From 6d78599c023ceda7a2affe7c3b91d7be1cca2c51 Mon Sep 17 00:00:00 2001
From: FIX94 <fix94.1@gmail.com>
Date: Fri, 30 Dec 2016 23:03:16 +0100
Subject: [PATCH] when in cbhc/haxchi cfw, patch system menu version to be
 99.99.99 to protect from potential updates

---
 dsrom/cbhc_menu/main.c                             | 2 +-
 dsrom/iosu_patcher/arm_kernel/source/elf_patcher.h | 4 ++++
 dsrom/iosu_patcher/arm_kernel/source/main.c        | 5 +++++
 dsrom/iosu_patcher/arm_kernel/source/reload.c      | 5 +++++
 installer/src/main.c                               | 4 ++--
 release/wiiu/apps/cbhc/meta.xml                    | 4 ++--
 release/wiiu/apps/haxchi/meta.xml                  | 4 ++--
 7 files changed, 21 insertions(+), 7 deletions(-)

diff --git a/dsrom/cbhc_menu/main.c b/dsrom/cbhc_menu/main.c
index d9f2aef..cc9ed11 100644
--- a/dsrom/cbhc_menu/main.c
+++ b/dsrom/cbhc_menu/main.c
@@ -25,7 +25,7 @@ static unsigned int getButtonsDown(unsigned int padscore_handle, unsigned int vp
 #define SD_HBL_PATH "/vol/external01/wiiu/apps/homebrew_launcher/homebrew_launcher.elf"
 #define SD_MOCHA_PATH "/vol/external01/wiiu/apps/mocha/mocha.elf"
 
-static const char *verChar = "CBHC v1.5 by FIX94";
+static const char *verChar = "CBHC v1.5u1 by FIX94";
 
 #define DEFAULT_DISABLED 0
 #define DEFAULT_SYSMENU 1
diff --git a/dsrom/iosu_patcher/arm_kernel/source/elf_patcher.h b/dsrom/iosu_patcher/arm_kernel/source/elf_patcher.h
index 3033ea8..d3e937c 100644
--- a/dsrom/iosu_patcher/arm_kernel/source/elf_patcher.h
+++ b/dsrom/iosu_patcher/arm_kernel/source/elf_patcher.h
@@ -44,6 +44,10 @@ static inline void section_write_word(u32 ios_elf_start, u32 address, u32 word)
     section_write(ios_elf_start, address, &word, sizeof(word));
 }
 
+static inline void section_write_ushort(u32 ios_elf_start, u32 address, u16 ushort)
+{
+    section_write(ios_elf_start, address, &ushort, sizeof(ushort));
+}
 
 static inline void patch_table_entries(u32 ios_elf_start, const patch_table_t * patch_table, u32 patch_count)
 {
diff --git a/dsrom/iosu_patcher/arm_kernel/source/main.c b/dsrom/iosu_patcher/arm_kernel/source/main.c
index 91c05aa..fd4592f 100644
--- a/dsrom/iosu_patcher/arm_kernel/source/main.c
+++ b/dsrom/iosu_patcher/arm_kernel/source/main.c
@@ -119,6 +119,11 @@ int _main()
 		*(volatile u32*)mcp_phys(0x05026BB0) = 0xE12FFF11; // bx r1
 		*(volatile u32*)mcp_phys(0x05026BB4) = wupserver_addr; // wupserver code
 
+		// patch system version number
+		*(volatile u16*)mcp_phys(0x0502F29A) = 0x2363; // movs r3, #99
+		*(volatile u16*)mcp_phys(0x0502F2AA) = 0x2363; // movs r3, #99
+		*(volatile u16*)mcp_phys(0x0502F2BA) = 0x2363; // movs r3, #99
+
 		// patch cert verification
 		*(volatile u32*)mcp_phys(0x05052A90) = 0xE3A00000; // mov r0, #0
 		*(volatile u32*)mcp_phys(0x05052A94) = 0xE12FFF1E; // bx lr
diff --git a/dsrom/iosu_patcher/arm_kernel/source/reload.c b/dsrom/iosu_patcher/arm_kernel/source/reload.c
index f4d581e..ab6419b 100644
--- a/dsrom/iosu_patcher/arm_kernel/source/reload.c
+++ b/dsrom/iosu_patcher/arm_kernel/source/reload.c
@@ -54,6 +54,11 @@ void kernel_launch_ios(u32 launch_address, u32 L, u32 C, u32 H)
 		section_write_word(ios_elf_start, 0x05052C44, 0xE3A00000); // mov r0, #0
 		section_write_word(ios_elf_start, 0x05052C48, 0xE12FFF1E); // bx lr
 
+		// patch system version number
+		section_write_ushort(ios_elf_start, 0x0502F29A, 0x2363); // movs r3, #99
+		section_write_ushort(ios_elf_start, 0x0502F2AA, 0x2363); // movs r3, #99
+		section_write_ushort(ios_elf_start, 0x0502F2BA, 0x2363); // movs r3, #99
+
 		// patch cached cert check
 		section_write_word(ios_elf_start, 0x05054D6C, 0xE3A00000); // mov r0, 0
 		section_write_word(ios_elf_start, 0x05054D70, 0xE12FFF1E); // bx lr
diff --git a/installer/src/main.c b/installer/src/main.c
index 8f1313c..4a49959 100644
--- a/installer/src/main.c
+++ b/installer/src/main.c
@@ -126,9 +126,9 @@ int availSort(const void *c1, const void *c2)
 void printhdr_noflip()
 {
 #ifdef CB
-	println_noflip(0,"CBHC v1.5 by FIX94");
+	println_noflip(0,"CBHC v1.5u1 by FIX94");
 #else
-	println_noflip(0,"Haxchi v2.5 by FIX94");
+	println_noflip(0,"Haxchi v2.5u1 by FIX94");
 #endif
 	println_noflip(1,"Credits to smea, plutoo, yellows8, naehrwert, derrek and dimok");
 }
diff --git a/release/wiiu/apps/cbhc/meta.xml b/release/wiiu/apps/cbhc/meta.xml
index da09488..eef8e47 100644
--- a/release/wiiu/apps/cbhc/meta.xml
+++ b/release/wiiu/apps/cbhc/meta.xml
@@ -2,9 +2,9 @@
 <app version="1">
   <name>CBHC</name>
   <coder>FIX94</coder>
-  <version>1.5</version>
+  <version>1.5u1</version>
   <url>https://github.com/FIX94/haxchi</url>
-  <release_date>20161229200000</release_date>
+  <release_date>20161230200000</release_date>
   <short_description>Coldboot Haxchi Installer</short_description>
   <long_description>WARNING! This will install Coldboot Haxchi on your system.
 ONLY USE THIS IF YOU ARE WILLING TO TAKE A RISK OF BRICKING YOUR CONSOLE.
diff --git a/release/wiiu/apps/haxchi/meta.xml b/release/wiiu/apps/haxchi/meta.xml
index 70cc99d..1114501 100644
--- a/release/wiiu/apps/haxchi/meta.xml
+++ b/release/wiiu/apps/haxchi/meta.xml
@@ -2,9 +2,9 @@
 <app version="1">
   <name>Haxchi</name>
   <coder>FIX94</coder>
-  <version>2.5</version>
+  <version>2.5u1</version>
   <url>https://github.com/FIX94/haxchi</url>
-  <release_date>20161229200000</release_date>
+  <release_date>20161230200000</release_date>
   <short_description>Haxchi Installer</short_description>
   <long_description>This will install Haxchi on your system.
   </long_description>