Address Galore !
Sorry, I don't understand. What is the difference between these two addresses?
I need to better understand the memory map. Do you have some kind of rudimentary memory map or something that can help me understand this? I feel the ∇(Learning rate) is going well beyond my super powers! It would be very helpful see how it would relate to another known memory map. For example, this one for the MSM7x25A.
1) I don't understand, how these cannot be GPIO's. The boot configuration is certainly decided by off-chip resistors (connected to GPIOs). So what are you saying? I suppose I don't quite understand these SFR's...
2) Again, what is that (0x88eff000) memory location?
For our phone it would need to be 0x8834.
That's the end of the function that checks if the secure boot bit is enabled, so by setting r0 to 0 you just force it to return false. The specific value that determines whether secboot is on is at 0x706038 in memory, 5th bit (0x20). If set, secboot is on.
Sorry, I don't understand. What is the difference between these two addresses?
I need to better understand the memory map. Do you have some kind of rudimentary memory map or something that can help me understand this? I feel the ∇(Learning rate) is going well beyond my super powers! It would be very helpful see how it would relate to another known memory map. For example, this one for the MSM7x25A.
... It's logical to assume the special function registers (SFRs) are all located within the same block of memory. SFRs will appear to be a location in memory....These SFRs tell the device where to boot from and they are tied directly to the resistors outside of the processor. ... Though they are accessed the same way as the rest of the memory, they are actually digital inputs like GPIOs.
1) I don't understand, how these cannot be GPIO's. The boot configuration is certainly decided by off-chip resistors (connected to GPIOs). So what are you saying? I suppose I don't quite understand these SFR's...
2) Again, what is that (0x88eff000) memory location?
TO ALL:
Please! From now on let's try to not posting memory locations without specifying:
a) What they represent or what function you think they have.
b) How they were obtained. (Through disassembly, documentation or other forms of specified RE method.)
c) What part of memory were dealing with. (physical, virtual)
d) What tool you used to read/write this location, so that we can verify & reproduce the result by ourselves. (viewmem, lime, etc.)
This will help eliminate crosstalk and various obvious followup questions like above.
Please! From now on let's try to not posting memory locations without specifying:
a) What they represent or what function you think they have.
b) How they were obtained. (Through disassembly, documentation or other forms of specified RE method.)
c) What part of memory were dealing with. (physical, virtual)
d) What tool you used to read/write this location, so that we can verify & reproduce the result by ourselves. (viewmem, lime, etc.)
This will help eliminate crosstalk and various obvious followup questions like above.
Attachments
Last edited: