialize chips stated in the
- * device tree.
- */
-void dev_initialize_chips(void)
-{
-	struct device *dev;
-
-	for (dev = all_devices; dev; dev = dev->next) {
-		/* Initialize chip if we haven't yet. */
-		if (dev->chip_ops && dev->chip_ops->init &&
-				!dev->chip_ops->initialized) {
-			dev->chip_ops->init(dev->chip_info);
-			dev->chip_ops->initialized = 1;
-		}
-	}
-}
-
-DECLARE_SPIN_LOCK(dev_lock)
-
-#if CONFIG_GFXUMA
-/* IGD UMA memory */
-uint64_t uma_memory_base = 0;
-uint64_t uma_memory_size = 0;
-#endif
-
-/**
- * Allocate a new device structure.
- *
- * Allocte a new device structure and attach it to the device tree as a
- * child of the parent bus.
- *
- * @param parent Parent bus the newly created device should be attached to.
- * @param path Path to the device to be created.
- * @return Pointer to the newly created device structure.
- *
- * @see device_path
- */
-static device_t __alloc_dev(struct bus *parent, struct device_path *path)
-{
-	device_t dev, child;
-
-	/* Find the last child of our parent. */
-	for (child = parent->children; child && child->sibling; /* */ )
-		child = child->sibling;
-
-	dev = malloc(sizeof(*dev));
-	if (dev == 0)
-		die("alloc_dev(): out of memory.\n");
-
-	memset(dev, 0, sizeof(*dev));
-	memcpy(&dev->path, path, sizeof(*path));
-
-	/* By default devices are enabled. */
-	dev->enabled = 1;
-
-	/* Add the new device to the list of children of the bus. */
-	dev->bus = parent;
-	if (child)
-		child->sibling = dev;
-	else
-		parent->children = dev;
-
-	/* Append a new device to the global device list.
-	 * The list is used to find devices once everything is set up.
-	 */
-	last_dev->next = dev;
-	last_dev = dev;
-
-	return dev;
-}
-
-device_t alloc_dev(struct bus *parent, struct device_path *path)
-{
-	device_t dev;
-	spin_lock(&dev_lock);
-	dev = __alloc_dev(parent, path);
-	spin_unlock(&dev_lock);
-	return dev;
-}
-
-/**
- * See if a device structure already exists and if not allocate it.
- *
- * @param parent The bus to find the device on.
- * @param path The relative path from the bus to the appropriate device.
- * @return Pointer to a device structure for the device on bus at path.
- */
-device_t alloc_find_dev(struct bus *parent, struct device_path *path)
-{
-	device_t child;
-	spin_lock(&dev_lock);
-	child = find_dev_path(parent, path);
-	if (!child)
-		child = __alloc_dev(parent, path);
-	spin_unlock(&dev_lock);
-	return child;
-}
-
-/**
- * Round a number up to an alignment.
- *
- * @param val The starting value.
- * @param roundup Alignment as a power of two.
- * @return Rounded up number.
- */
-static resource_t round(resource_t val, unsigned long pow)
-{
-	resource_t mask;
-	mask = (1ULL << pow) - 1ULL;
-	val += mask;
-	val &= ~mask;
-	return val;
-}
-
-/**
- * Read the resources on all devices of a given bus.
- *
- * @param bus Bus to read the resources on.
- */
-static void read_resources(struct bus *bus)
-{
-	struct device *curdev;
-
-	printk(BIOS_SPEW, "%s %s bus %x link: %d\n", dev_path(bus->dev),
-	       __func__, bus->secondary, bus->link_num);
-
-	/* Walk through all devices and find which resources they need. */
-	for (curdev = bus->children; curdev; curdev = curdev->sibling) {
-		struct bus *link;
-
-		if (!curdev->enabled)
-			continue;
-
-		if (!curdev->ops || !curdev->ops->read_resources) {
-			printk(BIOS_ERR, "%s missing read_resources\n",
-			       dev_path(curdev));
-			continue;
-		}
-		curdev->ops->read_resources(curdev);
-
-		/* Read in the resources behind the current device's links. */
-		for (link = curdev->link_list; link; link = link->next)
-			read_resources(link);
-	}
-	printk(BIOS_SPEW, "%s read_resources bus %d link: %d done\n",
-	       dev_path(bus->dev), bus->secondary, bus->link_num);
-}
-
-struct pick_largest_state {
-	struct resource *last;
-	struct device *result_dev;
-	struct resource *result;
-	int seen_last;
-};
-
-static void pick_largest_resource(void *gp, struct device *dev,
-				  struct resource *resource)
-{
-	struct pick_largest_state *state = gp;
-	struct resource *last;
-
-	last = state->last;
-
-	/* Be certain to pick the successor to last. */
-	if (resource == last) {
-		state->seen_last = 1;
-		return;
-	}
-	if (resource->flags & IORESOURCE_FIXED)
-		return;	/* Skip it. */
-	if (last && ((last->align < resource->align) ||
-		     ((last->align == resource->align) &&
-		      (last->size < resource->size)) ||
-		     ((last->align == resource->align) &&
-		      (last->size == resource->size) && (!state->seen_last)))) {
-		return;
-	}
-	if (!state->result ||
-	    (state->result->align < resource->align) ||
-	    ((state->result->align == resource->align) &&
-	     (state->result->size < resource->size))) {
-		state->result_dev = dev;
-		state->result = resource;
-	}
-}
-
-static struct device *largest_resource(struct bus *bus,
-				       struct resource **result_res,
-				       unsigned long type_mask,
-				       unsigned long type)
-{
-	struct pick_largest_state state;
-
-	state.last = *result_res;
-	state.result_dev = NULL;
-	state.result = NULL;
-	state.seen_last = 0;
-
-	search_bus_resources(bus, type_mask, type, pick_largest_resource,
-			     &state);
-
-	*result_res = state.result;
-	return state.result_dev;
-}
-
-/**
- * This function is the guts of the resource allocator.
- *
- * The problem.
- *  - Allocate resource locations for every device.
- *  - Don't overlap, and follow the rules of bridges.
- *  - Don't overlap with resources in fixed locations.
- *  - Be efficient so we don't have ugly strategies.
- *
- * The strategy.
- * - Devices that have fixed addresses are the minority so don't
- *   worry about them too much. Instead only use part of the address
- *   space for devices with programmable addresses. This easily handles
- *   everything except bridges.
- *
- * - PCI devices are required to have their sizes and their alignments
- *   equal. In this case an optimal solution to the packing problem
- *   exists. Allocate all devices from highest alignment to least
- *   alignment or vice versa. Use this.
- *
- * - So we can handle more than PCI run two allocation passes on bridges. The
- *   first to see how large the resources are behind the bridge, and what
- *   their alignment requirements are. The second to assign a safe address to
- *   the devices behind the bridge. This allows us to treat a bridge as just
- *   a device with a couple of resources, and not need to special case it in
- *   the allocator. Also this allows handling of other types of bridges.
- *
- * @param bus The bus we are traversing.
- * @param bridge The bridge resource which must contain the bus' resources.
- * @param type_mask This value gets ANDed with the resource type.
- * @param type This value must match the result of the AND.
- * @return TODO
- */
-static void compute_resources(struct bus *bus, struct resource *bridge,
-			      unsigned long type_mask, unsigned long type)
-{
-	struct device *dev;
-	struct resource *resource;
-	resource_t base;
-	base = round(bridge->base, bridge->align);
-
-	printk(BIOS_SPEW,  "%s %s_%s: base: %llx size: %llx align: %d gran: %d"
-	       " limit: %llx\n", dev_path(bus->dev), __func__,
-	       (type & IORESOURCE_IO) ? "io" : (type & IORESOURCE_PREFETCH) ?
-	       "prefmem" : "mem", base, bridge->size, bridge->align,
-	       bridge->gran, bridge->limit);
-
-	/* For each child which is a bridge, compute the resource needs. */
-	for (dev = bus->children; dev; dev = dev->sibling) {
-		struct resource *child_bridge;
-
-		if (!dev->link_list)
-			continue;
-
-		/* Find the resources with matching type flags. */
-		for (child_bridge = dev->resource_list; child_bridge;
-		     child_bridge = child_bridge->next) {
-			struct bus* link;
-
-			if (!(child_bridge->flags & IORESOURCE_BRIDGE)
-			    || (child_bridge->flags & type_mask) != type)
-				continue;
-
-			/*
-			 * Split prefetchable memory if combined. Many domains
-			 * use the same address space for prefetchable memory
-			 * and non-prefetchable memory. Bridges below them need
-			 * it separated. Add the PREFETCH flag to the type_mask
-			 * and type.
-			 */
-			link = dev->link_list;
-			while (link && link->link_num !=
-					IOINDEX_LINK(child_bridge->index))
-				link = link->next;
-
-			if (link == NULL) {
-				printk(BIOS_ERR, "link %ld not found on %s\n",
-				       IOINDEX_LINK(child_bridge->index),
-				       dev_path(dev));
-			}
-
-			compute_resources(link, child_bridge,
-					  type_mask | IORESOURCE_PREFETCH,
-					  type | (child_bridge->flags &
-						  IORESOURCE_PREFETCH));
-		}
-	}
-
-	/* Remember we haven't found anything yet. */
-	resource = NULL;
-
-	/*
-	 * Walk through all the resources on the current bus and compute the
-	 * amount of address space taken by them. Take granularity and
-	 * alignment into account.
-	 */
-	while ((dev = largest_resource(bus, &resource, type_mask, type))) {
-
-		/* Size 0 resources can be skipped. */
-		if (!resource->size)
-			continue;
-
-		/* Propagate the resource alignment to the bridge resource. */
-		if (resource->align > bridge->align)
-			bridge->align = resource->align;
-
-		/* Propagate the resource limit to the bridge register. */
-		if (bridge->limit > resource->limit)
-			bridge->limit = resource->limit;
-
-		/* Warn if it looks like APICs aren't declared. */
-		if ((resource->limit == 0xffffffff) &&
-		    (resource->flags & IORESOURCE_ASSIGNED)) {
-			printk(BIOS_ERR,
-			       "Resource limit looks wrong! (no APIC?)\n");
-			printk(BIOS_ERR, "%s %02lx limit %08llx\n",
-			       dev_path(dev), resource->index, resource->limit);
-		}
-
-		if (resource->flags & IORESOURCE_IO) {
-			/*
-			 * Don't allow potential aliases over the legacy PCI
-			 * expansion card addresses. The legacy PCI decodes
-			 * only 10 bits, uses 0x100 - 0x3ff. Therefore, only
-			 * 0x00 - 0xff can be used out of each 0x400 block of
-			 * I/O space.
-			 */
-			if ((base & 0x300) != 0) {
-				base = (base & ~0x3ff) + 0x400;
-			}
-			/*
-			 * Don't allow allocations in the VGA I/O range.
-			 * PCI has special cases for that.
-			 */
-			else if ((base >= 0x3b0) && (base <= 0x3df)) {
-				base = 0x3e0;
-			}
-		}
-		/* Base must be aligned. */
-		base = round(base, resource->align);
-		resource->base = base;
-		base += resource->size;
-
-		printk(BIOS_SPEW, "%s %02lx *  [0x%llx - 0x%llx] %s\n",
-		       dev_path(dev), resource->index, resource->base,
-		       resource->base + resource->size - 1,
-		       (resource->flags & IORESOURCE_IO) ? "io" :
-		       (resource->flags & IORESOURCE_PREFETCH) ?
-		        "prefmem" : "mem");
-	}
-
-	/*
-	 * A PCI bridge resource does not need to be a power of two size, but
-	 * it does have a minimum granularity. Round the size up to that
-	 * minimum granularity so we know not to place something else at an
-	 * address postitively decoded by the bridge.
-	 */
-	bridge->size = round(base, bridge->gran) -
-		       round(bridge->base, bridge->align);
-
-	printk(BIOS_SPEW, "%s %s_%s: base: %llx size: %llx align: %d gran: %d"
-	       " limit: %llx done\n", dev_path(bus->dev), __func__,
-	       (bridge->flags & IORESOURCE_IO) ? "io" :
-	       (bridge->flags & IORESOURCE_PREFETCH) ? "prefmem" : "mem",
-	       base, bridge->size, bridge->align, bridge->gran, bridge->limit);
-}
-
-/**
- * This function is the second part of the resource allocator.
- *
- * See the compute_resources function for a more detailed explanation.
- *
- * This function assigns the resources a value.
- *
- * @param bus The bus we are traversing.
- * @param bridge The bridge resource which must contain the bus' resources.
- * @param type_mask This value gets ANDed with the resource type.
- * @param type This value must match the result of the AND.
- *
- * @see compute_resources
- */
-static void allocate_resources(struct bus *bus, struct resource *bridge,
-			       unsigned long type_mask, unsigned long type)
-{
-	struct device *dev;
-	struct resource *resource;
-	resource_t base;
-	base = bridge->base;
-
-	printk(BIOS_SPEW, "%s %s_%s: base:%llx size:%llx align:%d gran:%d "
-	       "limit:%llx\n", dev_path(bus->dev), __func__,
-	       (type & IORESOURCE_IO) ? "io" : (type & IORESOURCE_PREFETCH) ?
-	       "prefmem" : "mem",
-	       base, bridge->size, bridge->align, bridge->gran, bridge->limit);
-
-	/* Remember we haven't found anything yet. */
-	resource = NULL;
-
-	/*
-	 * Walk through all the resources on the current bus and allocate them
-	 * address space.
-	 */
-	while ((dev = largest_resource(bus, &resource, type_mask, type))) {
-
-		/* Propagate the bridge limit to the resource register. */
-		if (resource->limit > bridge->limit)
-			resource->limit = bridge->limit;
-
-		/* Size 0 resources can be skipped. */
-		if (!resource->size) {
-			/* Set the base to limit so it doesn't confuse tolm. */
-			resource->base = resource->limit;
-			resource->flags |= IORESOURCE_ASSIGNED;
-			continue;
-		}
-
-		if (resource->flags & IORESOURCE_IO) {
-			/*
-			 * Don't allow potential aliases over the legacy PCI
-			 * expansion card addresses. The legacy PCI decodes
-			 * only 10 bits, uses 0x100 - 0x3ff. Therefore, only
-			 * 0x00 - 0xff can be used out of each 0x400 block of
-			 * I/O space.
-			 */
-			if ((base & 0x300) != 0) {
-				base = (base & ~0x3ff) + 0x400;
-			}
-			/*
-			 * Don't allow allocations in the VGA I/O range.
-			 * PCI has special cases for that.
-			 */
-			else if ((base >= 0x3b0) && (base <= 0x3df)) {
-				base = 0x3e0;
-			}
-		}
-
-		if ((round(base, resource->align) + resource->size - 1) <=
-		    resource->limit) {
-			/* Base must be aligned. */
-			base = round(base, resource->align);
-			resource->base = base;
-			resource->flags |= IORESOURCE_ASSIGNED;
-			resource->flags &= ~IORESOURCE_STORED;
-			base += resource->size;
-		} else {
-			printk(BIOS_ERR, "!! Resource didn't fit !!\n");
-			printk(BIOS_ERR, "   aligned base %llx size %llx "
-			       "limit %llx\n", round(base, resource->align),
-			       resource->size, resource->limit);
-			printk(BIOS_ERR, "   %llx needs to be <= %llx "
-			       "(limit)\n", (round(base, resource->align) +
-				resource->size) - 1, resource->limit);
-			printk(BIOS_ERR, "   %s%s %02lx *  [0x%llx - 0x%llx]"
-			       " %s\n", (resource->flags & IORESOURCE_ASSIGNED)
-			       ? "Assigned: " : "", dev_path(dev),
-			       resource->index, resource->base,
-			       resource->base + resource->size - 1,
-			       (resource->flags & IORESOURCE_IO) ? "io"
-			       : (resource->flags & IORESOURCE_PREFETCH)
-			       ? "prefmem" : "mem");
-		}
-
-		printk(BIOS_SPEW, "%s%s %02lx *  [0x%llx - 0x%llx] %s\n",
-		       (resource->flags & IORESOURCE_ASSIGNED) ? "Assigned: "
-		       : "", dev_path(dev), resource->index, resource->base,
-		       resource->size ? resource->base + resource->size - 1 :
-		       resource->base, (resource->flags & IORESOURCE_IO)
-		       ? "io" : (resource->flags & IORESOURCE_PREFETCH)
-		       ? "prefmem" : "mem");
-	}
-
-	/*
-	 * A PCI bridge resource does not need to be a power of two size, but
-	 * it does have a minimum granularity. Round the size up to that
-	 * minimum granularity so we know not to place something else at an
-	 * address positively decoded by the bridge.
-	 */
-
-	bridge->flags |= IORESOURCE_ASSIGNED;
-
-	printk(BIOS_SPEW, "%s %s_%s: next_base: %llx size: %llx align: %d "
-	       "gran: %d done\n", dev_path(bus->dev), __func__,
-	       (type & IORESOURCE_IO) ? "io" : (type & IORESOURCE_PREFETCH) ?
-	       "prefmem" : "mem", base, bridge->size, bridge->align,
-	       bridge->gran);
-
-	/* For each child which is a bridge, allocate_resources. */
-	for (dev = bus->children; dev; dev = dev->sibling) {
-		struct resource *child_bridge;
-
-		if (!dev->link_list)
-			continue;
-
-		/* Find the resources with matching type flags. */
-		for (child_bridge = dev->resource_list; child_bridge;
-		     child_bridge = child_bridge->next) {
-			struct bus* link;
-
-			if (!(child_bridge->flags & IORESOURCE_BRIDGE) ||
-			    (child_bridge->flags & type_mask) != type)
-				continue;
-
-			/*
-			 * Split prefetchable memory if combined. Many domains
-			 * use the same address space for prefetchable memory
-			 * and non-prefetchable memory. Bridges below them need
-			 * it separated. Add the PREFETCH flag to the type_mask
-			 * and type.
-			 */
-			link = dev->link_list;
-			while (link && link->link_num !=
-			               IOINDEX_LINK(child_bridge->index))
-				link = link->next;
-			if (link == NULL)
-				printk(BIOS_ERR, "link %ld not found on %s\n",
-				       IOINDEX_LINK(child_bridge->index),
-				       dev_path(dev));
-
-			allocate_resources(link, child_bridge,
-					   type_mask | IORESOURCE_PREFETCH,
-					   type | (child_bridge->flags &
-						   IORESOURCE_PREFETCH));
-		}
-	}
-}
-
-#if CONFIG_PCI_64BIT_PREF_MEM
-#define MEM_MASK (IORESOURCE_PREFETCH | IORESOURCE_MEM)
-#else
-#define MEM_MASK (IORESOURCE_MEM)
-#endif
-
-#define IO_MASK   (IORESOURCE_IO)
-#define PREF_TYPE (IORESOURCE_PREFETCH | IORESOURCE_MEM)
-#define MEM_TYPE  (IORESOURCE_MEM)
-#define IO_TYPE   (IORESOURCE_IO)
-
-struct constraints {
-	struct resource pref, io, mem;
-};
-
-static void constrain_resources(struct device *dev, struct constraints* limits)
-{
-	struct device *child;
-	struct resource *res;
-	struct resource *lim;
-	struct bus *link;
-
-	printk(BIOS_SPEW, "%s: %s\n", __func__, dev_path(dev));
-
-	/* Constrain limits based on the fixed resources of this device. */
-	for (res = dev->resource_list; res; res = res->next) {
-		if (!(res->flags & IORESOURCE_FIXED))
-			continue;
-		if (!res->size) {
-			/* It makes no sense to have 0-sized, fixed resources.*/
-			printk(BIOS_ERR, "skipping %s@%lx fixed resource, "
-			       "size=0!\n", dev_path(dev), res->index);
-			continue;
-		}
-
-		/* PREFETCH, MEM, or I/O - skip any others. */
-		if ((res->flags & MEM_MASK) == PREF_TYPE)
-			lim = &limits->pref;
-		else if ((res->flags & MEM_MASK) == MEM_TYPE)
-			lim = &limits->mem;
-		else if ((res->flags & IO_MASK) == IO_TYPE)
-			lim = &limits->io;
-		else
-			continue;
-
-		/*
-		 * Is it a fixed resource outside the current known region?
-		 * If so, we don't have to consider it - it will be handled
-		 * correctly and doesn't affect current region's limits.
-		 */
-		if (((res->base + res->size -1) < lim->base)
-		    || (res->base > lim->limit))
-			continue;
-
-		/*
-		 * Choose to be above or below fixed resources. This check is
-		 * signed so that "negative" amounts of space are handled
-		 * correctly.
-		 */
-		if ((signed long long)(lim->limit - (res->base + res->size -1))
-		    > (signed long long)(res->base - lim->base))
-			lim->base = res->base + res->size;
-		else
-			lim->limit = res->base -1;
-	}
-
-	/* Descend into every enabled child and look for fixed resources. */
-	for (link = dev->link_list; link; link = link->next) {
-		for (child = link->children; child; child = child->sibling) {
-			if (child->enabled)
-				constrain_resources(child, limits);
-		}
-	}
-}
-
-static void avoid_fixed_resources(struct device *dev)
-{
-	struct constraints limits;
-	struct resource *res;
-
-	printk(BIOS_SPEW, "%s: %s\n", __func__, dev_path(dev));
-
-	/* Initialize constraints to maximum size. */
-	limits.pref.base = 0;
-	limits.pref.limit = 0xffffffffffffffffULL;
-	limits.io.base = 0;
-	limits.io.limit = 0xffffffffffffffffULL;
-	limits.mem.base = 0;
-	limits.mem.limit = 0xffffffffffffffffULL;
-
-	/* Constrain the limits to dev's initial resources. */
-	for (res = dev->resource_list; res; res = res->next) {
-		if ((res->flags & IORESOURCE_FIXED))
-			continue;
-		printk(BIOS_SPEW, "%s:@%s %02lx limit %08llx\n", __func__,
-		       dev_path(dev), res->index, res->limit);
-		if ((res->flags & MEM_MASK) == PREF_TYPE &&
-		    (res->limit < limits.pref.limit))
-			limits.pref.limit = res->limit;
-		if ((res->flags & MEM_MASK) == MEM_TYPE &&
-		    (res->limit < limits.mem.limit))
-			limits.mem.limit = res->limit;
-		if ((res->flags & IO_MASK) == IO_TYPE &&
-		    (res->limit < limits.io.limit))
-			limits.io.limit = res->limit;
-	}
-
-	/* Look through the tree for fixed resources and update the limits. */
-	constrain_resources(dev, &limits);
-
-	/* Update dev's resources with new limits. */
-	for (res = dev->resource_list; res; res = res->next) {
-		struct resource *lim;
-
-		if ((res->flags & IORESOURCE_FIXED))
-			continue;
-
-		/* PREFETCH, MEM, or I/O - skip any others. */
-		if ((res->flags & MEM_MASK) == PREF_TYPE)
-			lim = &limits.pref;
-		else if ((res->flags & MEM_MASK) == MEM_TYPE)
-			lim = &limits.mem;
-		else if ((res->flags & IO_MASK) == IO_TYPE)
-			lim = &limits.io;
-		else
-			continue;
-
-		printk(BIOS_SPEW, "%s2: %s@%02lx limit %08llx\n", __func__,
-			     dev_path(dev), res->index, res->limit);
-		printk(BIOS_SPEW, "\tlim->base %08llx lim->limit %08llx\n",
-			     lim->base, lim->limit);
-
-		/* Is the resource outside the limits? */
-		if (lim->base > res->base)
-			res->base = lim->base;
-		if (res->limit > lim->limit)
-			res->limit = lim->limit;
-	}
-}
-
-device_t vga_pri = 0;
-static void set_vga_bridge_bits(void)
-{
-	/*
-	 * FIXME: Modify set_vga_bridge() so it is less PCI centric!
-	 * This function knows too much about PCI stuff, it should be just
-	 * an iterator/visitor.
-	 */
-
-	/* FIXME: Handle the VGA palette snooping. */
-	struct device *dev, *vga, *vga_onboard;
-	struct bus *bus;
-
-	bus = 0;
-	vga = 0;
-	vga_onboard = 0;
-
-	dev = NULL;
-	while ((dev = dev_find_class(PCI_CLASS_DISPLAY_VGA << 8, dev))) {
-		if (!dev->enabled)
-			continue;
-
-		printk(BIOS_DEBUG, "found VGA at %s\n", dev_path(dev));
-
-		if (dev->on_mainboard) {
-			vga_onboard = dev;
-		} else {
-			vga = dev;
-		}
-
-		/* It isn't safe to enable all VGA cards. */
-		dev->command &= ~(PCI_COMMAND_MEMORY | PCI_COMMAND_IO);
-	}
-
-	if (!vga)
-		vga = vga_onboard;
-
-	if (CONFIG_ONBOARD_VGA_IS_PRIMARY && vga_onboard)
-		vga = vga_onboard;
-
-	/* If we prefer plugin VGA over chipset VGA, the chipset might
-	   want to know. */
-	if (!CONFIG_ONBOARD_VGA_IS_PRIMARY && (vga != vga_onboard) &&
-		vga_onboard && vga_onboard->ops && vga_onboard->ops->disable) {
-		printk(BIOS_DEBUG, "Use plugin graphics over integrated.\n");
-		vga_onboard->ops->disable(vga_onboard);
-	}
-
-	if (vga) {
-		/* VGA is first add-on card or the only onboard VGA. */
-		printk(BIOS_DEBUG, "Setting up VGA for %s\n", dev_path(vga));
-		/* All legacy VGA cards have MEM & I/O space registers. */
-		vga->command |= (PCI_COMMAND_MEMORY | PCI_COMMAND_IO);
-		vga_pri = vga;
-		bus = vga->bus;
-	}
-
-	/* Now walk up the bridges setting the VGA enable. */
-	while (bus) {
-		printk(BIOS_DEBUG, "Setting PCI_BRIDGE_CTL_VGA for bridge %s\n",
-		       dev_path(bus->dev));
-		bus->bridge_ctrl |= PCI_BRIDGE_CTL_VGA;
-		bus = (bus == bus->dev->bus) ? 0 : bus->dev->bus;
-	}
-}
-
-/**
- * Assign the computed resources to the devices on the bus.
- *
- * Use the device specific set_resources() method to store the computed
- * resources to hardware. For bridge devices, the set_resources() method
- * has to recurse into every down stream buses.
- *
- * Mutual recursion:
- *	assign_resources() -> device_operation::set_resources()
- *	device_operation::set_resources() -> assign_resources()
- *
- * @param bus Pointer to the structure for this bus.
- */
-void assign_resources(struct bus *bus)
-{
-	struct device *curdev;
-
-	printk(BIOS_SPEW, "%s assign_resources, bus %d link: %d\n",
-	       dev_path(bus->dev), bus->secondary, bus->link_num);
-
-	for (curdev = bus->children; curdev; curdev = curdev->sibling) {
-		if (!curdev->enabled || !curdev->resource_list)
-			continue;
-
-		if (!curdev->ops || !curdev->ops->set_resources) {
-			printk(BIOS_ERR, "%s missing set_resources\n",
-			       dev_path(curdev));
-			continue;
-		}
-		curdev->ops->set_resources(curdev);
-	}
-	printk(BIOS_SPEW, "%s assign_resources, bus %d link: %d\n",
-	       dev_path(bus->dev), bus->secondary, bus->link_num);
-}
-
-/**
- * Enable the resources for devices on a link.
- *
- * Enable resources of the device by calling the device specific
- * enable_resources() method.
- *
- * The parent's resources should be enabled first to avoid having enabling
- * order problem. This is done by calling the parent's enable_resources()
- * method before its childrens' enable_resources() methods.
- *
- * @param link The link whose devices' resources are to be enabled.
- */
-static void enable_resources(struct bus *link)
-{
-	struct device *dev;
-	struct bus *c_link;
-
-	for (dev = link->children; dev; dev = dev->sibling) {
-		if (dev->enabled && dev->ops && dev->ops->enable_resources)
-			dev->ops->enable_resources(dev);
-	}
-
-	for (dev = link->children; dev; dev = dev->sibling) {
-		for (c_link = dev->link_list; c_link; c_link = c_link->next)
-			enable_resources(c_link);
-	}
-}
-
-/**
- * Reset all of the devices on a bus and clear the bus's reset_needed flag.
- *
- * @param bus Pointer to the bus structure.
- * @return 1 if the bus was successfully reset, 0 otherwise.
- */
-int reset_bus(struct bus *bus)
-{
-	if (bus && bus->dev && bus->dev->ops && bus->dev->ops->reset_bus) {
-		bus->dev->ops->reset_bus(bus);
-		bus->reset_needed = 0;
-		return 1;
-	}
-	return 0;
-}
-
-/**
- * Scan for devices on a bus.
- *
- * If there are bridges on the bus, recursively scan the buses behind the
- * bridges. If the setting up and tuning of the bus causes a reset to be
- * required, reset the bus and scan it again.
- *
- * @param busdev Pointer to the bus device.
- * @param max Current bus number.
- * @return The maximum bus number found, after scanning all subordinate buses.
- */
-unsigned int scan_bus(struct device *busdev, unsigned int max)
-{
-	unsigned int new_max;
-	int do_scan_bus;
-
-	if (!busdev || !busdev->enabled || !busdev->ops ||
-	    !busdev->ops->scan_bus) {
-		return max;
-	}
-
-	do_scan_bus = 1;
-	while (do_scan_bus) {
-		struct bus *link;
-		new_max = busdev->ops->scan_bus(busdev, max);
-		do_scan_bus = 0;
-		for (link = busdev->link_list; link; link = link->next) {
-			if (link->reset_needed) {
-				if (reset_bus(link))
-					do_scan_bus = 1;
-				else
-					busdev->bus->reset_needed = 1;
-			}
-		}
-	}
-	return new_max;
-}
-
-/**
- * Determine the existence of devices and extend the device tree.
- *
- * Most of the devices in the system are listed in the mainboard devicetree.cb
- * file. The device structures for these devices are generated at compile
- * time by the config tool and are organized into the device tree. This
- * function determines if the devices created at compile time actually exist
- * in the physical system.
- *
- * For devices in the physical system but not listed in devicetree.cb,
- * the device structures have to be created at run time and attached to the
- * device tree.
- *
- * This function starts from the root device 'dev_root', scans the buses in
- * the system recursively, and modifies the device tree according to the
- * result of the probe.
- *
- * This function has no idea how to scan and probe buses and devices at all.
- * It depends on the bus/device specific scan_bus() method to do it. The
- * scan_bus() method also has to create the device structure and attach
- * it to the device tree.
- */
-void dev_enumerate(void)
-{
-	struct device *root;
-
-	printk(BIOS_INFO, "Enumerating buses...\n");
-
-	root = &dev_root;
-
-	show_all_devs(BIOS_SPEW, "Before device enumeration.");
-	printk(BIOS_SPEW, "Compare with tree...\n");
-	show_devs_tree(root, BIOS_SPEW, 0, 0);
-
-	if (root->chip_ops && root->chip_ops->enable_dev)
-		root->chip_ops->enable_dev(root);
-
-	if (!root->ops || !root->ops->scan_bus) {
-		printk(BIOS_ERR, "dev_root missing scan_bus operation");
-		return;
-	}
-	scan_bus(root, 0);
-	printk(BIOS_INFO, "done\n");
-}
-
-/**
- * Configure devices on the devices tree.
- *
- * Starting at the root of the device tree, travel it recursively in two
- * passes. In the first pass, we compute and allocate resources (ranges)
- * requried by each device. In the second pass, the resources ranges are
- * relocated to their final position and stored to the hardware.
- *
- * I/O resources grow upward. MEM resources grow downward.
- *
- * Since the assignment is hierarchical we set the values into the dev_root
- * struct.
- */
-void dev_configure(void)
-{
-	struct resource *res;
-	struct device *root;
-	struct device *child;
-
-	set_vga_bridge_bits();
-
-	printk(BIOS_INFO, "Allocating resources...\n");
-
-	root = &dev_root;
-
-	/*
-	 * Each domain should create resources which contain the entire address
-	 * space for IO, MEM, and PREFMEM resources in the domain. The
-	 * allocation of device resources will be done from this address space.
-	 */
-
-	/* Read the resources for the entire tree. */
-
-	printk(BIOS_INFO, "Reading resources...\n");
-	read_resources(root->link_list);
-	printk(BIOS_INFO, "Done reading resources.\n");
-
-	print_resource_tree(root, BIOS_SPEW, "After reading.");
-
-	/* Compute resources for all domains. */
-	for (child = root->link_list->children; child; child = child->sibling) {
-		if (!(child->path.type == DEVICE_PATH_PCI_DOMAIN))
-			continue;
-		for (res = child->resource_list; res; res = res->next) {
-			if (res->flags & IORESOURCE_FIXED)
-				continue;
-			if (res->flags & IORESOURCE_PREFETCH) {
-				compute_resources(child->link_list,
-						  res, MEM_MASK, PREF_TYPE);
-				continue;
-			}
-			if (res->flags & IORESOURCE_MEM) {
-				compute_resources(child->link_list,
-						  res, MEM_MASK, MEM_TYPE);
-				continue;
-			}
-			if (res->flags & IORESOURCE_IO) {
-				compute_resources(child->link_list,
-						  res, IO_MASK, IO_TYPE);
-				continue;
-			}
-		}
-	}
-
-	/* For all domains. */
-	for (child = root->link_list->children; child; child=child->sibling)
-		if (child->path.type == DEVICE_PATH_PCI_DOMAIN)
-			avoid_fixed_resources(child);
-
-	/*
-	 * Now we need to adjust the resources. MEM resources need to start at
-	 * the highest address managable.
-	 */
-	for (child = root->link_list->children; child; child = child->sibling) {
-		if (child->path.type != DEVICE_PATH_PCI_DOMAIN)
-			continue;
-		for (res = child->resource_list; res; res = res->next) {
-			if (!(res->flags & IORESOURCE_MEM) ||
-			    res->flags & IORESOURCE_FIXED)
-				continue;
-			res->base = resource_max(res);
-		}
-	}
-
-	/* Store the computed resource allocations into device registers ... */
-	printk(BIOS_INFO, "Setting resources...\n");
-	for (child = root->link_list->children; child; child = child->sibling) {
-		if (!(child->path.type == DEVICE_PATH_PCI_DOMAIN))
-			continue;
-		for (res = child->resource_list; res; res = res->next) {
-			if (res->flags & IORESOURCE_FIXED)
-				continue;
-			if (res->flags & IORESOURCE_PREFETCH) {
-				allocate_resources(child->link_list,
-						   res, MEM_MASK, PREF_TYPE);
-				continue;
-			}
-			if (res->flags & IORESOURCE_MEM) {
-				allocate_resources(child->link_list,
-						   res, MEM_MASK, MEM_TYPE);
-				continue;
-			}
-			if (res->flags & IORESOURCE_IO) {
-				allocate_resources(child->link_list,
-						   res, IO_MASK, IO_TYPE);
-				continue;
-			}
-		}
-	}
-	assign_resources(root->link_list);
-	printk(BIOS_INFO, "Done setting resources.\n");
-	print_resource_tree(root, BIOS_SPEW, "After assigning values.");
-
-	printk(BIOS_INFO, "Done allocating resources.\n");
-}
-
-/**
- * Enable devices on the device tree.
- *
- * Starting at the root, walk the tree and enable all devices/bridges by
- * calling the device's enable_resources() method.
- */
-void dev_enable(void)
-{
-	struct bus *link;
-
-	printk(BIOS_INFO, "Enabling resources...\n");
-
-	/* Now enable everything. */
-	for (link = dev_root.link_list; link; link = link->next)
-		enable_resources(link);
-
-	printk(BIOS_INFO, "done.\n");
-}
-
-/**
- * Initialize a specific device.
- *
- * The parent should be initialized first to avoid having an ordering problem.
- * This is done by calling the parent's init() method before its childrens'
- * init() methods.
- *
- * @param dev The device to be initialized.
- */
-static void init_dev(struct device *dev)
-{
-	if (!dev->enabled)
-		return;
-
-	if (!dev->initialized && dev->ops && dev->ops->init) {
-		if (dev->path.type == DEVICE_PATH_I2C) {
-			printk(BIOS_DEBUG, "smbus: %s[%d]->",
-			       dev_path(dev->bus->dev), dev->bus->link_num);
-		}
-
-		printk(BIOS_DEBUG, "%s init\n", dev_path(dev));
-		dev->initialized = 1;
-		dev->ops->init(dev);
-	}
-}
-
-static void init_link(struct bus *link)
-{
-	struct device *dev;
-	struct bus *c_link;
-
-	for (dev = link->children; dev; dev = dev->sibling)
-		init_dev(dev);
-
-	for (dev = link->children; dev; dev = dev->sibling) {
-		for (c_link = dev->link_list; c_link; c_link = c_link->next)
-			init_link(c_link);
-	}
-}
-
-/**
- * Initialize all devices in the global device tree.
- *
- * Starting at the root device, call the device's init() method to do
- * device-specific setup, then call each child's init() method.
- */
-void dev_initialize(void)
-{
-	struct bus *link;
-
-	printk(BIOS_INFO, "Initializing devices...\n");
-
-#if CONFIG_ARCH_X86
-	/* Ensure EBDA is prepared before Option ROMs. */
-	setup_default_ebda();
-#endif
-
-	/* First call the mainboard init. */
-	init_dev(&dev_root);
-
-	/* Now initialize everything. */
-	for (link = dev_root.link_list; link; link = link->next)
-		init_link(link);
-
-	printk(BIOS_INFO, "Devices initialized\n");
-	show_all_devs(BIOS_SPEW, "After init.");
-}
diff --git a/src/devices/device_romstage.c b/src/devices/device_romstage.c
deleted file mode 100644
index 475f94a..0000000
--- a/src/devices/device_romstage.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/*
- * This file is part of the coreboot project.
- *
- * Copyright (C) 2003-2004 Linux Networx
- * (Written by Eric Biederman <ebiederman at lnxi.com> for Linux Networx)
- * Copyright (C) 2003 Greg Watson <jarrah at users.sourceforge.net>
- * Copyright (C) 2004 Li-Ta Lo <ollie at lanl.gov>
- * Copyright (C) 2005-2006 Tyan
- * (Written by Yinghai Lu <yhlu at tyan.com> for Tyan)
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; version 2 of the License.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
- */
-
-#include <device/device.h>
-#include <device/path.h>
-#include <device/pci.h>
-#include <device/resource.h>
-
-/** Linked list of ALL devices */
-ROMSTAGE_CONST struct device * ROMSTAGE_CONST all_devices = &dev_root;
-
-/**
- * Given a PCI bus and a devfn number, find the device structure.
- *
- * @param bus The bus number.
- * @param devfn A device/function number.
- * @return Pointer to the device structure (if found), 0 otherwise.
- */
-ROMSTAGE_CONST struct device *dev_find_slot(unsigned int bus,
-						unsigned int devfn)
-{
-	ROMSTAGE_CONST struct device *dev, *result;
-
-	result = 0;
-	for (dev = all_devices; dev; dev = dev->next) {
-		if ((dev->path.type == DEVICE_PATH_PCI) &&
-		    (dev->bus->secondary == bus) &&
-		    (dev->path.pci.devfn == devfn)) {
-			result = dev;
-			break;
-		}
-	}
-	return result;
-}
-
-/**
- * Given an SMBus bus and a device number, find the device structure.
- *
- * @param bus The bus number.
- * @param addr A device number.
- * @return Pointer to the device structure (if found), 0 otherwise.
- */
-ROMSTAGE_CONST struct device *dev_find_slot_on_smbus(unsigned int bus,
-							unsigned int addr)
-{
-	ROMSTAGE_CONST struct device *dev, *result;
-
-	result = 0;
-	for (dev = all_devices; dev; dev = dev->next) {
-		if ((dev->path.type == DEVICE_PATH_I2C) &&
-		    (dev->bus->secondary == bus) &&
-		    (dev->path.i2c.device == addr)) {
-			result = dev;
-			break;
-		}
-	}
-	return result;
-}
-
diff --git a/src/devices/device_util.c b/src/devices/device_util.c
deleted file mode 100644
index 224c58e..0000000
--- a/src/devices/device_util.c
+++ /dev/null
@@ -1,870 +0,0 @@
-/*
- * This file is part of the coreboot project.
- *
- * Copyright (C) 2003-2004 Linux Networx
- * (Written by Eric Biederman <ebiederman at lnxi.com> for Linux Networx)
- * Copyright (C) 2003 Greg Watson <jarrah at users.sourceforge.net>
- * Copyright (C) 2004 Li-Ta Lo <ollie at lanl.gov>
- * Copyright (C) 2005-2006 Tyan
- * (Written by Yinghai Lu <yhlu at tyan.com> for Tyan)
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; version 2 of the License.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
- */
-
-#include <console/console.h>
-#include <device/device.h>
-#include <device/path.h>
-#include <device/pci.h>
-#include <device/resource.h>
-#include <string.h>
-
-/**
- * See if a device structure exists for path.
- *
- * @param parent The bus to find the device on.
- * @param path The relative path from the bus to the appropriate device.
- * @return Pointer to a device structure for the device on bus at path
- *         or 0/NULL if no device is found.
- */
-device_t find_dev_path(struct bus *parent, struct device_path *path)
-{
-	device_t child;
-	for (child = parent->children; child; child = child->sibling) {
-		if (path_eq(path, &child->path))
-			break;
-	}
-	return child;
-}
-
-/**
- * Given a PCI bus and a devfn number, find the device structure.
- *
- * @param bus The bus number.
- * @param devfn A device/function number.
- * @return Pointer to the device structure (if found), 0 otherwise.
- */
-struct device *dev_find_slot(unsigned int bus, unsigned int devfn)
-{
-	struct device *dev, *result;
-
-	result = 0;
-	for (dev = all_devices; dev; dev = dev->next) {
-		if ((dev->path.type == DEVICE_PATH_PCI) &&
-		    (dev->bus->secondary == bus) &&
-		    (dev->path.pci.devfn == devfn)) {
-			result = dev;
-			break;
-		}
-	}
-	return result;
-}
-
-/**
- * Given an SMBus bus and a device number, find the device structure.
- *
- * @param bus The bus number.
- * @param addr A device number.
- * @return Pointer to the device structure (if found), 0 otherwise.
- */
-struct device *dev_find_slot_on_smbus(unsigned int bus, unsigned int addr)
-{
-	struct device *dev, *result;
-
-	result = 0;
-	for (dev = all_devices; dev; dev = dev->next) {
-		if ((dev->path.type == DEVICE_PATH_I2C) &&
-		    (dev->bus->secondary == bus) &&
-		    (dev->path.i2c.device == addr)) {
-			result = dev;
-			break;
-		}
-	}
-	return result;
-}
-
-/**
- * Given a Local APIC ID, find the device structure.
- *
- * @param apic_id The Local APIC ID number.
- * @return Pointer to the device structure (if found), 0 otherwise.
- */
-device_t dev_find_lapic(unsigned apic_id)
-{
-	device_t dev, result = NULL;
-
-	for (dev = all_devices; dev; dev = dev->next) {
-		if (dev->path.type == DEVICE_PATH_APIC &&
-		    dev->path.apic.apic_id == apic_id) {
-			result = dev;
-			break;
-		}
-	}
-	return result;
-}
-
-/**
- * Find a device of a given vendor and type.
- *
- * @param vendor A PCI vendor ID (e.g. 0x8086 for Intel).
- * @param device A PCI device ID.
- * @param from Pointer to the device structure, used as a starting point in
- *             the linked list of all_devices, which can be 0 to start at the
- *             head of the list (i.e. all_devices).
- * @return Pointer to the device struct.
- */
-struct device *dev_find_device(u16 vendor, u16 device, struct device *from)
-{
-	if (!from)
-		from = all_devices;
-	else
-		from = from->next;
-
-	while (from && (from->vendor != vendor || from->device != device))
-		from = from->next;
-
-	return from;
-}
-
-/**
- * Find a device of a given class.
- *
- * @param class Class of the device.
- * @param from Pointer to the device structure, used as a starting point in
- *             the linked list of all_devices, which can be 0 to start at the
- *             head of the list (i.e. all_devices).
- * @return Pointer to the device struct.
- */
-struct device *dev_find_class(unsigned int class, struct device *from)
-{
-	if (!from)
-		from = all_devices;
-	else
-		from = from->next;
-
-	while (from && (from->class & 0xffffff00) != class)
-		from = from->next;
-
-	return from;
-}
-
-/*
- * Warning: This function uses a static buffer. Don't call it more than once
- * from the same print statement!
- */
-const char *dev_path(device_t dev)
-{
-	static char buffer[DEVICE_PATH_MAX];
-
-	buffer[0] = '\0';
-	if (!dev) {
-		memcpy(buffer, "<null>", 7);
-	} else {
-		switch(dev->path.type) {
-		case DEVICE_PATH_ROOT:
-			memcpy(buffer, "Root Device", 12);
-			break;
-		case DEVICE_PATH_PCI:
-#if CONFIG_PCI_BUS_SEGN_BITS
-			sprintf(buffer, "PCI: %04x:%02x:%02x.%01x",
-				dev->bus->secondary >> 8,
-				dev->bus->secondary & 0xff,
-				PCI_SLOT(dev->path.pci.devfn),
-				PCI_FUNC(dev->path.pci.devfn));
-#else
-			sprintf(buffer, "PCI: %02x:%02x.%01x",
-				dev->bus->secondary,
-				PCI_SLOT(dev->path.pci.devfn),
-				PCI_FUNC(dev->path.pci.devfn));
-#endif
-			break;
-		case DEVICE_PATH_PNP:
-			sprintf(buffer, "PNP: %04x.%01x",
-				dev->path.pnp.port, dev->path.pnp.device);
-			break;
-		case DEVICE_PATH_I2C:
-			sprintf(buffer, "I2C: %02x:%02x",
-				dev->bus->secondary,
-				dev->path.i2c.device);
-			break;
-		case DEVICE_PATH_APIC:
-			sprintf(buffer, "APIC: %02x",
-				dev->path.apic.apic_id);
-			break;
-		case DEVICE_PATH_IOAPIC:
-			sprintf(buffer, "IOAPIC: %02x",
-				dev->path.ioapic.ioapic_id);
-			break;
-		case DEVICE_PATH_PCI_DOMAIN:
-			sprintf(buffer, "PCI_DOMAIN: %04x",
-				dev->path.pci_domain.domain);
-			break;
-		case DEVICE_PATH_APIC_CLUSTER:
-			sprintf(buffer, "APIC_CLUSTER: %01x",
-				dev->path.apic_cluster.cluster);
-			break;
-		case DEVICE_PATH_CPU:
-			sprintf(buffer, "CPU: %02x", dev->path.cpu.id);
-			break;
-		case DEVICE_PATH_CPU_BUS:
-			sprintf(buffer, "CPU_BUS: %02x", dev->path.cpu_bus.id);
-			break;
-		default:
-			printk(BIOS_ERR, "Unknown device path type: %d\n",
-			       dev->path.type);
-			break;
-		}
-	}
-	return buffer;
-}
-
-const char *dev_name(device_t dev)
-{
-	if (dev->name)
-		return dev->name;
-	else if (dev->chip_ops && dev->chip_ops->name)
-		return dev->chip_ops->name;
-	else
-		return "unknown";
-}
-
-const char *bus_path(struct bus *bus)
-{
-	static char buffer[BUS_PATH_MAX];
-	sprintf(buffer, "%s,%d", dev_path(bus->dev), bus->link_num);
-	return buffer;
-}
-
-int path_eq(struct device_path *path1, struct device_path *path2)
-{
-	int equal = 0;
-
-	if (path1->type != path2->type)
-		return 0;
-
-	switch (path1->type) {
-	case DEVICE_PATH_NONE:
-		break;
-	case DEVICE_PATH_ROOT:
-		equal = 1;
-		break;
-	case DEVICE_PATH_PCI:
-		equal = (path1->pci.devfn == path2->pci.devfn);
-		break;
-	case DEVICE_PATH_PNP:
-		equal = (path1->pnp.port == path2->pnp.port) &&
-			(path1->pnp.device == path2->pnp.device);
-		break;
-	case DEVICE_PATH_I2C:
-		equal = (path1->i2c.device == path2->i2c.device);
-		break;
-	case DEVICE_PATH_APIC:
-		equal = (path1->apic.apic_id == path2->apic.apic_id);
-		break;
-	case DEVICE_PATH_PCI_DOMAIN:
-		equal = (path1->pci_domain.domain == path2->pci_domain.domain);
-		break;
-	case DEVICE_PATH_APIC_CLUSTER:
-		equal = (path1->apic_cluster.cluster
-			 == path2->apic_cluster.cluster);
-		break;
-	case DEVICE_PATH_CPU:
-		equal = (path1->cpu.id == path2->cpu.id);
-		break;
-	case DEVICE_PATH_CPU_BUS:
-		equal = (path1->cpu_bus.id == path2->cpu_bus.id);
-		break;
-	default:
-		printk(BIOS_ERR, "Uknown device type: %d\n", path1->type);
-		break;
-	}
-
-	return equal;
-}
-
-/**
- * Allocate 64 more resources to the free list.
- *
- * @return TODO.
- */
-static int allocate_more_resources(void)
-{
-	int i;
-	struct resource *new_res_list;
-
-	new_res_list = malloc(64 * sizeof(*new_res_list));
-
-	if (new_res_list == NULL)
-		return 0;
-
-	memset(new_res_list, 0, 64 * sizeof(*new_res_list));
-
-	for (i = 0; i < 64 - 1; i++)
-		new_res_list[i].next = &new_res_list[i+1];
-
-	free_resources = new_res_list;
-	return 1;
-}
-
-/**
- * Remove resource res from the device's list and add it to the free list.
- *
- * @param dev TODO
- * @param res TODO
- * @param prev TODO
- * @return TODO.
- */
-static void free_resource(device_t dev, struct resource *res,
-			  struct resource *prev)
-{
-	if (prev)
-		prev->next = res->next;
-	else
-		dev->resource_list = res->next;
-
-	res->next = free_resources;
-	free_resources = res;
-}
-
-/**
- * See if we have unused but allocated resource structures.
- *
- * If so remove the allocation.
- *
- * @param dev The device to find the resource on.
- */
-void compact_resources(device_t dev)
-{
-	struct resource *res, *next, *prev = NULL;
-
-	/* Move all of the free resources to the end */
-	for (res = dev->resource_list; res; res = next) {
-		next = res->next;
-		if (!res->flags)
-			free_resource(dev, res, prev);
-		else
-			prev = res;
-	}
-}
-
-/**
- * See if a resource structure already exists for a given index.
- *
- * @param dev The device to find the resource on.
- * @param index The index of the resource on the device.
- * @return The resource, if it already exists.
- */
-struct resource *probe_resource(device_t dev, unsigned index)
-{
-	struct resource *res;
-
-	/* See if there is a resource with the appropriate index */
-	for (res = dev->resource_list; res; res = res->next) {
-		if (res->index == index)
-			break;
-	}
-
-	return res;
-}
-
-/**
- * See if a resource structure already exists for a given index and if not
- * allocate one.
- *
- * Then initialize the initialize the resource to default values.
- *
- * @param dev The device to find the resource on.
- * @param index The index of the resource on the device.
- * @return TODO.
- */
-struct resource *new_resource(device_t dev, unsigned index)
-{
-	struct resource *resource, *tail;
-
-	/* First move all of the free resources to the end. */
-	compact_resources(dev);
-
-	/* See if there is a resource with the appropriate index. */
-	resource = probe_resource(dev, index);
-	if (!resource) {
-		if (free_resources == NULL && !allocate_more_resources())
-			die("Couldn't allocate more resources.");
-
-		resource = free_resources;
-		free_resources = free_resources->next;
-		memset(resource, 0, sizeof(*resource));
-		resource->next = NULL;
-		tail = dev->resource_list;
-		if (tail) {
-			while (tail->next) tail = tail->next;
-			tail->next = resource;
-		} else {
-			dev->resource_list = resource;
-		}
-	}
-
-	/* Initialize the resource values. */
-	if (!(resource->flags & IORESOURCE_FIXED)) {
-		resource->flags = 0;
-		resource->base = 0;
-	}
-	resource->size  = 0;
-	resource->limit = 0;
-	resource->index = index;
-	resource->align = 0;
-	resource->gran  = 0;
-
-	return resource;
-}
-
-/**
- * Return an existing resource structure for a given index.
- *
- * @param dev The device to find the resource on.
- * @param index The index of the resource on the device.
- * return TODO.
- */
-struct resource *find_resource(device_t dev, unsigned index)
-{
-	struct resource *resource;
-
-	/* See if there is a resource with the appropriate index. */
-	resource = probe_resource(dev, index);
-	if (!resource) {
-		printk(BIOS_EMERG, "%s missing resource: %02x\n",
-		       dev_path(dev), index);
-		die("");
-	}
-	return resource;
-}
-
-/**
- * Round a number up to the next multiple of gran.
- *
- * @param val The starting value.
- * @param gran Granularity we are aligning the number to.
- * @return The aligned value.
- */
-static resource_t align_up(resource_t val, unsigned long gran)
-{
-	resource_t mask;
-	mask = (1ULL << gran) - 1ULL;
-	val += mask;
-	val &= ~mask;
-	return val;
-}
-
-/**
- * Round a number up to the previous multiple of gran.
- *
- * @param val The starting value.
- * @param gran Granularity we are aligning the number to.
- * @return The aligned value.
- */
-static resource_t align_down(resource_t val, unsigned long gran)
-{
-	resource_t mask;
-	mask = (1ULL << gran) - 1ULL;
-	val &= ~mask;
-	return val;
-}
-
-/**
- * Compute the maximum address that is part of a resource.
- *
- * @param resource The resource whose limit is desired.
- * @return The end.
- */
-resource_t resource_end(struct resource *resource)
-{
-	resource_t base, end;
-
-	/* Get the base address. */
-	base = resource->base;
-
-	/*
-	 * For a non bridge resource granularity and alignment are the same.
-	 * For a bridge resource align is the largest needed alignment below
-	 * the bridge. While the granularity is simply how many low bits of
-	 * the address cannot be set.
-	 */
-
-	/* Get the end (rounded up). */
-	end = base + align_up(resource->size, resource->gran) - 1;
-
-	return end;
-}
-
-/**
- * Compute the maximum legal value for resource->base.
- *
- * @param resource The resource whose maximum is desired.
- * @return The maximum.
- */
-resource_t resource_max(struct resource *resource)
-{
-	resource_t max;
-
-	max = align_down(resource->limit - resource->size + 1, resource->align);
-
-	return max;
-}
-
-/**
- * Return the resource type of a resource.
- *
- * @param resource The resource type to decode.
- * @return TODO.
- */
-const char *resource_type(struct resource *resource)
-{
-	static char buffer[RESOURCE_TYPE_MAX];
-	sprintf(buffer, "%s%s%s%s",
-		((resource->flags & IORESOURCE_READONLY) ? "ro" : ""),
-		((resource->flags & IORESOURCE_PREFETCH) ? "pref" : ""),
-		((resource->flags == 0) ? "unused" :
-		(resource->flags & IORESOURCE_IO) ? "io" :
-		(resource->flags & IORESOURCE_DRQ) ? "drq" :
-		(resource->flags & IORESOURCE_IRQ) ? "irq" :
-		(resource->flags & IORESOURCE_MEM) ? "mem" : "??????"),
-		((resource->flags & IORESOURCE_PCI64) ? "64" : ""));
-	return buffer;
-}
-
-/**
- * Print the resource that was just stored.
- *
- * @param dev The device the stored resorce lives on.
- * @param resource The resource that was just stored.
- * @param comment TODO
- */
-void report_resource_stored(device_t dev, struct resource *resource,
-			    const char *comment)
-{
-	char buf[10];
-	unsigned long long base, end;
-
-	if (!(resource->flags & IORESOURCE_STORED))
-		return;
-
-	base = resource->base;
-	end = resource_end(resource);
-	buf[0] = '\0';
-
-	if (resource->flags & IORESOURCE_PCI_BRIDGE) {
-#if CONFIG_PCI_BUS_SEGN_BITS
-		sprintf(buf, "bus %04x:%02x ", dev->bus->secondary >> 8,
-			dev->link_list->secondary & 0xff);
-#else
-		sprintf(buf, "bus %02x ", dev->link_list->secondary);
-#endif
-	}
-	printk(BIOS_DEBUG, "%s %02lx <- [0x%010llx - 0x%010llx] size 0x%08llx "
-	       "gran 0x%02x %s%s%s\n", dev_path(dev), resource->index,
-		base, end, resource->size, resource->gran, buf,
-		resource_type(resource), comment);
-}
-
-void search_bus_resources(struct bus *bus, unsigned long type_mask,
-			  unsigned long type, resource_search_t search,
-			  void *gp)
-{
-	struct device *curdev;
-
-	for (curdev = bus->children; curdev; curdev = curdev->sibling) {
-		struct resource *res;
-
-		/* Ignore disabled devices. */
-		if (!curdev->enabled)
-			continue;
-
-		for (res = curdev->resource_list; res; res = res->next) {
-			/* If it isn't the right kind of resource ignore it. */
-			if ((res->flags & type_mask) != type)
-				continue;
-
-			/* If it is a subtractive resource recurse. */
-			if (res->flags & IORESOURCE_SUBTRACTIVE) {
-				struct bus * subbus;
-				for (subbus = curdev->link_list; subbus;
-				     subbus = subbus->next)
-					if (subbus->link_num
-					== IOINDEX_SUBTRACTIVE_LINK(res->index))
-						break;
-				if (!subbus) /* Why can subbus be NULL?  */
-					break;
-				search_bus_resources(subbus, type_mask, type,
-						     search, gp);
-				continue;
-			}
-			search(gp, curdev, res);
-		}
-	}
-}
-
-void search_global_resources(unsigned long type_mask, unsigned long type,
-			     resource_search_t search, void *gp)
-{
-	struct device *curdev;
-
-	for (curdev = all_devices; curdev; curdev = curdev->next) {
-		struct resource *res;
-
-		/* Ignore disabled devices. */
-		if (!curdev->enabled)
-			continue;
-
-		for (res = curdev->resource_list; res; res = res->next) {
-			/* If it isn't the right kind of resource ignore it. */
-			if ((res->flags & type_mask) != type)
-				continue;
-
-			/* If it is a subtractive resource ignore it. */
-			if (res->flags & IORESOURCE_SUBTRACTIVE)
-				continue;
-
-			search(gp, curdev, res);
-		}
-	}
-}
-
-void dev_set_enabled(device_t dev, int enable)
-{
-	if (dev->enabled == enable)
-		return;
-
-	dev->enabled = enable;
-	if (dev->ops && dev->ops->enable) {
-		dev->ops->enable(dev);
-	} else if (dev->chip_ops && dev->chip_ops->enable_dev) {
-		dev->chip_ops->enable_dev(dev);
-	}
-}
-
-void disable_children(struct bus *bus)
-{
-	device_t child;
-
-	for (child = bus->children; child; child = child->sibling) {
-		struct bus *link;
-		for (link = child->link_list; link; link = link->next)
-			disable_children(link);
-		dev_set_enabled(child, 0);
-	}
-}
-
-static void resource_tree(struct device *root, int debug_level, int depth)
-{
-	int i = 0;
-	struct device *child;
-	struct bus *link;
-	struct resource *res;
-	char indent[30];	/* If your tree has more levels, it's wrong. */
-
-	for (i = 0; i < depth + 1 && i < 29; i++)
-		indent[i] = ' ';
-	indent[i] = '\0';
-
- 	do_printk(BIOS_DEBUG, "%s%s", indent, dev_path(root));
- 	if (root->link_list && root->link_list->children)
- 		do_printk(BIOS_DEBUG, " child on link 0 %s",
- 			  dev_path(root->link_list->children));
- 	do_printk(BIOS_DEBUG, "\n");
-
-	for (res = root->resource_list; res; res = res->next) {
-		do_printk(debug_level, "%s%s resource base %llx size %llx "
-			  "align %d gran %d limit %llx flags %lx index %lx\n",
-			  indent, dev_path(root), res->base, res->size,
-			  res->align, res->gran, res->limit, res->flags,
-			  res->index);
-	}
-
-	for (link = root->link_list; link; link = link->next) {
-		for (child = link->children; child; child = child->sibling)
-			resource_tree(child, debug_level, depth + 1);
-	}
-}
-
-void print_resource_tree(struct device *root, int debug_level, const char *msg)
-{
-	/* Bail if root is null. */
-	if (!root) {
-		do_printk(debug_level, "%s passed NULL for root!\n", __func__);
-		return;
-	}
-
-	/* Bail if not printing to screen. */
-	if (!do_printk(debug_level, "Show resources in subtree (%s)...%s\n",
-		       dev_path(root), msg))
-		return;
-
-	resource_tree(root, debug_level, 0);
-}
-
-void show_devs_tree(struct device *dev, int debug_level, int depth, int linknum)
-{
-	char depth_str[20] = "";
-	int i;
-	struct device *sibling;
-	struct bus *link;
-
-	for (i = 0; i < depth; i++)
-		depth_str[i] = ' ';
-	depth_str[i] = '\0';
-
-	do_printk(debug_level, "%s%s: enabled %d\n",
-		  depth_str, dev_path(dev), dev->enabled);
-
-	for (link = dev->link_list; link; link = link->next) {
-		for (sibling = link->children; sibling;
-		     sibling = sibling->sibling)
-			show_devs_tree(sibling, debug_level, depth + 1, i);
-	}
-}
-
-void show_all_devs_tree(int debug_level, const char *msg)
-{
-	/* Bail if not printing to screen. */
-	if (!do_printk(debug_level, "Show all devs in tree form...%s\n", msg))
-		return;
-	show_devs_tree(all_devices, debug_level, 0, -1);
-}
-
-void show_devs_subtree(struct device *root, int debug_level, const char *msg)
-{
-	/* Bail if not printing to screen. */
-	if (!do_printk(debug_level, "Show all devs in subtree %s...%s\n",
-		       dev_path(root), msg))
-		return;
-	do_printk(debug_level, "%s\n", msg);
-	show_devs_tree(root, debug_level, 0, -1);
-}
-
-void show_all_devs(int debug_level, const char *msg)
-{
-	struct device *dev;
-
-	/* Bail if not printing to screen. */
-	if (!do_printk(debug_level, "Show all devs...%s\n", msg))
-		return;
-	for (dev = all_devices; dev; dev = dev->next) {
-		do_printk(debug_level, "%s: enabled %d\n",
-			  dev_path(dev), dev->enabled);
-	}
-}
-
-void show_one_resource(int debug_level, struct device *dev,
-		       struct resource *resource, const char *comment)
-{
-	char buf[10];
-	unsigned long long base, end;
-	base = resource->base;
-	end = resource_end(resource);
-	buf[0] = '\0';
-
-/*
-	if (resource->flags & IORESOURCE_BRIDGE) {
-#if CONFIG_PCI_BUS_SEGN_BITS
-		sprintf(buf, "bus %04x:%02x ", dev->bus->secondary >> 8,
-			dev->link[0].secondary & 0xff);
-#else
-		sprintf(buf, "bus %02x ", dev->link[0].secondary);
-#endif
-	}
-*/
-
-	do_printk(debug_level, "%s %02lx <- [0x%010llx - 0x%010llx] "
-		  "size 0x%08llx gran 0x%02x %s%s%s\n", dev_path(dev),
-		  resource->index, base, end, resource->size, resource->gran,
-		  buf, resource_type(resource), comment);
-}
-
-void show_all_devs_resources(int debug_level, const char* msg)
-{
-	struct device *dev;
-
-	if (!do_printk(debug_level, "Show all devs with resources...%s\n", msg))
-		return;
-
-	for (dev = all_devices; dev; dev = dev->next) {
-		struct resource *res;
-		do_printk(debug_level, "%s: enabled %d\n",
-			  dev_path(dev), dev->enabled);
-		for (res = dev->resource_list; res; res = res->next)
-			show_one_resource(debug_level, dev, res, "");
-	}
-}
-
-void fixed_mem_resource(device_t dev, unsigned long index,
-		  unsigned long basek, unsigned long sizek, unsigned long type)
-{
-	struct resource *resource;
-
-	if (!sizek)
-		return;
-
-	resource = new_resource(dev, index);
-	resource->base = ((resource_t)basek) << 10;
-	resource->size = ((resource_t)sizek) << 10;
-	resource->flags = IORESOURCE_MEM | IORESOURCE_FIXED |
-		 IORESOURCE_STORED | IORESOURCE_ASSIGNED;
-
-	resource->flags |= type;
-}
-
-void tolm_test(void *gp, struct device *dev, struct resource *new)
-{
-	struct resource **best_p = gp;
-	struct resource *best;
-
-	best = *best_p;
-
-	if (!best || (best->base > new->base))
-		best = new;
-
-	*best_p = best;
-}
-
-u32 find_pci_tolm(struct bus *bus)
-{
-	struct resource *min = NULL;
-	u32 tolm;
-
-	search_bus_resources(bus, IORESOURCE_MEM, IORESOURCE_MEM,
-			     tolm_test, &min);
-
-	tolm = 0xffffffffUL;
-
-	if (min && tolm > min->base)
-		tolm = min->base;
-
-	return tolm;
-}
-
-/* Count of enabled CPUs */
-int dev_count_cpu(void)
-{
-	device_t cpu;
-	int count = 0;
-
-	for (cpu = all_devices; cpu; cpu = cpu->next) {
-		if ((cpu->path.type != DEVICE_PATH_APIC) ||
-		    (cpu->bus->dev->path.type != DEVICE_PATH_APIC_CLUSTER))
-			continue;
-		if (!cpu->enabled)
-			continue;
-		count++;
-	}
-
-	return count;
-}
diff --git a/src/devices/hypertransport.c b/src/devices/hypertransport.c
deleted file mode 100644
index a6320fe..0000000
--- a/src/devices/hypertransport.c
+++ /dev/null
@@ -1,692 +0,0 @@
-/*
- * This file is part of the coreboot project.
- *
- * Copyright (C) 2003-2004 Linux Networx
- * (Written by Eric Biederman <ebiederman at lnxi.com> for Linux Networx)
- * Copyright (C) 2004 David Hendricks <sc at flagen.com>
- * Copyright (C) 2004 Li-Ta Lo <ollie at lanl.gov>
- * Copyright (C) 2005-2006 Tyan
- * (Written by Yinghai Lu <yhlu at tyan.com> for Tyan)
- * Copyright (C) 2005-2006 Stefan Reinauer <stepan at openbios.org>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; version 2 of the License.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
- */
-
-#include <lib.h>
-#include <console/console.h>
-#include <device/device.h>
-#include <device/path.h>
-#include <device/pci.h>
-#include <device/pci_ids.h>
-#include <device/hypertransport.h>
-
-/*
- * The hypertransport link is already optimized in pre-RAM code so don't do
- * it again.
- */
-#define OPT_HT_LINK 0
-
-#if OPT_HT_LINK == 1
-#include <cpu/amd/model_fxx_rev.h>
-#endif
-
-static device_t ht_scan_get_devs(device_t *old_devices)
-{
-	device_t first, last;
-
-	first = *old_devices;
-	last = first;
-
-	/*
-	 * Extract the chain of devices to (first through last) for the next
-	 * hypertransport device.
-	 */
-	while (last && last->sibling &&
-	       (last->sibling->path.type == DEVICE_PATH_PCI) &&
-	       (last->sibling->path.pci.devfn > last->path.pci.devfn))
-	{
-		last = last->sibling;
-	}
-
-	if (first) {
-		device_t child;
-
-		/* Unlink the chain from the list of old devices. */
-		*old_devices = last->sibling;
-		last->sibling = 0;
-
-		/* Now add the device to the list of devices on the bus. */
-		/* Find the last child of our parent. */
-		for (child = first->bus->children; child && child->sibling; )
-			child = child->sibling;
-
-		/* Place the chain on the list of children of their parent. */
-		if (child)
-			child->sibling = first;
-		else
-			first->bus->children = first;
-	}
-	return first;
-}
-
-#if OPT_HT_LINK == 1
-static unsigned ht_read_freq_cap(device_t dev, unsigned pos)
-{
-	/* Handle bugs in valid hypertransport frequency reporting. */
-	unsigned freq_cap;
-
-	freq_cap = pci_read_config16(dev, pos);
-	freq_cap &= ~(1 << HT_FREQ_VENDOR); /* Ignore Vendor HT frequencies. */
-
-	/* AMD 8131 Errata 48. */
-	if ((dev->vendor == PCI_VENDOR_ID_AMD) &&
-	    (dev->device == PCI_DEVICE_ID_AMD_8131_PCIX)) {
-		freq_cap &= ~(1 << HT_FREQ_800Mhz);
-	}
-
-	/* AMD 8151 Errata 23. */
-	if ((dev->vendor == PCI_VENDOR_ID_AMD) &&
-	    (dev->device == PCI_DEVICE_ID_AMD_8151_SYSCTRL)) {
-		freq_cap &= ~(1 << HT_FREQ_800Mhz);
-	}
-
-	/* AMD K8 unsupported 1GHz? */
-	if ((dev->vendor == PCI_VENDOR_ID_AMD) && (dev->device == 0x1100)) {
-#if CONFIG_K8_HT_FREQ_1G_SUPPORT
-
-#if !CONFIG_K8_REV_F_SUPPORT
-		/* Only e0 later suupport 1GHz HT. */
-		if (is_cpu_pre_e0())
-			freq_cap &= ~(1 << HT_FREQ_1000Mhz);
-#endif
-
-#else
-		freq_cap &= ~(1 << HT_FREQ_1000Mhz);
-#endif
-	}
-
-	return freq_cap;
-}
-#endif
-
-struct ht_link {
-	struct device *dev;
-	unsigned pos;
-	unsigned char ctrl_off, config_off, freq_off, freq_cap_off;
-};
-
-static int ht_setup_link(struct ht_link *prev, device_t dev, unsigned pos)
-{
-#if OPT_HT_LINK == 1
-	static const u8 link_width_to_pow2[] = { 3, 4, 0, 5, 1, 2, 0, 0 };
-	static const u8 pow2_to_link_width[] = { 7, 4, 5, 0, 1, 3 };
-	unsigned present_width_cap, upstream_width_cap;
-	unsigned present_freq_cap, upstream_freq_cap;
-	unsigned ln_present_width_in, ln_upstream_width_in;
-	unsigned ln_present_width_out, ln_upstream_width_out;
-	unsigned freq, old_freq;
-	unsigned present_width, upstream_width, old_width;
-#endif
-	struct ht_link cur[1];
-	int reset_needed;
-	int linkb_to_host;
-
-	/* Set the hypertransport link width and frequency. */
-	reset_needed = 0;
-	/*
-	 * See which side of the device our previous write to set the unitid
-	 * came from.
-	 */
-	cur->dev = dev;
-	cur->pos = pos;
-	linkb_to_host =
-	  (pci_read_config16(cur->dev, cur->pos + PCI_CAP_FLAGS) >> 10) & 1;
-
-	if (!linkb_to_host) {
-		cur->ctrl_off     = PCI_HT_CAP_SLAVE_CTRL0;
-		cur->config_off   = PCI_HT_CAP_SLAVE_WIDTH0;
-		cur->freq_off     = PCI_HT_CAP_SLAVE_FREQ0;
-		cur->freq_cap_off = PCI_HT_CAP_SLAVE_FREQ_CAP0;
-	} else {
-		cur->ctrl_off     = PCI_HT_CAP_SLAVE_CTRL1;
-		cur->config_off   = PCI_HT_CAP_SLAVE_WIDTH1;
-		cur->freq_off     = PCI_HT_CAP_SLAVE_FREQ1;
-		cur->freq_cap_off = PCI_HT_CAP_SLAVE_FREQ_CAP1;
-	}
-
-#if OPT_HT_LINK == 1
-	/* Read the capabilities. */
-	present_freq_cap =
-		ht_read_freq_cap(cur->dev, cur->pos + cur->freq_cap_off);
-	upstream_freq_cap =
-		ht_read_freq_cap(prev->dev, prev->pos + prev->freq_cap_off);
-	present_width_cap =
-		pci_read_config8(cur->dev, cur->pos + cur->config_off);
-	upstream_width_cap =
-		pci_read_config8(prev->dev, prev->pos + prev->config_off);
-
-	/* Calculate the highest useable frequency. */
-	freq = log2(present_freq_cap & upstream_freq_cap);
-
-	/* Calculate the highest width. */
-	ln_upstream_width_in = link_width_to_pow2[upstream_width_cap & 7];
-	ln_present_width_out = link_width_to_pow2[(present_width_cap >> 4) & 7];
-	if (ln_upstream_width_in > ln_present_width_out)
-		ln_upstream_width_in = ln_present_width_out;
-	upstream_width = pow2_to_link_width[ln_upstream_width_in];
-	present_width  = pow2_to_link_width[ln_upstream_width_in] << 4;
-
-	ln_upstream_width_out =
-		link_width_to_pow2[(upstream_width_cap >> 4) & 7];
-	ln_present_width_in = link_width_to_pow2[present_width_cap & 7];
-	if (ln_upstream_width_out > ln_present_width_in)
-		ln_upstream_width_out = ln_present_width_in;
-	upstream_width |= pow2_to_link_width[ln_upstream_width_out] << 4;
-	present_width  |= pow2_to_link_width[ln_upstream_width_out];
-
-	/* Set the current device. */
-	old_freq = pci_read_config8(cur->dev, cur->pos + cur->freq_off);
-	old_freq &= 0x0f;
-	if (freq != old_freq) {
-		unsigned new_freq;
-		pci_write_config8(cur->dev, cur->pos + cur->freq_off, freq);
-		reset_needed = 1;
-		printk(BIOS_SPEW, "HyperT FreqP old %x new %x\n",old_freq,freq);
-		new_freq = pci_read_config8(cur->dev, cur->pos + cur->freq_off);
-		new_freq &= 0x0f;
-		if (new_freq != freq) {
-			printk(BIOS_ERR, "%s Hypertransport frequency would "
-			       "not set. Wanted: %x, got: %x\n",
-			       dev_path(dev), freq, new_freq);
-		}
-	}
-	old_width = pci_read_config8(cur->dev, cur->pos + cur->config_off + 1);
-	if (present_width != old_width) {
-		unsigned new_width;
-		pci_write_config8(cur->dev, cur->pos + cur->config_off + 1,
-				  present_width);
-		reset_needed = 1;
-		printk(BIOS_SPEW, "HyperT widthP old %x new %x\n",
-		       old_width, present_width);
-		new_width = pci_read_config8(cur->dev,
-					     cur->pos + cur->config_off + 1);
-		if (new_width != present_width) {
-			printk(BIOS_ERR, "%s Hypertransport width would not "
-			       "set. Wanted: %x, got: %x\n",
-			       dev_path(dev), present_width, new_width);
-		}
-	}
-
-	/* Set the upstream device. */
-	old_freq = pci_read_config8(prev->dev, prev->pos + prev->freq_off);
-	old_freq &= 0x0f;
-	if (freq != old_freq) {
-		unsigned new_freq;
-		pci_write_config8(prev->dev, prev->pos + prev->freq_off, freq);
-		reset_needed = 1;
-		printk(BIOS_SPEW, "HyperT freqU old %x new %x\n",
-		       old_freq, freq);
-		new_freq =
-		  pci_read_config8(prev->dev, prev->pos + prev->freq_off);
-		new_freq &= 0x0f;
-		if (new_freq != freq) {
-			printk(BIOS_ERR, "%s Hypertransport frequency would "
-			       "not set. Wanted: %x, got: %x\n",
-			       dev_path(prev->dev), freq, new_freq);
-		}
-	}
-	old_width =
-		pci_read_config8(prev->dev, prev->pos + prev->config_off + 1);
-	if (upstream_width != old_width) {
-		unsigned new_width;
-		pci_write_config8(prev->dev, prev->pos + prev->config_off + 1,
-				  upstream_width);
-		reset_needed = 1;
-		printk(BIOS_SPEW, "HyperT widthU old %x new %x\n", old_width,
-		       upstream_width);
-		new_width = pci_read_config8(prev->dev,
-					     prev->pos + prev->config_off + 1);
-		if (new_width != upstream_width) {
-			printk(BIOS_ERR, "%s Hypertransport width would not "
-			       "set. Wanted: %x, got: %x\n",
-			       dev_path(prev->dev), upstream_width, new_width);
-		}
-	}
-#endif
-
-	/*
-	 * Remember the current link as the previous link, but look at the
-	 * other offsets.
-	 */
-	prev->dev = cur->dev;
-	prev->pos = cur->pos;
-	if (cur->ctrl_off == PCI_HT_CAP_SLAVE_CTRL0) {
-		prev->ctrl_off     = PCI_HT_CAP_SLAVE_CTRL1;
-		prev->config_off   = PCI_HT_CAP_SLAVE_WIDTH1;
-		prev->freq_off     = PCI_HT_CAP_SLAVE_FREQ1;
-		prev->freq_cap_off = PCI_HT_CAP_SLAVE_FREQ_CAP1;
-	} else {
-		prev->ctrl_off     = PCI_HT_CAP_SLAVE_CTRL0;
-		prev->config_off   = PCI_HT_CAP_SLAVE_WIDTH0;
-		prev->freq_off     = PCI_HT_CAP_SLAVE_FREQ0;
-		prev->freq_cap_off = PCI_HT_CAP_SLAVE_FREQ_CAP0;
-	}
-
-	return reset_needed;
-}
-
-static unsigned ht_lookup_slave_capability(struct device *dev)
-{
-	unsigned pos;
-
-	pos = 0;
-	do {
-		pos = pci_find_next_capability(dev, PCI_CAP_ID_HT, pos);
-		if (pos) {
-			u16 flags;
-			flags = pci_read_config16(dev, pos + PCI_CAP_FLAGS);
-			printk(BIOS_SPEW, "flags: 0x%04x\n", flags);
-			if ((flags >> 13) == 0) {
-				/* Entry is a slave secondary, success... */
-				break;
-			}
-		}
-	} while (pos);
-
-	return pos;
-}
-
-static void ht_collapse_early_enumeration(struct bus *bus,
-					  unsigned offset_unitid)
-{
-	unsigned int devfn;
-	struct ht_link prev;
-	u16 ctrl;
-
-	/* Initialize the hypertransport enumeration state. */
-	prev.dev = bus->dev;
-	prev.pos = bus->cap;
-	prev.ctrl_off     = PCI_HT_CAP_HOST_CTRL;
-	prev.config_off   = PCI_HT_CAP_HOST_WIDTH;
-	prev.freq_off     = PCI_HT_CAP_HOST_FREQ;
-	prev.freq_cap_off = PCI_HT_CAP_HOST_FREQ_CAP;
-
-	/* Wait until the link initialization is complete. */
-	do {
-		ctrl = pci_read_config16(prev.dev, prev.pos + prev.ctrl_off);
-
-		/* Is this the end of the hypertransport chain? */
-		if (ctrl & (1 << 6))
-			return;
-
-		/* Has the link failed? */
-		if (ctrl & (1 << 4)) {
-			/*
-			 * Either the link has failed, or we have a CRC error.
-			 * Sometimes this can happen due to link retrain, so
-			 * lets knock it down and see if its transient.
-			 */
-			ctrl |= ((1 << 4) | (1 << 8)); /* Link fail + CRC */
-			pci_write_config16(prev.dev, prev.pos + prev.ctrl_off,
-					   ctrl);
-			ctrl = pci_read_config16(prev.dev,
-						 prev.pos + prev.ctrl_off);
-			if (ctrl & ((1 << 4) | (1 << 8))) {
-				printk(BIOS_ALERT, "Detected error on "
-				       "Hypertransport link\n");
-				return;
-			}
-		}
-	} while ((ctrl & (1 << 5)) == 0);
-
-	/* Actually, only for one HT device HT chain, and unitid is 0. */
-#if !CONFIG_HT_CHAIN_UNITID_BASE
-	if (offset_unitid)
-		return;
-#endif
-
-	/* Check if is already collapsed. */
-	if ((!offset_unitid) || (offset_unitid
-	    && (!((CONFIG_HT_CHAIN_END_UNITID_BASE == 0)
-	    && (CONFIG_HT_CHAIN_END_UNITID_BASE
-	    < CONFIG_HT_CHAIN_UNITID_BASE))))) {
-
-		struct device dummy;
-		u32 id;
-
-		dummy.bus = bus;
-		dummy.path.type = DEVICE_PATH_PCI;
-		dummy.path.pci.devfn = PCI_DEVFN(0, 0);
-
-		id = pci_read_config32(&dummy, PCI_VENDOR_ID);
-		if (!((id == 0xffffffff) || (id == 0x00000000)
-		    || (id == 0x0000ffff) || (id == 0xffff0000))) {
-			return;
-		}
-	}
-
-	/* Spin through the devices and collapse any early HT enumeration. */
-	for (devfn = PCI_DEVFN(1, 0); devfn <= 0xff; devfn += 8) {
-		struct device dummy;
-		u32 id;
-		unsigned pos, flags;
-
-		dummy.bus = bus;
-		dummy.path.type = DEVICE_PATH_PCI;
-		dummy.path.pci.devfn = devfn;
-
-		id = pci_read_config32(&dummy, PCI_VENDOR_ID);
-		if ((id == 0xffffffff) || (id == 0x00000000)
-		    || (id == 0x0000ffff) || (id == 0xffff0000)) {
-			continue;
-		}
-
-		dummy.vendor = id & 0xffff;
-		dummy.device = (id >> 16) & 0xffff;
-		dummy.hdr_type = pci_read_config8(&dummy, PCI_HEADER_TYPE);
-
-		pos = ht_lookup_slave_capability(&dummy);
-		if (!pos)
-			continue;
-
-		/* Clear the unitid. */
-		flags = pci_read_config16(&dummy, pos + PCI_CAP_FLAGS);
-		flags &= ~0x1f;
-		pci_write_config16(&dummy, pos + PCI_CAP_FLAGS, flags);
-		printk(BIOS_SPEW, "Collapsing %s [%04x/%04x]\n",
-		       dev_path(&dummy), dummy.vendor, dummy.device);
-	}
-}
-
-unsigned int hypertransport_scan_chain(struct bus *bus, unsigned min_devfn,
-				       unsigned max_devfn, unsigned int max,
-				       unsigned *ht_unitid_base,
-				       unsigned offset_unitid)
-{
-	/*
-	 * Even CONFIG_HT_CHAIN_UNITID_BASE == 0, we still can go through this
-	 * function, because of end_of_chain check. Also, we need it to
-	 * optimize link.
-	 */
-	unsigned int next_unitid, last_unitid, min_unitid, max_unitid;
-	device_t old_devices, dev, func, last_func = 0;
-	struct ht_link prev;
-	int ht_dev_num = 0;
-
-	min_unitid = (offset_unitid) ? CONFIG_HT_CHAIN_UNITID_BASE : 1;
-
-#if CONFIG_HT_CHAIN_END_UNITID_BASE != 0x20
-        /*
-	 * Let's record the device of last HT device, so we can set the unitid
-	 * to CONFIG_HT_CHAIN_END_UNITID_BASE.
-	 */
-	unsigned int real_last_unitid = 0, end_used = 0;
-	u8 real_last_pos = 0;
-	device_t real_last_dev = NULL;
-#endif
-
-	/* Restore the hypertransport chain to it's unitialized state. */
-	ht_collapse_early_enumeration(bus, offset_unitid);
-
-	/* See which static device nodes I have. */
-	old_devices = bus->children;
-	bus->children = 0;
-
-	/* Initialize the hypertransport enumeration state. */
-	prev.dev = bus->dev;
-	prev.pos = bus->cap;
-
-	prev.ctrl_off     = PCI_HT_CAP_HOST_CTRL;
-	prev.config_off   = PCI_HT_CAP_HOST_WIDTH;
-	prev.freq_off     = PCI_HT_CAP_HOST_FREQ;
-	prev.freq_cap_off = PCI_HT_CAP_HOST_FREQ_CAP;
-
-	/* If present, assign unitid to a hypertransport chain. */
-	last_unitid = min_unitid -1;
-	max_unitid = next_unitid = min_unitid;
-	do {
-		u8 pos;
-		u16 flags, ctrl;
-		unsigned int count, static_count;
-
-		last_unitid = next_unitid;
-
-		/* Wait until the link initialization is complete. */
-		do {
-			ctrl = pci_read_config16(prev.dev,
-						 prev.pos + prev.ctrl_off);
-
-			/* End of chain? */
-			if (ctrl & (1 << 6))
-				goto end_of_chain;
-
-			if (ctrl & ((1 << 4) | (1 << 8))) {
-				/*
-				 * Either the link has failed, or we have a CRC
-				 * error. Sometimes this can happen due to link
-				 * retrain, so lets knock it down and see if
-				 * it's transient.
-				 */
-				ctrl |= ((1 << 4) | (1 <<8)); // Link fail + CRC
-				pci_write_config16(prev.dev,
-					prev.pos + prev.ctrl_off, ctrl);
-				ctrl = pci_read_config16(prev.dev,
-						prev.pos + prev.ctrl_off);
-				if (ctrl & ((1 << 4) | (1 << 8))) {
-					printk(BIOS_ALERT, "Detected error on "
-					       "hypertransport link\n");
-					goto end_of_chain;
-				}
-			}
-		} while ((ctrl & (1 << 5)) == 0);
-
-
-		/* Get and setup the device_structure. */
-		dev = ht_scan_get_devs(&old_devices);
-
-		/* See if a device is present and setup the device structure. */
-		dev = pci_probe_dev(dev, bus, 0);
-		if (!dev || !dev->enabled)
-			break;
-
-		/* Find the hypertransport link capability. */
-		pos = ht_lookup_slave_capability(dev);
-		if (pos == 0) {
-			printk(BIOS_ERR, "%s Hypertransport link capability "
-			       "not found", dev_path(dev));
-			break;
-		}
-
-		/* Update the unitid of the current device. */
-		flags = pci_read_config16(dev, pos + PCI_CAP_FLAGS);
-
-		/*
-		 * If the devices has a unitid set and is at devfn 0 we are
-		 * done. This can happen with shadow hypertransport devices,
-		 * or if we have reached the bottom of a HT device chain.
-		 */
-		if (flags & 0x1f)
-			break;
-
-		flags &= ~0x1f; /* Mask out base Unit ID. */
-
-		count = (flags >> 5) & 0x1f; /* Het unit count. */
-
-#if CONFIG_HT_CHAIN_END_UNITID_BASE != 0x20
-		if (offset_unitid) {
-			/* max_devfn will be (0x17<<3)|7 or (0x1f<<3)|7. */
-			if (next_unitid > (max_devfn >> 3)) {
-				if (!end_used) {
-			                next_unitid =
-					  CONFIG_HT_CHAIN_END_UNITID_BASE;
-					end_used = 1;
-				} else {
-					goto end_of_chain;
-				}
-			}
-		}
-#endif
-
-		flags |= next_unitid & 0x1f;
-		pci_write_config16(dev, pos + PCI_CAP_FLAGS, flags);
-
-		/* Update the unitid in the device structure. */
-		static_count = 1;
-		for (func = dev; func; func = func->sibling) {
-			func->path.pci.devfn += (next_unitid << 3);
-			static_count = (func->path.pci.devfn >> 3)
-				        - (dev->path.pci.devfn >> 3) + 1;
-			last_func = func;
-		}
-
-		/* Compute the number of unitids consumed. */
-		printk(BIOS_SPEW, "%s count: %04x static_count: %04x\n",
-		       dev_path(dev), count, static_count);
-		if (count < static_count)
-			count = static_count;
-
-		/* Update the unitid of the next device. */
-		ht_unitid_base[ht_dev_num] = next_unitid;
-		ht_dev_num++;
-
-#if CONFIG_HT_CHAIN_END_UNITID_BASE != 0x20
-		if (offset_unitid) {
-			real_last_pos = pos;
-			real_last_unitid = next_unitid;
-			real_last_dev = dev;
-		}
-#endif
-		next_unitid += count;
-		if (next_unitid > max_unitid)
-			max_unitid = next_unitid;
-
-		/* Setup the hypetransport link. */
-		bus->reset_needed |= ht_setup_link(&prev, dev, pos);
-
-		printk(BIOS_DEBUG, "%s [%04x/%04x] %s next_unitid: %04x\n",
-		       dev_path(dev), dev->vendor, dev->device,
-		       (dev->enabled? "enabled" : "disabled"), next_unitid);
-
-	} while (last_unitid != next_unitid);
-
-end_of_chain:
-
-#if OPT_HT_LINK == 1
-	if (bus->reset_needed)
-		printk(BIOS_INFO, "HyperT reset needed\n");
-	else
-		printk(BIOS_DEBUG, "HyperT reset not needed\n");
-#endif
-
-#if CONFIG_HT_CHAIN_END_UNITID_BASE != 0x20
-	if (offset_unitid && (ht_dev_num > 1)
-	    && (real_last_unitid != CONFIG_HT_CHAIN_END_UNITID_BASE)
-	    && !end_used) {
-		u16 flags;
-		flags = pci_read_config16(real_last_dev,
-					  real_last_pos + PCI_CAP_FLAGS);
-		flags &= ~0x1f;
-		flags |= CONFIG_HT_CHAIN_END_UNITID_BASE & 0x1f;
-		pci_write_config16(real_last_dev,
-				   real_last_pos + PCI_CAP_FLAGS, flags);
-
-		for (func = real_last_dev; func; func = func->sibling) {
-			func->path.pci.devfn -= ((real_last_unitid
-				- CONFIG_HT_CHAIN_END_UNITID_BASE) << 3);
-			last_func = func;
-		}
-
-		/* Update last one. */
-		ht_unitid_base[ht_dev_num-1] = CONFIG_HT_CHAIN_END_UNITID_BASE;
-
-		printk(BIOS_DEBUG, " unitid: %04x --> %04x\n",
-		       real_last_unitid, CONFIG_HT_CHAIN_END_UNITID_BASE);
-	}
-#endif
-	next_unitid = max_unitid;
-
-	if (next_unitid > 0x20)
-		next_unitid = 0x20;
-
-	if ((bus->secondary == 0) && (next_unitid > 0x18))
-		next_unitid = 0x18; /* Avoid K8 on bus 0. */
-
-	/*
-	 * Die if any leftover static devices are are found. There's probably
-	 * a problem in devicetree.cb.
-	 */
-	if (old_devices) {
-		device_t left;
-		for (left = old_devices; left; left = left->sibling)
-			printk(BIOS_DEBUG, "%s\n", dev_path(left));
-
-		printk(BIOS_ERR, "HT: Leftover static devices. "
-		       "Check your devicetree.cb\n");
-
-		/*
-		 * Put back the leftover static device, and let pci_scan_bus()
-		 * disable it.
-		 */
-		if (last_func && !last_func->sibling)
-			last_func->sibling = old_devices;
-	}
-
-	/* Now that nothing is overlapping it is safe to scan the children. */
-	max = pci_scan_bus(bus, 0x00, ((next_unitid - 1) << 3) | 7, max);
-	return max;
-}
-
-/**
- * Scan a PCI bridge and the buses behind the bridge.
- *
- * Determine the existence of buses behind the bridge. Set up the bridge
- * according to the result of the scan.
- *
- * This function is the default scan_bus() method for PCI bridge devices.
- *
- * @param bus TODO
- * @param min_devfn TODO
- * @param max_devfn TODO
- * @param max The highest bus number assgined up to now.
- * @return The maximum bus number found, after scanning all subordinate busses.
- */
-static unsigned int hypertransport_scan_chain_x(struct bus *bus,
-	unsigned int min_devfn, unsigned int max_devfn, unsigned int max)
-{
-	unsigned int ht_unitid_base[4];
-	unsigned int offset_unitid = 1;
-	return hypertransport_scan_chain(bus, min_devfn, max_devfn, max,
-					 ht_unitid_base, offset_unitid);
-}
-
-unsigned int ht_scan_bridge(struct device *dev, unsigned int max)
-{
-	return do_pci_scan_bridge(dev, max, hypertransport_scan_chain_x);
-}
-
-/** Default device operations for hypertransport bridges */
-static struct pci_operations ht_bus_ops_pci = {
-	.set_subsystem = 0,
-};
-
-struct device_operations default_ht_ops_bus = {
-	.read_resources   = pci_bus_read_resources,
-	.set_resources    = pci_dev_set_resources,
-	.enable_resources = pci_bus_enable_resources,
-	.init             = 0,
-	.scan_bus         = ht_scan_bridge,
-	.enable           = 0,
-	.reset_bus        = pci_bus_reset,
-	.ops_pci          = &ht_bus_ops_pci,
-};
diff --git a/src/devices/oprom/Makefile.inc b/src/devices/oprom/Makefile.inc
deleted file mode 100644
index aa4a74d..0000000
--- a/src/devices/oprom/Makefile.inc
+++ /dev/null
@@ -1,23 +0,0 @@
-##
-## This file is part of the coreboot project.
-##
-## Copyright (C) 2007-2010 coresystems GmbH
-##
-## This program is free software; you can redistribute it and/or modify
-## it under the terms of the GNU General Public License as published by
-## the Free Software Foundation; version 2 of the License.
-##
-## This program is distributed in the hope that it will be useful,
-## but WITHOUT ANY WARRANTY; without even the implied warranty of
-## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-## GNU General Public License for more details.
-##
-## You should have received a copy of the GNU General Public License
-## along with this program; if not, write to the Free Software
-## Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
-##
-
-subdirs-$(CONFIG_PCI_OPTION_ROM_RUN_YABEL) += x86emu
-subdirs-$(CONFIG_PCI_OPTION_ROM_RUN_YABEL) += yabel
-subdirs-$(CONFIG_PCI_OPTION_ROM_RUN_REALMODE) += realmode
-
diff --git a/src/devices/oprom/include/vbe.h b/src/devices/oprom/include/vbe.h
deleted file mode 100644
index ab26d59..0000000
--- a/src/devices/oprom/include/vbe.h
+++ /dev/null
@@ -1,117 +0,0 @@
-/******************************************************************************
- * Copyright (c) 2004, 2008 IBM Corporation
- * Copyright (c) 2009 Pattrick Hueper <phueper at hueper.net>
- * All rights reserved.
- * This program and the accompanying materials
- * are made available under the terms of the BSD License
- * which accompanies this distribution, and is available at
- * http://www.opensource.org/licenses/bsd-license.php
- *
- * Contributors:
- *     IBM Corporation - initial implementation
- *****************************************************************************/
-
-// these structs are for input from and output to OF
-typedef struct {
-	u8 display_type;	// 0=NONE, 1= analog, 2=digital
-	u16 screen_width;
-	u16 screen_height;
-	u16 screen_linebytes;	// bytes per line in framebuffer, may be more than screen_width
-	u8 color_depth;	// color depth in bpp
-	u32 framebuffer_address;
-	u8 edid_block_zero[128];
-} __attribute__ ((__packed__)) screen_info_t;
-
-typedef struct {
-	u8 signature[4];
-	u16 size_reserved;
-	u8 monitor_number;
-	u16 max_screen_width;
-	u8 color_depth;
-} __attribute__ ((__packed__)) screen_info_input_t;
-
-// these structs only store a subset of the VBE defined fields
-// only those needed.
-typedef struct {
-	char signature[4];
-	u16 version;
-	u8 *oem_string_ptr;
-	u32 capabilities;
-	u16 video_mode_list[256];	// lets hope we never have more than 256 video modes...
-	u16 total_memory;
-} vbe_info_t;
-
-typedef struct {
-	u16 mode_attributes; // 00
-	u8 win_a_attributes; // 02
-	u8 win_b_attributes; // 03
-	u16 win_granularity; // 04
-	u16 win_size;        // 06
-	u16 win_a_segment;   // 08
-	u16 win_b_segment;   // 0a
-	u32 win_func_ptr;    // 0c
-	u16 bytes_per_scanline; // 10
-	u16 x_resolution;    // 12
-	u16 y_resolution;    // 14
-	u8 x_charsize;       // 16
-	u8 y_charsize;       // 17
-	u8 number_of_planes; // 18
-	u8 bits_per_pixel;   // 19
-	u8 number_of_banks;  // 20
-	u8 memory_model;     // 21
-	u8 bank_size;        // 22
-	u8 number_of_image_pages; // 23
-	u8 reserved_page;
-	u8 red_mask_size;
-	u8 red_mask_pos;
-	u8 green_mask_size;
-	u8 green_mask_pos;
-	u8 blue_mask_size;
-	u8 blue_mask_pos;
-	u8 reserved_mask_size;
-	u8 reserved_mask_pos;
-	u8 direct_color_mode_info;
-	u32 phys_base_ptr;
-	u32 offscreen_mem_offset;
-	u16 offscreen_mem_size;
-	u8 reserved[206];
-} __attribute__ ((__packed__)) vesa_mode_info_t;
-
-typedef struct {
-	u16 video_mode;
-	union {
-		vesa_mode_info_t vesa;
-		u8 mode_info_block[256];
-	};
-	// our crap
-