[coreboot] Code flow from reset vector
viswesh_vichu at yahoo.com
Wed Mar 26 12:27:11 CET 2008
Thanks for the answers, but still some questions.
I modified the makefile and copied the coreboot before the stripping to vis_1strip and then did an objdump.
[viswesh at arka image]$ objdump -D --start-address=0xfffffff0 --stop-address=0xffffffff vis_1strip
vis_1strip: file format elf32-i386
Disassembly of section .ram:
Disassembly of section .rom:
Disassembly of section .reset:
fff0: e9 51 53 ff ff jmp ffff5346 <_start+0x2>
fff5: 00 00 add %al,(%eax)
fff7: 00 e9 add %ch,%cl
fff9: 9f lahf
fffa: 53 push %ebx
fffb: ff (bad)
fffc: ff 00 incl (%eax)
Disassembly of section .id:
[viswesh at arka image]$
So here I can actually see the flash location and the opcodes in that location.
But when I do the same, as you mentioned, when I try to dump the last 0x20 bytes in coreboot.rom file, I should actually see similar instructions and basically there should be a jump in the last 16 bytes.
[viswesh at arka image]$ objdump -D coreboot.rom | grep -ni reset_vector
[viswesh at arka image]$ objdump -D coreboot.rom | grep -ni _start
[viswesh at arka image]
Here I have dumped both the beginning and the end of the coreboot,rom file.
[viswesh at arka image]$ objdump -D coreboot.rom | more
coreboot.rom: file format elf32-i386
Disassembly of section .note:
100000: 08 00 or %al,(%eax)
100002: 00 00 add %al,(%eax)
100004: 05 00 00 00 01 add $0x1000000,%eax
100009: 00 00 add %al,(%eax)
10000b: 00 45 4c add %al,0x4c(%ebp)
10000e: 46 inc %esi
10000f: 42 inc %edx
100010: 6f outsl %ds:(%esi),(%dx)
100011: 6f outsl %ds:(%esi),(%dx)
100012: 74 00 je 0x100014
100014: 46 inc %esi
100015: 49 dec %ecx
[viswesh at arka image]$ objdump -D coreboot.rom | tail
13cf96: 00 00 add %al,(%eax)
13cf98: 00 00 add %al,(%eax)
13cf9a: 00 00 add %al,(%eax)
13cf9c: d1 e5 shl %ebp
13cf9e: 10 00 adc %al,(%eax)
13cfa0: 08 00 or %al,(%eax)
13cfa2: 00 00 add %al,(%eax)
13cfa4: 27 daa
13cfa5: e7 10 out %eax,$0x10
[viswesh at arka image]$
So here also we dont see any jump to a specific location.
So basically where should be the code which should be flashed into the location 0xfffffff0.
(or) how can I locate the code inside the coreboot.rom,if it is there inside the rom file.
Thanks in advance,
----- Original Message ----
From: a a <todthgie at hotmail.com>
To: coreboot at coreboot.org
Cc: viswesh_vichu at yahoo.com
Sent: Wednesday, March 26, 2008 1:04:13 PM
Subject: Re: [coreboot] Code flow from reset vector
Viswesh S wrote:
> I understand the procedure in which internally how the CS register (
> Segment selector and base address part) make sure that we point to the
> address 0xFFFFFFF0.
> But my doubts are in this part.
> 1) We will be flashing the coreboot.rom into the BIOS flash, right ?
yes and the flash chip is mapped at 0x(1)00000000 - chipsize (0xFFFFFFFF
- chipsize +1 in the core iirc) so a 256Kbyte (0x40000 bytes) chip
would be at 0xFFFC0000....0xFFFFFFFF....
> 2) If we objdump coreboot.rom, dump all the sections, we dont see the
> reset vector part and also the address 0xFFFFFFF0.This could be because
> these sections are stripped off.Is it because of that ?
no, it will be at chipsize -0x10 (0x3FFF0 for a 256Kbyte chip)
coreboot.rom should be EXACLY as long as you flash chip is ....
so 0x10 bytes from the end of the file
> 4) If they are stripped off, then when I flash the coreboot.rom, what do
> I flash into the address 0xFFFFFFF0, as the coreboot.rom doesnt even
> contain the data(opcodes ) to write in that location.
no they should not be stripped...
whats in the file @ 0x10 bytes from the end ends op @ 0xFFFFFFF0
> Am I missing anything.
> ps:- I am trying to correlate my experience in embedded firmware exp,
> where the files we were flashing had absolute addresses and we could
> objdump the flash file to understand the code at each location.
a lot of embedded targets have the flash at 0x00000000 the x86 does not.
the adresses are static but have a offset of 4G-chipsize
Be a better friend, newshound, and
know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the coreboot