[OpenBIOS] Apple's Open Firmware.
Segher Boessenkool
segher at kernel.crashing.org
Sat Mar 31 01:02:48 CEST 2018
On Fri, Mar 30, 2018 at 04:14:48AM -0400, Jd Lyons wrote:
> FF8906CD: b(:) \ [0x0b7] 0x1cf2 load
> FF8906D8: 967E FFFC stwu r19,-4(r30)
> FF8906DC: 7E68 02A6 mflr r19
> FF8906E0: 4BFB 68B1 FF846F90 bl b<">
> FF8906E4: 05 ... dc.b " load "
> FF8906EC: 4BFF FEDD FF8905C8 bl boot|load
> FF8906F0: 4BFF FA19 FF890108 bl (init-program)
> FF8906F4: 4BFB 5DAC FF8464A0 b exit
>
>
> FF890865: b(:) \ [0x0b7] 0x1cf8 boot
> FF890870: 967E FFFC stwu r19,-4(r30)
> FF890874: 7E68 02A6 mflr r19
> FF890878: 4BFB 6719 FF846F90 bl b<">
> FF89087C: 05 ... dc.b " boot "
> FF890884: 4BFF FD45 FF8905C8 bl boot|load
> FF890888: 4BFF F881 FF890108 bl (init-program)
> FF89088C: 4BFF FEA5 FF890730 bl go
> FF890890: 4BFB 5C10 FF8464A0 b exit
>
> It should be possible to decompile the compiled fcode in the same way that the Open Firmware "see" command does.
It is possible (I have done it).
> Earlier Mac's (Old World Macs) may have tokenized fcode in their ROM that you can more easily detokenize but some of the words may be unnamed (headerless). I guess the G5 (and other New World Macs) has tokenized fcode somewhere but I don't know where it is - maybe it's compressed?
Yes, many sections are compressed (with LZ77 iirc). Not *all* code is
tokenised, but most is. And Apple uses some non-standard FCodes, too
(for local variables, most prominently). And their drivers can use
anything defined in the "main" OF (so you cannot transplant them to
a different machine or a different FW version even).
> What jumps out at me, is both ‘load' and ‘boot’ one the G5 call ‘boatload’, would this be the reason that it is trying to execute the Option ROM when I try and ‘load’ it?
"load" does not do "go" (or at least it should not!)
Segher
More information about the OpenBIOS
mailing list