FreeCalypso > hg > freecalypso-reveng
view pirelli/preboot.disasm @ 67:88cf9811f97c
started disassembly of Pirelli's boot code
| author | Michael Spacefalcon <msokolov@ivan.Harhan.ORG> |
|---|---|
| date | Sun, 09 Feb 2014 09:36:42 +0000 |
| parents | |
| children | 6a136554378e |
line wrap: on
line source
0: ea00004b b 0x134 4: ea00bffe b 0x30004 8: ea00bffe b 0x30008 c: ea00bffe b 0x3000c 10: ea00bffe b 0x30010 14: ea00bffe b 0x30014 18: ea00bffe b 0x30018 1c: ea00bffe b 0x3001c <20-FF: all FFs> 100: fffffb00 104: 02a102a1 108: 028302a1 10c: 00c000aa 110: 002a0040 114: fffffd00 118: ffff9800 11c: fffffb10 120: ffffff08 124: fffff804 128: 20061081 12c: 00000800 130: 00a000f5 ; RESET vector branches here 134: e51f1024 ldr r1, [pc, #-36] ; 0x118 =0xffff9800 138: e15f21b6 ldrh r2, [pc, #-22] ; 0x12a =0x2006 13c: e1c120b0 strh r2, [r1] 140: e5912000 ldr r2, [r1] 144: e2022001 and r2, r2, #1 ; 0x1 148: e3520001 cmp r2, #1 ; 0x1 14c: 0afffffb beq 0x140 150: e51f1044 ldr r1, [pc, #-68] ; 0x114 =0xfffffd00 154: e15f23b4 ldrh r2, [pc, #-52] ; 0x128 =0x1081 158: e1c120b0 strh r2, [r1] 15c: e51f1048 ldr r1, [pc, #-72] ; 0x11c =0xfffffb10 160: e15f23bc ldrh r2, [pc, #-60] ; 0x12c =0x0800 164: e1d100b0 ldrh r0, [r1] 168: e1800002 orr r0, r0, r2 16c: e1c100b0 strh r0, [r1] ; DU disable 170: e51f1058 ldr r1, [pc, #-88] ; 0x120 =0xffffff08 174: e15f24be ldrh r2, [pc, #-78] ; 0x12e =0x0000 178: e1c120b0 strh r2, [r1] ; MPU disable 17c: e51f1084 ldr r1, [pc, #-132] ; 0x100 =0xfffffb00 180: e51f1064 ldr r1, [pc, #-100] ; 0x124 =0xfffff804 184: e15f25bc ldrh r2, [pc, #-92] ; 0x130 =0x00f5 188: e1c120b0 strh r2, [r1] ; WDOG disable cycle 1 18c: e51f1070 ldr r1, [pc, #-112] ; 0x124 =0xfffff804 190: e15f26b6 ldrh r2, [pc, #-102] ; 0x132 =0x00a0 194: e1c120b0 strh r2, [r1] ; WDOG disable cycle 2 198: e15f29bc ldrh r2, [pc, #-156] ; 0x104 19c: e1c120b0 strh r2, [r1] 1a0: e15f2ab2 ldrh r2, [pc, #-162] ; 0x106 1a4: e1c120b2 strh r2, [r1, #2] 1a8: e15f2ab8 ldrh r2, [pc, #-168] ; 0x108 1ac: e1c120b4 strh r2, [r1, #4] 1b0: e15f2abe ldrh r2, [pc, #-174] ; 0x10a 1b4: e1c120b6 strh r2, [r1, #6] 1b8: e15f2bb4 ldrh r2, [pc, #-180] ; 0x10c 1bc: e1c120ba strh r2, [r1, #10] 1c0: e15f2bba ldrh r2, [pc, #-186] ; 0x10e 1c4: e1c120bc strh r2, [r1, #12] 1c8: e15f2cb0 ldrh r2, [pc, #-192] ; 0x110 1cc: e1c120b8 strh r2, [r1, #8] 1d0: e15f2cb6 ldrh r2, [pc, #-198] ; 0x112 1d4: e1c120be strh r2, [r1, #14] 1d8: e59f0020 ldr r0, [pc, #32] ; 0x200 =0x81047c 1dc: e3a01b01 mov r1, #1024 ; 0x400 1e0: e2411004 sub r1, r1, #4 ; 0x4 1e4: e0802001 add r2, r0, r1 1e8: e3c22003 bic r2, r2, #3 ; 0x3 1ec: e1a0d002 mov sp, r2 1f0: e92d100f stmdb sp!, {r0, r1, r2, r3, ip} 1f4: eb00003b bl 0x2e8 1f8: e8bd100f ldmia sp!, {r0, r1, r2, r3, ip} 1fc: ea000796 b 0x205c 200: 0081047c ; copy(src, len, dest) 204: 2900 cmp r1, #0 206: d006 beq 0x216 208: 6803 ldr r3, [r0, #0] 20a: 6013 str r3, [r2, #0] 20c: 3204 add r2, #4 20e: 3004 add r0, #4 210: 3904 sub r1, #4 212: 2900 cmp r1, #0 214: d1f8 bne 0x208 216: 4770 bx lr ; checksumming function: XOR of all 16-bit words in region 218: 2200 mov r2, #0 21a: 2900 cmp r1, #0 21c: d007 beq 0x22e 21e: 8803 ldrh r3, [r0, #0] 220: 4053 eor r3, r2 222: 041a lsl r2, r3, #16 224: 0c12 lsr r2, r2, #16 226: 3002 add r0, #2 228: 3902 sub r1, #2 22a: 2900 cmp r1, #0 22c: d1f7 bne 0x21e 22e: 1c10 mov r0, r2 (add r0, r2, #0) 230: 4770 bx lr ; 0x232 routine is bzero() with 4-byte alignment required 232: 2900 cmp r1, #0 234: d005 beq 0x242 236: 2200 mov r2, #0 238: 6002 str r2, [r0, #0] 23a: 3004 add r0, #4 23c: 3904 sub r1, #4 23e: 2900 cmp r1, #0 240: d1fa bne 0x238 242: 4770 bx lr ; 0xAA88 bytes are copied from 0x2508 to 0x810484 244: b5f0 push {r4, r5, r6, r7, lr} 246: 4e10 ldr r6, [pc, #64] (0x288) =0x800010 248: 2000 mov r0, #0 24a: 8030 strh r0, [r6, #0] 24c: 4f0f ldr r7, [pc, #60] (0x28c) =0x800012 24e: 8038 strh r0, [r7, #0] 250: 480f ldr r0, [pc, #60] (0x290) =0x810480 252: 4910 ldr r1, [pc, #64] (0x294) =0x81AF0C 254: 1a09 sub r1, r1, r0 256: 3904 sub r1, #4 258: 468c mov ip, r1 25a: 2104 mov r1, #4 25c: 180c add r4, r1, r0 25e: 1c20 mov r0, r4 (add r0, r4, #0) 260: 4661 mov r1, ip 262: ffe6f7ff bl 0x232 ; bzero() 266: 4d0c ldr r5, [pc, #48] (0x298) =0x2508 268: 1c28 mov r0, r5 (add r0, r5, #0) 26a: 4661 mov r1, ip 26c: ffd4f7ff bl 0x218 270: 8030 strh r0, [r6, #0] 272: 1c28 mov r0, r5 (add r0, r5, #0) 274: 4661 mov r1, ip 276: 1c22 mov r2, r4 (add r2, r4, #0) 278: ffc4f7ff bl 0x204 27c: 1c20 mov r0, r4 (add r0, r4, #0) 27e: 4661 mov r1, ip 280: ffcaf7ff bl 0x218 284: 8038 strh r0, [r7, #0] 286: bdf0 pop {r4, r5, r6, r7, pc} 288: 00800010 28c: 00800012 290: 00810480 294: 0081af0c 298: 00002508 29c: b500 push {lr} 29e: f82bf000 bl 0x2f8 2a2: f802f000 bl 0x2aa 2a6: bd00 pop {pc} 2a8: 4770 bx lr 2aa: b500 push {lr} 2ac: 2003 mov r0, #3 2ae: 0400 lsl r0, r0, #16 2b0: f820f000 bl 0x2f4 2b4: bd00 pop {pc} 2b6: 0000 2b8: e92d4000 stmdb sp!, {lr} 2bc: e28fe001 add lr, pc, #1 ; 0x1 2c0: e12fff1e bx lr 2c4: ffeaf7ff bl 0x29c 2c8: 4778 bx pc 2ca: 46c0 nop (mov r8, r8) 2cc: e8bd8000 ldmia sp!, {pc} 2d0: e92d4000 stmdb sp!, {lr} 2d4: e28fe001 add lr, pc, #1 ; 0x1 2d8: e12fff1e bx lr 2dc: ffb2f7ff bl 0x244 2e0: 4778 bx pc 2e2: 46c0 nop (mov r8, r8) 2e4: e8bd8000 ldmia sp!, {pc} 2e8: e59fc000 ldr ip, [pc, #0] ; 0x2f0 2ec: e12fff1c bx ip 2f0: 000002a9 2f4: 4700 bx r0 2f6: 0000 2f8: b082 sub sp, #8 2fa: 9400 str r4, [sp, #0] 2fc: 4c01 ldr r4, [pc, #4] (0x304) 2fe: 9401 str r4, [sp, #4] 300: bd10 pop {r4, pc} 302: 0000 304: 00818f2c <308-1FFF: all FFs> 2000: 00000001 ; magic word for the Calypso boot ROM 2004: ea0000be b 0x2304 2008: ea0000c0 b 0x2310 200c: ea0000c2 b 0x231c 2010: ea0000c4 b 0x2328 2014: ea0000c6 b 0x2334 2018: ea0000b0 b 0x22e0 201c: ea0000b6 b 0x22fc 2020: 02a102a4 2024: 02a402a1 2028: 02c0009c 202c: 002a0040 2030: fffffb00 2034: fffef006 2038: 00000008 203c: fffffd00 2040: ffff9800 2044: fffffb10 2048: ffffff08 204c: 20021081 2050: f7ff0800 2054: 00000000 2058: 0001fa00 ; COME FROM 0x1fc 205c: e51f1024 ldr r1, [pc, #-36] ; 0x2040 =0xffff9800 2060: e15f21ba ldrh r2, [pc, #-26] ; 0x204e =0x2002 2064: e1c120b0 strh r2, [r1] 2068: e5912000 ldr r2, [r1] 206c: e2022001 and r2, r2, #1 ; 0x1 2070: e3520001 cmp r2, #1 ; 0x1 2074: 0afffffb beq 0x2068 2078: e51f1044 ldr r1, [pc, #-68] ; 0x203c =0xfffffd00 207c: e15f23b8 ldrh r2, [pc, #-56] ; 0x204c =0x1081 2080: e1c120b0 strh r2, [r1] 2084: e51f1048 ldr r1, [pc, #-72] ; 0x2044 =0xfffffb10 2088: e15f23be ldrh r2, [pc, #-62] ; 0x2052 =0xf7ff 208c: e1d100b0 ldrh r0, [r1] 2090: e0000002 and r0, r0, r2 2094: e1c100b0 strh r0, [r1] ; enable DU 2098: e51f1058 ldr r1, [pc, #-88] ; 0x2048 =0xffffff08 209c: e15f25b0 ldrh r2, [pc, #-80] ; 0x2054 =0x0000 20a0: e1c120b0 strh r2, [r1] 20a4: e51f107c ldr r1, [pc, #-124] ; 0x2030 =0xfffffb00 20a8: e15f29b0 ldrh r2, [pc, #-144] ; 0x2020 =0x02a4 20ac: e1c120b0 strh r2, [r1] 20b0: e15f29b6 ldrh r2, [pc, #-150] ; 0x2022 =0x02a1 20b4: e1c120b2 strh r2, [r1, #2] 20b8: e15f29bc ldrh r2, [pc, #-156] ; 0x2024 =0x02a1 20bc: e1c120b4 strh r2, [r1, #4] 20c0: e15f2ab2 ldrh r2, [pc, #-162] ; 0x2026 =0x02a4 20c4: e1c120b6 strh r2, [r1, #6] 20c8: e15f2ab8 ldrh r2, [pc, #-168] ; 0x2028 =0x009c 20cc: e1c120ba strh r2, [r1, #10] 20d0: e15f2abe ldrh r2, [pc, #-174] ; 0x202a =0x02c0 20d4: e1c120bc strh r2, [r1, #12] 20d8: e15f2bb4 ldrh r2, [pc, #-180] ; 0x202c =0x0040 20dc: e1c120b8 strh r2, [r1, #8] 20e0: e15f2bba ldrh r2, [pc, #-186] ; 0x202e =0x002a 20e4: e1c120be strh r2, [r1, #14] 20e8: e51f10bc ldr r1, [pc, #-188] ; 0x2034 =0xfffef006 20ec: e1d120b0 ldrh r2, [r1] 20f0: e51f00c0 ldr r0, [pc, #-192] ; 0x2038 =0x00000008 20f4: e1800002 orr r0, r0, r2 20f8: e1c100b0 strh r0, [r1] ; enable A22 20fc: e10f0000 mrs r0, CPSR 2100: e3c0001f bic r0, r0, #31 ; 0x1f 2104: e3800013 orr r0, r0, #19 ; 0x13 2108: e38000c0 orr r0, r0, #192 ; 0xc0 210c: e129f000 msr CPSR_fc, r0 ; SVC, all ints disabled 2110: e59f02e0 ldr r0, [pc, #736] ; 0x23f8 =0x800004 2114: e3a02000 mov r2, #0 ; 0x0 2118: e59f12dc ldr r1, [pc, #732] ; 0x23fc =0x81047c 211c: e1500001 cmp r0, r1 2120: 0a000000 beq 0x2128 2124: e4802004 str r2, [r0], #4 2128: e1500001 cmp r0, r1 212c: 1afffffc bne 0x2124 2130: e59f02c8 ldr r0, [pc, #712] ; 0x2400 =0x800000 2134: e3a02000 mov r2, #0 ; 0x0 2138: e59f12c4 ldr r1, [pc, #708] ; 0x2404 =0x81047c 213c: e1500001 cmp r0, r1 2140: 0a000000 beq 0x2148 2144: e4802004 str r2, [r0], #4 2148: e1500001 cmp r0, r1 214c: 1afffffc bne 0x2144 2150: e3a00001 mov r0, #1 ; 0x1 2154: e59f12b0 ldr r1, [pc, #688] ; 0x240c =0x800004 2158: e5810000 str r0, [r1] 215c: e59f02a4 ldr r0, [pc, #676] ; 0x2408 =0x81aff8 2160: e3a01e46 mov r1, #1120 ; 0x460 2164: e2411004 sub r1, r1, #4 ; 0x4 2168: e0802001 add r2, r0, r1 216c: e1a0a000 mov sl, r0 2170: e59f3298 ldr r3, [pc, #664] ; 0x2410 =0x800008 2174: e583a000 str sl, [r3] 2178: e1a0d002 mov sp, r2 217c: e59f3290 ldr r3, [pc, #656] ; 0x2414 =0x80000c 2180: e583d000 str sp, [r3] 2184: e3a01080 mov r1, #128 ; 0x80 2188: e0822001 add r2, r2, r1 218c: e10f0000 mrs r0, CPSR 2190: e3c0001f bic r0, r0, #31 ; 0x1f 2194: e3800012 orr r0, r0, #18 ; 0x12 2198: e129f000 msr CPSR_fc, r0 ; IRQ 219c: e1a0d002 mov sp, r2 21a0: e3a01c02 mov r1, #512 ; 0x200 21a4: e0822001 add r2, r2, r1 21a8: e10f0000 mrs r0, CPSR 21ac: e3c0001f bic r0, r0, #31 ; 0x1f 21b0: e3800011 orr r0, r0, #17 ; 0x11 21b4: e129f000 msr CPSR_fc, r0 ; FIQ 21b8: e1a0d002 mov sp, r2 21bc: e10f0000 mrs r0, CPSR 21c0: e3c0001f bic r0, r0, #31 ; 0x1f 21c4: e3800017 orr r0, r0, #23 ; 0x17 21c8: e129f000 msr CPSR_fc, r0 ; Abort 21cc: e59fd244 ldr sp, [pc, #580] ; 0x2418 =0x81AF60 21d0: e10f0000 mrs r0, CPSR 21d4: e3c0001f bic r0, r0, #31 ; 0x1f 21d8: e380001b orr r0, r0, #27 ; 0x1b 21dc: e129f000 msr CPSR_fc, r0 ; Undef 21e0: e59fd230 ldr sp, [pc, #560] ; 0x2418 =0x81AF60 21e4: e10f0000 mrs r0, CPSR 21e8: e3c0001f bic r0, r0, #31 ; 0x1f 21ec: e3800013 orr r0, r0, #19 ; 0x13 21f0: e129f000 msr CPSR_fc, r0 ; SVC 21f4: e1a04002 mov r4, r2 21f8: ebfff834 bl 0x2d0 ; 0x244 via veneer 21fc: e1a02004 mov r2, r4 2200: e59f1208 ldr r1, [pc, #520] ; 0x2410 =0x800008 2204: e5910000 ldr r0, [r1] 2208: e3a030fe mov r3, #254 ; 0xfe 220c: e5c03000 strb r3, [r0] 2210: e5c03001 strb r3, [r0, #1] 2214: e5c03002 strb r3, [r0, #2] 2218: e5c03003 strb r3, [r0, #3] 221c: e4903004 ldr r3, [r0], #4 2220: e4803004 str r3, [r0], #4 2224: e1500002 cmp r0, r2 2228: bafffffc blt 0x2220 222c: e51f01dc ldr r0, [pc, #-476] ; 0x2058 =0x1FA00 2230: e3700001 cmn r0, #1 ; 0x1 2234: 1b000079 blne 0x2420 2238: e1a00002 mov r0, r2 223c: ebfff81d bl 0x2b8 <2240-23F7: not yet analyzed> 23f8: 00800004 23fc: 0081047c 2400: 00800000 2404: 0081047c 2408: 0081aff8 240c: 00800004 2410: 00800008 2414: 0080000c 2418: 0081af60 241c: 0081af60 ; TI's initialized data function 2420: ea00000c b 0x2458 2424: e4901004 ldr r1, [r0], #4 2428: e3530003 cmp r3, #3 ; 0x3 242c: 84904004 ldrhi r4, [r0], #4 2430: 84814004 strhi r4, [r1], #4 2434: 82433004 subhi r3, r3, #4 ; 0x4 2438: 94d04001 ldrlsb r4, [r0], #1 243c: 94c14001 strlsb r4, [r1], #1 2440: 92433001 subls r3, r3, #1 ; 0x1 2444: e3530000 cmp r3, #0 ; 0x0 2448: 1afffff6 bne 0x2428 244c: e2103003 ands r3, r0, #3 ; 0x3 2450: 12633004 rsbne r3, r3, #4 ; 0x4 2454: 10800003 addne r0, r0, r3 2458: e4903004 ldr r3, [r0], #4 245c: e3530000 cmp r3, #0 ; 0x0 2460: 1affffef bne 0x2424 2464: e1a0f00e mov pc, lr <2468-24FF: all FFs> 2500: 00000000 2504: ffffffff 2508: 0xAA88 bytes copied to IRAM CF8F: last copied byte <CF90-1F9FF: all FFs> ; initialized data table 1fa00: 00000001 1fa04: 00810020 1fa08: c046c000 1fa0c: 00000001 1fa10: 00810021 1fa14: c046c000 1fa18: 00000004 1fa1c: 00810024 1fa20: 00000000 1fa24: 0000000c 1fa28: 0081006c 1fa2c: 0081a4d0 1fa30: 0081a768 1fa34: 0081aa00 1fa38: 00000002 1fa3c: 00810014 1fa40: 46c00000 1fa44: 00000002 1fa48: 00810016 1fa4c: 46c00000 1fa50: 00000001 1fa54: 00810018 1fa58: c046c000 1fa5c: 00000001 1fa60: 00810019 1fa64: 000000bc 1fa68: 00000001 1fa6c: 00800000 1fa70: a0000000 1fa74: 00000001 1fa78: 0081047c 1fa7c: 00000000 1fa80: 00000004 1fa84: 00810078 1fa88: 00000000 1fa8c: 00000004 1fa90: 0081001c 1fa94: 00000000 1fa98: 00000000 <1FA9C-2FFBF: all FFs> 0002FFC0: 42 43 5F 44 39 31 30 2E 30 2E 31 36 00 00 00 00 BC_D910.0.16.... 0002FFD0: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ................ *