MattTheTekie/recovery_menu
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 13

Clean up OTP, debug and heap code

Browse source
This commit is contained in:
GaryOderNichts 2022-08-19 20:29:01 +02:00
commit 5e9bdfb0eb
14 changed files with 56 additions and 69 deletions
Download patch file Download diff file Expand all files Collapse all files

4
ios_kernel/source/bsp.c
View file

@ -3,7 +3,7 @@
static void* allocIobuf()
{
void* ptr = IOS_HeapAlloc(0xcaff, 0x260);
void* ptr = IOS_HeapAlloc(CROSS_PROCESS_HEAP_ID, 0x260);
memset(ptr, 0, 0x260);
@ -12,7 +12,7 @@ static void* allocIobuf()
static void freeIobuf(void* ptr)
{
IOS_HeapFree(0xcaff, ptr);
IOS_HeapFree(CROSS_PROCESS_HEAP_ID, ptr);
}
int bspWrite(const char* entity, uint32_t instance, const char* attribute, uint32_t size, const void* buffer)

3
ios_kernel/source/imports.h
View file

@ -10,6 +10,9 @@
#define THUMB_B(addr, func) ((0xE000 | ((((uint32_t)(func) - (uint32_t)(addr) - 4) >> 1) & 0x7FF))) // +-2KB
#define THUMB_BL(addr, func) ((0xF000F800 | ((((uint32_t)(func) - (uint32_t)(addr) - 4) >> 1) & 0x0FFF)) | ((((uint32_t)(func) - (uint32_t)(addr) - 4) << 4) & 0x7FFF000)) // +-4MB
#define LOCAL_PROCESS_HEAP_ID 0xcafe
#define CROSS_PROCESS_HEAP_ID 0xcaff
typedef struct {
void* ptr;
uint32_t len;

5
ios_kernel/source/main.c
View file

@ -21,8 +21,6 @@ int kernel_syscall_0x81(int type, uint32_t address, uint32_t value)
res = *(volatile uint32_t*) address;
} else if (type == 1) { // kernWrite32
*(volatile uint32_t*) address = value;
} else if (type == 2) { // readOtp
res = readOTP(0, (void*) address, value);
}
set_domain_register(domainAccessPermissions[currentThreadContext->pid]);
@ -68,6 +66,9 @@ int _main(void* arg)
// replace custom kernel syscall
*(volatile uint32_t*) 0x0812cd2c = ARM_B(0x0812cd2c, kernel_syscall_0x81);
// patch IOS_ReadOTP to allow read from all processes
*(volatile uint32_t*) 0x0812037c = 0xe15c000c; // cmp r12, r12
restore_mmu(control_register);

3
ios_mcp/imports.ld
View file

@ -28,6 +28,9 @@ PROVIDE(IOS_CreateMessageQueue = 0x0505684c);
PROVIDE(IOS_DestroyMessageQueue = 0x05056854);
PROVIDE(IOS_ReceiveMessage = 0x0505686c);
PROVIDE(IOS_CheckDebugMode = 0x050568ec);
PROVIDE(IOS_ReadOTP = 0x050568fc);
PROVIDE(IOS_HeapAlloc = 0x05056924);
PROVIDE(IOS_HeapAllocAligned = 0x0505692c);
PROVIDE(IOS_HeapFree = 0x05056934);

6
ios_mcp/source/fsa.c
View file

@ -6,16 +6,16 @@
static void* allocIobuf()
{
void* ptr = IOS_HeapAlloc(0xcaff, 0x828);
void* ptr = IOS_HeapAlloc(CROSS_PROCESS_HEAP_ID, 0x828);
memset(ptr, 0x00, 0x828);
memset(ptr, 0, 0x828);
return ptr;
}
static void freeIobuf(void* ptr)
{
IOS_HeapFree(0xcaff, ptr);
IOS_HeapFree(CROSS_PROCESS_HEAP_ID, ptr);
}
int FSA_Mount(int fd, const char* device_path, char* volume_path, uint32_t flags, char* arg_string, int arg_string_len)

4
ios_mcp/source/gfx.c
View file

@ -29,7 +29,7 @@ int gfx_init_font(void)
if (font)
return 0;
font = IOS_HeapAlloc(0xcaff, sizeof(*font));
font = IOS_HeapAlloc(LOCAL_PROCESS_HEAP_ID, sizeof(*font));
if (!font) {
printf("Memory allocation for the font buffer failed!\n");
return -1;
@ -41,7 +41,7 @@ int gfx_init_font(void)
if (res != LZO_E_OK || data_len != sizeof(*font)) {
// LZO decompression failed.
printf("lzo1x_decompress() failed: res == %d, data_len == %lu\n", res, data_len);
IOS_HeapFree(0xcaff, font);
IOS_HeapFree(LOCAL_PROCESS_HEAP_ID, font);
font = NULL;
return -2;
}

6
ios_mcp/source/imports.h
View file

@ -3,6 +3,9 @@
#include <stdint.h>
#include <stdio.h>
#define LOCAL_PROCESS_HEAP_ID 0xcafe
#define CROSS_PROCESS_HEAP_ID 0xcaff
typedef struct {
void* ptr;
uint32_t len;
@ -50,6 +53,9 @@ int IOS_CreateMessageQueue(uint32_t* ptr, uint32_t n_msgs);
int IOS_DestroyMessageQueue(int queueid);
int IOS_ReceiveMessage(int queueid, uint32_t* message, uint32_t flags);
int IOS_CheckDebugMode(void);
int IOS_ReadOTP(int index, void* buffer, uint32_t size);
void* IOS_HeapAlloc(uint32_t heap, uint32_t size);
void* IOS_HeapAllocAligned(uint32_t heap, uint32_t size, uint32_t alignment);
void IOS_HeapFree(uint32_t heap, void* ptr);

4
ios_mcp/source/mcp_install.c
View file

@ -5,14 +5,14 @@
static void* allocIoBuf(uint32_t size)
{
void* ptr = IOS_HeapAlloc(0xcaff, size);
void* ptr = IOS_HeapAlloc(CROSS_PROCESS_HEAP_ID, size);
memset(ptr, 0, size);
return ptr;
}
static void freeIoBuf(void* ptr)
{
IOS_HeapFree(0xcaff, ptr);
IOS_HeapFree(CROSS_PROCESS_HEAP_ID, ptr);
}
int MCP_InstallGetInfo(int handle, const char* path, MCPInstallInfo* out_info)

4
ios_mcp/source/mcp_misc.c
View file

@ -5,14 +5,14 @@
static void* allocIoBuf(uint32_t size)
{
void* ptr = IOS_HeapAlloc(0xcaff, size);
void* ptr = IOS_HeapAlloc(CROSS_PROCESS_HEAP_ID, size);
memset(ptr, 0, size);
return ptr;
}
static void freeIoBuf(void* ptr)
{
IOS_HeapFree(0xcaff, ptr);
IOS_HeapFree(CROSS_PROCESS_HEAP_ID, ptr);
}
int MCP_GetSysProdSettings(int handle, MCPSysProdSettings* out_sysProdSettings)

59
ios_mcp/source/menu.c
View file

@ -217,25 +217,6 @@ static void waitButtonInput(void)
}
}
static int isSystemUsingDebugKeyset(void)
{
int ret = 0;
// Check OTP to see if this system is using the Debug keyset.
// NOTE: Includes "Factory" as well.
uint8_t* const dataBuffer = IOS_HeapAllocAligned(0xcaff, 0x400, 0x40);
if (!dataBuffer)
return ret;
int res = readOTP(dataBuffer, 0x400);
if (res >= 0) {
ret = ((dataBuffer[0x080] & 0x18) != 0x10);
}
IOS_HeapFree(0xcaff, dataBuffer);
return ret;
}
static void option_SetColdbootTitle(void)
{
static const Menu coldbootTitleOptions[] = {
@ -250,8 +231,8 @@ static void option_SetColdbootTitle(void)
{"Kiosk Menu ", {.tid = 0x000500101FA81000}},
};
// Only print the non-retail options if the keyset is debug.
const int option_count = (isSystemUsingDebugKeyset() ? 7 : 4);
// Only print the non-retail options if the system is in debug mode.
const int option_count = ((IOS_CheckDebugMode() == 0) ? 7 : 4);
int rval;
uint64_t newtid = 0;
@ -375,7 +356,7 @@ static void option_DumpOtpAndSeeprom(void)
gfx_print(16, index, 0, "Creating otp.bin...");
index += CHAR_SIZE_DRC_Y + 4;
void* dataBuffer = IOS_HeapAllocAligned(0xcaff, 0x400, 0x40);
void* dataBuffer = IOS_HeapAllocAligned(CROSS_PROCESS_HEAP_ID, 0x400, 0x40);
if (!dataBuffer) {
gfx_set_font_color(COLOR_ERROR);
gfx_print(16, index, 0, "Out of memory!");
@ -390,21 +371,21 @@ static void option_DumpOtpAndSeeprom(void)
gfx_printf(16, index, 0, "Failed to create otp.bin: %x", res);
waitButtonInput();
IOS_HeapFree(0xcaff, dataBuffer);
IOS_HeapFree(CROSS_PROCESS_HEAP_ID, dataBuffer);
return;
}
gfx_print(16, index, 0, "Reading OTP...");
index += CHAR_SIZE_DRC_Y + 4;
res = readOTP(dataBuffer, 0x400);
res = IOS_ReadOTP(0, dataBuffer, 0x400);
if (res < 0) {
gfx_set_font_color(COLOR_ERROR);
gfx_printf(16, index, 0, "Failed to read OTP: %x", res);
waitButtonInput();
FSA_CloseFile(fsaHandle, otpHandle);
IOS_HeapFree(0xcaff, dataBuffer);
IOS_HeapFree(CROSS_PROCESS_HEAP_ID, dataBuffer);
return;
}
@ -418,7 +399,7 @@ static void option_DumpOtpAndSeeprom(void)
waitButtonInput();
FSA_CloseFile(fsaHandle, otpHandle);
IOS_HeapFree(0xcaff, dataBuffer);
IOS_HeapFree(CROSS_PROCESS_HEAP_ID, dataBuffer);
return;
}
@ -434,7 +415,7 @@ static void option_DumpOtpAndSeeprom(void)
gfx_printf(16, index, 0, "Failed to create seeprom.bin: %x", res);
waitButtonInput();
IOS_HeapFree(0xcaff, dataBuffer);
IOS_HeapFree(CROSS_PROCESS_HEAP_ID, dataBuffer);
return;
}
@ -448,7 +429,7 @@ static void option_DumpOtpAndSeeprom(void)
waitButtonInput();
FSA_CloseFile(fsaHandle, seepromHandle);
IOS_HeapFree(0xcaff, dataBuffer);
IOS_HeapFree(CROSS_PROCESS_HEAP_ID, dataBuffer);
return;
}
@ -462,7 +443,7 @@ static void option_DumpOtpAndSeeprom(void)
waitButtonInput();
FSA_CloseFile(fsaHandle, seepromHandle);
IOS_HeapFree(0xcaff, dataBuffer);
IOS_HeapFree(CROSS_PROCESS_HEAP_ID, dataBuffer);
return;
}
@ -471,7 +452,7 @@ static void option_DumpOtpAndSeeprom(void)
waitButtonInput();
FSA_CloseFile(fsaHandle, seepromHandle);
IOS_HeapFree(0xcaff, dataBuffer);
IOS_HeapFree(CROSS_PROCESS_HEAP_ID, dataBuffer);
}
static void option_StartWupserver(void)
@ -657,7 +638,7 @@ static void option_LoadNetConf(void)
return;
}
char* cfgBuffer = (char*) IOS_HeapAllocAligned(0xcaff, stat.size + 1, 0x40);
char* cfgBuffer = (char*) IOS_HeapAllocAligned(CROSS_PROCESS_HEAP_ID, stat.size + 1, 0x40);
if (!cfgBuffer) {
gfx_set_font_color(COLOR_ERROR);
gfx_print(16, index, 0, "Out of memory!");
@ -675,7 +656,7 @@ static void option_LoadNetConf(void)
gfx_printf(16, index, 0, "Failed to read file: %x", res);
waitButtonInput();
IOS_HeapFree(0xcaff, cfgBuffer);
IOS_HeapFree(CROSS_PROCESS_HEAP_ID, cfgBuffer);
FSA_CloseFile(fsaHandle, cfgHandle);
return;
}
@ -720,7 +701,7 @@ static void option_LoadNetConf(void)
gfx_printf(16, index, 0, "Failed to apply configuration: %x", res);
waitButtonInput();
IOS_HeapFree(0xcaff, cfgBuffer);
IOS_HeapFree(CROSS_PROCESS_HEAP_ID, cfgBuffer);
FSA_CloseFile(fsaHandle, cfgHandle);
return;
}
@ -731,7 +712,7 @@ static void option_LoadNetConf(void)
waitButtonInput();
IOS_HeapFree(0xcaff, cfgBuffer);
IOS_HeapFree(CROSS_PROCESS_HEAP_ID, cfgBuffer);
FSA_CloseFile(fsaHandle, cfgHandle);
}
@ -1140,7 +1121,7 @@ static void option_SystemInformation(void)
// 0x000-0x3FF: OTP
// 0x400-0x5FF: SEEPROM
// 0x600-0x7FF: misc for version.bin
void *dataBuffer = IOS_HeapAllocAligned(0xcaff, 0x800, 0x40);
void *dataBuffer = IOS_HeapAllocAligned(CROSS_PROCESS_HEAP_ID, 0x800, 0x40);
if (!dataBuffer) {
gfx_set_font_color(COLOR_ERROR);
gfx_print(16, index, 0, "Out of memory!");
@ -1150,11 +1131,11 @@ static void option_SystemInformation(void)
uint8_t* const otp = (uint8_t*)dataBuffer;
uint16_t* const seeprom = (uint16_t*)dataBuffer + 0x200;
int res = readOTP((void*)otp, 0x400);
int res = IOS_ReadOTP(0, otp, 0x400);
if (res < 0) {
gfx_set_font_color(COLOR_ERROR);
gfx_printf(16, index, 0, "Failed to read OTP: %x", res);
IOS_HeapFree(0xcaff, dataBuffer);
IOS_HeapFree(CROSS_PROCESS_HEAP_ID, dataBuffer);
waitButtonInput();
return;
}
@ -1163,7 +1144,7 @@ static void option_SystemInformation(void)
if (res < 0) {
gfx_set_font_color(COLOR_ERROR);
gfx_printf(16, index, 0, "Failed to read EEPROM: %x", res);
IOS_HeapFree(0xcaff, dataBuffer);
IOS_HeapFree(CROSS_PROCESS_HEAP_ID, dataBuffer);
waitButtonInput();
return;
}
@ -1302,7 +1283,7 @@ static void option_SystemInformation(void)
// - gameRegion is set to 0 on all systems I've used.
// TODO: Use MCP_GetSysProdSettings()?
IOS_HeapFree(0xcaff, dataBuffer);
IOS_HeapFree(CROSS_PROCESS_HEAP_ID, dataBuffer);
waitButtonInput();
}

6
ios_mcp/source/netconf.c
View file

@ -30,16 +30,16 @@ int netconf_close(void)
static void* allocIobuf(uint32_t size)
{
void* ptr = IOS_HeapAlloc(0xcaff, size);
void* ptr = IOS_HeapAlloc(CROSS_PROCESS_HEAP_ID, size);
memset(ptr, 0x00, size);
memset(ptr, 0, size);
return ptr;
}
static void freeIobuf(void* ptr)
{
IOS_HeapFree(0xcaff, ptr);
IOS_HeapFree(CROSS_PROCESS_HEAP_ID, ptr);
}
static int netconf_get_if_data(uint16_t* if_buf, uint16_t* data)

10
ios_mcp/source/socket.c
View file

@ -32,16 +32,16 @@ int socketExit()
static void* allocIobuf(uint32_t size)
{
void* ptr = IOS_HeapAlloc(0xcaff, size);
void* ptr = IOS_HeapAlloc(CROSS_PROCESS_HEAP_ID, size);
memset(ptr, 0x00, size);
memset(ptr, 0, size);
return ptr;
}
static void freeIobuf(void* ptr)
{
IOS_HeapFree(0xcaff, ptr);
IOS_HeapFree(CROSS_PROCESS_HEAP_ID, ptr);
}
int socket(int domain, int type, int protocol)
@ -167,7 +167,7 @@ ssize_t recv(int sockfd, void *buf, size_t len, int flags)
if(!len) return -101;
// TODO : size checks, split up data into multiple vectors if necessary
void* data_buf = IOS_HeapAllocAligned(0xcaff, len, 0x40);
void* data_buf = IOS_HeapAllocAligned(CROSS_PROCESS_HEAP_ID, len, 0x40);
if(!data_buf) return -100;
uint8_t* iobuf = allocIobuf(0x38);
@ -197,7 +197,7 @@ ssize_t send(int sockfd, const void *buf, size_t len, int flags)
if(!buf || !len) return -101;
// TODO : size checks, split up data into multiple vectors if necessary
void* data_buf = IOS_HeapAllocAligned(0xcaff, len, 0x40);
void* data_buf = IOS_HeapAllocAligned(CROSS_PROCESS_HEAP_ID, len, 0x40);
if(!data_buf) return -100;
uint8_t* iobuf = allocIobuf(0x38);

9
ios_mcp/source/utils.c
View file

@ -16,11 +16,6 @@ void kernWrite32(uint32_t address, uint32_t value)
IOS_Syscall0x81(1, address, value);
}
int readOTP(void* buf, uint32_t size)
{
return IOS_Syscall0x81(2, (uint32_t) buf, size);
}
int EEPROM_Read(uint16_t offset, uint16_t num, uint16_t* buf)
{
if (offset + num > 0x100) {
@ -71,7 +66,7 @@ int copy_file(int fsaFd, const char* src, const char* dst)
return res;
}
void* dataBuffer = IOS_HeapAllocAligned(0xcaff, COPY_BUFFER_SIZE, 0x40);
void* dataBuffer = IOS_HeapAllocAligned(CROSS_PROCESS_HEAP_ID, COPY_BUFFER_SIZE, 0x40);
if (!dataBuffer) {
FSA_CloseFile(fsaFd, readHandle);
FSA_CloseFile(fsaFd, writeHandle);
@ -84,7 +79,7 @@ int copy_file(int fsaFd, const char* src, const char* dst)
}
}
IOS_HeapFree(0xcaff, dataBuffer);
IOS_HeapFree(CROSS_PROCESS_HEAP_ID, dataBuffer);
FSA_CloseFile(fsaFd, writeHandle);
FSA_CloseFile(fsaFd, readHandle);

2
ios_mcp/source/utils.h
View file

@ -51,8 +51,6 @@ uint32_t kernRead32(uint32_t address);
void kernWrite32(uint32_t address, uint32_t value);
int readOTP(void* buf, uint32_t size);
int EEPROM_Read(uint16_t offset, uint16_t num, uint16_t* buf);
int resetPPC(void);