mirror of
https://github.com/fail0verflow/mini.git
synced 2024-11-24 20:26:55 +01:00
MiniIOS updates, add elfloader
This commit is contained in:
parent
f757fa5f98
commit
fc52bee126
20
Makefile
20
Makefile
@ -2,21 +2,23 @@ CC = arm-eabi-gcc
|
||||
AS = arm-eabi-as
|
||||
LD = arm-eabi-gcc
|
||||
OBJCOPY = arm-eabi-objcopy
|
||||
CFLAGS = -mbig-endian -fomit-frame-pointer -Os -fpic -Wall -I.
|
||||
CFLAGS = -mbig-endian -fomit-frame-pointer -Os -Wall -I.
|
||||
ASFLAGS = -mbig-endian
|
||||
LDFLAGS = -nostartfiles -mbig-endian -Wl,-T,stub.ld
|
||||
LDFLAGS = -nostartfiles -mbig-endian -Wl,-T,miniios.ld -n
|
||||
|
||||
TARGET = iosboot.bin
|
||||
ELF = iosboot.elf
|
||||
ELFLOADER = ../elfloader/elfloader.bin
|
||||
MAKEBIN = python ../makebin.py
|
||||
|
||||
TARGET = miniios.bin
|
||||
ELF = miniios.elf
|
||||
OBJECTS = start.o main.o vsprintf.o string.o gecko.o memory.o memory_asm.o \
|
||||
utils_asm.o utils.o ff.o diskio.o sdhc.o powerpc_elf.o powerpc.o panic.o
|
||||
|
||||
$(TARGET) : $(ELF) $(ELFLOADER)
|
||||
@echo "MAKEBIN $@"
|
||||
@$(MAKEBIN) $(ELFLOADER) $< $@
|
||||
|
||||
$(TARGET) : $(ELF)
|
||||
@echo "OBJCPY $@"
|
||||
@$(OBJCOPY) -O binary $< $@
|
||||
|
||||
$(ELF) : stub.ld $(OBJECTS)
|
||||
$(ELF) : miniios.ld $(OBJECTS)
|
||||
@echo "LD $@"
|
||||
@$(LD) $(LDFLAGS) $(OBJECTS) -o $@
|
||||
|
||||
|
2
gecko.c
2
gecko.c
@ -183,7 +183,7 @@ int gecko_getchar(void)
|
||||
|
||||
int gecko_puts(const char *s)
|
||||
{
|
||||
udelay(10000);
|
||||
//udelay(10000);
|
||||
return gecko_sendbuffer(s, strlen(s));
|
||||
}
|
||||
|
||||
|
289
main.c
289
main.c
@ -18,42 +18,92 @@ typedef struct {
|
||||
u32 argument;
|
||||
} ioshdr;
|
||||
|
||||
int dogecko = 1;
|
||||
u32 match[] = {
|
||||
0xF7FFFFB8,
|
||||
0xBC024708,
|
||||
1,
|
||||
2,
|
||||
};
|
||||
|
||||
void boot2_loadelf(u8 *elf) {
|
||||
if(dogecko)
|
||||
gecko_puts("Loading boot2 ELF...\n");
|
||||
static inline void mem1_poke(u8 *dst, u8 bv)
|
||||
{
|
||||
u32 *p = (u32*)(((u32)dst) & ~3);
|
||||
u32 val = *p;
|
||||
|
||||
switch(((u32)dst) & 3) {
|
||||
case 0:
|
||||
val = (val & 0x00FFFFFF) | bv << 24;
|
||||
break;
|
||||
case 1:
|
||||
val = (val & 0xFF00FFFF) | bv << 16;
|
||||
break;
|
||||
case 2:
|
||||
val = (val & 0xFFFF00FF) | bv << 8;
|
||||
break;
|
||||
case 3:
|
||||
val = (val & 0xFFFFFF00) | bv;
|
||||
break;
|
||||
}
|
||||
|
||||
*p = val;
|
||||
}
|
||||
|
||||
void *memcpy_mem1(void *dst, const void *src, size_t n)
|
||||
{
|
||||
unsigned char *p;
|
||||
const unsigned char *q;
|
||||
|
||||
for (p = dst, q = src; n; n--) {
|
||||
mem1_poke(p++, *q++);
|
||||
}
|
||||
|
||||
return dst;
|
||||
}
|
||||
|
||||
static void patch_mem(u8 *offset, u32 size, u64 titleID)
|
||||
{
|
||||
while(size>sizeof(match)) {
|
||||
if(!memcmp(offset, match, sizeof(match))) {
|
||||
gecko_printf("--> Patching @ %p\n", offset+8);
|
||||
gecko_printf("--> To TitleID %08x%08x\n", (u32)(titleID>>32), (u32)titleID);
|
||||
memcpy_mem1(offset+8, &titleID, sizeof(u64));
|
||||
return;
|
||||
}
|
||||
offset++;
|
||||
size -= 1;
|
||||
}
|
||||
}
|
||||
|
||||
void boot2_patchelf(u8 *elf, u64 titleID) {
|
||||
gecko_puts("Patching boot2 ELF...\n");
|
||||
|
||||
if(memcmp("\x7F" "ELF\x01\x02\x01\x61\x01",elf,9)) {
|
||||
if(dogecko)
|
||||
gecko_printf("Invalid ELF header! 0x%02x 0x%02x 0x%02x 0x%02x\n",elf[0], elf[1], elf[2], elf[3]);
|
||||
panic(0xE3);
|
||||
return;
|
||||
}
|
||||
|
||||
Elf32_Ehdr *ehdr = (Elf32_Ehdr*)elf;
|
||||
if(ehdr->e_phoff == 0) {
|
||||
if(dogecko)
|
||||
gecko_printf("ELF has no program headers!\n");
|
||||
panic(0xE4);
|
||||
return;
|
||||
}
|
||||
int count = ehdr->e_phnum;
|
||||
Elf32_Phdr *phdr = (Elf32_Phdr*)(elf + ehdr->e_phoff);
|
||||
if(dogecko)
|
||||
gecko_printf("PHDRS at %p\n",phdr);
|
||||
while(count--)
|
||||
{
|
||||
if(phdr->p_type != PT_LOAD) {
|
||||
if(dogecko)
|
||||
gecko_printf("Skipping PHDR of type %d\n",phdr->p_type);
|
||||
} else {
|
||||
void *src = elf + phdr->p_offset;
|
||||
if(dogecko)
|
||||
gecko_printf("LOAD %p -> %p [0x%x]\n",src, phdr->p_paddr, phdr->p_filesz);
|
||||
memcpy(phdr->p_paddr, src, phdr->p_filesz);
|
||||
gecko_printf("PATCH %p -> %p/%p [0x%x]\n",src, phdr->p_paddr, phdr->p_vaddr, phdr->p_filesz);
|
||||
if(phdr->p_vaddr == (void*)0x20100000) {
|
||||
gecko_printf("-> Found ES code PHDR\n");
|
||||
patch_mem(src, phdr->p_filesz, titleID);
|
||||
}
|
||||
}
|
||||
phdr++;
|
||||
}
|
||||
if(dogecko)
|
||||
gecko_puts("Done!\n");
|
||||
}
|
||||
|
||||
@ -61,144 +111,14 @@ void boot2_loadelf(u8 *elf) {
|
||||
|
||||
FATFS fatfs;
|
||||
|
||||
void turn_stuff_on(void)
|
||||
{
|
||||
clear32(HW_GPIO1OUT, 0x10);
|
||||
udelay(100);
|
||||
set32(HW_RESETS, 0x7FFFFCF);
|
||||
}
|
||||
|
||||
void reset_audio(u8 flag)
|
||||
{
|
||||
|
||||
// GPIO2IN is probably mislabeled
|
||||
if(flag)
|
||||
clear32(HW_DIFLAGS, 0x180);
|
||||
else
|
||||
mask32(HW_DIFLAGS, 0x80, 0x100);
|
||||
|
||||
clear32(HW_GPIO2IN, 0x80000000);
|
||||
udelay(2);
|
||||
clear32(HW_GPIO2IN, 0x40000000);
|
||||
|
||||
if(flag) {
|
||||
clear32(HW_GPIO2IN, 0x10000000);
|
||||
mask32(HW_GPIO2DIR, 0x7FFFFFF, 0x4B0FFCE);
|
||||
} else {
|
||||
mask32(HW_GPIO2DIR, 0x7FFFFFF, 0x4640FC0);
|
||||
}
|
||||
udelay(10);
|
||||
set32(HW_GPIO2IN, 0x40000000);
|
||||
udelay(500);
|
||||
set32(HW_GPIO2IN, 0x80000000);
|
||||
udelay(2);
|
||||
}
|
||||
|
||||
void boot2_init1() { //func_ffff5d08
|
||||
u32 reg = 0xd8001c8;
|
||||
|
||||
if((s32) read32(reg) < 0)
|
||||
return;
|
||||
clear32(reg, 0x80000000);
|
||||
udelay( 2);
|
||||
clear32(reg, 0x40000000);
|
||||
udelay(10);
|
||||
set32(reg, 0x40000000);
|
||||
udelay(50);
|
||||
set32(reg, 0x80000000);
|
||||
udelay( 2);
|
||||
}
|
||||
|
||||
void boot2_init2(u32 hlywdVerHi) { //func_ffff5c40
|
||||
u32 reg = 0xD800088;
|
||||
write32(reg, 0xFE);
|
||||
udelay(2);
|
||||
clear32(0xD80001D8, 0x80000000);
|
||||
udelay(2);
|
||||
clear32(0xD80001D8, 0x40000000);
|
||||
udelay(10);
|
||||
set32(0xD80001D8, 0x40000000);
|
||||
udelay(50);
|
||||
set32(0xD80001DB, 0x80000000);
|
||||
udelay(2);
|
||||
write32(reg, 0xF6);
|
||||
udelay(50);
|
||||
write32(reg, 0xF4);
|
||||
udelay(1);
|
||||
write32(reg, 0xF0);
|
||||
udelay(1);
|
||||
write32(reg, 0x70);
|
||||
udelay(1);
|
||||
write32(reg, 0x60);
|
||||
udelay(1);
|
||||
write32(reg, 0x40);
|
||||
udelay(1);
|
||||
write32(reg, 0);
|
||||
udelay(1);
|
||||
write32(0xD0400B4, 0x2214);
|
||||
if (hlywdVerHi)
|
||||
write32(0xD0400B0, 0x20600);
|
||||
else
|
||||
write32(0xD0400B0, 0x20400);
|
||||
write32(0xD0400A4, 0x26);
|
||||
udelay(1);
|
||||
write32(0xD0400A4, 0x2026);
|
||||
udelay(1);
|
||||
write32(0xD0400A4, 0x4026);
|
||||
udelay(20);
|
||||
write32(0xD0400CC, 0x111);
|
||||
}
|
||||
|
||||
void setup_gpios()
|
||||
{
|
||||
//do this later
|
||||
}
|
||||
void (*boot2_setup_audio)(u32) = (void*)0xFFFF5E29;
|
||||
void regs_setup(void)
|
||||
{
|
||||
u8 hwood_ver, hwood_hi, hwood_lo;
|
||||
hwood_ver = read32(0xd800214) & 0xFF;
|
||||
hwood_hi = hwood_ver >> 4; //R0
|
||||
hwood_lo = hwood_ver & 0xF; //R1
|
||||
|
||||
write32(0xFFFF897C, read32(0xFFFF86D0));
|
||||
set32(HW_EXICTRL, EXICTRL_ENABLE_EXI);
|
||||
mem_protect(1, (void*)0x13420000, (void*)0x1fffffff);
|
||||
clear32(HW_EXICTRL, 0x10);
|
||||
if(hwood_hi == 0)
|
||||
write32(0xd8b0010, 0);
|
||||
write32(0xd8b0010, 0);
|
||||
if(hwood_hi == 1 && hwood_lo == 0)
|
||||
mask32(0xd800140, 0x0000FFF0, 1);
|
||||
set32(0xd80018C, 0x400);
|
||||
set32(0xd80018C, 0x800);
|
||||
|
||||
//double check this to see if we can fix buzzing
|
||||
//reset_audio(0);
|
||||
boot2_setup_audio(0);
|
||||
boot2_init1();
|
||||
boot2_init2(hwood_hi);
|
||||
setup_gpios();
|
||||
|
||||
turn_stuff_on();
|
||||
// what do these two pokes do? no clue. Not needed but I'm leaving them in anyway.
|
||||
write32(0xd8001e0, 0x65244A); //?
|
||||
write32(0xd8001e4, 0x46A024); //?
|
||||
|
||||
clear32(HW_GPIO1OWNER, 0x10);
|
||||
set32(HW_GPIO1DIR, 0x10);
|
||||
//write32(HW_ALARM,0);
|
||||
//write32(HW_ALARM,0);
|
||||
}
|
||||
|
||||
void load_boot2(void *base)
|
||||
void *patch_boot2(void *base, u64 titleID)
|
||||
{
|
||||
|
||||
ioshdr *hdr = (ioshdr*)base;
|
||||
ioshdr *parhdr = (ioshdr*)hdr->argument;
|
||||
u8 *elf;
|
||||
|
||||
gecko_puts("Loading BOOT2 for leet hax\n");
|
||||
gecko_puts("Patching BOOT2 for leet hax\n");
|
||||
gecko_printf("Parent BOOT2 header (@%p):\n",parhdr);
|
||||
gecko_printf(" Header size: %08x\n", parhdr->hdrsize);
|
||||
gecko_printf(" Loader size: %08x\n", parhdr->loadersize);
|
||||
@ -209,69 +129,23 @@ void load_boot2(void *base)
|
||||
elf += parhdr->hdrsize + parhdr->loadersize;
|
||||
gecko_printf("ELF at %p\n",elf);
|
||||
|
||||
boot2_loadelf(elf);
|
||||
boot2_patchelf(elf, titleID);
|
||||
|
||||
parhdr->argument = 0x42;
|
||||
|
||||
gecko_printf("Vector: %p\n", (void*)(((u32)parhdr) + parhdr->hdrsize));
|
||||
|
||||
return (void*)(((u32)parhdr) + parhdr->hdrsize);
|
||||
}
|
||||
|
||||
void (*boot2_setup_memory)(void) = (void*)0xFFFF1EAD;
|
||||
void *_main(void *base)
|
||||
{
|
||||
FRESULT fres;
|
||||
int res;
|
||||
|
||||
gecko_init();
|
||||
printf("In bootmii arm\n");
|
||||
mem_setswap(1);
|
||||
|
||||
write32(HW_IRQENABLE, 0);
|
||||
|
||||
regs_setup();
|
||||
//debug_output(0x50);
|
||||
//debug_output(0x51);
|
||||
debug_output(0xF8);
|
||||
|
||||
//gecko_init();
|
||||
|
||||
debug_output(0xF9);
|
||||
|
||||
gecko_puts("MiniIOS v0.1 loading\n");
|
||||
|
||||
load_boot2(base);
|
||||
|
||||
write32(0xFFFF1F60,0);
|
||||
|
||||
gecko_puts("Setting up hardware\n");
|
||||
|
||||
//boot2_setup_memory();
|
||||
//regs_setup();
|
||||
gecko_puts("Done hardware setup\n");
|
||||
|
||||
write32(0xFFFF1F60,0xF002FB74);
|
||||
|
||||
gecko_printf("GPIO1OUT %08x\n",read32(HW_GPIO1OUT));
|
||||
gecko_printf("GPIO1DIR %08x\n",read32(HW_GPIO1DIR));
|
||||
gecko_printf("GPIO1IN %08x\n",read32(HW_GPIO1IN));
|
||||
gecko_printf("GPIO1OWN %08x\n",read32(HW_GPIO1OWNER));
|
||||
|
||||
/*
|
||||
// Starlet side of GPIO1
|
||||
// Output state
|
||||
#define HW_GPIO1OUT (HW_REG_BASE + 0x0e0)
|
||||
// Direction (1=output)
|
||||
#define HW_GPIO1DIR (HW_REG_BASE + 0x0e4)
|
||||
// Input state
|
||||
#define HW_GPIO1IN (HW_REG_BASE + 0x0e8)
|
||||
// Interrupt level
|
||||
#define HW_GPIO1INTLVL (HW_REG_BASE + 0x0ec)
|
||||
// Interrupt flags (write 1 to clear)
|
||||
#define HW_GPIO1INTFLAG (HW_REG_BASE + 0x0f0)
|
||||
// Interrupt propagation enable (interrupts go to main interrupt 0x800)
|
||||
#define HW_GPIO1INTENABLE (HW_REG_BASE + 0x0f4)
|
||||
//??? seems to be a mirror of inputs at some point... power-up state?
|
||||
#define HW_GPIO1INMIR (HW_REG_BASE + 0x0f8)
|
||||
// Owner of each GPIO bit. If 1, GPIO1B registers assume control. If 0, GPIO1 registers assume control.
|
||||
#define HW_GPIO1OWNER (HW_REG_BASE + 0x0fc)
|
||||
*/
|
||||
|
||||
fres = f_mount(0, &fatfs);
|
||||
|
||||
if(fres != FR_OK) {
|
||||
@ -292,30 +166,19 @@ void *_main(void *base)
|
||||
gecko_puts("Continuing anyway\n");
|
||||
}
|
||||
|
||||
u32 tidh=0, tidl;
|
||||
|
||||
while(1) {
|
||||
u32 tidh, tidl;
|
||||
if(read32(HW_IPC_ARMCTRL) & IPC_CTRL_RECV) {
|
||||
gecko_puts("STARLET ping1\n");
|
||||
tidh = read32(HW_IPC_PPCMSG);
|
||||
gecko_printf("TIDH = %08x\n",tidh);
|
||||
//load_boot2(base);
|
||||
write32(0x135c0d20, tidh);
|
||||
gecko_puts("TIDH written\n");
|
||||
write32(HW_IPC_ARMCTRL, read32(HW_IPC_ARMCTRL) | IPC_CTRL_RECV);
|
||||
gecko_puts("STARLET ping1 end\n");
|
||||
}
|
||||
if(read32(HW_IPC_ARMCTRL) & IPC_CTRL_SENT) {
|
||||
gecko_puts("STARLET ping2\n");
|
||||
tidl = read32(HW_IPC_PPCMSG);
|
||||
gecko_printf("TIDL = %08x\n",tidl);
|
||||
//load_boot2(base);
|
||||
write32(0x135c0d24, tidl);
|
||||
gecko_puts("TIDL written\n");
|
||||
write32(HW_IPC_ARMCTRL, read32(HW_IPC_ARMCTRL) | IPC_CTRL_SENT);
|
||||
gecko_puts("STARLET ping2 end\n");
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
return (void *) 0xFFFF0000;
|
||||
return patch_boot2(base, (((u64)tidh)<<32) | tidl);
|
||||
}
|
||||
|
@ -3,26 +3,15 @@ OUTPUT_ARCH(arm)
|
||||
EXTERN(_start)
|
||||
ENTRY(_start)
|
||||
|
||||
__base_addr = 0;
|
||||
__base_addr = 0xffff0000;
|
||||
|
||||
__data_addr = 0x11000000;
|
||||
|
||||
__stack_area = 0xfffe0000;
|
||||
|
||||
SECTIONS
|
||||
{
|
||||
. = __base_addr;
|
||||
.header :
|
||||
{
|
||||
__header = .;
|
||||
/* Entry point (offset) */
|
||||
LONG(__code_start);
|
||||
/* Loader size */
|
||||
LONG(__loader_size);
|
||||
/* ELF size */
|
||||
LONG(0);
|
||||
/* Boot argument? */
|
||||
LONG(0);
|
||||
. = ALIGN(64);
|
||||
}
|
||||
|
||||
__code_start = .;
|
||||
|
||||
.init :
|
||||
{
|
||||
@ -30,15 +19,6 @@ SECTIONS
|
||||
. = ALIGN(4);
|
||||
}
|
||||
|
||||
.got :
|
||||
{
|
||||
__got_start = .;
|
||||
*(.got.*)
|
||||
*(.got)
|
||||
. = ALIGN(4);
|
||||
__got_end = . ;
|
||||
}
|
||||
|
||||
.text :
|
||||
{
|
||||
*(.text.*)
|
||||
@ -51,6 +31,8 @@ SECTIONS
|
||||
|
||||
__text_end = . ;
|
||||
|
||||
. = __data_addr;
|
||||
|
||||
.rodata :
|
||||
{
|
||||
*(.rodata)
|
||||
@ -81,7 +63,7 @@ SECTIONS
|
||||
__bss_end = . ;
|
||||
}
|
||||
|
||||
. = ALIGN(64);
|
||||
. = __stack_area;
|
||||
.stack :
|
||||
{
|
||||
__stack_end = .;
|
||||
@ -94,11 +76,8 @@ SECTIONS
|
||||
__end = .;
|
||||
|
||||
}
|
||||
__loader_size = __end - __code_start;
|
||||
|
||||
PROVIDE (__stack_end = __stack_end);
|
||||
PROVIDE (__stack_addr = __stack_addr);
|
||||
PROVIDE (__got_start = __got_start);
|
||||
PROVIDE (__got_end = __got_end);
|
||||
PROVIDE (__bss_start = __bss_start);
|
||||
PROVIDE (__bss_end = __bss_end);
|
129
start.S
129
start.S
@ -10,19 +10,26 @@
|
||||
.globl debug_output
|
||||
.globl panic
|
||||
.globl delay
|
||||
.globl read32, write32
|
||||
.globl read16, write16
|
||||
.globl read8, write8
|
||||
.globl getcpuid
|
||||
|
||||
.section .init
|
||||
|
||||
_vectors:
|
||||
_start:
|
||||
@ Get real address of _start
|
||||
sub r4, pc, #8
|
||||
@ Subtract offset to get the address that we were loaded at
|
||||
ldr r0, =_start
|
||||
sub r4, r4, r0
|
||||
ldr pc, =v_reset
|
||||
ldr pc, =v_undf
|
||||
ldr pc, =v_swi
|
||||
ldr pc, =v_instr_abrt
|
||||
ldr pc, =v_data_abrt
|
||||
ldr pc, =v_reserved
|
||||
ldr pc, =v_irq
|
||||
ldr pc, =v_fiq
|
||||
|
||||
.pool
|
||||
|
||||
v_reset:
|
||||
@ Get loader base from ELF loader
|
||||
mov r4, r0
|
||||
|
||||
@ Output 0x42 to the debug port
|
||||
mov r0, #0x42
|
||||
bl debug_output
|
||||
@ -31,32 +38,6 @@ _start:
|
||||
ldr sp, =__stack_addr
|
||||
add sp, r4
|
||||
|
||||
@ perform boot2v3 memory controller poke
|
||||
bl memctrl_do_sub_sub_poke
|
||||
|
||||
@ Output 0x43 to the debug port
|
||||
mov r0, #0x43
|
||||
bl debug_output
|
||||
|
||||
@ relocate the GOT entries
|
||||
ldr r1, =__got_start
|
||||
add r1, r4
|
||||
ldr r2, =__got_end
|
||||
add r2, r4
|
||||
got_loop:
|
||||
@ check for the end
|
||||
cmp r1, r2
|
||||
beq done_got
|
||||
@ read the GOT entry
|
||||
ldr r3, [r1]
|
||||
@ add our base address
|
||||
add r3, r4
|
||||
str r3, [r1]
|
||||
@ move on
|
||||
add r1, r1, #4
|
||||
b got_loop
|
||||
|
||||
done_got:
|
||||
@ clear BSS
|
||||
ldr r1, =__bss_start
|
||||
add r1, r4
|
||||
@ -73,7 +54,7 @@ bss_loop:
|
||||
b bss_loop
|
||||
|
||||
done_bss:
|
||||
mov r0, #0x44
|
||||
mov r0, #0x84
|
||||
bl debug_output
|
||||
@ take the plunge
|
||||
mov r0, r4
|
||||
@ -81,34 +62,29 @@ done_bss:
|
||||
@ _main returned! Go to whatever address it returned...
|
||||
mov pc, r0
|
||||
|
||||
memctrl_do_sub_sub_poke:
|
||||
stmdb sp!, {lr}
|
||||
ldr r0, =0x163 @ reg_address
|
||||
mov r1, #0x4C @ address
|
||||
bl memctrl_sub_poke
|
||||
ldr r0, =0x163 @ read address back (flush?)
|
||||
bl memctrl_sub_peek
|
||||
ldr r0, =0x162 @ reg_data
|
||||
mov r1, #1 @ data
|
||||
bl memctrl_sub_poke
|
||||
ldmia sp!, {pc}
|
||||
|
||||
memctrl_sub_poke:
|
||||
ldr r2, =0xD8B4000
|
||||
strh r0, [r2, #0x74] @ reg_address <= address
|
||||
ldrh r0, [r2, #0x74] @ read reg_address back
|
||||
strh r1, [r2, #0x76] @ reg_data <= data
|
||||
mov pc, lr
|
||||
|
||||
memctrl_sub_peek:
|
||||
ldr r2, =0xD8B4000
|
||||
strh r0, [r2, #0x74] @ reg_address <= address
|
||||
ldrh r0, [r2, #0x74] @ read reg_address back
|
||||
ldrh r0, [r2, #0x76] @ data <= reg_data
|
||||
mov pc, lr
|
||||
|
||||
.pool
|
||||
|
||||
v_undf:
|
||||
b v_undf
|
||||
|
||||
v_swi:
|
||||
b v_swi
|
||||
|
||||
v_instr_abrt:
|
||||
b v_instr_abrt
|
||||
|
||||
v_data_abrt:
|
||||
b v_data_abrt
|
||||
|
||||
v_reserved:
|
||||
b v_reserved
|
||||
|
||||
v_irq:
|
||||
b v_irq
|
||||
|
||||
v_fiq:
|
||||
b v_fiq
|
||||
|
||||
debug_output:
|
||||
@ load address of port
|
||||
mov r3, #0xd800000
|
||||
@ -147,31 +123,4 @@ delay:
|
||||
bne 1b
|
||||
mov pc, lr
|
||||
|
||||
read32:
|
||||
ldr r0, [r0]
|
||||
mov pc, lr
|
||||
|
||||
write32:
|
||||
str r1, [r0]
|
||||
mov pc, lr
|
||||
|
||||
read16:
|
||||
ldrh r0, [r0]
|
||||
mov pc, lr
|
||||
|
||||
write16:
|
||||
strh r1, [r0]
|
||||
mov pc, lr
|
||||
|
||||
read8:
|
||||
ldrb r0, [r0]
|
||||
mov pc, lr
|
||||
|
||||
write8:
|
||||
strb r1, [r0]
|
||||
mov pc, lr
|
||||
|
||||
getcpuid:
|
||||
mrc p15, 0, r0, c0, c0
|
||||
mov pc, lr
|
||||
|
||||
.pool
|
||||
|
327
stub.c
327
stub.c
@ -1,327 +0,0 @@
|
||||
#include "types.h"
|
||||
#include "utils.h"
|
||||
#include "start.h"
|
||||
#include "hollywood.h"
|
||||
#include "sdhc.h"
|
||||
#include "string.h"
|
||||
#include "memory.h"
|
||||
#include "elf.h"
|
||||
#include "gecko.h"
|
||||
#include "ff.h"
|
||||
#include "lcd.h"
|
||||
|
||||
void hexline(void *addr, int len)
|
||||
{
|
||||
u8 *p = (u8*)addr;
|
||||
while(len--) {
|
||||
gecko_printf("%02x",*p++);
|
||||
}
|
||||
}
|
||||
|
||||
typedef struct {
|
||||
u32 hdrsize;
|
||||
u32 loadersize;
|
||||
u32 elfsize;
|
||||
u32 argument;
|
||||
} ioshdr;
|
||||
|
||||
int dogecko;
|
||||
|
||||
void boot2_loadelf(u8 *elf) {
|
||||
if(dogecko)
|
||||
gecko_puts("Loading boot2 ELF...\n");
|
||||
|
||||
if(memcmp("\x7F" "ELF\x01\x02\x01\x61\x01",elf,9)) {
|
||||
if(dogecko)
|
||||
gecko_printf("Invalid ELF header! 0x%02x 0x%02x 0x%02x 0x%02x\n",elf[0], elf[1], elf[2], elf[3]);
|
||||
panic(0xE3);
|
||||
}
|
||||
|
||||
Elf32_Ehdr *ehdr = (Elf32_Ehdr*)elf;
|
||||
if(ehdr->e_phoff == 0) {
|
||||
if(dogecko)
|
||||
gecko_printf("ELF has no program headers!\n");
|
||||
panic(0xE4);
|
||||
}
|
||||
int count = ehdr->e_phnum;
|
||||
Elf32_Phdr *phdr = (Elf32_Phdr*)(elf + ehdr->e_phoff);
|
||||
if(dogecko)
|
||||
gecko_printf("PHDRS at %p\n",phdr);
|
||||
while(count--)
|
||||
{
|
||||
if(phdr->p_type != PT_LOAD) {
|
||||
if(dogecko)
|
||||
gecko_printf("Skipping PHDR of type %d\n",phdr->p_type);
|
||||
} else {
|
||||
void *src = elf + phdr->p_offset;
|
||||
if(dogecko)
|
||||
gecko_printf("LOAD %p -> %p [0x%x]\n",src, phdr->p_paddr, phdr->p_filesz);
|
||||
memcpy(phdr->p_paddr, src, phdr->p_filesz);
|
||||
}
|
||||
phdr++;
|
||||
}
|
||||
if(dogecko)
|
||||
gecko_puts("Done!\n");
|
||||
}
|
||||
|
||||
#define BOOT_FILE "/system/iosboot.bin"
|
||||
|
||||
FATFS fatfs;
|
||||
|
||||
void turn_stuff_on(void)
|
||||
{
|
||||
clear32(HW_GPIO1OUT, 0x10);
|
||||
udelay(100);
|
||||
set32(HW_RESETS, 0x7FFFFCF);
|
||||
}
|
||||
|
||||
void reset_audio(u8 flag)
|
||||
{
|
||||
|
||||
// GPIO2IN is probably mislabeled
|
||||
if(flag)
|
||||
clear32(HW_DIFLAGS, 0x180);
|
||||
else
|
||||
mask32(HW_DIFLAGS, 0x80, 0x100);
|
||||
|
||||
clear32(HW_GPIO2IN, 0x80000000);
|
||||
udelay(2);
|
||||
clear32(HW_GPIO2IN, 0x40000000);
|
||||
|
||||
if(flag) {
|
||||
clear32(HW_GPIO2IN, 0x10000000);
|
||||
mask32(HW_GPIO2DIR, 0x7FFFFFF, 0x4B0FFCE);
|
||||
} else {
|
||||
mask32(HW_GPIO2DIR, 0x7FFFFFF, 0x4640FC0);
|
||||
}
|
||||
udelay(10);
|
||||
set32(HW_GPIO2IN, 0x40000000);
|
||||
udelay(500);
|
||||
set32(HW_GPIO2IN, 0x80000000);
|
||||
udelay(2);
|
||||
}
|
||||
|
||||
void regs_setup(void)
|
||||
{
|
||||
u8 hwood_ver, hwood_hi, hwood_lo;
|
||||
hwood_ver = read32(0xd800214);
|
||||
hwood_hi = hwood_ver >> 4; //R0
|
||||
hwood_lo = hwood_ver & 0xF; //R1
|
||||
|
||||
*(u32*)0xFFFF897C = *(u32*)0xFFFF86D0;
|
||||
set32(HW_EXICTRL, EXICTRL_ENABLE_EXI);
|
||||
mem_protect(1, (void*)0x13420000, (void*)0x1fffffff);
|
||||
clear32(HW_EXICTRL, 0x10);
|
||||
if(hwood_hi == 0)
|
||||
write32(0xd8b0010, 0);
|
||||
write32(0xd8b0010, 0);
|
||||
if(hwood_hi == 1 && hwood_lo == 0)
|
||||
mask32(0xd800140, 0x0000FFF0, 1);
|
||||
set32(0xd80018C, 0x400);
|
||||
set32(0xd80018C, 0x800);
|
||||
|
||||
reset_audio(0);
|
||||
//boot2_sub_FFFF5D08(0);
|
||||
//boot2_sub_FFFF5C40(hwood_hi);
|
||||
//boot2_sub_FFFF6AA8();
|
||||
|
||||
turn_stuff_on();
|
||||
// what do these two pokes do? no clue. Not needed but I'm leaving them in anyway.
|
||||
write32(0xd8001e0, 0x65244A); //?
|
||||
write32(0xd8001e4, 0x46A024); //?
|
||||
|
||||
clear32(HW_GPIO1OWNER, 0x10);
|
||||
set32(HW_GPIO1DIR, 0x10);
|
||||
//write32(HW_ALARM,0);
|
||||
//write32(HW_ALARM,0);
|
||||
}
|
||||
|
||||
void hex32(u32 x) {
|
||||
int i;
|
||||
u8 b;
|
||||
for(i=0;i<8;i++) {
|
||||
b = x >> 28;
|
||||
if(b > 9)
|
||||
lcd_putchar(b-10+'a');
|
||||
else
|
||||
lcd_putchar(b+'0');
|
||||
x <<= 4;
|
||||
}
|
||||
}
|
||||
|
||||
extern void *__end;
|
||||
|
||||
void *_main(void *base)
|
||||
{
|
||||
FRESULT fres;
|
||||
|
||||
ioshdr *hdr = (ioshdr*)base;
|
||||
ioshdr *iosboot;
|
||||
u8 *elf;
|
||||
|
||||
elf = (u8*) base;
|
||||
elf += hdr->hdrsize + hdr->loadersize;
|
||||
|
||||
dogecko = 1;
|
||||
|
||||
debug_output(0xF1);
|
||||
mem_setswap(1);
|
||||
|
||||
write32(HW_IRQENABLE, 0);
|
||||
|
||||
clear32(HW_GPIO1DIR, 0x80);
|
||||
clear32(HW_GPIO1OWNER, 0x80);
|
||||
udelay(10000);
|
||||
if(read32(HW_GPIO1IN) & 0x80) {
|
||||
dogecko = 0;
|
||||
goto boot2;
|
||||
}
|
||||
|
||||
// NOTE: END DEBUG CRITICAL ZONE
|
||||
|
||||
lcd_init();
|
||||
|
||||
regs_setup();
|
||||
//debug_output(0x50);
|
||||
//debug_output(0x51);
|
||||
debug_output(0xF8);
|
||||
|
||||
gecko_init();
|
||||
|
||||
debug_output(0xF9);
|
||||
|
||||
lcd_puts("BootMii v0.1\n");
|
||||
|
||||
if(dogecko) {
|
||||
gecko_puts("Hello, world from Starlet again!\n");
|
||||
gecko_puts("BootMii here, version 0.1\n");
|
||||
gecko_printf("BOOT2 header (@%p):\n",hdr);
|
||||
gecko_printf(" Header size: %08x\n", hdr->hdrsize);
|
||||
gecko_printf(" Loader size: %08x\n", hdr->loadersize);
|
||||
gecko_printf(" ELF size: %08x\n", hdr->elfsize);
|
||||
gecko_printf(" Argument: %08x\n", hdr->argument);
|
||||
|
||||
gecko_printf("ELF at %p\n",elf);
|
||||
|
||||
gecko_puts("Trying to mount SD...\n");
|
||||
}
|
||||
|
||||
fres = f_mount(0, &fatfs);
|
||||
|
||||
if(fres != FR_OK) {
|
||||
if(dogecko)
|
||||
gecko_printf("Error %d while trying to mount SD\n", fres);
|
||||
debug_output(0x12);
|
||||
debug_output(fres&0xFF);
|
||||
goto boot2;
|
||||
}
|
||||
|
||||
//debug_output(0xF2);
|
||||
|
||||
if(dogecko)
|
||||
gecko_puts("Trying to open SD:" BOOT_FILE "\n");
|
||||
|
||||
FIL fd;
|
||||
u32 read;
|
||||
|
||||
fres = f_open(&fd, BOOT_FILE, FA_READ);
|
||||
if(fres != FR_OK) {
|
||||
if(dogecko)
|
||||
gecko_printf("Error %d while trying to open file\n", fres);
|
||||
//debug_output(0x13);
|
||||
//debug_output(fres&0xFF);
|
||||
goto boot2;
|
||||
}
|
||||
|
||||
lcd_puts(".");
|
||||
|
||||
// NOTE: END CRITICAL ZONE
|
||||
// anything from here to boot2: shouldn't be able to cause a brick
|
||||
|
||||
debug_output(0xF2);
|
||||
|
||||
iosboot = (ioshdr *)ALIGN_FORWARD(((u32)&__end) + 0x100, 0x100);
|
||||
|
||||
if(dogecko)
|
||||
gecko_printf("Trying to read IOSBOOT header to %p\n", iosboot);
|
||||
|
||||
fres = f_read(&fd, iosboot, sizeof(ioshdr), &read);
|
||||
if(fres != FR_OK) {
|
||||
if(dogecko)
|
||||
gecko_printf("Error %d while trying to read file header\n", fres);
|
||||
//debug_output(0x14);
|
||||
//debug_output(fres&0xFF);
|
||||
goto boot2;
|
||||
}
|
||||
if(read != sizeof(ioshdr)) {
|
||||
if(dogecko)
|
||||
gecko_printf("Got %d bytes, expected %d\n", read, sizeof(ioshdr));
|
||||
//debug_output(0x24);
|
||||
goto boot2;
|
||||
}
|
||||
|
||||
lcd_puts(".");
|
||||
//debug_output(0xF5);
|
||||
|
||||
if(dogecko) {
|
||||
gecko_printf("IOSBOOT header (@%p):\n",iosboot);
|
||||
gecko_printf(" Header size: %08x\n", iosboot->hdrsize);
|
||||
gecko_printf(" Loader size: %08x\n", iosboot->loadersize);
|
||||
gecko_printf(" ELF size: %08x\n", iosboot->elfsize);
|
||||
gecko_printf(" Argument: %08x\n", iosboot->argument);
|
||||
}
|
||||
|
||||
u32 totalsize = iosboot->hdrsize + iosboot->loadersize + iosboot->elfsize;
|
||||
|
||||
if(dogecko) {
|
||||
gecko_printf("Total IOSBOOT size: 0x%x\n", totalsize);
|
||||
|
||||
gecko_printf("Trying to read IOSBOOT to %p\n", iosboot);
|
||||
}
|
||||
|
||||
fres = f_read(&fd, iosboot+1, totalsize-sizeof(ioshdr), &read);
|
||||
if(fres != FR_OK) {
|
||||
if(dogecko)
|
||||
gecko_printf("Error %d while trying to read file header\n", fres);
|
||||
//debug_output(0x15);
|
||||
//debug_output(fres&0xFF);
|
||||
goto boot2;
|
||||
}
|
||||
if(read != (totalsize-sizeof(ioshdr))) {
|
||||
if(dogecko)
|
||||
gecko_printf("Got %d bytes, expected %d\n", read, (totalsize-sizeof(ioshdr)));
|
||||
//debug_output(0x25);
|
||||
goto boot2;
|
||||
}
|
||||
|
||||
lcd_puts(".");
|
||||
|
||||
//debug_output(0xF6);
|
||||
|
||||
if(dogecko) {
|
||||
gecko_puts("IOSBOOT read\n");
|
||||
gecko_printf("Setting argument to %p\n", base);
|
||||
}
|
||||
iosboot->argument = (u32)base;
|
||||
|
||||
void *entry = (void*)(((u32)iosboot) + iosboot->hdrsize);
|
||||
|
||||
lcd_puts(" \x7e IOSBOOT \n");
|
||||
|
||||
if(dogecko)
|
||||
gecko_printf("Launching IOSBOOT @ %p\n",entry);
|
||||
|
||||
debug_output(0xF3);
|
||||
|
||||
return entry;
|
||||
|
||||
boot2:
|
||||
debug_output(0xC8);
|
||||
if(dogecko)
|
||||
gecko_puts("Couldn't load from SD, falling back to boot2\n");
|
||||
lcd_puts(" \x7e BOOT2 \n");
|
||||
boot2_loadelf(elf);
|
||||
debug_output(0xC9);
|
||||
return (void *) 0xFFFF0000;
|
||||
|
||||
}
|
Loading…
Reference in New Issue
Block a user