Introduction

When reverse-engineering bare-metal ARM firmwares often a lot of time is spent annotating the memory-mapped peripherals, to understand how the code interacts with the chip features. Creating these peripherals by hand is significant work: Reading the datasheets and creating all the different memory regions, structures and memory registers will take a long time.

SVD-Loader for Ghidra automates the entire generation of peripheral structs and memory maps for over 650 different microcontrollers: By parsing so-called SVD files (CMSIS System View Description) SVD-Loader is able to automatically annotate all peripherals of the controller, simplifying reverse-engineering of ARM firmwares significantly.

Download on Github

Usage

  • Load a binary file
  • Open it in the code-browser, do not analyze it
  • Run the SVD-Loader Script
  • Select an SVD file
  • Analyze the file

Before and after

By loading the SVD, the constants on the left (_DAT_40000200 etc.) get turned into easily readable structure reads & writes.

References

The generated Peripheral namespace allows easy browsing through all memory mapped peripherals. Blue peripherals have references to them, while black peripherals are unused.

All peripherals are listed in the Peripheral namespace on the left. On the right, all references to the BLE peripheral are shown.

Peripheral structures

SVD-Loader creates structures for the peripherals, grouping the registers of a peripheral together.

Download on Github