This loader extension for Ghidra accompanies our release of the nanoMIPS architecture extension for reverse engineering MediaTek's 5G baseband chips.
The main part of the extension is a file loader based on our MediaTek data structure definitions, which will handle unpacking md1img format firmware images and automatically apply debug symbols contained within. The loader is triggered automatically by importing an md1img format file into a Ghidra project.
The extension also includes two scripts that use information contained within the firmware code to map and populate missing memory regions. These scripts are inspired by the FirmWire MediaTek image analyzer.
The scripts can be found under the Mediatek category in the Ghidra Script Manager:
MtkInitRegions.java simulates a series of memcpy and memset calls in the INT_InitRegions_C function, which initialize large regions of memory.
emulate_custom_mk_ram_info.py emulates a function called by INT_InitRegions_C which writes several memory region addresses and sizes into memory, and then uses those region definitions to map the remaining undefined sections of memory.
The new loader extension can be found at https://github.com/nccgroup/ghidra-mtk-loader.