Fix fs patch to work on old FIRMs
This commit is contained in:
parent
a795a45c34
commit
3b7b66b272
@ -35,16 +35,18 @@
|
|||||||
; Register contents:
|
; Register contents:
|
||||||
; r4: Pointer to a pointer to the exheader of the current NCCH
|
; r4: Pointer to a pointer to the exheader of the current NCCH
|
||||||
; r6: Constant 0
|
; r6: Constant 0
|
||||||
; SP + 0x80 - 0x7C: Pointer to the memory location where the NCCH text was loaded
|
; SP + 4: Pointer to the memory location where the NCCH text was loaded
|
||||||
|
|
||||||
|
; Execute the instruction we overwrote in our detour
|
||||||
|
ldr r0, [r4]
|
||||||
|
|
||||||
; Save the value of the register we use
|
; Save the value of the register we use
|
||||||
push {r1-r4}
|
push {r0-r4}
|
||||||
|
|
||||||
ldr r0, [sp, #20] ; Load the .text address
|
ldr r1, [sp, #24] ; Load the .text address
|
||||||
ldr r1, [r4]
|
ldr r2, [r0, #0x200] ; Load the low title id of the current NCCH
|
||||||
ldr r2, [r1, #0x200] ; Load the low title id of the current NCCH
|
ldr r0, [r0, #0x18] ; Load the size of the .text
|
||||||
ldr r1, [r1, #0x18] ; Load the size of the .text
|
add r0, r1, r0 ; Max bounds of the memory region
|
||||||
add r1, r0, r1 ; Max bounds of the memory region
|
|
||||||
|
|
||||||
ldr r3, =0x1002 ; Low title id of the sm module
|
ldr r3, =0x1002 ; Low title id of the sm module
|
||||||
cmp r2, r3 ; Compare the low title id to the id of the sm module
|
cmp r2, r3 ; Compare the low title id to the id of the sm module
|
||||||
@ -53,48 +55,50 @@
|
|||||||
ldr r2, =0xE1A01006 ; mov r1, r6
|
ldr r2, =0xE1A01006 ; mov r1, r6
|
||||||
|
|
||||||
loop:
|
loop:
|
||||||
cmp r1, r0
|
cmp r0, r1
|
||||||
blo out ; Check if we didn't go past the bounds of the memory region
|
blo die ; Check if we didn't go past the bounds of the memory region
|
||||||
ldr r3, [r0]
|
ldr r3, [r1]
|
||||||
cmp r3, r2
|
cmp r3, r2
|
||||||
ldreqh r3, [r0, #4]
|
ldreqh r3, [r1, #4]
|
||||||
cmpeq r3, #5
|
cmpeq r3, #5
|
||||||
addne r0, #4
|
addne r1, #4
|
||||||
bne loop
|
bne loop
|
||||||
|
|
||||||
; r0 now contains the start address of the pattern we found
|
; r1 now contains the start address of the pattern we found
|
||||||
ldr r1, =0xE3A00001 ; mov r0, #1
|
ldr r0, =0xE3A00001 ; mov r0, #1
|
||||||
str r1, [r0, #8] ; Patch the bl
|
str r0, [r1, #8] ; Patch the bl
|
||||||
b out
|
b out
|
||||||
|
|
||||||
fs_patch: ; patch adapted from BootNTR
|
fs_patch: ; patch adapted from BootNTR
|
||||||
ldr r3, =0x1102 ; Low title id of the fs module
|
ldr r3, =0x1102 ; Low title id of the fs module
|
||||||
cmp r2, r3 ; Compare the low title id to the id of the sm module
|
cmp r2, r3 ; Compare the low title id to the id of the sm module
|
||||||
bne out ; Skip if they're not the same
|
bne out ; Skip if they're not the same
|
||||||
ldr r2, =0x4618 ; mov r0, r3
|
ldr r2, =0x7401 ; strb r1, [r0, #16]
|
||||||
ldr r3, =0x3481 ; add r4, #0x81
|
ldr r3, =0x2000 ; movs r0, #0
|
||||||
|
|
||||||
loop_fs:
|
loop_fs:
|
||||||
cmp r1, r0
|
cmp r0, r1
|
||||||
blo out
|
blo die
|
||||||
ldrh r4, [r0]
|
ldrh r4, [r1]
|
||||||
cmp r4, r2
|
cmp r4, r2
|
||||||
ldreqh r4, [r0, #2]
|
ldreqh r4, [r1, #2]
|
||||||
cmpeq r4, r3
|
cmpeq r4, r3
|
||||||
subeq r0, #8
|
addeq r1, #8
|
||||||
addne r0, #2
|
addne r1, #2
|
||||||
bne loop_fs
|
bne loop_fs
|
||||||
|
|
||||||
; r0 now contains the start address of the pattern we found
|
; r1 now contains the start address of the pattern we found
|
||||||
ldr r1, =0x2001 ; mov r0, #1
|
ldr r0, =0x2001 ; mov r0, #1
|
||||||
ldr r2, =0x4770 ; bx lr
|
ldr r2, =0x4770 ; bx lr
|
||||||
strh r1, [r0]
|
strh r0, [r1]
|
||||||
strh r2, [r0, #2]
|
strh r2, [r1, #2]
|
||||||
|
|
||||||
out:
|
out:
|
||||||
pop {r1-r4} ; Restore the registers we used
|
pop {r0-r4} ; Restore the registers we used
|
||||||
ldr r0, [r4] ; Execute the instruction we overwrote in our detour
|
|
||||||
bx lr ; Jump back to whoever called us
|
bx lr ; Jump back to whoever called us
|
||||||
|
|
||||||
|
die:
|
||||||
|
b die
|
||||||
|
|
||||||
.pool
|
.pool
|
||||||
.close
|
.close
|
Reference in New Issue
Block a user