Kernel Boot Loader: Difference between revisions

From Vita Development Wiki
Jump to navigation Jump to search
No edit summary
Line 1: Line 1:
= Structure =
Kernel Boot Loader ELF consists of 4 segments: SKBL reset vector, SKBL segment 0, SKBL segment 1, NSKBL.
Kernel Boot Loader ELF consists of 4 segments: SKBL reset vector, SKBL segment 0, SKBL segment 1, NSKBL.
== SKBL reset vector ==
SKBL Reset vector is copied ?by SKBL Segment 0 or by second_loader? from file to physical address <code>0x40000000</code>.


== SKBL Segment 0 ==
== SKBL Segment 0 ==
This is SKBL executable code followed by Tzs modules.


=== FW 3.60 ===
=== FW 3.60 ===
Line 59: Line 67:
== SKBL Segment 1 ==
== SKBL Segment 1 ==


Two corelock context
This seems to be SKBL data segment.
 
Initial stack cookie


SKBL some pointer
It contains at least:
* two corelock context
* SKBL initial stack cookie
* SKBL some pointer
* device register base
* zeroed data


Device reg base
== NSKBL ==


And 0 datas
See [[NSKBL]].

Revision as of 11:16, 14 January 2022

Structure

Kernel Boot Loader ELF consists of 4 segments: SKBL reset vector, SKBL segment 0, SKBL segment 1, NSKBL.

SKBL reset vector

SKBL Reset vector is copied ?by SKBL Segment 0 or by second_loader? from file to physical address 0x40000000.

SKBL Segment 0

This is SKBL executable code followed by Tzs modules.

FW 3.60

Start offset End offset Size Comments
0x0 ?0x1AA3F? ?0x1AA40? SKBL executable code
?0x1AA40? ?0x8EC? 0x1B32C some SKBL data
0x1B32C 0x273C3 0xC098? SceSysmem.elf (ARZL compressed)
0x273C4 0x297EB 0x2428 SceExcpmgr.elf
0x297EC 0x2B507 0x1D1C SceKernelIntrMgr.elf
0x2B508 0x2CD27 0x1820 SceKernelBusError.elf
0x2CD28 0x3094F 0x3C28 SceSblSmsched.elf
0x30950 0x3438F 0x3A40 SceDriverTzs.elf
0x34390 0x370C7 0x2D38 some SKBL data

SKBL Segment 1

This seems to be SKBL data segment.

It contains at least:

  • two corelock context
  • SKBL initial stack cookie
  • SKBL some pointer
  • device register base
  • zeroed data

NSKBL

See NSKBL.