[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <BANLkTikXUd8uorD+juMDvFubr3cz+OZnaQ@mail.gmail.com>
Date: Thu, 16 Jun 2011 16:44:57 +0200
From: Rafał Miłecki <zajec5@...il.com>
To: linux-wireless@...r.kernel.org,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Faking MMIO ops? Fooling a driver
I analyze MMIO dumps of closed source driver and found such a place:
W 2 3855.911536 9 0xb06003fc 0x810 0x0 0
R 2 3855.911540 9 0xb06003fe 0x0 0x0 0
W 2 3855.911541 9 0xb06003fe 0x0 0x0 0
After translation:
phy_read(0x0810) -> 0x0000
phy_write(0x0810) <- 0x0000
So it's quite obvious, the driver is reading PHY register, masking it
and writing masked value. Unfortunately from just looking at such
place we can not guess the mask driver uses.
I'd like to fake value read from 0xb06003fe to be 0xFFFF.
Is there some ready method for doing such a trick?
Dump comes from Kernel hacking → Tracers → MMIO and ndiswrapper.
--
Rafał
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists