三星S3C2450 IROM 启动过程及代码抓取
在S3C2450开机会执行一段IROM代码,然后把BL1加载到IRAM的前8KB(也就是step stone)的地址处然后执行它,这8KB的BL1会把整个bootloader再加载到外部SDRAM然后执行它;
从手头的BL1(step stone)代码和BL2(bootloader)代码感觉还是不好理解S3C2450的启动过程的细节,有两个问题要请教各位
1> IROM是否是S3C2450的内存地址中以0x00000000为起始地址的一段内存呢?
2> 有什么办法把IROM代码抓取出来(二进制机器码),然后分析其行为呢?
1)不是。是映射过去的。2)还不如阅读bootloader的汇编代码呢,何必费神
,手册名:SMDK2450_IROM_APPLICATION NOTE_REV 0.03
共三个函数:
Address Name
0x40004000 NF8_ReadPage
0x40004004 NF8_ReadPage_Adv
0x40004008 CopyMovitoMem
定义:
/**
* This Function copies a block of page to destination memory.( 8-Bit ECC only )
* @param uint32 block : Source block address number to copy.
* @param uint32 page : Source page address number to copy.
* @param uint8 *buffer : Target Buffer pointer.
* @return int32 - Success or failure.
*/
#define NF8_ReadPage(a,b,c) (((int(*)(uint32, uint32, uint8*))(*((uint32 *)0x0C004000)))(a,b,c))
/**
* This Function copies a block of page to destination memory( 8-Bit ECC only )
* @param u32 block : Source block address number to copy.
* @param u32 page : Source page address number to copy.
* @param u8 *buffer : Target Buffer pointer.
* @return int - Success or failure.
*/
#define NF8_ReadPage_Adv(a,b,c) (((int(*)(uint32, uint32, uint8*))(*((uint32 *)0x40004004)))(a,b,c))
/**
* This Function copy MMC(MoviNAND/iNand) Card Data to memory.
* Always use EPLL source clock.
* This function works at 25Mhz.
* @param u32 StartBlkAddress : Source card(MoviNAND/iNand MMC)) Address.(It must block address.)
* @param u16 blockSize : Number of blocks to copy.
* @param u32* memoryPtr : Buffer to copy from.
* @param u32 extClockSpeed : External clock speed(per HZ)
* @param bool with_init : determined card initialization.
* @return bool(u8) - Success or failure.
*/
#define CopyMovitoMem (a,b,c,d,e)(((bool(*)(u32,u16,u32*,u32,bool)) \
(*((u32 *)0x40004008))) (a,b,c,d,e))