#define UNLOADED_FILE 1#include <idc.idc>static main(void){ // set 'load

1. #define UNLOADED_FILE 1
2. #include <idc.idc>
3.  
4. static main(void)
5. {
6. // set 'loading idc file' mode
7. set_inf_attr(INF_GENFLAGS, INFFL_LOADIDC|get_inf_attr(INF_GENFLAGS));
8. GenInfo(); // various settings
9. Segments(); // segmentation
10. Enums(); // enumerations
11. Structures(); // structure types
12. ApplyStrucTInfos(); // structure type infos
13. Patches(); // manual patches
14. SegRegs(); // segment register values
15. Bytes(); // individual bytes (code,data)
16. Functions(); // function definitions
17. // clear 'loading idc file' mode
18. set_inf_attr(INF_GENFLAGS, ~INFFL_LOADIDC&get_inf_attr(INF_GENFLAGS));
19. }
20.  
21. //------------------------------------------------------------------------
22. // General information
23.  
24. static GenInfo(void) {
25.  
26. delete_all_segments(); // purge database
27. set_processor_type("ARM", SETPROC_USER);
28. set_inf_attr(INF_COMPILER, 6);
29. set_inf_attr(INF_STRLIT_BREAK, 0xA);
30. set_flag(INF_CMTFLAG, SW_ALLCMT, 0);
31. set_flag(INF_OUTFLAGS, OFLG_SHOW_VOID, 0);
32. set_inf_attr(INF_XREFNUM, 2);
33. set_flag(INF_OUTFLAGS, OFLG_SHOW_AUTO, 1);
34. set_inf_attr(INF_INDENT, 16);
35. set_inf_attr(INF_COMMENT, 40);
36. set_inf_attr(INF_MAXREF, 0x10);
37. }
38.  
39. //------------------------------------------------------------------------
40. // Information about segmentation
41.  
42. static Segments(void) {
43. set_selector(0X1,0);
44. ;
45. add_segm_ex(0X40000000,0X40006000,0X1,1,1,2,ADDSEG_NOSREG);
46. SegRename(0X40000000,".boot");
47. SegClass (0X40000000,".boot");
48. SegDefReg(0x40000000,"T",0x0);
49. SegDefReg(0x40000000,"DS",0x1);
50. add_segm_ex(0X40006000,0X40007000,0X1,1,1,2,ADDSEG_NOSREG);
51. SegRename(0X40006000,".secondarystack");
52. SegClass (0X40006000,"STACK");
53. SegDefReg(0x40006000,"T",0x0);
54. SegDefReg(0x40006000,"DS",0x1);
55. set_segm_type(0X40006000,9);
56. add_segm_ex(0X40007000,0X40008000,0X1,1,1,2,ADDSEG_NOSREG);
57. SegRename(0X40007000,".stack");
58. SegClass (0X40007000,"STACK");
59. SegDefReg(0x40007000,"T",0x0);
60. SegDefReg(0x40007000,"DS",0x1);
61. set_segm_type(0X40007000,9);
62. add_segm_ex(0X40010000,0X4001176C,0X1,1,1,2,ADDSEG_NOSREG);
63. SegRename(0X40010000,".text");
64. SegClass (0X40010000,"CODE");
65. SegDefReg(0x40010000,"T",0x0);
66. SegDefReg(0x40010000,"DS",0x1);
67. set_segm_type(0X40010000,2);
68. add_segm_ex(0X4001176C,0X4001278C,0X1,1,1,2,ADDSEG_NOSREG);
69. SegRename(0X4001176C,".rodata");
70. SegClass (0X4001176C,"CONST");
71. SegDefReg(0x4001176C,"T",0x1);
72. SegDefReg(0x4001176C,"DS",0x1);
73. set_segm_type(0X4001176C,3);
74. add_segm_ex(0X4001278C,0X400128BC,0X1,1,1,2,ADDSEG_NOSREG);
75. SegRename(0X4001278C,".data");
76. SegClass (0X4001278C,"DATA");
77. SegDefReg(0x4001278C,"T",0x1);
78. SegDefReg(0x4001278C,"DS",0x1);
79. set_segm_type(0X4001278C,3);
80. add_segm_ex(0X400128BC,0X40013FE0,0X1,1,1,2,ADDSEG_NOSREG);
81. SegRename(0X400128BC,".bss");
82. SegClass (0X400128BC,"BSS");
83. SegDefReg(0x400128BC,"T",0x1);
84. SegDefReg(0x400128BC,"DS",0x1);
85. set_segm_type(0X400128BC,9);
86. add_segm_ex(0X40013FE0,0X400347A0,0,1,1,5,ADDSEG_NOSREG);
87. SegRename(0X40013FE0,".pk11");
88. SegClass (0X40013FE0,"CODE");
89. SegDefReg(0x40013FE0,"T",0x1);
90. SegDefReg(0x40013FE0,"DS",0x1);
91. set_segm_type(0X40013FE0,2);
92. add_segm_ex(0X60005000,0X60005020,0X1,1,1,2,ADDSEG_NOSREG);
93. SegRename(0X60005000,".timers");
94. SegClass (0X60005000,"IO");
95. SegDefReg(0x60005000,"T",0x0);
96. SegDefReg(0x60005000,"DS",0x1);
97. add_segm_ex(0X6000F200,0X6000F220,0X1,1,1,2,ADDSEG_NOSREG);
98. SegRename(0X6000F200,".vectors");
99. SegClass (0X6000F200,"DATA");
100. SegDefReg(0x6000F200,"T",0x0);
101. SegDefReg(0x6000F200,"DS",0x1);
102. set_segm_type(0X6000F200,3);
103. add_segm_ex(0X7000F800,0X70010000,0X1,1,1,2,ADDSEG_NOSREG);
104. SegRename(0X7000F800,".fuses");
105. SegClass (0X7000F800,"IO");
106. SegDefReg(0x7000F800,"T",0x0);
107. SegDefReg(0x7000F800,"DS",0x1);
108. add_segm_ex(0X70012000,0X70014000,0X1,1,1,2,ADDSEG_NOSREG);
109. SegRename(0X70012000,".securityengine");
110. SegClass (0X70012000,"IO");
111. SegDefReg(0x70012000,"T",0x0);
112. SegDefReg(0x70012000,"DS",0x1);
113. set_inf_attr(INF_LOW_OFF, 0x40000000);
114. set_inf_attr(INF_HIGH_OFF, 0x70014000);
115. }
116.  
117. static Enums_0(id) {
118.  
119. id = add_enum(-1,"KEYSLOT_TYPE",0x1100000);
120. add_enum_member(id,"KEYSLOT_0", 0, -1);
121. add_enum_member(id,"KEYSLOT_1", 0X1, -1);
122. add_enum_member(id,"KEYSLOT_2", 0X2, -1);
123. add_enum_member(id,"KEYSLOT_3", 0X3, -1);
124. add_enum_member(id,"KEYSLOT_4", 0X4, -1);
125. add_enum_member(id,"KEYSLOT_5", 0X5, -1);
126. add_enum_member(id,"KEYSLOT_6", 0X6, -1);
127. add_enum_member(id,"KEYSLOT_7", 0X7, -1);
128. add_enum_member(id,"KEYSLOT_8", 0X8, -1);
129. add_enum_member(id,"KEYSLOT_9", 0X9, -1);
130. add_enum_member(id,"KEYSLOT_A", 0XA, -1);
131. add_enum_member(id,"KEYSLOT_B", 0XB, -1);
132. add_enum_member(id,"KEYSLOT_C", 0XC, -1);
133. add_enum_member(id,"KEYSLOT_D", 0XD, -1);
134. add_enum_member(id,"KEYSLOT_E_SBK", 0XE, -1);
135. add_enum_member(id,"KEYSLOT_F_SSK", 0XF, -1);
136. id = add_enum(-1,"ALG_TYPE",0x1100000);
137. add_enum_member(id,"ALG_AES_DEC", 0, -1);
138. add_enum_member(id,"ALG_AES_ENC", 0X1, -1);
139. add_enum_member(id,"ALG_RNG", 0X2, -1);
140. add_enum_member(id,"ALG_SHA", 0X3, -1);
141. add_enum_member(id,"ALG_RSA", 0X4, -1);
142. id = add_enum(-1,"DST_TYPE",0x1100000);
143. add_enum_member(id,"DST_MEMORY", 0, -1);
144. add_enum_member(id,"DST_HASHREG", 0X1, -1);
145. add_enum_member(id,"DST_KEYTAB", 0X2, -1);
146. add_enum_member(id,"DST_SRK", 0X3, -1);
147. add_enum_member(id,"DST_RSAREG", 0X4, -1);
148. id = add_enum(-1,"CORE_CRYPT_TYPE",0x1100000);
149. add_enum_member(id,"CORE_DECRYPT", 0, -1);
150. add_enum_member(id,"CORE_ENCRYPT", 0X1, -1);
151. id = add_enum(-1,"CORE_HASH_TYPE",0x1100000);
152. add_enum_member(id,"HASH_DISABLE", 0, -1);
153. add_enum_member(id,"HASH_ENABLE", 0X1, -1);
154. return id;
155. }
156.  
157. //------------------------------------------------------------------------
158. // Information about enum types
159.  
160. static Enums(void) {
161. auto id;
162. begin_type_updating(UTP_ENUM);
163. id = Enums_0(id);
164. end_type_updating(UTP_ENUM);
165. }
166.  
167. static ApplyStrucTInfos_0(void) {
168. auto id;
169. id = get_struc_id("AddrInfo");
170. SetType(get_member_id(id, 0x0), "int");
171. SetType(get_member_id(id, 0x4), "int");
172. id = get_struc_id("CryptoAddrInfo");
173. SetType(get_member_id(id, 0x0), "int");
174. id = get_struc_id("securityEngine_t");
175. SetType(get_member_id(id, 0x0), "unsigned int");
176. SetType(get_member_id(id, 0x4), "unsigned int");
177. SetType(get_member_id(id, 0x8), "unsigned int");
178. SetType(get_member_id(id, 0xC), "unsigned int");
179. SetType(get_member_id(id, 0x10), "unsigned int");
180. SetType(get_member_id(id, 0x14), "unsigned int");
181. SetType(get_member_id(id, 0x1C), "unsigned int");
182. SetType(get_member_id(id, 0x20), "unsigned int");
183. SetType(get_member_id(id, 0x28), "unsigned int");
184. SetType(get_member_id(id, 0x2C), "unsigned int");
185. SetType(get_member_id(id, 0x30), "unsigned __int8[16]");
186. SetType(get_member_id(id, 0x40), "unsigned __int8[576]");
187. SetType(get_member_id(id, 0x280), "unsigned int");
188. SetType(get_member_id(id, 0x284), "unsigned int[16]");
189. SetType(get_member_id(id, 0x2C4), "unsigned __int8[60]");
190. SetType(get_member_id(id, 0x300), "unsigned int");
191. SetType(get_member_id(id, 0x304), "unsigned int");
192. SetType(get_member_id(id, 0x308), "unsigned int[4]");
193. SetType(get_member_id(id, 0x318), "unsigned int");
194. SetType(get_member_id(id, 0x31C), "unsigned int");
195. SetType(get_member_id(id, 0x320), "unsigned int");
196. SetType(get_member_id(id, 0x324), "unsigned int");
197. SetType(get_member_id(id, 0x328), "unsigned int");
198. SetType(get_member_id(id, 0x32C), "unsigned int");
199. SetType(get_member_id(id, 0x330), "unsigned int");
200. SetType(get_member_id(id, 0x334), "unsigned __int8[1228]");
201. SetType(get_member_id(id, 0x800), "unsigned int");
202. SetType(get_member_id(id, 0x804), "unsigned int");
203. SetType(get_member_id(id, 0x808), "unsigned int");
204. SetType(get_member_id(id, 0x80C), "unsigned int");
205. SetType(get_member_id(id, 0x810), "unsigned int");
206. SetType(get_member_id(id, 0x814), "unsigned int");
207. SetType(get_member_id(id, 0x818), "unsigned int");
208. SetType(get_member_id(id, 0x81C), "unsigned int");
209. SetType(get_member_id(id, 0x820), "unsigned __int8[6112]");
210. id = get_struc_id("bootloaderHeader_t");
211. SetType(get_member_id(id, 0x0), "unsigned int");
212. SetType(get_member_id(id, 0x4), "char[20]");
213. id = get_struc_id("badBlockTable_t");
214. SetType(get_member_id(id, 0x0), "unsigned int");
215. SetType(get_member_id(id, 0x4), "unsigned __int8");
216. SetType(get_member_id(id, 0x5), "unsigned __int8");
217. SetType(get_member_id(id, 0x6), "unsigned __int8[512]");
218. SetType(get_member_id(id, 0x206), "unsigned __int8[10]");
219. id = get_struc_id("bootloaderInfo_t");
220. SetType(get_member_id(id, 0x0), "unsigned int");
221. SetType(get_member_id(id, 0x4), "unsigned int");
222. SetType(get_member_id(id, 0x8), "unsigned int");
223. SetType(get_member_id(id, 0xC), "unsigned int");
224. SetType(get_member_id(id, 0x10), "unsigned int");
225. SetType(get_member_id(id, 0x14), "unsigned int");
226. SetType(get_member_id(id, 0x18), "unsigned int");
227. SetType(get_member_id(id, 0x1C), "unsigned __int8[16]");
228. SetType(get_member_id(id, 0x2C), "unsigned __int8[256]");
229. id = get_struc_id("keyblob_t");
230. SetType(get_member_id(id, 0x0), "const char[16]");
231. SetType(get_member_id(id, 0x10), "const char[16]");
232. SetType(get_member_id(id, 0x20), "const char[9][16]");
233. id = get_struc_id("BCT_t");
234. SetType(get_member_id(id, 0x210), "unsigned __int8[256]");
235. SetType(get_member_id(id, 0x310), "unsigned __int8[16]");
236. SetType(get_member_id(id, 0x320), "unsigned __int8[256]");
237. SetType(get_member_id(id, 0x420), "unsigned int");
238. SetType(get_member_id(id, 0x424), "unsigned __int8[32]");
239. SetType(get_member_id(id, 0x444), "unsigned __int8[12]");
240. SetType(get_member_id(id, 0x500), "unsigned __int8[8]");
241. SetType(get_member_id(id, 0x508), "unsigned int");
242. SetType(get_member_id(id, 0x50C), "unsigned int");
243. SetType(get_member_id(id, 0x510), "unsigned __int8[16]");
244. SetType(get_member_id(id, 0x520), "unsigned __int8[16]");
245. SetType(get_member_id(id, 0x530), "unsigned int");
246. SetType(get_member_id(id, 0x534), "unsigned int");
247. SetType(get_member_id(id, 0x538), "unsigned int");
248. SetType(get_member_id(id, 0x53C), "unsigned int");
249. SetType(get_member_id(id, 0x540), "unsigned int");
250. SetType(get_member_id(id, 0x544), "unsigned int");
251. SetType(get_member_id(id, 0x548), "unsigned int[16]");
252. SetType(get_member_id(id, 0x588), "unsigned int");
253. SetType(get_member_id(id, 0x58C), "unsigned __int8[4][1896]");
254. SetType(get_member_id(id, 0x232C), "unsigned int");
255. SetType(get_member_id(id, 0x27E0), "unsigned __int8");
256. SetType(get_member_id(id, 0x27E4), "unsigned int");
257. SetType(get_member_id(id, 0x27E8), "unsigned int");
258. SetType(get_member_id(id, 0x27EC), "unsigned __int8[12]");
259. SetType(get_member_id(id, 0x27F8), "unsigned __int8[5]");
260. id = get_struc_id("BIT_t");
261. SetType(get_member_id(id, 0x0), "char[76]");
262. id = get_struc_id("keyGenerationBuffer");
263. id = get_struc_id("keyGenerationBuffer::$9228D6E392E45DCE87B284151F3CF629");
264. id = get_struc_id("keyGenerationBuffer::$9228D6E392E45DCE87B284151F3CF629::$74351EF23253E0B28D24A0867FCDD4BB");
265. SetType(get_member_id(id, 0x0), "char[16]");
266. SetType(get_member_id(id, 0x10), "char[16]");
267. id = get_struc_id("keyGenerationBuffer::$9228D6E392E45DCE87B284151F3CF629::$41977C36FC669A496A8D84212237D94F");
268. SetType(get_member_id(id, 0x0), "unsigned __int8[8]");
269. SetType(get_member_id(id, 0x8), "char[9][16]");
270. SetType(get_member_id(id, 0x98), "unsigned __int8[8]");
271. id = get_struc_id("downgradeFuseData");
272. SetType(get_member_id(id, 0x0), "unsigned int");
273. SetType(get_member_id(id, 0x4), "unsigned int");
274. SetType(get_member_id(id, 0x8), "unsigned int");
275. SetType(get_member_id(id, 0xC), "unsigned int");
276. SetType(get_member_id(id, 0x10), "unsigned int");
277. SetType(get_member_id(id, 0x14), "unsigned int");
278. SetType(get_member_id(id, 0x18), "unsigned int");
279. id = get_struc_id("fuseBurnInfo");
280. SetType(get_member_id(id, 0x0), "unsigned int");
281. SetType(get_member_id(id, 0x4), "unsigned int");
282. return id;
283. }
284.  
285. //------------------------------------------------------------------------
286. // Information about type information for structure members
287.  
288. static ApplyStrucTInfos() {
289. ApplyStrucTInfos_0();
290. }
291.  
292. static Structures_0(id) {
293. auto mid;
294.  
295. id = add_struc(-1,"AddrInfo",0);
296. id = add_struc(-1,"CryptoAddrInfo",0);
297. id = add_struc(-1,"securityEngine_t",0);
298. id = add_struc(-1,"bootloaderHeader_t",0);
299. id = add_struc(-1,"badBlockTable_t",0);
300. id = add_struc(-1,"bootloaderInfo_t",0);
301. id = add_struc(-1,"keyblob_t",0);
302. id = add_struc(-1,"BCT_t",0);
303. id = add_struc(-1,"BIT_t",0);
304. id = add_struc(-1,"keyGenerationBuffer",0);
305. id = add_struc(-1,"keyGenerationBuffer::$9228D6E392E45DCE87B284151F3CF629",1);
306. id = add_struc(-1,"keyGenerationBuffer::$9228D6E392E45DCE87B284151F3CF629::$74351EF23253E0B28D24A0867FCDD4BB",0);
307. id = add_struc(-1,"keyGenerationBuffer::$9228D6E392E45DCE87B284151F3CF629::$41977C36FC669A496A8D84212237D94F",0);
308. id = add_struc(-1,"downgradeFuseData",0);
309. id = add_struc(-1,"fuseBurnInfo",0);
310.  
311. id = get_struc_id("AddrInfo");
312. mid = add_struc_member(id,"address", 0, 0x20000400, -1, 4);
313. mid = add_struc_member(id,"size", 0X4, 0x20000400, -1, 4);
314. set_struc_align(id,2);
315.  
316. id = get_struc_id("CryptoAddrInfo");
317. mid = add_struc_member(id,"flagsMaybe", 0, 0x20000400, -1, 4);
318. mid = add_struc_member(id,"addrInfo", 0X4, 0x60000400, get_struc_id("AddrInfo"), 8);
319. set_struc_align(id,2);
320.  
321. id = get_struc_id("securityEngine_t");
322. mid = add_struc_member(id,"_0x0", 0, 0x20000400, -1, 4);
323. mid = add_struc_member(id,"_0x4", 0X4, 0x20000400, -1, 4);
324. mid = add_struc_member(id,"OPERATION_REG", 0X8, 0x20000400, -1, 4);
325. mid = add_struc_member(id,"INT_ENABLE_REG", 0XC, 0x20000400, -1, 4);
326. mid = add_struc_member(id,"INT_STATUS_REG", 0X10, 0x20000400, -1, 4);
327. mid = add_struc_member(id,"CONFIG_REG", 0X14, 0x20000400, -1, 4);
328. mid = add_struc_member(id,"IN_LL_ADDR_REG", 0X18, 0x25500400, 0XFFFFFFFF, 4, 0XFFFFFFFF, 0, 0x000002);
329. mid = add_struc_member(id,"_0x1C", 0X1C, 0x20000400, -1, 4);
330. mid = add_struc_member(id,"_0x20", 0X20, 0x20000400, -1, 4);
331. mid = add_struc_member(id,"OUT_LL_ADDR_REG", 0X24, 0x25500400, 0XFFFFFFFF, 4, 0XFFFFFFFF, 0, 0x000002);
332. mid = add_struc_member(id,"_0x28", 0X28, 0x20000400, -1, 4);
333. mid = add_struc_member(id,"_0x2C", 0X2C, 0x20000400, -1, 4);
334. mid = add_struc_member(id,"cmacOutput", 0X30, 0x000400, -1, 16);
335. mid = add_struc_member(id,"reserved0x40", 0X40, 0x000400, -1, 576);
336. mid = add_struc_member(id,"KEY_READ_DISABLE_REG", 0X280, 0x20000400, -1, 4);
337. mid = add_struc_member(id,"KEYSLOT_FLAGS", 0X284, 0x20000400, -1, 64);
338. mid = add_struc_member(id,"reserved0x2C4", 0X2C4, 0x000400, -1, 60);
339. mid = add_struc_member(id,"_0x300", 0X300, 0x20000400, -1, 4);
340. mid = add_struc_member(id,"CRYPTO_REG", 0X304, 0x20000400, -1, 4);
341. mid = add_struc_member(id,"CRYPTO_CTR_REG", 0X308, 0x20000400, -1, 16);
342. mid = add_struc_member(id,"BLOCK_COUNT_REG", 0X318, 0x20000400, -1, 4);
343. mid = add_struc_member(id,"KEYTABLE_REG", 0X31C, 0x20000400, -1, 4);
344. mid = add_struc_member(id,"KEYTABLE_DATA0_REG", 0X320, 0x20000400, -1, 4);
345. mid = add_struc_member(id,"_0x324", 0X324, 0x20000400, -1, 4);
346. mid = add_struc_member(id,"_0x328", 0X328, 0x20000400, -1, 4);
347. mid = add_struc_member(id,"_0x32C", 0X32C, 0x20000400, -1, 4);
348. mid = add_struc_member(id,"CRYPTO_KEYTABLE_DST_REG", 0X330, 0x20000400, -1, 4);
349. mid = add_struc_member(id,"reserved0x334", 0X334, 0x000400, -1, 1228);
350. mid = add_struc_member(id,"FLAGS_REG", 0X800, 0x20000400, -1, 4);
351. mid = add_struc_member(id,"ERR_STATUS_REG", 0X804, 0x20000400, -1, 4);
352. mid = add_struc_member(id,"_0x808", 0X808, 0x20000400, -1, 4);
353. mid = add_struc_member(id,"_0x80C", 0X80C, 0x20000400, -1, 4);
354. mid = add_struc_member(id,"_0x810", 0X810, 0x20000400, -1, 4);
355. mid = add_struc_member(id,"_0x814", 0X814, 0x20000400, -1, 4);
356. mid = add_struc_member(id,"_0x818", 0X818, 0x20000400, -1, 4);
357. mid = add_struc_member(id,"_0x81C", 0X81C, 0x20000400, -1, 4);
358. mid = add_struc_member(id,"reserved0x820", 0X820, 0x000400, -1, 6112);
359. set_struc_align(id,2);
360.  
361. id = get_struc_id("badBlockTable_t");
362. mid = add_struc_member(id,"numEntries", 0, 0x20000400, -1, 4);
363. mid = add_struc_member(id,"virtualBlockSize", 0X4, 0x000400, -1, 1);
364. mid = add_struc_member(id,"blockSize", 0X5, 0x000400, -1, 1);
365. mid = add_struc_member(id,"badBlocks", 0X6, 0x000400, -1, 512);
366. mid = add_struc_member(id,"reserved", 0X206, 0x000400, -1, 10);
367. set_struc_align(id,2);
368.  
369. id = get_struc_id("bootloaderInfo_t");
370. mid = add_struc_member(id,"version", 0, 0x20000400, -1, 4);
371. mid = add_struc_member(id,"startBlock", 0X4, 0x20000400, -1, 4);
372. mid = add_struc_member(id,"startPage", 0X8, 0x20000400, -1, 4);
373. mid = add_struc_member(id,"length", 0XC, 0x20000400, -1, 4);
374. mid = add_struc_member(id,"loadAddress", 0X10, 0x20000400, -1, 4);
375. mid = add_struc_member(id,"entryPoint", 0X14, 0x20000400, -1, 4);
376. mid = add_struc_member(id,"attribute", 0X18, 0x20000400, -1, 4);
377. mid = add_struc_member(id,"aesMacSignature", 0X1C, 0x000400, -1, 16);
378. mid = add_struc_member(id,"rsaPssSignature", 0X2C, 0x000400, -1, 256);
379. set_struc_align(id,2);
380.  
381. id = get_struc_id("keyblob_t");
382. mid = add_struc_member(id,"aesMac", 0, 0x000400, -1, 16);
383. mid = add_struc_member(id,"ctr", 0X10, 0x000400, -1, 16);
384. mid = add_struc_member(id,"encryptedKeys", 0X20, 0x000400, -1, 144);
385.  
386. id = get_struc_id("BCT_t");
387. mid = add_struc_member(id,"badBlockTable", 0, 0x60000400, get_struc_id("badBlockTable_t"), 528);
388. mid = add_struc_member(id,"PKCModulus", 0X210, 0x000400, -1, 256);
389. mid = add_struc_member(id,"aesMacSignature", 0X310, 0x000400, -1, 16);
390. mid = add_struc_member(id,"rsaPssSignature", 0X320, 0x000400, -1, 256);
391. mid = add_struc_member(id,"secProvisioningKeyNumInsecure", 0X420, 0x20000400, -1, 4);
392. mid = add_struc_member(id,"secProvisioningKey", 0X424, 0x000400, -1, 32);
393. mid = add_struc_member(id,"_0x444", 0X444, 0x000400, -1, 12);
394. mid = add_struc_member(id,"keyblob", 0X450, 0x60000400, get_struc_id("keyblob_t"), 176);
395. mid = add_struc_member(id,"_0x500", 0X500, 0x000400, -1, 8);
396. mid = add_struc_member(id,"odmData", 0X508, 0x20000400, -1, 4);
397. mid = add_struc_member(id,"reserved0", 0X50C, 0x20000400, -1, 4);
398. mid = add_struc_member(id,"randomAesBlock", 0X510, 0x000400, -1, 16);
399. mid = add_struc_member(id,"uniqueChipId", 0X520, 0x000400, -1, 16);
400. mid = add_struc_member(id,"bootDataVersion", 0X530, 0x20000400, -1, 4);
401. mid = add_struc_member(id,"blockSizeLog2", 0X534, 0x20000400, -1, 4);
402. mid = add_struc_member(id,"pageSizeLog2", 0X538, 0x20000400, -1, 4);
403. mid = add_struc_member(id,"partitionSize", 0X53C, 0x20000400, -1, 4);
404. mid = add_struc_member(id,"numParamSets", 0X540, 0x20000400, -1, 4);
405. mid = add_struc_member(id,"devType", 0X544, 0x20000400, -1, 4);
406. mid = add_struc_member(id,"devParams", 0X548, 0x20000400, -1, 64);
407. mid = add_struc_member(id,"numSdramSets", 0X588, 0x20000400, -1, 4);
408. mid = add_struc_member(id,"sdramParams", 0X58C, 0x000400, -1, 7584);
409. mid = add_struc_member(id,"numBootloaders", 0X232C, 0x20000400, -1, 4);
410. mid = add_struc_member(id,"bootloaders", 0X2330, 0x60000400, get_struc_id("bootloaderInfo_t"), 1200);
411. mid = add_struc_member(id,"enableFailBack", 0X27E0, 0x000400, -1, 1);
412. mid = add_struc_member(id,"secureDebugControl", 0X27E4, 0x20000400, -1, 4);
413. mid = add_struc_member(id,"secProvisioningKeyNumSecure", 0X27E8, 0x20000400, -1, 4);
414. mid = add_struc_member(id,"reserved2", 0X27EC, 0x000400, -1, 12);
415. mid = add_struc_member(id,"padding", 0X27F8, 0x000400, -1, 5);
416. set_struc_align(id,2);
417.  
418. id = get_struc_id("bootloaderHeader_t");
419. mid = add_struc_member(id,"isActive", 0, 0x20000400, -1, 4);
420. mid = add_struc_member(id,"_0x4", 0X4, 0x000400, -1, 20);
421. set_struc_align(id,2);
422.  
423. id = get_struc_id("BIT_t");
424. mid = add_struc_member(id,"_0x0", 0, 0x000400, -1, 76);
425. mid = add_struc_member(id,"bct", 0X4C, 0x25500400, 0XFFFFFFFF, 4, 0XFFFFFFFF, 0, 0x000002);
426. mid = add_struc_member(id,"bootloaderHeaders", 0X50, 0x60000400, get_struc_id("bootloaderHeader_t"), 96);
427. set_struc_align(id,2);
428.  
429. id = get_struc_id("keyGenerationBuffer::$9228D6E392E45DCE87B284151F3CF629::$74351EF23253E0B28D24A0867FCDD4BB");
430. mid = add_struc_member(id,"deviceKey", 0, 0x000400, -1, 16);
431. mid = add_struc_member(id,"keyblobKey", 0X10, 0x000400, -1, 16);
432.  
433. id = get_struc_id("keyGenerationBuffer::$9228D6E392E45DCE87B284151F3CF629::$41977C36FC669A496A8D84212237D94F");
434. mid = add_struc_member(id,"_0x0", 0, 0x000400, -1, 8);
435. mid = add_struc_member(id,"decryptedKeys", 0X8, 0x000400, -1, 144);
436. mid = add_struc_member(id,"_0x98", 0X98, 0x000400, -1, 8);
437.  
438. id = get_struc_id("keyGenerationBuffer::$9228D6E392E45DCE87B284151F3CF629");
439. mid = add_struc_member(id,"anonymous_0", 0, 0x60000400, get_struc_id("keyGenerationBuffer::$9228D6E392E45DCE87B284151F3CF629::$74351EF23253E0B28D24A0867FCDD4BB"), 32);
440. mid = add_struc_member(id,"anonymous_1", 0, 0x60000400, get_struc_id("keyGenerationBuffer::$9228D6E392E45DCE87B284151F3CF629::$41977C36FC669A496A8D84212237D94F"), 160);
441.  
442. id = get_struc_id("keyGenerationBuffer");
443. mid = add_struc_member(id,"anonymous_0", 0, 0x60000400, get_struc_id("keyGenerationBuffer::$9228D6E392E45DCE87B284151F3CF629"), 160);
444.  
445. id = get_struc_id("downgradeFuseData");
446. mid = add_struc_member(id,"odmFuse7", 0, 0x20000400, -1, 4);
447. mid = add_struc_member(id,"odmFuse6", 0X4, 0x20000400, -1, 4);
448. mid = add_struc_member(id,"retailFusesBurntMask", 0X8, 0x20000400, -1, 4);
449. mid = add_struc_member(id,"odmFuse6Mask", 0XC, 0x20000400, -1, 4);
450. mid = add_struc_member(id,"devFusesBurntMask", 0X10, 0x20000400, -1, 4);
451. mid = add_struc_member(id,"_5", 0X14, 0x20000400, -1, 4);
452. mid = add_struc_member(id,"isRetailUnit", 0X18, 0x20000400, -1, 4);
453. set_struc_align(id,2);
454.  
455. id = get_struc_id("fuseBurnInfo");
456. mid = add_struc_member(id,"fusesBurnt7", 0, 0x20000400, -1, 4);
457. mid = add_struc_member(id,"fusesBurnt6", 0X4, 0x20000400, -1, 4);
458. set_struc_align(id,2);
459. return id;
460. }
461.  
462. //------------------------------------------------------------------------
463. // Information about structure types
464.  
465. static Structures(void) {
466. auto id;
467. begin_type_updating(UTP_STRUCT);
468. id = Structures_0(id);
469. patch_byte (0X40012709, 0X20);
470. patch_byte (0X4001270A, 0X1);
471. patch_byte (0X4001270B, 0X70);
472. }
473.  
474. //------------------------------------------------------------------------
475. // Information about bytes
476.  
477. static Bytes_0(void) {
478. auto x;
479. #define id x
480.  
481. MakeStruct (0X40000000, "BIT_t");
482. set_name (0X40000000, "BIT");
483. set_name (0X40007000, "__stack_bottom_");
484. update_extra_cmt (0X40010000, E_PREV + 0, "; File Name : package1_1.0.0");
485. update_extra_cmt (0X40010000, E_PREV + 1, "; Format : Binary file");
486. update_extra_cmt (0X40010000, E_PREV + 2, "; Base Address: 0000h Range: 40010000h - 40034E40h Loaded length: 24E40h");
487. create_insn (0X40010020);
488. set_name (0X40010020, "crt0");
489. set_cmt (0X40010024, "argc", 0);
490. create_insn (x=0X40010024);
491. op_plain_offset (x, 1, 0);
492. op_plain_offset (x, 129, 0);
493. create_insn (x=0X40010028);
494. op_plain_offset (x, 1, 0);
495. op_plain_offset (x, 129, 0);
496. create_insn (0X40010030);
497. create_dword (0X40010034);
498. create_dword (x=0X40010038);
499. op_plain_offset (x, 0, 0);
500. op_plain_offset (x, 128, 0);
501. set_name (0X40010038, "argc");
502. create_insn (0X4001003C);
503. set_name (0X4001003C, "memcmp");
504. create_insn (0X40010082);
505. create_insn (0X4001008E);
506. create_insn (0X40010092);
507. create_insn (0X400100B2);
508. set_name (0X400100B2, "coreCrypto");
509. create_insn (x=0X400100B6);
510. op_stkvar (x, 1);
511. set_cmt (0X400100C2, "address", 0);
512. create_insn (x=0X400100C2);
513. op_stkvar (x, 1);
514. set_cmt (0X400100C4, "size", 0);
515. set_cmt (0X400100C6, "cryptoAddrInfo", 0);
516. set_cmt (0X400100CC, "size", 0);
517. set_cmt (0X400100CE, "address", 0);
518. set_cmt (0X400100D0, "cryptoAddrInfo", 0);
519. create_insn (x=0X400100D0);
520. op_stkvar (x, 1);
521. create_insn (x=0X400100DA);
522. op_stkvar (x, 1);
523. set_cmt (0X400100DE, "status", 0);
524. create_insn (x=0X400100DE);
525. op_stkvar (x, 1);
526. create_insn (0X400100FA);
527. set_name (0X400100FA, "setKeyslotFlags");
528. create_insn (0X40010108);
529. create_insn (0X40010144);
530. set_name (0X40010144, "clearKeyslot");
531. create_insn (0X40010150);
532. create_insn (0X40010178);
533. set_name (0X40010178, "decryptSingleAESECBBlock");
534. create_insn (x=0X4001017C);
535. op_stkvar (x, 1);
536. set_cmt (0X40010198, "dst", 0);
537. create_insn (0X40010198);
538. set_cmt (0X4001019A, "alg", 0);
539. set_cmt (0X400101A0, "enableHash", 0);
540. set_cmt (0X400101A2, "isEncrypt", 0);
541. set_cmt (0X400101A4, "keySlot", 0);
542. set_cmt (0X400101AA, "_DWORD", 0);
543. set_cmt (0X400101B0, "addressIn", 0);
544. create_insn (x=0X400101B0);
545. op_stkvar (x, 1);
546. set_cmt (0X400101B2, "sizeOut", 0);
547. set_cmt (0X400101B4, "addressOut", 0);
548. set_cmt (0X400101B6, "status", 0);
549. set_cmt (0X400101B8, "sizeIn", 0);
550. create_insn (x=0X400101B8);
551. op_stkvar (x, 1);
552. create_insn (0X400101C6);
553. set_name (0X400101C6, "performAESMAC");
554. create_insn (x=0X400101C8);
555. op_stkvar (x, 1);
556. set_cmt (0X400101CA, "address_in", 0);
557. create_insn (x=0X400101CA);
558. op_stkvar (x, 1);
559. set_cmt (0X400101CC, "keySlot", 0);
560. set_cmt (0X400101CE, "zero", 0);
561. set_cmt (0X400101D0, "size_in", 0);
562. create_insn (x=0X400101D0);
563. op_stkvar (x, 1);
564. create_insn (0X400101DC);
565. set_name (0X400101DC, "decryptDataIntoKeyslot");
566. create_insn (0X400101F6);
567. set_cmt (0X400101FC, "dst", 0);
568. set_cmt (0X400101FE, "alg", 0);
569. set_cmt (0X40010204, "enableHash", 0);
570. set_cmt (0X40010206, "isEncrypt", 0);
571. set_cmt (0X40010208, "keySlot", 0);
572. set_cmt (0X4001020E, "_DWORD", 0);
573. set_cmt (0X4001021E, "sizeOut", 0);
574. set_cmt (0X40010220, "addressIn", 0);
575. create_insn (x=0X40010220);
576. op_stkvar (x, 1);
577. set_cmt (0X40010222, "addressOut", 0);
578. set_cmt (0X40010224, "status", 0);
579. set_cmt (0X40010226, "sizeIn", 0);
580. create_insn (x=0X40010226);
581. op_stkvar (x, 1);
582. create_insn (0X40010234);
583. set_name (0X40010234, "encryptSingleAESECBBlock");
584. create_insn (x=0X40010238);
585. op_stkvar (x, 1);
586. set_cmt (0X40010254, "dst", 0);
587. create_insn (0X40010254);
588. set_cmt (0X40010256, "alg", 0);
589. set_cmt (0X4001025C, "enableHash", 0);
590. set_cmt (0X4001025E, "isEncrypt", 0);
591. set_cmt (0X40010260, "keySlot", 0);
592. set_cmt (0X40010266, "configHigh", 0);
593. create_insn (x=0X40010266);
594. op_stkvar (x, 1);
595. set_cmt (0X4001026C, "_DWORD", 0);
596. set_cmt (0X40010272, "sizeIn", 0);
597. create_insn (x=0X40010272);
598. op_stkvar (x, 1);
599. set_cmt (0X40010274, "addressIn", 0);
600. create_insn (x=0X40010274);
601. op_stkvar (x, 1);
602. set_cmt (0X40010276, "sizeOut", 0);
603. set_cmt (0X40010278, "addressOut", 0);
604. set_cmt (0X4001027A, "status", 0);
605. create_insn (0X40010288);
606. set_name (0X40010288, "setCTR");
607. set_cmt (0X40010298, "offset", 0);
608. set_cmt (0X4001029A, "dword", 0);
609. set_cmt (0X400102A8, "offset", 0);
610. set_cmt (0X400102AA, "dword", 0);
611. set_cmt (0X400102B8, "offset", 0);
612. set_cmt (0X400102BA, "dword", 0);
613. set_cmt (0X400102C8, "offset", 0);
614. set_cmt (0X400102CA, "dword", 0);
615. create_insn (0X400102D8);
616. set_name (0X400102D8, "rotl128XorRb");
617. create_insn (0X400102FE);
618. set_name (0X400102FE, "selectKeyslot");
619. create_insn (0X4001031C);
620. set_name (0X4001031C, "setNumBlocks");
621. create_insn (0X40010334);
622. set_name (0X40010334, "setSecurityEngineConfigHigh");
623. create_insn (0X4001034E);
624. set_name (0X4001034E, "performAESMACInternal");
625. set_cmt (0X40010350, "size_in", 0);
626. create_insn (x=0X40010352);
627. op_stkvar (x, 1);
628. create_insn (x=0X40010354);
629. op_stkvar (x, 1);
630. create_insn (0X4001035E);
631. create_insn (x=0X40010376);
632. op_stkvar (x, 1);
633. create_insn (x=0X40010378);
634. op_stkvar (x, 1);
635. create_insn (x=0X4001037A);
636. op_stkvar (x, 1);
637. create_insn (x=0X4001037C);
638. op_stkvar (x, 1);
639. set_cmt (0X4001037E, "size_out", 0);
640. set_cmt (0X40010380, "address_out", 0);
641. create_insn (x=0X40010380);
642. op_stkvar (x, 1);
643. create_insn (x=0X40010386);
644. op_stkvar (x, 1);
645. set_cmt (0X4001038E, "result", 0);
646. create_insn (x=0X4001038E);
647. op_stkvar (x, 1);
648. set_cmt (0X40010398, "result", 0);
649. create_insn (x=0X40010398);
650. op_stkvar (x, 1);
651. set_cmt (0X4001039E, "dst", 0);
652. set_cmt (0X400103A0, "alg", 0);
653. set_cmt (0X400103A6, "keySlot", 0);
654. create_insn (x=0X400103A6);
655. op_stkvar (x, 1);
656. set_cmt (0X400103A8, "enableHash", 0);
657. set_cmt (0X400103AA, "isEncrypt", 0);
658. set_cmt (0X400103B0, "configHigh", 0);
659. create_insn (x=0X400103B0);
660. op_stkvar (x, 1);
661. create_insn (x=0X400103BC);
662. op_stkvar (x, 1);
663. set_cmt (0X400103E0, "_DWORD", 0);
664. set_cmt (0X400103E6, "sizeOut", 0);
665. set_cmt (0X400103E8, "sizeIn", 0);
666. create_insn (x=0X400103E8);
667. op_stkvar (x, 1);
668. set_cmt (0X400103EA, "addressIn", 0);
669. create_insn (x=0X400103EA);
670. op_stkvar (x, 1);
671. set_cmt (0X400103EC, "addressOut", 0);
672. set_cmt (0X400103EE, "status", 0);
673. set_cmt (0X40010404, "_DWORD", 0);
674. create_insn (x=0X4001040C);
675. op_stkvar (x, 1);
676. create_insn (x=0X40010412);
677. op_stkvar (x, 1);
678. create_insn (x=0X40010414);
679. op_stkvar (x, 1);
680. create_insn (x=0X40010416);
681. op_stkvar (x, 1);
682. create_insn (x=0X40010418);
683. op_stkvar (x, 1);
684. create_insn (x=0X4001041E);
685. op_stkvar (x, 1);
686. set_cmt (0X40010420, "size", 0);
687. set_cmt (0X40010424, "src", 0);
688. set_cmt (0X40010426, "dst", 0);
689. create_insn (x=0X4001042E);
690. op_stkvar (x, 1);
691. set_cmt (0X40010440, "sizeOut", 0);
692. set_cmt (0X40010442, "sizeIn", 0);
693. create_insn (x=0X40010442);
694. op_stkvar (x, 1);
695. set_cmt (0X40010444, "addressOut", 0);
696. set_cmt (0X40010446, "status", 0);
697. set_cmt (0X40010448, "addressIn", 0);
698. create_insn (x=0X40010448);
699. op_stkvar (x, 1);
700. create_insn (x=0X4001044E);
701. op_stkvar (x, 1);
702. create_insn (x=0X40010450);
703. op_stkvar (x, 1);
704. create_insn (0X40010460);
705. create_insn (0X40010464);
706. set_cmt (0X40010468, "value", 0);
707. set_cmt (0X4001046A, "address", 0);
708. create_insn (0X4001047E);
709. set_name (0X4001047E, "setAESConfig");
710. create_insn (0X4001049E);
711. set_name (0X4001049E, "createCryptoAddressInfo");
712. create_insn (0X400104AC);
713. create_insn (0X400104B2);
714. set_name (0X400104B2, "setKeyslot");
715. create_insn (0X400104C6);
716. create_insn (x=0X400104D0);
717. op_stkvar (x, 1);
718. create_insn (x=0X400104E0);
719. op_stkvar (x, 1);
720. set_cmt (0X400104E8, "dword", 0);
721. create_insn (x=0X400104E8);
722. op_stkvar (x, 1);
723. create_insn (0X40010500);
724. set_name (0X40010500, "isUnitTypeNonZero");
725. create_insn (0X40010512);
726. set_name (0X40010512, "j_j_panic");
727. create_insn (0X40010516);
728. set_name (0X40010516, "panic2");
729. set_cmt (0X40010526, "fuseIndexRaw", 0);
730. set_cmt (0X40010532, "fuseIndexRaw", 0);
731. set_cmt (0X40010534, "fuseVal", 0);
732. create_insn (0X40010540);
733. set_name (0X40010540, "writeOdmFuse7");
734. create_insn (0X40010550);
735. set_name (0X40010550, "writeOdmFuse6");
736. create_insn (0X40010560);
737. set_name (0X40010560, "writeFuse");
738. set_cmt (0X40010568, "fuseIndex", 0);
739. set_cmt (0X4001056E, "fuseVal", 0);
740. set_cmt (0X40010570, "fuseIndex", 0);
741. create_insn (0X4001057C);
742. set_name (0X4001057C, "getOdmFuse4Type");
743. set_cmt (0X4001057E, "a1", 0);
744. create_insn (0X400105A4);
745. create_insn (0X400105AA);
746. create_insn (0X400105AE);
747. create_insn (0X400105BA);
748. set_name (0X400105BA, "getUnitType");
749. set_cmt (0X400105BC, "a1", 0);
750. create_insn (0X400105E0);
751. create_insn (0X400105E4);
752. create_insn (0X400105E8);
753. set_name (0X400105E8, "checkSku");
754. create_insn (0X400105F6);
755. create_insn (0X400105FC);
756. set_name (0X400105FC, "checkOdmFuse6");
757. create_insn (0X4001060C);
758. create_insn (0X40010610);
759. set_name (0X40010610, "checkBCTBootloadeVersion");
760. create_insn (0X4001062C);
761. create_insn (0X40010646);
762. set_name (0X40010646, "checkConfigFuses");
763. create_insn (0X40010682);
764. create_insn (0X40010688);
765. set_name (0X40010688, "checkOdmFuse7");
766. create_insn (0X40010694);
767. create_insn (0X40010698);
768. set_name (0X40010698, "decryptAndParsePK11");
769. set_cmt (0X4001069A, "sizeOut", 0);
770. create_insn (x=0X400106AE);
771. op_stkvar (x, 1);
772. set_cmt (0X400106B2, "addressIn", 0);
773. set_cmt (0X400106B4, "keySlot", 0);
774. set_cmt (0X400106B6, "addressOut", 0);
775. set_cmt (0X400106B8, "sizeIn", 0);
776. create_insn (x=0X400106B8);
777. op_stkvar (x, 1);
778. set_cmt (0X400106BE, "keySlot", 0);
779. set_cmt (0X400106C4, "package11Size", 0);
780. set_cmt (0X400106C6, "package11Header", 0);
781. create_insn (0X400106E0);
782. create_insn (0X400106E4);
783. set_name (0X400106E4, "getFuseDataMatchesExpectation");
784. create_insn (0X400106EE);
785. create_insn (0X40010706);
786. create_insn (0X4001070A);
787. set_name (0X4001070A, "memclear");
788. create_insn (0X40010716);
789. set_name (0X40010716, "read32");
790. create_insn (x=0X40010718);
791. op_stkvar (x, 1);
792. create_insn (x=0X4001071A);
793. op_stkvar (x, 1);
794. create_insn (0X40010736);
795. set_name (0X40010736, "write32");
796. create_insn (x=0X40010738);
797. op_stkvar (x, 1);
798. create_insn (x=0X4001073C);
799. op_stkvar (x, 1);
800. create_insn (0X40010750);
801. set_name (0X40010750, "launchPackage11");
802. create_insn (0X40010766);
803. set_name (0X40010766, "launchFunction");
804. create_insn (0X40010768);
805. set_name (0X40010768, "branchToR4");
806. create_insn (0X4001076C);
807. set_name (0X4001076C, "j_panic");
808. make_array (0X4001076E, 0X2);
809. create_insn (x=0X40010770);
810. op_plain_offset (x, 1, 0);
811. op_plain_offset (x, 129, 0);
812. set_name (0X40010770, "panic");
813. create_dword (x=0X40010778);
814. op_plain_offset (x, 0, 0);
815. op_plain_offset (x, 128, 0);
816. create_insn (0X4001077C);
817. set_name (0X4001077C, "constTimeMemcmp");
818. make_array (0X4001077E, 0X2);
819. create_insn (0X40010780);
820. set_name (0X40010780, "__32constTimeMemcmp");
821. create_insn (0X40010790);
822. create_insn (0X400107C8);
823. set_name (0X400107C8, "pivotStackLaunchFunction");
824. create_insn (0X400107CC);
825. set_name (0X400107CC, "memcpy2");
826. make_array (0X400107CE, 0X2);
827. create_insn (0X400107D0);
828. set_name (0X400107D0, "__32memcpy2");
829. create_insn (x=0X400107D8);
830. op_hex (x, 1);
831. set_cmt (0X400107F4, "src", 0);
832. set_cmt (0X400107FC, "size", 0);
833. create_insn (x=0X40010804);
834. op_hex (x, 1);
835. create_insn (0X40010844);
836. create_insn (0X40010864);
837. create_insn (0X400108A4);
838. set_name (0X400108A4, "memcpy");
839. make_array (0X400108A6, 0X2);
840. create_insn (0X400108A8);
841. set_name (0X400108A8, "__32memcpy");
842. create_insn (0X4001090C);
843. set_name (0X4001090C, "memclear3");
844. make_array (0X4001090E, 0X2);
845. create_insn (0X40010910);
846. set_name (0X40010910, "__32memclear3");
847. create_insn (x=0X4001091C);
848. op_hex (x, 1);
849. create_insn (0X4001093C);
850. create_insn (0X40010950);
851. set_name (0X40010950, "memclear2");
852. make_array (0X40010952, 0X2);
853. create_insn (0X40010954);
854. set_name (0X40010954, "__32memclear2");
855. create_insn (x=0X4001099C);
856. op_hex (x, 1);
857. create_insn (x=0X400109A8);
858. op_plain_offset (x, 1, 0);
859. op_plain_offset (x, 129, 0);
860. set_name (0X400109A8, "verifySecurityEngineNotBusy");
861. create_insn (0X400109BE);
862. create_dword (x=0X400109C4);
863. op_plain_offset (x, 0, 0);
864. op_plain_offset (x, 128, 0);
865. create_insn (x=0X400109C8);
866. op_plain_offset (x, 1, 0);
867. op_plain_offset (x, 129, 0);
868. set_name (0X400109C8, "disableSecurityEngineReads");
869. create_dword (x=0X400109E8);
870. op_plain_offset (x, 0, 0);
871. op_plain_offset (x, 128, 0);
872. create_dword (0X400109EC);
873. create_insn (0X400109F0);
874. set_name (0X400109F0, "AESCTRCrypt");
875. create_insn (x=0X400109F4);
876. op_stkvar (x, 1);
877. create_insn (x=0X400109F6);
878. op_stkvar (x, 1);
879. create_insn (x=0X40010A02);
880. op_stkvar (x, 1);
881. create_insn (0X40010A0C);
882. create_insn (x=0X40010A16);
883. op_stkvar (x, 1);
884. set_cmt (0X40010A20, "alg", 0);
885. set_cmt (0X40010A24, "dst", 0);
886. set_cmt (0X40010A2C, "keySlot", 0);
887. create_insn (x=0X40010A2C);
888. op_stkvar (x, 1);
889. set_cmt (0X40010A2E, "enableHash", 0);
890. set_cmt (0X40010A30, "isEncrypt", 0);
891. set_cmt (0X40010A36, "ctr", 0);
892. create_insn (x=0X40010A36);
893. op_stkvar (x, 1);
894. set_cmt (0X40010A40, "_DWORD", 0);
895. set_cmt (0X40010A46, "addressIn", 0);
896. create_insn (x=0X40010A46);
897. op_stkvar (x, 1);
898. set_cmt (0X40010A48, "addressOut", 0);
899. create_insn (x=0X40010A48);
900. op_stkvar (x, 1);
901. set_cmt (0X40010A4A, "sizeOut", 0);
902. set_cmt (0X40010A4C, "status", 0);
903. set_cmt (0X40010A4E, "sizeIn", 0);
904. create_insn (x=0X40010A4E);
905. op_stkvar (x, 1);
906. create_insn (x=0X40010A54);
907. op_stkvar (x, 1);
908. set_cmt (0X40010A5E, "_DWORD", 0);
909. create_insn (x=0X40010A64);
910. op_stkvar (x, 1);
911. set_cmt (0X40010A66, "size", 0);
912. create_insn (x=0X40010A66);
913. op_stkvar (x, 1);
914. set_cmt (0X40010A68, "src", 0);
915. set_cmt (0X40010A6A, "dst", 0);
916. create_insn (x=0X40010A6A);
917. op_stkvar (x, 1);
918. set_cmt (0X40010A72, "sizeOut", 0);
919. set_cmt (0X40010A74, "sizeIn", 0);
920. create_insn (x=0X40010A74);
921. op_stkvar (x, 1);
922. set_cmt (0X40010A76, "status", 0);
923. set_cmt (0X40010A78, "addressIn", 0);
924. create_insn (x=0X40010A78);
925. op_stkvar (x, 1);
926. set_cmt (0X40010A7A, "addressOut", 0);
927. create_insn (x=0X40010A7A);
928. op_stkvar (x, 1);
929. create_insn (x=0X40010A82);
930. op_stkvar (x, 1);
931. create_insn (x=0X40010A84);
932. op_stkvar (x, 1);
933. create_insn (x=0X40010A88);
934. op_stkvar (x, 1);
935. create_insn (x=0X40010A8E);
936. op_stkvar (x, 1);
937. set_cmt (0X40010A90, "size", 0);
938. create_insn (x=0X40010A92);
939. op_stkvar (x, 1);
940. set_cmt (0X40010A94, "src", 0);
941. create_insn (x=0X40010A94);
942. op_stkvar (x, 1);
943. set_cmt (0X40010A96, "dst", 0);
944. create_dword (0X40010AA4);
945. create_insn (x=0X40010AA8);
946. op_plain_offset (x, 1, 0);
947. op_plain_offset (x, 129, 0);
948. set_name (0X40010AA8, "getSecurityEngine");
949. create_dword (x=0X40010AB0);
950. op_plain_offset (x, 0, 0);
951. op_plain_offset (x, 128, 0);
952. create_insn (x=0X40010AB4);
953. op_plain_offset (x, 1, 0);
954. op_plain_offset (x, 129, 0);
955. set_name (0X40010AB4, "setSecurityEngineAddress");
956. create_dword (x=0X40010ABC);
957. op_plain_offset (x, 0, 0);
958. op_plain_offset (x, 128, 0);
959. create_insn (0X40010AC0);
960. set_name (0X40010AC0, "checkSecurityEngineOperationSuceeded");
961. create_insn (0X40010AE6);
962. create_dword (0X40010AEC);
963. create_insn (0X40010AF0);
964. set_name (0X40010AF0, "setOperationStatus");
965. create_dword (0X40010B0C);
966. create_insn (0X40010B10);
967. set_name (0X40010B10, "clearSecurityEngine");
968. create_insn (x=0X40010B12);
969. op_plain_offset (x, 1, 0);
970. op_plain_offset (x, 129, 0);
971. create_dword (x=0X40010B50);
972. op_plain_offset (x, 0, 0);
973. op_plain_offset (x, 128, 0);
974. create_insn (0X40010B54);
975. set_name (0X40010B54, "enableDeviceClkRst");
976. create_insn (x=0X40010B56);
977. op_plain_offset (x, 1, 0);
978. op_plain_offset (x, 129, 0);
979. create_dword (x=0X40010BC8);
980. op_plain_offset (x, 0, 0);
981. op_plain_offset (x, 128, 0);
982. create_insn (0X40010BCC);
983. set_name (0X40010BCC, "disableDeviceClkRst");
984. create_insn (x=0X40010BCE);
985. op_plain_offset (x, 1, 0);
986. op_plain_offset (x, 129, 0);
987. create_dword (x=0X40010C00);
988. op_plain_offset (x, 0, 0);
989. op_plain_offset (x, 128, 0);
990. create_insn (0X40010C04);
991. set_name (0X40010C04, "enableSEClkRst");
992. set_cmt (0X40010C06, "a1", 0);
993. create_insn (x=0X40010C06);
994. op_plain_offset (x, 1, 0);
995. op_plain_offset (x, 129, 0);
996. create_dword (x=0X40010C10);
997. op_plain_offset (x, 0, 0);
998. op_plain_offset (x, 128, 0);
999. create_insn (0X40010C14);
1000. set_name (0X40010C14, "enableSor0ClkRst");
1001. set_cmt (0X40010C16, "a1", 0);
1002. create_insn (x=0X40010C16);
1003. op_plain_offset (x, 1, 0);
1004. op_plain_offset (x, 129, 0);
1005. create_dword (x=0X40010C20);
1006. op_plain_offset (x, 0, 0);
1007. op_plain_offset (x, 128, 0);
1008. create_insn (0X40010C24);
1009. set_name (0X40010C24, "enableSor1ClkRst");
1010. set_cmt (0X40010C26, "a1", 0);
1011. create_insn (x=0X40010C26);
1012. op_plain_offset (x, 1, 0);
1013. op_plain_offset (x, 129, 0);
1014. create_dword (x=0X40010C30);
1015. op_plain_offset (x, 0, 0);
1016. op_plain_offset (x, 128, 0);
1017. create_insn (0X40010C34);
1018. set_name (0X40010C34, "enableTsecClkRst");
1019. set_cmt (0X40010C36, "a1", 0);
1020. create_insn (x=0X40010C36);
1021. op_plain_offset (x, 1, 0);
1022. op_plain_offset (x, 129, 0);
1023. create_dword (x=0X40010C40);
1024. op_plain_offset (x, 0, 0);
1025. op_plain_offset (x, 128, 0);
1026. create_insn (0X40010C44);
1027. set_name (0X40010C44, "disableSor0ClkRst");
1028. set_cmt (0X40010C46, "a1", 0);
1029. create_insn (x=0X40010C46);
1030. op_plain_offset (x, 1, 0);
1031. op_plain_offset (x, 129, 0);
1032. create_dword (x=0X40010C50);
1033. op_plain_offset (x, 0, 0);
1034. op_plain_offset (x, 128, 0);
1035. create_insn (0X40010C54);
1036. set_name (0X40010C54, "disableSor1ClkRst");
1037. set_cmt (0X40010C56, "a1", 0);
1038. create_insn (x=0X40010C56);
1039. op_plain_offset (x, 1, 0);
1040. op_plain_offset (x, 129, 0);
1041. create_dword (x=0X40010C60);
1042. op_plain_offset (x, 0, 0);
1043. op_plain_offset (x, 128, 0);
1044. create_insn (0X40010C64);
1045. set_name (0X40010C64, "disableTsecClkRst");
1046. set_cmt (0X40010C66, "a1", 0);
1047. create_insn (x=0X40010C66);
1048. op_plain_offset (x, 1, 0);
1049. op_plain_offset (x, 129, 0);
1050. create_dword (x=0X40010C70);
1051. op_plain_offset (x, 0, 0);
1052. op_plain_offset (x, 128, 0);
1053. create_insn (0X40010C74);
1054. set_name (0X40010C74, "enableKFuseClkRst");
1055. create_insn (x=0X40010C76);
1056. op_plain_offset (x, 1, 0);
1057. op_plain_offset (x, 129, 0);
1058. create_insn (x=0X40010C7A);
1059. op_plain_offset (x, 1, 0X60006000);
1060. op_plain_offset (x, 129, 0X60006000);
1061. create_insn (x=0X40010C84);
1062. op_plain_offset (x, 1, 0X60006000);
1063. op_plain_offset (x, 129, 0X60006000);
1064. create_insn (x=0X40010C86);
1065. op_plain_offset (x, 1, 0X60006000);
1066. op_plain_offset (x, 129, 0X60006000);
1067. create_insn (x=0X40010C8A);
1068. op_plain_offset (x, 1, 0X60006000);
1069. op_plain_offset (x, 129, 0X60006000);
1070. create_insn (x=0X40010C8C);
1071. op_plain_offset (x, 1, 0X60006000);
1072. op_plain_offset (x, 129, 0X60006000);
1073. create_insn (x=0X40010C92);
1074. op_plain_offset (x, 1, 0X60006000);
1075. op_plain_offset (x, 129, 0X60006000);
1076. set_cmt (0X40010C94, "result", 0);
1077. create_insn (x=0X40010C9A);
1078. op_plain_offset (x, 1, 0X60006000);
1079. op_plain_offset (x, 129, 0X60006000);
1080. create_insn (x=0X40010C9E);
1081. op_plain_offset (x, 1, 0X60006000);
1082. op_plain_offset (x, 129, 0X60006000);
1083. set_cmt (0X40010CA0, "result", 0);
1084. create_dword (x=0X40010CAC);
1085. op_plain_offset (x, 0, 0);
1086. op_plain_offset (x, 128, 0);
1087. create_insn (0X40010CB0);
1088. set_name (0X40010CB0, "disableKFuseClkRst");
1089. set_cmt (0X40010CB2, "a1", 0);
1090. create_insn (x=0X40010CB2);
1091. op_plain_offset (x, 1, 0);
1092. op_plain_offset (x, 129, 0);
1093. create_dword (x=0X40010CBC);
1094. op_plain_offset (x, 0, 0);
1095. op_plain_offset (x, 128, 0);
1096. create_insn (0X40010CC0);
1097. set_name (0X40010CC0, "enableHost1XClkRst");
1098. set_cmt (0X40010CC2, "a1", 0);
1099. create_insn (x=0X40010CC2);
1100. op_plain_offset (x, 1, 0);
1101. op_plain_offset (x, 129, 0);
1102. create_dword (x=0X40010CCC);
1103. op_plain_offset (x, 0, 0);
1104. op_plain_offset (x, 128, 0);
1105. create_insn (x=0X40010CD0);
1106. op_plain_offset (x, 1, 0);
1107. op_plain_offset (x, 129, 0);
1108. set_name (0X40010CD0, "enableMiscClk");
1109. create_insn (x=0X40010CD4);
1110. op_plain_offset (x, 1, 0X60006000);
1111. op_plain_offset (x, 129, 0X60006000);
1112. create_insn (x=0X40010CE2);
1113. op_plain_offset (x, 1, 0X60006000);
1114. op_plain_offset (x, 129, 0X60006000);
1115. create_dword (x=0X40010CE8);
1116. op_plain_offset (x, 0, 0);
1117. op_plain_offset (x, 128, 0);
1118. create_insn (0X40010CEC);
1119. set_name (0X40010CEC, "disableHost1xClkRst");
1120. set_cmt (0X40010CEE, "a1", 0);
1121. create_insn (x=0X40010CEE);
1122. op_plain_offset (x, 1, 0);
1123. op_plain_offset (x, 129, 0);
1124. create_dword (x=0X40010CF8);
1125. op_plain_offset (x, 0, 0);
1126. op_plain_offset (x, 128, 0);
1127. create_insn (0X40010CFC);
1128. set_name (0X40010CFC, "enableSorSafeClkRst");
1129. set_cmt (0X40010CFE, "a1", 0);
1130. create_insn (x=0X40010CFE);
1131. op_plain_offset (x, 1, 0);
1132. op_plain_offset (x, 129, 0);
1133. create_dword (x=0X40010D08);
1134. op_plain_offset (x, 0, 0);
1135. op_plain_offset (x, 128, 0);
1136. create_insn (0X40010D0C);
1137. set_name (0X40010D0C, "disableSorSafeClkRst");
1138. set_cmt (0X40010D0E, "a1", 0);
1139. create_insn (x=0X40010D0E);
1140. op_plain_offset (x, 1, 0);
1141. op_plain_offset (x, 129, 0);
1142. create_dword (x=0X40010D18);
1143. op_plain_offset (x, 0, 0);
1144. op_plain_offset (x, 128, 0);
1145. create_insn (x=0X40010D1C);
1146. op_plain_offset (x, 1, 0);
1147. op_plain_offset (x, 129, 0);
1148. set_name (0X40010D1C, "setPMCRegAfterFuseWriting");
1149. set_cmt (0X40010D32, "result", 0);
1150. set_cmt (0X40010D3E, "result", 0);
1151. create_dword (x=0X40010D4C);
1152. op_plain_offset (x, 0, 0);
1153. op_plain_offset (x, 128, 0);
1154. create_insn (x=0X40010D50);
1155. op_plain_offset (x, 1, 0);
1156. op_plain_offset (x, 129, 0);
1157. set_name (0X40010D50, "setPMCRegBeforeFuseWriting");
1158. set_cmt (0X40010D66, "result", 0);
1159. set_cmt (0X40010D72, "result", 0);
1160. create_dword (x=0X40010D80);
1161. op_plain_offset (x, 0, 0);
1162. op_plain_offset (x, 128, 0);
1163. create_insn (x=0X40010D84);
1164. op_plain_offset (x, 1, 0);
1165. op_plain_offset (x, 129, 0);
1166. set_name (0X40010D84, "reboot");
1167. create_insn (x=0X40010D8A);
1168. op_plain_offset (x, 1, 0X60005000);
1169. op_plain_offset (x, 129, 0X60005000);
1170. create_insn (x=0X40010D9C);
1171. op_plain_offset (x, 1, 0X60005000);
1172. op_plain_offset (x, 129, 0X60005000);
1173. create_dword (x=0X40010DB0);
1174. op_plain_offset (x, 0, 0);
1175. op_plain_offset (x, 128, 0);
1176. create_dword (0X40010DB4);
1177. create_dword (0X40010DB8);
1178. create_insn (x=0X40010DBC);
1179. op_plain_offset (x, 1, 0);
1180. op_plain_offset (x, 129, 0);
1181. set_name (0X40010DBC, "disableFuseWriteAccess");
1182. create_insn (x=0X40010DC6);
1183. op_plain_offset (x, 1, 0X7000F800);
1184. op_plain_offset (x, 129, 0X7000F800);
1185. create_insn (x=0X40010DCE);
1186. op_plain_offset (x, 1, 0X7000F800);
1187. op_plain_offset (x, 129, 0X7000F800);
1188. create_dword (x=0X40010DD8);
1189. op_plain_offset (x, 0, 0);
1190. op_plain_offset (x, 128, 0);
1191. create_insn (x=0X40010DDC);
1192. op_plain_offset (x, 1, 0);
1193. op_plain_offset (x, 129, 0);
1194. set_name (0X40010DDC, "readOdmReservedFuse");
1195. create_dword (x=0X40010DEC);
1196. op_plain_offset (x, 0, 0);
1197. op_plain_offset (x, 128, 0);
1198. create_insn (x=0X40010DF0);
1199. op_plain_offset (x, 1, 0);
1200. op_plain_offset (x, 129, 0);
1201. set_name (0X40010DF0, "getSku");
1202. create_insn (x=0X40010DF8);
1203. op_plain_offset (x, 1, 0X7000F900);
1204. op_plain_offset (x, 129, 0X7000F900);
1205. create_dword (x=0X40010DFC);
1206. op_plain_offset (x, 0, 0);
1207. op_plain_offset (x, 128, 0);
1208. create_insn (x=0X40010E00);
1209. op_plain_offset (x, 1, 0);
1210. op_plain_offset (x, 129, 0);
1211. set_name (0X40010E00, "getODMReservedFuse7");
1212. create_insn (x=0X40010E08);
1213. op_plain_offset (x, 1, 0X7000F980);
1214. op_plain_offset (x, 129, 0X7000F980);
1215. create_dword (x=0X40010E0C);
1216. op_plain_offset (x, 0, 0);
1217. op_plain_offset (x, 128, 0);
1218. create_insn (x=0X40010E10);
1219. op_plain_offset (x, 1, 0);
1220. op_plain_offset (x, 129, 0);
1221. set_name (0X40010E10, "getODMReservedFuse6");
1222. create_insn (x=0X40010E18);
1223. op_plain_offset (x, 1, 0X7000F980);
1224. op_plain_offset (x, 129, 0X7000F980);
1225. create_dword (x=0X40010E1C);
1226. op_plain_offset (x, 0, 0);
1227. op_plain_offset (x, 128, 0);
1228. create_insn (0X40010E20);
1229. set_name (0X40010E20, "writeFuseInternal");
1230. create_insn (x=0X40010E24);
1231. op_plain_offset (x, 1, 0);
1232. op_plain_offset (x, 129, 0);
1233. create_insn (x=0X40010E32);
1234. op_plain_offset (x, 1, 0X7000F800);
1235. op_plain_offset (x, 129, 0X7000F800);
1236. create_insn (x=0X40010E34);
1237. op_plain_offset (x, 1, 0X7000F800);
1238. op_plain_offset (x, 129, 0X7000F800);
1239. set_cmt (0X40010E42, "result", 0);
1240. create_insn (0X40010E56);
1241. create_dword (x=0X40010E5C);
1242. op_plain_offset (x, 0, 0);
1243. op_plain_offset (x, 128, 0);
1244. create_insn (x=0X40010E60);
1245. op_plain_offset (x, 1, 0);
1246. op_plain_offset (x, 129, 0);
1247. set_name (0X40010E60, "getBootromPatchVersion");
1248. create_insn (x=0X40010E68);
1249. op_plain_offset (x, 1, 0X7000F900);
1250. op_plain_offset (x, 129, 0X7000F900);
1251. create_dword (x=0X40010E70);
1252. op_plain_offset (x, 0, 0);
1253. op_plain_offset (x, 128, 0);
1254. create_insn (x=0X40010E74);
1255. op_plain_offset (x, 1, 0);
1256. op_plain_offset (x, 129, 0);
1257. set_name (0X40010E74, "secondaryPrivateKeyDisable");
1258. create_insn (x=0X40010E7A);
1259. op_plain_offset (x, 1, 0X7000F800);
1260. op_plain_offset (x, 129, 0X7000F800);
1261. create_dword (x=0X40010E80);
1262. op_plain_offset (x, 0, 0);
1263. op_plain_offset (x, 128, 0);
1264. create_insn (x=0X40010E84);
1265. op_plain_offset (x, 1, 0);
1266. op_plain_offset (x, 129, 0);
1267. set_name (0X40010E84, "checkFuseCtrlBusy");
1268. create_insn (0X40010E96);
1269. create_dword (x=0X40010E9C);
1270. op_plain_offset (x, 0, 0);
1271. op_plain_offset (x, 128, 0);
1272. create_insn (x=0X40010EA0);
1273. op_plain_offset (x, 1, 0);
1274. op_plain_offset (x, 129, 0);
1275. set_name (0X40010EA0, "disableFuseProgramming");
1276. create_insn (x=0X40010EA6);
1277. op_plain_offset (x, 1, 0X7000F800);
1278. op_plain_offset (x, 129, 0X7000F800);
1279. create_dword (x=0X40010EAC);
1280. op_plain_offset (x, 0, 0);
1281. op_plain_offset (x, 128, 0);
1282. create_insn (0X40010EB0);
1283. set_name (0X40010EB0, "prepareToBurnFuses");
1284. create_insn (x=0X40010EB2);
1285. op_plain_offset (x, 1, 0);
1286. op_plain_offset (x, 129, 0);
1287. set_cmt (0X40010EBC, "result", 0);
1288. create_insn (x=0X40010ECC);
1289. op_plain_offset (x, 1, 0X7000F800);
1290. op_plain_offset (x, 129, 0X7000F800);
1291. create_insn (x=0X40010ED6);
1292. op_plain_offset (x, 1, 0X7000F800);
1293. op_plain_offset (x, 129, 0X7000F800);
1294. create_insn (x=0X40010EDC);
1295. op_plain_offset (x, 1, 0X7000F800);
1296. op_plain_offset (x, 129, 0X7000F800);
1297. create_insn (x=0X40010EDE);
1298. op_plain_offset (x, 1, 0X7000F800);
1299. op_plain_offset (x, 129, 0X7000F800);
1300. create_insn (x=0X40010EE8);
1301. op_plain_offset (x, 1, 0X7000F800);
1302. op_plain_offset (x, 129, 0X7000F800);
1303. create_dword (x=0X40010EF4);
1304. op_plain_offset (x, 0, 0);
1305. op_plain_offset (x, 128, 0);
1306. create_insn (x=0X40010EF8);
1307. op_plain_offset (x, 1, 0);
1308. op_plain_offset (x, 129, 0);
1309. set_name (0X40010EF8, "isEKSProvisioned");
1310. create_dword (x=0X40010F0C);
1311. op_plain_offset (x, 0, 0);
1312. op_plain_offset (x, 128, 0);
1313. create_insn (0X40010F10);
1314. set_name (0X40010F10, "clearStack");
1315. set_cmt (0X40010F14, "a1", 0);
1316. create_insn (x=0X40010F14);
1317. op_plain_offset (x, 1, 0);
1318. op_plain_offset (x, 129, 0);
1319. create_dword (x=0X40010F24);
1320. op_plain_offset (x, 0, 0);
1321. op_plain_offset (x, 128, 0);
1322. set_name (0X40010F24, "a1");
1323. create_insn (0X40010F28);
1324. set_name (0X40010F28, "enableHwDevices");
1325. set_cmt (0X40010F5E, "result", 0);
1326. set_cmt (0X40010FEE, "result", 0);
1327. create_dword (x=0X40011098);
1328. op_plain_offset (x, 0, 0);
1329. op_plain_offset (x, 128, 0);
1330. create_dword (x=0X4001109C);
1331. op_plain_offset (x, 0, 0);
1332. op_plain_offset (x, 128, 0);
1333. create_dword (x=0X400110A0);
1334. op_plain_offset (x, 0, 0);
1335. op_plain_offset (x, 128, 0);
1336. create_dword (x=0X400110A4);
1337. op_plain_offset (x, 0, 0);
1338. op_plain_offset (x, 128, 0);
1339. create_dword (x=0X400110A8);
1340. op_plain_offset (x, 0, 0);
1341. op_plain_offset (x, 128, 0);
1342. create_dword (x=0X400110AC);
1343. op_plain_offset (x, 0, 0);
1344. op_plain_offset (x, 128, 0);
1345. create_dword (x=0X400110B0);
1346. op_plain_offset (x, 0, 0);
1347. op_plain_offset (x, 128, 0);
1348. create_dword (x=0X400110B4);
1349. op_plain_offset (x, 0, 0);
1350. op_plain_offset (x, 128, 0);
1351. create_dword (x=0X400110B8);
1352. op_plain_offset (x, 0, 0);
1353. op_plain_offset (x, 128, 0);
1354. create_dword (x=0X400110BC);
1355. op_plain_offset (x, 0, 0);
1356. op_plain_offset (x, 128, 0);
1357. create_dword (0X400110C0);
1358. create_dword (0X400110C4);
1359. create_dword (0X400110C8);
1360. create_dword (0X400110CC);
1361. create_dword (0X400110D0);
1362. create_dword (x=0X400110D4);
1363. op_plain_offset (x, 0, 0);
1364. op_plain_offset (x, 128, 0);
1365. create_dword (0X400110D8);
1366. create_dword (x=0X400110DC);
1367. op_plain_offset (x, 0, 0);
1368. op_plain_offset (x, 128, 0);
1369. create_insn (0X400110E0);
1370. create_insn (x=0X400110F0);
1371. op_plain_offset (x, 1, 0);
1372. op_plain_offset (x, 129, 0);
1373. create_insn (x=0X400110F2);
1374. op_plain_offset (x, 1, 0);
1375. op_plain_offset (x, 129, 0);
1376. create_insn (x=0X400110F6);
1377. op_plain_offset (x, 1, 0);
1378. op_plain_offset (x, 129, 0);
1379. create_insn (x=0X40011102);
1380. op_plain_offset (x, 1, 0);
1381. op_plain_offset (x, 129, 0);
1382. create_insn (x=0X40011104);
1383. op_plain_offset (x, 1, 0);
1384. op_plain_offset (x, 129, 0);
1385. create_insn (x=0X40011108);
1386. op_plain_offset (x, 1, 0);
1387. op_plain_offset (x, 129, 0);
1388. create_dword (x=0X4001110C);
1389. op_plain_offset (x, 0, 0);
1390. op_plain_offset (x, 128, 0);
1391. create_dword (x=0X40011110);
1392. op_plain_offset (x, 0, 0);
1393. op_plain_offset (x, 128, 0);
1394. create_dword (x=0X40011114);
1395. op_plain_offset (x, 0, 0);
1396. op_plain_offset (x, 128, 0);
1397. create_dword (x=0X40011118);
1398. op_plain_offset (x, 0, 0);
1399. op_plain_offset (x, 128, 0);
1400. create_insn (0X4001111C);
1401. set_name (0X4001111C, "clearStage2Payload");
1402. set_cmt (0X4001111E, "a2", 0);
1403. set_cmt (0X40011120, "a1", 0);
1404. create_insn (x=0X40011120);
1405. op_plain_offset (x, 1, 0);
1406. op_plain_offset (x, 129, 0);
1407. create_dword (0X4001112C);
1408. set_name (0X4001112C, "a2");
1409. create_dword (x=0X40011130);
1410. op_plain_offset (x, 0, 0);
1411. op_plain_offset (x, 128, 0);
1412. create_insn (x=0X40011134);
1413. op_plain_offset (x, 1, 0);
1414. op_plain_offset (x, 129, 0);
1415. create_insn (0X4001113C);
1416. create_dword (x=0X4001115C);
1417. op_plain_offset (x, 0, 0);
1418. op_plain_offset (x, 128, 0);
1419. create_insn (0X40011160);
1420. set_name (0X40011160, "downgradeFuseCheck");
1421. set_cmt (0X40011164, "src", 0);
1422. create_insn (x=0X40011164);
1423. op_plain_offset (x, 1, 0);
1424. op_plain_offset (x, 129, 0);
1425. set_cmt (0X40011166, "size", 0);
1426. set_cmt (0X40011168, "dst", 0);
1427. create_insn (x=0X40011172);
1428. op_stkvar (x, 1);
1429. create_insn (x=0X40011178);
1430. op_stkvar (x, 1);
1431. create_insn (x=0X40011180);
1432. op_stkvar (x, 1);
1433. set_cmt (0X40011182, "fuseData", 0);
1434. set_cmt (0X4001118C, "fuseData", 0);
1435. set_cmt (0X400111AA, "downgradeData", 0);
1436. set_cmt (0X400111AC, "fuseBurnInfo", 0);
1437. create_insn (x=0X400111AC);
1438. op_stkvar (x, 1);
1439. create_insn (0X400111BE);
1440. set_cmt (0X400111C2, "val", 0);
1441. create_insn (x=0X400111C2);
1442. op_stkvar (x, 1);
1443. create_insn (0X400111DC);
1444. create_dword (x=0X400111EC);
1445. op_plain_offset (x, 0, 0);
1446. op_plain_offset (x, 128, 0);
1447. set_name (0X400111EC, "src");
1448. create_dword (x=0X400111F0);
1449. op_plain_offset (x, 0, 0);
1450. op_plain_offset (x, 128, 0);
1451. create_dword (x=0X400111F4);
1452. op_plain_offset (x, 0, 0);
1453. op_plain_offset (x, 128, 0);
1454. create_insn (0X400111F8);
1455. set_name (0X400111F8, "generateKeysFromKeyblobAndKeyseeds");
1456. set_cmt (0X40011202, "deviceKeySize", 0);
1457. set_cmt (0X40011204, "deviceKeyOut", 0);
1458. create_insn (x=0X40011204);
1459. op_stkvar (x, 1);
1460. set_cmt (0X4001120A, "keySize", 0);
1461. set_cmt (0X4001120C, "keyslotNum", 0);
1462. set_cmt (0X4001120E, "key", 0);
1463. create_insn (x=0X4001120E);
1464. op_stkvar (x, 1);
1465. create_insn (x=0X40011214);
1466. op_plain_offset (x, 1, 0);
1467. op_plain_offset (x, 129, 0);
1468. create_insn (x=0X40011216);
1469. op_plain_offset (x, 1, 0);
1470. op_plain_offset (x, 129, 0);
1471. set_cmt (0X40011218, "address_in", 0);
1472. set_cmt (0X4001121C, "size_in", 0);
1473. create_insn (x=0X4001121C);
1474. op_stkvar (x, 1);
1475. set_cmt (0X4001121E, "keyslot", 0);
1476. set_cmt (0X40011220, "size_out", 0);
1477. set_cmt (0X40011222, "address_out", 0);
1478. create_insn (x=0X40011222);
1479. op_stkvar (x, 1);
1480. set_cmt (0X40011228, "keySize", 0);
1481. set_cmt (0X4001122A, "keySlot", 0);
1482. set_cmt (0X4001122C, "keySlotToSet", 0);
1483. set_cmt (0X4001122E, "encryptedKey", 0);
1484. create_insn (x=0X4001122E);
1485. op_stkvar (x, 1);
1486. set_cmt (0X40011234, "keySlot", 0);
1487. set_cmt (0X4001123A, "keySlot", 0);
1488. create_insn (x=0X40011240);
1489. op_plain_offset (x, 1, 0);
1490. op_plain_offset (x, 129, 0);
1491. create_insn (x=0X40011242);
1492. op_plain_offset (x, 1, 0);
1493. op_plain_offset (x, 129, 0);
1494. set_cmt (0X40011244, "encryptedKey", 0);
1495. set_cmt (0X40011246, "keySize", 0);
1496. set_cmt (0X40011248, "keySlot", 0);
1497. set_cmt (0X4001124A, "keySlotToSet", 0);
1498. set_cmt (0X40011254, "address_in", 0);
1499. set_cmt (0X40011256, "sizeIn", 0);
1500. create_insn (x=0X40011256);
1501. op_stkvar (x, 1);
1502. set_cmt (0X4001125A, "keySlot", 0);
1503. set_cmt (0X4001125C, "size_out", 0);
1504. set_cmt (0X4001125E, "address_out", 0);
1505. create_insn (x=0X4001125E);
1506. op_stkvar (x, 1);
1507. set_cmt (0X40011264, "size", 0);
1508. set_cmt (0X40011266, "b", 0);
1509. set_cmt (0X40011268, "a", 0);
1510. create_insn (x=0X40011268);
1511. op_stkvar (x, 1);
1512. set_cmt (0X40011274, "sizeOut", 0);
1513. set_cmt (0X4001127C, "ctrSize", 0);
1514. create_insn (x=0X4001127C);
1515. op_stkvar (x, 1);
1516. set_cmt (0X4001127E, "addressIn", 0);
1517. set_cmt (0X40011280, "keySlot", 0);
1518. set_cmt (0X40011282, "addressOut", 0);
1519. create_insn (x=0X40011282);
1520. op_stkvar (x, 1);
1521. set_cmt (0X40011288, "keySize", 0);
1522. set_cmt (0X4001128A, "keyslotNum", 0);
1523. set_cmt (0X4001128C, "key", 0);
1524. create_insn (x=0X4001128C);
1525. op_stkvar (x, 1);
1526. set_cmt (0X40011292, "keySize", 0);
1527. set_cmt (0X40011294, "keyslotNum", 0);
1528. set_cmt (0X40011296, "key", 0);
1529. create_insn (x=0X40011296);
1530. op_stkvar (x, 1);
1531. set_cmt (0X4001129C, "a2", 0);
1532. set_cmt (0X4001129E, "a1", 0);
1533. create_insn (x=0X4001129E);
1534. op_stkvar (x, 1);
1535. set_cmt (0X400112A4, "keySlot", 0);
1536. set_cmt (0X400112A6, "keySize", 0);
1537. set_cmt (0X400112A8, "encryptedKey", 0);
1538. set_cmt (0X400112AA, "keySlotToSet", 0);
1539. create_insn (x=0X400112B0);
1540. op_plain_offset (x, 1, 0);
1541. op_plain_offset (x, 129, 0);
1542. create_insn (x=0X400112B2);
1543. op_plain_offset (x, 1, 0);
1544. op_plain_offset (x, 129, 0);
1545. set_cmt (0X400112B4, "encryptedKey", 0);
1546. set_cmt (0X400112B6, "keySize", 0);
1547. set_cmt (0X400112B8, "keySlot", 0);
1548. set_cmt (0X400112BA, "keySlotToSet", 0);
1549. create_insn (0X400112C8);
1550. create_dword (x=0X400112CC);
1551. op_plain_offset (x, 0, 0);
1552. op_plain_offset (x, 128, 0);
1553. create_dword (x=0X400112D0);
1554. op_plain_offset (x, 0, 0);
1555. op_plain_offset (x, 128, 0);
1556. set_name (0X400112D0, "address_in");
1557. create_dword (x=0X400112D4);
1558. op_plain_offset (x, 0, 0);
1559. op_plain_offset (x, 128, 0);
1560. create_dword (x=0X400112D8);
1561. op_plain_offset (x, 0, 0);
1562. op_plain_offset (x, 128, 0);
1563. set_name (0X400112D8, "encryptedKey");
1564. create_dword (x=0X400112DC);
1565. op_plain_offset (x, 0, 0);
1566. op_plain_offset (x, 128, 0);
1567. create_dword (x=0X400112E0);
1568. op_plain_offset (x, 0, 0);
1569. op_plain_offset (x, 128, 0);
1570. create_insn (0X400112E4);
1571. create_insn (x=0X400112E8);
1572. op_plain_offset (x, 1, 0);
1573. op_plain_offset (x, 129, 0);
1574. create_insn (x=0X400112EC);
1575. op_plain_offset (x, 1, 0);
1576. op_plain_offset (x, 129, 0);
1577. set_cmt (0X400112EE, "encryptedKey", 0);
1578. set_cmt (0X400112F0, "keySize", 0);
1579. set_cmt (0X400112F2, "keySlot", 0);
1580. set_cmt (0X400112F4, "keySlotToSet", 0);
1581. create_insn (x=0X400112FA);
1582. op_plain_offset (x, 1, 0);
1583. op_plain_offset (x, 129, 0);
1584. create_insn (x=0X400112FC);
1585. op_plain_offset (x, 1, 0);
1586. op_plain_offset (x, 129, 0);
1587. set_cmt (0X400112FE, "encryptedKey", 0);
1588. set_cmt (0X40011300, "keySize", 0);
1589. set_cmt (0X40011302, "keySlot", 0);
1590. set_cmt (0X40011304, "keySlotToSet", 0);
1591. create_insn (x=0X4001130A);
1592. op_plain_offset (x, 1, 0);
1593. op_plain_offset (x, 129, 0);
1594. create_insn (x=0X4001130C);
1595. op_plain_offset (x, 1, 0);
1596. op_plain_offset (x, 129, 0);
1597. set_cmt (0X4001130E, "encryptedKey", 0);
1598. set_cmt (0X40011310, "keySize", 0);
1599. set_cmt (0X40011312, "keySlot", 0);
1600. set_cmt (0X40011314, "keySlotToSet", 0);
1601. set_cmt (0X4001131A, "keySlot", 0);
1602. set_cmt (0X40011320, "keySlot", 0);
1603. set_cmt (0X40011326, "keySlot", 0);
1604. set_cmt (0X40011328, "keySize", 0);
1605. set_cmt (0X4001132A, "encryptedKey", 0);
1606. set_cmt (0X4001132C, "keySlotToSet", 0);
1607. create_insn (x=0X40011332);
1608. op_plain_offset (x, 1, 0);
1609. op_plain_offset (x, 129, 0);
1610. create_insn (x=0X40011334);
1611. op_plain_offset (x, 1, 0);
1612. op_plain_offset (x, 129, 0);
1613. set_cmt (0X40011336, "encryptedKey", 0);
1614. set_cmt (0X40011338, "keySize", 0);
1615. set_cmt (0X4001133A, "keySlot", 0);
1616. set_cmt (0X4001133C, "keySlotToSet", 0);
1617. create_dword (x=0X40011348);
1618. op_plain_offset (x, 0, 0);
1619. op_plain_offset (x, 128, 0);
1620. create_dword (x=0X4001134C);
1621. op_plain_offset (x, 0, 0);
1622. op_plain_offset (x, 128, 0);
1623. create_dword (x=0X40011350);
1624. op_plain_offset (x, 0, 0);
1625. op_plain_offset (x, 128, 0);
1626. create_dword (x=0X40011354);
1627. op_plain_offset (x, 0, 0);
1628. op_plain_offset (x, 128, 0);
1629. create_dword (x=0X40011358);
1630. op_plain_offset (x, 0, 0);
1631. op_plain_offset (x, 128, 0);
1632. create_dword (x=0X4001135C);
1633. op_plain_offset (x, 0, 0);
1634. op_plain_offset (x, 128, 0);
1635. create_dword (x=0X40011360);
1636. op_plain_offset (x, 0, 0);
1637. op_plain_offset (x, 128, 0);
1638. create_dword (x=0X40011364);
1639. op_plain_offset (x, 0, 0);
1640. op_plain_offset (x, 128, 0);
1641. create_insn (0X40011368);
1642. set_name (0X40011368, "isValidPK11Header");
1643. set_cmt (0X4001136E, "a3", 0);
1644. create_insn (x=0X40011370);
1645. op_plain_offset (x, 1, 0);
1646. op_plain_offset (x, 129, 0);
1647. create_insn (0X400113B0);
1648. create_strlit (0X400113B4, 0X400113B9);
1649. set_name (0X400113B4, "aPk11");
1650. create_insn (x=0X400113BC);
1651. op_plain_offset (x, 1, 0);
1652. op_plain_offset (x, 129, 0);
1653. set_name (0X400113BC, "clearDataAndBSS");
1654. create_insn (x=0X400113BE);
1655. op_plain_offset (x, 1, 0);
1656. op_plain_offset (x, 129, 0);
1657. set_cmt (0X400113C2, "a2", 0);
1658. set_cmt (0X400113C4, "result", 0);
1659. create_insn (x=0X400113C4);
1660. op_plain_offset (x, 1, 0);
1661. op_plain_offset (x, 129, 0);
1662. create_insn (x=0X400113CA);
1663. op_plain_offset (x, 1, 0);
1664. op_plain_offset (x, 129, 0);
1665. create_insn (x=0X400113CC);
1666. op_plain_offset (x, 1, 0);
1667. op_plain_offset (x, 129, 0);
1668. set_cmt (0X400113CE, "a2", 0);
1669. set_cmt (0X400113D0, "result", 0);
1670. create_insn (x=0X400113D0);
1671. op_plain_offset (x, 1, 0);
1672. op_plain_offset (x, 129, 0);
1673. create_dword (x=0X400113DC);
1674. op_plain_offset (x, 0, 0);
1675. op_plain_offset (x, 128, 0);
1676. create_dword (x=0X400113E0);
1677. op_plain_offset (x, 0, 0);
1678. op_plain_offset (x, 128, 0);
1679. set_name (0X400113E0, "result");
1680. create_dword (x=0X400113E4);
1681. op_plain_offset (x, 0, 0);
1682. op_plain_offset (x, 128, 0);
1683. create_dword (x=0X400113E8);
1684. op_plain_offset (x, 0, 0);
1685. op_plain_offset (x, 128, 0);
1686. create_insn (0X400113EC);
1687. set_name (0X400113EC, "enableMemoryControllers");
1688. set_cmt (0X4001142A, "result", 0);
1689. create_dword (x=0X4001145C);
1690. op_plain_offset (x, 0, 0);
1691. op_plain_offset (x, 128, 0);
1692. create_dword (x=0X40011460);
1693. op_plain_offset (x, 0, 0);
1694. op_plain_offset (x, 128, 0);
1695. create_dword (x=0X40011464);
1696. op_plain_offset (x, 0, 0);
1697. op_plain_offset (x, 128, 0);
1698. create_dword (x=0X40011468);
1699. op_plain_offset (x, 0, 0);
1700. op_plain_offset (x, 128, 0);
1701. create_dword (0X4001146C);
1702. create_insn (0X40011470);
1703. set_name (0X40011470, "generateKeys");
1704. set_cmt (0X40011474, "flags", 0);
1705. set_cmt (0X40011476, "keyslot", 0);
1706. set_cmt (0X4001147C, "flags", 0);
1707. set_cmt (0X4001147E, "keyslot", 0);
1708. create_insn (x=0X40011490);
1709. op_plain_offset (x, 1, 0);
1710. op_plain_offset (x, 129, 0);
1711. create_insn (x=0X40011492);
1712. op_plain_offset (x, 1, 0);
1713. op_plain_offset (x, 129, 0);
1714. create_insn (x=0X400114A6);
1715. op_plain_offset (x, 1, 0);
1716. op_plain_offset (x, 129, 0);
1717. create_insn (0X400114AC);
1718. create_insn (x=0X400114C0);
1719. op_plain_offset (x, 1, 0);
1720. op_plain_offset (x, 129, 0);
1721. set_cmt (0X400114C2, "masterStaticKeySeed", 0);
1722. create_insn (x=0X400114C2);
1723. op_plain_offset (x, 1, 0);
1724. op_plain_offset (x, 129, 0);
1725. set_cmt (0X400114C4, "masterStaticKeySeedSize", 0);
1726. set_cmt (0X400114C6, "keyAreaAddress", 0);
1727. create_insn (0X400114CE);
1728. set_cmt (0X400114D4, "flags", 0);
1729. set_cmt (0X400114D6, "keyslot", 0);
1730. set_cmt (0X400114DC, "flags", 0);
1731. set_cmt (0X400114DE, "keyslot", 0);
1732. create_dword (x=0X400114EC);
1733. op_plain_offset (x, 0, 0);
1734. op_plain_offset (x, 128, 0);
1735. create_dword (x=0X400114F0);
1736. op_plain_offset (x, 0, 0);
1737. op_plain_offset (x, 128, 0);
1738. create_dword (x=0X400114F4);
1739. op_plain_offset (x, 0, 0);
1740. op_plain_offset (x, 128, 0);
1741. create_dword (x=0X400114F8);
1742. op_plain_offset (x, 0, 0);
1743. op_plain_offset (x, 128, 0);
1744. set_name (0X400114F8, "masterStaticKeySeed");
1745. create_insn (0X400114FC);
1746. set_name (0X400114FC, "getDeviceKeyFromFalcon");
1747. create_insn (x=0X4001153C);
1748. op_plain_offset (x, 1, 0);
1749. op_plain_offset (x, 129, 0);
1750. set_cmt (0X4001154C, "a3", 0);
1751. set_cmt (0X4001154E, "a2", 0);
1752. set_cmt (0X40011550, "a1", 0);
1753. create_insn (0X4001158E);
1754. create_insn (x=0X400115A4);
1755. op_stkvar (x, 1);
1756. create_insn (x=0X400115AC);
1757. op_stkvar (x, 1);
1758. create_insn (x=0X400115B2);
1759. op_stkvar (x, 1);
1760. create_insn (x=0X400115B8);
1761. op_stkvar (x, 1);
1762. create_insn (x=0X400115C6);
1763. op_stkvar (x, 1);
1764. create_insn (x=0X400115C8);
1765. op_stkvar (x, 1);
1766. create_insn (x=0X400115CC);
1767. op_stkvar (x, 1);
1768. create_insn (x=0X400115CE);
1769. op_stkvar (x, 1);
1770. set_cmt (0X400115D4, "size", 0);
1771. set_cmt (0X400115D6, "dst", 0);
1772. set_cmt (0X400115D8, "src", 0);
1773. create_insn (0X400115FE);
1774. create_dword (x=0X4001160C);
1775. op_plain_offset (x, 0, 0);
1776. op_plain_offset (x, 128, 0);
1777. create_dword (0X40011610);
1778. create_dword (x=0X40011614);
1779. op_plain_offset (x, 0, 0);
1780. op_plain_offset (x, 128, 0);
1781. create_dword (0X40011618);
1782. create_dword (x=0X4001161C);
1783. op_plain_offset (x, 0, 0);
1784. op_plain_offset (x, 128, 0);
1785. create_dword (0X40011620);
1786. create_dword (0X40011624);
1787. create_dword (x=0X40011628);
1788. op_plain_offset (x, 0, 0);
1789. op_plain_offset (x, 128, 0);
1790. create_insn (0X4001162C);
1791. set_name (0X4001162C, "waitFalconDmaIdle");
1792. create_insn (0X4001163A);
1793. create_insn (0X4001164C);
1794. create_dword (0X40011654);
1795. create_dword (x=0X40011658);
1796. op_plain_offset (x, 0, 0);
1797. op_plain_offset (x, 128, 0);
1798. create_insn (0X4001165C);
1799. set_name (0X4001165C, "loadFalconFirm");
1800. create_insn (0X4001167E);
1801. create_dword (x=0X40011684);
1802. op_plain_offset (x, 0, 0);
1803. op_plain_offset (x, 128, 0);
1804. create_insn (x=0X40011688);
1805. op_plain_offset (x, 1, 0);
1806. op_plain_offset (x, 129, 0);
1807. set_name (0X40011688, "readTimer");
1808. create_insn (x=0X4001168C);
1809. op_plain_offset (x, 1, 0X60005000);
1810. op_plain_offset (x, 129, 0X60005000);
1811. create_dword (x=0X40011690);
1812. op_plain_offset (x, 0, 0);
1813. op_plain_offset (x, 128, 0);
1814. create_insn (x=0X40011694);
1815. op_plain_offset (x, 1, 0);
1816. op_plain_offset (x, 129, 0);
1817. set_name (0X40011694, "wait");
1818. create_insn (x=0X40011698);
1819. op_plain_offset (x, 1, 0X60005000);
1820. op_plain_offset (x, 129, 0X60005000);
1821. create_insn (x=0X4001169E);
1822. op_plain_offset (x, 1, 0X60005000);
1823. op_plain_offset (x, 129, 0X60005000);
1824. create_dword (x=0X400116A8);
1825. op_plain_offset (x, 0, 0);
1826. op_plain_offset (x, 128, 0);
1827. create_insn (0X400116AC);
1828. set_name (0X400116AC, "main");
1829. create_insn (x=0X400116AE);
1830. op_plain_offset (x, 1, 0);
1831. op_plain_offset (x, 129, 0);
1832. create_insn (x=0X400116B0);
1833. op_plain_offset (x, 1, 0);
1834. op_plain_offset (x, 129, 0);
1835. create_insn (x=0X400116B2);
1836. op_plain_offset (x, 1, 0);
1837. op_plain_offset (x, 129, 0);
1838. create_insn (x=0X400116B6);
1839. op_plain_offset (x, 1, 0X6000F200);
1840. op_plain_offset (x, 129, 0X6000F200);
1841. create_insn (x=0X400116B8);
1842. op_plain_offset (x, 1, 0X6000F200);
1843. op_plain_offset (x, 129, 0X6000F200);
1844. create_insn (x=0X400116BA);
1845. op_plain_offset (x, 1, 0X6000F200);
1846. op_plain_offset (x, 129, 0X6000F200);
1847. create_insn (x=0X400116BC);
1848. op_plain_offset (x, 1, 0X6000F200);
1849. op_plain_offset (x, 129, 0X6000F200);
1850. create_insn (x=0X400116BE);
1851. op_plain_offset (x, 1, 0X6000F200);
1852. op_plain_offset (x, 129, 0X6000F200);
1853. create_insn (x=0X400116C0);
1854. op_plain_offset (x, 1, 0X6000F200);
1855. op_plain_offset (x, 129, 0X6000F200);
1856. create_insn (x=0X400116C2);
1857. op_plain_offset (x, 1, 0X6000F200);
1858. op_plain_offset (x, 129, 0X6000F200);
1859. create_insn (x=0X400116C4);
1860. op_plain_offset (x, 1, 0);
1861. op_plain_offset (x, 129, 0);
1862. create_insn (0X400116D6);
1863. create_insn (x=0X400116E0);
1864. op_plain_offset (x, 1, 0);
1865. op_plain_offset (x, 129, 0);
1866. create_insn (x=0X400116E2);
1867. op_plain_offset (x, 1, 0);
1868. op_plain_offset (x, 129, 0);
1869. create_insn (0X400116E6);
1870. set_cmt (0X400116E8, "a1", 0);
1871. set_cmt (0X400116FC, "_DWORD", 0);
1872. set_cmt (0X4001170E, "BIT", 0);
1873. set_cmt (0X40011720, "securityEngine", 0);
1874. create_insn (x=0X40011720);
1875. op_plain_offset (x, 1, 0);
1876. op_plain_offset (x, 129, 0);
1877. set_cmt (0X4001172A, "BIT", 0);
1878. set_cmt (0X40011730, "package11", 0);
1879. create_insn (x=0X40011730);
1880. op_plain_offset (x, 1, 0);
1881. op_plain_offset (x, 129, 0);
1882. set_cmt (0X40011736, "a3", 0);
1883. create_insn (x=0X40011736);
1884. op_plain_offset (x, 1, 0);
1885. op_plain_offset (x, 129, 0);
1886. set_cmt (0X40011738, "void (__fastcall *)(void *)", 0);
1887. create_insn (x=0X40011738);
1888. op_plain_offset (x, 1, 0);
1889. op_plain_offset (x, 129, 0);
1890. create_dword (x=0X40011744);
1891. op_plain_offset (x, 0, 0);
1892. op_plain_offset (x, 128, 0);
1893. create_dword (x=0X40011748);
1894. op_plain_offset (x, 0, 0);
1895. op_plain_offset (x, 128, 0);
1896. create_dword (x=0X4001174C);
1897. op_plain_offset (x, 0, 0);
1898. op_plain_offset (x, 128, 0);
1899. create_dword (x=0X40011750);
1900. op_plain_offset (x, 0, 0);
1901. op_plain_offset (x, 128, 0);
1902. create_dword (x=0X40011754);
1903. op_plain_offset (x, 0, 0);
1904. op_plain_offset (x, 128, 0);
1905. create_dword (x=0X40011758);
1906. op_plain_offset (x, 0, 0);
1907. op_plain_offset (x, 128, 0);
1908. create_dword (x=0X4001175C);
1909. op_plain_offset (x, 0, 0);
1910. op_plain_offset (x, 128, 0);
1911. create_dword (x=0X40011760);
1912. op_plain_offset (x, 0, 0);
1913. op_plain_offset (x, 128, 0);
1914. set_name (0X40011760, "package11");
1915. create_dword (x=0X40011764);
1916. op_plain_offset (x, 0, 0);
1917. op_plain_offset (x, 128, 0);
1918. set_name (0X40011764, "a3");
1919. create_dword (x=0X40011768);
1920. op_plain_offset (x, 0, 0);
1921. op_plain_offset (x, 128, 0);
1922. MakeStruct (0X4001176C, "downgradeFuseData");
1923. set_name (0X4001176C, "__rodata_start_");
1924. set_name (0X400117D8, "SeClkRstOffset");
1925. set_name (0X40011808, "host1XClkRstOffset");
1926. set_name (0X40011818, "tsecClkRstOffset");
1927. set_name (0X40011828, "sor1ClkRstOffset");
1928. set_name (0X40011858, "sorSafeClkRstOffset");
1929. set_name (0X40011868, "sor0ClkRstOffset");
1930. set_name (0X40011878, "kFuseClkRstOffset");
1931. create_dword (x=0X40012800);
1932. op_plain_offset (x, 0, 0);
1933. op_plain_offset (x, 128, 0);
1934. set_name (0X40012800, "__data_start__");
1935. create_dword (x=0X40012804);
1936. op_plain_offset (x, 0, 0);
1937. op_plain_offset (x, 128, 0);
1938. create_dword (x=0X40012808);
1939. op_plain_offset (x, 0, 0);
1940. op_plain_offset (x, 128, 0);
1941. set_name (0X40012808, "securityEngineAddress");
1942. create_dword (x=0X40012810);
1943. op_plain_offset (x, 0, 0);
1944. op_plain_offset (x, 128, 0);
1945. create_dword (x=0X40012814);
1946. op_plain_offset (x, 0, 0);
1947. op_plain_offset (x, 128, 0);
1948. create_dword (0X40012818);
1949. set_name (0X4001282C, "masterStaticKeyseedRetail");
1950. set_name (0X4001283C, "keyD1_deviceKeyAndSBKProtected");
1951. set_name (0X4001284C, "keyD2_keyD1Protected");
1952. set_name (0X4001285C, "aesMacKey_keyD1Protected");
1953. set_name (0X400128BC, "__bss_start__");
1954. set_name (0X40013FE0, "stage2PayloadSize");
1955. create_dword (0X60005010);
1956. set_name (0X60005010, "NV_PA_TMRUS_BASE");
1957. create_dword (0X6000F200);
1958. set_name (0X6000F200, "VECTOR_RESET");
1959. create_dword (0X6000F204);
1960. set_name (0X6000F204, "VECTOR_UNDEF");
1961. create_dword (0X6000F208);
1962. set_name (0X6000F208, "VECTOR_SWI");
1963. create_dword (0X6000F20C);
1964. set_name (0X6000F20C, "VECTOR_PREFETCH_ABORT");
1965. create_dword (0X6000F210);
1966. set_name (0X6000F210, "VECTOR_DATA_ABORT");
1967. create_dword (0X6000F214);
1968. set_name (0X6000F214, "VECTOR_UNK");
1969. create_dword (0X6000F218);
1970. set_name (0X6000F218, "VECTOR_IRQ");
1971. create_dword (0X6000F21C);
1972. set_name (0X6000F21C, "VECTOR_FIQ");
1973. create_dword (0X7000F800);
1974. set_name (0X7000F800, "FUSE_CTRL");
1975. create_dword (0X7000F804);
1976. set_name (0X7000F804, "FUSE_REG_ADDR");
1977. create_dword (0X7000F80C);
1978. set_name (0X7000F80C, "FUSE_REG_WRITE");
1979. create_dword (0X7000F81C);
1980. set_name (0X7000F81C, "FUSE_TIME_PGM2");
1981. create_dword (0X7000F828);
1982. set_name (0X7000F828, "FUSE_PRIVATEKEYDISABLE");
1983. create_dword (0X7000F82C);
1984. set_name (0X7000F82C, "FUSE_DIS_PGM");
1985. create_dword (0X7000F830);
1986. set_name (0X7000F830, "FUSE_WRITE_ACCESS");
1987. create_dword (0X7000F910);
1988. set_name (0X7000F910, "FUSE_SKU_INFO");
1989. create_dword (0X7000F938);
1990. create_dword (0X7000F9E0);
1991. set_name (0X7000F9E0, "FUSE_RESERVED_ODM6");
1992. create_dword (0X7000F9E4);
1993. set_name (0X7000F9E4, "FUSE_RESERVED_ODM7");
1994. create_dword (0X7000FB94);
1995. set_name (0X7000FB94, "FUSE_SPARE_BIT_5");
1996. MakeStruct (0X70012000, "securityEngine_t");
1997. set_name (0X70012000, "securityEngine");
1998. }
1999.  
2000. static Functions_0(void) {
2001.  
2002. add_func (0X40010020,0X40010034);
2003. set_func_flags(0X40010020,0x401);
2004. SetType(0X40010020, "void __fastcall __noreturn crt0();");
2005. add_func (0X4001003C,0X400100B2);
2006. set_func_flags(0X4001003C,0x400);
2007. SetType(0X4001003C, "int __fastcall memcmp(_DWORD *a1, _DWORD *a2, unsigned int a3);");
2008. set_frame_size(0X4001003C, 0X4, 0, 0);
2009. add_func (0X400100B2,0X400100FA);
2010. set_func_flags(0X400100B2,0x400);
2011. SetType(0X400100B2, "void __fastcall coreCrypto(int status, char *addressOut, int sizeOut, const char *addressIn, int sizeIn);");
2012. set_frame_size(0X400100B2, 0X40, 0, 0);
2013. define_local_var(0X400100B2, 0X400100FA, "[bp-0X34]", "cryptoAddrInfo");
2014. define_local_var(0X400100B2, 0X400100FA, "[bp-0X24]", "status");
2015. define_local_var(0X400100B2, 0X400100FA, "[bp-0X18]", "address");
2016. define_local_var(0X400100B2, 0X400100FA, "[bp+0]", "sizeIn");
2017. add_func (0X400100FA,0X40010144);
2018. set_func_flags(0X400100FA,0x400);
2019. SetType(0X400100FA, "void __fastcall setKeyslotFlags(KEYSLOT_TYPE keyslot, int flags);");
2020. set_frame_size(0X400100FA, 0X10, 0, 0);
2021. add_func (0X40010144,0X40010178);
2022. set_func_flags(0X40010144,0x400);
2023. SetType(0X40010144, "void __fastcall clearKeyslot(KEYSLOT_TYPE keySlot);");
2024. set_frame_size(0X40010144, 0X8, 0, 0);
2025. add_func (0X40010178,0X400101C6);
2026. set_func_flags(0X40010178,0x400);
2027. SetType(0X40010178, "void __fastcall decryptSingleAESECBBlock(char *address_out, int size_out, KEYSLOT_TYPE keyslot, const char *address_in, int size_in);");
2028. set_frame_size(0X40010178, 0X28, 0, 0);
2029. define_local_var(0X40010178, 0X400101C6, "[bp-0X28]", "sizeIn");
2030. define_local_var(0X40010178, 0X400101C6, "[bp-0X18]", "addressIn");
2031. define_local_var(0X40010178, 0X400101C6, "[bp+0]", "size_in");
2032. add_func (0X400101C6,0X400101DC);
2033. set_func_flags(0X400101C6,0x400);
2034. SetType(0X400101C6, "void __fastcall performAESMAC(char *address_out, int size_out, KEYSLOT_TYPE keySlot, const char *address_in, int size_in);");
2035. set_frame_size(0X400101C6, 0X10, 0, 0);
2036. define_local_var(0X400101C6, 0X400101DC, "[bp-0X10]", "address_in");
2037. define_local_var(0X400101C6, 0X400101DC, "[bp+0]", "size_in");
2038. add_func (0X400101DC,0X40010234);
2039. set_func_flags(0X400101DC,0x400);
2040. SetType(0X400101DC, "void __fastcall decryptDataIntoKeyslot(KEYSLOT_TYPE keySlotToSet, KEYSLOT_TYPE keySlot, const char *encryptedKey, unsigned int keySize);");
2041. set_frame_size(0X400101DC, 0X28, 0, 0);
2042. define_local_var(0X400101DC, 0X40010234, "[bp-0X28]", "sizeIn");
2043. define_local_var(0X400101DC, 0X40010234, "[bp-0X1C]", "addressIn");
2044. add_func (0X40010234,0X40010288);
2045. set_func_flags(0X40010234,0x400);
2046. SetType(0X40010234, "void __fastcall encryptSingleAESECBBlock(char *address_out, int size_out, KEYSLOT_TYPE keyslot, const char *address_in, int size_in);");
2047. set_frame_size(0X40010234, 0X28, 0, 0);
2048. define_local_var(0X40010234, 0X40010288, "[bp-0X28]", "sizeIn");
2049. define_local_var(0X40010234, 0X40010288, "[bp-0X1C]", "configHigh");
2050. define_local_var(0X40010234, 0X40010288, "[bp+0]", "addressIn");
2051. add_func (0X40010288,0X400102D8);
2052. set_func_flags(0X40010288,0x400);
2053. SetType(0X40010288, "void __fastcall setCTR(const char *ctr);");
2054. set_frame_size(0X40010288, 0X10, 0, 0);
2055. add_func (0X400102D8,0X400102FE);
2056. set_func_flags(0X400102D8,0x400);
2057. SetType(0X400102D8, "void __fastcall rotl128XorRb(char *result);");
2058. set_frame_size(0X400102D8, 0X4, 0, 0);
2059. add_func (0X400102FE,0X4001031C);
2060. set_func_flags(0X400102FE,0x400);
2061. SetType(0X400102FE, "void __fastcall selectKeyslot(KEYSLOT_TYPE keySlot, CORE_CRYPT_TYPE isEncrypt, CORE_HASH_TYPE enableHash);");
2062. set_frame_size(0X400102FE, 0X10, 0, 0);
2063. add_func (0X4001031C,0X40010334);
2064. set_func_flags(0X4001031C,0x400);
2065. SetType(0X4001031C, "void __fastcall setNumBlocks(_DWORD);");
2066. set_frame_size(0X4001031C, 0X8, 0, 0);
2067. add_func (0X40010334,0X4001034E);
2068. set_func_flags(0X40010334,0x400);
2069. SetType(0X40010334, "void __fastcall setSecurityEngineConfigHigh(int configHigh);");
2070. set_frame_size(0X40010334, 0X8, 0, 0);
2071. add_func (0X4001034E,0X4001047E);
2072. set_func_flags(0X4001034E,0x400);
2073. SetType(0X4001034E, "void __fastcall performAESMACInternal(char *address_out, int size_out, int zero, KEYSLOT_TYPE keySlot, const char *address_in, int size_in);");
2074. set_frame_size(0X4001034E, 0X50, 0, 0);
2075. define_local_var(0X4001034E, 0X4001047E, "[bp-0X50]", "sizeIn");
2076. define_local_var(0X4001034E, 0X4001047E, "[bp-0X48]", "result");
2077. define_local_var(0X4001034E, 0X4001047E, "[bp-0X38]", "addressIn");
2078. define_local_var(0X4001034E, 0X4001047E, "[bp-0X1C]", "configHigh");
2079. define_local_var(0X4001034E, 0X4001047E, "[bp-0X18]", "keySlot");
2080. define_local_var(0X4001034E, 0X4001047E, "[bp+0]", "address_in");
2081. define_local_var(0X4001034E, 0X4001047E, "[bp+0X4]", "size_in");
2082. add_func (0X4001047E,0X4001049E);
2083. set_func_flags(0X4001047E,0x400);
2084. SetType(0X4001047E, "void __fastcall setAESConfig(ALG_TYPE alg, DST_TYPE dst);");
2085. set_frame_size(0X4001047E, 0X10, 0, 0);
2086. add_func (0X4001049E,0X400104B2);
2087. set_func_flags(0X4001049E,0x400);
2088. SetType(0X4001049E, "void __fastcall createCryptoAddressInfo(CryptoAddrInfo *cryptoAddrInfo, unsigned int address, unsigned int size);");
2089. add_func (0X400104B2,0X40010500);
2090. set_func_flags(0X400104B2,0x400);
2091. SetType(0X400104B2, "void __fastcall setKeyslot(KEYSLOT_TYPE keyslotNum, const char *key, unsigned int keySize);");
2092. set_frame_size(0X400104B2, 0X28, 0, 0);
2093. define_local_var(0X400104B2, 0X40010500, "[bp-0X1C]", "dword");
2094. add_func (0X40010500,0X40010512);
2095. set_func_flags(0X40010500,0x400);
2096. SetType(0X40010500, "bool __cdecl isUnitTypeNonZero();");
2097. set_frame_size(0X40010500, 0X8, 0, 0);
2098. add_func (0X40010512,0X40010516);
2099. set_func_flags(0X40010512,0x4c1);
2100. SetType(0X40010512, "void __cdecl __noreturn j_j_panic();");
2101. add_func (0X40010516,0X40010540);
2102. set_func_flags(0X40010516,0x401);
2103. SetType(0X40010516, "void __cdecl __noreturn panic2();");
2104. set_frame_size(0X40010516, 0X10, 0, 0);
2105. add_func (0X40010540,0X4001054A);
2106. set_func_flags(0X40010540,0x401);
2107. SetType(0X40010540, "void __fastcall writeOdmFuse7(unsigned int val);");
2108. set_frame_size(0X40010540, 0X8, 0, 0);
2109. add_func (0X40010550,0X4001055A);
2110. set_func_flags(0X40010550,0x401);
2111. SetType(0X40010550, "void __fastcall writeOdmFuse6(unsigned int val);");
2112. set_frame_size(0X40010550, 0X8, 0, 0);
2113. add_func (0X40010560,0X4001057C);
2114. set_func_flags(0X40010560,0x400);
2115. SetType(0X40010560, "void __fastcall writeFuse(unsigned int fuseIndexRaw, unsigned int fuseVal);");
2116. set_frame_size(0X40010560, 0X10, 0, 0);
2117. add_func (0X4001057C,0X400105BA);
2118. set_func_flags(0X4001057C,0x400);
2119. SetType(0X4001057C, "int __cdecl getOdmFuse4Type();");
2120. set_frame_size(0X4001057C, 0X4, 0, 0);
2121. add_func (0X400105BA,0X400105E8);
2122. set_func_flags(0X400105BA,0x400);
2123. SetType(0X400105BA, "unsigned int __fastcall getUnitType();");
2124. set_frame_size(0X400105BA, 0X4, 0, 0);
2125. add_func (0X400105E8,0X400105FC);
2126. set_func_flags(0X400105E8,0x400);
2127. SetType(0X400105E8, "void __fastcall checkSku();");
2128. set_frame_size(0X400105E8, 0X8, 0, 0);
2129. add_func (0X400105FC,0X40010610);
2130. set_func_flags(0X400105FC,0x400);
2131. SetType(0X400105FC, "bool __fastcall checkOdmFuse6(downgradeFuseData *fuseData);");
2132. add_func (0X40010610,0X40010646);
2133. set_func_flags(0X40010610,0x400);
2134. SetType(0X40010610, "void __fastcall checkBCTBootloadeVersion(BIT_t *BIT);");
2135. set_frame_size(0X40010610, 0X8, 0, 0);
2136. add_func (0X40010646,0X40010688);
2137. set_func_flags(0X40010646,0x400);
2138. SetType(0X40010646, "void __cdecl checkConfigFuses();");
2139. set_frame_size(0X40010646, 0X10, 0, 0);
2140. add_func (0X40010688,0X40010698);
2141. set_func_flags(0X40010688,0x400);
2142. SetType(0X40010688, "bool __fastcall checkOdmFuse7(downgradeFuseData *fuseData);");
2143. add_func (0X40010698,0X400106E4);
2144. set_func_flags(0X40010698,0x400);
2145. SetType(0X40010698, "char *__fastcall decryptAndParsePK11(char *package11);");
2146. set_frame_size(0X40010698, 0X18, 0, 0);
2147. define_local_var(0X40010698, 0X400106E4, "[bp-0X18]", "sizeIn");
2148. add_func (0X400106E4,0X4001070A);
2149. set_func_flags(0X400106E4,0x400);
2150. SetType(0X400106E4, "bool __fastcall getFuseDataMatchesExpectation(fuseBurnInfo *fuseBurnInfo, downgradeFuseData *downgradeData);");
2151. add_func (0X4001070A,0X40010716);
2152. set_func_flags(0X4001070A,0x400);
2153. SetType(0X4001070A, "void __fastcall memclear(char *a1, unsigned int a2);");
2154. set_frame_size(0X4001070A, 0X8, 0, 0);
2155. add_func (0X40010716,0X40010736);
2156. set_func_flags(0X40010716,0x400);
2157. SetType(0X40010716, "unsigned int __fastcall read32(const char *dword, unsigned int offset);");
2158. set_frame_size(0X40010716, 0X4, 0, 0);
2159. add_func (0X40010736,0X40010750);
2160. set_func_flags(0X40010736,0x400);
2161. SetType(0X40010736, "void __fastcall write32(char *address, int offset, unsigned int value);");
2162. set_frame_size(0X40010736, 0X4, 0, 0);
2163. add_func (0X40010750,0X40010766);
2164. set_func_flags(0X40010750,0x401);
2165. SetType(0X40010750, "void __cdecl __noreturn launchPackage11();");
2166. set_frame_size(0X40010750, 0X8, 0, 0);
2167. add_func (0X40010766,0X40010768);
2168. set_func_flags(0X40010766,0x480);
2169. SetType(0X40010766, "void __fastcall launchFunction(void (__fastcall *a1)(void *));");
2170. add_func (0X40010768,0X4001076A);
2171. set_func_flags(0X40010768,0x480);
2172. SetType(0X40010768, "int __cdecl branchToR4(void (__fastcall *)(void *));");
2173. add_func (0X4001076C,0X40010770);
2174. set_func_flags(0X4001076C,0x4c1);
2175. SetType(0X4001076C, "void __cdecl __noreturn j_panic();");
2176. add_func (0X40010770,0X40010778);
2177. set_func_flags(0X40010770,0x400);
2178. SetType(0X40010770, "void __cdecl panic();");
2179. add_func (0X4001077C,0X40010780);
2180. set_func_flags(0X4001077C,0x4c0);
2181. SetType(0X4001077C, "bool __fastcall constTimeMemcmp(const char *a, const char *b, unsigned int size);");
2182. add_func (0X40010780,0X400107C8);
2183. set_func_flags(0X40010780,0x400);
2184. SetType(0X40010780, "bool __fastcall _32constTimeMemcmp(unsigned __int8 *a, unsigned __int8 *b, unsigned int size);");
2185. set_frame_size(0X40010780, 0XC, 0, 0);
2186. add_func (0X400107C8,0X400107CC);
2187. set_func_flags(0X400107C8,0x401);
2188. SetType(0X400107C8, "void __cdecl __noreturn pivotStackLaunchFunction(void *a1, void (__fastcall *)(void *), void *a3);");
2189. add_func (0X400107CC,0X400107D0);
2190. set_func_flags(0X400107CC,0x4c0);
2191. SetType(0X400107CC, "void __fastcall memcpy2(char *dst, const char *src, unsigned int size);");
2192. add_func (0X400107D0,0X400108A4);
2193. set_func_flags(0X400107D0,0x400);
2194. SetType(0X400107D0, "void __fastcall _32memcpy2(char *dst, const char *src, unsigned int size);");
2195. add_func (0X400108A4,0X400108A8);
2196. set_func_flags(0X400108A4,0x480);
2197. SetType(0X400108A4, "int __fastcall memcpy(char *dst, const char *src, unsigned int size);");
2198. add_func (0X400108A8,0X4001090C);
2199. set_func_flags(0X400108A8,0x400);
2200. SetType(0X400108A8, "void __fastcall _32memcpy(char *dst, const char *src, unsigned int size);");
2201. set_frame_size(0X400108A8, 0X8, 0, 0);
2202. add_func (0X4001090C,0X40010910);
2203. set_func_flags(0X4001090C,0x480);
2204. SetType(0X4001090C, "void __fastcall memclear3(_BYTE *result, unsigned int a2);");
2205. add_func (0X40010910,0X40010950);
2206. set_func_flags(0X40010910,0x400);
2207. SetType(0X40010910, "void __fastcall _32memclear3(_BYTE *result, unsigned int a2);");
2208. add_func (0X40010950,0X40010954);
2209. set_func_flags(0X40010950,0x480);
2210. SetType(0X40010950, "void __fastcall memclear2(_BYTE *a1, int a2);");
2211. add_func (0X40010954,0X400109A8);
2212. set_func_flags(0X40010954,0x400);
2213. SetType(0X40010954, "void __fastcall _32memclear2(_BYTE *a1, int a2);");
2214. set_frame_size(0X40010954, 0X4, 0, 0);
2215. add_func (0X400109A8,0X400109C4);
2216. set_func_flags(0X400109A8,0x400);
2217. SetType(0X400109A8, "void __cdecl verifySecurityEngineNotBusy();");
2218. set_frame_size(0X400109A8, 0X8, 0, 0);
2219. add_func (0X400109C8,0X400109E8);
2220. set_func_flags(0X400109C8,0x400);
2221. SetType(0X400109C8, "void __cdecl disableSecurityEngineReads();");
2222. add_func (0X400109F0,0X40010AA4);
2223. set_func_flags(0X400109F0,0x400);
2224. SetType(0X400109F0, "void __fastcall AESCTRCrypt(char *addressOut, unsigned int sizeOut, KEYSLOT_TYPE keySlot, const char *addressIn, unsigned int sizeIn, const char *ctr, int ctrSize);");
2225. set_frame_size(0X400109F0, 0X50, 0, 0);
2226. define_local_var(0X400109F0, 0X40010AA4, "[bp-0X4C]", "size");
2227. define_local_var(0X400109F0, 0X40010AA4, "[bp-0X44]", "dst");
2228. define_local_var(0X400109F0, 0X40010AA4, "[bp-0X34]", "src");
2229. define_local_var(0X400109F0, 0X40010AA4, "[bp-0X24]", "addressOut");
2230. define_local_var(0X400109F0, 0X40010AA4, "[bp-0X1C]", "keySlot");
2231. define_local_var(0X400109F0, 0X40010AA4, "[bp-0X18]", "addressIn");
2232. define_local_var(0X400109F0, 0X40010AA4, "[bp+0]", "sizeIn");
2233. define_local_var(0X400109F0, 0X40010AA4, "[bp+0X4]", "ctr");
2234. define_local_var(0X400109F0, 0X40010AA4, "[bp+0X8]", "ctrSize");
2235. add_func (0X40010AA8,0X40010AAE);
2236. set_func_flags(0X40010AA8,0x400);
2237. SetType(0X40010AA8, "securityEngine_t *__cdecl getSecurityEngine();");
2238. add_func (0X40010AB4,0X40010ABA);
2239. set_func_flags(0X40010AB4,0x400);
2240. SetType(0X40010AB4, "void __fastcall setSecurityEngineAddress(securityEngine_t *securityEngine);");
2241. add_func (0X40010AC0,0X40010AEC);
2242. set_func_flags(0X40010AC0,0x400);
2243. SetType(0X40010AC0, "void __cdecl checkSecurityEngineOperationSuceeded();");
2244. set_frame_size(0X40010AC0, 0X8, 0, 0);
2245. add_func (0X40010AF0,0X40010B0C);
2246. set_func_flags(0X40010AF0,0x400);
2247. SetType(0X40010AF0, "void __fastcall setOperationStatus(unsigned int status);");
2248. set_frame_size(0X40010AF0, 0X8, 0, 0);
2249. add_func (0X40010B10,0X40010B50);
2250. set_func_flags(0X40010B10,0x400);
2251. SetType(0X40010B10, "void __cdecl clearSecurityEngine();");
2252. set_frame_size(0X40010B10, 0X8, 0, 0);
2253. add_func (0X40010B54,0X40010BC6);
2254. set_func_flags(0X40010B54,0x400);
2255. SetType(0X40010B54, "void __fastcall enableDeviceClkRst(_BYTE *a1);");
2256. set_frame_size(0X40010B54, 0X10, 0, 0);
2257. add_func (0X40010BCC,0X40010C00);
2258. set_func_flags(0X40010BCC,0x400);
2259. SetType(0X40010BCC, "void __fastcall disableDeviceClkRst(_BYTE *a1);");
2260. set_frame_size(0X40010BCC, 0XC, 0, 0);
2261. add_func (0X40010C04,0X40010C10);
2262. set_func_flags(0X40010C04,0x400);
2263. SetType(0X40010C04, "void __fastcall enableSEClkRst();");
2264. set_frame_size(0X40010C04, 0X4, 0, 0);
2265. add_func (0X40010C14,0X40010C20);
2266. set_func_flags(0X40010C14,0x400);
2267. SetType(0X40010C14, "void __cdecl enableSor0ClkRst();");
2268. set_frame_size(0X40010C14, 0X4, 0, 0);
2269. add_func (0X40010C24,0X40010C30);
2270. set_func_flags(0X40010C24,0x400);
2271. SetType(0X40010C24, "void __cdecl enableSor1ClkRst();");
2272. set_frame_size(0X40010C24, 0X4, 0, 0);
2273. add_func (0X40010C34,0X40010C40);
2274. set_func_flags(0X40010C34,0x400);
2275. SetType(0X40010C34, "void __cdecl enableTsecClkRst();");
2276. set_frame_size(0X40010C34, 0X4, 0, 0);
2277. add_func (0X40010C44,0X40010C50);
2278. set_func_flags(0X40010C44,0x400);
2279. SetType(0X40010C44, "void __cdecl disableSor0ClkRst();");
2280. set_frame_size(0X40010C44, 0X4, 0, 0);
2281. add_func (0X40010C54,0X40010C60);
2282. set_func_flags(0X40010C54,0x400);
2283. SetType(0X40010C54, "void __cdecl disableSor1ClkRst();");
2284. set_frame_size(0X40010C54, 0X4, 0, 0);
2285. add_func (0X40010C64,0X40010C70);
2286. set_func_flags(0X40010C64,0x400);
2287. SetType(0X40010C64, "void __cdecl disableTsecClkRst();");
2288. set_frame_size(0X40010C64, 0X4, 0, 0);
2289. add_func (0X40010C74,0X40010CAC);
2290. set_func_flags(0X40010C74,0x400);
2291. SetType(0X40010C74, "unsigned int __cdecl enableKFuseClkRst();");
2292. set_frame_size(0X40010C74, 0X10, 0, 0);
2293. add_func (0X40010CB0,0X40010CBC);
2294. set_func_flags(0X40010CB0,0x400);
2295. SetType(0X40010CB0, "void __cdecl disableKFuseClkRst();");
2296. set_frame_size(0X40010CB0, 0X4, 0, 0);
2297. add_func (0X40010CC0,0X40010CCC);
2298. set_func_flags(0X40010CC0,0x400);
2299. SetType(0X40010CC0, "void __cdecl enableHost1XClkRst();");
2300. set_frame_size(0X40010CC0, 0X4, 0, 0);
2301. add_func (0X40010CD0,0X40010CE6);
2302. set_func_flags(0X40010CD0,0x400);
2303. SetType(0X40010CD0, "void __fastcall enableMiscClk(_DWORD);");
2304. add_func (0X40010CEC,0X40010CF8);
2305. set_func_flags(0X40010CEC,0x400);
2306. SetType(0X40010CEC, "void __cdecl disableHost1xClkRst();");
2307. set_frame_size(0X40010CEC, 0X4, 0, 0);
2308. add_func (0X40010CFC,0X40010D08);
2309. set_func_flags(0X40010CFC,0x400);
2310. SetType(0X40010CFC, "void __cdecl enableSorSafeClkRst();");
2311. set_frame_size(0X40010CFC, 0X4, 0, 0);
2312. add_func (0X40010D0C,0X40010D18);
2313. set_func_flags(0X40010D0C,0x400);
2314. SetType(0X40010D0C, "void __cdecl disableSorSafeClkRst();");
2315. set_frame_size(0X40010D0C, 0X4, 0, 0);
2316. add_func (0X40010D1C,0X40010D4A);
2317. set_func_flags(0X40010D1C,0x400);
2318. SetType(0X40010D1C, "unsigned int __cdecl setPMCRegAfterFuseWriting();");
2319. set_frame_size(0X40010D1C, 0X8, 0, 0);
2320. add_func (0X40010D50,0X40010D7E);
2321. set_func_flags(0X40010D50,0x400);
2322. SetType(0X40010D50, "void __cdecl setPMCRegBeforeFuseWriting();");
2323. set_frame_size(0X40010D50, 0X8, 0, 0);
2324. add_func (0X40010D84,0X40010DB0);
2325. set_func_flags(0X40010D84,0x401);
2326. SetType(0X40010D84, "void __noreturn reboot(void);");
2327. add_func (0X40010DBC,0X40010DD6);
2328. set_func_flags(0X40010DBC,0x400);
2329. SetType(0X40010DBC, "void __cdecl disableFuseWriteAccess();");
2330. set_frame_size(0X40010DBC, 0X8, 0, 0);
2331. add_func (0X40010DDC,0X40010DEC);
2332. set_func_flags(0X40010DDC,0x400);
2333. SetType(0X40010DDC, "unsigned int __fastcall readOdmReservedFuse(int a1);");
2334. add_func (0X40010DF0,0X40010DFC);
2335. set_func_flags(0X40010DF0,0x400);
2336. SetType(0X40010DF0, "unsigned int __cdecl getSku();");
2337. add_func (0X40010E00,0X40010E0C);
2338. set_func_flags(0X40010E00,0x400);
2339. SetType(0X40010E00, "int __cdecl getODMReservedFuse7();");
2340. add_func (0X40010E10,0X40010E1C);
2341. set_func_flags(0X40010E10,0x400);
2342. SetType(0X40010E10, "int __cdecl getODMReservedFuse6();");
2343. add_func (0X40010E20,0X40010E5A);
2344. set_func_flags(0X40010E20,0x400);
2345. SetType(0X40010E20, "void __fastcall writeFuseInternal(unsigned int fuseIndex, unsigned int fuseVal);");
2346. set_frame_size(0X40010E20, 0X10, 0, 0);
2347. add_func (0X40010E60,0X40010E70);
2348. set_func_flags(0X40010E60,0x400);
2349. SetType(0X40010E60, "unsigned __int8 __cdecl getBootromPatchVersion();");
2350. add_func (0X40010E74,0X40010E7E);
2351. set_func_flags(0X40010E74,0x400);
2352. SetType(0X40010E74, "void __cdecl secondaryPrivateKeyDisable();");
2353. add_func (0X40010E84,0X40010E9A);
2354. set_func_flags(0X40010E84,0x400);
2355. SetType(0X40010E84, "bool checkFuseCtrlBusy(void);");
2356. add_func (0X40010EA0,0X40010EAA);
2357. set_func_flags(0X40010EA0,0x400);
2358. SetType(0X40010EA0, "void __fastcall disableFuseProgramming();");
2359. add_func (0X40010EB0,0X40010EF4);
2360. set_func_flags(0X40010EB0,0x400);
2361. SetType(0X40010EB0, "void prepareToBurnFuses(void);");
2362. set_frame_size(0X40010EB0, 0X10, 0, 0);
2363. add_func (0X40010EF8,0X40010F0A);
2364. set_func_flags(0X40010EF8,0x400);
2365. SetType(0X40010EF8, "bool __cdecl isEKSProvisioned();");
2366. add_func (0X40010F10,0X40010F22);
2367. set_func_flags(0X40010F10,0x400);
2368. SetType(0X40010F10, "void __cdecl clearStack();");
2369. set_frame_size(0X40010F10, 0X8, 0, 0);
2370. add_func (0X40010F28,0X40011096);
2371. set_func_flags(0X40010F28,0x400);
2372. SetType(0X40010F28, "void enableHwDevices(void);");
2373. set_frame_size(0X40010F28, 0X18, 0, 0);
2374. add_func (0X400110E0,0X4001110C);
2375. set_func_flags(0X400110E0,0x400);
2376. set_frame_size(0X400110E0, 0X8, 0, 0);
2377. add_func (0X4001111C,0X4001112C);
2378. set_func_flags(0X4001111C,0x400);
2379. SetType(0X4001111C, "void __cdecl clearStage2Payload();");
2380. set_frame_size(0X4001111C, 0X8, 0, 0);
2381. add_func (0X40011160,0X400111EC);
2382. set_func_flags(0X40011160,0x400);
2383. SetType(0X40011160, "void __fastcall downgradeFuseCheck();");
2384. set_frame_size(0X40011160, 0X38, 0, 0);
2385. define_local_var(0X40011160, 0X400111EC, "[bp-0X1C]", "fuseBurnInfo");
2386. add_func (0X400111F8,0X400112CC);
2387. set_func_flags(0X400111F8,0x400);
2388. SetType(0X400111F8, "void __fastcall generateKeysFromKeyblobAndKeyseeds(const keyblob_t *keyAreaAddress, const char *masterStaticKeySeed, int masterStaticKeySeedSize);");
2389. set_frame_size(0X400111F8, 0XB0, 0, 0);
2390. define_local_var(0X400111F8, 0X400112CC, "[bp-0XB0]", "sizeIn");
2391. define_local_var(0X400111F8, 0X400112CC, "[bp-0XAC]", "deviceKeyOut");
2392. define_local_var(0X400111F8, 0X400112CC, "[bp-0XA8]", "ctrSize");
2393. define_local_var(0X400111F8, 0X400112CC, "[bp-0XA4]", "addressOut");
2394. define_local_var(0X400111F8, 0X400112CC, "[bp-0X9C]", "address_out");
2395. define_local_var(0X400111F8, 0X400112CC, "[bp-0X24]", "key");
2396. add_func (0X400112E4,0X40011348);
2397. set_func_flags(0X400112E4,0x400);
2398. set_frame_size(0X400112E4, 0X10, 0, 0);
2399. add_func (0X40011368,0X400113B4);
2400. set_func_flags(0X40011368,0x400);
2401. SetType(0X40011368, "bool __fastcall isValidPK11Header(_DWORD *package11Header, unsigned int package11Size);");
2402. set_frame_size(0X40011368, 0X10, 0, 0);
2403. add_func (0X400113BC,0X400113DC);
2404. set_func_flags(0X400113BC,0x400);
2405. SetType(0X400113BC, "void __cdecl clearDataAndBSS();");
2406. set_frame_size(0X400113BC, 0X8, 0, 0);
2407. add_func (0X400113EC,0X4001145C);
2408. set_func_flags(0X400113EC,0x400);
2409. SetType(0X400113EC, "void __cdecl enableMemoryControllers();");
2410. set_frame_size(0X400113EC, 0X8, 0, 0);
2411. add_func (0X40011470,0X400114EA);
2412. set_func_flags(0X40011470,0x400);
2413. SetType(0X40011470, "void __fastcall generateKeys(BIT_t *BIT);");
2414. set_frame_size(0X40011470, 0X18, 0, 0);
2415. add_func (0X400114FC,0X4001160A);
2416. set_func_flags(0X400114FC,0x400);
2417. SetType(0X400114FC, "void __fastcall getDeviceKeyFromFalcon(char *deviceKeyOut, unsigned int deviceKeySize);");
2418. set_frame_size(0X400114FC, 0X30, 0, 0);
2419. add_func (0X4001162C,0X40011652);
2420. set_func_flags(0X4001162C,0x400);
2421. SetType(0X4001162C, "void __cdecl waitFalconDmaIdle();");
2422. set_frame_size(0X4001162C, 0X10, 0, 0);
2423. add_func (0X4001165C,0X40011682);
2424. set_func_flags(0X4001165C,0x400);
2425. SetType(0X4001165C, "void __fastcall loadFalconFirm(int a1, int a2, int a3);");
2426. set_frame_size(0X4001165C, 0X8, 0, 0);
2427. add_func (0X40011688,0X40011690);
2428. set_func_flags(0X40011688,0x400);
2429. SetType(0X40011688, "unsigned int __cdecl readTimer();");
2430. add_func (0X40011694,0X400116A8);
2431. set_func_flags(0X40011694,0x400);
2432. SetType(0X40011694, "unsigned int __fastcall wait(unsigned int result);");
2433. add_func (0X400116AC,0X4001173E);
2434. set_func_flags(0X400116AC,0x401);
2435. SetType(0X400116AC, "int __cdecl main(int argc, const char **argv, const char **envp);");
2436. set_frame_size(0X400116AC, 0X10, 0, 0);
2437. }
2438.  
2439. //------------------------------------------------------------------------
2440. // Information about functions
2441.  
2442. static Functions(void) {
2443.  
2444. Functions_0();
2445. }
2446.  
2447. //------------------------------------------------------------------------
2448. // Information about segment registers
2449.  
2450. static SegRegs(void) {
2451. split_sreg_range(0X40000000,"T",0,3);
2452. split_sreg_range(0X40006000,"T",0,3);
2453. split_sreg_range(0X40007000,"T",0,3);
2454. split_sreg_range(0X40010000,"T",0,3);
2455. split_sreg_range(0X40010030,"T",0,3);
2456. split_sreg_range(0X4001003C,"T",0X1,3);
2457. split_sreg_range(0X40010046,"T",0X1,3);
2458. split_sreg_range(0X4001007E,"T",0X1,3);
2459. split_sreg_range(0X40010082,"T",0X1,3);
2460. split_sreg_range(0X4001008E,"T",0X1,3);
2461. split_sreg_range(0X40010092,"T",0X1,3);
2462. split_sreg_range(0X4001009E,"T",0X1,3);
2463. split_sreg_range(0X400100AE,"T",0X1,3);
2464. split_sreg_range(0X400100B2,"T",0X1,3);
2465. split_sreg_range(0X400100E8,"T",0X1,3);
2466. split_sreg_range(0X400100FA,"T",0X1,3);
2467. split_sreg_range(0X40010108,"T",0X1,3);
2468. split_sreg_range(0X4001011E,"T",0X1,3);
2469. split_sreg_range(0X4001013E,"T",0X1,3);
2470. split_sreg_range(0X40010144,"T",0X1,3);
2471. split_sreg_range(0X40010150,"T",0X1,3);
2472. split_sreg_range(0X40010162,"T",0X1,3);
2473. split_sreg_range(0X40010178,"T",0X1,3);
2474. split_sreg_range(0X40010194,"T",0X1,3);
2475. split_sreg_range(0X40010198,"T",0X1,3);
2476. split_sreg_range(0X400101BE,"T",0X1,3);
2477. split_sreg_range(0X400101C6,"T",0X1,3);
2478. split_sreg_range(0X400101DC,"T",0X1,3);
2479. split_sreg_range(0X400101F2,"T",0X1,3);
2480. split_sreg_range(0X400101F6,"T",0X1,3);
2481. split_sreg_range(0X40010234,"T",0X1,3);
2482. split_sreg_range(0X40010250,"T",0X1,3);
2483. split_sreg_range(0X40010254,"T",0X1,3);
2484. split_sreg_range(0X40010280,"T",0X1,3);
2485. split_sreg_range(0X40010288,"T",0X1,3);
2486. split_sreg_range(0X400102D8,"T",0X1,3);
2487. split_sreg_range(0X400102DE,"T",0X1,3);
2488. split_sreg_range(0X400102FA,"T",0X1,3);
2489. split_sreg_range(0X400102FE,"T",0X1,3);
2490. split_sreg_range(0X4001031C,"T",0X1,3);
2491. split_sreg_range(0X40010334,"T",0X1,3);
2492. split_sreg_range(0X4001034E,"T",0X1,3);
2493. split_sreg_range(0X4001035E,"T",0X1,3);
2494. split_sreg_range(0X40010374,"T",0X1,3);
2495. split_sreg_range(0X4001039E,"T",0X1,3);
2496. split_sreg_range(0X400103CC,"T",0X1,3);
2497. split_sreg_range(0X40010404,"T",0X1,3);
2498. split_sreg_range(0X4001041E,"T",0X1,3);
2499. split_sreg_range(0X40010430,"T",0X1,3);
2500. split_sreg_range(0X40010460,"T",0X1,3);
2501. split_sreg_range(0X40010464,"T",0X1,3);
2502. split_sreg_range(0X40010472,"T",0X1,3);
2503. split_sreg_range(0X4001047E,"T",0X1,3);
2504. split_sreg_range(0X4001049E,"T",0X1,3);
2505. split_sreg_range(0X400104AC,"T",0X1,3);
2506. split_sreg_range(0X400104B2,"T",0X1,3);
2507. split_sreg_range(0X400104C2,"T",0X1,3);
2508. split_sreg_range(0X400104C6,"T",0X1,3);
2509. split_sreg_range(0X400104E0,"T",0X1,3);
2510. split_sreg_range(0X400104F4,"T",0X1,3);
2511. split_sreg_range(0X40010500,"T",0X1,3);
2512. split_sreg_range(0X4001050C,"T",0X1,3);
2513. split_sreg_range(0X40010512,"T",0X1,3);
2514. split_sreg_range(0X40010516,"T",0X1,3);
2515. split_sreg_range(0X4001052C,"T",0X1,3);
2516. split_sreg_range(0X4001053A,"T",0X1,3);
2517. split_sreg_range(0X40010540,"T",0X1,3);
2518. split_sreg_range(0X40010550,"T",0X1,3);
2519. split_sreg_range(0X40010560,"T",0X1,3);
2520. split_sreg_range(0X4001057C,"T",0X1,3);
2521. split_sreg_range(0X400105A4,"T",0X1,3);
2522. split_sreg_range(0X400105A6,"T",0X1,3);
2523. split_sreg_range(0X400105AA,"T",0X1,3);
2524. split_sreg_range(0X400105AE,"T",0X1,3);
2525. split_sreg_range(0X400105B6,"T",0X1,3);
2526. split_sreg_range(0X400105BA,"T",0X1,3);
2527. split_sreg_range(0X400105DC,"T",0X1,3);
2528. split_sreg_range(0X400105E0,"T",0X1,3);
2529. split_sreg_range(0X400105E4,"T",0X1,3);
2530. split_sreg_range(0X400105E8,"T",0X1,3);
2531. split_sreg_range(0X400105F6,"T",0X1,3);
2532. split_sreg_range(0X400105FC,"T",0X1,3);
2533. split_sreg_range(0X40010608,"T",0X1,3);
2534. split_sreg_range(0X4001060C,"T",0X1,3);
2535. split_sreg_range(0X40010610,"T",0X1,3);
2536. split_sreg_range(0X40010616,"T",0X1,3);
2537. split_sreg_range(0X40010628,"T",0X1,3);
2538. split_sreg_range(0X4001062C,"T",0X1,3);
2539. split_sreg_range(0X40010646,"T",0X1,3);
2540. split_sreg_range(0X4001067E,"T",0X1,3);
2541. split_sreg_range(0X40010682,"T",0X1,3);
2542. split_sreg_range(0X40010688,"T",0X1,3);
2543. split_sreg_range(0X40010694,"T",0X1,3);
2544. split_sreg_range(0X40010698,"T",0X1,3);
2545. split_sreg_range(0X400106E0,"T",0X1,3);
2546. split_sreg_range(0X400106E4,"T",0X1,3);
2547. split_sreg_range(0X400106EE,"T",0X1,3);
2548. split_sreg_range(0X400106F0,"T",0X1,3);
2549. split_sreg_range(0X40010702,"T",0X1,3);
2550. split_sreg_range(0X40010706,"T",0X1,3);
2551. split_sreg_range(0X4001070A,"T",0X1,3);
2552. split_sreg_range(0X40010716,"T",0X1,3);
2553. split_sreg_range(0X40010736,"T",0X1,3);
2554. split_sreg_range(0X40010750,"T",0X1,3);
2555. split_sreg_range(0X40010766,"T",0X1,3);
2556. split_sreg_range(0X40010768,"T",0X1,3);
2557. split_sreg_range(0X4001076C,"T",0X1,3);
2558. split_sreg_range(0X40010770,"T",0,3);
2559. split_sreg_range(0X4001077C,"T",0X1,3);
2560. split_sreg_range(0X40010780,"T",0,3);
2561. split_sreg_range(0X40010790,"T",0,3);
2562. split_sreg_range(0X400107AC,"T",0,3);
2563. split_sreg_range(0X400107C8,"T",0X1,3);
2564. split_sreg_range(0X400107CC,"T",0X1,3);
2565. split_sreg_range(0X400107D0,"T",0,3);
2566. split_sreg_range(0X40010804,"T",0,3);
2567. split_sreg_range(0X40010824,"T",0,3);
2568. split_sreg_range(0X40010844,"T",0,3);
2569. split_sreg_range(0X40010864,"T",0,3);
2570. split_sreg_range(0X40010884,"T",0,3);
2571. split_sreg_range(0X400108A4,"T",0X1,3);
2572. split_sreg_range(0X400108A8,"T",0,3);
2573. split_sreg_range(0X400108B4,"T",0,3);
2574. split_sreg_range(0X400108CC,"T",0,3);
2575. split_sreg_range(0X4001090C,"T",0X1,3);
2576. split_sreg_range(0X40010910,"T",0,3);
2577. split_sreg_range(0X4001093C,"T",0,3);
2578. split_sreg_range(0X40010950,"T",0X1,3);
2579. split_sreg_range(0X40010954,"T",0,3);
2580. split_sreg_range(0X40010958,"T",0,3);
2581. split_sreg_range(0X4001096C,"T",0,3);
2582. split_sreg_range(0X400109A8,"T",0X1,3);
2583. split_sreg_range(0X400109BE,"T",0X1,3);
2584. split_sreg_range(0X400109C8,"T",0X1,3);
2585. split_sreg_range(0X400109F0,"T",0X1,3);
2586. split_sreg_range(0X40010A08,"T",0X1,3);
2587. split_sreg_range(0X40010A0C,"T",0X1,3);
2588. split_sreg_range(0X40010A54,"T",0X1,3);
2589. split_sreg_range(0X40010A90,"T",0X1,3);
2590. split_sreg_range(0X40010A9C,"T",0X1,3);
2591. split_sreg_range(0X40010AA8,"T",0X1,3);
2592. split_sreg_range(0X40010AB4,"T",0X1,3);
2593. split_sreg_range(0X40010AC0,"T",0X1,3);
2594. split_sreg_range(0X40010AE2,"T",0X1,3);
2595. split_sreg_range(0X40010AE6,"T",0X1,3);
2596. split_sreg_range(0X40010AF0,"T",0X1,3);
2597. split_sreg_range(0X40010B10,"T",0X1,3);
2598. split_sreg_range(0X40010B1C,"T",0X1,3);
2599. split_sreg_range(0X40010B32,"T",0X1,3);
2600. split_sreg_range(0X40010B54,"T",0X1,3);
2601. split_sreg_range(0X40010B9A,"T",0X1,3);
2602. split_sreg_range(0X40010BCC,"T",0X1,3);
2603. split_sreg_range(0X40010C04,"T",0X1,3);
2604. split_sreg_range(0X40010C14,"T",0X1,3);
2605. split_sreg_range(0X40010C24,"T",0X1,3);
2606. split_sreg_range(0X40010C34,"T",0X1,3);
2607. split_sreg_range(0X40010C44,"T",0X1,3);
2608. split_sreg_range(0X40010C54,"T",0X1,3);
2609. split_sreg_range(0X40010C64,"T",0X1,3);
2610. split_sreg_range(0X40010C74,"T",0X1,3);
2611. split_sreg_range(0X40010CB0,"T",0X1,3);
2612. split_sreg_range(0X40010CC0,"T",0X1,3);
2613. split_sreg_range(0X40010CD0,"T",0X1,3);
2614. split_sreg_range(0X40010CEC,"T",0X1,3);
2615. split_sreg_range(0X40010CFC,"T",0X1,3);
2616. split_sreg_range(0X40010D0C,"T",0X1,3);
2617. split_sreg_range(0X40010D1C,"T",0X1,3);
2618. split_sreg_range(0X40010D50,"T",0X1,3);
2619. split_sreg_range(0X40010D84,"T",0X1,3);
2620. split_sreg_range(0X40010DAE,"T",0X1,3);
2621. split_sreg_range(0X40010DBC,"T",0X1,3);
2622. split_sreg_range(0X40010DDC,"T",0X1,3);
2623. split_sreg_range(0X40010DF0,"T",0X1,3);
2624. split_sreg_range(0X40010E00,"T",0X1,3);
2625. split_sreg_range(0X40010E10,"T",0X1,3);
2626. split_sreg_range(0X40010E20,"T",0X1,3);
2627. split_sreg_range(0X40010E48,"T",0X1,3);
2628. split_sreg_range(0X40010E56,"T",0X1,3);
2629. split_sreg_range(0X40010E60,"T",0X1,3);
2630. split_sreg_range(0X40010E74,"T",0X1,3);
2631. split_sreg_range(0X40010E84,"T",0X1,3);
2632. split_sreg_range(0X40010E96,"T",0X1,3);
2633. split_sreg_range(0X40010EA0,"T",0X1,3);
2634. split_sreg_range(0X40010EB0,"T",0X1,3);
2635. split_sreg_range(0X40010ECC,"T",0X1,3);
2636. split_sreg_range(0X40010ED6,"T",0X1,3);
2637. split_sreg_range(0X40010EF8,"T",0X1,3);
2638. split_sreg_range(0X40010F10,"T",0X1,3);
2639. split_sreg_range(0X40010F28,"T",0X1,3);
2640. split_sreg_range(0X400110E0,"T",0X1,3);
2641. split_sreg_range(0X400110F8,"T",0X1,3);
2642. split_sreg_range(0X40011102,"T",0X1,3);
2643. split_sreg_range(0X4001111C,"T",0X1,3);
2644. split_sreg_range(0X40011134,"T",0,3);
2645. split_sreg_range(0X4001113C,"T",0X1,3);
2646. split_sreg_range(0X40011156,"T",0X1,3);
2647. split_sreg_range(0X40011160,"T",0X1,3);
2648. split_sreg_range(0X400111AA,"T",0X1,3);
2649. split_sreg_range(0X400111BA,"T",0X1,3);
2650. split_sreg_range(0X400111BE,"T",0X1,3);
2651. split_sreg_range(0X400111DC,"T",0X1,3);
2652. split_sreg_range(0X400111E4,"T",0X1,3);
2653. split_sreg_range(0X400111F8,"T",0X1,3);
2654. split_sreg_range(0X400112C8,"T",0X1,3);
2655. split_sreg_range(0X400112E4,"T",0X1,3);
2656. split_sreg_range(0X40011368,"T",0X1,3);
2657. split_sreg_range(0X400113A8,"T",0X1,3);
2658. split_sreg_range(0X400113AA,"T",0X1,3);
2659. split_sreg_range(0X400113B0,"T",0X1,3);
2660. split_sreg_range(0X400113BC,"T",0X1,3);
2661. split_sreg_range(0X400113EC,"T",0X1,3);
2662. split_sreg_range(0X40011470,"T",0X1,3);
2663. split_sreg_range(0X400114A6,"T",0X1,3);
2664. split_sreg_range(0X400114AC,"T",0X1,3);
2665. split_sreg_range(0X400114C6,"T",0X1,3);
2666. split_sreg_range(0X400114CE,"T",0X1,3);
2667. split_sreg_range(0X400114D4,"T",0X1,3);
2668. split_sreg_range(0X400114FC,"T",0X1,3);
2669. split_sreg_range(0X4001154C,"T",0X1,3);
2670. split_sreg_range(0X4001158E,"T",0X1,3);
2671. split_sreg_range(0X400115D4,"T",0X1,3);
2672. split_sreg_range(0X400115FE,"T",0X1,3);
2673. split_sreg_range(0X40011602,"T",0X1,3);
2674. split_sreg_range(0X40011606,"T",0X1,3);
2675. split_sreg_range(0X4001162C,"T",0X1,3);
2676. split_sreg_range(0X4001163A,"T",0X1,3);
2677. split_sreg_range(0X40011644,"T",0X1,3);
2678. split_sreg_range(0X4001164C,"T",0X1,3);
2679. split_sreg_range(0X4001165C,"T",0X1,3);
2680. split_sreg_range(0X40011666,"T",0X1,3);
2681. split_sreg_range(0X4001167E,"T",0X1,3);
2682. split_sreg_range(0X40011688,"T",0X1,3);
2683. split_sreg_range(0X40011694,"T",0X1,3);
2684. split_sreg_range(0X4001169E,"T",0X1,3);
2685. split_sreg_range(0X400116A0,"T",0X1,3);
2686. split_sreg_range(0X400116AC,"T",0X1,3);
2687. split_sreg_range(0X400116D6,"T",0X1,3);
2688. split_sreg_range(0X400116DC,"T",0X1,3);
2689. split_sreg_range(0X400116E6,"T",0X1,3);
2690. split_sreg_range(0X400116F0,"T",0X1,3);
2691. split_sreg_range(0X4001176C,"T",0X1,3);
2692. split_sreg_range(0X4001278C,"T",0X1,3);
2693. split_sreg_range(0X400128BC,"T",0X1,3);
2694. split_sreg_range(0X40013FE0,"T",0X1,3);
2695. split_sreg_range(0X60005000,"T",0,3);
2696. split_sreg_range(0X6000F200,"T",0,3);
2697. split_sreg_range(0X7000F800,"T",0,3);
2698. split_sreg_range(0X70012000,"T",0,3);
2699. split_sreg_range(0X40000000,"DS",0X1,3);
2700. split_sreg_range(0X40006000,"DS",0X1,3);
2701. split_sreg_range(0X40007000,"DS",0X1,3);
2702. split_sreg_range(0X40010000,"DS",0X1,3);
2703. split_sreg_range(0X4001176C,"DS",0X1,3);
2704. split_sreg_range(0X4001278C,"DS",0X1,3);
2705. split_sreg_range(0X400128BC,"DS",0X1,3);
2706. split_sreg_range(0X40013FE0,"DS",0X1,3);
2707. split_sreg_range(0X60005000,"DS",0X1,3);
2708. split_sreg_range(0X6000F200,"DS",0X1,3);
2709. split_sreg_range(0X7000F800,"DS",0X1,3);
2710. split_sreg_range(0X70012000,"DS",0X1,3);
2711. }
2712.  
2713. //------------------------------------------------------------------------
2714. // Information about all patched bytes:
2715.  
2716. static Patches(void) {
2717. }
2718.  
2719. //------------------------------------------------------------------------
2720. // Call all byte feature functions:
2721.  
2722. static Bytes(void) {
2723. Bytes_0();
2724. end_type_updating(UTP_STRUCT);
2725. }
2726.  
2727. // End of file.