07:52 <clever> cyrozap: i'm currently reversing the gpu firmware on the pi, which involves loading the xhci firmware by poking some pci registers

07:53 <clever> cyrozap: ive zero clue what ISA the xhci firmware uses

07:53 <clever> cyrozap: i also need to RE the ddr4 controller firmware, but again, no clue on the ISA

08:08 <cyrozap> clever: If it's a Synopsys DDR4 controller, it's probably an ARC core.

08:09 <cyrozap> The VIA xHCI controller almost certainly uses an 8051.

08:09 <cyrozap> You can confirm by running cpu_rec on the binaries: https://github.com/airbus-seclab/cpu_rec

08:12 <cyrozap> Also, I seem to remember seeing a patch on the LKML regarding loading that xHCI controller's firmware.

08:15 <cyrozap> Found it: https://lkml.kernel.org/lkml/20200629161845.6021-1-nsaenzjulienne@suse.de/

08:18 <cyrozap> Ohhhhh, I see what you're tring to do now. In one of the reverted commits in that series: "RPi4's VideoCore OS contains both the non public firmware load logic and the VL805 firmware blob. This function triggers the aforementioned process."

08:20 <cyrozap> clever: Out of curiosity, where could I find that unstripped .elf you were talking about? Now I'm kind of interested in that "non public firmware load logic".

08:28 <clever> cyrozap: i already tried to decompile it as VC4 (which is arc based), and it comes out as garbage

08:29 <clever> one sec

08:30 <clever> cyrozap: https://github.com/raspberrypi/firmware/issues/296

08:30 <clever> cyrozap: this user was "helpful" enough to complain when the firmware size doubled, because somebody forgot to strip

08:31 <clever> cyrozap: if you then dig enough, youll find that commit 4f63c3bdd4d9ca4f308e683fe7e70501b4ac3232 from the firmware repo contains those binaries

08:33 <clever> cyrozap: on original pi4b boards, the vl805 has its own spi flash chip

08:34 <clever> cyrozap: the normal xhci scratch space (xhci steals some host dram), is used to hold its own firmware, and the vl805 basically has an L1 cache, and will use pci bus-mastering upon cache miss

08:34 <clever> upon pci-e reset, it reads spi->hostram to re-initialize itself

08:35 <clever> cyrozap: the vl805 binary (linux, static) and recovery.bin binary (vpu, static), will poke at the address+data registers, to remotely trigger MMIO within the vl805, hijacking its spi controller, to relfash things

08:36 <clever> cyrozap: on more recent rpi4b boards, the vl805 flash is missing (penny pinching), and the same addr+data registers are used to manually write a loader into the vl805 addr space, and start up the firmware

08:37 <clever> cyrozap: but they didnt want to document it, and you have to manually re-init it after moving that scratch space, so after linux moves it, you have to poke the firmware via the mailbox

09:15 <cyrozap> clever: Uh, are you _sure_ VC4 is based on ARC?

09:17 <cyrozap> Also, I just found some VL805 firmware, and it's unmistakably 8051 code. I didn't even have to run it through cpu_rec since it had the standard 8051 vector table.

09:18 <clever> cyrozap: several sources say VC4 is arc based, but one says they modified it heavily to support 80bit opcodes

09:19 <clever> cyrozap: i have 3 different vl805 files, vl805hub.bin and vl805mcu.bin are used when the eeprom is missing

09:20 <clever> cyrozap: vl805-000137ad.bin vl805-000138a1.bin are vl805 spi flash images

09:20 <clever> let me try loading all of them as 8051...

09:23 <clever> cyrozap: 8051 looks to be 16bit based? so it would have trouble with a 97kb flash image...

09:25 <cyrozap> Ohh, wait, I may have been looking at a wrong firmware...

09:27 <clever> https://github.com/raspberrypi/rpi-eeprom/tree/master/firmware/critical

09:27 <clever> cyrozap: these are the eeprom images for the dedicated vl805 flash

09:28 <clever> but those only work on the original rpi4b boards (and dedicated pci-e cards)

09:28 <clever> i have talked to one user, that successfully flashed a pi .bin file to an x86 card, and it fixed a uas bug

09:28 <clever> but it also disabled 2 usb ports

09:41 <cyrozap> clever: Yeah, I'm looking at those now. I actually still think it's an 8051, since both binwalk (using cpu_rec) and at51 (https://github.com/8051Enthusiast/at51) both identified the first few 8kB or so as 8051 code, and the rest just looks like data. And despite being an 8-bit micro with a 16-bit bus for accessing "external data", many 8051 implementations use an SFR byte as a "page select", so you can

09:41 <cyrozap> effectively have 24 address bits, which is generally "good enough" for most 8051 applications.

09:42 <cyrozap> But to disassemble, you'll want to relocate the file so address zero is at file offset 0x80, since that's where the code starts.

09:42 <clever> ah, so drop the first 0x80 bytes?

09:42 <clever> when importing the eeprom?

09:42 <clever> probably a header of some kind?

09:43 <cyrozap> Yeah, it looks really similar (though not the same) as the header they use for their USB 3.x hub chips: https://github.com/cyrozap/usb-hub-re/blob/aee44ff7f0891252e20b87a0ec6cdc676d73bc44/vl81x/vl81x_fw.ksy

09:45 <clever> that 0x80 offset makes it look slightly better

09:52 <cyrozap> Yup, definitely 8051 code. Looks like there's only about 12kB of it. It's using the Reset and External Interrupt 0 vectors.

09:53 <clever> thats the 2 jumps at offset 0 and 3?

10:01 <cyrozap> Yup.

10:01 <clever> guessing that 0 is reset, and 3 is interrupt 0?

10:02 <cyrozap> Yes, you can read more about the 8051's interrupts in the SDCC manual, section 3.8.2: http://sdcc.sourceforge.net/doc/sdccman.pdf

10:03 <clever> i can see that the irq0 code is clearly pushing a bunch of state onto the stack, calling the real handler, then popping once more

10:04 <clever> thats pretty unique, and would let you figure out the load offset

10:04 <clever> since the vector table is using absolute jumps

10:06 <cyrozap> Unfortunately, this code doesn't look very fun to RE, since there are no strings, no guarantee of there being any kind of UART peripheral to interact through, and no point of reference to figure out the memory map.

10:07 <clever> cyrozap: there is an spi controller, and i think its already been RE'd

10:07 <clever> https://paste.flashrom.org/view.php?id=3253

10:08 <clever> cyrozap: there is a pair of pci registers at offset 0x78 and 0x7c, 78 is a 16bit addr, and 7c is an 8bit? addr

10:08 <clever> cyrozap: that lets you peek/poke any address within the 16bit space of the vl805

10:08 <clever> 0x400d0 and 0x400e0 are the register for the pending spi output byte, and the last spi byte in

10:09 <clever> 0x400f0 will trigger an spi byte exchange upon a certain write

10:09 <cyrozap> For the ASM1142 (and related chips), there's strings in the binary, UART exposed on the chip, and I already had memory read/write capability through PCIe, which I was able to use to dump the mask ROM and XRAM/XDATA, and I was able to probe the XDATA address space by making strategic writes to the PCI address space of the chip.

10:10 <cyrozap> clever: Oh, good, so you also are able to read and write memory from the chip's firmware's point of view through PCIe.

10:10 <clever> yep

10:10 <cyrozap> That should make things easier.

10:10 <clever> https://github.com/raspberrypi/rpi-eeprom/tree/master/firmware

10:11 <clever> the vl805 binary in here, is a static arm-linux binary

10:11 <clever> it uses that pci-e stuff above, to hijack the spi controller inside the vl805, and reflash the spi

10:11 <clever> i worked with carldani to RE it, and he wrote the flashrom diff above

10:11 <clever> so now flashrom can control the spi, and reflash it

10:13 <clever> cyrozap: ok, thats weird, 8051 is 16bit, but 0x400d0 is 20 bits...

10:15 <cyrozap> clever: Like I said, the chip may support paged memory, so that could very well just be "address 0x00d0 on the 4th 64k page".

10:15 <clever> yeah

10:16 <clever> 0x400fc is the spi chip-enable

10:16 <clever> which is either specific to the spi controller, or maybe just gpio

10:18 <clever> when doing `mov r3, bank0_r7`, which one is src and dst? intel vs at&t made this a nightmare :P

10:23 <clever> ive got 5 different binaries been trying to TE

10:24 <clever> 1: the VPU binaries (maskrom, bootcode.bin, recovery.bin, start(4).elf), varing levels of strings, but ive got uart and a full gcc suite

10:24 <clever> 2: the VCE blobs (h264 and mpeg2 decode related), zero clue whats going on

10:25 <clever> 3: the ddr4 firmware blobs, also no clue yet whats going on

10:26 <clever> was counting the VPU ones seperately initially

10:33 <clever> ah, starting to read the reset function, and i'm seeing familiar patterns, it looks like its zeroing out the internal ram, starting at 0x7f, and working down to 0x00

10:33 <clever> and only when thats done, does it set SP=0x60

10:37 <clever> now that i know its 8051, lets see what the other 2 vl805 blobs say...

10:40 <clever> vl805hub.bin, has a pair of ljmp's to 0x2191 and 236c, starting at offsets 1&4...

10:40 <clever> but the file isnt that big...

10:43 <clever> i cant find that irq0 save/restore pattern in either hub or mcu

10:43 <clever> but there is a chance compression may be getting in the way

10:56 <clever> yeah, double-checking things, i'm pretty sure vl805hub.bin and vl805mcu.bin are compressed, and my extractor isnt dealing with that properly

10:56 <clever> so the contents are completely scrambled

11:25 <clever> ok, got the compression out of the way i think

11:26 <clever> and now vl805hub.bin looks very much like the data at offset 0x80, right down to the irq0 save/restore

11:26 <clever> 44 it looks like vl805hub.bin is loaded into target ram one byte at a time

11:26 <clever> 45 then the physical address of vl805mcu.bin is put into a special location

11:26 <clever> 46 then some weird handshake happens, and the vl805 likely DMA's its own firmware from dram->internal-sram

11:27 <clever> cyrozap: according to my notes, hub is some kind of bootloader, which will then do pci bus-mastering to load mcu