.section ".start", #alloc, #execinstr
.align
start:
.type
start,#function
.rept
8
mov
r0, r0
.endr
b
1f
.word
0x016f2818
@ 辅助引导程序的幻数
.word
start
@ 加载运行zImage的绝对地址,start表示赋的初值
.word
_edata
@ zImage end address zImage结尾地址,_edata是在vmlinux.lds.S中定义的,表示init,text,data三个段的结束位置(155行)
1:
mov
r7, r1
@ save architecture ID 保存体系结构ID 用r1保存
mov
r8, r2
@ save atags pointer 保存r2寄存器 参数列表,r0始终为0
mrs
r2, cpsr
@ get current mode
tst
r2, #3
@ not user?,tst实际上是相与
bne
not_angel
mov
r0, #0x17
@ angel_SWIreason_EnterSVC,向SWI中传递参数
swi
0x123456
@ angel_SWI_ARM这个是让用户空间调到SVC空间,这个会从前面0x0008处重新执行
not_angel:
mrs
r2, cpsr
@ turn off interrupts to
orr
r2, r2, #0xc0
@ prevent angel from running关闭中断
msr
cpsr_c, r2
.text
adr
r0, LC0
ldmia
r0, {r1, r2, r3, r4, r5, r6, ip, sp}
@r0是运行时地址,而r1则是链接时地址,而它们两都是表示LC0表的起始位置,这样他们两的差则是运行和链接的偏移量,纠正了这个偏移量才可以运行与”地址相关的代码“
subs
r0, r0, r1
@ calculate the delta offset
@ if delta is zero, we are
beq
not_relocated
@ running at the address we
@ were linked at.若相等则不用重定位了。
add
r5, r5, r0
add
r6, r6, r0
add
ip, ip, r0
add
r2, r2, r0
add
r3, r3, r0
add
sp, sp, r0
1:
ldr
r1, [r6, #0]
@ relocate entries in the GOT
add
r1, r1, r0
@ table. This fixes up the
str
r1, [r6], #4
@ C references.
cmp
r6, ip
blo
1b
not_relocated:
mov
r0, #0
1:
str
r0, [r2], #4
@ clear bss
str
r0, [r2], #4
str
r0, [r2], #4
str
r0, [r2], #4
cmp
r2, r3
blo
1b
@ @ 正如下面的注释所说,C环境我们已经设置好了。下面我们要打开cache和mmu。为什么要这样做呢?
@ 这只是一个解压程序呀?为了速度。那为什么要开mmu呢,而且只是做一个平板式的映射?还是为了速度。
@ 如果不开mmu的话,就只能打开icache。因为不开mmu的话就无法实现内存管理,而io区是决不能开dcache的。
bl
cache_on
.align
5
cache_on:
mov
r3, #8
@ cache_on function
b
call_cache_fn
call_cache_fn:
adr
r12, proc_types
mrc
p15, 0, r6, c0, c0
@ get processor ID
1:
ldr
r1, [r12, #0]
@ get value
ldr
r2, [r12, #4]
@ get mask
eor
r1, r1, r6
@ (real ^ match)将从c0中读出的cpu id与下面的proc_types表中的cpu系列进行比较可得到其属于哪个系列的
tst
r1, r2
@ & mask
addeq
pc, r12, r3
@ 如果是这个系列的cpu调用其cache打开函数
add
r12, r12, #4*5
b
1b
.type
proc_types,#object
proc_types:
.word
0x41560600
@ ARM6/610
.word
0xffffffe0
b
__arm6_cache_off
@ works, but slow
b
__arm6_cache_off
mov
pc, lr
.word
0x00000000
@ old ARM ID
.word
0x0000f000
mov
pc, lr
mov
pc, lr
mov
pc, lr
.word
0x41007000
@ ARM7/710
.word
0xfff8fe00
b
__arm7_cache_off
b
__arm7_cache_off
mov
pc, lr
.word
0x41807200
@ ARM720T (writethrough)
.word
0xffffff00
b
__armv4_cache_on
b
__armv4_cache_off
mov
pc, lr
.size
proc_types, . - proc_types
__armv4_cache_on:
mov
r12, lr
bl
__setup_mmu
__setup_mmu:
sub
r3, r4, #16384
@ Page directory size(16k),r4是zImage的起始位置,再减16k即是0x30004000
bic
r3, r3, #0xff
@ Align the pointer
bic
r3, r3, #0x3f00
mov
r0, r3
mov
r9, r0, lsr #18
mov
r9, r9, lsl #18
@ start of RAM,当前可用sdram的起始地址(以256k为边界)
add
r10, r9, #0x10000000
@ a reasonable RAM size,这里假设的可用ram大小为256M
mov
r1, #0x12
orr
r1, r1, #3 << 10
add
r2, r3, #16384
1:
cmp
r1, r9
@ if virt > start of RAM只有虚空间在sdram中才是可cache和可buffer
orrhs
r1, r1, #0x0c
@ set cacheable, bufferable
cmp
r1, r10
@ if virt > end of RAM
bichs
r1, r1, #0x0c
@ clear cacheable, bufferable
str
r1, [r0], #4
@ 1:1 mapping
add
r1, r1, #1048576
teq
r0, r2
bne
1b
mov
r1, #0x1e
orr
r1, r1, #3 << 10
mov
r2, pc, lsr #20
orr
r1, r1, r2, lsl #20
add
r0, r3, r2, lsl #2
str
r1, [r0], #4
add
r1, r1, #1048576
str
r1, [r0]
mov
pc, lr
mov
r0, #0
mcr
p15, 0, r0, c7, c10, 4
@ 济干write buffer
mcr
p15, 0, r0, c8, c7, 0
@ 失效I/D TLBs
mrc
p15, 0, r0, c1, c0, 0
@ read control reg
orr
r0, r0, #0x5000
@ I-cache enable, RR cache replacement
orr
r0, r0, #0x0030
bl
__common_cache_on
__common_cache_on:
mov
r1, #-1
mcr
p15, 0, r3, c2, c0, 0
@ load page table pointer
mcr
p15, 0, r1, c3, c0, 0
@ load domain access control所有域都是可读可写
mcr
p15, 0, r0, c1, c0, 0
@ load control register赋值cp15的控制寄存器,这时候开MMU,cache
mov
pc, lr
mov
r0, #0
mcr
p15, 0, r0, c8, c7, 0
@ 失效I/D TLBs
mov
pc, r12
mov
r1, sp
@ malloc space above stack
add
r2, sp, #0x10000
@ 64k max解压缩的缓冲区