Changes

ARM binaries (view source)

Revision as of 00:30, 15 August 2008

628 bytes added , 00:30, 15 August 2008

Add additional information regarding dynamic linking and embedded PowerPC code.

Line 2: Line 2:

== ELF format ==

−

IOS modules, at least, use bare ELF files. The files seem to be compiled with GCC 3.4.3, and they are EABI compliant.

+

IOS modules, at least, use bare ELF files. The files seem to be compiled with GCC 3.4.3, and they are EABI compliant. The file is in big endian format. All ELF files are stripped and don't include function names or symbols.

== ELFLOADER format ==

Line 58: Line 58:

After this, it loads the ELF file, and then '''zeroes out the memory area where the ELF file resides'''. Then it goes back to ARM mode and vectors to 0xFFFF0000 (the entrypoint of the ARM / vector table). The entire BOOT2 code seems to be position-independent: it can be loaded at any address and will still work, as long as it doesn't overlap with the destination of the ELF load. The entire BOOT2 file cleartext is loaded and then the loader is called, so the loader can calculate the offset of the header simply by subtracting 0x10 from the PC at its entrypoint.

+

=== Embedded Broadway Code ===

+

Some ARM binaries include PowerPC code for the Broadway. For example MIOS include code at address 0x00003400 and 0x134c0000. This will be loaded to 0x80003400 and 0x934c0000 on the Broadway side. The starlet can reset the Broadway to get PowerPC code executed.

+

=== Dynamic Linker ===

+

In later IOS versions (after IOS21?) the single IOS ARM binary was devided into several modules/libraries. The modules are loaded and dynamically linked. The modules include human readable function names.

=== Extract ELF file ===

Mega Man

40

edits