Print Page - Boot Code Transfer to OS

Calculator Community => TI Calculators => ASM => Topic started by: ralphdspam on December 23, 2011, 04:23:13 pm

Title: Boot Code Transfer to OS
Post by: ralphdspam on December 23, 2011, 04:23:13 pm

How does boot code give control to the OS? Where does it jump to? Are there any integrity checks? If so, what are they?

Title: Re: Boot Code Transfer to OS
Post by: thepenguin77 on December 23, 2011, 10:04:01 pm

A fun question :D

Well, firstly, I recommend you actually take a look at the boot code yourself. In all honesty, this will allow you to understand it far better than I can explain it. Just start at $4000 and figure out what it's doing. The route from boot to OS is only like 300 instructions.

But here's what happens (I'm reading from a disassembly):

The boot code...
1. sets up all of the calculator hardware through ports (port (07) gets 80h except for an OS installation where it gets 00h).
2. checks for Stat and Del and does its usual if they are pressed
3. checks (0038h) to make sure it's not FFh
4. checks (0056h) to make sure it's A55Ah, (5Ah, A5h in memory)
5. jumps to 0053h

Also, if you are going to send your own OS, (0056h) should be $A5FF when sending. Something gets angry if it's not, but I don't remember what it is.

Title: Re: Boot Code Transfer to OS
Post by: ralphdspam on December 23, 2011, 11:59:18 pm

Quote from: thepenguin77 on December 23, 2011, 10:04:01 pm

1. sets up all of the calculator hardware through ports (port (07) gets 80h except for an OS installation where it gets 00h).
2. checks for Stat and Del and does its usual if they are pressed
3. checks (0038h) to make sure it's not FFh
4. checks (0056h) to make sure it's A55Ah, (5Ah, A5h in memory)
5. jumps to 0053h

Also, if you are going to send your own OS, (0056h) should be $A5FF when sending. Something gets angry if it's not, but I don't remember what it is.

Thanks! I'll try that. :)

Ok, so I took a look at the code and made some notes. I only got so far until I got incredibly annoyed at the code. :P

Spoiler For Spoiler:

Title: Re: Boot Code Transfer to OS
Post by: thepenguin77 on December 24, 2011, 09:02:08 am

Your analysis entertained me, so here is a commented version I just whipped up.

A few notes:

The boot code starts on page 7F at 4000, not 0000 on page 00 of the OS. (Technically the boot code starts on page 7F at 0000, but I'm not going into that)
A lot of the useless code you saw was so people can't trick the boot code into unlocking flash for them. When we unlock flash, we have to trick those things into returning to our control with flash unlocked
And as much as you'd like to think otherwise, TI's code is actually pretty well written :)

Title: Re: Boot Code Transfer to OS
Post by: ralphdspam on December 25, 2011, 01:47:53 am

Quote from: thepenguin77 on December 24, 2011, 09:02:08 am

The boot code starts on page 7F at 4000, not 0000 on page 00 of the OS. (Technically the boot code starts on page 7F at 0000, but I'm not going into that)

I noticed the way the code switches out the pages and jumps up to the $4000 bank. It seemed useless at first, but it's actually kind of clever.

Quote

A lot of the useless code you saw was so people can't trick the boot code into unlocking flash for them. When we unlock flash, we have to trick those things into returning to our control with flash unlocked
And as much as you'd like to think otherwise, TI's code is actually pretty well written :)

Yeah, maybe I'm just nitpicking. :P

Omnimaga

Calculator Community => TI Calculators => ASM => Topic started by: ralphdspam on December 23, 2011, 04:23:13 pm