Mbm
From MILEDROPEDIA
mbm (also known as RAMLD or ramloader).
Contents
Versions of mbm
Milestone (A853)
- 90.72 - File:Mbm-90.72.raw.gz
- 90.73 - phones from LA (Latin America) and DACH (Germany, Austria, Switzerland) File:Mbm-90.73.raw.gz
- 90.74 - Canadian Phones File:Mbm-90.74.raw.gz
- 90.76 - unknown
- 90.78 - newly released phones File:Mbm-90.78.raw.gz
- 90.80 - developer phones File:Mbm-90.80.raw.gz
Milestone XT701
Milestone XT720
- 80.89 - current phones File:Mbm-80.89.tar.gz
Droid
Droid X
- 26.01 - SBF download
- 27.01 - Preinstalled on the phons SBF download
Droid 2
Booting errors
| Error code | What does this error mean |
|---|---|
| E000 | wrong security type |
| B655 EDDC EB | security version error |
| DBE7 11E1 83 | ramloader: wrong address |
| D000 | ramloader: security checking error |
| FEBE | ramloader: integrity checking error |
| CAA5 6CCF | error: none pds pages |
| C0FF CABE E1 | ramloader: loading error |
| C0FF 1CCC E1 | |
| C0FF 1CCC 8B | error: wrong jump address (null) |
| DAA5 19ED 83 | error: wrong jump address |
| C0FF CABE 8B | error: wrong jump address |
| CAA5 6CCF | |
| 1337 AB6B 83 | |
| 1337 510B 83 | invalid address |
| C0FF BBD6 | |
| C0FF 32DF D5 | |
| C0FF CABE D5 | |
| C0FF A430 83 | |
| C0FF 11E1 83 | |
| 1337 11E1 83 | |
| DEA1 | |
| DEA1 8D | security checking error |
| C089 | security checking error |
| C0FF CABE | error when executing BIN command |
| DAA5 1D23 83 | wrong ramloader |
| C0FF 200B | usb error |
| C0FF 2190 | usb error |
| C0FF 1AB4 | usb error |
| C0FF 1FFF | usb error |
| C0FF 101F | usb error |
| C0FF 21FF | usb error |
| C0FF 3001 | usb error |
| B655 XXXX | fastboot errors |
Interfacing over pc
it can talk with pc over usb. It have this commands:
cmd_ADDR EQU 1
cmd_BIN EQU 2
cmd_START EQU 3
cmd_HSYNC EQU 4
cmd_POWER_DOWN EQU 5
cmd_RQHW EQU 7
cmd_RQRC EQU 8
cmd_RQUID EQU 0xA
cmd_RQVN EQU 0xB
cmd_JUMP EQU 0xC
cmd_RESTART EQU 0xE
cmd_RQSW EQU 0x12
cmd_READ EQU 0x15
cmd_RQINFO EQU 0x17
cmd_FL_RESTART EQU 0x18
And this is a section inside mbm which parse this commands:
struct command {
int code;
char* str;
};
struct command* cmdlist;
// arg_count can be argument, only if count of arguments == 1// e.g. for ADDR and BIN commandssigned int cmd_handler(int cmd, int arg_count, char** arg_array)
{uint8_t i = 0;
uint8_t cmd_code;
int sec_type;
signed int result;
char* buf;
cmd_code = 26;
sec_type = security_check_type();
while ( !standard_strcmp(cmdlist[i].str, cmd) ) {
i++if ( i >= 0xF )
goto parse_CMD;
}cmd_code = cmdlist[i].code;
parse_CMD:result = cmd_security_check(cmd_code, arg_count, cmd);
if ( result != 35 ) {
if ( cmd_code < 0x19 ) {
switch ( cmd_code ) {
case 1:
if ( *(uint8_t)0x8F32D150 == 1 ) {
result = cmd_handler_ADDR(arg_count);
} else {
buf[0] = 119;
result = usb_send("ERR", buf);
}return result;
case 2:
return cmd_handler_BIN(arg_count, arg_array);
case 5:
cmd_handler_POWEROFF();
return result;
case 14:
cmd_handler_RESET();
return result;
case 21:
return cmd_handler_READ(arg_count);
case 7:
if ( *(uint8_t)0x8F32D18C == 240 || HIBYTE(*(uint16_t)0x8F32D3A8) != 1 || sec_type != 49153 && sec_type != 43806 ) {
result = cmd_handler_RQHW();
} else {
HIBYTE(*(uint16_t)0x8F32D3A8) = 0;
buf[0] = *(uint8_t)0x8F32D18C;
result = usb_send("ERR", buf);
}return result;
case 10:
return cmd_handler_RQUID(arg_count);
case 11:
return cmd_handler_RQVN();
case 8:
return cmd_handler_RQRC(arg_count);
case 23:
return cmd_handler_RQINFO();
case 18:
return cmd_handler_RQSW();
case 12:
return cmd_handler_JUMP(arg_count);
case 24:
cmd_handler_FL_RE(arg_count);
return result;
case 0:
case 3:
case 4:
case 6:
case 9:
case 13:
case 15:
case 16:
case 17:
case 19:
case 20:
case 22:
break;
}}buf[0] = 133;
result = usb_send("ERR", buf);
}return result;
}
