mirror of
https://github.com/alfishe/amiga-bootcamp.git
synced 2026-06-13 00:26:28 +00:00
21751c0025
Comprehensive technical documentation covering: - Hardware: OCS/ECS/AGA custom chip registers, Copper & Blitter deep dives - Boot sequence: cold boot through startup-sequence - Binary format: HUNK executable spec, relocation, debug info - Linking & ABI: .fd files, LVO tables, register calling conventions - Exec kernel: tasks, interrupts, memory, signals, semaphores - AmigaDOS: file I/O, FFS/OFS layout, CLI/Shell scripting - Graphics: planar bitmaps, Copper programming, HAM/EHB modes - Intuition: screens, windows, IDCMP, BOOPSI - Devices: trackdisk, SCSI, serial, timer, audio, keyboard - Libraries: utility, expansion, IFFParse, locale, ARexx - Networking: bsdsocket API, SANA-II, TCP/IP stack comparison - Toolchain: GCC, vasm/vlink, SAS/C, NDK, debugging - Reverse engineering: IDA/Ghidra setup, compiler fingerprints, case studies - CPU & MMU: 68040/060 emulation libs, PMMU, cache management - Driver development: SANA-II, Picasso96/RTG, AHI audio All files include breadcrumb navigation. No local paths or proprietary content. |
||
|---|---|---|
| .. | ||
| case_studies | ||
| dynamic | ||
| static | ||
| compiler_fingerprints.md | ||
| ida_setup.md | ||
| methodology.md | ||
| patching_techniques.md | ||
| README.md | ||
Reverse Engineering AmigaOS Binaries
Overview
This section provides a systematic methodology for reverse engineering AmigaOS executables and shared libraries using IDA Pro (or Ghidra with the Amiga plugin), with focus on:
- Reconstructing the library JMP table
- Identifying compiler-specific code patterns
- Understanding the exec/dos calling convention at the assembly level
- Tracing library patches (SetFunction)
- Case studies from real Amiga software
Contents
| File | Topic |
|---|---|
| methodology.md | Step-by-step RE workflow for Amiga HUNK binaries |
| ida_setup.md | IDA Pro configuration for 68k/Amiga analysis |
| compiler_fingerprints.md | Compiler identification by code patterns |
| library_reconstruction.md | Reconstructing unknown library JMP tables |
| patching_techniques.md | Surgical binary patching methods |
| case_studies/ | Real-world RE walkthroughs |
| case_studies/ramdrive_device.md | ramdrive.device RE walkthrough |
Core Principles
- Know the ABI first — All library calls are
JSR LVO(A6). Before reversing any function, identify which library A6 holds using thelib_Node.ln_Namestring atbase+$00. - Use .fd files — The NDK39
.fdfiles give you every function name and parameter mapping for free. - Relocations are your friend — HUNK_RELOC32 entries tell you exactly which longwords are inter-hunk references, making it easy to distinguish code from data.
- Compiler signatures reduce work — SAS/C vs GCC produces distinct prologues. Identifying the compiler narrows the pattern space dramatically.
Tool Setup
| Tool | Purpose |
|---|---|
| IDA Pro 7.x | Primary disassembler and decompiler (Hex-Rays) |
| IDA Amiga plugin | HUNK loader, HUNK_SYMBOL import |
hunkinfo |
Quick hunk/symbol/reloc dump |
| Ghidra + AmigaOS plugin | Free alternative to IDA |
| wack / MonAm | On-device debugger |
References
- NDK39:
fd/,include/ - ADCD 2.1: complete library autodocs
- Amiga ROM Kernel Reference Manual: Libraries and Devices