Upgrade to Pro — share decks privately, control downloads, hide ads and more …

リセットとフリーズで解析する電子辞書リバエン記 / reverse-engineer-e-dictionaries-with-reset-and-freeze

C825832c4fc71ffdfd44905729281fb0?s=47 Takumi Sueda
November 20, 2021
Technology
0
4.3k

リセットとフリーズで解析する電子辞書リバエン記 / reverse-engineer-e-dictionaries-with-reset-and-freeze

Kernel/VM 探検隊 online part4 LT
小説版: https://www.zopfco.de/entry/reset_freeze_re

C825832c4fc71ffdfd44905729281fb0?s=128

Takumi Sueda

November 20, 2021
Tweet

More Decks by Takumi Sueda

See All by Takumi Sueda
詳解・電子辞書で Linux がブートするまで / boot-linux-on-sharp-brain-explained
C825832c4fc71ffdfd44905729281fb0?s=48 puhitaku
5
2.8k
MicroPython × BLE × テプラ 〜リバースエンジニアリングを添えて〜 /micropython-ble-tepra
C825832c4fc71ffdfd44905729281fb0?s=48 puhitaku
1
390
TEPRA Lite ではじめる BLE リバースエンジニアリング / tepra-lite-ble-reverse-engineering
C825832c4fc71ffdfd44905729281fb0?s=48 puhitaku
9
4.9k
勢いあるハックと勢いあるコミュニティの試行
C825832c4fc71ffdfd44905729281fb0?s=48 puhitaku
0
610
ハックの学び方、の学び方
C825832c4fc71ffdfd44905729281fb0?s=48 puhitaku
21
8.8k
プレゼンの作り方
C825832c4fc71ffdfd44905729281fb0?s=48 puhitaku
3
680
フォーク、ナイフ、ものづくり
C825832c4fc71ffdfd44905729281fb0?s=48 puhitaku
3
1.5k
電子辞書は組み込みLinuxの夢を見るか? Ver. 2.0.0
C825832c4fc71ffdfd44905729281fb0?s=48 puhitaku
4
2.7k
電子辞書は組み込みLinuxの夢を見るか? Ver. 1.1.0
C825832c4fc71ffdfd44905729281fb0?s=48 puhitaku
3
1.4k

Other Decks in Technology

See All in Technology
Backlog × RPAでいろいろ捗った話
87470304247051028bed32895e4816cd?s=48 z_tetsu
0
380
今 SLI/SLO の監視をするなら Sloth が良さそうという話
Cb17938137021ead2656d0fe58b7c7b1?s=48 shotakitazawa
1
280
Trusted Web プロトタイプ
525442fc70ca92f82ae503f826956137?s=48 finengine
0
330
VS Code Meetup #21 - もう一度知りたい基礎編 - ファイル操作、コーディングの基本編
Fc815be82d09a2e922d4000b65b9f83b?s=48 74th
0
190
疎ベクトル検索と密ベクトル検索: 第68回 Machine Learning 15minutes! Broadcast
B773daeab435018f26c39bb4e964804a?s=48 keyakkie
1
250
eBPF-based Container Networking
98b5759510e487ade4145247bc856366?s=48 johnlin
2
1.1k
PMMやプロダクト関係者と協働するために役割を整理した話 / 20220810_pdmtipslt
Cdf97a1b1b132c56582773c3ba09a3a6?s=48 rakus_dev
0
110
CloudWatchアラームによるサービス継続のための監視入門 / Introduction to Monitoring for Service Continuity with CloudWatch Alarms
107ea34bd4da51e40f1c30b9ca0c459e?s=48 inomasosan
1
420
Power BI のうらがわ
0cc2ebc5781bcb2cae5f9ab7efa40ff2?s=48 hanaseleb
1
140
Oracle Cloud Infrastructure:2022年7月度サービス・アップデート
3115a782126be714b5f94d24073c957d?s=48 oracle4engineer
PRO
0
190
セキュキャンを卒業してその後
1f745ff900e1be51aedae18cae76593c?s=48 kurochan
0
580
Continuous Architecture Design for Modernization
9b63847a4c413a2604e1d64e5d595dab?s=48 humank
1
460

Featured

See All Featured
Designing the Hi-DPI Web
C157b16234f1e75e8eac3698c1d4414a?s=48 ddemaree
272
32k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
D8fc2580cfaca035f666d9e4ee79a7f7?s=48 mongodb
29
4.4k
Web Components: a chance to create the future
E190023b66e2b8aa73a842b106920c93?s=48 zenorocha
303
40k
Keith and Marios Guide to Fast Websites
E14f55d3f939977cecbf51b64ff6f861?s=48 keithpitt
404
21k
Practical Orchestrator
168ccec72eee0530b818d44f3fedaacf?s=48 shlominoach
178
8.7k
Distributed Sagas: A Protocol for Coordinating Microservices
9128d500301ae51524e887bb680f471d?s=48 caitiem20
316
19k
Done Done
282d599b414022eba5096510f675b6e2?s=48 chrislema
174
14k
From Idea to $5000 a Month in 5 Months
E4f5d494ebdc9e7cce1aecf3ce3e8bc1?s=48 shpigford
373
44k
WebSockets: Embracing the real-time Web
E76911cbe088e5b850d966de3fc7435b?s=48 robhawkes
57
5.6k
In The Pink: A Labor of Love
E837d2996f52008ace055a08fbfff992?s=48 frogandcode
131
21k
Git: the NoSQL Database
20bfe76b3d6105641f879fe45cfc9272?s=48 bkeepers
PRO
415
59k
The Mythical Team-Month
E6c6e133e74c3b83f04d2861deaa1c20?s=48 searls
210
39k

Transcript

  1. Kernel/VM online part 4 LT @puhitaku

  2. Takumi Sueda @puhitaku NICT 
 HOMMA Inc. 
 Twitter 


  3. SHARP Brain SHARP Windows CE 
 CE exe (PE) 2011

    TOSHIBA TMPA 9 10 CRAXBG (armv 5 tej) + 64 MiB DRAM Windows CE 2012 2020 NXP i.MX 2 83 (armv 5 tej) + 12 8 MiB DRAM Windows CE 2021 ??? SHARP Brain 3 https://jp.sharp/edictionary/products/pwsh 1 _overviiew.html

  4. SHARP Brain 2019 2020 SHARP Brain PW-SH 1 Linux +

    i.MX 283 Raspberry Pi Brain Linux SD Brain Linux 4 https://jp.sharp/edictionary/products/pwsh 1 _overviiew.html

  5. 2021 1 Brain

  6. Brain https://jp.sharp/edictionary/topics/ 6

  7. Brain https://brain-library.com/ 7

  8. Brain OS 
 SoC i.MX 283 8

  9. Brain 9

  10. Brain 10

  11. Brain 11

  12. Brain SoC NXP i.MX 7 ULP i.MX 7 ULP =

    Cortex-A 7 + Cortex-M 4 12

  13. Brain (Windows CE PE) OS 13

  14. None

  15. 
 objdump 0 Arm 15

  16. 
 as ELF .text 16

  17. 17

  18. resource hog 18 


  19. _start return 19

  20. 20

  21. 0x 00 0000 00 
 21

  22. return 0 x 0 00000 0 0 22

  23. U-Boot

  24. U-Boot 1 . MMU 2 . MMU U-Boot U-Boot 24

  25. U-Boot & OS API JTAG UART TX UART 
 I/O

    25

  26. U-Boot 
 
 1bit 26

  27. U-Boot 1 MMU

  28. U-Boot MMU MMU mrc SCTSR MMU mcr MMU 28 SCTSR

  29. U-Boot MMU mrc 
 29

  30. U-Boot MMU 30

  31. U-Boot MMU mrc SCTSR return 31

  32. U-Boot 2 U-Boot

  33. U-Boot U-Boot U-Boot MMU 
 U-Boot 3 : 1 .

    Brain 2 . DRAM 1. 1. 3 . 2. 64 KiB (large page) 1. U-Boot 33

  34. U-Boot 2 U-Boot 1

  35. U-Boot U-Boot 1 35 Brain 1 MiB NOP mov pc,

    lr NOP = mov r0, r0

  36. U-Boot U-Boot 1 36 1 5 MiB Brain 15 MiB

    1 ( 4 Bytes) 1 5 MiB DRAM 128 MiB 11.7%

  37. U-Boot 2 U-Boot 2 


  38. U-Boot U-Boot 38 NOP MMU NOP 1 NOP 6 4

    KiB NOP NOP ……… 2 1

  39. U-Boot U-Boot 2 39 Virtual 
 Memory 1 5 MiB

    1 MMU Physical 
 Memory MMU

  40. U-Boot U-Boot 2 40 1 Physical 
 Memory 0 x

    6000 000 0 0 x 6800 000 0 1 
 !"#$ %&'( !"#$ 1

  41. U-Boot U-Boot 2 41 1 Physical 
 Memory 0 x

    6 78000 0 0 DRAM 15 MiB 
 %&'( 0 x 6000 000 0 0 x 6800 000 0

  42. U-Boot 2 U-Boot 3 


  43. U-Boot U-Boot 43 2 
 MMU NOP NOP 6 4

    KiB NOP 3 1 NOP NOP NOP NOP

  44. U-Boot U-Boot 44 112 64 KiB NOP NOP 6 4

    KiB 3 1 NOP NOP NOP NOP 112 …

  45. U-Boot U-Boot 1 . ✅ U-Boot 2 . ✅ MMU

    3 . ✅ MMU U-Boot 1 5 MiB 0x 7 0 0 0 0 0 u-boot.bin 
 0x 67 800000 U-Boot U-Boot 45

  46. U-Boot

  47. U-Boot i.MX 7 ULP con fi g 
 47

  48. U-Boot 48

  49. U-Boot U-Boot shell 49

  50. Linux

  51. Linux U-Boot Image printk UART Linux 51

  52. Linux @pepepper_cpp Mailbox Unit Linux MU NXP upstream MU merge

    52

  53. Linux Linux Linux 53

  54. None

  55. μITRON RTOS I/O I/O 55

  56. & Speakerdeck 56