Boot Chain

From WebOS Internals
Revision as of 08:37, 14 December 2009 by RodWhitby (talk | contribs)
Jump to navigation Jump to search

boot/boot.bin

Load Address: 0x40200000

This does some minimal hardware initialization, then loads the "real" bootloader and executes it. The "real" bootloader is tacked onto the end of boot.bin as a gzip. The offset of the "real" bootloader is different for every version. Table below will give you the right offset (If your version is not listed, then search with "hexdump -C boot-castle.bin | less" for the byte sequence "1f 8b" (the gzip format identifier)).

Version Offset
unknown 0x19D0 (thanks roxfan)
1.3.1 (O2) 0x19f0 
hexdump -C webosdoctorp100ewwsprint-1.0.3/webOS/boot-castle.bin | grep '1f 8b'
000019d0  1f 8b 08 00 00 00 00 00  02 03 c4 fd 0b 7c 54 d5  |.............|T.|
hexdump -C webosdoctorp100ewwbellmo-1.1.0/webOS/boot-castle.bin | grep '1f 8b'
000019d0  1f 8b 08 00 00 00 00 00  02 03 c4 fd 0b 7c 54 d5  |.............|T.|
hexdump -C webosdoctorp100eww-wr-1.1.3/webOS/boot-castle.bin | grep '1f 8b'
000019d0  1f 8b 08 00 00 00 00 00  02 03 c4 fd 0b 7c 54 d5  |.............|T.|
hexdump -C webosdoctorp100ewwsprint-1.2.1/webOS/boot-castle.bin | grep '1f 8b'
000019d0  1f 8b 08 00 00 00 00 00  02 03 c4 fd 0b 7c 54 d5  |.............|T.|
hexdump -C webosdoctorp100ewwbellmo-1.2.1/webOS/boot-castle.bin | grep '1f 8b'
000019d0  1f 8b 08 00 00 00 00 00  02 03 c4 fd 0b 7c 54 d5  |.............|T.|
hexdump -C webosdoctorp100ewwsprint-1.3.1/webOS/boot-castle.bin | grep '1f 8b'
000019f0  1f 8b 08 00 00 00 00 00  02 03 c4 fd 0b 78 54 d5  |.............xT.|
hexdump -C webosdoctorp100ueu-wr-1.3.1/webOS/boot-castle.bin | grep '1f 8b'
000019f0  1f 8b 08 00 00 00 00 00  02 03 c4 fd 0b 78 54 d5  |.............xT.|
hexdump -C webosdoctorp100ewwbellmo-1.3.1/webOS/boot-castle.bin | grep '1f 8b'
000019f0  1f 8b 08 00 00 00 00 00  02 03 c4 fd 0b 78 54 d5  |.............xT.|

"real" bootloader (bootie)

Load Address: 0x82000000

This looks a _lot_ like iBoot from the iPhoneOS devices, but others say that this is based off u-boot, so I will assume that is true and that iBoot is also based off of it. It even seems to have some of the u-boot commands, such as "printenv", "run", "setenv", "getenv", etc. I am currently looking into how to communicate with it as you can with iBoot.

Retrieved from "http://wiki.webos-internals.org/index.php?title=Boot_Chain&oldid=7784"