Omapl138中AIS文件分析(参照Using the OMAP-L138 Bootloader)（转）

Omapl138中AIS文件分析(参照Using the OMAP-L138 Bootloader)

转载链接：https://blog.csdn.net/qq_40788950/article/details/85526686

AIS is a format of storing the boot image. Apart from the HPI and two NOR-boot modes described above,all boot modes supported by the OMAP-L132/L138 bootloader use AIS for boot purposes.AIS is a binary language, accessed in terms of 32-bit (4-byte) words in little endian format. AIS starts witha magic word (0x41504954) and contains a series of AIS commands, which are executed by thebootloader in sequential manner. The Jump & Close (J&C) command marks the end of AIS.

AIS是一种存储引导镜像的形式，除了上述的HPI和上述两种NOR-boot模式，所有支持OMAP-L132/L138 bootloader的启动模式都可以使用AIS作为引导。AIS是一种二进制语言，通过小端模式的四个字节进行访问。AIS以幻数0x41504954开始并且包含了一系列以顺序方式加载引导方式的命令。J&C命令标志AIS的结束。

Magic Word

Command

…

J&C Command

Each AIS command consists of an opcode, optionally followed by one or more arguments, followed by optional data.
每个AIS命令包含一个操作码，后面可以选择性跟一个或多个参数，再跟可选的数据。

Opcode

Argument

…

Data

…

The opcode and its arguments are each one word (4 bytes) wide. If the length of data is not a multiple of 4 bytes, it is padded with zeros to make it so.
Knowledge of AIS commands is not required to use the bootloader, but will be discussed in the following sub-sections for completeness. You can skip to the next section if knowledge of AIS commands is not desired.

每个Opcode和它的参数都是四字节的宽度。如果它的长度不是四字节的倍数，那就填充0来使它的长度保持四字节的倍数。在使用加载引导程序的过程中，AIS的知识并不是必须的，在接下来部分为了完整性会继续讨论，但是如果AIS命令的知识不是你所要的话，可以跳过下一部分。
4.1 Section Load Command (0x58535901)
The user application consists of a number of initialized sections and an application entry point. The Section Load command is used to load each initialized section of the application to device memory
用户应用程序由许多已初始化的部分和一个应用程序入口点组成。段加载命令用于将应用程序的每个初始化段加载到设备内存中。

0x58535901

Address

Size

Data

…

This command takes two arguments: address and size of the section to be loaded, followed by contents of the section (data). If the length of the section content is not a multiple of 4 bytes, appropriate zero padding
is added to make it so; zero padding is not reflected in the SIZE argument.
这个命令包含两个参数：将要加载段的地址和大小，跟着段的内容（数据）。如果段内容的长度是不4字节的倍数，填充合适的0的个数来使它满足这个条件；0填充不反映在SIZE参数中。
When CRC checking is enabled, the address and size arguments are fed into the CRC update function in that order. After the section is fully loaded to memory, the section data is fed into the CRC update function
beginning at the specified address.
当启用CRC检查时，地址和大小参数将会以这个顺序被填充到CRC更新函数中。当段数据被完全加载到内存中后，段数据被送到CRC更新函数并从指定的地址开始。
4.2 Section Fill Command (0x5853590A)
The Section Fill command is an optimized version of the Section Load command, which is used when a section is completely filled with a pattern (for example, 0x00 or 0xFF).
段填充命令是段加载命令优化版本，在使用模式来完全填充的时候使用。

0x5853590A

Address

Size

Type

Pattern

This command takes four arguments: address and size of the section to be filled, the type of memory access, and the pattern that will fill the memory.
这个命令包含四个参数：地址和要填充的段的大小，内存访问的类型和填充内存的模式。
Type Word Values for Section Fill Opcode

Value	Length of Data Pattern
0	8-bit
1	16-bit
2	32-bit

When CRC checking is enabled, the address, size, type, and pattern arguments are fed into the CRC update function in that order. After the section is completely filled with the specified pattern, the section data is fed into the CRC update function beginning at the specified address.
当启用CRC检查时，地址，大小，类型和模式参数将按该顺序输入CRC更新函数。在使用指定的模式来将段完全填充之后，段数据在指定的地址被填充进入CRC更新函数。
4.3 Enable CRC Command (0x58535903)
This command enables calculation of the cyclic redundancy check (CRC) over the user-application data loaded using the Section Load/Section Fill commands.
这个命令允许使用段加载或段填充的方式加载的用户应用数据来进行CRC校验。

0x58535903

This command does not take any arguments or data.
这个命令不接受任何参数或者数据。
4.4 Disable CRC Command (0x58535904)
This command disables the calculation of the CRC.
这个命令用来关闭CRC的计算。

0x58535904

它也不接受其它的参数或者数据。
4.5 Validate CRC Command (0x58535902)
This command is used to validate the CRC calculated by the bootloader.
这个命令用来校验引导加载程序计算的CRC值。

0x58535902

CRC

Seek

This command takes two arguments: the CRC and the seek value. The CRC is the expected value of the CRC with which the calculated CRC should be compared. In the case of a CRC match, the seek value is
ignored and the next command is executed. However, in the case of a CRC mismatch, the seek value can be added to the current position in AIS to locate the last Section Load/Section Fill command so that the
command can be executed again.
这个命令接受两个参数：crc和seek值。crc是计算出的CRC应与之比较的CRC。在CRC匹配的情况下,seek值忽略，然后执行下一个命令。但是，在CRC不匹配的情况下，SEEK值可以添加到AIS中的当前位置，以定位最后一个区段加载/区段填充命令，以便命令可以再次执行。

Enable CRC

Section Load

0x58535902

CRC

Seek

This command behaves differently for master- and slave-boot modes. In master-boot mode, the bootloader reads the expected CRC from the boot device and compares it with the calculated CRC. In case of an error, the bootloader adds the seek value to the current read position in AIS and starts executing commands from that position in AIS.
对于主引导模式和从引导模式，此命令的行为不同。在主引导模式下，引导加载程序从引导设备读取预期的CRC，并将其与计算的CRC进行比较。如果出现错误，引导加载程序会将SEEK值添加到AIS中的当前读取位置，并从AIS中的该位置开始执行命令。
In slave-boot mode, on receiving the Validate CRC command, the bootloader provides the calculated CRC to the host. The host then compares this value with the one from AIS and updates its AIS read position,depending on the result of the CRC comparison. In the case of an error, the host sends the Start-Over command to the device so that the bootloader can re-initialize the calculated CRC and be ready to receive
the next command.
在从引导模式下，在接收到校验crc命令时，引导加载程序会向主机提供计算出的CRC。然后，主机将该值与来自AIS的值进行比较，并根据CRC比较的结果更新其AIS读取位置。在发生错误的情况下，主机向设备发送start over命令，以便引导加载程序可以重新初始化计算的CRC并准备接收下一个命令。

0x58535902

The Start-Over command (0x58535908) takes no arguments or data. This command does not appear in AIS and is only used in slave-boot mode by the host to recover from a CRC error.
Start-Over命令(0x58535908) 不接收任何参数或者数据。此命令不出现在AIS中，仅在从引导模式下由主机用于从CRC错误恢复。
4.6 Jump & Close Command (0x58535906)
The Jump & Close command is used to mark the end of AIS. On receiving this command, the bootloadercloses the boot peripheral, restores the selected configurations of the device to its default state, and then transfers control to the user application.
This command takes one argument: the entry point of the ARM application. This is the address the bootloader transfers control to after closing the boot peripheral. The application starts execution after this jump and the bootloader loses its control over the device.
跳转和关闭命令用于标记AIS的结束。在接收到这个命令时，bootloader会关闭引导外围设备，将设备的选定配置恢复到默认状态，然后将控制权转移到用户应用程序。这个命令接受一个参数：ARM应用程序的入口点。这是引导加载程序在关闭引导外围设备后将控制传输到的地址。应用程序在此跳转之后开始执行，引导加载程序将失去对设备的控制。

0x58535906

Address

4.7 Jump Command (0x58535905)
This command is similar to the Jump & Close command, except that the bootloader does not close the boot peripheral and does not change any device state. This command is not used to transfer control to theapplication. Rather, it is used to execute a temporary code, which may tweak the bootloader or device state. This command is used to add post-ROM features to the bootloader.
This command takes one argument: the address of a temporary function to be called. This function should be loaded to the device memory before the Jump command, and it should also return control to the bootloader after performing its intended task.
这个命令类似于jump&close命令，只是引导加载程序不关闭引导外设，也不更改任何设备状态。此命令不用于将控制传输到应用程序。相反，它用于执行临时代码，这可能会调整引导加载程序或设备状态。此命令用于将post-rom功能添加到bootloader。此命令接受一个参数：要调用的临时函数的地址。这个函数应该在跳转命令之前加载到设备内存中，并且在执行预期的任务之后还应该将控制权返回到引导加载程序。

0x58535906

Address

4.8 Sequential Read Enable Command (0x58535963)
When booting from a serial peripheral interface (SPI) or inter-integrated circuit (I2C) slave device, the bootloader uses a random read method to read the boot image from the slave memory device. This method requires sending a read command and a read address to read each byte. Many recent memory devices support reading in sequential method, where data can be read in sequential order without sending a read command/address for each byte. Using this method to read data greatly reduces boot time. The Sequential Read Enable command is used to enable the bootloader to use the sequential read method.
当从串行外围接口（SPI）或内部集成电路（I2c）从设备引导时，引导加载程序使用随机读取方法从从存储设备读取引导映像。这个方法需要发送一个读命令和一个读地址来读取每个字节。许多最近的内存设备支持按顺序读取，在这种方法中，数据可以按顺序读取，而不必为每个字节发送读取命令/地址。使用此方法读取数据大大缩短了启动时间。Sequential Read Enable 命令用于使引导加载程序能够使用顺序读取方法。

0x58535963

这个命令不接受参数或者数据。
4.9 Function Execute Command (0x5853590D)
The Function Execute command is a generic interface for device-specific initialization functions such as phase-locked loop (PLL) and external memory interface (EMIF) configuration. A set of pre-defined functions are part of the ROM and a function table is maintained by the bootloader with pointers to each of them. The Function Execute command can be used to execute any of them. Details of pre-defined ROM functions that can be called using this command are given in Appendix D.
The Function Execute 命令是设备特定初始化功能的通用接口，如锁相环（PLL）和外部存储器接口（EMIF）配置。一组预先定义的函数是ROM的一部分，函数表由引导装载程序维护，每个函数表都有指针。函数execute命令可用于执行其中任何一个命令。可使用此命令调用的预定义ROM函数的详细信息在附录D中给出。

0x5853590D

FXN NUM & ARG CNT

Argument

…

The number of arguments in this command is variable. The first argument specifies the function ID (index of function in the function table) in the lower 16 bits and the number of arguments that the function takes in the upper 16 bits. The number of arguments following the first argument matches the number specified in its upper 16 bits.
此命令中的参数数目是可变的。第一个参数在低16位中指定函数ID（函数表中的函数索引），以及指定在高16位中函数接受的参数个数。第一个参数后面的参数个数与在其高位16位中指定的数字匹配。
4.10 Boot Table Command (0x58535907)
The Boot Table (or SET) command writes 8-, 16-, or 32-bit data to any address in device memory.Additionally, it instructs the device to wait for a fixed number of cycles after the memory write occurs. This can allow memory-mapped register writes to take effect before the bootloader moves on to the next opcode.
boot table（或set）命令将8、16或32位数据写入设备内存中的任何地址。此外，它还指示设备在内存写入后等待固定的周期数。这可以使内存映射寄存器写入在引导加载程序移到下一个操作码之前生效。

0x58535907

Type

Address

Data

Sleep

This command takes four arguments. First is the type (size and format) of the memory location to be written; the contents of this word are described in the table below. The address comes next, followed by the data. Note that the data is given as 32 bits in the AIS regardless of how many bits will actually be written. The last parameter is the number of cycles to delay execution of the next opcode.
此命令接受四个参数。首先是要写入的内存位置的类型（大小和格式）；下表描述了这个词的内容。接下来是地址，后面是数据。请注意，在AIS中，数据以32位的形式给出，而不管实际写入多少位。最后一个参数是延迟执行下一个操作码的周期数。
Type Word for Boot Table Opcode

Reserved	STOP	START	LENGTH

Type Word for Boot Table Opcode Field Description

Bit	Field	Value	Description
31-24	保留	0	保留
23-16	停止	0-31	自定义数据字段的最高（或最重要）位。仅在长度=3或4时使用。
15-8	停止	0-31	自定义数据字段的最低（或最不重要）位。仅在长度=3或4时使用。
7-0	长度	0；1；2；3-4；5-FFhC	数据字段的长度 8位；16位；32位；自定义字段由停止位、开始位定义，目标地址的此字段之外的数据将保存；保留