[*] Binary protection state of cmac.ko
No RELRO No Canary found NX disabled REL No RPATH No RUNPATH Symbols
[*] Function sprintf tear down of cmac.ko
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/usr/lib/modules/5.10.52-axis9/kernel/crypto/cmac.ko @ 0x800025c */
| #include <stdint.h>
|
| #define BIT_MASK(t,v) ((t)(-((v)!= 0)))&(((t)-1)>>((sizeof(t)*CHAR_BIT)-(v)))
|
; (fcn) sym.cmac_create () | void cmac_create (int32_t arg1, int32_t arg2) {
| int32_t var_0h;
| int32_t var_ch;
| int32_t var_10h;
| r0 = arg1;
| r1 = arg2;
0x0800025c push {r4, r5, r6, r7, r8, lr} |
0x08000260 mov r7, r0 | r7 = r0;
0x08000264 mov r6, r1 | r6 = r1;
0x08000268 sub sp, sp, 0x10 |
0x0800026c mov r0, r1 | r0 = r1;
0x08000270 add r2, sp, 0xc | r2 += var_ch;
0x08000274 mov r1, 0xe | r1 = 0xe;
0x08000278 stmdaeq r0, {r0, r1, r7, r8, sb, ip} | __asm ("stmdaeq r0, {r0, r1, r7, r8, sb, ip}");
0x0800027c subs r4, r0, 0 | r4 = r0 - 0;
| if (r4 != r0) {
0x08000280 beq 0x8000290 |
| label_0:
0x08000284 mov r0, r4 | r0 = r4;
0x08000288 add sp, sp, 0x10 |
0x0800028c pop {r4, r5, r6, r7, r8, pc} |
| }
0x08000290 stmdaeq r0, {r0, r1, r2, r7, r8, sb, ip} | __asm ("stmdaeq r0, {r0, r1, r2, r7, r8, sb, ip}");
0x08000294 stmdaeq r0, {r0, r1, r2, r7, r8, sb, ip} | __asm ("stmdaeq r0, {r0, r1, r2, r7, r8, sb, ip}");
0x08000298 mov r1, 0xdc0 | r1 = 0xdc0;
0x0800029c ldr r0, [r3, 0x28] | r0 = *((r3 + 0x28));
0x080002a0 stmdaeq r0, {r0, r1, r3, r7, r8, sb, ip} | __asm ("stmdaeq r0, {r0, r1, r3, r7, r8, sb, ip}");
0x080002a4 subs r5, r0, 0 | r5 = r0 - 0;
| if (r5 == r0) {
0x080002a8 beq 0x80003c8 | goto label_2;
| }
0x080002ac ldr r0, [r6, 4] | r0 = *((r6 + 4));
0x080002b0 add r6, r5, 0xc0 | r6 = r5 + 0xc0;
0x080002b4 stmdaeq r0, {r0, r1, r2, r3, r7, r8, sb, ip} | __asm ("stmdaeq r0, {r0, r1, r2, r3, r7, r8, sb, ip}");
0x080002b8 ldr r3, [sp, 0xc] | r3 = var_ch;
0x080002bc mov r2, r0 | r2 = r0;
0x080002c0 mov r1, r6 | r1 = r6;
0x080002c4 orr r3, r3, 0xf | r3 |= 0xf;
0x080002c8 add r0, r5, 0x280 | r0 = r5 + 0x280;
0x080002cc str r3, [sp] | *(sp) = r3;
0x080002d0 mov r3, 1 | r3 = 1;
0x080002d4 stmdaeq r0, {r0, r1, r4, r7, r8, sb, ip} | __asm ("stmdaeq r0, {r0, r1, r4, r7, r8, sb, ip}");
0x080002d8 subs r4, r0, 0 | r4 = r0 - 0;
| if (r4 != r0) {
0x080002dc bne 0x80002f8 | goto label_1;
| }
0x080002e0 ldr r8, [r5, 0x288] | r8 = *((r5 + 0x288));
0x080002e4 ldr r3, [r8, 0x14] | r3 = *((r8 + 0x14));
0x080002e8 sub r3, r3, 8 | r3 -= 8;
0x080002ec bics r3, r3, 8 | __asm ("bics r3, r3, 8");
| if (r4 == r0) {
0x080002f0 mvnne r4, 0x15 | r4 = ~0x15;
| }
0x080002f4 beq 0x800030c |
| while (r4 != r0) {
| label_1:
0x080002f8 mov r0, r5 | r0 = r5;
0x080002fc stmdaeq r0, {r0, r1, r2, r4, r7, r8, sb, ip} | __asm ("stmdaeq r0, {r0, r1, r2, r4, r7, r8, sb, ip}");
0x08000300 mov r0, r4 | r0 = r4;
0x08000304 add sp, sp, 0x10 |
0x08000308 pop {r4, r5, r6, r7, r8, pc} |
0x0800030c mov r2, r8 | r2 = r8;
0x08000310 mov r0, r6 | r0 = r6;
0x08000314 add r1, r7, 0x14 | r1 = r7 + 0x14;
0x08000318 stmdaeq r0, {r0, r1, r3, r4, r7, r8, sb, ip} | __asm ("stmdaeq r0, {r0, r1, r3, r4, r7, r8, sb, ip}");
0x0800031c subs r4, r0, 0 | r4 = r0 - 0;
0x08000320 bne 0x80002f8 |
| }
0x08000324 ldr r3, [r8, 0x1c] | r3 = *((r8 + 0x1c));
0x08000328 mov r0, r7 | r0 = r7;
0x0800032c str r3, [r5, 0xdc] | *((r5 + 0xdc)) = r3;
0x08000330 mov r1, r5 | r1 = r5;
0x08000334 bic r3, r3, 0x3f | r3 = BIT_MASK (r3, 0x3f);
0x08000338 ldr r2, [r8, 0x20] | r2 = *((r8 + 0x20));
0x0800033c add r3, r3, 0x40 | r3 += 0x40;
0x08000340 str r2, [r5, 0xe0] | *((r5 + 0xe0)) = r2;
0x08000344 ldr r2, [r8, 0x14] | r2 = *((r8 + 0x14));
0x08000348 str r2, [r5, 0xd4] | *((r5 + 0xd4)) = r2;
0x0800034c str r2, [r5, 0x80] | *((r5 + 0x80)) = r2;
0x08000350 stmdaeq r0, {r4, r5, sb} | __asm ("stmdaeq r0, {r4, r5, sb}");
0x08000354 stmdaeq r0, {r4, r5, sb} | __asm ("stmdaeq r0, {r4, r5, sb}");
0x08000358 ldr ip, [r8, 0x14] | ip = *((r8 + 0x14));
0x0800035c add ip, r3, ip, lsl 1 |
0x08000360 str ip, [r5, 0x68] | *((r5 + 0x68)) = ip;
0x08000364 ldr ip, [r8, 0x14] | ip = *((r8 + 0x14));
0x08000368 str r2, [r5, 0x200] | *((r5 + 0x200)) = r2;
0x0800036c stmdaeq r0, {r2, r5, sb} | __asm ("stmdaeq r0, {r2, r5, sb}");
0x08000370 stmdaeq r0, {r2, r5, sb} | __asm ("stmdaeq r0, {r2, r5, sb}");
0x08000374 str r2, [r5, 0x204] | *((r5 + 0x204)) = r2;
0x08000378 add r3, r3, ip, lsl 1 | r3 += (ip << 1);
0x0800037c stmdaeq r0, {r4, r5, r6} | __asm ("stmdaeq r0, {r4, r5, r6}");
0x08000380 stmdaeq r0, {r4, r5, r6} | __asm ("stmdaeq r0, {r4, r5, r6}");
0x08000384 str r3, [r5, 0xd8] | *((r5 + 0xd8)) = r3;
0x08000388 stmdaeq r0, {r4, r6, r7, r8, sb} | __asm ("stmdaeq r0, {r4, r6, r7, r8, sb}");
0x0800038c stmdaeq r0, {r4, r6, r7, r8, sb} | __asm ("stmdaeq r0, {r4, r6, r7, r8, sb}");
0x08000390 strd r2, r3, [r5, 0x40] | __asm ("strd r2, r3, [r5, 0x40]");
0x08000394 stmdaeq r0, {r5, r6, r7, sl} | __asm ("stmdaeq r0, {r5, r6, r7, sl}");
0x08000398 stmdaeq r0, {r5, r6, r7, sl} | __asm ("stmdaeq r0, {r5, r6, r7, sl}");
0x0800039c stmdaeq r0, {r2, r3, r5, r7} | __asm ("stmdaeq r0, {r2, r3, r5, r7}");
0x080003a0 stmdaeq r0, {r2, r3, r5, r7} | __asm ("stmdaeq r0, {r2, r3, r5, r7}");
0x080003a4 str r2, [r5, 0x48] | *((r5 + 0x48)) = r2;
0x080003a8 str r3, [r5, 0x5c] | *((r5 + 0x5c)) = r3;
0x080003ac stmdaeq r0, {r0, r1, r2, r4, r7, r8, sb, ip} | __asm ("stmdaeq r0, {r0, r1, r2, r4, r7, r8, sb, ip}");
0x080003b0 stmdaeq r0, {r0, r1, r2, r4, r7, r8, sb, ip} | __asm ("stmdaeq r0, {r0, r1, r2, r4, r7, r8, sb, ip}");
0x080003b4 str r3, [r5] | *(r5) = r3;
0x080003b8 stmdaeq r0, {r0, r1, r2, r3, r4, r7, r8, sb, ip} | __asm ("stmdaeq r0, {r0, r1, r2, r3, r4, r7, r8, sb, ip}");
0x080003bc subs r4, r0, 0 | r4 = r0 - 0;
| if (r4 == r0) {
0x080003c0 beq 0x8000284 | goto label_0;
| }
0x080003c4 b 0x80002f8 | goto label_1;
| label_2:
0x080003c8 mvn r4, 0xb | r4 = ~0xb;
0x080003cc b 0x8000284 | goto label_0;
| }
[*] Function sprintf used 1 times cmac.ko