diff --git a/source/emunand.c b/source/emunand.c index 89a07bb..235117a 100644 --- a/source/emunand.c +++ b/source/emunand.c @@ -100,7 +100,7 @@ static inline u32 getFreeK9Space(u8 *pos, u32 size, u8 **freeK9Space) const u8 pattern[] = {0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0x00}; //Looking for the last free space before Process9 - *freeK9Space = memsearch(pos + 0x13500, pattern, size - 0x13500, sizeof(pattern)) + 0x455; + *freeK9Space = memsearch(pos, pattern, size, sizeof(pattern)) + 0x455; return *freeK9Space == NULL ? 1 : 0; } @@ -177,7 +177,7 @@ u32 patchEmuNand(u8 *arm9Section, u32 arm9SectionSize, u8 *process9Offset, u32 p //Copy EmuNAND code u8 *freeK9Space; - ret += getFreeK9Space(arm9Section, arm9SectionSize, &freeK9Space); + ret += getFreeK9Space(arm9Section + 0x13500, arm9SectionSize - 0x13500, &freeK9Space); if(!ret) { memcpy(freeK9Space, emunand_bin, emunand_bin_size); @@ -198,7 +198,7 @@ u32 patchEmuNand(u8 *arm9Section, u32 arm9SectionSize, u8 *process9Offset, u32 p ret += patchNandRw(process9Offset, process9Size, (u32)(freeK9Space - arm9Section + kernel9Address)); //Set MPU - ret += patchMpu(arm9Section, arm9SectionSize); + ret += patchMpu(arm9Section + 0x13500, arm9SectionSize - 0x13500); } return ret; diff --git a/source/exceptions.c b/source/exceptions.c index bd097d1..7f7a809 100644 --- a/source/exceptions.c +++ b/source/exceptions.c @@ -56,16 +56,17 @@ u32 installArm11Handlers(u32 *exceptionsPage, u32 stackAddress, u32 codeSetOffse u32 *mcuReboot; for(mcuReboot = exceptionsPage; mcuReboot < exceptionsPage + 0x400 && (mcuReboot[0] != 0xE59F4104 || mcuReboot[1] != 0xE3A0A0C2); mcuReboot++); - u32 ret = (initFPU == exceptionsPage + 0x400 || freeSpace == exceptionsPage + 0x400 || mcuReboot == exceptionsPage + 0x400) ? 1 : 0; + u32 ret = (initFPU == exceptionsPage + 0x400 || freeSpace == exceptionsPage + 0x400 || + mcuReboot == exceptionsPage + 0x400 || *(u32 *)((u8 *)freeSpace + arm11_exceptions_bin_size - 36) != 0xFFFFFFFF) ? 1 : 0; mcuReboot--; memcpy(freeSpace, arm11_exceptions_bin + 32, arm11_exceptions_bin_size - 32); - exceptionsPage[1] = MAKE_BRANCH(exceptionsPage + 1, (u8 *)freeSpace + *(u32 *)(arm11_exceptions_bin + 8) - 32); //Undefined Instruction - exceptionsPage[3] = MAKE_BRANCH(exceptionsPage + 3, (u8 *)freeSpace + *(u32 *)(arm11_exceptions_bin + 12) - 32); //Prefetch Abort - exceptionsPage[4] = MAKE_BRANCH(exceptionsPage + 4, (u8 *)freeSpace + *(u32 *)(arm11_exceptions_bin + 16) - 32); //Data Abort - exceptionsPage[7] = MAKE_BRANCH(exceptionsPage + 7, (u8 *)freeSpace + *(u32 *)(arm11_exceptions_bin + 4) - 32); //FIQ + exceptionsPage[1] = MAKE_BRANCH(exceptionsPage + 1, (u8 *)freeSpace + *(u32 *)(arm11_exceptions_bin + 8) - 32); //Undefined Instruction + exceptionsPage[3] = MAKE_BRANCH(exceptionsPage + 3, (u8 *)freeSpace + *(u32 *)(arm11_exceptions_bin + 12) - 32); //Prefetch Abort + exceptionsPage[4] = MAKE_BRANCH(exceptionsPage + 4, (u8 *)freeSpace + *(u32 *)(arm11_exceptions_bin + 16) - 32); //Data Abort + exceptionsPage[7] = MAKE_BRANCH(exceptionsPage + 7, (u8 *)freeSpace + *(u32 *)(arm11_exceptions_bin + 4) - 32); //FIQ for(u32 *pos = freeSpace; pos < (u32 *)((u8 *)freeSpace + arm11_exceptions_bin_size - 32); pos++) { diff --git a/source/patches.c b/source/patches.c index 15ebf75..408be22 100644 --- a/source/patches.c +++ b/source/patches.c @@ -227,7 +227,7 @@ u32 reimplementSvcBackdoor(u8 *pos, u32 *arm11SvcTable, u32 baseK11VA, u8 **free memcpy(*freeK11Space, svcBackdoor, sizeof(svcBackdoor)); arm11SvcTable[0x7B] = baseK11VA + *freeK11Space - pos; - *freeK11Space += 40; + *freeK11Space += sizeof(svcBackdoor); } } @@ -507,7 +507,7 @@ u32 patchK11ModuleChecks(u8 *pos, u32 size, u8 **freeK11Space) u32 patchUnitInfoValueSet(u8 *pos, u32 size) { //Look for UNITINFO value being set during kernel sync - const u8 pattern[] = {0x01, 0x10, 0xA0, 0x13}; + const u8 pattern[] = {0xA0, 0x13, 0x01, 0x10}; u32 ret; u8 *off = memsearch(pos, pattern, size, sizeof(pattern)); @@ -515,6 +515,8 @@ u32 patchUnitInfoValueSet(u8 *pos, u32 size) if(off == NULL) ret = 1; else { + off -= 2; + off[0] = ISDEVUNIT ? 0 : 1; off[3] = 0xE3;