Tom's Orange Pi Pages

December 14, 2016

Orange PI - Dumping the bootrom

I am doing this on an H3 chip based Orange Pi PC

A bit of reading tells me than inside the H3 chip is a 32K bootrom. This ROM is at address 0xffff000 (and extends to 0xffff7fff). ARM reset sets the PC to 0xffff0000 and causes it to fetch the first instruction from the start of the ROM image.

Use dd and /dev/mem

The bottom line is that this does not work due to some kind of brain damage either in dd or the driver behind /dev/mem, but here is what we would like to have done:

Here 0xffff = 65535 and 65535*64 = 4194240

su
dd if=/dev/mem of=zzz bs=1024 skip=4194240 count=32
dd: error reading ‘/dev/mem’: Bad address
0+0 records in
0+0 records out
0 bytes (0 B) copied, 0.00170762 s, 0.0 kB/s

Write a little C program

dumprom.c

This is a little C program that uses mmap along with /dev/mem to read out the ROM image. It works like a champ.

cc -o dumprom dumprom.c

I tried reading out 64K and learned that the ROM is mapped into memory twice (i.e. the second 32K is identical to the first).

Have any comments? Questions? Drop me a line!

Tom's electronics pages / tom@mmto.org