550 1.0.9
check file extension
ROM:FFFF4F0C LDRB R1, [R0,#-3] ROM:FFFF4F10 CMP R1, #'F' ROM:FFFF4F14 BNE loc_FFFF5058 ROM:FFFF4F18 LDRB R1, [R0,#-2] ROM:FFFF4F1C CMP R1, #'I' ROM:FFFF4F20 BNE loc_FFFF5058 ROM:FFFF4F24 LDRB R0, [R0,#-1] ROM:FFFF4F28 CMP R0, #'R' ROM:FFFF4F2C BNE loc_FFFF5058 ROM:FFFF4F30 LDR R4, =0x40800000 ; FIR file location ROM:FFFF4F34 LDR R0, =0xF8002000 ROM:FFFF4F38 LDR R0, [R0,#0x14] ; update flag ROM:FFFF4F3C CMN R0, #1 ROM:FFFF4F40 BNE loc_FFFF4F48
check model id in FIR header
ROM:FFFF4F44 MOV R0, #0x270 ; 550d model number ROM:FFFF4F48 ROM:FFFF4F48 loc_FFFF4F48 ROM:FFFF4F48 LDR R1, [R4] ROM:FFFF4F4C ORR R0, R0, #0x80000000 ROM:FFFF4F50 CMP R1, R0 ROM:FFFF4F54 BEQ loc_FFFF4F6C
compute and check checksum
ROM:FFFF4FBC loc_FFFF4FBC ROM:FFFF4FBC CMP R0, R3 ; r3 = size ROM:FFFF4FC0 BCS loc_FFFF4FD8 ROM:FFFF4FC4 LDR R12, =0x40800000 ROM:FFFF4FC8 LDRB R12, [R12,R0] ROM:FFFF4FCC ADD R2, R2, R12 ROM:FFFF4FD0 ADD R0, R0, #1 ROM:FFFF4FD4 B loc_FFFF4FBC ROM:FFFF4FD8 ; --------------------------------------------------------------------------- ROM:FFFF4FD8 ROM:FFFF4FD8 loc_FFFF4FD8 ;correction = substract checksum value in file ROM:FFFF4FD8 LDRB R0, [SP,#0x40+var_3C] ROM:FFFF4FDC SUB R0, R2, R0 ROM:FFFF4FE0 LDRB R2, [SP,#0x40+var_3C+1] ROM:FFFF4FE4 SUB R0, R0, R2 ROM:FFFF4FE8 LDRB R2, [SP,#0x40+var_3C+2] ROM:FFFF4FEC SUB R0, R0, R2 ROM:FFFF4FF0 LDRB R2, [SP,#0x40+var_3C+3] ROM:FFFF4FF4 SUB R0, R0, R2 ROM:FFFF4FF8 MVN R5, R0 ROM:FFFF4FFC MOV R2, R5 ROM:FFFF5000 ADR R0, aChecksumXSumX ; "CheckSum=%x sum=%x\n" ROM:FFFF5004 BL printf ROM:FFFF5008 LDR R0, [R4,#0x20] ROM:FFFF500C CMP R0, R5 ; compare computed and stored sums ROM:FFFF5010 BEQ loc_FFFF501C
autoexec.bin launch
ROM:FFFF40F0 MOV R0, #0xF8000000 ROM:FFFF40F4 LDR R0, [R0,#8] ;ramexec/bootflag ROM:FFFF40F8 CMN R0, #1 ROM:FFFF40FC BEQ loc_FFFF411C ROM:FFFF4100 BL Read0x10cdf4 ROM:FFFF4104 BL CPSR_stuff ROM:FFFF4108 MOV R1, #0x800000 ROM:FFFF410C ADR R0, aRamexec ; "RAMEXEC" ROM:FFFF4110 BL sub_FFFF315C
jump and back
ROM:FFFF315C sub_FFFF315C ROM:FFFF315C ROM:FFFF315C STMFD SP!, {R4-R6,LR} ROM:FFFF3160 MOV R5, R0 ROM:FFFF3164 MOV R4, R1 ROM:FFFF3168 MOV R1, R5 ROM:FFFF316C ADR R0, aNowJumpToS ; "Now jump to %s!!\n" ROM:FFFF3170 BL printf ROM:FFFF3174 MOV R1, R4 ROM:FFFF3178 MOV R0, #0 ROM:FFFF317C BL sub_FFFFE75C ROM:FFFF3180 ; --------------------------------------------------------------------------- ROM:FFFF3180 MOV R1, R5 ROM:FFFF3184 LDMFD SP!, {R4-R6,LR} ROM:FFFF3188 ADR R0, aNowReturnedFro ; "Now returned from %s!!\n" ROM:FFFF318C B printf ROM:FFFF318C ; End of function sub_FFFF315C