mirror of
https://github.com/JGoyd/CS35L27-Covert-Channel-Analysis.git
synced 2026-05-28 21:51:28 +02:00
Joseph Goydish II
1.4 KiB
1.4 KiB
Technical Details
Extended Command Activity Breakdown
Command 0x81:
- Total occurrences: 1,432
- Near I2C address 0x40: High correlation
- Example contexts show byte 0x40 nearby
- Frequency: Very high (possibly every few seconds during use)
Command 0xC7:
- Total occurrences: 968
- Near I2C address 0x40: High correlation
- Example contexts show byte 0x40 nearby
- Frequency: High (possibly system event triggered)
Usage Pattern:
- Both commands appear throughout traces
- Not concentrated in boot or specific time
- Suggests ongoing use during operation
GPIO Activity Breakdown
Bit 0x38 (209 operations):
- SETB: ~70 times
- CLR: ~139 times
- Pattern: More CLR than SETB (2:1 ratio)
- Interpretation: Possibly "active-low" control signal
- Frequency: Very high
Bit 0x34 (35 operations):
- Mix of SETB/CLR
- Frequency: Moderate
- Could be: Secondary control or status
Bit 0x3A (23 operations):
- Correlates: GPIO2 interrupt (from IODeviceTree)
- Frequency: Lower than others
- Likely: Interrupt signaling (expected)
I2S Pattern Analysis
"I2SBHkZStack" String:
- Appears in audio subsystem traces
- "Stack" suggests software layer
- "BH" meaning unknown
- Could be: "Bidirectional Host" or "Base Host"
Value 0x03 Near I2S:
- 18 occurrences of pattern
- Cannot confirm: If this is mode register write
- Cannot confirm: Timing or context
- Need: Protocol analyzer or kernel trace