Luma3DS-3GX/source/patches.c

/*
*   patches.c
*       by Reisyukaku
*   Copyright (c) 2015 All Rights Reserved
*/

#include "patches.h"
#include "memory.h"

/**************************************************
*                   Patches
**************************************************/

const u8 mpu[0x2C] = {    //MPU shit
    0x03, 0x00, 0x36, 0x00, 0x00, 0x00, 0x10, 0x10, 0x01, 0x00, 0x00, 0x01, 0x03, 0x00, 0x36, 0x00, 
    0x00, 0x00, 0x00, 0x20, 0x01, 0x01, 0x01, 0x01, 0x03, 0x06, 0x20, 0x00, 0x00, 0x00, 0x00, 0x08, 
    0x01, 0x01, 0x01, 0x01, 0x03, 0x06, 0x1C, 0x00, 0x00, 0x00, 0x02, 0x08
    };

//Branch to emunand function. To be filled in
u8 nandRedir[0x08] = {0x00, 0x4C, 0xA0, 0x47, 0x00, 0x00, 0x00, 0x00};

const u8 sigPat1[2] = {0x00, 0x20};
const u8 sigPat2[4] = {0x00, 0x20, 0x70, 0x47};

const u8 FIRMblock[4] = {0x00, 0x20, 0xC0, 0x46};

/**************************************************
*                   Functions
**************************************************/

u8 *getProc9(void *pos, u32 size){
    return (u8 *)memsearch(pos, "ess9", size, 4);
}

void getSignatures(void *pos, u32 size, u32 *off, u32 *off2){
    //Look for signature checks
    const unsigned char pattern[] = {0xC0, 0x1C, 0x76, 0xE7};
    const unsigned char pattern2[] = {0xB5, 0x22, 0x4D, 0x0C};

    *off = (u32)memsearch(pos, pattern, size, 4);
    *off2 = (u32)memsearch(pos, pattern2, size, 4) - 1;
}

u8 *getReboot(void *pos, u32 size){
    //Look for FIRM reboot code
    const unsigned char pattern[] = {0xDE, 0x1F, 0x8D, 0xE2};

    return (u8 *)memsearch(pos, pattern, size, 4) - 0x10;
}

u32 getfOpen(void *pos, u32 size, u8 *proc9Offset){
    //Offset Process9 code gets loaded to in memory (defined in ExHeader)
    u32 p9MemAddr = *(u32 *)(proc9Offset + 0xC);
    //Start of Process9 .code section (start of NCCH + ExeFS offset + ExeFS header size)
    u32 p9CodeOff = (u32)(proc9Offset - 0x204) + (*(u32 *)(proc9Offset - 0x64) * 0x200) + 0x200;

    //Calculate fOpen
    const unsigned char pattern[] = {0xB0, 0x04, 0x98, 0x0D};

    return (u32)memsearch(pos, pattern, size, 4) - 2 - p9CodeOff + p9MemAddr;
}

void *getFIRMWrite(void *pos, u32 size){
    //Look for FIRM writing code
    u8 *firmwrite = (u8 *)memsearch(pos, "exe:", size, 4);
    const unsigned char pattern[] = {0x00, 0x28, 0x01, 0xDA};

    return memsearch(firmwrite - 0x100, pattern, 0x100, 4);
}
Added crypto libs, tons of code refactoring to support other firms, other minor stability issues handled. 2015-08-21 20:11:23 +02:00			`/*`
			`* patches.c`
			`* by Reisyukaku`
			`* Copyright (c) 2015 All Rights Reserved`
			`*/`

			`#include "patches.h"`
Merged my changes There you have it! 2016-02-08 03:37:03 +01:00			`#include "memory.h"`
Added crypto libs, tons of code refactoring to support other firms, other minor stability issues handled. 2015-08-21 20:11:23 +02:00
			`/**************************************************`
			`* Patches`
			`**************************************************/`

Const for all Probably useless, but for the sake of readability 2016-03-06 23:52:14 +01:00			`const u8 mpu[0x2C] = { //MPU shit`
Added crypto libs, tons of code refactoring to support other firms, other minor stability issues handled. 2015-08-21 20:11:23 +02:00			`0x03, 0x00, 0x36, 0x00, 0x00, 0x00, 0x10, 0x10, 0x01, 0x00, 0x00, 0x01, 0x03, 0x00, 0x36, 0x00,`
			`0x00, 0x00, 0x00, 0x20, 0x01, 0x01, 0x01, 0x01, 0x03, 0x06, 0x20, 0x00, 0x00, 0x00, 0x00, 0x08,`
			`0x01, 0x01, 0x01, 0x01, 0x03, 0x06, 0x1C, 0x00, 0x00, 0x00, 0x02, 0x08`
			`};`
Merged my changes There you have it! 2016-02-08 03:37:03 +01:00
Slightly improved the reboot patch, added emuNAND patch improvements from CakesFW, made the emuNAND patch completely version-independent Should work as-is with future firmwares! 2016-03-21 03:20:15 +01:00			`//Branch to emunand function. To be filled in`
			`u8 nandRedir[0x08] = {0x00, 0x4C, 0xA0, 0x47, 0x00, 0x00, 0x00, 0x00};`
Added crypto libs, tons of code refactoring to support other firms, other minor stability issues handled. 2015-08-21 20:11:23 +02:00
Const for all Probably useless, but for the sake of readability 2016-03-06 23:52:14 +01:00			`const u8 sigPat1[2] = {0x00, 0x20};`
			`const u8 sigPat2[4] = {0x00, 0x20, 0x70, 0x47};`
Even moar clean-up 2016-03-06 16:24:42 +01:00
Const for all Probably useless, but for the sake of readability 2016-03-06 23:52:14 +01:00			`const u8 FIRMblock[4] = {0x00, 0x20, 0xC0, 0x46};`
Even moar clean-up 2016-03-06 16:24:42 +01:00
Added crypto libs, tons of code refactoring to support other firms, other minor stability issues handled. 2015-08-21 20:11:23 +02:00			`/**************************************************`
			`* Functions`
			`**************************************************/`

Clean-up, optimized the SDMMC struct searching function, lots of useless casts removed, Process9 only gets searched once 2016-03-21 18:56:41 +01:00			`u8 getProc9(void pos, u32 size){`
			`return (u8 *)memsearch(pos, "ess9", size, 4);`
			`}`

Merged my changes There you have it! 2016-02-08 03:37:03 +01:00			`void getSignatures(void pos, u32 size, u32 off, u32 *off2){`
			`//Look for signature checks`
Const for all Probably useless, but for the sake of readability 2016-03-06 23:52:14 +01:00			`const unsigned char pattern[] = {0xC0, 0x1C, 0x76, 0xE7};`
			`const unsigned char pattern2[] = {0xB5, 0x22, 0x4D, 0x0C};`
Added crypto libs, tons of code refactoring to support other firms, other minor stability issues handled. 2015-08-21 20:11:23 +02:00
Reduced pattern size, fixed N3DS NAND0 FIRM size It's actually a little smaller 2016-02-11 00:45:24 +01:00			`*off = (u32)memsearch(pos, pattern, size, 4);`
Re-added reboot patch on A9LH, optimizations O3DS and N3DS now share the same emuNAND patch, shorter patching patterns, patched_firmware does not keep garbage from larger loaded FIRMs, flags can be empty files 2016-02-20 15:29:32 +01:00			`*off2 = (u32)memsearch(pos, pattern2, size, 4) - 1;`
Added crypto libs, tons of code refactoring to support other firms, other minor stability issues handled. 2015-08-21 20:11:23 +02:00			`}`

Clean-up, optimized the SDMMC struct searching function, lots of useless casts removed, Process9 only gets searched once 2016-03-21 18:56:41 +01:00			`u8 getReboot(void pos, u32 size){`
Merged my changes There you have it! 2016-02-08 03:37:03 +01:00			`//Look for FIRM reboot code`
Const for all Probably useless, but for the sake of readability 2016-03-06 23:52:14 +01:00			`const unsigned char pattern[] = {0xDE, 0x1F, 0x8D, 0xE2};`
Added crypto libs, tons of code refactoring to support other firms, other minor stability issues handled. 2015-08-21 20:11:23 +02:00
Clean-up, optimized the SDMMC struct searching function, lots of useless casts removed, Process9 only gets searched once 2016-03-21 18:56:41 +01:00			`return (u8 *)memsearch(pos, pattern, size, 4) - 0x10;`
New reboot patch (works on N3DS, no more GBA/DS or 80 MB games toggle), fixed N3DS 3D bug (thanks TiniVi and Cakes), code cleanup, new universal MPU code (thanks Cakes) Thanks to a very skilled reverser for the reboot patch! 2016-02-25 20:19:20 +01:00			`}`

Clean-up, optimized the SDMMC struct searching function, lots of useless casts removed, Process9 only gets searched once 2016-03-21 18:56:41 +01:00			`u32 getfOpen(void pos, u32 size, u8 proc9Offset){`
No need to search for the Process9 .code, calculate it (one memsearch less) 2016-03-21 20:24:12 +01:00			`//Offset Process9 code gets loaded to in memory (defined in ExHeader)`
Clean-up, optimized the SDMMC struct searching function, lots of useless casts removed, Process9 only gets searched once 2016-03-21 18:56:41 +01:00			`u32 p9MemAddr = (u32 )(proc9Offset + 0xC);`
No need to search for the Process9 .code, calculate it (one memsearch less) 2016-03-21 20:24:12 +01:00			`//Start of Process9 .code section (start of NCCH + ExeFS offset + ExeFS header size)`
			`u32 p9CodeOff = (u32)(proc9Offset - 0x204) + ((u32 )(proc9Offset - 0x64) * 0x200) + 0x200;`

			`//Calculate fOpen`
Const for all Probably useless, but for the sake of readability 2016-03-06 23:52:14 +01:00			`const unsigned char pattern[] = {0xB0, 0x04, 0x98, 0x0D};`
New reboot patch (works on N3DS, no more GBA/DS or 80 MB games toggle), fixed N3DS 3D bug (thanks TiniVi and Cakes), code cleanup, new universal MPU code (thanks Cakes) Thanks to a very skilled reverser for the reboot patch! 2016-02-25 20:19:20 +01:00
Clean-up, optimized the SDMMC struct searching function, lots of useless casts removed, Process9 only gets searched once 2016-03-21 18:56:41 +01:00			`return (u32)memsearch(pos, pattern, size, 4) - 2 - p9CodeOff + p9MemAddr;`
Added "updated sysNAND" mode, FIRM writes patch, propered emuNAND code location Thanks to delebile for the patch! 2016-02-19 21:32:07 +01:00			`}`

Clean-up, optimized the SDMMC struct searching function, lots of useless casts removed, Process9 only gets searched once 2016-03-21 18:56:41 +01:00			`void getFIRMWrite(void pos, u32 size){`
Added "updated sysNAND" mode, FIRM writes patch, propered emuNAND code location Thanks to delebile for the patch! 2016-02-19 21:32:07 +01:00			`//Look for FIRM writing code`
Fixed stupid mistakes 2016-03-06 19:05:41 +01:00			`u8 firmwrite = (u8 )memsearch(pos, "exe:", size, 4);`
Const for all Probably useless, but for the sake of readability 2016-03-06 23:52:14 +01:00			`const unsigned char pattern[] = {0x00, 0x28, 0x01, 0xDA};`
Added "updated sysNAND" mode, FIRM writes patch, propered emuNAND code location Thanks to delebile for the patch! 2016-02-19 21:32:07 +01:00
Clean-up, optimized the SDMMC struct searching function, lots of useless casts removed, Process9 only gets searched once 2016-03-21 18:56:41 +01:00			`return memsearch(firmwrite - 0x100, pattern, 0x100, 4);`
Added crypto libs, tons of code refactoring to support other firms, other minor stability issues handled. 2015-08-21 20:11:23 +02:00			`}`