FreeCalypso > hg > freecalypso-reveng
diff bootrom.disasm @ 6:8c2621b2ed37
boot ROM re: further understanding of the external flash image booting
author | Michael Spacefalcon <msokolov@ivan.Harhan.ORG> |
---|---|
date | Tue, 16 Apr 2013 06:59:35 +0000 |
parents | 9db4dcf94128 |
children | a06573cacb6e |
line wrap: on
line diff
--- a/bootrom.disasm Tue Apr 16 06:23:14 2013 +0000 +++ b/bootrom.disasm Tue Apr 16 06:59:35 2013 +0000 @@ -9,7 +9,7 @@ 1c: ea200004 b 0x800034 20: e24dd004 sub sp, sp, #4 ; 0x4 - 24: e59f20b8 ldr r2, [pc, #184] ; 0xe4 + 24: e59f20b8 ldr r2, =0xFFFFFB10 ; via 0xe4 28: e1d2c0b0 ldrh r12, [r2] 2c: e20c10ff and r1, r12, #255 ; 0xff 30: e20ccb3f and r12, r12, #64512 ; 0xfc00 @@ -29,7 +29,7 @@ 68: e1a0c82c mov r12, r12, lsr #16 6c: e1c2c0b0 strh r12, [r2] 70: e3a0cfc3 mov r12, #780 ; 0x30c - 74: e59f006c ldr r0, [pc, #108] ; 0xe8 + 74: e59f006c ldr r0, =0x80F5 ; via 0xe8 78: e10200bc strh r0, [r2, -r12] 7c: e3a0c000 mov r12, #0 ; 0x0 80: e1cdc0b0 strh r12, [sp] @@ -58,8 +58,9 @@ dc: e28dd004 add sp, sp, #4 ; 0x4 e0: e12fff1e bx lr - e4: fffffb10 swinv 0x00fffb10 - e8: 000080f5 streqd r8, [r0], -r5 +; literal pool + e4: fffffb10 + e8: 000080f5 ec: e92d4010 stmdb sp!, {r4, lr} f0: e59fcd0c ldr r12, [pc, #3340] ; 0xe04 @@ -1240,12 +1241,13 @@ 122c: e3a00000 mov r0, #0 ; 0x0 1230: ebffff96 bl 0x1090 ; A valid image is present. +; set bit 6 in FFFF:FD02 again 1234: e1d6c0b0 ldrh r12, [r6] 1238: e38cc040 orr r12, r12, #64 ; 0x40 123c: e1c6c0b0 strh r12, [r6] - 1240: e59f10b0 ldr r1, [pc, #176] ; 0x12f8 + 1240: e59f10b0 ldr r1, =0x800524 ; via 0x12f8 1244: e2415004 sub r5, r1, #4 ; 0x4 - 1248: e59f40b0 ldr r4, [pc, #176] ; 0x1300 + 1248: e59f40b0 ldr r4, =0x373C ; via 0x1300 124c: e1a00005 mov r0, r5 1250: ebffff57 bl 0xfb4 1254: e3500000 cmp r0, #0 ; 0x0 @@ -1254,11 +1256,13 @@ 1260: 1afffff9 bne 0x124c 1264: e3500001 cmp r0, #1 ; 0x1 1268: 0a00000c beq 0x12a0 +; clear bit 6 in FFFF:FD02 126c: e1d6c0b0 ldrh r12, [r6] 1270: e20c00bf and r0, r12, #191 ; 0xbf 1274: e20cccff and r12, r12, #65280 ; 0xff00 1278: e180c00c orr r12, r0, r12 127c: e1c6c0b0 strh r12, [r6] +; transfer control to the flash image? 1280: e3a0ca02 mov r12, #8192 ; 0x2000 1284: e59c0000 ldr r0, [r12] 1288: e1b010a0 movs r1, r0, lsr #1 @@ -1267,7 +1271,8 @@ 1294: eb0000bc bl 0x158c 1298: eafffffe b 0x1298 129c: eafffffe b 0x129c - 12a0: e59fc050 ldr r12, [pc, #80] ; 0x12f8 +; interactive mode entry? + 12a0: e59fc050 ldr r12, =0x800524 ; via 0x12f8 12a4: e5dc0000 ldrb r0, [r12] 12a8: e3a01001 mov r1, #1 ; 0x1 12ac: e3a02002 mov r2, #2 ; 0x2 @@ -1522,7 +1527,7 @@ 1598: 0a000001 beq 0x15a4 159c: e3a00001 mov r0, #1 ; 0x1 15a0: e8bd8010 ldmia sp!, {r4, pc} - 15a4: e59f0054 ldr r0, [pc, #84] ; 0x1600 + 15a4: e59f0054 ldr r0, =0xFFFFFB10 ; via 0x1600 15a8: e1d0c0b0 ldrh r12, [r0] 15ac: e20c20ff and r2, r12, #255 ; 0xff 15b0: e20ccb3f and r12, r12, #64512 ; 0xfc00 @@ -1540,7 +1545,7 @@ 15e0: 18bd8010 ldmneia sp!, {r4, pc} 15e4: e3a00020 mov r0, #32 ; 0x20 15e8: e3a010cc mov r1, #204 ; 0xcc - 15ec: e59f2010 ldr r2, [pc, #16] ; 0x1604 + 15ec: e59f2010 ldr r2, =0x800038 ; via 0x1604 15f0: eb000019 bl 0x165c 15f4: e1a00004 mov r0, r4 15f8: eb1ffa8e bl 0x800038