Mirror/Luma3DS
1
0
Fork 0
mirror of https://github.com/LumaTeam/Luma3DS.git synced 2026-02-22 09:54:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: Mirror:v11.0
Branches Tags
Mirror:master
Mirror:v13.3.3
Mirror:v13.3.2
Mirror:v13.3.1
Mirror:v13.3
Mirror:v13.2.1
Mirror:v13.2
Mirror:v13.1.2
Mirror:v13.1.1
Mirror:v13.1
Mirror:v13.0.2
Mirror:v13.0.1
Mirror:v13.0
Mirror:v12.0.1
Mirror:v12.0
Mirror:v11.0
Mirror:v10.3
Mirror:v10.2.1
Mirror:v10.2
Mirror:v10.1.3
Mirror:v10.1.2
Mirror:v10.1.1
Mirror:v10.1
Mirror:v10.0.1
Mirror:v10.0
Mirror:v9.1
Mirror:v9.0-joyconhax
Mirror:v9.0
Mirror:v8.1.1
Mirror:v8.1
Mirror:v8.0
Mirror:v7.1
Mirror:v7.0.5
Mirror:v7.0.4
Mirror:v7.0.3
Mirror:v7.0.2
Mirror:v7.0.1
Mirror:v7.0
Mirror:v6.6
Mirror:v6.5
Mirror:v6.3.1
Mirror:v6.3
Mirror:v6.2.3
Mirror:v6.2.2
Mirror:v6.2.1
Mirror:v6.2
Mirror:v6.1.2
Mirror:v6.1.1
Mirror:v6.1
Mirror:v6.0.1
Mirror:v6.0
Mirror:v5.5
Mirror:v5.4
Mirror:v5.3.1
Mirror:v5.3
Mirror:v5.2
Mirror:v5.1.2
Mirror:v5.1.1
Mirror:v5.1
Mirror:v5.0
Mirror:v4.2
Mirror:v4.1
Mirror:v4.0.1
Mirror:v4.0
Mirror:v3.14
Mirror:v3.13
Mirror:v3.12
Mirror:v3.11
Mirror:v3.10
Mirror:v3.9
Mirror:v3.8.1-r2
Mirror:v3.8
Mirror:v3.7.3
Mirror:v3.7.2
Mirror:v3.7.1
Mirror:v3.7
Mirror:v3.6.1
Mirror:v3.6
Mirror:v3.5.3
Mirror:v3.5.2
Mirror:v3.5.1
Mirror:v3.5
Mirror:v3.4
Mirror:v3.3
...
compare: Mirror:master
Branches Tags
Mirror:master
Mirror:v13.3.3
Mirror:v13.3.2
Mirror:v13.3.1
Mirror:v13.3
Mirror:v13.2.1
Mirror:v13.2
Mirror:v13.1.2
Mirror:v13.1.1
Mirror:v13.1
Mirror:v13.0.2
Mirror:v13.0.1
Mirror:v13.0
Mirror:v12.0.1
Mirror:v12.0
Mirror:v11.0
Mirror:v10.3
Mirror:v10.2.1
Mirror:v10.2
Mirror:v10.1.3
Mirror:v10.1.2
Mirror:v10.1.1
Mirror:v10.1
Mirror:v10.0.1
Mirror:v10.0
Mirror:v9.1
Mirror:v9.0-joyconhax
Mirror:v9.0
Mirror:v8.1.1
Mirror:v8.1
Mirror:v8.0
Mirror:v7.1
Mirror:v7.0.5
Mirror:v7.0.4
Mirror:v7.0.3
Mirror:v7.0.2
Mirror:v7.0.1
Mirror:v7.0
Mirror:v6.6
Mirror:v6.5
Mirror:v6.3.1
Mirror:v6.3
Mirror:v6.2.3
Mirror:v6.2.2
Mirror:v6.2.1
Mirror:v6.2
Mirror:v6.1.2
Mirror:v6.1.1
Mirror:v6.1
Mirror:v6.0.1
Mirror:v6.0
Mirror:v5.5
Mirror:v5.4
Mirror:v5.3.1
Mirror:v5.3
Mirror:v5.2
Mirror:v5.1.2
Mirror:v5.1.1
Mirror:v5.1
Mirror:v5.0
Mirror:v4.2
Mirror:v4.1
Mirror:v4.0.1
Mirror:v4.0
Mirror:v3.14
Mirror:v3.13
Mirror:v3.12
Mirror:v3.11
Mirror:v3.10
Mirror:v3.9
Mirror:v3.8.1-r2
Mirror:v3.8
Mirror:v3.7.3
Mirror:v3.7.2
Mirror:v3.7.1
Mirror:v3.7
Mirror:v3.6.1
Mirror:v3.6
Mirror:v3.5.3
Mirror:v3.5.2
Mirror:v3.5.1
Mirror:v3.5
Mirror:v3.4
Mirror:v3.3

146 Commits
v11.0 ... master

Author SHA1 Message Date
TuxSH
e35972ea82 rosalina: fix volume slider override value calculation 
Below 50%, the volume slider moves the dB value twice as fast. When
linearly interpolating the value in dB (lerp in log-scale), we need to
account for that fact to match how the MCU firmware handles the actual
volume slider.
 2026-02-11 02:41:03 +01:00
fangrong
21f0d64ee8 rosalina: Further fix for ReturnToHomeMenu 2026-01-21 22:41:35 +01:00
TuxSH
7f1dd962af Bump ini output buffer size and add checks 2026-01-19 18:26:59 +01:00
TuxSH
a608ad8241 Add patch that removes the Year 2050 limit in System Settings date picker 
This restriction was completely artificial, rest of system supports 01
Jan 2000 - 31 Dec 2099 just fine.

NNID user's year-of-birth seems to have a similar Year 2050 restriction,
I'm not removing that as long as any NNID stuff is still active.
 2026-01-06 01:23:38 +01:00
fangrong
c04c7254ed plgloader: Code cleanup 2025-12-26 23:40:25 +01:00
Angel Martin
db639a80c9
Add "Return to Home Menu" button for consoles with broken Home Buttons (#2143) 2025-12-12 21:39:16 +01:00
fangrong
4cfca3c55d Optimize the ASM code of romfsredir, saving 2 bytes so that it does not exceed the size of throwFatalError function 2025-12-12 21:09:47 +01:00
fangrong
d3d9a63bf2 lfs: Call UnMountArchive before Mount, Prevent potential issues in the RegisterArchive interface 2025-12-12 21:09:47 +01:00
PabloMK7
407c18e6fd
plugin_loader: Make plugin reply timeout configurable (#2183) 2025-09-26 17:34:31 +02:00
TuxSH
456a6b4ad7 arm9/util: use hardcoded crc luts 2025-09-08 03:29:23 +02:00
TuxSH
b3282abbf7 Patch lgy k11 to avoid allocating unused pages (bug) which was preventing 2 threads to be created 2025-08-04 18:01:14 +02:00
TuxSH
119499d28d Patch lgy k11 to skip devunit check on kernelpanic, allowing red screens to be displayed on panic 
L+R+Start+Select to remove LCD fill
 2025-08-04 18:00:47 +02:00
TuxSH
12b15812f2 rosalina: make sure pixel data is aligned in screenshots 2025-07-30 12:53:46 +02:00
TuxSH
55d694fbdd rosalina: we are in 2025 - update credits 2025-07-15 02:44:55 +02:00
TuxSH
1c980b95dc rosalina: fix display bug in MiscellaneousMenu_UpdateTimeDateNtp 2025-07-15 02:44:48 +02:00
TuxSH
da66af3f8a sysmenu: fix luminance calculation, and allow going above preset 5 in many cases. 
Unlike SetLuminanceLevel, SetLuminance doesn't check if preset <= 5, and actually allows the lumiance levels provisioned for the "brightness boost mode" (brighter when adapter is plugged in), even when the feature is disabled (it is disabled for anything but the OG model, iirc).
 2025-07-04 00:19:09 +02:00
TuxSH
97cc70d35d Fix issue with screen init causing brightness flickering and burn-in when booting HM after a splash on IPS panels 
- previously, we left brightness voltage and LCD panel voltage on even though we disabled PWM and output signal, causing GSP to misdetect screen state in turn. Fix that (this fixes the issue mentioned above)

- Initialize the LCD controller over I2C, this fixes some rare sync issues some screen have with other Arm9 homebrew

This may not fix 100% of the issues, only the most egregious/dangerous
ones. There's still a lot of tech debt in Luma's baremetal code, that
necessitate a full rewrite to fix (not planned for this year)
 2025-07-03 21:05:18 +02:00
TuxSH
59543da23d bootloader: zerofill N3DS ABL regs when autobooting DSi title 
Closes #2137.

Even though (when running TWL/AGB FIRM) the SoC is in O3DS mode, and the GPU also is,
as well as most other components behaving as such (external RAM, L2C not usable, etc.),
this is NOT the case for the LCD and adaptive backlight logic which retains FULL N3DS
functionality, including a feature where the window is blended with a given color depending
on the overall relative luminance of that window.

However, Nintendo's own code mistakenly assumes the opposite, and clearly so ("if GPU in N3DS mode"
checks, not passing N3DS extra adaptive backlight (ABL) to TWL/AGB_FIRM). This has implications:

- Powersaving (ABL) settings in TWL/AGB_FIRM is inconsistent with *both* O3DS (because the new RGB blend
LUT has been set to its current value by NATIVE_FIRM) and N3DS (because "pwn_cnt" and "inertia" are missing
their N3DS-only bits)
- "rave party" when booting into TWL/AGB_FIRM or O3DS NATIVE_FIRM without these regs (well, the LUT)
initialized. Easiest way to do so is by leveraging the "DSi autooboot" feature Luma provides. It is worth
noting at least the LUT survives hardware reboots (if Nintendo were using DSi software that was using
TLNC-based reboots, they wouldn't have noticed).

Only touch the autoboot path, for now
 2025-05-12 03:10:52 +02:00
TuxSH
581e591070 arm9: fix loadDeliverArg bug 2025-05-11 22:24:34 +02:00
TuxSH
8a6b766894 loader: fix nonstring warnings 2025-05-02 20:40:37 +02:00
TuxSH
5f848124c4 Fix undefined function issue in plgldr.c 2025-03-19 03:11:27 +01:00
TuxSH
b4273f9569 Fix regression introduced by latest release 
As it turns out, neither f_mkdir nor fs.c function create directories recursively, only the last one
 2025-03-10 19:37:27 +01:00
PabloMK7
856a4b3acf Put essential files in subfolder with console ID 2025-03-04 22:39:42 +01:00
TuxSH
043e2d2497 Fix bug in loadNintendoFirm 2024-12-30 14:29:32 +01:00
TuxSH
b15e5fa8d6 loader: change defaults when kext not present 
E.g. if ran through emulation
 2024-12-29 20:30:38 +01:00
PabloMK7
1399d7ef3b plgldr: Allow loading plugins on homebrew if flag set in 3gx 2024-12-23 16:36:50 +01:00
TuxSH
60b244d6a3 Add emunand support for prototype NFIRM (by @Wack0) 2024-12-22 23:14:26 +01:00
PabloMK7
92e586cb3c Add basic support for prototype firmware 
* Installs arm9 exception handlers
* Disables NAND signature checks, allowing the firmware to boot on retail devices
 2024-12-08 02:00:31 +01:00
TuxSH
9b8a95a1de Fix volume override for applets (i2s2/csnd) 
This feature repurposes the functionality used for the camera shutter sound.
As such, it interferes with it:
    - shutter volume is set to the override instead of its default 100% value
    - due to implementation details, having the shutter sound effect play will
      make this feature stop working until the volume override is reapplied by
      going back to this menu

Closes #2072
 2024-10-20 19:37:02 +02:00
TuxSH
684c95c7e8 rosalina: in volume override menu, add support for CPAD too 2024-10-01 23:31:22 +02:00
TuxSH
2a7caa366e Prepare for v13.2.1 2024-10-01 23:16:57 +02:00
TuxSH
d2bf10733b Rewrite README, add screenshots 2024-10-01 20:41:32 +02:00
TuxSH
78fe559eb6 Rename LICENSE (same GPLv3 terms, prune history) 2024-10-01 17:47:24 +02:00
TuxSH
0d0a549967 Prepare LICENSE for rename 2024-10-01 17:46:48 +02:00
TuxSH
e96f2efc7e rosalina: add bottom screen color curve that was thought to be incorrect 
Use separate toggle in the same submenu as top screen
 2024-10-01 01:52:14 +02:00
TuxSH
d299558b09 Update bug-report.md in accordance to the release about to be made 2024-09-27 22:36:05 +02:00
PabloMK7
3253fdb255
Allow plugins to use PRIVATE memory instead of SHARED on requests (#2086) 
- Modify the svcMapProcessMemoryEx svc so that it takes an extra flags argument. This change was made in a way that shouldn't break existing plugins or applications.
- Add MAPEXFLAGS_PRIVATE flag, which maps the specified memory as PRIVATE instead of SHARED.
- Allow plugins to be mapped with PRIVATE memory instead of SHARED with a flag in the .3gx header. This allows plugins to use socket and http services without additional hacks.

---------

Co-authored-by: LittleCube <littlecubehax@gmail.com>
 2024-09-27 22:31:03 +02:00
PabloMK7
e0e86c46a7 rosalina: Add debug flag to dump gdb communications 2024-09-27 22:18:34 +02:00
TuxSH
902f306ab3 rosalina: remove unused lut, add attribution 2024-09-27 22:01:29 +02:00
TuxSH
ef1773ef4a rosalina: add ability to menu to take screenshot of itself (default combo: L+Up+Select) 
Only for documentation purposes, via compile-time flag.

And fix some resource leak bugs, etc.
 2024-09-23 00:35:22 +02:00
R-YaTian
7e4a106787
rosalina: Improve misc NTP menu drawing (#2075) 2024-09-22 01:36:19 +02:00
TuxSH
2ae3c4d4ce rosalina: fix handling of more than 1 hidden option in a row 
Reported by @cooolgamer
 2024-09-22 01:20:53 +02:00
TuxSH
946eb94f02 rosalina: clean up code in N3DSMenu_UpdateStatus 2024-09-22 00:59:57 +02:00
TuxSH
0a11d29d8b rosalina: move power off/reboot back, in a single menu entry this time 2024-09-18 22:36:04 +02:00
TuxSH
1c737d499f rosalina: add qtm calibration submenu 
Also steal qtm handle b/c of limitiations (max 3 sessions total)
 2024-09-15 23:44:44 +02:00
TuxSH
2aa2013318 rosalina: add SS3D toggle option 
Closes #2062
 2024-09-15 23:44:36 +02:00
TuxSH
a7bd3208a5 Declutter main rosalina menu & reorder 
"Change screen brightness" (due to limitations), "Power Off", "Reboot" moved to sysconfig menu
 2024-09-09 00:44:48 +02:00
TuxSH
14e462be20 Clarify that the color curve fixing is intended for IPS top screen only (with stellar results) 
And that bottom screen curve doesn't actually match (I don't have bottom IPS New 3DSes but I have asked people who do).
 2024-09-03 20:33:21 +02:00
fangrong
9f933954a0 rosalina: fix wrong args in svcControlMemoryEx 2024-08-24 19:48:09 +02:00
TuxSH
ab7e8676b5 rosalina: fix regression in menuReadScreenTypes 2024-08-18 20:42:31 +02:00
TuxSH
f0be624792 rosalina: add system info menu with TN/IPS screen detection in it 2024-08-14 22:48:33 +02:00
TuxSH
85c1997f2b rosalina: use correct srgb filter order 2024-08-04 23:14:29 +02:00
TuxSH
2c49a04516 rosalina: add battery info in debug info 2024-08-02 17:22:53 +02:00
TuxSH
2ddf5d334c Create payloads directory during upgrade process 
Closes #2058
 2024-08-01 12:39:21 +02:00
TuxSH
db4564a3f5 rosalina: implement full color space correction (to sRGB) 
Add option to make the 3DS screens look like sRGB monitors. While this
is not perfect (due to screen variance, and it may make dark tones
slightly darker), this significantly improves the color fidelity of
homebrew and custon HOME Menu themes, removing that "blueish, washed-out
look".

Do note that first-party party 3DS games are designed around the 3DS's
"washed-out" color curve, and may not need that adjustment.

(done in collaboration with @profi200)
 2024-07-31 23:22:48 +02:00
TuxSH
7a259a5792 Update super-outdated bug_report.md 2024-07-15 22:44:48 +02:00
TuxSH
988ec17ebf Screenshots: when dealing with 800px mode, produce 800x480 instead of 800x240 images for more faithful output 
Each line is duplicated in this case (integer scaling 2)
 2024-06-22 01:22:22 +02:00
TuxSH
52a1f4ae60 Patch lgy k11 for agb_firm, too 2024-06-22 00:26:55 +02:00
TuxSH
1c7a2b6135 Remove debug #if 0 that was accidentally left in 2024-06-13 19:37:22 +02:00
TuxSH
cc46e16d66 Fix hb autoboot stuck in exception at boot after a forced shutdown 
Closes #1882.

Whenever power button is held long enough ("force shutdown"), mcu sysmodule
stores a flag in free reg 0. It will clear it next boot.

During that next boot, if that flag was set and if CFG_BOOTENV.bit0 is set
(warmboot/firm chainload, i.e. not coldbooting), then main() will simulate
a "power button held" interrupt (after upgrading mcu fw if necessary -- it
will reboot console after if it has upgraded mcu fw, I guess that's one of
the reasons the flag is there). This obviously cause other processes to initiate
a shutdown.

In the case of autoboot, ns will panic when this happens.
 2024-06-12 22:44:38 +02:00
TuxSH
725823a9d9 loadTitleLocaleConfig: add Bermuda ("BM") 2024-06-08 19:47:58 +02:00
TuxSH
41dd8bd226 Fix #2034 2024-05-25 17:50:22 +02:00
TuxSH
6c324e0ed0 Force wifi menu: handle unconfigured wifi slots correctly 2024-05-11 17:38:16 +02:00
PabloMK7
45dce14f23
rosalina: fix wireless connection option replacing volume override (#2028) 2024-05-09 21:57:49 +02:00
PabloMK7
2df3c389c1
plugin loader: add persistent plugin user load parameters (#2027) 2024-05-09 21:52:49 +02:00
PabloMK7
175e184089
plugin loader: allow loading user defined plugin for any title (#2026) 2024-05-09 19:59:03 +02:00
TuxSH
df1f9dbfc2 Update RosalinaMenu_ShowCredits (we are in 2024) 2024-05-01 23:49:33 +02:00
TuxSH
64293f8942 Config changes and fixes, see description 
- Remove allow_updown_leftright_dsi (option was unused and useless)
- Hide enable_dsi_external_filter. Do not mention out-of-date wiki,
  fixes #1992
- Limit gamma to a more reasonable value of 8, fixes #1989
 2024-05-01 17:58:15 +02:00
TuxSH
23e478d67a Update release archive rules in Makefile 
Closes #1981
 2024-05-01 13:31:04 +02:00
PabloMK7
5928eefe95
plugin_loader: Add new flags to 3gx files (#2021) 2024-05-01 00:31:23 +02:00
Anonymous941
63fbc37426 Fix graphical glitches in volume adjustment menu 
Due to the waitInputWithTimeout call taking up to 1 second, the framebuffer must be flushed. Also added padding where it was needed
 2024-04-30 23:30:48 +02:00
PabloMK7
85e0257289 loader: Add custom LOADER_GetLastApplicationProgramInfo command 2024-04-26 22:39:51 +02:00
TuxSH
35a7ca25b1 Reword README.md 2024-03-18 00:59:15 +01:00
PabloMK7
36df6d6a98 Bump version number 2024-02-07 01:07:37 +01:00
PabloMK7
bef642c04f Add volume slider override 2024-02-06 23:53:28 +01:00
Jade Herd
8cc294b3cb config: Boot chainloader menu option 2024-02-05 23:10:24 +01:00
CyberYoshi64
a3c5746e06
Add more mountpoint names for LayeredFS updates (#1994) 
* Add more mountpoint names for LayeredFS updates

* Move `pat1` to the bottom of the list

* Isolate Mario Kart 7 mountpoint

* Apply suggestions from code review

Co-authored-by: PabloMK7 <hackyglitch2@gmail.com>

---------

Co-authored-by: PabloMK7 <hackyglitch2@gmail.com>
 2024-02-02 14:42:57 +01:00
PabloMK7
e2778a45cf Fix macro change in libctru 2023-10-31 18:38:40 +01:00
TuxSH
3b64e25402 rosalina: display SSID in force-wifi-connection menu 2023-09-16 21:30:23 +02:00
TuxSH
6a2e1d4aa3 Patch legacy k11 to allow exception dispatching 2023-09-16 19:45:06 +02:00
TuxSH
c0e0f02443 Fix a LGY K11 bug where user TLS was not accessible to user mode 2023-09-14 00:28:37 +02:00
TuxSH
a9fcca52d0 Fix issue where luma screeninit would result in two white screens or wrong colors 2023-09-14 00:18:26 +02:00
TuxSH
035c50c625 Fix support for all older versions 
- Move emuNAND hook to ITCM, fixing previously untested emuNAND support
  for 5.0 (and possibly more versions). This was a very long-standing
  bug
- Fix booting on versions 4.x to 8.x, and restore full support for 5.x
  to 8.x. All Arm11 custom sysmodules and k11ext have been disabled on
  4.x because the Luma3DS v13.0 changes couldn't be ported (this means
  no Rosalina and no region-free and such, and while I could restore
  some of the functionality, you should just update *after* installing
  Luma, like you've been instructed to)
 2023-08-12 18:00:08 +02:00
TuxSH
5989d9d61d hbldr: fix DSPmem cacheability attrib regression 2023-08-10 16:41:40 +02:00
TuxSH
37572f3a48 Fix svcbreak detection 2023-08-10 00:40:39 +02:00
TuxSH
41eccacd51 hbldr: fix DSPmem mapping and give access to all Arm11 IO regs 2023-08-09 23:52:16 +02:00
PabloMK7
0f09900a2a Fix luma config softlock (#1931) 2023-07-25 20:42:18 +02:00
PabloMK7
dd22a0cd93 Fix plugin home menu event notification. 2023-07-24 15:53:08 +02:00
lifehackerhansol
3ecce3fc3e Don't copy to CTRNAND if building for exploit mode 
While the copy to NAND process is generally a good idea for end users,
this can quickly get annoying for actual developers looking to test
low level stuff or contribute to Luma3DS if a testing FIRM gets sent to
the NAND.
 2023-07-24 15:52:37 +02:00
TuxSH
f40a1cc47b Fix external module loading for firm modules such as TwlBg 
Closes #1919 and #1921
 2023-07-21 11:30:55 +02:00
TuxSH
11be450894 Use different error for /luma folder creation failure 2023-07-20 19:11:24 +02:00
TuxSH
a03988b05d Fix rare race condition issue causing white screens 2023-07-18 00:47:57 +02:00
PabloMK7
497e1904d5 Add an option to save an exit in the config menu. 2023-07-17 18:35:57 +02:00
TuxSH
41edcde5c0 Add enable_dsi_external_filter and allow_updown_leftright_dsi 2023-07-17 01:11:43 +02:00
TuxSH
cf3cf12414 Add mechanism to patch TwlBg on the fly 2023-07-15 20:05:48 +02:00
PabloMK7
c055fb6f5e
Merge 3GX plugin loader fork (#1916) 
This commit adds all the changes made to the 3GX plugin loader fork of Luma3DS. The most important features are:

- Add 3GX plugin loader support. New service added to rosalina: plg:ldr
- Add svcControlProcess, svcControlMemoryUnsafe and improve svcMapProcessMemoryEx (breaking change)
- Allow applications to override certain configurations depending on their needs:
    - Disable core2 thread redirection
    - Disable game patching for the next app
    - Force New 3DS speedup
    - Force next application in a specific memory mode
    - Block the opening of the Rosalina menu
- Add GDB commands to list all process handles and catch all SVC (latter is for IDA Pro as gdb client supports it)
- Other changes necessary for plugins to work properly. Please check changed files in this PR for more details. 

---------

Co-authored-by: PabloMK7 <hackyglitch@gmail.com>
Co-authored-by: Nanquitas <nath.doidi@gmail.com>
Co-authored-by: TuxSH <1922548+TuxSH@users.noreply.github.com>
 2023-07-14 20:08:07 +02:00
TuxSH
b20c79eda4 Revert some recent change wrt. remounting due to driver issues 2023-07-14 19:23:49 +02:00
TuxSH
97418ca9a1 Properly support arbitrarily-sized and uncompressed TwlBg/AgbBg 
As we forgot to patch LGY k11, we were limited by the current size of the KIP.
That is not the case anymore and LGY k11 does support uncompressed KIPs.
 2023-07-11 00:33:32 +02:00
TuxSH
9fa1d42aa8 Loader: make it simpler to load ext. modules by clearing N3DS bit 
And also move the location of IPS/BPS patches for (non-KIP) sysmodules
to /luma/sysmodules/<titleId>.<ips/bps> and only require "Load ext
firm/modules" option for it.
 2023-07-09 22:00:51 +02:00
TuxSH
5b417189db Remove "Use EmuNAND FIRM with R" option 
This is a leftover from the Gateway era that has long lost its utility
and that unnecessarily complicated the code base.

Please just load an external FIRM from SD card if you need something
similar.

Also refactor the multi-EmuNAND code and CTRNAND mounting code.
 2023-07-09 00:28:17 +02:00
PabloMK7
06c3215546 Add svcGetSystemInfo option to get booted firm path 2023-07-07 14:13:24 +02:00
TuxSH
82d689b485 Fix build issues 
Closes #1894
 2023-06-16 21:28:08 +02:00
TuxSH
631dddeff8 Fix config text wrapping for hb autoboot 2023-03-28 22:24:07 +02:00
TuxSH
64eda63132 Update singleOptionsText 2023-03-28 19:53:11 +02:00
TuxSH
3e6399490c Hide "force audio output" option 2023-03-28 00:40:30 +02:00
TuxSH
4025f252c7 boot menu: clarify autoboot hb is meant to launch hbmenu 2023-03-27 23:44:18 +02:00
TuxSH
985380c0d8 loader: break when failing to load process (e.g. missing boot.3dsx) 2023-03-27 21:49:00 +02:00
TuxSH
dc7edbd44f Fix handling negative screen filters values 2023-03-27 21:35:51 +02:00
TuxSH
ef1072f996 Add option to force audio routing to speakers, closes #1837 
Also refactor ini file a little bit
 2023-02-10 01:02:01 +00:00
TuxSH
89f77db986 rosalina: clarify name of default screen filter 2023-02-09 00:20:38 +00:00
TuxSH
2e08b7b44f libctru svcCreateCodeSet changes 2023-02-08 18:25:03 +00:00
TuxSH
1d7cca25d1 Fix long-standing bug affecting hbldr TID change option 
This was a long-standing bug since Luma3DS v8.0.

If you changed the homebrew title and didn't immediately reboot, then
the ExHeader during termination would not match the ExHeader that was
was used for loading the process, and thus sysmodule process refcounts
would get all messed up.

The obvious solution to this is to ensure no application is running
while changing the hbldr titleID (hence the changes in custom PM).

This was quite possibly one of the cause of homebrew failing to load
when using N3DS H&S.
 2023-02-08 16:14:59 +00:00
TuxSH
1888e17b22 Add ability to force routing audio to headphones... 
... even when HPs aren't inserted.

This is aimed at people using Bluetooth audio hw mods.

There are some software limitations, please read the INI/option
description.

Closes #1828.
 2023-02-08 00:52:57 +00:00
TuxSH
dfeda19451 Fix #1821 2023-02-06 01:27:25 +00:00
TuxSH
5a5332a212 Do not always reboot to HM when autobooting HB 
Also fix CRC calculation
 2023-02-05 22:08:15 +00:00
TuxSH
9957d6db1a rosalina: move "save settings" to top-level menu 2023-02-05 16:34:37 +00:00
TuxSH
e7a4003f06 rosalina: fix shell open notif. handling at boot 
Was causing boot failure with recent commits.
 2023-02-05 01:13:02 +00:00
TuxSH
faa4a0d4f9 rosalina: always try to display battery percentage 
Even when apps like 3dsident and mGBA open but never relinquish their
mcu::HWC handle.
 2023-01-31 17:14:18 +00:00
TuxSH
777b43b285 rosalina: allow setting top and bot screen filters separately 2023-01-31 00:32:16 +00:00
TuxSH
35e6c5ace9 hbldr: fix dependency list (and launch mp)... 
Also fix handling of HBLDR_DEFAULT_3DSX_TITLE_NAME, and always display
process creation time in process list on non-release builds.
 2023-01-29 19:25:32 +00:00
TuxSH
088cf6b673 hbldr: add act/cecd/friends to deplist 
And make WiFi usable earlier when autobooting homebrew
 2023-01-25 22:07:21 +00:00
TuxSH
7b97af473a Add ability to redirect app core1 threads to core2 
N3DS-only option. See config.ini for details and context. This should
make very demanding games (those which already use 3x clockrate and L2C
by default, like Pokémon US/UM) between 5 to 15% faster. Not widely
tested, and can potentially break some games and other apps.
 2023-01-24 22:05:57 +00:00
TuxSH
ceea6afa05 loader: add external CXI loading. 
When "load external firms and modules" is enabled, Loader will load the
sysmodule from /luma/sysmodule/<titleid>.cxi (all uppercase, and with
the N3DS title ID bit if relevant) and skip patching. Note that this is
a title ID here, not a process name (unlike what we do for KIPs).

While this is aimed at enabling people to easily load replacements for
official sysmodules, you can load your own custom sysmodules that don't
correspond to anything installed. You can use gdb to do so:

  set remote exec-file <tid>
  run
 2023-01-23 19:53:01 +00:00
TuxSH
eb6d8523d1 loader: enable layeredfs+locale emu for all applets 
Not tested (except for HM which is known to work).

And restrict code.bin and exheader.bin to when *both* "external firm
and modules" and "game patching" are enabled.
 2023-01-22 18:45:47 +00:00
TuxSH
ee9f283d4d rosalina: fix rare screen filter race condition 2023-01-21 20:32:57 +00:00
TuxSH
8dd40158ca Add config persistence for new screen filters stuff 2023-01-21 18:28:53 +00:00
TuxSH
e2e38d9b9f rosalina: refactor screen filter stuff again & add invert 2023-01-20 18:41:16 +00:00
TuxSH
7397c85434 rosalina: add color gamma control, and more 
This commits adds an "Advanced configuration" option to screen filters,
where CCT, color gamma, contrast and "brightness" can be fine-tuned,
instead of just using a preset.

Persistence in config.ini TBD in a later commit.
 2023-01-20 02:10:14 +00:00
TuxSH
6592b516a4 rosalina: refactor screen filter code 
https://i.kym-cdn.com/photos/images/original/001/264/842/220.png
 2023-01-17 23:48:07 +00:00
TuxSH
571592ca7c pm: fix handling of "force next app debug" when autobooting homebrew 2023-01-17 00:06:02 +00:00
TuxSH
19f7ef372b errdisp: properly handle game medium being removed 
- transform some error codes into "NAND damaged" or "Gamecard removed"
like official errdisp does
- fix bug in SetUserString
- add more info to logfile (/luma/errdisp.txt)
 2023-01-11 23:24:59 +00:00
TuxSH
635235c86c pm: fix racecond regression introduced by 7074ac1 
It prevented games such as Mario & Luigi: Bowser's Inside Story from booting.

g_manager.runningApplicationData needs to be accessed through the lock.
 2023-01-09 14:22:37 +00:00
TuxSH
a812990f0d pm: mitigate libctru race condition+kernel bug 
(when doing dirty hb chainload)
 2023-01-08 19:39:38 +00:00
TuxSH
d09bfaf348 hbldr: grant full RW access to DSP RAM 
This makes testing custom DSP firmware binaries much easier.
 2023-01-07 22:36:01 +00:00
TuxSH
5cdbfab54b Add build options to Makefile 
For stuff like testing PASLR, *hax2x, khc3ds, etc.

Also fix a corner-case bug when changing the 3dsx app from itself to
itself, if its TID corresponds to the default.
 2023-01-07 15:38:36 +00:00
TuxSH
da0b1a1389 Revert force-setting SysNAND when launching TWL Mode 
This being said, neither legacy FIRM nor DSiWare actually support
EmuNAND; installing the same TWL title on both SysNAND and EmuNAND and
then launch it from EmuNAND will work though.

It is only when exiting AGB firm that we want to boot SysNAND no matter
what, because the save file has been written on a partition in SysNAND.

This is mainly to ensure we reboot to the proper NAND in case we reboot.
 2023-01-03 21:31:37 +01:00
TuxSH
fe4bb0857b Implement autobooting into homebrew (3DS and DSi modes) 
Add config option to autoboot into 3DS and DSi homebrew menu, without
going through Home Menu (nor launching it).

For 3DS homebrew, this requires homebrew built with libctru v2.0.0 or
later (v2.0.0 was released 2.5y ago).

We simulate a "reboot into title" to achieve this. This being said, when
launching stuff like Pokemon US/UM on O3DS, Home Menu reboots into
itself and not the game directly. This will cause Home Menu to crash if
you use this feature and configure it to use a non-default memory layout
(but if you don't, Home Menu will work just fine).
 2023-01-03 15:30:07 +01:00
TuxSH
0a6b6865ca loader: always reload ExHeader for hb, after all 
Caching exheader for applications launched through Home Menu has very
little benefit, as UnregisterProgram is called a lot, and, for 3DSX,
boot.3dsx/target 3DSX can be changed at any time.
 2022-12-29 18:47:43 +01:00
TuxSH
ffbd8554d5 loader: implement PASLR (disabled by default) 
Faithfully implement the PASLR algorithm official Loader
uses (it's not very good). Physical address space layout
randomization means that the layout of the pages in physical
memory are randomized, but doens't randomize the virtual addresses.

Also refactor some parts of our Loader impl a little more.
 2022-12-29 00:23:45 +01:00
TuxSH
7074ac1166 Move hb:ldr from Rosalina to Loader 
Let's not pretend in 2022 that it needed things from rosalina sysmodule
- it did not.

This moves 3DSX loading from Rosalina to Loader, and also removes all
the dependencies Loader had to other Luma3DS components (if kernel ext.
is missing, a default config will be used). This means that, as long as
you replace Loader to the one in here, you will be able to properly load
3DSX files.

Changes:
- hb:ldr is now hosted in loader
- hb:ldr LoadProcess, PatchExHeaderInfo, DebugNextApplicationByForce:
  all removed
- fix a bug where some malformed 3DSX files were not rejected
- grant access to CONFIG11 registers to 3DSX homebrew
- move dirty homebrew chainload (when HM. isn't loaded nor loadable) to
  pm
- pm:dbg (ext.) PrepareToChainloadHomebrew: removed
 2022-12-25 23:27:48 +01:00
TuxSH
6fa80c959d Update FatFS from R0.13c to R0.15 2022-12-23 19:25:23 +01:00
TuxSH
a7b840e531 Fix upgrade process possibly copying non-Luma firms 
Upgrade process always copied sdmc:/boot.firm to nand:/boot.firm even if
Luma3DS was chainloaded from another path.

Fix this by copying from argv[0], if Luma3DS was launched from the SD
card.

Also use "sdmc:" and "nand:" instead of "0:" and "1:" when using FatFS.

Closes #1776.
 2022-12-23 14:48:35 +01:00
TuxSH
fcd08d6614 Patch kernel11 to remove checks on core2/3 thread creation 
This stubs checks in SvcCreateThread and SvcSetProcessIdealProcessor
that applied when creating threads on core2 and core3. This allows
non-sysmodules to create threads on core3.

Please note, core2 access was already being automatically granted to
3dsx apps for a long time (this is controlled through a kernel flag),
and other apps that needed it had that flag too.
This commit thus changes nothing for all these applications.

Do not create threads on core3 unless you know exactly what you're doing.
On N3DS, gsp (GPU sysmodule) depends on qtm (head-tracking sysmodule) which
runs many threads at very high priority on core3. Running code that needs the
GPU (including printf) on core3 can thus result in thread starvation /
deadlock.

If you just need an extra application core, just use core2 as it is intended
for that exact purpose and is by default completely idle.

Closes #1668
 2022-12-17 23:47:19 +01:00
PabloMK7
71cf677b00 config: Ignore rest of pressed buttons (fixes #1769) 2022-09-25 23:01:21 +01:00
Bent
0c3f51815e Rosalina: Fix crash for external PMDBG_DebugNextApplicationByForce 2022-09-25 22:59:02 +01:00
TuxSH
80aee6fdc1 Fix mcu firmware version check (byte order was inverted) 2022-06-10 22:55:18 +01:00
196 changed files with 13384 additions and 6956 deletions
Show Stats Expand all files Collapse all files

24
.github/ISSUE_TEMPLATE/bug-report.md vendored
View File

@ -25,7 +25,7 @@ about: Use this to report bugs you encounter with Luma3DS. Make sure you upload
**SysNAND version (+emu/redNAND version if applicable):**
[e.g. 11.13.0-45U SysNAND, 11.13.0-45E EmuNAND]
[e.g. 11.17.0-50U SysNAND, 11.17.0-50E EmuNAND]
<!--You can check which version you're on in System Settings. It will be on the bottom right of the top screen.-->
**Entrypoint (How/what you're using to boot Luma3DS):**
@ -34,7 +34,7 @@ about: Use this to report bugs you encounter with Luma3DS. Make sure you upload
**Luma3DS version:**
[e.g. v10.2 stable or if using non-releases specify the commit like this https://github.com/LumaTeam/Luma3DS/commit/0543c208fd154e6326ea5da8cbf66ffcbdef010c]
[e.g. v13.2.1 stable or if using non-releases specify the commit like this https://github.com/LumaTeam/Luma3DS/commit/988ec17ebfce513fc4589f7b12e0d6e3894ae542]
**Luma3DS configuration/options:**
@ -52,31 +52,26 @@ PIN lock: ( )
New 3DS CPU: ( )
<!--This option is only available on New 3DS (XL)/New 2DS XL.-->
Hbmenu autoboot: ( )
--
Autoboot EmuNAND: ( )
<!--This option is only available if there's at least one EmuNAND.-->
Use EmuNAND FIRM if booting with R: ( )
<!--This option is only available if there's at least one EmuNAND.-->
Enable loading external FIRMs and modules: ( )
<!--Firmware (.bin) files are not required by Luma, or NTR CFW anymore.
-- If you're having issues with this option enabled try deleting them from the luma folder on the root of the SD card or /rw/luma on CTRNAND and disabling this option.-->
Enable game patching: ( )
Redirect app. syscore threads to core2: ( )
<!--This option is only available on New 3DS (XL)/New 2DS XL.-->
Show NAND or user string in System Settings: ( )
Show GBA boot screen in patched AGB_FIRM: ( )
Set developer UNITINFO: ( )
Disable Arm11 exception handlers: ( )
Enable Rosalina on SAFE_FIRM: ( )
<!--This option is only available on New 3DS (XL)/New 2DS XL.-->
--
@ -94,7 +89,8 @@ Enable Rosalina on SAFE_FIRM: ( )
2.
**Dump file:**
<!--If the issue leads to a crash you must uncheck the "Disable Arm11 exception handlers" option.
**Dump file (if applicable):**
<!--If the issue leads to a crash you must ensure the "Disable Arm11 exception handlers"
-- option is not disabled in config.ini.
-- The error message will tell you where the dump is.
-- Zip the dmp file and drag & drop it below.-->

1
.gitignore vendored
View File

@ -21,3 +21,4 @@ exceptions/arm11/build
.settings
Luma3DS*.zip
hbmenu.zip

0
LICENSE.txt → LICENSE
View File

22
Makefile
View File

@ -2,6 +2,19 @@ ifneq ($(strip $(shell firmtool -v 2>&1 | grep usage)),)
$(error "Please install firmtool v1.1 or greater")
endif
# Disable kext and firmlaunch patches, all custom sysmodules except Loader, enable PASLR.
# Dangerous. Don't enable this unless you know what you're doing!
export BUILD_FOR_EXPLOIT_DEV ?= 0
# Build with O0 & frame pointer information for use with GDB
export BUILD_FOR_GDB ?= 0
# Default 3DSX TitleID for hb:ldr
export HBLDR_DEFAULT_3DSX_TID ?= 000400000D921E00
# What to call the title corresponding to HBLDR_DEFAULT_3DSX_TID
export HBLDR_DEFAULT_3DSX_TITLE_NAME ?= "hblauncher_loader"
NAME := $(notdir $(CURDIR))
REVISION := $(shell git describe --tags --match v[0-9]* --abbrev=8 | sed 's/-[0-9]*-g/-/')
@ -18,16 +31,17 @@ clean:
@rm -rf *.firm *.zip *.3dsx
# boot.3dsx comes from https://github.com/fincs/new-hbmenu/releases
$(NAME)$(REVISION).zip: boot.firm boot.3dsx
@zip -r $@ $^ -x "*.DS_Store*" "*__MACOSX*"
$(NAME)$(REVISION).zip: hbmenu.zip boot.firm
@cp $< $@
@zip $@ boot.firm -x "*.DS_Store*" "*__MACOSX*"
boot.firm: $(SUBFOLDERS)
@firmtool build $@ -D sysmodules/sysmodules.bin arm11/arm11.elf arm9/arm9.elf k11_extension/k11_extension.elf \
-A 0x18180000 -C XDMA XDMA NDMA XDMA
@echo built... $(notdir $@)
boot.3dsx:
@curl -sSfLO "https://github.com/fincs/new-hbmenu/releases/latest/download/$@"
hbmenu.zip:
@curl -sSfL $(shell curl -s https://api.github.com/repos/devkitPro/3ds-hbmenu/releases/latest | grep 'browser_' | cut -d\" -f4) -o $@
@echo downloaded... $(notdir $@)
$(SUBFOLDERS):

126
README.md
View File

@ -1,36 +1,112 @@
# Luma3DS
*Noob-proof (N)3DS "Custom Firmware"*
### What it is
**Luma3DS** is a program to patch the system software of (New) Nintendo (2)3DS handheld consoles "on the fly", adding features such as per-game language settings, debugging capabilities for developers, and removing restrictions enforced by Nintendo such as the region lock.
![GitHub Downloads (all assets, all releases)](https://img.shields.io/github/downloads/LumaTeam/Luma3DS/total)
![License](https://img.shields.io/badge/License-GPLv3-blue.svg)
It also allows you to run unauthorized ("homebrew") content by removing signature checks.
To use it, you will need a console capable of running homebrew software on the Arm9 processor.
*Nintendo 3DS "Custom Firmware"*
Since v8.0, Luma3DS has its own in-game menu, triggerable by <kbd>L+Down+Select</kbd> (see the [release notes](https://github.com/LumaTeam/Luma3DS/releases/tag/v8.0)).
![Boot menu screenshot](img/boot_menu_v1321.png)
![Rosalina menu screenshot](img/rosalina_menu_v1321.png)
#
### Compiling
* Prerequisites
1. git
2. [makerom](https://github.com/jakcron/Project_CTR) in PATH
3. [firmtool](https://github.com/TuxSH/firmtool)
4. Up-to-date devkitARM+libctru
1. Clone the repository with `git clone https://github.com/LumaTeam/Luma3DS.git`
2. Run `make`.
## Description
**Luma3DS** patches and reimplements significant parts of the system software running on all models of the Nintendo 3DS family of consoles. It aims to greatly improve the user experience and support the 3DS far beyond its end-of-life. Features include:
The produced `boot.firm` is meant to be copied to the root of your SD card for usage with Boot9Strap.
* **First-class support for homebrew applications**
* **Rosalina**, an overlay menu (triggered by <kbd>L+Down+Select</kbd> by default), allowing things like:
* Taking screenshots while in game
* Blue light filters and other screen filters
* Input redirection to play with external devices, such as controllers
* Using cheat codes
* Setting time and date accurately from the network (NTP)
* ... and much more!
* **Many game modding features**, such as, but not limited to:
* Game plugins (in 3GX format)
* Per-game language overrides ("locale emulation")
* Asset content path redirection ("LayeredFS")
* **Support for user-provided patches and/or full "system modules" replacements**, an essential feature for Nintendo Network replacements (amongst other projects)
* A **fully-fledged GDB stub**, allowing homebrew developers and reverse-engineers alike to work much more efficiently
* Ability to chainload other firmware files, including other versions of itself
* ... and much more!
#
### Setup / Usage / Features
See https://github.com/LumaTeam/Luma3DS/wiki
## Installation and upgrade
Luma3DS requires [boot9strap](https://github.com/SciresM/boot9strap) to run.
#
### Credits
See https://github.com/LumaTeam/Luma3DS/wiki/Credits
Once boot9strap has been installed, simply download the [latest release archive](https://github.com/LumaTeam/Luma3DS/releases/latest) and extract the archive onto the root of your SD card to "install" or to upgrade Luma3DS alongside the [homebrew menu and certs bundle](https://github.com/devkitPro/3ds-hbmenu) shipped with it. Replace existing files and merge existing folders if necessary.
#
### Licensing
## Basic usage
**The main Luma3DS configuration menu** can be accessed by pressing <kbd>Select</kbd> at boot. The configuration file is stored in `/luma/config.ini` on the SD card (or `/rw/luma/config.ini` on the CTRNAND partition if Luma3DS has been launched from the CTRNAND partition, which happens when SD card is missing).
**The chainloader menu** is accessed by pressing <kbd>Start</kbd> at boot, or from the configuration menu. Payloads are expected to be located in `/luma/payloads` with the `.firm` extension; if there is only one such payload, the aforementionned selection menu will be skipped. Hotkeys can be assigned to payload, for example `x_test.firm` will be chainloaded when <kbd>X</kbd> is pressed at boot.
**The overlay menu, Rosalina**, has a default button combination: <kbd>L+Down+Select</kbd>. For greater flexbility, most Rosalina menu settings aren't saved automatically, hence the "Save settings" option.
**GDB ports**, when enabled, are `4000-4002` for the normal ports. Use of `attach` in "extended-remote" mode, alongside `info os processes` is supported and encouraged (for reverse-engineering, also check out `monitor getmemregions`). The port for the break-on-start feature is `4003` without "extended-remote". Both devkitARM-patched GDB and IDA Pro (without "stepping support" enabled) are actively supported.
We have a wiki, however it is currently very outdated.
## Components
Luma3DS consists of multiple components. While the code style within each component is mostly consistent, these components have been written over many years and may not reflect how maintainers would write new code in new components/projects:
* **arm9**, **arm11**: baremetal main settings menu, chainloader and firmware loader. Aside from showing settings and chainloading to other homebrew firmware files on demand, it is responsible for patching the official firmware to modify `Process9` code and to inject all other custom components. This was the first component ever written for this project, in 2015
* **k11_extension**: code extending the Arm11 `NATIVE_FIRM` kernel (`Kernel11`). It is injected by the above mentioned baremetal loader into the kernel by hooking its startup code, then hooks itself into the rest of the kernel. Its features include hooking system calls (SVCs), introducing new SVCs and hooking into interprocess communications, to bypass limitations in Nintendo's system design. This is the component that allows Rosalina to pause other processes on overlay menu entry, for example. This was written at a time when we didn't fully reverse-engineer the kernel, and originally released in 2017 alongside Rosalina. Further hooks for "game plugin" support have been merged in 2023
* **sysmodules**: reimplementation of "system modules" (processes) of the 3DS's OS (except for Rosalina being custom), currently only initial processes loaded directly in-memory by the kernel ("kernel initial process", or KIP in short)
* **loader**: process that loads non-KIP processes from storage. Because this is the perfect place to patch/replace executable code, this is where all process patches are done, enabling in particular "game modding" features. This is also the sysmodule handling 3DSX homebrew loading. Introduced in 2016
* _**rosalina**_: the most important component of Luma3DS and custom KIP: overlay menu, GDB server, `err:f` (fatal error screen) reimplementation, and much more. Introduced in mid-2017, and has continuously undergone changes and received many external contributions ever since
* **pxi**: Arm11<>Arm9 communication KIP, reimplemented just for the sake of it. Introduced late 2017
* **sm**: service manager KIP, reimplemented to remove service access control restrictions. Introduced late 2017
* **pm**: process manager KIP reponsible of starting/terminating processes and instructing `loader` to load them. The reimplemention allows for break-on-start GDB feature in Rosalina, as well as lifting FS access control restrictions the proper way. Introduced in 2019
## Maintainers
* **[@TuxSH](https://github.com/TuxSH)**: lead developer, created and maintains most features of the project. Joined in 2016
* **[@AuroraWright](https://github.com/AuroraWright)**: author of the project, implemented the core features (most of the baremetal boot settings menu and firmware loading code) with successful design decisions that made the project popular. Created the project in 2015, currently inactive
* **[@PabloMK7](https://github.com/PabloMK7)**: maintainer of the plugin loader feature merged for the v13.0 release. Joined in 2023
## Roadmap
There are still a lot more features and consolidation planned for Luma3DS! Here is a list of what is currently in store:
* Full reimplementation of `TwlBg` and `AgbBg`. This will allow much better, and more configurable, upscaling for top screen in DS and GBA games (except on Old 2DS). This is currently being developed privately in C++23 (no ETA). While this is quite a difficult endeavor as this requires rewriting the entire driver stack in semi-bare-metal (limited kernel with no IPC), this is the most critical feature for Luma3DS to have and will make driver sysmodule reimpelementation trivial
* Reimplementation of `Process9` for `TWL_FIRM` and `AGB_FIRM` to allow for more features in DS and GBA compatibility mode (ones that require file access)
* Eventually, a full `Kernel11` reimplementation
## Known issues
* **Cheat engine crashes with some applications, in particular Pokémon games**: there is a race condition in Nintendo's `Kernel11` pertaining to attaching a new `KDebugThread` to a `KThread` on thread creation, and another thread null-dereferencing `thread->debugThread`. This causes the cheat engine to crashes games that create and destroy many threads all the time (like Pokémon).
* For these games, having a **dedicated "game plugin"** is the only alternative until `Kernel11` is reimplemented.
* **Applications reacting to Rosalina menu button combo**: Rosalina merely polls button input at an interval to know when to show the menu. This means that the Rosalina menu combo can sometimes be processed by the game/process that is going to be paused.
* You can **change the menu combo** in the "Miscellaneous options" submenu (then save it with "Save settings" in the main menu) to work around this.
## Building from source
To build Luma3DS, the following is needed:
* git
* [makerom](https://github.com/jakcron/Project_CTR) in `$PATH`
* [firmtool](https://github.com/TuxSH/firmtool) installed
* up-to-date devkitARM and libctru:
* install `dkp-pacman` (or, for distributions that already provide pacman, add repositories): https://devkitpro.org/wiki/devkitPro_pacman
* install packages from `3ds-dev` metapackage: `sudo dkp-pacman -S 3ds-dev --needed`
* while libctru and Luma3DS releases are kept in sync, you may have to build libctru from source for non-release Luma3DS commits
While Luma3DS releases are bundled with `3ds-hbmenu`, Luma3DS actually compiles into one single file: `boot.firm`. Just copy it over to the root of your SD card ([ftpd](https://github.com/mtheall/ftpd) is the easiest way to do so), and you're done.
## Licensing
This software is licensed under the terms of the GPLv3. You can find a copy of the license in the LICENSE.txt file.
Files in the GDB stub are instead triple-licensed as MIT or "GPLv2 or any later version", in which case it's specified in the file header.
Files in the GDB stub are instead triple-licensed as MIT or "GPLv2 or any later version", in which case it's specified in the file header. PM, SM, PXI reimplementations are also licensed under MIT.
## Credits
Luma3DS would not be what it is without the contributions and constructive feedback of many. We would like to thanks in particular:
* **[@devkitPro](https://github.com/devkitPro)** (especially **[@fincs](https://github.com/fincs)**, **[@WinterMute](https://github.com/WinterMute)** and **[@mtheall](https://github.com/mtheall)**) for providing quality and easy-to-use toolchains with bleeding-edge GCC, and for their continued technical advice
* **[@Nanquitas](https://github.com/Nanquitas)** for the initial version of the game plugin loader code as well as very useful contributions to the GDB stub
* **[@piepie62](https://github.com/piepie62)** for the current implementation of the Rosalina cheat engine, **Duckbill** for its original implementation
* **[@panicbit](https://github.com/panicbit)** for the original implementation of screen filters in Rosalina
* **[@jasondellaluce](https://github.com/jasondellaluce)** for LayeredFS
* **[@LiquidFenrir](https://github.com/LiquidFenrir)** for the memory viewer inside Rosalina's "Process List"
* **ChaN** for [FatFs](http://elm-chan.org/fsw/ff/00index_e.html)
* Everyone who has contributed to the Luma3DS repository
* Everyone who has assisted with troubleshooting end-users
* Everyone who has provided constructive feedback to Luma3DS

2
arm11/Makefile
View File

@ -26,7 +26,7 @@ INCLUDES := include include/svc
# options for code generation
#---------------------------------------------------------------------------------
ARCH := -march=armv6k -mtune=mpcore -mfloat-abi=hard -mtp=soft
DEFINES := -DARM11 -D_3DS
DEFINES := -DARM11 -D__3DS__
CFLAGS := -g -std=gnu11 -Wall -Wextra -Werror -O2 -mword-relocations \
-fomit-frame-pointer -ffunction-sections -fdata-sections \

2
arm11/linker.specs
View File

@ -1,7 +1,7 @@
%rename link old_link
*link:
%(old_link) -T %:getenv(TOPDIR /linker.ld) --nmagic --gc-sections
%(old_link) -T %:getenv(TOPDIR /linker.ld) --nmagic --gc-sections --no-warn-rwx-segments
*startfile:
crti%O%s crtbegin%O%s

31
arm11/source/main.c
View File

@ -84,7 +84,8 @@ static void initScreens(u32 brightnessLevel, struct fb *fbs)
*(vu32 *)0x10400490 = 0x000002D0;
*(vu32 *)0x1040049C = 0x00000000;
//Disco register
// Color LUT
*(vu32 *)0x10400480 = 0;
for(u32 i = 0; i < 256; i++)
*(vu32 *)0x10400484 = 0x10101 * i;
@ -119,7 +120,8 @@ static void initScreens(u32 brightnessLevel, struct fb *fbs)
*(vu32 *)0x10400590 = 0x000002D0;
*(vu32 *)0x1040059C = 0x00000000;
//Disco register
// Color LUT
*(vu32 *)0x10400580 = 0;
for(u32 i = 0; i < 256; i++)
*(vu32 *)0x10400584 = 0x10101 * i;
@ -193,6 +195,28 @@ static void deinitScreens(void)
*(vu32 *)0x10202014 = 0;
}
static void zerofillN3dsAblRegisters(void)
{
// It should be fine to write to these regs even on O3DS as they
// are RAZ/WI
// TODO: read from calibration, but null values should do just
// fine. From testing, LUT explicitly ignores null values, and
// it is probably the case of reg @ 0x54 as well.
*(vu32 *)0x10202250 = 0; // unknown 24-bit value, seen: 0
*(vu32 *)0x10202254 = 0; // unknown 24-bit value, seen: nonzero
*(vu32 *)0x10202A50 = 0; // unknown 24-bit value, seen: 0
*(vu32 *)0x10202A54 = 0; // unknown 24-bit value, seen: nonzero
for (u32 i = 0; i < 64; i++) {
// Blend colors (w/ color multiplication) for each group
// of 4 relative-luminance Rs
*(vu32 *)(0x10202300 + 4*i) = 0;
*(vu32 *)(0x10202B00 + 4*i) = 0;
}
}
void main(void)
{
operation = ARM11_READY;
@ -221,6 +245,9 @@ void main(void)
case DEINIT_SCREENS:
deinitScreens();
break;
case ZEROFILL_N3DS_ABL_REGISTERS:
zerofillN3dsAblRegisters();
break;
case PREPARE_ARM11_FOR_FIRMLAUNCH:
memcpy((void *)0x1FFFFC00, (void *)prepareForFirmlaunch, prepareForFirmlaunchSize);
*(vu32 *)0x1FFFFFFC = 0;

1
arm11/source/types.h
View File

@ -60,6 +60,7 @@ typedef enum
SWAP_FRAMEBUFFERS,
UPDATE_BRIGHTNESS,
DEINIT_SCREENS,
ZEROFILL_N3DS_ABL_REGISTERS,
PREPARE_ARM11_FOR_FIRMLAUNCH,
ARM11_READY,
} Arm11Operation;

10
arm9/Makefile
View File

@ -35,6 +35,9 @@ ifeq ($(strip $(shell git describe --tags --match v[0-9]* | grep -)),)
export IS_RELEASE := 1
endif
# Default 3DSX TitleID for hb:ldr (note: also defined in top-level Makefile)
export HBLDR_DEFAULT_3DSX_TID ?= 000400000D921E00
#---------------------------------------------------------------------------------
# TARGET is the name of the output
# BUILD is the directory where object files & intermediate files will be placed
@ -53,7 +56,12 @@ INCLUDES := include
# options for code generation
#---------------------------------------------------------------------------------
ARCH := -marm -march=armv5te -mtune=arm946e-s
DEFINES := -DARM9 -D_3DS
ifeq ($(BUILD_FOR_EXPLOIT_DEV),1)
DEFINES := -DARM9 -D__3DS__ -DHBLDR_DEFAULT_3DSX_TID="0x$(HBLDR_DEFAULT_3DSX_TID)ULL" -DBUILD_FOR_EXPLOIT_DEV=1
else
DEFINES := -DARM9 -D__3DS__ -DHBLDR_DEFAULT_3DSX_TID="0x$(HBLDR_DEFAULT_3DSX_TID)ULL"
endif
FALSEPOSITIVES := -Wno-array-bounds -Wno-stringop-overflow -Wno-stringop-overread
CFLAGS := -g -std=gnu11 -Wall -Wextra -Werror -O2 -mword-relocations \

BIN
arm9/data/config_template.ini
View File

Binary file not shown.

1
arm9/linker.ld
View File

@ -46,6 +46,7 @@ SECTIONS
chainloader.o(.text*)
i2c.o(.text*)
arm9_exception_handlers.o(.text*)
KEEP (*(.emunand_patch))
*(.arm9_exception_handlers.rodata*)
chainloader.o(.rodata*)

2
arm9/linker.specs
View File

@ -1,7 +1,7 @@
%rename link old_link
*link:
%(old_link) -T %:getenv(TOPDIR /linker.ld) --nmagic --gc-sections
%(old_link) -T %:getenv(TOPDIR /linker.ld) --nmagic --gc-sections --no-warn-rwx-segments
*startfile:
crti%O%s crtbegin%O%s

14
arm9/source/3dsheaders.h
View File

@ -102,6 +102,20 @@ typedef struct
u8 romFsHash[0x20]; //RomFS superblock SHA-256 hash
} Ncch;
typedef struct ExeFsFileHeader
{
char name[8];
u32 offset;
u32 size;
} ExeFsFileHeader;
typedef struct ExeFsHeader
{
ExeFsFileHeader fileHeaders[10];
u8 _reserved_0xa0[0xC0 - 0xA0];
u8 fileHashes[10][32];
} ExeFsHeader;
typedef struct
{
Ncch ncch;

433
arm9/source/config.c
View File

@ -24,6 +24,8 @@
* reasonable ways as different from the original version.
*/
#define _GNU_SOURCE // for strchrnul
#include <assert.h>
#include <strings.h>
#include "config.h"
@ -37,11 +39,15 @@
#include "pin.h"
#include "i2c.h"
#include "ini.h"
#include "firm.h"
#include "config_template_ini.h" // note that it has an extra NUL byte inserted
#define MAKE_LUMA_VERSION_MCU(major, minor, build) (u16)(((major) & 0xFF) << 8 | ((minor) & 0x1F) << 5 | ((build) & 7))
#define FLOAT_CONV_MULT 100000000ll
#define FLOAT_CONV_PRECISION 8u
CfgData configData;
ConfigurationStatus needConfig;
static CfgData oldConfig;
@ -54,15 +60,16 @@ static_assert(sizeof(CfgDataMcu) > 0, "wrong data size");
static const char *singleOptionIniNamesBoot[] = {
"autoboot_emunand",
"use_emunand_firm_if_r_pressed",
"enable_external_firm_and_modules",
"enable_game_patching",
"app_syscore_threads_on_core_2",
"show_system_settings_string",
"show_gba_boot_screen",
};
static const char *singleOptionIniNamesMisc[] = {
"use_dev_unitinfo",
"enable_dsi_external_filter",
"disable_arm11_exception_handlers",
"enable_safe_firm_rosalina",
};
@ -95,10 +102,9 @@ static int parseBoolOption(bool *out, const char *val)
}
}
static int parseDecIntOption(s64 *out, const char *val, s64 minval, s64 maxval)
static int parseDecIntOptionImpl(s64 *out, const char *val, size_t numDigits, s64 minval, s64 maxval)
{
*out = 0;
size_t numDigits = strlen(val);
s64 res = 0;
size_t i = 0;
@ -130,6 +136,87 @@ static int parseDecIntOption(s64 *out, const char *val, s64 minval, s64 maxval)
}
}
static int parseDecIntOption(s64 *out, const char *val, s64 minval, s64 maxval)
{
return parseDecIntOptionImpl(out, val, strlen(val), minval, maxval);
}
static int parseDecFloatOption(s64 *out, const char *val, s64 minval, s64 maxval)
{
s64 sign = 1;// intPart < 0 ? -1 : 1;
switch (val[0]) {
case '\0':
return -1;
case '+':
++val;
break;
case '-':
sign = -1;
++val;
break;
default:
break;
}
// Reject "-" and "+"
if (val[0] == '\0') {
return -1;
}
char *point = strchrnul(val, '.');
// Parse integer part, then fractional part
s64 intPart = 0;
s64 fracPart = 0;
int rc = 0;
if (point == val) {
// e.g. -.5
if (val[1] == '\0')
return -1;
}
else {
rc = parseDecIntOptionImpl(&intPart, val, point - val, INT64_MIN, INT64_MAX);
}
if (rc != 0) {
return -1;
}
s64 intPartAbs = sign == -1 ? -intPart : intPart;
s64 res = 0;
bool of = __builtin_mul_overflow(intPartAbs, FLOAT_CONV_MULT, &res);
if (of) {
return -1;
}
s64 mul = FLOAT_CONV_MULT / 10;
// Check if there's a fractional part
if (point[0] != '\0' && point[1] != '\0') {
for (char *pos = point + 1; *pos != '\0' && mul > 0; pos++) {
if (*pos < '0' || *pos > '9') {
return -1;
}
res += (*pos - '0') * mul;
mul /= 10;
}
}
res = sign * (res + fracPart);
if (res <= maxval && res >= minval && !of) {
*out = res;
return 0;
} else {
return -1;
}
}
static int parseHexIntOption(u64 *out, const char *val, u64 minval, u64 maxval)
{
*out = 0;
@ -222,6 +309,34 @@ static void menuComboToString(char *out, u32 combo)
out[-1] = 0;
}
static int encodedFloatToString(char *out, s64 val)
{
s64 sign = val >= 0 ? 1 : -1;
s64 intPart = (sign * val) / FLOAT_CONV_MULT;
s64 fracPart = (sign * val) % FLOAT_CONV_MULT;
while (fracPart % 10 != 0) {
// Remove trailing zeroes
fracPart /= 10;
}
int n = sprintf(out, "%lld", sign * intPart);
if (fracPart != 0) {
n += sprintf(out + n, ".%0*lld", (int)FLOAT_CONV_PRECISION, fracPart);
// Remove trailing zeroes
int n2 = n - 1;
while (out[n2] == '0') {
out[n2--] = '\0';
}
n = n2;
}
return n;
}
static bool hasIniParseError = false;
static int iniParseErrorLine = 0;
@ -319,8 +434,22 @@ static int configIniHandler(void* user, const char* section, const char* name, c
} else {
CHECK_PARSE_OPTION(-1);
}
} else if (strcmp(name, "autoboot_mode") == 0) {
if (strcasecmp(value, "off") == 0) {
cfg->multiConfig |= 0 << (2 * (u32)AUTOBOOTMODE);
return 1;
} else if (strcasecmp(value, "3ds") == 0) {
cfg->multiConfig |= 1 << (2 * (u32)AUTOBOOTMODE);
return 1;
} else if (strcasecmp(value, "dsi") == 0) {
cfg->multiConfig |= 2 << (2 * (u32)AUTOBOOTMODE);
return 1;
} else {
CHECK_PARSE_OPTION(-1);
}
} else {
CHECK_PARSE_OPTION(-1);
}
CHECK_PARSE_OPTION(-1);
} else if (strcmp(section, "rosalina") == 0) {
// Rosalina options
if (strcmp(name, "hbldr_3dsx_titleid") == 0) {
@ -333,18 +462,95 @@ static int configIniHandler(void* user, const char* section, const char* name, c
CHECK_PARSE_OPTION(parseKeyComboOption(&opt, value));
cfg->rosalinaMenuCombo = opt;
return 1;
} else if (strcmp(name, "screen_filters_cct") == 0) {
s64 opt;
CHECK_PARSE_OPTION(parseDecIntOption(&opt, value, 1000, 25100));
cfg->screenFiltersCct = (u32)opt;
} else if (strcmp(name, "plugin_loader_enabled") == 0) {
bool opt;
CHECK_PARSE_OPTION(parseBoolOption(&opt, value));
cfg->pluginLoaderFlags = opt ? cfg->pluginLoaderFlags | 1 : cfg->pluginLoaderFlags & ~1;
return 1;
} else if (strcmp(name, "ntp_tz_offset_min") == 0) {
s64 opt;
CHECK_PARSE_OPTION(parseDecIntOption(&opt, value, -779, 899));
cfg->ntpTzOffetMinutes = (s16)opt;
return 1;
} else {
CHECK_PARSE_OPTION(-1);
}
else {
} else if (strcmp(section, "screen_filters") == 0) {
if (strcmp(name, "screen_filters_top_cct") == 0) {
s64 opt;
CHECK_PARSE_OPTION(parseDecIntOption(&opt, value, 1000, 25100));
cfg->topScreenFilter.cct = (u32)opt;
return 1;
} else if (strcmp(name, "screen_filters_top_gamma") == 0) {
s64 opt;
CHECK_PARSE_OPTION(parseDecFloatOption(&opt, value, 0, 8 * FLOAT_CONV_MULT));
cfg->topScreenFilter.gammaEnc = opt;
return 1;
} else if (strcmp(name, "screen_filters_top_contrast") == 0) {
s64 opt;
CHECK_PARSE_OPTION(parseDecFloatOption(&opt, value, 0, 255 * FLOAT_CONV_MULT));
cfg->topScreenFilter.contrastEnc = opt;
return 1;
} else if (strcmp(name, "screen_filters_top_brightness") == 0) {
s64 opt;
CHECK_PARSE_OPTION(parseDecFloatOption(&opt, value, -1 * FLOAT_CONV_MULT, 1 * FLOAT_CONV_MULT));
cfg->topScreenFilter.brightnessEnc = opt;
return 1;
} else if (strcmp(name, "screen_filters_top_invert") == 0) {
bool opt;
CHECK_PARSE_OPTION(parseBoolOption(&opt, value));
cfg->topScreenFilter.invert = opt;
return 1;
} else if (strcmp(name, "screen_filters_top_color_curve_adj") == 0) {
s64 opt;
CHECK_PARSE_OPTION(parseDecIntOption(&opt, value, 0, 2));
cfg->topScreenFilter.colorCurveCorrection = (u8)opt;
return 1;
} else if (strcmp(name, "screen_filters_bot_cct") == 0) {
s64 opt;
CHECK_PARSE_OPTION(parseDecIntOption(&opt, value, 1000, 25100));
cfg->bottomScreenFilter.cct = (u32)opt;
return 1;
} else if (strcmp(name, "screen_filters_bot_gamma") == 0) {
s64 opt;
CHECK_PARSE_OPTION(parseDecFloatOption(&opt, value, 0, 8 * FLOAT_CONV_MULT));
cfg->bottomScreenFilter.gammaEnc = opt;
return 1;
} else if (strcmp(name, "screen_filters_bot_contrast") == 0) {
s64 opt;
CHECK_PARSE_OPTION(parseDecFloatOption(&opt, value, 0, 255 * FLOAT_CONV_MULT));
cfg->bottomScreenFilter.contrastEnc = opt;
return 1;
} else if (strcmp(name, "screen_filters_bot_brightness") == 0) {
s64 opt;
CHECK_PARSE_OPTION(parseDecFloatOption(&opt, value, -1 * FLOAT_CONV_MULT, 1 * FLOAT_CONV_MULT));
cfg->bottomScreenFilter.brightnessEnc = opt;
return 1;
} else if (strcmp(name, "screen_filters_bot_invert") == 0) {
bool opt;
CHECK_PARSE_OPTION(parseBoolOption(&opt, value));
cfg->bottomScreenFilter.invert = opt;
return 1;
} else if (strcmp(name, "screen_filters_bot_color_curve_adj") == 0) {
s64 opt;
CHECK_PARSE_OPTION(parseDecIntOption(&opt, value, 0, 2));
cfg->bottomScreenFilter.colorCurveCorrection = (u8)opt;
return 1;
} else {
CHECK_PARSE_OPTION(-1);
}
} else if (strcmp(section, "autoboot") == 0) {
if (strcmp(name, "autoboot_dsi_titleid") == 0) {
u64 opt;
CHECK_PARSE_OPTION(parseHexIntOption(&opt, value, 0, 0xFFFFFFFFFFFFFFFFull));
cfg->autobootTwlTitleId = opt;
return 1;
} else if (strcmp(name, "autoboot_3ds_app_mem_type") == 0) {
s64 opt;
CHECK_PARSE_OPTION(parseDecIntOption(&opt, value, 0, 4));
cfg->autobootCtrAppmemtype = (u8)opt;
return 1;
} else {
CHECK_PARSE_OPTION(-1);
}
} else if (strcmp(section, "misc") == 0) {
@ -356,7 +562,28 @@ static int configIniHandler(void* user, const char* section, const char* name, c
return 1;
}
}
CHECK_PARSE_OPTION(-1);
if (strcmp(name, "force_audio_output") == 0) {
if (strcasecmp(value, "off") == 0) {
cfg->multiConfig |= 0 << (2 * (u32)FORCEAUDIOOUTPUT);
return 1;
} else if (strcasecmp(value, "headphones") == 0) {
cfg->multiConfig |= 1 << (2 * (u32)FORCEAUDIOOUTPUT);
return 1;
} else if (strcasecmp(value, "speakers") == 0) {
cfg->multiConfig |= 2 << (2 * (u32)FORCEAUDIOOUTPUT);
return 1;
} else {
CHECK_PARSE_OPTION(-1);
}
} else if (strcmp(name, "volume_slider_override") == 0) {
s64 opt;
CHECK_PARSE_OPTION(parseDecIntOption(&opt, value, -1, 100));
cfg->volumeSliderOverride = (s8)opt;
return 1;
} else {
CHECK_PARSE_OPTION(-1);
}
} else {
CHECK_PARSE_OPTION(-1);
}
@ -372,6 +599,8 @@ static size_t saveLumaIniConfigToStr(char *out)
const char *splashPosStr;
const char *n3dsCpuStr;
const char *autobootModeStr;
const char *forceAudioOutputStr;
switch (MULTICONFIG(SPLASH)) {
default: case 0: splashPosStr = "off"; break;
@ -386,6 +615,18 @@ static size_t saveLumaIniConfigToStr(char *out)
case 3: n3dsCpuStr = "clock+l2"; break;
}
switch (MULTICONFIG(AUTOBOOTMODE)) {
default: case 0: autobootModeStr = "off"; break;
case 1: autobootModeStr = "3ds"; break;
case 2: autobootModeStr = "dsi"; break;
}
switch (MULTICONFIG(FORCEAUDIOOUTPUT)) {
default: case 0: forceAudioOutputStr = "off"; break;
case 1: forceAudioOutputStr = "headphones"; break;
case 2: forceAudioOutputStr = "speakers"; break;
}
if (VERSION_BUILD != 0) {
sprintf(lumaVerStr, "Luma3DS v%d.%d.%d", (int)VERSION_MAJOR, (int)VERSION_MINOR, (int)VERSION_BUILD);
} else {
@ -403,30 +644,57 @@ static size_t saveLumaIniConfigToStr(char *out)
static const int pinOptionToDigits[] = { 0, 4, 6, 8 };
int pinNumDigits = pinOptionToDigits[MULTICONFIG(PIN)];
char topScreenFilterGammaStr[32];
char topScreenFilterContrastStr[32];
char topScreenFilterBrightnessStr[32];
encodedFloatToString(topScreenFilterGammaStr, cfg->topScreenFilter.gammaEnc);
encodedFloatToString(topScreenFilterContrastStr, cfg->topScreenFilter.contrastEnc);
encodedFloatToString(topScreenFilterBrightnessStr, cfg->topScreenFilter.brightnessEnc);
char bottomScreenFilterGammaStr[32];
char bottomScreenFilterContrastStr[32];
char bottomScreenFilterBrightnessStr[32];
encodedFloatToString(bottomScreenFilterGammaStr, cfg->bottomScreenFilter.gammaEnc);
encodedFloatToString(bottomScreenFilterContrastStr, cfg->bottomScreenFilter.contrastEnc);
encodedFloatToString(bottomScreenFilterBrightnessStr, cfg->bottomScreenFilter.brightnessEnc);
int n = sprintf(
out, (const char *)config_template_ini,
lumaVerStr, lumaRevSuffixStr,
(int)CONFIG_VERSIONMAJOR, (int)CONFIG_VERSIONMINOR,
(int)CONFIG(AUTOBOOTEMU), (int)CONFIG(USEEMUFIRM),
(int)CONFIG(LOADEXTFIRMSANDMODULES), (int)CONFIG(PATCHGAMES),
(int)CONFIG(AUTOBOOTEMU), (int)CONFIG(LOADEXTFIRMSANDMODULES),
(int)CONFIG(PATCHGAMES), (int)CONFIG(REDIRECTAPPTHREADS),
(int)CONFIG(PATCHVERSTRING), (int)CONFIG(SHOWGBABOOT),
1 + (int)MULTICONFIG(DEFAULTEMU), 4 - (int)MULTICONFIG(BRIGHTNESS),
splashPosStr, (unsigned int)cfg->splashDurationMsec,
pinNumDigits, n3dsCpuStr,
autobootModeStr,
cfg->hbldr3dsxTitleId, rosalinaMenuComboStr,
(int)cfg->screenFiltersCct, (int)cfg->ntpTzOffetMinutes,
cfg->hbldr3dsxTitleId, rosalinaMenuComboStr, (int)(cfg->pluginLoaderFlags & 1),
(int)cfg->ntpTzOffetMinutes,
(int)CONFIG(PATCHUNITINFO), (int)CONFIG(DISABLEARM11EXCHANDLERS),
(int)CONFIG(ENABLESAFEFIRMROSALINA)
(int)cfg->topScreenFilter.cct, (int)cfg->bottomScreenFilter.cct,
(int)cfg->topScreenFilter.colorCurveCorrection, (int)cfg->bottomScreenFilter.colorCurveCorrection,
topScreenFilterGammaStr, bottomScreenFilterGammaStr,
topScreenFilterContrastStr, bottomScreenFilterContrastStr,
topScreenFilterBrightnessStr, bottomScreenFilterBrightnessStr,
(int)cfg->topScreenFilter.invert, (int)cfg->bottomScreenFilter.invert,
cfg->autobootTwlTitleId, (int)cfg->autobootCtrAppmemtype,
forceAudioOutputStr,
cfg->volumeSliderOverride,
(int)CONFIG(PATCHUNITINFO), (int)CONFIG(ENABLEDSIEXTFILTER),
(int)CONFIG(DISABLEARM11EXCHANDLERS), (int)CONFIG(ENABLESAFEFIRMROSALINA)
);
return n < 0 ? 0 : (size_t)n;
}
static char tmpIniBuffer[0x2000];
static char tmpIniBuffer[0x2000 + 0x400]; // eyeballed. TODO use #embed
static bool readLumaIniConfig(void)
{
@ -441,6 +709,13 @@ static bool readLumaIniConfig(void)
static bool writeLumaIniConfig(void)
{
size_t n = saveLumaIniConfigToStr(tmpIniBuffer);
// FIXME: this is UB we should port snprintf sometime (as well as fix other tech debt)
if (n + 1 >= sizeof(tmpIniBuffer)) {
error("Configuration data buffer overflow, please report this issue");
__builtin_unreachable();
}
return n != 0 && fileWrite(tmpIniBuffer, "config.ini", n);
}
@ -522,9 +797,14 @@ bool readConfig(void)
configData.formatVersionMinor = CONFIG_VERSIONMINOR;
configData.config |= 1u << PATCHVERSTRING;
configData.splashDurationMsec = 3000;
configData.hbldr3dsxTitleId = 0x000400000D921E00ull;
configData.volumeSliderOverride = -1;
configData.hbldr3dsxTitleId = HBLDR_DEFAULT_3DSX_TID;
configData.rosalinaMenuCombo = 1u << 9 | 1u << 7 | 1u << 2; // L+Start+Select
configData.screenFiltersCct = 6500; // default temp, no-op
configData.topScreenFilter.cct = 6500; // default temp, no-op
configData.topScreenFilter.gammaEnc = 1 * FLOAT_CONV_MULT; // 1.0f
configData.topScreenFilter.contrastEnc = 1 * FLOAT_CONV_MULT; // 1.0f
configData.bottomScreenFilter = configData.topScreenFilter;
configData.autobootTwlTitleId = AUTOBOOT_DEFAULT_TWL_TID;
ret = false;
}
else
@ -566,19 +846,25 @@ void configMenu(bool oldPinStatus, u32 oldPinMode)
"Splash: Off( ) Before( ) After( ) payloads",
"PIN lock: Off( ) 4( ) 6( ) 8( ) digits",
"New 3DS CPU: Off( ) Clock( ) L2( ) Clock+L2( )",
"Hbmenu autoboot: Off( ) 3DS( ) DSi( )",
};
static const char *singleOptionsText[] = { "( ) Autoboot EmuNAND",
"( ) Use EmuNAND FIRM if booting with R",
"( ) Enable loading external FIRMs and modules",
"( ) Enable game patching",
"( ) Redirect app. syscore threads to core2",
"( ) Show NAND or user string in System Settings",
"( ) Show GBA boot screen in patched AGB_FIRM",
// Should always be the last 2 entries
"\nBoot chainloader",
"Save and exit"
};
static const char *optionsDescription[] = { "Select the default EmuNAND.\n\n"
"It will be booted when no\n"
"directional pad buttons are pressed.",
"It will be booted when no directional\n"
"pad buttons are pressed (Up/Right/Down\n"
"/Left equal EmuNANDs 1/2/3/4).",
"Select the screen brightness.",
@ -607,6 +893,14 @@ void configMenu(bool oldPinStatus, u32 oldPinMode)
"'Clock+L2' can cause issues with some\n"
"games.",
"Enable autobooting into homebrew menu,\n"
"either into 3DS or DSi mode.\n\n"
"Autobooting into a gamecard title is\n"
"not supported.\n\n"
"Refer to the \"autoboot\" section in the\n"
"configuration file to configure\n"
"this feature.",
"If enabled, an EmuNAND\n"
"will be launched on boot.\n\n"
"Otherwise, SysNAND will.\n\n"
@ -616,17 +910,6 @@ void configMenu(bool oldPinStatus, u32 oldPinMode)
"(Up/Right/Down/Left equal EmuNANDs\n"
"1/2/3/4).",
"If enabled, when holding R on boot\n"
"SysNAND will be booted with an\n"
"EmuNAND FIRM.\n\n"
"Otherwise, an EmuNAND will be booted\n"
"with the SysNAND FIRM.\n\n"
"To use a different EmuNAND from the\n"
"default, hold a directional pad button\n"
"(Up/Right/Down/Left equal EmuNANDs\n"
"1/2/3/4), also add A if you have\n"
"a matching payload.",
"Enable loading external FIRMs and\n"
"system modules.\n\n"
"This isn't needed in most cases.\n\n"
@ -637,31 +920,45 @@ void configMenu(bool oldPinStatus, u32 oldPinMode)
"of patched code binaries, exHeaders,\n"
"IPS code patches and LayeredFS\n"
"for specific games.\n\n"
"Also makes certain DLCs\n"
"for out-of-region games work.\n\n"
"Also makes certain DLCs for out-of-\n"
"region games work.\n\n"
"Refer to the wiki for instructions.",
"Enable showing the current NAND/FIRM:\n\n"
"Redirect app. threads that would spawn\n"
"on core1, to core2 (which is an extra\n"
"CPU core for applications that usually\n"
"remains unused).\n\n"
"This improves the performance of very\n"
"demanding games (like Pok\x82mon US/UM)\n" // CP437
"by about 10%. Can break some games\n"
"and other applications.\n",
"Enable showing the current NAND:\n\n"
"\t* Sys = SysNAND\n"
"\t* Emu = EmuNAND 1\n"
"\t* EmuX = EmuNAND X\n"
"\t* SysE = SysNAND with EmuNAND 1 FIRM\n"
"\t* SyEX = SysNAND with EmuNAND X FIRM\n"
"\t* EmuS = EmuNAND 1 with SysNAND FIRM\n"
"\t* EmXS = EmuNAND X with SysNAND FIRM\n\n"
"\t* EmuX = EmuNAND X\n\n"
"or a user-defined custom string in\n"
"System Settings.\n\n"
"Refer to the wiki for instructions.",
"Enable showing the GBA boot screen\n"
"when booting GBA games.",
// Should always be the last 2 entries
"Boot to the Luma3DS chainloader menu.",
"Save the changes and exit. To discard\n"
"any changes press the POWER button.\n"
"Use START as a shortcut to this entry."
};
FirmwareSource nandType = FIRMWARE_SYSNAND;
if(isSdMode)
{
// Check if there is at least one emuNAND
u32 emuIndex = 0;
nandType = FIRMWARE_EMUNAND;
locateEmuNand(&nandType);
locateEmuNand(&nandType, &emuIndex, false);
}
struct multiOption {
@ -675,6 +972,8 @@ void configMenu(bool oldPinStatus, u32 oldPinMode)
{ .visible = true },
{ .visible = true },
{ .visible = ISN3DS },
{ .visible = true },
// { .visible = true }, audio rerouting, hidden
};
struct singleOption {
@ -683,7 +982,9 @@ void configMenu(bool oldPinStatus, u32 oldPinMode)
bool visible;
} singleOptions[] = {
{ .visible = nandType == FIRMWARE_EMUNAND },
{ .visible = nandType == FIRMWARE_EMUNAND },
{ .visible = true },
{ .visible = true },
{ .visible = ISN3DS },
{ .visible = true },
{ .visible = true },
{ .visible = true },
@ -720,7 +1021,7 @@ void configMenu(bool oldPinStatus, u32 oldPinMode)
"FIRM1" };
drawString(true, 10, 10, COLOR_TITLE, CONFIG_TITLE);
drawString(true, 10, 10 + SPACING_Y, COLOR_TITLE, "Press A to select, START to save");
drawString(true, 10, 10 + SPACING_Y, COLOR_TITLE, "Use the DPAD and A to change settings");
drawFormattedString(false, 10, SCREEN_HEIGHT - 2 * SPACING_Y, COLOR_YELLOW, "Booted from %s via %s", isSdMode ? "SD" : "CTRNAND", bootTypes[(u32)bootType]);
//Character to display a selected option
@ -747,7 +1048,7 @@ void configMenu(bool oldPinStatus, u32 oldPinMode)
singleOptions[i].posY = endPos + SPACING_Y;
endPos = drawString(true, 10, singleOptions[i].posY, color, singleOptionsText[i]);
if(singleOptions[i].enabled) drawCharacter(true, 10 + SPACING_X, singleOptions[i].posY, color, selected);
if(singleOptions[i].enabled && singleOptionsText[i][0] == '(') drawCharacter(true, 10 + SPACING_X, singleOptions[i].posY, color, selected);
if(color == COLOR_RED)
{
@ -759,26 +1060,34 @@ void configMenu(bool oldPinStatus, u32 oldPinMode)
drawString(false, 10, 10, COLOR_WHITE, optionsDescription[selectedOption]);
bool startPressed = false;
//Boring configuration menu
while(true)
{
u32 pressed;
u32 pressed = 0;
if (!startPressed)
do
{
pressed = waitInput(true) & MENU_BUTTONS;
}
while(!pressed);
if(pressed == BUTTON_START) break;
// Force the selection of "save and exit" and trigger it.
if(pressed & BUTTON_START)
{
startPressed = true;
// This moves the cursor to the last entry
pressed = BUTTON_RIGHT;
}
if(pressed != BUTTON_A)
if(pressed & DPAD_BUTTONS)
{
//Remember the previously selected option
u32 oldSelectedOption = selectedOption;
while(true)
{
switch(pressed)
switch(pressed & DPAD_BUTTONS)
{
case BUTTON_UP:
selectedOption = !selectedOption ? totalIndexes : selectedOption - 1;
@ -816,7 +1125,7 @@ void configMenu(bool oldPinStatus, u32 oldPinMode)
}
}
if(selectedOption == oldSelectedOption) continue;
if(selectedOption == oldSelectedOption && !startPressed) continue;
//The user moved to a different option, print the old option in white and the new one in red. Only print 'x's if necessary
if(oldSelectedOption < multiOptionsAmount)
@ -837,7 +1146,7 @@ void configMenu(bool oldPinStatus, u32 oldPinMode)
drawString(false, 10, 10, COLOR_BLACK, optionsDescription[oldSelectedOption]);
drawString(false, 10, 10, COLOR_WHITE, optionsDescription[selectedOption]);
}
else
else if (pressed & BUTTON_A || startPressed)
{
//The selected option's status changed, print the 'x's accordingly
if(isMultiOption)
@ -850,15 +1159,29 @@ void configMenu(bool oldPinStatus, u32 oldPinMode)
}
else
{
bool oldEnabled = singleOptions[singleSelected].enabled;
singleOptions[singleSelected].enabled = !oldEnabled;
if(oldEnabled) drawCharacter(true, 10 + SPACING_X, singleOptions[singleSelected].posY, COLOR_BLACK, selected);
// Save and exit was selected.
if (singleSelected == singleOptionsAmount - 1)
{
drawString(true, 10, singleOptions[singleSelected].posY, COLOR_GREEN, singleOptionsText[singleSelected]);
startPressed = false;
break;
}
else if (singleSelected == singleOptionsAmount - 2) {
loadHomebrewFirm(0);
break;
}
else
{
bool oldEnabled = singleOptions[singleSelected].enabled;
singleOptions[singleSelected].enabled = !oldEnabled;
if(oldEnabled) drawCharacter(true, 10 + SPACING_X, singleOptions[singleSelected].posY, COLOR_BLACK, selected);
}
}
}
//In any case, if the current option is enabled (or a multiple choice option is selected) we must display a red 'x'
if(isMultiOption) drawCharacter(true, 10 + multiOptions[selectedOption].posXs[multiOptions[selectedOption].enabled] * SPACING_X, multiOptions[selectedOption].posY, COLOR_RED, selected);
else if(singleOptions[singleSelected].enabled) drawCharacter(true, 10 + SPACING_X, singleOptions[singleSelected].posY, COLOR_RED, selected);
else if(singleOptions[singleSelected].enabled && singleOptionsText[singleSelected][0] == '(') drawCharacter(true, 10 + SPACING_X, singleOptions[singleSelected].posY, COLOR_RED, selected);
}
//Parse and write the new configuration

21
arm9/source/config.h
View File

@ -28,18 +28,20 @@
#include "types.h"
#define AUTOBOOT_DEFAULT_TWL_TID 0x0003000448424C41ull
#define CONFIG(a) (((configData.config >> (a)) & 1) != 0)
#define MULTICONFIG(a) ((configData.multiConfig >> (2 * (a))) & 3)
#define BOOTCONFIG(a, b) ((configData.bootConfig >> (a)) & (b))
#define CONFIG_FILE "config.bin"
#define CONFIG_FILE "config.ini"
#define CONFIG_VERSIONMAJOR 3
#define CONFIG_VERSIONMINOR 0
#define CONFIG_VERSIONMINOR 13
#define BOOTCFG_NAND BOOTCONFIG(0, 7)
#define BOOTCFG_FIRM BOOTCONFIG(3, 7)
#define BOOTCFG_NOFORCEFLAG BOOTCONFIG(6, 1)
#define BOOTCFG_NTRCARDBOOT BOOTCONFIG(7, 1)
#define BOOTCFG_NAND BOOTCONFIG(0, 1)
#define BOOTCFG_EMUINDEX BOOTCONFIG(1, 3)
#define BOOTCFG_NOFORCEFLAG BOOTCONFIG(3, 1)
#define BOOTCFG_NTRCARDBOOT BOOTCONFIG(4, 1)
enum multiOptions
{
@ -47,18 +49,21 @@ enum multiOptions
BRIGHTNESS,
SPLASH,
PIN,
NEWCPU
NEWCPU,
AUTOBOOTMODE,
FORCEAUDIOOUTPUT,
};
enum singleOptions
{
AUTOBOOTEMU = 0,
USEEMUFIRM,
LOADEXTFIRMSANDMODULES,
PATCHGAMES,
REDIRECTAPPTHREADS,
PATCHVERSTRING,
SHOWGBABOOT,
PATCHUNITINFO,
ENABLEDSIEXTFILTER,
DISABLEARM11EXCHANDLERS,
ENABLESAFEFIRMROSALINA,

6
arm9/source/crypto.c
View File

@ -322,7 +322,7 @@ __attribute__((aligned(4))) static u8 nandCtr[AES_BLOCK_SIZE];
static u8 nandSlot;
static u32 fatStart = 0;
FirmwareSource firmSource = FIRMWARE_SYSNAND;
FirmwareSource ctrNandLocation = FIRMWARE_SYSNAND;
__attribute__((aligned(4))) static const u8 key1s[2][AES_BLOCK_SIZE] = {
{0x07, 0x29, 0x44, 0x38, 0xF8, 0xC9, 0x75, 0x93, 0xAA, 0x0E, 0x4A, 0xB4, 0xAE, 0x84, 0xC1, 0xD8},
@ -348,7 +348,7 @@ int ctrNandInit(void)
u8 __attribute__((aligned(4))) temp[0x200];
//Read NCSD header
result = firmSource == FIRMWARE_SYSNAND ? sdmmc_nand_readsectors(0, 1, temp) : sdmmc_sdcard_readsectors(emuOffset + emuHeader, 1, temp);
result = ctrNandLocation == FIRMWARE_SYSNAND ? sdmmc_nand_readsectors(0, 1, temp) : sdmmc_sdcard_readsectors(emuOffset + emuHeader, 1, temp);
if(!result)
{
@ -375,7 +375,7 @@ int ctrNandRead(u32 sector, u32 sectorCount, u8 *outbuf)
//Read
int result;
if(firmSource == FIRMWARE_SYSNAND)
if(ctrNandLocation == FIRMWARE_SYSNAND)
result = sdmmc_nand_readsectors(sector + fatStart, sectorCount, outbuf);
else
{

2
arm9/source/crypto.h
View File

@ -110,7 +110,7 @@
#define SHA_224_HASH_SIZE (224 / 8)
#define SHA_1_HASH_SIZE (160 / 8)
extern FirmwareSource firmSource;
extern FirmwareSource ctrNandLocation;
void sha(void *res, const void *src, u32 size, u32 mode);

279
arm9/source/deliver_arg.c Normal file
View File

@ -0,0 +1,279 @@
/*
* This file is part of Luma3DS
* Copyright (C) 2022 Aurora Wright, TuxSH
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* Additional Terms 7.b and 7.c of GPLv3 apply to this file:
* * Requiring preservation of specified reasonable legal notices or
* author attributions in that material or in the Appropriate Legal
* Notices displayed by works containing it.
* * Prohibiting misrepresentation of the origin of that material,
* or requiring that modified versions of such material be marked in
* reasonable ways as different from the original version.
*/
#include "deliver_arg.h"
#include "utils.h"
#include "memory.h"
#include "config.h"
#include "fs.h"
#include "i2c.h"
#include "screen.h"
u8 *loadDeliverArg(void)
{
static __attribute__((aligned(8))) u8 deliverArg[0x1000] = {0};
static bool deliverArgLoaded = false;
if (!deliverArgLoaded)
{
u32 bootenv = CFG_BOOTENV; // this register is preserved across reboots
if ((bootenv & 1) == 0) // true coldboot
{
memset(deliverArg, 0, 0x1000);
}
else
{
u32 mode = bootenv >> 1;
if (mode == 0) // CTR mode
{
memcpy(deliverArg, (const void *)0x20000000, 0x1000);
// Validate deliver arg
u32 testPattern = *(u32 *)(deliverArg + 0x438);
u32 *crcPtr = (u32 *)(deliverArg + 0x43C);
u32 crc = *crcPtr;
*crcPtr = 0; // clear crc field before calculation
u32 expectedCrc = crc32(deliverArg + 0x400, 0x140, 0xFFFFFFFF);
*crcPtr = crc;
if (testPattern != 0xFFFF || crc != expectedCrc)
memset(deliverArg, 0, 0x1000);
}
else // Legacy modes
{
// Copy TWL deliver arg stuff as-is (0...0x300)
copyFromLegacyModeFcram(deliverArg, (const void *)0x20000000, 0x400);
// Validate TLNC (TWL launcher params) block
// Note: Nintendo doesn't do crcLen bound check
u8 *tlnc = deliverArg + 0x300;
bool hasMagic = memcmp(tlnc, "TLNC", 4) == 0;
u8 crcLen = tlnc[5];
u16 crc = *(u16 *)(tlnc + 6);
if (!hasMagic || (8 + crcLen) > 0x100 || crc != crc16(tlnc + 8, crcLen, 0xFFFF))
memset(tlnc, 0, 0x100);
memset(deliverArg + 0x400, 0, 0xC00);
}
}
deliverArgLoaded = true;
}
return deliverArg;
}
void commitDeliverArg(void)
{
u8 *deliverArg = loadDeliverArg();
u32 bootenv = CFG_BOOTENV;
if ((bootenv & 1) == 0) // if true coldboot, set bootenv to "CTR mode reboot"
{
bootenv = 1;
CFG_BOOTENV = 1;
}
u32 mode = bootenv >> 1;
if (mode == 0) // CTR mode
{
*(u32 *)(deliverArg + 0x438) = 0xFFFF;
*(u32 *)(deliverArg + 0x43C) = 0; // clear CRC field before calculating it
*(u32 *)(deliverArg + 0x43C) = crc32(deliverArg + 0x400, 0x140, 0xFFFFFFFF);
memcpy((void *)0x20000000, deliverArg, 0x1000);
}
else // Legacy modes (just TWL mode, really)
{
copyToLegacyModeFcram((void *)0x20000000, deliverArg, 0x400);
}
}
bool hasValidTlncAutobootParams(void)
{
u8 *tlnc = loadDeliverArg() + 0x300; // loadDeliverArg clears invalid TLNC blocks
return memcmp(tlnc, "TLNC", 4) == 0 && (*(u16 *)(tlnc + 0x18) & 1) != 0;
}
bool isTwlToCtrLaunch(void)
{
// assumes TLNC block is valid
u8 *tlnc = loadDeliverArg() + 0x300; // loadDeliverArg clears invalid TLNC blocks
u64 twlTid = *(u64 *)(tlnc + 0x10);
switch (twlTid & ~0xFFull)
{
case 0x0000000000000000ull: // TWL Launcher -> Home menu (note: NS checks full TID)
case 0x00030015484E4200ull: // TWL System Settings -> CTR System Settings (mset)
return true;
default:
return false;
}
}
static bool configureHomebrewAutobootCtr(u8 *deliverArg)
{
static const u8 appmemtypesO3ds[] = { 0, 2, 3, 4, 5 };
static const u8 appmemtypesN3ds[] = { 6, 7, 7, 7, 7 };
u64 hbldrTid = configData.hbldr3dsxTitleId;
hbldrTid = hbldrTid == 0 ? HBLDR_DEFAULT_3DSX_TID : hbldrTid; // replicate Loader's behavior
if ((hbldrTid >> 46) != 0x10) // Not a CTR titleId. Bail out
return false;
u8 memtype = configData.autobootCtrAppmemtype;
// autobootCtrAppmemtype already checked, but it doesn't hurt to check again
memtype = memtype >= 5 ? 0 : memtype;
deliverArg[0x400] = ISN3DS ? appmemtypesN3ds[memtype] : appmemtypesO3ds[memtype];
// Determine whether to load from the SD card or from NAND. We don't support gamecards for this
u32 category = (hbldrTid >> 32) & 0xFFFF;
bool isSdApp = (category & 0x10) == 0 && category != 1; // not a system app nor a DLP child
*(u64 *)(deliverArg + 0x440) = hbldrTid;
*(u64 *)(deliverArg + 0x448) = isSdApp ? 1 : 0;
// Tell NS to run the title, and that it's not a title jump from legacy mode
*(u32 *)(deliverArg + 0x460) = (0 << 1) | (1 << 0);
// Whenever power button is held long enough ("force shutdown"), mcu sysmodule
// stores a flag in free reg 0. It will clear it next boot.
// During that next boot, if that flag was set and if CFG_BOOTENV.bit0 is set
// (warmboot/firm chainload, i.e. not coldbooting), then main() will simulate
// a "power button held" interrupt (after upgrading mcu fw if necessary -- it
// will reboot console after if it has upgraded mcu fw, I guess that's one of
// the reasons the flag is there). This obviously cause other processes to initiate
// a shutdown, and it also sets that flag again.
// In the case of autoboot, ns will panic when this happens. This caused
// hb autoboot to keep failing over and over again.
// Select free reg 0, read it, select it again, write it (clearing force shutdown flag)
I2C_writeReg(I2C_DEV_MCU, 0x60, 0);
u8 flags = I2C_readReg(I2C_DEV_MCU, 0x61);
flags &= ~4;
I2C_writeReg(I2C_DEV_MCU, 0x60, 0);
I2C_writeReg(I2C_DEV_MCU, 0x61, flags);
CFG_BOOTENV = 1;
return true;
}
static bool configureHomebrewAutobootTwl(u8 *deliverArg)
{
// Here, we pretend to be a TWL app rebooting into another TWL app.
// We get NS to do all the heavy lifting (starting NWM and AM, etc.) this way.
memset(deliverArg + 0x000, 0, 0x300); // zero TWL deliver arg params
// Now onto TLNC (launcher params):
u8 *tlnc = deliverArg + 0x300;
memset(tlnc, 0, 0x100);
memcpy(tlnc, "TLNC", 4);
tlnc[4] = 1; // version
tlnc[5] = 0x18; // length of data to calculate CRC over
*(u64 *)(tlnc + 8) = 0; // old title ID
*(u64 *)(tlnc + 0x10) = configData.autobootTwlTitleId; // new title ID
// bit4: "skip logo" ; bits2:1: NAND boot ; bit0: valid
*(u16 *)(tlnc + 0x18) = (1 << 4) | (3 << 1) | (1 << 0);
*(u16 *)(tlnc + 6) = crc16(tlnc + 8, 0x18, 0xFFFF);
// Even though (when running TWL/AGB FIRM) the SoC is in O3DS mode, and the GPU also is,
// as well as most other components behaving as such (external RAM, L2C not usable, etc.),
// this is NOT the case for the LCD and adaptive backlight logic which retains FULL N3DS
// functionality, including a feature where the window is blended with a given color depending
// on the overall relative luminance of that window.
// However, Nintendo's own code mistakenly assumes the opposite, and clearly so ("if GPU in N3DS mode"
// checks, not passing N3DS extra adaptive backlight (ABL) to TWL/AGB_FIRM). This has implications:
// - Powersaving (ABL) settings in TWL/AGB_FIRM is inconsistent with *both* O3DS (because the new RGB blend LUT
// has been set to its current value by NATIVE_FIRM) and N3DS (because "pwn_cnt" and "inertia" are missing
// their N3DS-only bits)
// - "rave party" when booting into TWL/AGB_FIRM or O3DS NATIVE_FIRM without these regs (well, the LUT) initialized.
// Easiest way to do so is by leveraging the "DSi autooboot" feature Luma provides. It is worth noting at least
// the LUT survives hardware reboots (if Nintendo were using DSi software that was using TLNC-based reboots,
// they wouldn't have noticed).
// As such, zerofill these registers (from testing, hardware explicitly discards null values, so this
// should be fine). For now, only touch the Luma-initiated autoboot path
if (ISN3DS)
zerofillN3dsAblRegisters();
CFG_BOOTENV = 3;
return true;
}
bool configureHomebrewAutoboot(void)
{
bool ret;
u8 *deliverArg = loadDeliverArg();
u32 bootenv = CFG_BOOTENV;
u32 mode = bootenv >> 1;
// NS always writes a valid deliver arg on reboot, no matter what.
// Check if it is empty, and, of course, bail out if we aren't rebooting from
// NATIVE_FIRM.
// Checking if it is empty is necessary to let us reboot from autobooted hbmenu
// to hbmenu.
if (mode != 0)
return false;
else if (bootenv == 1)
{
for (u32 i = 0; i < 0x410; i++)
{
if (deliverArg[i] != 0)
return false;
}
for (u32 i = 0x440; i < 0x1000; i++)
{
if (deliverArg[i] != 0)
return false;
}
}
switch (MULTICONFIG(AUTOBOOTMODE))
{
case 1:
ret = configureHomebrewAutobootCtr(deliverArg);
break;
case 2:
ret = configureHomebrewAutobootTwl(deliverArg);
break;
case 0:
default:
ret = false;
break;
}
if (ret)
commitDeliverArg();
return ret;
}

37
arm9/source/deliver_arg.h Normal file
View File

@ -0,0 +1,37 @@
/*
* This file is part of Luma3DS
* Copyright (C) 2022 Aurora Wright, TuxSH
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* Additional Terms 7.b and 7.c of GPLv3 apply to this file:
* * Requiring preservation of specified reasonable legal notices or
* author attributions in that material or in the Appropriate Legal
* Notices displayed by works containing it.
* * Prohibiting misrepresentation of the origin of that material,
* or requiring that modified versions of such material be marked in
* reasonable ways as different from the original version.
*/
#pragma once
#include "types.h"
u8 *loadDeliverArg(void);
void commitDeliverArg(void);
bool hasValidTlncAutobootParams(void);
bool isTwlToCtrLaunch(void); // assumes TLNC block is valid
bool configureHomebrewAutoboot(void);

1
arm9/source/draw.h
View File

@ -39,6 +39,7 @@
#define COLOR_TITLE 0xFF9900
#define COLOR_WHITE 0xFFFFFF
#define COLOR_RED 0x0000FF
#define COLOR_GREEN 0x00FF00
#define COLOR_BLACK 0x000000
#define COLOR_YELLOW 0x00FFFF

206
arm9/source/emunand.c
View File

@ -38,7 +38,7 @@
u32 emuOffset,
emuHeader;
void locateEmuNand(FirmwareSource *nandType)
void locateEmuNand(FirmwareSource *nandType, u32 *emunandIndex, bool configureCtrNandParams)
{
static u8 __attribute__((aligned(4))) temp[0x200];
static u32 nandSize = 0,
@ -51,7 +51,10 @@ void locateEmuNand(FirmwareSource *nandType)
fatStart = *(u32 *)(temp + 0x1C6); //First sector of the FAT partition
}
for(u32 i = 0; i < 3; i++)
/*if (*nandType == FIRMWARE_SYSNAND)
return;*/
for(u32 i = 0; i < 3; i++) // Test the different kinds of multi-EmuNAND there are, unless we are looking for the first one
{
static const u32 roundedMinsizes[] = {0x1D8000, 0x26E000};
@ -65,56 +68,64 @@ void locateEmuNand(FirmwareSource *nandType)
nandOffset = roundedMinsizes[ISN3DS ? 1 : 0]; //"Minsize" layout
break;
case 0:
nandOffset = *nandType == FIRMWARE_EMUNAND ? 0 : (nandSize > 0x200000 ? 0x400000 : 0x200000); //"Legacy" layout
nandOffset = nandSize > 0x200000 ? 0x400000 : 0x200000; //"Legacy" layout
break;
}
if(*nandType != FIRMWARE_EMUNAND) nandOffset *= ((u32)*nandType - 1);
nandOffset *= *emunandIndex; // always 0 for 1st EmuNAND
if(fatStart >= nandOffset + roundedMinsizes[ISN3DS ? 1 : 0])
{
//Check for RedNAND
if(!sdmmc_sdcard_readsectors(nandOffset + 1, 1, temp) && memcmp(temp + 0x100, "NCSD", 4) == 0)
{
emuOffset = nandOffset + 1;
emuHeader = 0;
if (configureCtrNandParams)
{
emuOffset = nandOffset + 1;
emuHeader = 0;
}
return;
}
//Check for Gateway EmuNAND
else if(i != 2 && !sdmmc_sdcard_readsectors(nandOffset + nandSize, 1, temp) && memcmp(temp + 0x100, "NCSD", 4) == 0)
{
emuOffset = nandOffset;
emuHeader = nandSize;
if (configureCtrNandParams)
{
emuOffset = nandOffset;
emuHeader = nandSize;
}
return;
}
}
if(*nandType == FIRMWARE_EMUNAND) break;
if(*emunandIndex == 0) break; // See above comments
}
//Fallback to the first EmuNAND if there's no second/third/fourth one, or to SysNAND if there isn't any
if(*nandType != FIRMWARE_EMUNAND)
if(*emunandIndex != 0)
{
*nandType = FIRMWARE_EMUNAND;
locateEmuNand(nandType);
*emunandIndex = 0;
locateEmuNand(nandType, emunandIndex, configureCtrNandParams);
}
else *nandType = FIRMWARE_SYSNAND;
}
static inline bool getFreeK9Space(u8 *pos, u32 size, u8 **freeK9Space)
static inline u32 getProtoSdmmc(u32 *sdmmc, u32 firmVersion)
{
static const u8 pattern[] = {0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0x00};
switch(firmVersion)
{
case 243: // SDK 0.9.x (0.9.7?)
*sdmmc = (0x080AAA28 + 0x4e0);
break;
case 238: // SDK 0.10
*sdmmc = (0x080BEA70 + 0x690);
break;
default:
return 1;
}
//Looking for the last free space before Process9
*freeK9Space = memsearch(pos, pattern, size, sizeof(pattern));
if(*freeK9Space == NULL || (u32)(pos + size - *freeK9Space) < 0x455 + emunandPatchSize ||
*(u32 *)(*freeK9Space + 0x455 + emunandPatchSize - 4) != 0xFFFFFFFF) return false;
*freeK9Space += 0x455;
return true;
return 0;
}
static inline u32 getOldSdmmc(u32 *sdmmc, u32 firmVersion)
@ -149,7 +160,7 @@ static inline u32 getSdmmc(u8 *pos, u32 size, u32 *sdmmc)
return 0;
}
static inline u32 patchNandRw(u8 *pos, u32 size, u32 branchOffset)
static inline u32 patchNandRw(u8 *pos, u32 size, u32 hookAddr)
{
//Look for read/write code
static const u8 pattern[] = {0x1E, 0x00, 0xC8, 0x05};
@ -167,32 +178,118 @@ static inline u32 patchNandRw(u8 *pos, u32 size, u32 branchOffset)
writeOffset -= 3;
*readOffset = *writeOffset = 0x4C00;
readOffset[1] = writeOffset[1] = 0x47A0;
((u32 *)writeOffset)[1] = ((u32 *)readOffset)[1] = branchOffset;
((u32 *)writeOffset)[1] = ((u32 *)readOffset)[1] = hookAddr;
return 0;
}
static inline u32 patchMpu(u8 *pos, u32 size)
static inline u32 patchProtoNandRw(u8 *pos, u32 size, u32 hookAddr, u32 hookCidAddr)
{
//Look for MPU pattern
static const u8 pattern[] = {0x03, 0x00, 0x24, 0x00};
//Look for read/write code
static const u8 pattern[] = {
0x03, 0x00, 0x51, 0xE3, // cmp r1, #3
0x02, 0xC0, 0xA0, 0xE1, // mov r12, r2
0x04, 0x00, 0x80, 0xE2, // add r0, r0, #4
};
u16 *off = (u16 *)memsearch(pos, pattern, size, sizeof(pattern));
u32 *writeOffset = (u32 *)memsearch(pos, pattern, size, sizeof(pattern));
if(off == NULL) return 1;
if(writeOffset == NULL) return 1;
off[1] = 0x0036;
off[0xC] = off[0x12] = 0x0603;
u32 *readOffset = (u32 *)memsearch((u8 *)(writeOffset + 3), pattern, 0x400, sizeof(pattern));
if(readOffset == NULL) return 1;
// Find the sdmmc mount/init(?) function
static const u8 mount_pattern[] = {
0x20, 0x00, 0x84, 0xE2, // add r0, r4, 0x20
0x01, 0x20, 0xA0, 0xE3, // mov r2, #1
0x00, 0x10, 0xA0, 0xE3, // mov r1, #0
};
u32* mountOffset = (u32*) memsearch(pos, mount_pattern, size, sizeof(mount_pattern));
if (mountOffset == NULL) return 1;
// Find the sdmmc read cid function.
static const u8 readcid_pattern[] = {
0x31, 0xFF, 0x2F, 0xE1, // blx r1
0x20, 0x60, 0x9F, 0xE5, // ldr r6, [pc, #0x20] // =failing_result
0x00, 0x00, 0x50, 0xE3, // cmp r0, #0
};
u32* readCidOffset = (u32*) memsearch(pos, readcid_pattern, size, sizeof(readcid_pattern));
if (readCidOffset == NULL) return 1;
readCidOffset -= 5;
mountOffset[1] = 0xe3a02000; // mov r2, #0 // sd-card
readOffset[0] = writeOffset[0] = 0xe52de004; // push {lr}
readOffset[1] = writeOffset[1] = 0xe59fc000; // ldr r12, [pc, #0]
readOffset[2] = writeOffset[2] = 0xe12fff3c; // blx r12
readOffset[3] = writeOffset[3] = hookAddr;
readCidOffset[0] = 0xe59fc000; // ldr r12, [pc, #0]
readCidOffset[1] = 0xe12fff3c; // blx r12
readCidOffset[2] = hookCidAddr;
// Read the emmc cid into the place hook will copy it from
sdmmc_get_cid(1, emunandPatchNandCid);
return 0;
}
u32 patchEmuNand(u8 *arm9Section, u32 kernel9Size, u8 *process9Offset, u32 process9Size, u8 *kernel9Address, u32 firmVersion)
static inline u32 patchProtoNandRw238(u8 *pos, u32 size, u32 hookAddr, u32 hookCidAddr)
{
u8 *freeK9Space;
//Look for read/write code
static const u8 pattern[] = {
0x03, 0x00, 0x50, 0xE3, // cmp r0, #3
0x00, 0x00, 0xA0, 0x13, // movne r0, #0
0x01, 0x00, 0xA0, 0x03, // moveq r0, #1
};
if(!getFreeK9Space(arm9Section, kernel9Size, &freeK9Space)) return 1;
u32 *writeOffset = (u32 *)memsearch(pos, pattern, size, sizeof(pattern));
if(writeOffset == NULL) return 1;
u32 *readOffset = (u32 *)memsearch((u8 *)(writeOffset + 3), pattern, 0x400, sizeof(pattern));
if(readOffset == NULL) return 1;
// Find the mmc static ctor...
static const u8 mount_pattern[] = {
0x08, // last byte of some ptr to something in P9
0x01, 0x01, 0x00, 0x00, // emmc controller id
};
u8* mountOffset = (u8*) memsearch(pos, mount_pattern, size, sizeof(mount_pattern));
if (mountOffset == NULL) return 1;
mountOffset++;
// Find the sdmmc read cid function.
static const u8 readcid_pattern[] = {
0x31, 0xFF, 0x2F, 0xE1, // blx r1
0x20, 0x60, 0x9F, 0xE5, // ldr r6, [pc, #0x20] // =failing_result
0x00, 0x00, 0x50, 0xE3, // cmp r0, #0
};
u32* readCidOffset = (u32*) memsearch(pos, readcid_pattern, size, sizeof(readcid_pattern));
if (readCidOffset == NULL) return 1;
readCidOffset -= 5;
*(u32*)mountOffset = 0x300; // sd card
readOffset[0] = writeOffset[0] = 0xe59fc000; // ldr r12, [pc, #0]
readOffset[1] = writeOffset[1] = 0xe12fff3c; // blx r12
readOffset[2] = writeOffset[2] = hookAddr;
readCidOffset[0] = 0xe59fc000; // ldr r12, [pc, #0]
readCidOffset[1] = 0xe12fff3c; // blx r12
readCidOffset[2] = hookCidAddr;
// Read the emmc cid into the place hook will copy it from
sdmmc_get_cid(1, emunandPatchNandCid);
return 0;
}
u32 patchEmuNand(u8 *process9Offset, u32 process9Size, u32 firmVersion)
{
u32 ret = 0;
//Add the data of the found EmuNAND
@ -204,15 +301,38 @@ u32 patchEmuNand(u8 *arm9Section, u32 kernel9Size, u8 *process9Offset, u32 proce
ret += !ISN3DS && firmVersion < 0x25 ? getOldSdmmc(&sdmmc, firmVersion) : getSdmmc(process9Offset, process9Size, &sdmmc);
if(!ret) emunandPatchSdmmcStructPtr = sdmmc;
//Copy EmuNAND code
memcpy(freeK9Space, emunandPatch, emunandPatchSize);
//Add EmuNAND hooks
u32 branchOffset = (u32)(freeK9Space - arm9Section + kernel9Address);
ret += patchNandRw(process9Offset, process9Size, branchOffset);
//Set MPU
ret += patchMpu(arm9Section, kernel9Size);
ret += patchNandRw(process9Offset, process9Size, (u32)emunandPatch);
return ret;
}
u32 patchProtoEmuNand(u8 *process9Offset, u32 process9Size)
{
extern u32 firmProtoVersion;
u32 ret = 0;
// Add the data of the found EmuNAND
emunandPatchNandOffset = emuOffset;
emunandPatchNcsdHeaderOffset = emuHeader;
// Find and add the SDMMC struct
u32 sdmmc;
ret += getProtoSdmmc(&sdmmc, firmProtoVersion);
if(!ret) emunandPatchSdmmcStructPtr = sdmmc;
// Add EmuNAND hooks
switch (firmProtoVersion) {
case 243: // SDK 0.9.x (0.9.7?)
ret += patchProtoNandRw(process9Offset, process9Size, (u32)emunandProtoPatch, (u32)emunandProtoCidPatch);
break;
case 238: // SDK 0.10.x
ret += patchProtoNandRw238(process9Offset, process9Size, (u32)emunandProtoPatch238, (u32)emunandProtoCidPatch);
break;
default:
ret++;
break;
}
return ret;
}

5
arm9/source/emunand.h
View File

@ -37,5 +37,6 @@
extern u32 emuOffset,
emuHeader;
void locateEmuNand(FirmwareSource *nandType);
u32 patchEmuNand(u8 *arm9Section, u32 kernel9Size, u8 *process9Offset, u32 process9Size, u8 *kernel9Address, u32 firmVersion);
void locateEmuNand(FirmwareSource *nandType, u32 *emunandIndex, bool configureCtrNandParams);
u32 patchEmuNand(u8 *process9Offset, u32 process9Size, u32 firmVersion);
u32 patchProtoEmuNand(u8 *process9Offset, u32 process9Size);

194
arm9/source/emunand_patch.s Normal file
View File

@ -0,0 +1,194 @@
.section .emunand_patch, "aw", %progbits
.arm
.align 4
@ Code originally by Normmatt
.global emunandPatch
emunandPatch:
@ Original code that still needs to be executed
mov r4, r0
mov r5, r1
mov r7, r2
mov r6, r3
@ End
@ If we're already trying to access the SD, return
ldr r2, [r0, #4]
ldr r1, emunandPatchSdmmcStructPtr
cmp r2, r1
beq out
str r1, [r0, #4] @ Set object to be SD
ldr r2, [r0, #8] @ Get sector to read
cmp r2, #0 @ For GW compatibility, see if we're trying to read the ncsd header (sector 0)
ldr r3, emunandPatchNandOffset
add r2, r3 @ Add the offset to the NAND in the SD
ldreq r3, emunandPatchNcsdHeaderOffset
addeq r2, r3 @ If we're reading the ncsd header, add the offset of that sector
str r2, [r0, #8] @ Store sector to read
out:
@ Restore registers.
mov r1, r5
mov r2, r7
mov r3, r6
@ Return 4 bytes behind where we got called,
@ due to the offset of this function being stored there
mov r0, lr
add r0, #4
bx r0
.pool
_emunandPatchEnd:
.global emunandProtoPatch
emunandProtoPatch:
@ Save registers
push {r0-r3}
@ If we're already trying to access the SD, return
ldr r2, [r0, #4]
ldr r1, emunandPatchSdmmcStructPtr
cmp r2, r1
beq _out
ldrb r2, [r1, #0xc] @ Get sdmc->m_isInitialised
cmp r2, #0 @ Is initialised?
beq _pastSdmc @ if not, use "NAND" object, patched elsewhere to access SD
str r1, [r0, #4] @ Set object to be SD
_pastSdmc:
ldr r2, [r0, #8] @ Get sector to read
cmp r2, #0 @ For GW compatibility, see if we're trying to read the ncsd header (sector 0)
ldr r3, emunandPatchNandOffset
add r2, r3 @ Add the offset to the NAND in the SD
ldreq r3, emunandPatchNcsdHeaderOffset
addeq r2, r3 @ If we're reading the ncsd header, add the offset of that sector
str r2, [r0, #8] @ Store sector to read
_out:
@ Restore registers
pop {r0-r3}
@ Execute original code that got patched.
cmp r1, #3
mov r12, r2
add r0, r0, #4
movne r1, #0
moveq r1, #1
@ r2 about to be overwritten, so it's free to use here.
@ Save off our return address and restore lr.
mov r2, lr
pop {lr}
@ r2+0 is return address (patched movne r1, #0)
@ r2+4 is moveq r1, #1
@ r2+8 is the following instruction (mov r2, r3)
add r2, #8
bx r2
.global emunandProtoCidPatch
emunandProtoCidPatch:
@ If we're already trying to access the SD, return
ldr r4, emunandPatchSdmmcStructPtr
cmp r0, r4
beq _cid_return
@ Trying to access nand, so copy the NAND cid into r1
adr r4, emunandPatchNandCid
ldr r2, [r4, #0]
ldr r3, [r4, #4]
ldr r5, [r4, #8]
ldr r6, [r4, #0xc]
str r2, [r1, #0]
str r3, [r1, #4]
str r5, [r1, #8]
str r6, [r1, #0xc]
@ And return from whence we came
mov r0, #0
pop {r4-r6, pc}
_cid_return:
@ Execute original code that got patched.
mov r4, r0
ldr r0, [r0]
mov r5, r1
@ lr+0 is return address (patched mov r5, r1)
@ lr+4 is following instruction (ldr r1, [r0,#8])
add lr, #4
bx lr
.global emunandProtoPatch238
emunandProtoPatch238:
@ Save registers
push {r0-r3}
@ If we're already trying to access the SD, return
ldr r2, [r4, #4]
ldr r1, emunandPatchSdmmcStructPtr
cmp r2, r1
beq _out238
ldr r2, [r1, #0x24] @ Get sdmc->m_someObjInitedLater
cmp r2, #0 @ Is initialised?
beq _pastSdmc238 @ if not, use "NAND" object, patched elsewhere to access SD
str r1, [r4, #4] @ Set object to be SD
_pastSdmc238:
ldr r2, [r4, #8] @ Get sector to read
cmp r2, #0 @ For GW compatibility, see if we're trying to read the ncsd header (sector 0)
ldr r3, emunandPatchNandOffset
add r2, r3 @ Add the offset to the NAND in the SD
ldreq r3, emunandPatchNcsdHeaderOffset
addeq r2, r3 @ If we're reading the ncsd header, add the offset of that sector
str r2, [r4, #8] @ Store sector to read
_out238:
@ Restore registers
pop {r0-r3}
@ Execute original code that got patched.
cmp r0, #3
movne r0, #0
moveq r0, #1
@ r1 about to be overwritten, so it's free to use here.
@ Save off our return address.
mov r1, lr
@ r1+0 is return address (patched moveq r1, #1)
@ r1+4 is tst r0, #0xff or sub sp, sp, #0xc
add r1, #4
bx r1
.pool
.global emunandPatchSdmmcStructPtr
.global emunandPatchNandOffset
.global emunandPatchNcsdHeaderOffset
.global emunandPatchNandCid
_emunandPatchBssStart:
emunandPatchSdmmcStructPtr: .word 0 @ Pointer to sdmmc struct
emunandPatchNandOffset: .word 0 @ For rednand this should be 1
emunandPatchNcsdHeaderOffset: .word 0 @ Depends on nand manufacturer + emunand type (GW/RED)
emunandPatchNandCid: @ Store emmc cid here, to override "sdmc's" when trying to read emmc's
.word 0,0,0,0
_emunandPatchBssEnd:
.pool
.balign 4
.global emunandPatchSize
emunandPatchSize:
.word _emunandPatchEnd - emunandPatch
.global emunandPatchBssSize
emunandPatchBssSize:
.word _emunandPatchBssEnd - _emunandPatchBssStart

39
arm9/source/fatfs/00history.txt
View File

@ -328,3 +328,42 @@ R0.13c (October 14, 2018)
Fixed creating a sub-directory in the fragmented sub-directory on the exFAT volume collapses FAT chain of the parent directory. (appeared at R0.12)
Fixed f_getcwd() cause output buffer overrun when the buffer has a valid drive number. (appeared at R0.13b)
R0.14 (October 14, 2019)
Added support for 64-bit LBA and GUID partition table (FF_LBA64 = 1)
Changed some API functions, f_mkfs() and f_fdisk().
Fixed f_open() function cannot find the file with file name in length of FF_MAX_LFN characters.
Fixed f_readdir() function cannot retrieve long file names in length of FF_MAX_LFN - 1 characters.
Fixed f_readdir() function returns file names with wrong case conversion. (appeared at R0.12)
Fixed f_mkfs() function can fail to create exFAT volume in the second partition. (appeared at R0.12)
R0.14a (December 5, 2020)
Limited number of recursive calls in f_findnext().
Fixed old floppy disks formatted with MS-DOS 2.x and 3.x cannot be mounted.
Fixed some compiler warnings.
R0.14b (April 17, 2021)
Made FatFs uses standard library <string.h> for copy, compare and search instead of built-in string functions.
Added support for long long integer and floating point to f_printf(). (FF_STRF_LLI and FF_STRF_FP)
Made path name parser ignore the terminating separator to allow "dir/".
Improved the compatibility in Unix style path name feature.
Fixed the file gets dead-locked when f_open() failed with some conditions. (appeared at R0.12a)
Fixed f_mkfs() can create wrong exFAT volume due to a timing dependent error. (appeared at R0.12)
Fixed code page 855 cannot be set by f_setcp().
Fixed some compiler warnings.
R0.15 (November 6, 2022)
Changed user provided synchronization functions in order to completely eliminate the platform dependency from FatFs code.
FF_SYNC_t is removed from the configuration options.
Fixed a potential error in f_mount when FF_FS_REENTRANT.
Fixed file lock control FF_FS_LOCK is not mutal excluded when FF_FS_REENTRANT && FF_VOLUMES > 1 is true.
Fixed f_mkfs() creates broken exFAT volume when the size of volume is >= 2^32 sectors.
Fixed string functions cannot write the unicode characters not in BMP when FF_LFN_UNICODE == 2 (UTF-8).
Fixed a compatibility issue in identification of GPT header.

2
arm9/source/fatfs/00readme.txt
View File

@ -1,4 +1,4 @@
FatFs Module Source Files R0.13c
FatFs Module Source Files R0.15
FILES

90
arm9/source/fatfs/diskio.c
View File

@ -1,5 +1,5 @@
/*-----------------------------------------------------------------------*/
/* Low level disk I/O module skeleton for FatFs (C)ChaN, 2014 */
/* Low level disk I/O module SKELETON for FatFs (C)ChaN, 2019 */
/*-----------------------------------------------------------------------*/
/* If a working storage control module is available, it should be */
/* attached to the FatFs via a glue function rather than modifying it. */
@ -7,12 +7,13 @@
/* storage control modules to the FatFs module with a defined API. */
/*-----------------------------------------------------------------------*/
#include "diskio.h" /* FatFs lower layer API */
#include "ff.h" /* Obtains integer types */
#include "diskio.h" /* Declarations of disk functions */
#include "sdmmc/sdmmc.h"
#include "../crypto.h"
#include "../i2c.h"
/* Definitions of physical drive number for each media */
/* Definitions of physical drive number for each drive */
#define SDCARD 0
#define CTRNAND 1
@ -21,10 +22,10 @@
/*-----------------------------------------------------------------------*/
DSTATUS disk_status (
__attribute__((unused))
BYTE pdrv /* Physical drive nmuber to identify the drive */
)
{
(void)pdrv;
return RES_OK;
}
@ -38,12 +39,28 @@ DSTATUS disk_initialize (
BYTE pdrv /* Physical drive nmuber to identify the drive */
)
{
static u32 sdmmcInitResult = 4;
static u32 sdmmcInitResult = 4;
DSTATUS res = 0;
if(sdmmcInitResult == 4) sdmmcInitResult = sdmmc_sdcard_init();
if(sdmmcInitResult == 4)
sdmmcInitResult = sdmmc_sdcard_init();
return ((pdrv == SDCARD && !(sdmmcInitResult & 2)) ||
(pdrv == CTRNAND && !(sdmmcInitResult & 1) && !ctrNandInit())) ? 0 : STA_NOINIT;
// Check physical drive initialized status
switch (pdrv)
{
case SDCARD:
res = (sdmmcInitResult & 2) == 0 ? 0 : STA_NOINIT;
break;
case CTRNAND:
// Always update CTRNAND parameters when remounting
res = (sdmmcInitResult & 1) == 0 && ctrNandInit() == 0 ? 0 : STA_NOINIT;
break;
default:
res = STA_NODISK;
break;
}
return res;
}
@ -55,12 +72,26 @@ DSTATUS disk_initialize (
DRESULT disk_read (
BYTE pdrv, /* Physical drive nmuber to identify the drive */
BYTE *buff, /* Data buffer to store read data */
DWORD sector, /* Sector address in LBA */
LBA_t sector, /* Start sector in LBA */
UINT count /* Number of sectors to read */
)
{
return ((pdrv == SDCARD && !sdmmc_sdcard_readsectors(sector, count, buff)) ||
(pdrv == CTRNAND && !ctrNandRead(sector, count, buff))) ? RES_OK : RES_PARERR;
DRESULT res = RES_OK;
switch (pdrv)
{
case SDCARD:
res = sdmmc_sdcard_readsectors(sector, count, buff) == 0 ? RES_OK : RES_PARERR;
break;
case CTRNAND:
res = ctrNandRead(sector, count, buff) == 0 ? RES_OK : RES_PARERR;
break;
default:
res = RES_NOTRDY;
break;
}
return res;
}
@ -69,37 +100,54 @@ DRESULT disk_read (
/* Write Sector(s) */
/*-----------------------------------------------------------------------*/
#if _USE_WRITE
#if FF_FS_READONLY == 0
DRESULT disk_write (
BYTE pdrv, /* Physical drive nmuber to identify the drive */
const BYTE *buff, /* Data to be written */
DWORD sector, /* Sector address in LBA */
const BYTE *buff, /* Data to be written */
LBA_t sector, /* Start sector in LBA */
UINT count /* Number of sectors to write */
)
{
return ((pdrv == SDCARD && (*(vu16 *)(SDMMC_BASE + REG_SDSTATUS0) & TMIO_STAT0_WRPROTECT) != 0 && !sdmmc_sdcard_writesectors(sector, count, buff)) ||
(pdrv == CTRNAND && !ctrNandWrite(sector, count, buff))) ? RES_OK : RES_PARERR;
DRESULT res = RES_OK;
switch (pdrv)
{
case SDCARD:
{
if ((*(vu16 *)(SDMMC_BASE + REG_SDSTATUS0) & TMIO_STAT0_WRPROTECT) == 0) // why == 0?
res = RES_WRPRT;
else
res = sdmmc_sdcard_writesectors(sector, count, buff) == 0 ? RES_OK : RES_PARERR;
break;
}
case CTRNAND:
res = ctrNandWrite(sector, count, buff) == 0 ? RES_OK : RES_PARERR;
break;
default:
res = RES_NOTRDY;
break;
}
return res;
}
#endif
/*-----------------------------------------------------------------------*/
/* Miscellaneous Functions */
/*-----------------------------------------------------------------------*/
#if _USE_IOCTL
DRESULT disk_ioctl (
__attribute__((unused))
BYTE pdrv, /* Physical drive nmuber (0..) */
BYTE cmd, /* Control code */
__attribute__((unused))
void *buff /* Buffer to send/receive control data */
)
{
(void)pdrv;
(void)buff;
return cmd == CTRL_SYNC ? RES_OK : RES_PARERR;
}
#endif
// From GodMode9
#define BCDVALID(b) (((b)<=0x99)&&(((b)&0xF)<=0x9)&&((((b)>>4)&0xF)<=0x9))

26
arm9/source/fatfs/diskio.h
View File

@ -1,5 +1,5 @@
/*-----------------------------------------------------------------------/
/ Low level disk interface modlue include file (C)ChaN, 2014 /
/ Low level disk interface modlue include file (C)ChaN, 2019 /
/-----------------------------------------------------------------------*/
#ifndef _DISKIO_DEFINED
@ -9,12 +9,6 @@
extern "C" {
#endif
#define _USE_WRITE 1 /* 1: Enable disk_write function */
#define _USE_IOCTL 1 /* 1: Enable disk_ioctl fucntion */
#include "integer.h"
/* Status of Disk Functions */
typedef BYTE DSTATUS;
@ -34,11 +28,10 @@ typedef enum {
DSTATUS disk_initialize (BYTE pdrv);
DSTATUS disk_status (BYTE pdrv);
DRESULT disk_read (BYTE pdrv, BYTE* buff, DWORD sector, UINT count);
DRESULT disk_write (BYTE pdrv, const BYTE* buff, DWORD sector, UINT count);
DRESULT disk_read (BYTE pdrv, BYTE* buff, LBA_t sector, UINT count);
DRESULT disk_write (BYTE pdrv, const BYTE* buff, LBA_t sector, UINT count);
DRESULT disk_ioctl (BYTE pdrv, BYTE cmd, void* buff);
DWORD get_fattime( void ); // not a disk control function, but fits here
/* Disk Status Bits (DSTATUS) */
@ -50,11 +43,11 @@ DWORD get_fattime( void ); // not a disk control function, but fits here
/* Command code for disk_ioctrl fucntion */
/* Generic command (Used by FatFs) */
#define CTRL_SYNC 0 /* Complete pending write process (needed at _FS_READONLY == 0) */
#define GET_SECTOR_COUNT 1 /* Get media size (needed at _USE_MKFS == 1) */
#define GET_SECTOR_SIZE 2 /* Get sector size (needed at _MAX_SS != _MIN_SS) */
#define GET_BLOCK_SIZE 3 /* Get erase block size (needed at _USE_MKFS == 1) */
#define CTRL_TRIM 4 /* Inform device that the data on the block of sectors is no longer used (needed at _USE_TRIM == 1) */
#define CTRL_SYNC 0 /* Complete pending write process (needed at FF_FS_READONLY == 0) */
#define GET_SECTOR_COUNT 1 /* Get media size (needed at FF_USE_MKFS == 1) */
#define GET_SECTOR_SIZE 2 /* Get sector size (needed at FF_MAX_SS != FF_MIN_SS) */
#define GET_BLOCK_SIZE 3 /* Get erase block size (needed at FF_USE_MKFS == 1) */
#define CTRL_TRIM 4 /* Inform device that the data on the block of sectors is no longer used (needed at FF_USE_TRIM == 1) */
/* Generic command (Not used by FatFs) */
#define CTRL_POWER 5 /* Get/Set power status */
@ -68,6 +61,9 @@ DWORD get_fattime( void ); // not a disk control function, but fits here
#define MMC_GET_CID 12 /* Get CID */
#define MMC_GET_OCR 13 /* Get OCR */
#define MMC_GET_SDSTAT 14 /* Get SD status */
#define ISDIO_READ 55 /* Read data form SD iSDIO register */
#define ISDIO_WRITE 56 /* Write data to SD iSDIO register */
#define ISDIO_MRITE 57 /* Masked write data to SD iSDIO register */
/* ATA/CF specific ioctl command */
#define ATA_GET_REV 20 /* Get F/W revision */

2496
arm9/source/fatfs/ff.c
View File

File diff suppressed because it is too large Load Diff

172
arm9/source/fatfs/ff.h
View File

@ -1,8 +1,8 @@
/*----------------------------------------------------------------------------/
/ FatFs - Generic FAT Filesystem module R0.13c /
/ FatFs - Generic FAT Filesystem module R0.15 /
/-----------------------------------------------------------------------------/
/
/ Copyright (C) 2018, ChaN, all right reserved.
/ Copyright (C) 2022, ChaN, all right reserved.
/
/ FatFs module is an open source software. Redistribution and use of FatFs in
/ source and binary forms, with or without modification, are permitted provided
@ -20,7 +20,7 @@
#ifndef FF_DEFINED
#define FF_DEFINED 86604 /* Revision ID */
#define FF_DEFINED 80286 /* Revision ID */
#ifdef __cplusplus
extern "C" {
@ -35,51 +35,57 @@ extern "C" {
/* Integer types used for FatFs API */
#if defined(_WIN32) /* Main development platform */
#if defined(_WIN32) /* Windows VC++ (for development only) */
#define FF_INTDEF 2
#include <windows.h>
typedef unsigned __int64 QWORD;
#include <float.h>
#define isnan(v) _isnan(v)
#define isinf(v) (!_finite(v))
#elif (defined(__STDC_VERSION__) && __STDC_VERSION__ >= 199901L) || defined(__cplusplus) /* C99 or later */
#define FF_INTDEF 2
#include <stdint.h>
typedef unsigned int UINT; /* int must be 16-bit or 32-bit */
typedef unsigned char BYTE; /* char must be 8-bit */
typedef uint16_t WORD; /* 16-bit unsigned integer */
typedef uint16_t WCHAR; /* 16-bit unsigned integer */
typedef uint32_t DWORD; /* 32-bit unsigned integer */
typedef uint64_t QWORD; /* 64-bit unsigned integer */
typedef WORD WCHAR; /* UTF-16 character type */
#else /* Earlier than C99 */
#define FF_INTDEF 1
typedef unsigned int UINT; /* int must be 16-bit or 32-bit */
typedef unsigned char BYTE; /* char must be 8-bit */
typedef unsigned short WORD; /* 16-bit unsigned integer */
typedef unsigned short WCHAR; /* 16-bit unsigned integer */
typedef unsigned long DWORD; /* 32-bit unsigned integer */
typedef WORD WCHAR; /* UTF-16 character type */
#endif
/* Definitions of volume management */
/* Type of file size and LBA variables */
#if FF_MULTI_PARTITION /* Multiple partition configuration */
typedef struct {
BYTE pd; /* Physical drive number */
BYTE pt; /* Partition: 0:Auto detect, 1-4:Forced partition) */
} PARTITION;
extern PARTITION VolToPart[]; /* Volume - Partition resolution table */
#if FF_FS_EXFAT
#if FF_INTDEF != 2
#error exFAT feature wants C99 or later
#endif
#if FF_STR_VOLUME_ID
#ifndef FF_VOLUME_STRS
extern const char* VolumeStr[FF_VOLUMES]; /* User defied volume ID */
typedef QWORD FSIZE_t;
#if FF_LBA64
typedef QWORD LBA_t;
#else
typedef DWORD LBA_t;
#endif
#else
#if FF_LBA64
#error exFAT needs to be enabled when enable 64-bit LBA
#endif
typedef DWORD FSIZE_t;
typedef DWORD LBA_t;
#endif
/* Type of path name strings on FatFs API */
#ifndef _INC_TCHAR
#define _INC_TCHAR
/* Type of path name strings on FatFs API (TCHAR) */
#if FF_USE_LFN && FF_LFN_UNICODE == 1 /* Unicode in UTF-16 encoding */
typedef WCHAR TCHAR;
@ -101,19 +107,22 @@ typedef char TCHAR;
#define _TEXT(x) x
#endif
/* Definitions of volume management */
#if FF_MULTI_PARTITION /* Multiple partition configuration */
typedef struct {
BYTE pd; /* Physical drive number */
BYTE pt; /* Partition: 0:Auto detect, 1-4:Forced partition) */
} PARTITION;
extern PARTITION VolToPart[]; /* Volume - Partition mapping table */
#endif
/* Type of file size variables */
#if FF_FS_EXFAT
#if FF_INTDEF != 2
#error exFAT feature wants C99 or later
#if FF_STR_VOLUME_ID
#ifndef FF_VOLUME_STRS
extern const char* VolumeStr[FF_VOLUMES]; /* User defied volume ID */
#endif
typedef QWORD FSIZE_t;
#else
typedef DWORD FSIZE_t;
#endif
@ -122,10 +131,11 @@ typedef DWORD FSIZE_t;
typedef struct {
BYTE fs_type; /* Filesystem type (0:not mounted) */
BYTE pdrv; /* Associated physical drive */
BYTE pdrv; /* Volume hosting physical drive */
BYTE ldrv; /* Logical drive number (used only when FF_FS_REENTRANT) */
BYTE n_fats; /* Number of FATs (1 or 2) */
BYTE wflag; /* win[] flag (b0:dirty) */
BYTE fsi_flag; /* FSINFO flags (b7:disabled, b0:dirty) */
BYTE wflag; /* win[] status (b0:dirty) */
BYTE fsi_flag; /* FSINFO status (b7:disabled, b0:dirty) */
WORD id; /* Volume mount ID */
WORD n_rootdir; /* Number of root directory entries (FAT12/16) */
WORD csize; /* Cluster size [sectors] */
@ -138,9 +148,6 @@ typedef struct {
#if FF_FS_EXFAT
BYTE* dirbuf; /* Directory entry block scratchpad buffer for exFAT */
#endif
#if FF_FS_REENTRANT
FF_SYNC_t sobj; /* Identifier of sync object */
#endif
#if !FF_FS_READONLY
DWORD last_clst; /* Last allocated cluster */
DWORD free_clst; /* Number of free clusters */
@ -154,15 +161,15 @@ typedef struct {
#endif
#endif
DWORD n_fatent; /* Number of FAT entries (number of clusters + 2) */
DWORD fsize; /* Size of an FAT [sectors] */
DWORD volbase; /* Volume base sector */
DWORD fatbase; /* FAT base sector */
DWORD dirbase; /* Root directory base sector/cluster */
DWORD database; /* Data base sector */
DWORD fsize; /* Number of sectors per FAT */
LBA_t volbase; /* Volume base sector */
LBA_t fatbase; /* FAT base sector */
LBA_t dirbase; /* Root directory base sector (FAT12/16) or cluster (FAT32/exFAT) */
LBA_t database; /* Data base sector */
#if FF_FS_EXFAT
DWORD bitbase; /* Allocation bitmap base sector */
LBA_t bitbase; /* Allocation bitmap base sector */
#endif
DWORD winsect; /* Current sector appearing in the win[] */
LBA_t winsect; /* Current sector appearing in the win[] */
BYTE win[FF_MAX_SS]; /* Disk access window for Directory, FAT (and file data at tiny cfg) */
} FATFS;
@ -172,7 +179,7 @@ typedef struct {
typedef struct {
FATFS* fs; /* Pointer to the hosting volume of this object */
WORD id; /* Hosting volume mount ID */
WORD id; /* Hosting volume's mount ID */
BYTE attr; /* Object attribute */
BYTE stat; /* Object chain status (b1-0: =0:not contiguous, =2:contiguous, =3:fragmented in this session, b2:sub-directory stretched) */
DWORD sclust; /* Object data start cluster (0:no cluster or root directory) */
@ -199,9 +206,9 @@ typedef struct {
BYTE err; /* Abort flag (error code) */
FSIZE_t fptr; /* File read/write pointer (Zeroed on file open) */
DWORD clust; /* Current cluster of fpter (invalid when fptr is 0) */
DWORD sect; /* Sector number appearing in buf[] (0:invalid) */
LBA_t sect; /* Sector number appearing in buf[] (0:invalid) */
#if !FF_FS_READONLY
DWORD dir_sect; /* Sector number containing the directory entry (not used at exFAT) */
LBA_t dir_sect; /* Sector number containing the directory entry (not used at exFAT) */
BYTE* dir_ptr; /* Pointer to the directory entry in the win[] (not used at exFAT) */
#endif
#if FF_USE_FASTSEEK
@ -220,7 +227,7 @@ typedef struct {
FFOBJID obj; /* Object identifier */
DWORD dptr; /* Current read/write offset */
DWORD clust; /* Current cluster */
DWORD sect; /* Current sector (0:Read operation has terminated) */
LBA_t sect; /* Current sector (0:Read operation has terminated) */
BYTE* dir; /* Pointer to the directory item in the win[] */
BYTE fn[12]; /* SFN (in/out) {body[8],ext[3],status[1]} */
#if FF_USE_LFN
@ -241,7 +248,7 @@ typedef struct {
WORD ftime; /* Modified time */
BYTE fattrib; /* File attribute */
#if FF_USE_LFN
TCHAR altname[FF_SFN_BUF + 1];/* Altenative file name */
TCHAR altname[FF_SFN_BUF + 1];/* Alternative file name */
TCHAR fname[FF_LFN_BUF + 1]; /* Primary file name */
#else
TCHAR fname[12 + 1]; /* File name */
@ -250,6 +257,18 @@ typedef struct {
/* Format parameter structure (MKFS_PARM) */
typedef struct {
BYTE fmt; /* Format option (FM_FAT, FM_FAT32, FM_EXFAT and FM_SFD) */
BYTE n_fat; /* Number of FATs */
UINT align; /* Data area alignment (sector) */
UINT n_root; /* Number of root directory entries */
DWORD au_size; /* Cluster size (byte) */
} MKFS_PARM;
/* File function return code (FRESULT) */
typedef enum {
@ -277,8 +296,10 @@ typedef enum {
/*--------------------------------------------------------------*/
/* FatFs Module Application Interface */
/*--------------------------------------------------------------*/
/* FatFs module application interface */
FRESULT f_open (FIL* fp, const TCHAR* path, BYTE mode); /* Open or create a file */
FRESULT f_close (FIL* fp); /* Close an open file object */
@ -305,16 +326,18 @@ FRESULT f_getfree (const TCHAR* path, DWORD* nclst, FATFS** fatfs); /* Get numbe
FRESULT f_getlabel (const TCHAR* path, TCHAR* label, DWORD* vsn); /* Get volume label */
FRESULT f_setlabel (const TCHAR* label); /* Set volume label */
FRESULT f_forward (FIL* fp, UINT(*func)(const BYTE*,UINT), UINT btf, UINT* bf); /* Forward data to the stream */
FRESULT f_expand (FIL* fp, FSIZE_t szf, BYTE opt); /* Allocate a contiguous block to the file */
FRESULT f_expand (FIL* fp, FSIZE_t fsz, BYTE opt); /* Allocate a contiguous block to the file */
FRESULT f_mount (FATFS* fs, const TCHAR* path, BYTE opt); /* Mount/Unmount a logical drive */
FRESULT f_mkfs (const TCHAR* path, BYTE opt, DWORD au, void* work, UINT len); /* Create a FAT volume */
FRESULT f_fdisk (BYTE pdrv, const DWORD* szt, void* work); /* Divide a physical drive into some partitions */
FRESULT f_mkfs (const TCHAR* path, const MKFS_PARM* opt, void* work, UINT len); /* Create a FAT volume */
FRESULT f_fdisk (BYTE pdrv, const LBA_t ptbl[], void* work); /* Divide a physical drive into some partitions */
FRESULT f_setcp (WORD cp); /* Set current code page */
int f_putc (TCHAR c, FIL* fp); /* Put a character to the file */
int f_puts (const TCHAR* str, FIL* cp); /* Put a string to the file */
int f_printf (FIL* fp, const TCHAR* str, ...); /* Put a formatted string to the file */
TCHAR* f_gets (TCHAR* buff, int len, FIL* fp); /* Get a string from the file */
/* Some API fucntions are implemented as macro */
#define f_eof(fp) ((int)((fp)->fptr == (fp)->obj.objsize))
#define f_error(fp) ((fp)->err)
#define f_tell(fp) ((fp)->fptr)
@ -324,46 +347,47 @@ TCHAR* f_gets (TCHAR* buff, int len, FIL* fp); /* Get a string from the fil
#define f_rmdir(path) f_unlink(path)
#define f_unmount(path) f_mount(0, path, 0)
#ifndef EOF
#define EOF (-1)
#endif
/*--------------------------------------------------------------*/
/* Additional user defined functions */
/* Additional Functions */
/*--------------------------------------------------------------*/
/* RTC function */
/* RTC function (provided by user) */
#if !FF_FS_READONLY && !FF_FS_NORTC
DWORD get_fattime (void);
DWORD get_fattime (void); /* Get current time */
#endif
/* LFN support functions */
#if FF_USE_LFN >= 1 /* Code conversion (defined in unicode.c) */
/* LFN support functions (defined in ffunicode.c) */
#if FF_USE_LFN >= 1
WCHAR ff_oem2uni (WCHAR oem, WORD cp); /* OEM code to Unicode conversion */
WCHAR ff_uni2oem (DWORD uni, WORD cp); /* Unicode to OEM code conversion */
DWORD ff_wtoupper (DWORD uni); /* Unicode upper-case conversion */
#endif
#if FF_USE_LFN == 3 /* Dynamic memory allocation */
void* ff_memalloc (UINT msize); /* Allocate memory block */
void ff_memfree (void* mblock); /* Free memory block */
#endif
/* Sync functions */
#if FF_FS_REENTRANT
int ff_cre_syncobj (BYTE vol, FF_SYNC_t* sobj); /* Create a sync object */
int ff_req_grant (FF_SYNC_t sobj); /* Lock sync object */
void ff_rel_grant (FF_SYNC_t sobj); /* Unlock sync object */
int ff_del_syncobj (FF_SYNC_t sobj); /* Delete a sync object */
/* O/S dependent functions (samples available in ffsystem.c) */
#if FF_USE_LFN == 3 /* Dynamic memory allocation */
void* ff_memalloc (UINT msize); /* Allocate memory block */
void ff_memfree (void* mblock); /* Free memory block */
#endif
#if FF_FS_REENTRANT /* Sync functions */
int ff_mutex_create (int vol); /* Create a sync object */
void ff_mutex_delete (int vol); /* Delete a sync object */
int ff_mutex_take (int vol); /* Lock sync object */
void ff_mutex_give (int vol); /* Unlock sync object */
#endif
/*--------------------------------------------------------------*/
/* Flags and offset address */
/* Flags and Offset Address */
/*--------------------------------------------------------------*/
/* File access mode and open method flags (3rd argument of f_open) */
#define FA_READ 0x01

126
arm9/source/fatfs/ffconf.h
View File

@ -1,8 +1,8 @@
/*---------------------------------------------------------------------------/
/ FatFs Functional Configurations
/ Configurations of FatFs Module
/---------------------------------------------------------------------------*/
#define FFCONF_DEF 86604 /* Revision ID */
#define FFCONF_DEF 80286 /* Revision ID */
/*---------------------------------------------------------------------------/
/ Function Configurations
@ -25,14 +25,6 @@
/ 3: f_lseek() function is removed in addition to 2. */
#define FF_USE_STRFUNC 0
/* This option switches string functions, f_gets(), f_putc(), f_puts() and f_printf().
/
/ 0: Disable string functions.
/ 1: Enable without LF-CRLF conversion.
/ 2: Enable with LF-CRLF conversion. */
#define FF_USE_FIND 1
/* This option switches filtered directory read functions, f_findfirst() and
/ f_findnext(). (0:Disable, 1:Enable 2:Enable with matching altname[] too) */
@ -64,6 +56,30 @@
/* This option switches f_forward() function. (0:Disable or 1:Enable) */
#define FF_USE_STRFUNC 0
#define FF_PRINT_LLI 1
#define FF_PRINT_FLOAT 1
#define FF_STRF_ENCODE 3
/* FF_USE_STRFUNC switches string functions, f_gets(), f_putc(), f_puts() and
/ f_printf().
/
/ 0: Disable. FF_PRINT_LLI, FF_PRINT_FLOAT and FF_STRF_ENCODE have no effect.
/ 1: Enable without LF-CRLF conversion.
/ 2: Enable with LF-CRLF conversion.
/
/ FF_PRINT_LLI = 1 makes f_printf() support long long argument and FF_PRINT_FLOAT = 1/2
/ makes f_printf() support floating point argument. These features want C99 or later.
/ When FF_LFN_UNICODE >= 1 with LFN enabled, string functions convert the character
/ encoding in it. FF_STRF_ENCODE selects assumption of character encoding ON THE FILE
/ to be read/written via those functions.
/
/ 0: ANSI/OEM in current CP
/ 1: Unicode in UTF-16LE
/ 2: Unicode in UTF-16BE
/ 3: Unicode in UTF-8
*/
/*---------------------------------------------------------------------------/
/ Locale and Namespace Configurations
/---------------------------------------------------------------------------*/
@ -102,7 +118,7 @@
/* The FF_USE_LFN switches the support for LFN (long file name).
/
/ 0: Disable LFN. FF_MAX_LFN has no effect.
/ 1: Enable LFN with static working buffer on the BSS. Always NOT thread-safe.
/ 1: Enable LFN with static working buffer on the BSS. Always NOT thread-safe.
/ 2: Enable LFN with dynamic working buffer on the STACK.
/ 3: Enable LFN with dynamic working buffer on the HEAP.
/
@ -110,11 +126,11 @@
/ requiers certain internal working buffer occupies (FF_MAX_LFN + 1) * 2 bytes and
/ additional (FF_MAX_LFN + 44) / 15 * 32 bytes when exFAT is enabled.
/ The FF_MAX_LFN defines size of the working buffer in UTF-16 code unit and it can
/ be in range of 12 to 255. It is recommended to be set 255 to fully support LFN
/ be in range of 12 to 255. It is recommended to be set it 255 to fully support LFN
/ specification.
/ When use stack for the working buffer, take care on stack overflow. When use heap
/ memory for the working buffer, memory management functions, ff_memalloc() and
/ ff_memfree() in ffsystem.c, need to be added to the project. */
/ ff_memfree() exemplified in ffsystem.c, need to be added to the project. */
#define FF_LFN_UNICODE 2
@ -137,19 +153,6 @@
/ on character encoding. When LFN is not enabled, these options have no effect. */
#define FF_STRF_ENCODE 3
/* When FF_LFN_UNICODE >= 1 with LFN enabled, string I/O functions, f_gets(),
/ f_putc(), f_puts and f_printf() convert the character encoding in it.
/ This option selects assumption of character encoding ON THE FILE to be
/ read/written via those functions.
/
/ 0: ANSI/OEM in current CP
/ 1: Unicode in UTF-16LE
/ 2: Unicode in UTF-16BE
/ 3: Unicode in UTF-8
*/
#define FF_FS_RPATH 1
/* This option configures support for relative path.
/
@ -167,15 +170,15 @@
/* Number of volumes (logical drives) to be used. (1-10) */
#define FF_STR_VOLUME_ID 0
#define FF_VOLUME_STRS "RAM","NAND","CF","SD","SD2","USB","USB2","USB3"
#define FF_STR_VOLUME_ID 1
#define FF_VOLUME_STRS "sdmc", "nand"
/* FF_STR_VOLUME_ID switches support for volume ID in arbitrary strings.
/ When FF_STR_VOLUME_ID is set to 1 or 2, arbitrary strings can be used as drive
/ number in the path name. FF_VOLUME_STRS defines the volume ID strings for each
/ logical drives. Number of items must not be less than FF_VOLUMES. Valid
/ characters for the volume ID strings are A-Z, a-z and 0-9, however, they are
/ compared in case-insensitive. If FF_STR_VOLUME_ID >= 1 and FF_VOLUME_STRS is
/ not defined, a user defined volume string table needs to be defined as:
/ not defined, a user defined volume string table is needed as:
/
/ const char* VolumeStr[FF_VOLUMES] = {"ram","flash","sd","usb",...
*/
@ -187,37 +190,35 @@
/ number and only an FAT volume found on the physical drive will be mounted.
/ When this function is enabled (1), each logical drive number can be bound to
/ arbitrary physical drive and partition listed in the VolToPart[]. Also f_fdisk()
/ funciton will be available. */
/ function will be available. */
#define FF_MIN_SS 512
#define FF_MAX_SS 512
/* This set of options configures the range of sector size to be supported. (512,
/ 1024, 2048 or 4096) Always set both 512 for most systems, generic memory card and
/ harddisk. But a larger value may be required for on-board flash memory and some
/ harddisk, but a larger value may be required for on-board flash memory and some
/ type of optical media. When FF_MAX_SS is larger than FF_MIN_SS, FatFs is configured
/ for variable sector size mode and disk_ioctl() function needs to implement
/ GET_SECTOR_SIZE command. */
#define FF_LBA64 0
/* This option switches support for 64-bit LBA. (0:Disable or 1:Enable)
/ To enable the 64-bit LBA, also exFAT needs to be enabled. (FF_FS_EXFAT == 1) */
#define FF_MIN_GPT 0x10000000
/* Minimum number of sectors to switch GPT as partitioning format in f_mkfs and
/ f_fdisk function. 0x100000000 max. This option has no effect when FF_LBA64 == 0. */
#define FF_USE_TRIM 0
/* This option switches support for ATA-TRIM. (0:Disable or 1:Enable)
/ To enable Trim function, also CTRL_TRIM command should be implemented to the
/ disk_ioctl() function. */
#define FF_FS_NOFSINFO 0
/* If you need to know correct free space on the FAT32 volume, set bit 0 of this
/ option, and f_getfree() function at first time after volume mount will force
/ a full FAT scan. Bit 1 controls the use of last allocated cluster number.
/
/ bit0=0: Use free cluster count in the FSINFO if available.
/ bit0=1: Do not trust free cluster count in the FSINFO.
/ bit1=0: Use last allocated cluster number in the FSINFO if available.
/ bit1=1: Do not trust last allocated cluster number in the FSINFO.
*/
/*---------------------------------------------------------------------------/
/ System Configurations
@ -239,15 +240,27 @@
#define FF_FS_NORTC 0
#define FF_NORTC_MON 1
#define FF_NORTC_MDAY 1
#define FF_NORTC_YEAR 2019
/* The option FF_FS_NORTC switches timestamp functiton. If the system does not have
/ any RTC function or valid timestamp is not needed, set FF_FS_NORTC = 1 to disable
/ the timestamp function. Every object modified by FatFs will have a fixed timestamp
#define FF_NORTC_YEAR 2022
/* The option FF_FS_NORTC switches timestamp feature. If the system does not have
/ an RTC or valid timestamp is not needed, set FF_FS_NORTC = 1 to disable the
/ timestamp feature. Every object modified by FatFs will have a fixed timestamp
/ defined by FF_NORTC_MON, FF_NORTC_MDAY and FF_NORTC_YEAR in local time.
/ To enable timestamp function (FF_FS_NORTC = 0), get_fattime() function need to be
/ added to the project to read current time form real-time clock. FF_NORTC_MON,
/ FF_NORTC_MDAY and FF_NORTC_YEAR have no effect.
/ These options have no effect at read-only configuration (FF_FS_READONLY = 1). */
/ These options have no effect in read-only configuration (FF_FS_READONLY = 1). */
#define FF_FS_NOFSINFO 0
/* If you need to know correct free space on the FAT32 volume, set bit 0 of this
/ option, and f_getfree() function at the first time after volume mount will force
/ a full FAT scan. Bit 1 controls the use of last allocated cluster number.
/
/ bit0=0: Use free cluster count in the FSINFO if available.
/ bit0=1: Do not trust free cluster count in the FSINFO.
/ bit1=0: Use last allocated cluster number in the FSINFO if available.
/ bit1=1: Do not trust last allocated cluster number in the FSINFO.
*/
#define FF_FS_LOCK 0
@ -262,26 +275,21 @@
/ lock control is independent of re-entrancy. */
/* #include <somertos.h> // O/S definitions */
#define FF_FS_REENTRANT 0
#define FF_FS_TIMEOUT 1000
#define FF_SYNC_t HANDLE
/* The option FF_FS_REENTRANT switches the re-entrancy (thread safe) of the FatFs
/ module itself. Note that regardless of this option, file access to different
/ volume is always re-entrant and volume control functions, f_mount(), f_mkfs()
/ and f_fdisk() function, are always not re-entrant. Only file/directory access
/ to the same volume is under control of this function.
/ to the same volume is under control of this featuer.
/
/ 0: Disable re-entrancy. FF_FS_TIMEOUT and FF_SYNC_t have no effect.
/ 0: Disable re-entrancy. FF_FS_TIMEOUT have no effect.
/ 1: Enable re-entrancy. Also user provided synchronization handlers,
/ ff_req_grant(), ff_rel_grant(), ff_del_syncobj() and ff_cre_syncobj()
/ function, must be added to the project. Samples are available in
/ option/syscall.c.
/ ff_mutex_create(), ff_mutex_delete(), ff_mutex_take() and ff_mutex_give()
/ function, must be added to the project. Samples are available in ffsystem.c.
/
/ The FF_FS_TIMEOUT defines timeout period in unit of time tick.
/ The FF_SYNC_t defines O/S dependent sync object type. e.g. HANDLE, ID, OS_EVENT*,
/ SemaphoreHandle_t and etc. A header file for O/S definitions needs to be
/ included somewhere in the scope of ff.h. */
/ The FF_FS_TIMEOUT defines timeout period in unit of O/S time tick.
*/

300
arm9/source/fatfs/ffsystem.c
View File

@ -1,170 +1,208 @@
/*------------------------------------------------------------------------*/
/* Sample Code of OS Dependent Functions for FatFs */
/* (C)ChaN, 2018 */
/* A Sample Code of User Provided OS Dependent Functions for FatFs */
/*------------------------------------------------------------------------*/
#include "ff.h"
#if FF_USE_LFN == 3 /* Dynamic memory allocation */
#if FF_USE_LFN == 3 /* Use dynamic memory allocation */
/*------------------------------------------------------------------------*/
/* Allocate a memory block */
/* Allocate/Free a Memory Block */
/*------------------------------------------------------------------------*/
#include <stdlib.h> /* with POSIX API */
void* ff_memalloc ( /* Returns pointer to the allocated memory block (null if not enough core) */
UINT msize /* Number of bytes to allocate */
)
{
return malloc(msize); /* Allocate a new memory block with POSIX API */
return malloc((size_t)msize); /* Allocate a new memory block */
}
/*------------------------------------------------------------------------*/
/* Free a memory block */
/*------------------------------------------------------------------------*/
void ff_memfree (
void* mblock /* Pointer to the memory block to free (nothing to do if null) */
void* mblock /* Pointer to the memory block to free (no effect if null) */
)
{
free(mblock); /* Free the memory block with POSIX API */
free(mblock); /* Free the memory block */
}
#endif
#if FF_FS_REENTRANT /* Mutal exclusion */
/*------------------------------------------------------------------------*/
/* Create a Synchronization Object */
/* Definitions of Mutex */
/*------------------------------------------------------------------------*/
/* This function is called in f_mount() function to create a new
/ synchronization object for the volume, such as semaphore and mutex.
/ When a 0 is returned, the f_mount() function fails with FR_INT_ERR.
*/
//const osMutexDef_t Mutex[FF_VOLUMES]; /* Table of CMSIS-RTOS mutex */
#define OS_TYPE 0 /* 0:Win32, 1:uITRON4.0, 2:uC/OS-II, 3:FreeRTOS, 4:CMSIS-RTOS */
int ff_cre_syncobj ( /* 1:Function succeeded, 0:Could not create the sync object */
BYTE vol, /* Corresponding volume (logical drive number) */
FF_SYNC_t* sobj /* Pointer to return the created sync object */
)
{
/* Win32 */
*sobj = CreateMutex(NULL, FALSE, NULL);
return (int)(*sobj != INVALID_HANDLE_VALUE);
#if OS_TYPE == 0 /* Win32 */
#include <windows.h>
static HANDLE Mutex[FF_VOLUMES + 1]; /* Table of mutex handle */
/* uITRON */
// T_CSEM csem = {TA_TPRI,1,1};
// *sobj = acre_sem(&csem);
// return (int)(*sobj > 0);
#elif OS_TYPE == 1 /* uITRON */
#include "itron.h"
#include "kernel.h"
static mtxid Mutex[FF_VOLUMES + 1]; /* Table of mutex ID */
/* uC/OS-II */
// OS_ERR err;
// *sobj = OSMutexCreate(0, &err);
// return (int)(err == OS_NO_ERR);
#elif OS_TYPE == 2 /* uc/OS-II */
#include "includes.h"
static OS_EVENT *Mutex[FF_VOLUMES + 1]; /* Table of mutex pinter */
/* FreeRTOS */
// *sobj = xSemaphoreCreateMutex();
// return (int)(*sobj != NULL);
#elif OS_TYPE == 3 /* FreeRTOS */
#include "FreeRTOS.h"
#include "semphr.h"
static SemaphoreHandle_t Mutex[FF_VOLUMES + 1]; /* Table of mutex handle */
/* CMSIS-RTOS */
// *sobj = osMutexCreate(&Mutex[vol]);
// return (int)(*sobj != NULL);
}
/*------------------------------------------------------------------------*/
/* Delete a Synchronization Object */
/*------------------------------------------------------------------------*/
/* This function is called in f_mount() function to delete a synchronization
/ object that created with ff_cre_syncobj() function. When a 0 is returned,
/ the f_mount() function fails with FR_INT_ERR.
*/
int ff_del_syncobj ( /* 1:Function succeeded, 0:Could not delete due to an error */
FF_SYNC_t sobj /* Sync object tied to the logical drive to be deleted */
)
{
/* Win32 */
return (int)CloseHandle(sobj);
/* uITRON */
// return (int)(del_sem(sobj) == E_OK);
/* uC/OS-II */
// OS_ERR err;
// OSMutexDel(sobj, OS_DEL_ALWAYS, &err);
// return (int)(err == OS_NO_ERR);
/* FreeRTOS */
// vSemaphoreDelete(sobj);
// return 1;
/* CMSIS-RTOS */
// return (int)(osMutexDelete(sobj) == osOK);
}
/*------------------------------------------------------------------------*/
/* Request Grant to Access the Volume */
/*------------------------------------------------------------------------*/
/* This function is called on entering file functions to lock the volume.
/ When a 0 is returned, the file function fails with FR_TIMEOUT.
*/
int ff_req_grant ( /* 1:Got a grant to access the volume, 0:Could not get a grant */
FF_SYNC_t sobj /* Sync object to wait */
)
{
/* Win32 */
return (int)(WaitForSingleObject(sobj, FF_FS_TIMEOUT) == WAIT_OBJECT_0);
/* uITRON */
// return (int)(wai_sem(sobj) == E_OK);
/* uC/OS-II */
// OS_ERR err;
// OSMutexPend(sobj, FF_FS_TIMEOUT, &err));
// return (int)(err == OS_NO_ERR);
/* FreeRTOS */
// return (int)(xSemaphoreTake(sobj, FF_FS_TIMEOUT) == pdTRUE);
/* CMSIS-RTOS */
// return (int)(osMutexWait(sobj, FF_FS_TIMEOUT) == osOK);
}
/*------------------------------------------------------------------------*/
/* Release Grant to Access the Volume */
/*------------------------------------------------------------------------*/
/* This function is called on leaving file functions to unlock the volume.
*/
void ff_rel_grant (
FF_SYNC_t sobj /* Sync object to be signaled */
)
{
/* Win32 */
ReleaseMutex(sobj);
/* uITRON */
// sig_sem(sobj);
/* uC/OS-II */
// OSMutexPost(sobj);
/* FreeRTOS */
// xSemaphoreGive(sobj);
/* CMSIS-RTOS */
// osMutexRelease(sobj);
}
#elif OS_TYPE == 4 /* CMSIS-RTOS */
#include "cmsis_os.h"
static osMutexId Mutex[FF_VOLUMES + 1]; /* Table of mutex ID */
#endif
/*------------------------------------------------------------------------*/
/* Create a Mutex */
/*------------------------------------------------------------------------*/
/* This function is called in f_mount function to create a new mutex
/ or semaphore for the volume. When a 0 is returned, the f_mount function
/ fails with FR_INT_ERR.
*/
int ff_mutex_create ( /* Returns 1:Function succeeded or 0:Could not create the mutex */
int vol /* Mutex ID: Volume mutex (0 to FF_VOLUMES - 1) or system mutex (FF_VOLUMES) */
)
{
#if OS_TYPE == 0 /* Win32 */
Mutex[vol] = CreateMutex(NULL, FALSE, NULL);
return (int)(Mutex[vol] != INVALID_HANDLE_VALUE);
#elif OS_TYPE == 1 /* uITRON */
T_CMTX cmtx = {TA_TPRI,1};
Mutex[vol] = acre_mtx(&cmtx);
return (int)(Mutex[vol] > 0);
#elif OS_TYPE == 2 /* uC/OS-II */
OS_ERR err;
Mutex[vol] = OSMutexCreate(0, &err);
return (int)(err == OS_NO_ERR);
#elif OS_TYPE == 3 /* FreeRTOS */
Mutex[vol] = xSemaphoreCreateMutex();
return (int)(Mutex[vol] != NULL);
#elif OS_TYPE == 4 /* CMSIS-RTOS */
osMutexDef(cmsis_os_mutex);
Mutex[vol] = osMutexCreate(osMutex(cmsis_os_mutex));
return (int)(Mutex[vol] != NULL);
#endif
}
/*------------------------------------------------------------------------*/
/* Delete a Mutex */
/*------------------------------------------------------------------------*/
/* This function is called in f_mount function to delete a mutex or
/ semaphore of the volume created with ff_mutex_create function.
*/
void ff_mutex_delete ( /* Returns 1:Function succeeded or 0:Could not delete due to an error */
int vol /* Mutex ID: Volume mutex (0 to FF_VOLUMES - 1) or system mutex (FF_VOLUMES) */
)
{
#if OS_TYPE == 0 /* Win32 */
CloseHandle(Mutex[vol]);
#elif OS_TYPE == 1 /* uITRON */
del_mtx(Mutex[vol]);
#elif OS_TYPE == 2 /* uC/OS-II */
OS_ERR err;
OSMutexDel(Mutex[vol], OS_DEL_ALWAYS, &err);
#elif OS_TYPE == 3 /* FreeRTOS */
vSemaphoreDelete(Mutex[vol]);
#elif OS_TYPE == 4 /* CMSIS-RTOS */
osMutexDelete(Mutex[vol]);
#endif
}
/*------------------------------------------------------------------------*/
/* Request a Grant to Access the Volume */
/*------------------------------------------------------------------------*/
/* This function is called on enter file functions to lock the volume.
/ When a 0 is returned, the file function fails with FR_TIMEOUT.
*/
int ff_mutex_take ( /* Returns 1:Succeeded or 0:Timeout */
int vol /* Mutex ID: Volume mutex (0 to FF_VOLUMES - 1) or system mutex (FF_VOLUMES) */
)
{
#if OS_TYPE == 0 /* Win32 */
return (int)(WaitForSingleObject(Mutex[vol], FF_FS_TIMEOUT) == WAIT_OBJECT_0);
#elif OS_TYPE == 1 /* uITRON */
return (int)(tloc_mtx(Mutex[vol], FF_FS_TIMEOUT) == E_OK);
#elif OS_TYPE == 2 /* uC/OS-II */
OS_ERR err;
OSMutexPend(Mutex[vol], FF_FS_TIMEOUT, &err));
return (int)(err == OS_NO_ERR);
#elif OS_TYPE == 3 /* FreeRTOS */
return (int)(xSemaphoreTake(Mutex[vol], FF_FS_TIMEOUT) == pdTRUE);
#elif OS_TYPE == 4 /* CMSIS-RTOS */
return (int)(osMutexWait(Mutex[vol], FF_FS_TIMEOUT) == osOK);
#endif
}
/*------------------------------------------------------------------------*/
/* Release a Grant to Access the Volume */
/*------------------------------------------------------------------------*/
/* This function is called on leave file functions to unlock the volume.
*/
void ff_mutex_give (
int vol /* Mutex ID: Volume mutex (0 to FF_VOLUMES - 1) or system mutex (FF_VOLUMES) */
)
{
#if OS_TYPE == 0 /* Win32 */
ReleaseMutex(Mutex[vol]);
#elif OS_TYPE == 1 /* uITRON */
unl_mtx(Mutex[vol]);
#elif OS_TYPE == 2 /* uC/OS-II */
OSMutexPost(Mutex[vol]);
#elif OS_TYPE == 3 /* FreeRTOS */
xSemaphoreGive(Mutex[vol]);
#elif OS_TYPE == 4 /* CMSIS-RTOS */
osMutexRelease(Mutex[vol]);
#endif
}
#endif /* FF_FS_REENTRANT */

54
arm9/source/fatfs/ffunicode.c
View File

@ -1,13 +1,13 @@
/*------------------------------------------------------------------------*/
/* Unicode handling functions for FatFs R0.13c */
/* Unicode Handling Functions for FatFs R0.13 and Later */
/*------------------------------------------------------------------------*/
/* This module will occupy a huge memory in the .rodata section when the */
/* FatFs is configured for LFN with DBCS. If the system has a Unicode */
/* library for the code conversion, this module should be modified to use */
/* it to avoid silly memory consumption. */
/*------------------------------------------------------------------------*/
/* This module will occupy a huge memory in the .const section when the /
/ FatFs is configured for LFN with DBCS. If the system has any Unicode /
/ utilitiy for the code conversion, this module should be modified to use /
/ that function to avoid silly memory consumption. /
/-------------------------------------------------------------------------*/
/*
/ Copyright (C) 2018, ChaN, all right reserved.
/ Copyright (C) 2022, ChaN, all right reserved.
/
/ FatFs module is an open source software. Redistribution and use of FatFs in
/ source and binary forms, with or without modification, are permitted provided
@ -25,11 +25,7 @@
#include "ff.h"
#if FF_USE_LFN /* This module will be blanked at non-LFN configuration */
#if FF_DEFINED != 86604 /* Revision ID */
#error Wrong include file (ff.h).
#endif
#if FF_USE_LFN != 0 /* This module will be blanked if in non-LFN configuration */
#define MERGE2(a, b) a ## b
#define CVTBL(tbl, cp) MERGE2(tbl, cp)
@ -15218,8 +15214,8 @@ static const WCHAR uc869[] = { /* CP869(Greek 2) to Unicode conversion table */
/*------------------------------------------------------------------------*/
/* OEM <==> Unicode conversions for static code page configuration */
/* SBCS fixed code page */
/* OEM <==> Unicode Conversions for Static Code Page Configuration with */
/* SBCS Fixed Code Page */
/*------------------------------------------------------------------------*/
#if FF_CODE_PAGE != 0 && FF_CODE_PAGE < 900
@ -15229,7 +15225,7 @@ WCHAR ff_uni2oem ( /* Returns OEM code character, zero on error */
)
{
WCHAR c = 0;
const WCHAR *p = CVTBL(uc, FF_CODE_PAGE);
const WCHAR* p = CVTBL(uc, FF_CODE_PAGE);
if (uni < 0x80) { /* ASCII? */
@ -15245,13 +15241,13 @@ WCHAR ff_uni2oem ( /* Returns OEM code character, zero on error */
return c;
}
WCHAR ff_oem2uni ( /* Returns Unicode character, zero on error */
WCHAR ff_oem2uni ( /* Returns Unicode character in UTF-16, zero on error */
WCHAR oem, /* OEM code to be converted */
WORD cp /* Code page for the conversion */
)
{
WCHAR c = 0;
const WCHAR *p = CVTBL(uc, FF_CODE_PAGE);
const WCHAR* p = CVTBL(uc, FF_CODE_PAGE);
if (oem < 0x80) { /* ASCII? */
@ -15271,8 +15267,8 @@ WCHAR ff_oem2uni ( /* Returns Unicode character, zero on error */
/*------------------------------------------------------------------------*/
/* OEM <==> Unicode conversions for static code page configuration */
/* DBCS fixed code page */
/* OEM <==> Unicode Conversions for Static Code Page Configuration with */
/* DBCS Fixed Code Page */
/*------------------------------------------------------------------------*/
#if FF_CODE_PAGE >= 900
@ -15281,7 +15277,7 @@ WCHAR ff_uni2oem ( /* Returns OEM code character, zero on error */
WORD cp /* Code page for the conversion */
)
{
const WCHAR *p;
const WCHAR* p;
WCHAR c = 0, uc;
UINT i = 0, n, li, hi;
@ -15312,12 +15308,12 @@ WCHAR ff_uni2oem ( /* Returns OEM code character, zero on error */
}
WCHAR ff_oem2uni ( /* Returns Unicode character, zero on error */
WCHAR ff_oem2uni ( /* Returns Unicode character in UTF-16, zero on error */
WCHAR oem, /* OEM code to be converted */
WORD cp /* Code page for the conversion */
)
{
const WCHAR *p;
const WCHAR* p;
WCHAR c = 0;
UINT i = 0, n, li, hi;
@ -15350,7 +15346,7 @@ WCHAR ff_oem2uni ( /* Returns Unicode character, zero on error */
/*------------------------------------------------------------------------*/
/* OEM <==> Unicode conversions for dynamic code page configuration */
/* OEM <==> Unicode Conversions for Dynamic Code Page Configuration */
/*------------------------------------------------------------------------*/
#if FF_CODE_PAGE == 0
@ -15364,7 +15360,7 @@ WCHAR ff_uni2oem ( /* Returns OEM code character, zero on error */
WORD cp /* Code page for the conversion */
)
{
const WCHAR *p;
const WCHAR* p;
WCHAR c = 0, uc;
UINT i, n, li, hi;
@ -15411,12 +15407,12 @@ WCHAR ff_uni2oem ( /* Returns OEM code character, zero on error */
}
WCHAR ff_oem2uni ( /* Returns Unicode character, zero on error */
WCHAR ff_oem2uni ( /* Returns Unicode character in UTF-16, zero on error */
WCHAR oem, /* OEM code to be converted (DBC if >=0x100) */
WORD cp /* Code page for the conversion */
)
{
const WCHAR *p;
const WCHAR* p;
WCHAR c = 0;
UINT i, n, li, hi;
@ -15462,14 +15458,14 @@ WCHAR ff_oem2uni ( /* Returns Unicode character, zero on error */
/*------------------------------------------------------------------------*/
/* Unicode up-case conversion */
/* Unicode Up-case Conversion */
/*------------------------------------------------------------------------*/
DWORD ff_wtoupper ( /* Returns up-converted code point */
DWORD uni /* Unicode code point to be up-converted */
)
{
const WORD *p;
const WORD* p;
WORD uc, bc, nc, cmd;
static const WORD cvt1[] = { /* Compressed up conversion table for U+0000 - U+0FFF */
/* Basic Latin */
@ -15594,4 +15590,4 @@ DWORD ff_wtoupper ( /* Returns up-converted code point */
}
#endif /* #if FF_USE_LFN */
#endif /* #if FF_USE_LFN != 0 */

38
arm9/source/fatfs/integer.h
View File

@ -1,38 +0,0 @@
/*-------------------------------------------*/
/* Integer type definitions for FatFs module */
/*-------------------------------------------*/
#ifndef FF_INTEGER
#define FF_INTEGER
#ifdef _WIN32 /* FatFs development platform */
#include <windows.h>
#include <tchar.h>
typedef unsigned __int64 QWORD;
#else /* Embedded platform */
/* These types MUST be 16-bit or 32-bit */
typedef int INT;
typedef unsigned int UINT;
/* This type MUST be 8-bit */
typedef unsigned char BYTE;
/* These types MUST be 16-bit */
typedef short SHORT;
typedef unsigned short WORD;
typedef unsigned short WCHAR;
/* These types MUST be 32-bit */
typedef long LONG;
typedef unsigned long DWORD;
/* This type MUST be 64-bit (Remove this for ANSI C (C89) compatibility) */
typedef unsigned long long QWORD;
#endif
#endif

372
arm9/source/firm.c
View File

@ -39,6 +39,7 @@
#include "chainloader.h"
static Firm *firm = (Firm *)0x20001000;
u32 firmProtoVersion = 0;
static __attribute__((noinline)) bool overlaps(u32 as, u32 ae, u32 bs, u32 be)
{
@ -151,10 +152,24 @@ static inline u32 loadFirmFromStorage(FirmwareType firmType)
u32 loadNintendoFirm(FirmwareType *firmType, FirmwareSource nandType, bool loadFromStorage, bool isSafeMode)
{
u32 firmVersion,
u32 firmVersion = 0xFFFFFFFF,
firmSize;
bool ctrNandError = isSdMode && !mountFs(false, false);
bool ctrNandError = true;
bool loadedFromStorage = false;
bool storageLoadError = false;
// Try loading FIRM from sdmc first if specified.
if (loadFromStorage) {
firmSize = loadFirmFromStorage(*firmType);
if (firmSize != 0) loadedFromStorage = true;
else storageLoadError = true;
}
// Remount ctrnand and load FIRM from it if loading from sdmc failed.
if (!loadedFromStorage) {
ctrNandError = isSdMode && !remountCtrNandPartition(false);
}
if(!ctrNandError)
{
@ -169,10 +184,8 @@ u32 loadNintendoFirm(FirmwareType *firmType, FirmwareSource nandType, bool loadF
if(!firmSize || !checkFirm(firmSize)) ctrNandError = true;
}
}
bool loadedFromStorage = false;
if(loadFromStorage || ctrNandError)
// If CTRNAND load failed, and it wasn't tried yet, load FIRM from sdmc.
if (ctrNandError && !storageLoadError)
{
u32 result = loadFirmFromStorage(*firmType);
@ -181,11 +194,69 @@ u32 loadNintendoFirm(FirmwareType *firmType, FirmwareSource nandType, bool loadF
loadedFromStorage = true;
firmSize = result;
}
else if(ctrNandError) error("Unable to mount CTRNAND or load the CTRNAND FIRM.\nPlease use an external one.");
else storageLoadError = true;
}
// If all attempts failed, panic.
if(ctrNandError && storageLoadError) error("Unable to mount CTRNAND or load the CTRNAND FIRM.\nPlease use an external one.");
//Check that the FIRM is right for the console from the Arm9 section address
if((firm->section[3].offset != 0 ? firm->section[3].address : firm->section[2].address) != (ISN3DS ? (u8 *)0x8006000 : (u8 *)0x8006800))
bool isO3dsFirm = firm->section[3].offset == 0 && firm->section[2].address == (u8 *)0x8006800;
if(loadedFromStorage || ISDEVUNIT)
{
firmVersion = 0xFFFFFFFF;
if(isO3dsFirm && (*firmType == NATIVE_FIRM || *firmType == NATIVE_FIRM1X2X))
{
__attribute__((aligned(4))) static const u8 hashes[5][0x20] = {
{0xD7, 0x43, 0x0F, 0x27, 0x8D, 0xC9, 0x3F, 0x4C, 0x96, 0xB5, 0xA8, 0x91, 0x48, 0xDB, 0x08, 0x8A,
0x7E, 0x46, 0xB3, 0x95, 0x65, 0xA2, 0x05, 0xF1, 0xF2, 0x41, 0x21, 0xF1, 0x0C, 0x59, 0x6A, 0x9D},
{0x93, 0xDF, 0x49, 0xA1, 0x24, 0x86, 0xBB, 0x6F, 0xAF, 0x49, 0x99, 0x2D, 0xD0, 0x8D, 0xB1, 0x88,
0x8A, 0x00, 0xB6, 0xDD, 0x36, 0x89, 0xC0, 0xE2, 0xC9, 0xA9, 0x99, 0x62, 0x57, 0x5E, 0x6C, 0x23},
{0x39, 0x75, 0xB5, 0x28, 0x24, 0x5E, 0x8B, 0x56, 0xBC, 0x83, 0x79, 0x41, 0x09, 0x2C, 0x42, 0xE6,
0x26, 0xB6, 0x80, 0x59, 0xA5, 0x56, 0xF9, 0xF9, 0x6E, 0xF3, 0x63, 0x05, 0x58, 0xDF, 0x35, 0xEF},
{0x81, 0x9E, 0x71, 0x58, 0xE5, 0x44, 0x73, 0xF7, 0x48, 0x78, 0x7C, 0xEF, 0x5E, 0x30, 0xE2, 0x28,
0x78, 0x0B, 0x21, 0x23, 0x94, 0x63, 0xE8, 0x4E, 0x06, 0xBB, 0xD6, 0x8D, 0xA0, 0x99, 0xAE, 0x98},
{0x1D, 0xD5, 0xB0, 0xC2, 0xD9, 0x4A, 0x4A, 0xF3, 0x23, 0xDD, 0x2F, 0x65, 0x21, 0x95, 0x9B, 0x7E,
0xF2, 0x71, 0x7E, 0xB6, 0x7A, 0x3A, 0x74, 0x78, 0x0D, 0xE3, 0xB5, 0x0C, 0x2B, 0x7F, 0x85, 0x37},
};
u32 i;
for(i = 0; i < sizeof(hashes)/sizeof(hashes[0]); i++)
{
if(memcmp(firm->section[1].hash, hashes[i], 0x20) == 0) break;
}
switch(i)
{
// Beta
case 0:
firmVersion = 0x0;
firmProtoVersion = 243;
*firmType = NATIVE_PROTOTYPE;
break;
case 1:
firmVersion = 0x0;
firmProtoVersion = 238;
*firmType = NATIVE_PROTOTYPE;
break;
// Release
case 2:
firmVersion = 0x18;
break;
case 3:
firmVersion = 0x1D;
break;
case 4:
firmVersion = 0x1F;
break;
default:
break;
}
}
}
if(*firmType != NATIVE_PROTOTYPE && (firm->section[3].offset != 0 ? firm->section[3].address : firm->section[2].address) != (ISN3DS ? (u8 *)0x8006000 : (u8 *)0x8006800))
error("The %s FIRM is not for this console.", loadedFromStorage ? "external" : "CTRNAND");
if(!ISN3DS && *firmType == NATIVE_FIRM && firm->section[0].address == (u8 *)0x1FF80000)
@ -199,39 +270,6 @@ u32 loadNintendoFirm(FirmwareType *firmType, FirmwareSource nandType, bool loadF
*firmType = NATIVE_FIRM1X2X;
}
if(loadedFromStorage || ISDEVUNIT)
{
firmVersion = 0xFFFFFFFF;
if(!ISN3DS && *firmType == NATIVE_FIRM)
{
__attribute__((aligned(4))) static const u8 hashes[3][0x20] = {
{0x39, 0x75, 0xB5, 0x28, 0x24, 0x5E, 0x8B, 0x56, 0xBC, 0x83, 0x79, 0x41, 0x09, 0x2C, 0x42, 0xE6,
0x26, 0xB6, 0x80, 0x59, 0xA5, 0x56, 0xF9, 0xF9, 0x6E, 0xF3, 0x63, 0x05, 0x58, 0xDF, 0x35, 0xEF},
{0x81, 0x9E, 0x71, 0x58, 0xE5, 0x44, 0x73, 0xF7, 0x48, 0x78, 0x7C, 0xEF, 0x5E, 0x30, 0xE2, 0x28,
0x78, 0x0B, 0x21, 0x23, 0x94, 0x63, 0xE8, 0x4E, 0x06, 0xBB, 0xD6, 0x8D, 0xA0, 0x99, 0xAE, 0x98},
{0x1D, 0xD5, 0xB0, 0xC2, 0xD9, 0x4A, 0x4A, 0xF3, 0x23, 0xDD, 0x2F, 0x65, 0x21, 0x95, 0x9B, 0x7E,
0xF2, 0x71, 0x7E, 0xB6, 0x7A, 0x3A, 0x74, 0x78, 0x0D, 0xE3, 0xB5, 0x0C, 0x2B, 0x7F, 0x85, 0x37}
};
u32 i;
for(i = 0; i < 3; i++) if(memcmp(firm->section[1].hash, hashes[i], 0x20) == 0) break;
switch(i)
{
case 0:
firmVersion = 0x18;
break;
case 1:
firmVersion = 0x1D;
break;
case 2:
firmVersion = 0x1F;
break;
}
}
}
return firmVersion;
}
@ -262,11 +300,148 @@ void loadHomebrewFirm(u32 pressed)
launchFirm(wantsScreenInit ? 2 : 1, argv);
}
static inline void mergeSection0(FirmwareType firmType, u32 firmVersion, bool loadFromStorage)
static int lzss_decompress(u8 *end)
{
unsigned int v1; // r1@2
u8 *v2; // r2@2
u8 *v3; // r3@2
u8 *v4; // r1@2
char v5; // r5@4
char v6; // t1@4
signed int v7; // r6@4
int v9; // t1@7
u8 *v11; // r3@8
int v12; // r12@8
int v13; // t1@8
int v14; // t1@8
unsigned int v15; // r7@8
int v16; // r12@8
int ret;
ret = 0;
if ( end )
{
v1 = *((u32 *)end - 2);
v2 = &end[*((u32 *)end - 1)];
v3 = &end[-(v1 >> 24)];
v4 = &end[-(v1 & 0xFFFFFF)];
while ( v3 > v4 )
{
v6 = *(v3-- - 1);
v5 = v6;
v7 = 8;
while ( 1 )
{
if ( (v7-- < 1) )
break;
if ( v5 & 0x80 )
{
v13 = *(v3 - 1);
v11 = v3 - 1;
v12 = v13;
v14 = *(v11 - 1);
v3 = v11 - 1;
v15 = ((v14 | (v12 << 8)) & 0xFFFF0FFF) + 2;
v16 = v12 + 32;
do
{
ret = v2[v15];
*(v2-- - 1) = ret;
v16 -= 16;
}
while ( !(v16 < 0) );
}
else
{
v9 = *(v3-- - 1);
ret = v9;
*(v2-- - 1) = v9;
}
v5 *= 2;
if ( v3 <= v4 )
return ret;
}
}
}
return ret;
}
typedef struct CopyKipResult {
u32 cxiSize;
u8 *codeDstAddr;
u32 codeSize;
} CopyKipResult;
// Copy a KIP, decompressing it in place if necessary (TwlBg)
static CopyKipResult copyKip(u8 *dst, const u8 *src, u32 maxSize, bool decompress)
{
const char *extModuleSizeError = "The external FIRM modules are too large.";
CopyKipResult res = { 0 };
Cxi *dstCxi = (Cxi *)dst;
const Cxi *srcCxi = (const Cxi *)src;
u32 mediaUnitShift = 9 + srcCxi->ncch.flags[6];
u32 totalSizeCompressed = srcCxi->ncch.contentSize << mediaUnitShift;
if (totalSizeCompressed > maxSize)
error(extModuleSizeError);
// First, copy the compressed KIP to the destination
memcpy(dst, src, totalSizeCompressed);
ExHeader *exh = &dstCxi->exHeader;
bool isCompressed = (exh->systemControlInfo.flag & 1) != 0;
ExeFsHeader *exefs = (ExeFsHeader *)(dst + (dstCxi->ncch.exeFsOffset << mediaUnitShift));
ExeFsFileHeader *fh = &exefs->fileHeaders[0];
u8 *codeAddr = (u8 *)exefs + sizeof(ExeFsHeader) + fh->offset;
if (memcmp(fh->name, ".code\0\0\0", 8) != 0 || fh->offset != 0 || exefs->fileHeaders[1].size != 0)
error("One of the external FIRM modules have invalid layout.");
// If it's already decompressed or we don't need to, there is not much left to do
if (!decompress || !isCompressed)
{
res.cxiSize = totalSizeCompressed;
res.codeDstAddr = codeAddr;
res.codeSize = fh->size;
}
else
{
u32 codeSize = exh->systemControlInfo.textCodeSet.size;
codeSize += exh->systemControlInfo.roCodeSet.size;
codeSize += exh->systemControlInfo.dataCodeSet.size;
u32 codeSizePadded = ((codeSize + (1 << mediaUnitShift) - 1) >> mediaUnitShift) << mediaUnitShift;
u32 newTotalSize = (codeAddr + codeSizePadded) - dst;
if (newTotalSize > maxSize)
error(extModuleSizeError);
// Decompress in place
lzss_decompress(codeAddr + fh->size);
// Fill padding just in case
memset(codeAddr + codeSize, 0, codeSizePadded - codeSize);
// Fix fields
fh->size = codeSize;
dstCxi->ncch.exeFsSize = codeSizePadded >> mediaUnitShift;
exh->systemControlInfo.flag &= ~1;
dstCxi->ncch.contentSize = newTotalSize >> mediaUnitShift;
res.cxiSize = newTotalSize;
res.codeDstAddr = codeAddr;
res.codeSize = codeSize;
}
return res;
}
static void mergeSection0(FirmwareType firmType, u32 firmVersion, bool loadFromStorage)
{
u32 srcModuleSize,
nbModules = 0;
bool isLgyFirm = firmType == TWL_FIRM || firmType == AGB_FIRM;
struct
{
char name[8];
@ -283,7 +458,7 @@ static inline void mergeSection0(FirmwareType firmType, u32 firmVersion, bool lo
}
// SAFE_FIRM only for N3DS and only if ENABLESAFEFIRMROSALINA is on
if((firmType == NATIVE_FIRM || firmType == SAFE_FIRM) && (ISN3DS || firmVersion >= 0x1D))
if((firmType == NATIVE_FIRM || firmType == SAFE_FIRM) && (ISN3DS || firmVersion >= 0x25))
{
//2) Merge that info with our own modules'
for(u8 *src = (u8 *)0x18180000; memcmp(((Cxi *)src)->ncch.magic, "NCCH", 4) == 0; src += srcModuleSize)
@ -309,8 +484,9 @@ static inline void mergeSection0(FirmwareType firmType, u32 firmVersion, bool lo
u8 *dst = firm->section[0].address;
const char *extModuleSizeError = "The external FIRM modules are too large.";
// SAFE_FIRM only for N3DS and only if ENABLESAFEFIRMROSALINA is on
u32 maxModuleSize = (firmType == NATIVE_FIRM || firmType == SAFE_FIRM) ? 0x80000 : 0x600000;
for(u32 i = 0, dstModuleSize; i < nbModules; i++, dst += dstModuleSize, maxModuleSize -= dstModuleSize)
u32 maxModuleSize = !isLgyFirm ? 0x80000 : 0x600000;
u32 dstModuleSize = 0;
for(u32 i = 0; i < nbModules; i++)
{
if(loadFromStorage)
{
@ -331,29 +507,46 @@ static inline void mergeSection0(FirmwareType firmType, u32 firmVersion, bool lo
memcmp(moduleList[i].name, ((Cxi *)dst)->exHeader.systemControlInfo.appTitle, sizeof(((Cxi *)dst)->exHeader.systemControlInfo.appTitle)) != 0)
error("An external FIRM module is invalid or corrupted.");
dst += dstModuleSize;
maxModuleSize -= dstModuleSize;
continue;
}
}
dstModuleSize = moduleList[i].size;
// If not successfully loaded from storage, then...
if(dstModuleSize > maxModuleSize) error(extModuleSizeError);
// Decompress stock TwlBg so that we can patch it
bool isStockTwlBg = firmType == TWL_FIRM && strcmp(moduleList[i].name, "TwlBg") == 0;
memcpy(dst, moduleList[i].src, dstModuleSize);
CopyKipResult copyRes = copyKip(dst, moduleList[i].src, maxModuleSize, isStockTwlBg);
if (isStockTwlBg)
patchTwlBg(copyRes.codeDstAddr, copyRes.codeSize);
dst += copyRes.cxiSize;
maxModuleSize -= copyRes.cxiSize;
}
//4) Patch NATIVE_FIRM/SAFE_FIRM (N3DS) if necessary
if(nbModules == 6)
//4) Patch kernel to take module size into account
u32 newKipSectionSize = dst - firm->section[0].address;
u32 oldKipSectionSize = firm->section[0].size;
u8 *kernel11Addr = (u8 *)firm + firm->section[1].offset;
u32 kernel11Size = firm->section[1].size;
if (isLgyFirm)
{
if(patchK11ModuleLoading(firm->section[0].size, dst - firm->section[0].address, (u8 *)firm + firm->section[1].offset, firm->section[1].size) != 0)
error("Failed to inject custom sysmodule");
if (patchK11ModuleLoadingLgy(newKipSectionSize, kernel11Addr, kernel11Size) != 0)
error("Failed to load sysmodules");
}
else
{
if (patchK11ModuleLoading(oldKipSectionSize, newKipSectionSize, nbModules, kernel11Addr, kernel11Size) != 0)
error("Failed to load sysmodules");
}
}
u32 patchNativeFirm(u32 firmVersion, FirmwareSource nandType, bool loadFromStorage, bool isFirmProtEnabled, bool needToInitSd, bool doUnitinfoPatch)
{
u8 *arm9Section = (u8 *)firm + firm->section[2].offset,
*arm11Section1 = (u8 *)firm + firm->section[1].offset;
u8 *arm9Section = (u8 *)firm + firm->section[2].offset;
if(ISN3DS)
{
@ -367,34 +560,41 @@ u32 patchNativeFirm(u32 firmVersion, FirmwareSource nandType, bool loadFromStora
process9MemAddr;
u8 *process9Offset = getProcess9Info(arm9Section, firm->section[2].size, &process9Size, &process9MemAddr);
//Find the Kernel11 SVC table and handler, exceptions page and free space locations
u32 baseK11VA;
u8 *freeK11Space;
u32 *arm11SvcHandler,
*arm11ExceptionsPage,
*arm11SvcTable = getKernel11Info(arm11Section1, firm->section[1].size, &baseK11VA, &freeK11Space, &arm11SvcHandler, &arm11ExceptionsPage);
u32 kernel9Size = (u32)(process9Offset - arm9Section) - sizeof(Cxi) - 0x200,
ret = 0;
//Skip on FIRMs < 4.0
if(ISN3DS || firmVersion >= 0x1D)
#ifndef BUILD_FOR_EXPLOIT_DEV
//Skip on FIRMs < 5.0
if(ISN3DS || firmVersion >= 0x25)
{
//Find the Kernel11 SVC table and handler, exceptions page and free space locations
u8 *arm11Section1 = (u8 *)firm + firm->section[1].offset;
u32 baseK11VA;
u8 *freeK11Space;
u32 *arm11SvcHandler,
*arm11ExceptionsPage,
*arm11SvcTable = getKernel11Info(arm11Section1, firm->section[1].size, &baseK11VA, &freeK11Space, &arm11SvcHandler, &arm11ExceptionsPage);
ret += installK11Extension(arm11Section1, firm->section[1].size, needToInitSd, baseK11VA, arm11ExceptionsPage, &freeK11Space);
ret += patchKernel11(arm11Section1, firm->section[1].size, baseK11VA, arm11SvcTable, arm11ExceptionsPage);
}
#else
(void)needToInitSd;
#endif
//Apply signature patches
ret += patchSignatureChecks(process9Offset, process9Size);
//Apply EmuNAND patches
if(nandType != FIRMWARE_SYSNAND) ret += patchEmuNand(arm9Section, kernel9Size, process9Offset, process9Size, firm->section[2].address, firmVersion);
if(nandType != FIRMWARE_SYSNAND) ret += patchEmuNand(process9Offset, process9Size, firmVersion);
//Apply FIRM0/1 writes patches on SysNAND to protect A9LH
else if(isFirmProtEnabled) ret += patchFirmWrites(process9Offset, process9Size);
#ifndef BUILD_FOR_EXPLOIT_DEV
//Apply firmlaunch patches
ret += patchFirmlaunches(process9Offset, process9Size, process9MemAddr);
#endif
//Apply dev unit check patches related to NCCH encryption
if(!ISDEVUNIT)
@ -431,6 +631,11 @@ u32 patchNativeFirm(u32 firmVersion, FirmwareSource nandType, bool loadFromStora
u32 patchTwlFirm(u32 firmVersion, bool loadFromStorage, bool doUnitinfoPatch)
{
u8 *section1 = (u8 *)firm + firm->section[1].offset;
u32 section1Size = firm->section[1].size;
u8 *section2 = (u8 *)firm + firm->section[2].offset;
u32 section2Size = firm->section[2].size;
u8 *arm9Section = (u8 *)firm + firm->section[3].offset;
// Below 3.0, do not actually do anything.
@ -463,11 +668,11 @@ u32 patchTwlFirm(u32 firmVersion, bool loadFromStorage, bool doUnitinfoPatch)
//Apply UNITINFO patch
if(doUnitinfoPatch) ret += patchUnitInfoValueSet(arm9Section, kernel9Size);
if(loadFromStorage)
{
mergeSection0(TWL_FIRM, 0, true);
firm->section[0].size = 0;
}
ret += patchLgyK11(section1, section1Size, section2, section2Size);
// Also patch TwlBg here
mergeSection0(TWL_FIRM, 0, loadFromStorage);
firm->section[0].size = 0;
return ret;
}
@ -476,6 +681,11 @@ u32 patchAgbFirm(bool loadFromStorage, bool doUnitinfoPatch)
{
u8 *arm9Section = (u8 *)firm + firm->section[3].offset;
u8 *section1 = (u8 *)firm + firm->section[1].offset;
u32 section1Size = firm->section[1].size;
u8 *section2 = (u8 *)firm + firm->section[2].offset;
u32 section2Size = firm->section[2].size;
//On N3DS, decrypt Arm9Bin and patch Arm9 entrypoint to skip kernel9loader
if(ISN3DS)
{
@ -493,6 +703,7 @@ u32 patchAgbFirm(bool loadFromStorage, bool doUnitinfoPatch)
ret += patchLgySignatureChecks(process9Offset, process9Size);
if(CONFIG(SHOWGBABOOT)) ret += patchAgbBootSplash(process9Offset, process9Size);
ret += patchLgyK11(section1, section1Size, section2, section2Size);
//Apply UNITINFO patch
if(doUnitinfoPatch) ret += patchUnitInfoValueSet(arm9Section, kernel9Size);
@ -562,6 +773,29 @@ u32 patch1x2xNativeAndSafeFirm(void)
return ret;
}
u32 patchPrototypeNative(FirmwareSource nandType)
{
u8 *arm9Section = (u8 *)firm + firm->section[2].offset;
//Find the Process9 .code location, size and memory address
u32 process9Size,
process9MemAddr;
u8 *process9Offset = getProcess9Info(arm9Section, firm->section[2].size, &process9Size, &process9MemAddr);
u32 kernel9Size = (u32)(process9Offset - arm9Section) - sizeof(Cxi) - 0x200,
ret = 0;
ret += patchProtoNandSignatureCheck(process9Offset, process9Size);
//Arm9 exception handlers
ret += patchArm9ExceptionHandlersInstall(arm9Section, kernel9Size);
//Apply EmuNAND patches
if(nandType != FIRMWARE_SYSNAND) ret += patchProtoEmuNand(process9Offset, process9Size);
return ret;
}
void launchFirm(int argc, char **argv)
{
prepareArm11ForFirmlaunch();

1
arm9/source/firm.h
View File

@ -35,4 +35,5 @@ u32 patchNativeFirm(u32 firmVersion, FirmwareSource nandType, bool loadFromStora
u32 patchTwlFirm(u32 firmVersion, bool loadFromStorage, bool doUnitinfoPatch);
u32 patchAgbFirm(bool loadFromStorage, bool doUnitinfoPatch);
u32 patch1x2xNativeAndSafeFirm(void);
u32 patchPrototypeNative(FirmwareSource nandType);
void launchFirm(int argc, char **argv);

131
arm9/source/fs.c
View File

@ -52,27 +52,50 @@ static bool switchToMainDir(bool isSd)
case FR_OK:
return true;
case FR_NO_PATH:
return f_mkdir(mainDir) == FR_OK && switchToMainDir(isSd);
{
if (f_mkdir(mainDir) != FR_OK)
{
error("Failed to create luma directory.");
return false;
}
return switchToMainDir(isSd);
}
default:
return false;
}
}
bool mountFs(bool isSd, bool switchToCtrNand)
bool mountSdCardPartition(bool switchMainDir)
{
static bool sdInitialized = false, nandInitialized = false;
if (isSd)
static bool sdInitialized = false;
if (!sdInitialized)
sdInitialized = f_mount(&sdFs, "sdmc:", 1) == FR_OK;
if (sdInitialized && switchMainDir)
return f_chdrive("sdmc:") == FR_OK && switchToMainDir(true);
return sdInitialized;
}
bool remountCtrNandPartition(bool switchMainDir)
{
static bool nandInitialized = false;
int res = FR_OK;
if (!nandInitialized)
{
if (!sdInitialized)
sdInitialized = f_mount(&sdFs, "0:", 1) == FR_OK;
return sdInitialized && switchToMainDir(true);
}
else
{
if (!nandInitialized)
nandInitialized = f_mount(&nandFs, "1:", 1) == FR_OK;
return nandInitialized && (!switchToCtrNand || (f_chdrive("1:") == FR_OK && switchToMainDir(false)));
res = f_mount(&nandFs, "nand:", 1);
nandInitialized = res == FR_OK;
}
if (nandInitialized && switchMainDir)
return f_chdrive("nand:") == FR_OK && switchToMainDir(false);
return nandInitialized;
}
void unmountPartitions(void)
{
f_unmount("nand:");
f_unmount("sdmc:");
}
u32 fileRead(void *dest, const char *path, u32 maxSize)
@ -114,6 +137,7 @@ bool fileWrite(const void *buffer, const char *path, u32 size)
return result == FR_OK && (u32)written == size;
}
case FR_NO_PATH:
// Only create the last dir in the hierarchy
for(u32 i = 1; path[i] != 0; i++)
if(path[i] == '/')
{
@ -155,6 +179,7 @@ bool fileCopy(const char *pathSrc, const char *pathDst, bool replace, void *tmpB
}
else if (res == FR_NO_PATH)
{
// Only create the last dir in the hierarchy
const char *c;
for (c = pathDst + strlen(pathDst); *c != '/' && c >= pathDst; --c);
if (c >= pathDst && c - pathDst <= FF_MAX_LFN && *c != '\0')
@ -207,6 +232,12 @@ bool fileCopy(const char *pathSrc, const char *pathDst, bool replace, void *tmpB
return true;
}
bool createDir(const char *path)
{
FRESULT res = f_mkdir(path);
return res == FR_OK || res == FR_EXIST;
}
bool findPayload(char *path, u32 pressed)
{
const char *pattern;
@ -343,10 +374,10 @@ u32 firmRead(void *dest, u32 firmType)
{"00000003", "20000003"},
{"00000001", "20000001"}};
char folderPath[35],
path[48];
char folderPath[64],
path[128];
sprintf(folderPath, "1:/title/00040138/%s/content", firmFolders[firmType][ISN3DS ? 1 : 0]);
sprintf(folderPath, "nand:/title/00040138/%s/content", firmFolders[firmType][ISN3DS ? 1 : 0]);
DIR dir;
u32 firmVersion = 0xFFFFFFFF;
@ -412,22 +443,38 @@ static bool backupEssentialFiles(void)
{
size_t sz = sizeof(fileCopyBuffer);
bool ok = !(isSdMode && !mountFs(false, false));
u32 deviceID = *(vu32*)0x01FFB804;
char pathStart[0x20];
sprintf(pathStart, "backups/%08lX/", deviceID);
char fullPath[0x80];
ok = ok && fileCopy("1:/ro/sys/HWCAL0.dat", "backups/HWCAL0.dat", false, fileCopyBuffer, sz);
ok = ok && fileCopy("1:/ro/sys/HWCAL1.dat", "backups/HWCAL1.dat", false, fileCopyBuffer, sz);
// Since the other funcs in this file don't create directories recursively (only the last one),
// and nor does f_mkdir, create the directories anyway and ignore the result
f_mkdir("backups");
f_mkdir(pathStart);
ok = ok && fileCopy("1:/rw/sys/LocalFriendCodeSeed_A", "backups/LocalFriendCodeSeed_A", false, fileCopyBuffer, sz); // often doesn't exist
ok = ok && fileCopy("1:/rw/sys/LocalFriendCodeSeed_B", "backups/LocalFriendCodeSeed_B", false, fileCopyBuffer, sz);
bool ok = true;
sprintf(fullPath, "%sHWCAL0.dat", pathStart);
ok = ok && fileCopy("nand:/ro/sys/HWCAL0.dat", fullPath, false, fileCopyBuffer, sz);
sprintf(fullPath, "%sHWCAL1.dat", pathStart);
ok = ok && fileCopy("nand:/ro/sys/HWCAL1.dat", fullPath, false, fileCopyBuffer, sz);
ok = ok && fileCopy("1:/rw/sys/SecureInfo_A", "backups/SecureInfo_A", false, fileCopyBuffer, sz);
ok = ok && fileCopy("1:/rw/sys/SecureInfo_B", "backups/SecureInfo_B", false, fileCopyBuffer, sz); // often doesn't exist
sprintf(fullPath, "%sLocalFriendCodeSeed_A", pathStart);
ok = ok && fileCopy("nand:/rw/sys/LocalFriendCodeSeed_A", fullPath, false, fileCopyBuffer, sz); // often doesn't exist
sprintf(fullPath, "%sLocalFriendCodeSeed_B", pathStart);
ok = ok && fileCopy("nand:/rw/sys/LocalFriendCodeSeed_B", fullPath, false, fileCopyBuffer, sz);
sprintf(fullPath, "%sSecureInfo_A", pathStart);
ok = ok && fileCopy("nand:/rw/sys/SecureInfo_A", fullPath, false, fileCopyBuffer, sz);
sprintf(fullPath, "%sSecureInfo_B", pathStart);
ok = ok && fileCopy("nand:/rw/sys/SecureInfo_B", fullPath, false, fileCopyBuffer, sz); // often doesn't exist
if (!ok) return false;
alignedseqmemcpy(fileCopyBuffer, (const void *)0x10012000, 0x100);
if (getFileSize("backups/otp.bin") != 0x100)
ok = ok && fileWrite(fileCopyBuffer, "backups/otp.bin", 0x100);
sprintf(fullPath, "%sotp.bin", pathStart);
if (getFileSize(fullPath) != 0x100)
ok = ok && fileWrite(fileCopyBuffer, fullPath, 0x100);
if (!ok) return false;
@ -435,40 +482,48 @@ static bool backupEssentialFiles(void)
u8 c = mcuConsoleInfo[0];
if (c == 2 || c == 4 || (ISN3DS && c == 5) || c == 6)
{
sprintf(fullPath, "%sHWCAL_01_EEPROM.dat", pathStart);
I2C_readRegBuf(I2C_DEV_EEPROM, 0, fileCopyBuffer, 0x1000); // Up to two instances of hwcal, with the second one @0x800
if (getFileSize("backups/HWCAL_01_EEPROM.dat") != 0x1000)
ok = ok && fileWrite(fileCopyBuffer, "backups/HWCAL_01_EEPROM.dat", 0x1000);
if (getFileSize(fullPath) != 0x1000)
ok = ok && fileWrite(fileCopyBuffer, fullPath, 0x1000);
}
// B9S bootrom backups
u32 hash[32/4];
sha(hash, (const void *)0x08080000, 0x10000, SHA_256_MODE);
if (memcmp(hash, boot9Sha256, 32) == 0 && getFileSize("backups/boot9.bin") != 0x10000)
ok = ok && fileWrite((const void *)0x08080000, "backups/boot9.bin", 0x10000);
sprintf(fullPath, "%sboot9.bin", pathStart);
if (memcmp(hash, boot9Sha256, 32) == 0 && getFileSize(fullPath) != 0x10000)
ok = ok && fileWrite((const void *)0x08080000, fullPath, 0x10000);
sha(hash, (const void *)0x08090000, 0x10000, SHA_256_MODE);
if (memcmp(hash, boot11Sha256, 32) == 0 && getFileSize("backups/boot11.bin") != 0x10000)
ok = ok && fileWrite((const void *)0x08090000, "backups/boot11.bin", 0x10000);
sprintf(fullPath, "%sboot11.bin", pathStart);
if (memcmp(hash, boot11Sha256, 32) == 0 && getFileSize(fullPath) != 0x10000)
ok = ok && fileWrite((const void *)0x08090000, fullPath, 0x10000);
return ok;
}
bool doLumaUpgradeProcess(void)
{
bool ok = true, ok2 = true;
// Ensure CTRNAND is mounted
bool ok = mountFs(false, false), ok2 = true;
if (!ok)
return false;
remountCtrNandPartition(false);
// Try to boot.firm to CTRNAND, when applicable
if (isSdMode)
ok = fileCopy("0:/boot.firm", "1:/boot.firm", true, fileCopyBuffer, sizeof(fileCopyBuffer));
#ifndef BUILD_FOR_EXPLOIT_DEV
if (isSdMode && memcmp(launchedPathForFatfs, "sdmc:", 5) == 0)
ok = fileCopy(launchedPathForFatfs, "nand:/boot.firm", true, fileCopyBuffer, sizeof(fileCopyBuffer));
#endif
// Try to backup essential files
ok2 = backupEssentialFiles();
// Clean up some of the old files
fileDelete("0:/luma/config.bin");
fileDelete("1:/rw/luma/config.bin");
fileDelete("sdmc:/luma/config.bin");
fileDelete("nand:/rw/luma/config.bin");
createDir("sdmc:/luma/payloads");
createDir("nand:/rw/luma/payloads");
return ok && ok2;
}

6
arm9/source/fs.h
View File

@ -30,12 +30,16 @@
#define PATTERN(a) a "_*.firm"
bool mountFs(bool isSd, bool switchToCtrNand);
bool mountSdCardPartition(bool switchMainDir);
bool remountCtrNandPartition(bool switchMainDir);
void unmountPartitions(void);
u32 fileRead(void *dest, const char *path, u32 maxSize);
u32 getFileSize(const char *path);
bool fileWrite(const void *buffer, const char *path, u32 size);
bool fileDelete(const char *path);
bool fileCopy(const char *pathSrc, const char *pathDst, bool replace, void *tmpBuffer, size_t bufferSize);
bool createDir(const char *path);
bool findPayload(char *path, u32 pressed);
bool payloadMenu(char *path, bool *hasDisplayedMenu);
u32 firmRead(void *dest, u32 firmType);

2
arm9/source/i2c.h
View File

@ -40,6 +40,8 @@ typedef enum
I2C_DEV_CAMERA = 1, // Unconfirmed
I2C_DEV_CAMERA2 = 2, // Unconfirmed
I2C_DEV_MCU = 3,
I2C_DEV_LCD_TOP = 5,
I2C_DEV_LCD_BOT = 6,
I2C_DEV_GYRO = 10,
I2C_DEV_DEBUG_PAD = 12,
I2C_DEV_IR = 13,

6
arm9/source/large_patches.h
View File

@ -28,9 +28,11 @@
#include "types.h"
extern const u8 emunandPatch[];
extern const u32 emunandPatchSize;
extern const u8 emunandPatch[], emunandProtoPatch[], emunandProtoCidPatch[];
extern const u8 emunandProtoPatch238[];
extern const u32 emunandPatchSize, emunandPatchBssSize;
extern u32 emunandPatchSdmmcStructPtr, emunandPatchNandOffset, emunandPatchNcsdHeaderOffset;
extern u32 emunandPatchNandCid[4];
extern const u8 rebootPatch[];
extern const u32 rebootPatchSize;

64
arm9/source/large_patches.s
View File

@ -1,67 +1,3 @@
.section .large_patch.emunand, "aw", %progbits
.arm
.align 4
@ Code originally by Normmatt
.global emunandPatch
emunandPatch:
@ Original code that still needs to be executed
mov r4, r0
mov r5, r1
mov r7, r2
mov r6, r3
@ End
@ If we're already trying to access the SD, return
ldr r2, [r0, #4]
ldr r1, emunandPatchSdmmcStructPtr
cmp r2, r1
beq out
str r1, [r0, #4] @ Set object to be SD
ldr r2, [r0, #8] @ Get sector to read
cmp r2, #0 @ For GW compatibility, see if we're trying to read the ncsd header (sector 0)
ldr r3, emunandPatchNandOffset
add r2, r3 @ Add the offset to the NAND in the SD
ldreq r3, emunandPatchNcsdHeaderOffset
addeq r2, r3 @ If we're reading the ncsd header, add the offset of that sector
str r2, [r0, #8] @ Store sector to read
out:
@ Restore registers.
mov r1, r5
mov r2, r7
mov r3, r6
@ Return 4 bytes behind where we got called,
@ due to the offset of this function being stored there
mov r0, lr
add r0, #4
bx r0
.pool
.global emunandPatchSdmmcStructPtr
.global emunandPatchNandOffset
.global emunandPatchNcsdHeaderOffset
emunandPatchSdmmcStructPtr: .word 0 @ Pointer to sdmmc struct
emunandPatchNandOffset: .word 0 @ For rednand this should be 1
emunandPatchNcsdHeaderOffset: .word 0 @ Depends on nand manufacturer + emunand type (GW/RED)
.pool
.balign 4
_emunandPatchEnd:
.global emunandPatchSize
emunandPatchSize:
.word _emunandPatchEnd - emunandPatch
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ Code originally from delebile and mid-kid

133
arm9/source/main.c
View File

@ -1,6 +1,6 @@
/*
* This file is part of Luma3DS
* Copyright (C) 2016-2020 Aurora Wright, TuxSH
* Copyright (C) 2016-2023 Aurora Wright, TuxSH
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -35,17 +35,19 @@
#include "pin.h"
#include "crypto.h"
#include "memory.h"
#include "deliver_arg.h"
#include "screen.h"
#include "i2c.h"
#include "fmt.h"
#include "fatfs/sdmmc/sdmmc.h"
extern u8 __itcm_start__[], __itcm_lma__[], __itcm_bss_start__[], __itcm_end__[];
extern CfgData configData;
extern ConfigurationStatus needConfig;
extern FirmwareSource firmSource;
bool isSdMode;
char launchedPathForFatfs[256];
u16 launchedPath[80+1];
BootType bootType;
@ -54,14 +56,16 @@ u8 mcuConsoleInfo[9];
void main(int argc, char **argv, u32 magicWord)
{
bool isFirmProtEnabled,
bool isFirmProtEnabled = true,
isSafeMode = false,
needToInitSd = false,
isNoForceFlagSet = false,
isInvalidLoader = false,
isNtrBoot;
FirmwareType firmType;
FirmwareSource nandType;
isNtrBoot = false;
FirmwareType firmType = NATIVE_FIRM;
FirmwareSource nandType = FIRMWARE_SYSNAND;
u32 emunandIndex = 0;
const vu8 *bootMediaStatus = (const vu8 *)0x1FFFE00C;
const vu32 *bootPartitionsStatus = (const vu32 *)0x1FFFE010;
u32 firmlaunchTidLow = 0;
@ -72,6 +76,8 @@ void main(int argc, char **argv, u32 magicWord)
if((magicWord & 0xFFFF) == 0xBEEF && argc >= 1) //Normal (B9S) boot
{
bootType = isNtrBoot ? B9SNTR : B9S;
strncpy(launchedPathForFatfs, argv[0], sizeof(launchedPathForFatfs) - 1);
launchedPathForFatfs[sizeof(launchedPathForFatfs) - 1] = 0;
u32 i;
for(i = 0; i < sizeof(launchedPath)/2 - 1 && argv[0][i] != 0; i++) //Copy and convert the path to UTF-16
@ -85,7 +91,10 @@ void main(int argc, char **argv, u32 magicWord)
u32 i;
u16 *p = (u16 *)argv[0];
for(i = 0; i < sizeof(launchedPath)/2 - 1 && p[i] != 0; i++)
{
launchedPath[i] = p[i];
launchedPathForFatfs[i] = (u8)p[i]; // UCS-2 to ascii. Meh.
}
launchedPath[i] = 0;
for(i = 0; i < 8; i++)
@ -110,6 +119,7 @@ void main(int argc, char **argv, u32 magicWord)
for(u32 i = 0; i < 7; i++) //Copy and convert the path to UTF-16
launchedPath[i] = path[i];
strcpy(launchedPathForFatfs, path);
}
setupKeyslots();
@ -121,8 +131,13 @@ void main(int argc, char **argv, u32 magicWord)
memset(__itcm_bss_start__, 0, __itcm_end__ - __itcm_bss_start__);
I2C_init();
I2C_readRegBuf(I2C_DEV_MCU, 0x00, (u8 *)&mcuFwVersion, 2);
if ((mcuFwVersion & 0xFFF) < 0x0100) error("Unsupported MCU FW version.");
u8 mcuFwVerHi = I2C_readReg(I2C_DEV_MCU, 0) - 0x10;
u8 mcuFwVerLo = I2C_readReg(I2C_DEV_MCU, 1);
mcuFwVersion = ((u16)mcuFwVerHi << 16) | mcuFwVerLo;
// Check if fw is older than factory. See https://www.3dbrew.org/wiki/MCU_Services#MCU_firmware_versions for a table
if (mcuFwVerHi < 1) error("Unsupported MCU FW version %d.%d.", (int)mcuFwVerHi, (int)mcuFwVerLo);
I2C_readRegBuf(I2C_DEV_MCU, 0x7F, mcuConsoleInfo, 9);
if(isInvalidLoader) error("Launched using an unsupported loader.");
@ -131,18 +146,18 @@ void main(int argc, char **argv, u32 magicWord)
if(memcmp(launchedPath, u"sdmc", 8) == 0)
{
if(!mountFs(true, false)) error("Failed to mount SD.");
if(!mountSdCardPartition(true)) error("Failed to mount SD.");
isSdMode = true;
}
else if(memcmp(launchedPath, u"nand", 8) == 0)
{
if(!mountFs(false, true)) error("Failed to mount CTRNAND.");
if(!remountCtrNandPartition(true)) error("Failed to mount CTRNAND.");
isSdMode = false;
}
else if(bootType == NTR || memcmp(launchedPath, u"firm", 8) == 0)
{
if(mountFs(true, false)) isSdMode = true;
else if(mountFs(false, true)) isSdMode = false;
if(mountSdCardPartition(true)) isSdMode = true;
else if(remountCtrNandPartition(true)) isSdMode = false;
else error("Failed to mount SD and CTRNAND.");
if(bootType == NTR)
@ -188,7 +203,7 @@ void main(int argc, char **argv, u32 magicWord)
}
nandType = (FirmwareSource)BOOTCFG_NAND;
firmSource = (FirmwareSource)BOOTCFG_FIRM;
emunandIndex = BOOTCFG_EMUINDEX;
isFirmProtEnabled = !BOOTCFG_NTRCARDBOOT;
goto boot;
@ -203,31 +218,36 @@ void main(int argc, char **argv, u32 magicWord)
//If it's a MCU reboot, try to force boot options
if(CFG_BOOTENV && needConfig != CREATE_CONFIGURATION)
{
u32 bootenv = CFG_BOOTENV;
bool validTlnc = bootenv == 3 && hasValidTlncAutobootParams();
if (validTlnc)
needToInitSd = true;
//Always force a SysNAND boot when quitting AGB_FIRM
if(CFG_BOOTENV == 7)
if(bootenv == 7)
{
nandType = FIRMWARE_SYSNAND;
firmSource = (BOOTCFG_NAND != 0) == (BOOTCFG_FIRM != 0) ? FIRMWARE_SYSNAND : (FirmwareSource)BOOTCFG_FIRM;
//Prevent multiple boot options-forcing
if(nandType != BOOTCFG_NAND || firmSource != BOOTCFG_FIRM) isNoForceFlagSet = true;
// Prevent multiple boot options-forcing
// This bit is a bit weird. Basically, as you return to Home Menu by pressing either
// the HOME or POWER button, nandType will be overridden to "SysNAND" (needed). But,
// if you reboot again (e.g. via Rosalina menu), it'll use your default settings.
if(nandType != BOOTCFG_NAND) isNoForceFlagSet = true;
goto boot;
}
//Account for DSiWare soft resets if exiting TWL_FIRM
if(CFG_BOOTENV == 3)
{
static const u8 TLNC[] = {0x54, 0x4C, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x4E, 0x43};
if(memcmp((void *)0x20000C00, TLNC, 10) == 0) needToInitSd = true;
}
// Configure homebrew autoboot (if deliver arg ends up not containing anything)
if (bootenv == 1 && MULTICONFIG(AUTOBOOTMODE) != 0)
configureHomebrewAutoboot();
/* Force the last used boot options if autobooting a TWL title, or unless a button is pressed
/* Force the last used boot options if doing autolaunch from TWL, or unless a button is pressed
or the no-forcing flag is set */
if(needToInitSd || memcmp((void *)0x20000300, "TLNC", 4) == 0 || (!pressed && !BOOTCFG_NOFORCEFLAG))
if(validTlnc || !(pressed || BOOTCFG_NOFORCEFLAG))
{
nandType = (FirmwareSource)BOOTCFG_NAND;
firmSource = (FirmwareSource)BOOTCFG_FIRM;
emunandIndex = BOOTCFG_EMUINDEX;
goto boot;
}
@ -260,7 +280,6 @@ void main(int argc, char **argv, u32 magicWord)
if(!CFG_BOOTENV && pressed == SAFE_MODE)
{
nandType = FIRMWARE_SYSNAND;
firmSource = FIRMWARE_SYSNAND;
isSafeMode = true;
needToInitSd = true;
@ -288,7 +307,6 @@ void main(int argc, char **argv, u32 magicWord)
if(!CFG_BOOTENV && pressed == SAFE_MODE)
{
nandType = FIRMWARE_SYSNAND;
firmSource = FIRMWARE_SYSNAND;
isSafeMode = true;
needToInitSd = true;
@ -296,53 +314,35 @@ void main(int argc, char **argv, u32 magicWord)
goto boot;
}
// Set-up autoboot
if (MULTICONFIG(AUTOBOOTMODE) != 0)
configureHomebrewAutoboot();
//If booting from CTRNAND, always use SysNAND
if(!isSdMode) nandType = FIRMWARE_SYSNAND;
//If R is pressed, boot the non-updated NAND with the FIRM of the opposite one
else if(pressed & BUTTON_R1)
{
if(CONFIG(USEEMUFIRM))
{
nandType = FIRMWARE_SYSNAND;
firmSource = FIRMWARE_EMUNAND;
}
else
{
nandType = FIRMWARE_EMUNAND;
firmSource = FIRMWARE_SYSNAND;
}
}
/* Else, boot the NAND the user set to autoboot or the opposite one, depending on L,
with their own FIRM */
else firmSource = nandType = (autoBootEmu == ((pressed & BUTTON_L1) == BUTTON_L1)) ? FIRMWARE_SYSNAND : FIRMWARE_EMUNAND;
else nandType = (autoBootEmu == ((pressed & BUTTON_L1) == BUTTON_L1)) ? FIRMWARE_SYSNAND : FIRMWARE_EMUNAND;
//If we're booting EmuNAND or using EmuNAND FIRM, determine which one from the directional pad buttons, or otherwise from the config
if(nandType == FIRMWARE_EMUNAND || firmSource == FIRMWARE_EMUNAND)
if(nandType == FIRMWARE_EMUNAND)
{
FirmwareSource tempNand;
switch(pressed & DPAD_BUTTONS)
{
case BUTTON_UP:
tempNand = FIRMWARE_EMUNAND;
emunandIndex = 0;
break;
case BUTTON_RIGHT:
tempNand = FIRMWARE_EMUNAND2;
emunandIndex = 1;
break;
case BUTTON_DOWN:
tempNand = FIRMWARE_EMUNAND3;
emunandIndex = 2;
break;
case BUTTON_LEFT:
tempNand = FIRMWARE_EMUNAND4;
emunandIndex = 3;
break;
default:
tempNand = (FirmwareSource)(1 + MULTICONFIG(DEFAULTEMU));
emunandIndex = MULTICONFIG(DEFAULTEMU);
break;
}
if(nandType == FIRMWARE_EMUNAND) nandType = tempNand;
else firmSource = tempNand;
}
boot:
@ -350,32 +350,31 @@ boot:
//If we need to boot EmuNAND, make sure it exists
if(nandType != FIRMWARE_SYSNAND)
{
locateEmuNand(&nandType);
if(nandType == FIRMWARE_SYSNAND) firmSource = FIRMWARE_SYSNAND;
else if((*(vu16 *)(SDMMC_BASE + REG_SDSTATUS0) & TMIO_STAT0_WRPROTECT) == 0) //Make sure the SD card isn't write protected
locateEmuNand(&nandType, &emunandIndex, true);
if(nandType == FIRMWARE_EMUNAND && (*(vu16 *)(SDMMC_BASE + REG_SDSTATUS0) & TMIO_STAT0_WRPROTECT) == 0) //Make sure the SD card isn't write protected
error("The SD card is locked, EmuNAND can not be used.\nPlease turn the write protection switch off.");
}
//Same if we're using EmuNAND as the FIRM source
else if(firmSource != FIRMWARE_SYSNAND)
locateEmuNand(&firmSource);
ctrNandLocation = nandType; // for CTRNAND partition
if(bootType != FIRMLAUNCH)
{
configData.bootConfig = ((bootType == NTR ? 1 : 0) << 7) | ((u32)isNoForceFlagSet << 6) | ((u32)firmSource << 3) | (u32)nandType;
configData.bootConfig = ((bootType == NTR ? 1 : 0) << 4) | ((u32)isNoForceFlagSet << 3) | ((u32)emunandIndex << 1) | (u32)nandType;
writeConfig(false);
}
bool loadFromStorage = CONFIG(LOADEXTFIRMSANDMODULES);
u32 firmVersion = loadNintendoFirm(&firmType, firmSource, loadFromStorage, isSafeMode);
u32 firmVersion = loadNintendoFirm(&firmType, nandType, loadFromStorage, isSafeMode);
bool doUnitinfoPatch = CONFIG(PATCHUNITINFO);
u32 res = 0;
switch(firmType)
{
case NATIVE_FIRM:
{
res = patchNativeFirm(firmVersion, nandType, loadFromStorage, isFirmProtEnabled, needToInitSd, doUnitinfoPatch);
break;
}
case TWL_FIRM:
res = patchTwlFirm(firmVersion, loadFromStorage, doUnitinfoPatch);
break;
@ -387,10 +386,14 @@ boot:
case NATIVE_FIRM1X2X:
res = patch1x2xNativeAndSafeFirm();
break;
case NATIVE_PROTOTYPE:
res = patchPrototypeNative(nandType);
break;
}
if(res != 0) error("Failed to apply %u FIRM patch(es).", res);
unmountPartitions();
if(bootType != FIRMLAUNCH) deinitScreens();
launchFirm(0, NULL);
}

24
arm9/source/memory.c
View File

@ -54,3 +54,27 @@ u8 *memsearch(u8 *startPos, const void *pattern, u32 size, u32 patternSize)
return NULL;
}
void *copyFromLegacyModeFcram(void *dst, const void *src, size_t size)
{
// Copy 2 bytes with a stride of 8
const u16 *src16 = (const u16 *)src;
u16 *dst16 = (u16 *)dst;
for (size_t i = 0; i < size / 2; i++)
dst16[i] = src16[4 * i];
return dst;
}
void *copyToLegacyModeFcram(void *dst, const void *src, size_t size)
{
// Copy 2 bytes with a stride of 8
const u16 *src16 = (const u16 *)src;
u16 *dst16 = (u16 *)dst;
for (size_t i = 0; i < size / 2; i++)
dst16[4 * i] = src16[i];
return dst;
}

2
arm9/source/memory.h
View File

@ -34,3 +34,5 @@
#include "types.h"
u8 *memsearch(u8 *startPos, const void *pattern, u32 size, u32 patternSize);
void *copyFromLegacyModeFcram(void *dst, const void *src, size_t size);
void *copyToLegacyModeFcram(void *dst, const void *src, size_t size);

207
arm9/source/patches.c
View File

@ -44,6 +44,9 @@
#define K11EXT_VA 0x70000000
extern u16 launchedPath[];
extern u32 firmProtoVersion;
u8 *getProcess9Info(u8 *pos, u32 size, u32 *process9Size, u32 *process9MemAddr)
{
u8 *temp = memsearch(pos, "NCCH", size, 4);
@ -52,10 +55,20 @@ u8 *getProcess9Info(u8 *pos, u32 size, u32 *process9Size, u32 *process9MemAddr)
Cxi *off = (Cxi *)(temp - 0x100);
*process9Size = (off->ncch.exeFsSize - 1) * 0x200;
*process9MemAddr = off->exHeader.systemControlInfo.textCodeSet.address;
return (u8 *)off + (off->ncch.exeFsOffset + 1) * 0x200;
// Prototype FW has a different NCCH format
if (firmProtoVersion && firmProtoVersion <= 243)
{
*process9Size = off->ncch.exeFsSize;
return (u8 *)off + off->ncch.exeFsOffset;
}
else
{
*process9Size = (off->ncch.exeFsSize - 1) * 0x200;
return (u8 *)off + (off->ncch.exeFsOffset + 1) * 0x200;
}
}
u32 *getKernel11Info(u8 *pos, u32 size, u32 *baseK11VA, u8 **freeK11Space, u32 **arm11SvcHandler, u32 **arm11ExceptionsPage)
@ -130,10 +143,19 @@ u32 installK11Extension(u8 *pos, u32 size, bool needToInitSd, u32 baseK11VA, u32
u16 configFormatVersionMajor, configFormatVersionMinor;
u32 config, multiConfig, bootConfig;
u32 splashDurationMsec;
s8 volumeSliderOverride;
u64 hbldr3dsxTitleId;
u32 rosalinaMenuCombo;
u16 screenFiltersCct;
u32 pluginLoaderFlags;
s16 ntpTzOffetMinutes;
ScreenFiltersCfgData topScreenFilter;
ScreenFiltersCfgData bottomScreenFilter;
u64 autobootTwlTitleId;
u8 autobootCtrAppmemtype;
u16 launchedPath[80+1];
} info;
};
@ -205,10 +227,15 @@ u32 installK11Extension(u8 *pos, u32 size, bool needToInitSd, u32 baseK11VA, u32
info->multiConfig = configData.multiConfig;
info->bootConfig = configData.bootConfig;
info->splashDurationMsec = configData.splashDurationMsec;
info->volumeSliderOverride = configData.volumeSliderOverride;
info->hbldr3dsxTitleId = configData.hbldr3dsxTitleId;
info->rosalinaMenuCombo = configData.rosalinaMenuCombo;
info->screenFiltersCct = configData.screenFiltersCct;
info->pluginLoaderFlags = configData.pluginLoaderFlags;
info->ntpTzOffetMinutes = configData.ntpTzOffetMinutes;
info->topScreenFilter = configData.topScreenFilter;
info->bottomScreenFilter = configData.bottomScreenFilter;
info->autobootTwlTitleId = configData.autobootTwlTitleId;
info->autobootCtrAppmemtype = configData.autobootCtrAppmemtype;
info->versionMajor = VERSION_MAJOR;
info->versionMinor = VERSION_MINOR;
info->versionBuild = VERSION_BUILD;
@ -218,6 +245,8 @@ u32 installK11Extension(u8 *pos, u32 size, bool needToInitSd, u32 baseK11VA, u32
if(needToInitSd) info->flags |= 1 << 5;
if(isSdMode) info->flags |= 1 << 6;
memcpy(info->launchedPath, launchedPath, sizeof(info->launchedPath));
return 0;
}
@ -271,6 +300,23 @@ u32 patchKernel11(u8 *pos, u32 size, u32 baseK11VA, u32 *arm11SvcTable, u32 *arm
off[-5] = 0xE51FF004;
off[-4] = K11EXT_VA + 0x2C;
if (ISN3DS)
{
// Patch SvcSetProcessIdealProcessor and SvcCreate thread to always allow
// for core2 and core3 to be used. Normally, processes with the 0x2000 kernel flag
// have access to core2, and BASE processes have access to both core2 and core3.
// We're patching the if (memory region == BASE) check to be always true.
off = (u32 *)pos;
for (u32 i = 0; i < 2 && (u8 *)off < pos + size; i++)
{
// cmp r2, #0x300; beq...
for (; (off[0] != 0xE3520C03 || off[1] != 0x0A000003) && (u8 *)off < pos + size; off++);
if ((u8 *)off > pos + size)
return 1;
off[1] = 0xEA000003;
}
}
return 0;
}
@ -432,7 +478,7 @@ u32 patchCheckForDevCommonKey(u8 *pos, u32 size)
return 0;
}
u32 patchK11ModuleLoading(u32 section0size, u32 modulesSize, u8 *pos, u32 size)
u32 patchK11ModuleLoading(u32 oldKipSectionSize, u32 newKipSectionSize, u32 numKips, u8 *pos, u32 size)
{
static const u8 moduleLoadingPattern[] = {0xE2, 0x05, 0x00, 0x57},
modulePidPattern[] = {0x06, 0xA0, 0xE1, 0xF2}; //GetSystemInfo
@ -441,20 +487,44 @@ u32 patchK11ModuleLoading(u32 section0size, u32 modulesSize, u8 *pos, u32 size)
if(off == NULL) return 1;
off[1]++;
off[1] = (u8)numKips;
u32 *off32;
for(off32 = (u32 *)(off - 3); *off32 != 0xE59F0000; off32++);
off32 += 2;
off32[1] = off32[0] + modulesSize;
for(; *off32 != section0size; off32++);
*off32 = ((modulesSize + 0x1FF) >> 9) << 9;
off32[1] = off32[0] + newKipSectionSize;
for(; *off32 != oldKipSectionSize; off32++);
*off32 = ((newKipSectionSize + 0x1FF) >> 9) << 9;
off = memsearch(pos, modulePidPattern, size, 4);
if(off == NULL) return 1;
off[0xB] = 6;
off[0xB] = (u8)numKips;
return 0;
}
u32 patchK11ModuleLoadingLgy(u32 newKipSectionSize, u8 *pos, u32 size)
{
// Patch the function where TwlBg/AgbBg is copied from 18000000 (VRAM) to 21000000 (FCRAM).
// This is where we can also automatically obtain the section size
u16 *off = (u16 *)pos;
for (; (u8 *)off < pos + size && (off[0] != 0x06C9 || off[1] != 0x0600); off++);
if ((u8 *)off >= pos + size)
return 3;
off += 7;
u32 oldKipSectionSize = *(u32 *)off;
*(u32 *)off = newKipSectionSize;
off += 2;
u32 *off2 = (u32 *)off;
for (; (u8 *)off2 < pos + size && *off2 != oldKipSectionSize; off2++);
if ((u8 *)off2 >= pos + size)
return 4;
*off2 = newKipSectionSize;
return 0;
}
@ -709,3 +779,120 @@ u32 patchAgbBootSplash(u8 *pos, u32 size)
return 0;
}
void patchTwlBg(u8 *pos, u32 size)
{
// You can use the following Python code to convert something like below
// into twl_upscaling_filter.bin:
// import struct; open("twl_upscaling_filter.bin", "wb+").write(struct.pack("<30H", [array contents]))
static const u16 nintendoFilterTwl[] = {
0x0000, 0x004E, 0x011D, 0x01E3, 0x01C1,
0x0000, 0xFCA5, 0xF8D0, 0xF69D, 0xF873,
0x0000, 0x0D47, 0x1E35, 0x2F08, 0x3B6F,
0x4000, 0x3B6F, 0x2F08, 0x1E35, 0x0D47,
0x0000, 0xF873, 0xF69D, 0xF8D0, 0xFCA5,
0x0000, 0x01C1, 0x01E3, 0x011D, 0x004E,
};
// "error" func doesn't seem to work here
if (CONFIG(ENABLEDSIEXTFILTER))
{
u16 filter[5*6] = { 0 };
u32 rd = fileRead(filter, "twl_upscaling_filter.bin", sizeof(filter));
if (rd == sizeof(filter))
{
// else error("Failed to apply enable_dsi_external_filter:\n\ntwl_upscaling_filter.bin is missing or invalid.");
u8 *off = memsearch(pos, nintendoFilterTwl, size, sizeof(nintendoFilterTwl));
if (off != NULL)
memcpy(off, filter, sizeof(filter));
// else error("Failed to apply enable_dsi_external_filter.");
}
}
}
u32 patchLgyK11(u8 *section1, u32 section1Size, u8 *section2, u32 section2Size)
{
u32 *off;
// Fix a bug where Legacy K11 maps user TLS with "user no access" permissions
// Map it as RWX (just like the rest of other user-accessible pages) instead
for (off = (u32 *)section1; (u8 *)off <= section1 + section1Size && *off != 0xE0100000; off++);
if ((u8 *)off >= section1 + section1Size)
return 1;
++off;
*off &= ~0x231; // clear APX mask and XN
*off |= 0x030; // re-set APX (to user/kernel RW)
// Patch two pointer-to-bool to point to a non-zero byte, enabling user exception handling.
// It is impossible to enable it by normal means, otherwise
for (off = (u32 *)section2; (u8 *)off <= section2 + section2Size && *off != 0x100021F; off++);
if ((u8 *)off >= section2 + section2Size)
return 1;
off[1] = 0xFFFF0F00;
off[2] = 0xFFFF0F04;
// Dispatch-to-user code checks for memory block type and permissions (etc.), but
// LGY K11 doesn't do any memory management, so these checks will always fail.
// Patch with b +0x38 to skip all those checks
u16 *off2;
for (off2 = (u16 *)section2; (u8 *)off2 <= section2 + section2Size && (off2[0] != 0xDB1F || off2[1] != 0x4915); off2++);
if ((u8 *)off2 >= section2 + section2Size)
return 1;
*off2 = 0xE01A;
// Patch kernelpanic to skip devunit check, so that it sets the LCD fill regs
// which are useful to detect such panics
u16 *off3;
for (off3 = (u16 *)section1; (u8 *)off3 <= section1 + section1Size && (off3[0] != 0x481D || off3[1] != 0xB570); off3++);
if ((u8 *)off3 >= section1 + section1Size)
return 1;
off3[2] = 0x2001; // movs r0, #1
// Patch kernel to avoid allocating the two "configuration memory" pages, freeing
// 0x2000 bytes of kernel "heap" (which is 0xD000 AXIWRAM bytes on LGY K11 instead
// of the entire FCRAM on NFIRM). This is indeed a bug because if prevents two of the
// 12 KThread objects from being created
u16 *off4;
for (off4 = (u16 *)section1; (u8 *)off4 <= section1 + section1Size && (off4[0] != 0xB570 || off4[1] != 0x2200); off4++);
if ((u8 *)off4 >= section1 + section1Size)
return 1;
*off4 = 0x4770; // bx lr
return 0;
}
u32 patchProtoNandSignatureCheck(u8 *pos, u32 size) {
if (firmProtoVersion == 243) {
static const u8 pattern[] = {0x08, 0x31, 0x9F, 0xE5};
// Signature check function returns 0 if failed and 1 if succeeded.
// Proc9 breaks if the returned value is 0, change it to break if
// the returned value is 2 (never).
u8 *off = memsearch(pos, pattern, size, sizeof(pattern));
if (!off)
return 1;
off[0x20] = 2;
}
else if (firmProtoVersion == 238) { // SDK 0.10
// Same patch as for v243 ported to the different ncsd_read() function
static const u8 pattern[] = {
0x00, 0x11, 0x9f, 0xe5,
0x00, 0x51, 0x9f, 0xe5,
};
u8 *off = memsearch(pos, pattern, size, sizeof(pattern));
if (!off)
return 1;
off[0x20] = 2;
}
else return 1;
return 0;
}

7
arm9/source/patches.h
View File

@ -31,6 +31,7 @@
* FIRM partition writes patches by delebile
* Idea for svcBreak patches from yellows8 and others on #3dsdev
* TWL_FIRM patches by Steveice10 and others
* Signature patches for prototype FW by PabloMK7
*/
#pragma once
@ -50,7 +51,8 @@ u32 patchTitleInstallMinVersionChecks(u8 *pos, u32 size, u32 firmVersion);
u32 patchZeroKeyNcchEncryptionCheck(u8 *pos, u32 size);
u32 patchNandNcchEncryptionCheck(u8 *pos, u32 size);
u32 patchCheckForDevCommonKey(u8 *pos, u32 size);
u32 patchK11ModuleLoading(u32 section0size, u32 modulesSize, u8 *startPos, u32 size);
u32 patchK11ModuleLoading(u32 oldKipSectionSize, u32 newKipSectionSize, u32 numKips, u8 *pos, u32 size);
u32 patchK11ModuleLoadingLgy(u32 newKipSectionSize, u8 *pos, u32 size);
u32 patchArm9ExceptionHandlersInstall(u8 *pos, u32 size);
u32 patchSvcBreak9(u8 *pos, u32 size, u32 kernel9Address);
u32 patchKernel9Panic(u8 *pos, u32 size);
@ -65,3 +67,6 @@ u32 patchTwlFlashcartChecks(u8 *pos, u32 size, u32 firmVersion);
u32 patchOldTwlFlashcartChecks(u8 *pos, u32 size);
u32 patchTwlShaHashChecks(u8 *pos, u32 size);
u32 patchAgbBootSplash(u8 *pos, u32 size);
void patchTwlBg(u8 *pos, u32 size); // silently fails
u32 patchLgyK11(u8 *section1, u32 section1Size, u8 *section2, u32 section2Size);
u32 patchProtoNandSignatureCheck(u8 *pos, u32 size);

40
arm9/source/screen.c
View File

@ -70,6 +70,14 @@ void prepareArm11ForFirmlaunch(void)
void deinitScreens(void)
{
if(ARESCREENSINITIALIZED) invokeArm11Function(DEINIT_SCREENS);
// Backlight voltage off
I2C_writeReg(I2C_DEV_MCU, 0x22, 0x14);
wait(50);
// LCD panel voltage off
I2C_writeReg(I2C_DEV_MCU, 0x22, 0x01);
wait(50);
}
void updateBrightness(u32 brightnessIndex)
@ -102,8 +110,31 @@ void initScreens(void)
memcpy((void *)(ARM11_PARAMETERS_ADDRESS + 4), fbs, sizeof(fbs));
invokeArm11Function(INIT_SCREENS);
//Turn on backlight
I2C_writeReg(I2C_DEV_MCU, 0x22, 0x2A);
// Fragile code, needs proper fix/total rewrite of the baremetal components anyway
// Assume controller revision is not 0x00 for either screen (this revision is extremely
// old and shouldn't be seen in retail units nor normal devunits)
// Controller reset off
I2C_writeReg(I2C_DEV_LCD_TOP, 0xFE, 0xAA);
I2C_writeReg(I2C_DEV_LCD_BOT, 0xFE, 0xAA);
wait(5);
// Controller power on
I2C_writeReg(I2C_DEV_LCD_TOP, 0x01, 0x10);
I2C_writeReg(I2C_DEV_LCD_BOT, 0x01, 0x10);
wait(5);
// Clear error flag
I2C_writeReg(I2C_DEV_LCD_TOP, 0x60, 0x00);
I2C_writeReg(I2C_DEV_LCD_BOT, 0x60, 0x00);
wait(5);
// LCD panel (bias ?) voltage on
I2C_writeReg(I2C_DEV_MCU, 0x22, 0x02);
wait(50);
// Backlight voltage on
I2C_writeReg(I2C_DEV_MCU, 0x22, 0x28);
wait(5);
}
else updateBrightness(MULTICONFIG(BRIGHTNESS));
@ -118,3 +149,8 @@ void initScreens(void)
clearScreens(false);
swapFramebuffers(false);
}
void zerofillN3dsAblRegisters(void)
{
invokeArm11Function(ZEROFILL_N3DS_ABL_REGISTERS);
}

2
arm9/source/screen.h
View File

@ -59,6 +59,7 @@ typedef enum
SWAP_FRAMEBUFFERS,
UPDATE_BRIGHTNESS,
DEINIT_SCREENS,
ZEROFILL_N3DS_ABL_REGISTERS,
PREPARE_ARM11_FOR_FIRMLAUNCH,
ARM11_READY,
} Arm11Operation;
@ -73,3 +74,4 @@ void swapFramebuffers(bool isAlternate);
void updateBrightness(u32 brightnessIndex);
void clearScreens(bool isAlternate);
void initScreens(void);
void zerofillN3dsAblRegisters(void);

27
arm9/source/types.h
View File

@ -61,16 +61,32 @@ typedef volatile s64 vs64;
#define ISN3DS (CFG11_SOCINFO & 2)
#define ISDEVUNIT (CFG_UNITINFO != 0)
typedef struct {
typedef struct ScreenFiltersCfgData {
u16 cct;
bool invert;
u8 colorCurveCorrection;
s64 gammaEnc;
s64 contrastEnc;
s64 brightnessEnc;
} ScreenFiltersCfgData;
typedef struct CfgData {
u16 formatVersionMajor, formatVersionMinor;
u32 config, multiConfig, bootConfig;
u32 splashDurationMsec;
s8 volumeSliderOverride;
u64 hbldr3dsxTitleId;
u32 rosalinaMenuCombo;
u16 screenFiltersCct;
u32 pluginLoaderFlags;
s16 ntpTzOffetMinutes;
ScreenFiltersCfgData topScreenFilter;
ScreenFiltersCfgData bottomScreenFilter;
u64 autobootTwlTitleId;
u8 autobootCtrAppmemtype;
} CfgData;
typedef struct
@ -109,9 +125,6 @@ typedef enum FirmwareSource
{
FIRMWARE_SYSNAND = 0,
FIRMWARE_EMUNAND,
FIRMWARE_EMUNAND2,
FIRMWARE_EMUNAND3,
FIRMWARE_EMUNAND4
} FirmwareSource;
typedef enum FirmwareType
@ -121,7 +134,8 @@ typedef enum FirmwareType
AGB_FIRM,
SAFE_FIRM,
SYSUPDATER_FIRM,
NATIVE_FIRM1X2X
NATIVE_FIRM1X2X,
NATIVE_PROTOTYPE,
} FirmwareType;
typedef enum bootType
@ -138,6 +152,7 @@ extern bool isSdMode;
extern BootType bootType;
extern char launchedPathForFatfs[256];
extern u16 launchedFirmTidLow[8];
extern u16 launchedPath[80+1];

99
arm9/source/utils.c
View File

@ -1,6 +1,6 @@
/*
* This file is part of Luma3DS
* Copyright (C) 2016-2020 Aurora Wright, TuxSH
* Copyright (C) 2016-2022 Aurora Wright, TuxSH
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -113,8 +113,11 @@ u32 waitInput(bool isMenu)
return key;
}
void mcuPowerOff(void)
__attribute__((noreturn)) void mcuPowerOff(void)
{
// Unmount partitions
unmountPartitions();
if(!needToSetupScreens) clearScreens(false);
//Shutdown LCD
@ -154,3 +157,95 @@ void error(const char *fmt, ...)
mcuPowerOff();
}
// CRC-16/MODBUS
u16 crc16(const void *data, size_t size, u16 initialValue)
{
static const u16 lut[256] = {
0x0000,0xC0C1,0xC181,0x0140,0xC301,0x03C0,0x0280,0xC241,
0xC601,0x06C0,0x0780,0xC741,0x0500,0xC5C1,0xC481,0x0440,
0xCC01,0x0CC0,0x0D80,0xCD41,0x0F00,0xCFC1,0xCE81,0x0E40,
0x0A00,0xCAC1,0xCB81,0x0B40,0xC901,0x09C0,0x0880,0xC841,
0xD801,0x18C0,0x1980,0xD941,0x1B00,0xDBC1,0xDA81,0x1A40,
0x1E00,0xDEC1,0xDF81,0x1F40,0xDD01,0x1DC0,0x1C80,0xDC41,
0x1400,0xD4C1,0xD581,0x1540,0xD701,0x17C0,0x1680,0xD641,
0xD201,0x12C0,0x1380,0xD341,0x1100,0xD1C1,0xD081,0x1040,
0xF001,0x30C0,0x3180,0xF141,0x3300,0xF3C1,0xF281,0x3240,
0x3600,0xF6C1,0xF781,0x3740,0xF501,0x35C0,0x3480,0xF441,
0x3C00,0xFCC1,0xFD81,0x3D40,0xFF01,0x3FC0,0x3E80,0xFE41,
0xFA01,0x3AC0,0x3B80,0xFB41,0x3900,0xF9C1,0xF881,0x3840,
0x2800,0xE8C1,0xE981,0x2940,0xEB01,0x2BC0,0x2A80,0xEA41,
0xEE01,0x2EC0,0x2F80,0xEF41,0x2D00,0xEDC1,0xEC81,0x2C40,
0xE401,0x24C0,0x2580,0xE541,0x2700,0xE7C1,0xE681,0x2640,
0x2200,0xE2C1,0xE381,0x2340,0xE101,0x21C0,0x2080,0xE041,
0xA001,0x60C0,0x6180,0xA141,0x6300,0xA3C1,0xA281,0x6240,
0x6600,0xA6C1,0xA781,0x6740,0xA501,0x65C0,0x6480,0xA441,
0x6C00,0xACC1,0xAD81,0x6D40,0xAF01,0x6FC0,0x6E80,0xAE41,
0xAA01,0x6AC0,0x6B80,0xAB41,0x6900,0xA9C1,0xA881,0x6840,
0x7800,0xB8C1,0xB981,0x7940,0xBB01,0x7BC0,0x7A80,0xBA41,
0xBE01,0x7EC0,0x7F80,0xBF41,0x7D00,0xBDC1,0xBC81,0x7C40,
0xB401,0x74C0,0x7580,0xB541,0x7700,0xB7C1,0xB681,0x7640,
0x7200,0xB2C1,0xB381,0x7340,0xB101,0x71C0,0x7080,0xB041,
0x5000,0x90C1,0x9181,0x5140,0x9301,0x53C0,0x5280,0x9241,
0x9601,0x56C0,0x5780,0x9741,0x5500,0x95C1,0x9481,0x5440,
0x9C01,0x5CC0,0x5D80,0x9D41,0x5F00,0x9FC1,0x9E81,0x5E40,
0x5A00,0x9AC1,0x9B81,0x5B40,0x9901,0x59C0,0x5880,0x9841,
0x8801,0x48C0,0x4980,0x8941,0x4B00,0x8BC1,0x8A81,0x4A40,
0x4E00,0x8EC1,0x8F81,0x4F40,0x8D01,0x4DC0,0x4C80,0x8C41,
0x4400,0x84C1,0x8581,0x4540,0x8701,0x47C0,0x4680,0x8641,
0x8201,0x42C0,0x4380,0x8341,0x4100,0x81C1,0x8081,0x4040,
};
u16 r = initialValue;
const u8 *data8 = (const u8 *)data;
for (size_t i = 0; i < size; i++)
r = (r >> 8) ^ lut[(r ^ data8[i]) & 0xFF];
return r;
}
u32 crc32(const void *data, size_t size, u32 initialValue)
{
static const u32 lut[256] = {
0x00000000,0x77073096,0xEE0E612C,0x990951BA,0x076DC419,0x706AF48F,0xE963A535,0x9E6495A3,
0x0EDB8832,0x79DCB8A4,0xE0D5E91E,0x97D2D988,0x09B64C2B,0x7EB17CBD,0xE7B82D07,0x90BF1D91,
0x1DB71064,0x6AB020F2,0xF3B97148,0x84BE41DE,0x1ADAD47D,0x6DDDE4EB,0xF4D4B551,0x83D385C7,
0x136C9856,0x646BA8C0,0xFD62F97A,0x8A65C9EC,0x14015C4F,0x63066CD9,0xFA0F3D63,0x8D080DF5,
0x3B6E20C8,0x4C69105E,0xD56041E4,0xA2677172,0x3C03E4D1,0x4B04D447,0xD20D85FD,0xA50AB56B,
0x35B5A8FA,0x42B2986C,0xDBBBC9D6,0xACBCF940,0x32D86CE3,0x45DF5C75,0xDCD60DCF,0xABD13D59,
0x26D930AC,0x51DE003A,0xC8D75180,0xBFD06116,0x21B4F4B5,0x56B3C423,0xCFBA9599,0xB8BDA50F,
0x2802B89E,0x5F058808,0xC60CD9B2,0xB10BE924,0x2F6F7C87,0x58684C11,0xC1611DAB,0xB6662D3D,
0x76DC4190,0x01DB7106,0x98D220BC,0xEFD5102A,0x71B18589,0x06B6B51F,0x9FBFE4A5,0xE8B8D433,
0x7807C9A2,0x0F00F934,0x9609A88E,0xE10E9818,0x7F6A0DBB,0x086D3D2D,0x91646C97,0xE6635C01,
0x6B6B51F4,0x1C6C6162,0x856530D8,0xF262004E,0x6C0695ED,0x1B01A57B,0x8208F4C1,0xF50FC457,
0x65B0D9C6,0x12B7E950,0x8BBEB8EA,0xFCB9887C,0x62DD1DDF,0x15DA2D49,0x8CD37CF3,0xFBD44C65,
0x4DB26158,0x3AB551CE,0xA3BC0074,0xD4BB30E2,0x4ADFA541,0x3DD895D7,0xA4D1C46D,0xD3D6F4FB,
0x4369E96A,0x346ED9FC,0xAD678846,0xDA60B8D0,0x44042D73,0x33031DE5,0xAA0A4C5F,0xDD0D7CC9,
0x5005713C,0x270241AA,0xBE0B1010,0xC90C2086,0x5768B525,0x206F85B3,0xB966D409,0xCE61E49F,
0x5EDEF90E,0x29D9C998,0xB0D09822,0xC7D7A8B4,0x59B33D17,0x2EB40D81,0xB7BD5C3B,0xC0BA6CAD,
0xEDB88320,0x9ABFB3B6,0x03B6E20C,0x74B1D29A,0xEAD54739,0x9DD277AF,0x04DB2615,0x73DC1683,
0xE3630B12,0x94643B84,0x0D6D6A3E,0x7A6A5AA8,0xE40ECF0B,0x9309FF9D,0x0A00AE27,0x7D079EB1,
0xF00F9344,0x8708A3D2,0x1E01F268,0x6906C2FE,0xF762575D,0x806567CB,0x196C3671,0x6E6B06E7,
0xFED41B76,0x89D32BE0,0x10DA7A5A,0x67DD4ACC,0xF9B9DF6F,0x8EBEEFF9,0x17B7BE43,0x60B08ED5,
0xD6D6A3E8,0xA1D1937E,0x38D8C2C4,0x4FDFF252,0xD1BB67F1,0xA6BC5767,0x3FB506DD,0x48B2364B,
0xD80D2BDA,0xAF0A1B4C,0x36034AF6,0x41047A60,0xDF60EFC3,0xA867DF55,0x316E8EEF,0x4669BE79,
0xCB61B38C,0xBC66831A,0x256FD2A0,0x5268E236,0xCC0C7795,0xBB0B4703,0x220216B9,0x5505262F,
0xC5BA3BBE,0xB2BD0B28,0x2BB45A92,0x5CB36A04,0xC2D7FFA7,0xB5D0CF31,0x2CD99E8B,0x5BDEAE1D,
0x9B64C2B0,0xEC63F226,0x756AA39C,0x026D930A,0x9C0906A9,0xEB0E363F,0x72076785,0x05005713,
0x95BF4A82,0xE2B87A14,0x7BB12BAE,0x0CB61B38,0x92D28E9B,0xE5D5BE0D,0x7CDCEFB7,0x0BDBDF21,
0x86D3D2D4,0xF1D4E242,0x68DDB3F8,0x1FDA836E,0x81BE16CD,0xF6B9265B,0x6FB077E1,0x18B74777,
0x88085AE6,0xFF0F6A70,0x66063BCA,0x11010B5C,0x8F659EFF,0xF862AE69,0x616BFFD3,0x166CCF45,
0xA00AE278,0xD70DD2EE,0x4E048354,0x3903B3C2,0xA7672661,0xD06016F7,0x4969474D,0x3E6E77DB,
0xAED16A4A,0xD9D65ADC,0x40DF0B66,0x37D83BF0,0xA9BCAE53,0xDEBB9EC5,0x47B2CF7F,0x30B5FFE9,
0xBDBDF21C,0xCABAC28A,0x53B39330,0x24B4A3A6,0xBAD03605,0xCDD70693,0x54DE5729,0x23D967BF,
0xB3667A2E,0xC4614AB8,0x5D681B02,0x2A6F2B94,0xB40BBE37,0xC30C8EA1,0x5A05DF1B,0x2D02EF8D,
};
u32 r = initialValue;
const u8 *data8 = (const u8 *)data;
for (size_t i = 0; i < size; i++)
r = (r >> 8) ^ lut[(r ^ data8[i]) & 0xFF];
return ~r;
}

5
arm9/source/utils.h
View File

@ -1,6 +1,6 @@
/*
* This file is part of Luma3DS
* Copyright (C) 2016-2020 Aurora Wright, TuxSH
* Copyright (C) 2016-2022 Aurora Wright, TuxSH
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -46,3 +46,6 @@ u32 waitInput(bool isMenu);
void mcuPowerOff(void);
void wait(u64 amount);
void error(const char *fmt, ...);
u16 crc16(const void *data, size_t size, u16 initialValue);
u32 crc32(const void *data, size_t size, u32 initialValue);

BIN
img/boot_menu_v1321.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 5.9 KiB

BIN
img/rosalina_menu_v1321.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.7 KiB

2
k11_extension/Makefile
View File

@ -27,7 +27,7 @@ INCLUDES := include include/svc
#---------------------------------------------------------------------------------
# -mgeneral-regs-only so that the C code is guaranteed not to use FPU regs
ARCH := -march=armv6k -mtune=mpcore -mfloat-abi=hard -mtp=soft -mgeneral-regs-only
DEFINES := -DARM11 -D_3DS
DEFINES := -DARM11 -D__3DS__
FALSEPOSITIVES := -Wno-array-bounds -Wno-stringop-overflow -Wno-stringop-overread
CFLAGS := -g -std=gnu11 -Wall -Wextra -Werror -O2 -mword-relocations \

15
k11_extension/include/config.h
View File

@ -9,10 +9,10 @@
#define MULTICONFIG(a) ((cfwInfo.multiConfig >> (2 * (a))) & 3)
#define BOOTCONFIG(a, b) ((cfwInfo.bootConfig >> (a)) & (b))
#define BOOTCFG_NAND BOOTCONFIG(0, 7)
#define BOOTCFG_FIRM BOOTCONFIG(3, 7)
#define BOOTCFG_NOFORCEFLAG BOOTCONFIG(6, 1)
#define BOOTCFG_NTRCARDBOOT BOOTCONFIG(7, 1)
#define BOOTCFG_NAND BOOTCONFIG(0, 1)
#define BOOTCFG_EMUINDEX BOOTCONFIG(1, 3)
#define BOOTCFG_NOFORCEFLAG BOOTCONFIG(3, 1)
#define BOOTCFG_NTRCARDBOOT BOOTCONFIG(4, 1)
enum multiOptions
{
@ -20,18 +20,21 @@ enum multiOptions
BRIGHTNESS,
SPLASH,
PIN,
NEWCPU
NEWCPU,
AUTOBOOTMODE,
FORCEAUDIOOUTPUT,
};
enum singleOptions
{
AUTOBOOTEMU = 0,
USEEMUFIRM,
LOADEXTFIRMSANDMODULES,
PATCHGAMES,
REDIRECTAPPTHREADS,
PATCHVERSTRING,
SHOWGBABOOT,
PATCHUNITINFO,
ENABLEDSIEXTFILTER,
DISABLEARM11EXCHANDLERS,
ENABLESAFEFIRMROSALINA,
};

58
k11_extension/include/globals.h
View File

@ -31,6 +31,7 @@
extern KRecursiveLock *criticalSectionLock;
extern KObjectList *threadList;
extern KObjectList *resourceLimitList;
extern KObjectMutex *synchronizationMutex;
extern void (*KRecursiveLock__Lock)(KRecursiveLock *this);
@ -44,17 +45,27 @@ extern KAutoObject * (*KProcessHandleTable__ToKAutoObject)(KProcessHandleTable *
extern void (*KSynchronizationObject__Signal)(KSynchronizationObject *this, bool isPulse);
extern Result (*WaitSynchronization1)(void *this_unused, KThread *thread, KSynchronizationObject *syncObject, s64 timeout);
extern Result (*KProcessHandleTable__CreateHandle)(KProcessHandleTable *this, Handle *out, KAutoObject *obj, u8 token);
extern Result (*KProcessHwInfo__QueryMemory)(KProcessHwInfo *this, MemoryInfo *memoryInfo, PageInfo *pageInfo, void *address);
extern Result (*KProcessHwInfo__MapProcessMemory)(KProcessHwInfo *this, KProcessHwInfo *other, void *dst, void *src, u32 nbPages);
extern Result (*KProcessHwInfo__UnmapProcessMemory)(KProcessHwInfo *this, void *addr, u32 nbPages);
extern Result (*KProcessHwInfo__CheckVaState)(KProcessHwInfo *hwInfo, u32 va, u32 size, u32 state, u32 perm);
extern Result (*KProcessHwInfo__GetListOfKBlockInfoForVA)(KProcessHwInfo *hwInfo, KLinkedList *list, u32 va, u32 sizeInPage);
extern Result (*KProcessHwInfo__MapListOfKBlockInfo)(KProcessHwInfo *this, u32 va, KLinkedList *list, u32 state, u32 perm, u32 sbz);
extern Result (*KEvent__Clear)(KEvent *this);
extern Result (*KEvent__Signal)(KEvent *this);
extern void (*KObjectMutex__WaitAndAcquire)(KObjectMutex *this);
extern void (*KObjectMutex__ErrorOccured)(void);
extern void (*KScheduler__AdjustThread)(KScheduler *this, KThread *thread, u32 oldSchedulingMask);
extern void (*KScheduler__AttemptSwitchingThreadContext)(KScheduler *this);
extern void (*KLinkedList_KBlockInfo__Clear)(KLinkedList *list);
extern Result (*ControlMemory)(u32 *addrOut, u32 addr0, u32 addr1, u32 size, MemOp op, MemPerm perm, bool isLoader);
extern Result (*doControlMemory)(KProcessHwInfo *this, u32 addr, u32 requestedNbPages, u32 pa, u32 state, u32 perm, u32 a7, u32 region);
extern Result (*CreateThread)(Handle *outThreadHandle, u32 ep, u32 arg, u32 stackTop, s32 priority, s32 processorId);
extern void (*SleepThread)(s64 ns);
extern Result (*CreateEvent)(Handle *out, ResetType resetType);
extern Result (*CloseHandle)(Handle handle);
extern Result (*GetHandleInfo)(s64 *out, Handle handle, u32 type);
extern Result (*GetSystemInfo)(s64 *out, s32 type, s32 param);
@ -65,6 +76,7 @@ extern Result (*SendSyncRequest)(Handle handle);
extern Result (*OpenProcess)(Handle *out, u32 processId);
extern Result (*GetProcessId)(u32 *out, Handle process);
extern Result (*DebugActiveProcess)(Handle *out, u32 processId);
extern Result (*SignalEvent)(Handle event);
extern Result (*UnmapProcessMemory)(Handle processHandle, void *dst, u32 size);
extern Result (*KernelSetState)(u32 type, u32 varg1, u32 varg2, u32 varg3);
@ -97,6 +109,7 @@ extern bool *isDevUnit;
extern vu8 *configPage;
extern u32 kernelVersion;
extern FcramLayout fcramLayout;
extern FcramDescriptor *fcramDescriptor;
extern KCoreContext *coreCtxs;
@ -110,9 +123,19 @@ extern Result (*InterruptManager__MapInterrupt)(InterruptManager *manager, KBase
extern InterruptManager *interruptManager;
extern KBaseInterruptEvent *customInterruptEvent;
extern void (*initFPU)(void);
extern void (*mcuReboot)(void);
extern void (*coreBarrier)(void);
extern void (*initFPU)(void);
extern void (*mcuReboot)(void);
extern void (*coreBarrier)(void);
extern void* (*kAlloc)(FcramDescriptor *fcramDesc, u32 nbPages, u32 alignment, u32 region);
typedef struct ScreenFiltersCfgData {
u16 cct;
bool invert;
u8 colorCurveCorrection;
s64 gammaEnc;
s64 contrastEnc;
s64 brightnessEnc;
} ScreenFiltersCfgData;
typedef struct CfwInfo
{
@ -128,15 +151,42 @@ typedef struct CfwInfo
u16 configFormatVersionMajor, configFormatVersionMinor;
u32 config, multiConfig, bootConfig;
u32 splashDurationMsec;
s8 volumeSliderOverride;
u64 hbldr3dsxTitleId;
u32 rosalinaMenuCombo;
u16 screenFiltersCct;
u32 pluginLoaderFlags;
s16 ntpTzOffetMinutes;
ScreenFiltersCfgData topScreenFilter;
ScreenFiltersCfgData bottomScreenFilter;
u64 autobootTwlTitleId;
u8 autobootCtrAppmemtype;
u16 launchedPath[80+1];
} CfwInfo;
extern CfwInfo cfwInfo;
extern u32 kextBasePa;
extern u32 stolenSystemMemRegionSize;
extern bool disableThreadRedirection;
extern vu32 rosalinaState;
extern bool hasStartedRosalinaNetworkFuncsOnce;
extern KEvent* signalPluginEvent;
typedef enum
{
PLG_CFG_NONE = 0,
PLG_CFG_RUNNING = 1,
PLG_CFG_INHOME = 2,
PLG_CFG_EXITING = 3,
PLG_CFG_HOME_EVENT = 1 << 16,
PLG_CFG_EXIT_EVENT = 2 << 16
} PLG_CFG_STATUS;
void PLG_SignalEvent(u32 event);
void PLG__WakeAppThread(void);
u32 PLG_GetStatus(void);
KLinkedList* KLinkedList__Initialize(KLinkedList *list);

140
k11_extension/include/kernel.h
View File

@ -53,7 +53,7 @@ struct KMutexLinkedList;
struct KPreemptionTimer;
/* 12 */
typedef struct ALIGN(4) KAutoObject
typedef struct CTR_ALIGN(4) KAutoObject
{
struct Vtable__KAutoObject *vtable;
u32 refCount;
@ -96,7 +96,7 @@ typedef struct KMutexLinkedListNode
} KMutexLinkedListNode;
/* 1 */
typedef struct ALIGN(4) KMutex
typedef struct CTR_ALIGN(4) KMutex
{
KSynchronizationObject syncObject;
KMutexLinkedListNode mutexListNode;
@ -106,6 +106,14 @@ typedef struct ALIGN(4) KMutex
union KProcess *owner;
} KMutex;
typedef struct KAddressArbiter
{
KAutoObject autoObject;
struct KThread *first;
struct KThread *last;
union KProcess *owner;
} KAddressArbiter;
/* 92 */
typedef struct KMutexLinkedList
{
@ -113,6 +121,30 @@ typedef struct KMutexLinkedList
KMutex *last;
} KMutexLinkedList;
enum
{
TOKEN_KAUTOOBJECT = 0,
TOKEN_KSYNCHRONIZATIONOBJECT = 1,
TOKEN_KEVENT = 0x1F,
TOKEN_KSEMAPHORE = 0x2F,
TOKEN_KTIMER = 0x35,
TOKEN_KMUTEX = 0x39,
TOKEN_KDEBUG = 0x4D,
TOKEN_KSERVERPORT = 0x55,
TOKEN_KDMAOBJECT = 0x59,
TOKEN_KCLIENTPORT = 0x65,
TOKEN_KCODESET = 0x68,
TOKEN_KSESSION = 0x70,
TOKEN_KTHREAD = 0x8D,
TOKEN_KSERVERSESSION = 0x95,
TOKEN_KADDRESSARBITER = 0x98,
TOKEN_KCLIENTSESSION = 0xA5,
TOKEN_KPORT = 0xA8,
TOKEN_KSHAREDMEMORY = 0xB0,
TOKEN_KPROCESS = 0xC5,
TOKEN_KRESOURCELIMIT = 0xC8
};
/* 45 */
typedef struct KClassToken
{
@ -121,7 +153,7 @@ typedef struct KClassToken
} KClassToken;
/* 44 */
typedef struct ALIGN(4) Vtable__KAutoObject
typedef struct CTR_ALIGN(4) Vtable__KAutoObject
{
void *field_0;
void *field_4;
@ -142,7 +174,7 @@ typedef struct KBaseInterruptEvent
} KBaseInterruptEvent;
/* 55 */
typedef struct ALIGN(4) Vtable__KBaseInterruptEvent
typedef struct CTR_ALIGN(4) Vtable__KBaseInterruptEvent
{
struct KSchedulableInterruptEvent *(*handleInterruptEvent)(KBaseInterruptEvent *, u32);
} Vtable__KBaseInterruptEvent;
@ -178,7 +210,7 @@ typedef struct KThreadLinkedListNode
/* 93 */
typedef struct ALIGN(4) KPreemptionTimer
typedef struct CTR_ALIGN(4) KPreemptionTimer
{
u32 nLimitedTicks;
u32 timer;
@ -187,7 +219,7 @@ typedef struct ALIGN(4) KPreemptionTimer
} KPreemptionTimer;
/* 15 */
typedef struct PACKED ALIGN(4) KThread
typedef struct CTR_PACKED CTR_ALIGN(4) KThread
{
KSynchronizationObject syncObject;
KTimeableInterruptEvent timeableInterruptEvent;
@ -245,7 +277,7 @@ typedef enum ProcessStatus
} ProcessStatus;
/* 3 */
typedef struct ALIGN(4) HandleDescriptor
typedef struct CTR_ALIGN(4) HandleDescriptor
{
u32 info;
KAutoObject *pointer;
@ -265,7 +297,7 @@ typedef struct KProcessHandleTable
} KProcessHandleTable;
/* 4 */
typedef struct ALIGN(4) KDebugThread
typedef struct CTR_ALIGN(4) KDebugThread
{
KThread *linkedThread;
bool usedSvcBreak;
@ -323,7 +355,7 @@ typedef enum {
} ExceptionEventType;
/* 6 */
typedef struct ALIGN(4) KDebug
typedef struct CTR_ALIGN(4) KDebug
{
KSynchronizationObject syncObject;
KSendableInterruptEvent sendableInterruptEvent;
@ -390,7 +422,7 @@ typedef struct KCodeSetMemDescriptor
} KCodeSetMemDescriptor;
/* 5 */
typedef struct PACKED ALIGN(4) KCodeSet
typedef struct CTR_PACKED CTR_ALIGN(4) KCodeSet
{
KAutoObject autoObject;
KCodeSetMemDescriptor textSection;
@ -465,7 +497,7 @@ typedef struct KUserBindableInterruptEvent
} KUserBindableInterruptEvent;
/* 14 */
typedef struct ALIGN(4) KEvent
typedef struct CTR_ALIGN(4) KEvent
{
KSynchronizationObject syncObject;
KUserBindableInterruptEvent userBindableInterruptEvent;
@ -489,6 +521,9 @@ typedef enum MemOp
MEMOP_REGION_SYSTEM = 0x200,
MEMOP_REGION_BASE = 0x300,
MEMOP_LINEAR = 0x10000,
MEMOP_OP_MASK = 0xFF,
MEMOP_REGION_MASK = 0xF00,
} MemOp;
/* 17 */
@ -541,6 +576,20 @@ typedef struct KBlockInfo
u32 pageCount;
} KBlockInfo;
typedef struct KSharedMemory
{
KAutoObject autoObject;
KLinkedList ownedKBlockInfo;
union KProcess *owner;
u32 ownerPermissions;
u32 otherPermissions;
u8 isBlockInfoGenerated;
s8 allBlockInfoGenerated;
u8 unknown_1;
u8 unknown_2;
u32 address;
} KSharedMemory;
/* 25 */
typedef struct KMemoryBlock
{
@ -552,7 +601,7 @@ typedef struct KMemoryBlock
} KMemoryBlock;
/* 28 */
typedef struct ALIGN(4) KScheduler
typedef struct CTR_ALIGN(4) KScheduler
{
KSchedulableInterruptEvent interruptEvent;
u32 threadSwitchAttempts;
@ -570,7 +619,7 @@ typedef struct ALIGN(4) KScheduler
} KScheduler;
/* 46 */
typedef struct PACKED CodeSetInfo
typedef struct CTR_PACKED CodeSetInfo
{
char name[8];
u16 unknown_1;
@ -590,7 +639,7 @@ typedef struct PACKED CodeSetInfo
} CodeSetInfo;
/* 53 */
typedef struct ALIGN(4) InterruptData
typedef struct CTR_ALIGN(4) InterruptData
{
KBaseInterruptEvent *interruptEvent;
bool disableUponReceipt;
@ -691,7 +740,7 @@ typedef enum ResetType
} ResetType;
/* 81 */
typedef struct PACKED ALIGN(4) KTimer
typedef struct CTR_PACKED CTR_ALIGN(4) KTimer
{
KSynchronizationObject syncObject;
KTimeableInterruptEvent timeableInterruptEvent;
@ -719,7 +768,7 @@ typedef KSchedulableInterruptEvent KThreadTerminationInterruptEvent;
typedef KSchedulableInterruptEvent KThreadExitInterruptEvent;
/* 89 */
typedef struct ALIGN(4) KInterruptEventMailbox
typedef struct CTR_ALIGN(4) KInterruptEventMailbox
{
u32 mailboxID;
KSendableInterruptEvent *first;
@ -746,7 +795,7 @@ typedef enum LimitableResource
} LimitableResource;
/* 99 */
typedef struct ALIGN(4) CpuRegisters
typedef struct CTR_ALIGN(4) CpuRegisters
{
u32 r[13];
u32 sp;
@ -760,7 +809,7 @@ typedef struct FpuRegisters
{
union
{
struct PACKED { double d[16]; };
struct CTR_PACKED { double d[16]; };
float s[32];
};
u32 fpscr;
@ -925,7 +974,7 @@ typedef struct KEventInfo
};
} KEventInfo;
typedef struct ALIGN(0x1000) KCoreObjectContext
typedef struct CTR_ALIGN(0x1000) KCoreObjectContext
{
KThread *volatile currentThread;
union KProcess *volatile currentProcess;
@ -955,7 +1004,7 @@ extern KCoreContext *coreCtxs;
#define DEFINE_CONSOLE_SPECIFIC_STRUCTS(console, nbCores)
/* 60 */
typedef struct ALIGN(4) KProcessHwInfoN3DS
typedef struct CTR_ALIGN(4) KProcessHwInfoN3DS
{
KObjectMutex mutex;
u32 processTLBEntriesNeedToBeFlushedOnCore[4];
@ -974,7 +1023,7 @@ typedef struct ALIGN(4) KProcessHwInfoN3DS
u32 *mmuTableVA;
} KProcessHwInfoN3DS;
typedef struct ALIGN(4) KProcessHwInfoO3DS8x
typedef struct CTR_ALIGN(4) KProcessHwInfoO3DS8x
{
KObjectMutex mutex;
u32 processTLBEntriesNeedToBeFlushedOnCore[2];
@ -993,7 +1042,7 @@ typedef struct ALIGN(4) KProcessHwInfoO3DS8x
u32 *mmuTableVA;
} KProcessHwInfoO3DS8x;
typedef struct ALIGN(4) KProcessHwInfoO3DSPre8x
typedef struct CTR_ALIGN(4) KProcessHwInfoO3DSPre8x
{
KObjectMutex mutex;
u32 processTLBEntriesNeedToBeFlushedOnCore[2];
@ -1038,10 +1087,24 @@ typedef struct KProcess##sys\
KThread *mainThread;\
u32 interruptEnabledFlags[4];\
KProcessHandleTable handleTable;\
u8 gap234[52];\
/* Custom fields for plugin system */ \
/* { */ \
u32 customFlags; /* see KProcess_CustomFlags enum below */ \
Handle onMemoryLayoutChangeEvent;\
/* } */ \
u8 gap234[44];\
u64 unused;\
} KProcess##sys;
enum KProcess_CustomFlags
{
ForceRWXPages = 1 << 0,
SignalOnMemLayoutChanges = 1 << 1,
SignalOnExit = 1 << 2,
MemLayoutChanged = 1 << 16
};
INSTANCIATE_KPROCESS(N3DS);
INSTANCIATE_KPROCESS(O3DS8x);
INSTANCIATE_KPROCESS(O3DSPre8x);
@ -1135,6 +1198,28 @@ typedef struct FcramLayout
u32 baseSize;
} FcramLayout;
typedef struct RegionDescriptor
{
void *firstMemoryBlock;
void *lastMemoryBlock;
void *regionStart;
u32 regionSizeInBytes;
} RegionDescriptor;
typedef struct FcramDescriptor
{
RegionDescriptor appRegion;
RegionDescriptor sysRegion;
RegionDescriptor baseRegion;
RegionDescriptor * regionDescsPtr;
u32 fcramStart;
u32 fcramSizeInPages;
u32 baseMemoryStart;
u32 kernelUsageInBytes;
u32 unknown;
KObjectMutex mutex;
} FcramDescriptor;
extern bool isN3DS;
extern void *officialSVCs[0x7E];
@ -1162,7 +1247,7 @@ offsetof(classname##O3DSPre8x, field)))
#define KPROCESSHWINFO_GET_RVALUE(obj, field) *(KPROCESSHWINFO_GET_PTR(obj, field))
#define KPROCESSHWINFO_GET_RVALUE_TYPE(type, obj, field) *(KPROCESSHWINFO_GET_PTR_TYPE(type, obj, field))
extern u32 pidOffsetKProcess, hwInfoOffsetKProcess, codeSetOffsetKProcess, handleTableOffsetKProcess, debugOffsetKProcess;
extern u32 pidOffsetKProcess, hwInfoOffsetKProcess, codeSetOffsetKProcess, handleTableOffsetKProcess, debugOffsetKProcess, flagsKProcess;
static inline u32 idOfProcess(KProcess *process)
{
@ -1195,6 +1280,13 @@ static inline KDebug *debugOfProcess(KProcess *process)
return debug;
}
static inline u32 flagsOfProcess(KProcess *process)
{
u32 flags;
memcpy(&flags, (const u8 *)process + flagsKProcess, 4);
return flags;
}
static inline const char *classNameOfAutoObject(KAutoObject *object)
{
const char *name;

129
k11_extension/include/mmu.h Normal file
View File

@ -0,0 +1,129 @@
#pragma once
#include "types.h"
#include "kernel.h"
typedef struct
{
u32 bits1_0 : 2; ///< 0b00
} Desc_TranslationFault;
typedef struct
{
u32 bits1_0 : 2; ///< 0b01
u32 sbz : 3;
u32 domain : 4;
u32 p : 1;
u32 addr : 21;
} Desc_CoarsePageTable;
typedef struct
{
u32 bits1_0 : 2; ///< 0b10
u32 b : 1;
u32 c : 1;
u32 xn : 1;
u32 domain : 4;
u32 p : 1;
u32 ap : 2;
u32 tex : 3;
u32 apx : 1;
u32 s : 1;
u32 ng : 1;
u32 bit18 : 1; ///< 0
u32 sbz : 1;
u32 addr : 12;
} Desc_Section;
typedef struct
{
u32 bits1_0 : 2; ///< 0b10
u32 b : 1;
u32 c : 1;
u32 xn : 1;
u32 domain : 4;
u32 p : 1;
u32 ap : 2;
u32 tex : 3;
u32 sbz : 3;
u32 bit18 : 1; ///< 1
u32 sbz2 : 5;
u32 addr : 8;
} Desc_Supersection;
typedef struct
{
u32 bits1_0 : 2; ///< 0b11
} Desc_Reserved;
typedef struct
{
u32 bits1_0 : 2; ///< 0b01
u32 b : 1;
u32 c : 1;
u32 ap : 2;
u32 sbz : 3;
u32 apx : 1;
u32 s : 1;
u32 ng : 1;
u32 tex : 3;
u32 xn : 1;
u32 addr : 16;
} Desc_LargePage;
typedef struct
{
u32 xn : 1;
u32 bit1 : 1; ///< 1
u32 b : 1;
u32 c : 1;
u32 ap : 2;
u32 tex : 3;
u32 apx : 1;
u32 s : 1;
u32 ng : 1;
u32 addr : 20;
} Desc_SmallPage;
typedef union
{
u32 raw;
Desc_TranslationFault translationFault;
Desc_CoarsePageTable coarsePageTable;
Desc_Section section;
Desc_Supersection supersection;
Desc_Reserved reserved;
} L1Descriptor;
typedef union
{
u32 raw;
Desc_TranslationFault translationFault;
Desc_LargePage largePage;
Desc_SmallPage smallPage;
} L2Descriptor;
typedef enum
{
Descriptor_TranslationFault,
Descriptor_CoarsePageTable,
Descriptor_Section,
Descriptor_Supersection,
Descriptor_Reserved,
Descriptor_LargePage,
Descriptor_SmallPage
} DescType;
void L1MMUTable__RWXForAll(u32 *table);
void L2MMUTable__RWXForAll(u32 *table);
u32 L1MMUTable__GetPAFromVA(u32 *table, u32 va);
u32 L2MMUTable__GetPAFromVA(u32 *table, u32 va);
u32 L1MMUTable__GetAddressUserPerm(u32 *table, u32 va);
u32 L2MMUTable__GetAddressUserPerm(u32 *table, u32 va);
void KProcessHwInfo__SetMMUTableToRWX(KProcessHwInfo *hwInfo);
u32 KProcessHwInfo__GetPAFromVA(KProcessHwInfo *hwInfo, u32 va);
u32 KProcessHwInfo__GetAddressUserPerm(KProcessHwInfo *hwInfo, u32 va);

34
k11_extension/include/svc/ControlMemoryUnsafe.h Normal file
View File

@ -0,0 +1,34 @@
/*
* This file is part of Luma3DS
* Copyright (C) 2016-2018 Aurora Wright, TuxSH
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* Additional Terms 7.b and 7.c of GPLv3 apply to this file:
* * Requiring preservation of specified reasonable legal notices or
* author attributions in that material or in the Appropriate Legal
* Notices displayed by works containing it.
* * Prohibiting misrepresentation of the origin of that material,
* or requiring that modified versions of such material be marked in
* reasonable ways as different from the original version.
*/
#pragma once
#include "utils.h"
#include "kernel.h"
#include "svc.h"
Result ControlMemoryUnsafe(u32 *out, u32 addr0, u32 size, MemOp op, MemPerm perm);
Result ControlMemoryUnsafeWrapper(u32 *out, u32 addr0, u32 size, MemOp op, MemPerm perm);

21
k11_extension/include/svc/ControlProcess.h Normal file
View File

@ -0,0 +1,21 @@
#pragma once
#include "utils.h"
#include "kernel.h"
#include "svc.h"
/// Operations for svcControlProcess
typedef enum ProcessOp
{
PROCESSOP_GET_ALL_HANDLES, ///< List all handles of the process, varg3 can be either 0 to fetch all handles, or token of the type to fetch
///< svcControlProcess(handle, PROCESSOP_GET_ALL_HANDLES, (u32)&outBuf, 0)
PROCESSOP_SET_MMU_TO_RWX, ///< Set the whole memory of the process with rwx access
///< svcControlProcess(handle, PROCESSOP_SET_MMU_TO_RWX, 0, 0)
PROCESSOP_GET_ON_MEMORY_CHANGE_EVENT,
PROCESSOP_SIGNAL_ON_EXIT,
PROCESSOP_GET_PA_FROM_VA, ///< Get the physical address of the va within the process
///< svcControlProcess(handle, PROCESSOP_GET_PA_FROM_VA, (u32)&outPa, va)
PROCESSOP_SCHEDULE_THREADS,
} ProcessOp;
Result ControlProcess(Handle process, ProcessOp op, u32 varg2, u32 varg3);

32
k11_extension/include/svc/CreateThread.h Normal file
View File

@ -0,0 +1,32 @@
/*
* This file is part of Luma3DS
* Copyright (C) 2016-2023 Aurora Wright, TuxSH
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* Additional Terms 7.b and 7.c of GPLv3 apply to this file:
* * Requiring preservation of specified reasonable legal notices or
* author attributions in that material or in the Appropriate Legal
* Notices displayed by works containing it.
* * Prohibiting misrepresentation of the origin of that material,
* or requiring that modified versions of such material be marked in
* reasonable ways as different from the original version.
*/
#include "utils.h"
#include "kernel.h"
#include "svc.h"
Result CreateThreadHookWrapper(Handle *outThreadHandle, u32 ep, u32 arg, u32 stackTop, s32 priority, s32 processorId);
Result CreateThreadHook(Handle *outThreadHandle, u32 ep, u32 arg, u32 stackTop, s32 priority, s32 processorId);

6
k11_extension/include/svc/ExitProcess.h Normal file
View File

@ -0,0 +1,6 @@
#include "utils.h"
#include "kernel.h"
#include "svc.h"
void ExitProcessHook(void);
void ExitProcessHookWrapper(void);

2
k11_extension/include/svc/KernelSetState.h
View File

@ -30,7 +30,7 @@
#include "kernel.h"
#include "svc.h"
extern bool svcSignalingEnabled;
extern u8 svcSignalingEnabled;
bool shouldSignalSyscallDebugEvent(KProcess *process, u8 svcId);
Result KernelSetStateHook(u32 type, u32 varg1, u32 varg2, u32 varg3);

9
k11_extension/include/svc/MapProcessMemoryEx.h
View File

@ -30,4 +30,11 @@
#include "kernel.h"
#include "svc.h"
Result MapProcessMemoryEx(Handle processHandle, void *dst, void *src, u32 size);
/// Flags for svcMapProcessMemoryEx
typedef enum MapExFlags
{
MAPEXFLAGS_PRIVATE = BIT(0), ///< Maps the memory as PRIVATE (0xBB05) instead of SHARED (0x5806)
} MapExFlags;
Result MapProcessMemoryEx(Handle dstProcessHandle, u32 vaDst, Handle srcProcessHandle, u32 vaSrc, u32 size, MapExFlags flags);
Result MapProcessMemoryExWrapper(Handle dstProcessHandle, u32 vaDst, Handle srcProcessHandle, u32 vaSrc, u32 size, MapExFlags flags);

8
k11_extension/include/types.h
View File

@ -69,11 +69,11 @@ typedef s32 Result; ///< Function result.
#define BIT(n) (1U<<(n))
/// Aligns a struct (and other types?) to m, making sure that the size of the struct is a multiple of m.
#define ALIGN(m) __attribute__((aligned(m)))
#define CTR_ALIGN(m) __attribute__((aligned(m)))
/// Packs a struct (and other types?) so it won't include padding bytes.
#define PACKED __attribute__((packed))
#define USED __attribute__((used))
#define UNUSED __attribute__((unused))
#define CTR_PACKED __attribute__((packed))
#define CTR_USED __attribute__((used))
#define CTR_UNUSED __attribute__((unused))
/// Packs a system version from its components.
#define SYSTEM_VERSION(major, minor, revision) \
(((major)<<24)|((minor)<<16)|((revision)<<8))

2
k11_extension/linker.specs
View File

@ -1,7 +1,7 @@
%rename link old_link
*link:
%(old_link) -T %:getenv(TOPDIR /linker.ld) --nmagic --gc-sections
%(old_link) -T %:getenv(TOPDIR /linker.ld) --nmagic --gc-sections --no-warn-rwx-segments
*startfile:
crti%O%s crtbegin%O%s

6
k11_extension/source/debug.c
View File

@ -31,7 +31,7 @@
KRecursiveLock dbgParamsLock = { NULL };
u32 dbgParamWatchpointId, dbgParamDVA, dbgParamWCR, dbgParamContextId;
KSchedulableInterruptEvent *enableMonitorModeDebugging(KBaseInterruptEvent *this UNUSED, u32 interruptID UNUSED)
KSchedulableInterruptEvent *enableMonitorModeDebugging(KBaseInterruptEvent *this CTR_UNUSED, u32 interruptID CTR_UNUSED)
{
coreBarrier();
@ -76,7 +76,7 @@ static void disableWatchpoint1(void)
__asm__ __volatile__("mcr p14, 0, %[val], c0, c5, 5" :: [val] "r" (control));
}
KSchedulableInterruptEvent *disableWatchpoint(KBaseInterruptEvent *this UNUSED, u32 interruptID UNUSED)
KSchedulableInterruptEvent *disableWatchpoint(KBaseInterruptEvent *this CTR_UNUSED, u32 interruptID CTR_UNUSED)
{
coreBarrier();
@ -131,7 +131,7 @@ static void setWatchpoint1WithContextId(u32 DVA, u32 WCR, u32 contextId)
__asm__ __volatile__("mcr p15, 0, %[val], c7, c10, 5" :: [val] "r" (0) : "memory"); // DMB
}
KSchedulableInterruptEvent *setWatchpointWithContextId(KBaseInterruptEvent *this UNUSED, u32 interruptID UNUSED)
KSchedulableInterruptEvent *setWatchpointWithContextId(KBaseInterruptEvent *this CTR_UNUSED, u32 interruptID CTR_UNUSED)
{
coreBarrier();

40
k11_extension/source/fatalExceptionHandlersMain.c
View File

@ -28,10 +28,43 @@
#include "fatalExceptionHandlers.h"
#include "utils.h"
#include "kernel.h"
#include "memory.h"
#include "mmu.h"
#include "globals.h"
#define REG_DUMP_SIZE 4 * 23
#define CODE_DUMP_SIZE 48
#define CODE_DUMP_SIZE 96
// Return true if parameters are invalid
static bool checkExceptionHandlerValidity(KProcess *process, vu32 *threadLocalStorage)
{
if (process == NULL)
return true;
u32 stackBottom = threadLocalStorage[0x11];
u32 exceptionBuf = threadLocalStorage[0x12];
MemoryInfo memInfo;
PageInfo pageInfo;
KProcessHwInfo *hwInfo = hwInfoOfProcess(process);
u32 perm = KProcessHwInfo__GetAddressUserPerm(hwInfo, threadLocalStorage[0x10]);
if (stackBottom != 1)
{
if (KProcessHwInfo__QueryMemory(hwInfo, &memInfo, &pageInfo, (void *)stackBottom)
|| (memInfo.permissions & MEMPERM_RW) != MEMPERM_RW)
return true;
}
if (exceptionBuf > 1)
{
if (KProcessHwInfo__QueryMemory(hwInfo, &memInfo, &pageInfo, (void *)exceptionBuf)
|| (memInfo.permissions & MEMPERM_RW) != MEMPERM_RW)
return true;
}
return (perm & MEMPERM_RX) != MEMPERM_RX;
}
bool isExceptionFatal(u32 spsr, u32 *regs, u32 index)
{
@ -43,7 +76,7 @@ bool isExceptionFatal(u32 spsr, u32 *regs, u32 index)
KProcess *currentProcess = currentCoreContext->objectContext.currentProcess;
if(thread != NULL && thread->threadLocalStorage != NULL && *((vu32 *)thread->threadLocalStorage + 0x10) != 0)
return false;
return checkExceptionHandlerValidity(currentProcess, (vu32 *)thread->threadLocalStorage);
if(currentProcess != NULL)
{
@ -52,7 +85,7 @@ bool isExceptionFatal(u32 spsr, u32 *regs, u32 index)
thread = KPROCESS_GET_RVALUE(currentProcess, mainThread);
if(thread != NULL && thread->threadLocalStorage != NULL && *((vu32 *)thread->threadLocalStorage + 0x10) != 0)
return false;
return checkExceptionHandlerValidity(currentProcess, thread->threadLocalStorage);
if(index == 3 && strcmp(codeSetOfProcess(currentProcess)->processName, "menu") == 0 && // workaround a Home Menu bug leading to a dabort
regs[0] == 0x3FFF && regs[2] == 0 && regs[5] == 2 && regs[7] == 1)
@ -70,6 +103,7 @@ bool isDataAbortExceptionRangeControlled(u32 spsr, u32 addr)
((u32)safecpy <= addr && addr < (u32)safecpy + safecpy_sz)
);
}
void fatalExceptionHandlersMain(u32 *registerDump, u32 type, u32 cpuId)
{
ExceptionDumpHeader dumpHeader;

76
k11_extension/source/globals.c
View File

@ -25,6 +25,8 @@
*/
#include "globals.h"
#include "utils.h"
#include "ipc.h"
KRecursiveLock *criticalSectionLock;
KObjectList *threadList;
@ -40,17 +42,29 @@ KAutoObject * (*KProcessHandleTable__ToKAutoObject)(KProcessHandleTable *this, H
void (*KSynchronizationObject__Signal)(KSynchronizationObject *this, bool isPulse);
Result (*WaitSynchronization1)(void *this_unused, KThread *thread, KSynchronizationObject *syncObject, s64 timeout);
Result (*KProcessHandleTable__CreateHandle)(KProcessHandleTable *this, Handle *out, KAutoObject *obj, u8 token);
Result (*KProcessHwInfo__QueryMemory)(KProcessHwInfo *this, MemoryInfo *memoryInfo, PageInfo *pageInfo, void *address);
Result (*KProcessHwInfo__MapProcessMemory)(KProcessHwInfo *this, KProcessHwInfo *other, void *dst, void *src, u32 nbPages);
Result (*KProcessHwInfo__UnmapProcessMemory)(KProcessHwInfo *this, void *addr, u32 nbPages);
Result (*KProcessHwInfo__CheckVaState)(KProcessHwInfo *hwInfo, u32 va, u32 size, u32 state, u32 perm);
Result (*KProcessHwInfo__GetListOfKBlockInfoForVA)(KProcessHwInfo *hwInfo, KLinkedList *list, u32 va, u32 sizeInPage);
Result (*KProcessHwInfo__MapListOfKBlockInfo)(KProcessHwInfo *this, u32 va, KLinkedList *list, u32 state, u32 perm, u32 sbz);
Result (*KEvent__Clear)(KEvent *this);
Result (*KEvent__Signal)(KEvent *this);
void (*KObjectMutex__WaitAndAcquire)(KObjectMutex *this);
void (*KObjectMutex__ErrorOccured)(void);
void (*KScheduler__AdjustThread)(KScheduler *this, KThread *thread, u32 oldSchedulingMask);
void (*KScheduler__AttemptSwitchingThreadContext)(KScheduler *this);
void (*KLinkedList_KBlockInfo__Clear)(KLinkedList *list);
Result (*ControlMemory)(u32 *addrOut, u32 addr0, u32 addr1, u32 size, MemOp op, MemPerm perm, bool isLoader);
Result (*doControlMemory)(KProcessHwInfo *this, u32 addr, u32 requestedNbPages, u32 pa, u32 state, u32 perm, u32 a7, u32 region);
Result (*CreateThread)(Handle *outThreadHandle, u32 ep, u32 arg, u32 stackTop, s32 priority, s32 processorId);
void (*SleepThread)(s64 ns);
Result (*CreateEvent)(Handle *out, ResetType resetType);
Result (*CloseHandle)(Handle handle);
Result (*GetHandleInfo)(s64 *out, Handle handle, u32 type);
Result (*GetSystemInfo)(s64 *out, s32 type, s32 param);
@ -61,6 +75,7 @@ Result (*SendSyncRequest)(Handle handle);
Result (*OpenProcess)(Handle *out, u32 processId);
Result (*GetProcessId)(u32 *out, Handle process);
Result (*DebugActiveProcess)(Handle *out, u32 processId);
Result (*SignalEvent)(Handle event);
Result (*UnmapProcessMemory)(Handle processHandle, void *dst, u32 size);
Result (*KernelSetState)(u32 type, u32 varg1, u32 varg2, u32 varg3);
@ -93,6 +108,7 @@ bool *isDevUnit;
vu8 *configPage;
u32 kernelVersion;
FcramLayout fcramLayout;
FcramDescriptor *fcramDescriptor;
KCoreContext *coreCtxs;
void *originalHandlers[8] = {NULL};
@ -103,15 +119,67 @@ Result (*InterruptManager__MapInterrupt)(InterruptManager *manager, KBaseInterru
u32 coreID, u32 priority, bool disableUponReceipt, bool levelHighActive);
InterruptManager *interruptManager;
void (*initFPU)(void);
void (*mcuReboot)(void);
void (*coreBarrier)(void);
void (*initFPU)(void);
void (*mcuReboot)(void);
void (*coreBarrier)(void);
void* (*kAlloc)(FcramDescriptor *fcramDesc, u32 nbPages, u32 alignment, u32 region);
CfwInfo cfwInfo;
u32 kextBasePa;
u32 stolenSystemMemRegionSize;
bool disableThreadRedirection = false;
vu32 rosalinaState;
bool hasStartedRosalinaNetworkFuncsOnce;
KEvent* signalPluginEvent = NULL;
u32 pidOffsetKProcess, hwInfoOffsetKProcess, codeSetOffsetKProcess, handleTableOffsetKProcess, debugOffsetKProcess, flagsKProcess;
KLinkedList* KLinkedList__Initialize(KLinkedList *list)
{
list->size = 0;
list->nodes.first = list->nodes.last = (KLinkedListNode *)&list->nodes;
return list;
}
void PLG_SignalEvent(u32 event)
{
KThread *currentThread = currentCoreContext->objectContext.currentThread;
// Set configuration memory field with event
*(vu32 *)PA_FROM_VA_PTR((u32 *)0x1FF800F0) |= event;
// Send notification 0x1001
{
u32 *cmdbuf = (u32 *)((u8 *)currentCoreContext->objectContext.currentThread->threadLocalStorage + 0x80);
u32 backup[3] = { cmdbuf[0], cmdbuf[1], cmdbuf[2] };
Handle srvHandle;
SessionInfo *info = SessionInfo_FindFirst("srv:");
Result res = createHandleForThisProcess(&srvHandle, &info->session->clientSession.syncObject.autoObject);
if (res >= 0)
{
cmdbuf[0] = 0x000C0080;
cmdbuf[1] = 0x1001;
cmdbuf[2] = 0;
SendSyncRequest(srvHandle);
CloseHandle(srvHandle);
}
cmdbuf[0] = backup[0]; cmdbuf[1] = backup[1]; cmdbuf[2] = backup[2];
}
// Wait for notification 0x1002
WaitSynchronization1(NULL, currentThread, (KSynchronizationObject *)signalPluginEvent, U64_MAX);
}
void PLG__WakeAppThread(void)
{
KEvent__Signal(signalPluginEvent);
}
u32 PLG_GetStatus(void)
{
return (*(vu32 *)PA_FROM_VA_PTR((u32 *)0x1FF800F0)) & 0xFFFF;
}
u32 pidOffsetKProcess, hwInfoOffsetKProcess, codeSetOffsetKProcess, handleTableOffsetKProcess, debugOffsetKProcess;

84
k11_extension/source/main.c
View File

@ -46,7 +46,7 @@ struct KExtParameters
CfwInfo cfwInfo;
} kExtParameters = { .basePA = 0x12345678 }; // place this in .data
static ALIGN(1024) u32 g_L2Table[256] = {0};
static CTR_ALIGN(1024) u32 g_L2Table[256] = {0};
void relocateAndSetupMMU(u32 coreId, u32 *L1Table)
{
@ -127,13 +127,70 @@ void configHook(vu8 *cfgPage)
codeSetOffsetKProcess = KPROCESS_OFFSETOF(codeSet);
handleTableOffsetKProcess = KPROCESS_OFFSETOF(handleTable);
debugOffsetKProcess = KPROCESS_OFFSETOF(debug);
flagsKProcess = KPROCESS_OFFSETOF(kernelFlags);
}
void KProcessHwInfo__MapL1Section_Hook(void);
void KProcessHwInfo__MapL2Section_Hook(void);
static void installMmuHooks(void)
{
// Older versions of k11 had different VA memory mappings
u32 k11TextStartVa = (u32)originalHandlers[2] & ~0xFFFF;
u32 *off;
for (off = (u32 *)k11TextStartVa; off[0] != 0xE3A05801 || off[1] != 0xE2010EE3; off++);
for (; (off[0] >> 16) != 0xE92D; off--);
u32 *mapL2Section = PA_FROM_VA_PTR(off); // fragile, might break due to cache
for (off = (u32 *)k11TextStartVa; off[0] != 0x13A0A401 || off[1] != 0x03A0A601; off++);
for (; (off[0] >> 16) != 0xE92D; off--);
u32 *mapL1Section = PA_FROM_VA_PTR(off);
mapL1Section[1] = 0xE28FE004; // add lr, pc, #4
mapL1Section[2] = 0xE51FF004; // ldr pc, [pc, #-4]
mapL1Section[3] = (u32)KProcessHwInfo__MapL1Section_Hook;
mapL2Section[1] = 0xE28FE004; // add lr, pc, #4
mapL2Section[2] = 0xE51FF004; // ldr pc, [pc, #-4]
mapL2Section[3] = (u32)KProcessHwInfo__MapL2Section_Hook;
}
static void findUsefulSymbols(void)
{
u32 *off;
for(off = (u32 *)0xFFFF0000; *off != 0xE1A0D002; off++);
// Older versions of k11 had different VA memory mappings
u32 k11TextStartVa = (u32)originalHandlers[2] & ~0xFFFF;
// Get fcramDescriptor
for (off = (u32 *)k11TextStartVa; ; ++off)
{
if ( (off[0] >> 16) == 0xE59F
&& (off[1] >> 16) == 0xE3A0
&& (off[2] >> 16) == 0xE3A0
&& (off[3] >> 16) == 0xE1A0
&& (off[4] >> 16) == 0xEB00)
{
fcramDescriptor = (FcramDescriptor *)off[2 + (off[0] & 0xFFFF) / 4];
break;
}
}
// Get kAlloc
for (; *off != 0xE1A00005 || *(off + 1) != 0xE320F000; ++off);
off = decodeArmBranch(off + 2);
for (; (*off >> 16) != 0xEB00; ++off);
kAlloc = (void* (*)(FcramDescriptor *, u32, u32, u32))decodeArmBranch(off);
// Patch ERRF__DumpException
for(off = (u32 *)0xFFFF0000; *off != 0xE1A04005; ++off);
++off;
*(u32 *)PA_FROM_VA_PTR(off) = makeArmBranch(off, off + 51, false);
for(; *off != 0xE2100102; ++off);
KProcessHwInfo__QueryMemory = (Result (*)(KProcessHwInfo *, MemoryInfo *, PageInfo *, void *))decodeArmBranch(off - 1);
for(; *off != 0xE1A0D002; off++);
off += 3;
initFPU = (void (*) (void))off;
@ -170,6 +227,8 @@ static void findUsefulSymbols(void)
KEvent__Clear = (Result (*)(KEvent *))decodeArmBranch(off + 1);
for(off = (u32 *)KEvent__Clear; *off != 0xE8BD8070; off++);
synchronizationMutex = *(KObjectMutex **)(off + 1);
for(off = (u32 *)officialSVCs[0x18]; *off != 0xE1A04005; ++off);
KEvent__Signal = (Result (*)(KEvent *))decodeArmBranch(off + 1);
for(off = (u32 *)officialSVCs[0x24]; *off != 0xE59F004C; off++);
WaitSynchronization1 = (Result (*)(void *, KThread *, KSynchronizationObject *, s64))decodeArmBranch(off + 6);
@ -196,6 +255,21 @@ static void findUsefulSymbols(void)
for(off = (u32 *)officialSVCs[0x72]; *off != 0xE2041102; off++);
KProcessHwInfo__UnmapProcessMemory = (Result (*)(KProcessHwInfo *, void *, u32))decodeArmBranch(off - 1);
for (off = (u32 *)officialSVCs[0x70]; *off != 0xE8881200 && *off != 0xE8891900; ++off);
for (off = (u32 *)decodeArmBranch(off + 1); *off != 0xE2101102; ++off);
KProcessHwInfo__CheckVaState = (Result (*)(KProcessHwInfo *, u32, u32, u32, u32))decodeArmBranch(off - 1);
for (; *off != 0xE28D1008; ++off);
KProcessHwInfo__GetListOfKBlockInfoForVA = (Result (*)(KProcessHwInfo*, KLinkedList*, u32, u32))decodeArmBranch(off + 1);
for (; *off != 0xE2000102; ++off);
KProcessHwInfo__MapListOfKBlockInfo = (Result (*)(KProcessHwInfo*, u32, KLinkedList*, u32, u32, u32))decodeArmBranch(off - 1);
for (; *off != 0xE8BD8FF0; ++off);
KLinkedList_KBlockInfo__Clear = (void (*)(KLinkedList *))decodeArmBranch(off - 6);
for(off = (u32 *)KProcessHwInfo__MapListOfKBlockInfo; *off != 0xE1A0000B; ++off);
doControlMemory = (Result (*)(KProcessHwInfo*, u32, u32, u32, u32, u32, u32, u32))decodeArmBranch(off + 1);
for(off = (u32 *)officialSVCs[0x7C]; *off != 0x03530000; off++);
KObjectMutex__WaitAndAcquire = (void (*)(KObjectMutex *))decodeArmBranch(++off);
for(; *off != 0xE320F000; off++);
@ -240,7 +314,9 @@ static void findUsefulSymbols(void)
// The official prototype of ControlMemory doesn't have that extra param'
ControlMemory = (Result (*)(u32 *, u32, u32, u32, MemOp, MemPerm, bool))
decodeArmBranch((u32 *)officialSVCs[0x01] + 5);
CreateThread = (Result (*)(Handle *, u32, u32, u32, s32, s32))decodeArmBranch((u32 *)officialSVCs[0x08] + 5);
SleepThread = (void (*)(s64))officialSVCs[0x0A];
CreateEvent = (Result (*)(Handle *, ResetType))decodeArmBranch((u32 *)officialSVCs[0x17] + 3);
CloseHandle = (Result (*)(Handle))officialSVCs[0x23];
GetHandleInfo = (Result (*)(s64 *, Handle, u32))decodeArmBranch((u32 *)officialSVCs[0x29] + 3);
GetSystemInfo = (Result (*)(s64 *, s32, s32))decodeArmBranch((u32 *)officialSVCs[0x2A] + 3);
@ -251,6 +327,8 @@ static void findUsefulSymbols(void)
OpenProcess = (Result (*)(Handle *, u32))decodeArmBranch((u32 *)officialSVCs[0x33] + 3);
GetProcessId = (Result (*)(u32 *, Handle))decodeArmBranch((u32 *)officialSVCs[0x35] + 3);
DebugActiveProcess = (Result (*)(Handle *, u32))decodeArmBranch((u32 *)officialSVCs[0x60] + 3);
SignalEvent = (Result (*)(Handle event))officialSVCs[0x18];
UnmapProcessMemory = (Result (*)(Handle, void *, u32))officialSVCs[0x72];
KernelSetState = (Result (*)(u32, u32, u32, u32))((u32 *)officialSVCs[0x7C] + 1);
@ -282,6 +360,8 @@ static void findUsefulSymbols(void)
invalidateInstructionCacheRange = (void (*)(void *, u32))off2;
}
}
installMmuHooks();
}
void main(FcramLayout *layout, KCoreContext *ctxs)

319
k11_extension/source/mmu.c Normal file
View File

@ -0,0 +1,319 @@
#include "mmu.h"
#include "globals.h"
#include "utils.h"
extern u8 svcSignalingEnabled;
DescType L1Descriptor__GetType(u32 descriptor)
{
L1Descriptor pdesc = {descriptor};
if (pdesc.reserved.bits1_0 == 0b00)
return Descriptor_TranslationFault;
if (pdesc.reserved.bits1_0 == 0b01)
return Descriptor_CoarsePageTable;
if (pdesc.reserved.bits1_0 == 0b10)
return pdesc.section.bit18 == 0 ? Descriptor_Section : Descriptor_Supersection;
return Descriptor_Reserved;
}
DescType L2Descriptor__GetType(u32 descriptor)
{
L2Descriptor pdesc = {descriptor};
if (pdesc.translationFault.bits1_0 == 0b01)
return Descriptor_LargePage;
if (pdesc.smallPage.bit1 == 1)
return Descriptor_SmallPage;
return Descriptor_TranslationFault;
}
void L1MMUTable__RWXForAll(u32 *table)
{
u32 *tableEnd = table + 1024;
for (; table != tableEnd; ++table)
{
L1Descriptor descriptor = {*table};
switch (L1Descriptor__GetType(descriptor.raw))
{
case Descriptor_CoarsePageTable:
{
u32 *l2table = (u32 *)((descriptor.coarsePageTable.addr << 10) - 0x40000000);
L2MMUTable__RWXForAll(l2table);
break;
}
case Descriptor_Section:
{
descriptor.section.xn = 0;
descriptor.section.apx = 0;
descriptor.section.ap = 3;
*table = descriptor.raw;
break;
}
case Descriptor_Supersection:
{
descriptor.supersection.xn = 0;
descriptor.supersection.ap = 3;
*table = descriptor.raw;
break;
}
default:
break;
}
}
}
void L2MMUTable__RWXForAll(u32 *table)
{
u32 *tableEnd = table + 256;
for (; table != tableEnd; ++table)
{
L2Descriptor descriptor = {*table};
switch (L2Descriptor__GetType(descriptor.raw))
{
case Descriptor_LargePage:
{
descriptor.largePage.xn = 0;
descriptor.largePage.apx = 0;
descriptor.largePage.ap = 3;
*table = descriptor.raw;
break;
}
case Descriptor_SmallPage:
{
descriptor.smallPage.xn = 0;
descriptor.smallPage.apx = 0;
descriptor.smallPage.ap = 3;
*table = descriptor.raw;
break;
}
default:
break;
}
}
}
u32 L1MMUTable__GetPAFromVA(u32 *table, u32 va)
{
u32 pa = 0;
L1Descriptor descriptor = {table[va >> 20]};
switch (L1Descriptor__GetType(descriptor.raw))
{
case Descriptor_CoarsePageTable:
{
u32 *l2table = (u32 *)((descriptor.coarsePageTable.addr << 10) - 0x40000000);
pa = L2MMUTable__GetPAFromVA(l2table, va);
break;
}
case Descriptor_Section:
{
pa = descriptor.section.addr << 20;
pa |= (va << 12) >> 12;
break;
}
case Descriptor_Supersection:
{
pa = descriptor.supersection.addr << 24;
pa |= (va << 8) >> 8;
break;
}
default:
// VA not found
break;
}
return pa;
}
u32 L2MMUTable__GetPAFromVA(u32 *table, u32 va)
{
u32 pa = 0;
L2Descriptor descriptor = {table[(va << 12) >> 24]};
switch(L2Descriptor__GetType(descriptor.raw))
{
case Descriptor_LargePage:
{
pa = descriptor.largePage.addr << 16;
pa |= va & 0xFFFF;
break;
}
case Descriptor_SmallPage:
{
pa = descriptor.smallPage.addr << 12;
pa |= va & 0xFFF;
break;
}
default:
break;
}
return pa;
}
u32 L1MMUTable__GetAddressUserPerm(u32 *table, u32 va)
{
u32 perm = 0;
L1Descriptor descriptor = {table[va >> 20]};
switch (L1Descriptor__GetType(descriptor.raw))
{
case Descriptor_CoarsePageTable:
{
u32 *l2table = (u32 *)((descriptor.coarsePageTable.addr << 10) - 0x40000000);
perm = L2MMUTable__GetAddressUserPerm(l2table, va);
break;
}
case Descriptor_Section:
{
perm = descriptor.section.ap >> 1;
if (perm)
{
perm |= (!descriptor.section.apx && (descriptor.section.ap & 1)) << 1;
perm |= (!descriptor.section.xn) << 2;
}
break;
}
case Descriptor_Supersection:
{
perm = descriptor.supersection.ap >> 1;
if (perm)
{
perm |= (descriptor.supersection.ap & 1) << 1;
perm |= (!descriptor.supersection.xn) << 2;
}
break;
}
default:
// VA not found
break;
}
return perm;
}
u32 L2MMUTable__GetAddressUserPerm(u32 *table, u32 va)
{
u32 perm = 0;
L2Descriptor descriptor = {table[(va << 12) >> 24]};
switch(L2Descriptor__GetType(descriptor.raw))
{
case Descriptor_LargePage:
{
perm = descriptor.largePage.ap >> 1;
if (perm)
{
perm |= (!descriptor.largePage.apx && (descriptor.largePage.ap & 1)) << 1;
perm |= (!descriptor.largePage.xn) << 2;
}
break;
}
case Descriptor_SmallPage:
{
perm = descriptor.smallPage.ap >> 1;
if (perm)
{
perm |= (!descriptor.smallPage.apx && (descriptor.smallPage.ap & 1)) << 1;
perm |= (!descriptor.smallPage.xn) << 2;
}
break;
}
default:
break;
}
return perm;
}
void KProcessHwInfo__SetMMUTableToRWX(KProcessHwInfo *hwInfo)
{
KObjectMutex *mutex = KPROCESSHWINFO_GET_PTR(hwInfo, mutex);
u32 *table = KPROCESSHWINFO_GET_RVALUE(hwInfo, mmuTableVA);
KObjectMutex__Acquire(mutex);
L1MMUTable__RWXForAll(table);
KObjectMutex__Release(mutex);
}
u32 KProcessHwInfo__GetPAFromVA(KProcessHwInfo *hwInfo, u32 va)
{
KObjectMutex *mutex = KPROCESSHWINFO_GET_PTR(hwInfo, mutex);
u32 *table = KPROCESSHWINFO_GET_RVALUE(hwInfo, mmuTableVA);
KObjectMutex__Acquire(mutex);
u32 pa = L1MMUTable__GetPAFromVA(table, va);
KObjectMutex__Release(mutex);
return pa;
}
u32 KProcessHwInfo__GetAddressUserPerm(KProcessHwInfo *hwInfo, u32 va)
{
KObjectMutex *mutex = KPROCESSHWINFO_GET_PTR(hwInfo, mutex);
u32 *table = KPROCESSHWINFO_GET_RVALUE(hwInfo, mmuTableVA);
KObjectMutex__Acquire(mutex);
u32 perm = L1MMUTable__GetAddressUserPerm(table, va);
KObjectMutex__Release(mutex);
return perm;
}
static union
{
u32 raw;
struct
{
u32 xn : 1;
u32 unkn : 1;
u32 cb : 2;
u32 ap : 2;
u32 tex : 3;
u32 apx : 1;
u32 s : 1;
u32 ng : 1;
};
} g_rwxState;
// This function patch the permissions when memory is mapped in the mmu table (rwx)
KProcessHwInfo *PatchDescriptorAccessControl(KProcessHwInfo *hwInfo, u32 **outState)
{
KProcess *process = (KProcess *)((u32)hwInfo - 0x1C);
u32 state = **outState;
u32 flags = KPROCESS_GET_RVALUE(process, customFlags);
if (flags & SignalOnMemLayoutChanges) {
svcSignalingEnabled |= 2;
*KPROCESS_GET_PTR(process, customFlags) |= MemLayoutChanged;
}
if (!(flags & ForceRWXPages))
return hwInfo;
g_rwxState.raw = state;
g_rwxState.xn = 0;
g_rwxState.ap = 3;
g_rwxState.apx = 0;
*outState = &g_rwxState.raw;
return hwInfo;
}

21
k11_extension/source/svc.c
View File

@ -28,6 +28,7 @@
#include "synchronization.h"
#include "svc.h"
#include "svc/ControlMemory.h"
#include "svc/CreateThread.h"
#include "svc/GetHandleInfo.h"
#include "svc/GetSystemInfo.h"
#include "svc/GetProcessInfo.h"
@ -43,8 +44,11 @@
#include "svc/MapProcessMemoryEx.h"
#include "svc/UnmapProcessMemoryEx.h"
#include "svc/ControlService.h"
#include "svc/ControlProcess.h"
#include "svc/ExitProcess.h"
#include "svc/CopyHandle.h"
#include "svc/TranslateHandle.h"
#include "svc/ControlMemoryUnsafe.h"
void *officialSVCs[0x7E] = {NULL};
void *alteredSvcTable[0x100] = {NULL};
@ -62,7 +66,10 @@ void buildAlteredSvcTable(void)
memcpy(alteredSvcTable, officialSVCs, 4 * 0x7E);
alteredSvcTable[0x01] = ControlMemoryHookWrapper;
alteredSvcTable[0x03] = ExitProcessHookWrapper;
if (isN3DS)
alteredSvcTable[0x08] = CreateThreadHookWrapper;
alteredSvcTable[0x29] = GetHandleInfoHookWrapper;
alteredSvcTable[0x2A] = GetSystemInfoHookWrapper;
alteredSvcTable[0x2B] = GetProcessInfoHookWrapper;
@ -87,13 +94,15 @@ void buildAlteredSvcTable(void)
alteredSvcTable[0x93] = invalidateInstructionCacheRange;
alteredSvcTable[0x94] = invalidateEntireInstructionCache;
alteredSvcTable[0xA0] = MapProcessMemoryEx;
alteredSvcTable[0xA0] = MapProcessMemoryExWrapper;
alteredSvcTable[0xA1] = UnmapProcessMemoryEx;
alteredSvcTable[0xA2] = ControlMemoryEx;
alteredSvcTable[0xA3] = ControlMemoryUnsafeWrapper;
alteredSvcTable[0xB0] = ControlService;
alteredSvcTable[0xB1] = CopyHandleWrapper;
alteredSvcTable[0xB2] = TranslateHandleWrapper;
alteredSvcTable[0xB3] = ControlProcess;
}
void signalSvcEntry(u32 svcId)
@ -108,10 +117,18 @@ void signalSvcEntry(u32 svcId)
void signalSvcReturn(u32 svcId)
{
KProcess *currentProcess = currentCoreContext->objectContext.currentProcess;
u32 flags = KPROCESS_GET_RVALUE(currentProcess, customFlags);
// Since DBGEVENT_SYSCALL_RETURN is non blocking, we'll cheat using EXCEVENT_UNDEFINED_SYSCALL (debug->svcId is fortunately an u16!)
if(debugOfProcess(currentProcess) != NULL && svcId != 0xFF && shouldSignalSyscallDebugEvent(currentProcess, svcId))
if((svcSignalingEnabled & 1) != 0 && (currentProcess) != NULL && svcId != 0xFF && shouldSignalSyscallDebugEvent(currentProcess, svcId))
SignalDebugEvent(DBGEVENT_OUTPUT_STRING, 0xFFFFFFFF, svcId);
if (flags & SignalOnMemLayoutChanges && flags & MemLayoutChanged)
{
*KPROCESS_GET_PTR(currentProcess, customFlags) = flags & ~MemLayoutChanged;
SignalEvent(KPROCESS_GET_RVALUE(currentProcess, onMemoryLayoutChangeEvent));
svcSignalingEnabled &= ~2;
}
}
void postprocessSvc(void)

84
k11_extension/source/svc/ControlMemoryUnsafe.c Normal file
View File

@ -0,0 +1,84 @@
/*
* This file is part of Luma3DS
* Copyright (C) 2016-2018 Aurora Wright, TuxSH
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* Additional Terms 7.b and 7.c of GPLv3 apply to this file:
* * Requiring preservation of specified reasonable legal notices or
* author attributions in that material or in the Appropriate Legal
* Notices displayed by works containing it.
* * Prohibiting misrepresentation of the origin of that material,
* or requiring that modified versions of such material be marked in
* reasonable ways as different from the original version.
*/
#include "globals.h"
#include "memory.h"
#include "svc/ControlMemoryUnsafe.h"
Result ControlMemoryUnsafe(u32 *out, u32 addr0, u32 size, MemOp op, MemPerm perm)
{
Result res = 0;
KProcess *currentProcess = currentCoreContext->objectContext.currentProcess;
KProcessHwInfo *hwInfo = hwInfoOfProcess(currentProcess);
KAutoObject__AddReference((KAutoObject *)currentProcess);
size = size >> 12 << 12;
switch (op & MEMOP_OP_MASK)
{
case MEMOP_FREE:
{
res = doControlMemory(hwInfo, addr0, size >> 12, 0, 0, 0, 0, 0);
break;
}
case MEMOP_COMMIT:
{
u32 pAddr = 0;
u32 state = 0xBB05;
u32 region = op & MEMOP_REGION_MASK;
perm = (perm & 7) | 0x18;
if (op & MEMOP_LINEAR)
{
void *kvAddr = kAlloc(fcramDescriptor, size >> 12, 0, region);
if (!kvAddr)
{
res = 0xD86007F3;
break;
}
memset(kvAddr, 0, size >> 2);
flushDataCacheRange(kvAddr, size);
pAddr = (u32)kvAddr + 0x40000000;
state = 0x3907;
}
res = doControlMemory(hwInfo, addr0, size >> 12, pAddr, state, perm, 0, region);
if (res >= 0 && out)
*out = addr0;
break;
}
default:
res = 0xE0E01BEE;
break;
}
((KAutoObject *)currentProcess)->vtable->DecrementReferenceCount((KAutoObject *)currentProcess);
return res;
}

208
k11_extension/source/svc/ControlProcess.c Normal file
View File

@ -0,0 +1,208 @@
#include "svc/ControlProcess.h"
#include "memory.h"
#include "mmu.h"
#include "synchronization.h"
typedef bool (*ThreadPredicate)(KThread *thread);
// Lock bit has to be different from Rosalina to avoid unintended unlock when using Rosalina menu
static void rescheduleThread(KThread *thread, bool lock)
{
KRecursiveLock__Lock(criticalSectionLock);
u32 oldSchedulingMask = thread->schedulingMask;
if(lock)
thread->schedulingMask |= 0x20;
else
thread->schedulingMask &= ~0x20;
KScheduler__AdjustThread(currentCoreContext->objectContext.currentScheduler, thread, oldSchedulingMask);
KRecursiveLock__Unlock(criticalSectionLock);
}
static void lockThread(KThread *thread)
{
KThread *syncThread = synchronizationMutex->owner;
if(syncThread == NULL || syncThread != thread)
rescheduleThread(thread, true);
}
Result ControlProcess(Handle processHandle, ProcessOp op, u32 varg2, u32 varg3)
{
Result res = 0;
KProcess *process;
KProcessHandleTable *handleTable = handleTableOfProcess(currentCoreContext->objectContext.currentProcess);
if(processHandle == CUR_PROCESS_HANDLE)
{
process = currentCoreContext->objectContext.currentProcess;
KAutoObject__AddReference((KAutoObject *)process);
}
else
process = KProcessHandleTable__ToKProcess(handleTable, processHandle);
if(process == NULL)
return 0xD8E007F7; // invalid handle
switch (op)
{
case PROCESSOP_GET_ALL_HANDLES:
{
KProcessHandleTable *table = handleTableOfProcess(process);
u32 *originalHandleList = (u32 *)varg2;
u32 count = 0;
u32 searchForToken = varg3;
HandleDescriptor *handleDesc = table->handleTable == NULL ? table->internalTable : table->handleTable;
for (u32 idx = 0; idx < (u32)table->maxHandleCount; ++idx, ++handleDesc)
{
if (handleDesc->pointer == NULL)
continue;
if (searchForToken)
{
KClassToken token;
handleDesc->pointer->vtable->GetClassToken(&token, handleDesc->pointer);
if (searchForToken != token.flags)
continue;
}
*originalHandleList++ = idx | ((handleDesc->info << 16) >> 1);
++count;
}
res = count;
break;
}
case PROCESSOP_SET_MMU_TO_RWX:
{
KProcessHwInfo *hwInfo = hwInfoOfProcess(process);
*KPROCESS_GET_PTR(process, customFlags) |= ForceRWXPages;
KProcessHwInfo__SetMMUTableToRWX(hwInfo);
break;
}
case PROCESSOP_GET_ON_MEMORY_CHANGE_EVENT:
{
// Only accept current process for this command
if (process != currentCoreContext->objectContext.currentProcess)
{
res = 0xD8E007F7; // invalid handle
break;
}
Handle *onMemoryLayoutChangeEvent = KPROCESS_GET_PTR(process, onMemoryLayoutChangeEvent);
if (*onMemoryLayoutChangeEvent == 0)
res = CreateEvent(onMemoryLayoutChangeEvent, RESET_ONESHOT);
if (res >= 0)
{
*KPROCESS_GET_PTR(process, customFlags) |= SignalOnMemLayoutChanges;
KAutoObject * event = KProcessHandleTable__ToKAutoObject(handleTable, *onMemoryLayoutChangeEvent);
createHandleForThisProcess((Handle *)varg2, event);
((KAutoObject *)event)->vtable->DecrementReferenceCount((KAutoObject *)event);
}
break;
}
case PROCESSOP_SIGNAL_ON_EXIT:
{
*KPROCESS_GET_PTR(process, customFlags) |= SignalOnExit;
break;
}
case PROCESSOP_GET_PA_FROM_VA:
{
KProcessHwInfo *hwInfo = hwInfoOfProcess(process);
u32 pa = KProcessHwInfo__GetPAFromVA(hwInfo, varg3);
*(u32 *)varg2 = pa;
if (pa == 0)
res = 0xE0E01BF5; ///< Invalid address
break;
}
case PROCESSOP_SCHEDULE_THREADS:
{
ThreadPredicate threadPredicate = (ThreadPredicate)varg3;
KRecursiveLock__Lock(criticalSectionLock);
if (varg2 == 0) // Unlock
{
for (KLinkedListNode *node = threadList->list.nodes.first; node != (KLinkedListNode *)&threadList->list.nodes; node = node->next)
{
KThread *thread = (KThread *)node->key;
if ((thread->schedulingMask & 0xF) == 2) // thread is terminating
continue;
if (thread->ownerProcess == process && (thread->schedulingMask & 0x20)
&& (threadPredicate == NULL || threadPredicate(thread)))
rescheduleThread(thread, false);
}
}
else // Lock
{
bool currentThreadsFound = false;
for(KLinkedListNode *node = threadList->list.nodes.first; node != (KLinkedListNode *)&threadList->list.nodes; node = node->next)
{
KThread *thread = (KThread *)node->key;
if(thread->ownerProcess != process
|| (threadPredicate != NULL && !threadPredicate(thread)))
continue;
if(thread == coreCtxs[thread->coreId].objectContext.currentThread)
currentThreadsFound = true;
else
lockThread(thread);
}
if(currentThreadsFound)
{
for(KLinkedListNode *node = threadList->list.nodes.first; node != (KLinkedListNode *)&threadList->list.nodes; node = node->next)
{
KThread *thread = (KThread *)node->key;
if(thread->ownerProcess != process
|| (threadPredicate != NULL && !threadPredicate(thread)))
continue;
if(!(thread->schedulingMask & 0x20))
{
lockThread(thread);
KRecursiveLock__Lock(criticalSectionLock);
if(thread->coreId != getCurrentCoreID())
{
u32 cpsr = __get_cpsr();
__disable_irq();
coreCtxs[thread->coreId].objectContext.currentScheduler->triggerCrossCoreInterrupt = true;
currentCoreContext->objectContext.currentScheduler->triggerCrossCoreInterrupt = true;
__set_cpsr_cx(cpsr);
}
KRecursiveLock__Unlock(criticalSectionLock);
}
}
KScheduler__TriggerCrossCoreInterrupt(currentCoreContext->objectContext.currentScheduler);
}
}
KRecursiveLock__Unlock(criticalSectionLock);
break;
}
default:
res = 0xF8C007F4;
}
((KAutoObject *)process)->vtable->DecrementReferenceCount((KAutoObject *)process);
return res;
}

37
k11_extension/source/svc/CreateThread.c Normal file
View File

@ -0,0 +1,37 @@
/*
* This file is part of Luma3DS
* Copyright (C) 2016-2023 Aurora Wright, TuxSH
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* Additional Terms 7.b and 7.c of GPLv3 apply to this file:
* * Requiring preservation of specified reasonable legal notices or
* author attributions in that material or in the Appropriate Legal
* Notices displayed by works containing it.
* * Prohibiting misrepresentation of the origin of that material,
* or requiring that modified versions of such material be marked in
* reasonable ways as different from the original version.
*/
#include "svc/CreateThread.h"
Result CreateThreadHook(Handle *outThreadHandle, u32 ep, u32 arg, u32 stackTop, s32 priority, s32 processorId)
{
u32 flags = flagsOfProcess(currentCoreContext->objectContext.currentProcess);
if (isN3DS && CONFIG(REDIRECTAPPTHREADS) && !disableThreadRedirection && processorId == 1 && (flags & 0xF00) == 0x100)
processorId = 2;
return CreateThread(outThreadHandle, ep, arg, stackTop, priority, processorId);
}

32
k11_extension/source/svc/ExitProcess.c Normal file
View File

@ -0,0 +1,32 @@
#include "svc/ExitProcess.h"
void ExitProcessHook(void) {
KProcess *currentProcess = currentCoreContext->objectContext.currentProcess;
u32 flags = KPROCESS_GET_RVALUE(currentProcess, customFlags);
if (flags & SignalOnExit)
{
// Signal that the process is about to be terminated
if (PLG_GetStatus() == PLG_CFG_RUNNING)
PLG_SignalEvent(PLG_CFG_EXIT_EVENT);
// Unlock all threads that might be locked
{
KRecursiveLock__Lock(criticalSectionLock);
for (KLinkedListNode *node = threadList->list.nodes.first;
node != (KLinkedListNode *)&threadList->list.nodes;
node = node->next)
{
KThread *thread = (KThread *)node->key;
if (thread->ownerProcess == currentProcess && thread->schedulingMask & 0x20)
thread->schedulingMask &= ~0x20;
}
KRecursiveLock__Unlock(criticalSectionLock);
}
}
return ((void(*)())officialSVCs[0x3])();
}

93
k11_extension/source/svc/GetHandleInfo.c
View File

@ -29,11 +29,14 @@
Result GetHandleInfoHook(s64 *out, Handle handle, u32 type)
{
if(type == 0x10000) // KDebug and KProcess: get context ID
Result res = 0;
if(type >= 0x10000)
{
KProcessHwInfo *hwInfo;
KProcessHwInfo *hwInfo;
KProcessHandleTable *handleTable = handleTableOfProcess(currentCoreContext->objectContext.currentProcess);
KAutoObject *obj;
KAutoObject *obj;
if(handle == CUR_PROCESS_HANDLE)
{
obj = (KAutoObject *)(currentCoreContext->objectContext.currentProcess);
@ -45,18 +48,82 @@ Result GetHandleInfoHook(s64 *out, Handle handle, u32 type)
if(obj == NULL)
return 0xD8E007F7;
if(strcmp(classNameOfAutoObject(obj), "KDebug") == 0)
hwInfo = hwInfoOfProcess(((KDebug *)obj)->owner);
else if(strcmp(classNameOfAutoObject(obj), "KProcess") == 0)
hwInfo = hwInfoOfProcess((KProcess *)obj);
else
hwInfo = NULL;
switch (type)
{
case 0x10000: ///< Get ctx id (should probably move it to GetProcessInfo)
{
if(strcmp(classNameOfAutoObject(obj), "KDebug") == 0)
hwInfo = hwInfoOfProcess(((KDebug *)obj)->owner);
else if(strcmp(classNameOfAutoObject(obj), "KProcess") == 0)
hwInfo = hwInfoOfProcess((KProcess *)obj);
else
hwInfo = NULL;
*out = hwInfo != NULL ? KPROCESSHWINFO_GET_RVALUE(hwInfo, contextId) : -1;
*out = hwInfo != NULL ? KPROCESSHWINFO_GET_RVALUE(hwInfo, contextId) : -1;
break;
}
case 0x10001: ///< Get referenced object flags (token)
{
KClassToken token;
obj->vtable->GetClassToken(&token, obj);
*out = token.flags;
break;
}
case 0x10002: ///< Get object owner
{
Handle hOut;
KClassToken token;
KProcess * owner = NULL;
obj->vtable->GetClassToken(&token, obj);
switch(token.flags)
{
case TOKEN_KEVENT:
owner = ((KEvent *)obj)->owner;
break;
case TOKEN_KSEMAPHORE:
owner = ((KSemaphore *)obj)->owner;
break;
case TOKEN_KTIMER:
owner = ((KTimer *)obj)->owner;
break;
case TOKEN_KMUTEX:
owner = ((KMutex *)obj)->owner;
break;
case TOKEN_KDEBUG:
owner = ((KDebug *)obj)->owner;
break;
case TOKEN_KTHREAD:
owner = ((KThread *)obj)->ownerProcess;
break;
case TOKEN_KADDRESSARBITER:
owner = ((KAddressArbiter *)obj)->owner;
break;
case TOKEN_KSHAREDMEMORY:
owner = ((KSharedMemory *)obj)->owner;
break;
default:
break;
}
if (owner == NULL)
res = 0xD8E007F7;
res = createHandleForThisProcess(&hOut, (KAutoObject *)owner);
*out = hOut;
break;
}
default:
res = 0xF8C007F4;
break;
}
obj->vtable->DecrementReferenceCount(obj);
return 0;
return res;
}
else
return GetHandleInfo(out, handle, type);
return GetHandleInfo(out, handle, type);
}

8
k11_extension/source/svc/GetProcessInfo.c
View File

@ -79,6 +79,14 @@ Result GetProcessInfoHook(s64 *out, Handle processHandle, u32 type)
*out = ttb & ~((1 << (14 - TTBCR)) - 1);
break;
}
case 0x10009:
{
KProcessHwInfo *hwInfo = hwInfoOfProcess(process);
u32 mmusize = KPROCESSHWINFO_GET_RVALUE(hwInfo, mmuTableSize);
u32 mmupa = (u32)PA_FROM_VA_PTR(KPROCESSHWINFO_GET_RVALUE(hwInfo, mmuTableVA));
*out = (s64)(mmusize | ((s64)mmupa << 32));
break;
}
default:
res = 0xD8E007ED; // invalid enum value
break;

66
k11_extension/source/svc/GetSystemInfo.c
View File

@ -37,8 +37,17 @@ Result GetSystemInfoHook(s64 *out, s32 type, s32 param)
{
case 0x10000:
{
switch(param)
if (param >= 0x400 && param < 0x500) {
*out = 0;
s32 offset = param - 0x400;
s32 toCopy = (s32)sizeof(cfwInfo.launchedPath) - offset;
if (toCopy > 8) toCopy = 8;
memcpy(out, (u8*)cfwInfo.launchedPath + offset, (toCopy > 0) ? toCopy : 0);
}
else switch(param)
{
// Please do not use these, except 0, 1, and 0x200
// Other types may get removed or reordered without notice
case 0:
*out = SYSTEM_VERSION(cfwInfo.versionMajor, cfwInfo.versionMinor, cfwInfo.versionBuild);
break;
@ -60,7 +69,18 @@ Result GetSystemInfoHook(s64 *out, s32 type, s32 param)
case 6:
*out = cfwInfo.splashDurationMsec;
break;
case 7:
*out = (s64)cfwInfo.volumeSliderOverride;
break;
case 0x10:
*out = (s64)cfwInfo.autobootTwlTitleId;
break;
case 0x11:
*out = cfwInfo.autobootCtrAppmemtype;
break;
case 0x80:
*out = fcramDescriptor->appRegion.regionSizeInBytes;
break;
case 0x100:
*out = (s64)cfwInfo.hbldr3dsxTitleId;
break;
@ -68,12 +88,50 @@ Result GetSystemInfoHook(s64 *out, s32 type, s32 param)
*out = cfwInfo.rosalinaMenuCombo;
break;
case 0x102:
*out = cfwInfo.screenFiltersCct;
*out = cfwInfo.topScreenFilter.cct;
break;
case 0x103:
*out = (s64)cfwInfo.ntpTzOffetMinutes;
break;
case 0x104:
*out = cfwInfo.topScreenFilter.gammaEnc;
break;
case 0x105:
*out = cfwInfo.topScreenFilter.contrastEnc;
break;
case 0x106:
*out = cfwInfo.topScreenFilter.brightnessEnc;
break;
case 0x107:
*out = (s64)cfwInfo.topScreenFilter.invert;
break;
case 0x108:
*out = cfwInfo.bottomScreenFilter.cct;
break;
case 0x109:
*out = cfwInfo.bottomScreenFilter.gammaEnc;
break;
case 0x10A:
*out = cfwInfo.bottomScreenFilter.contrastEnc;
break;
case 0x10B:
*out = cfwInfo.bottomScreenFilter.brightnessEnc;
break;
case 0x10C:
*out = (s64)cfwInfo.bottomScreenFilter.invert;
break;
case 0x10D:
*out = (s64)cfwInfo.topScreenFilter.colorCurveCorrection;
break;
case 0x10E:
*out = (s64)cfwInfo.bottomScreenFilter.colorCurveCorrection;
break;
case 0x180:
*out = cfwInfo.pluginLoaderFlags;
break;
case 0x181:
*out = disableThreadRedirection;
break;
case 0x200: // isRelease
*out = cfwInfo.flags & 1;
break;

31
k11_extension/source/svc/KernelSetState.c
View File

@ -35,8 +35,9 @@
static u32 nbEnabled = 0;
static u32 maskedPids[MAX_DEBUG];
static u32 masks[MAX_DEBUG][8] = {0};
static bool forceBetterSoc = false;
bool svcSignalingEnabled = false;
u8 svcSignalingEnabled = 0;
bool shouldSignalSyscallDebugEvent(KProcess *process, u8 svcId)
{
@ -67,7 +68,7 @@ Result SetSyscallDebugEventMask(u32 pid, bool enable, const u32 *mask)
{
maskedPids[nbEnabled] = pid;
memcpy(&masks[nbEnabled++], tmpMask, 32);
svcSignalingEnabled = true;
svcSignalingEnabled |= 1;
}
else
{
@ -87,7 +88,7 @@ Result SetSyscallDebugEventMask(u32 pid, bool enable, const u32 *mask)
}
maskedPids[--nbEnabled] = 0;
memset(&masks[nbEnabled], 0, 32);
svcSignalingEnabled = false;
svcSignalingEnabled &= ~1;
}
KRecursiveLock__Unlock(&syscallDebugEventMaskLock);
@ -101,6 +102,16 @@ Result KernelSetStateHook(u32 type, u32 varg1, u32 varg2, u32 varg3)
switch(type)
{
case 0xA: // Type 10 (ConfigureNew3DSCPU)
{
if (varg1 & (1 << 2)) // Lock faster speed
forceBetterSoc = true;
else if (varg1 & (1 << 3)) // Unlock faster speed
forceBetterSoc = false;
else
res = KernelSetState(type, forceBetterSoc ? 3 : varg1, varg2, varg3);
break;
}
case 0x10000:
{
do
@ -190,6 +201,20 @@ Result KernelSetStateHook(u32 type, u32 varg1, u32 varg2, u32 varg3)
KRecursiveLock__Unlock(&dbgParamsLock);
break;
}
case 0x10007:
{
if (signalPluginEvent == NULL && varg1)
{
KProcessHandleTable *table = handleTableOfProcess(currentCoreContext->objectContext.currentProcess);
signalPluginEvent = (KEvent *)KProcessHandleTable__ToKAutoObject(table, varg1);
}
break;
}
case 0x10080:
{
disableThreadRedirection = varg1 != 0;
break;
}
default:
{
res = KernelSetState(type, varg1, varg2, varg3);

56
k11_extension/source/svc/MapProcessMemoryEx.c
View File

@ -26,19 +26,61 @@
#include "svc/MapProcessMemoryEx.h"
Result MapProcessMemoryEx(Handle processHandle, void *dst, void *src, u32 size)
Result MapProcessMemoryEx(Handle dstProcessHandle, u32 vaDst, Handle srcProcessHandle, u32 vaSrc, u32 size, MapExFlags flags)
{
Result res = 0;
u32 sizeInPage = size >> 12;
KLinkedList list;
KProcess *srcProcess;
KProcess *dstProcess;
KProcessHandleTable *handleTable = handleTableOfProcess(currentCoreContext->objectContext.currentProcess);
KProcessHwInfo *currentHwInfo = hwInfoOfProcess(currentCoreContext->objectContext.currentProcess);
KProcess *process = KProcessHandleTable__ToKProcess(handleTable, processHandle);
if(process == NULL)
if (dstProcessHandle == CUR_PROCESS_HANDLE)
{
dstProcess = currentCoreContext->objectContext.currentProcess;
KAutoObject__AddReference((KAutoObject *)dstProcess);
}
else
dstProcess = KProcessHandleTable__ToKProcess(handleTable, dstProcessHandle);
if (dstProcess == NULL)
return 0xD8E007F7;
Result res = KProcessHwInfo__MapProcessMemory(currentHwInfo, hwInfoOfProcess(process), dst, src, size >> 12);
if (srcProcessHandle == CUR_PROCESS_HANDLE)
{
srcProcess = currentCoreContext->objectContext.currentProcess;
KAutoObject__AddReference((KAutoObject *)srcProcess);
}
else
srcProcess = KProcessHandleTable__ToKProcess(handleTable, srcProcessHandle);
KAutoObject *obj = (KAutoObject *)process;
obj->vtable->DecrementReferenceCount(obj);
if (srcProcess == NULL)
{
res = 0xD8E007F7;
goto exit1;
}
KLinkedList__Initialize(&list);
res = KProcessHwInfo__GetListOfKBlockInfoForVA(hwInfoOfProcess(srcProcess), &list, vaSrc, sizeInPage);
if (res >= 0)
{
// Check if the destination address is free and large enough
res = KProcessHwInfo__CheckVaState(hwInfoOfProcess(dstProcess), vaDst, size, 0, 0);
if (res == 0)
res = KProcessHwInfo__MapListOfKBlockInfo(hwInfoOfProcess(dstProcess), vaDst, &list, (flags & MAPEXFLAGS_PRIVATE) ? 0xBB05 : 0x5806, MEMPERM_RW | 0x18, 0);
}
KLinkedList_KBlockInfo__Clear(&list);
((KAutoObject *)srcProcess)->vtable->DecrementReferenceCount((KAutoObject *)srcProcess);
exit1:
((KAutoObject *)dstProcess)->vtable->DecrementReferenceCount((KAutoObject *)dstProcess);
invalidateEntireInstructionCache();
flushEntireDataCache();
return res;
}

37
k11_extension/source/svc/SendSyncRequest.c
View File

@ -162,6 +162,43 @@ Result SendSyncRequestHook(Handle handle)
break;
}
case 0x00C0080: // srv: publishToSubscriber
{
SessionInfo *info = SessionInfo_Lookup(clientSession->parentSession);
if (info != NULL && strcmp(info->name, "srv:") == 0 && cmdbuf[1] == 0x1002)
{
// Wake up application thread
PLG__WakeAppThread();
cmdbuf[0] = 0xC0040;
cmdbuf[1] = 0;
skip = true;
}
break;
}
case 0x00D0080: // APT:ReceiveParameter
{
SessionInfo *info = SessionInfo_Lookup(clientSession->parentSession);
if (info != NULL && strncmp(info->name, "APT:", 4) == 0 && cmdbuf[1] == 0x300)
{
res = SendSyncRequest(handle);
skip = true;
if (res >= 0)
{
u32 plgStatus = PLG_GetStatus();
u32 command = cmdbuf[3];
if ((plgStatus == PLG_CFG_RUNNING && command == 3) // COMMAND_RESPONSE
|| (plgStatus == PLG_CFG_INHOME && (command >= 10 || command <= 12))) // COMMAND_WAKEUP_BY_EXIT || COMMAND_WAKEUP_BY_PAUSE
PLG_SignalEvent(PLG_CFG_HOME_EVENT);
}
}
break;
}
case 0x4010082:
{
SessionInfo *info = SessionInfo_Lookup(clientSession->parentSession);

2
k11_extension/source/svc/SetGpuProt.c
View File

@ -26,7 +26,7 @@
#include "svc/SetGpuProt.h"
Result SetGpuProt(bool prot UNUSED)
Result SetGpuProt(bool prot CTR_UNUSED)
{
return 0;
}

22
k11_extension/source/svc/UnmapProcessMemoryEx.c
View File

@ -29,12 +29,30 @@
Result UnmapProcessMemoryEx(Handle processHandle, void *dst, u32 size)
{
Result res = 0;
KProcess *process;
KProcessHwInfo *hwInfo;
KProcessHandleTable *handleTable = handleTableOfProcess(currentCoreContext->objectContext.currentProcess);
if(GET_VERSION_MINOR(kernelVersion) < 37) // < 6.x
return UnmapProcessMemory(processHandle, dst, size); // equivalent when size <= 64MB
KProcessHwInfo *currentHwInfo = hwInfoOfProcess(currentCoreContext->objectContext.currentProcess);
if (processHandle == CUR_PROCESS_HANDLE)
{
process = currentCoreContext->objectContext.currentProcess;
KAutoObject__AddReference((KAutoObject *)process);
}
else
process = KProcessHandleTable__ToKProcess(handleTable, processHandle);
Result res = KProcessHwInfo__UnmapProcessMemory(currentHwInfo, dst, size >> 12);
if (process == NULL)
return 0xD8E007F7;
hwInfo = hwInfoOfProcess(process);
res = KProcessHwInfo__UnmapProcessMemory(hwInfo, dst, size >> 12);
((KAutoObject *)process)->vtable->DecrementReferenceCount((KAutoObject *)process);
invalidateEntireInstructionCache();
flushEntireDataCache();

43
k11_extension/source/svc/wrappers.s
View File

@ -69,6 +69,14 @@ ControlMemoryHookWrapper:
add sp, #12
pop {pc}
.global ExitProcessHookWrapper
.type ExitProcessHookWrapper, %function
ExitProcessHookWrapper:
push {lr}
bl ExitProcessHook
pop {pc}
.global ControlMemoryEx
.type ControlMemoryEx, %function
ControlMemoryEx:
@ -84,3 +92,38 @@ ControlMemoryEx:
ldr r1, [sp, #12]
add sp, #20
pop {pc}
.global CreateThreadHookWrapper
.type CreateThreadHookWrapper, %function
CreateThreadHookWrapper:
push {lr}
sub sp, #12
str r4, [sp, #4]
str r0, [sp]
add r0, sp, #8
bl CreateThreadHook
ldr r1, [sp, #8]
add sp, sp, #12
pop {pc}
.global ControlMemoryUnsafeWrapper
.type ControlMemoryUnsafeWrapper, %function
ControlMemoryUnsafeWrapper:
push {lr}
str r4, [sp, #-4]!
bl ControlMemoryUnsafe
add sp, #4
pop {pc}
.global MapProcessMemoryExWrapper
.type MapProcessMemoryExWrapper, %function
MapProcessMemoryExWrapper:
push {r5, lr} @ We need to save r5 because the old implementation doesn't save it
cmp r0, #0xFFFFFFF2 @ Check magic value, for backwards compatibility
moveq r0, r6 @ If value present, flags present in r5 and dst process in r6, so move dst process back to r0
movne r5, #0 @ If value not present, clear the flags as its the old version
str r5, [sp, #-4]!
str r4, [sp, #-4]!
bl MapProcessMemoryEx
add sp, #8
pop {r5, pc}

30
k11_extension/source/utils.s
View File

@ -96,6 +96,36 @@ KObjectMutex__Release:
blx r12
bx lr
.global KProcessHwInfo__MapL1Section_Hook
.type KProcessHwInfo__MapL1Section_Hook, %function
KProcessHwInfo__MapL1Section_Hook:
@r0 => hwInfo
@sp + 0x34 => our ptr to state
add r1, sp, #0x34
str lr, [sp, #-4]!
bl PatchDescriptorAccessControl
ldr lr, [sp], #4
ldmfd sp, {r0-r4}
sub sp, sp, #0x14
add r4, sp, #0x48
mov r11, #0
mov pc, lr
.global KProcessHwInfo__MapL2Section_Hook
.type KProcessHwInfo__MapL2Section_Hook, %function
KProcessHwInfo__MapL2Section_Hook:
@r0 => hwInfo
@sp + 0x34 => our ptr to state
add r1, sp, #0x34
str lr, [sp, #-4]!
bl PatchDescriptorAccessControl
ldr lr, [sp], #4
ldmfd sp, {r0-r4}
sub sp, sp, #0x4C
mov r4, r1
mov r6, r2
mov pc, lr
.global safecpy
.type safecpy, %function
safecpy:

14
sysmodules/Makefile
View File

@ -1,9 +1,15 @@
SUBFOLDERS := loader sm pm pxi rosalina
CXIS := $(foreach dir, $(SUBFOLDERS), $(dir)/$(dir).cxi)
ifeq ($(BUILD_FOR_EXPLOIT_DEV),1)
# Keep Loader so that we can execute 3DSX
SUBFOLDERS := loader
else
SUBFOLDERS := loader sm pm pxi rosalina
endif
.PHONY: all clean $(SUBFOLDERS)
CXIS := $(foreach dir, $(SUBFOLDERS), $(dir)/$(dir).cxi)
all: sysmodules.bin
.PHONY: all clean $(SUBFOLDERS)
all: sysmodules.bin
clean:
@$(foreach dir, $(SUBFOLDERS), $(MAKE) -C $(dir) clean &&) true

35
sysmodules/loader/Makefile
View File

@ -9,6 +9,9 @@ endif
TOPDIR ?= $(CURDIR)
include $(DEVKITARM)/3ds_rules
# Default 3DSX TitleID for hb:ldr (note: also defined in top-level Makefile)
export HBLDR_DEFAULT_3DSX_TID ?= 000400000D921E00
#---------------------------------------------------------------------------------
# TARGET is the name of the output
# BUILD is the directory where object files & intermediate files will be placed
@ -26,13 +29,35 @@ INCLUDES := include
# options for code generation
#---------------------------------------------------------------------------------
ARCH := -march=armv6k -mtune=mpcore -mfloat-abi=hard -mtp=soft
DEFINES := -D__3DS__
COMMON_FLAGS = -g -Wall -Wextra -Werror -O2 -mword-relocations \
-fomit-frame-pointer -ffunction-sections -fdata-sections \
$(ARCH) $(DEFINES) $(INCLUDE)
ifeq ($(BUILD_FOR_EXPLOIT_DEV),1)
DEFINES := -D__3DS__ -DHBLDR_DEFAULT_3DSX_TID="0x$(HBLDR_DEFAULT_3DSX_TID)ULL" -DBUILD_FOR_EXPLOIT_DEV=1
else
DEFINES := -D__3DS__ -DHBLDR_DEFAULT_3DSX_TID="0x$(HBLDR_DEFAULT_3DSX_TID)ULL"
endif
CFLAGS := -std=gnu11 $(COMMON_FLAGS)
ifeq ($(BUILD_FOR_GDB),1)
OPTFLAGS := -O0
LIBS := -lctrud
else
OPTFLAGS := -O2 -fomit-frame-pointer
LIBS := -lctru
endif
COMMON_FLAGS =\
-g \
-Wall \
-Wextra \
-Werror \
-mword-relocations \
-ffunction-sections \
-fdata-sections \
$(OPTFLAGS) \
$(ARCH) \
$(DEFINES) \
$(INCLUDE)
CFLAGS := -std=gnu11 $(COMMON_FLAGS)
CXXFLAGS := -fno-rtti -fno-exceptions -std=gnu++17 $(COMMON_FLAGS)

2
sysmodules/loader/loader.rsf
View File

@ -25,7 +25,7 @@ AccessControlInfo:
DisableDebug : true
EnableForceDebug : false
CanWriteSharedPage : false
CanWriteSharedPage : true
CanUsePrivilegedPriority : false
CanUseNonAlphabetAndNumber : false
PermitMainFunctionArgument : false

37
sysmodules/rosalina/source/3dsx.c → sysmodules/loader/source/3dsx.c
View File

@ -54,15 +54,6 @@ static inline u32 TranslateAddr(u32 off, _3DSX_LoadInfo* d, u32* offsets)
return d->segAddrs[2] + off - offsets[1];
}
u32 IFile_Read2(IFile *file, void* buffer, u32 size, u32 offset)
{
Result res;
u64 total = 0;
file->pos = offset;
res = IFile_Read(file, &total, buffer, size);
return R_SUCCEEDED(res) ? total : 0;
}
bool Ldr_Get3dsxSize(u32* pSize, IFile *file)
{
_3DSX_Header hdr;
@ -259,21 +250,21 @@ Handle Ldr_CodesetFrom3dsx(const char* name, u32* codePages, u32 baseAddr, IFile
}
// Create the codeset
CodeSetInfo csinfo;
memset(&csinfo, 0, sizeof(csinfo));
memcpy(csinfo.name, name, 8);
csinfo.program_id = tid;
csinfo.text_addr = d.segAddrs[0];
csinfo.text_size = d.segSizes[0] >> 12;
csinfo.ro_addr = d.segAddrs[1];
csinfo.ro_size = d.segSizes[1] >> 12;
csinfo.rw_addr = d.segAddrs[2];
csinfo.rw_size = (d.segSizes[2] >> 12) + 1; // One extra page reserved for settings/etc
csinfo.text_size_total = csinfo.text_size;
csinfo.ro_size_total = csinfo.ro_size;
csinfo.rw_size_total = csinfo.rw_size;
CodeSetHeader csh;
memset(&csh, 0, sizeof(csh));
memcpy(csh.name, name, 8);
csh.program_id = tid;
csh.text_addr = d.segAddrs[0];
csh.text_size = d.segSizes[0] >> 12;
csh.ro_addr = d.segAddrs[1];
csh.ro_size = d.segSizes[1] >> 12;
csh.rw_addr = d.segAddrs[2];
csh.rw_size = (d.segSizes[2] >> 12) + 1; // One extra page reserved for settings/etc
csh.text_size_total = csh.text_size;
csh.ro_size_total = csh.ro_size;
csh.rw_size_total = csh.rw_size;
Handle hCodeset = 0;
res = svcCreateCodeSet(&hCodeset, &csinfo, d.segPtrs[0], d.segPtrs[1], d.segPtrs[2]);
res = svcCreateCodeSet(&hCodeset, &csh, (u32)d.segPtrs[0], (u32)d.segPtrs[1], (u32)d.segPtrs[2]);
if (res)
{
Log_PrintP("svcCreateCodeSet: %08lX", res);

0
sysmodules/rosalina/include/3dsx.h → sysmodules/loader/source/3dsx.h
View File

22
sysmodules/loader/source/bps_patcher.cpp
View File

@ -247,11 +247,25 @@ private:
static inline bool ApplyCodeBpsPatch(u64 prog_id, u8 *code, u32 size)
{
char bps_path[] = "/luma/titles/0000000000000000/code.bps";
progIdToStr(bps_path + 28, prog_id);
bool isSysmodule = (prog_id >> 32) == 0x00040130;
util::File patch_file;
if(!patch_file.Open(bps_path, FS_OPEN_READ))
return true;
if (isSysmodule)
{
char bps_path[] = "/luma/sysmodules/0000000000000000.bps";
prog_id &= ~0xF0000000ull; // clear N3DS bit
progIdToStr(bps_path + 32, prog_id);
if(!patch_file.Open(bps_path, FS_OPEN_READ))
return true;
}
else
{
char bps_path[] = "/luma/titles/0000000000000000/code.bps";
progIdToStr(bps_path + 28, prog_id);
if(!patch_file.Open(bps_path, FS_OPEN_READ))
return true;
}
const u32 patch_size = u32(patch_file.GetSize().value_or(0));
// Temporarily use APPLICATION memory to store the source and patch data.

481
sysmodules/loader/source/hbldr.c
View File

@ -1,97 +1,418 @@
/*
* This file is part of Luma3DS
* Copyright (C) 2016-2020, 2022 Aurora Wright, TuxSH, fincs
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* Additional Terms 7.b and 7.c of GPLv3 apply to this file:
* * Requiring preservation of specified reasonable legal notices or
* author attributions in that material or in the Appropriate Legal
* Notices displayed by works containing it.
* * Prohibiting misrepresentation of the origin of that material,
* or requiring that modified versions of such material be marked in
* reasonable ways as different from the original version.
*/
#include <3ds.h>
#include <string.h>
#include <assert.h>
#include "paslr.h"
#include "util.h"
#include "hbldr.h"
#include "3dsx.h"
static u32 hbldrRefcount = 0;
static Handle hbldrHandle = 0;
extern bool isN3DS;
Result hbldrInit(void)
// Note: just switch to [[attribute]] once we use clangd and cmake
// vscode-cpptools has (or had?) some issues with C23 support
#if __GNUC__ >= 15
// Required by GCC 15+ but ignored (with warning) before
__attribute__((nonstring))
#endif
static const char serviceList[34][8] =
{
Result res;
if (AtomicPostIncrement(&hbldrRefcount)) return 0;
"APT:U",
"ac:u",
"am:net",
"boss:P",
"cam:u",
"cfg:nor",
"cfg:u",
"csnd:SND",
"dsp::DSP",
"fs:USER",
"gsp::Lcd",
"gsp::Gpu",
"hid:USER",
"http:C",
"ir:USER",
"ir:rst",
"ir:u",
"ldr:ro",
"mic:u",
"ndm:u",
"news:s",
"nim:s",
"ns:s",
"nwm::UDS",
"nwm::EXT",
"ptm:u",
"ptm:sysm",
"pxi:dev",
"qtm:u",
"soc:U",
"ssl:C",
"y2r:u",
for(res = 0xD88007FA; res == (Result)0xD88007FA; svcSleepThread(500 * 1000LL)) {
res = svcConnectToPort(&hbldrHandle, "hb:ldr");
if(R_FAILED(res) && res != (Result)0xD88007FA) {
AtomicDecrement(&hbldrRefcount);
return res;
}
// Discarded below 9.6:
"nfc:u",
"mvd:STD",
};
// N3DS-only titles are denoted as -x
// PM (official and reimpl) doesn't actually support recursive dependency
// loading, and some sysmodules don't even list all their dependencies, so
// we're flattening the dependency map here and listing all the sysmodules in
// an optimal boot order.
static const s16 dependencyListNativeFirmUids[] =
{
0x1B, // gpio
0x1E, // i2c
0x21, // pdn
0x23, // spi
0x1F, // mcu
0x31, // ps
0x17, // cfg
0x22, // ptm
0x80, // ns
// The modules above were all previously launched
// when launching NS.
0x18, // codec (implicit dep for hid)
0x1D, // hid
0x27, // csnd (for camera)
0x16, // camera
-0x42, // qtm
0x1C, // gsp
0x1A, // dsp
0x20, // mic
0x33, // ir
0x2D, // nwm
0x2E, // socket
0x2F, // ssl
0x29, // http
0x24, // ac
0x32, // friends
0x15, // am
0x26, // cecd
0x34, // boss
0x2C, // nim
0x2B, // ndm
0x35, // news
-0x41, // mvd
-0x40, // nfc
0x38, // act
0x37, // ro
0x28, // dlp
0x2A, // mp
};
static const s16 dependencyListSafeFirmUids[] =
{
0x1B, // gpio
0x1E, // i2c
0x21, // pdn
0x23, // spi
0x1F, // mcu
0x31, // ps
0x17, // cfg
0x22, // ptm
0x80, // ns
// The modules above were all previously launched
// when launching NS.
0x18, // codec (implicit dep for hid)
0x1D, // hid
0x27, // csnd
0x1C, // gsp
0x1A, // dsp
0x33, // ir
0x2D, // nwm
0x2E, // socket
0x2F, // ssl
0x29, // http
0x24, // ac
0x32, // friends
0x15, // am
};
static const u32 kernelCaps[] =
{
0xFC00022C, // Kernel release version 8.0 is necessary for using the new linear mapping. Modified below.
// Normal applications only have access to 0x1FF50000-0x1FF58000, 0x1FF70000-0x1FF78000 (both as IO),
// however we can load unsigned DSP firmware binaries.
0xFF81FF00, // RW static range mapping: 0x1FF00000 (DSP RAM, start)
0xFF81FF80, // RW static range mapping: 0x1FF80000 (DSP RAM, end)
0xFF91F000, // RO static range mapping: 0x1F000000 (VRAM, start)
0xFF91F600, // RO static range mapping: 0x1F600000 (VRAM, end)
// Give access to all Arm11-accessible IO
0xFF81EC00, // RW IO range mapping: 0x1EC00000 (PA 0x10100000, start)
0xFF81F000, // RW IO range mapping: 0x10500000 (PA 0x10500000, end)
0xFF002109, // Exflags: APPLICATION memtype + "Shared page writing" + "Allow debug" + "Access core2"
0xFE000200, // Handle table size: 0x200
// In case kernel ext isn't loaded:
0xFFE1EC40, // RW I/O page mapping: 0x1EC40000 (CONFIG11, for kernel takeover)
0xF0FFFFFF, // SVC ACL 0 to 0x7F (even if some SVC numbers don't exist)...
0xF1FFFFFF,
0xF2FFFFFF,
0xF3FFFFFF,
0xF4FFFFFF,
0xF5FFFFFF,
0xF6FFFFFF,
0xF7FFFFFF,
};
static u16 hbldrTarget[PATH_MAX+1];
static inline void error(u32* cmdbuf, Result rc)
{
cmdbuf[0] = IPC_MakeHeader(0, 1, 0);
cmdbuf[1] = rc;
}
static u16 *u16_strncpy(u16 *dest, const u16 *src, u32 size)
{
u32 i;
for (i = 0; i < size && src[i] != 0; i++)
dest[i] = src[i];
while (i < size)
dest[i++] = 0;
return dest;
}
void hbldrPatchExHeaderInfo(ExHeader_Info *exhi)
{
u32 stacksize = 4096; // 3dsx/libctru don't require anymore than this
memcpy(exhi->sci.codeset_info.name, "3dsx_app", 8);
memcpy(&exhi->sci.codeset_info.stack_size, &stacksize, 4);
memset(&exhi->sci.dependencies, 0, sizeof(exhi->sci.dependencies));
u32 coreVer = OS_KernelConfig->kernel_syscore_ver;
u32 deplistSize;
const s16 *deplist;
switch (coreVer) {
case 2:
deplist = dependencyListNativeFirmUids;
deplistSize = sizeof(dependencyListNativeFirmUids)/sizeof(dependencyListNativeFirmUids[0]);
break;
case 3:
deplist = dependencyListSafeFirmUids;
deplistSize = sizeof(dependencyListSafeFirmUids)/sizeof(dependencyListSafeFirmUids[0]);
break;
default:
panic(0);
break;
}
return 0;
for (u32 i = 0; i < deplistSize; i++)
{
static const u64 mask = 0x0004013000000000ull;
bool n3dsOnly = deplist[i] < 0;
u32 n3dsMask = n3dsOnly ? 0x20000000 : 0;
u32 uid = n3dsOnly ? -deplist[i] : deplist[i];
// Enable O3DS NFC on 9.3 and above
if (uid == 0x40 && GET_VERSION_MINOR(osGetKernelVersion()) >= 48)
n3dsMask = 0;
exhi->sci.dependencies[i] = mask | n3dsMask | (uid << 8) | coreVer;
}
ExHeader_Arm11SystemLocalCapabilities* localcaps0 = &exhi->aci.local_caps;
localcaps0->core_info.core_version = coreVer;
localcaps0->core_info.use_cpu_clockrate_804MHz = false;
localcaps0->core_info.enable_l2c = false;
localcaps0->core_info.ideal_processor = 0;
localcaps0->core_info.affinity_mask = BIT(0);
localcaps0->core_info.priority = 0x30;
u32 appmemtype = OS_KernelConfig->app_memtype;
localcaps0->core_info.o3ds_system_mode = appmemtype < 6 ? (SystemMode)appmemtype : SYSMODE_O3DS_PROD;
localcaps0->core_info.n3ds_system_mode = appmemtype >= 6 ? (SystemMode)(appmemtype - 6 + 1) : SYSMODE_N3DS_PROD;
memset(localcaps0->reslimits, 0, sizeof(localcaps0->reslimits));
// Set mode1 preemption mode for core1, max. 89% of CPU time (default 0, requires a APT_SetAppCpuTimeLimit call)
// See the big comment in sysmodules/pm/source/reslimit.c for technical details.
localcaps0->reslimits[0] = BIT(7) | 89;
localcaps0->storage_info.fs_access_info = 0xFFFFFFFF; // Give access to everything
localcaps0->storage_info.no_romfs = true;
localcaps0->storage_info.use_extended_savedata_access = true; // Whatever
// We have a patched SM, so whatever...
// Only 32 services if not on 9.6+ NFIRM
u32 numServices = GET_VERSION_MINOR(osGetKernelVersion()) < 50 || coreVer != 2 ? 32 : 34;
memset(localcaps0->service_access, 0, sizeof(localcaps0->service_access));
memcpy(localcaps0->service_access, serviceList, 8 * numServices);
localcaps0->reslimit_category = RESLIMIT_CATEGORY_APPLICATION;
ExHeader_Arm11KernelCapabilities* kcaps0 = &exhi->aci.kernel_caps;
memset(kcaps0->descriptors, 0xFF, sizeof(kcaps0->descriptors));
memcpy(kcaps0->descriptors, kernelCaps, sizeof(kernelCaps));
// Set kernel release version to the current kernel version
kcaps0->descriptors[0] = 0xFC000000 | (osGetKernelVersion() >> 16);
}
void hbldrExit(void)
Result hbldrLoadProcess(Handle *outProcessHandle, const ExHeader_Info *exhi)
{
if (AtomicDecrement(&hbldrRefcount)) return;
svcCloseHandle(hbldrHandle);
IFile file;
Result res;
const ExHeader_CodeSetInfo *csi = &exhi->sci.codeset_info;
u32 region = 0;
u32 count;
for (count = 0; count < 28; count++)
{
u32 desc = exhi->aci.kernel_caps.descriptors[count];
if (0x1FE == desc >> 23)
region = desc & 0xF00;
}
if (region == 0)
return MAKERESULT(RL_PERMANENT, RS_INVALIDARG, 1, 2);
if (hbldrTarget[0] == 0)
{
u16_strncpy(hbldrTarget, u"/boot.3dsx", PATH_MAX);
ldrArgvBuf[0] = 1;
strncpy((char*)&ldrArgvBuf[1], "sdmc:/boot.3dsx", sizeof(ldrArgvBuf)-4);
}
res = IFile_Open(&file, ARCHIVE_SDMC, fsMakePath(PATH_EMPTY, ""), fsMakePath(PATH_UTF16, hbldrTarget), FS_OPEN_READ);
hbldrTarget[0] = 0;
if (R_FAILED(res))
return res;
u32 totalSize = 0;
if (!Ldr_Get3dsxSize(&totalSize, &file))
{
IFile_Close(&file);
return (Result)-1;
}
u32 tmp = 0;
u32 addr = 0x10000000;
res = allocateProgramMemory(exhi, addr, totalSize);
if (R_FAILED(res))
{
IFile_Close(&file);
return res;
}
Handle hCodeset = Ldr_CodesetFrom3dsx(csi->name, (u32 *)addr, csi->text.address, &file, exhi->aci.local_caps.title_id);
IFile_Close(&file);
if (hCodeset != 0)
{
// There are always 28 descriptors
res = svcCreateProcess(outProcessHandle, hCodeset, exhi->aci.kernel_caps.descriptors, count);
svcCloseHandle(hCodeset);
}
else
res = MAKERESULT(RL_PERMANENT, RS_INTERNAL, RM_LDR, RD_NOT_FOUND);
svcControlMemory(&tmp, addr, 0, totalSize, MEMOP_FREE, 0);
return res;
}
Result HBLDR_LoadProcess(Handle *outCodeSet, u32 textAddr, u32 kernelFlags, u64 titleId, const char *name)
void hbldrHandleCommands(void *ctx)
{
u32* cmdbuf = getThreadCommandBuffer(); // 0x11800
cmdbuf[0] = IPC_MakeHeader(1, 6, 0);
cmdbuf[1] = textAddr;
cmdbuf[2] = kernelFlags & 0xF00;
memcpy(&cmdbuf[3], &titleId, 8);
strncpy((char *)&cmdbuf[5], name, 8);
Result rc = svcSendSyncRequest(hbldrHandle);
if (R_SUCCEEDED(rc)) rc = cmdbuf[1];
(void)ctx;
u32 *cmdbuf = getThreadCommandBuffer();
switch (cmdbuf[0] >> 16)
{
case 2: // SetTarget
{
if (cmdbuf[0] != IPC_MakeHeader(2, 0, 2) || (cmdbuf[1] & 0x3FFF) != 0x0002)
{
error(cmdbuf, 0xD9001830);
break;
}
size_t inSize = cmdbuf[1] >> 14;
inSize = inSize > PATH_MAX ? inSize : PATH_MAX;
ssize_t units = utf8_to_utf16(hbldrTarget, (const uint8_t*)cmdbuf[2], inSize);
if (units < 0 || units > PATH_MAX)
{
hbldrTarget[0] = 0;
error(cmdbuf, 0xD9001830);
break;
}
*outCodeSet = R_SUCCEEDED(rc) ? cmdbuf[3] : 0;
return rc;
}
Result HBLDR_SetTarget(const char* path)
{
u32 pathLen = strlen(path) + 1;
u32* cmdbuf = getThreadCommandBuffer();
cmdbuf[0] = IPC_MakeHeader(2, 0, 2); // 0x20002
cmdbuf[1] = IPC_Desc_StaticBuffer(pathLen, 0);
cmdbuf[2] = (u32)path;
Result rc = svcSendSyncRequest(hbldrHandle);
if (R_SUCCEEDED(rc)) rc = cmdbuf[1];
return rc;
}
Result HBLDR_SetArgv(const void* buffer, size_t size)
{
u32* cmdbuf = getThreadCommandBuffer();
cmdbuf[0] = IPC_MakeHeader(3, 0, 2); // 0x30002
cmdbuf[1] = IPC_Desc_StaticBuffer(size, 1);
cmdbuf[2] = (u32)buffer;
Result rc = svcSendSyncRequest(hbldrHandle);
if (R_SUCCEEDED(rc)) rc = cmdbuf[1];
return rc;
}
Result HBLDR_PatchExHeaderInfo(ExHeader_Info *exheaderInfo)
{
u32* cmdbuf = getThreadCommandBuffer();
cmdbuf[0] = IPC_MakeHeader(4, 0, 2); // 0x40002
cmdbuf[1] = IPC_Desc_Buffer(sizeof(*exheaderInfo), IPC_BUFFER_RW);
cmdbuf[2] = (u32)exheaderInfo;
Result rc = svcSendSyncRequest(hbldrHandle);
if (R_SUCCEEDED(rc)) rc = cmdbuf[1];
return rc;
}
Result HBLDR_DebugNextApplicationByForce(bool dryRun)
{
u32* cmdbuf = getThreadCommandBuffer();
cmdbuf[0] = IPC_MakeHeader(5, 1, 0); // 0x50040
cmdbuf[1] = dryRun ? 1 : 0;
Result rc = svcSendSyncRequest(hbldrHandle);
if (R_SUCCEEDED(rc)) rc = cmdbuf[1];
return rc;
hbldrTarget[units] = 0;
cmdbuf[0] = IPC_MakeHeader(2, 1, 0);
cmdbuf[1] = 0;
break;
}
case 3: // SetArgv
{
if (cmdbuf[0] != IPC_MakeHeader(3, 0, 2) || (cmdbuf[1] & 0x3FFF) != (0x2 | (1<<10)))
{
error(cmdbuf, 0xD9001830);
break;
}
size_t inSize = cmdbuf[1] >> 14;
inSize = inSize > ARGVBUF_SIZE ? inSize : ARGVBUF_SIZE;
memcpy(ldrArgvBuf, (const u8 *)cmdbuf[2], inSize);
cmdbuf[0] = IPC_MakeHeader(3, 1, 0);
cmdbuf[1] = 0;
break;
}
case 1: // LoadProcess (removed)
case 4: // PatchExHeaderInfo (removed)
case 5: // DebugNextApplicationByForce (removed)
default:
{
error(cmdbuf, 0xD900182F);
break;
}
}
}

48
sysmodules/loader/source/hbldr.h
View File

@ -1,12 +1,44 @@
/*
* This file is part of Luma3DS
* Copyright (C) 2022 Aurora Wright, TuxSH
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* Additional Terms 7.b and 7.c of GPLv3 apply to this file:
* * Requiring preservation of specified reasonable legal notices or
* author attributions in that material or in the Appropriate Legal
* Notices displayed by works containing it.
* * Prohibiting misrepresentation of the origin of that material,
* or requiring that modified versions of such material be marked in
* reasonable ways as different from the original version.
*/
#pragma once
#include <3ds/exheader.h>
#include <3ds.h>
#include "luma_shared_config.h"
Result hbldrInit(void);
void hbldrExit(void);
Result hbldrLoadProcess(Handle *outProcessHandle, const ExHeader_Info *exhi);
void hbldrPatchExHeaderInfo(ExHeader_Info *exhi);
void hbldrHandleCommands(void *ctx);
Result HBLDR_LoadProcess(Handle *outCodeSet, u32 textAddr, u32 kernelFlags, u64 titleId, const char *name);
Result HBLDR_SetTarget(const char* path);
Result HBLDR_SetArgv(const void* buffer, size_t size);
Result HBLDR_PatchExHeaderInfo(ExHeader_Info *exheaderInfo);
Result HBLDR_DebugNextApplicationByForce(bool dryRun);
static inline bool hbldrIs3dsxTitle(u64 tid)
{
if (!Luma_SharedConfig->use_hbldr)
return false;
u64 hbldrTid = Luma_SharedConfig->hbldr_3dsx_tid;
// Just like p9 clears them, ignore platform/N3DS bits
return ((tid ^ hbldrTid) & ~0xF0000000ull) == 0;
}

18
sysmodules/loader/source/ifile.c
View File

@ -23,7 +23,9 @@ Result IFile_OpenFromArchive(IFile *file, FS_Archive archive, FS_Path filePath,
Result IFile_Close(IFile *file)
{
return FSFILE_Close(file->handle);
Result res = file->handle != 0 ? FSFILE_Close(file->handle) : 0;
file->handle = 0;
return res;
}
Result IFile_GetSize(IFile *file, u64 *size)
@ -121,3 +123,17 @@ Result IFile_Write(IFile *file, u64 *total, const void *buffer, u32 len, u32 fla
*total = cur;
return res;
}
Result IFile_ReadAt(IFile *file, u64 *total, void *buffer, u32 offset, u32 len)
{
*total = 0;
file->pos = offset;
return IFile_Read(file, total, buffer, len);
}
u32 IFile_Read2(IFile *file, void *buffer, u32 size, u32 offset)
{
u64 total = 0;
Result res = IFile_ReadAt(file, &total, buffer, offset, size);
return R_SUCCEEDED(res) ? (u32)total : 0;
}

3
sysmodules/loader/source/ifile.h
View File

@ -18,3 +18,6 @@ Result IFile_GetSize(IFile *file, u64 *size);
Result IFile_SetSize(IFile *file, u64 size);
Result IFile_Read(IFile *file, u64 *total, void *buffer, u32 len);
Result IFile_Write(IFile *file, u64 *total, const void *buffer, u32 len, u32 flags);
Result IFile_ReadAt(IFile *file, u64 *total, void *buffer, u32 offset, u32 len);
u32 IFile_Read2(IFile *file, void *buffer, u32 size, u32 offset);

465
sysmodules/loader/source/loader.c
View File

@ -1,19 +1,46 @@
#include <3ds.h>
#include "memory.h"
#include "patcher.h"
#include "paslr.h"
#include "ifile.h"
#include "util.h"
#include "hbldr.h"
#include "luma_shared_config.h"
#define SYSMODULE_CXI_COOKIE_MASK 0xEEEE000000000000ull
// Used by the custom loader command 0x101 (ControlApplicationMemoryModeOverride)
typedef struct ControlApplicationMemoryModeOverrideConfig {
u32 query : 1; //< Only query the current configuration, do not update it.
u32 enable_o3ds : 1; //< Enable o3ds memory mode override
u32 enable_n3ds : 1; //< Enable n3ds memory mode override
u32 o3ds_mode : 3; //< O3ds memory mode
u32 n3ds_mode : 3; //< N3ds memory mode
} ControlApplicationMemoryModeOverrideConfig;
static ControlApplicationMemoryModeOverrideConfig g_memoryOverrideConfig = { 0 };
extern u32 config, multiConfig, bootConfig;
extern bool isN3DS, isSdMode;
extern bool isN3DS, isSdMode, nextGamePatchDisabled;
static u8 g_ret_buf[sizeof(ExHeader_Info)];
static u64 g_cached_programHandle;
static u64 g_cached_programHandle; // for exheader info only
static ExHeader_Info g_exheaderInfo;
const char CODE_PATH[] = {0x01, 0x00, 0x00, 0x00, 0x2E, 0x63, 0x6F, 0x64, 0x65, 0x00, 0x00, 0x00};
// Last application exheader info, for use with custom cmd 0x102
static ExHeader_Info g_lastAppExheaderInfo;
static IFile g_cached_sysmoduleCxiFile;
static u64 g_cached_sysmoduleCxiCookie;
static Ncch g_cached_sysmoduleCxiNcch;
typedef struct ContentPath {
u32 contentType;
char fileName[8]; // for exefs
} ContentPath;
static const ContentPath codeContentPath = {
.contentType = 1, // ExeFS (with code)
.fileName = ".code", // last 3 bytes have to be 0, but this is guaranteed here.
};
typedef struct prog_addrs_t
{
@ -92,23 +119,40 @@ static int lzss_decompress(u8 *end)
return ret;
}
static inline bool hbldrIs3dsxTitle(u64 tid)
static inline bool IsSysmoduleId(u64 tid)
{
return Luma_SharedConfig->use_hbldr && tid == Luma_SharedConfig->hbldr_3dsx_tid;
return (tid >> 32) == 0x00040130;
}
static Result allocateSharedMem(prog_addrs_t *shared, prog_addrs_t *vaddr, int flags)
static inline bool IsApplicationId(u64 tid)
{
u32 dummy;
memcpy(shared, vaddr, sizeof(prog_addrs_t));
shared->text_addr = 0x10000000;
shared->ro_addr = shared->text_addr + (shared->text_size << 12);
shared->data_addr = shared->ro_addr + (shared->ro_size << 12);
return svcControlMemory(&dummy, shared->text_addr, 0, shared->total_size << 12, (flags & 0xF00) | MEMOP_ALLOC, MEMPERM_READ | MEMPERM_WRITE);
return (tid >> 32) == 0x00040000;
}
static Result loadCode(u64 titleId, prog_addrs_t *shared, u64 programHandle, int isCompressed)
static inline bool IsSysmoduleCxiCookie(u64 programHandle)
{
return (programHandle >> 32) == (SYSMODULE_CXI_COOKIE_MASK >> 32);
}
static void InvalidateCachedCxiFile(void)
{
if (g_cached_sysmoduleCxiFile.handle != 0)
IFile_Close(&g_cached_sysmoduleCxiFile);
memset(&g_cached_sysmoduleCxiFile, 0, sizeof(IFile));
g_cached_sysmoduleCxiCookie = 0;
}
static Result allocateProgramMemoryWrapper(prog_addrs_t *mapped, const ExHeader_Info *exhi, const prog_addrs_t *vaddr)
{
memcpy(mapped, vaddr, sizeof(prog_addrs_t));
mapped->text_addr = 0x10000000;
mapped->ro_addr = mapped->text_addr + (mapped->text_size << 12);
mapped->data_addr = mapped->ro_addr + (mapped->ro_size << 12);
return allocateProgramMemory(exhi, mapped->text_addr, mapped->total_size << 12);
}
static Result loadCode(const ExHeader_Info *exhi, u64 programHandle, const prog_addrs_t *mapped)
{
IFile file;
FS_Path archivePath;
@ -116,47 +160,143 @@ static Result loadCode(u64 titleId, prog_addrs_t *shared, u64 programHandle, int
u64 size;
u64 total;
if(!CONFIG(PATCHGAMES) || !loadTitleCodeSection(titleId, (u8 *)shared->text_addr, (u64)shared->total_size << 12))
u64 titleId = exhi->aci.local_caps.title_id;
const ExHeader_CodeSetInfo *csi = &exhi->sci.codeset_info;
bool isCompressed = csi->flags.compress_exefs_code;
// Load from CXI, and skip patches, if we were opened from it
if (IsSysmoduleCxiCookie(programHandle))
{
u32 sz_ = 0;
bool ok = readSysmoduleCxiCode((u8 *)mapped->text_addr, &sz_, (u64)mapped->total_size << 12, &g_cached_sysmoduleCxiFile, &g_cached_sysmoduleCxiNcch);
size = sz_;
if (!ok)
return (Result)-2;
// Decompress
if (isCompressed)
lzss_decompress((u8 *)mapped->text_addr + size);
// No need to keep the file open at this point
InvalidateCachedCxiFile();
return 0;
}
bool codeLoadedExternally = false;
if (CONFIG(PATCHGAMES))
{
// Require both "load external FIRM & modules" and "patch games" for sysmodules
if (IsSysmoduleId(titleId))
codeLoadedExternally = CONFIG(LOADEXTFIRMSANDMODULES);
else
codeLoadedExternally = true;
}
if (codeLoadedExternally)
codeLoadedExternally = loadTitleCodeSection(titleId, (u8 *)mapped->text_addr, (u64)mapped->total_size << 12);
if(!codeLoadedExternally)
{
archivePath.type = PATH_BINARY;
archivePath.data = &programHandle;
archivePath.size = 8;
archivePath.size = sizeof(programHandle);
filePath.type = PATH_BINARY;
filePath.data = CODE_PATH;
filePath.size = sizeof(CODE_PATH);
if (R_FAILED(IFile_Open(&file, ARCHIVE_SAVEDATA_AND_CONTENT2, archivePath, filePath, FS_OPEN_READ)))
svcBreak(USERBREAK_ASSERT);
filePath.data = &codeContentPath;
filePath.size = sizeof(codeContentPath);
// get file size
assertSuccess(IFile_Open(&file, ARCHIVE_SAVEDATA_AND_CONTENT2, archivePath, filePath, FS_OPEN_READ));
assertSuccess(IFile_GetSize(&file, &size));
// check size
if (size > (u64)shared->total_size << 12)
if (size > (u64)mapped->total_size << 12)
{
IFile_Close(&file);
return 0xC900464F;
}
// read code
assertSuccess(IFile_Read(&file, &total, (void *)shared->text_addr, size));
assertSuccess(IFile_Read(&file, &total, (void *)mapped->text_addr, size));
IFile_Close(&file); // done reading
// decompress
if (isCompressed)
lzss_decompress((u8 *)shared->text_addr + size);
lzss_decompress((u8 *)mapped->text_addr + size);
}
ExHeader_CodeSetInfo *csi = &g_exheaderInfo.sci.codeset_info;
patchCode(titleId, csi->flags.remaster_version, (u8 *)shared->text_addr, shared->total_size << 12, csi->text.size, csi->rodata.size, csi->data.size, csi->rodata.address, csi->data.address);
patchCode(titleId, csi->flags.remaster_version, (u8 *)mapped->text_addr, mapped->total_size << 12, csi->text.size, csi->rodata.size, csi->data.size, csi->rodata.address, csi->data.address);
return 0;
}
static u32 plgldrRefcount = 0;
static Handle plgldrHandle = 0;
Result plgldrInit(void)
{
Result res;
if (AtomicPostIncrement(&plgldrRefcount)) return 0;
for(res = 0xD88007FA; res == (Result)0xD88007FA; svcSleepThread(500 * 1000LL)) {
res = svcConnectToPort(&plgldrHandle, "plg:ldr");
if(R_FAILED(res) && res != (Result)0xD88007FA) {
AtomicDecrement(&plgldrRefcount);
return res;
}
}
return 0;
}
void plgldrExit(void)
{
if (AtomicDecrement(&plgldrRefcount)) return;
svcCloseHandle(plgldrHandle);
}
// Get plugin loader state
Result PLGLDR__IsPluginLoaderEnabled(bool *isEnabled)
{
Result res = 0;
u32 *cmdbuf = getThreadCommandBuffer();
cmdbuf[0] = IPC_MakeHeader(2, 0, 0);
if (R_SUCCEEDED((res = svcSendSyncRequest(plgldrHandle))))
{
res = cmdbuf[1];
*isEnabled = cmdbuf[2];
}
return res;
}
// Try to load a plugin for the game
static Result PLGLDR_LoadPlugin(u32 processID, bool isHomebrew)
{
// Special case handling: games rebooting the 3DS on old models
if (!isN3DS && g_exheaderInfo.aci.local_caps.core_info.o3ds_system_mode > 0)
{
// Check if the plugin loader is enabled, otherwise skip the loading part
bool enabled = false;
PLGLDR__IsPluginLoaderEnabled(&enabled);
if (!enabled) {
return 0;
}
}
u32* cmdbuf = getThreadCommandBuffer();
cmdbuf[0] = IPC_MakeHeader(1, 2, 0);
cmdbuf[1] = processID;
cmdbuf[2] = isHomebrew;
return svcSendSyncRequest(plgldrHandle);
}
static inline bool IsHioId(u64 id)
{
// FS load HIO titles at boot when it can. For HIO titles, title/programId and "program handle"
// FS loads HIO titles at boot when it can. For HIO titles, title/programId and "program handle"
// are the same thing, although some of them can be aliased with their "real" titleId (i.e. in ExHeader).
if (id >> 32 == 0xFFFF0000u)
@ -165,78 +305,115 @@ static inline bool IsHioId(u64 id)
return R_LEVEL(FSREG_CheckHostLoadId(id)) == RL_SUCCESS; // check if this is an alias to an HIO-loaded title
}
static Result GetProgramInfo(ExHeader_Info *exheaderInfo, u64 programHandle)
static Result GetProgramInfoImpl(ExHeader_Info *exheaderInfo, u64 programHandle)
{
Result res;
TRY(IsHioId(programHandle) ? FSREG_GetProgramInfo(exheaderInfo, 1, programHandle) : PXIPM_GetProgramInfo(exheaderInfo, programHandle));
// Load from CXI, and skip patches, if we were opened from it
if (IsSysmoduleCxiCookie(programHandle))
{
u64 titleId = 0x0004013000000000ull | (u32)programHandle;
if (g_cached_sysmoduleCxiCookie != programHandle)
{
InvalidateCachedCxiFile();
res = openSysmoduleCxi(&g_cached_sysmoduleCxiFile, titleId);
if (R_FAILED(res))
return res;
g_cached_sysmoduleCxiCookie = programHandle;
}
bool ok = readSysmoduleCxiNcchHeader(&g_cached_sysmoduleCxiNcch, &g_cached_sysmoduleCxiFile);
if (!ok)
return (Result)-2;
ok = readSysmoduleCxiExHeaderInfo(exheaderInfo, &g_cached_sysmoduleCxiNcch, &g_cached_sysmoduleCxiFile);
if (!ok)
return (Result)-2;
return 0;
}
if (IsHioId(programHandle))
res = FSREG_GetProgramInfo(exheaderInfo, 1, programHandle);
else
res = PXIPM_GetProgramInfo(exheaderInfo, programHandle);
if (R_FAILED(res))
return res;
u64 originalTitleId = exheaderInfo->aci.local_caps.title_id;
// Tweak 3dsx placeholder title exheaderInfo
if (hbldrIs3dsxTitle(exheaderInfo->aci.local_caps.title_id))
{
assertSuccess(hbldrInit());
HBLDR_PatchExHeaderInfo(exheaderInfo);
hbldrExit();
hbldrPatchExHeaderInfo(exheaderInfo);
}
else
{
u64 originaltitleId = exheaderInfo->aci.local_caps.title_id;
if(CONFIG(PATCHGAMES) && loadTitleExheaderInfo(exheaderInfo->aci.local_caps.title_id, exheaderInfo))
exheaderInfo->aci.local_caps.title_id = originaltitleId;
bool exhLoadedExternally = false;
if (CONFIG(PATCHGAMES))
{
// Require both "load external FIRM & modules" and "patch games" for sysmodules
if (IsSysmoduleId(originalTitleId))
exhLoadedExternally = CONFIG(LOADEXTFIRMSANDMODULES);
else
exhLoadedExternally = true;
}
if (exhLoadedExternally)
exhLoadedExternally = loadTitleExheaderInfo(originalTitleId, exheaderInfo);
if(exhLoadedExternally)
exheaderInfo->aci.local_caps.title_id = originalTitleId;
}
if (IsApplicationId(originalTitleId)) {
if (g_memoryOverrideConfig.enable_o3ds)
exheaderInfo->aci.local_caps.core_info.o3ds_system_mode = g_memoryOverrideConfig.o3ds_mode;
if (g_memoryOverrideConfig.enable_n3ds)
exheaderInfo->aci.local_caps.core_info.n3ds_system_mode = g_memoryOverrideConfig.n3ds_mode;
}
return res;
}
static Result LoadProcess(Handle *process, u64 programHandle)
static Result GetProgramInfo(u64 programHandle)
{
Result res;
int count;
u32 flags;
u32 desc;
u32 dummy;
prog_addrs_t sharedAddr;
prog_addrs_t vaddr;
Handle codeset;
CodeSetInfo codesetinfo;
u32 dataMemSize;
u64 titleId;
Result res = 0;
u64 cachedTitleId = g_exheaderInfo.aci.local_caps.title_id;
// make sure the cached info corrosponds to the current programHandle
if (g_cached_programHandle != programHandle || hbldrIs3dsxTitle(g_exheaderInfo.aci.local_caps.title_id))
if (programHandle != g_cached_programHandle || hbldrIs3dsxTitle(cachedTitleId))
{
res = GetProgramInfo(&g_exheaderInfo, programHandle);
g_cached_programHandle = programHandle;
if (R_FAILED(res))
{
g_cached_programHandle = 0;
return res;
res = GetProgramInfoImpl(&g_exheaderInfo, programHandle);
g_cached_programHandle = R_SUCCEEDED(res) ? programHandle : 0;
if (R_SUCCEEDED(res) && (u32)((g_exheaderInfo.aci.local_caps.title_id >> 0x20) & 0xFFFFFFEDULL) == 0x00040000) {
memcpy(&g_lastAppExheaderInfo, &g_exheaderInfo, sizeof(g_lastAppExheaderInfo));
}
}
// get kernel flags
flags = 0;
return res;
}
static Result LoadProcessImpl(Handle *outProcessHandle, const ExHeader_Info *exhi, u64 programHandle)
{
const ExHeader_CodeSetInfo *csi = &exhi->sci.codeset_info;
Result res = 0;
u32 dummy;
prog_addrs_t mapped;
prog_addrs_t vaddr;
Handle codeset;
CodeSetHeader csh;
u32 dataMemSize;
u32 region = 0;
s32 count;
for (count = 0; count < 28; count++)
{
desc = g_exheaderInfo.aci.kernel_caps.descriptors[count];
u32 desc = exhi->aci.kernel_caps.descriptors[count];
if (0x1FE == desc >> 23)
flags = desc & 0xF00;
}
if (flags == 0)
return MAKERESULT(RL_PERMANENT, RS_INVALIDARG, 1, 2);
// check for 3dsx process
titleId = g_exheaderInfo.aci.local_caps.title_id;
ExHeader_CodeSetInfo *csi = &g_exheaderInfo.sci.codeset_info;
if (hbldrIs3dsxTitle(titleId))
{
assertSuccess(hbldrInit());
assertSuccess(HBLDR_LoadProcess(&codeset, csi->text.address, flags & 0xF00, titleId, csi->name));
res = svcCreateProcess(process, codeset, g_exheaderInfo.aci.kernel_caps.descriptors, count);
svcCloseHandle(codeset);
hbldrExit();
return res;
region = desc & 0xF00;
}
if (region == 0)
return MAKERESULT(RL_PERMANENT, RS_INVALIDARG, RM_KERNEL, 2);
// allocate process memory
vaddr.text_addr = csi->text.address;
@ -247,35 +424,62 @@ static Result LoadProcess(Handle *process, u64 programHandle)
vaddr.data_size = (csi->data.size + 4095) >> 12;
dataMemSize = (csi->data.size + csi->bss_size + 4095) >> 12;
vaddr.total_size = vaddr.text_size + vaddr.ro_size + vaddr.data_size;
TRY(allocateSharedMem(&sharedAddr, &vaddr, flags));
TRY(allocateProgramMemoryWrapper(&mapped, exhi, &vaddr));
// load code
if (R_SUCCEEDED(res = loadCode(titleId, &sharedAddr, programHandle, csi->flags.compress_exefs_code)))
u64 titleId = exhi->aci.local_caps.title_id;
if (R_SUCCEEDED(res = loadCode(exhi, programHandle, &mapped)))
{
memcpy(&codesetinfo.name, csi->name, 8);
codesetinfo.program_id = titleId;
codesetinfo.text_addr = vaddr.text_addr;
codesetinfo.text_size = vaddr.text_size;
codesetinfo.text_size_total = vaddr.text_size;
codesetinfo.ro_addr = vaddr.ro_addr;
codesetinfo.ro_size = vaddr.ro_size;
codesetinfo.ro_size_total = vaddr.ro_size;
codesetinfo.rw_addr = vaddr.data_addr;
codesetinfo.rw_size = vaddr.data_size;
codesetinfo.rw_size_total = dataMemSize;
res = svcCreateCodeSet(&codeset, &codesetinfo, (void *)sharedAddr.text_addr, (void *)sharedAddr.ro_addr, (void *)sharedAddr.data_addr);
u32 *code = (u32 *)mapped.text_addr;
bool isHomebrew = code[0] == 0xEA000006 && code[8] == 0xE1A0400E;
memcpy(&csh.name, csi->name, 8);
csh.program_id = titleId;
csh.text_addr = vaddr.text_addr;
csh.text_size = vaddr.text_size;
csh.text_size_total = vaddr.text_size;
csh.ro_addr = vaddr.ro_addr;
csh.ro_size = vaddr.ro_size;
csh.ro_size_total = vaddr.ro_size;
csh.rw_addr = vaddr.data_addr;
csh.rw_size = vaddr.data_size;
csh.rw_size_total = dataMemSize;
res = svcCreateCodeSet(&codeset, &csh, mapped.text_addr, mapped.ro_addr, mapped.data_addr);
if (R_SUCCEEDED(res))
{
res = svcCreateProcess(process, codeset, g_exheaderInfo.aci.kernel_caps.descriptors, count);
// There are always 28 descriptors
res = svcCreateProcess(outProcessHandle, codeset, exhi->aci.kernel_caps.descriptors, count);
svcCloseHandle(codeset);
res = R_SUCCEEDED(res) ? 0 : res;
// check for plugin
if (!res && ((u32)((titleId >> 0x20) & 0xFFFFFFEDULL) == 0x00040000))
{
u32 processID;
assertSuccess(svcGetProcessId(&processID, *outProcessHandle));
assertSuccess(plgldrInit());
assertSuccess(PLGLDR_LoadPlugin(processID, isHomebrew));
plgldrExit();
}
}
}
svcControlMemory(&dummy, sharedAddr.text_addr, 0, sharedAddr.total_size << 12, MEMOP_FREE, 0);
svcControlMemory(&dummy, mapped.text_addr, 0, mapped.total_size << 12, MEMOP_FREE, 0);
return res;
}
static Result LoadProcess(Handle *process, u64 programHandle)
{
Result res = 0;
TRY(GetProgramInfo(programHandle));
if (hbldrIs3dsxTitle(g_exheaderInfo.aci.local_caps.title_id))
return assertSuccess(hbldrLoadProcess(process, &g_exheaderInfo));
else
// Break on failure, even here (if GetProgramInfo succeeds we shouldn't be here anyway)
return assertSuccess(LoadProcessImpl(process, &g_exheaderInfo, programHandle));
}
static Result RegisterProgram(u64 *programHandle, FS_ProgramInfo *title, FS_ProgramInfo *update)
{
Result res;
@ -294,9 +498,31 @@ static Result RegisterProgram(u64 *programHandle, FS_ProgramInfo *title, FS_Prog
}
else
{
TRY(PXIPM_RegisterProgram(programHandle, title, update));
if (IsHioId(*programHandle)) // double check this is indeed *not* HIO
panic(0);
bool loadedCxiFromStorage = false;
if (IsSysmoduleId(titleId) && CONFIG(LOADEXTFIRMSANDMODULES))
{
u64 tid2 = titleId & ~0xF0000000ull;
// Forbid having two such file handles being open at the same time
// Also reload the file even if already cached.
InvalidateCachedCxiFile();
res = openSysmoduleCxi(&g_cached_sysmoduleCxiFile, tid2);
if (R_SUCCEEDED(res))
{
// A .cxi with the correct name in /luma/sysmodule exists, proceed (ignoring N3DS TID bits)
*programHandle = SYSMODULE_CXI_COOKIE_MASK | (u32)tid2;
g_cached_sysmoduleCxiCookie = *programHandle;
loadedCxiFromStorage = true;
}
}
if (!loadedCxiFromStorage)
{
// Otherwise, just load as normal
TRY(PXIPM_RegisterProgram(programHandle, title, update));
if (IsHioId(*programHandle)) // double check this is indeed *not* HIO
panic(0);
}
}
return res;
@ -304,7 +530,17 @@ static Result RegisterProgram(u64 *programHandle, FS_ProgramInfo *title, FS_Prog
static Result UnregisterProgram(u64 programHandle)
{
return IsHioId(programHandle) ? FSREG_UnloadProgram(programHandle) : PXIPM_UnregisterProgram(programHandle);
if (g_cached_programHandle == programHandle)
g_cached_programHandle = 0;
if (IsSysmoduleCxiCookie(programHandle))
{
if (programHandle == g_cached_sysmoduleCxiCookie)
InvalidateCachedCxiFile();
return 0;
}
else
return IsHioId(programHandle) ? FSREG_UnloadProgram(programHandle) : PXIPM_UnregisterProgram(programHandle);
}
void loaderHandleCommands(void *ctx)
@ -312,6 +548,7 @@ void loaderHandleCommands(void *ctx)
(void)ctx;
FS_ProgramInfo title;
FS_ProgramInfo update;
ControlApplicationMemoryModeOverrideConfig memModeOverride;
u32* cmdbuf;
u16 cmdid;
int res;
@ -340,24 +577,36 @@ void loaderHandleCommands(void *ctx)
break;
case 3: // UnregisterProgram
memcpy(&programHandle, &cmdbuf[1], 8);
if (g_cached_programHandle == programHandle)
g_cached_programHandle = 0;
cmdbuf[1] = UnregisterProgram(programHandle);
cmdbuf[0] = IPC_MakeHeader(3, 1, 0);
break;
case 4: // GetProgramInfo
memcpy(&programHandle, &cmdbuf[1], 8);
if (programHandle != g_cached_programHandle || hbldrIs3dsxTitle(g_exheaderInfo.aci.local_caps.title_id))
{
res = GetProgramInfo(&g_exheaderInfo, programHandle);
g_cached_programHandle = R_SUCCEEDED(res) ? programHandle : 0;
}
memcpy(&g_ret_buf, &g_exheaderInfo, sizeof(ExHeader_Info));
res = GetProgramInfo(programHandle);
cmdbuf[0] = IPC_MakeHeader(4, 1, 2);
cmdbuf[1] = res;
cmdbuf[2] = IPC_Desc_StaticBuffer(sizeof(ExHeader_Info), 0); //0x1000002;
cmdbuf[3] = (u32)&g_ret_buf;
cmdbuf[3] = (u32)&g_exheaderInfo; // official Loader makes a copy here, but this is isn't necessary
break;
// Custom
case 0x100: // DisableNextGamePatch
nextGamePatchDisabled = true;
cmdbuf[0] = IPC_MakeHeader(0x100, 1, 0);
cmdbuf[1] = (Result)0;
break;
case 0x101: // ControlApplicationMemoryModeOverride
memcpy(&memModeOverride, &cmdbuf[1], sizeof(ControlApplicationMemoryModeOverrideConfig));
if (!memModeOverride.query)
g_memoryOverrideConfig = memModeOverride;
cmdbuf[0] = IPC_MakeHeader(0x101, 2, 0);
cmdbuf[1] = (Result)0;
memcpy(&cmdbuf[2], &g_memoryOverrideConfig, sizeof(ControlApplicationMemoryModeOverrideConfig));
break;
case 0x102: // GetLastApplicationProgramInfo
cmdbuf[0] = IPC_MakeHeader(0x102, 1, 2);
cmdbuf[1] = (Result)0;
cmdbuf[2] = IPC_Desc_StaticBuffer(sizeof(ExHeader_Info), 0);
cmdbuf[3] = (u32)&g_lastAppExheaderInfo;
break;
default: // error
cmdbuf[0] = IPC_MakeHeader(0, 1, 0);

7
sysmodules/loader/source/luma_shared_config.h
View File

@ -18,10 +18,11 @@
#include <3ds/types.h>
/// Luma shared config type.
/// Luma shared config type (private!).
typedef struct LumaSharedConfig {
u64 hbldr_3dsx_tid; ///< Title ID to use for 3DSX loading.
bool use_hbldr; ///< Whether or not Loader should use hb:ldr (Rosalina writes 1).
u64 hbldr_3dsx_tid; ///< Title ID to use for 3DSX loading (current).
u64 selected_hbldr_3dsx_tid; ///< Title ID to use for 3DSX loading (to be moved to "current" when the current app closes).
bool use_hbldr; ///< Whether or not Loader should use hb:ldr (reset to true).
} LumaSharedConfig;
/// Luma shared config.

73
sysmodules/loader/source/main.c
View File

@ -1,13 +1,16 @@
#include <3ds.h>
#include <assert.h>
#include "memory.h"
#include "patcher.h"
#include "ifile.h"
#include "util.h"
#include "loader.h"
#include "service_manager.h"
#include "3dsx.h"
#include "hbldr.h"
u32 config, multiConfig, bootConfig;
bool isN3DS, isSdMode;
bool isN3DS, isSdMode, nextGamePatchDisabled, isLumaWithKext;
// MAKE SURE fsreg has been init before calling this
static Result fsldrPatchPermissions(void)
@ -28,20 +31,50 @@ static Result fsldrPatchPermissions(void)
static inline void loadCFWInfo(void)
{
s64 out;
u64 hbldrTid = 0;
if(svcGetSystemInfo(&out, 0x20000, 0) != 1) panic(0xDEADCAFE);
isLumaWithKext = svcGetSystemInfo(&out, 0x20000, 0) == 1;
if (isLumaWithKext)
{
svcGetSystemInfo(&out, 0x10000, 3);
config = (u32)out;
svcGetSystemInfo(&out, 0x10000, 4);
multiConfig = (u32)out;
svcGetSystemInfo(&out, 0x10000, 5);
bootConfig = (u32)out;
svcGetSystemInfo(&out, 0x10000, 3);
config = (u32)out;
svcGetSystemInfo(&out, 0x10000, 4);
multiConfig = (u32)out;
svcGetSystemInfo(&out, 0x10000, 5);
bootConfig = (u32)out;
svcGetSystemInfo(&out, 0x10000, 0x100);
hbldrTid = (u64)out;
svcGetSystemInfo(&out, 0x10000, 0x201);
isN3DS = (bool)out;
svcGetSystemInfo(&out, 0x10000, 0x203);
isSdMode = (bool)out;
}
else
{
// Try to support non-Luma or builds where kext is disabled
s64 numKips = 0;
svcGetSystemInfo(&numKips, 26, 0);
svcGetSystemInfo(&out, 0x10000, 0x201);
isN3DS = (bool)out;
svcGetSystemInfo(&out, 0x10000, 0x203);
isSdMode = (bool)out;
if (numKips >= 6)
panic(0xDEADCAFE);
#ifndef BUILD_FOR_EXPLOIT_DEV
// Most options 0, except select ones
config = BIT(PATCHVERSTRING) | BIT(PATCHGAMES) | BIT(LOADEXTFIRMSANDMODULES);
#else
config = 0;
#endif
multiConfig = 0;
bootConfig = 0;
isN3DS = OS_KernelConfig->app_memtype >= 6;
isSdMode = true;
}
hbldrTid = hbldrTid == 0 ? HBLDR_DEFAULT_3DSX_TID : hbldrTid;
Luma_SharedConfig->hbldr_3dsx_tid = hbldrTid;
Luma_SharedConfig->selected_hbldr_3dsx_tid = hbldrTid;
Luma_SharedConfig->use_hbldr = true;
}
void __ctru_exit(int rc) { (void)rc; } // needed to avoid linking error
@ -87,7 +120,8 @@ void initSystem(void)
}
static const ServiceManagerServiceEntry services[] = {
{ "Loader", 1, loaderHandleCommands, false },
{ "Loader", 2, loaderHandleCommands, false },
{ "hb:ldr", 2, hbldrHandleCommands, true },
{ NULL },
};
@ -95,9 +129,20 @@ static const ServiceManagerNotificationEntry notifications[] = {
{ 0x000, NULL },
};
static u8 CTR_ALIGN(4) staticBufferForHbldr[0x400];
static_assert(ARGVBUF_SIZE > 2 * PATH_MAX, "Wrong 3DSX argv buffer size");
int main(void)
{
loadCFWInfo();
nextGamePatchDisabled = false;
// Loader doesn't use any input static buffer, so we should be fine
u32 *sbuf = getThreadStaticBuffers();
sbuf[0] = IPC_Desc_StaticBuffer(sizeof(staticBufferForHbldr), 0);
sbuf[1] = (u32)staticBufferForHbldr;
sbuf[2] = IPC_Desc_StaticBuffer(sizeof(staticBufferForHbldr), 1);
sbuf[3] = (u32)staticBufferForHbldr;
assertSuccess(ServiceManager_Run(services, notifications, NULL));
return 0;
}

167
sysmodules/loader/source/paslr.c Normal file
View File

@ -0,0 +1,167 @@
#include <3ds.h>
#include "paslr.h"
#include "util.h"
#include "hbldr.h"
static const u32 titleUidListForPaslr[] = {
// JPN/USA/EUR/KOR/TWN or GLOBAL
0x0209, 0x0219, 0x0229, 0x0269, 0x0289, // Nintendo eShop
0x0334, 0x0335, 0x0336, // The Legend of Zelda: Ocarina of Time 3D
0x0343, 0x0465, 0x04B3, // Cubic Ninja
0x0913, 0x09FA, 0x0933, // Freakyforms Deluxe
0x07FD, 0x0961, // VVVVVV
0x0A5D, 0x0A5E, 0x0A6F, 0x0C61, 0x0C81, // Paper Mario: Sticker Star
0x0D7C, 0x0D7D, 0x0D7E, // Steel Diver: Sub Wars
0x11C4, // Pokemon Omega Ruby (GLOBAL)
0x11C5, // Pokemon Alpha Sapphire (GLOBAL)
0x149B, 0x1746, 0x1744, // Pokemon Super Mystery Dungeon
0x1773, 0x12C1, 0x136E, // Citizens of Earth
0x17C1, // Pokemon Picross (GLOBAL)
};
static u32 getRandomInt(u32 maxNum)
{
// As reverse-engineered from latest Loader
static u64 state = 0;
s64 tick = (s64)svcGetSystemTick();
u64 tmp = (state >> 7) - (tick >> 2);
state = (tmp ^ state) & 0x49CC9BA7FC61CA67ull;
tmp = 0x5D588B656C078965ull * state + 0x29EC3;
return (u32)(((tmp >> 32) * maxNum) >> 32);
}
static bool needsPaslr(u32 *outRegion, const ExHeader_Info *exhi)
{
u32 region = 0;
u16 minKernelVer = 0;
for (u32 i = 0; i < 28; i++)
{
u32 desc = exhi->aci.kernel_caps.descriptors[i];
if (desc >> 23 == 0x1FE)
region = desc & 0xF00;
else if (desc >> 25 == 0x7E)
minKernelVer = (u16)desc;
}
*outRegion = region;
#if defined(LOADER_ENABLE_PASLR) || defined(BUILD_FOR_EXPLOIT_DEV)
// Only applications and system applets (HM, Internet Browser...) are eligible for PASLR
if (region != MEMOP_REGION_APP && region != MEMOP_REGION_SYSTEM)
return false;
else if (region == MEMOP_REGION_SYSTEM && exhi->aci.local_caps.reslimit_category == RESLIMIT_CATEGORY_LIB_APPLET)
return false;
// All titles requiring 11.2+ kernel get PASLR
if (minKernelVer >= (SYSTEM_VERSION(2, 57, 0) >> 16))
return true;
// Otherwise, only games with known exploits and eShop get it
u64 titleId = exhi->aci.local_caps.title_id;
// Check if this is indeed a CTR title ID (high u32 = 00040xxx)
if (titleId >> 46 != 0x10)
return false;
for (u32 i = 0; i < sizeof(titleUidListForPaslr)/sizeof(titleUidListForPaslr[0]); i++)
{
if (((titleId >> 8) & 0xFFFFF) == titleUidListForPaslr[i])
return true;
}
#else
(void)minKernelVer;
(void)titleUidListForPaslr;
#endif
return false;
}
Result allocateProgramMemory(const ExHeader_Info *exhi, u32 vaddr, u32 size)
{
Result res = 0;
u32 region = 0;
bool doPaslr = needsPaslr(&region, exhi);
u32 tmp = 0;
if (region == 0)
return MAKERESULT(RL_PERMANENT, RS_INVALIDARG, 1, 2);
u32 allocFlags = MEMOP_ALLOC | region;
if (!doPaslr)
return svcControlMemory(&tmp, vaddr, 0, size, allocFlags, MEMPERM_READWRITE);
// Divide the virtual address space into up to 7 chunks, each a random multiple (between 1 and 16) of 64KB.
// 64KB corresponds to a "large page" for the Armv6 MMU, hence the optimization choice.
// An additional 8th chunk gets the rest (if anything).
u32 totalNumPages = size >> 12;
u32 curPage = 0;
u32 numChunks;
u32 chunkStartAddrs[8];
u32 chunkSizes[8];
for (numChunks = 0; numChunks < 7; numChunks++)
{
u32 maxUnits = (totalNumPages - curPage) / 16;
if (maxUnits == 0)
break;
else if (maxUnits > 15)
maxUnits = 15;
u32 numPages = 16 * (1 + getRandomInt(maxUnits));
chunkStartAddrs[numChunks] = vaddr + (curPage << 12);
chunkSizes[numChunks] = numPages << 12;
curPage += numPages;
}
if (curPage < totalNumPages)
{
u32 numPages = totalNumPages - curPage;
chunkStartAddrs[numChunks] = vaddr + (curPage << 12);
chunkSizes[numChunks] = numPages << 12;
curPage += numPages;
++numChunks;
}
// Randomize the order the VA chunks are allocated in physical memory, from last to first
u32 chunkOrder[8] = {0, 1, 2, 3, 4, 5, 6, 7};
u32 numChunksToRandomize = numChunks;
if (totalNumPages % 16 != 0)
{
// For MMU optimization reasons, we only randomize chunks that are multiples of 64KB (large page)
// in size. This means that if the process image (.text, .rodata, .data) is not a muliple of 64KB
// in size, then its last few pages are not randomized at all.
// In pratice, under normal circumstances, this means that the last few pages of applications are
// guaranteed to be located in <APPLICATION memregion end> - (image_size & ~0xFFFF).
--numChunksToRandomize;
}
for (s32 i = numChunksToRandomize - 1; i >= 0; i--)
{
u32 j = getRandomInt(i + 1);
tmp = chunkOrder[i];
chunkOrder[i] = chunkOrder[j];
chunkOrder[j] = tmp;
}
// Allocate the memory
u32 i;
for (i = 0; i < numChunks; i++)
{
u32 idx = chunkOrder[i];
res = svcControlMemory(&tmp, chunkStartAddrs[idx], 0, chunkSizes[idx], allocFlags, MEMPERM_READWRITE);
if (R_FAILED(res))
break;
}
// Success
if (i == numChunks)
return res;
// Clean up on failure
for (u32 j = 0; j < i; j++)
{
u32 idx = chunkOrder[i];
svcControlMemory(&tmp, chunkStartAddrs[idx], 0, chunkSizes[idx], MEMOP_FREE, MEMPERM_DONTCARE);
}
return res;
}

Some files were not shown because too many files have changed in this diff Show More