root/platform/a580/sub/101b/boot.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. taskCreateHook
  2. taskCreateHook2
  3. boot
  4. sub_FFC001a4_my
  5. sub_FFC00FA0_my
  6. uHwSetup_my
  7. CreateTask_Startup_my
  8. task_Startup_my
  9. CreateTask_spytask
  10. task_InitFileModules_my
  11. sub_FFC58A54_my
  12. sub_FFC3D588_my
  13. sub_FFC3D3C4_my
  14. sub_FFC3D154_my

   1 #include "lolevel.h"
   2 #include "platform.h"
   3 #include "core.h"
   4 
   5 const char * const new_sa = &_end;
   6 
   7 /* Ours stuff */
   8 extern long wrs_kernel_bss_start;
   9 extern long wrs_kernel_bss_end;
  10 
  11 // Forward declarations
  12 void CreateTask_PhySw();
  13 void CreateTask_spytask();
  14 
  15 void task_CaptSeqTask_my();
  16 void task_InitFileModules_my();
  17 void MovieRecord_Task_my();
  18 
  19 void boot();
  20 
  21 void taskCreateHook(int *p) { 
  22  p-=16;
  23  if (p[0]==0xFFC49B38)  p[0]=(int)task_CaptSeqTask_my;          //done
  24  if (p[0]==0xFFC118BC)  p[0]=(int)mykbd_task;           //done
  25  if (p[0]==0xFFC5FEA0)  p[0]=(int)task_InitFileModules_my;              //done
  26  if (p[0]==0xFFC46678)  p[0]=(int)MovieRecord_Task_my;          //done
  27  if (p[0]==0xFFC91194)  p[0]=(int)exp_drv_task; //done
  28  if (p[0]==0xFFDCB5A8)  p[0]=(int)filewritetask;
  29 }
  30 
  31 void taskCreateHook2(int *p) { 
  32  p-=16;
  33  if (p[0]==0xFFC5FEA0)  p[0]=(int)task_InitFileModules_my;              //done
  34 }
  35 
  36 #define DEBUG_LED 0xC02200C4
  37 
  38 void boot() { //#fs
  39     long *canon_data_src = (void*)0xFFEBFB4C;
  40     long *canon_data_dst = (void*)0x1900;
  41     long canon_data_len = 0xD700 - 0x1900;              // data_end - data_start
  42     long *canon_bss_start = (void*)0xD700;              // just after data
  43     long canon_bss_len = 0xA47E0 - 0xD700;
  44 
  45     long i;
  46 
  47 
  48     // Code taken from VxWorks CHDK. Changes CPU speed?
  49     asm volatile (
  50         "MRC     p15, 0, R0,c1,c0\n"
  51         "ORR     R0, R0, #0x1000\n"
  52         "ORR     R0, R0, #4\n"
  53         "ORR     R0, R0, #1\n"
  54         "MCR     p15, 0, R0,c1,c0\n"
  55     :::"r0");
  56 
  57     for(i=0;i<canon_data_len/4;i++)
  58         canon_data_dst[i]=canon_data_src[i];
  59 
  60     for(i=0;i<canon_bss_len/4;i++)
  61         canon_bss_start[i]=0;
  62 
  63 /*    asm volatile (
  64         "MRC     p15, 0, R0,c1,c0\n"
  65         "ORR     R0, R0, #0x1000\n"
  66         "BIC     R0, R0, #4\n"
  67         "ORR     R0, R0, #1\n"
  68         "MCR     p15, 0, R0,c1,c0\n"
  69     :::"r0");
  70 */
  71 
  72     *(int*)0x1930=(int)taskCreateHook;
  73     *(int*)0x1934=(int)taskCreateHook;
  74     *(int*)0x1938=(int)taskCreateHook2;
  75 
  76     // jump to init-sequence that follows the data-copy-routine
  77     asm volatile ("B      sub_FFC001a4_my\n");
  78 }; //#fe
  79 
  80 // init
  81 void __attribute__((naked,noinline)) sub_FFC001a4_my() { //#fs
  82         asm volatile (
  83                 "LDR     R0, =0xFFC0021C\n"
  84                 "MOV     R1, #0\n"
  85                 "LDR     R3, =0xFFC00254\n"
  86 
  87         "loc_FFC001B0:\n"
  88                 "CMP     R0, R3\n"
  89                 "LDRCC   R2, [R0],#4\n"
  90                 "STRCC   R2, [R1],#4\n"
  91                 "BCC     loc_FFC001B0\n"
  92 
  93                 "LDR     R0, =0xFFC00254\n"
  94                 "MOV     R1, #0x4B0\n"
  95                 "LDR     R3, =0xFFC00468\n"
  96 
  97         "loc_FFC001CC:\n"
  98                 "CMP     R0, R3\n"
  99                 "LDRCC   R2, [R0],#4\n"
 100                 "STRCC   R2, [R1],#4\n"
 101                 "BCC     loc_FFC001CC\n"
 102                 "MOV     R0, #0xD2\n"
 103                 "MSR     CPSR_cxsf, R0\n"
 104                 "MOV     SP, #0x1000\n"
 105                 "MOV     R0, #0xD3\n"
 106                 "MSR     CPSR_cxsf, R0\n"
 107                 "MOV     SP, #0x1000\n"
 108                 "LDR     R0, =0x6C4\n"
 109                 "LDR     R2, =0xEEEEEEEE\n"
 110                 "MOV     R3, #0x1000\n"
 111 
 112         "loc_FFC00200:\n"
 113                 "CMP     R0, R3\n"
 114                 "STRCC   R2, [R0],#4\n"
 115                 "BCC     loc_FFC00200\n"
 116 
 117                 //"BL      sub_FFC00FA0\n"
 118                 "BL      sub_FFC00FA0_my\n"
 119         );
 120 } //#fe
 121 
 122 void __attribute__((naked,noinline)) sub_FFC00FA0_my() { //#fs
 123         asm volatile (
 124               //"STR     LR, [SP,#0xFFFFFFFC]!\n"
 125               "STR     LR, [SP,#-4]!\n"         // inspired by original CHDK-code
 126               "SUB     SP, SP, #0x74\n"
 127               "MOV     R0, SP\n"
 128               "MOV     R1, #0x74\n"
 129               "BL      sub_FFE58D68\n"
 130               "MOV     R0, #0x53000\n"
 131               "STR     R0, [SP,#0x74-0x70]\n"
 132 #if defined(CHDK_NOT_IN_CANON_HEAP)
 133               "LDR     R0, =0xA47E0\n" // use original heap offset since CHDK is loaded in high memory
 134               //"LDR     R0, =0xE47E0\n" // 0xa47e0 + 0x40000, note: 0x20000 *should* have been enough, but our code was overwritten...
 135                                        // ...thus we push the memory pool a little more up (0x30000 = 192k)
 136 #else
 137               "LDR     R0, =new_sa\n"
 138               "LDR     R0, [R0]\n"
 139 #endif
 140               "LDR     R2, =0x279C00\n"
 141               "LDR     R1, =0x272968\n"
 142               "STR     R0, [SP,#0x74-0x6C]\n"
 143               "SUB     R0, R1, R0\n"
 144               "ADD     R3, SP, #0x74-0x68\n"
 145               "STR     R2, [SP,#0x74-0x74]\n"
 146               "STMIA   R3, {R0-R2}\n"
 147               "MOV     R0, #0x22\n"
 148               "STR     R0, [SP,#0x74-0x5C]\n"
 149               "MOV     R0, #0x68\n"
 150               "STR     R0, [SP,#0x74-0x58]\n"
 151               "LDR     R0, =0x19B\n"
 152               "MOV     R1, #0x64\n"
 153               //"STRD     R0, [SP,#0x74-0x54]\n"                // "strd not supported by cpu" claims gcc
 154               "STR      R0, [SP,#0x74-0x54]\n"          // split in two single-word STRs
 155               "STR      R1, [SP,#0x74-0x50]\n"
 156 
 157               "MOV     R0, #0x78\n"
 158               //"STRD     R0, [SP,#0x74-0x4C]\n"                // "strd not supported by cpu" claims gcc
 159               "STR      R0, [SP,#0x74-0x4C]\n"          // split in two single-word STRs
 160               "STR      R1, [SP,#0x74-0x48]\n"
 161 
 162               "MOV     R0, #0\n"
 163               "STR     R0, [SP,#0x74-0x44]\n"
 164               "STR     R0, [SP,#0x74-0x40]\n"
 165               "MOV     R0, #0x10\n"
 166               "STR     R0, [SP,#0x74-0x18]\n"
 167               "MOV     R0, #0x800\n"
 168               "STR     R0, [SP,#0x74-0x14]\n"
 169               "MOV     R0, #0xA0\n"
 170               "STR     R0, [SP,#0x74-0x10]\n"
 171               "MOV     R0, #0x280\n"
 172               "STR     R0, [SP,#0x74-0x0C]\n"
 173 
 174               //"LDR     R1, =0xFFC04DA4\n"             // uHwSetup = 0xFFC04DA4
 175               "LDR     R1, =uHwSetup_my\n"              // followup to own function
 176 
 177               "MOV     R0, SP\n"
 178               "MOV     R2, #0\n"
 179               "BL      sub_FFC02D58\n"
 180               "ADD     SP, SP, #0x74\n"
 181               "LDR     PC, [SP],#4\n"
 182         );
 183 }; //#fe
 184 
 185 void __attribute__((naked,noinline)) uHwSetup_my() { //#fs
 186         asm volatile (
 187               "STMFD   SP!, {R4,LR}\n"
 188               "BL      sub_FFC0094C\n"
 189               "BL      sub_FFC0972C\n"          // _dmSetup // OK!
 190               "CMP     R0, #0\n"
 191               "LDRLT   R0, =0xffc04eb8\n"               // FFC04EB8 aDmsetup // OK!
 192               "BLLT    sub_FFC04E98\n"          // FFC04E98  _err_init_task // OK!
 193               "BL      sub_FFC049C8\n"          // _termDriverInit // OK!
 194               "CMP     R0, #0\n"
 195               "LDRLT   R0, =0xFFC04EC0\n"               // aTermdriverinit // OK!
 196               "BLLT    sub_FFC04E98\n"          // FFC04E98  _err_init_task // OK!
 197               "LDR     R0, =0xFFc04ED0\n"               // a_term // OK!
 198               "BL      sub_FFC04AB4\n"          // _termDeviceCreate // OK!
 199               "CMP     R0, #0\n"
 200               "LDRLT   R0, =0xFFC04ED8\n"               // aTermdevicecrea // OK!
 201               "BLLT    sub_FFC04E98\n"          // FFC04E98  _err_init_task // OK!
 202               "LDR     R0, =0xFFc04ED0\n"               // a_term // OK!
 203               "BL      sub_FFc03564\n"          // _stdioSetup // OK!
 204               "CMP     R0, #0\n"
 205               "LDRLT   R0, =0xFFC04EEC\n"               // aStdiosetup // OK!
 206               "BLLT    sub_FFC04E98\n"          // FFC04E98  _err_init_task // OK!
 207               "BL      sub_FFc092B4\n"          // _stdlibSetup // OK!
 208               "CMP     R0, #0\n"
 209               "LDRLT   R0, =0xFFC04EF8\n"               // aStdlibsetup // Corrected! from 0xFFC04EEC
 210               "BLLT    sub_FFC04E98\n"          // FFC04E98  _err_init_task // OK!
 211               "BL      sub_FFC014B8\n"          // _armlib_setup // OK!
 212               "CMP     R0, #0\n"
 213               "LDRLT   R0, =0xFFC04F04\n"               // aArmlib_setup // OK!
 214               "BLLT    sub_FFC04E98\n"          // FFC04E98  _err_init_task // OK!
 215               "LDMFD   SP!, {R4,LR}\n"
 216               //"B       _CreateTaskStartup\n"          // FFC0CD84
 217               "B       CreateTask_Startup_my\n"
 218 
 219         );
 220 }; //#fe
 221 
 222 void __attribute__((naked,noinline)) CreateTask_Startup_my() { //#fs
 223         asm volatile (
 224                 "STMFD   SP!, {R3,LR}\n"
 225                 //"BL      j_nullsub_211\n"
 226                 "BL      sub_FFC1979C\n"
 227                 "CMP     R0, #0\n"
 228 
 229                 // different from a720!!!
 230                 /*
 231                 "LDREQ   R0, =0xC0220000\n"
 232                 "LDREQ   R1, [R0,#0xB8]\n"
 233                 "TSTEQ   R1, #1\n"
 234                 "BNE     loc_FFC0DD08\n"
 235                 */
 236                 "BNE     loc_FFC0CDB4\n"
 237                 "BL      sub_FFC119D8\n"
 238                 "CMP     R0, #0\n"
 239                 "BNE     loc_FFC0CDB4\n"
 240                 "LDR     R1, =0xC0220000\n"
 241 
 242                 "MOV     R0, #0x44\n"           // Corrected! from MOV     R1, #0x44
 243                 "STR     R0, [R1,#0x4C]\n"              // Corrected! from STR     R1, [R0,#0x4C]
 244         "loc_FFC0CDB0:\n"
 245                 "B       loc_FFC0CDB0\n"
 246         "loc_FFC0CDB4:\n"
 247                 //"BL      j_nullsub_213\n"
 248                 //"BL      j_nullsub_212\n"
 249                 "BL      sub_FFC17B24\n"
 250                 "LDR     R1, =0x2CE000\n" // Different from a720!!! (MOV     R1, #0x300000)
 251                 "MOV     R0, #0\n"
 252 
 253                 "BL      sub_FFC17D6C\n"
 254                 "BL      sub_FFC17D18\n"
 255                 "MOV     R3, #0\n"
 256                 "STR     R3, [SP,#8-8]\n"
 257 
 258                 //"ADR     R3, sub_FFC0CD28\n"     // Startup
 259                 "LDR     R3, =task_Startup_my\n"      // followup to own function
 260                 "MOV     R2, #0\n"
 261                 "MOV     R1, #0x19\n"
 262                 "LDR     R0, =0xFFC0CDFC\n" // aStartup, 0xFFC0CDFC (ADR     R0, aStartup)
 263                 "BL      sub_FFC0B8E0\n" // CreateTask, 0xFFC0B8E0
 264                 "MOV     R0, #0\n"
 265                 "LDMFD   SP!, {R12,PC}\n"
 266         );
 267 }; //#fe
 268 
 269 void __attribute__((naked,noinline)) task_Startup_my() { //#fs
 270 
 271         asm volatile (
 272                 "STMFD   SP!, {R4,LR}\n"
 273                 "BL      sub_FFC051BC\n"                // taskcreate_ClockSave
 274                 "BL      sub_FFC12B3C\n"
 275                 "BL      sub_FFC0FE14\n"
 276                 //"BL    j_nullsub_216\n"               // j_kbd_pwr_on_short does not exist in a580's DryOS version
 277                 "BL      sub_FFC199A4\n"
 278                 //"BL      sub_FFC19864\n"              // StartDiskboot
 279         );
 280 
 281         CreateTask_spytask();
 282 
 283         asm volatile (
 284                 "BL      sub_FFC19B58\n"
 285                 "BL      sub_FFC199F4\n"
 286 
 287                 "BL      sub_FFC17064\n"
 288                 "BL      sub_FFC19B5C\n"
 289                 "BL      sub_FFC118F0\n"                // taskcreate_PhySw - checks buttons and acts accordingly
 290 
 291                 "BL      sub_FFC14A34\n"                // task_ShootSeqTask
 292                 "BL      sub_FFC19B74\n"
 293                 //"BL    sub_FFC0FBD8\n"                // nullsub_2
 294                 "BL      sub_FFC10DC4\n"
 295                 "BL      sub_FFC19564\n"                // taskcreate_Bye
 296                 "BL      sub_FFC11420\n"
 297                 "BL      sub_FFC10CC4\n"                // taskcreate_TempCheck
 298                 "BL      sub_FFC1A4C0\n"
 299                 "BL      sub_FFC10C80\n"
 300 
 301                 // modification: BL instead of B to last function to control action after its return
 302                 "BL       sub_FFC05070\n"
 303                 "LDMFD   SP!, {R4,PC}\n"                // restore stack to PC instead of LR to return to caller
 304         );
 305 }; //#fe
 306 
 307 void CreateTask_spytask() { //#fs
 308         _CreateTask("SpyTask", 0x19, 0x2000, core_spytask, 0);
 309 
 310 }; //#fe
 311 
 312 void __attribute__((naked,noinline)) task_InitFileModules_my() { //#fs
 313         asm volatile (
 314                 "STMFD   SP!, {R4-R6,LR}\n"
 315                 "BL      sub_FFC58A28\n"
 316                 "LDR     R5, =0x5006\n"
 317                 "MOVS    R4, R0\n"
 318                 "MOVNE   R1, #0\n"
 319                 "MOVNE   R0, R5\n"
 320                 "BLNE    sub_FFC5BEC4\n"                // PostLogicalEventToUI
 321                 "BL      sub_FFC58A54_my\n"             // Continue to SDHC-hook here!
 322 
 323                 "BL      core_spytask_can_start\n"              // CHDK: Set "it's-save-to-start"-Flag for spytask (safe?)
 324 
 325                 "CMP     R4, #0\n"
 326                 "MOVEQ   R0, R5\n"
 327                 "LDMEQFD SP!, {R4-R6,LR}\n"
 328                 "MOVEQ   R1, #0\n"
 329                 "BEQ     sub_FFC5BEC4\n"                // PostLogicalEventToUI (cameralog "LogicalEvent...", it's save to run this after spytask has started)
 330                 "LDMFD   SP!, {R4-R6,PC}\n"
 331          );
 332 }; //#fe
 333 
 334 void __attribute__((naked,noinline)) sub_FFC58A54_my() { //#fs
 335         asm volatile (
 336                 "STMFD   SP!, {R4,LR}\n"
 337                 "BL      sub_FFC3D588_my\n"             // Continue to SDHC-hook here
 338                 "LDR     R4, =0x5580\n"
 339                 "LDR     R0, [R4,#4]\n"
 340                 "CMP     R0, #0\n"
 341                 "BNE     loc_FFC58A84\n"
 342                 "BL      sub_FFC66B30\n"
 343                 "BL      sub_FFCDE71C\n"
 344                 "BL      sub_FFC66B30\n"
 345                 "BL      sub_FFC3AF78\n"
 346                 "BL      sub_FFC66B40\n"
 347                 "BL      sub_FFCDE7E8\n"
 348         "loc_FFC58A84:\n"
 349                 "MOV     R0, #1\n"
 350                 "STR     R0, [R4]\n"
 351                 "LDMFD   SP!, {R4,PC}\n"
 352         );
 353 }; //#fe
 354 
 355 void __attribute__((naked,noinline)) sub_FFC3D588_my() { //#fs
 356         asm volatile (
 357                 "STMFD   SP!, {R4-R6,LR}\n"
 358                 "MOV     R6, #0\n"
 359                 "MOV     R0, R6\n"
 360                 "BL      sub_FFC3D048\n"
 361                 "LDR     R4, =0xFE6C\n"
 362                 "MOV     R5, #0\n"
 363                 "LDR     R0, [R4,#0x38]\n"
 364                 "BL      sub_FFC3DA7C\n"
 365                 "CMP     R0, #0\n"
 366                 "LDREQ   R0, =0x2828\n"
 367                 "STREQ   R5, [R0,#0x10]\n"
 368                 "STREQ   R5, [R0,#0x14]\n"
 369                 "STREQ   R5, [R0,#0x18]\n"
 370                 "MOV     R0, R6\n"
 371                 "BL      sub_FFC3D088\n"                // uMounter (u=unknown, just to prevent misunderstandings)
 372                 "MOV     R0, R6\n"
 373                 "BL      sub_FFC3D3C4_my\n"             // Continue to SDHC-hook here!
 374                 "MOV     R5, R0\n"
 375                 "MOV     R0, R6\n"
 376                 "BL      sub_FFC3D430\n"
 377                 "LDR     R1, [R4,#0x3C]\n"
 378                 "AND     R2, R5, R0\n"
 379                 "CMP     R1, #0\n"
 380                 "MOV     R0, #0\n"
 381                 "MOVEQ   R0, #0x80000001\n"
 382                 "BEQ     loc_FFC3D61C\n"
 383                 "LDR     R3, [R4,#0x2C]\n"
 384                 "CMP     R3, #2\n"
 385                 "MOVEQ   R0, #4\n"
 386                 "CMP     R1, #5\n"
 387                 "ORRNE   R0, R0, #1\n"
 388                 "BICEQ   R0, R0, #1\n"
 389                 "CMP     R2, #0\n"
 390                 "BICEQ   R0, R0, #2\n"
 391                 "ORREQ   R0, R0, #0x80000000\n"
 392                 "BICNE   R0, R0, #0x80000000\n"
 393                 "ORRNE   R0, R0, #2\n"
 394         "loc_FFC3D61C:\n"
 395                 "STR     R0, [R4,#0x40]\n"
 396                 "LDMFD   SP!, {R4-R6,PC}\n"
 397         );
 398 }; //#fe
 399 
 400 void __attribute__((naked,noinline)) sub_FFC3D3C4_my() { //#fs
 401         asm volatile (
 402                 "STMFD   SP!, {R4-R6,LR}\n"
 403                 "LDR     R5, =0x2828\n"
 404                 "MOV     R6, R0\n"
 405                 "LDR     R0, [R5,#0x14]\n"
 406                 "CMP     R0, #0\n"
 407                 "MOVNE   R0, #1\n"
 408                 "LDMNEFD SP!, {R4-R6,PC}\n"
 409                 "MOV     R0, #0x17\n"
 410                 "MUL     R1, R0, R6\n"
 411                 "LDR     R0, =0xFE6C\n"
 412                 "ADD     R4, R0, R1,LSL#2\n"
 413                 "LDR     R0, [R4,#0x38]\n"
 414                 "MOV     R1, R6\n"
 415                 "BL      sub_FFC3D154_my\n"             // Continue to SDHC-hook here!
 416                 "CMP     R0, #0\n"
 417                 "LDMEQFD SP!, {R4-R6,PC}\n"
 418                 "LDR     R0, [R4,#0x38]\n"
 419                 "MOV     R1, R6\n"
 420                 "BL      sub_FFC3D2BC\n"
 421                 "CMP     R0, #0\n"
 422                 "LDMEQFD SP!, {R4-R6,PC}\n"
 423                 "MOV     R0, R6\n"
 424                 "BL      sub_FFC3CC50\n"
 425                 "CMP     R0, #0\n"
 426                 "MOVNE   R1, #1\n"
 427                 "STRNE   R1, [R5,#0x14]\n"
 428                 "LDMFD   SP!, {R4-R6,PC}\n"
 429         );
 430 }; //#fe
 431 
 432 void __attribute__((naked,noinline)) sub_FFC3D154_my() { //#fs  ; Partition table parse takes place here. => SDHC-boot
 433         asm volatile (
 434                 "STMFD   SP!, {R4-R8,LR}\n"
 435                 "MOV     R8, R0\n"
 436                 "MOV     R0, #0x17\n"
 437                 "MUL     R1, R0, R1\n"
 438                 "LDR     R0, =0xFE6C\n"
 439                 "MOV     R6, #0\n"
 440                 "ADD     R7, R0, R1,LSL#2\n"
 441                 "LDR     R0, [R7,#0x3C]\n"
 442                 "MOV     R5, #0\n"
 443                 "CMP     R0, #6\n"
 444                 "ADDLS   PC, PC, R0,LSL#2\n"
 445                 "B       loc_FFC3D2A0\n"
 446         "loc_FFC3D184:\n"
 447                 "B       loc_FFC3D1B8\n"
 448         "loc_FFC3D188:\n"
 449                 "B       loc_FFC3D1A0\n"
 450         "loc_FFC3D18C:\n"
 451                 "B       loc_FFC3D1A0\n"
 452         "loc_FFC3D190:\n"
 453                 "B       loc_FFC3D1A0\n"
 454         "loc_FFC3D194:\n"
 455                 "B       loc_FFC3D1A0\n"
 456         "loc_FFC3D198:\n"
 457                 "B       loc_FFC3D298\n"
 458         "loc_FFC3D19C:\n"
 459                 "B       loc_FFC3D1A0\n"
 460         "loc_FFC3D1A0:\n"
 461                 "MOV     R2, #0\n"
 462                 "MOV     R1, #0x200\n"
 463                 "MOV     R0, #3\n"
 464                 "BL      sub_FFC52BD4\n"
 465                 "MOVS    R4, R0\n"
 466                 "BNE     loc_FFC3D1C0\n"
 467         "loc_FFC3D1B8:\n"
 468                 "MOV     R0, #0\n"
 469                 "LDMFD   SP!, {R4-R8,PC}\n"
 470         "loc_FFC3D1C0:\n"
 471                 "LDR     R12, [R7,#0x4C]\n"
 472                 "MOV     R3, R4\n"
 473                 "MOV     R2, #1\n"
 474                 "MOV     R1, #0\n"
 475                 "MOV     R0, R8\n"
 476                 
 477                 //"BLX     R12\n"               // !! Workaround !!
 478                 "MOV     LR, PC\n"              // gcc won't compile "BLX R12" nor "BL R12".
 479                 "MOV     PC, R12\n"             // workaround: make your own "BL" and hope we don't need the change to thumb-mode
 480                 
 481                 "CMP     R0, #1\n"
 482                 "BNE     loc_FFC3D1EC\n"
 483                 "MOV     R0, #3\n"
 484                 "BL      sub_FFC52D14\n"
 485                 "B       loc_FFC3D1B8\n"
 486         
 487        "loc_FFC3D1EC:\n"
 488                 "MOV     R0, R8\n"
 489                 "BL      sub_FFCFB2F0\n"                // Add FAT32 autodetect-code after this line
 490                 "MOV   R1, R4\n"                //  pointer to MBR in R1
 491                 "BL    mbr_read_dryos\n"                //  total sectors count in R0 before and after call
 492                 
 493                 // Start of DataGhost's FAT32 autodetection code
 494                 // Policy: If there is a partition which has type W95 FAT32, use the first one of those for image storage
 495                 // According to the code below, we can use R1, R2, R3 and R12.
 496                 // LR wasn't really used anywhere but for storing a part of the partition signature. This is the only thing
 497                 // that won't work with an offset, but since we can load from LR+offset into LR, we can use this to do that :)
 498                 "MOV     R12, R4\n"              // Copy the MBR start address so we have something to work with
 499                 "MOV     LR, R4\n"               // Save old offset for MBR signature
 500                 "MOV     R1, #1\n"               // Note the current partition number
 501                 "B       dg_sd_fat32_enter\n"    // We actually need to check the first partition as well, no increments yet!
 502         "dg_sd_fat32:\n"                         
 503                 "CMP     R1, #4\n"               // Did we already see the 4th partition?
 504                 "BEQ     dg_sd_fat32_end\n"      // Yes, break. We didn't find anything, so don't change anything.
 505                 "ADD     R12, R12, #0x10\n"      // Second partition
 506                 "ADD     R1, R1, #1\n"           // Second partition for the loop
 507         "dg_sd_fat32_enter:\n"                   
 508                 "LDRB    R2, [R12, #0x1BE]\n"    // Partition status
 509                 "LDRB    R3, [R12, #0x1C2]\n"    // Partition type (FAT32 = 0xB)
 510                 "CMP     R3, #0xB\n"             // Is this a FAT32 partition?
 511                 "CMPNE   R3, #0xC\n"             // Not 0xB, is it 0xC (FAT32 LBA) then?
 512                 "BNE     dg_sd_fat32\n"          // No, it isn't.
 513                 "CMP     R2, #0x00\n"            // It is, check the validity of the partition type
 514                 "CMPNE   R2, #0x80\n"            
 515                 "BNE     dg_sd_fat32\n"          // Invalid, go to next partition
 516                                                  // This partition is valid, it's the first one, bingo!
 517                 "MOV     R4, R12\n"              // Move the new MBR offset for the partition detection.
 518                 
 519            "dg_sd_fat32_end:\n"
 520                 // End of DataGhost's FAT32 autodetection code                
 521                 
 522                 "LDRB    R1, [R4,#0x1C9]\n"             // Continue with firmware
 523                 "LDRB    R3, [R4,#0x1C8]\n"
 524                 "LDRB    R12, [R4,#0x1CC]\n"
 525                 "MOV     R1, R1,LSL#24\n"
 526                 "ORR     R1, R1, R3,LSL#16\n"
 527                 "LDRB    R3, [R4,#0x1C7]\n"
 528                 "LDRB    R2, [R4,#0x1BE]\n"
 529                 //"LDRB    LR, [R4,#0x1FF]\n"           // replaced, see below
 530                 "ORR     R1, R1, R3,LSL#8\n"
 531                 "LDRB    R3, [R4,#0x1C6]\n"
 532                 "CMP     R2, #0\n"
 533                 "CMPNE   R2, #0x80\n"
 534                 "ORR     R1, R1, R3\n"
 535                 "LDRB    R3, [R4,#0x1CD]\n"
 536                 "MOV     R3, R3,LSL#24\n"
 537                 "ORR     R3, R3, R12,LSL#16\n"
 538                 "LDRB    R12, [R4,#0x1CB]\n"
 539                 "ORR     R3, R3, R12,LSL#8\n"
 540                 "LDRB    R12, [R4,#0x1CA]\n"
 541                 "ORR     R3, R3, R12\n"
 542                 //"LDRB    R12, [R4,#0x1FE]\n"          // replaced, see below
 543                 
 544                 "LDRB    R12, [LR,#0x1FE]\n"            // New! First MBR signature byte (0x55)
 545                 "LDRB    LR, [LR,#0x1FF]\n"             //      Last MBR signature byte (0xAA)
 546 
 547                 "MOV     R4, #0\n"
 548                 "BNE     loc_FFC3D274\n"
 549                 "CMP     R0, R1\n"
 550                 "BCC     loc_FFC3D274\n"
 551                 "ADD     R2, R1, R3\n"
 552                 "CMP     R2, R0\n"
 553                 "CMPLS   R12, #0x55\n"
 554                 "CMPEQ   LR, #0xAA\n"
 555                 "MOVEQ   R6, R1\n"
 556                 "MOVEQ   R5, R3\n"
 557                 "MOVEQ   R4, #1\n"
 558         "loc_FFC3D274:\n"
 559                 "MOV     R0, #3\n"
 560                 "BL      sub_FFC52D14\n"
 561                 "CMP     R4, #0\n"
 562                 "BNE     loc_FFC3D2AC\n"
 563                 "MOV     R6, #0\n"
 564                 "MOV     R0, R8\n"
 565                 "BL      sub_FFCFB2F0\n"
 566                 "MOV     R5, R0\n"
 567                 "B       loc_FFC3D2AC\n"
 568         "loc_FFC3D298:\n"
 569                 "MOV     R5, #0x40\n"
 570                 "B       loc_FFC3D2AC\n"
 571         "loc_FFC3D2A0:\n"        
 572                 "MOV     R1, #0x374\n"
 573                 "LDR     R0, =0xFFC3D148\n"             // Mounter.c
 574                 "BL      sub_FFC0BDB8\n"                // DebugAssert
 575         "loc_FFC3D2AC:\n"
 576                 "STR     R6, [R7,#0x44]!\n"
 577                 "MOV     R0, #1\n"
 578                 "STR     R5, [R7,#4]\n"
 579                 "LDMFD   SP!, {R4-R8,PC}\n"
 580         );
 581 }; //#fe

/* [<][>][^][v][top][bottom][index][help] */