flat assembler
Message board for the users of flat assembler.
Index
> Non-x86 architectures > Raw bootloader for STM32 |
Author |
|
cvtss2sd 21 Jan 2012, 09:00
I'm sort of new to arm and the like, so i don't know what all info is necessary. Basically i have an STM32 board very similar to these, but with some minor differences (I think it's only the one button, actually). I'm trying to get a minimal (no linker) bootloader (just makes the LED flash) from which i can learn about arm and eventually make a self-serving development platform (by porting fasmarm to arm, having a small kernel with a text editor, keyboard (arduino keyboard), and microSD driver. Any help towards this goal would be appreciated.
I tried using some disassemblers out there to try to learn from the default bootloader, but i don't know enough about arm to tell it the entry point. |
|||
21 Jan 2012, 09:00 |
|
Dex4u 21 Jan 2012, 22:13
You need translate this
https://github.com/soliddigi/SOLID-STM32-Arduino-Bootloader/blob/master/stm32_lib/c_only_startup.s And see this for mini boot arm http://balau82.wordpress.com/2010/02/14/simplest-bare-metal-program-for-arm/ |
|||
21 Jan 2012, 22:13 |
|
Dex4u 22 Jan 2012, 20:33
cvtss2sd wrote: Pretty much, but i do not know enough to know what the org should be and things like that. Heck, the "mini boot arm" code might even be good enough. I just need a source in pure fasmarm that i can run without an OS and assembles into a binary that doesn't need a linker. I just have no idea what i'm doing. Code: format binary ; Tell the assembler output type org 0x00000000 ; This is where we are load to use32 ; Use 32 bit code B Reset_Handler ;/* Reset */ B Default ;/* Undefined */ B Default ;/* SWI */ B Default ;/* Prefetch Abort */ B Default ;/* Data Abort */ B Default ;/* reserved */ B Default ;/* IRQ */ B Default ;/* FIQ */ ;********************************; ; Just loop for now ; ;********************************; Reset_Handler: b Reset_Handler ; Just here on reset, you would add you start code here Default: b Justloop ; Just loop for now Things to note 'b' is the same as 'jmp' and 'word' is the same as 'dword' in x86. Something like the above needs to be at address 0, some times there a boot loader that is loaded there already and you need to load your code higher, you need to read doc's find this out. Use: fasmarm test.asm test.bin <enter> To assemble |
|||
22 Jan 2012, 20:33 |
|
cvtss2sd 24 Jan 2012, 03:13
Thank you for your help, i'll test it out this weekend and tell you if it works (although, the way it's built, i won't know if it actually worked or not unless it does something that clearly tells me it failed [I'll have to look into exactly how it works the LED, but as long as this works it shouldn't be too hard to figure out how to do that]).
I do know, however, there is a "serial bootloader." This is the output of the code i managed to simplify to 1kb and make an LED flash. If pattern holds true, it seems there's an offset (i only edited the C files, not the asm files)... Code: 0000000: 0000 0120 f100 0008 3101 0008 3101 0008 ... ....1...1... 0000010: 3101 0008 3101 0008 3101 0008 0000 0000 1...1...1....... 0000020: 0000 0000 0000 0000 0000 0000 3101 0008 ............1... 0000030: 3101 0008 0000 0000 3101 0008 3101 0008 1.......1...1... 0000040: 3101 0008 3101 0008 3101 0008 3101 0008 1...1...1...1... 0000050: 3101 0008 3101 0008 3101 0008 3101 0008 1...1...1...1... 0000060: 3101 0008 3101 0008 3101 0008 3101 0008 1...1...1...1... 0000070: 3101 0008 3101 0008 3101 0008 3101 0008 1...1...1...1... 0000080: 3101 0008 3101 0008 3101 0008 3101 0008 1...1...1...1... 0000090: 3101 0008 3101 0008 3101 0008 3101 0008 1...1...1...1... 00000a0: 3101 0008 3101 0008 3101 0008 3101 0008 1...1...1...1... 00000b0: 3101 0008 3101 0008 3101 0008 3101 0008 1...1...1...1... 00000c0: 3101 0008 3101 0008 3101 0008 3101 0008 1...1...1...1... 00000d0: 3101 0008 3101 0008 3101 0008 3101 0008 1...1...1...1... 00000e0: 3101 0008 3101 0008 3101 0008 5ff8 08f1 1...1...1..._... 00000f0: 0021 03e0 094b 5b58 4350 0431 0848 094b .!...K[XCP.1.H.K 0000100: 4218 9a42 f6d3 084a 02e0 0023 42f8 043b B..B...J...#B..; 0000110: 064b 9a42 f9d3 00f0 49f9 7047 f003 0008 .K.B....I.pG.... 0000120: 0000 0020 0000 0020 0000 0020 0000 0020 ... ... ... ... 0000130: fee7 0000 80b4 85b0 00af 7860 0b46 fb70 ..........x`.F.p 0000140: fb78 4ff0 0102 02fa 03f3 fb60 7b68 03f1 .xO........`{h.. 0000150: 1003 fa68 1a60 07f1 1407 bd46 80bc 7047 ...h.`.....F..pG 0000160: 80b4 85b0 00af 7860 0b46 fb70 fb78 03f1 ......x`.F.p.x.. 0000170: 1003 4ff0 0102 02fa 03f3 fb60 7b68 03f1 ..O........`{h.. 0000180: 1003 fa68 1a60 07f1 1407 bd46 80bc 7047 ...h.`.....F..pG 0000190: 80b5 86b0 00af f860 7b60 0b46 fb72 1346 .......`{`.F.r.F 00001a0: bb72 fb7a f868 1946 fff7 daff 1fe0 7b68 .r.z.h.F......{h 00001b0: 7b61 04e0 00bf 7b69 03f1 ff33 7b61 7b69 {a....{i...3{a{i 00001c0: 002b f7d1 fb7a f868 1946 fff7 b3ff 7b68 .+...z.h.F....{h 00001d0: 7b61 04e0 00bf 7b69 03f1 ff33 7b61 7b69 {a....{i...3{a{i 00001e0: 002b f7d1 fb7a f868 1946 fff7 b9ff bb7a .+...z.h.F.....z 00001f0: 002b 0cbf 0023 0123 dbb2 ba7a 02f1 ff32 .+...#.#...z...2 0000200: ba72 002b d3d1 07f1 1807 bd46 80bd 00bf .r.+.......F.... 0000210: 80b4 00af 41f2 0003 c4f2 0203 41f2 0002 ....A.......A... 0000220: c4f2 0202 1268 42f0 0102 1a60 41f2 0402 .....hB....`A... 0000230: c4f2 0202 41f2 0403 c4f2 0203 1968 40f2 ....A........h@. 0000240: 0003 cff6 ff03 01ea 0303 1360 41f2 0003 ...........`A... 0000250: c4f2 0203 41f2 0002 c4f2 0202 1268 22f0 ....A........h". 0000260: 8472 22f4 8032 1a60 41f2 0003 c4f2 0203 .r"..2.`A....... 0000270: 41f2 0002 c4f2 0202 1268 22f4 8022 1a60 A........h"..".` 0000280: 41f2 0403 c4f2 0203 41f2 0402 c4f2 0202 A.......A....... 0000290: 1268 22f4 fe02 1a60 41f2 0803 c4f2 0203 .h"....`A....... 00002a0: 4ff0 0002 1a60 bd46 80bc 7047 80b4 00af O....`.F..pG.... 00002b0: 41f2 0003 c4f2 0203 41f2 0002 c4f2 0202 A.......A....... 00002c0: 1268 42f0 0112 1a60 41f2 0003 c4f2 0203 .hB....`A....... 00002d0: 1b68 03f4 0033 002b f6d0 42f2 0003 c4f2 .h...3.+..B..... 00002e0: 0203 4ff0 1202 1a60 41f2 0403 c4f2 0203 ..O....`A....... 00002f0: 41f2 0402 c4f2 0202 1268 42f4 e812 42f4 A........hB...B. 0000300: 8062 1a60 41f2 0003 c4f2 0203 41f2 0002 .b.`A.......A... 0000310: c4f2 0202 1268 42f0 8072 1a60 41f2 0003 .....hB..r.`A... 0000320: c4f2 0203 1b68 03f0 4073 002b f6d0 41f2 .....h..@s.+..A. 0000330: 0403 c4f2 0203 41f2 0402 c4f2 0202 1268 ......A........h 0000340: 42f0 0202 1a60 41f2 0403 c4f2 0203 1b68 B....`A........h 0000350: 03f0 0803 002b f6d0 bd46 80bc 7047 00bf .....+...F..pG.. 0000360: 80b5 00af 41f2 0003 c4f2 0203 41f2 0002 ....A.......A... 0000370: c4f2 0202 9269 42f0 0802 9a61 40f6 0043 .....iB....a@..C 0000380: c4f2 0103 40f6 0042 c4f2 0102 1268 22f4 ....@..B.....h". 0000390: 7002 42f4 8012 1a60 40f6 0040 c4f2 0100 p.B....`@..@.... 00003a0: 4ff0 0501 fff7 c6fe 80bd 00bf 80b5 00af O............... 00003b0: fff7 2eff fff7 7aff fff7 d2ff 40f6 0040 ......z.....@..@ 00003c0: c4f2 0100 4ff0 0501 4ff0 0502 4ff4 a023 ....O...O...O..# 00003d0: fff7 defe 40f6 0040 c4f2 0100 4ff0 0501 ....@..@....O... 00003e0: 4ff0 0102 4ff4 1433 fff7 d2fe f2e7 00bf O...O..3........ 00003f0: 0a . It looks like it might be 0x80000000 or something like that (assuming it's little endian). This little "ld" script seems to confirm it. Here's the asm file that gets linked to it (lacks alot of other code): Code: /** ****************************************************************************** * @file startup_stm32f10x_md.s * @author MCD Application Team * @version V3.1.0 * @date 06/19/2009 * @brief STM32F10x Medium Density Devices vector table for RIDE7 toolchain. * This module performs: * - Set the initial SP * - Set the initial PC == Reset_Handler, * - Set the vector table entries with the exceptions ISR address * - Branches to main in the C library (which eventually * calls main()). * After Reset the Cortex-M3 processor is in Thread mode, * priority is Privileged, and the Stack is set to Main. ******************************************************************************* * @copy * * THE PRESENT FIRMWARE WHICH IS FOR GUIDANCE ONLY AIMS AT PROVIDING CUSTOMERS * WITH CODING INFORMATION REGARDING THEIR PRODUCTS IN ORDER FOR THEM TO SAVE * TIME. AS A RESULT, STMICROELECTRONICS SHALL NOT BE HELD LIABLE FOR ANY * DIRECT, INDIRECT OR CONSEQUENTIAL DAMAGES WITH RESPECT TO ANY CLAIMS ARISING * FROM THE CONTENT OF SUCH FIRMWARE AND/OR THE USE MADE BY CUSTOMERS OF THE * CODING INFORMATION CONTAINED HEREIN IN CONNECTION WITH THEIR PRODUCTS. * * <h2><center>© COPYRIGHT 2009 STMicroelectronics</center></h2> */ .syntax unified .cpu cortex-m3 .fpu softvfp .thumb .global g_pfnVectors .global SystemInit_ExtMemCtl_Dummy .global Default_Handler /* start address for the initialization values of the .data section. defined in linker script */ .word _sidata /* start address for the .data section. defined in linker script */ .word _sdata /* end address for the .data section. defined in linker script */ .word _edata /* start address for the .bss section. defined in linker script */ .word _sbss /* end address for the .bss section. defined in linker script */ .word _ebss .equ BootRAM, 0xF108F85F /** * @brief This is the code that gets called when the processor first * starts execution following a reset event. Only the absolutely * necessary set is performed, after which the application * supplied main() routine is called. * @param None * @retval : None */ .section .text.Reset_Handler .weak Reset_Handler .type Reset_Handler, %function Reset_Handler: /* Copy the data segment initializers from flash to SRAM */ movs r1, #0 b LoopCopyDataInit CopyDataInit: ldr r3, =_sidata ldr r3, [r3, r1] str r3, [r0, r1] adds r1, r1, #4 LoopCopyDataInit: ldr r0, =_sdata ldr r3, =_edata adds r2, r0, r1 cmp r2, r3 bcc CopyDataInit ldr r2, =_sbss b LoopFillZerobss /* Zero fill the bss segment. */ FillZerobss: movs r3, #0 str r3, [r2], #4 LoopFillZerobss: ldr r3, = _ebss cmp r2, r3 bcc FillZerobss /* Call the application's entry point.*/ bl main bx lr .size Reset_Handler, .-Reset_Handler /** * @brief This is the code that gets called when the processor receives an * unexpected interrupt. This simply enters an infinite loop, preserving * the system state for examination by a debugger. * * @param None * @retval : None */ .section .text.Default_Handler,"ax",%progbits Default_Handler: Infinite_Loop: b Infinite_Loop .size Default_Handler, .-Default_Handler /****************************************************************************** * * The minimal vector table for a Cortex M3. Note that the proper constructs * must be placed on this to ensure that it ends up at physical address * 0x0000.0000. * ******************************************************************************/ .section .isr_vector,"a",%progbits .type g_pfnVectors, %object .size g_pfnVectors, .-g_pfnVectors g_pfnVectors: .word _estack .word Reset_Handler .word NMI_Handler .word HardFault_Handler .word MemManage_Handler .word BusFault_Handler .word UsageFault_Handler .word 0 .word 0 .word 0 .word 0 .word SVC_Handler .word DebugMon_Handler .word 0 .word PendSV_Handler .word SysTick_Handler .word WWDG_IRQHandler .word PVD_IRQHandler .word TAMPER_IRQHandler .word RTC_IRQHandler .word FLASH_IRQHandler .word RCC_IRQHandler .word EXTI0_IRQHandler .word EXTI1_IRQHandler .word EXTI2_IRQHandler .word EXTI3_IRQHandler .word EXTI4_IRQHandler .word DMA1_Channel1_IRQHandler .word DMA1_Channel2_IRQHandler .word DMA1_Channel3_IRQHandler .word DMA1_Channel4_IRQHandler .word DMA1_Channel5_IRQHandler .word DMA1_Channel6_IRQHandler .word DMA1_Channel7_IRQHandler .word ADC1_2_IRQHandler .word USB_HP_CAN1_TX_IRQHandler .word USB_LP_CAN1_RX0_IRQHandler .word CAN1_RX1_IRQHandler .word CAN1_SCE_IRQHandler .word EXTI9_5_IRQHandler .word TIM1_BRK_IRQHandler .word TIM1_UP_IRQHandler .word TIM1_TRG_COM_IRQHandler .word TIM1_CC_IRQHandler .word TIM2_IRQHandler .word TIM3_IRQHandler .word TIM4_IRQHandler .word I2C1_EV_IRQHandler .word I2C1_ER_IRQHandler .word I2C2_EV_IRQHandler .word I2C2_ER_IRQHandler .word SPI1_IRQHandler .word SPI2_IRQHandler .word USART1_IRQHandler .word USART2_IRQHandler .word USART3_IRQHandler .word EXTI15_10_IRQHandler .word RTCAlarm_IRQHandler .word USBWakeUp_IRQHandler /* .word TIM8_BRK .word TIM8_UP .word TIM8_TRG_COM .word TIM8_CC .word ADC3 .word FSMC .word SDIO .word TIM5 .word SPI3 .word UART4 .word UART5 .word TIM6 .word TIM7 .word DMA2_Channel1 .word DMA2_Channel2 .word DMA2_Channel3 .word DMA2_Channel5 */ .word BootRAM /* @0x108. This is for boot in RAM mode for STM32F10x Medium Density devices. */ /******************************************************************************* * * Provide weak aliases for each Exception handler to the Default_Handler. * As they are weak aliases, any function with the same name will override * this definition. * *******************************************************************************/ .weak NMI_Handler .thumb_set NMI_Handler,Default_Handler .weak HardFault_Handler .thumb_set HardFault_Handler,Default_Handler .weak MemManage_Handler .thumb_set MemManage_Handler,Default_Handler .weak BusFault_Handler .thumb_set BusFault_Handler,Default_Handler .weak UsageFault_Handler .thumb_set UsageFault_Handler,Default_Handler .weak SVC_Handler .thumb_set SVC_Handler,Default_Handler .weak DebugMon_Handler .thumb_set DebugMon_Handler,Default_Handler .weak PendSV_Handler .thumb_set PendSV_Handler,Default_Handler .weak SysTick_Handler .thumb_set SysTick_Handler,Default_Handler .weak WWDG_IRQHandler .thumb_set WWDG_IRQHandler,Default_Handler .weak PVD_IRQHandler .thumb_set PVD_IRQHandler,Default_Handler .weak TAMPER_IRQHandler .thumb_set TAMPER_IRQHandler,Default_Handler .weak RTC_IRQHandler .thumb_set RTC_IRQHandler,Default_Handler .weak FLASH_IRQHandler .thumb_set FLASH_IRQHandler,Default_Handler .weak RCC_IRQHandler .thumb_set RCC_IRQHandler,Default_Handler .weak EXTI0_IRQHandler .thumb_set EXTI0_IRQHandler,Default_Handler .weak EXTI1_IRQHandler .thumb_set EXTI1_IRQHandler,Default_Handler .weak EXTI2_IRQHandler .thumb_set EXTI2_IRQHandler,Default_Handler .weak EXTI3_IRQHandler .thumb_set EXTI3_IRQHandler,Default_Handler .weak EXTI4_IRQHandler .thumb_set EXTI4_IRQHandler,Default_Handler .weak DMA1_Channel1_IRQHandler .thumb_set DMA1_Channel1_IRQHandler,Default_Handler .weak DMA1_Channel2_IRQHandler .thumb_set DMA1_Channel2_IRQHandler,Default_Handler .weak DMA1_Channel3_IRQHandler .thumb_set DMA1_Channel3_IRQHandler,Default_Handler .weak DMA1_Channel4_IRQHandler .thumb_set DMA1_Channel4_IRQHandler,Default_Handler .weak DMA1_Channel5_IRQHandler .thumb_set DMA1_Channel5_IRQHandler,Default_Handler .weak DMA1_Channel6_IRQHandler .thumb_set DMA1_Channel6_IRQHandler,Default_Handler .weak DMA1_Channel7_IRQHandler .thumb_set DMA1_Channel7_IRQHandler,Default_Handler .weak ADC1_2_IRQHandler .thumb_set ADC1_2_IRQHandler,Default_Handler .weak USB_HP_CAN1_TX_IRQHandler .thumb_set USB_HP_CAN1_TX_IRQHandler,Default_Handler .weak USB_LP_CAN1_RX0_IRQHandler .thumb_set USB_LP_CAN1_RX0_IRQHandler,Default_Handler .weak CAN1_RX1_IRQHandler .thumb_set CAN1_RX1_IRQHandler,Default_Handler .weak CAN1_SCE_IRQHandler .thumb_set CAN1_SCE_IRQHandler,Default_Handler .weak EXTI9_5_IRQHandler .thumb_set EXTI9_5_IRQHandler,Default_Handler .weak TIM1_BRK_IRQHandler .thumb_set TIM1_BRK_IRQHandler,Default_Handler .weak TIM1_UP_IRQHandler .thumb_set TIM1_UP_IRQHandler,Default_Handler .weak TIM1_TRG_COM_IRQHandler .thumb_set TIM1_TRG_COM_IRQHandler,Default_Handler .weak TIM1_CC_IRQHandler .thumb_set TIM1_CC_IRQHandler,Default_Handler .weak TIM2_IRQHandler .thumb_set TIM2_IRQHandler,Default_Handler .weak TIM3_IRQHandler .thumb_set TIM3_IRQHandler,Default_Handler .weak TIM4_IRQHandler .thumb_set TIM4_IRQHandler,Default_Handler .weak I2C1_EV_IRQHandler .thumb_set I2C1_EV_IRQHandler,Default_Handler .weak I2C1_ER_IRQHandler .thumb_set I2C1_ER_IRQHandler,Default_Handler .weak I2C2_EV_IRQHandler .thumb_set I2C2_EV_IRQHandler,Default_Handler .weak I2C2_ER_IRQHandler .thumb_set I2C2_ER_IRQHandler,Default_Handler .weak SPI1_IRQHandler .thumb_set SPI1_IRQHandler,Default_Handler .weak SPI2_IRQHandler .thumb_set SPI2_IRQHandler,Default_Handler .weak USART1_IRQHandler .thumb_set USART1_IRQHandler,Default_Handler .weak USART2_IRQHandler .thumb_set USART2_IRQHandler,Default_Handler .weak USART3_IRQHandler .thumb_set USART3_IRQHandler,Default_Handler .weak EXTI15_10_IRQHandler .thumb_set EXTI15_10_IRQHandler,Default_Handler .weak RTCAlarm_IRQHandler .thumb_set RTCAlarm_IRQHandler,Default_Handler .weak USBWakeUp_IRQHandler .thumb_set USBWakeUp_IRQHandler,Default_Handler My biggest concern is how to implement that moving function in fasm syntax and how exactly i declare that as the entrypoint in the output binary (it's that HLL syntax where this and that gets moved around that makes this complicated). |
|||
24 Jan 2012, 03:13 |
|
revolution 24 Jan 2012, 13:05
cvtss2sd & Dex4u: Always remember to set your "processor" and "coprocessor" values to avoid disappointment with code crashing when trying to execute unsupported instructions.
Maybe I didn't stress it enough in the documentation, but setting the CPU and copro values is really important. If fasmarm chooses an encoding not supported by your CPU you would never know until it crashed in your system. fasmarm does try to choose the instruction that is supported by the earliest CPU architectures but sometimes it is not possible and fasmarm then has to find an alternative that might only be supported by a higher capable CPU than the CPU that your code runs on. So ... always remember to set your "processor" and "coprocessor" values. |
|||
24 Jan 2012, 13:05 |
|
cvtss2sd 27 Jan 2012, 19:20
Well, i don't know exactly what all my ARM uses. I know it uses a version of thumb, but the manual doesn't tell me what version. It just says "The processor implements a version of the thumb instruction set. Table 20 lists the supported instructions."
Are there any specific instructions i can look for in this table that would be dead giveaways? |
|||
27 Jan 2012, 19:20 |
|
revolution 27 Jan 2012, 22:48
V4T: This is guaranteed to be supported by all THUMB inplementations
V5T: BLX reg V6T: REV reg,reg 6M: WFI 7M: CBNZ reg,label T2EE: CHKA reg,reg X: BLX label Z: SMC constant T2: BXJ reg V7: PLI [reg] SYNC: LREXB reg,[rag] DIV: SDIV reg,reg,reg T2EE: ENTERX MP: PLDW [reg] |
|||
27 Jan 2012, 22:48 |
|
cvtss2sd 27 Jan 2012, 23:30
revolution wrote: V4T: This is guaranteed to be supported by all THUMB inplementations Seems to support V5T, V6T, 6M, 7M, DIV, T2EE doesn't seem to be found. The BLX mneumonic can only be applied to Rm (i'm assuming register), SMC, Z, T2, V7, SYNC and MP don't seem to be available, When i'm looking at your thumb32 example,i'm seeing some flags i don't see listed here... Is there a list of checks out there for what flags to set and what values the flags have? EDIT: NVM, i think i can peice it together... EDIT2: Nope. No idea. This is getting me all confused. Here's the manual. The instruction list starts on page 46. |
|||
27 Jan 2012, 23:30 |
|
< Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.