Get to know your tools

These developer notes assume almost no knowledge. The goal is to learn everything required to write a bare metal operating system for the STM32 by playing and experimentation, diving deeper each iteration and trying to accomplish progressively more difficult tasks.

Ripping, restoring, and decompiling the factory operating system.

In this tutorial we’re going to review the memory layout of the STM32F103. We’ll use this information and our tools to copy both the factory bootloader and factory operating system to our development computer. We’ll finish by opening both the bootloader and operating system in Ghidra, and writing some early observations about how they work.

Development techniques.

We will cover three techniques to reverse engineer a running chip using GDB. First, we will learn how to examine the state of all the incoming and outgoing wires in the chip (GPIO). Then, we will practice selectively turning off device peripherals to see what happens. Finally, we will introduce function prototyping. Using GDB, we can reset the device and establish the minimal routine that is necessary to accomplish some objective, for example, make a pad change a color, or write a character to the LCD screen.

As the STM32F103 has a memory mapped peripheral, most operating system stuff boils down to reading from an address, writing to that address, and looping. We can prototype in GDB first, and then translate the minimal routine almost line for line to C and build on it.