pine64 / bl602-re Goto Github PK

Link: https://github.com/cuihf1990/Alios_SDK/tree/edd416e7d2961db42c2100ac2d6237ee527d1aee/platform/mcu/moc108/mx108/mx378/ip
In the current repository only header files are given.

Currently all functions in the object files from .a is compiled into seperated segments, thus all function calls between these functions even within the same object file are relocatable symbols. Objdump cannot provide the correct link to the target, neither Ghdira nor radare does so.

It also seems that riscv toolchain in 32bits cannot link shared library correctly since it's only supported in riscv64-linux.

We might ended up with compiling and link a minimal executable without stripping the symbols and unused function and analysis based on that executable.

Can there be a TODO List to get new people onboarded.

the core is a Sifive E25

in qemu:
The sifive_e machine models SiFive's E Series Freedom Everywhere cores. It models an embedded microcontroller with no MMU, Machine and User modes. It has CLINT, PLIC, and SiFive UART devices. It is compatible with HiFive1 binaries and emulates enough hardware for the board support packages to run, as well as the SiFive Core IP family of RISC-V implementations.

if we run the lib in a emulator we could observe what registers/addresses that are written and then try to map function calls with register writes.

previous work on RV32 and RV64
https://delaat.net/rp/2019-2020/p49/report.pdf

https://reverseengineering.stackexchange.com/questions/22558/reversing-a-key-gen-firmware-for-risc-v

Ghidra release do not support Risc-V but if you install from source it does.

I've created the channel #pine64-ble602 on chat.freenode.net. If there is a better channel or network, please comment details below and I'll switch over.