The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information.

Difference between revisions of "Ramdisk (iBoot command)"

From The iPhone Wiki
Jump to: navigation, search
(New page: == iPhone 3GS 8920x from iBoot-636.66 == ==Disassembly== <pre> N88AP_iBoot:4FF011BC ; =============== S U B R O U T I N E ======================================= N88AP_iBoot:4FF011BC ...)
 
(please try to keep command entries more like this)
Line 1: Line 1:
  +
== Description ==
== iPhone 3GS 8920x from iBoot-636.66 ==
  
  +
A command found in [[iBoot]], [[iBSS]], and [[iBEC]] that verifies and preps a ramdisk image which has been previously uploaded.
   
==Disassembly==
 +
== Decompilation ==
  +
iPhone 3GS 8920x from iBoot-636.66
<pre>
  
  +
#define kLoadAddress 0x41000000
N88AP_iBoot:4FF011BC ; =============== S U B R O U T I N E =======================================
  
  +
#define kRamdiskMaxSize 0x2000000
N88AP_iBoot:4FF011BC
  
  +
#define kRamdiskAddress 0x44000000
N88AP_iBoot:4FF011BC ; Attributes: bp-based frame
  
  +
#define kRamdiskImageType 0x7264736B
N88AP_iBoot:4FF011BC
  
  +
N88AP_iBoot:4FF011BC n88ap__iBoot__ramdisk_command_function ; CODE XREF: sub_4FF0067C+76�p
  
  +
unsigned int* gRamdiskSize;
N88AP_iBoot:4FF011BC ; DATA XREF: N88AP_iBoot:n88ap__iBoot__ramdisk�o
  
  +
unsigned char** gRamdiskAddr;
N88AP_iBoot:4FF011BC
  
  +
N88AP_iBoot:4FF011BC oldR4 = -0x14
  
  +
int cmd_ramdisk(int argc, CmdArg* argv) {
N88AP_iBoot:4FF011BC oldR5 = -0x10
  
  +
if(argc > 3 || !strcmp("help", argv[1].string)) {
N88AP_iBoot:4FF011BC oldR6 = -0xC
  
  +
printf("usage:\n\t%s [<len>] [<address>]\n", argv[0].string);
N88AP_iBoot:4FF011BC oldR7 = -8
  
  +
return -1;
N88AP_iBoot:4FF011BC oldLR = -4
  
  +
}
N88AP_iBoot:4FF011BC
  
  +
N88AP_iBoot:4FF011BC 000 PUSH {R4-R7,LR} ; Push registers
  
  +
unsigned char* filesize = (unsigned int) nvram_getint("filesize", 0);
N88AP_iBoot:4FF011BE 014 ADD R7, SP, #0xC ; Rd = Op1 + Op2
  
  +
unsigned int loadaddr = (unsigned char*) nvram_getint("loadaddr", kLoadAddress);
N88AP_iBoot:4FF011C0 014 CMP R0, #3 ; Set cond. codes on Op1 - Op2
  
  +
if(filesize == 0) {
N88AP_iBoot:4FF011C2 014 MOV R4, R1 ; Rd = Op2
  
  +
printf("filesize variable invalid or not set, aborting\n");
N88AP_iBoot:4FF011C4 014 BGT loc_4FF011D0 ; Branch
  
  +
return -1;
N88AP_iBoot:4FF011C6 014 LDR R1, [R1,#0x24] ; Load from Memory
  
  +
}
N88AP_iBoot:4FF011C8 014 LDR R0, =aHelp ; "help"
  
  +
N88AP_iBoot:4FF011CA 014 BL sub_4FF1ECA0 ; Branch with Link
  
  +
if(range_check(loadaddr, filesize) == 0) {
N88AP_iBoot:4FF011CE 014 CBNZ R0, loc_4FF011DA ; Compare and Branch on Non-Zero
  
  +
printf("Permission Denied\n");
N88AP_iBoot:4FF011D0
  
  +
return -1;
N88AP_iBoot:4FF011D0 loc_4FF011D0 ; CODE XREF: n88ap__iBoot__ramdisk_command_function+8�j
  
  +
}
N88AP_iBoot:4FF011D0 014 LDR R1, [R4,#0x10] ; param_R1
  
  +
N88AP_iBoot:4FF011D2 014 LDR R0, =aUsageSLenAddress ; "usage:\n\t%s [<len>] [<address>]\n"
  
  +
MemzDescriptor* memz = memz_create(loadaddr, filesize, 0);
N88AP_iBoot:4FF011D4 014 BL N88AP__iBOOT__console_printf ; Branch with Link
  
  +
if(memz == NULL) {
N88AP_iBoot:4FF011D8 014 B loc_4FF011F8 ; Branch
  
  +
printf("Ramdisk image not valid\n");
N88AP_iBoot:4FF011DA ; ---------------------------------------------------------------------------
  
  +
return -1;
N88AP_iBoot:4FF011DA
  
  +
}
N88AP_iBoot:4FF011DA loc_4FF011DA ; CODE XREF: n88ap__iBoot__ramdisk_command_function+12�j
  
  +
N88AP_iBoot:4FF011DA 014 MOVS R1, #0 ; Rd = Op2
  
  +
if(memz->imageSize > kRamdiskMaxSize) {
N88AP_iBoot:4FF011DC 014 LDR R0, =aFilesize ; "filesize"
  
  +
printf("Ramdisk too large\n");
N88AP_iBoot:4FF011DE 014 BL sub_4FF1CD88 ; Branch with Link
  
  +
return -1;
N88AP_iBoot:4FF011E2 014 MOV.W R1, #n88ap_ramdisk ; Rd = Op2
  
  +
}
N88AP_iBoot:4FF011E6 014 MOV R4, R0 ; Rd = Op2
  
  +
N88AP_iBoot:4FF011E8 014 LDR R0, =aLoadaddr ; "loadaddr"
  
  +
*gRamdiskAddr = kRamdiskAddress;
N88AP_iBoot:4FF011EA 014 BL sub_4FF1CD88 ; Branch with Link
  
  +
*gRamdiskSize = memz->imageSize;
N88AP_iBoot:4FF011EE 014 MOV R5, R0 ; Rd = Op2
  
  +
if(image_load(memz, kRamdiskImageType, gRamdiskAddr, gRamdiskSize) >= 0) {
N88AP_iBoot:4FF011F0 014 CBNZ R4, loc_4FF011FE ; Compare and Branch on Non-Zero
  
  +
printf("creating ramdisk at 0x%x of size 0x%x, from image at 0x%x\n", gRamdiskAddr, gRamdiskSize, loadaddr);
N88AP_iBoot:4FF011F2 014 LDR R0, =aFilesizeVariableInvalidOrNotSetAborting ; "filesize variable invalid or not set, a"...
  
  +
return 0;
N88AP_iBoot:4FF011F4
  
  +
}
N88AP_iBoot:4FF011F4 loc_4FF011F4 ; CODE XREF: n88ap__iBoot__ramdisk_command_function+4C�j
  
  +
N88AP_iBoot:4FF011F4 ; n88ap__iBoot__ramdisk_command_function+5C�j
  
  +
*gRamdiskAddr = 0;
N88AP_iBoot:4FF011F4 ; n88ap__iBoot__ramdisk_command_function+68�j
  
  +
*gRamdiskSize = 0;
N88AP_iBoot:4FF011F4 014 BL N88AP__iBOOT__console_printf ; Branch with Link
  
  +
return -1;
N88AP_iBoot:4FF011F8
  
  +
}
N88AP_iBoot:4FF011F8 loc_4FF011F8 ; CODE XREF: n88ap__iBoot__ramdisk_command_function+1C�j
  
N88AP_iBoot:4FF011F8 ; n88ap__iBoot__ramdisk_command_function+8C�j
  
N88AP_iBoot:4FF011F8 014 MOV.W R0, #0xFFFFFFFF ; Rd = Op2
  
N88AP_iBoot:4FF011FC 014 B locret_4FF01258 ; Branch
  
N88AP_iBoot:4FF011FE ; ---------------------------------------------------------------------------
  
N88AP_iBoot:4FF011FE
  
N88AP_iBoot:4FF011FE loc_4FF011FE ; CODE XREF: n88ap__iBoot__ramdisk_command_function+34�j
  
N88AP_iBoot:4FF011FE 014 MOV R1, R4 ; Rd = Op2
  
N88AP_iBoot:4FF01200 014 BL sub_4FF1A038 ; Branch with Link
  
N88AP_iBoot:4FF01204 014 CBNZ R0, loc_4FF0120A ; Compare and Branch on Non-Zero
  
N88AP_iBoot:4FF01206 014 LDR R0, =aPermissionDenied ; "Permission Denied\n"
  
N88AP_iBoot:4FF01208 014 B loc_4FF011F4 ; Branch
  
N88AP_iBoot:4FF0120A ; ---------------------------------------------------------------------------
  
N88AP_iBoot:4FF0120A
  
N88AP_iBoot:4FF0120A loc_4FF0120A ; CODE XREF: n88ap__iBoot__ramdisk_command_function+48�j
  
N88AP_iBoot:4FF0120A 014 MOV R0, R5 ; StartAddress
  
N88AP_iBoot:4FF0120C 014 MOV R1, R4 ; dataSize
  
N88AP_iBoot:4FF0120E 014 MOVS R2, #0 ; Type
  
N88AP_iBoot:4FF01210 014 BL n88ap__iBoot__MEMZ_STRUCT_INIT ; Branch with Link
  
N88AP_iBoot:4FF01214 014 CBNZ R0, loc_4FF0121A ; Compare and Branch on Non-Zero
  
N88AP_iBoot:4FF01216 014 LDR R0, =aRamdiskImageNotValid ; "Ramdisk image not valid\n"
  
N88AP_iBoot:4FF01218 014 B loc_4FF011F4 ; Branch
  
N88AP_iBoot:4FF0121A ; ---------------------------------------------------------------------------
  
N88AP_iBoot:4FF0121A
  
N88AP_iBoot:4FF0121A loc_4FF0121A ; CODE XREF: n88ap__iBoot__ramdisk_command_function+58�j
  
N88AP_iBoot:4FF0121A 014 LDR R3, [R0,#4] ; Load from Memory
  
N88AP_iBoot:4FF0121C 014 CMP.W R3, #0x2000000 ; Set cond. codes on Op1 - Op2
  
N88AP_iBoot:4FF01220 014 IT HI ; If Then
  
N88AP_iBoot:4FF01222 014 LDRHI R0, =aRamdiskTooLarge ; "Ramdisk too large\n"
  
N88AP_iBoot:4FF01224 014 BHI loc_4FF011F4 ; Branch
  
N88AP_iBoot:4FF01226 014 LDR R6, =dword_4FF2A03C ; Load from Memory
  
N88AP_iBoot:4FF01228 014 MOV.W R3, #0x44000000 ; Rd = Op2
  
N88AP_iBoot:4FF0122C 014 LDR R4, =dword_4FF2A040 ; Load from Memory
  
N88AP_iBoot:4FF0122E 014 STR R3, [R6] ; Store to Memory
  
N88AP_iBoot:4FF01230 014 LDR R3, [R0,#4] ; Load from Memory
  
N88AP_iBoot:4FF01232 014 LDR R1, ='rdsk' ; TAG_TYPE
  
N88AP_iBoot:4FF01234 014 MOV R2, R6 ; unknown1
  
N88AP_iBoot:4FF01236 014 STR R3, [R4] ; Store to Memory
  
N88AP_iBoot:4FF01238 014 MOV R3, R4 ; unknown2
  
N88AP_iBoot:4FF0123A 014 BL n88ap__iBoot__image_load ; Branch with Link
  
N88AP_iBoot:4FF0123E 014 CMP R0, #0 ; Set cond. codes on Op1 - Op2
  
N88AP_iBoot:4FF01240 014 BGE loc_4FF0124A ; Branch
  
N88AP_iBoot:4FF01242 014 MOVS R3, #0 ; Rd = Op2
  
N88AP_iBoot:4FF01244 014 STR R3, [R6] ; Store to Memory
  
N88AP_iBoot:4FF01246 014 STR R3, [R4] ; Store to Memory
  
N88AP_iBoot:4FF01248 014 B loc_4FF011F8 ; Branch
  
N88AP_iBoot:4FF0124A ; ---------------------------------------------------------------------------
  
N88AP_iBoot:4FF0124A
  
N88AP_iBoot:4FF0124A loc_4FF0124A ; CODE XREF: n88ap__iBoot__ramdisk_command_function+84�j
  
N88AP_iBoot:4FF0124A 014 LDR R1, [R6] ; param_R1
  
N88AP_iBoot:4FF0124C 014 LDR R2, [R4] ; param_R2
  
N88AP_iBoot:4FF0124E 014 LDR R0, =aCreatingRamdiskAt0xXOfSize0xXFromImageAt0xX ; "creating ramdisk at 0x%x of size 0x%x, "...
  
N88AP_iBoot:4FF01250 014 MOV R3, R5 ; param_R3
  
N88AP_iBoot:4FF01252 014 BL N88AP__iBOOT__console_printf ; Branch with Link
  
N88AP_iBoot:4FF01256 014 MOVS R0, #0 ; Rd = Op2
  
N88AP_iBoot:4FF01258
  
N88AP_iBoot:4FF01258 locret_4FF01258 ; CODE XREF: n88ap__iBoot__ramdisk_command_function+40�j
  
N88AP_iBoot:4FF01258 014 POP {R4-R7,PC} ; Pop registers
  
N88AP_iBoot:4FF01258 ; End of function n88ap__iBoot__ramdisk_command_function
  
N88AP_iBoot:4FF01258
  
N88AP_iBoot:4FF0125A ; ---------------------------------------------------------------------------
  
N88AP_iBoot:4FF0125A NOP ; No Operation
  
N88AP_iBoot:4FF0125A ; ---------------------------------------------------------------------------
  
N88AP_iBoot:4FF0125C off_4FF0125C DCD aHelp ; DATA XREF: n88ap__iBoot__ramdisk_command_function+C�r
  
N88AP_iBoot:4FF0125C ; "help"
  
N88AP_iBoot:4FF01260 ; int off_4FF01260
  
N88AP_iBoot:4FF01260 off_4FF01260 DCD aUsageSLenAddress ; DATA XREF: n88ap__iBoot__ramdisk_command_function+16�r
  
N88AP_iBoot:4FF01260 ; "usage:\n\t%s [<len>] [<address>]\n"
  
N88AP_iBoot:4FF01264 off_4FF01264 DCD aFilesize ; DATA XREF: n88ap__iBoot__ramdisk_command_function+20�r
  
N88AP_iBoot:4FF01264 ; "filesize"
  
N88AP_iBoot:4FF01268 off_4FF01268 DCD aLoadaddr ; DATA XREF: n88ap__iBoot__ramdisk_command_function+2C�r
  
N88AP_iBoot:4FF01268 ; "loadaddr"
  
N88AP_iBoot:4FF0126C ; int off_4FF0126C
  
N88AP_iBoot:4FF0126C off_4FF0126C DCD aFilesizeVariableInvalidOrNotSetAborting
  
N88AP_iBoot:4FF0126C ; DATA XREF: n88ap__iBoot__ramdisk_command_function+36�r
  
N88AP_iBoot:4FF0126C ; "filesize variable invalid or not set, a"...
  
N88AP_iBoot:4FF01270 off_4FF01270 DCD aPermissionDenied ; DATA XREF: n88ap__iBoot__ramdisk_command_function+4A�r
  
N88AP_iBoot:4FF01270 ; "Permission Denied\n"
  
N88AP_iBoot:4FF01274 off_4FF01274 DCD aRamdiskImageNotValid
  
N88AP_iBoot:4FF01274 ; DATA XREF: n88ap__iBoot__ramdisk_command_function+5A�r
  
N88AP_iBoot:4FF01274 ; "Ramdisk image not valid\n"
  
N88AP_iBoot:4FF01278 ; struct MEMZ_STRUCT *off_4FF01278
  
N88AP_iBoot:4FF01278 off_4FF01278 DCD aRamdiskTooLarge ; DATA XREF: n88ap__iBoot__ramdisk_command_function+66�r
  
N88AP_iBoot:4FF01278 ; "Ramdisk too large\n"
  
N88AP_iBoot:4FF0127C ; int unknown1
  
N88AP_iBoot:4FF0127C unknown1 DCD dword_4FF2A03C ; DATA XREF: n88ap__iBoot__ramdisk_command_function+6A�r
  
N88AP_iBoot:4FF01280 ; int unknown2
  
N88AP_iBoot:4FF01280 unknown2 DCD dword_4FF2A040 ; DATA XREF: n88ap__iBoot__ramdisk_command_function+70�r
  
N88AP_iBoot:4FF01284 ; char *dword_4FF01284
  
N88AP_iBoot:4FF01284 dword_4FF01284 DCD 'rdsk' ; DATA XREF: n88ap__iBoot__ramdisk_command_function+76�r
  
N88AP_iBoot:4FF01288 ; int off_4FF01288
  
N88AP_iBoot:4FF01288 off_4FF01288 DCD aCreatingRamdiskAt0xXOfSize0xXFromImageAt0xX
  
N88AP_iBoot:4FF01288 ; DATA XREF: n88ap__iBoot__ramdisk_command_function+92�r
  
N88AP_iBoot:4FF01288 ; "creating ramdisk at 0x%x of size 0x%x, "...
  
N88AP_iBoot:4FF0128C
  
</pre>
  
<pre>
  
N88AP_iBoot:4FF1D4E0 ; =============== S U B R O U T I N E =======================================
  
N88AP_iBoot:4FF1D4E0
  
N88AP_iBoot:4FF1D4E0 ; Attributes: bp-based frame
  
N88AP_iBoot:4FF1D4E0
  
N88AP_iBoot:4FF1D4E0 ; int __fastcall n88ap__iBoot__image_load(struct MEMZ_STRUCT *mem_info, char *TAG_TYPE, int unknown1, int unknown2)
  
N88AP_iBoot:4FF1D4E0 n88ap__iBoot__image_load ; CODE XREF: n88ap__iBoot__diag_function+8A�p
  
N88AP_iBoot:4FF1D4E0 ; sub_4FF009CC+22�p
  
N88AP_iBoot:4FF1D4E0 ; n88ap__iBoot__go_command+66�p
  
N88AP_iBoot:4FF1D4E0 ; n88ap__iBoot__ramdisk_command_function+7E�p
  
N88AP_iBoot:4FF1D4E0 ; n88ap__iBoot__devicetree_function+7C�p ...
  
N88AP_iBoot:4FF1D4E0
  
N88AP_iBoot:4FF1D4E0 var_18 = -0x18
  
N88AP_iBoot:4FF1D4E0 var_14 = -0x14
  
N88AP_iBoot:4FF1D4E0 oldR4 = -0x10
  
N88AP_iBoot:4FF1D4E0 oldR5 = -0xC
  
N88AP_iBoot:4FF1D4E0 oldR7 = -8
  
N88AP_iBoot:4FF1D4E0 oldLR = -4
  
N88AP_iBoot:4FF1D4E0
  
N88AP_iBoot:4FF1D4E0 000 PUSH {R4,R5,R7,LR} ; Push registers
  
N88AP_iBoot:4FF1D4E2 010 ADD R7, SP, #8 ; Rd = Op1 + Op2
  
N88AP_iBoot:4FF1D4E4 010 SUB SP, SP, #8 ; Rd = Op1 - Op2
  
N88AP_iBoot:4FF1D4E6 018 MOV R5, R3 ; Rd = Op2
  
N88AP_iBoot:4FF1D4E8 018 LDR R3, [R2] ; Load from Memory
  
N88AP_iBoot:4FF1D4EA 018 MOV R4, R2 ; Rd = Op2
  
N88AP_iBoot:4FF1D4EC 018 STR R3, [SP,#0x18+var_14] ; Store to Memory
  
N88AP_iBoot:4FF1D4EE 018 LDR R3, [R5] ; param_R3
  
N88AP_iBoot:4FF1D4F0 018 STR R3, [SP,#0x18+var_18] ; Store to Memory
  
N88AP_iBoot:4FF1D4F2 018 CBZ R0, end_of_error ; Compare and Branch on Zero
  
N88AP_iBoot:4FF1D4F4 018 LDR R2, [R0,#MEMZ_STRUCT.tag.full_size] ; param_R2
  
N88AP_iBoot:4FF1D4F6 018 CMP R3, R2 ; Set cond. codes on Op1 - Op2
  
N88AP_iBoot:4FF1D4F8 018 BCS loc_4FF1D502 ; Branch
  
N88AP_iBoot:4FF1D4FA 018 LDR R0, =aImage_loadImageTooLarge_0 ; "image_load: image too large\n"
  
N88AP_iBoot:4FF1D4FC 018 BL N88AP__iBOOT__console_printf ; Branch with Link
  
N88AP_iBoot:4FF1D500 018 B end_of_error ; Branch
  
N88AP_iBoot:4FF1D502 ; ---------------------------------------------------------------------------
  
N88AP_iBoot:4FF1D502
  
N88AP_iBoot:4FF1D502 loc_4FF1D502 ; CODE XREF: n88ap__iBoot__image_load+18�j
  
N88AP_iBoot:4FF1D502 018 LDR R2, [R0,#MEMZ_STRUCT.id_memz] ; Load from Memory
  
N88AP_iBoot:4FF1D504 018 LDR R3, ='Memz' ; Load from Memory
  
N88AP_iBoot:4FF1D506 018 CMP R2, R3 ; Set cond. codes on Op1 - Op2
  
N88AP_iBoot:4FF1D508 018 BEQ MemZ_Operation ; Branch
  
N88AP_iBoot:4FF1D50A 018 LDR R3, ='img3' ; Load from Memory
  
N88AP_iBoot:4FF1D50C 018 CMP R2, R3 ; Set cond. codes on Op1 - Op2
  
N88AP_iBoot:4FF1D50E 018 BNE end_of_error ; Branch
  
N88AP_iBoot:4FF1D510 018 B img3_Operation ; Branch
  
N88AP_iBoot:4FF1D512 ; ---------------------------------------------------------------------------
  
N88AP_iBoot:4FF1D512
  
N88AP_iBoot:4FF1D512 MemZ_Operation ; CODE XREF: n88ap__iBoot__image_load+28�j
  
N88AP_iBoot:4FF1D512 018 ADD R2, SP, #0x18+var_14 ; Rd = Op1 + Op2
  
N88AP_iBoot:4FF1D514 018 MOV R3, SP ; Rd = Op2
  
N88AP_iBoot:4FF1D516 018 BL n88ap__iBoot__blockdev ; Branch with Link
  
N88AP_iBoot:4FF1D51A 018 CBZ R0, loc_4FF1D534 ; Compare and Branch on Zero
  
N88AP_iBoot:4FF1D51C 018 CMP R0, #0x16 ; Set cond. codes on Op1 - Op2
  
N88AP_iBoot:4FF1D51E 018 BNE end_of_error ; Branch
  
N88AP_iBoot:4FF1D520 018 LDR R3, [R4] ; Load from Memory
  
N88AP_iBoot:4FF1D522 018 STR R3, [SP,#0x18+var_14] ; Store to Memory
  
N88AP_iBoot:4FF1D524 018 LDR R3, [R5] ; Load from Memory
  
N88AP_iBoot:4FF1D526 018 STR R3, [SP,#0x18+var_18] ; Store to Memory
  
N88AP_iBoot:4FF1D528 018 B end_of_error ; Branch
  
N88AP_iBoot:4FF1D52A ; ---------------------------------------------------------------------------
  
N88AP_iBoot:4FF1D52A
  
N88AP_iBoot:4FF1D52A img3_Operation ; CODE XREF: n88ap__iBoot__image_load+30�j
  
N88AP_iBoot:4FF1D52A 018 ADD R2, SP, #0x18+var_14 ; Rd = Op1 + Op2
  
N88AP_iBoot:4FF1D52C 018 MOV R3, SP ; Rd = Op2
  
N88AP_iBoot:4FF1D52E 018 BL n88ap__iBoot__blockdev ; Branch with Link
  
N88AP_iBoot:4FF1D532 018 CBNZ R0, end_of_error ; Compare and Branch on Non-Zero
  
N88AP_iBoot:4FF1D534
  
N88AP_iBoot:4FF1D534 loc_4FF1D534 ; CODE XREF: n88ap__iBoot__image_load+3A�j
  
N88AP_iBoot:4FF1D534 018 LDR R3, [SP,#0x18+var_14] ; Load from Memory
  
N88AP_iBoot:4FF1D536 018 MOVS R0, #0 ; Rd = Op2
  
N88AP_iBoot:4FF1D538 018 STR R3, [R4] ; Store to Memory
  
N88AP_iBoot:4FF1D53A 018 LDR R3, [SP,#0x18+var_18] ; Load from Memory
  
N88AP_iBoot:4FF1D53C 018 STR R3, [R5] ; Store to Memory
  
N88AP_iBoot:4FF1D53E 018 B loc_4FF1D54A ; Branch
  
N88AP_iBoot:4FF1D540 ; ---------------------------------------------------------------------------
  
N88AP_iBoot:4FF1D540
  
N88AP_iBoot:4FF1D540 end_of_error ; CODE XREF: n88ap__iBoot__image_load+12�j
  
N88AP_iBoot:4FF1D540 ; n88ap__iBoot__image_load+20�j
  
N88AP_iBoot:4FF1D540 ; n88ap__iBoot__image_load+2E�j
  
N88AP_iBoot:4FF1D540 ; n88ap__iBoot__image_load+3E�j
  
N88AP_iBoot:4FF1D540 ; n88ap__iBoot__image_load+48�j ...
  
N88AP_iBoot:4FF1D540 018 MOV.W R0, #0xFFFFFFFF ; Rd = Op2
  
N88AP_iBoot:4FF1D544 018 MOVS R3, #0 ; Rd = Op2
  
N88AP_iBoot:4FF1D546 018 STR R3, [R4] ; Store to Memory
  
N88AP_iBoot:4FF1D548 018 STR R3, [R5] ; Store to Memory
  
N88AP_iBoot:4FF1D54A
  
N88AP_iBoot:4FF1D54A loc_4FF1D54A ; CODE XREF: n88ap__iBoot__image_load+5E�j
  
N88AP_iBoot:4FF1D54A 018 SUB.W SP, R7, #8 ; Rd = Op1 - Op2
  
N88AP_iBoot:4FF1D54E 018 POP {R4,R5,R7,PC} ; Pop registers
  
N88AP_iBoot:4FF1D54E ; End of function n88ap__iBoot__image_load
  
N88AP_iBoot:4FF1D54E
  
N88AP_iBoot:4FF1D54E ; ---------------------------------------------------------------------------
  
N88AP_iBoot:4FF1D550 ; int off_4FF1D550
  
N88AP_iBoot:4FF1D550 off_4FF1D550 DCD aImage_loadImageTooLarge_0
  
N88AP_iBoot:4FF1D550 ; DATA XREF: n88ap__iBoot__image_load+1A�r
  
N88AP_iBoot:4FF1D550 ; "image_load: image too large\n"
  
N88AP_iBoot:4FF1D554 dword_4FF1D554 DCD 'Memz' ; DATA XREF: n88ap__iBoot__image_load+24�r
  
N88AP_iBoot:4FF1D558 dword_4FF1D558 DCD 'img3' ; DATA XREF: n88ap__iBoot__image_load+2A�r
  
</pre>
  
<pre>
  
N88AP_iBoot:4FF15868
  
N88AP_iBoot:4FF15868 ; =============== S U B R O U T I N E =======================================
  
N88AP_iBoot:4FF15868
  
N88AP_iBoot:4FF15868 ; Attributes: bp-based frame
  
N88AP_iBoot:4FF15868
  
N88AP_iBoot:4FF15868 n88ap__iBoot__blockdev ; CODE XREF: n88ap__iBoot__image_load+36�p
  
N88AP_iBoot:4FF15868 ; n88ap__iBoot__image_load+4E�p
  
N88AP_iBoot:4FF15868
  
N88AP_iBoot:4FF15868 var_94 = -0x94
  
N88AP_iBoot:4FF15868 var_90 = -0x90
  
N88AP_iBoot:4FF15868 var_8C = -0x8C
  
N88AP_iBoot:4FF15868 var_88 = -0x88
  
N88AP_iBoot:4FF15868 var_84 = -0x84
  
N88AP_iBoot:4FF15868 var_80 = -0x80
  
N88AP_iBoot:4FF15868 var_7C = -0x7C
  
N88AP_iBoot:4FF15868 var_78 = -0x78
  
N88AP_iBoot:4FF15868 var_74 = -0x74
  
N88AP_iBoot:4FF15868 var_70 = -0x70
  
N88AP_iBoot:4FF15868 var_6C = -0x6C
  
N88AP_iBoot:4FF15868 var_68 = -0x68
  
N88AP_iBoot:4FF15868 var_64 = -0x64
  
N88AP_iBoot:4FF15868 var_60 = -0x60
  
N88AP_iBoot:4FF15868 argv2 = -0x5C
  
N88AP_iBoot:4FF15868 var_58 = -0x58
  
N88AP_iBoot:4FF15868 var_54 = -0x54
  
N88AP_iBoot:4FF15868 var_44 = -0x44
  
N88AP_iBoot:4FF15868 var_24 = -0x24
  
N88AP_iBoot:4FF15868 oldR4 = -0x14
  
N88AP_iBoot:4FF15868 oldR5 = -0x10
  
N88AP_iBoot:4FF15868 oldR6 = -0xC
  
N88AP_iBoot:4FF15868 oldR7 = -8
  
N88AP_iBoot:4FF15868 oldLR = -4
  
N88AP_iBoot:4FF15868
  
N88AP_iBoot:4FF15868 000 PUSH {R4-R7,LR} ; Push registers
  
N88AP_iBoot:4FF1586A 014 ADD R7, SP, #0xC ; Rd = Op1 + Op2
  
N88AP_iBoot:4FF1586C 014 PUSH.W {R8,R10,R11} ; Push registers
  
N88AP_iBoot:4FF15870 020 SUB SP, SP, #0x74 ; Rd = Op1 - Op2
  
N88AP_iBoot:4FF15872 094 MOV R10, R1 ; Rd = Op2
  
N88AP_iBoot:4FF15874 094 LDR R1, =dword_4FF2A308 ; param_R1
  
N88AP_iBoot:4FF15876 094 STR R3, [SP,#0x94+var_84] ; Store to Memory
  
N88AP_iBoot:4FF15878 094 MOV R11, R2 ; Rd = Op2
  
N88AP_iBoot:4FF1587A 094 LDR R3, [R1] ; Load from Memory
  
N88AP_iBoot:4FF1587C 094 MOV R5, R0 ; Rd = Op2
  
N88AP_iBoot:4FF1587E 094 STR R3, [SP,#0x94+var_24] ; Store to Memory
  
N88AP_iBoot:4FF15880 094 MOVS R3, #0 ; Rd = Op2
  
N88AP_iBoot:4FF15882 094 STR R3, [SP,#0x94+var_58] ; Store to Memory
  
N88AP_iBoot:4FF15884 094 LDR R3, ='Memz' ; Load from Memory
  
N88AP_iBoot:4FF15886 094 LDR R6, [R2] ; Load from Memory
  
N88AP_iBoot:4FF15888 094 LDR R2, [R0,#MEMZ_STRUCT.id_memz] ; param_R2
  
N88AP_iBoot:4FF1588A 094 LDR.W R8, [R0,#MEMZ_STRUCT.tag.full_size] ; Load from Memory
  
N88AP_iBoot:4FF1588E 094 CMP R2, R3 ; Set cond. codes on Op1 - Op2
  
N88AP_iBoot:4FF15890 094 BEQ loc_4FF158CC ; Branch
  
N88AP_iBoot:4FF15892 094 LDR R3, ='img3' ; param_R3
  
N88AP_iBoot:4FF15894 094 CMP R2, R3 ; Set cond. codes on Op1 - Op2
  
N88AP_iBoot:4FF15896 094 BNE loc_4FF158A0 ; Branch
  
N88AP_iBoot:4FF15898 094 CBNZ R6, loc_4FF158A6 ; Compare and Branch on Non-Zero
  
N88AP_iBoot:4FF1589A 094 LDR R0, =aLoadAddressNotSpecified_0 ; "load address not specified\n"
  
N88AP_iBoot:4FF1589C 094 BL N88AP__iBOOT__console_printf ; Branch with Link
  
N88AP_iBoot:4FF158A0
  
N88AP_iBoot:4FF158A0 loc_4FF158A0 ; CODE XREF: n88ap__iBoot__blockdev+2E�j
  
N88AP_iBoot:4FF158A0 094 MOV.W R4, #0xFFFFFFFF ; Rd = Op2
  
N88AP_iBoot:4FF158A4 094 B loc_4FF15B60 ; Branch
  
N88AP_iBoot:4FF158A6 ; ---------------------------------------------------------------------------
  
N88AP_iBoot:4FF158A6
  
N88AP_iBoot:4FF158A6 loc_4FF158A6 ; CODE XREF: n88ap__iBoot__blockdev+30�j
  
N88AP_iBoot:4FF158A6 094 LDR R3, [R0,#MEMZ_STRUCT.start_address] ; Load from Memory
  
N88AP_iBoot:4FF158A8 094 MOV R1, R6 ; Rd = Op2
  
N88AP_iBoot:4FF158AA 094 LDR R0, [R3,#8] ; Load from Memory
  
N88AP_iBoot:4FF158AC 094 LDR R2, [R3,#0xC] ; Load from Memory
  
N88AP_iBoot:4FF158AE 094 STR.W R8, [SP,#0x94+var_94] ; Store to Memory
  
N88AP_iBoot:4FF158B2 094 MOV R2, R2 ; Rd = Op2
  
N88AP_iBoot:4FF158B4 094 MOV.W R3, #0 ; Rd = Op2
  
N88AP_iBoot:4FF158B8 094 LDR R4, [R0,#0x1C] ; Load from Memory
  
N88AP_iBoot:4FF158BA 094 BLX R4 ; Branch with Link and Exchange (register indirect)
  
N88AP_iBoot:4FF158BC 094 CMP R0, #0 ; Set cond. codes on Op1 - Op2
  
N88AP_iBoot:4FF158BE 094 MOV R4, R0 ; Rd = Op2
  
N88AP_iBoot:4FF158C0 094 BGT loc_4FF158E8 ; Branch
  
N88AP_iBoot:4FF158C2 094 MOV R1, R4 ; param_R1
  
N88AP_iBoot:4FF158C4 094 LDR R0, =aBlockdevReadFailedWithD_0 ; "blockdev read failed with %d\n"
  
N88AP_iBoot:4FF158C6 094 BL N88AP__iBOOT__console_printf ; Branch with Link
  
N88AP_iBoot:4FF158CA 094 B loc_4FF15B60 ; Branch
  
N88AP_iBoot:4FF158CC ; ---------------------------------------------------------------------------
  
N88AP_iBoot:4FF158CC
  
N88AP_iBoot:4FF158CC loc_4FF158CC ; CODE XREF: n88ap__iBoot__blockdev+28�j
  
N88AP_iBoot:4FF158CC 094 LDR R1, [R0,#MEMZ_STRUCT.start_address] ; Load from Memory
  
N88AP_iBoot:4FF158CE 094 LDR R3, ='Img3' ; Load from Memory
  
N88AP_iBoot:4FF158D0 094 LDR R2, [R1] ; Load from Memory
  
N88AP_iBoot:4FF158D2 094 CMP R2, R3 ; Set cond. codes on Op1 - Op2
  
N88AP_iBoot:4FF158D4 094 BEQ loc_4FF158DA ; Branch
  
N88AP_iBoot:4FF158D6 094 MOVS R4, #0x16 ; Rd = Op2
  
N88AP_iBoot:4FF158D8 094 B loc_4FF15B6C ; Branch
  
N88AP_iBoot:4FF158DA ; ---------------------------------------------------------------------------
  
N88AP_iBoot:4FF158DA
  
N88AP_iBoot:4FF158DA loc_4FF158DA ; CODE XREF: n88ap__iBoot__blockdev+6C�j
  
N88AP_iBoot:4FF158DA 094 CBZ R6, loc_4FF158E8 ; Compare and Branch on Zero
  
N88AP_iBoot:4FF158DC 094 CMP R6, R1 ; Set cond. codes on Op1 - Op2
  
N88AP_iBoot:4FF158DE 094 BEQ loc_4FF158E8 ; Branch
  
N88AP_iBoot:4FF158E0 094 MOV R0, R6 ; Rd = Op2
  
N88AP_iBoot:4FF158E2 094 MOV R2, R8 ; Rd = Op2
  
N88AP_iBoot:4FF158E4 094 BLX sub_4FF1EE70 ; Branch with Link and Exchange (immediate address)
  
N88AP_iBoot:4FF158E8
  
N88AP_iBoot:4FF158E8 loc_4FF158E8 ; CODE XREF: n88ap__iBoot__blockdev+58�j
  
N88AP_iBoot:4FF158E8 ; n88ap__iBoot__blockdev:loc_4FF158DA�j
  
N88AP_iBoot:4FF158E8 ; n88ap__iBoot__blockdev+76�j
  
N88AP_iBoot:4FF158E8 094 ADD R0, SP, #0x94+var_58 ; Rd = Op1 + Op2
  
N88AP_iBoot:4FF158EA 094 MOV R1, R6 ; Rd = Op2
  
N88AP_iBoot:4FF158EC 094 MOV R2, R8 ; Rd = Op2
  
N88AP_iBoot:4FF158EE 094 MOVS R3, #0 ; Rd = Op2
  
N88AP_iBoot:4FF158F0 094 BL sub_4FF153EC ; Branch with Link
  
N88AP_iBoot:4FF158F4 094 MOV R4, R0 ; Rd = Op2
  
N88AP_iBoot:4FF158F6 094 CMP R0, #0 ; Set cond. codes on Op1 - Op2
  
N88AP_iBoot:4FF158F8 094 BNE.W loc_4FF15B60 ; Branch
  
N88AP_iBoot:4FF158FC 094 LDR R2, [R5,#0xC] ; Load from Memory
  
N88AP_iBoot:4FF158FE 094 LDR R3, ='img3' ; Load from Memory
  
N88AP_iBoot:4FF15900 094 CMP R2, R3 ; Set cond. codes on Op1 - Op2
  
N88AP_iBoot:4FF15902 094 BNE loc_4FF15908 ; Branch
  
N88AP_iBoot:4FF15904 094 MOVS R1, #1 ; Rd = Op2
  
N88AP_iBoot:4FF15906 094 B loc_4FF15910 ; Branch
  
N88AP_iBoot:4FF15908 ; ---------------------------------------------------------------------------
  
N88AP_iBoot:4FF15908
  
N88AP_iBoot:4FF15908 loc_4FF15908 ; CODE XREF: n88ap__iBoot__blockdev+9A�j
  
N88AP_iBoot:4FF15908 094 LDR R3, [R5,#0x10] ; Load from Memory
  
N88AP_iBoot:4FF1590A 094 LSRS R1, R3, #2 ; Logical Shift Right
  
N88AP_iBoot:4FF1590C 094 AND.W R1, R1, #1 ; Rd = Op1 & Op2
  
N88AP_iBoot:4FF15910
  
N88AP_iBoot:4FF15910 loc_4FF15910 ; CODE XREF: n88ap__iBoot__blockdev+9E�j
  
N88AP_iBoot:4FF15910 094 LDR R0, [SP,#0x94+var_58] ; Load from Memory
  
N88AP_iBoot:4FF15912 094 BL sub_4FF1548C ; Branch with Link
  
N88AP_iBoot:4FF15916 094 MOV R4, R0 ; Rd = Op2
  
N88AP_iBoot:4FF15918 094 CBZ R0, loc_4FF15938 ; Compare and Branch on Zero
  
N88AP_iBoot:4FF1591A 094 CMP R0, #1 ; Set cond. codes on Op1 - Op2
  
N88AP_iBoot:4FF1591C 094 BNE.W loc_4FF15B60 ; Branch
  
N88AP_iBoot:4FF15920 094 LDR R0, [R5,#0x10] ; Load from Memory
  
N88AP_iBoot:4FF15922 094 TST.W R0, #2 ; Set cond. codes on Op1 & Op2
  
N88AP_iBoot:4FF15926 094 BNE.W loc_4FF15B60 ; Branch
  
N88AP_iBoot:4FF1592A 094 MOV R0, R4 ; Rd = Op2
  
N88AP_iBoot:4FF1592C 094 BL sub_4FF1A074 ; Branch with Link
  
N88AP_iBoot:4FF15930 094 CMP R0, #0 ; Set cond. codes on Op1 - Op2
  
N88AP_iBoot:4FF15932 094 BEQ.W loc_4FF15B60 ; Branch
  
N88AP_iBoot:4FF15936 094 B loc_4FF15A40 ; Branch
  
N88AP_iBoot:4FF15938 ; ---------------------------------------------------------------------------
  
N88AP_iBoot:4FF15938
  
N88AP_iBoot:4FF15938 loc_4FF15938 ; CODE XREF: n88ap__iBoot__blockdev+B0�j
  
N88AP_iBoot:4FF15938 094 LDR R2, [SP,#0x94+var_58] ; Load from Memory
  
N88AP_iBoot:4FF1593A 094 STR R2, [SP,#0x94+var_70] ; Store to Memory
  
N88AP_iBoot:4FF1593C 094 BL sub_4FF1F920 ; Branch with Link
  
N88AP_iBoot:4FF15940 094 MOVS R1, #1 ; Rd = Op2
  
N88AP_iBoot:4FF15942 094 STR R1, [SP,#0x94+var_90] ; Store to Memory
  
N88AP_iBoot:4FF15944 094 STR R1, [SP,#0x94+var_8C] ; Store to Memory
  
N88AP_iBoot:4FF15946 094 SUBS R1, #1 ; Rd = Op1 - Op2
  
N88AP_iBoot:4FF15948 094 STR R1, [SP,#0x94+var_88] ; Store to Memory
  
N88AP_iBoot:4FF1594A 094 LDR R1, ='SDOM' ; Load from Memory
  
N88AP_iBoot:4FF1594C 094 STR R4, [SP,#0x94+var_94] ; Store to Memory
  
N88AP_iBoot:4FF1594E 094 MOV R2, R0 ; Rd = Op2
  
N88AP_iBoot:4FF15950 094 MOV.W R3, #0 ; Rd = Op2
  
N88AP_iBoot:4FF15954 094 LDR R0, [SP,#0x94+var_70] ; Load from Memory
  
N88AP_iBoot:4FF15956 094 BL sub_4FF15798 ; Branch with Link
  
N88AP_iBoot:4FF1595A 094 MOV R4, R0 ; Rd = Op2
  
N88AP_iBoot:4FF1595C 094 CMP R0, #0 ; Set cond. codes on Op1 - Op2
  
N88AP_iBoot:4FF1595E 094 BNE loc_4FF15A44 ; Branch
  
N88AP_iBoot:4FF15960 094 BL sub_4FF1F914 ; Branch with Link
  
N88AP_iBoot:4FF15964 094 CBZ R0, loc_4FF15982 ; Compare and Branch on Zero
  
N88AP_iBoot:4FF15966 094 MOVS R2, #1 ; Rd = Op2
  
N88AP_iBoot:4FF15968 094 LDR R0, [SP,#0x94+var_58] ; Load from Memory
  
N88AP_iBoot:4FF1596A 094 STR R2, [SP,#0x94+var_90] ; Store to Memory
  
N88AP_iBoot:4FF1596C 094 STR R2, [SP,#0x94+var_8C] ; Store to Memory
  
N88AP_iBoot:4FF1596E 094 LDR R1, ='PROD' ; Load from Memory
  
N88AP_iBoot:4FF15970 094 MOVS R2, #1 ; Rd = Op2
  
N88AP_iBoot:4FF15972 094 MOVS R3, #0 ; Rd = Op2
  
N88AP_iBoot:4FF15974 094 STR R4, [SP,#0x94+var_94] ; Store to Memory
  
N88AP_iBoot:4FF15976 094 STR R4, [SP,#0x94+var_88] ; Store to Memory
  
N88AP_iBoot:4FF15978 094 BL sub_4FF15798 ; Branch with Link
  
N88AP_iBoot:4FF1597C 094 MOV R4, R0 ; Rd = Op2
  
N88AP_iBoot:4FF1597E 094 CMP R0, #0 ; Set cond. codes on Op1 - Op2
  
N88AP_iBoot:4FF15980 094 BNE loc_4FF15A44 ; Branch
  
N88AP_iBoot:4FF15982
  
N88AP_iBoot:4FF15982 loc_4FF15982 ; CODE XREF: n88ap__iBoot__blockdev+FC�j
  
N88AP_iBoot:4FF15982 094 LDR R4, [SP,#0x94+var_58] ; Load from Memory
  
N88AP_iBoot:4FF15984 094 BL sub_4FF1F8F8 ; Branch with Link
  
N88AP_iBoot:4FF15988 094 MOVS R1, #0 ; Rd = Op2
  
N88AP_iBoot:4FF1598A 094 STR R1, [SP,#0x94+var_94] ; Store to Memory
  
N88AP_iBoot:4FF1598C 094 ADDS R1, #1 ; Rd = Op1 + Op2
  
N88AP_iBoot:4FF1598E 094 STR R1, [SP,#0x94+var_90] ; Store to Memory
  
N88AP_iBoot:4FF15990 094 STR R1, [SP,#0x94+var_8C] ; Store to Memory
  
N88AP_iBoot:4FF15992 094 SUBS R1, #1 ; Rd = Op1 - Op2
  
N88AP_iBoot:4FF15994 094 STR R1, [SP,#0x94+var_88] ; Store to Memory
  
N88AP_iBoot:4FF15996 094 LDR R1, ='CHIP' ; Load from Memory
  
N88AP_iBoot:4FF15998 094 MOV R2, R0 ; Rd = Op2
  
N88AP_iBoot:4FF1599A 094 MOV.W R3, #0 ; Rd = Op2
  
N88AP_iBoot:4FF1599E 094 MOV R0, R4 ; Rd = Op2
  
N88AP_iBoot:4FF159A0 094 BL sub_4FF15798 ; Branch with Link
  
N88AP_iBoot:4FF159A4 094 MOV R4, R0 ; Rd = Op2
  
N88AP_iBoot:4FF159A6 094 CMP R0, #0 ; Set cond. codes on Op1 - Op2
  
N88AP_iBoot:4FF159A8 094 BNE loc_4FF15A44 ; Branch
  
N88AP_iBoot:4FF159AA 094 CMP.W R10, #0 ; Set cond. codes on Op1 - Op2
  
N88AP_iBoot:4FF159AE 094 BEQ loc_4FF159CE ; Branch
  
N88AP_iBoot:4FF159B0 094 STR R0, [SP,#0x94+var_94] ; Store to Memory
  
N88AP_iBoot:4FF159B2 094 MOVS R1, #1 ; Rd = Op2
  
N88AP_iBoot:4FF159B4 094 STR R0, [SP,#0x94+var_8C] ; Store to Memory
  
N88AP_iBoot:4FF159B6 094 STR R1, [SP,#0x94+var_90] ; Store to Memory
  
N88AP_iBoot:4FF159B8 094 STR R0, [SP,#0x94+var_88] ; Store to Memory
  
N88AP_iBoot:4FF159BA 094 MOV R2, R10 ; Rd = Op2
  
N88AP_iBoot:4FF159BC 094 MOV.W R3, #0 ; Rd = Op2
  
N88AP_iBoot:4FF159C0 094 LDR R0, [SP,#0x94+var_58] ; Load from Memory
  
N88AP_iBoot:4FF159C2 094 LDR R1, ='TYPE' ; Load from Memory
  
N88AP_iBoot:4FF159C4 094 BL sub_4FF15798 ; Branch with Link
  
N88AP_iBoot:4FF159C8 094 MOV R4, R0 ; Rd = Op2
  
N88AP_iBoot:4FF159CA 094 CMP R0, #0 ; Set cond. codes on Op1 - Op2
  
N88AP_iBoot:4FF159CC 094 BNE loc_4FF15A44 ; Branch
  
N88AP_iBoot:4FF159CE
  
N88AP_iBoot:4FF159CE loc_4FF159CE ; CODE XREF: n88ap__iBoot__blockdev+146�j
  
N88AP_iBoot:4FF159CE 094 LDR R4, [SP,#0x94+var_58] ; Load from Memory
  
N88AP_iBoot:4FF159D0 094 BL sub_4FF1E3F8 ; Branch with Link
  
N88AP_iBoot:4FF159D4 094 LDR R1, [R5,#0x10] ; Load from Memory
  
N88AP_iBoot:4FF159D6 094 AND.W R1, R1, #1 ; Rd = Op1 & Op2
  
N88AP_iBoot:4FF159DA 094 STR R1, [SP,#0x94+var_94] ; Store to Memory
  
N88AP_iBoot:4FF159DC 094 MOVS R1, #0 ; Rd = Op2
  
N88AP_iBoot:4FF159DE 094 STR R1, [SP,#0x94+var_90] ; Store to Memory
  
N88AP_iBoot:4FF159E0 094 STR R1, [SP,#0x94+var_8C] ; Store to Memory
  
N88AP_iBoot:4FF159E2 094 STR R1, [SP,#0x94+var_88] ; Store to Memory
  
N88AP_iBoot:4FF159E4 094 LDR R1, ='SEPO' ; Load from Memory
  
N88AP_iBoot:4FF159E6 094 MOV R2, R0 ; Rd = Op2
  
N88AP_iBoot:4FF159E8 094 MOV.W R3, #0 ; Rd = Op2
  
N88AP_iBoot:4FF159EC 094 MOV R0, R4 ; Rd = Op2
  
N88AP_iBoot:4FF159EE 094 BL sub_4FF15798 ; Branch with Link
  
N88AP_iBoot:4FF159F2 094 MOV R4, R0 ; Rd = Op2
  
N88AP_iBoot:4FF159F4 094 CBNZ R0, loc_4FF15A44 ; Compare and Branch on Non-Zero
  
N88AP_iBoot:4FF159F6 094 LDR.W R10, [SP,#0x94+var_58] ; Load from Memory
  
N88AP_iBoot:4FF159FA 094 BL sub_4FF184E4 ; Branch with Link
  
N88AP_iBoot:4FF159FE 094 LDR R1, ='BORD' ; Load from Memory
  
N88AP_iBoot:4FF15A00 094 STR R4, [SP,#0x94+var_94] ; Store to Memory
  
N88AP_iBoot:4FF15A02 094 STR R4, [SP,#0x94+var_90] ; Store to Memory
  
N88AP_iBoot:4FF15A04 094 STR R4, [SP,#0x94+var_8C] ; Store to Memory
  
N88AP_iBoot:4FF15A06 094 STR R4, [SP,#0x94+var_88] ; Store to Memory
  
N88AP_iBoot:4FF15A08 094 MOV R2, R0 ; Rd = Op2
  
N88AP_iBoot:4FF15A0A 094 MOV.W R3, #0 ; Rd = Op2
  
N88AP_iBoot:4FF15A0E 094 MOV R0, R10 ; Rd = Op2
  
N88AP_iBoot:4FF15A10 094 BL sub_4FF15798 ; Branch with Link
  
N88AP_iBoot:4FF15A14 094 MOV R4, R0 ; Rd = Op2
  
N88AP_iBoot:4FF15A16 094 CBNZ R0, loc_4FF15A44 ; Compare and Branch on Non-Zero
  
N88AP_iBoot:4FF15A18 094 LDR.W R10, [SP,#0x94+var_58] ; Load from Memory
  
N88AP_iBoot:4FF15A1C 094 BL sub_4FF1F904 ; Branch with Link
  
N88AP_iBoot:4FF15A20 094 STR R0, [SP,#0x94+var_80] ; Store to Memory
  
N88AP_iBoot:4FF15A22 094 STR R1, [SP,#0x94+var_7C] ; Store to Memory
  
N88AP_iBoot:4FF15A24 094 BL sub_4FF1F910 ; Branch with Link
  
N88AP_iBoot:4FF15A28 094 LDR R1, ='ECID' ; Load from Memory
  
N88AP_iBoot:4FF15A2A 094 ADD R2, SP, #0x94+var_80 ; Rd = Op1 + Op2
  
N88AP_iBoot:4FF15A2C 094 LDMIA R2, {R2,R3} ; Load Block from Memory
  
N88AP_iBoot:4FF15A2E 094 STR R4, [SP,#0x94+var_94] ; Store to Memory
  
N88AP_iBoot:4FF15A30 094 STR R4, [SP,#0x94+var_8C] ; Store to Memory
  
N88AP_iBoot:4FF15A32 094 STR R4, [SP,#0x94+var_88] ; Store to Memory
  
N88AP_iBoot:4FF15A34 094 STR R0, [SP,#0x94+var_90] ; Store to Memory
  
N88AP_iBoot:4FF15A36 094 MOV R0, R10 ; Rd = Op2
  
N88AP_iBoot:4FF15A38 094 BL sub_4FF15798 ; Branch with Link
  
N88AP_iBoot:4FF15A3C 094 MOV R4, R0 ; Rd = Op2
  
N88AP_iBoot:4FF15A3E 094 CBNZ R0, loc_4FF15A44 ; Compare and Branch on Non-Zero
  
N88AP_iBoot:4FF15A40
  
N88AP_iBoot:4FF15A40 loc_4FF15A40 ; CODE XREF: n88ap__iBoot__blockdev+CE�j
  
N88AP_iBoot:4FF15A40 094 STR R4, [SP,#0x94+var_78] ; Store to Memory
  
N88AP_iBoot:4FF15A42 094 B loc_4FF15A64 ; Branch
  
N88AP_iBoot:4FF15A44 ; ---------------------------------------------------------------------------
  
N88AP_iBoot:4FF15A44
  
N88AP_iBoot:4FF15A44 loc_4FF15A44 ; CODE XREF: n88ap__iBoot__blockdev+F6�j
  
N88AP_iBoot:4FF15A44 ; n88ap__iBoot__blockdev+118�j
  
N88AP_iBoot:4FF15A44 ; n88ap__iBoot__blockdev+140�j
  
N88AP_iBoot:4FF15A44 ; n88ap__iBoot__blockdev+164�j
  
N88AP_iBoot:4FF15A44 ; n88ap__iBoot__blockdev+18C�j ...
  
N88AP_iBoot:4FF15A44 094 LDR R0, [R5,#0x10] ; Load from Memory
  
N88AP_iBoot:4FF15A46 094 TST.W R0, #2 ; Set cond. codes on Op1 & Op2
  
N88AP_iBoot:4FF15A4A 094 BNE.W loc_4FF15B60 ; Branch
  
N88AP_iBoot:4FF15A4E 094 MOVS R0, #1 ; Rd = Op2
  
N88AP_iBoot:4FF15A50 094 BL sub_4FF1A074 ; Branch with Link
  
N88AP_iBoot:4FF15A54 094 CMP R0, #0 ; Set cond. codes on Op1 - Op2
  
N88AP_iBoot:4FF15A56 094 BEQ.W loc_4FF15B60 ; Branch
  
N88AP_iBoot:4FF15A5A 094 LDR R0, =aImageValidationFailedButUntrustedImagesAreP_0 ; "image validation failed but untrusted i"...
  
N88AP_iBoot:4FF15A5C 094 BL N88AP__iBOOT__console_printf ; Branch with Link
  
N88AP_iBoot:4FF15A60 094 MOVS R2, #1 ; Rd = Op2
  
N88AP_iBoot:4FF15A62 094 STR R2, [SP,#0x94+var_78] ; Store to Memory
  
N88AP_iBoot:4FF15A64
  
N88AP_iBoot:4FF15A64 loc_4FF15A64 ; CODE XREF: n88ap__iBoot__blockdev+1DA�j
  
N88AP_iBoot:4FF15A64 094 MOVS R3, #0 ; Rd = Op2
  
N88AP_iBoot:4FF15A66 094 LDR R0, [SP,#0x94+var_58] ; Load from Memory
  
N88AP_iBoot:4FF15A68 094 STR R3, [SP,#0x94+var_60] ; Store to Memory
  
N88AP_iBoot:4FF15A6A 094 STR R3, [SP,#0x94+var_94] ; Store to Memory
  
N88AP_iBoot:4FF15A6C 094 LDR R1, ='DATA' ; Load from Memory
  
N88AP_iBoot:4FF15A6E 094 ADD R2, SP, #0x94+argv2 ; Rd = Op1 + Op2
  
N88AP_iBoot:4FF15A70 094 ADD R3, SP, #0x94+var_60 ; Rd = Op1 + Op2
  
N88AP_iBoot:4FF15A72 094 BL sub_4FF1531C ; Branch with Link
  
N88AP_iBoot:4FF15A76 094 MOV R4, R0 ; Rd = Op2
  
N88AP_iBoot:4FF15A78 094 CMP R0, #0 ; Set cond. codes on Op1 - Op2
  
N88AP_iBoot:4FF15A7A 094 BNE loc_4FF15B60 ; Branch
  
N88AP_iBoot:4FF15A7C 094 MOV R10, R0 ; Rd = Op2
  
N88AP_iBoot:4FF15A7E
  
N88AP_iBoot:4FF15A7E loc_4FF15A7E ; CODE XREF: n88ap__iBoot__blockdev+2E2�j
  
N88AP_iBoot:4FF15A7E 094 MOVS R3, #0x38 ; '8' ; Rd = Op2
  
N88AP_iBoot:4FF15A80 094 LDR R0, [SP,#0x94+var_58] ; Load from Memory
  
N88AP_iBoot:4FF15A82 094 STR R3, [SP,#0x94+var_6C] ; Store to Memory
  
N88AP_iBoot:4FF15A84 094 LDR R1, ='KBAG' ; Load from Memory
  
N88AP_iBoot:4FF15A86 094 ADD R2, SP, #0x94+var_64 ; Rd = Op1 + Op2
  
N88AP_iBoot:4FF15A88 094 ADD R3, SP, #0x94+var_6C ; Rd = Op1 + Op2
  
N88AP_iBoot:4FF15A8A 094 STR.W R10, [SP,#0x94+var_94] ; Store to Memory
  
N88AP_iBoot:4FF15A8E 094 BL sub_4FF1531C ; Branch with Link
  
N88AP_iBoot:4FF15A92 094 CMP R0, #2 ; Set cond. codes on Op1 - Op2
  
N88AP_iBoot:4FF15A94 094 BNE loc_4FF15AA0 ; Branch
  
N88AP_iBoot:4FF15A96 094 CMP.W R10, #0 ; Set cond. codes on Op1 - Op2
  
N88AP_iBoot:4FF15A9A 094 BEQ loc_4FF15B4C ; Branch
  
N88AP_iBoot:4FF15A9C 094 MOV R4, R0 ; Rd = Op2
  
N88AP_iBoot:4FF15A9E 094 B loc_4FF15B60 ; Branch
  
N88AP_iBoot:4FF15AA0 ; ---------------------------------------------------------------------------
  
N88AP_iBoot:4FF15AA0
  
N88AP_iBoot:4FF15AA0 loc_4FF15AA0 ; CODE XREF: n88ap__iBoot__blockdev+22C�j
  
N88AP_iBoot:4FF15AA0 094 LDR R3, [SP,#0x94+var_78] ; Load from Memory
  
N88AP_iBoot:4FF15AA2 094 CMP R3, #0 ; Set cond. codes on Op1 - Op2
  
N88AP_iBoot:4FF15AA4 094 BNE loc_4FF15B5E ; Branch
  
N88AP_iBoot:4FF15AA6 094 MOVS R2, #0x30 ; '0' ; Rd = Op2
  
N88AP_iBoot:4FF15AA8 094 MOV R1, R3 ; Rd = Op2
  
N88AP_iBoot:4FF15AAA 094 ADD R0, SP, #0x94+var_54 ; Rd = Op1 + Op2
  
N88AP_iBoot:4FF15AAC 094 BLX sub_4FF1ED54 ; Branch with Link and Exchange (immediate address)
  
N88AP_iBoot:4FF15AB0 094 LDR R1, [SP,#0x94+var_64] ; Load from Memory
  
N88AP_iBoot:4FF15AB2 094 LDR R2, [R1,#4] ; Load from Memory
  
N88AP_iBoot:4FF15AB4 094 CMP R2, #0xC0 ; '? ; Set cond. codes on Op1 - Op2
  
N88AP_iBoot:4FF15AB6 094 BEQ loc_4FF15AC4 ; Branch
  
N88AP_iBoot:4FF15AB8 094 CMP.W R2, #0x100 ; Set cond. codes on Op1 - Op2
  
N88AP_iBoot:4FF15ABC 094 BEQ loc_4FF15ACA ; Branch
  
N88AP_iBoot:4FF15ABE 094 CMP R2, #0x80 ; '€' ; Set cond. codes on Op1 - Op2
  
N88AP_iBoot:4FF15AC0 094 BNE loc_4FF15B5E ; Branch
  
N88AP_iBoot:4FF15AC2 094 B loc_4FF15AD0 ; Branch
  
N88AP_iBoot:4FF15AC4 ; ---------------------------------------------------------------------------
  
N88AP_iBoot:4FF15AC4
  
N88AP_iBoot:4FF15AC4 loc_4FF15AC4 ; CODE XREF: n88ap__iBoot__blockdev+24E�j
  
N88AP_iBoot:4FF15AC4 094 MOV.W R3, #0x10000000 ; Rd = Op2
  
N88AP_iBoot:4FF15AC8 094 B loc_4FF15AD2 ; Branch
  
N88AP_iBoot:4FF15ACA ; ---------------------------------------------------------------------------
  
N88AP_iBoot:4FF15ACA
  
N88AP_iBoot:4FF15ACA loc_4FF15ACA ; CODE XREF: n88ap__iBoot__blockdev+254�j
  
N88AP_iBoot:4FF15ACA 094 MOV.W R3, #0x20000000 ; Rd = Op2
  
N88AP_iBoot:4FF15ACE 094 B loc_4FF15AD2 ; Branch
  
N88AP_iBoot:4FF15AD0 ; ---------------------------------------------------------------------------
  
N88AP_iBoot:4FF15AD0
  
N88AP_iBoot:4FF15AD0 loc_4FF15AD0 ; CODE XREF: n88ap__iBoot__blockdev+25A�j
  
N88AP_iBoot:4FF15AD0 094 MOVS R3, #0 ; Rd = Op2
  
N88AP_iBoot:4FF15AD2
  
N88AP_iBoot:4FF15AD2 loc_4FF15AD2 ; CODE XREF: n88ap__iBoot__blockdev+260�j
  
N88AP_iBoot:4FF15AD2 ; n88ap__iBoot__blockdev+266�j
  
N88AP_iBoot:4FF15AD2 094 LSRS R5, R2, #3 ; Logical Shift Right
  
N88AP_iBoot:4FF15AD4 094 ADDS R1, #8 ; Rd = Op1 + Op2
  
N88AP_iBoot:4FF15AD6 094 MOVS R2, #0x10 ; Rd = Op2
  
N88AP_iBoot:4FF15AD8 094 ADD R0, SP, #0x94+var_54 ; Rd = Op1 + Op2
  
N88AP_iBoot:4FF15ADA 094 STR R3, [SP,#0x94+var_74] ; Store to Memory
  
N88AP_iBoot:4FF15ADC 094 BLX sub_4FF1EE70 ; Branch with Link and Exchange (immediate address)
  
N88AP_iBoot:4FF15AE0 094 LDR R1, [SP,#0x94+var_64] ; Load from Memory
  
N88AP_iBoot:4FF15AE2 094 ADD R0, SP, #0x94+var_44 ; Rd = Op1 + Op2
  
N88AP_iBoot:4FF15AE4 094 ADDS R1, #0x18 ; Rd = Op1 + Op2
  
N88AP_iBoot:4FF15AE6 094 MOV R2, R5 ; Rd = Op2
  
N88AP_iBoot:4FF15AE8 094 BLX sub_4FF1EE70 ; Branch with Link and Exchange (immediate address)
  
N88AP_iBoot:4FF15AEC 094 LDR R0, [SP,#0x94+var_64] ; Load from Memory
  
N88AP_iBoot:4FF15AEE 094 LDR R3, [R0] ; Load from Memory
  
N88AP_iBoot:4FF15AF0 094 CBZ R3, loc_4FF15B16 ; Compare and Branch on Zero
  
N88AP_iBoot:4FF15AF2 094 MOVS R3, #0 ; Rd = Op2
  
N88AP_iBoot:4FF15AF4 094 ADD R1, SP, #0x94+var_68 ; Rd = Op1 + Op2
  
N88AP_iBoot:4FF15AF6 094 STR R3, [SP,#0x94+var_68] ; Store to Memory
  
N88AP_iBoot:4FF15AF8 094 LDR R0, [R0] ; Load from Memory
  
N88AP_iBoot:4FF15AFA 094 BL sub_4FF18500 ; Branch with Link
  
N88AP_iBoot:4FF15AFE 094 CBNZ R0, loc_4FF15B46 ; Compare and Branch on Non-Zero
  
N88AP_iBoot:4FF15B00 094 LDR R2, [SP,#0x94+var_68] ; Load from Memory
  
N88AP_iBoot:4FF15B02 094 STR R0, [SP,#0x94+var_90] ; Store to Memory
  
N88AP_iBoot:4FF15B04 094 STR R0, [SP,#0x94+var_8C] ; Store to Memory
  
N88AP_iBoot:4FF15B06 094 STR R2, [SP,#0x94+var_94] ; Store to Memory
  
N88AP_iBoot:4FF15B08 094 ADD.W R3, R5, #0x10 ; Rd = Op1 + Op2
  
N88AP_iBoot:4FF15B0C 094 ADDS R0, #Decrypt ; argv1
  
N88AP_iBoot:4FF15B0E 094 ADD R1, SP, #0x94+var_54 ; argv2
  
N88AP_iBoot:4FF15B10 094 ADD R2, SP, #0x94+var_54 ; argv3
  
N88AP_iBoot:4FF15B12 094 BL N88AP__iBOOT__aes_crypto_cmd ; Branch with Link
  
N88AP_iBoot:4FF15B16
  
N88AP_iBoot:4FF15B16 loc_4FF15B16 ; CODE XREF: n88ap__iBoot__blockdev+288�j
  
N88AP_iBoot:4FF15B16 094 LDR R1, [SP,#0x94+var_74] ; Load from Memory
  
N88AP_iBoot:4FF15B18 094 LDR R3, [SP,#0x94+var_60] ; Load from Memory
  
N88AP_iBoot:4FF15B1A 094 ADD R2, SP, #0x94+var_44 ; Rd = Op1 + Op2
  
N88AP_iBoot:4FF15B1C 094 STR R1, [SP,#0x94+var_94] ; Store to Memory
  
N88AP_iBoot:4FF15B1E 094 LDR R1, [SP,#0x94+argv2] ; argv2
  
N88AP_iBoot:4FF15B20 094 TST.W R3, #0xF ; Set cond. codes on Op1 & Op2
  
N88AP_iBoot:4FF15B24 094 ITT NE ; If Then
  
N88AP_iBoot:4FF15B26 094 BICNE.W R3, R3, #0xF ; Rd = Op1 & ~Op2
  
N88AP_iBoot:4FF15B2A 094 ADDNE R3, #0x10 ; Rd = Op1 + Op2
  
N88AP_iBoot:4FF15B2C 094 STR R2, [SP,#0x94+var_90] ; Store to Memory
  
N88AP_iBoot:4FF15B2E 094 MOVS R0, #0x11 ; argv1
  
N88AP_iBoot:4FF15B30 094 ADD R2, SP, #0x94+var_54 ; Rd = Op1 + Op2
  
N88AP_iBoot:4FF15B32 094 STR R2, [SP,#0x94+var_8C] ; Store to Memory
  
N88AP_iBoot:4FF15B34 094 MOV R2, R1 ; argv3
  
N88AP_iBoot:4FF15B36 094 BL N88AP__iBOOT__aes_crypto_cmd ; Branch with Link
  
N88AP_iBoot:4FF15B3A 094 ADD R0, SP, #0x94+var_54 ; Rd = Op1 + Op2
  
N88AP_iBoot:4FF15B3C 094 MOVS R1, #0 ; Rd = Op2
  
N88AP_iBoot:4FF15B3E 094 MOVS R2, #0x30 ; '0' ; Rd = Op2
  
N88AP_iBoot:4FF15B40 094 BLX sub_4FF1ED54 ; Branch with Link and Exchange (immediate address)
  
N88AP_iBoot:4FF15B44 094 B loc_4FF15B4C ; Branch
  
N88AP_iBoot:4FF15B46 ; ---------------------------------------------------------------------------
  
N88AP_iBoot:4FF15B46
  
N88AP_iBoot:4FF15B46 loc_4FF15B46 ; CODE XREF: n88ap__iBoot__blockdev+296�j
  
N88AP_iBoot:4FF15B46 094 ADD.W R10, R10, #1 ; Rd = Op1 + Op2
  
N88AP_iBoot:4FF15B4A 094 B loc_4FF15A7E ; Branch
  
N88AP_iBoot:4FF15B4C ; ---------------------------------------------------------------------------
  
N88AP_iBoot:4FF15B4C
  
N88AP_iBoot:4FF15B4C loc_4FF15B4C ; CODE XREF: n88ap__iBoot__blockdev+232�j
  
N88AP_iBoot:4FF15B4C ; n88ap__iBoot__blockdev+2DC�j
  
N88AP_iBoot:4FF15B4C 094 LDR R2, [SP,#0x94+var_60] ; Load from Memory
  
N88AP_iBoot:4FF15B4E 094 MOV R0, R6 ; Rd = Op2
  
N88AP_iBoot:4FF15B50 094 LDR R1, [SP,#0x94+argv2] ; Load from Memory
  
N88AP_iBoot:4FF15B52 094 BLX sub_4FF1EE70 ; Branch with Link and Exchange (immediate address)
  
N88AP_iBoot:4FF15B56 094 LDR R3, [SP,#0x94+var_60] ; Load from Memory
  
N88AP_iBoot:4FF15B58 094 LDR R2, [SP,#0x94+var_84] ; Load from Memory
  
N88AP_iBoot:4FF15B5A 094 STR R3, [R2] ; Store to Memory
  
N88AP_iBoot:4FF15B5C 094 B loc_4FF15B60 ; Branch
  
N88AP_iBoot:4FF15B5E ; ---------------------------------------------------------------------------
  
N88AP_iBoot:4FF15B5E
  
N88AP_iBoot:4FF15B5E loc_4FF15B5E ; CODE XREF: n88ap__iBoot__blockdev+23C�j
  
N88AP_iBoot:4FF15B5E ; n88ap__iBoot__blockdev+258�j
  
N88AP_iBoot:4FF15B5E 094 MOVS R4, #0x16 ; Rd = Op2
  
N88AP_iBoot:4FF15B60
  
N88AP_iBoot:4FF15B60 loc_4FF15B60 ; CODE XREF: n88ap__iBoot__blockdev+3C�j
  
N88AP_iBoot:4FF15B60 ; n88ap__iBoot__blockdev+62�j
  
N88AP_iBoot:4FF15B60 ; n88ap__iBoot__blockdev+90�j
  
N88AP_iBoot:4FF15B60 ; n88ap__iBoot__blockdev+B4�j
  
N88AP_iBoot:4FF15B60 ; n88ap__iBoot__blockdev+BE�j ...
  
N88AP_iBoot:4FF15B60 094 LDR R3, [SP,#0x94+var_58] ; Load from Memory
  
N88AP_iBoot:4FF15B62 094 CBZ R3, loc_4FF15B6A ; Compare and Branch on Zero
  
N88AP_iBoot:4FF15B64 094 ADD R0, SP, #0x94+var_58 ; Rd = Op1 + Op2
  
N88AP_iBoot:4FF15B66 094 BL sub_4FF15620 ; Branch with Link
  
N88AP_iBoot:4FF15B6A
  
N88AP_iBoot:4FF15B6A loc_4FF15B6A ; CODE XREF: n88ap__iBoot__blockdev+2FA�j
  
N88AP_iBoot:4FF15B6A 094 CBZ R4, loc_4FF15B7E ; Compare and Branch on Zero
  
N88AP_iBoot:4FF15B6C
  
N88AP_iBoot:4FF15B6C loc_4FF15B6C ; CODE XREF: n88ap__iBoot__blockdev+70�j
  
N88AP_iBoot:4FF15B6C 094 LDR R3, [SP,#0x94+var_84] ; Load from Memory
  
N88AP_iBoot:4FF15B6E 094 MOVS R1, #0 ; Rd = Op2
  
N88AP_iBoot:4FF15B70 094 MOV R0, R6 ; Rd = Op2
  
N88AP_iBoot:4FF15B72 094 STR.W R1, [R11] ; Store to Memory
  
N88AP_iBoot:4FF15B76 094 MOV R2, R8 ; Rd = Op2
  
N88AP_iBoot:4FF15B78 094 STR R1, [R3] ; Store to Memory
  
N88AP_iBoot:4FF15B7A 094 BLX sub_4FF1ED54 ; Branch with Link and Exchange (immediate address)
  
N88AP_iBoot:4FF15B7E
  
N88AP_iBoot:4FF15B7E loc_4FF15B7E ; CODE XREF: n88ap__iBoot__blockdev:loc_4FF15B6A�j
  
N88AP_iBoot:4FF15B7E 094 LDR R1, =dword_4FF2A308 ; Load from Memory
  
N88AP_iBoot:4FF15B80 094 LDR R2, [SP,#0x94+var_24] ; Load from Memory
  
N88AP_iBoot:4FF15B82 094 MOV R0, R4 ; Rd = Op2
  
N88AP_iBoot:4FF15B84 094 LDR R3, [R1] ; Load from Memory
  
N88AP_iBoot:4FF15B86 094 CMP R2, R3 ; Set cond. codes on Op1 - Op2
  
N88AP_iBoot:4FF15B88 094 BEQ loc_4FF15B8E ; Branch
  
N88AP_iBoot:4FF15B8A 094 BL N88AP__iBOOT____stack_chk_fail ; Branch with Link
  
N88AP_iBoot:4FF15B8E ; ---------------------------------------------------------------------------
  
N88AP_iBoot:4FF15B8E
  
N88AP_iBoot:4FF15B8E loc_4FF15B8E ; CODE XREF: n88ap__iBoot__blockdev+320�j
  
N88AP_iBoot:4FF15B8E 094 SUB.W SP, R7, #0x18 ; Rd = Op1 - Op2
  
N88AP_iBoot:4FF15B92 094 POP.W {R8,R10,R11} ; Pop registers
  
N88AP_iBoot:4FF15B96 088 POP {R4-R7,PC} ; Pop registers
  
N88AP_iBoot:4FF15B96 ; End of function n88ap__iBoot__blockdev
  
N88AP_iBoot:4FF15B96
  
N88AP_iBoot:4FF15B96 ; ---------------------------------------------------------------------------
  
N88AP_iBoot:4FF15B98 ; int off_4FF15B98
  
N88AP_iBoot:4FF15B98 off_4FF15B98 DCD dword_4FF2A308 ; DATA XREF: n88ap__iBoot__blockdev+C�r
  
N88AP_iBoot:4FF15B98 ; n88ap__iBoot__blockdev:loc_4FF15B7E�r
  
N88AP_iBoot:4FF15B9C dword_4FF15B9C DCD 'Memz' ; DATA XREF: n88ap__iBoot__blockdev+1C�r
  
N88AP_iBoot:4FF15BA0 ; int dword_4FF15BA0
  
N88AP_iBoot:4FF15BA0 dword_4FF15BA0 DCD 'img3' ; DATA XREF: n88ap__iBoot__blockdev+2A�r
  
N88AP_iBoot:4FF15BA0 ; n88ap__iBoot__blockdev+96�r
  
N88AP_iBoot:4FF15BA4 ; int off_4FF15BA4
  
N88AP_iBoot:4FF15BA4 off_4FF15BA4 DCD aLoadAddressNotSpecified_0
  
N88AP_iBoot:4FF15BA4 ; DATA XREF: n88ap__iBoot__blockdev+32�r
  
N88AP_iBoot:4FF15BA4 ; "load address not specified\n"
  
N88AP_iBoot:4FF15BA8 ; int off_4FF15BA8
  
N88AP_iBoot:4FF15BA8 off_4FF15BA8 DCD aBlockdevReadFailedWithD_0
  
N88AP_iBoot:4FF15BA8 ; DATA XREF: n88ap__iBoot__blockdev+5C�r
  
N88AP_iBoot:4FF15BA8 ; "blockdev read failed with %d\n"
  
N88AP_iBoot:4FF15BAC dword_4FF15BAC DCD 'Img3' ; DATA XREF: n88ap__iBoot__blockdev+66�r
  
N88AP_iBoot:4FF15BB0 dword_4FF15BB0 DCD 'SDOM' ; DATA XREF: n88ap__iBoot__blockdev+E2�r
  
N88AP_iBoot:4FF15BB4 dword_4FF15BB4 DCD 'PROD' ; DATA XREF: n88ap__iBoot__blockdev+106�r
  
N88AP_iBoot:4FF15BB8 dword_4FF15BB8 DCD 'CHIP' ; DATA XREF: n88ap__iBoot__blockdev+12E�r
  
N88AP_iBoot:4FF15BBC dword_4FF15BBC DCD 'TYPE' ; DATA XREF: n88ap__iBoot__blockdev+15A�r
  
N88AP_iBoot:4FF15BC0 dword_4FF15BC0 DCD 'SEPO' ; DATA XREF: n88ap__iBoot__blockdev+17C�r
  
N88AP_iBoot:4FF15BC4 dword_4FF15BC4 DCD 'BORD' ; DATA XREF: n88ap__iBoot__blockdev+196�r
  
N88AP_iBoot:4FF15BC8 dword_4FF15BC8 DCD 'ECID' ; DATA XREF: n88ap__iBoot__blockdev+1C0�r
  
N88AP_iBoot:4FF15BCC ; int off_4FF15BCC
  
N88AP_iBoot:4FF15BCC off_4FF15BCC DCD aImageValidationFailedButUntrustedImagesAreP_0
  
N88AP_iBoot:4FF15BCC ; DATA XREF: n88ap__iBoot__blockdev+1F2�r
  
N88AP_iBoot:4FF15BCC ; "image validation failed but untrusted i"...
  
N88AP_iBoot:4FF15BD0 dword_4FF15BD0 DCD 'DATA' ; DATA XREF: n88ap__iBoot__blockdev+204�r
  
N88AP_iBoot:4FF15BD4 dword_4FF15BD4 DCD 'KBAG' ; DATA XREF: n88ap__iBoot__blockdev+21C�r
  
N88AP_iBoot:4FF15BD8
  
</pre>
  

Revision as of 05:00, 11 March 2010

Description

A command found in iBoot, iBSS, and iBEC that verifies and preps a ramdisk image which has been previously uploaded.

Decompilation

iPhone 3GS 8920x from iBoot-636.66 

#define kLoadAddress 0x41000000
#define kRamdiskMaxSize 0x2000000
#define kRamdiskAddress 0x44000000
#define kRamdiskImageType 0x7264736B

unsigned int* gRamdiskSize;
unsigned char** gRamdiskAddr;

int cmd_ramdisk(int argc, CmdArg* argv) {
	if(argc > 3 || !strcmp("help", argv[1].string)) {
		printf("usage:\n\t%s [<len>] [<address>]\n", argv[0].string);
		return -1;
	}
	
	unsigned char* filesize = (unsigned int) nvram_getint("filesize", 0);
	unsigned int loadaddr = (unsigned char*) nvram_getint("loadaddr", kLoadAddress);
	if(filesize == 0) {
		printf("filesize variable invalid or not set, aborting\n");
		return -1;
	}
	
	if(range_check(loadaddr, filesize) == 0) {
		printf("Permission Denied\n");
		return -1;
	}
	
	MemzDescriptor* memz = memz_create(loadaddr, filesize, 0);
	if(memz == NULL) {
		printf("Ramdisk image not valid\n");
		return -1;
	}
	
	if(memz->imageSize > kRamdiskMaxSize) {
		printf("Ramdisk too large\n");
		return -1;
	}
	
	*gRamdiskAddr = kRamdiskAddress;
	*gRamdiskSize = memz->imageSize;
	if(image_load(memz, kRamdiskImageType, gRamdiskAddr, gRamdiskSize) >= 0) {
		printf("creating ramdisk at 0x%x of size 0x%x, from image at 0x%x\n", gRamdiskAddr, gRamdiskSize, loadaddr);
		return 0;
	}
	
	*gRamdiskAddr = 0;
	*gRamdiskSize = 0;
	return -1;
}
Retrieved from "https://www.theiphonewiki.com/w/index.php?title=Ramdisk_(iBoot_command)&oldid=5883"