$30 off During Our Annual Pro Sale. View Details »

リセットとフリーズで解析する電子辞書リバエン記 / reverse-engineer-e-dictionaries-with-reset-and-freeze

Takumi Sueda
November 20, 2021
Technology
2
5.7k

リセットとフリーズで解析する電子辞書リバエン記 / reverse-engineer-e-dictionaries-with-reset-and-freeze

Kernel/VM 探検隊 online part4 LT
小説版: https://www.zopfco.de/entry/reset_freeze_re

Takumi Sueda

November 20, 2021
Tweet

More Decks by Takumi Sueda

See All by Takumi Sueda
AST as Black Magic
puhitaku
0
46
次世代の足下を舗装するコミュニティ
puhitaku
5
1.4k
電子辞書で学ぶ Linux のサスペンド
puhitaku
0
340
USB PD で迎える AC アダプター大統一時代
puhitaku
2
2.3k
電子辞書のアイデンティティを消す方法
puhitaku
3
3.4k
詳解・電子辞書で Linux がブートするまで / boot-linux-on-sharp-brain-explained
puhitaku
5
3.5k
MicroPython × BLE × テプラ 〜リバースエンジニアリングを添えて〜 /micropython-ble-tepra
puhitaku
1
630
TEPRA Lite ではじめる BLE リバースエンジニアリング / tepra-lite-ble-reverse-engineering
puhitaku
9
5.6k
勢いあるハックと勢いあるコミュニティの試行
puhitaku
0
830

Other Decks in Technology

See All in Technology
ミチビク株式会社エンジニアカンパニーデック
knsg16
0
2.2k
Go Getでのchecksum不一致に遭遇した話とその対応
replu
0
280
Parsing case study in Go / Go Conference mini 2023 Winter IN KYOTO
k1low
2
370
kintone テクニカルライター採用ピッチ資料
cybozuinsideout
PRO
0
880
CSSパフォーマンスに関する計測結果
poteboy
3
1.4k
Amazon Bedrock を利用したAIチャットボット開発
yukimatsuyoshi
3
560
Microsoft Fabric と データメッシュ
ryomaru0825
2
160
CPOが開発する覚悟 〜コンパウンドスタートアップにおける、爆速の新規プロダクト開発スタイル〜
mosa_siru
9
6.9k
技術広報経験0のEMがエンジニアブランディングをはじめてみた
coconala_engineer
1
140
The future is already here – Mastering the challenges of the coming years
ufried
0
320
朝起こしてくれるメイドさんが欲しい (LT) - NIFTY Tech Day 2023
niftycorp
1
120
ROSCon 2023参加報告:Real-Time Workshop & Zenoh's Current Status and Forecast
takasehideki
1
220

Featured

See All Featured
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
10
1.3k
WebSockets: Embracing the real-time Web
robhawkes
58
6.6k
Web Components: a chance to create the future
zenorocha
304
41k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
123
31k
Agile that works and the tools we love
rasmusluckow
323
20k
Teambox: Starting and Learning
jrom
125
8.2k
The Power of CSS Pseudo Elements
geoffreycrofte
56
4.7k
Building Better People: How to give real-time feedback that sticks.
wjessup
349
18k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
318
20k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
656
120k
Web development in the modern age
philhawksworth
201
9.9k
From Idea to $5000 a Month in 5 Months
shpigford
376
45k

Transcript

  1. Kernel/VM online part
    4
    LT
    @puhitaku

    View Slide

  2. Takumi Sueda @puhitaku




    NICT

    HOMMA Inc.



    Twitter













    View Slide

  3. SHARP Brain
    SHARP Windows CE


    CE exe (PE)




    2011


    TOSHIBA TMPA
    9 10
    CRAXBG (armv
    5
    tej) +
    64
    MiB DRAM


    Windows CE


    2012 2020


    NXP i.MX
    2
    83
    (armv
    5
    tej) +
    12
    8
    MiB DRAM


    Windows CE


    2021


    ???
    SHARP Brain
    3
    https://jp.sharp/edictionary/products/pwsh
    1
    _overviiew.html

    View Slide

  4. SHARP Brain
    2019 2020 SHARP Brain PW-SH
    1
    Linux


    +
    i.MX
    283

    Raspberry Pi Brain
    Linux SD
    Brain Linux
    4
    https://jp.sharp/edictionary/products/pwsh
    1
    _overviiew.html

    View Slide

  5. 2021 1


    Brain

    View Slide

  6. Brain
    https://jp.sharp/edictionary/topics/
    6

    View Slide

  7. Brain
    https://brain-library.com/
    7

    View Slide

  8. Brain
    OS

    SoC i.MX
    283




    8

    View Slide

  9. Brain 9

    View Slide

  10. Brain 10

    View Slide

  11. Brain 11

    View Slide

  12. Brain
    SoC NXP i.MX
    7
    ULP i.MX
    7
    ULP = Cortex-A
    7
    + Cortex-M
    4
    12

    View Slide

  13. Brain
    (Windows CE PE)




    OS


    13

    View Slide

  14. View Slide


  15. objdump


    0 Arm
    15

    View Slide


  16. as ELF .text
    16

    View Slide

  17. 17

    View Slide




  18. resource hog


    18

    View Slide

  19. _start return
    19

    View Slide

  20. 20

    View Slide

  21. 0x
    00
    0000
    00 

    21

    View Slide



  22. return


    0
    x
    0
    00000 0
    0
    22


    View Slide

  23. U-Boot

    View Slide

  24. U-Boot
    1
    . MMU


    2
    . MMU U-Boot




    U-Boot
    24

    View Slide

  25. U-Boot
    & OS API


    JTAG


    UART TX UART



    I/O
    25

    View Slide

  26. U-Boot


    
 

    1bit




    26

    View Slide

  27. U-Boot


    1 MMU

    View Slide

  28. U-Boot MMU
    MMU mrc SCTSR MMU
    mcr
    MMU
    28
    SCTSR

    View Slide

  29. U-Boot MMU
    mrc

    29

    View Slide

  30. U-Boot MMU 30

    View Slide

  31. U-Boot MMU
    mrc SCTSR return
    31


    View Slide

  32. U-Boot


    2 U-Boot

    View Slide

  33. U-Boot U-Boot
    U-Boot MMU

    U-Boot
    3 :


    1
    . Brain


    2
    . DRAM 1. 1.


    3
    . 2. 64 KiB (large page) 1.
    U-Boot
    33

    View Slide

  34. U-Boot


    2 U-Boot


    1

    View Slide

  35. U-Boot U-Boot
    1
    35
    Brain
    1
    MiB
    NOP


    mov pc, lr
    NOP = mov r0, r0

    View Slide

  36. U-Boot U-Boot
    1
    36


    1
    5
    MiB
    Brain
    15 MiB


    1 (
    4
    Bytes)


    1
    5
    MiB DRAM 128 MiB 11.7%

    View Slide

  37. U-Boot


    2 U-Boot


    2

    View Slide

  38. U-Boot U-Boot 38
    NOP
    MMU


    NOP
    1
    NOP
    6
    4
    KiB
    NOP NOP
    ………
    2 1

    View Slide

  39. U-Boot U-Boot
    2
    39
    Virtual

    Memory


    1
    5
    MiB
    1
    MMU
    Physical

    Memory
    MMU


    View Slide

  40. U-Boot U-Boot
    2
    40
    1
    Physical

    Memory
    0
    x
    6000
    000
    0
    0
    x
    6800
    000
    0
    1

    !"#$ %&'( !"#$
    1


    View Slide

  41. U-Boot U-Boot
    2
    41
    1
    Physical

    Memory
    0
    x
    6
    78000 0
    0
    DRAM 15 MiB

    %&'(
    0
    x
    6000
    000
    0
    0
    x
    6800
    000
    0

    View Slide

  42. U-Boot


    2 U-Boot


    3

    View Slide

  43. U-Boot U-Boot 43
    2

    MMU


    NOP NOP
    6
    4
    KiB
    NOP
    3 1
    NOP NOP NOP NOP

    View Slide

  44. U-Boot U-Boot 44
    112 64 KiB
    NOP NOP
    6
    4
    KiB
    3 1
    NOP NOP NOP NOP
    112

    View Slide

  45. U-Boot U-Boot
    1
    . ✅ U-Boot


    2
    . ✅ MMU


    3
    . ✅ MMU U-Boot


    1
    5
    MiB 0x
    7 0
    0 0
    0 0
    u-boot.bin

    0x
    67
    800000
    U-Boot
    U-Boot
    45

    View Slide

  46. U-Boot

    View Slide

  47. U-Boot
    i.MX
    7
    ULP con
    fi
    g




    47

    View Slide

  48. U-Boot 48

    View Slide

  49. U-Boot
    U-Boot shell
    49

    View Slide

  50. Linux

    View Slide

  51. Linux
    U-Boot Image


    printk UART


    Linux
    51

    View Slide

  52. Linux
    @pepepper_cpp Mailbox Unit
    Linux MU




    NXP upstream MU
    merge
    52

    View Slide

  53. Linux
    Linux


    Linux
    53

    View Slide

  54. View Slide

  55. μITRON RTOS




    I/O I/O




    55

    View Slide

  56. &


    Speakerdeck
    56

    View Slide