Hacking the Xbox
Hacking the Xbox
Hacking the Xbox
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
44<br />
<strong>Hacking</strong> <strong>the</strong> <strong>Xbox</strong>: An Introduction to Reverse Engineering<br />
Binary and Hexadecimal Numbers (continued)<br />
Bin Dec Hex Bin Dec Hex<br />
0000 0 0 1000 8 8<br />
0001 1 1 1001 9 9<br />
0010 2 2 1010 10 A<br />
0011 3 3 1011 11 B<br />
0100 4 4 1100 12 C<br />
0101 5 5 1101 13 D<br />
0110 6 6 1110 14 E<br />
0111 7 7 1111 15 F<br />
Table 2-2: Binary, decimal, and hexadecimal conversion table.<br />
The heart of a CPU is a tiny, but very fast, memory called <strong>the</strong> register file.<br />
Multiple pieces of data can be written into and read out of a register file<br />
each processor clock cycle. Data from <strong>the</strong> register file is fed into an<br />
execution unit called <strong>the</strong> arithmetic logic unit (ALU). The function<br />
computed by <strong>the</strong> ALU is controlled by instructions fetched from<br />
memory. Once <strong>the</strong> data has been processed by <strong>the</strong> ALU, it can ei<strong>the</strong>r be<br />
written back into <strong>the</strong> register file, or stored into memory.<br />
One important performance feature of almost every modern CPU is a<br />
memory access accelerator called a cache. Caches are small, fast memories<br />
that store copies of data and instruction snippets that are likely to be<br />
used in <strong>the</strong> near future by <strong>the</strong> CPU core. Caches are slower than register<br />
files but faster than main memory; likewise, caches store more data than a<br />
register file, but store less data than main memory.<br />
One important feature of <strong>the</strong> <strong>Xbox</strong> CPU cache to be aware of is that it is<br />
a writeback cache. Writeback caches allow copies of data stored inside<br />
<strong>the</strong> CPU to be out of sync with what exists in main memory. This timing<br />
difference can complicate attempts to trace CPU execution by observing<br />
external memory traffic alone. The cache memory can also be leveraged<br />
by security routines to hide intermediate computation results from<br />
someone observing <strong>the</strong> memory bus.<br />
Northbridges and Southbridges<br />
The terms Northbridge and Southbridge are vernacular specific to <strong>the</strong><br />
PC architecture. They refer to <strong>the</strong> two basic support chips that are found<br />
in virtually every PC. A Northbridge chip connects <strong>the</strong> CPU to main<br />
memory as well as any high-performance expansion busses, such as AGP<br />
and PCI. A Southbridge chip hangs off of <strong>the</strong> Northbridge chip and<br />
contains all of <strong>the</strong> extra peripherals that are found in a typical PC —<br />
parallel, serial, USB, mouse, keyboard, IDE controllers, audio codecs,