From 0391ae6145ba0228c3638173b7eaee4994acc83b Mon Sep 17 00:00:00 2001 From: "(no author)" <(no author)@b08762b0-b915-fc4b-9d8c-17b2551a87ff> Date: Mon, 27 Dec 2010 07:08:51 +0000 Subject: [PATCH] =?UTF-8?q?=E8=A6=8B=E3=81=A4=E3=81=91=E5=87=BA=E3=81=97?= =?UTF-8?q?=E3=81=9F=E3=81=84=E3=82=B3=E3=83=BC=E3=83=89=E3=81=8C=E6=95=B0?= =?UTF-8?q?=E7=A8=AE=E9=A1=9E=E3=81=82=E3=81=A3=E3=81=9F=E5=A0=B4=E5=90=88?= =?UTF-8?q?=E3=81=AE=E5=AF=BE=E5=BF=9C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit git-svn-id: file:///Users/lillianskinner/Downloads/platinum/twl/TwlIPL/branches/20101202_Majikon_Patch@2983 b08762b0-b915-fc4b-9d8c-17b2551a87ff --- build/libraries_sysmenu/boot/ARM7/Makefile | 3 +- .../boot/ARM7/include/targetCode.h | 117 ++++++++++ .../libraries_sysmenu/boot/ARM7/src/bootAPI.c | 200 ++++++------------ 3 files changed, 189 insertions(+), 131 deletions(-) create mode 100644 build/libraries_sysmenu/boot/ARM7/include/targetCode.h diff --git a/build/libraries_sysmenu/boot/ARM7/Makefile b/build/libraries_sysmenu/boot/ARM7/Makefile index 7075cc92..0b60355d 100644 --- a/build/libraries_sysmenu/boot/ARM7/Makefile +++ b/build/libraries_sysmenu/boot/ARM7/Makefile @@ -29,7 +29,8 @@ override TWL_CODEGEN = ALL SRCDIR = ./src -INCDIR = ../common/include \ +INCDIR = ./include \ + ../common/include \ $(ROOT)/build/libraries/fatfs/ARM7.TWL/include \ $(ROOT)/build/libraries/fatfs/ARM7.TWL/include/twl/fatfs/ARM7 \ diff --git a/build/libraries_sysmenu/boot/ARM7/include/targetCode.h b/build/libraries_sysmenu/boot/ARM7/include/targetCode.h new file mode 100644 index 00000000..56a79219 --- /dev/null +++ b/build/libraries_sysmenu/boot/ARM7/include/targetCode.h @@ -0,0 +1,117 @@ +/*---------------------------------------------------------------------------* + Project: TwlIPL - HOTSW - include + File: romSpec.h + + Copyright 2008 Nintendo. All rights reserved. + + These coded instructions, statements, and computer programs contain + proprietary information of Nintendo of America Inc. and/or Nintendo + Company Ltd., and are protected by Federal copyright law. They may + not be disclosed to third parties or copied or duplicated in any form, + in whole or in part, without the prior written consent of Nintendo. + + $Date:: $ + $Rev: $ + $Author: $ + *---------------------------------------------------------------------------*/ +#ifndef __BOOT_TARGET_CODE_H__ +#define __BOOT_TARGET_CODE_H__ + +#include + +#define MAJIKON_APP_ARM7_STATIC_BUFFER 0x02380000 +#define MAJIKON_APP_ARM7_STATIC_BUFFER_SIZE 0x40000 +#define MAJIKON_PATCH_ADDR 0x02fff800 + +#define MAJIKON_APP_TARGET_COMMAND 0xE12FFF1E // [bx lr] 命令 + +#define TARGET_CODE_NUM 4 +#define TARGET_CODE_MAX_SIZE 0x100 + + +#ifdef __cplusplus +extern "C" { +#endif + +u32 target_code_list[TARGET_CODE_NUM][TARGET_CODE_MAX_SIZE] = +{ + { + 0xE92D40F8, 0xE59F00E4, 0xE5900004, 0xE3500000, + 0x1A000034, 0xEBFFD80C, 0xE3500001, 0x1A000031, + 0xE59F10CC, 0xE3E00000, 0xE5913004, 0xE1530000, + 0x059F00C0, 0x05900000, 0x0280000A, 0x05810004, + 0x0A000028, 0xE59F20AC, 0xE5920000, 0xE1500003, + 0x3A000024, 0xE5920000, 0xE280000A, 0xE5810004, + 0xEBFFFFA6, 0xE3500000, 0x0A00000A, 0xE59F007C, + 0xE3A01001, 0xE5801004, 0xEBFFFBBE, 0xE590000C, + 0xE3500000, 0x1A000003, 0xE59F0064, 0xE5900000, + 0xE3500000, 0x1A000013, 0xE59F0050, 0xE59F1050, + 0xE5900004, 0xE3A02000, 0xE5812000, 0xE3500000, + 0x0A00000C, 0xE3A07064, 0xE3A0600E, 0xE3A05011, + 0xE1A04002, 0xEA000001, 0xE1A00007, 0xEBFFCB91, + 0xE1A00006, 0xE1A01005, 0xE1A02004, 0xEBFFDAA2, + 0xE3500000, 0x1AFFFFF7, 0xE8BD40F8, 0x00000001, + }, + { + 0xE92D40F8, 0xE59F00E4, 0xE5900004, 0xE3500000, + 0x1A000034, 0xEBFFD80C, 0xE3500001, 0x1A000031, + 0xE59F10CC, 0xE3E00000, 0xE5913004, 0xE1530000, + 0x059F00C0, 0x05900000, 0x0280000A, 0x05810004, + 0x0A000028, 0xE59F20AC, 0xE5920000, 0xE1500003, + 0x3A000024, 0xE5920000, 0xE280000A, 0xE5810004, + 0xEBFFFFA6, 0xE3500000, 0x0A00000A, 0xE59F007C, + 0xE3A01001, 0xE5801004, 0xEBFFFBBE, 0xE590000C, + 0xE3500000, 0x1A000003, 0xE59F0064, 0xE5900000, + 0xE3500000, 0x1A000013, 0xE59F0050, 0xE59F1050, + 0xE5900004, 0xE3A02000, 0xE5812000, 0xE3500000, + 0x0A00000C, 0xE3A07064, 0xE3A0600E, 0xE3A05011, + 0xE1A04002, 0xEA000001, 0xE1A00007, 0xEBFFCB91, + 0xE1A00006, 0xE1A01005, 0xE1A02004, 0xEBFFDAA2, + 0xE3500000, /*0x1AFFFFF7,*/ 0xE8BD40F8, 0xE12FFF1E, + 0x00000001, + }, + { + 0xE92D40F8, 0xE59F00E4, 0xE5900004, 0xE3500000, + 0x1A000034, 0xEBFFD80C, 0xE3500001, 0x1A000031, + 0xE59F10CC, 0xE3E00000, 0xE5913004, 0xE1530000, + 0x059F00C0, 0x05900000, 0x0280000A, 0x05810004, + 0x0A000028, 0xE59F20AC, 0xE5920000, 0xE1500003, + 0x3A000024, 0xE5920000, 0xE280000A, 0xE5810004, + 0xEBFFFFA6, 0xE3500000, 0x0A00000A, 0xE59F007C, + 0xE3A01001, 0xE5801004, 0xEBFFFBBE, 0xE590000C, + 0xE3500000, 0x1A000003, 0xE59F0064, 0xE5900000, + 0xE3500000, 0x1A000013, 0xE59F0050, 0xE59F1050, + 0xE5900004, 0xE3A02000, 0xE5812000, 0xE3500000, + 0x0A00000C, 0xE3A07064, 0xE3A0600E, 0xE3A05011, + 0xE1A04002, 0xEA000001, 0xE1A00007, 0xEBFFCB91, + 0xE1A00006, 0xE1A01005, 0xE1A02004, 0xEBFFDAA2, + 0xE3500000, 0x1AFFFFF7, 0xE8BD40F8, 0xE12FFF1E, + 0x03803F60, 0x037E9D34, + }, + { + 0xE92D40F8, 0xE59F00E4, 0xE5900004, 0xE3500000, + 0x1A000034, 0xEBFFD80C, 0xE3500001, 0x1A000031, + 0xE59F10CC, 0xE3E00000, 0xE5913004, 0xE1530000, + 0x059F00C0, 0x05900000, 0x0280000A, 0x05810004, + 0x0A000028, 0xE59F20AC, 0xE5920000, 0xE1500003, + 0x3A000024, 0xE5920000, 0xE280000A, 0xE5810004, + 0xEBFFFFA6, 0xE3500000, 0x0A00000A, 0xE59F007C, + 0xE3A01001, 0xE5801004, 0xEBFFFBBE, 0xE590000C, + 0xE3500000, 0x1A000003, 0xE59F0064, 0xE5900000, + 0xE3500000, 0x1A000013, 0xE59F0050, 0xE59F1050, + 0xE5900004, 0xE3A02000, 0xE5812000, 0xE3500000, + 0x0A00000C, 0xE3A07064, 0xE3A0600E, 0xE3A05011, + 0xE1A04002, 0xEA000001, 0xE1A00007, 0xEBFFCB91, + 0xE1A00006, 0xE1A01005, 0xE1A02004, 0xEBFFDAA2, + 0xE3500000, 0x1AFFFFF7, 0xE8BD40F8, 0xE12FFF1E, + 0x03803F60, 0x00000001, + }, +}; + +#ifdef __cplusplus +} /* extern "C" */ + +#endif + +/* __BOOT_TARGET_CODE_H__ */ +#endif diff --git a/build/libraries_sysmenu/boot/ARM7/src/bootAPI.c b/build/libraries_sysmenu/boot/ARM7/src/bootAPI.c index 135910bd..b25b5b14 100644 --- a/build/libraries_sysmenu/boot/ARM7/src/bootAPI.c +++ b/build/libraries_sysmenu/boot/ARM7/src/bootAPI.c @@ -31,6 +31,7 @@ #include "reboot.h" #include "internal_api.h" #include "../../../hotsw/ARM7/include/hotswTypes.h" +#include "targetCode.h" #include @@ -131,152 +132,91 @@ void BOOT_Init( void ) // reg_PXI_MAINPINTF = 0x0000; } - -#define MAJIKON_PATCH_ADDR 0x02fff800 - -/* -void MYFUNC_MajikonPatche(void) -{ - int r, i; - -// OSIntrMode itrm = OS_DisableInterrupts(); // asm - for (r = 0; r < 8; r++) - { - // I2Ci_SendStart( id ) - { - while (reg_OS_I2C_CNT & REG_OS_I2C_CNT_E_MASK){}; - reg_OS_I2C_DAT = 0x4a; - reg_OS_I2C_CNT = 0xc2; - - while (reg_OS_I2C_CNT & REG_OS_I2C_CNT_E_MASK){}; - if (!(BOOL)((reg_OS_I2C_CNT & REG_OS_I2C_CNT_ACK_MASK) >> REG_OS_I2C_CNT_ACK_SHIFT)) - { - continue; - } - } - - // I2Ci_SendMiddle( reg ) - { - while (reg_OS_I2C_CNT & REG_OS_I2C_CNT_E_MASK){}; - i = 0; - while( i++ < 0x150 ) - { - u32 dummy = reg_OS_I2C_CNT; - } - - reg_OS_I2C_DAT = MCU_REG_CAMERA_ADDR; // MCU_REG_LED_TEST_ADDR = 0x63; // 電源赤ランプ - reg_OS_I2C_CNT = 0xc0; - - while (reg_OS_I2C_CNT & REG_OS_I2C_CNT_E_MASK){}; - if (!(BOOL)((reg_OS_I2C_CNT & REG_OS_I2C_CNT_ACK_MASK) >> REG_OS_I2C_CNT_ACK_SHIFT)) - { - continue; - } - } - - // I2Ci_SendLast( data ) - { - while (reg_OS_I2C_CNT & REG_OS_I2C_CNT_E_MASK){}; - i = 0; - while( i++ < 0x150 ) - { - u32 dummy = reg_OS_I2C_CNT; - } - - reg_OS_I2C_DAT = 0x01; - reg_OS_I2C_CNT = 0xc0; - - while (reg_OS_I2C_CNT & REG_OS_I2C_CNT_E_MASK){}; - i = 0; - while( i++ < 0x150 ) - { - u32 dummy = reg_OS_I2C_CNT; - } - - reg_OS_I2C_CNT = 0xc5; - - while (reg_OS_I2C_CNT & REG_OS_I2C_CNT_E_MASK){}; - if (!(BOOL)((reg_OS_I2C_CNT & REG_OS_I2C_CNT_ACK_MASK) >> REG_OS_I2C_CNT_ACK_SHIFT)) - { - continue; - } - else - { - break; - } - } - reg_OS_I2C_CNT = 0xc5; - } -// (void)OS_RestoreInterrupts(itrm); // asm -} -*/ - - -#define MAJIKON_APP_ARM7_STATIC_BUFFER 0x02380000 -#define MAJIKON_APP_ARM7_STATIC_BUFFER_SIZE 0x40000 - -static u32 target_code[] = -{ - 0xE3A0C301, 0xE58CC208, 0xEB000069, 0xE59F3144, - 0xE2432040, 0xE59F1140, 0xE1520003, 0xB4910004, - 0xB4820004, 0xBAFFFFFB, 0xE59F1130, 0xE59F2130, - 0xE2823028, 0xE4910004, 0xE4820004, 0xE1520003, - 0xBAFFFFFB, 0xE59F011C, 0xE59F111C, 0xE59F2110, - 0xE1A0E00F, 0xE12FFF12, 0xE3A00013, 0xE121F000, - 0xE59FD108, 0xE3A00012, 0xE121F000, 0xE59FD100, - 0xE59F1100, 0xE04D1001, 0xE24DD004, 0xE3A0001F, - 0xE12FF000, 0xE241D004, 0xE59F00EC, 0xE0411000, - 0xE59F20DC, 0xE3A00000, 0xE1510002, 0xB4810004, - 0xBAFFFFFC, 0xE59F00D4, 0xE5901000, 0xE3510000, - 0x059F10CC, 0x05801000, 0xEB000075, 0xE3A01000, - 0xE59F30C0, 0xE593000C, 0xE5932010, 0xE0522000, - 0xCB0000A8, 0xEB000043, 0xE59F10AC, 0xE3A00000, - 0xE3800C03, 0xE1C100B0, 0xE3A00000, 0xE3800C03, - 0xE1C100B2, 0xE59F1094, 0xE59F0094, 0xE5810000, - 0xE59F1090, 0xE24D2028, 0xE1A0300D, 0xE1520003, - 0xB4910004, 0xB4820004, 0xBAFFFFFB, 0xE59F0078, - 0xE3C00003, 0xE59F1074, 0xE0411000, 0xE2811003, - 0xE3C11003, 0xE3C114FF, 0xE3A02004, 0xE1A02C02, - 0xE1811002, 0xE59F2058, 0xE59F3058, 0xE59FE058, - 0xE24DC028 -}; - static u32 SearchBinary_Majikon( void ) { - u32 code_end_address = 0; - u32 search_size = MAJIKON_APP_ARM7_STATIC_BUFFER_SIZE; - u32 current = MAJIKON_APP_ARM7_STATIC_BUFFER; - u32 *codep = target_code; - u32 hit = 0; - u32 elem = sizeof(target_code)/sizeof(u32); - + u32 target_command_address = 0; + u32 elem[TARGET_CODE_NUM]; + u32 i; + OS_TPrintf("=====================================\n"); - while( search_size >= sizeof(target_code) || hit ) + for( i = 0; i < TARGET_CODE_NUM; i++ ) { - if( *(u32 *)current == *codep ) + u32 count = 0; + while( target_code_list[i][count] != 0x0 ) { - codep++; - hit++; - if( hit == elem ) + count++; + } + elem[i] = count * 4; + OS_TPrintf("code %d size is 0x%x (%d)\n", i, elem[i], elem[i]); + } + + for( i = 0; i < TARGET_CODE_NUM; i++ ) + { + u32 search_size = MAJIKON_APP_ARM7_STATIC_BUFFER_SIZE; + u32 current = MAJIKON_APP_ARM7_STATIC_BUFFER; + u32 *codep = target_code_list[i]; + u32 hit = 0; + BOOL isFinish = FALSE; + + OS_TPrintf("\n-----\n"); + OS_TPrintf("search code %d start\n", i); + + while( search_size >= elem[i] || hit ) + { + if( *(u32 *)current != *codep ) { - OS_TPrintf("\n*** Target Code Find!!\n"); - code_end_address = current; + current += sizeof(u32); + search_size -= sizeof(u32); + continue; + } + + while( *(u32 *)current == *codep ) + { + hit += 4; + + if( *(u32 *)current == MAJIKON_APP_TARGET_COMMAND ) + { + OS_TPrintf("*** Target Command Find!!\n"); + target_command_address = current; + } + + if( hit == elem[i] ) + { + isFinish = TRUE; + break; + } + + codep++; + current += sizeof(u32); + search_size -= sizeof(u32); + } + + if( isFinish ) + { + OS_TPrintf("*** Target Code Find!!\n"); break; } + + target_command_address = 0; + hit = 0; + codep = target_code_list[i]; + } + + if( isFinish ) + { + OS_TPrintf("Match!!\n"); + break; } else { - hit = 0; - codep = target_code; + OS_TPrintf("No Match...\n"); } - current += sizeof(u32);; - search_size -= sizeof(u32); } - OS_TPrintf("\ntarget address : 0x%08x\n", code_end_address); + OS_TPrintf("\ntarget address : 0x%08x\n", target_command_address); OS_TPrintf("=====================================\n"); - return code_end_address; + return (target_command_address - sizeof(u32)); // 埋め込むコードは2命令あるので、1つ前のアドレスを返す }