Release Qoob Bios Lonewolf

[disco]

bonjour

qq s'est il penche sur ce dump

perso j'en suis la

le but est de reprogrammer le hardware d'une ninja pour faire tourner dessu un bios qoob

ROM:80F03F64 loc_80F03F64: # CODE XREF: ROM:80F03F6Cj

ROM:80F03F64 lwz %r0, 0(%r10)

ROM:80F03F68 andi. %r22, %r0, 1

ROM:80F03F6C bne loc_80F03F64

ROM:80F03F70 subf. %r7, %r11, %r7

ROM:80F03F74 add %r8, %r8, %r11

ROM:80F03F78 bne loc_80F03F34

ROM:80F03F7C lis %r9, 0xCC00 # 0xCC006800

ROM:80F03F80 lis %r28, 0xCC00 # 0xCC006810

ROM:80F03F84 ori %r9, %r9, 0x6800 # 0xCC006800

ROM:80F03F88 lis %r3, 0xCC00 # 0xCC00680C

ROM:80F03F8C lwz %r0, 0(%r9)

ROM:80F03F90 lis %r4, 0x4000 # 0x40000A00

ROM:80F03F94 mr %r6, %r31

ROM:80F03F98 mr %r5, %r9

ROM:80F03F9C rlwinm %r0, %r0, 0,24,22

ROM:80F03FA0 ori %r28, %r28, 0x6810 # 0xCC006810

ROM:80F03FA4 stw %r0, 0(%r9)

ROM:80F03FA8 ori %r3, %r3, 0x680C # 0xCC00680C

ROM:80F03FAC ori %r4, %r4, 0xA00 # 0x40000A00

ROM:80F03FB0 li %r29, 0

ROM:80F03FB4 li %r31, 0x35

ROM:80F03FB8

ROM:80F03FB8 loc_80F03FB8: # CODE XREF: ROM:80F0405Cj

ROM:80F03FB8 lwz %r0, 0(%r5) # initialisation

ROM:80F03FBC ori %r0, %r0, 0x150 # du bus

ROM:80F03FC0 stw %r0, 0(%r5) # exi

ROM:80F03FC4 stw %r4, 0(%r28) # 40000A00 dans registre data

ROM:80F03FC8 stw %r31, 0(%r3) # initialise pour write imm dword

ROM:80F03FCC

ROM:80F03FCC loc_80F03FCC: # CODE XREF: ROM:80F03FD4j

ROM:80F03FCC lwz %r0, 0(%r3) # lecture registre controle

ROM:80F03FD0 andi. %r9, %r0, 1

ROM:80F03FD4 bne loc_80F03FCC # boucle attente fin comunication

ROM:80F03FD8 lis %r10, 0xCC00 # 0xCC006810

ROM:80F03FDC lis %r7, 0xCC00 # 0xCC00680C

ROM:80F03FE0 ori %r10, %r10, 0x6810 # 0xCC006810 # data register

ROM:80F03FE4 ori %r7, %r7, 0x680C # 0xCC00680C # control register

ROM:80F03FE8 addi %r8, %sp, 0x1D8

ROM:80F03FEC li %r27, 1 # nbr d'octet a lire

ROM:80F03FF0 li %r12, 0 # bourage

ROM:80F03FF4 li %r30, 0x31 # init pour lect. dword immediate

ROM:80F03FF8

ROM:80F03FF8 loc_80F03FF8: # CODE XREF: ROM:80F04034j

ROM:80F03FF8 cmpwi cr7, %r27, 4 # si + 4 octet a lire

ROM:80F03FFC mr %r9, %r27 # on fera plusieur boucle

ROM:80F04000 ble cr7, loc_80F04008 # boucle

ROM:80F04004 li %r9, 4 # boucle

ROM:80F04008

ROM:80F04008 loc_80F04008: # CODE XREF: ROM:80F04000j

ROM:80F04008 lis %r11, 0xCC00 # 0xCC00680C

ROM:80F0400C stw %r12, 0(%r10) # ecrit x0 dans registre data

ROM:80F04010 ori %r11, %r11, 0x680C # 0xCC00680C

ROM:80F04014 stw %r30, 0(%r7) # x31 dans registre controle

ROM:80F04018

ROM:80F04018 loc_80F04018: # CODE XREF: ROM:80F04020j

ROM:80F04018 lwz %r0, 0(%r11) # boucle

ROM:80F0401C andi. %r22, %r0, 1 # attente

ROM:80F04020 bne loc_80F04018 # fin comunication

ROM:80F04024 lwz %r0, 0(%r10) # lecture data

ROM:80F04028 subf. %r27, %r9, %r27 # alimente boucle si + 4 octet a lire

ROM:80F0402C stw %r0, 0(%r8) # copi data a adres r8

ROM:80F04030 addi %r8, %r8, 4 # progression compteur addresse

ROM:80F04034 bne loc_80F03FF8 # boucle si +4 octet a lire

ROM:80F04038 lwz %r0, 0(%r5) # repureration statut register

ROM:80F0403C addi %r29, %r29, 1 # incrementation compteur

ROM:80F04040 cmpwi cr7, %r29, 7 # on ferat 8 tours

ROM:80F04044 addi %r4, %r4, 0x40 # incrementation adresse de lecture

ROM:80F04048 rlwinm %r0, %r0, 0,24,22 # recuperation des bit device select

ROM:80F0404C stw %r0, 0(%r5) # reinitiallisation du bus exi

ROM:80F04050 lbz %r0, 0x1D8(%sp)

ROM:80F04054 stb %r0, 0(%r6)

ROM:80F04058 addi %r6, %r6, 1 # compteur adresse octet

ROM:80F0405C ble cr7, loc_80F03FB8 # boucle pour 8 tour

ROM:80F04060 lis %r0, 0xA851 # 0xA8514E61

ROM:80F04064 lwz %r9, 0x1C8(%sp)

ROM:80F04068 ori %r0, %r0, 0x4E61 # 0xA8514E61

ROM:80F0406C cmpw cr7, %r9, %r0

ROM:80F04070 beq cr7, loc_80F0407C

ROM:80F04074 lis %r9, ((aFake+0x10000)@h) # "FAKE!"

ROM:80F04078 subi %r26, %r9, 0x310C # aFake

ROM:80F0407C

ROM:80F0407C loc_80F0407C: # CODE XREF: ROM:80F04070j

ROM:80F0407C lis %r9, ((aHw0Sw1_3c+0x10000)@h) # "hw0 sw1.3c"

ROM:80F04080 lwz %r0, -0x3920(%r19)

ROM:80F04084 subi %r9, %r9, 0x3104 # aHw0Sw1_3c

ROM:80F04088 addi %r31, %sp, 0x160

ROM:80F0408C lswi %r5, %r9, 0xB

qi qq a plus d'info suis preneur

accepte toute remarque sur la validite du desassemblage

a+

Modifié 26 juin 2006 par disco