New patch to review for coreboot: 3fea571 Utility to run the snow bios in user mode - coreboot

16 Jan 2013

Ronald G. Minnich (rminnich@gmail.com) just uploaded a new patch set to gerrit, which you can find at http://review.coreboot.org/2159
-gerrit
commit 3fea571fd08bacd8c22f9d4caa94b746c8f73106
Author: Ronald G. Minnich rminnich@gmail.com
Date:   Wed Jan 16 11:59:34 2013 -0600
Utility to run the snow bios in user mode
This program lets you test run a snow coreboot image in user mode
    on a properly equipped arm system (usually an ARM chromebook).
    This is a real time saver as you don't have to flash each time.
    We've found and fixed some nasty bugs with this one.
Sorry about the wrong dependency ...
Anyway, the instructions on how to use this are in the binary.
Change-Id: Ib555ef51fd7e930905a2ee5cbfda1cc6f068278e
    Signed-off-by: Ronald G. Minnich rminnich@gmail.com
---
 util/runarmbios/runbios.c | 129 ++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 129 insertions(+)

diff --git a/util/runarmbios/runbios.c b/util/runarmbios/runbios.c
new file mode 100644
index 0000000..b8b57b0
--- /dev/null
+++ b/util/runarmbios/runbios.c
@@ -0,0 +1,129 @@
+#include <stdio.h>
+#include <err.h>
+#include <sys/mman.h>
+
+#include <string.h>
+
+enum addresses {
+	restart = 0x10040000,
+	rom = 0x20002000,
+	sram = 0x2003400,
+};
+
+// 0x20234b0
+main(int argc, char *argv[])
+{
+	int fd;
+	int devmem;
+	unsigned long *p, val, i, ret;
+	unsigned long * restart, *spi, *i2c;
+	void *sram;
+	void (*coreboot)(void) = (void *)0x2023400;
+
+	if (argc != 3)
+		errx(1, "usage: runbios rom-file start-address");
+
+	fd = open(argv[1], 2);
+	if (fd < 0)
+		err(1, argv[1]);
+	devmem = open("/dev/mem", 2);
+	if (devmem < 0)
+		err(1, argv[1]);
+	sram = mmap((void *)0x2020000, 378*1024, PROT_EXEC|PROT_READ|PROT_WRITE, MAP_ANONYMOUS|MAP_PRIVATE, -1, 0);
+	if (-1 == (int)sram)
+		err(1, "mmap");
+	memset((void *)0x2020000, 0xff, (size_t)(378*1024));
+	
+	restart = mmap((void *)0x10040000, 0x10000, PROT_READ|PROT_WRITE, MAP_ANONYMOUS|MAP_PRIVATE, devmem, (off_t) 0x10040000);
+	if (-1 == (int)restart)
+		err(1, "mmap restart");
+
+	spi = mmap((void *)0x12d30000, 0x10000, PROT_READ|PROT_WRITE, MAP_ANONYMOUS|MAP_PRIVATE, devmem, (off_t) 0x12d30000);
+	if (-1 == (int)spi)
+		err(1, "mmap spi");
+
+	i2c = mmap((void *)0x12c60000, 0x10000, PROT_READ|PROT_WRITE, MAP_ANONYMOUS|MAP_PRIVATE, devmem, (off_t) 0x12c60000);
+	if (-1 == (int)i2c)
+		err(1, "mmap i2c");
+
+	/* now sort of do what bl1 does: read the 'rom' into the sram */
+	if (pread(fd, coreboot, 30*1024, 0x2000) < 30*1024)
+		err(1, "read 'rom'");
+	/* you want to be in gdb at this point. */
+	coreboot = (void *) strtoull(argv[2], 0, 0);
+	coreboot();
+}
+
+/* cc -g runbios.c */
+/* typical run
+gdb a.out
+(gdb) list 50
+
+45              i2c = mmap((void *)0x12c60000, 0x10000, PROT_READ|PROT_WRITE, MAP_ANONYMOUS|MAP_PRIVATE, devmem, (off_t) 0x12c60000);
+46              if (-1 == (int)i2c)
+47                      err(1, "mmap i2c");
+48
+49              /* now sort of do what bl1 does: read the 'rom' into the sram */
+50              if (pread(fd, coreboot, 30*1024, 0x2000) < 30*1024)
+51                      err(1, "read 'rom'");
+52              /* you want to be in gdb at this point. */
+53              coreboot = (void *) strtoull(argv[2], 0, 0);
+54              coreboot();
+(gdb) br 54
+Breakpoint 3 at 0x8798: file runbios.c, line 54.
+(gdb) run ~/coreboot/build/coreboot.rom  0x020234b0
+The program being debugged has been started already.
+Start it from the beginning? (y or n) y
+
+Starting program: /root/coreboot/util/runarmbios/a.out ~/coreboot/build/coreboot.rom  0x020234b0
+
+Breakpoint 3, main (argc=3, argv=0x7efff7c4) at runbios.c:54
+54              coreboot();
+(gdb) symbol-file ~/coreboot/build/cbfs/fallback/bootblock.debug 
+Load new symbol table from "/root/coreboot/build/cbfs/fallback/bootblock.debug"? (y or n) y
+Reading symbols from /root/coreboot/build/cbfs/fallback/bootblock.debug...done.
+Error in re-setting breakpoint 3: No source file named runbios.c.
+(gdb) display/i $pc
+1: x/i $pc
+=> 0x8798:      ldr     r3, [r11, #-8]
+(gdb) stepi
+0x0000879c in ?? ()
+1: x/i $pc
+=> 0x879c:      blx     r3
+(gdb) 
+0x020234b0 in call_bootblock ()
+1: x/i $pc
+=> 0x20234b0 <call_bootblock>:  ldr     sp, [pc, #3800] ; 0x2024390
+(gdb) 
+0x020234b4 in call_bootblock ()
+1: x/i $pc
+=> 0x20234b4 <call_bootblock+4>:        bic     sp, sp, #7
+(gdb) 
+0x020234b8 in call_bootblock ()
+1: x/i $pc
+=> 0x20234b8 <call_bootblock+8>:        mov     r0, #0
+(gdb) 
+0x020234bc in call_bootblock ()
+1: x/i $pc
+=> 0x20234bc <call_bootblock+12>:       blx     0x20244b8 <main>
+(gdb) 
+main (bist=0) at src/arch/armv7/bootblock_simple.c:37
+37      {
+1: x/i $pc
+=> 0x20244b8 <main>:    push    {r3, lr}
+(gdb) 
+42                      bootblock_mainboard_init();
+1: x/i $pc
+=> 0x20244ba <main+2>:  bl      0x2023c08 <bootblock_mainboard_init>
+(gdb) 
+bootblock_mainboard_init () at src/mainboard/google/snow/bootblock.c:2124
+2124    {
+1: x/i $pc
+=> 0x2023c08 <bootblock_mainboard_init>:        stmdb   sp!, {r4, r5, r6, r7, r9, r10, r11, lr}
+(gdb) 
+2127            i2c_init(CONFIG_SYS_I2C_SPEED, CONFIG_SYS_I2C_SLAVE);
+1: x/i $pc
+=> 0x2023c0c <bootblock_mainboard_init+4>:      movs    r1, #0
+
+Note you are now debugging source, and pretty much all commands work.
+*/

    