HW:Debug USB
This seems to be a built-in debugging USB interface.
Commands via EP 0x01, replies via 0x81, 0x82 unknown
RE notes trying to send it random stuff:
First 3 bytes are ignored? Fourth byte matters.
First 5 bytes are echoed at the beginning of replies
Replies seem to follow a uniform format
> 00000000 000c8000 00000000 00000000
OOLLLL
Reads LLLL bytes (rounded to dword) starting from dword register OO.
Returns:
00000000 00000000 <u32:payload len> <data words>* <u32:data size> <u32:status=4?>
> 00000000 02000000 00000000 00000000 00000000 00
Returns:
00000000 02000000 08458400
And then keeps flooding [a0030000] repeated forever
Seems to be an insane length. Bug?
Register dump:
00000000 a0 03 00 00 91 00 06 10 91 00 81 08 09 22 00 00 |............."..|
00000010 03 10 00 00 00 00 30 3d 02 00 00 00 0f 0f 00 00 |......0=........|
00000020 15 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000060 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000080 00 01 00 04 01 01 0b 08 02 06 fe 40 00 00 00 00 |...........@....|
00000090 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000000a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000000b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000000c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000000d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000000e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000000f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000100 00 0a 00 00 01 03 00 00 02 04 00 00 03 08 00 00 |................|
00000110 04 00 00 00 05 00 00 00 06 00 00 00 07 00 00 00 |................|
00000120 08 00 00 00 09 00 00 00 0a 00 00 00 0b 00 00 00 |................|
00000130 0c 00 00 00 0d 00 00 00 0e 00 00 00 0f 00 00 00 |................|
00000140 10 00 00 00 11 00 00 00 12 00 00 00 13 00 00 00 |................|
00000150 14 00 00 00 15 00 00 00 16 00 00 00 17 00 00 00 |................|
00000160 18 00 00 00 19 00 00 00 1a 00 00 00 1b 00 00 00 |................|
00000170 1c 00 00 00 1d 00 00 00 1e 00 00 00 1f 20 00 00 |............. ..|
00000180 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000190 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000001a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000001b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000001c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000001d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000001e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000001f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|