bootloader理论上被分成了stage1(boot code)和stage2(main code)两部分,而boot code部分代码比较难看懂,都是汇编,我也是弄了好些天才搞懂的,真是不易,拿出来大家分享下吧! 我用的是三星的一款开发板,s3c2440,基于arm9的处理器,由于字数限制,一下我只列出了比较难懂的部分。
;========================================= ; NAME: 2440INIT.S ; DESC: C start up codes ; Configure memory, ISR ,stacks ; Initialize C-variables ; HISTORY: ; 2002.02.25:kwtark: ver 0.0 ; 2002.03.20:purnnamu: Add some functions for testing STOP,Sleep mode ; 2003.03.14:DonGo: Modified for 2440. ;========================================= GET option.inc GET memcfg.inc ;nand flash config GET 2440addr.inc ;定义内部寄存器地址对应的变量 BIT_SELFREFRESH EQU (1<<22) ;Pre-defined constants ;对arm处理器模式寄存器对应值的常数定义,arm处理器中有一个CPSR程序状态寄存器,它的后五位决定目前处理器模式 USERMODE EQU 0x10 FIQMODE EQU 0x11 IRQMODE EQU 0x12 SVCMODE EQU 0x13 ABORTMODE EQU 0x17 UNDEFMODE EQU 0x1b MODEMASK EQU 0x1f NOINT EQU 0xc0 ;The location of stacks ;定义各模式下SDRAM中堆栈起始地址,均是物理地址值 UserStack EQU (_STACK_BASEADDRESS-0x3800) ;0x33ff4800 ~ SVCStack EQU (_STACK_BASEADDRESS-0x2800) ;0x33ff5800 ~ UndefStack EQU (_STACK_BASEADDRESS-0x2400) ;0x33ff5c00 ~ AbortStack EQU (_STACK_BASEADDRESS-0x2000) ;0x33ff6000 ~ IRQStack EQU (_STACK_BASEADDRESS-0x1000) ;0x33ff7000 ~ FIQStack EQU (_STACK_BASEADDRESS-0x0) ;0x33ff8000 ~ ;Check if tasm.exe(armasm -16 ...@ADS 1.0) is used. ;这一段是为了统一处理器工作状态和软件编译方式(16位编译环境使用tasm.exe编译) ;arm有两种工作状态1.32位,该状态执行字对准的arm指令;2.16位,该状态执行半字对准的Thumb指令 ;不同的工作状态,编译器编译方式也不同 GBLL THUMBCODE [ {CONFIG} = 16 ;if config THUMBCODE SETL {TRUE} CODE32 ;转入32位编译模式 | ;else THUMBCODE SETL {FALSE} ;设置为FALSE ] MACRO MOV_PC_LR [ THUMBCODE bx lr | mov pc,lr ] MEND MACRO MOVEQ_PC_LR [ THUMBCODE bxeq lr | moveq pc,lr ] MEND ;下面这个宏用于把中断服务程序的首地址装载到pc中,加载程序,属于向量中断模式 MACRO ;声明一个宏 $HandlerLabel HANDLER $HandleLabel $HandlerLabel ;中断服务入口地址 sub sp,sp,#4 ;decrement sp(to store jump address) ;将要使用的r0寄存器入栈 stmfd sp!,{r0} ;PUSH the work register to stack(lr does't push because it return to original address) ;间接寻址方式获得中断函数入口地址 ldr r0,=$HandleLabel;load the address of HandleXXX to r0 ldr r0,[r0] ;load the contents(service routine start address) of HandleXXX ;将对应的中断向量首地址入栈 str r0,[sp,#4] ;store the contents(ISR) of HandleXXX to stack ;将中断函数首地址出栈,放入程序指针中,系统将跳转到对应中断处理函数 ldmfd sp!,{r0,pc} ;POP the work register and pc(jump to ISR) MEND ;宏结束 ;对于arm由RO,RW,ZI三个段组成 其中RO为代码段 RW是已经初始化的全局变量 ZI是未初始化的全局变量 ;bootloader要将RW段复制到RAM中并将ZI段清零 ;编译器使用下列段来记录各段的起始和结束地址 IMPORT |Image$$RO$$Base| ; Base of ROM code IMPORT |Image$$RO$$Limit| ; End of ROM code (=start of ROM data) IMPORT |Image$$RW$$Base| ; Base of RAM to initialise IMPORT |Image$$ZI$$Base| ; Base and limit of area IMPORT |Image$$ZI$$Limit| ; to zero initialise IMPORT MMU_SetAsyncBusMode IMPORT MMU_SetFastBusMode ;hzh IMPORT Main ; The main entry of mon program引入外部函数 ;定义arm汇编程序段,段名Init,程序段为只读代码段 AREA Init,CODE,READONLY ;程序入口 ;异常中断向量表(每个表项占4个字节) ;一旦系统运行时有中断发生 处理器已经把控制权交给了操作系统 处理器还是会跳转到从0x0开始执行中断向量表中某个中断表项 ;板子上电和复位后 程序开始从位于0x0处开始执行 即从这里开始执行跳转到标号为ResetHandler处执行 ENTRY EXPORT __ENTRY __ENTRY ResetEntry ;1)The code, which converts to Big-endian, should be in little endian code. ;2)The following little endian code will be compiled in Big-Endian mode. ; The code byte order should be changed as the memory bus width. ;3)The pseudo instruction,DCD can't be used here because the linker generates error. ;总线宽度判断 ;条件编译,在编译成机器码前就设定好 ASSERT :DEF:ENDIAN_CHANGE ;判断ENDIAN_CHANGE是否已定义 [ ENDIAN_CHANGE ASSERT :DEF:ENTRY_BUS_WIDTH [ ENTRY_BUS_WIDTH=32 b ChangeBigEndian ;DCD 0xea000007 ] [ ENTRY_BUS_WIDTH=16 andeq r14,r7,r0,lsl #20 ;DCD 0x0007ea00也是b ChangeBigEndian指令,只是由于总线不一样而取机器码顺序不同罢了 ] [ ENTRY_BUS_WIDTH=8 streq r0,[r0,-r10,ror #1] ;DCD 0x070000ea ] | b ResetHandler ] ;跳转指令,异常中断处理向量 b HandlerUndef ;handler for Undefined mode b HandlerSWI ;handler for SWI interrupt b HandlerPabort ;handler for PAbort b HandlerDabort ;handler for DAbort b . ;reserved b HandlerIRQ ;handler for IRQ interrupt b HandlerFIQ ;handler for FIQ interrupt ;@0x20 b EnterPWDN ; Must be @0x20. ;大小端判断 ChangeBigEndian ;@0x24 [ ENTRY_BUS_WIDTH=32 DCD 0xee110f10 ;0xee110f10 => mrc p15,0,r0,c1,c0,0 DCD 0xe3800080 ;0xe3800080 => orr r0,r0,#0x80; //Big-endian DCD 0xee010f10 ;0xee010f10 => mcr p15,0,r0,c1,c0,0 ] [ ENTRY_BUS_WIDTH=16 DCD 0x0f10ee11 DCD 0x0080e380 DCD 0x0f10ee01 ] [ ENTRY_BUS_WIDTH=8 DCD 0x100f11ee DCD 0x800080e3 DCD 0x100f01ee ] DCD 0xffffffff ;swinv 0xffffff is similar with NOP and run well in both endian mode. DCD 0xffffffff DCD 0xffffffff DCD 0xffffffff DCD 0xffffffff b ResetHandler ;下面是具体的中断处理函数跳转的宏 ;通过上面的$HandlerLabel宏定义展开后跳转到对应的中断处理函数 HandlerFIQ HANDLER HandleFIQ HandlerIRQ HANDLER HandleIRQ HandlerUndef HANDLER HandleUndef HandlerSWI HANDLER HandleSWI HandlerDabort HANDLER HandleDabort HandlerPabort HANDLER HandlePabort ;下面这段程序是用来处理非向量中断 ;具体判断I_ISPR中个位是否置1,置1表示等待 ;采用INTOFFSET寄存器判定IRQ中断源 IsrIRQ sub sp,sp,#4 ;reserved for PC stmfd sp!,{r8-r9} ldr r9,=INTOFFSET ldr r9,[r9] ;载入I_ISR ldr r8,=HandleEINT0 add r8,r8,r9,lsl #2 ;r8=r8+(r9<<2) ldr r8,[r8] str r8,[sp,#8] ldmfd sp!,{r8-r9,pc} LTORG ;======= ; ENTRY ;======= ;板子上电和复位后 程序开始从位于0x0执行 b ResetHandler程序处跳转到这里执行 ResetHandler ;1.禁止看门狗 屏蔽所有中断 ldr r0,=WTCON ;watch dog disable ldr r1,=0x0 str r1,[r0] ldr r0,=INTMSK ldr r1,=0xffffffff ;all interrupt disable str r1,[r0] ldr r0,=INTSUBMSK ldr r1,=0x7fff ;all sub interrupt disable str r1,[r0] ;系统启动指示灯显示 [ {FALSE} ; rGPFDAT = (rGPFDAT & ~(0xf<<4)) | ((~data & 0xf)<<4); ; Led_Display ldr r0,=GPFCON ldr r1,=0x5500 str r1,[r0] ldr r0,=GPFDAT ldr r1,=0x10 str r1,[r0] ] ;2.根据工作频率设置PLL ;mpll=(2*m*Fin)/(p*2~s) m=M_MDIV+8 p=M_PDIV+2 s="M"_SDIV ;m=92+8 p=1+2 s=1 mpll=400M ;CLKDIV_VAL = 1:4:8 hclk=100M pclk=50M ;To reduce PLL lock time, adjust the LOCKTIME register. ldr r0,=LOCKTIME ldr r1,=0xffffff str r1,[r0] [ PLL_ON_START ; Added for confirm clock divide. for 2440. ; Setting value Fclk:Hclk:Pclk ldr r0,=CLKDIVN ldr r1,=CLKDIV_VAL ; 0=1:1:1, 1=1:1:2, 2=1:2:2, 3=1:2:4, 4=1:4:4, 5=1:4:8, 6=1:3:3, 7=1:3:6. str r1,[r0] ; MMU_SetAsyncBusMode and MMU_SetFastBusMode over 4K, so dont' call here ; call it after copy, hzh ; [ CLKDIV_VAL>1 ; means Fclk:Hclk is not 1:1. ; bl MMU_SetAsyncBusMode ; | ; bl MMU_SetFastBusMode ; default value. ; ] ;program has not been copied, so use these directly, hzh [ CLKDIV_VAL>1 ; means Fclk:Hclk is not 1:1. mrc p15,0,r0,c1,c0,0 orr r0,r0,#0xc0000000;R1_nF:OR:R1_iA mcr p15,0,r0,c1,c0,0 | mrc p15,0,r0,c1,c0,0 bic r0,r0,#0xc0000000;R1_iA:OR:R1_nF mcr p15,0,r0,c1,c0,0 ] ;Configure UPLL ldr r0,=UPLLCON ldr r1,=((U_MDIV<<12)+(U_PDIV<<4)+U_SDIV) str r1,[r0] nop ; Caution: After UPLL setting, at least 7-clocks delay must be inserted for setting hardware be completed. nop nop nop nop nop nop ;Configure MPLL ldr r0,=MPLLCON ldr r1,=((M_MDIV<<12)+(M_PDIV<<4)+M_SDIV) ;Fin=16.9344MHz str r1,[r0] ] ;Check if the boot is caused by the wake-up from SLEEP mode. ldr r1,=GSTATUS2 ldr r0,[r1] tst r0,#0x2 ;In case of the wake-up from SLEEP mode, go to SLEEP_WAKEUP handler. bne WAKEUP_SLEEP EXPORT StartPointAfterSleepWakeUp StartPointAfterSleepWakeUp ;3.设置存储相关寄存器的程序 ;SDRAM,FLASH存储器连接和工作时序的程序,片选定义的程序 ;SMRDATA map在下面的程序中定义,另外参考memcfg.s程序 ;Set memory control registers ;ldr r0,=SMRDATA adrl r0, SMRDATA ;be careful!, hzh ldr r1,=BWSCON ;BWSCON Address add r2, r0, #52 ;End address of SMRDATA 0 ldr r3, [r0], #4 str r3, [r1], #4 cmp r2, r0 bne %B0 ;===delay, hzh mov r0, #&1000 1 subs r0, r0, #1 bne %B1 ;=== ;5.设置缺省中断处理函数 ; Setup IRQ handler ldr r0,=HandleIRQ ;This routine is needed ldr r1,=IsrIRQ ;if there isn't 'subs pc,lr,#4' at 0x18, 0x1c str r1,[r0] ; ;Copy and paste RW data/zero initialized data ; ldr r0, =|Image$$RO$$Limit| ; Get pointer to ROM data ; ldr r1, =|Image$$RW$$Base| ; and RAM copy ; ldr r3, =|Image$$ZI$$Base| ; ;6.将数据段拷贝到RAM中 将零初始化数据段清零 跳入C语言的main函数执行 ;到这步结束bootloader 的stage1引导 ; ;Zero init base => top of initialised data ; cmp r0, r1 ; Check that they are different ; beq %F2 ;1 ; cmp r1, r3 ; Copy init data ; ldrcc r2, [r0], #4 ;--> LDRCC r2, [r0] + ADD r0, r0, #4 ; strcc r2, [r1], #4 ;--> STRCC r2, [r1] + ADD r1, r1, #4 ; bcc %B1 ;2 ; ldr r1, =|Image$$ZI$$Limit| ; Top of zero init segment ; mov r2, #0 ;3 ; cmp r3, r1 ; Zero init ; strcc r2, [r3], #4 ; bcc %B3 [ :LNOT:THUMBCODE bl Main ;Don't use main() because ...... ;ldr pc, =Main ;hzh b . ] [ THUMBCODE ;for start-up code for Thumb mode orr lr,pc,#1 bx lr CODE16 bl Main ;Don't use main() because ...... b . CODE32 ] ;=========================================================== LTORG ;声明一个数据缓冲池的开始 ;GCS0->SST39VF1601 ;GCS1->16c550 ;GCS2->IDE ;GCS3->CS8900 ;GCS4->DM9000 ;GCS5->CF Card ;GCS6->SDRAM ;GCS7->unused ;这是上面提到的对存储器初始化的数据map SMRDATA DATA ; Memory configuration should be optimized for best performance ; The following parameter is not optimized. ; Memory access cycle parameter strategy ; 1) The memory settings is safe parameters even at HCLK="75Mhz". ; 2) SDRAM refresh period is for HCLK<=75Mhz. DCD (0+(B1_BWSCON<<4)+(B2_BWSCON<<8)+(B3_BWSCON<<12)+(B4_BWSCON<<16)+(B5_BWSCON<<20)+(B6_BWSCON<<24)+(B7_BWSCON<<28)) DCD ((B0_Tacs<<13)+(B0_Tcos<<11)+(B0_Tacc<<8)+(B0_Tcoh<<6)+(B0_Tah<<4)+(B0_Tacp<<2)+(B0_PMC)) ;GCS0 DCD ((B1_Tacs<<13)+(B1_Tcos<<11)+(B1_Tacc<<8)+(B1_Tcoh<<6)+(B1_Tah<<4)+(B1_Tacp<<2)+(B1_PMC)) ;GCS1 DCD ((B2_Tacs<<13)+(B2_Tcos<<11)+(B2_Tacc<<8)+(B2_Tcoh<<6)+(B2_Tah<<4)+(B2_Tacp<<2)+(B2_PMC)) ;GCS2 DCD ((B3_Tacs<<13)+(B3_Tcos<<11)+(B3_Tacc<<8)+(B3_Tcoh<<6)+(B3_Tah<<4)+(B3_Tacp<<2)+(B3_PMC)) ;GCS3 DCD ((B4_Tacs<<13)+(B4_Tcos<<11)+(B4_Tacc<<8)+(B4_Tcoh<<6)+(B4_Tah<<4)+(B4_Tacp<<2)+(B4_PMC)) ;GCS4 DCD ((B5_Tacs<<13)+(B5_Tcos<<11)+(B5_Tacc<<8)+(B5_Tcoh<<6)+(B5_Tah<<4)+(B5_Tacp<<2)+(B5_PMC)) ;GCS5 DCD ((B6_MT<<15)+(B6_Trcd<<2)+(B6_SCAN)) ;GCS6 DCD ((B7_MT<<15)+(B7_Trcd<<2)+(B7_SCAN)) ;GCS7 DCD ((REFEN<<23)+(TREFMD<<22)+(Trp<<20)+(Tsrc<<18)+(Tchr<<16)+REFCNT) DCD 0x32 ;SCLK power saving mode, BANKSIZE 128M/128M ;DCD 0x02 ;SCLK power saving disable, BANKSIZE 128M/128M DCD 0x30 ;MRSR6 CL="3clk" DCD 0x30 ;MRSR7 CL="3clk" BaseOfROM DCD |Image$$RO$$Base| TopOfROM DCD |Image$$RO$$Limit| BaseOfBSS DCD |Image$$RW$$Base| BaseOfZero DCD |Image$$ZI$$Base| EndOfBSS DCD |Image$$ZI$$Limit| ALIGN ;通过添加补丁字节使当前位置满足一定的对齐方式 ;Function for entering power down mode ; 1. SDRAM should be in self-refresh mode. ; 2. All interrupt should be maksked for SDRAM/DRAM self-refresh. ; 3. LCD controller should be disabled for SDRAM/DRAM self-refresh. ; 4. The I-cache may have to be turned on. ; 5. The location of the following code may have not to be changed.