10.2 firmlaunch + emunand partition bug fix

source/crypto.c

@@ -387,12 +387,12 @@ void arm9loader(void *armHdr){
     aes((void *)(armHdr+0x800), (void *)(armHdr+0x800), size/AES_BLOCK_SIZE, CTR, AES_CTR_MODE, AES_INPUT_BE | AES_INPUT_NORMAL);
     
     //Set keys 0x19..0x1F keyXs
-    u8* decKey = (void *)((uintptr_t)armHdr+0x8A824);
+    u8* decKey = (void *)((uintptr_t)armHdr+0x89824);
     aes_use_keyslot(0x11);
     for(slot = 0x19; slot < 0x20; slot++) {
         aes_setkey(0x11, (u8*)key2, AES_KEYNORMAL, AES_INPUT_BE | AES_INPUT_NORMAL);
-        aes(decKey, (void *)((uintptr_t)armHdr+0x8A814), 1, NULL, AES_ECB_DECRYPT_MODE, 0);
+        aes(decKey, (void *)((uintptr_t)armHdr+0x89814), 1, NULL, AES_ECB_DECRYPT_MODE, 0);
         aes_setkey(slot, (u8*)decKey, AES_KEYX, AES_INPUT_BE | AES_INPUT_NORMAL);
-        *(u8 *)((void *)((uintptr_t)armHdr+0x8A814+0xF)) += 1;
+        *(u8 *)((void *)((uintptr_t)armHdr+0x89814+0xF)) += 1;
     }
 }

source/emunand.c

@@ -8,34 +8,14 @@
 #include "fatfs/ff.h"
 #include "fatfs/sdmmc/sdmmc.h"
 
-typedef struct emunand {
-    u32 offset;
-    u32 header;
-    const char* name;
-} emunand;
+static u8 *temp = (u8*)0x24300000;
 
-emunand emunands[] = {
-        {.offset = 1, .header = 1, .name = "redNAND"},
-        {.offset = 0, .header = 0x1D7800, .name = "Toshiba GW/MT"},
-        {.offset = 0, .header = 0x1DD000, .name = "Samsung GW/MT"},
-        {.offset = 0, .header = 0x26C000, .name = "Samsung N3DS GW"},
-        {.offset = 0, .header = 0x3B0000, .name = "Unknown N3DS GW"},
-        {.offset = 0, .header = 0, .name = 0},
-};
-
-static u8 *temp = (u8 *)0x24300000;
-
-u8 getEmunand(u32 *off, u32 *head){
-    u8 ret = 0;
-    for(int i = 0; emunands[i].name; i++){
-        if (sdmmc_sdcard_readsectors(emunands[i].header, 1, temp) == 0) {
-            if (*(u32 *)(temp + 0x100) == NCSD_MAGIC) {
-                *off = (u32)&emunands[i].offset;
-                *head = (u32)&emunands[i].header;
-                ret = 1;
-                break;
-            }
+void getEmunand(u32 *off, u32 *head){
+    u32 nandSize = getMMCDevice(0)->total_size;
+    if (sdmmc_sdcard_readsectors(nandSize, 1, temp) == 0) {
+        if (*(u32*)(temp + 0x100) == NCSD_MAGIC) {
+            *off = 0;
+            *head = nandSize;
         }
     }
-    return ret;
 }

source/emunand.h

@@ -11,6 +11,6 @@
 
 #define NCSD_MAGIC (0x4453434E)
 
-u8 getEmunand(u32 *off, u32 *head);
+void getEmunand(u32 *off, u32 *head);
 
 #endif

source/firm.c

@@ -12,7 +12,6 @@
 #include "crypto.h"
 
 const firmHeader *firmLocation = (firmHeader *)0x24000000;
-const u32 firmSize = 0xF3000;
 firmSectionHeader *section;
 u32 emuOffset = 0;
 u32 emuHeader = 0;
@@ -20,7 +19,7 @@ u32 emuHeader = 0;
 //Load firm into FCRAM
 void loadFirm(void){
     //Read FIRM from SD card and write to FCRAM
-    fileRead((u8*)firmLocation, "/rei/firmware.bin", firmSize);
+    fileRead((u8*)firmLocation, "/rei/firmware.bin", 0);
     section = firmLocation->section;
     arm9loader((u8*)firmLocation + section[2].offset);
 }
@@ -33,11 +32,12 @@ void loadEmu(void){
     fileRead(code, "/rei/emunand/emunand.bin", 0);
     u32 *pos_offset = memsearch(code, "NAND", 0x218, 4);
     u32 *pos_header = memsearch(code, "NCSD", 0x218, 4);
+    getEmunand(&emuOffset, &emuHeader);
     if (pos_offset && pos_header) {
         *pos_offset = emuOffset;
         *pos_header = emuHeader;
     }
-    
+
     //Add emunand hooks
     memcpy((u8*)emuHook(1), nandRedir, sizeof(nandRedir));
     memcpy((u8*)emuHook(2), nandRedir, sizeof(nandRedir));
@@ -48,7 +48,7 @@ void patchFirm(){
     
     //Part1: Set MPU for payload area
     memcpy((u8*)mpuCode(), mpu, sizeof(mpu));
-    
+
     //Part2: Disable signature checks
     memcpy((u8*)sigPatch(1), sigPat1, sizeof(sigPat1));
     memcpy((u8*)sigPatch(2), sigPat2, sizeof(sigPat2));

source/patches.c

@@ -8,8 +8,8 @@
 
 #define FIRM 0x24000000
 
-#define KERNEL9 (FIRM + 0x68000)
-#define PROC9 (FIRM + 0x7ED00)
+#define KERNEL9 (FIRM + 0x68400)
+#define PROC9 (FIRM + 0x7F100)
 
 #define K9_ADDR 0x08006000
 #define P9_ADDR 0x08028000
@@ -27,7 +27,7 @@ u8 mpu[0x2C] = {    //MPU shit
     0x01, 0x01, 0x01, 0x01, 0x03, 0x06, 0x1C, 0x00, 0x00, 0x00, 0x02, 0x08
     };
        
-u8 nandRedir[0x08] = {0x00, 0x4C, 0xA0, 0x47, 0xC0, 0xA4, 0x01, 0x08};    //Branch to emunand function
+u8 nandRedir[0x08] = {0x00, 0x4C, 0xA0, 0x47, 0xC0, 0xA5, 0x01, 0x08};    //Branch to emunand function
 
 /*
 *   Sig checks
@@ -38,8 +38,8 @@ u8 sigPat2[4] = {0x00, 0x20, 0x70, 0x47};
 /*
 *   Arm9 thread
 */
-u8 th1[4] = {0x2C, 0xF0, 0x9F, 0xE5};   //ldr pc, =0x0801A6E0
-u8 th2[4] = {0xE0, 0xA6, 0x01, 0x08};   //0x0801A6E0
+u8 th1[4] = {0x2C, 0xF0, 0x9F, 0xE5};   //ldr pc, =0x0801A7E0
+u8 th2[4] = {0xE0, 0xA7, 0x01, 0x08};   //0x0801A7E0
 
 
 
@@ -49,12 +49,12 @@ u8 th2[4] = {0xE0, 0xA6, 0x01, 0x08};   //0x0801A6E0
 
 //Where the emunand code is stored in firm
 u32 emuCode(void){
-    return KERNEL9 + (0x0801A4C0 - K9_ADDR);
+    return KERNEL9 + (0x0801A5C0 - K9_ADDR);
 }
 
 //Where thread code is stored in firm
 u32 threadCode(void){
-    return KERNEL9 + (0x0801A6E0 - K9_ADDR);
+    return KERNEL9 + (0x0801A7E0 - K9_ADDR);
 }
 
 //Area of MPU setting code
@@ -65,20 +65,20 @@ u32 mpuCode(void){
 //Offsets to redirect to thread code
 u32 threadHook(u8 val){
     return val == 1 ? 
-            PROC9 + (0x08086140 - P9_ADDR): 
-            PROC9 + (0x08086174 - P9_ADDR);
+            PROC9 + (0x08085198 - P9_ADDR): 
+            PROC9 + (0x080851CC - P9_ADDR);
 }
 
 //Offsets to redirect to Emunand code
 u32 emuHook(u8 val){ //latest only
     return val == 1 ? 
-            PROC9 + (0x0807882C - P9_ADDR): 
-            PROC9 + (0x0807886C - P9_ADDR);
+            PROC9 + (0x08077B40 - P9_ADDR): 
+            PROC9 + (0x08077B80 - P9_ADDR);
 }
 
 //Offsets to redirect to thread code
 u32 sigPatch(u8 val){
     return val == 1 ?
-            PROC9 + (0x080632B8 - P9_ADDR) :
-            PROC9 + (0x0805D628 - P9_ADDR);
+            PROC9 + (0x08062B08 - P9_ADDR) :
+            PROC9 + (0x0805C31C - P9_ADDR);
 }