Quote from: g3gg0 on September 13, 2013, 10:00:50 PM
its a parallel one, as it is mapped into memory space
You are so right.
I poked around the ML source code trying to find some details about the boot_flag thing. And I found the bootDisk flag is @0xF8000004, not what I original thought @0xF8000000! Compare these sections of firmware code, I think I found the equivalent 500D enable/diable_bookDisk code in XSi.
500D Firmware v1.1.1?:
Code Select
ROM:FF066748 ; =============== S U B R O U T I N E =======================================
ROM:FF066748
ROM:FF066748
ROM:FF066748 sub_FF066748 ; CODE XREF: sub_FF013210+154p
ROM:FF066748 STMFD SP!, {R4,LR}
ROM:FF06674C ADR R2, unk_FF066718
ROM:FF066750 MOV R1, #0
ROM:FF066754 ADR R0, aEnablefirmware ; "EnableFirmware"
ROM:FF066758 BL sub_FF1A5B58
ROM:FF06675C ADR R2, sub_FF066724
ROM:FF066760 MOV R1, #0
ROM:FF066764 ADR R0, aDisablefirmwar ; "DisableFirmware"
ROM:FF066768 BL sub_FF1A5B58
ROM:FF06676C ADR R2, sub_FF066700
ROM:FF066770 MOV R1, #0
ROM:FF066774 ADR R0, aEnablebootdisk ; "EnableBootDisk"
ROM:FF066778 BL sub_FF1A5B58
ROM:FF06677C ADR R2, sub_FF06670C
ROM:FF066780 MOV R1, #0
ROM:FF066784 ADR R0, aDisablebootdis ; "DisableBootDisk"
ROM:FF066788 BL sub_FF1A5B58
ROM:FF06678C ADR R2, sub_FF066730
ROM:FF066790 MOV R1, #0
ROM:FF066794 ADR R0, aEnablemainfirm ; "EnableMainFirm"
ROM:FF066798 BL sub_FF1A5B58
ROM:FF06679C LDMFD SP!, {R4,LR}
ROM:FF0667A0 ADR R2, sub_FF06673C
ROM:FF0667A4 MOV R1, #0
ROM:FF0667A8 ADR R0, aDisablemainfir ; "DisableMainFirm"
ROM:FF0667AC B sub_FF1A5B58
ROM:FF0667AC ; End of function sub_FF066748
ROM:FF0667AC
ROM:FF0667AC ;
ROM:FF0667B0 dword_FF0667B0 DCD 0xF8000004 ; DATA XREF: sub_FF066700r
ROM:FF0667B0 ; sub_FF06670Cr
ROM:FF0667B4 dword_FF0667B4 DCD 0xF800000C ; DATA XREF: sub_FF066724r
ROM:FF0667B8 aEnablefirmware DCB "EnableFirmware",0 ; DATA XREF: sub_FF066748+Co
ROM:FF0667C7 DCB 0
ROM:FF0667C8 aDisablefirmwar DCB "DisableFirmware",0 ; DATA XREF: sub_FF066748+1Co
ROM:FF0667D8 aEnablebootdisk DCB "EnableBootDisk",0 ; DATA XREF: sub_FF066748+2Co
ROM:FF0667E7 DCB 0
ROM:FF0667E8 aDisablebootdis DCB "DisableBootDisk",0 ; DATA XREF: sub_FF066748+3Co
ROM:FF0667F8 aEnablemainfirm DCB "EnableMainFirm",0 ; DATA XREF: sub_FF066748+4Co
ROM:FF066807 DCB 0
ROM:FF066808 aDisablemainfir DCB "DisableMainFirm",0 ; DATA XREF: sub_FF066748+60o
===== bootdisk_enable =====
ROM:FF066700 ; =============== S U B R O U T I N E ================
ROM:FF066700
ROM:FF066700
ROM:FF066700 sub_FF066700 ; DATA XREF: sub_FF066748+24o
ROM:FF066700 LDR R0, =0xF8000004
ROM:FF066704 MOV R1, 0xFFFFFFFF
ROM:FF066708 B sub_FF06664C
ROM:FF066708 ; End of function sub_FF066700
===== bootdisk_disable =====
ROM:FF06670C ; =============== S U B R O U T I N E ================
ROM:FF06670C
ROM:FF06670C
ROM:FF06670C sub_FF06670C ; DATA XREF: sub_FF066748+34o
ROM:FF06670C LDR R0, =0xF8000004
ROM:FF066710 MOV R1, #0
ROM:FF066714 B sub_FF06664C
ROM:FF066714 ; End of function sub_FF06670C
XSi Firmware v1.1.0
Code Select
ROM:FFD184A0 ; =============== S U B R O U T I N E =======================================
ROM:FFD184A0
ROM:FFD184A0
ROM:FFD184A0 sub_FFD184A0 ; CODE XREF: sub_FF811340+164p
ROM:FFD184A0
ROM:FFD184A0 var_4 = -4
ROM:FFD184A0
ROM:FFD184A0 LDR R0, =aEnablefirmware ; "EnableFirmware"
ROM:FFD184A4 MOV R1, #0
ROM:FFD184A8 LDR R2, =sub_FFD18158
ROM:FFD184AC STR LR, [SP,#var_4]!
ROM:FFD184B0 BL sub_FFD0A128
ROM:FFD184B4 LDR R0, =aDisablefirmwar ; "DisableFirmware"
ROM:FFD184B8 MOV R1, #0
ROM:FFD184BC LDR R2, =sub_FFD1822C
ROM:FFD184C0 BL sub_FFD0A128
ROM:FFD184C4 LDR R0, =aEnablebootdisk ; "EnableBootDisk"
ROM:FFD184C8 MOV R1, #0
ROM:FFD184CC LDR R2, =unk_FFD18538
ROM:FFD184D0 BL sub_FFD0A128
ROM:FFD184D4 LDR R0, =aDisablebootdis ; "DisableBootDisk"
ROM:FFD184D8 MOV R1, #0
ROM:FFD184DC LDR R2, =unk_FFD18550
ROM:FFD184E0 BL sub_FFD0A128
ROM:FFD184E4 LDR R0, =aEnablemainfirm ; "EnableMainFirm"
ROM:FFD184E8 MOV R1, #0
ROM:FFD184EC LDR R2, =sub_FFD18300
ROM:FFD184F0 BL sub_FFD0A128
ROM:FFD184F4 LDR R0, =aDisablemainfir ; "DisableMainFirm"
ROM:FFD184F8 MOV R1, #0
ROM:FFD184FC LDR R2, =sub_FFD183D0
ROM:FFD18500 LDR LR, [SP+4+var_4],#4
ROM:FFD18504 B sub_FFD0A128
ROM:FFD18504 ; End of function sub_FFD184A0
ROM:FFD18504
ROM:FFD18504 ; ---------------------------------------------------------------------------
ROM:FFD18508 off_FFD18508 DCD aEnablefirmware ; DATA XREF: sub_FFD184A0r
ROM:FFD18508 ; "EnableFirmware"
ROM:FFD1850C off_FFD1850C DCD sub_FFD18158 ; DATA XREF: sub_FFD184A0+8r
ROM:FFD18510 off_FFD18510 DCD aDisablefirmwar ; DATA XREF: sub_FFD184A0+14r
ROM:FFD18510 ; "DisableFirmware"
ROM:FFD18514 off_FFD18514 DCD sub_FFD1822C ; DATA XREF: sub_FFD184A0+1Cr
ROM:FFD18518 off_FFD18518 DCD aEnablebootdisk ; DATA XREF: sub_FFD184A0+24r
ROM:FFD18518 ; "EnableBootDisk"
ROM:FFD1851C off_FFD1851C DCD unk_FFD18538 ; DATA XREF: sub_FFD184A0+2Cr
ROM:FFD18520 off_FFD18520 DCD aDisablebootdis ; DATA XREF: sub_FFD184A0+34r
ROM:FFD18520 ; "DisableBootDisk"
ROM:FFD18524 off_FFD18524 DCD unk_FFD18550 ; DATA XREF: sub_FFD184A0+3Cr
ROM:FFD18528 off_FFD18528 DCD aEnablemainfirm ; DATA XREF: sub_FFD184A0+44r
ROM:FFD18528 ; "EnableMainFirm"
ROM:FFD1852C off_FFD1852C DCD sub_FFD18300 ; DATA XREF: sub_FFD184A0+4Cr
ROM:FFD18530 off_FFD18530 DCD aDisablemainfir ; DATA XREF: sub_FFD184A0+54r
ROM:FFD18530 ; "DisableMainFirm"
ROM:FFD18534 off_FFD18534 DCD sub_FFD183D0 ; DATA XREF: sub_FFD184A0+5Cr
ROM:FFD18538 unk_FFD18538 DCB 0x4F ; O ; DATA XREF: sub_FFD184A0+2Co
ROM:FFD18538 ; ROM:off_FFD1851Co
ROM:FFD18538 ;
---------------------------- bootdisk_enable? ---------------
ROM:FFD18538
ROM:FFD18538 loc_FFD18538 ; DATA XREF: sub_FFD184A0+2Co
ROM:FFD18538 ; ROM:off_FFD1851Co
ROM:FFD18538 MOV R0, 0xF8000004
ROM:FFD18540 MOV R1, 0xFFFFFFFF
ROM:FFD18544 STR LR, [SP,#-4]!
ROM:FFD18548 LDR LR, [SP],#4
ROM:FFD1854C B loc_FFD18078
ROM:FFD18550 ;
---------------------------- bootdisk_disable? ---------------
ROM:FFD18550
ROM:FFD18550 loc_FFD18550 ; DATA XREF: sub_FFD184A0+3Co
ROM:FFD18550 ; ROM:off_FFD18524o
ROM:FFD18550 MOV R0, 0xF8000004
ROM:FFD18558 MOV R1, #0
ROM:FFD1855C STR LR, [SP,#-4]!
ROM:FFD18560 LDR LR, [SP],#4
ROM:FFD18564 B loc_FFD18078
This similarity makes me think if 500D is a good candidate of reference for XSi porting even though these two models have different OS. Anyway, now is the time for ARM assembly language and architecture, and perhaps VxWorks. Until then, I don't think I can make any meaningful progress.