├── Module.manifest ├── data ├── languages │ ├── fuc5_inst.sinc │ ├── falcon.opinion │ ├── falcon_v4.slaspec │ ├── falcon_v5.slaspec │ ├── falcon.pspec │ ├── sized.sinc │ ├── falcon.cspec │ ├── falcon.ldefs │ ├── macro.sinc │ ├── unsized_inst.sinc │ ├── base_falcon.slaspec │ ├── crypt_inst.sinc │ ├── sized_include.sinc │ └── envydis.sinc ├── testing │ ├── simple_flow.asm │ ├── Makefile │ └── faucon.asm └── build.xml ├── images └── screenshot1.png ├── .mailmap ├── gradle └── wrapper │ ├── gradle-wrapper.jar │ └── gradle-wrapper.properties ├── extension.properties ├── LICENSE.txt ├── gradlew.bat ├── .github └── workflows │ └── build.yml ├── .gitignore ├── gradlew ├── src └── main │ └── java │ └── zone │ └── mary │ └── ghidra │ └── falcon │ └── NvidiaGRBootloaderLoader.java └── README.md /Module.manifest: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /data/languages/fuc5_inst.sinc: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /data/languages/falcon.opinion: -------------------------------------------------------------------------------- 1 | 2 | 3 | -------------------------------------------------------------------------------- /images/screenshot1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/marysaka/ghidra_falcon/HEAD/images/screenshot1.png -------------------------------------------------------------------------------- /.mailmap: -------------------------------------------------------------------------------- 1 | Mary Guillemard Mary 2 | Mary Guillemard 3 | -------------------------------------------------------------------------------- /data/testing/simple_flow.asm: -------------------------------------------------------------------------------- 1 | mov $r2 0x1; 2 | muls $r2 0x2 3 | xor $r3 $r2 0x40; 4 | bra z 0xe; 5 | bra 0x2; 6 | bra 0xe; -------------------------------------------------------------------------------- /gradle/wrapper/gradle-wrapper.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/marysaka/ghidra_falcon/HEAD/gradle/wrapper/gradle-wrapper.jar -------------------------------------------------------------------------------- /extension.properties: -------------------------------------------------------------------------------- 1 | name=@extname@ 2 | description=Nvidia Falcon ISA extension. 3 | author=marysaka, hthh 4 | createdOn= 5 | version=@extversion@ 6 | -------------------------------------------------------------------------------- /data/languages/falcon_v4.slaspec: -------------------------------------------------------------------------------- 1 | @define FUC_VERSION "4" 2 | 3 | @define SUPPORT_FUC3P 4 | @define SUPPORT_FUC4P 5 | @define SUPPORT_FUCOLD 6 | 7 | @include "base_falcon.slaspec" 8 | -------------------------------------------------------------------------------- /data/languages/falcon_v5.slaspec: -------------------------------------------------------------------------------- 1 | @define FUC_VERSION "5" 2 | 3 | @define SUPPORT_FUC3P 4 | @define SUPPORT_FUC4P 5 | @define SUPPORT_FUC5P 6 | 7 | @define CRYPT_EXTENSION 8 | 9 | @include "base_falcon.slaspec" 10 | -------------------------------------------------------------------------------- /gradle/wrapper/gradle-wrapper.properties: -------------------------------------------------------------------------------- 1 | distributionBase=GRADLE_USER_HOME 2 | distributionPath=wrapper/dists 3 | distributionUrl=https\://services.gradle.org/distributions/gradle-7.3.3-bin.zip 4 | zipStoreBase=GRADLE_USER_HOME 5 | zipStorePath=wrapper/dists 6 | -------------------------------------------------------------------------------- /data/testing/Makefile: -------------------------------------------------------------------------------- 1 | NAME := faucon 2 | 3 | all: $(NAME)_fw.h 4 | 5 | $(NAME)_fw.bin: $(NAME).asm 6 | envyas -m falcon -V fuc5 -F crypt $? -i -o $@ 7 | 8 | $(NAME)_fw.h: $(NAME)_fw.bin 9 | bin2c -o $@ $? 10 | 11 | print_dis: $(NAME)_fw.bin 12 | envydis -i $? -m falcon -V fuc5 -F crypt -n 13 | 14 | clean: 15 | rm -f $(NAME)_fw.h $(NAME)_fw.bin -------------------------------------------------------------------------------- /data/languages/falcon.pspec: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | -------------------------------------------------------------------------------- /LICENSE.txt: -------------------------------------------------------------------------------- 1 | Copyright 2019 marysaka, hthh 2 | 3 | Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies. 4 | 5 | THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 6 | -------------------------------------------------------------------------------- /data/testing/faucon.asm: -------------------------------------------------------------------------------- 1 | mov $r13 0x1000; 2 | mov $sp $r13; 3 | mov $r13 0xf; 4 | mov $r13 0xff; 5 | mov $r13 0xffff; 6 | mov $r13 0xffffffff; 7 | 8 | mulu $r1 $r13 0x10; 9 | muls $r1 $r13 0x10; 10 | sext $r1 $r13 0x10; 11 | and $r1 $r13 0x10; 12 | or $r1 $r13 0x10; 13 | xor $r1 $r13 0x10; 14 | xbit $r1 $r13 0x10; 15 | // TODO: ce 16 | iord $r13 I[$r13 + 0x4]; 17 | 18 | mulu $r1 $r13 0x1010; 19 | muls $r1 $r13 0x1010; 20 | and $r1 $r13 0x1010; 21 | or $r1 $r13 0x1010; 22 | xor $r1 $r13 0x1010; 23 | 24 | mulu $r1 0x10; 25 | muls $r1 0x10; 26 | sext $r1 0x10; 27 | // TODO: sethi 28 | and $r1 0x10; 29 | or $r9 0x10; 30 | xor $r9 0x10; 31 | bset $r9 0x10; 32 | bclr $r9 0x10; 33 | btgl $r9 0x10; 34 | 35 | mulu $r1 0x1010; 36 | muls $r1 0x1010; 37 | // TODO: sethi 38 | and $r1 0x1010; 39 | or $r9 0x1010; 40 | xor $r9 0x1010; 41 | call 0x77 42 | bra 0x6; 43 | ret; 44 | mov $r10 0x42 45 | ret; -------------------------------------------------------------------------------- /data/languages/sized.sinc: -------------------------------------------------------------------------------- 1 | 2 | with : op_size=2 ... { 3 | @define SZ_SUFFIX ""_b32"" 4 | @define SZ_BYTES "4" 5 | @define SZ_BITS "32" 6 | 7 | @include "sized_include.sinc" 8 | 9 | @undef SZ_SUFFIX 10 | @undef SZ_BYTES 11 | @undef SZ_BITS 12 | } 13 | 14 | 15 | @define SZ_SUFFIX ""_b16"" 16 | @define SZ_BYTES "2" 17 | @define SZ_BITS "16" 18 | with : op_size=1 ... { 19 | 20 | @include "sized_include.sinc" 21 | 22 | } # with 23 | @undef SZ_SUFFIX 24 | @undef SZ_BYTES 25 | @undef SZ_BITS 26 | 27 | 28 | @define SZ_SUFFIX ""_b8"" 29 | @define SZ_BYTES "1" 30 | @define SZ_BITS "8" 31 | with : op_size=0 ... { 32 | 33 | @include "sized_include.sinc" 34 | 35 | } 36 | @undef SZ_SUFFIX 37 | @undef SZ_BYTES 38 | @undef SZ_BITS 39 | 40 | 41 | 42 | # Some entries in the table only run once 43 | @define SZ_SUFFIX "" 44 | @define SZ_BYTES "" 45 | @define SZ_BITS "" 46 | @define ONCE 47 | @include "sized_include.sinc" 48 | @undef ONCE 49 | @undef SZ_SUFFIX 50 | @undef SZ_BYTES 51 | @undef SZ_BITS 52 | -------------------------------------------------------------------------------- /data/languages/falcon.cspec: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | -------------------------------------------------------------------------------- /gradlew.bat: -------------------------------------------------------------------------------- 1 | @if "%DEBUG%" == "" @echo off 2 | @rem ########################################################################## 3 | @rem 4 | @rem Gradle startup script for Windows 5 | @rem 6 | @rem ########################################################################## 7 | 8 | @rem Set local scope for the variables with windows NT shell 9 | if "%OS%"=="Windows_NT" setlocal 10 | 11 | set DIRNAME=%~dp0 12 | if "%DIRNAME%" == "" set DIRNAME=. 13 | set APP_BASE_NAME=%~n0 14 | set APP_HOME=%DIRNAME% 15 | 16 | @rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. 17 | set DEFAULT_JVM_OPTS="-Xmx64m" 18 | 19 | @rem Find java.exe 20 | if defined JAVA_HOME goto findJavaFromJavaHome 21 | 22 | set JAVA_EXE=java.exe 23 | %JAVA_EXE% -version >NUL 2>&1 24 | if "%ERRORLEVEL%" == "0" goto init 25 | 26 | echo. 27 | echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. 28 | echo. 29 | echo Please set the JAVA_HOME variable in your environment to match the 30 | echo location of your Java installation. 31 | 32 | goto fail 33 | 34 | :findJavaFromJavaHome 35 | set JAVA_HOME=%JAVA_HOME:"=% 36 | set JAVA_EXE=%JAVA_HOME%/bin/java.exe 37 | 38 | if exist "%JAVA_EXE%" goto init 39 | 40 | echo. 41 | echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% 42 | echo. 43 | echo Please set the JAVA_HOME variable in your environment to match the 44 | echo location of your Java installation. 45 | 46 | goto fail 47 | 48 | :init 49 | @rem Get command-line arguments, handling Windows variants 50 | 51 | if not "%OS%" == "Windows_NT" goto win9xME_args 52 | 53 | :win9xME_args 54 | @rem Slurp the command line arguments. 55 | set CMD_LINE_ARGS= 56 | set _SKIP=2 57 | 58 | :win9xME_args_slurp 59 | if "x%~1" == "x" goto execute 60 | 61 | set CMD_LINE_ARGS=%* 62 | 63 | :execute 64 | @rem Setup the command line 65 | 66 | set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar 67 | 68 | @rem Execute Gradle 69 | "%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS% 70 | 71 | :end 72 | @rem End local scope for the variables with windows NT shell 73 | if "%ERRORLEVEL%"=="0" goto mainEnd 74 | 75 | :fail 76 | rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of 77 | rem the _cmd.exe /c_ return code! 78 | if not "" == "%GRADLE_EXIT_CONSOLE%" exit 1 79 | exit /b 1 80 | 81 | :mainEnd 82 | if "%OS%"=="Windows_NT" endlocal 83 | 84 | :omega 85 | -------------------------------------------------------------------------------- /.github/workflows/build.yml: -------------------------------------------------------------------------------- 1 | name: CI 2 | 3 | on: [push, pull_request, workflow_dispatch] 4 | 5 | permissions: 6 | contents: write 7 | 8 | jobs: 9 | build: 10 | runs-on: ubuntu-latest 11 | strategy: 12 | matrix: 13 | ghidra: 14 | - "11.1.2" 15 | - "11.1.1" 16 | - "11.1" 17 | - "11.0.3" 18 | - "11.0.2" 19 | - "11.0.1" 20 | - "11.0" 21 | - "10.4" 22 | - "10.3.3" 23 | - "10.3.2" 24 | - "10.3.1" 25 | - "10.3" 26 | steps: 27 | - uses: actions/checkout@v4 28 | 29 | - uses: actions/setup-java@v4 30 | with: 31 | distribution: 'temurin' 32 | java-version: '17' 33 | 34 | - uses: gradle/actions/setup-gradle@v3 35 | 36 | - uses: antoniovazquezblanco/setup-ghidra@v2.0.5 37 | with: 38 | auth_token: ${{ secrets.GITHUB_TOKEN }} 39 | version: ${{ matrix.ghidra }} 40 | 41 | - name: Build extension 42 | run: ./gradlew -PGHIDRA_INSTALL_DIR=${{ env.GHIDRA_INSTALL_DIR }} 43 | 44 | - name: Upload Build Artifact 45 | uses: actions/upload-artifact@v4 46 | with: 47 | name: Falcon for Ghidra ${{ matrix.ghidra }} 48 | path: dist/ghidra_*.zip 49 | if-no-files-found: error 50 | 51 | release: 52 | runs-on: "ubuntu-latest" 53 | needs: build 54 | 55 | steps: 56 | - name: Get current date 57 | id: date 58 | run: echo "::set-output name=date::$(date +'%Y-%m-%d')" 59 | 60 | - name: Checkout source for nightly release removal 61 | uses: actions/checkout@v4 62 | if: github.ref == 'refs/heads/master' 63 | 64 | - name: Remove previous nightly release 65 | if: github.ref == 'refs/heads/master' 66 | run: | 67 | git fetch --tags 68 | gh release delete latest -y || true 69 | git push --delete origin latest || true 70 | 71 | - name: Download binaries 72 | uses: actions/download-artifact@v4 73 | 74 | - name: Release nightly 75 | if: github.ref == 'refs/heads/master' 76 | uses: softprops/action-gh-release@v2 77 | with: 78 | tag_name: "latest" 79 | prerelease: true 80 | name: "Ghidra Falcon Nightly (${{steps.date.outputs.date}})" 81 | files: Falcon*/*.zip 82 | fail_on_unmatched_files: true 83 | 84 | - name: Release stable 85 | if: contains(github.ref, 'refs/tags/v') 86 | uses: softprops/action-gh-release@v2 87 | with: 88 | prerelease: false 89 | name: "Ghidra Falcon ${{github.ref_name}}" 90 | files: Falcon*/*.zip 91 | fail_on_unmatched_files: true 92 | -------------------------------------------------------------------------------- /data/languages/falcon.ldefs: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 15 | Nvidia Falcon v0 16 | 17 | 18 | 26 | Nvidia Falcon v1 27 | 28 | 29 | 37 | Nvidia Falcon v2 38 | 39 | 40 | 48 | Nvidia Falcon v3 49 | 50 | 51 | 52 | 60 | Nvidia Falcon v4 61 | 62 | 63 | 71 | Nvidia Falcon v5 72 | 73 | 74 | 75 | -------------------------------------------------------------------------------- /data/build.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | ### Eclipse ### 2 | 3 | .metadata 4 | bin/ 5 | tmp/ 6 | *.tmp 7 | *.bak 8 | *.swp 9 | *~.nib 10 | local.properties 11 | .settings/ 12 | .loadpath 13 | .recommenders 14 | 15 | # External tool builders 16 | .externalToolBuilders/ 17 | 18 | # Locally stored "Eclipse launch configurations" 19 | *.launch 20 | 21 | # PyDev specific (Python IDE for Eclipse) 22 | *.pydevproject 23 | 24 | # CDT-specific (C/C++ Development Tooling) 25 | .cproject 26 | 27 | # CDT- autotools 28 | .autotools 29 | 30 | # Java annotation processor (APT) 31 | .factorypath 32 | 33 | # PDT-specific (PHP Development Tools) 34 | .buildpath 35 | 36 | # sbteclipse plugin 37 | .target 38 | 39 | # Tern plugin 40 | .tern-project 41 | 42 | # TeXlipse plugin 43 | .texlipse 44 | 45 | # STS (Spring Tool Suite) 46 | .springBeans 47 | 48 | # Code Recommenders 49 | .recommenders/ 50 | 51 | # Annotation Processing 52 | .apt_generated/ 53 | 54 | # Scala IDE specific (Scala & Java development for Eclipse) 55 | .cache-main 56 | .scala_dependencies 57 | .worksheet 58 | 59 | ### Eclipse Patch ### 60 | # Eclipse Core 61 | .project 62 | 63 | # JDT-specific (Eclipse Java Development Tools) 64 | .classpath 65 | 66 | # Annotation Processing 67 | .apt_generated 68 | 69 | .sts4-cache/ 70 | 71 | ### Java ### 72 | # Compiled class file 73 | *.class 74 | 75 | # Log file 76 | *.log 77 | 78 | # BlueJ files 79 | *.ctxt 80 | 81 | # Mobile Tools for Java (J2ME) 82 | .mtj.tmp/ 83 | 84 | # Package Files # 85 | *.jar 86 | *.war 87 | *.nar 88 | *.ear 89 | *.zip 90 | *.tar.gz 91 | *.rar 92 | 93 | # virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml 94 | hs_err_pid* 95 | 96 | ### Linux ### 97 | *~ 98 | 99 | # temporary files which can be created if a process still has a handle open of a deleted file 100 | .fuse_hidden* 101 | 102 | # KDE directory preferences 103 | .directory 104 | 105 | # Linux trash folder which might appear on any partition or disk 106 | .Trash-* 107 | 108 | # .nfs files are created when an open file is removed but is still being accessed 109 | .nfs* 110 | 111 | ### OSX ### 112 | # General 113 | .DS_Store 114 | .AppleDouble 115 | .LSOverride 116 | 117 | # Icon must end with two \r 118 | Icon 119 | 120 | # Thumbnails 121 | ._* 122 | 123 | # Files that might appear in the root of a volume 124 | .DocumentRevisions-V100 125 | .fseventsd 126 | .Spotlight-V100 127 | .TemporaryItems 128 | .Trashes 129 | .VolumeIcon.icns 130 | .com.apple.timemachine.donotpresent 131 | 132 | # Directories potentially created on remote AFP share 133 | .AppleDB 134 | .AppleDesktop 135 | Network Trash Folder 136 | Temporary Items 137 | .apdisk 138 | 139 | ### Windows ### 140 | # Windows thumbnail cache files 141 | Thumbs.db 142 | ehthumbs.db 143 | ehthumbs_vista.db 144 | 145 | # Dump file 146 | *.stackdump 147 | 148 | # Folder config file 149 | [Dd]esktop.ini 150 | 151 | # Recycle Bin used on file shares 152 | $RECYCLE.BIN/ 153 | 154 | # Windows Installer files 155 | *.cab 156 | *.msi 157 | *.msix 158 | *.msm 159 | *.msp 160 | 161 | # Windows shortcuts 162 | *.lnk 163 | 164 | ### Gradle ### 165 | .gradle 166 | build/ 167 | 168 | # Ignore Gradle GUI config 169 | gradle-app.setting 170 | 171 | # Avoid ignoring Gradle wrapper jar file (.jar files are usually ignored) 172 | !gradle-wrapper.jar 173 | 174 | # Cache of project 175 | .gradletasknamecache 176 | 177 | # # Work around https://youtrack.jetbrains.com/issue/IDEA-116898 178 | # gradle/wrapper/gradle-wrapper.properties 179 | 180 | ### Gradle Patch ### 181 | **/build/ 182 | 183 | # Ghidra stuffs 184 | .antProperties.xml 185 | *.sla 186 | 187 | data/testing/*_fw.bin 188 | data/testing/*_fw.h -------------------------------------------------------------------------------- /data/languages/macro.sinc: -------------------------------------------------------------------------------- 1 | macro todo_binop(dst, src1, src2) { 2 | dst = todo(src1, src2); 3 | } 4 | 5 | macro store32(addr, value) { 6 | *[dmem]:4 (addr) = value; 7 | } 8 | macro store16(addr, value) { 9 | *[dmem]:2 (addr) = value; 10 | } 11 | macro store8(addr, value) { 12 | *[dmem]:1 (addr) = value; 13 | } 14 | macro load32(dst1, addr) { 15 | dst1 = *[dmem]:4 (addr); 16 | } 17 | macro load16(dst1, addr) { 18 | dst1 = *[dmem]:2 (addr); 19 | } 20 | macro load8(dst1, addr) { 21 | dst1 = *[dmem]:1 (addr); 22 | } 23 | 24 | macro xbit(dst1, src1, bit1) { 25 | dst1 = (src1 >> bit1) & 1; 26 | } 27 | 28 | macro op_sext(dst, src1, src2) { 29 | local shift_distance = (31 - (src2 & 0x1F)); 30 | dst = (src1 << shift_distance) s>> shift_distance; 31 | } 32 | 33 | macro bclr(reg1, bit1) { 34 | reg1 = reg1 & ~(1 << bit1); 35 | } 36 | 37 | macro bset(reg1, bit1) { 38 | reg1 = reg1 | (1 << bit1); 39 | } 40 | 41 | macro btgl(reg1, bit1) { 42 | reg1 = reg1 ^ (1 << bit1); 43 | } 44 | 45 | macro push32(val32) { 46 | sp = sp - 4; 47 | *[dmem]:4 sp = val32; 48 | } 49 | 50 | macro pop32(ret32) { 51 | sp = sp + 4; 52 | ret32 = *[dmem]:4 sp; 53 | } 54 | 55 | macro ret() { 56 | pop32(pc); 57 | return [pc]; 58 | } 59 | 60 | macro setResultFlags(result) { 61 | $(Z_flag) = (result == 0); 62 | $(S_flag) = (result s< 0); 63 | } 64 | 65 | macro clear(dst) { 66 | dst = 0; 67 | } 68 | 69 | macro mov(dst, src) { 70 | dst = src; 71 | } 72 | 73 | macro and(dst, src1, src2) { 74 | dst = src1 & src2; 75 | 76 | $(C_flag) = 0; 77 | $(O_flag) = 0; 78 | setResultFlags(dst); 79 | } 80 | 81 | macro or(dst, src1, src2) { 82 | dst = src1 | src2; 83 | 84 | $(C_flag) = 0; 85 | $(O_flag) = 0; 86 | setResultFlags(dst); 87 | } 88 | 89 | macro xor(dst, src1, src2) { 90 | dst = src1 ^ src2; 91 | 92 | $(C_flag) = 0; 93 | $(O_flag) = 0; 94 | setResultFlags(dst); 95 | } 96 | 97 | macro shl32(dst, src1, src2) { 98 | dst = src1 << (src2 & 0x1F); 99 | 100 | $(O_flag) = 0; 101 | setResultFlags(dst); 102 | } 103 | 104 | macro shr32(dst, src1, src2) { 105 | dst = src1 >> (src2 & 0x1F); 106 | 107 | $(O_flag) = 0; 108 | setResultFlags(dst); 109 | } 110 | 111 | macro sar32(dst, src1, src2) { 112 | dst = src1 s>> (src2 & 0x1F); 113 | 114 | $(O_flag) = 0; 115 | setResultFlags(dst); 116 | } 117 | 118 | macro add(dst, src1, src2) { 119 | $(C_flag) = carry(src1,src2); 120 | $(O_flag) = scarry(src1,src2); 121 | dst = src1 + src2; 122 | setResultFlags(dst); 123 | } 124 | 125 | 126 | macro adc(dst, src1, src2) { 127 | # TODO: this assumes these flags match x86 128 | local cf_copy = zext($(C_flag)); 129 | $(C_flag) = carry(src1, src2); 130 | $(O_flag) = scarry(src1, src2); 131 | local result = src1 + src2; 132 | $(C_flag) = $(C_flag) || carry(result, cf_copy); 133 | $(O_flag) = $(O_flag) ^^ scarry(result, cf_copy); 134 | dst = result + cf_copy; 135 | setResultFlags(dst); 136 | } 137 | 138 | 139 | macro sub(dst, src1, src2) { 140 | $(C_flag) = src1 < src2; 141 | $(O_flag) = sborrow(src1,src2); 142 | dst = src1 - src2; 143 | setResultFlags(dst); 144 | } 145 | 146 | macro cmp(src1, src2) { 147 | # TODO: check flag correctness 148 | setResultFlags((src1 - src2)); 149 | $(C_flag) = src1 < src2; 150 | $(O_flag) = sborrow(src1, src2); 151 | } 152 | 153 | macro cmpu(src1, src2) { 154 | # TODO: is this right? 155 | $(C_flag) = (src1 < src2); 156 | $(Z_flag) = (src1 == src2); 157 | } 158 | 159 | macro cmps(src1, src2) { 160 | $(C_flag) = (src1 s< src2); 161 | $(Z_flag) = (src1 == src2); 162 | } 163 | 164 | 165 | # TODO: check if that set flags on hardware 166 | macro mulu(dst, src1, src2) { 167 | dst = zext(src1) * zext(src2); 168 | } 169 | 170 | macro hswap16(dst, src) { 171 | dst = ((src & 0xFF) << 8) | ((src & 0xFF00) >> 8); 172 | setResultFlags(dst); 173 | $(O_flag) = 0; 174 | } 175 | 176 | macro hswap8(dst, src) { 177 | # TODO: is this even a thing? 178 | dst = ((src & 0xF) << 4) | ((src & 0xF0) >> 4); 179 | setResultFlags(dst); 180 | $(O_flag) = 0; 181 | } 182 | 183 | macro not(dst, src) { 184 | dst = ~src; 185 | setResultFlags(dst); 186 | $(O_flag) = 0; 187 | } 188 | 189 | macro neg(dst, src) { 190 | dst = -src; 191 | setResultFlags(dst); 192 | $(O_flag) = sborrow(0, dst); 193 | } 194 | 195 | 196 | -------------------------------------------------------------------------------- /data/languages/unsized_inst.sinc: -------------------------------------------------------------------------------- 1 | define pcodeop exit; 2 | define pcodeop io_read; 3 | define pcodeop io_write; 4 | define pcodeop io_write_sync; 5 | 6 | define pcodeop unkce_io_read; 7 | 8 | define pcodeop vtlb; 9 | define pcodeop ptlb; 10 | 11 | define pcodeop cxset; 12 | 13 | define pcodeop xdst; 14 | define pcodeop xdld; 15 | define pcodeop xcld; 16 | define pcodeop xcwait; 17 | define pcodeop xdwait; 18 | 19 | 20 | define pcodeop __clear_flag_ie0; 21 | define pcodeop __clear_flag_ie1; 22 | define pcodeop __clear_flag_ie2; 23 | define pcodeop __clear_flag_is0; 24 | define pcodeop __clear_flag_is1; 25 | define pcodeop __clear_flag_ta; 26 | 27 | define pcodeop __set_flag_ie0; 28 | define pcodeop __set_flag_ie1; 29 | define pcodeop __set_flag_is0; 30 | define pcodeop __set_flag_is1; 31 | define pcodeop __set_flag_ta; 32 | 33 | define pcodeop __toggle_flag_ie0; 34 | define pcodeop __toggle_flag_ie1; 35 | define pcodeop __toggle_flag_is0; 36 | define pcodeop __toggle_flag_is1; 37 | define pcodeop __toggle_flag_ta; 38 | 39 | 40 | 41 | 42 | # TODO: check if that set flags on hardware 43 | macro muls(dst, src1, src2) { 44 | dst = sext(src1) * sext(src2); 45 | } 46 | 47 | ### Branch instructions start ### 48 | 49 | ### Start bra conditional ### 50 | bra_cc: "p0" is subopcodeL=0x00 { c:1 = $(P0_flag); export c; } 51 | bra_cc: "p1" is subopcodeL=0x01 { c:1 = $(P1_flag); export c; } 52 | bra_cc: "p2" is subopcodeL=0x02 { c:1 = $(P2_flag); export c; } 53 | bra_cc: "p3" is subopcodeL=0x03 { c:1 = $(P3_flag); export c; } 54 | bra_cc: "p4" is subopcodeL=0x04 { c:1 = $(P4_flag); export c; } 55 | bra_cc: "p5" is subopcodeL=0x05 { c:1 = $(P5_flag); export c; } 56 | bra_cc: "p6" is subopcodeL=0x06 { c:1 = $(P6_flag); export c; } 57 | bra_cc: "p7" is subopcodeL=0x07 { c:1 = $(P7_flag); export c; } 58 | bra_cc: "c" is subopcodeL=0x08 { c:1 = $(C_flag); export c; } 59 | bra_cc: "o" is subopcodeL=0x09 { c:1 = $(O_flag); export c; } 60 | bra_cc: "s" is subopcodeL=0x0a { c:1 = $(S_flag); export c; } 61 | bra_cc: "z" is subopcodeL=0x0b { c:1 = $(Z_flag); export c; } 62 | 63 | bra_cc: "a" is subopcodeL=0x0c { c:1 = !($(C_flag) || $(Z_flag)); export c; } 64 | bra_cc: "na" is subopcodeL=0x0d { c:1 = $(C_flag) || $(Z_flag); export c; } 65 | bra_cc: is subopcodeL=0x0e { c:1 = 1; export c; } 66 | bra_cc: "not p0" is subopcodeL=0x10 { c:1 = !$(P0_flag); export c; } 67 | bra_cc: "not p1" is subopcodeL=0x11 { c:1 = !$(P1_flag); export c; } 68 | bra_cc: "not p2" is subopcodeL=0x12 { c:1 = !$(P2_flag); export c; } 69 | bra_cc: "not p3" is subopcodeL=0x13 { c:1 = !$(P3_flag); export c; } 70 | bra_cc: "not p4" is subopcodeL=0x14 { c:1 = !$(P4_flag); export c; } 71 | bra_cc: "not p5" is subopcodeL=0x15 { c:1 = !$(P5_flag); export c; } 72 | bra_cc: "not p6" is subopcodeL=0x16 { c:1 = !$(P6_flag); export c; } 73 | bra_cc: "not p7" is subopcodeL=0x17 { c:1 = !$(P7_flag); export c; } 74 | bra_cc: "nc" is subopcodeL=0x18 { c:1 = !$(C_flag); export c; } 75 | bra_cc: "no" is subopcodeL=0x19 { c:1 = !$(O_flag); export c; } 76 | bra_cc: "ns" is subopcodeL=0x1a { c:1 = !$(S_flag); export c; } 77 | bra_cc: "nz" is subopcodeL=0x1b { c:1 = !$(Z_flag); export c; } 78 | bra_cc: "g" is subopcodeL=0x1c { c:1 = !$(Z_flag) && ($(O_flag) == $(S_flag)); export c; } 79 | 80 | @if defined(SUPPORT_FUC3P) 81 | bra_cc: "le" is subopcodeL=0x1d { c:1 = $(Z_flag) || ($(O_flag) != $(S_flag)); export c; } 82 | bra_cc: "l" is subopcodeL=0x1e { c:1 = ($(O_flag) != $(S_flag)); export c; } 83 | bra_cc: "ge" is subopcodeL=0x1f { c:1 = $(O_flag) == $(S_flag); export c; } 84 | @endif 85 | 86 | ### End bra conditional ### 87 | 88 | :bra bra_cc rel8 is raw_opcode=0xf4; subopcodeL < 0x20 & bra_cc; rel8 { 89 | if (bra_cc) goto rel8; 90 | } 91 | 92 | :bra bra_cc rel16 is raw_opcode=0xf5; subopcodeL < 0x20 & bra_cc; rel16 { 93 | if (bra_cc) goto rel16; 94 | } 95 | 96 | 97 | ### Branch instructions end ### 98 | 99 | -------------------------------------------------------------------------------- /gradlew: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env sh 2 | 3 | ############################################################################## 4 | ## 5 | ## Gradle start up script for UN*X 6 | ## 7 | ############################################################################## 8 | 9 | # Attempt to set APP_HOME 10 | # Resolve links: $0 may be a link 11 | PRG="$0" 12 | # Need this for relative symlinks. 13 | while [ -h "$PRG" ] ; do 14 | ls=`ls -ld "$PRG"` 15 | link=`expr "$ls" : '.*-> $.*$$'` 16 | if expr "$link" : '/.*' > /dev/null; then 17 | PRG="$link" 18 | else 19 | PRG=`dirname "$PRG"`"/$link" 20 | fi 21 | done 22 | SAVED="`pwd`" 23 | cd "`dirname \"$PRG\"`/" >/dev/null 24 | APP_HOME="`pwd -P`" 25 | cd "$SAVED" >/dev/null 26 | 27 | APP_NAME="Gradle" 28 | APP_BASE_NAME=`basename "$0"` 29 | 30 | # Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. 31 | DEFAULT_JVM_OPTS='"-Xmx64m"' 32 | 33 | # Use the maximum available, or set MAX_FD != -1 to use that value. 34 | MAX_FD="maximum" 35 | 36 | warn () { 37 | echo "$*" 38 | } 39 | 40 | die () { 41 | echo 42 | echo "$*" 43 | echo 44 | exit 1 45 | } 46 | 47 | # OS specific support (must be 'true' or 'false'). 48 | cygwin=false 49 | msys=false 50 | darwin=false 51 | nonstop=false 52 | case "`uname`" in 53 | CYGWIN* ) 54 | cygwin=true 55 | ;; 56 | Darwin* ) 57 | darwin=true 58 | ;; 59 | MINGW* ) 60 | msys=true 61 | ;; 62 | NONSTOP* ) 63 | nonstop=true 64 | ;; 65 | esac 66 | 67 | CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar 68 | 69 | # Determine the Java command to use to start the JVM. 70 | if [ -n "$JAVA_HOME" ] ; then 71 | if [ -x "$JAVA_HOME/jre/sh/java" ] ; then 72 | # IBM's JDK on AIX uses strange locations for the executables 73 | JAVACMD="$JAVA_HOME/jre/sh/java" 74 | else 75 | JAVACMD="$JAVA_HOME/bin/java" 76 | fi 77 | if [ ! -x "$JAVACMD" ] ; then 78 | die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME 79 | 80 | Please set the JAVA_HOME variable in your environment to match the 81 | location of your Java installation." 82 | fi 83 | else 84 | JAVACMD="java" 85 | which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. 86 | 87 | Please set the JAVA_HOME variable in your environment to match the 88 | location of your Java installation." 89 | fi 90 | 91 | # Increase the maximum file descriptors if we can. 92 | if [ "$cygwin" = "false" -a "$darwin" = "false" -a "$nonstop" = "false" ] ; then 93 | MAX_FD_LIMIT=`ulimit -H -n` 94 | if [ $? -eq 0 ] ; then 95 | if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ] ; then 96 | MAX_FD="$MAX_FD_LIMIT" 97 | fi 98 | ulimit -n $MAX_FD 99 | if [ $? -ne 0 ] ; then 100 | warn "Could not set maximum file descriptor limit: $MAX_FD" 101 | fi 102 | else 103 | warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT" 104 | fi 105 | fi 106 | 107 | # For Darwin, add options to specify how the application appears in the dock 108 | if $darwin; then 109 | GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\"" 110 | fi 111 | 112 | # For Cygwin, switch paths to Windows format before running java 113 | if $cygwin ; then 114 | APP_HOME=`cygpath --path --mixed "$APP_HOME"` 115 | CLASSPATH=`cygpath --path --mixed "$CLASSPATH"` 116 | JAVACMD=`cygpath --unix "$JAVACMD"` 117 | 118 | # We build the pattern for arguments to be converted via cygpath 119 | ROOTDIRSRAW=`find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null` 120 | SEP="" 121 | for dir in $ROOTDIRSRAW ; do 122 | ROOTDIRS="$ROOTDIRS$SEP$dir" 123 | SEP="|" 124 | done 125 | OURCYGPATTERN="(^($ROOTDIRS))" 126 | # Add a user-defined pattern to the cygpath arguments 127 | if [ "$GRADLE_CYGPATTERN" != "" ] ; then 128 | OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)" 129 | fi 130 | # Now convert the arguments - kludge to limit ourselves to /bin/sh 131 | i=0 132 | for arg in "$@" ; do 133 | CHECK=`echo "$arg"|egrep -c "$OURCYGPATTERN" -` 134 | CHECK2=`echo "$arg"|egrep -c "^-"` ### Determine if an option 135 | 136 | if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ] ; then ### Added a condition 137 | eval `echo args$i`=`cygpath --path --ignore --mixed "$arg"` 138 | else 139 | eval `echo args$i`="\"$arg\"" 140 | fi 141 | i=$((i+1)) 142 | done 143 | case $i in 144 | (0) set -- ;; 145 | (1) set -- "$args0" ;; 146 | (2) set -- "$args0" "$args1" ;; 147 | (3) set -- "$args0" "$args1" "$args2" ;; 148 | (4) set -- "$args0" "$args1" "$args2" "$args3" ;; 149 | (5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;; 150 | (6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;; 151 | (7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;; 152 | (8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;; 153 | (9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;; 154 | esac 155 | fi 156 | 157 | # Escape application args 158 | save () { 159 | for i do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/" ; done 160 | echo " " 161 | } 162 | APP_ARGS=$(save "$@") 163 | 164 | # Collect all arguments for the java command, following the shell quoting and substitution rules 165 | eval set -- $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS "\"-Dorg.gradle.appname=$APP_BASE_NAME\"" -classpath "\"$CLASSPATH\"" org.gradle.wrapper.GradleWrapperMain "$APP_ARGS" 166 | 167 | # by default we should be in the correct project dir, but when run from Finder on Mac, the cwd is wrong 168 | if [ "$(uname)" = "Darwin" ] && [ "$HOME" = "$PWD" ]; then 169 | cd "$(dirname "$0")" 170 | fi 171 | 172 | exec "$JAVACMD" "$@" 173 | -------------------------------------------------------------------------------- /src/main/java/zone/mary/ghidra/falcon/NvidiaGRBootloaderLoader.java: -------------------------------------------------------------------------------- 1 | package zone.mary.ghidra.falcon; 2 | 3 | import java.io.IOException; 4 | import java.util.*; 5 | 6 | import ghidra.app.util.Option; 7 | import ghidra.app.util.bin.BinaryReader; 8 | import ghidra.app.util.bin.ByteProvider; 9 | import ghidra.app.util.importer.MessageLog; 10 | import ghidra.app.util.opinion.AbstractProgramLoader; 11 | import ghidra.app.util.opinion.Loaded; 12 | import ghidra.app.util.opinion.LoadException; 13 | import ghidra.app.util.opinion.LoadSpec; 14 | import ghidra.app.util.opinion.LoaderTier; 15 | import ghidra.framework.model.DomainFolder; 16 | import ghidra.framework.model.DomainObject; 17 | import ghidra.framework.model.Project; 18 | import ghidra.framework.store.LockException; 19 | import ghidra.program.flatapi.FlatProgramAPI; 20 | import ghidra.program.model.address.Address; 21 | import ghidra.program.model.address.AddressOutOfBoundsException; 22 | import ghidra.program.model.address.AddressOverflowException; 23 | import ghidra.program.model.lang.CompilerSpec; 24 | import ghidra.program.model.lang.CompilerSpecID; 25 | import ghidra.program.model.lang.Language; 26 | import ghidra.program.model.lang.LanguageCompilerSpecPair; 27 | import ghidra.program.model.lang.LanguageID; 28 | import ghidra.program.model.listing.Program; 29 | import ghidra.program.model.mem.MemoryBlock; 30 | import ghidra.util.Msg; 31 | import ghidra.util.exception.CancelledException; 32 | import ghidra.util.task.TaskMonitor; 33 | 34 | public class NvidiaGRBootloaderLoader extends AbstractProgramLoader { 35 | private static final LanguageID FALCON4_LANGUAGE_ID = new LanguageID("falcon:LE:32:v4"); 36 | private static final LanguageID FALCON5_LANGUAGE_ID = new LanguageID("falcon:LE:32:v5"); 37 | 38 | @Override 39 | public String getName() { 40 | return "NVIDIA GR BootLoader"; 41 | } 42 | 43 | @Override 44 | public Collection findSupportedLoadSpecs(ByteProvider provider) throws IOException { 45 | List loadSpecs = new ArrayList<>(); 46 | 47 | BinaryReader reader = new BinaryReader(provider, true); 48 | 49 | long startOffset = reader.readUnsignedInt(0x0); 50 | long size = reader.readUnsignedInt(0x4); 51 | 52 | if (provider.length() - 0x10 < size) { 53 | return loadSpecs; 54 | } 55 | 56 | int checksum = 0; 57 | 58 | for (int i = 0; i < size / 4; i++) { 59 | checksum = (checksum + reader.readInt(startOffset + 0x10 + i * 4)); 60 | } 61 | 62 | // TODO: Use the checksum to match against commonly known bootloaders 63 | 64 | loadSpecs.add(new LoadSpec(this, 0, 65 | new LanguageCompilerSpecPair(FALCON4_LANGUAGE_ID, new CompilerSpecID("default")), true)); 66 | loadSpecs.add(new LoadSpec(this, 0, 67 | new LanguageCompilerSpecPair(FALCON5_LANGUAGE_ID, new CompilerSpecID("default")), true)); 68 | 69 | return loadSpecs; 70 | } 71 | 72 | @Override 73 | public List