WiiFlow_Lite/source/loader/nk.c

181 lines
4.9 KiB
C
Raw Permalink Normal View History

/***************************************************************************
* Copyright (C) 2012 OverjoY for Wiiflow
*
* This software is provided 'as-is', without any express or implied
* warranty. In no event will the authors be held liable for any
* damages arising from the use of this software.
*
* Permission is granted to anyone to use this software for any
* purpose, including commercial applications, and to alter it and
* redistribute it freely, subject to the following restrictions:
*
* 1. The origin of this software must not be misrepresented; you
* must not claim that you wrote the original software. If you use
* this software in a product, an acknowledgment in the product
* documentation would be appreciated but is not required.
*
* 2. Altered source versions must be plainly marked as such, and
* must not be misrepresented as being the original software.
*
* 3. This notice may not be removed or altered from any source
* distribution.
*
* nk.c
*
***************************************************************************/
#include <stdio.h>
#include <ogcsys.h>
#include <string.h>
#include <malloc.h>
#include <ogc/machine/processor.h>
#include "nk.h"
#include "sys.h"
#include "fileOps/fileOps.h"
#include "memory/mem2.hpp"
#include "gecko/gecko.hpp"
#define MEM_REG_BASE 0xd8b4000
#define MEM_PROT (MEM_REG_BASE + 0x20a)
u32 kernelSize = 0;
void *Kernel = NULL;
bool Load_Neek2o_Kernel()
{
bool ret = true;
neek2o changes: - re made it possible to use SD emunands with sNeek2o r96. - added vwii r96 beta 9.6 support. wiiflow lite will now look for vwiikernal.bin and emunands must be in a subfolder of vwiinands on USB only. - when exiting a emunand game using neek2o if on wii it will use the back2nand channel to return you to wii system menu or if on wiiu it will return you to wiiu system channel because returning to the vwii system menu isn't possible. - when using wiiflow lite and exit to neek2o it will just launch neek2o system menu. from there you can launch wiiflow or wiiflow lite (if installed on emunand) to use cheats on a emunand game. otherwise cheats do not work when using neek2o to launch a game. banner changes: - now when moving from banner to banner the background music will not play and you will not see coverflow (for a second) when using full screen banners. - now on game selected categories menu the banner will change when you change games using '+' or '-' buttons - added custom banners for plugin games. no longer using trialer thp videos as banners for plugin games. put your custom banners in the custom banner folder plus the plugin cover folder and name them the same as the rom with extension plus .bnr just like how you do for the covers. to make a plugin game banner i suggest downloading one of abdallahterro's custom gamecube dios mios booter channels and use customizemii to change the images (and sound if you want). make sure the images match exactly the size of the one's already there. when changes are done extract the banner and rename it and put it in the proper folder as previously mentioned. other changes: - trailer videos still work even for plugin games. again for plugins rename the thp and ogg file to match the rom plus extension and .thp or .ogg. on game selected screen press '-' to start or quit a trailer video if one is available. pressing 'B' or 'Home' will quit the video and return you to the main screen. - when flipping a cover none of the buttons are available and the mini banner is not shown until you press 'B' to de flip the cover to normal front view. - fixed game info menu - in case a custom channel is selected and is not included in gametdb it will display a message 'no game info' instead of random stuff from the last game viewed. tested on wiiflow lite forwarder channel. - now stopping sounds and music early when exiting wiiflow to prevent music from stuttering when exiting. - other minor coding changes.
2017-05-15 19:50:24 +02:00
if(IsOnWiiU())
Kernel = fsop_ReadFile("usb1:/sneek/vwiikernel.bin", &kernelSize);
else
{
Kernel = fsop_ReadFile("usb1:/sneek/kernel.bin", &kernelSize);
if(Kernel == NULL)
Kernel = fsop_ReadFile("sd:/sneek/kernel.bin", &kernelSize);
}
if(Kernel == NULL)
ret = false;
return ret;
}
s32 Launch_nk(u64 TitleID, const char *nandpath, u64 ReturnTo)
{
memcpy((void*)0x91000000, Kernel, kernelSize);
DCFlushRange((void*)0x91000000, kernelSize);
free(Kernel);
memcfg *MC = (memcfg*)malloc(sizeof(memcfg));
if(MC == NULL)
return 0;
memset(MC, 0, sizeof(memcfg));
MC->magic = 0x666c6f77;
if(TitleID)
MC->titleid = TitleID;
if(ReturnTo)
{
MC->returnto = ReturnTo;
MC->config |= NCON_EXT_RETURN_TO;
}
if(nandpath != NULL)
{
strcpy(MC->nandpath, nandpath);
MC->config |= NCON_EXT_NAND_PATH;
}
memcpy((void *)0x81200000, MC, sizeof(memcfg));
DCFlushRange((void *)(0x81200000), sizeof(memcfg));
free(MC);
/** boot mini without BootMii IOS code by Crediar. **/
write32(MEM_PROT, read32(MEM_PROT) & 0x0000FFFF);
unsigned int i = 0x939F02F0;
unsigned char ES_ImportBoot2[16] =
{ 0x68, 0x4B, 0x2B, 0x06, 0xD1, 0x0C, 0x68, 0x8B, 0x2B, 0x00, 0xD1, 0x09, 0x68, 0xC8, 0x68, 0x42 };
if( memcmp( (void*)(i), ES_ImportBoot2, sizeof(ES_ImportBoot2) ) != 0 )
for( i = 0x939F0000; i < 0x939FE000; i+=4 )
if( memcmp( (void*)(i), ES_ImportBoot2, sizeof(ES_ImportBoot2) ) == 0 )
break;
if(i >= 0x939FE000)
{
gprintf("ES_ImportBoot2 not patched !! Exiting...\n");
//SYS_ResetSystem( SYS_RETURNTOMENU, 0, 0 );
return -1;
}
DCInvalidateRange( (void*)i, 0x20 );
*(vu32*)(i+0x00) = 0x48034904; // LDR R0, 0x10, LDR R1, 0x14
*(vu32*)(i+0x04) = 0x477846C0; // BX PC, NOP
*(vu32*)(i+0x08) = 0xE6000870; // SYSCALL
*(vu32*)(i+0x0C) = 0xE12FFF1E; // BLR
*(vu32*)(i+0x10) = 0x11000000; // kernel offset from 0x80000000. Kernel loaded to (void *)0x91000000
*(vu32*)(i+0x14) = 0x0000FF01; // version
DCFlushRange( (void*)i, 0x20 );
__IOS_ShutdownSubsystems();
s32 fd = IOS_Open( "/dev/es", 0 );
u8 *buffer = (u8*)memalign( 32, 0x100 );
memset( buffer, 0, 0x100 );
IOS_IoctlvAsync( fd, 0x1F, 0, 0, (ioctlv*)buffer, NULL, NULL );
return 0;
}
/*
void NKKeyCreate(u8 *tik)
{
u32 *TKeyID = (u32*)MEM1_memalign(32, sizeof(u32));
u8 *TitleID = (u8*)MEM1_memalign(32, 0x10);
u8 *EncTitleKey = (u8*)MEM1_memalign(32, 0x10);
memset(TitleID, 0, 0x10);
memset(EncTitleKey, 0, 0x10);
memcpy(TitleID, tik + 0x1DC, 8);
memcpy(EncTitleKey, tik + 0x1BF, 16);
static ioctlv v[3] ATTRIBUTE_ALIGN(32);
v[0].data = TitleID;
v[0].len = 0x10;
v[1].data = EncTitleKey;
v[1].len = 0x10;
v[2].data = TKeyID;
v[2].len = sizeof(u32);
s32 ESHandle = IOS_Open("/dev/es", 0);
IOS_Ioctlv(ESHandle, 0x50, 2, 1, (ioctlv *)v);
IOS_Close(ESHandle);
KeyID = *(u32*)(TKeyID);
MEM1_free(TKeyID);
MEM1_free(EncTitleKey);
MEM1_free(TitleID);
}
void NKAESDecryptBlock(u8 *in, u8 *out)
{
static ioctlv v[5] ATTRIBUTE_ALIGN(32);
v[0].data = &KeyID;
v[0].len = sizeof(u32);
v[1].data = in + 0x3d0;
v[1].len = 0x10;
v[2].data = in + 0x400;
v[2].len = 0x7c00;
v[3].data = 0;
v[3].len = 0;
v[4].data = out;
v[4].len = 0x7c00;
s32 ESHandle = IOS_Open("/dev/es", 0);
IOS_Ioctlv(ESHandle, 0x2D, 3, 2, (ioctlv *)v);
IOS_Close(ESHandle);
}
*/