Fandom

Magic Lantern Firmware Wiki

2.0.4 Bootstrap

328pages on
this wiki
Add New Page
Talk0 Share

Ad blocker interference detected!


Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.

Parent: 2.0.4 AJ

Ref: 2.0.4 Top Level Routines.



--- UNDER CONSTRUCTION --

Yes - there is information about bootstrap all over the place.

What I list here is what Canons 2.0.4 Dryos does ... and highlight where ML's 5d-hack.c updates the DryOs code.


Dryos bootstrap code - as it is stored at 0xFF810000 .. ie before it is copied from ROM Edit

[0xFF810000] AJ_guess_bootstrap()    
LDR PC, =AJ_sub1_bootstrap

.

[0xFF81000C] AJ_sub1_bootstrap()
-> Initialize DIGIC structures [0xC0000000 -> 0xC0000100],[0xC0200000],[0xC0400008],[0xC0243100],[0xC0242010]

Create a STACK at 0x1900 -> 0x21C48.  Copy data from 0xFFCD15B0
memcpy( 0x1900_rw_data_start,  0xFFCD15B0_rwdata_copy , 0x21C48 - 0x1900 ) 

Initialise to end of BSS segment    0x21C48 -> 0x4D458
memset( 0x21C48_bss_start,  #0,  0x4D458_bss_end - 0x21C48_bss_start) 

B AJ_sub2_bootstrap



ML works by hijacking the first line of the AJ_sub2_bootstrap() ... and once complete .. jumping back.

[0xFF812A98] AJ_sub2_bootstrap()

+-------------------------------------------------+ 
| BEFORE ML: LDR R0, =AJ_bss_start_SetupRelated   |
| AFTER  ML: INSTR( 0xFF812AE8 ) = RET_INSTR;     |
+-------------------------------------------------+

First memcpy    
-> [0x0000] = zero page <--WRITES BSS RELATED DATA HERE--> [0x04B0]
-> [0x????????] = AJ_bss_start_SetupRelated 

memcpy( 0x0000,  AJ_bss_start_SetupRelated , 0x4B0)


AJAJ:  Need to replace  'TH_interrupt_0x4b0'  with actual address


Second memcpy    
-> [0x4B0]  <--WRITES HERE--> [0x????]
-> [0xFF812D34] = ?? Not sure what this is :  AJAJ ... have a look at at IDA

memcpy( 0x4B0, TH_interrupt_0x4b0, 0xFF812D34 - TH_interrupt_0x4b0)



"CPSR is updated to put the ARM into supervisor mode"

MOV SP, #0x1000

BL TH_cstart

.


[0xFF810894] TH_cstart() 

..
LDR     R1, =TH_init_task
..
BL      TH_create_init_task
..
LDR     PC, [SP],#4


and if you wonder what does "magiclantern.lds.S"

here is the start page to read: http://ftp.gnu.org/old-gnu/Manuals/ld-2.9.1/html_node/ld_6.html

i'll come back...

Indy: see also http://magiclantern.wikia.com/wiki/Autoexec

Also on Fandom

Random Wiki