[OpenBIOS] Apple's Open Firmware.

Jd Lyons lyons_dj at yahoo.com
Sat Mar 31 11:27:39 CEST 2018 


> On Mar 30, 2018, at 7:02 PM, Segher Boessenkool <segher at kernel.crashing.org> wrote:
> 
> On Fri, Mar 30, 2018 at 04:14:48AM -0400, Jd Lyons wrote:
>> FF8906CD: b(:) \ [0x0b7] 0x1cf2 load
>> FF8906D8: 967E FFFC                       stwu     r19,-4(r30)       
>> FF8906DC: 7E68 02A6                       mflr     r19               
>> FF8906E0: 4BFB 68B1     FF846F90          bl       b<">              
>> FF8906E4: 05 ...                          dc.b     " load " 
>> FF8906EC: 4BFF FEDD     FF8905C8          bl       boot|load         
>> FF8906F0: 4BFF FA19     FF890108          bl       (init-program)    
>> FF8906F4: 4BFB 5DAC     FF8464A0          b        exit              
>> 
>> 
>> FF890865: b(:) \ [0x0b7] 0x1cf8 boot
>> FF890870: 967E FFFC                       stwu     r19,-4(r30)       
>> FF890874: 7E68 02A6                       mflr     r19               
>> FF890878: 4BFB 6719     FF846F90          bl       b<">              
>> FF89087C: 05 ...                          dc.b     " boot " 
>> FF890884: 4BFF FD45     FF8905C8          bl       boot|load         
>> FF890888: 4BFF F881     FF890108          bl       (init-program)    
>> FF89088C: 4BFF FEA5     FF890730          bl       go                
>> FF890890: 4BFB 5C10     FF8464A0          b        exit              
>> 
>> It should be possible to decompile the compiled fcode in the same way that the Open Firmware "see" command does.
> 
> It is possible (I have done it).
> 
>> Earlier Mac's (Old World Macs) may have tokenized fcode in their ROM that you can more easily detokenize but some of the words may be unnamed (headerless). I guess the G5 (and other New World Macs) has tokenized fcode somewhere but I don't know where it is - maybe it's compressed?
> 
> Yes, many sections are compressed (with LZ77 iirc).  Not *all* code is
> tokenised, but most is.  And Apple uses some non-standard FCodes, too
> (for local variables, most prominently).  And their drivers can use
> anything defined in the "main" OF (so you cannot transplant them to
> a different machine or a different FW version even).
> 
>> What jumps out at me, is both ‘load' and ‘boot’ one the G5 call ‘boatload’, would this be the reason that it is trying to execute the Option ROM when I try and ‘load’ it?
> 
> "load" does not do "go" (or at least it should not!)
> 

Load seems to do go in some cases, in both OF and OB, like loading bootx, both will just boot OS X. However I have a custom Fcode script that sets some properties for a graphics card, and load behaves as we would expect, doesn’t do go.

But load seems to be trying to do go in Apple’s OF when I load an option rom from disk.

> 
> Segher
> 
> -- 
> OpenBIOS                 http://openbios.org/
> Mailinglist:  http://lists.openbios.org/mailman/listinfo
> Free your System - May the Forth be with you

More information about the OpenBIOS mailing list