On 06/16/2011 12:20 PM, RafaÅ MiÅecki wrote:
W dniu 16 czerwca 2011 16:44 uÅytkownik RafaÅ MiÅecki
<zajec5@xxxxxxxxx> napisaÅ:
I analyze MMIO dumps of closed source driver and found such a place:
W 2 3855.911536 9 0xb06003fc 0x810 0x0 0
R 2 3855.911540 9 0xb06003fe 0x0 0x0 0
W 2 3855.911541 9 0xb06003fe 0x0 0x0 0
After translation:
phy_read(0x0810) -> 0x0000
phy_write(0x0810)<- 0x0000
So it's quite obvious, the driver is reading PHY register, masking it
and writing masked value. Unfortunately from just looking at such
place we can not guess the mask driver uses.
I'd like to fake value read from 0xb06003fe to be 0xFFFF.
Is there some ready method for doing such a trick?
Dump comes from Kernel hacking â Tracers â MMIO and ndiswrapper.
I can see values in MMIO trace struct are filled in
arch/x86/mm/mmio-mod.c in "pre" and "post". However still no idea how
to hack the returned value.
Should I try hacking read[bwl] instead? :|
Probably. I do not see any way to trace and modify the results for a particular
address without special code.
FYI, my reference driver for reverse engineering has no instance of a
read/modify/write for PHY register 0x810. Is the code in question for a PHY type
> 6?
Larry
--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
