All times are UTC - 5 hours [ DST ]


Forum rules


Please do not post questions about data recovery cases here (use this forum instead). This forum is for topics on finding new ways to recover data. Accessing firmware, writing programs, reading bits off the platter, recovering data from dust...



Post new topic Reply to topic  [ 3 posts ] 
Author Message
 Post subject: Where in RAM to load overlays for WD drives
PostPosted: September 22nd, 2018, 12:59 
Offline

Joined: January 29th, 2012, 1:43
Posts: 448
Location: United States
This is a technical question for Western Digital drives, without using paid pro tools. I am doing this with my own program and scripting. So let's say I have ROM and RAM access, and have brought the drive up in kernel mode with no modules loaded, and have raw SA read access via CHS (but not write access, which is my goal, to be able to write to SA). So I can read from SA and get modules, but I don't know where to load them in RAM as an overlay. There must be a way from either ROM or RAM to find the proper location to load a module as an overlay. Or if there is a magic way to enable writing to SA when in kernel mode, I would accept that also.

_________________
http://www.sdcomputingservice.com
Home of HDDSuperClone and HDDSuperTool


Top
 Profile  
 
 Post subject: Re: Where in RAM to load overlays for WD drives
PostPosted: September 22nd, 2018, 16:54 
Offline
User avatar

Joined: September 8th, 2009, 18:21
Posts: 10776
Location: Australia
At present I'm watching this thread:

viewtopic.php?f=1&t=37418

Transient overlay (TRANSOVL) 0x411 appears to specify its own RAM load points in a table. The overlay consists of several components, each of which is loaded into a separate area of RAM.

Code:
Offset(h) 00       04

00000000  524F594C 03003000  ROYL..0.
00000008  1104E300 7F946EF8
00000010  30303136 30303744  0016007D
00000018  07070700 000030A1
00000020  00000000 00000000
00000028  00000000 00000000
00000030  380F00F0 680200F0   start of table of load addresses ?
00000038  00DE0210 68020000
00000040  88DAE3FF FCC80000   FFE3DA88 + C8FC
00000048  88E00290 D00C0000   9002E088 + CD0 = 9002ED58
00000050  58ED0290 F0860000   9002ED58
          ^^^^^^^^ ^^^^^^^^
          address  size

00000058  5452414E 534F564C  TRANSOVL   <- first overlay component


00000288  55555555 AAAAAAAA  UUUUªªªª   <- second overlay component ???
00000290  4563686F 53746172  EchoStar
00000298  20445354 33003400   DST3.4.


0000FC88  F84910B5 01EB0010   <- start of last overlay component
........
0001C580  C32601EA 00000000   <- end of last overlay component

The last overlay component has a size of 0xC8FC bytes. There is a corresponding entry in the table of load points. This would suggest that this overlay component would be loaded into RAM at address 0xFFE3DA88.

_________________
A backup a day keeps DR away.


Top
 Profile  
 
 Post subject: Re: Where in RAM to load overlays for WD drives
PostPosted: September 22nd, 2018, 19:59 
Offline
User avatar

Joined: September 8th, 2009, 18:21
Posts: 10776
Location: Australia
Assuming no-one knows, or is willing to divulge, the answer to your question, I would dump the RAM in "normal mode" and then locate the load point of module 11h (the loader).

Next I would refer to the ROM and determine the size and memory address of each section. Most sections will be compressed, so they cannot simply be extracted from the ROM (unless you know the compression algorithm). Instead I would carve each decompressed ROM section out of the RAM dump.

Finally I would search the decompressed code/data for the load address of module 11h. Hopefully this will be located within some data structure (eg a table of load points).

_________________
A backup a day keeps DR away.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 3 posts ] 

All times are UTC - 5 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 4 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group