codenaschen.de » April 2011 » IDA Blackfin Plugin
Blackfin Processor Plugin for IDA Pro
Last month i buyed a Rigol DS1052e digital memory oscilloscope. I read that there is a easy way to patch it from 50MHz to 100MHz bandwith by sending some simple commands to his serial interface. Unfortunately i got a newer firmware version where this 'feature' was deactivated. And there was no known way to patch it. So i got the idea to reverse engineer the scope.
A firmware image was found fastly, but to find a Blackfin disassembler was a real problem. The only one i found was objdump from the Blackfin toolchain. Because i don't want to struggle myself by grepping through a huge textfile, i had to write my own disassembler.
Because IDA Pro from hexworks is one of the best reverse engineering tools on the market, i decided to write a processor plugin for it. My plugin is based upon the 'Simply Python Byte Code Module' from Chris Eagle and the Blackfin disassemler part of libopcodes.
Update: In the meantime there exists a possibility to downgrade the oscilloscope and patch it, but i didn't tried it yet.
Features
- Disassemble Blackfin instructions...obviously...
- Syntax highlighting
- Code-/Data- references
- Memory Mapped Register adresses for ADSP-BF53x/ADSP-BF56x
Todos and Known Bugs
- Function frame sizes are sometimes wrong
- Add known function starts/ends
- Some coloring problems
- LOOP references missing
- Offset references missing
- Add DMA registers for BF561
Source Code
You can find the source code on my github site.
You can checkout the recent code with
git clone git://github.com/krater/Blackfin-IDA-Pro-Plugin.git
or download the tarball direct over https://github.com/krater/Blackfin-IDA-Pro-Plugin/tarball/idabfin-1.0
Feel free to contact me for feedback and questions at andreas(at)schulerdev.de.
License
This code is released under the terms of the GNU GENERAL PUBLIC LICENSE Version 2