From 4a3a3513011234370b771a0175365539a312e339 Mon Sep 17 00:00:00 2001 From: Aurora Date: Sun, 30 Oct 2016 22:40:47 +0100 Subject: [PATCH] Move loader to itcm, use unprot boot9 code for caches, use 4 bytes inside the payload for the magic --- loader/linker.ld | 2 +- loader/source/cache.h | 27 ---------------------- loader/source/cache.s | 54 ------------------------------------------- loader/source/main.c | 11 ++++----- loader/source/start.s | 13 ++++++----- source/installer.c | 10 ++++---- source/installer.h | 1 + source/start.s | 7 ++++++ 8 files changed, 26 insertions(+), 99 deletions(-) delete mode 100644 loader/source/cache.h delete mode 100644 loader/source/cache.s diff --git a/loader/linker.ld b/loader/linker.ld index 38691c6..87f8b2b 100644 --- a/loader/linker.ld +++ b/loader/linker.ld @@ -1,7 +1,7 @@ ENTRY(_start) SECTIONS { - . = 0x80F0000; + . = 0x1FF8000; .text.start : { *(.text.start) } .text : { *(.text) } .data : { *(.data) } diff --git a/loader/source/cache.h b/loader/source/cache.h deleted file mode 100644 index 8f80b43..0000000 --- a/loader/source/cache.h +++ /dev/null @@ -1,27 +0,0 @@ -/* -* This file is part of Luma3DS -* Copyright (C) 2016 Aurora Wright, TuxSH -* -* This program is free software: you can redistribute it and/or modify -* it under the terms of the GNU General Public License as published by -* the Free Software Foundation, either version 3 of the License, or -* (at your option) any later version. -* -* This program is distributed in the hope that it will be useful, -* but WITHOUT ANY WARRANTY; without even the implied warranty of -* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -* GNU General Public License for more details. -* -* You should have received a copy of the GNU General Public License -* along with this program. If not, see . -* -* Additional Terms 7.b of GPLv3 applies to this file: Requiring preservation of specified -* reasonable legal notices or author attributions in that material or in the Appropriate Legal -* Notices displayed by works containing it. -*/ - -#pragma once - -#include "types.h" - -void flushCaches(void); \ No newline at end of file diff --git a/loader/source/cache.s b/loader/source/cache.s deleted file mode 100644 index b2a8319..0000000 --- a/loader/source/cache.s +++ /dev/null @@ -1,54 +0,0 @@ -@ This file is part of Luma3DS -@ Copyright (C) 2016 Aurora Wright, TuxSH -@ -@ This program is free software: you can redistribute it and/or modify -@ it under the terms of the GNU General Public License as published by -@ the Free Software Foundation, either version 3 of the License, or -@ (at your option) any later version. -@ -@ This program is distributed in the hope that it will be useful, -@ but WITHOUT ANY WARRANTY; without even the implied warranty of -@ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -@ GNU General Public License for more details. -@ -@ You should have received a copy of the GNU General Public License -@ along with this program. If not, see . -@ -@ Additional Terms 7.b of GPLv3 applies to this file: Requiring preservation of specified -@ reasonable legal notices or author attributions in that material or in the Appropriate Legal -@ Notices displayed by works containing it. - -.text -.arm -.align 4 - -.global flushCaches -.type flushCaches, %function -flushCaches: - @ Clean and flush data cache - @ Adpated from http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.ddi0155a/ch03s03s05.html , - @ and https://github.com/gemarcano/libctr9_io/blob/master/src/ctr_system_ARM.c#L39 as well - @ Note: ARM's example is actually for a 8KB DCache (which is what the 3DS has) - @ Implemented in bootROM at address 0xffff0830 - - mov r1, #0 @ segment counter - outer_loop: - mov r0, #0 @ line counter - - inner_loop: - orr r2, r1, r0 @ generate segment and line address - mcr p15, 0, r2, c7, c14, 2 @ clean and flush the line - add r0, #0x20 @ increment to next line - cmp r0, #0x400 - bne inner_loop - - add r1, #0x40000000 - cmp r1, #0 - bne outer_loop - - mcr p15, 0, r1, c7, c10, 4 @ drain write buffer - - @ Flush instruction cache - mcr p15, 0, r1, c7, c5, 0 - - bx lr diff --git a/loader/source/main.c b/loader/source/main.c index 6c0b9a7..675b4aa 100644 --- a/loader/source/main.c +++ b/loader/source/main.c @@ -20,7 +20,6 @@ * Notices displayed by works containing it. */ -#include "cache.h" #include "memory.h" #include "../build/bundled.h" @@ -42,12 +41,12 @@ void main(void) { ownArm11(); - vu32 *magic = (vu32 *)0x25000000; - magic[0] = 0xABADCAFE; - magic[1] = 0xDEADCAFE; + vu32 *payloadAddress = (vu32 *)0x23F00000; + payloadAddress[1] = 0xDEADCAFE; //Ensure that all memory transfers have completed and that the caches have been flushed - flushCaches(); + ((void (*)())0xFFFF0830)(); + ((void (*)())0xFFFF0AB4)(); - ((void (*)())0x23F00000)(); + ((void (*)())payloadAddress)(); } \ No newline at end of file diff --git a/loader/source/start.s b/loader/source/start.s index 8b08656..45f806d 100644 --- a/loader/source/start.s +++ b/loader/source/start.s @@ -39,9 +39,6 @@ _start: bic r0, #(1<<0) @ - mpu disable mcr p15, 0, r0, c1, c0, 0 @ write control register - @ Flush caches - bl flushCaches - @ Give read/write access to all the memory regions ldr r0, =0x3333333 mcr p15, 0, r0, c5, c0, 2 @ write data access @@ -69,10 +66,14 @@ _start: mcr p15, 0, r8, c2, c0, 0 @ Data cacheable 0, 2, 4 mcr p15, 0, r8, c2, c0, 1 @ Inst cacheable 0, 2, 4 - @ Enable caches / MPU / ITCM + @ Flush caches + ldr r0, =0xFFFF0830 + blx r0 + ldr r0, =0xFFFF0AB4 + blx r0 + + @ Enable caches / MPU mrc p15, 0, r0, c1, c0, 0 @ read control register - orr r0, r0, #(1<<18) @ - ITCM enable - orr r0, r0, #(1<<13) @ - alternate exception vectors enable orr r0, r0, #(1<<12) @ - instruction cache enable orr r0, r0, #(1<<2) @ - data cache enable orr r0, r0, #(1<<0) @ - mpu enable diff --git a/source/installer.c b/source/installer.c index a5fbca5..08cb4cf 100755 --- a/source/installer.c +++ b/source/installer.c @@ -50,8 +50,7 @@ u32 posY; void main(void) { - vu32 *magic = (vu32 *)0x25000000; - bool isOtpless = ISA9LH && magic[0] == 0xABADCAFE && magic[1] == 0xDEADCAFE; + bool isOtpless = ISA9LH && magic == 0xDEADCAFE; initScreens(); @@ -71,7 +70,6 @@ void main(void) } else { - magic[0] = magic[1] = 0; posY = drawString("Finalizing install...", 10, posY + SPACING_Y, COLOR_WHITE); pressed = 0; } @@ -258,8 +256,10 @@ static inline void installer(bool isOtpless) if(!ISA9LH && ISN3DS) { - *(vu32 *)0x80FD0FC = 0xEAFFCBBF; //B 0x80F0000 - memcpy((void *)0x80F0000, loader_bin, loader_bin_size); + const u8 ldrAndBranch[] = {0x00, 0x00, 0x9F, 0xE5, 0x10, 0xFF, 0x2F, 0xE1, 0x00, 0x80, 0xFF, 0x01}; + + memcpy((void *)0x80FD0FC, ldrAndBranch, sizeof(ldrAndBranch)); + memcpy((void *)0x1FF8000, loader_bin, loader_bin_size); writeFirm((u8 *)FIRM0_100_OFFSET, false, FIRM0100_SIZE); diff --git a/source/installer.h b/source/installer.h index 37bfe7e..5f073a6 100644 --- a/source/installer.h +++ b/source/installer.h @@ -23,6 +23,7 @@ #define MAX_STAGE1_SIZE 0x1E70 #define MAX_STAGE2_SIZE 0x89A00 +extern u32 magic; extern const u8 key2s[5][AES_BLOCK_SIZE]; static inline void installer(bool isOtpless); diff --git a/source/start.s b/source/start.s index d545d4d..c108bc6 100644 --- a/source/start.s +++ b/source/start.s @@ -24,6 +24,13 @@ .align 4 .global _start _start: + b start + +.global magic +magic: + .word 0 + +start: @ Disable interrupts mrs r0, cpsr orr r0, #0x1C0