ARM => Arm
This commit is contained in:
TuxSH
@@ -33,7 +33,7 @@
|
||||
The data cache and/or the instruction cache MUST be flushed before doing one of the following:
|
||||
- rebooting
|
||||
- powering down
|
||||
- setting the ARM11 entrypoint to execute a function
|
||||
- setting the Arm11 entrypoint to execute a function
|
||||
- jumping to a payload
|
||||
***/
|
||||
|
||||
|
||||
@@ -31,7 +31,7 @@
|
||||
flushEntireDCache:
|
||||
@ Adapted from http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.ddi0155a/ch03s03s05.html,
|
||||
@ and https://github.com/gemarcano/libctr9_io/blob/master/src/ctr_system_ARM.c#L39 as well
|
||||
@ Note: ARM's example is actually for a 8KB DCache (which is what the 3DS has)
|
||||
@ Note: Arm's example is actually for a 8KB DCache (which is what the 3DS has)
|
||||
|
||||
@ Implemented in bootROM at address 0xffff0830
|
||||
mov r1, #0 @ segment counter
|
||||
|
||||
@@ -94,7 +94,7 @@ void configMenu(bool oldPinStatus, u32 oldPinMode)
|
||||
"( ) Show NAND or user string in System Settings",
|
||||
"( ) Show GBA boot screen in patched AGB_FIRM",
|
||||
"( ) Set developer UNITINFO",
|
||||
"( ) Disable ARM11 exception handlers",
|
||||
"( ) Disable Arm11 exception handlers",
|
||||
};
|
||||
|
||||
static const char *optionsDescription[] = { "Select the default EmuNAND.\n\n"
|
||||
@@ -189,7 +189,7 @@ void configMenu(bool oldPinStatus, u32 oldPinMode)
|
||||
"are doing!",
|
||||
|
||||
"Disables the fatal error exception\n"
|
||||
"handlers for the ARM11 CPU.\n\n"
|
||||
"handlers for the Arm11 CPU.\n\n"
|
||||
"Note: Disabling the exception handlers\n"
|
||||
"will disqualify you from submitting\n"
|
||||
"issues or bug reports to the Luma3DS\n"
|
||||
|
||||
@@ -599,11 +599,11 @@ void kernel9Loader(Arm9Bin *arm9Section)
|
||||
__attribute__((aligned(4))) u8 arm9BinCtr[AES_BLOCK_SIZE];
|
||||
memcpy(arm9BinCtr, arm9Section->ctr, sizeof(arm9BinCtr));
|
||||
|
||||
//Decrypt ARM9 binary
|
||||
//Decrypt Arm9 binary
|
||||
aes_use_keyslot(arm9BinSlot);
|
||||
aes(startOfArm9Bin, startOfArm9Bin, arm9SectionSize / AES_BLOCK_SIZE, arm9BinCtr, AES_CTR_MODE, AES_INPUT_BE | AES_INPUT_NORMAL);
|
||||
|
||||
if(*startOfArm9Bin != 0x47704770 && *startOfArm9Bin != 0xB0862000) error("Failed to decrypt the ARM9 binary.");
|
||||
if(*startOfArm9Bin != 0x47704770 && *startOfArm9Bin != 0xB0862000) error("Failed to decrypt the Arm9 binary.");
|
||||
}
|
||||
|
||||
void computePinHash(u8 *outbuf, const u8 *inbuf)
|
||||
@@ -612,7 +612,7 @@ void computePinHash(u8 *outbuf, const u8 *inbuf)
|
||||
cipherText[AES_BLOCK_SIZE];
|
||||
|
||||
sdmmc_get_cid(1, (u32 *)cid);
|
||||
aes_use_keyslot(0x04); //Console-unique keyslot whose keys are set by the ARM9 bootROM
|
||||
aes_use_keyslot(0x04); //Console-unique keyslot whose keys are set by the Arm9 bootROM
|
||||
aes(cipherText, inbuf, 1, cid, AES_CBC_ENCRYPT_MODE, AES_INPUT_BE | AES_INPUT_NORMAL);
|
||||
sha(outbuf, cipherText, sizeof(cipherText), SHA_256_MODE);
|
||||
}
|
||||
|
||||
@@ -85,8 +85,8 @@ void detectAndProcessExceptionDumps(void)
|
||||
|
||||
drawString(true, 10, 10, COLOR_RED, "An exception occurred");
|
||||
u32 posY;
|
||||
if(dumpHeader->processor == 11) posY = drawFormattedString(true, 10, 30, COLOR_WHITE, "Processor: ARM11 (core %u)", dumpHeader->core);
|
||||
else posY = drawString(true, 10, 30, COLOR_WHITE, "Processor: ARM9");
|
||||
if(dumpHeader->processor == 11) posY = drawFormattedString(true, 10, 30, COLOR_WHITE, "Processor: Arm11 (core %u)", dumpHeader->core);
|
||||
else posY = drawString(true, 10, 30, COLOR_WHITE, "Processor: Arm9");
|
||||
|
||||
if(dumpHeader->type == 2)
|
||||
{
|
||||
|
||||
@@ -58,7 +58,7 @@ static __attribute__((noinline)) bool inRange(u32 as, u32 ae, u32 bs, u32 be)
|
||||
|
||||
static bool checkFirm(u32 firmSize)
|
||||
{
|
||||
if(memcmp(firm->magic, "FIRM", 4) != 0 || firm->arm9Entry == NULL) //Allow for the ARM11 entrypoint to be zero in which case nothing is done on the ARM11 side
|
||||
if(memcmp(firm->magic, "FIRM", 4) != 0 || firm->arm9Entry == NULL) //Allow for the Arm11 entrypoint to be zero in which case nothing is done on the Arm11 side
|
||||
return false;
|
||||
|
||||
bool arm9EpFound = false,
|
||||
@@ -184,7 +184,7 @@ u32 loadNintendoFirm(FirmwareType *firmType, FirmwareSource nandType, bool loadF
|
||||
else if(ctrNandError) error("Unable to mount CTRNAND or load the CTRNAND FIRM.\nPlease use an external one.");
|
||||
}
|
||||
|
||||
//Check that the FIRM is right for the console from the ARM9 section address
|
||||
//Check that the FIRM is right for the console from the Arm9 section address
|
||||
if((firm->section[3].offset != 0 ? firm->section[3].address : firm->section[2].address) != (ISN3DS ? (u8 *)0x8006000 : (u8 *)0x8006800))
|
||||
error("The %s FIRM is not for this console.", loadedFromStorage ? "external" : "CTRNAND");
|
||||
|
||||
@@ -350,7 +350,7 @@ u32 patchNativeFirm(u32 firmVersion, FirmwareSource nandType, bool loadFromStora
|
||||
|
||||
if(ISN3DS)
|
||||
{
|
||||
//Decrypt ARM9Bin and patch ARM9 entrypoint to skip kernel9loader
|
||||
//Decrypt Arm9Bin and patch Arm9 entrypoint to skip kernel9loader
|
||||
kernel9Loader((Arm9Bin *)arm9Section);
|
||||
firm->arm9Entry = (u8 *)0x801B01C;
|
||||
}
|
||||
@@ -409,7 +409,7 @@ u32 patchNativeFirm(u32 firmVersion, FirmwareSource nandType, bool loadFromStora
|
||||
if(!ISDEVUNIT) ret += patchCheckForDevCommonKey(process9Offset, process9Size);
|
||||
}
|
||||
|
||||
//ARM9 exception handlers
|
||||
//Arm9 exception handlers
|
||||
ret += patchArm9ExceptionHandlersInstall(arm9Section, kernel9Size);
|
||||
ret += patchSvcBreak9(arm9Section, kernel9Size, (u32)firm->section[2].address);
|
||||
ret += patchKernel9Panic(arm9Section, kernel9Size);
|
||||
@@ -426,7 +426,7 @@ u32 patchTwlFirm(u32 firmVersion, bool loadFromStorage, bool doUnitinfoPatch)
|
||||
{
|
||||
u8 *arm9Section = (u8 *)firm + firm->section[3].offset;
|
||||
|
||||
//On N3DS, decrypt ARM9Bin and patch ARM9 entrypoint to skip kernel9loader
|
||||
//On N3DS, decrypt Arm9Bin and patch Arm9 entrypoint to skip kernel9loader
|
||||
if(ISN3DS)
|
||||
{
|
||||
kernel9Loader((Arm9Bin *)arm9Section);
|
||||
@@ -465,7 +465,7 @@ u32 patchAgbFirm(bool loadFromStorage, bool doUnitinfoPatch)
|
||||
{
|
||||
u8 *arm9Section = (u8 *)firm + firm->section[3].offset;
|
||||
|
||||
//On N3DS, decrypt ARM9Bin and patch ARM9 entrypoint to skip kernel9loader
|
||||
//On N3DS, decrypt Arm9Bin and patch Arm9 entrypoint to skip kernel9loader
|
||||
if(ISN3DS)
|
||||
{
|
||||
kernel9Loader((Arm9Bin *)arm9Section);
|
||||
@@ -501,7 +501,7 @@ u32 patch1x2xNativeAndSafeFirm(void)
|
||||
|
||||
if(ISN3DS)
|
||||
{
|
||||
//Decrypt ARM9Bin and patch ARM9 entrypoint to skip kernel9loader
|
||||
//Decrypt Arm9Bin and patch Arm9 entrypoint to skip kernel9loader
|
||||
kernel9Loader((Arm9Bin *)arm9Section);
|
||||
firm->arm9Entry = (u8 *)0x801B01C;
|
||||
}
|
||||
@@ -518,7 +518,7 @@ u32 patch1x2xNativeAndSafeFirm(void)
|
||||
|
||||
ret += ISN3DS ? patchSignatureChecks(process9Offset, process9Size) : patchOldSignatureChecks(process9Offset, process9Size);
|
||||
|
||||
//ARM9 exception handlers
|
||||
//Arm9 exception handlers
|
||||
ret += patchArm9ExceptionHandlersInstall(arm9Section, kernel9Size);
|
||||
ret += patchSvcBreak9(arm9Section, kernel9Size, (u32)firm->section[2].address);
|
||||
|
||||
|
||||
@@ -79,8 +79,8 @@ u32 *getKernel11Info(u8 *pos, u32 size, u32 *baseK11VA, u8 **freeK11Space, u32 *
|
||||
return arm11SvcTable;
|
||||
}
|
||||
|
||||
// For ARM prologs in the form of: push {regs} ... sub sp, #off (this obviously doesn't intend to cover all cases)
|
||||
static inline u32 computeARMFrameSize(const u32 *prolog)
|
||||
// For Arm prologs in the form of: push {regs} ... sub sp, #off (this obviously doesn't intend to cover all cases)
|
||||
static inline u32 computeArmFrameSize(const u32 *prolog)
|
||||
{
|
||||
const u32 *off;
|
||||
|
||||
@@ -230,7 +230,7 @@ u32 patchKernel11(u8 *pos, u32 size, u32 baseK11VA, u32 *arm11SvcTable, u32 *arm
|
||||
*/
|
||||
for(off = (u32 *)ControlMemoryPos; (off[0] & 0xFFF0FFFF) != 0xE3500001 || (off[1] & 0xFFFF0FFF) != 0x13A00000; off++);
|
||||
off -= 2;
|
||||
*off = 0xE59D0000 | (*off & 0x0000F000) | (8 + computeARMFrameSize((u32 *)ControlMemoryPos)); // ldr r0, [sp, #(frameSize + 8)]
|
||||
*off = 0xE59D0000 | (*off & 0x0000F000) | (8 + computeArmFrameSize((u32 *)ControlMemoryPos)); // ldr r0, [sp, #(frameSize + 8)]
|
||||
|
||||
//Patch DebugActiveProcess
|
||||
for(off = (u32 *)(pos + (arm11SvcTable[0x60] - baseK11VA)); *off != 0xE3110001; off++);
|
||||
@@ -312,7 +312,7 @@ u32 patchFirmlaunches(u8 *pos, u32 size, u32 process9MemAddr)
|
||||
|
||||
off -= 0x13;
|
||||
|
||||
//Firmlaunch function offset - offset in BLX opcode (A4-16 - ARM DDI 0100E) + 1
|
||||
//Firmlaunch function offset - offset in BLX opcode (A4-16 - Arm DDI 0100E) + 1
|
||||
u32 fOpenOffset = (u32)(off + 9 - (-((*(u32 *)off & 0x00FFFFFF) << 2) & (0xFFFFFF << 2)) - pos + process9MemAddr);
|
||||
|
||||
//Put the fOpen offset in the right location
|
||||
|
||||
@@ -77,7 +77,7 @@ _start:
|
||||
ldr r1, =0xFFF0001B @ fff00000 16k | dtcm
|
||||
ldr r2, =0x01FF801D @ 01ff8000 32k | itcm
|
||||
ldr r3, =0x08000027 @ 08000000 1M | arm9 mem
|
||||
ldr r4, =0x10000029 @ 10000000 2M | io mem (ARM9 / first 2MB)
|
||||
ldr r4, =0x10000029 @ 10000000 2M | io mem (Arm9 / first 2MB)
|
||||
ldr r5, =0x20000035 @ 20000000 128M | fcram
|
||||
ldr r6, =0x1FF00027 @ 1FF00000 1M | dsp / axi wram
|
||||
ldr r7, =0x1800002D @ 18000000 8M | vram (+ 2MB)
|
||||
@@ -153,11 +153,11 @@ disableMpuAndJumpToEntrypoints:
|
||||
bic r0, #(1<<0) @ - MPU disable
|
||||
mcr p15, 0, r0, c1, c0, 0 @ write control register
|
||||
|
||||
@ Set the ARM11 entrypoint
|
||||
@ Set the Arm11 entrypoint
|
||||
mov r0, #0x20000000
|
||||
str r7, [r0, #-4]
|
||||
|
||||
@ Jump to the ARM9 entrypoint
|
||||
@ Jump to the Arm9 entrypoint
|
||||
mov r0, r4
|
||||
mov r1, r5
|
||||
ldr r2, =0x3BEEF
|
||||
|
||||
Reference in New Issue
Block a user