Difference between revisions of "Bootx (iBoot command)"

From The iPhone Wiki
Jump to: navigation, search
(iPhone 3GS 8920x from iBoot-636.66)
Line 15: Line 15:
 
N88AP_iBoot:4FF007F0 010 MOV R4, R1 ; Rd = Op2
 
N88AP_iBoot:4FF007F0 010 MOV R4, R1 ; Rd = Op2
 
N88AP_iBoot:4FF007F2 010 BLE loc_4FF00808 ; Branch
 
N88AP_iBoot:4FF007F2 010 BLE loc_4FF00808 ; Branch
N88AP_iBoot:4FF007F4 010 LDR R1, [R1,#0x24] ; Load from Memory
+
N88AP_iBoot:4FF007F4 010 LDR R1, [R1,#0x24] ; argv[1]
 
N88AP_iBoot:4FF007F6 010 LDR R0, =aHelp ; "help"
 
N88AP_iBoot:4FF007F6 010 LDR R0, =aHelp ; "help"
N88AP_iBoot:4FF007F8 010 BL sub_4FF1ECA0 ; Branch with Link
+
N88AP_iBoot:4FF007F8 010 BL strcmp ; Branch with Link
 
N88AP_iBoot:4FF007FC 010 CBNZ R0, loc_4FF00808 ; Compare and Branch on Non-Zero
 
N88AP_iBoot:4FF007FC 010 CBNZ R0, loc_4FF00808 ; Compare and Branch on Non-Zero
 
N88AP_iBoot:4FF007FE 010 LDR R1, [R4,#0x10] ; param_R1
 
N88AP_iBoot:4FF007FE 010 LDR R1, [R4,#0x10] ; param_R1
Line 27: Line 27:
 
N88AP_iBoot:4FF00808 loc_4FF00808 ; CODE XREF: n88ap__iBoot__bootx_function+A�j
 
N88AP_iBoot:4FF00808 loc_4FF00808 ; CODE XREF: n88ap__iBoot__bootx_function+A�j
 
N88AP_iBoot:4FF00808 ; n88ap__iBoot__bootx_function+14�j
 
N88AP_iBoot:4FF00808 ; n88ap__iBoot__bootx_function+14�j
N88AP_iBoot:4FF00808 010 MOV.W R0, #n88ap_ramdisk ; Rd = Op2
+
N88AP_iBoot:4FF00808 010 MOV.W R0, #n88ap_ramdisk ; addr
N88AP_iBoot:4FF0080C 010 MOV.W R1, #0xF00000 ; Rd = Op2
+
N88AP_iBoot:4FF0080C 010 MOV.W R1, #0xF00000 ; size
N88AP_iBoot:4FF00810 010 BL sub_4FF1A038 ; Branch with Link
+
N88AP_iBoot:4FF00810 010 BL check_range ; Branch with Link
N88AP_iBoot:4FF00814 010 CBNZ R0, loc_4FF00822 ; Compare and Branch on Non-Zero
+
N88AP_iBoot:4FF00814 010 CBNZ R0, loc_4FF00822 ; Compare and Branch on Non-Zero
 
N88AP_iBoot:4FF00816 010 LDR R0, =aPermissionDenied ; "Permission Denied\n"
 
N88AP_iBoot:4FF00816 010 LDR R0, =aPermissionDenied ; "Permission Denied\n"
 
N88AP_iBoot:4FF00818 010 BL N88AP__iBOOT__console_printf ; Branch with Link
 
N88AP_iBoot:4FF00818 010 BL N88AP__iBOOT__console_printf ; Branch with Link
 
N88AP_iBoot:4FF0081C
 
N88AP_iBoot:4FF0081C
 
N88AP_iBoot:4FF0081C loc_4FF0081C ; CODE XREF: n88ap__iBoot__bootx_function+1E�j
 
N88AP_iBoot:4FF0081C loc_4FF0081C ; CODE XREF: n88ap__iBoot__bootx_function+1E�j
N88AP_iBoot:4FF0081C 010 MOV.W R4, #0xFFFFFFFF ; Rd = Op2
+
N88AP_iBoot:4FF0081C 010 MOV.W R4, #0xFFFFFFFF ; fail
 
N88AP_iBoot:4FF00820 010 B loc_4FF0085C ; Branch
 
N88AP_iBoot:4FF00820 010 B loc_4FF0085C ; Branch
 
N88AP_iBoot:4FF00822 ; ---------------------------------------------------------------------------
 
N88AP_iBoot:4FF00822 ; ---------------------------------------------------------------------------
Line 63: Line 63:
 
N88AP_iBoot:4FF00854 010 LDR R1, [SP,#0x10+kernelcache_prepped_memory_pos] ; Load from Memory
 
N88AP_iBoot:4FF00854 010 LDR R1, [SP,#0x10+kernelcache_prepped_memory_pos] ; Load from Memory
 
N88AP_iBoot:4FF00856 010 LDR R2, [R2] ; Load from Memory
 
N88AP_iBoot:4FF00856 010 LDR R2, [R2] ; Load from Memory
N88AP_iBoot:4FF00858 010 BL sub_4FF19264 ; Branch with Link
+
N88AP_iBoot:4FF00858 010 BL jump_to_addr ; Branch with Link
 
N88AP_iBoot:4FF0085C
 
N88AP_iBoot:4FF0085C
 
N88AP_iBoot:4FF0085C loc_4FF0085C ; CODE XREF: n88ap__iBoot__bootx_function+38�j
 
N88AP_iBoot:4FF0085C loc_4FF0085C ; CODE XREF: n88ap__iBoot__bootx_function+38�j
Line 94: Line 94:
 
N88AP_iBoot:4FF00878 ; "kernelcache prepped at address 0x%08x\n"
 
N88AP_iBoot:4FF00878 ; "kernelcache prepped at address 0x%08x\n"
 
N88AP_iBoot:4FF0087C off_4FF0087C DCD dword_4FF2DC40 ; DATA XREF: n88ap__iBoot__bootx_function+68�r
 
N88AP_iBoot:4FF0087C off_4FF0087C DCD dword_4FF2DC40 ; DATA XREF: n88ap__iBoot__bootx_function+68�r
 
 
</pre>
 
</pre>

Revision as of 22:27, 26 February 2010

iPhone 3GS 8920x from iBoot-636.66

N88AP_iBoot:4FF007E8     n88ap__iBoot__bootx_function            ; DATA XREF: N88AP_iBoot:n88ap__iBoot__bootx�o
N88AP_iBoot:4FF007E8
N88AP_iBoot:4FF007E8     kernelcache_prepped_memory_pos= -0x10
N88AP_iBoot:4FF007E8     oldR4           = -0xC
N88AP_iBoot:4FF007E8     oldR7           = -8
N88AP_iBoot:4FF007E8     oldLR           = -4
N88AP_iBoot:4FF007E8
N88AP_iBoot:4FF007E8 000                 PUSH    {R4,R7,LR}      ; Push registers
N88AP_iBoot:4FF007EA 00C                 ADD     R7, SP, #4      ; Rd = Op1 + Op2
N88AP_iBoot:4FF007EC 00C                 SUB     SP, SP, #4      ; Rd = Op1 - Op2
N88AP_iBoot:4FF007EE 010                 CMP     R0, #1          ; Set cond. codes on Op1 - Op2
N88AP_iBoot:4FF007F0 010                 MOV     R4, R1          ; Rd = Op2
N88AP_iBoot:4FF007F2 010                 BLE     loc_4FF00808    ; Branch
N88AP_iBoot:4FF007F4 010                 LDR     R1, [R1,#0x24]  ; argv[1]
N88AP_iBoot:4FF007F6 010                 LDR     R0, =aHelp      ; "help"
N88AP_iBoot:4FF007F8 010                 BL      strcmp          ; Branch with Link
N88AP_iBoot:4FF007FC 010                 CBNZ    R0, loc_4FF00808 ; Compare and Branch on Non-Zero
N88AP_iBoot:4FF007FE 010                 LDR     R1, [R4,#0x10]  ; param_R1
N88AP_iBoot:4FF00800 010                 LDR     R0, =aUsageSAddress ; "usage:\n\t%s [<address>]\n"
N88AP_iBoot:4FF00802 010                 BL      N88AP__iBOOT__console_printf ; Branch with Link
N88AP_iBoot:4FF00806 010                 B       loc_4FF0081C    ; Branch
N88AP_iBoot:4FF00808     ; ---------------------------------------------------------------------------
N88AP_iBoot:4FF00808
N88AP_iBoot:4FF00808     loc_4FF00808                            ; CODE XREF: n88ap__iBoot__bootx_function+A�j
N88AP_iBoot:4FF00808                                             ; n88ap__iBoot__bootx_function+14�j
N88AP_iBoot:4FF00808 010                 MOV.W   R0, #n88ap_ramdisk ; addr
N88AP_iBoot:4FF0080C 010                 MOV.W   R1, #0xF00000      ; size
N88AP_iBoot:4FF00810 010                 BL      check_range        ; Branch with Link
N88AP_iBoot:4FF00814 010                 CBNZ    R0, loc_4FF00822   ; Compare and Branch on Non-Zero
N88AP_iBoot:4FF00816 010                 LDR     R0, =aPermissionDenied ; "Permission Denied\n"
N88AP_iBoot:4FF00818 010                 BL      N88AP__iBOOT__console_printf ; Branch with Link
N88AP_iBoot:4FF0081C
N88AP_iBoot:4FF0081C     loc_4FF0081C                            ; CODE XREF: n88ap__iBoot__bootx_function+1E�j
N88AP_iBoot:4FF0081C 010                 MOV.W   R4, #0xFFFFFFFF ; fail
N88AP_iBoot:4FF00820 010                 B       loc_4FF0085C    ; Branch
N88AP_iBoot:4FF00822     ; ---------------------------------------------------------------------------
N88AP_iBoot:4FF00822
N88AP_iBoot:4FF00822     loc_4FF00822                            ; CODE XREF: n88ap__iBoot__bootx_function+2C�j
N88AP_iBoot:4FF00822 010                 MOV.W   R1, #n88ap_ramdisk ; param_R1
N88AP_iBoot:4FF00826 010                 LDR     R0, =aAttemptingToValidateKernelcache0x08x ; "Attempting to validate kernelcache @ 0x"...
N88AP_iBoot:4FF00828 010                 BL      N88AP__iBOOT__console_printf ; Branch with Link
N88AP_iBoot:4FF0082C 010                 MOV.W   R0, #n88ap_ramdisk ; memoery_pos
N88AP_iBoot:4FF00830 010                 MOV.W   R1, #0xF00000   ; memory_size
N88AP_iBoot:4FF00834 010                 MOV     R2, SP          ; Rd = Op2
N88AP_iBoot:4FF00836 010                 BL      LoadImage_kernelcache_img3 ; Branch with Link
N88AP_iBoot:4FF0083A 010                 CMP     R0, #0          ; Set cond. codes on Op1 - Op2
N88AP_iBoot:4FF0083C 010                 MOV     R4, R0          ; Rd = Op2
N88AP_iBoot:4FF0083E 010                 BGE     loc_4FF00848    ; Branch
N88AP_iBoot:4FF00840 010                 LDR     R0, =aErrorLoadingKernelcache ; "error loading kernelcache\n"
N88AP_iBoot:4FF00842 010                 BL      N88AP__iBOOT__console_printf ; Branch with Link
N88AP_iBoot:4FF00846 010                 B       loc_4FF0085C    ; Branch
N88AP_iBoot:4FF00848     ; ---------------------------------------------------------------------------
N88AP_iBoot:4FF00848
N88AP_iBoot:4FF00848     loc_4FF00848                            ; CODE XREF: n88ap__iBoot__bootx_function+56�j
N88AP_iBoot:4FF00848 010                 LDR     R1, [SP,#0x10+kernelcache_prepped_memory_pos] ; param_R1
N88AP_iBoot:4FF0084A 010                 LDR     R0, =aKernelcachePreppedAtAddress0x08x ; "kernelcache prepped at address 0x%08x\n"
N88AP_iBoot:4FF0084C 010                 BL      N88AP__iBOOT__console_printf ; Branch with Link
N88AP_iBoot:4FF00850 010                 LDR     R2, =dword_4FF2DC40 ; Load from Memory
N88AP_iBoot:4FF00852 010                 MOVS    R0, #3          ; Rd = Op2
N88AP_iBoot:4FF00854 010                 LDR     R1, [SP,#0x10+kernelcache_prepped_memory_pos] ; Load from Memory
N88AP_iBoot:4FF00856 010                 LDR     R2, [R2]        ; Load from Memory
N88AP_iBoot:4FF00858 010                 BL      jump_to_addr    ; Branch with Link
N88AP_iBoot:4FF0085C
N88AP_iBoot:4FF0085C     loc_4FF0085C                            ; CODE XREF: n88ap__iBoot__bootx_function+38�j
N88AP_iBoot:4FF0085C                                             ; n88ap__iBoot__bootx_function+5E�j
N88AP_iBoot:4FF0085C 010                 MOV     R0, R4          ; Rd = Op2
N88AP_iBoot:4FF0085E 010                 SUB.W   SP, R7, #4      ; Rd = Op1 - Op2
N88AP_iBoot:4FF00862 010                 POP     {R4,R7,PC}      ; Pop registers
N88AP_iBoot:4FF00862     ; End of function n88ap__iBoot__bootx_function
N88AP_iBoot:4FF00862
N88AP_iBoot:4FF00862     ; ---------------------------------------------------------------------------
N88AP_iBoot:4FF00864     off_4FF00864    DCD aHelp               ; DATA XREF: n88ap__iBoot__bootx_function+E�r
N88AP_iBoot:4FF00864                                             ; "help"
N88AP_iBoot:4FF00868     ; int off_4FF00868
N88AP_iBoot:4FF00868     off_4FF00868    DCD aUsageSAddress      ; DATA XREF: n88ap__iBoot__bootx_function+18�r
N88AP_iBoot:4FF00868                                             ; "usage:\n\t%s [<address>]\n"
N88AP_iBoot:4FF0086C     ; int off_4FF0086C
N88AP_iBoot:4FF0086C     off_4FF0086C    DCD aPermissionDenied   ; DATA XREF: n88ap__iBoot__bootx_function+2E�r
N88AP_iBoot:4FF0086C                                             ; "Permission Denied\n"
N88AP_iBoot:4FF00870     ; int off_4FF00870
N88AP_iBoot:4FF00870     off_4FF00870    DCD aAttemptingToValidateKernelcache0x08x
N88AP_iBoot:4FF00870                                             ; DATA XREF: n88ap__iBoot__bootx_function+3E�r
N88AP_iBoot:4FF00870                                             ; "Attempting to validate kernelcache @ 0x"...
N88AP_iBoot:4FF00874     ; int off_4FF00874
N88AP_iBoot:4FF00874     off_4FF00874    DCD aErrorLoadingKernelcache
N88AP_iBoot:4FF00874                                             ; DATA XREF: n88ap__iBoot__bootx_function+58�r
N88AP_iBoot:4FF00874                                             ; "error loading kernelcache\n"
N88AP_iBoot:4FF00878     ; int off_4FF00878
N88AP_iBoot:4FF00878     off_4FF00878    DCD aKernelcachePreppedAtAddress0x08x
N88AP_iBoot:4FF00878                                             ; DATA XREF: n88ap__iBoot__bootx_function+62�r
N88AP_iBoot:4FF00878                                             ; "kernelcache prepped at address 0x%08x\n"
N88AP_iBoot:4FF0087C     off_4FF0087C    DCD dword_4FF2DC40      ; DATA XREF: n88ap__iBoot__bootx_function+68�r