第09课第1节 u-boot分析之编译体验
book@book-desktop:/work/system$rm -rf u-boot-1.1.6
book@book-desktop:/work/system$ tar xjf u-boot-1.1.6.tar.bz2
book@book-desktop:/work/system$ cd u-boot-1.1.6/
book@book-desktop:/work/system/u-boot-1.1.6$ patch -p1 < ../u-boot-1.1.6_jz2440.patch
book@book-desktop:/work/system/u-boot-1.1.6$ make 100ask24x0_config
book@book-desktop:/work/system/u-boot-1.1.6$ make
第09课第2节 u-boot分析之Makefile结构分析
可以看uboot里面的README,可以知道uboot里面的约定.
分析MAKEFILE操作步骤
步骤一:在makefile中搜索:100ask24x0_config 和 MKCONFIG
MKCONFIG := $(SRCTREE)/mkconfig
100ask24x0_config : unconfig
@$(MKCONFIG) $(@:_config=) arm arm920t 100ask24x0 NULL s3c24x0
所以当我们执行:make 100ask24x0_config 就相当于我们执行下面的命令
mkconfig 100ask24x0 arm arm920t 100ask24x0 NULL s3c24x0
步骤二:在$(SRCTREE)目录下打开mkconfig ,如下:
拷贝的mkconfig:
#!/bin/sh -e
# Script to create header files and links to configure
# U-Boot for a specific board.
#
# Parameters: Target Architecture CPU Board [VENDOR] [SOC]
#
# (C) 2002-2006 DENX Software Engineering, Wolfgang Denk <wd@denx.de>
#
#mkconfig 100ask24x0 arm arm920t 100ask24x0 NULL s3c24x0
# $0 $1 $2 $3 $4 $5 $6
APPEND=no # Default: Create new config file
BOARD_NAME="" # Name to print in make output
#这段不会执行
/*while [ $# -gt 0 ] ; do
case "$1" in
--) shift ; break ;;
-a) shift ; APPEND=yes ;;
-n) shift ; BOARD_NAME="${1%%_config}" ; shift ;;
*) break ;;
esac
done*/
[ "${BOARD_NAME}" ] || BOARD_NAME="$1" //如果${BOARD_NAME}定义了则不会执行BOARD_NAME="$1",显然定义是空,所以要执行
# BOARD_NAME = 100ask24x0
[ $# -lt 4 ] && exit 1 //$#表示参数的个数,我们这里有6个参数,如果小于4个参数则退出
[ $# -gt 6 ] && exit 1 //$#表示参数的个数,我们这里有6个参数,如果大于6个参数则退出;显然不会退出
echo "Configuring for ${BOARD_NAME} board..."
#
# Create link to architecture specific headers
#
#下面两行是Makefile里面查到的
#OBJTREE := $(if $(BUILD_DIR),$(BUILD_DIR),$(CURDIR)) //如果定义了$(BUILD_DIR)则OBJTREE=$(BUILD_DIR);如果没有定义$(BUILD_DIR)则OBJTREE=$(CURDIR)
#SRCTREE := $(CURDIR)
if [ "$SRCTREE" != "$OBJTREE" ] ; then //查询一下makefile就知道是否相等,显然是相等的
mkdir -p ${OBJTREE}/include
mkdir -p ${OBJTREE}/include2
cd ${OBJTREE}/include2
rm -f asm
ln -s ${SRCTREE}/include/asm-$2 asm
LNPREFIX="../../include2/asm/"
cd ../include
rm -rf asm-$2
rm -f asm
mkdir asm-$2
ln -s asm-$2 asm
else //直接执行else分支
cd ./include
rm -f asm
ln -s asm-$2 asm #ln -s asm-arm asm 建立一个连接文件asm它指向asm-arm,在虚拟机里面可以看到 cd include;ls -l asm
fi
rm -f asm-$2/arch
if [ -z "$6" -o "$6" = "NULL" ] ; then//如果第6个参数为空或者 = "NULL" 会执行下面的指令,显然不成立
ln -s ${LNPREFIX}arch-$3 asm-$2/arch
else
ln -s ${LNPREFIX}arch-$6 asm-$2/arch #ln -s arch-s3c24x0 asm-arm/arch
fi //建立链接文件asm-arm/arch,它指向arch-s3c24x0
if [ "$2" = "arm" ] ; then
rm -f asm-$2/proc
ln -s ${LNPREFIX}proc-armv asm-$2/proc #ln -s $proc-armv asm-arm/proc
fi
#
# Create include file for Make
#
echo "ARCH = $2" > config.mk #>表示新建一个文件
echo "CPU = $3" >> config.mk #>>表示内容追加
echo "BOARD = $4" >> config.mk
#执行上面3条指令之后内容:
#ARCH = arm
#CPU = arm920t
#BOARD = 100ask24x0
#SOC = s3c24x0
[ "$5" ] && [ "$5" != "NULL" ] && echo "VENDOR = $5" >> config.mk #第5个参数存在,并且第5个参数不等于NULL 则追加,不成立
[ "$6" ] && [ "$6" != "NULL" ] && echo "SOC = $6" >> config.mk
#
# Create board specific header file
#
if [ "$APPEND" = "yes" ] # Append to existing config file
then
echo >> config.h
else
> config.h # Create new config file
fi
echo "/* Automatically generated - do not edit */" >>config.h
echo "#include <configs/$1.h>" >>config.h
exit 0
config.h的内容:
/* Automatically generated - do not edit */
#include <configs/100ask24x0.h>
步骤三:分析编译过程,看makefile文件
在117行:
include $(OBJTREE)/include/config.mk
export ARCH CPU BOARD VENDOR SOC
这个就是配置过程和编译过程融合在一起
在127行:
ifeq ($(ARCH),arm)
CROSS_COMPILE = arm-linux-
如果是arm架构的话交叉工具链就是arm-linux-
在163行:
# load other configuration
include $(TOPDIR)/config.mk
在169行:下面的变量用这些值代替 BOARD_NAME=100ask24x0 ARCH=arm CUP=arm920t BOARD=100ask24x0 SOC=s3c24x0
OBJS = cpu/$(CPU)/start.o
在193行:
LIBS = lib_generic/libgeneric.a
LIBS += board/$(BOARDDIR)/lib$(BOARD).a
LIBS += cpu/$(CPU)/lib$(CPU).a
在241行:我们在执行make的时候如果不指定目标,我们就是想生成第一个目标。
ALL = $(obj)u-boot.srec $(obj)u-boot.bin $(obj)System.map $(U_BOOT_NAND)
all: $(ALL)
$(obj)u-boot.bin: $(obj)u-boot
$(OBJCOPY) ${OBJCFLAGS} -O binary $< $@
$(obj)u-boot: depend version $(SUBDIRS) $(OBJS) $(LIBS) $(LDSCRIPT)
UNDEF_SYM=`$(OBJDUMP) -x $(LIBS) |sed -n -e 's/.*__u_boot_cmd_.*/-u\1/p'|sort|uniq`;\
cd $(LNDIR) && $(LD) $(LDFLAGS) $$UNDEF_SYM $(__OBJS) \
--start-group $(__LIBS) --end-group $(PLATFORM_LIBS) \
-Map u-boot.map -o u-boot
在虚拟机直接执行make命令:在make命令的最后面肯定是上面的东西,$(LDFLAGS)这个表示链接参数
UNDEF_SYM=`arm-linux-objdump -x lib_generic/libgeneric.a board/100ask24x0/lib100ask24x0.a cpu/arm920t/libarm920t.a cpu/arm920t/s3c24x0/libs3c24x0.a
lib_arm/libarm.a fs/cramfs/libcramfs.a fs/fat/libfat.a fs/fdos/libfdos.a fs/jffs2/libjffs2.a fs/reiserfs/libreiserfs.a fs/ext2/libext2fs.a
net/libnet.a disk/libdisk.a rtc/librtc.a dtt/libdtt.a drivers/libdrivers.a drivers/nand/libnand.a drivers/nand_legacy/libnand_legacy.a
drivers/usb/libusb.a drivers/sk98lin/libsk98lin.a common/libcommon.a |sed -n -e 's/.*__u_boot_cmd_.*/-u\1/p'|sort|uniq`;\
分析:先进入目录
然后 -T 表示链接脚本,-Ttext表示代码段的基地址是0x33F80000,后面的都是原材料了,start.o就是上面的134行的正好配对,
--start-group就是说后面的是LIB库,lib_generic/libgeneric.a board/100ask24x0/lib100ask24x0.a cpu/arm920t/libarm920t.a这个跟上面136行配对起来了
cd /work/system/u-boot-1.1.6 &&
arm-linux-ld -Bstatic -T /work/system/u-boot-1.1.6/board/100ask24x0/u-boot.lds -Ttext 0x33F80000 $UNDEF_SYM cpu/arm920t/start.o \
--start-group lib_generic/libgeneric.a board/100ask24x0/lib100ask24x0.a cpu/arm920t/libarm920t.a cpu/arm920t/s3c24x0/libs3c24x0.a lib_arm/libarm.a
fs/cramfs/libcramfs.a fs/fat/libfat.a fs/fdos/libfdos.a fs/jffs2/libjffs2.a fs/reiserfs/libreiserfs.a fs/ext2/libext2fs.a net/libnet.a disk/libdisk.a
rtc/librtc.a dtt/libdtt.a drivers/libdrivers.a drivers/nand/libnand.a drivers/nand_legacy/libnand_legacy.a drivers/usb/libusb.a
drivers/sk98lin/libsk98lin.a common/libcommon.a --end-group -L /work/other_board/gcc-3.4.5-glibc-2.3.6/bin/../lib/gcc/arm-linux/3.4.5 -lgcc \
-Map u-boot.map -o u-boot
步骤四:看到这里我们需要看看链接脚本/work/system/u-boot-1.1.6/board/100ask24x0/u-boot.lds
下面摘抄至链接脚本
SECTIONS
{
. = 0x00000000; //当前地址是0.这个会加上-Ttext 0x33F80000。也就是说后面的放在0x33F80000地址
//意思是说当uboot运行的时候应该位于0x33F80000地址。一开始存放是是cpu/arm920t/start.o (.text)和 board/100ask24x0/boot_init.o (.text)
//所以我们就知道了,程序开始时从start.s执行
. = ALIGN(4);
.text :
{
cpu/arm920t/start.o (.text)
board/100ask24x0/boot_init.o (.text)
*(.text)
}
. = ALIGN(4);
.rodata : { *(.rodata) }
. = ALIGN(4);
.data : { *(.data) }
. = ALIGN(4);
.got : { *(.got) }
. = .;
__u_boot_cmd_start = .;
.u_boot_cmd : { *(.u_boot_cmd) }
__u_boot_cmd_end = .;
. = ALIGN(4);
__bss_start = .;
.bss : { *(.bss) }
_end = .;
}
总结:分析MAKEFILE完,我们得到的是:
1、第一个文件:cpu/arm920t/start.s
2、链接地址:/u-boot-1.1.6/board/100ask24x0/u-boot.lds + 0x33F80000
这个 0x33F80000怎么来的,我们搜索一下就可以看出来:这个0x33F80000是我们UBOOT存放地址
book@book-desktop:/work/system/u-boot-1.1.6$ grep "0x33F80000" * -nR
board/mpl/vcma9/config.mk:24:TEXT_BASE = 0x33F80000
board/smdk2410/config.mk:25:TEXT_BASE = 0x33F80000
board/sbc2410x/config.mk:23:TEXT_BASE = 0x33F80000
board/100ask24x0/config.mk:25:TEXT_BASE = 0x33F80000
首先在链接的时候有一个$(LDFLAGS),在makefile里面找一下没有定义,显然在其他文件里面定义
book@book-desktop:/work/system/u-boot-1.1.6$ grep "LDFLAGS" * -nR
config.mk:189:LDFLAGS += -Bstatic -T $(LDSCRIPT) -Ttext $(TEXT_BASE) $(PLATFORM_LDFLAGS)这个显然跟上面联系起来了
分析UBOOT:
一、uboot的第一阶段:硬件相关的初始化。从cpu/arm920t/start.s里面开始分析:
1、 set the cpu to SVC32 mode 设置为管理模式
2、 /* turn off the watchdog */关看门狗
3、 * mask all IRQs by setting all bits in the INTMR - default屏蔽所以中断
4、初始化,主要是SDRAM初始化下面摘录: _start这个地址是程序开始运行的地址,_TEXT_BASE这个是链接地址,看看这两个地址是否相等。
/*
* we do sys-critical inits only at reboot,
* not when booting from ram!
*/
#ifndef CONFIG_SKIP_LOWLEVEL_INIT
adr r0, _start /* r0 <- current position of code */
ldr r1, _TEXT_BASE /* test if we run from flash or RAM */
cmp r0, r1 /* don't reloc during debug */
blne cpu_init_crit
#endif
我们通过搜索就可以发现cpu_init_crit里面包含了lowlevel_init,进行sdram初始化
5、/* Set up the stack 设置栈,从这里我们可以看到栈是怎么划的
stack_setup:
ldr r0, _TEXT_BASE /* upper 128 KiB: relocated uboot */
sub r0, r0, #CFG_MALLOC_LEN /* malloc area */
sub r0, r0, #CFG_GBL_DATA_SIZE /* bdinfo */
#ifdef CONFIG_USE_IRQ
sub r0, r0, #(CONFIG_STACKSIZE_IRQ+CONFIG_STACKSIZE_FIQ)
#endif
sub sp, r0, #12 /* leave 3 words for abort-stack */
注意只有栈设置好了之后,才能够调用c函数
6、 bl clock_init,初始化时钟
7、重定位。把代码从flash里面读到sdram里面去,读到链接地址里面去
#ifndef CONFIG_SKIP_RELOCATE_UBOOT
relocate: /* relocate U-Boot to RAM */
adr r0, _start /* r0 <- current position of code */
ldr r1, _TEXT_BASE /* test if we run from flash or RAM */
cmp r0, r1 /* don't reloc during debug */
beq clear_bss
ldr r2, _armboot_start
ldr r3, _bss_start
sub r2, r3, r2 /* r2 <- size of armboot */
#if 1
bl CopyCode2Ram /* r0: source, r1: dest, r2: size */
#else
8、清bss段,看一下链接文件就可以知道
9、调用start_armboot
二、uboot的第二阶段:uboot的最终目标是启动内核。分两步走:1.从flash上读出内核,2.启动内核
下面从start_armboot开始分析;
1、gd = (gd_t*)(_armboot_start - CFG_MALLOC_LEN - sizeof(gd_t));这里gd 是指向128字节的内存,CFG_GBL_DATA_SIZE
init_sequence,这里面的函数对启动内核有重要作用
2、flash初始化
/* configure available FLASH banks */
size = flash_init ();
3、malloc称为堆,在书本上192k的空间,这里实现了堆的分配和释放
/* armboot_start is defined in the board-specific linker script */
mem_malloc_init (_armboot_start - CFG_MALLOC_LEN);
4、识别flash型号,有了flash_init ()和nand_init()这两个函数后,现在有能力读写flash了。呵呵
nand_init(); /* go init the NAND */
5、环境变量的初始化。来源有两种:1、默认的,2、flash保存的
/* initialize environment */
env_relocate ();
6、主循环,在这里面等待输入命令。到这里uboot的最终目标现在还没有开始,只是具有了从flash上读出内核的能力,还没开始读
/* main_loop() can return to retry autoboot, if so just run it again. */
for (;;) {
main_loop ();
}
下面从main_loop ();开始分析:uboot的核心就是命令
1、如果倒数计时里面没有按下空格,会打印"Booting Linux ...\n"并且运行命令s:run_command (s, 0);
s = getenv ("bootcmd");
debug ("### main_loop: bootcmd=\"%s\"\n", s ? s : "<UNDEFINED>");
if (bootdelay >= 0 && s && !abortboot (bootdelay)) {
# ifdef CONFIG_AUTOBOOT_KEYED
int prev = disable_ctrlc(1); /* disable Control C checking */
# endif
# ifndef CFG_HUSH_PARSER
{
printf("Booting Linux ...\n");
run_command (s, 0);
}
# else
parse_string_outer(s, FLAG_PARSE_SEMICOLON |
FLAG_EXIT_FROM_LOOP);
# endif
# ifdef CONFIG_AUTOBOOT_KEYED
disable_ctrlc(prev); /* restore Control C checking */
# endif
}
2、从1点可以可以看出,启动内核主要是bootcmd。
bootcmd=nand read.jffs2 0x30007FC0 kernel; bootm 0x30007FC0
这两天命令式对应上面的读出内核,和启动内核
3、承接第1点,假设我们按下空格,显示菜单
run_command("menu", 0);
4、下面是个死循环,通过readline (CFG_PROMPT);读取串口的东西,然后运行run_command
for (;;) {
len = readline (CFG_PROMPT);
rc = run_command (lastcommand, flag);
}
从上面可以知道:uboot的核心就是命令,下面分析uboot命令的实现。进入run_command函数
1、分号是命令的给开,比如:print;md.w 0
(*sep == ';') && /* separator */
2、处理宏,临时生成的宏,环境变量
/* find macros in this token and replace them */
process_macros (token, finaltoken);
3、解析命令,/* Extract arguments */比如串口输入:md.w 0。它会解析成argv[0]="md.w"和argv[1]="0"
/* Extract arguments */
if ((argc = parse_line (finaltoken, argv)) == 0) {
rc = -1; /* no command at all */
continue;
}
4、找命令
/* Look up command in command table */
if ((cmdtp = find_cmd(argv[0])) == NULL) {
printf ("Unknown command '%s' - try 'help'\n", argv[0]);
rc = -1; /* give up after bad command */
continue;
}
5、进入find_cmd函数里面有链接脚本传人的参数:
__u_boot_cmd_start = .;
.u_boot_cmd : { *(.u_boot_cmd) }
__u_boot_cmd_end = .;
如果名字匹配成功返回结构体cmdtp,如果名字不成功指向下一个
for (cmdtp = &__u_boot_cmd_start;
cmdtp != &__u_boot_cmd_end;
cmdtp++) {
if (strncmp (cmd, cmdtp->name, len) == 0) {
if (len == strlen (cmdtp->name))
return cmdtp; /* full match */
cmdtp_temp = cmdtp; /* abbreviated command ? */
n_found++;
}
}
我们在源码里面搜索一下:.u_boot_cmd
#define Struct_Section __attribute__ ((unused,section (".u_boot_cmd")))
下面举例说明命令:bootm
bootm 0x30007FC0
在源码里面搜索一下bootm有:
U_BOOT_CMD(
bootm, CFG_MAXARGS, 1, do_bootm,
"bootm - boot application image from memory\n",
"[addr [arg ...]]\n - boot application image stored in memory\n"
"\tpassing arguments 'arg ...'; when booting a Linux kernel,\n"
"\t'arg' can be the address of an initrd image\n"
#ifdef CONFIG_OF_FLAT_TREE
"\tWhen booting a Linux kernel which requires a flat device-tree\n"
"\ta third argument is required which is the address of the of the\n"
"\tdevice-tree blob. To boot that kernel without an initrd image,\n"
"\tuse a '-' for the second argument. If you do not pass a third\n"
"\ta bd_info struct will be passed instead\n"
#endif
);
在源码里面搜索一下宏U_BOOT_CMD有:
#define U_BOOT_CMD(name,maxargs,rep,cmd,usage,help) \
cmd_tbl_t __u_boot_cmd_##name Struct_Section = {#name, maxargs, rep, cmd, usage, help}
展开:这里定义了一个结构体,结构体的类型是cmd_tbl_t,它有一个属性.u_boot_cmd。
cmd_tbl_t __u_boot_cmd_bootm __attribute__ ((unused,section (".u_boot_cmd"))) =
{“bootm”, CFG_MAXARGS, 1, do_bootm, usage, help}
命令s = getenv ("bootcmd"); run_command (s, 0)我们已经知道了下面分析一下bootcmd=nand read.jffs2 0x30007FC0 kernel; bootm 0x30007FC0
nand read.jffs2 0x30007FC0 kernel;
从NAND读出内核:从哪里读,从kernel分区
放到哪里去?---0x30007FC0
nand read.jffs2 0x30007FC0 0x00060000 0x00200000;
#: name size offset mask_flags
0: bootloader 0x00040000 0x00000000 0
1: params 0x00020000 0x00040000 0
2: kernel 0x00200000 0x00060000 0
3: root 0x0fda0000 0x00260000 0
注:分区写死的,在.h里面
#define MTDPARTS_DEFAULT "mtdparts=nandflash0:256k@0(bootloader)," \
"128k(params)," \
"2m(kernel)," \
"-(root)"
bootm 0x30007FC0
由习惯do_bootm可以找do_nand
(!strcmp(s, ".jffs2") || !strcmp(s, ".e") || !strcmp(s, ".i"))) {
nand_read_opts(nand, &opts);
下面分析:do_bootm
1、读出头部
memmove (&header, (char *)addr, sizeof(image_header_t));
2、根据头部移动内核到合适的地方
memmove ((void *) ntohl(hdr->ih_load), (uchar *)data, len);
0x30008000
0x30007fc0
下面是不移动的分支
case IH_COMP_NONE:
if(ntohl(hdr->ih_load) == data) {
printf (" XIP %s ... ", name);
} else {
#if defined(CONFIG_HW_WATCHDOG) || defined(CONFIG_WATCHDOG)
size_t l = len;
void *to = (void *)ntohl(hdr->ih_load);
void *from = (void *)data;
printf (" Loading %s ... ", name);
while (l > 0) {
size_t tail = (l > CHUNKSZ) ? CHUNKSZ : l;
WATCHDOG_RESET();
memmove (to, from, tail);
to += tail;
from += tail;
l -= tail;
}
#else /* !(CONFIG_HW_WATCHDOG || CONFIG_WATCHDOG) */
memmove ((void *) ntohl(hdr->ih_load), (uchar *)data, len);
#endif /* CONFIG_HW_WATCHDOG || CONFIG_WATCHDOG */
}
break;
3启动
do_bootm_linux (cmdtp, flag, argc, argv,addr, len_ptr, verify);
先告诉内核一些启动参数,在某个地址按某种格式保存数据(30000100 TAG)
#if defined (CONFIG_SETUP_MEMORY_TAGS) || \
defined (CONFIG_CMDLINE_TAG) || \
defined (CONFIG_INITRD_TAG) || \
defined (CONFIG_SERIAL_TAG) || \
defined (CONFIG_REVISION_TAG) || \
defined (CONFIG_LCD) || \
defined (CONFIG_VFD)
setup_start_tag (bd);
#ifdef CONFIG_SERIAL_TAG
setup_serial_tag (¶ms);
#endif
#ifdef CONFIG_REVISION_TAG
setup_revision_tag (¶ms);
#endif
#ifdef CONFIG_SETUP_MEMORY_TAGS
setup_memory_tags (bd);
#endif
#ifdef CONFIG_CMDLINE_TAG
setup_commandline_tag (bd, commandline);
#endif
#ifdef CONFIG_INITRD_TAG
if (initrd_start && initrd_end)
setup_initrd_tag (bd, initrd_start, initrd_end);
#endif
#if defined (CONFIG_VFD) || defined (CONFIG_LCD)
setup_videolfb_tag ((gd_t *) gd);
#endif
setup_end_tag (bd);
#endif
然后跳到入口地址启动内核
theKernel (0, bd->bi_arch_number, bd->bi_boot_params);
theKernel = (void (*)(int, int, uint))ntohl(hdr->ih_ep);
typedef struct image_header {
uint32_t ih_magic; /* Image Header Magic Number */
uint32_t ih_hcrc; /* Image Header CRC Checksum */
uint32_t ih_time; /* Image Creation Timestamp */
uint32_t ih_size; /* Image Data Size */
uint32_t ih_load; /* Data Load Address */
uint32_t ih_ep; /* Entry Point Address */
uint32_t ih_dcrc; /* Image Data CRC Checksum */
uint8_t ih_os; /* Operating System */
uint8_t ih_arch; /* CPU architecture */
uint8_t ih_type; /* Image Type */
uint8_t ih_comp; /* Compression Type */
uint8_t ih_name[IH_NMLEN]; /* Image Name */
} image_header_t;
最重要是:
uint32_t ih_load; /* Data Load Address加载地址,内核运行时你要先把它放在哪里 */
uint32_t ih_ep; /* Entry Point Address入口地址,运行内核是直接跳到这个地址就行了 */
浏览博客:http://www.cnblogs.com/heaad/archive/2010/07/17/1779806.html