Merge branch 'master' into developer

Conflicts:
	Makefile
	source/firm.c
	source/patches.c

source/firm.c

@@ -44,7 +44,7 @@ static const firmSectionHeader *section;
 u32 config,
     emuOffset;
 
-bool isN3DS, isDevUnit;
+bool isN3DS, isDevUnit, isFirmlaunch;
 
 FirmwareSource firmSource;
 
@@ -101,7 +101,7 @@ void main(void)
 
         isFirmlaunch = false;
         firmType = NATIVE_FIRM;
-        
+
         //Determine if booting with A9LH
         isA9lh = !PDN_SPI_CNT;
 
@@ -226,7 +226,7 @@ void main(void)
     }
 
     u32 firmVersion = loadFirm(firmType);
-    
+
     switch(firmType)
     {
         case NATIVE_FIRM:
@@ -241,7 +241,7 @@ void main(void)
             break;
     }
 
-    launchFirm(firmType, isFirmlaunch);
+    launchFirm(firmType);
 }
 
 static inline u32 loadFirm(FirmwareType firmType)
@@ -346,7 +346,7 @@ static inline void patchNativeFirm(u32 firmVersion, FirmwareSource nandType, u32
         patchP9AccessChecks(process9Offset, process9Size);
     }
 
-    implementSvcGetCFWInfo((u8 *)firm + section[1].offset, section[1].size);
+    implementSvcGetCFWInfo(arm11Section1, section[1].size);
 }
 
 static inline void patchLegacyFirm(FirmwareType firmType)
@@ -372,8 +372,9 @@ static inline void patchLegacyFirm(FirmwareType firmType)
     }
 
     applyLegacyFirmPatches((u8 *)firm, firmType);
-    fileWrite(arm9Section, "/luma/twl_arm9sec.bin", section[3].size);
 
+    if(firmType == TWL_FIRM)
+        patchTwlBg((u8 *)firm + section[1].offset);
 }
 
 static inline void patchSafeFirm(void)
@@ -414,7 +415,7 @@ static inline void copySection0AndInjectSystemModules(FirmwareType firmType)
     u8 *pos = arm11Section0, *end = pos + section[0].size;
     u32 n = 0;
 
-    u32 loaderIndex = 0, twlBgIndex = 0;
+    u32 loaderIndex = 0;
     
     while(pos < end)
     {
@@ -438,35 +439,20 @@ static inline void copySection0AndInjectSystemModules(FirmwareType firmType)
         }
 
         if(firmType == NATIVE_FIRM && memcmp(modules[n].name, "loader", 7) == 0) loaderIndex = n;
-        else if(firmType == TWL_FIRM && memcmp(modules[n].name, "TwlBg", 6) == 0) twlBgIndex = n;
 
         n++;
     }
 
-    u32 twlBgSize = 0;
-
     if(firmType == NATIVE_FIRM && modules[loaderIndex].addr != NULL)
     {
         modules[loaderIndex].size = injector_size;
         modules[loaderIndex].addr = injector;
     }
 
-    else if(firmType == TWL_FIRM)
-    {
-        twlBgSize = getFileSize("/luma/TwlBg.cxi");
-        if(twlBgSize != 0)
-        {
-            modules[twlBgIndex].size = twlBgSize;
-            modules[twlBgIndex].addr = NULL;
-        } 
-    }
-
     pos = section[0].address;
     for(u32 i = 0; i < n; i++)
     {
-        if(firmType == TWL_FIRM && i == twlBgIndex && twlBgSize != 0)
-            fileRead(pos, "/luma/TwlBg.cxi");
-        else if(modules[i].addr != NULL)
+        if(modules[i].addr != NULL)
             memcpy(pos, modules[i].addr, modules[i].size);
         else
         {
@@ -482,7 +468,7 @@ static inline void copySection0AndInjectSystemModules(FirmwareType firmType)
     }
 }
 
-static inline void launchFirm(FirmwareType firmType, bool isFirmlaunch)
+static inline void launchFirm(FirmwareType firmType)
 {
     //If we're booting NATIVE_FIRM, section0 needs to be copied separately to inject 3ds_injector
     u32 sectionNum;

source/firm.h

@@ -24,11 +24,6 @@
 
 #include "types.h"
 
-#define PDN_MPCORE_CFG (*(vu32 *)0x10140FFC)
-#define PDN_SPI_CNT    (*(vu32 *)0x101401C0)
-#define CFG_BOOTENV    (*(vu32 *)0x10010000)
-#define CFG_UNITINFO   (*(vu8 *)0x10010010)
-
 //FIRM Header layout
 typedef struct firmSectionHeader {
     u32 offset;
@@ -59,4 +54,4 @@ static inline void patchNativeFirm(u32 firmVersion, FirmwareSource nandType, u32
 static inline void patchLegacyFirm(FirmwareType firmType);
 static inline void patchSafeFirm(void);
 static inline void copySection0AndInjectSystemModules(FirmwareType firmType);
-static inline void launchFirm(FirmwareType firmType, bool isFirmlaunch);
+static inline void launchFirm(FirmwareType firmType);

source/patches.c

@@ -26,6 +26,7 @@
 #include "../build/rebootpatch.h"
 #include "../build/svcGetCFWInfopatch.h"
 #include "../build/k11modulespatch.h"
+#include "../build/twl_k11modulespatch.h"
 
 static u32 *arm11ExceptionsPage = NULL;
 static u32 *arm11SvcTable = NULL;
@@ -302,7 +303,7 @@ void patchUnitInfoValueSet(u8 *pos, u32 size)
 
     u8 *off = memsearch(pos, pattern, size, 4);
 
-    off[0] = (*(vu8 *)0x10010010 == 0) ? 1 : 0;
+    off[0] = (CFG_UNITINFO == 0) ? 1 : 0;
     off[3] = 0xE3;
 }
 
@@ -428,3 +429,21 @@ void applyLegacyFirmPatches(u8 *pos, FirmwareType firmType)
         }
     }
 }
+
+void patchTwlBg(u8 *pos)
+{
+    u8 *dst = pos + ((isN3DS) ?  0xFEA4 : 0xFCA0);
+    u16 *src1 = (u16 *)(pos + ((isN3DS) ? 0xE38 : 0xE3C)), *src2 = (u16 *)(pos + ((isN3DS) ? 0xE54 : 0xE58));
+    memcpy(dst, twl_k11modules, twl_k11modules_size); //install k11 hook
+    
+    u32 *off;
+    for(off = (u32 *)dst; *off != 0xABCDABCD; off++);
+    *off = (isN3DS) ? 0xCDE88 : 0xCD5F8; //dev SRL launcher offset
+    
+    //Construct BLX instructions:
+    src1[0] = 0xF000 | ((((u32)dst - (u32)src1 - 4) & (0xFFF << 11)) >> 12);
+    src1[1] = 0xE800 | ((((u32)dst - (u32)src1 - 4) & 0xFFF) >> 1);
+
+    src2[0] = 0xF000 | ((((u32)dst - (u32)src2 - 4) & (0xFFF << 11)) >> 12);
+    src2[1] = 0xE800 | ((((u32)dst - (u32)src2 - 4) & 0xFFF) >> 1);
+}

source/patches.h

@@ -53,4 +53,5 @@ void patchP9AccessChecks(u8 *pos, u32 size);
 void patchUnitInfoValueSet(u8 *pos, u32 size);
 void reimplementSvcBackdoor(u8 *pos, u32 size);
 void implementSvcGetCFWInfo(u8 *pos, u32 size);
-void applyLegacyFirmPatches(u8 *pos, FirmwareType firmType);
+void applyLegacyFirmPatches(u8 *pos, FirmwareType firmType);
+void patchTwlBg(u8 *pos);

source/screen.h

@@ -29,7 +29,6 @@
 
 #include "types.h"
 
-#define PDN_GPU_CNT         (*(vu8 *)0x10141200)
 #define ARM11_STUB_ADDRESS  (0x25000000 - 0x30) //It's currently only 0x28 bytes large. We're putting 0x30 just to be sure here
 #define WAIT_FOR_ARM9()     *arm11Entry = 0; while(!*arm11Entry); ((void (*)())*arm11Entry)();
 

source/types.h

@@ -26,6 +26,13 @@
 #include <stdlib.h>
 #include <stdbool.h>
 
+#define CFG_BOOTENV    (*(vu32 *)0x10010000)
+#define CFG_UNITINFO   (*(vu8  *)0x10010010)
+
+#define PDN_MPCORE_CFG (*(vu32 *)0x10140FFC)
+#define PDN_SPI_CNT    (*(vu32 *)0x101401C0)
+#define PDN_GPU_CNT    (*(vu8  *)0x10141200)
+
 //Common data types
 typedef uint8_t u8;
 typedef uint16_t u16;

source/utils.c

@@ -27,6 +27,8 @@
 #include "draw.h"
 #include "cache.h"
 
+extern bool isFirmlaunch;
+
 u32 waitInput(void)
 {
     u32 pressedKey = 0,
@@ -56,7 +58,7 @@ u32 waitInput(void)
 
 void mcuReboot(void)
 {
-    if(PDN_GPU_CNT != 1) clearScreens();
+    if(!isFirmlaunch && PDN_GPU_CNT != 1) clearScreens();
 
     flushEntireDCache(); //Ensure that all memory transfers have completed and that the data cache has been flushed
 
@@ -66,7 +68,7 @@ void mcuReboot(void)
 
 void mcuPowerOff(void)
 {
-    if(PDN_GPU_CNT != 1) clearScreens();
+    if(!isFirmlaunch && PDN_GPU_CNT != 1) clearScreens();
 
     flushEntireDCache(); //Ensure that all memory transfers have completed and that the data cache has been flushed