2015-08-21 20:11:23 +02:00
|
|
|
/*
|
|
|
|
* patches.c
|
2016-03-23 02:27:53 +01:00
|
|
|
* by Reisyukaku / Aurora Wright
|
|
|
|
* Copyright (c) 2016 All Rights Reserved
|
2015-08-21 20:11:23 +02:00
|
|
|
*/
|
|
|
|
|
|
|
|
#include "patches.h"
|
2016-02-08 03:37:03 +01:00
|
|
|
#include "memory.h"
|
2015-08-21 20:11:23 +02:00
|
|
|
|
|
|
|
/**************************************************
|
|
|
|
* Patches
|
|
|
|
**************************************************/
|
|
|
|
|
2016-03-23 02:27:53 +01:00
|
|
|
const u8 mpu[0x2C] = {
|
2015-08-21 20:11:23 +02:00
|
|
|
0x03, 0x00, 0x36, 0x00, 0x00, 0x00, 0x10, 0x10, 0x01, 0x00, 0x00, 0x01, 0x03, 0x00, 0x36, 0x00,
|
|
|
|
0x00, 0x00, 0x00, 0x20, 0x01, 0x01, 0x01, 0x01, 0x03, 0x06, 0x20, 0x00, 0x00, 0x00, 0x00, 0x08,
|
|
|
|
0x01, 0x01, 0x01, 0x01, 0x03, 0x06, 0x1C, 0x00, 0x00, 0x00, 0x02, 0x08
|
2016-03-23 02:27:53 +01:00
|
|
|
};
|
2016-02-08 03:37:03 +01:00
|
|
|
|
2016-03-21 03:20:15 +01:00
|
|
|
//Branch to emunand function. To be filled in
|
|
|
|
u8 nandRedir[0x08] = {0x00, 0x4C, 0xA0, 0x47, 0x00, 0x00, 0x00, 0x00};
|
2015-08-21 20:11:23 +02:00
|
|
|
|
2016-03-06 23:52:14 +01:00
|
|
|
const u8 sigPat1[2] = {0x00, 0x20};
|
|
|
|
const u8 sigPat2[4] = {0x00, 0x20, 0x70, 0x47};
|
2016-03-06 16:24:42 +01:00
|
|
|
|
2016-03-23 02:27:53 +01:00
|
|
|
const u8 writeBlock[4] = {0x00, 0x20, 0xC0, 0x46};
|
2016-03-06 16:24:42 +01:00
|
|
|
|
2015-08-21 20:11:23 +02:00
|
|
|
/**************************************************
|
|
|
|
* Functions
|
|
|
|
**************************************************/
|
|
|
|
|
2016-03-21 18:56:41 +01:00
|
|
|
u8 *getProc9(void *pos, u32 size){
|
|
|
|
return (u8 *)memsearch(pos, "ess9", size, 4);
|
|
|
|
}
|
|
|
|
|
2016-02-08 03:37:03 +01:00
|
|
|
void getSignatures(void *pos, u32 size, u32 *off, u32 *off2){
|
|
|
|
//Look for signature checks
|
2016-03-06 23:52:14 +01:00
|
|
|
const unsigned char pattern[] = {0xC0, 0x1C, 0x76, 0xE7};
|
|
|
|
const unsigned char pattern2[] = {0xB5, 0x22, 0x4D, 0x0C};
|
2015-08-21 20:11:23 +02:00
|
|
|
|
2016-02-11 00:45:24 +01:00
|
|
|
*off = (u32)memsearch(pos, pattern, size, 4);
|
2016-02-20 15:29:32 +01:00
|
|
|
*off2 = (u32)memsearch(pos, pattern2, size, 4) - 1;
|
2015-08-21 20:11:23 +02:00
|
|
|
}
|
|
|
|
|
2016-03-23 15:16:40 +01:00
|
|
|
void *getReboot(void *pos, u32 size){
|
2016-02-08 03:37:03 +01:00
|
|
|
//Look for FIRM reboot code
|
2016-03-06 23:52:14 +01:00
|
|
|
const unsigned char pattern[] = {0xDE, 0x1F, 0x8D, 0xE2};
|
2015-08-21 20:11:23 +02:00
|
|
|
|
2016-03-21 18:56:41 +01:00
|
|
|
return (u8 *)memsearch(pos, pattern, size, 4) - 0x10;
|
2016-02-25 20:19:20 +01:00
|
|
|
}
|
|
|
|
|
2016-03-21 18:56:41 +01:00
|
|
|
u32 getfOpen(void *pos, u32 size, u8 *proc9Offset){
|
2016-03-21 20:24:12 +01:00
|
|
|
//Offset Process9 code gets loaded to in memory (defined in ExHeader)
|
2016-03-21 18:56:41 +01:00
|
|
|
u32 p9MemAddr = *(u32 *)(proc9Offset + 0xC);
|
2016-03-21 20:24:12 +01:00
|
|
|
//Start of Process9 .code section (start of NCCH + ExeFS offset + ExeFS header size)
|
|
|
|
u32 p9CodeOff = (u32)(proc9Offset - 0x204) + (*(u32 *)(proc9Offset - 0x64) * 0x200) + 0x200;
|
|
|
|
|
|
|
|
//Calculate fOpen
|
2016-03-06 23:52:14 +01:00
|
|
|
const unsigned char pattern[] = {0xB0, 0x04, 0x98, 0x0D};
|
2016-02-25 20:19:20 +01:00
|
|
|
|
2016-03-21 18:56:41 +01:00
|
|
|
return (u32)memsearch(pos, pattern, size, 4) - 2 - p9CodeOff + p9MemAddr;
|
2016-02-19 21:32:07 +01:00
|
|
|
}
|
|
|
|
|
2016-03-23 02:27:53 +01:00
|
|
|
void *getFirmWrite(void *pos, u32 size){
|
2016-02-19 21:32:07 +01:00
|
|
|
//Look for FIRM writing code
|
2016-03-25 18:17:12 +01:00
|
|
|
u8 *const off = (u8 *)memsearch(pos, "exe:", size, 4);
|
2016-03-06 23:52:14 +01:00
|
|
|
const unsigned char pattern[] = {0x00, 0x28, 0x01, 0xDA};
|
2016-02-19 21:32:07 +01:00
|
|
|
|
2016-03-25 18:17:12 +01:00
|
|
|
return memsearch(off - 0x100, pattern, 0x100, 4);
|
2015-08-21 20:11:23 +02:00
|
|
|
}
|