From 38625d2efea5681133c281b08cd8d2d5505a3092 Mon Sep 17 00:00:00 2001
From: GaryOderNichts <12049776+GaryOderNichts@users.noreply.github.com>
Date: Sun, 4 Apr 2021 22:33:22 +0200
Subject: [PATCH] Use ipc call to start mcp thread immediately

---
 source/common/ipc_defs.h                   |  1 +
 source/ios_kernel/source/instant_patches.c |  2 --
 source/ios_kernel/source/ios_mcp_patches.c |  2 --
 source/ios_mcp/link.ld                     |  1 -
 source/ios_mcp/source/crt0.s               | 14 --------------
 source/ios_mcp/source/mcp_loadfile.c       |  6 ++++++
 source/main.cpp                            |  3 +++
 7 files changed, 10 insertions(+), 19 deletions(-)
 delete mode 100644 source/ios_mcp/source/crt0.s

diff --git a/source/common/ipc_defs.h b/source/common/ipc_defs.h
index 9fc1058..0883392 100644
--- a/source/common/ipc_defs.h
+++ b/source/common/ipc_defs.h
@@ -227,5 +227,6 @@ typedef struct {
 #define IPC_CUSTOM_MEN_RPX_HOOK_COMPLETED   0xFD
 #define IPC_CUSTOM_LOAD_CUSTOM_RPX          0xFC
 #define IPC_CUSTOM_META_XML_READ            0xFB
+#define IPC_CUSTOM_START_MCP_THREAD         0xFA
 
 #define LOAD_FILE_TARGET_SD_CARD            0
diff --git a/source/ios_kernel/source/instant_patches.c b/source/ios_kernel/source/instant_patches.c
index c512dd4..37ff8b0 100644
--- a/source/ios_kernel/source/instant_patches.c
+++ b/source/ios_kernel/source/instant_patches.c
@@ -64,9 +64,7 @@ void instant_patches_setup(void) {
     // fix 10 minute timeout that crashes MCP after 10 minutes of booting
     *(volatile u32 *) (0x05022474 - 0x05000000 + 0x081C0000) = 0xFFFFFFFF;    // NEW_TIMEOUT
 
-    // start our MCP thread directly on first title change
     kernel_memset((void *) (0x050BD000 - 0x05000000 + 0x081C0000), 0, 0x3000);
-    *(volatile u32 *) (0x05054D6C - 0x05000000 + 0x081C0000) = ARM_B(0x05054D6C, _startMainThread);
 
     // allow custom bootLogoTex and bootMovie.h264
     *(volatile u32 *) (0xE0030D68 - 0xE0000000 + 0x12900000) = 0xE3A00000;    // mov r0, #0
diff --git a/source/ios_kernel/source/ios_mcp_patches.c b/source/ios_kernel/source/ios_mcp_patches.c
index a3430c0..673322c 100644
--- a/source/ios_kernel/source/ios_mcp_patches.c
+++ b/source/ios_kernel/source/ios_mcp_patches.c
@@ -41,8 +41,6 @@ void mcp_run_patches(u32 ios_elf_start) {
     section_write_bss(ios_elf_start, _bss_start, _bss_end - _bss_start);
     section_write(ios_elf_start, _text_start, (void *) mcp_get_phys_code_base(), _text_end - _text_start);
 
-    section_write_word(ios_elf_start, 0x05056718, ARM_BL(0x05056718, _text_start));
-
     u32 patch_count = (u32) (((u8 *) mcp_patches_table_end) - ((u8 *) mcp_patches_table)) / sizeof(patch_table_t);
     patch_table_entries(ios_elf_start, mcp_patches_table, patch_count);
 
diff --git a/source/ios_mcp/link.ld b/source/ios_mcp/link.ld
index a5ddeac..a888eec 100644
--- a/source/ios_mcp/link.ld
+++ b/source/ios_mcp/link.ld
@@ -4,7 +4,6 @@ SECTIONS
 {
 	.text 0x05116000 : {
 		_text_start = .;
-		build/crt0.o(.init)
 		*(.text*)
 		*(.rodata*)
 	}
diff --git a/source/ios_mcp/source/crt0.s b/source/ios_mcp/source/crt0.s
deleted file mode 100644
index 7874223..0000000
--- a/source/ios_mcp/source/crt0.s
+++ /dev/null
@@ -1,14 +0,0 @@
-.section ".init"
-.arm
-.align 4
-
-.extern _startMainThread
-.type _startMainThread, %function
-
-mcpMainThread_hook:
-    mov r11, r0
-    push {r0-r11,lr}
-
-    bl _startMainThread
-
-    pop {r0-r11,pc}
diff --git a/source/ios_mcp/source/mcp_loadfile.c b/source/ios_mcp/source/mcp_loadfile.c
index 7127d78..8d085f6 100644
--- a/source/ios_mcp/source/mcp_loadfile.c
+++ b/source/ios_mcp/source/mcp_loadfile.c
@@ -217,6 +217,8 @@ int _MCP_ReadCOSXml_patch(uint32_t u1, uint32_t u2, MCPPPrepareTitleInfo *xmlDat
     return res;
 }
 
+extern int _startMainThread(void);
+
 /*  RPX replacement! Call this ioctl to replace the next loaded RPX with an arbitrary path.
     DO NOT RETURN 0, this affects the codepaths back in the IOSU code */
 int _MCP_ioctl100_patch(ipcmessage *msg) {
@@ -294,6 +296,10 @@ int _MCP_ioctl100_patch(ipcmessage *msg) {
                 }
                 return 1;
             }
+            case IPC_CUSTOM_START_MCP_THREAD: {
+                _startMainThread();
+                return 1;
+            }
             default: {
             }
         }
diff --git a/source/main.cpp b/source/main.cpp
index f1e8954..19992ca 100644
--- a/source/main.cpp
+++ b/source/main.cpp
@@ -28,7 +28,10 @@ int main(int argc, char **argv) {
     if (mcpFd >= 0) {
         int in = 0xFD;//IPC_CUSTOM_MEN_RPX_HOOK_COMPLETED;
         int out = 0;
+        IOS_Ioctl(mcpFd, 100, &in, sizeof(in), &out, sizeof(out));
 
+        in = 0xFA;//IPC_CUSTOM_START_MCP_THREAD;
+        out = 0;
         IOS_Ioctl(mcpFd, 100, &in, sizeof(in), &out, sizeof(out));
         IOS_Close(mcpFd);
     }