The-Homebrew-Cloud
/
diosmios
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
diosmios/Patches.c

875 lines
29 KiB
C
Raw Blame History

#include "Patches.h"
#include "CardPatches.c"
#include "DVDPatches.c"
#include "FwritePatches.c"
#include "CheatCode.c"
extern u32 DOLSize;
unsigned char OSReportDM[] =
{
0x7C, 0x08, 0x02, 0xA6, 0x90, 0x01, 0x00, 0x04, 0x90, 0xE1, 0x00, 0x08, 0x3C, 0xE0, 0xC0, 0x00,
0x90, 0x67, 0x18, 0x60, 0x90, 0x87, 0x18, 0x64, 0x90, 0xA7, 0x18, 0x68, 0x90, 0xC7, 0x18, 0x6C,
0x90, 0xE7, 0x18, 0x70, 0x91, 0x07, 0x18, 0x74, 0x80, 0x07, 0x18, 0x60, 0x7C, 0x00, 0x18, 0x00,
0x41, 0x82, 0xFF, 0xF8, 0x80, 0xE1, 0x00, 0x08, 0x80, 0x01, 0x00, 0x04, 0x7C, 0x08, 0x03, 0xA6,
0x4E, 0x80, 0x00, 0x20,
} ;
// Audio streaming replacement functions copied from Swiss r92
u32 __dvdLowAudioStatusNULL[17] = {
// execute function(1); passed in on r4
0x9421FFC0, // stwu sp, -0x0040 (sp)
0x7C0802A6, // mflr r0
0x90010000, // stw r0, 0 (sp)
0x7C8903A6, // mtctr r4
0x3C80CC00, // lis r4, 0xCC00
0x2E830000, // cmpwi cr5, r3, 0
0x4196000C, // beq- cr5, +0xC ?
0x38600001, // li r3, 1
0x48000008, // b +0x8 ?
0x38600000, // li r3, 0
0x90646020, // stw r3, 0x6020 (r4)
0x38600001, // li r3, 1
0x4E800421, // bctrl
0x80010000, // lwz r0, 0 (sp)
0x7C0803A6, // mtlr r0
0x38210040, // addi sp, sp, 64
0x4E800020 // blr
};
u32 __dvdLowAudioConfigNULL[10] = {
// execute callback(1); passed in on r5 without actually touching the drive!
0x9421FFC0, // stwu sp, -0x0040 (sp)
0x7C0802A6, // mflr r0
0x90010000, // stw r0, 0 (sp)
0x7CA903A6, // mtctr r5
0x38600001, // li r3, 1
0x4E800421, // bctrl
0x80010000, // lwz r0, 0 (sp)
0x7C0803A6, // mtlr r0
0x38210040, // addi sp, sp, 64
0x4E800020 // blr
};
u32 __dvdLowReadAudioNULL[] = {
// execute callback(1); passed in on r6 without actually touching the drive!
0x9421FFC0, // stwu sp, -0x0040 (sp)
0x7C0802A6, // mflr r0
0x90010000, // stw r0, 0 (sp)
0x7CC903A6, // mtctr r6
0x38600001, // li r3, 1
0x4E800421, // bctr;
0x80010000, // lwz r0, 0 (sp)
0x7C0803A6, // mtlr r0
0x38210040, // addi sp, sp, 64
0x4E800020
};
u32 __GXSetVAT_patch[31] = {
/*0x8122ce00,*/ 0x39400000, 0x896904f2, 0x7d284b78,
0x556007ff, 0x41820050, 0x38e00008, 0x3cc0cc01,
0x98e68000, 0x61400070, 0x61440080, 0x61430090,
0x98068000, 0x38000000, 0x80a8001c, 0x90a68000,
0x98e68000, 0x98868000, 0x8088003c, 0x90868000,
0x98e68000, 0x98668000, 0x8068005c, 0x90668000,
0x98068000, 0x556bf87f, 0x394a0001, 0x39080004,
0x4082ffa0, 0x38000000, 0x980904f2, 0x4e800020
};
FuncPattern FPatterns[] =
{
{ 0xCC, 17, 10, 5, 3, 2, DVDInquiryAsync, sizeof(DVDInquiryAsync), "DVDInquiryAsync", 0, 0 },
{ 0xC8, 16, 9, 5, 3, 3, DVDSeekAbsAsyncPrio, sizeof(DVDSeekAbsAsyncPrio), "DVDSeekAbsAsyncPrio", 0, 0 },
{ 0xD4, 13, 8, 11, 2, 7, (u8*)NULL, 0xdead0004, "AIResetStreamSampleCount", 0, 0 },
{ 0x94, 18, 10, 2, 0, 2, (u8*)__dvdLowReadAudioNULL, sizeof(__dvdLowReadAudioNULL), "DVDLowReadAudio", 0, 0 },
{ 0x88, 18, 8, 2, 0, 2, (u8*)__dvdLowAudioStatusNULL, sizeof(__dvdLowAudioStatusNULL), "DVDLowAudioStatus", 0, 0 },
{ 0x98, 19, 8, 2, 1, 3, (u8*)__dvdLowAudioConfigNULL, sizeof(__dvdLowAudioConfigNULL), "DVDLowAudioConfig", 0, 0 },
{ 0x308, 40, 18, 10, 23, 17, patch_fwrite_GC, sizeof(patch_fwrite_GC), "__fwrite A", 1, 0 },
{ 0x338, 48, 20, 10, 24, 16, patch_fwrite_GC, sizeof(patch_fwrite_GC), "__fwrite B", 1, 0 },
{ 0x2D8, 41, 17, 8, 21, 13, patch_fwrite_GC, sizeof(patch_fwrite_GC), "__fwrite C", 1, 0 },
{ 0x98, 8, 3, 0, 3, 5, (u8*)NULL, 0xdead0001, "__GXSetVAT", 0, 0 },
{ 0x3A8, 86, 13, 27, 17, 24, (u8*)NULL, 0xdead000B, "PADRead A", 2, 0 },
{ 0x2FC, 73, 8, 23, 16, 15, (u8*)NULL, 0xdead000B, "PADRead B", 2, 0 },
{ 0x3B0, 87, 13, 27, 17, 25, (u8*)NULL, 0xdead000B, "PADRead C", 2, 0 },
{ 0x334, 78, 7, 20, 17, 19, (u8*)NULL, 0xdead000B, "PADRead D", 2, 0 },
};
FuncPattern CPatterns[] =
{
{ 0x14C, 28, 12, 7, 12, 4, CARDFreeBlocks, sizeof(CARDFreeBlocks), "CARDFreeBlocks A", 1, 0 },
{ 0x11C, 24, 10, 7, 10, 4, CARDFreeBlocks, sizeof(CARDFreeBlocks), "CARDFreeBlocks B", 1, 0 },
{ 0xC0, 22, 5, 2, 5, 10, CARDGetSerialNo, sizeof(CARDGetSerialNo),"CARDGetSerialNo", 0, 0 },
{ 0x84, 12, 5, 3, 4, 2, CARDGetEncoding, sizeof(CARDGetEncoding),"CARDGetEncoding", 0, 0 },
{ 0x80, 11, 5, 3, 4, 2, CARDGetMemSize, sizeof(CARDGetMemSize), "CARDGetMemSize", 0, 0 },
{ 0x94, 11, 6, 3, 5, 4, __CARDSync, sizeof(__CARDSync), "__CARDSync", 0, 0 },
{ 0x50, 6, 3, 2, 2, 2, CARDCheck, sizeof(CARDCheck), "CARDCheck", 0, 0 },
//{ 0x24, 4, 2, 1, 0, 2, CARDCheckAsync, sizeof(CARDCheckAsync), "CARDCheckAsync", 0, 0 },
{ 0x58C, 82, 11, 18, 41, 57, CARDCheckEX, sizeof(CARDCheckEX), "CARDCheckExAsync", 0, 0 },
{ 0x34, 4, 2, 1, 2, 2, CARDProbe, sizeof(CARDProbe), "CARDProbe", 2, 0 },
//{ 0x1C, 2, 2, 1, 0, 2, CARDProbe, sizeof(CARDProbe), "CARDProbe B", 2, 0 }, //This is causing more trouble than a hack...
{ 0x178, 20, 6, 6, 20, 4, CARDProbeEX, sizeof(CARDProbeEX), "CARDProbeEx A", 3, 0 },
{ 0x198, 22, 6, 5, 19, 4, CARDProbeEX, sizeof(CARDProbeEX), "CARDProbeEx B", 3, 0 },
{ 0x160, 17, 6, 5, 18, 4, CARDProbeEX, sizeof(CARDProbeEX), "CARDProbeEx C", 3, 0 },
{ 0x19C, 32, 14, 11, 12, 3, CARDMountAsync, sizeof(CARDMountAsync), "CARDMountAsync A", 4, 0 },
{ 0x184, 30, 14, 11, 10, 3, CARDMountAsync, sizeof(CARDMountAsync), "CARDMountAsync B", 4, 0 },
{ 0xA8, 15, 8, 6, 3, 2, CARDCheck, sizeof(CARDCheck), "CARDUnMount", 0, 0 },
{ 0x174, 23, 6, 7, 14, 5, CARDOpen, sizeof(CARDOpen), "CARDOpen A", 5, 0 },
{ 0x118, 14, 6, 6, 11, 4, CARDOpen, sizeof(CARDOpen), "CARDOpen B", 5, 0 },
{ 0x170, 23, 6, 7, 14, 5, CARDOpen, sizeof(CARDOpen), "CARDOpen C", 5, 0 },
{ 0x15C, 27, 6, 5, 15, 6, CARDFastOpen, sizeof(CARDFastOpen), "CARDFastOpen A", 11, 0 },
{ 0x100, 20, 10, 4, 10, 4, CARDFastOpen, sizeof(CARDFastOpen), "CARDFastOpen B", 11, 0 },
{ 0x50, 8, 4, 2, 2, 3, CARDClose, sizeof(CARDClose), "CARDClose", 0, 0 },
{ 0x21C, 44, 6, 13, 19, 12, CARDCreate, sizeof(CARDCreate), "CARDCreateAsync A", 6, 0 },
{ 0x214, 42, 6, 13, 19, 12, CARDCreate, sizeof(CARDCreate), "CARDCreateAsync B", 6, 0 },
{ 0x10C, 25, 6, 9, 9, 5, CARDDelete, sizeof(CARDDelete), "CARDDeleteAsync A", 12, 0 },
{ 0x10C, 25, 6, 9, 9, 5, CARDDelete, sizeof(CARDDelete), "CARDDeleteAsync C", 12, 0 },
{ 0x128, 24, 7, 9, 12, 5, CARDFastDelete, sizeof(CARDFastDelete), "CARDFastDelete", 0, 0 },
{ 0x144, 27, 3, 8, 10, 9, CARDRead, sizeof(CARDRead), "CARDReadAsync A", 7, 0 },
{ 0x140, 30, 7, 7, 10, 10, CARDRead, sizeof(CARDRead), "CARDReadAsync B", 7, 0 },
{ 0x140, 27, 3, 8, 10, 9, CARDRead, sizeof(CARDRead), "CARDReadAsync C", 7, 0 },
{ 0x110, 24, 4, 8, 9, 6, CARDWrite, sizeof(CARDWrite), "CARDWriteAsync A", 8, 0 },
{ 0x10C, 23, 4, 8, 9, 6, CARDWrite, sizeof(CARDWrite), "CARDWriteAsync B", 8, 0 },
{ 0x1F8, 37, 3, 17, 18, 9, CARDRename, sizeof(CARDRename), "CARDRenameAsync", 0, 0 },
{ 0x128, 25, 9, 9, 6, 5, CARDGetStats, sizeof(CARDGetStats), "CARDGetStatus A", 9, 0 },
{ 0x110, 25, 9, 8, 6, 5, CARDGetStats, sizeof(CARDGetStats), "CARDGetStatus B", 9, 0 },
{ 0x124, 25, 9, 9, 6, 5, CARDGetStats, sizeof(CARDGetStats), "CARDGetStatus C", 9, 0 },
{ 0x170, 29, 9, 9, 12, 5, CARDSetStats, sizeof(CARDSetStats), "CARDSetStatusAsync A", 10, 0 },
{ 0x16C, 29, 9, 9, 12, 5, CARDSetStats, sizeof(CARDSetStats), "CARDSetStatusAsync B", 10, 0 },
};
u32 CardLowestOff = 0;
void PatchB( u32 dst, u32 src )
{
u32 newval = (dst - src);
newval&= 0x03FFFFFC;
newval|= 0x48000000;
write32( src, newval );
}
void PatchBL( u32 dst, u32 src )
{
u32 newval = (dst - src);
newval&= 0x03FFFFFC;
newval|= 0x48000001;
write32( src, newval );
}
void MPattern( u8 *Data, u32 Length, FuncPattern *FunctionPattern )
{
u32 i;
memset( FunctionPattern, 0, sizeof(FuncPattern) );
for( i = 0; i < Length; i+=4 )
{
u32 word = read32( (u32)Data + i );
if( (word & 0xFC000003) == 0x48000001 )
FunctionPattern->FCalls++;
if( (word & 0xFC000003) == 0x48000000 )
FunctionPattern->Branch++;
if( (word & 0xFFFF0000) == 0x40800000 )
FunctionPattern->Branch++;
if( (word & 0xFFFF0000) == 0x41800000 )
FunctionPattern->Branch++;
if( (word & 0xFFFF0000) == 0x40810000 )
FunctionPattern->Branch++;
if( (word & 0xFFFF0000) == 0x41820000 )
FunctionPattern->Branch++;
if( (word & 0xFC000000) == 0x80000000 )
FunctionPattern->Loads++;
if( (word & 0xFF000000) == 0x38000000 )
FunctionPattern->Loads++;
if( (word & 0xFF000000) == 0x3C000000 )
FunctionPattern->Loads++;
if( (word & 0xFC000000) == 0x90000000 )
FunctionPattern->Stores++;
if( (word & 0xFC000000) == 0x94000000 )
FunctionPattern->Stores++;
if( (word & 0xFF000000) == 0x7C000000 )
FunctionPattern->Moves++;
if( word == 0x4E800020 )
break;
}
FunctionPattern->Length = i;
}
bool CPattern( FuncPattern *FPatA, FuncPattern *FPatB )
{
if( memcmp( FPatA, FPatB, sizeof(u32) * 6 ) == 0 )
return true;
else
return false;
}
void DoCardPatches( char *ptr, u32 size, u32 SectionOffset )
{
u32 i,j,k,offset,fail,FoundCardFuncStart=0;
dbgprintf("DoCardPatches( 0x%p, %d, 0x%X)\n", ptr, size, SectionOffset );
for( i=0; i < size; i+=4 )
{
if( read32( (u32)ptr + i) == 0x7C630214 && read32( (u32)ptr + i + 4) == 0x806300B8 )
{
dbgprintf("Found [CARDGetXferredBytes] @ 0x%08X\n", (u32)ptr + i - 12 );
memcpy( ptr + i - 12, CARDGetXferredBytes, sizeof(CARDGetXferredBytes) );
}
if( read32( (u32)ptr + i ) != 0x7C0802A6 ) // MFLR
continue;
FuncPattern fp;
MPattern( (u8*)(ptr+i), size, &fp );
for( j=0; j < sizeof(CPatterns)/sizeof(FuncPattern); ++j )
{
if( CPatterns[j].PatchLength == 0 )
continue;
if( CPatterns[j].Found ) // Skip already found patches
continue;
if( CPattern( &fp, &(CPatterns[j]) ) )
{
if( CPatterns[j].Patch == CARDFreeBlocks )
{
if( CardLowestOff == 0 )
{
dbgprintf("CardLowestOff:0x%08X\n", i );
CardLowestOff = i;
}
//Check for CARDGetResultCode which is always (when used) above CARDFreeBlocks
if( read32( (u32)ptr + i - 0x30 ) == 0x2C030000 )
{
dbgprintf("Found [CARDGetResultCode] @ 0x%08X\n", (u32)ptr + i - 0x30 + SectionOffset );
memcpy( ptr + i - 0x30, CARDGetResultCode, sizeof(CARDGetResultCode) );
}
FoundCardFuncStart = 1;
}
if( FoundCardFuncStart == 0 )
continue;
dbgprintf("Found [%s] @ 0x%08X\n", CPatterns[j].Name, (u32)ptr + i + SectionOffset );
CPatterns[j].Found = (u32)ptr + i;
// If this is a patch group set all others of this group as found aswell
if( CPatterns[j].Group )
{
for( k=0; k < sizeof(CPatterns)/sizeof(FuncPattern); ++k )
{
if( CPatterns[k].Group == CPatterns[j].Group )
{
if( !CPatterns[k].Found ) //Don't overwrite the offset!
CPatterns[k].Found = -1; // Usually this holds the offset, to determinate it from a REALLY found pattern we set it -1 which still counts a logical TRUE
//dbgprintf("Setting [%s] to found!\n", CPatterns[k].Name );
}
}
}
//If by now no CARDProbe is found it won't be so set it to found to prevent CARDProbe B false hits
if( CPatterns[j].Patch == CARDRead )
{
for( k=0; k < sizeof(CPatterns)/sizeof(FuncPattern); ++k )
{
if( CPatterns[k].Patch == CARDProbe )
{
if( !CPatterns[k].Found ) //Don't overwrite the offset!
CPatterns[k].Found = -1;
}
}
}
if( strstr( CPatterns[j].Name, "Async" ) != NULL )
{
//dbgprintf("Async!\n");
//Most games only use the normal functions so we patch a branch over to async and clear the CB
//Find function call to our function
offset = (u32)ptr + i;
fail = 0;
while(fail < 3)
{
//dbgprintf("[%08X] %08X %08X(%08X)\n", offset, read32( offset ) & 0xFC000003,read32( offset ) & 0x03FFFFFC ,(read32( offset ) & 0x03FFFFFC ) + offset);
if( (read32( offset ) & 0xFC000003 ) == 0x48000001 )
{
if( (((read32( offset ) & 0x03FFFFFC ) + offset) & 0x03FFFFFC) == (u32)ptr+i )
break;
}
if( read32( offset ) == 0x4E800020 )
fail++;
offset+=4;
}
if( fail < 3 )
{
dbgprintf("Found function call to [%s] @ 0x%08X\n", CPatterns[j].Name, offset + SectionOffset );
//Now find function start
offset -= 4;
while(1)
{
if( read32( offset ) == 0x7C0802A6 )
break;
offset-=4;
}
dbgprintf("Found function start of [%s(Sync)] @ 0x%08X\n", CPatterns[j].Name, offset + SectionOffset );
//This patches a li rX, 0 before the Async function call for the Sync call
//Since this register of the cb is different per function we do this haxx
if( (read32( offset + 0x04 ) & 0x0000F000 ) == 0x00008000 ) // lis
{
write32( offset, read32( offset + 0x0C ) & 0xFBE00000 );
//Forge a branch to the async function
offset += 4;
u32 newval = ((u32)ptr + i) - offset;
newval&= 0x03FFFFFC;
newval|= 0x48000000;
write32( offset, newval );
} else {
dbgprintf("Unhandled Async cb case!\n");
}
} else {
dbgprintf("No sync function found!\n");
}
memcpy( ptr + i, CPatterns[j].Patch, CPatterns[j].PatchLength );
} else {
memcpy( ptr + i, CPatterns[j].Patch, CPatterns[j].PatchLength );
}
}
}
}
for( j=0; j < sizeof(CPatterns)/sizeof(FuncPattern); ++j )
{
if( CPatterns[j].Found == 0 )
dbgprintf("Pattern %s not found!\n", CPatterns[j].Name );
}
return;
}
void DoPatches( char *ptr, u32 size, u32 SectionOffset )
{
u32 i=0,j=0,k=0,value;
u32 PatchCount = 0;
dbgprintf("DoPatches( 0x%p, %d, 0x%X)\n", ptr, size, SectionOffset );
// HACK: PokemonXD and Pokemon Colosseum low memory clear patch
if(( (read32(0)>>8) == 0x475858 ) || ( (read32(0)>>8) == 0x474336 ))
{
// patch out initial memset(0x1800, 0, 0x1800)
if( (read32(0) & 0xFF) == 0x4A ) // JAP
write32( 0x560C, 0x60000000 );
else // EUR/USA
write32( 0x5614, 0x60000000 );
// patch memset to jump to test function
write32(0x00005498, 0x4BFFABF0);
// patch in test < 0x3000 function
write32(0x00000088, 0x3D008000);
write32(0x0000008C, 0x61083000);
write32(0x00000090, 0x7C044000);
write32(0x00000094, 0x4180542C);
write32(0x00000098, 0x90E40004);
write32(0x0000009C, 0x48005400);
// skips __start init of debugger mem
write32(0x00003194, 0x48000028);
}
// Reset Found
for( k=0; k < sizeof(FPatterns)/sizeof(FuncPattern); ++k )
FPatterns[k].Found = 0;
if( ConfigGetConfig(DML_CFG_NMM) )
DoCardPatches( ptr, size, SectionOffset );
//Note: ORing the values prevents an early break out when a single patterns has multiple hits
PatchCount=0;
for( i=0; i < size; i+=4 )
{
if( (PatchCount & 1) == 0 )
{
if( read32( (u32)ptr + i ) == 0x3C00A800 ) // Loader
{
int j=0;
while( read32( (u32)ptr + i - j ) != 0x7C0802A6 ) // Seek to start of function
j+=4;
//Check if there is a lis %rX, 0xCC00 in this function
//At least Sunshine has one false hit on lis r3,0xA800
int k=0;
while( 1 )
{
if( read32( (u32)ptr + i + k - j ) == 0x4E800020 )
break;
if( (read32( (u32)ptr + i + k - j ) & 0xF81FFFFF) == 0x3800CC00 )
break;
k += 4;
}
if( read32( (u32)ptr + i + k - j ) == 0x4E800020 )
{
//dbgprintf("Patch:No 0xCC00 found around:%08X\n", (u32)ptr+i);
continue;
}
k = 0;
while(1)
{
u32 val = read32( (u32)ptr + i + k );
if( (val & 0xFFFF ) == 0xCC00 )
{
write32( (u32)ptr + i + k, (val&0xFFFF0000) | 0xC000 );
//dbgprintf("Patch:lis 0x%08X\n", (u32)ptr + i + k + SectionOffset );
continue;
}
if( (val & 0xFC00FF00) == 0x90006000 )
{
write32( (u32)ptr + i + k, (val&0xFFFF00FF) | 0x2F00 );
//dbgprintf("Patch:stw 0x%08X\n", (u32)ptr + i + k + SectionOffset );
continue;
}
if( read32( (u32)ptr + i + k ) == 0x4E800020 )
break;
k+=4;
}
write32( (u32)ptr + i, 0x3C00A700 );
dbgprintf("Patch:Found [DVDLowRead]: 0x%08X\n", (u32)ptr + i + SectionOffset );
PatchCount |= 1;
} else if( read32( (u32)ptr + i ) == 0x3C60A800 ) // Games
{
int j=0;
while( read32( (u32)ptr + i - j ) != 0x7C0802A6 ) // Seek to start of function
j+=4;
//Check if there is a lis %rX, 0xCC00 in this function
//At least Sunshine has one false hit on lis r3,0xA800
int k=0;
while( 1 )
{
if( read32( (u32)ptr + i + k - j ) == 0x4E800020 )
break;
if( (read32( (u32)ptr + i + k - j ) & 0xF81FFFFF) == 0x3800CC00 )
{
write32( (u32)ptr + i + k - j, (read32((u32)ptr + i + k - j) & 0xFFFF0000) | 0xC000 );
break;
}
k += 4;
}
if( read32( (u32)ptr + i + k - j ) == 0x4E800020 )
{
//dbgprintf("Patch:No 0xCC00 found around:%08X\n", (u32)ptr+i);
continue;
}
//Search addi 0x6000
while( 1 )
{
if( read32( (u32)ptr + i + k - j ) == 0x4E800020 )
break;
if( (read32( (u32)ptr + i + k - j ) & 0xFFFF) == 0x6000 )
{
write32( (u32)ptr + i + k - j, (read32((u32)ptr + i + k - j) & 0xFFFF0000) | 0x2F00 );
break;
}
k += 4;
}
if( read32( (u32)ptr + i + k - j ) == 0x4E800020 )
{
//dbgprintf("Patch:No 0xCC00 found around:%08X\n", (u32)ptr+i);
continue;
}
write32( (u32)ptr + i, 0x3C60A700 );
dbgprintf("Patch:Found [DVDLowRead]: 0x%08X\n", (u32)ptr + i + SectionOffset );
PatchCount |= 1;
}
}
if( (PatchCount & 2) == 0 )
if( (read32( (u32)ptr + i )&0xFC00FFFF) == 0x5400077A &&
(read32( (u32)ptr + i + 4 )&0xFC00FFFF) == 0x28000000 &&
read32( (u32)ptr + i + 8 ) == 0x41820008 &&
(read32( (u32)ptr + i +12 )&0xFC00FFFF) == 0x64002000
)
{
dbgprintf("Patch:Found [__OSDispatchInterrupt]: 0x%08X 0x%08X\n", (u32)ptr + i + 0 + SectionOffset, (u32)ptr + i + 0x1A8 + SectionOffset );
write32( (u32)ptr + i + 0, (read32( (u32)ptr + i + 0 ) & 0xFFFF0000) | 0x0463 );
write32( (u32)ptr + i + 0x1A8, (read32( (u32)ptr + i + 0x1A8 ) & 0xFFFF0000) | 0x0463 );
PatchCount |= 2;
}
if( (PatchCount & 4) == 0 )
if( read32( (u32)ptr + i ) == 0x5480056A &&
read32( (u32)ptr + i + 4 ) == 0x28000000 &&
read32( (u32)ptr + i + 8 ) == 0x40820008 &&
(read32( (u32)ptr + i +12 )&0xFC00FFFF) == 0x60000004
)
{
dbgprintf("Patch:Found [SetInterruptMask]: 0x%08X\n", (u32)ptr + i + 12 + SectionOffset );
write32( (u32)ptr + i + 12, (read32( (u32)ptr + i + 12 ) & 0xFFFF0000) | 0x4000 );
PatchCount |= 4;
}
if( (PatchCount & 8) == 0 )
if( (read32( (u32)ptr + i + 0 ) & 0xFFFF) == 0x6000 &&
(read32( (u32)ptr + i + 4 ) & 0xFFFF) == 0x002A &&
(read32( (u32)ptr + i + 8 ) & 0xFFFF) == 0x0054
)
{
u32 Offset = (u32)ptr + i - 8;
dbgprintf("Patch:Found [__DVDIntrruptHandler]: 0x%08X\n", Offset + SectionOffset );
if( (read32(Offset+4) & 0xFFFF) == 0xCC00 ) // Loader
{
value = *(vu32*)(Offset+4);
value&= 0xFFFF0000;
value|= 0x0000C000;
*(vu32*)(Offset+4) = value;
} else {
value = *(vu32*)Offset;
value&= 0xFFFF0000;
value|= 0x0000C000;
*(vu32*)Offset = value;
}
Offset += 8;
value = *(vu32*)Offset;
value&= 0xFFFF0000;
value|= 0x00002F30;
*(vu32*)Offset = value;
Offset += 20;
dbgprintf("Patch:[__DVDInterruptHandler] 0x%08X\n", Offset + SectionOffset );
*(vu32*)Offset = 0x3D00CD00; Offset += 4;
*(vu32*)Offset = 0x38000034; Offset += 4;
*(vu32*)Offset = 0x90080004; Offset +=16;
dbgprintf("Patch:[__DVDInterruptHandler] 0x%08X\n", Offset + SectionOffset );
*(vu32*)Offset = 0x3D00CD00; Offset += 4;
*(vu32*)Offset = 0x3C004000; Offset += 4;
*(vu32*)Offset = 0x90080030; Offset +=32;
if( (read32(Offset-8) & 0xFFFF) == 0xCC00 ) // Loader
{
Offset -= 8;
}
dbgprintf("Patch:[__DVDInterruptHandler] 0x%08X\n", Offset + SectionOffset );
value = *(vu32*)Offset;
value&= 0xFFFF0000;
value|= 0x0000C000;
*(vu32*)Offset = value;
Offset += 4;
value = *(vu32*)Offset;
value&= 0xFFFF0000;
value|= 0x00002F08;
*(vu32*)Offset = value;
PatchCount |= 8;
}
if( (PatchCount & 32) == 0 )
{
if( (read32( (u32)ptr + i + 0 ) & 0xFFFF) == 0xCC00 && // Game
(read32( (u32)ptr + i + 4 ) & 0xFFFF) == 0x6000 &&
(read32( (u32)ptr + i +12 ) & 0xFFFF) == 0x001C
)
{
u32 Offset = (u32)ptr + i;
dbgprintf("Patch:[cbForStateBusy] 0x%08X\n", Offset + SectionOffset );
write32( Offset, 0x3C80C000 );
write32( Offset+4, 0x38842F30 );
PatchCount |= 32;
} else if( (read32( (u32)ptr + i + 0 ) & 0xFFFF) == 0xCC00 && // Loader
(read32( (u32)ptr + i + 4 ) & 0xFFFF) == 0x6018 &&
(read32( (u32)ptr + i +12 ) & 0xFFFF) == 0x001C
)
{
u32 Offset = (u32)ptr + i;
dbgprintf("Patch:[cbForStateBusy] 0x%08X\n", Offset + SectionOffset );
write32( Offset, 0x3C60C000 );
write32( Offset+4, 0x80832F48 );
PatchCount |= 32;
}
}
if( ConfigGetConfig(DML_CFG_CHEATS) || ConfigGetConfig( DML_CFG_DEBUGGER ) )
{
// OSSleepThread(Pattern 1)
if( (PatchCount & 16) == 0 )
if( read32((u32)ptr + i + 0 ) == 0x3C808000 &&
( read32((u32)ptr + i + 4 ) == 0x38000004 || read32((u32)ptr + i + 4 ) == 0x808400E4 ) &&
( read32((u32)ptr + i + 8 ) == 0x38000004 || read32((u32)ptr + i + 8 ) == 0x808400E4 )
)
{
int j = 12;
while( read32((u32)ptr + i + j ) != 0x4E800020 )
j+=4;
dbgprintf("Patch:[Hook:OSSleepThread] at 0x%08X\n", ((u32)ptr + i + j) | 0x80000000 );
u32 DBGSize;
//if( ConfigGetConfig( DML_CFG_DEBUGGER ) )
//{
memcpy( (void*)0x1800, kenobigcDBG, sizeof(kenobigcDBG) );
DBGSize = sizeof(kenobigcDBG);
//} else {
// memcpy( (void*)0x1800, kenobigc, sizeof(kenobigc) );
// DBGSize = sizeof(kenobigc);
//}
if( ConfigGetConfig(DML_CFG_DEBUGWAIT) )
write32( P2C(read32(0x1808)), 1 );
else
write32( P2C(read32(0x1808)), 0 );
u32 newval = 0x18A8 - ((u32)ptr + i + j);
newval&= 0x03FFFFFC;
newval|= 0x48000000;
write32( (u32)ptr + i + j, newval );
memcpy( (void*)0x1800, (void*)0, 6 );
char *path = (char*)malloc( 128 );
if( ConfigGetConfig(DML_CFG_CHEAT_PATH) )
{
sprintf( path, "%s", ConfigGetCheatPath() );
} else {
sprintf( path, "/games/%.6s/%.6s.gct", (char*)0x1800, (char*)0x1800 );
}
FIL CodeFD;
u32 read;
if( f_open( &CodeFD, path, FA_OPEN_EXISTING|FA_READ ) == FR_OK )
{
if( CodeFD.fsize >= 0x2E80 - (0x1800+DBGSize-8) )
{
dbgprintf("Patch:Cheatfile is too large, it must not be large than %d bytes!\n",
0x2E80 - (0x1800+DBGSize-8));
} else {
if( f_read( &CodeFD, (void*)(0x1800+DBGSize-8), CodeFD.fsize, &read ) == FR_OK )
{
dbgprintf("Patch:Copied cheat file to memory\n");
write32( 0x1804, 1 );
} else
dbgprintf("Patch:Failed to read cheat file:\"%s\"\n", path );
}
f_close( &CodeFD );
} else {
dbgprintf("Patch:Failed to open/find cheat file:\"%s\"\n", path );
}
free(path);
PatchCount |= 16;
}
}
if( ConfigGetConfig(DML_CFG_CHEATS) )
{
if( PatchCount == 63 )
break;
} else {
if( PatchCount == 47 )
break;
}
}
for( i=0; i < size; i+=4 )
{
if( read32( (u32)ptr + i ) != 0x4E800020 )
continue;
i+=4;
FuncPattern fp;
MPattern( (u8*)(ptr+i), size, &fp );
for( j=0; j < sizeof(FPatterns)/sizeof(FuncPattern); ++j )
{
if( FPatterns[j].Found ) //Skip already found patches
continue;
if( CPattern( &fp, &(FPatterns[j]) ) )
{
u32 FOffset = (u32)ptr + i;
dbgprintf("Patch:Found [%s]: 0x%08X\n", FPatterns[j].Name, FOffset + SectionOffset );
switch( FPatterns[j].PatchLength )
{
case 0xdead0004: // Audiostreaming hack
{
switch( read32(0) >> 8 )
{
case 0x474544: // Eternal Darkness
break;
default:
{
write32( FOffset + 0xB4, 0x60000000 );
write32( FOffset + 0xC0, 0x60000000 );
} break;
}
} break;
case 0xdead0001: // Patch for __GXSetVAT, fixes the dungeon map freeze in Wind Waker
{
switch( read32(0) >> 8 )
{
case 0x505A4C: // The Legend of Zelda: Collector's Edition
if( !(DOLSize == 3847012 || DOLSize == 3803812) ) // only patch the main.dol of the Zelda:ww game
break;
case 0x475A4C: // The Legend of Zelda: The Wind Waker
{
write32(FOffset, (read32(FOffset) & 0xff00ffff) | 0x220000);
memcpy((void *)(FOffset + 4), __GXSetVAT_patch, sizeof(__GXSetVAT_patch));
dbgprintf("Patch:Applied __GXSetVAT patch\n");
} break;
default:
break;
}
} break;
case 0xdead000B: // PADRead hook
{
//Find blr
j=0;
while(1)
{
if( read32( FOffset + j ) == 0x4E800020 )
break;
j+=4;
}
dbgprintf("Patch:[PADRead hook] %08X\n", FOffset + j );
memcpy( (void*)0x2EE0, padipc, sizeof(padipc) );
PatchB( 0x2EE0, FOffset + j );
write32( 0x12FC, 0 );
} break;
default:
{
if( ConfigGetConfig( DML_CFG_CHEATS ) )
{
if( FPatterns[j].Patch == patch_fwrite_GC )
break;
}
if( (FPatterns[j].Length >> 16) == 0xdead )
{
dbgprintf("DIP:Unhandled dead case:%08X\n", FPatterns[j].Length );
} else
{
memcpy( (void*)(FOffset), FPatterns[j].Patch, FPatterns[j].PatchLength );
if ((FPatterns[j].Patch == (u8 *)__dvdLowAudioStatusNULL) && ((read32(0) >> 8) == 0x47494B))
{
// Ikaruga resets to the main menu, if the returned status is 0(finished playing the stream), but it works if 1(still playing) is returned
write32(FOffset + 36, 0x38600001);
dbgprintf("Patch:LowAudioStatus patched for Ikaruga\n");
}
}
} break;
}
// If this is a patch group set all others of this group as found aswell
if( FPatterns[j].Group )
{
for( k=0; k < sizeof(FPatterns)/sizeof(FuncPattern); ++k )
{
if( FPatterns[k].Group == FPatterns[j].Group )
{
if( !FPatterns[k].Found ) // Don't overwrite the offset!
FPatterns[k].Found = -1; // Usually this holds the offset, to determinate it from a REALLY found pattern we set it -1 which still counts a logical TRUE
//dbgprintf("Setting [%s] to found!\n", FPatterns[k].Name );
}
}
}
}
}
}
}
Reference in New Issue View Git Blame Copy Permalink