E le karolo ea kopano 0x0A DC7831 Ka la 16 February, re ile ra hlahisa tlaleho ka melao-motheo ea ho etsisa binary khoutu le ntshetsopele ya rona - e hardware sethaleng emulator. .
Sehloohong sena re tla hlalosa mokhoa oa ho tsamaisa firmware ea sesebelisoa ho emulator, ho bonts'a ho sebelisana le debugger, le ho etsa tlhahlobo e khuts'oane ea firmware.
prehistory
Khale ka har'a sehlopha sa linaleli se hole haholo
Lilemong tse 'maloa tse fetileng ka laboratoring ea rona ho ne ho hlokahala ho batlisisa firmware ea sesebelisoa. Firmware e ile ea hatelloa 'me ea buloa ka bootloader. O entse sena ka tsela e rarahaneng haholo, a fetola boitsebiso ka mohopolong ka makhetlo a 'maloa. 'Me firmware ka boeona e ile ea sebelisana ka mafolofolo le li-peripherals. 'Me sena sohle se ho MIPS mantlha.
Ka mabaka a sepheo, li-emulator tse teng li ne li sa re tšoanele, empa re ne re ntse re batla ho tsamaisa khoutu. Eaba re etsa qeto ea ho iketsetsa emulator ea rona, e neng e tla etsa bonyane mme e re lumelle ho manolla firmware ea mantlha. Re e lekile mme ya sebetsa. Re ile ra nahana, ho thoe'ng haeba re eketsa li-peripherals ho etsa firmware ea mantlha. Ha ea ka ea utloisa bohloko haholo - 'me le eona e ile ea sebetsa. Re ile ra nahana hape 'me ra etsa qeto ea ho etsa emulator e feletseng.
Phello e bile emulator ea litsamaiso tsa khomphutha .
Ke hobane'ng ha Kopycat?
Ho na le papali ea mantsoe.
- copycat (Senyesemane, lereho [ˈkɒpɪkæt]) - moetsi, moetsisi
- katse (Senyesemane, lereho [ˈkæt]) - katse, katse - phoofolo e ratoang ke e mong oa baqapi ba morero
- Tlhaku "K" e tsoa puong ea lenaneo la Kotlin
Copycat
Ha ho etsoa emulator, ho ne ho behiloe lipakane tse tobileng haholo:
- bokhoni ba ho theha kapele li-peripherals tse ncha, li-module, li-processor cores;
- bokhoni ba ho bokella sesebelisoa sa nnete ho tsoa ho li-module tse fapaneng;
- bokhoni ba ho kenya data leha e le efe ea binary (firmware) mohopolong oa sesebelisoa sa sebele;
- bokhoni ba ho sebetsa ka li-snapshots (lits'oants'o tsa boemo ba sistimi);
- bokhoni ba ho sebelisana le emulator ka ho haha-ka debugger;
- puo e ntle ya kajeno bakeng sa ntshetsopele.
Ka lebaka leo, Kotlin e khethiloe bakeng sa ts'ebetsong, mohaho oa libese (ena ke ha li-modules li buisana ka libese tsa data), JSON e le sebopeho sa tlhaloso ea lisebelisoa, le GDB RSP e le protocol ea ho sebelisana le debugger.
Ntlafatso e 'nile ea tsoela pele ka lilemo tse fetang tse peli' me e ntse e tsoela pele ka mafolofolo. Nakong ena, li-processor tsa MIPS, x86, V850ES, ARM, le PowerPC li kentsoe tšebetsong.
Morero o ntse o hola mme ke nako ea ho e hlahisa ho sechaba ka bophara. Re tla etsa tlhaloso e qaqileng ea morero hamorao, empa hajoale re tla tsepamisa maikutlo ho sebeliseng Kopycat.
Bakeng sa ba hlokang mamello ka ho fetesisa, mofuta oa promo oa emulator o ka khoasolloa ho tsoa .
Tšhukudu ka emulator
A re hopoleng hore pejana bakeng sa seboka sa SMARTRHINO-2018, sesebelisoa sa teko "Rhinoceros" se bōpiloe bakeng sa ho ruta litsebo tsa boenjiniere ba reverse. Ts'ebetso ea tlhahlobo ea static firmware e hlalositsoe ho .
Joale a re lekeng ho eketsa "libui" le ho tsamaisa firmware ho emulator.
Re tla hloka:
1) Java 1.8
2) Python le module ho sebelisa Python ka hare ho emulator. U ka etsa mojule oa WHL Jep bakeng sa Windows .
Bakeng sa Windows:
1)
2)
Bakeng sa Linux:
1) socat
U ka sebelisa Eclipse, IDA Pro kapa radare2 joalo ka moreki oa GDB.
Hona e sebetsa?
Bakeng sa ho etsa firmware ho emulator, hoa hlokahala ho "bokella" sesebelisoa sa nnete, e leng analogue ea sesebelisoa sa nnete.
Sesebelisoa sa 'nete ("tšukulu") se ka bontšoa setšoantšong sa block:
Emulator e na le sebopeho sa modular mme sesebelisoa sa ho qetela se ka hlalosoang ka faele ea JSON.
JSON 105 mela
{
"top": true,
// Plugin name should be the same as file name (or full path from library start)
"plugin": "rhino",
// Directory where plugin places
"library": "user",
// Plugin parameters (constructor parameters if jar-plugin version)
"params": [
{ "name": "tty_dbg", "type": "String"},
{ "name": "tty_bt", "type": "String"},
{ "name": "firmware", "type": "String", "default": "NUL"}
],
// Plugin outer ports
"ports": [ ],
// Plugin internal buses
"buses": [
{ "name": "mem", "size": "BUS30" },
{ "name": "nand", "size": "4" },
{ "name": "gpio", "size": "BUS32" }
],
// Plugin internal components
"modules": [
{
"name": "u1_stm32",
"plugin": "STM32F042",
"library": "mcu",
"params": {
"firmware:String": "params.firmware"
}
},
{
"name": "usart_debug",
"plugin": "UartSerialTerminal",
"library": "terminals",
"params": {
"tty": "params.tty_dbg"
}
},
{
"name": "term_bt",
"plugin": "UartSerialTerminal",
"library": "terminals",
"params": {
"tty": "params.tty_bt"
}
},
{
"name": "bluetooth",
"plugin": "BT",
"library": "mcu"
},
{ "name": "led_0", "plugin": "LED", "library": "mcu" },
{ "name": "led_1", "plugin": "LED", "library": "mcu" },
{ "name": "led_2", "plugin": "LED", "library": "mcu" },
{ "name": "led_3", "plugin": "LED", "library": "mcu" },
{ "name": "led_4", "plugin": "LED", "library": "mcu" },
{ "name": "led_5", "plugin": "LED", "library": "mcu" },
{ "name": "led_6", "plugin": "LED", "library": "mcu" },
{ "name": "led_7", "plugin": "LED", "library": "mcu" },
{ "name": "led_8", "plugin": "LED", "library": "mcu" },
{ "name": "led_9", "plugin": "LED", "library": "mcu" },
{ "name": "led_10", "plugin": "LED", "library": "mcu" },
{ "name": "led_11", "plugin": "LED", "library": "mcu" },
{ "name": "led_12", "plugin": "LED", "library": "mcu" },
{ "name": "led_13", "plugin": "LED", "library": "mcu" },
{ "name": "led_14", "plugin": "LED", "library": "mcu" },
{ "name": "led_15", "plugin": "LED", "library": "mcu" }
],
// Plugin connection between components
"connections": [
[ "u1_stm32.ports.usart1_m", "usart_debug.ports.term_s"],
[ "u1_stm32.ports.usart1_s", "usart_debug.ports.term_m"],
[ "u1_stm32.ports.usart2_m", "bluetooth.ports.usart_m"],
[ "u1_stm32.ports.usart2_s", "bluetooth.ports.usart_s"],
[ "bluetooth.ports.bt_s", "term_bt.ports.term_m"],
[ "bluetooth.ports.bt_m", "term_bt.ports.term_s"],
[ "led_0.ports.pin", "u1_stm32.buses.pin_output_a", "0x00"],
[ "led_1.ports.pin", "u1_stm32.buses.pin_output_a", "0x01"],
[ "led_2.ports.pin", "u1_stm32.buses.pin_output_a", "0x02"],
[ "led_3.ports.pin", "u1_stm32.buses.pin_output_a", "0x03"],
[ "led_4.ports.pin", "u1_stm32.buses.pin_output_a", "0x04"],
[ "led_5.ports.pin", "u1_stm32.buses.pin_output_a", "0x05"],
[ "led_6.ports.pin", "u1_stm32.buses.pin_output_a", "0x06"],
[ "led_7.ports.pin", "u1_stm32.buses.pin_output_a", "0x07"],
[ "led_8.ports.pin", "u1_stm32.buses.pin_output_a", "0x08"],
[ "led_9.ports.pin", "u1_stm32.buses.pin_output_a", "0x09"],
[ "led_10.ports.pin", "u1_stm32.buses.pin_output_a", "0x0A"],
[ "led_11.ports.pin", "u1_stm32.buses.pin_output_a", "0x0B"],
[ "led_12.ports.pin", "u1_stm32.buses.pin_output_a", "0x0C"],
[ "led_13.ports.pin", "u1_stm32.buses.pin_output_a", "0x0D"],
[ "led_14.ports.pin", "u1_stm32.buses.pin_output_a", "0x0E"],
[ "led_15.ports.pin", "u1_stm32.buses.pin_output_a", "0x0F"]
]
}Ela hloko parameter firmware karolong lipallo ke lebitso la faele e ka kenngoa ka har'a sesebelisoa sa firmware.
Sesebelisoa sa sebele le tšebelisano ea sona le sistimi e kholo ea ts'ebetso e ka emeloa ke setšoantšo se latelang:
Mohlala oa hajoale oa teko oa emulator o kenyelletsa tšebelisano le likou tsa COM tsa OS e kholo (debug UART le UART bakeng sa mojule oa Bluetooth). Tsena e ka ba likou tsa 'nete tseo lisebelisoa li hokahaneng ho tsona kapa likou tsa COM tse fumanehang (bakeng sa sena u se hloka feela com0com/socat).
Hajoale ho na le mekhoa e 'meli ea mantlha ea ho sebelisana le emulator ho tsoa kantle:
- GDB RSP protocol (ka hona, lisebelisoa tse tšehetsang protocol ena ke Eclipse / IDA / radare2);
- ka hare emulator taelo mola (Argparse kapa Python).
Likou tsa Virtual COM
E le hore u sebelisane le UART ea mochine oa sebele mochine oa sebakeng seo ka ho qetela, o hloka ho etsa li-port tsa COM tse amanang le tsona. Tabeng ea rona, kou e le 'ngoe e sebelisoa ke emulator,' me ea bobeli ke lenaneo la terminal (PuTTY kapa skrine):
E sebelisa com0com
Likou tsa Virtual COM li hlophisitsoe ho sebelisoa sesebelisoa sa ho seta ho tsoa ho com0com kit (mofuta oa console - C: Lifaele tsa Lenaneo (x86) com0comsetupс.exe, kapa mofuta oa GUI - C: Lifaele tsa Lenaneo (x86) com0comsetupg.exe):
Sheba mabokose etsa hore buffer e fete bakeng sa likou tsohle tse bōpiloeng, ho seng joalo emulator e tla emela karabo e tsoang boema-kepeng ba COM.
Ho sebelisa socat
Lits'ebetsong tsa UNIX, likou tsa COM tsa COM li entsoe ka bo eona ke emulator e sebelisang sesebelisoa sa socat; ho etsa sena, hlakisa feela sehlohlolo sa lebitso la boema-kepe ha u qala emulator. socat:.
Khokahano ea mohala oa taelo ea kahare (Argparse kapa Python)
Kaha Kopycat ke kopo ea ho tšelisa, emulator e fana ka likhetho tse peli tsa li-interface tsa taelo bakeng sa ho sebelisana le lintho tsa eona le mefuta-futa: Argparse le Python.
Argparse ke CLI e hahiloeng ho Kopycat 'me e lula e fumaneha ho bohle.
CLI e 'ngoe ke mofetoleli oa Python. Ho e sebelisa, o hloka ho kenya module ea Jep Python mme o lokise emulator hore e sebetse le Python (mofetoleli oa Python o kentsoeng tsamaisong e kholo ea mosebedisi o tla sebelisoa).
Ho kenya mochine oa Python Jep
Tlas'a Linux Jep e ka kenngoa ka pip:
pip install jepHo kenya Jep ho Windows, o tlameha ho qala ka ho kenya Windows SDK le Microsoft Visual Studio e tsamaisanang le eona. Re entse hore ho be bonolo ho uena le JEP bakeng sa mefuta ea hajoale ea Python bakeng sa Windows, kahoo mojule o ka kenngoa ho tsoa faeleng:
pip install jep-3.8.2-cp27-cp27m-win_amd64.whlHo hlahloba ho kenngoa ha Jep, o hloka ho matha molaong oa taelo:
python -c "import jep"Molaetsa o latelang o lokela ho amoheloa e le karabo:
ImportError: Jep is not supported in standalone Python, it must be embedded in Java.Ho faele ea emulator batch bakeng sa sistimi ea hau (copycat.bat - bakeng sa Windows, copycat - bakeng sa Linux) lethathamong la liparamente DEFAULT_JVM_OPTS eketsa parameter e eketsehileng Djava.library.path - e tlameha ho ba le tsela e eang ho mojule oa Jep o kentsoeng.
Sephetho sa Windows e lokela ho ba mola o kang ona:
set DEFAULT_JVM_OPTS="-XX:MaxMetaspaceSize=256m" "-XX:+UseParallelGC" "-XX:SurvivorRatio=6" "-XX:-UseGCOverheadLimit" "-Djava.library.path=C:/Python27/Lib/site-packages/jep"Ho qala Kopycat
The emulator ke console JVM kopo. Ho qala ho etsoa ka script ea taelo ea tsamaiso ea tsamaiso (sh/cmd).
Laela ho sebetsa tlasa Windows:
binkopycat -g 23946 -n rhino -l user -y library -p firmware=firmwarerhino_pass.bin,tty_dbg=COM26,tty_bt=COM28Laela ho sebetsa tlas'a Linux u sebelisa socat utility:
./bin/kopycat -g 23946 -n rhino -l user -y library -p firmware=./firmware/rhino_pass.bin, tty_dbg=socat:./COM26,tty_bt=socat:./COM28-g 23646- Boema-kepe ba TCP bo tla buloa bakeng sa ho fihlella seva sa GDB;-n rhino- lebitso la mojule oa mantlha oa sistimi (sesebelisoa se kopaneng);-l user- lebitso la laeborari ho batla mojule oa mantlha;-y library- tsela ea ho batla li-module tse kenyellelitsoeng sesebelisoa;firmwarerhino_pass.bin- tsela ea ho ea faeleng ea firmware;- COM26 le COM28 ke likou tsa COM tse fumanehang.
Ka lebaka leo, molaetsa o tla hlaha Python > (kapa Argparse >):
18:07:59 INFO [eFactoryBuilder.create ]: Module top successfully created as top
18:07:59 INFO [ Module.initializeAndRes]: Setup core to top.u1_stm32.cortexm0.arm for top
18:07:59 INFO [ Module.initializeAndRes]: Setup debugger to top.u1_stm32.dbg for top
18:07:59 WARN [ Module.initializeAndRes]: Tracer wasn't found in top...
18:07:59 INFO [ Module.initializeAndRes]: Initializing ports and buses...
18:07:59 WARN [ Module.initializePortsA]: ATTENTION: Some ports has warning use printModulesPortsWarnings to see it...
18:07:59 FINE [ ARMv6CPU.reset ]: Set entry point address to 08006A75
18:07:59 INFO [ Module.initializeAndRes]: Module top is successfully initialized and reset as a top cell!
18:07:59 INFO [ Kopycat.open ]: Starting virtualization of board top[rhino] with arm[ARMv6Core]
18:07:59 INFO [ GDBServer.debuggerModule ]: Set new debugger module top.u1_stm32.dbg for GDB_SERVER(port=23946,alive=true)
Python >Tšebelisano le IDA Pro
Ho nolofatsa tlhahlobo, re sebelisa firmware ea Rhino e le mohloli oa faele bakeng sa tlhahlobo ho IDA ka foromo (tsebiso ea meta e bolokiloe moo).
U ka sebelisa firmware ea mantlha ntle le tlhaiso-leseling ea meta.
Kamora ho qala Kopycat ho IDA Pro, ho menu ea Debugger e ea nthong "Fetola debugger..."'me u khethe"Remote GDB debugger". Ka mor'a moo, theha khokahano: menu Debugger - Likhetho tsa ts'ebetso…
Beha litekanyetso:
- Kopo - boleng bofe kapa bofe
- Lebitso la moamoheli: 127.0.0.1 (kapa aterese ea IP ea mochini o hole moo Kopycat e sebetsang teng)
- Port: 23946
Joale konopo ea debugging e ea fumaneha (senotlolo sa F9):
E tobetse ho hokela mojuleng oa debugger ho emulator. IDA e kena mokhoeng oa ho lokisa liphoso, lifensetere tse eketsehileng lia fumaneha: tlhahisoleseling mabapi le lirekoto, mabapi le stack.
Hona joale re ka sebelisa likarolo tsohle tse tloaelehileng tsa debugger:
- mohato ka mohato ho phethahatsa litaelo (Kenella ho kena и Tloha - linotlolo F7 le F8, ka ho latellana);
- ho qala le ho emisa ho etsa;
- ho theha libaka tsa phomolo bakeng sa khoutu le data (senotlolo sa F2).
Ho hokela ho debugger ha ho bolele ho tsamaisa khoutu ea firmware. Boemo ba hona joale ba ho phethahatsa e tlameha ho ba aterese 0x08006A74 - qalo ya tshebetso Seta_Handler. Haeba o theolela tlase lethathamong, o ka bona mohala oa tšebetso ka sehloohong. U ka beha sekhesa moleng ona (aterese 0x08006ABE) ebe o etsa opereishene Matha ho fihlela khesara (senotlolo F4).
E latelang, o ka tobetsa F7 ho kenya tšebetsong ka sehloohong.
Haeba u tsamaisa taelo Tsoela pele ka ts'ebetso (F9 key), ebe fensetere ea "Ke kopa o eme" e tla hlaha ka konopo e le 'ngoe Emisa:
Ha o tobetsa Emisa Ts'ebetso ea khoutu ea firmware e emisitsoe mme e ka tsoela pele ho tloha atereseng e le 'ngoe ho khoutu moo e ileng ea sitisoa.
Haeba u tsoela pele ho sebelisa khoutu, u tla bona mela e latelang liteisheneng tse hokahantsoeng le likoung tsa COM tse fumanehang:
Ho ba teng ha mohala oa "state bypass" ho bonts'a hore mojule oa Bluetooth o fetelletseng mokhoeng oa ho amohela data ho tsoa koung ea COM ea mosebelisi.
Hona joale ho terminal ea Bluetooth (COM29 setšoantšong) o ka kenya litaelo ho latela protocol ea Rhino. Mohlala, taelo ea "MEOW" e tla khutlisetsa mohala "mur-mur" ho terminal ea Bluetooth:
Etsise 'na ka ho feletseng
Ha u haha emulator, u ka khetha boemo ba lintlha / mohlala oa sesebelisoa se itseng. Mohlala, mojule oa Bluetooth o ka etsisoa ka mekhoa e fapaneng:
- sesebelisoa se etsisoa ka botlalo ka sete e felletseng ea litaelo;
- Litaelo tsa AT li etsisoa, 'me phallo ea data e amoheloa ho tsoa koung ea COM ea sistimi e kholo;
- sesebelisoa sa sebele se fana ka redirection e feletseng ea data ho sesebelisoa sa sebele;
- joalo ka stub e bonolo e lulang e khutlisa "OK".
Mofuta oa hajoale oa emulator o sebelisa mokhoa oa bobeli - mojule oa Bluetooth o hlophisitsoeng o etsa tlhophiso, ka mor'a moo o fetohela mokhoeng oa "proxying" data ho tloha boema-kepeng ba COM ea sistimi e kholo ho ea boema-kepeng ba UART ba emulator.
A re nahaneng ka monyetla oa ho sebelisa lisebelisoa tse bonolo tsa khoutu haeba karolo e itseng ea periphery e sa sebelisoe. Mohlala, haeba sebali se ikarabellang bakeng sa ho laola phetiso ea data ho DMA ha se so thehoe (cheke e etsoa ts'ebetsong. ws2812b_emae fumanehang ho 0x08006840), joale firmware e tla lula e emetse hore folakha e tsosolosoe phathahanee fumanehang ho 0x200004C4e bonts'ang ho lula ha mohala oa data oa DMA:
Re ka potoloha boemo bona ka ho seta folakha bocha phathahane hang ka mor'a ho e kenya. Ho IDA Pro, o ka theha ts'ebetso ea Python 'me oa e bitsa sebakeng sa phomolo,' me u behe sebaka sa phomolo ka boeona khoutu ka mor'a ho ngola boleng ba 1 ho folakha. phathahane.
Motho ea sebetsanang le Breakpoint
Taba ea pele, ha re theheng mosebetsi oa Python ho IDA. Lenane Faele - Taelo ya Script...
Kenya snippet e ncha lethathamong le ka letsohong le letšehali, u fane ka lebitso (mohlala, BPT),
Karolong ea mongolo ka ho le letona, kenya khoutu ea tšebetso:
def skip_dma():
print "Skipping wait ws2812..."
value = Byte(0x200004C4)
if value == 1:
PatchDbgByte(0x200004C4, 0)
return False
Ka mor'a moo re tobetsa Matha ebe o koala fensetere ea script.
Joale ha re ee ho khoutu ho 0x0800688A, seta sebaka sa ho senya (senotlolo sa F2), se hlophise (menu ea litaba Fetola sebaka sa ho arohana...), u se ke ua lebala ho beha mofuta oa script ho Python:
Haeba boleng ba hona joale ba folakha phathahane e lekana le 1, joale o lokela ho phethahatsa ts'ebetso tlola_dma moleng oa script:
Haeba o tsamaisa firmware bakeng sa ts'ebetso, o ka bona ho ts'oaroa ha khoutu ea "breakpoint handler" fensetereng ea IDA. khumo ka mola Skipping wait ws2812.... Hona joale firmware e ke ke ea emela hore folakha e tsosolosoe phathahane.
Tšebelisano le emulator
Ho etsisa molemong oa ho etsisa ha ho bonolo ho baka thabo le thabo. Hoa thahasellisa haholo haeba emulator e thusa mofuputsi ho bona data ka mohopolong kapa ho theha tšebelisano ea likhoele.
Re tla u bontša mokhoa oa ho theha tšebelisano lipakeng tsa mesebetsi ea RTOS. U lokela ho qala ka ho emisa ts'ebetsong ea khoutu haeba e ntse e sebetsa. Haeba u ea tšebetsong bluetooth_task_entry lekaleng la ts'ebetso ea taelo ea "LED" (aterese 0x080057B8), joale o ka bona hore na ke eng e entsoeng pele ebe e romelloa moleng oa tsamaiso ledControlQueueHandle molaetsa o itseng.
U lokela ho beha sebaka sa ho senya ho fihlella phapang ledControlQueueHandlee fumanehang ho 0x20000624 'me u tsoele pele ho kenya khoutu:
Ka lebaka leo, ho emisa ho tla qala ho etsahala atereseng 0x080057CA pele o bitsa mosebetsi osMailAlloc, ebe atereseng 0x08005806 pele o bitsa mosebetsi osMailPut, ebe ka mor'a nakoana - ho ea atereseng 0x08005BD4 (pele o bitsa mosebetsi osMailGet), e leng ea mosebetsi leds_task_entry (LED-task), ke hore, mesebetsi e fetotsoe, 'me joale mosebetsi oa LED o fumane taolo.
Ka tsela ena e bonolo u ka tseba hore na mesebetsi ea RTOS e sebelisana joang.
Ehlile, ha e le hantle, tšebelisano ea mesebetsi e ka ba thata le ho feta, empa ho sebelisa emulator, ho latela tšebelisano ena ha ho thata haholo.
U ka shebella video e khuts'oane ea emulator e qalang le ho sebelisana le IDA Pro.
Qala ka Radare2
U ke ke ua iphapanyetsa sesebelisoa sa bokahohleng joalo ka Radare2.
Ho hokela ho emulator o sebelisa r2, taelo e ne e tla shebahala tjena:
radare2 -A -a arm -b 16 -d gdb://localhost:23946 rhino_fw42k6.elfE fumaneha hona joale (dc) ebe o emisa ho etsa khefu (Ctrl+C).
Ka bomalimabe, hajoale, r2 e na le mathata ha e sebetsa le seva sa gdb le sebopeho sa mohopolo; ka lebaka la sena, li-breakpoints le Mehato ha li sebetse (taelo). ds). Re tšepa hore sena se tla lokisoa haufinyane.
Ho matha le Eclipse
E 'ngoe ea likhetho tsa ho sebelisa emulator ke ho lokisa firmware ea sesebelisoa se ntseng se ntlafatsoa. Bakeng sa ho hlaka, re tla boela re sebelise firmware ea Rhino. U ka khoasolla mehloli ea firmware .
Re tla sebelisa Eclipse ho tloha sete e le IDE .
E le hore emulator e jarolle firmware e hlophisitsoeng ka kotloloho ho Eclipse, o hloka ho eketsa paramente firmware=null ho taelo ea ho qala emulator:
binkopycat -g 23946 -n rhino -l user -y modules -p firmware=null,tty_dbg=COM26,tty_bt=COM28Ho theha tlhophiso ea debug
Ho Eclipse, khetha menu Matha - Litlhophiso tsa Debug... Fesetereng e butsoeng, karolong GDB Hardware Debugging o hloka ho kenya tlhophiso e ncha, ebe ho "Main" tab e hlalosa morero oa hajoale le ts'ebeliso ea ho lokisa liphoso:
Ho "Debugger" tab o hloka ho hlakisa taelo ea GDB:
${openstm32_compiler_path}arm-none-eabi-gdb
Hape kenya liparamente tsa ho hokela ho seva sa GDB (moamoheli le boema-kepe):
Ho "Startup" tab, o tlameha ho totobatsa lintlha tse latelang:
- lumella lebokose la ho hlahloba Kenya setšoantšo (e le hore setšoantšo sa firmware se kopaneng se kenngoe ho emulator);
- lumella lebokose la ho hlahloba Laela matšoao;
- eketsa taelo ea ho qala:
set $pc = *0x08000004(seta rejistara ea PC ho boleng bo tsoang memoring atereseng0x08000004- aterese e bolokiloe moo ResetHandler).
Ela hloko, haeba u sa batle ho khoasolla faele ea firmware ho Eclipse, joale likhetho Kenya setšoantšo и Matha litaelo ha ho hlokahale ho bontša.
Kamora ho tobetsa Debug, o ka sebetsa ka mokhoa oa debugger:
- kgato ka kgato khoutu ya phethahatso
- ho kopana le di-breakpoint
mantsoe. Eclipse e na le, hmm... lintho tse ling tse makatsang ... 'me u tlameha ho phela le tsona. Ka mohlala, haeba ha u qala debugger molaetsa o reng "Ha ho mohloli o fumanehang bakeng sa "0x0"" o hlahang, joale phetha taelo ea Mohato (F5)
Ho e-na phetheha
Ho etsisa khoutu ea lehae ke ntho e khahlisang haholo. Hoa khoneha hore moetsi oa lisebelisoa a khone ho lokisa firmware ntle le sesebelisoa sa sebele. Bakeng sa mofuputsi, ke monyetla oa ho etsa tlhahlobo ea khoutu e matla, e ke keng ea khoneha kamehla esita le ka sesebelisoa.
Re batla ho fa litsebi sesebelisoa se bonolo, se itekanetseng, se sa nkeng matsapa a mangata le nako ea ho se sebelisa.
Ngola litlhaloso mabapi le phihlelo ea hau u sebelisa li-emulator tsa hardware. Re u mema hore u buisane 'me u tla thabela ho araba lipotso.
Ke basebelisi ba ngolisitsoeng feela ba ka kenyang letsoho phuputsong. ka kopo.
U sebelisa emulator bakeng sa eng?
-
Ke hlahisa (debug) firmware
-
Ke ntse ke etsa lipatlisiso ka firmware
-
Ke qala lipapali (Dendi, Sega, PSP)
-
ntho e 'ngoe (ngola litlhaloso)
Basebelisi ba 7 ba ile ba khetha. Basebelisi ba 2 ba hanne.
U sebelisa software efe ho etsisa khoutu ea hau?
-
QEMU
-
Enjene ea Unicorn
-
Proteus
-
ntho e 'ngoe (ngola litlhaloso)
Basebelisi ba 6 ba ile ba khetha. Basebelisi ba 2 ba hanne.
U ka rata ho ntlafatsa eng ho emulator eo u e sebelisang?
-
Ke batla lebelo
-
Ke batla ho seta/ho qala habonolo
-
Ke batla likhetho tse ling tsa ho sebelisana le emulator (API, hook)
-
Ke thabetse tsohle
-
ntho e 'ngoe (ngola litlhaloso)
Basebelisi ba 8 ba ile ba khetha. Mosebedisi a le 1 o hanne.
Source: www.habr.com