解析天启rk3288源码 /kernel/drivers/char/virtd
virtd为编译后产生的中间文件,可使用ELF格式逆向
1、ELF文件内容解析
readelf: 可解析ELF文件的所有内容;
strings: 查看ELF文件中的字符串;
file : 查看ELF文件的信息;
nm : 查看ELF文件中的符号信息;
ldd : 查看ELF文件所依赖的库文件;
2、objdump
用于对ELF文件进行反汇编;
objdump -d ;反汇编部分可执行的二进制代码;
objdump -D ;反汇编全部的可执行的二进制代码;
objdump -S ;尽量把可执行的二进制代码反汇编成源码;
3、hexdump
以十六进制格式查看ELF格式的二进制可执行文件的内容;
hexdump -C elf_file_name
readelf -a virtd
查看文件信息
ELF Header:
Magic: 7f 4c
Class: ELF32
Data: 's complement, little endian
Version: (current)
OS/ABI: UNIX - System V
ABI Version:
Type: REL (Relocatable file)
Machine: ARM
Version: 0x1
Entry point address: 0x0
Start of program headers: (bytes into file)
Start of section headers: (bytes into file)
Flags: 0x5000000, Version5 EABI
Size of this header: (bytes)
Size of program headers: (bytes)
Number of program headers:
Size of section headers: (bytes)
Number of section headers:
Section header string table index: Section Headers:
[Nr] Name Type Addr Off Size ES Flg Lk Inf Al
[ ] NULL
[ ] .text PROGBITS AX
[ ] .rel.text REL 00226c
[ ] .init.text PROGBITS 00175c AX
[ ] .rel.init.text REL 0026fc
[ ] .exit.text PROGBITS 0017ec 00000c AX
[ ] .rel.exit.text REL 00275c
[ ] .rodata PROGBITS 0017f8 A
[ ] .rel.rodata REL 00276c
[ ] .rodata.str1. PROGBITS AMS
[] .ARM.extab.init.t PROGBITS 0019e0 A
[] .ARM.exidx.init.t ARM_EXIDX 0019e0 AL
[] .rel.ARM.exidx.in REL 00279c
[] .ARM.extab.exit.t PROGBITS 0019e8 A
[] .ARM.exidx.exit.t ARM_EXIDX 0019e8 AL
[] .rel.ARM.exidx.ex REL 0027ac
[] .ARM.extab PROGBITS 0019f0 00000c A
[] .ARM.exidx ARM_EXIDX 0019fc AL
[] .rel.ARM.exidx REL 0027bc
[] .data PROGBITS 001b2c WA
[] .rel.data REL
[] .exitcall.exit PROGBITS 001b74 WA
[] .rel.exitcall.exi REL 00293c
[] .initcall7s.init PROGBITS 001b78 WA
[] .rel.initcall7s.i REL
[] .bss NOBITS 001b7c WA
[] .note.GNU-stack PROGBITS 001b7c
[] .comment PROGBITS 001b7c 00008d MS
[] .ARM.attributes ARM_ATTRIBUTES 001c09 00002f
[] .shstrtab STRTAB 001c38
[] .symtab SYMTAB 00294c 000b80
[] .strtab STRTAB 0034cc 0005fc
Key to Flags:
W (write), A (alloc), X (execute), M (merge), S (strings)
I (info), L (link order), G (group), T (TLS), E (exclude), x (unknown)
O (extra OS processing required) o (OS specific), p (processor specific) There are no section groups in this file. There are no program headers in this file. Relocation section '.rel.text' at offset 0x226c contains entries:
Offset Info Type Sym.Value Sym. Name
R_ARM_ABS32 .text
0000007c R_ARM_ABS32 .text
R_ARM_ABS32 .text
R_ARM_ABS32 .text
R_ARM_ABS32 .text
00009e1c R_ARM_CALL memset
00009e1c R_ARM_CALL memset
0000014c 00009e1c R_ARM_CALL memset
00009e1c R_ARM_CALL memset
000001a4 0000871c R_ARM_CALL sg_init_one
000001c4 0000981c R_ARM_CALL mmc_set_data_timeout
000001d0 0000a31c R_ARM_CALL mmc_wait_for_req
000001ec 00009c1c R_ARM_CALL dev_err
00009c1c R_ARM_CALL dev_err
00007a1c R_ARM_CALL ioctl_rpmb_card_status
00009c1c R_ARM_CALL dev_err
R_ARM_ABS32 .rodata.str1.
0000025c R_ARM_ABS32 .rodata.str1.
R_ARM_ABS32 .rodata.str1.
0000961c R_ARM_CALL warn_slowpath_null
000002d0 0000801c R_ARM_CALL mmc_get_card
000002dc 0000a91c R_ARM_CALL mmc_blk_part_switch
000002fc 00009c1c R_ARM_CALL dev_err
0000030c 0000991c R_ARM_CALL mmc_blk_reset
0000b41c R_ARM_CALL mmc_blk_reset_success
00009c1c R_ARM_CALL dev_err
000003a8 00009c1c R_ARM_CALL dev_err
000003b0 0000771c R_ARM_CALL dev_get_drvdata
000003bc 0000a91c R_ARM_CALL mmc_blk_part_switch
000003c4 0000ab1c R_ARM_CALL mmc_put_card
000003e0 R_ARM_ABS32 .rodata.str1.
000003e4 R_ARM_ABS32 .rodata.str1.
000003e8 R_ARM_ABS32 .rodata.str1.
000003ec R_ARM_ABS32 .rodata.str1.
0000ae1c R_ARM_CALL mmc_blk_get
0000931c R_ARM_CALL mmc_blk_put
0000771c R_ARM_CALL dev_get_drvdata
000004a4 00008a1c R_ARM_CALL kmem_cache_alloc_trace
000004bc 00009b1c R_ARM_CALL __mutex_init
000004dc 0000b702 R_ARM_ABS32 kmalloc_caches
000004e0 00000f02 R_ARM_ABS32 .bss
000004e4 R_ARM_ABS32 .rodata.str1.
000004e8 00000c02 R_ARM_ABS32 .data
000005c4 00008f02 R_ARM_ABS32 arm_delay_ops
000005cc 00000f02 R_ARM_ABS32 .bss
000006c4 00008f02 R_ARM_ABS32 arm_delay_ops
0000901c R_ARM_CALL 000005e8 rk312x_efuse_readregs_
0000941c R_ARM_CALL crc32_le
0000941c R_ARM_CALL crc32_le
00008e02 R_ARM_ABS32 rockchip_soc_id
00000f02 R_ARM_ABS32 .bss
00000f02 R_ARM_ABS32 .bss
000007b4 0000821c R_ARM_CALL 000006d0 system_efuse_serial
000007dc 00008c02 R_ARM_ABS32 system_serial_low
000007e0 0000a802 R_ARM_ABS32 system_serial_high
000007e8 00007b1d R_ARM_JUMP24 complete
000007ec 00000c02 R_ARM_ABS32 .data
000007f4 0000a21d R_ARM_JUMP24 wait_for_completion
000007f8 00000c02 R_ARM_ABS32 .data
0000080c 0000771c R_ARM_CALL dev_get_drvdata
00008a1c R_ARM_CALL kmem_cache_alloc_trace
0000084c 0000831c R_ARM_CALL memcpy
0000861d R_ARM_JUMP24 000007e4 drm_dev_complete
0000b702 R_ARM_ABS32 kmalloc_caches
0000089c 00000c02 R_ARM_ABS32 .data
000008b0 0000851c R_ARM_CALL kfree
000008c0 0000851c R_ARM_CALL kfree
000008cc 00000f02 R_ARM_ABS32 .bss
000008d0 00000c02 R_ARM_ABS32 .data
000008e0 00000f02 R_ARM_ABS32 .bss
0000951c R_ARM_CALL mutex_lock
0000097c 0000a71c R_ARM_CALL 000008e4 drm_cmd_fixup
000009a8 0000aa1c R_ARM_CALL mutex_unlock
00000a18 R_ARM_ABS32 .text
00000a1c R_ARM_ABS32 .text
00000a20 R_ARM_ABS32 .text
00000a24 R_ARM_ABS32 .text
00000a50 0000a01c R_ARM_CALL __memzero
00000ac0 0000951c R_ARM_CALL mutex_lock
00000ad0 0000a71c R_ARM_CALL 000008e4 drm_cmd_fixup
00000af4 0000aa1c R_ARM_CALL mutex_unlock
00000bf8 0000951c R_ARM_CALL mutex_lock
00000c08 0000a71c R_ARM_CALL 000008e4 drm_cmd_fixup
00000c2c 0000aa1c R_ARM_CALL mutex_unlock
00000c4c 0000951c R_ARM_CALL mutex_lock
00000c60 0000831c R_ARM_CALL memcpy
00000c6c 0000aa1d R_ARM_JUMP24 mutex_unlock
00000ca4 0000831c R_ARM_CALL memcpy
00000cb4 00008a1c R_ARM_CALL kmem_cache_alloc_trace
00000cc8 00008a1c R_ARM_CALL kmem_cache_alloc_trace
00000dc4 0000af1c R_ARM_CALL drm_cmd_seq
00000dd0 0000b702 R_ARM_ABS32 kmalloc_caches
00000dd4 R_ARM_ABS32 .rodata
00000e8c 0000811c R_ARM_CALL 000005d4 dump_hex_buffer
00000e98 00009a1c R_ARM_CALL printk
00000ea4 R_ARM_ABS32 .rodata.str1.
00000ea8 R_ARM_ABS32 .rodata.str1.
0000971c R_ARM_CALL console_lock
0000104c 0000b51c R_ARM_CALL msleep
0000105c 00007e1c R_ARM_CALL __arm_ioremap
00009a1d R_ARM_JUMP24 printk
000010a4 R_ARM_ABS32 .rodata.str1.
000010a8 R_ARM_ABS32 outer_cache
000010b4 0000911c R_ARM_CALL 00000c70 drm_get_version
000010cc 0000761c R_ARM_CALL get_system_serial
000010d4 0000a61c R_ARM_CALL 00000c80 drm_get_data
0000881c R_ARM_CALL 000008d4 drm_dev_get
0000a51d R_ARM_JUMP24 nonseekable_open
0000ac1c R_ARM_CALL __get_user_4
0000ac1c R_ARM_CALL __get_user_4
00007c1c R_ARM_CALL memdup_user
0000b31c R_ARM_CALL __copy_from_user
0000121c 0000a01c R_ARM_CALL __memzero
0000124c 0000a01c R_ARM_CALL __memzero
0000731c R_ARM_CALL 00000b14 drm_read_cmd
000012a4 00007f1c R_ARM_CALL 000009bc drm_cmd_req
000012bc 0000811c R_ARM_CALL 000005d4 dump_hex_buffer
000012d0 0000811c R_ARM_CALL 000005d4 dump_hex_buffer
000012e4 0000811c R_ARM_CALL 000005d4 dump_hex_buffer
0000b21c R_ARM_CALL __copy_to_user
0000133c 0000851c R_ARM_CALL kfree
0000851c R_ARM_CALL kfree
0000136c R_ARM_ABS32 .rodata.str1.
R_ARM_ABS32 .rodata.str1.
R_ARM_ABS32 .rodata.str1.
00008d1c R_ARM_CALL capable
000013c8 0000b31c R_ARM_CALL __copy_from_user
000013dc 0000a01c R_ARM_CALL __memzero
0000b61c R_ARM_CALL __kmalloc
0000af1c R_ARM_CALL drm_cmd_seq
000014b4 0000b21c R_ARM_CALL __copy_to_user
000014fc 0000851c R_ARM_CALL kfree
0000851c R_ARM_CALL kfree
000015d4 0000761c R_ARM_CALL get_system_serial
0000911c R_ARM_CALL 00000c70 drm_get_version
0000a61c R_ARM_CALL 00000c80 drm_get_data
0000811c R_ARM_CALL 000005d4 dump_hex_buffer
0000b21c R_ARM_CALL __copy_to_user
000016b8 0000811c R_ARM_CALL 000005d4 dump_hex_buffer
000016c0 0000741c R_ARM_CALL 00000c88 drm_get_frames_without
000016c8 0000b01c R_ARM_CALL 00000c44 drm_refresh_data
000016d0 0000a61c R_ARM_CALL 00000c80 drm_get_data
000016e0 0000811c R_ARM_CALL 000005d4 dump_hex_buffer
R_ARM_ABS32 .rodata.str1.
R_ARM_ABS32 .rodata.str1.
0000171c R_ARM_ABS32 .rodata.str1. Relocation section '.rel.init.text' at offset 0x26fc contains entries:
Offset Info Type Sym.Value Sym. Name
0000791c R_ARM_CALL 000007f0 drm_dev_wait
0000881c R_ARM_CALL 000008d4 drm_dev_get
00009f1c R_ARM_CALL 000007ac system_serial_init
0000001c 0000741c R_ARM_CALL 00000c88 drm_get_frames_without
0000b01c R_ARM_CALL 00000c44 drm_refresh_data
0000002c 0000a41c R_ARM_CALL 000010ac drm_check
00009a1c R_ARM_CALL printk
0000a11c R_ARM_CALL misc_register
00008b1c R_ARM_CALL 0000103c vendor_do_fail
00008e02 R_ARM_ABS32 rockchip_soc_id
R_ARM_ABS32 .rodata.str1.
0000008c 00000c02 R_ARM_ABS32 .data Relocation section '.rel.exit.text' at offset 0x275c contains entries:
Offset Info Type Sym.Value Sym. Name
0000751d R_ARM_JUMP24 misc_deregister
00000c02 R_ARM_ABS32 .data Relocation section '.rel.rodata' at offset 0x276c contains entries:
Offset Info Type Sym.Value Sym. Name
00004b02 R_ARM_ABS32 00000f88 vendor_encode_v1
0000001c 00004a02 R_ARM_ABS32 00000f3c vendor_decode_v1
R_ARM_ABS32 noop_llseek
R_ARM_ABS32 drm_ioctl
R_ARM_ABS32 000010f8 drm_open
R_ARM_ABS32 000010f0 drm_release Relocation section '.rel.ARM.exidx.init.text' at offset 0x279c contains entries:
Offset Info Type Sym.Value Sym. Name
0000022a R_ARM_PREL31 .init.text
00007d00 R_ARM_NONE __aeabi_unwind_cpp_pr0 Relocation section '.rel.ARM.exidx.exit.text' at offset 0x27ac contains entries:
Offset Info Type Sym.Value Sym. Name
0000032a R_ARM_PREL31 .exit.text
00007d00 R_ARM_NONE __aeabi_unwind_cpp_pr0 Relocation section '.rel.ARM.exidx' at offset 0x27bc contains entries:
Offset Info Type Sym.Value Sym. Name
0000012a R_ARM_PREL31 .text
00007d00 R_ARM_NONE __aeabi_unwind_cpp_pr0
0000012a R_ARM_PREL31 .text
0000012a R_ARM_PREL31 .text
0000012a R_ARM_PREL31 .text
0000012a R_ARM_PREL31 .text
0000012a R_ARM_PREL31 .text
0000012a R_ARM_PREL31 .text
0000012a R_ARM_PREL31 .text
0000b100 R_ARM_NONE __aeabi_unwind_cpp_pr1
0000003c 00000a2a R_ARM_PREL31 .ARM.extab
0000012a R_ARM_PREL31 .text
0000012a R_ARM_PREL31 .text
0000012a R_ARM_PREL31 .text
0000012a R_ARM_PREL31 .text
0000012a R_ARM_PREL31 .text
0000012a R_ARM_PREL31 .text
0000012a R_ARM_PREL31 .text
0000012a R_ARM_PREL31 .text
0000012a R_ARM_PREL31 .text
0000012a R_ARM_PREL31 .text
0000012a R_ARM_PREL31 .text
0000012a R_ARM_PREL31 .text
000000a0 0000012a R_ARM_PREL31 .text
000000a8 0000012a R_ARM_PREL31 .text
000000b0 0000012a R_ARM_PREL31 .text
000000b8 0000012a R_ARM_PREL31 .text
000000c0 0000012a R_ARM_PREL31 .text
000000c8 0000012a R_ARM_PREL31 .text
000000c8 00007d00 R_ARM_NONE __aeabi_unwind_cpp_pr0
000000d0 0000012a R_ARM_PREL31 .text
000000d8 0000012a R_ARM_PREL31 .text
000000e0 0000012a R_ARM_PREL31 .text
000000e8 0000012a R_ARM_PREL31 .text
000000f0 0000012a R_ARM_PREL31 .text
000000f8 0000012a R_ARM_PREL31 .text
000000f8 00007d00 R_ARM_NONE __aeabi_unwind_cpp_pr0
0000012a R_ARM_PREL31 .text
0000012a R_ARM_PREL31 .text
0000012a R_ARM_PREL31 .text
0000012a R_ARM_PREL31 .text
0000012a R_ARM_PREL31 .text
0000012a R_ARM_PREL31 .text Relocation section '.rel.data' at offset 0x2914 contains entries:
Offset Info Type Sym.Value Sym. Name
00001f02 R_ARM_ABS32 000003f0 mmc_blk_drm_cmd_seq
0000001c 00009d02 R_ARM_ABS32 comp_rdev
00009d02 R_ARM_ABS32 comp_rdev
R_ARM_ABS32 .rodata.str1.
0000002c R_ARM_ABS32 .rodata Relocation section '.rel.exitcall.exit' at offset 0x293c contains entries:
Offset Info Type Sym.Value Sym. Name
R_ARM_ABS32 drm_misc_exit Relocation section '.rel.initcall7s.init' at offset 0x2944 contains entries:
Offset Info Type Sym.Value Sym. Name
R_ARM_ABS32 drm_misc_init Unwind table index '.ARM.exidx.init.text' at offset 0x19e0 contains entries: 0x0 <drm_misc_init>: 0x80a8b0b0
Compact model index:
0xa8 pop {r4, r14}
0xb0 finish
0xb0 finish Unwind table index '.ARM.exidx.exit.text' at offset 0x19e8 contains entries: 0x0 <drm_misc_exit>: 0x80b0b0b0
Compact model index:
0xb0 finish
0xb0 finish
0xb0 finish Unwind table index '.ARM.exidx' at offset 0x19fc contains entries: 0x0 <drm_request_verify>: 0x80a9b0b0
Compact model index:
0xa9 pop {r4, r5, r14}
0xb0 finish
0xb0 finish 0xdc <mmc_drm_send_cmd>: 0x8036afb0
Compact model index:
0x36 vsp = vsp +
0xaf pop {r4, r5, r6, r7, r8, r9, r10, r11, r14}
0xb0 finish 0x264 <mmc_blk_drm_process>: 0x80b103ac
Compact model index:
0xb1 0x03 pop {r0, r1}
0xac pop {r4, r5, r6, r7, r8, r14} 0x3f0 <mmc_blk_drm_cmd_seq>: 0x80aab0b0
Compact model index:
0xaa pop {r4, r5, r6, r14}
0xb0 finish
0xb0 finish 0x440 <mmc_blk_drm_part_get>: 0x80b0b0b0
Compact model index:
0xb0 finish
0xb0 finish
0xb0 finish 0x47c <drm_rdev_init.constprop.>: 0x80aab0b0
Compact model index:
0xaa pop {r4, r5, r6, r14}
0xb0 finish
0xb0 finish 0x4ec <rk3288_efuse_readregs_drm.constprop.>: 0x80acb0b0
Compact model index:
0xac pop {r4, r5, r6, r7, r8, r14}
0xb0 finish
0xb0 finish 0x5d4 <dump_hex_buffer>: @0x0
Compact model index:
0x9b vsp = r11
0x40 vsp = vsp -
0x84 0x80 pop {r11, r14}
0xb0 finish
0xb0 finish 0x5e8 <rk312x_efuse_readregs_drm>: 0x80b108af
Compact model index:
0xb1 0x08 pop {r3}
0xaf pop {r4, r5, r6, r7, r8, r9, r10, r11, r14} 0x6d0 <system_efuse_serial>: 0x8004a9b0
Compact model index:
0x04 vsp = vsp +
0xa9 pop {r4, r5, r14}
0xb0 finish 0x798 <get_system_serial>: 0x80b0b0b0
Compact model index:
0xb0 finish
0xb0 finish
0xb0 finish 0x7ac <system_serial_init>: 0x80a8b0b0
Compact model index:
0xa8 pop {r4, r14}
0xb0 finish
0xb0 finish 0x7e4 <drm_dev_complete>: 0x80b0b0b0
Compact model index:
0xb0 finish
0xb0 finish
0xb0 finish 0x7f0 <drm_dev_wait>: 0x80b0b0b0
Compact model index:
0xb0 finish
0xb0 finish
0xb0 finish 0x7fc <mmc_blk_emmc_add>: 0x80aab0b0
Compact model index:
0xaa pop {r4, r5, r6, r14}
0xb0 finish
0xb0 finish 0x8a0 <mmc_blk_emmc_remove>: 0x80b108a9
Compact model index:
0xb1 0x08 pop {r3}
0xa9 pop {r4, r5, r14} 0x8d4 <drm_dev_get>: 0x80b0b0b0
Compact model index:
0xb0 finish
0xb0 finish
0xb0 finish 0x8e4 <drm_cmd_fixup>: 0x80a9b0b0
Compact model index:
0xa9 pop {r4, r5, r14}
0xb0 finish
0xb0 finish 0x930 <drm_cmd_seq>: 0x80aab0b0
Compact model index:
0xaa pop {r4, r5, r6, r14}
0xb0 finish
0xb0 finish 0x9bc <drm_cmd_req>: 0x800bacb0
Compact model index:
0x0b vsp = vsp +
0xac pop {r4, r5, r6, r7, r8, r14}
0xb0 finish 0xb14 <drm_read_cmd>: 0x800ca9b0
Compact model index:
0x0c vsp = vsp +
0xa9 pop {r4, r5, r14}
0xb0 finish 0xc44 <drm_refresh_data>: 0x80a8b0b0
Compact model index:
0xa8 pop {r4, r14}
0xb0 finish
0xb0 finish 0xc70 <drm_get_version>: 0x80b0b0b0
Compact model index:
0xb0 finish
0xb0 finish
0xb0 finish 0xc80 <drm_get_data>: 0x80b0b0b0
Compact model index:
0xb0 finish
0xb0 finish
0xb0 finish 0xc88 <drm_get_frames_without_key>: 0x8010a9b0
Compact model index:
0x10 vsp = vsp +
0xa9 pop {r4, r5, r14}
0xb0 finish 0xdd8 <underground_explode>: 0x80b10fa8
Compact model index:
0xb1 0x0f pop {r0, r1, r2, r3}
0xa8 pop {r4, r14} 0xeac <vendor_decode_v1.part.>: 0x80aab0b0
Compact model index:
0xaa pop {r4, r5, r6, r14}
0xb0 finish
0xb0 finish 0xf3c <vendor_decode_v1>: 0x80a8b0b0
Compact model index:
0xa8 pop {r4, r14}
0xb0 finish
0xb0 finish 0xf88 <vendor_encode_v1>: 0x8001b0b0
Compact model index:
0x01 vsp = vsp +
0xb0 finish
0xb0 finish 0x103c <vendor_do_fail>: 0x80a8b0b0
Compact model index:
0xa8 pop {r4, r14}
0xb0 finish
0xb0 finish 0x10ac <drm_check>: 0x80b103a8
Compact model index:
0xb1 0x03 pop {r0, r1}
0xa8 pop {r4, r14} 0x10f0 <drm_release>: 0x80b0b0b0
Compact model index:
0xb0 finish
0xb0 finish
0xb0 finish 0x10f8 <drm_open>: 0x80b108a9
Compact model index:
0xb1 0x08 pop {r3}
0xa9 pop {r4, r5, r14} 0x112c <drm_cmd_copy_from_user>: 0x80b108a9
Compact model index:
0xb1 0x08 pop {r3}
0xa9 pop {r4, r5, r14} 0x11a8 <drm_ioctl_req_cmd>: 0x800c3fab
Compact model index:
0x0c vsp = vsp +
0x3f vsp = vsp +
0xab pop {r4, r5, r6, r7, r14} 0x1378 <drm_ioctl_seq_cmd>: 0x80b10fae
Compact model index:
0xb1 0x0f pop {r0, r1, r2, r3}
0xae pop {r4, r5, r6, r7, r8, r9, r10, r14} 0x1548 <__drm_ioctl>: 0x8004a9b0
Compact model index:
0x04 vsp = vsp +
0xa9 pop {r4, r5, r14}
0xb0 finish 0x1724 <drm_ioctl>: 0x80b0b0b0
Compact model index:
0xb0 finish
0xb0 finish
0xb0 finish Symbol table '.symtab' contains entries:
Num: Value Size Type Bind Vis Ndx Name
: NOTYPE LOCAL DEFAULT UND
: SECTION LOCAL DEFAULT
: SECTION LOCAL DEFAULT
: SECTION LOCAL DEFAULT
: SECTION LOCAL DEFAULT
: SECTION LOCAL DEFAULT
: SECTION LOCAL DEFAULT
: SECTION LOCAL DEFAULT
: SECTION LOCAL DEFAULT
: SECTION LOCAL DEFAULT
: SECTION LOCAL DEFAULT
: SECTION LOCAL DEFAULT
: SECTION LOCAL DEFAULT
: SECTION LOCAL DEFAULT
: SECTION LOCAL DEFAULT
: SECTION LOCAL DEFAULT
: SECTION LOCAL DEFAULT
: SECTION LOCAL DEFAULT
: SECTION LOCAL DEFAULT
: FILE LOCAL DEFAULT ABS core.c
: NOTYPE LOCAL DEFAULT $a
: FUNC LOCAL DEFAULT drm_request_verify
: NOTYPE LOCAL DEFAULT $d
: 0000008c NOTYPE LOCAL DEFAULT $a
: NOTYPE LOCAL DEFAULT $d
: 000000dc FUNC LOCAL DEFAULT mmc_drm_send_cmd
: NOTYPE LOCAL DEFAULT $d
: NOTYPE LOCAL DEFAULT $a
: FUNC LOCAL DEFAULT mmc_blk_drm_process
: 000003e0 NOTYPE LOCAL DEFAULT $d
: 000003f0 NOTYPE LOCAL DEFAULT $a
: 000003f0 FUNC LOCAL DEFAULT mmc_blk_drm_cmd_seq
: FUNC LOCAL DEFAULT mmc_blk_drm_part_get
: 0000047c FUNC LOCAL DEFAULT drm_rdev_init.constprop.
: 000004dc NOTYPE LOCAL DEFAULT $d
: 000004ec NOTYPE LOCAL DEFAULT $a
: 000004ec FUNC LOCAL DEFAULT rk3288_efuse_readregs_drm
: 000005c0 NOTYPE LOCAL DEFAULT $d
: 000005d4 NOTYPE LOCAL DEFAULT $a
: NOTYPE LOCAL DEFAULT $d
: 000006c0 NOTYPE LOCAL DEFAULT $d
: 000006d0 NOTYPE LOCAL DEFAULT $a
: NOTYPE LOCAL DEFAULT $d
: NOTYPE LOCAL DEFAULT $a
: 000007dc NOTYPE LOCAL DEFAULT $d
: 000007e4 NOTYPE LOCAL DEFAULT $a
: 000007ec NOTYPE LOCAL DEFAULT $d
: 000007f0 NOTYPE LOCAL DEFAULT $a
: 000007f8 NOTYPE LOCAL DEFAULT $d
: 000007fc NOTYPE LOCAL DEFAULT $a
: NOTYPE LOCAL DEFAULT $d
: 000008a0 NOTYPE LOCAL DEFAULT $a
: 000008cc NOTYPE LOCAL DEFAULT $d
: 000008d4 NOTYPE LOCAL DEFAULT $a
: 000008e0 NOTYPE LOCAL DEFAULT $d
: 000008e4 NOTYPE LOCAL DEFAULT $a
: 00000a18 NOTYPE LOCAL DEFAULT $d
: 00000a28 NOTYPE LOCAL DEFAULT $a
: 00000dd0 NOTYPE LOCAL DEFAULT $d
: NOTYPE LOCAL DEFAULT $d
: OBJECT LOCAL DEFAULT mmc_drm_dev_ops
: NOTYPE LOCAL DEFAULT $d
: OBJECT LOCAL DEFAULT __key.
: OBJECT LOCAL DEFAULT grdev
: OBJECT LOCAL DEFAULT id_buf.
: FILE LOCAL DEFAULT ABS drm.c
: 00000dd8 NOTYPE LOCAL DEFAULT $a
: 00000dd8 FUNC LOCAL DEFAULT underground_explode
: 00000ea4 NOTYPE LOCAL DEFAULT $d
: 000000c8 NOTYPE LOCAL DEFAULT $d
: 00000eac NOTYPE LOCAL DEFAULT $a
: 00000eac FUNC LOCAL DEFAULT vendor_decode_v1.part.
: 00000f34 NOTYPE LOCAL DEFAULT $d
: 00000f3c NOTYPE LOCAL DEFAULT $a
: 00000f3c FUNC LOCAL DEFAULT vendor_decode_v1
: 00000f88 FUNC LOCAL DEFAULT vendor_encode_v1
: NOTYPE LOCAL DEFAULT $d
: 0000103c NOTYPE LOCAL DEFAULT $a
: 000010a0 NOTYPE LOCAL DEFAULT $d
: 000010ac NOTYPE LOCAL DEFAULT $a
: NOTYPE LOCAL DEFAULT $d
: FILE LOCAL DEFAULT ABS mdev.c
: 000010f0 NOTYPE LOCAL DEFAULT $a
: 000010f0 FUNC LOCAL DEFAULT drm_release
: 000000f8 NOTYPE LOCAL DEFAULT $d
: NOTYPE LOCAL DEFAULT $a
: FUNC LOCAL DEFAULT drm_misc_init
: NOTYPE LOCAL DEFAULT $d
: NOTYPE LOCAL DEFAULT $d
: 000010f8 FUNC LOCAL DEFAULT drm_open
: 0000112c FUNC LOCAL DEFAULT drm_cmd_copy_from_user
: 000011a8 FUNC LOCAL DEFAULT drm_ioctl_req_cmd
: NOTYPE LOCAL DEFAULT $d
: NOTYPE LOCAL DEFAULT $a
: FUNC LOCAL DEFAULT drm_ioctl_seq_cmd
: FUNC LOCAL DEFAULT __drm_ioctl
: NOTYPE LOCAL DEFAULT $d
: NOTYPE LOCAL DEFAULT $a
: FUNC LOCAL DEFAULT drm_ioctl
: NOTYPE LOCAL DEFAULT $a
: FUNC LOCAL DEFAULT drm_misc_exit
: NOTYPE LOCAL DEFAULT $d
: NOTYPE LOCAL DEFAULT $d
: NOTYPE LOCAL DEFAULT $d
: OBJECT LOCAL DEFAULT drm_fops
: NOTYPE LOCAL DEFAULT $d
: OBJECT LOCAL DEFAULT __exitcall_drm_misc_exit
: NOTYPE LOCAL DEFAULT $d
: OBJECT LOCAL DEFAULT vmdrm_miscdev
: NOTYPE LOCAL DEFAULT $d
: OBJECT LOCAL DEFAULT __initcall_drm_misc_init7
: NOTYPE LOCAL DEFAULT $d
: NOTYPE LOCAL DEFAULT $d
: 000000c9 NOTYPE LOCAL DEFAULT $d
: NOTYPE LOCAL DEFAULT $d
: 00000b14 FUNC GLOBAL DEFAULT drm_read_cmd
: 00000c88 FUNC GLOBAL DEFAULT drm_get_frames_without_ke
: NOTYPE GLOBAL DEFAULT UND misc_deregister
: FUNC GLOBAL DEFAULT get_system_serial
: NOTYPE GLOBAL DEFAULT UND dev_get_drvdata
: NOTYPE GLOBAL DEFAULT UND outer_cache
: 000007f0 FUNC GLOBAL DEFAULT drm_dev_wait
: NOTYPE GLOBAL DEFAULT UND ioctl_rpmb_card_status_po
: NOTYPE GLOBAL DEFAULT UND complete
: NOTYPE GLOBAL DEFAULT UND memdup_user
: NOTYPE GLOBAL DEFAULT UND __aeabi_unwind_cpp_pr0
: NOTYPE GLOBAL DEFAULT UND __arm_ioremap
: 000009bc FUNC GLOBAL DEFAULT drm_cmd_req
: NOTYPE GLOBAL DEFAULT UND mmc_get_card
: 000005d4 FUNC GLOBAL DEFAULT dump_hex_buffer
: 000006d0 FUNC GLOBAL DEFAULT system_efuse_serial
: NOTYPE GLOBAL DEFAULT UND memcpy
: OBJECT GLOBAL DEFAULT gvlist
: NOTYPE GLOBAL DEFAULT UND kfree
: 000007e4 FUNC GLOBAL DEFAULT drm_dev_complete
: NOTYPE GLOBAL DEFAULT UND sg_init_one
: 000008d4 FUNC GLOBAL DEFAULT drm_dev_get
: 000008a0 FUNC GLOBAL DEFAULT mmc_blk_emmc_remove
: NOTYPE GLOBAL DEFAULT UND kmem_cache_alloc_trace
: 0000103c FUNC GLOBAL DEFAULT vendor_do_fail
: NOTYPE GLOBAL DEFAULT UND system_serial_low
: NOTYPE GLOBAL DEFAULT UND capable
: NOTYPE GLOBAL DEFAULT UND rockchip_soc_id
: NOTYPE GLOBAL DEFAULT UND arm_delay_ops
: 000005e8 FUNC GLOBAL DEFAULT rk312x_efuse_readregs_drm
: 00000c70 FUNC GLOBAL DEFAULT drm_get_version
: NOTYPE GLOBAL DEFAULT UND noop_llseek
: NOTYPE GLOBAL DEFAULT UND mmc_blk_put
: NOTYPE GLOBAL DEFAULT UND crc32_le
: NOTYPE GLOBAL DEFAULT UND mutex_lock
: NOTYPE GLOBAL DEFAULT UND warn_slowpath_null
: NOTYPE GLOBAL DEFAULT UND console_lock
: NOTYPE GLOBAL DEFAULT UND mmc_set_data_timeout
: NOTYPE GLOBAL DEFAULT UND mmc_blk_reset
: NOTYPE GLOBAL DEFAULT UND printk
: NOTYPE GLOBAL DEFAULT UND __mutex_init
: NOTYPE GLOBAL DEFAULT UND dev_err
: OBJECT GLOBAL DEFAULT comp_rdev
: NOTYPE GLOBAL DEFAULT UND memset
: 000007ac FUNC GLOBAL DEFAULT system_serial_init
: NOTYPE GLOBAL DEFAULT UND __memzero
: NOTYPE GLOBAL DEFAULT UND misc_register
: NOTYPE GLOBAL DEFAULT UND wait_for_completion
: NOTYPE GLOBAL DEFAULT UND mmc_wait_for_req
: 000010ac FUNC GLOBAL DEFAULT drm_check
: NOTYPE GLOBAL DEFAULT UND nonseekable_open
: 00000c80 FUNC GLOBAL DEFAULT drm_get_data
: 000008e4 FUNC GLOBAL DEFAULT drm_cmd_fixup
: NOTYPE GLOBAL DEFAULT UND system_serial_high
: NOTYPE GLOBAL DEFAULT UND mmc_blk_part_switch
: NOTYPE GLOBAL DEFAULT UND mutex_unlock
: NOTYPE GLOBAL DEFAULT UND mmc_put_card
: NOTYPE GLOBAL DEFAULT UND __get_user_4
: 000007fc FUNC GLOBAL DEFAULT mmc_blk_emmc_add
: NOTYPE GLOBAL DEFAULT UND mmc_blk_get
: FUNC GLOBAL DEFAULT drm_cmd_seq
: 00000c44 FUNC GLOBAL DEFAULT drm_refresh_data
: NOTYPE GLOBAL DEFAULT UND __aeabi_unwind_cpp_pr1
: NOTYPE GLOBAL DEFAULT UND __copy_to_user
: NOTYPE GLOBAL DEFAULT UND __copy_from_user
: NOTYPE GLOBAL DEFAULT UND mmc_blk_reset_success
: NOTYPE GLOBAL DEFAULT UND msleep
: NOTYPE GLOBAL DEFAULT UND __kmalloc
: NOTYPE GLOBAL DEFAULT UND kmalloc_caches
查看程序静态文本
strings -a virtd
cmd error (%d)
data error (%d)
Card Status=0x%08X, error %d
drivers/char/drm/core.c
Invalid RPMB partition switch (%d)!
eMMC card reset failed (%d)
failed (%d) to handle RPMB request
&rdev->lock
randNum:
3error to ioremap base 67ff base
ret %d
key_mac[out]:
nonce[out]:
data:
data:
before data:
new data:
vmdrm0
GCC: (GNU) 4.6.x-google (prerelease)
GCC: (GNU) 4.6.x-google (prerelease)
GCC: (GNU) 4.6.x-google (prerelease)
aeabi
.symtab
.strtab
.shstrtab
.rel.text
.rel.init.text
.rel.exit.text
.rel.rodata
.rodata.str1.
.ARM.extab.init.text
.rel.ARM.exidx.init.text
.ARM.extab.exit.text
.rel.ARM.exidx.exit.text
.ARM.extab
.rel.ARM.exidx
.rel.data
.rel.exitcall.exit
.rel.initcall7s.init
.bss
.note.GNU-stack
.comment
.ARM.attributes
core.c
drm_request_verify
mmc_drm_send_cmd
mmc_blk_drm_process
mmc_blk_drm_cmd_seq
mmc_blk_drm_part_get
drm_rdev_init.constprop.
rk3288_efuse_readregs_drm.constprop.
mmc_drm_dev_ops
__key.
grdev
id_buf.
drm.c
underground_explode
vendor_decode_v1.part.
vendor_decode_v1
vendor_encode_v1
mdev.c
drm_release
drm_misc_init
drm_open
drm_cmd_copy_from_user
drm_ioctl_req_cmd
drm_ioctl_seq_cmd
__drm_ioctl
drm_ioctl
drm_misc_exit
drm_fops
__exitcall_drm_misc_exit
vmdrm_miscdev
__initcall_drm_misc_init7s
drm_read_cmd
drm_get_frames_without_key
misc_deregister
get_system_serial
dev_get_drvdata
outer_cache
drm_dev_wait
ioctl_rpmb_card_status_poll
complete
memdup_user
__aeabi_unwind_cpp_pr0
__arm_ioremap
drm_cmd_req
mmc_get_card
dump_hex_buffer
system_efuse_serial
memcpy
gvlist
kfree
drm_dev_complete
sg_init_one
drm_dev_get
mmc_blk_emmc_remove
kmem_cache_alloc_trace
vendor_do_fail
system_serial_low
capable
rockchip_soc_id
arm_delay_ops
rk312x_efuse_readregs_drm
drm_get_version
noop_llseek
mmc_blk_put
crc32_le
mutex_lock
warn_slowpath_null
console_lock
mmc_set_data_timeout
mmc_blk_reset
printk
__mutex_init
dev_err
comp_rdev
memset
system_serial_init
__memzero
misc_register
wait_for_completion
mmc_wait_for_req
drm_check
nonseekable_open
drm_get_data
drm_cmd_fixup
system_serial_high
mmc_blk_part_switch
mutex_unlock
mmc_put_card
__get_user_4
mmc_blk_emmc_add
mmc_blk_get
drm_cmd_seq
drm_refresh_data
__aeabi_unwind_cpp_pr1
__copy_to_user
__copy_from_user
mmc_blk_reset_success
msleep
__kmalloc
kmalloc_caches
发现一段字符串是 ret %d
跟日志打印吻合,ret 1024,为了查找这个原始打印也废了很大劲
[ 2.456978] sensor_init: Probe name sensors
[ 2.456995] sensor-dev.c v1. add angle calculation support between two gsensors --
[ 2.457525] rtc_hym8563 -: setting system clock to -- :: UTC ()
[ 2.463556] rockchip-spdif-card rockchip-spdif-card.: rk-hdmi-spdif-hifi <-> ff880000.rockchip-spdif mapping ok
[ 2.464517] ret
[ 2.464896] usbcore: registered new interface driver snd-usb-audio
[ 2.464903] ALSA device list:
[ 2.464908] #: RK_ES8323
[ 2.464912] #: RK-SPDIF-CARD
我们可以根据里边的函数名称,去找kernel中哪些文件使用过这些函数,并去git还原老版本,估计关联很多。
未解决。。。。。。。。
待续
先暴力恢复老版本,等以后有空了再适配
git reset --hard f5535b6cbc2264aacf9927a95490ae10b00c4fb7
重新编译烧录就可以正常启动android
但还是有几点疑惑:
1. 为什么其他型号的rk3288烧录最新系统会卡在内核驱动初始化,天启自己的rk3288w 1650批次的没问题,但是其他rk3288w 1652 等以后生产的都不行
2. 为什么出问题系统都会卡在这里drm_misc_init,kernel/drivers/char/virtd这个文件到底是为了优化什么功能的,为什么天启不提供源文件,国内都是这样的开源?
解析天启rk3288源码 /kernel/drivers/char/virtd的更多相关文章
- rest_framework解析器组件源码流程
rest_framework解析器组件源码流程 解析器顾名思义就是对请求体进行解析.为什么要有解析器?原因很简单,当后台和前端进行交互的时候数据类型不一定都是表单数据或者json,当然也有其他类型的数 ...
- 详细解析Thinkphp5.1源码执行入口文件index.php运行过程
详细解析Thinkphp5.1源码执行入口文件index.php运行过程 运行了public目录下的index.php文件后,tp的运行整个运行过程的解析 入口文件index.php代码如下: < ...
- C#/ASP.NET MVC微信公众号接口开发之从零开发(二) 接收微信消息并且解析XML(附源码)
文章导读: C#微信公众号接口开发之从零开发(一) 接入微信公众平台 微信接入之后,微信通过我们接入的地址进行通信,其中的原理是微信用户发送消息给微信公众账号,微信服务器将消息以xml的形式发送到我们 ...
- JAVA常用集合源码解析系列-ArrayList源码解析(基于JDK8)
文章系作者原创,如有转载请注明出处,如有雷同,那就雷同吧~(who care!) 一.写在前面 这是源码分析计划的第一篇,博主准备把一些常用的集合源码过一遍,比如:ArrayList.HashMap及 ...
- 源码解析之HashMap源码
关于HashMap的源码分析,网上已经有很多写的非常好的文章了,虽然多是基于java1.8版本以下的.Java1.8版本的HashMap源码做了些改进,理解起来更复杂点,但也不脱离其桶+链表或树的重心 ...
- [java源码解析]对HashMap源码的分析(二)
上文我们讲了HashMap那骚骚的逻辑结构,这一篇我们来吹吹它的实现思想,也就是算法层面.有兴趣看下或者回顾上一篇HashMap逻辑层面的,可以看下HashMap源码解析(一).使用了哈希表得“拉链法 ...
- Spring 源码解析之DispatcherServlet源码解析(五)
spring的整个请求流程都是围绕着DispatcherServlet进行的 类结构图 根据类的结构来说DispatcherServlet本身也是继承了HttpServlet的,所有的请求都是根据这一 ...
- AQS源码解析(一)-AtomicBoolean源码解析
基本类: AtomicInteger AtomicLong AtomicBoolean 数组类型: AtomicIntegerArray AtomicLongArray AtomicReference ...
- 深入解析Underscore.js源码架构
Underscore.js是很有名的一个工具库,我也经常用他来处理对象,数组等,本文会深入解析Underscore源码架构,跟大家一起学习下他源码的亮点,然后模仿他写一个简单的架子来加深理解.他的源码 ...
随机推荐
- 使用Github 当作自己个人博客的图床
使用Github 当作自己个人博客的图床 前提 本文前提: 我个人博客的草稿是存放在 github上的一个仓库 diarynote 截图存放的图片或者需要放在文章中图片,会固定存放在对应的文件夹中,我 ...
- 前端每日实战:32# 视频演示如何用纯 CSS 创作六边形按钮特效
效果预览 按下右侧的"点击预览"按钮可以在当前页面预览,点击链接可以全屏预览. https://codepen.io/comehope/pen/xjoOeM 可交互视频教程 此视频 ...
- 【HDOJ6662】Acesrc and Travel(树形DP,换根)
题意:有一棵n个点的树,每个点上有两个值a[i],b[i] A和B在树上行动,A到达i能得到a[i]的偷税值,B能得到b[i],每次行动只能选择相邻的点作为目标 两个人都想最大化自己的偷税值和对方的差 ...
- 谈谈vue双向数据绑定问题
vue是MVVM模型,vueObserver 数据监听器,把一个普通的 JavaScript 对象传给 Vue 实例的 data 选项,Vue 将遍历此对象所有的属性,并使用Object.define ...
- <!DOCTYPE>是什么
所有浏览器都支持<!DOCTYPE> 概念 是指web浏览器关于页面使用哪个html版本进行编写的指令. 常用DOCTYPE声明 html 5 <!DOCTYPE html> ...
- Vagrant 手册之 Vagrantfile - 提示及技巧
原文地址 Vagrantfile 是一种非常灵活的配置格式.语法基于 Ruby,可以用它做很多事情.在本页使用一些提示和技巧时,请注意正确使用它们. 1. 使用循环定义虚拟机 如果你想对多机器应用稍微 ...
- vue封装分页组件
element提供的分页是已经封装好的组件,在这里再次封装是为了避免每个用到分页的页面点击跳转时都要写一遍跳转请求 分页组件 <!--分页组件--> <template> &l ...
- 【ABAP系列】SAP ABAP模块-ABAP动态指针写法的精髓部分
公众号:SAP Technical 本文作者:matinal 原文出处:http://www.cnblogs.com/SAPmatinal/ 原文链接:[ABAP系列]SAP ABAP模块-ABAP动 ...
- DbWrench001--简介
DbWrench--简介 mac下载地址:http://www.dbwrench.com/ DbWrench 工具等价于powerdesigner 均为数据库原型设计工具 DbWrench 详细介绍 ...
- python 可变类型和不可变类型
1. 什么是不可变类型变量对应的值中的数据是不能被修改,如果修改就会生成一个新的值从而分配新的内存空间.不可变类型: 数字(int,long,float) 布尔(bool) 字符串(string) 元 ...