Omnimaga

Omnimaga => Our Projects => Ndless => Topic started by: Legimet on September 09, 2013, 09:43:22 pm

Title: Finding Syscalls
Post by: Legimet on September 09, 2013, 09:43:22 pm
I would like to know how Ndless syscalls are found. How do you do it?
Title: Re: Finding Syscalls
Post by: Lionel Debroux on September 10, 2013, 01:41:10 am
Such things are usually found through comparison of disassembly with older versions, and more disassembly :)
Title: Re: Finding Syscalls
Post by: Legimet on September 10, 2013, 06:53:16 pm
So what file has to be disassembled, and what is a good disassembler?
Title: Re: Finding Syscalls
Post by: lkj on September 10, 2013, 08:16:57 pm
You need to disassemble the unencrypted OS. I think the easiest way to get that is dumping the memory to a file in nspire_emu. You can do that with the "wm" command in the integrated debugger.
IDA is the normally used disassembler.
Title: Re: Finding Syscalls
Post by: Legimet on September 10, 2013, 09:14:41 pm
OK, I'll take a look at IDA. What arguments should I pass to wm? It looks like you need the start address and the size.
Title: Re: Finding Syscalls
Post by: Lionel Debroux on September 11, 2013, 01:22:19 am
The boot1 is loaded at 0 (when execution starts - it's unmapped later), the boot2 and diags are loaded at 0x11800000, the OS is loaded at 0x10000000.
Title: Re: Finding Syscalls
Post by: Legimet on September 11, 2013, 08:05:22 pm
Thanks, I got it disassembled. :)