annotate target-utils/tf-breakin/payload.S @ 1012:93f4fc26b204

fc-shell: arbitrary send command implemented in one-shot mode
author Mychaela Falconia <falcon@ivan.Harhan.ORG>
date Sun, 20 Mar 2016 22:06:11 +0000
parents 7166c8311b0d
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
356
4e0aa166baa5 target-utils/tf-breakin: payload written for the TF C139 break-in attempt
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff changeset
1 .text
4e0aa166baa5 target-utils/tf-breakin: payload written for the TF C139 break-in attempt
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff changeset
2 .org 0
983
7166c8311b0d tfc139 reworked to support both ARM and Thumb entry
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 356
diff changeset
3
7166c8311b0d tfc139 reworked to support both ARM and Thumb entry
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 356
diff changeset
4 @ allow entry in Thumb state
7166c8311b0d tfc139 reworked to support both ARM and Thumb entry
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 356
diff changeset
5 .code 16
7166c8311b0d tfc139 reworked to support both ARM and Thumb entry
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 356
diff changeset
6 bx pc
7166c8311b0d tfc139 reworked to support both ARM and Thumb entry
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 356
diff changeset
7 nop
7166c8311b0d tfc139 reworked to support both ARM and Thumb entry
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 356
diff changeset
8
356
4e0aa166baa5 target-utils/tf-breakin: payload written for the TF C139 break-in attempt
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff changeset
9 .code 32
4e0aa166baa5 target-utils/tf-breakin: payload written for the TF C139 break-in attempt
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff changeset
10
4e0aa166baa5 target-utils/tf-breakin: payload written for the TF C139 break-in attempt
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff changeset
11 @ set CPSR like mot931c payload does
4e0aa166baa5 target-utils/tf-breakin: payload written for the TF C139 break-in attempt
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff changeset
12 msr CPSR_c, #0xd3
4e0aa166baa5 target-utils/tf-breakin: payload written for the TF C139 break-in attempt
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff changeset
13 @ disable the watchdog
4e0aa166baa5 target-utils/tf-breakin: payload written for the TF C139 break-in attempt
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff changeset
14 ldr r1, =0xfffff802
4e0aa166baa5 target-utils/tf-breakin: payload written for the TF C139 break-in attempt
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff changeset
15 mov r0, #0xf5
4e0aa166baa5 target-utils/tf-breakin: payload written for the TF C139 break-in attempt
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff changeset
16 strh r0, [r1, #2]
4e0aa166baa5 target-utils/tf-breakin: payload written for the TF C139 break-in attempt
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff changeset
17 mov r0, #0xa0
4e0aa166baa5 target-utils/tf-breakin: payload written for the TF C139 break-in attempt
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff changeset
18 strh r0, [r1, #2]
4e0aa166baa5 target-utils/tf-breakin: payload written for the TF C139 break-in attempt
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff changeset
19 @ MODEM UART
4e0aa166baa5 target-utils/tf-breakin: payload written for the TF C139 break-in attempt
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff changeset
20 ldr r6, =0xffff5800
4e0aa166baa5 target-utils/tf-breakin: payload written for the TF C139 break-in attempt
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff changeset
21 @ wait for any previous output to flush out
4e0aa166baa5 target-utils/tf-breakin: payload written for the TF C139 break-in attempt
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff changeset
22 1: ldrb r0, [r6, #5]
4e0aa166baa5 target-utils/tf-breakin: payload written for the TF C139 break-in attempt
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff changeset
23 tst r0, #0x20
4e0aa166baa5 target-utils/tf-breakin: payload written for the TF C139 break-in attempt
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff changeset
24 beq 1b
4e0aa166baa5 target-utils/tf-breakin: payload written for the TF C139 break-in attempt
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff changeset
25 @ send our indication
4e0aa166baa5 target-utils/tf-breakin: payload written for the TF C139 break-in attempt
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff changeset
26 adr r1, outstr
4e0aa166baa5 target-utils/tf-breakin: payload written for the TF C139 break-in attempt
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff changeset
27 mov r2, #6
4e0aa166baa5 target-utils/tf-breakin: payload written for the TF C139 break-in attempt
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff changeset
28 1: ldrb r0, [r1], #1
4e0aa166baa5 target-utils/tf-breakin: payload written for the TF C139 break-in attempt
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff changeset
29 strb r0, [r6]
4e0aa166baa5 target-utils/tf-breakin: payload written for the TF C139 break-in attempt
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff changeset
30 subs r2, r2, #1
4e0aa166baa5 target-utils/tf-breakin: payload written for the TF C139 break-in attempt
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff changeset
31 bne 1b
4e0aa166baa5 target-utils/tf-breakin: payload written for the TF C139 break-in attempt
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff changeset
32 @ wait for this output to go out to the TxD pin
4e0aa166baa5 target-utils/tf-breakin: payload written for the TF C139 break-in attempt
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff changeset
33 1: ldrb r0, [r6, #5]
4e0aa166baa5 target-utils/tf-breakin: payload written for the TF C139 break-in attempt
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff changeset
34 tst r0, #0x40
4e0aa166baa5 target-utils/tf-breakin: payload written for the TF C139 break-in attempt
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff changeset
35 beq 1b
4e0aa166baa5 target-utils/tf-breakin: payload written for the TF C139 break-in attempt
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff changeset
36 @ enable the Calypso boot ROM
4e0aa166baa5 target-utils/tf-breakin: payload written for the TF C139 break-in attempt
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff changeset
37 ldr r1, =0xFFFFFB10
4e0aa166baa5 target-utils/tf-breakin: payload written for the TF C139 break-in attempt
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff changeset
38 mov r2, #0x0100
4e0aa166baa5 target-utils/tf-breakin: payload written for the TF C139 break-in attempt
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff changeset
39 strh r2, [r1]
4e0aa166baa5 target-utils/tf-breakin: payload written for the TF C139 break-in attempt
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff changeset
40 @ jump to it!
4e0aa166baa5 target-utils/tf-breakin: payload written for the TF C139 break-in attempt
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff changeset
41 mov pc, #0
983
7166c8311b0d tfc139 reworked to support both ARM and Thumb entry
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 356
diff changeset
42 .ltorg
356
4e0aa166baa5 target-utils/tf-breakin: payload written for the TF C139 break-in attempt
Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
parents:
diff changeset
43 outstr: .byte 2,2,2,'O','K',2