22 lines
914 B
ReStructuredText
22 lines
914 B
ReStructuredText
========
|
|
Emulator
|
|
========
|
|
What is interesting about the ROM is that it starts by checking MPIDR_EL1 register and doing a conditional branch to 0x20e0000.
|
|
|
|
.. code-block:: ghidra
|
|
|
|
|
|
undefined w0:1 <RETURN>
|
|
Reset XREF[1]: Entry Point(*)
|
|
00000000 bb 00 38 d5 mrs x27,mpidr_el1
|
|
00000004 7b 0f 78 92 and x27,x27,#0xf00
|
|
00000008 7f 03 00 f1 cmp x27,#0x0
|
|
0000000c 41 00 00 54 b.ne LAB_00000014
|
|
00000010 fc 7f 83 14 b LAB_020e0000
|
|
|
|
|
|
Week 35 - 2024
|
|
===============
|
|
After booting BL31, the MMU seems to be set up, and we're unable to do get any data off of spaces we're not 'allowed' to access. Interestingly, one of the setups is at
|
|
|
|
Patching the if-statement at 0x020244e8, and in doing so, disabling this function. |