Canon EOS M5

  • 35 Replies
  • 15693 Views
*

Offline reyalp

  • ******
  • 10701
  • Publish
    Re: Canon EOS M5
    « Reply #30 on: 21 / January / 2017, 14:31:26 »
    Advertisements
    When I had a chance to make a dump on a G7x mark II should I use this version?
    Yeah, I'd suggest starting with the one that worked on M5
    Don't forget what the H stands for.

    *

    Offline a1ex

    • *****
    • 671
    • ML dev
  • Publish
    Re: Canon EOS M5
    « Reply #31 on: 22 / January / 2017, 19:00:56 »
    MMU configuration (E0004C7A, see emulation log posted earlier):
    Code: [Select]
    BOTH: DACR <- 0x55555555          Client. Accesses are checked against the permission bits in the translation tables (all 16 entries)
    BOTH: TTBCR <- 7                  TTBCR.N = 7 (TTBR0 "size", see [url=https://www.systems.ethz.ch/sites/default/files/file/aos2014/slides/02-MMUsEtc.pdf]AOS p23[/url])
    CPU0: TTBR0_EL1 <- 0xE0004800     Translation table for low addresses (from 0 to 1FFFFFF)
    CPU1: TTBR0_EL1 <- 0xE0004880     Translation table for low addresses (from 0 to 1FFFFFF)
    BOTH: TTBR1_EL1 <- 0xE0000080     Translation table for high addresses (all others)
    BOTH: CONTEXTIDR(S) <- MPIDR      Context ID Register <- current CPU
    BOTH: TLBIALL <- 0x0              Instruction TLB Invalidate All
    BOTH: SCTLR <- 0x40C50879         SCTLR |= 1 (enable MMU)

    Memory map (see QEMU's target-arm/helper/helper.c:get_phys_addr_v6 and Cortex A series Programmer's Guide, chapter 8 - MMU ):
    Code: [Select]
    CPU0:
    00001000-00001FFF -> 00000000-00000FFF (-1000) O:NCACH I:WB,WA  P:RW   
    00002000-3FFFFFFF -> 00002000-3FFFFFFF (   +0) O:NCACH I:WB,WA  P:RW   

    CPU1:
    00001000-3FFFFFFF -> 00001000-3FFFFFFF (   +0) O:NCACH I:WB,WA  P:RW   

    Both:
    40000000-BFFFFFFF -> 40000000-BFFFFFFF (   +0) O:NCACH I:NCACH  P:RW   
    C0000000-C1FFFFFF -> C0000000-C1FFFFFF (   +0) Device           P:RW XN
    C4000000-C4FFFFFF -> C4000000-C4FFFFFF (   +0) Device           P:RW XN
    C8000000-CAFFFFFF -> C8000000-CAFFFFFF (   +0) Device           P:RW XN
    D0000000-D0FFFFFF -> D0000000-D0FFFFFF (   +0) Device           P:RW XN
    D2000000-D2FFFFFF -> D2000000-D2FFFFFF (   +0) Device           P:RW XN
    D4000000-D5FFFFFF -> D4000000-D5FFFFFF (   +0) Device           P:RW XN
    D8000000-D9FFFFFF -> D8000000-D9FFFFFF (   +0) Device           P:RW XN
    DE000000-DEFFFFFF -> DE000000-DEFFFFFF (   +0) Device           P:RW XN
    DF000000-DFFFFFFF -> DF000000-DFFFFFFF (   +0) O:NCACH I:WB,WA  P:RW   
    E0000000-E7FFFFFF -> E0000000-E7FFFFFF (   +0) O:WB,WA I:WB,WA  P:R   
    E8000000-EFFFFFFF -> E8000000-EFFFFFFF (   +0) Strongly-ordered P:R  XN
    F0000000-F7FFFFFF -> F0000000-F7FFFFFF (   +0) O:WB,WA I:WB,WA  P:R   
    F8000000-FFFFFFFF -> F8000000-FFFFFFFF (   +0) Strongly-ordered P:R  XN

    So, the MMU does mostly a flat mapping, and virtually all of the memory is visible from both CPUs, except for a 4K page private to each core, at virtual address 0x1000.

    *

    Offline reyalp

    • ******
    • 10701
  • Publish
    Re: Canon EOS M5
    « Reply #32 on: 22 / January / 2017, 23:29:34 »
    I haven't looked at the details of ARM MMUs, but having one could potentially make hooking/replacing ROM code a lot more convenient.
    Don't forget what the H stands for.

  • Publish
    Re: Canon EOS M5
    « Reply #33 on: 08 / May / 2017, 16:05:44 »
    Hello,
     I am joining this thread to offer assistance with the Canon M5.
    I have development and programming in my background but in CHDK I am a noob.
    It looked like this M5 thread made headway in January since then has cooled off.

    If you send me a reference/link or instructions I will give it a go to help map


    *

    Offline a1ex

    • *****
    • 671
    • ML dev
  • Publish
    Re: Canon EOS M5
    « Reply #34 on: 08 / May / 2017, 16:40:23 »
    For QEMU, see qemu 2.5.0, qemu-2.9.0, QEMU ML thread, install and self-test log and M5 log from test suite. Basically, run the install script and it will guide you from there.

    Might be worth checking QEMU 2.9.0 on M5, as it may have better dual processor emulation. I've upgraded it recently, but the test suite appears to fail on this model. Didn't look into it yet, but it's probably easy to fix.
    « Last Edit: 08 / May / 2017, 16:45:17 by a1ex »

  • Publish
    Re: Canon EOS M5
    « Reply #35 on: 09 / May / 2017, 16:28:16 »
    Hello,
     I am joining this thread to offer assistance with the Canon M5.

    I have the Dump from the M5 in a .7z file
    where can I share it ?  or who posts to the GoogleDrive of Dumps

     

    Related Topics