的ARM / Thumb code固件补丁...如何告诉GCC汇编器/连接器能BL绝对地址? [英] ARM/Thumb code for firmware patches...How to tell gcc assembler / linker to BL to absolute addr?
问题描述
我想写一个固件MOD(现有的固件,对此我没有源$ C $ C)
所有Thumb code。
I'm trying to write a firmware mod (to existing firmware, for which i don't have source code) All Thumb code.
没有任何人有任何想法如何做到这一点,在 gcc作为(GAS)汇编:
使用 BL 无需手动计算偏移,当 BL ING现有的一些功能(不是在我的$ C $ ç..但我知道它的地址)
does anybody have any idea how to do this, in gcc as (GAS) assembler:
Use BL without having to manually calculate offsets, when BL'ing to some existing function (not in my code.. but i know its address)
目前,如果我想使用 BL ...我必须:
-go回到我的code
- 图并添加所有这将导致在组装我正在写的功能,所有的previous指令字节
-add我的函数到的开头地址(我指定我正在写什么的起始地址,在链接脚本)
- 然后在。减去firmfunc函数的地址,我想打电话给
Currently, if i want to use BL ...i have to :
-go back in my code
-figure out and add all the bytes that would result from assembling all the previous instructions in the function i'm writing
-add the begining address of my function to that (i specify the starting address of what i'm writing, in the linker script)
-and then substract the address of the firmfunc function i want to call
这一切...只是计算偏移......要能写 BL 偏移...打电话给现有的固件功能?
如果我是BL之前更改任何code,我必须手动都做一遍!结果
见.. 这就是为什么我要学会使用权的 BX ...而不是 BL
All this... just to calculate the offset... to be able to write abl offset... to call an existing firmware function?
And if i change any code before that BL, i have to do it all over again manually !
See.. this is why i want to learn to use BX right... instead of BL
另外,我不太明白的BX。如果我使用BX跳转到一个绝对地址,我是否由1增加的实际地址,从Thumb code caling拇指code时(保持低字节1)...和CPU将知道这是拇指code?
Also, i don't quite understand the BX. If i use BX to jump to an absolute address, do i have to increase the actual address by 1, when caling Thumb code from Thumb code (to keep the lsb byte 1)... and the CPU will know it's thumb code ?
推荐答案
BIG编辑:
更改基于我最近知道了答案,并更好地理解这个问题。
Changing the answer based on what I have learned recently and a better understanding of the question
首先,我不知道如何告诉链接器生成一个BL到在这个code硬codeD地址,而不是实际的地址。您可以尝试来搭起有标签等,但假或没有code ELF文件,不知道这是否会欺骗链接或没有。你将不得不修改链接描述为好。不值得。
First off I dont know how to tell the linker to generate a bl to an address that is a hardcoded address and not actually in this code. You might try to rig up an elf file that has labels and such but dummy or no code, dont know if that will fool the linker or not. You would have to modify the linker script as well. not worth it.
您这是从这个产生了另一个问题:
your other question that was spawned from this one:
<一个href=\"http://stackoverflow.com/questions/9368360/arm-thumb-using-bx-in-thumb-$c$c-to-call-a-thumb-function-or-to-jump-to-a-thu\">Arm/Thumb:在Thumb code。使用BX,调用Thumb函数,或跳转到Thumb指令在另一个函数
有关分支这工作就好了:
For branching this works just fine:
LDR R6, =0x24000
ADD R6, #1 @ (set lsb to 1)
BX R6
或保存指令,只是做到这一点。
or save an instruction and just do this
LDR R6, =0x24001
BX R6
如果你想分支链接,你知道地址,你在拇指模式,并希望得到拇指code,那么
if you want to branch link and you know the address and you are in thumb mode and want to get to thumb code then
ldr r6,=0x24001
bl thumb_trampoline
;@returns here
...
.thumb_func
thumb_trampoline:
bx r6
和几乎如果你已经开始在ARM模式,并希望得到拇指code。在你已经知道的地址完全一样的。
And almost the exact same if you are starting in arm mode, and want to get to thumb code at an address you already know.
ldr r6,=0x24001
bl arm_trampoline
;@returns here
...
arm_trampoline:
bx r6
您要知道,你可以用这种方式垃圾R6(确保R6的心不是节约一定的价值被一些code调用此code)。
You have to know that you can trash r6 in this way (make sure r6 isnt saving some value being used by some code that called this code).
非常抱歉误导你与对方的回答,我可以发誓,MOV LR,PC中的作为,所以LSb模式拉高,但它不。
Very sorry misleading you with the other answer, I could swear that mov lr,pc pulled in the lsbit as a mode, but it doesnt.
这篇关于的ARM / Thumb code固件补丁...如何告诉GCC汇编器/连接器能BL绝对地址?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
