Every firmware researcher eventually encounters a little-known microcontroller or a fresh CPU architecture with custom extensions. Not long ago, one of such devices landed on our desks for analysis: a RISC-V chip with the RV32-based instruction set and a P Extension (not even the latest version).
Our IDA Pro was meeting it for the first time, too, and it turned out this reverse engineering tool didn’t support certain instructions. So we had to
— find what these instructions are: they were from P Extension a.k.a. Packed-SIMD Extension,
— study an early draft of the P Extension and implement support for several instructions from that extension in IDA Pro,
— perform “lifting”, i.e. translating instructions into an intermediate representation understandable by the decompiler.
See the details of this toolkit improvement adventure in the article “Teaching IDA Pro to understand the RISC-V P Extension”.
