From df41c5974ac81740de222618d4f4274270897fdc Mon Sep 17 00:00:00 2001 From: FIX94 Date: Thu, 29 Dec 2016 00:20:00 +0100 Subject: [PATCH] when in cbhc/haxchi cfw it will now protect against installing over the used ds vc title --- dsrom/cbhc_menu/main.c | 2 +- dsrom/iosu_patcher/Makefile | 9 +- .../iosu_patcher/arm_kernel/source/getbins.c | 11 ++ .../iosu_patcher/arm_kernel/source/getbins.h | 9 +- dsrom/iosu_patcher/arm_kernel/source/main.c | 104 ++++++++++-------- dsrom/iosu_patcher/arm_kernel/source/reload.c | 21 +++- dsrom/iosu_patcher/arm_kernel/source/utils.h | 8 ++ dsrom/iosu_patcher/titleprot/ccd00.ld | 2 +- dsrom/iosu_patcher/titleprot2/Makefile | 76 +++++++++++++ dsrom/iosu_patcher/titleprot2/ccd00.ld | 16 +++ dsrom/iosu_patcher/titleprot2/ccd00.specs | 4 + dsrom/iosu_patcher/titleprot2/source/crt0.s | 24 ++++ installer/src/main.c | 4 +- release/wiiu/apps/cbhc/meta.xml | 4 +- release/wiiu/apps/haxchi/meta.xml | 4 +- 15 files changed, 234 insertions(+), 64 deletions(-) create mode 100644 dsrom/iosu_patcher/titleprot2/Makefile create mode 100644 dsrom/iosu_patcher/titleprot2/ccd00.ld create mode 100644 dsrom/iosu_patcher/titleprot2/ccd00.specs create mode 100644 dsrom/iosu_patcher/titleprot2/source/crt0.s diff --git a/dsrom/cbhc_menu/main.c b/dsrom/cbhc_menu/main.c index e0f9e44..d9f2aef 100644 --- a/dsrom/cbhc_menu/main.c +++ b/dsrom/cbhc_menu/main.c @@ -25,7 +25,7 @@ static unsigned int getButtonsDown(unsigned int padscore_handle, unsigned int vp #define SD_HBL_PATH "/vol/external01/wiiu/apps/homebrew_launcher/homebrew_launcher.elf" #define SD_MOCHA_PATH "/vol/external01/wiiu/apps/mocha/mocha.elf" -static const char *verChar = "CBHC v1.4u2 by FIX94"; +static const char *verChar = "CBHC v1.5 by FIX94"; #define DEFAULT_DISABLED 0 #define DEFAULT_SYSMENU 1 diff --git a/dsrom/iosu_patcher/Makefile b/dsrom/iosu_patcher/Makefile index 4e6abe3..48c1b8c 100644 --- a/dsrom/iosu_patcher/Makefile +++ b/dsrom/iosu_patcher/Makefile @@ -16,11 +16,17 @@ FIRMWARE = 550 all: clean setup main -$(CURDIR)/payload/arm_kernel_bin.h: $(CURDIR)/payload/titleprot_bin.h $(CURDIR)/payload/wupserver_bin.h $(CURDIR)/payload/arm_user_bin.h +$(CURDIR)/payload/arm_kernel_bin.h: $(CURDIR)/payload/titleprot2_bin.h $(CURDIR)/payload/titleprot_bin.h \ + $(CURDIR)/payload/wupserver_bin.h $(CURDIR)/payload/arm_user_bin.h @$(MAKE) --no-print-directory -C $(CURDIR)/arm_kernel -f $(CURDIR)/arm_kernel/Makefile @-mkdir -p $(CURDIR)/payload @cp -p $(CURDIR)/arm_kernel/arm_kernel_bin.h $@ +$(CURDIR)/payload/titleprot2_bin.h: + @$(MAKE) --no-print-directory -C $(CURDIR)/titleprot2 -f $(CURDIR)/titleprot2/Makefile + @-mkdir -p $(CURDIR)/payload + @cp -p $(CURDIR)/titleprot2/titleprot2_bin.h $@ + $(CURDIR)/payload/titleprot_bin.h: @$(MAKE) --no-print-directory -C $(CURDIR)/titleprot -f $(CURDIR)/titleprot/Makefile @-mkdir -p $(CURDIR)/payload @@ -52,5 +58,6 @@ clean: rm -rf iosu_patcher.elf iosu_patcher.map $(MAKE) --no-print-directory -C $(CURDIR)/arm_user -f $(CURDIR)/arm_user/Makefile clean $(MAKE) --no-print-directory -C $(CURDIR)/titleprot -f $(CURDIR)/titleprot/Makefile clean + $(MAKE) --no-print-directory -C $(CURDIR)/titleprot2 -f $(CURDIR)/titleprot2/Makefile clean $(MAKE) --no-print-directory -C $(CURDIR)/../../wupserver -f $(CURDIR)/../../wupserver/Makefile clean $(MAKE) --no-print-directory -C $(CURDIR)/arm_kernel -f $(CURDIR)/arm_kernel/Makefile clean diff --git a/dsrom/iosu_patcher/arm_kernel/source/getbins.c b/dsrom/iosu_patcher/arm_kernel/source/getbins.c index 4507f38..aa7e130 100644 --- a/dsrom/iosu_patcher/arm_kernel/source/getbins.c +++ b/dsrom/iosu_patcher/arm_kernel/source/getbins.c @@ -1,4 +1,5 @@ #include "../../payload/titleprot_bin.h" +#include "../../payload/titleprot2_bin.h" #include "../../payload/wupserver_bin.h" //not really a bin but still a const val @@ -14,6 +15,16 @@ unsigned int get_titleprot_bin_len() return titleprot_bin_len; } +const unsigned char *get_titleprot2_bin() +{ + return titleprot2_bin; +} + +unsigned int get_titleprot2_bin_len() +{ + return titleprot2_bin_len; +} + const unsigned char *get_wupserver_bin() { return wupserver_bin; diff --git a/dsrom/iosu_patcher/arm_kernel/source/getbins.h b/dsrom/iosu_patcher/arm_kernel/source/getbins.h index 5587642..a8d512d 100644 --- a/dsrom/iosu_patcher/arm_kernel/source/getbins.h +++ b/dsrom/iosu_patcher/arm_kernel/source/getbins.h @@ -2,15 +2,16 @@ #ifndef _GETBINS_H_ #define _GETBINS_H_ -#define titleprot_addr 0x0510D984 +#define titleprot_addr 0x0510D988 +#define titleprot2_addr 0x0510D9AC #define wupserver_addr 0x0510E570 -#define titleprot_phys (titleprot_addr - 0x05100000 + 0x13D80000) -#define wupserver_phys (wupserver_addr - 0x05100000 + 0x13D80000) - const unsigned char *get_titleprot_bin(); unsigned int get_titleprot_bin_len(); +const unsigned char *get_titleprot2_bin(); +unsigned int get_titleprot2_bin_len(); + const unsigned char *get_wupserver_bin(); unsigned int get_wupserver_bin_len(); diff --git a/dsrom/iosu_patcher/arm_kernel/source/main.c b/dsrom/iosu_patcher/arm_kernel/source/main.c index a172295..91c05aa 100644 --- a/dsrom/iosu_patcher/arm_kernel/source/main.c +++ b/dsrom/iosu_patcher/arm_kernel/source/main.c @@ -61,7 +61,8 @@ int _main() unsigned int control_register = disable_mmu(); - /* copy in ds vc title id to protect from moving/deleting */ + /* copy in ds vc title id to protect from installing/moving/deleting */ + kernel_memcpy((void*)(get_titleprot2_bin()+get_titleprot2_bin_len()-12), (void*)0x01E70108, 4); kernel_memcpy((void*)(get_titleprot_bin()+get_titleprot_bin_len()-8), (void*)0x01E70108, 4); /* save if we are booted from CBHC */ @@ -74,7 +75,7 @@ int _main() *(volatile u32*)0x01E10000 = *(volatile u32*)0x1016AD18; /* Patch kernel_error_handler to BX LR immediately */ - *(volatile u32*)0x08129A24 = 0xE12FFF1E; + *(volatile u32*)kernel_phys(0x08129A24) = 0xE12FFF1E; void * pset_fault_behavior = (void*)0x081298BC; kernel_memcpy(pset_fault_behavior, (void*)repairData_set_fault_behavior, sizeof(repairData_set_fault_behavior)); @@ -92,103 +93,116 @@ int _main() if(launchmode != LAUNCH_MOCHA) { // nop out memcmp hash checks - *(volatile u32*)(0x040017E0 - 0x04000000 + 0x08280000) = 0xE3A00000; // mov r0, #0 - *(volatile u32*)(0x040019C4 - 0x04000000 + 0x08280000) = 0xE3A00000; // mov r0, #0 - *(volatile u32*)(0x04001BB0 - 0x04000000 + 0x08280000) = 0xE3A00000; // mov r0, #0 - *(volatile u32*)(0x04001D40 - 0x04000000 + 0x08280000) = 0xE3A00000; // mov r0, #0 + *(volatile u32*)crypto_phys(0x040017E0) = 0xE3A00000; // mov r0, #0 + *(volatile u32*)crypto_phys(0x040019C4) = 0xE3A00000; // mov r0, #0 + *(volatile u32*)crypto_phys(0x04001BB0) = 0xE3A00000; // mov r0, #0 + *(volatile u32*)crypto_phys(0x04001D40) = 0xE3A00000; // mov r0, #0 // patch OS launch sig check - *(volatile u32*)(0x0500A818 - 0x05000000 + 0x081C0000) = 0x20002000; // mov r0, #0; mov r0, #0 + *(volatile u32*)mcp_phys(0x0500A818) = 0x20002000; // mov r0, #0; mov r0, #0 + + // fix 10 minute timeout that crashes MCP after 10 minutes of booting + *(volatile u32*)mcp_phys(0x05022474) = 0xFFFFFFFF; // NEW_TIMEOUT } if(launchmode != LAUNCH_MOCHA && launchmode != LAUNCH_CFW_IMG) { - // patch MCP authentication check - *(volatile u32*)(0x05014CAC - 0x05000000 + 0x081C0000) = 0x20004770; // mov r0, #0; bx lr + // jump to titleprot2_addr + *(volatile u32*)mcp_phys(0x05014670) = 0xF0F9F99C; //bl titleprot2_addr - // fix 10 minute timeout that crashes MCP after 10 minutes of booting - *(volatile u32*)(0x05022474 - 0x05000000 + 0x081C0000) = 0xFFFFFFFF; // NEW_TIMEOUT + // patch MCP authentication check + *(volatile u32*)mcp_phys(0x05014CAC) = 0x20004770; // mov r0, #0; bx lr // replace ioctl 0x62 code with jump to wupserver - *(volatile u32*)(0x05026BA8 - 0x05000000 + 0x081C0000) = 0x47780000; // bx pc - *(volatile u32*)(0x05026BAC - 0x05000000 + 0x081C0000) = 0xE59F1000; // ldr r1, [pc] - *(volatile u32*)(0x05026BB0 - 0x05000000 + 0x081C0000) = 0xE12FFF11; // bx r1 - *(volatile u32*)(0x05026BB4 - 0x05000000 + 0x081C0000) = wupserver_addr; // wupserver code + *(volatile u32*)mcp_phys(0x05026BA8) = 0x47780000; // bx pc + *(volatile u32*)mcp_phys(0x05026BAC) = 0xE59F1000; // ldr r1, [pc] + *(volatile u32*)mcp_phys(0x05026BB0) = 0xE12FFF11; // bx r1 + *(volatile u32*)mcp_phys(0x05026BB4) = wupserver_addr; // wupserver code // patch cert verification - *(volatile u32*)(0x05052A90 - 0x05000000 + 0x081C0000) = 0xE3A00000; // mov r0, #0 - *(volatile u32*)(0x05052A94 - 0x05000000 + 0x081C0000) = 0xE12FFF1E; // bx lr + *(volatile u32*)mcp_phys(0x05052A90) = 0xE3A00000; // mov r0, #0 + *(volatile u32*)mcp_phys(0x05052A94) = 0xE12FFF1E; // bx lr // patch IOSC_VerifyPubkeySign to always succeed - *(volatile u32*)(0x05052C44 - 0x05000000 + 0x081C0000) = 0xE3A00000; // mov r0, #0 - *(volatile u32*)(0x05052C48 - 0x05000000 + 0x081C0000) = 0xE12FFF1E; // bx lr + *(volatile u32*)mcp_phys(0x05052C44) = 0xE3A00000; // mov r0, #0 + *(volatile u32*)mcp_phys(0x05052C48) = 0xE12FFF1E; // bx lr // patch cached cert check - *(volatile u32*)(0x05054D6C - 0x05000000 + 0x081C0000) = 0xE3A00000; // mov r0, 0 - *(volatile u32*)(0x05054D70 - 0x05000000 + 0x081C0000) = 0xE12FFF1E; // bx lr + *(volatile u32*)mcp_phys(0x05054D6C) = 0xE3A00000; // mov r0, 0 + *(volatile u32*)mcp_phys(0x05054D70) = 0xE12FFF1E; // bx lr // redirect mcp_debug_print to mcp_syslog_print (0x0503DCF0) - *(volatile u32*)(0x05055454 - 0x05000000 + 0x081C0000) = 0xEBFFA225; // bl 0x0503DCF0 + *(volatile u32*)mcp_phys(0x05055454) = 0xEBFFA225; // bl 0x0503DCF0 if(from_cbhc) // coldboot specific patches { // change system.xml to syshax.xml - *(volatile u32*)(0x050600F0 - 0x05060000 + 0x08220000) = 0x79736861; // ysha - *(volatile u32*)(0x050600F4 - 0x05060000 + 0x08220000) = 0x782E786D; // x.xm + *(volatile u32*)mcp_rodata_phys(0x050600F0) = 0x79736861; // ysha + *(volatile u32*)mcp_rodata_phys(0x050600F4) = 0x782E786D; // x.xm - *(volatile u32*)(0x05060114 - 0x05060000 + 0x08220000) = 0x79736861; // ysha - *(volatile u32*)(0x05060118 - 0x05060000 + 0x08220000) = 0x782E786D; // x.xm + *(volatile u32*)mcp_rodata_phys(0x05060114) = 0x79736861; // ysha + *(volatile u32*)mcp_rodata_phys(0x05060118) = 0x782E786D; // x.xm } - // jump to titleprot code (titleprot_addr+4) - *(volatile u32*)(0x05107F70 - 0x05100000 + 0x13D80000) = 0xF005FD0A; //bl (titleprot_addr+4) + // jump to titleprot_addr + *(volatile u32*)mcp_d_r_phys(0x05107F70) = 0xF005FD0A; //bl titleprot_addr + + //free some mcp_d_r room for our code + *(volatile u32*)mcp_d_r_phys(titleprot_addr-4) = 0x20004770; // mov r0, #0; bx lr // overwrite mcp_d_r code with titleprot - *(volatile u32*)titleprot_phys = 0x20004770; // mov r0, #0; bx lr - kernel_memcpy((void*)(titleprot_phys+4), get_titleprot_bin(), get_titleprot_bin_len()); - invalidate_dcache((u32)(titleprot_phys+4), get_titleprot_bin_len()); + kernel_memcpy((void*)mcp_d_r_phys(titleprot_addr), get_titleprot_bin(), get_titleprot_bin_len()); + invalidate_dcache(mcp_d_r_phys(titleprot_addr), get_titleprot_bin_len()); + + // overwrite mcp_d_r code with titleprot2 + kernel_memcpy((void*)mcp_d_r_phys(titleprot2_addr), get_titleprot2_bin(), get_titleprot2_bin_len()); + invalidate_dcache(mcp_d_r_phys(titleprot2_addr), get_titleprot2_bin_len()); invalidate_icache(); + //free some mcp_d_r room for our code + *(volatile u32*)mcp_d_r_phys(wupserver_addr-4) = 0x47700000; //bx lr // overwrite mcp_d_r code with wupserver - *(volatile u32*)(0x0510E56C - 0x05100000 + 0x13D80000) = 0x47700000; //bx lr - kernel_memcpy((void*)wupserver_phys, get_wupserver_bin(), get_wupserver_bin_len()); - invalidate_dcache((u32)wupserver_phys, get_wupserver_bin_len()); + kernel_memcpy((void*)mcp_d_r_phys(wupserver_addr), get_wupserver_bin(), get_wupserver_bin_len()); + invalidate_dcache(mcp_d_r_phys(wupserver_addr), get_wupserver_bin_len()); invalidate_icache(); // apply IOS ELF launch hook (thanks dimok!) - *(volatile u32*)0x0812A120 = ARM_BL(0x0812A120, kernel_launch_ios); + *(volatile u32*)kernel_phys(0x0812A120) = ARM_BL(0x0812A120, kernel_launch_ios); // allow any region title launch - *(volatile u32*)(0xE0030498 - 0xE0000000 + 0x12900000) = 0xE3A00000; // mov r0, #0 + *(volatile u32*)acp_phys(0xE0030498) = 0xE3A00000; // mov r0, #0 // allow custom bootLogoTex and bootMovie.h264 - *(volatile u32*)(0xE0030D68 - 0xE0000000 + 0x12900000) = 0xE3A00000; // mov r0, #0 - *(volatile u32*)(0xE0030D34 - 0xE0000000 + 0x12900000) = 0xE3A00000; // mov r0, #0 + *(volatile u32*)acp_phys(0xE0030D68) = 0xE3A00000; // mov r0, #0 + *(volatile u32*)acp_phys(0xE0030D34) = 0xE3A00000; // mov r0, #0 } //custom fw.img reboot if(launchmode == LAUNCH_CFW_IMG) { + //copy in new fw.img path int i; for (i = 0; i < 32; i++) if (i < 31) - ((char*)(0x050663B4 - 0x05000000 + 0x081C0000))[i] = ((char*)0x01E70000)[i]; + ((char*)mcp_rodata_phys(0x050663B4))[i] = ((char*)0x01E70000)[i]; else - ((char*)(0x050663B4 - 0x05000000 + 0x081C0000))[i] = (char)0; + ((char*)mcp_rodata_phys(0x050663B4))[i] = (char)0; - *(volatile u32*)(0x050282AE - 0x05000000 + 0x081C0000) = 0xF031FB43; // bl launch_os_hook + // jump to launch_os_hook + *(volatile u32*)mcp_phys(0x050282AE) = 0xF031FB43; // bl launch_os_hook + // copy launch_os_hook into free mcp code space for (i = 0; i < sizeof(os_launch_hook); i++) - ((char*)(0x05059938 - 0x05000000 + 0x081C0000))[i] = os_launch_hook[i]; + ((char*)mcp_phys(0x05059938))[i] = os_launch_hook[i]; } if(from_cbhc) // coldboot specific patches { // patch default title id to system menu - *(volatile u32*)(0x050B817C - 0x05074000 + 0x08234000) = *(volatile u32*)0x01E70100; - *(volatile u32*)(0x050B8180 - 0x05074000 + 0x08234000) = *(volatile u32*)0x01E70104; + *(volatile u32*)mcp_data_phys(0x050B817C) = *(volatile u32*)0x01E70100; + *(volatile u32*)mcp_data_phys(0x050B8180) = *(volatile u32*)0x01E70104; // force check USB storage on load - *(volatile u32*)(0xE012202C - 0xE0000000 + 0x12900000) = 0x00000001; // find USB flag + *(volatile u32*)acp_phys(0xE012202C) = 0x00000001; // find USB flag } *(volatile u32*)(0x1555500) = 0; diff --git a/dsrom/iosu_patcher/arm_kernel/source/reload.c b/dsrom/iosu_patcher/arm_kernel/source/reload.c index 838077a..f4d581e 100644 --- a/dsrom/iosu_patcher/arm_kernel/source/reload.c +++ b/dsrom/iosu_patcher/arm_kernel/source/reload.c @@ -28,6 +28,9 @@ void kernel_launch_ios(u32 launch_address, u32 L, u32 C, u32 H) // patch OS launch sig check section_write_word(ios_elf_start, 0x0500A818, 0x20002000); // mov r0, #0; mov r0, #0 + // jump to titleprot2_addr + section_write_word(ios_elf_start, 0x05014670, 0xF0F9F99C); //bl titleprot2_addr + // patch MCP authentication check section_write_word(ios_elf_start, 0x05014CAC, 0x20004770); // mov r0, #0; bx lr @@ -68,14 +71,20 @@ void kernel_launch_ios(u32 launch_address, u32 L, u32 C, u32 H) section_write_word(ios_elf_start, 0x05060118, 0x782E786D); // x.xm } - // jump to titleprot code (titleprot_addr+4) - section_write_word(ios_elf_start, 0x05107F70, 0xF005FD0A); //bl (titleprot_addr+4) - // overwrite mcp_d_r code with titleprot - section_write_word(ios_elf_start, titleprot_addr, 0x20004770); // mov r0, #0; bx lr - section_write(ios_elf_start, titleprot_addr+4, get_titleprot_bin(), get_titleprot_bin_len()); + // jump to titleprot_addr + section_write_word(ios_elf_start, 0x05107F70, 0xF005FD0A); //bl titleprot_addr + //free some mcp_d_r room for our code + section_write_word(ios_elf_start, (titleprot_addr-4), 0x20004770); // mov r0, #0; bx lr + // overwrite mcp_d_r code with titleprot + section_write(ios_elf_start, titleprot_addr, get_titleprot_bin(), get_titleprot_bin_len()); + + // overwrite mcp_d_r code with titleprot2 + section_write(ios_elf_start, titleprot2_addr, get_titleprot2_bin(), get_titleprot2_bin_len()); + + //free some mcp_d_r room for our code + section_write_word(ios_elf_start, (wupserver_addr-4), 0x47700000); //bx lr // overwrite mcp_d_r code with wupserver - section_write_word(ios_elf_start, 0x0510E56C, 0x47700000); // bx lr section_write(ios_elf_start, wupserver_addr, get_wupserver_bin(), get_wupserver_bin_len()); // apply IOS ELF launch hook (thanks dimok!) diff --git a/dsrom/iosu_patcher/arm_kernel/source/utils.h b/dsrom/iosu_patcher/arm_kernel/source/utils.h index 3d55958..d1d444f 100644 --- a/dsrom/iosu_patcher/arm_kernel/source/utils.h +++ b/dsrom/iosu_patcher/arm_kernel/source/utils.h @@ -33,6 +33,14 @@ #define enable_interrupts ((int(*)(int))0x0812E78C) #define kernel_bsp_command_5 ((int (*)(const char*, int offset, const char*, int size, void *buffer))0x0812EC40) +#define crypto_phys(addr) ((u32)(addr) - 0x04000000 + 0x08280000) +#define mcp_phys(addr) ((u32)(addr) - 0x05000000 + 0x081C0000) +#define mcp_rodata_phys(addr) ((u32)(addr) - 0x05060000 + 0x08220000) +#define mcp_data_phys(addr) ((u32)(addr) - 0x05074000 + 0x08234000) +#define mcp_d_r_phys(addr) ((u32)(addr) - 0x05100000 + 0x13D80000) +#define kernel_phys(addr) ((u32)(addr)) //just here for completion +#define acp_phys(addr) ((u32)(addr) - 0xE0000000 + 0x12900000) + void reverse_memcpy(void* dest, const void* src, unsigned int size); unsigned int disable_mmu(void); void restore_mmu(unsigned int control_register); diff --git a/dsrom/iosu_patcher/titleprot/ccd00.ld b/dsrom/iosu_patcher/titleprot/ccd00.ld index aacaae3..3842207 100644 --- a/dsrom/iosu_patcher/titleprot/ccd00.ld +++ b/dsrom/iosu_patcher/titleprot/ccd00.ld @@ -2,7 +2,7 @@ OUTPUT_ARCH(arm) MEMORY { - RAMX (rx) : ORIGIN = 0x0510D988, LENGTH = 0x0000134 + RAMX (rx) : ORIGIN = 0x0510D988, LENGTH = 0x0000024 } SECTIONS diff --git a/dsrom/iosu_patcher/titleprot2/Makefile b/dsrom/iosu_patcher/titleprot2/Makefile new file mode 100644 index 0000000..78d3ea0 --- /dev/null +++ b/dsrom/iosu_patcher/titleprot2/Makefile @@ -0,0 +1,76 @@ +ifeq ($(strip $(DEVKITARM)),) +$(error "Please set DEVKITARM in your environment. export DEVKITARM=devkitARM") +endif + +ifeq ($(filter $(DEVKITARM)/bin,$(PATH)),) +export PATH:=$(DEVKITARM)/bin:$(PATH) +endif + +CC = arm-none-eabi-gcc +# LINK = arm-none-eabi-gcc +LINK = arm-none-eabi-ld +AS = arm-none-eabi-as +OBJCOPY = arm-none-eabi-objcopy +CFLAGS += -Wall -mbig-endian -std=c99 -mcpu=arm926ej-s -Os -s -mthumb -I$(DEVKITPRO)/libnds/include +LDFLAGS += --script=ccd00.ld -EB -L"$(DEVKITARM)/arm-none-eabi/lib" + +CFILES = $(wildcard source/*.c) +BINFILES = $(wildcard data/*.*) +OFILES = $(CFILES:source/%.c=build/%.o) +DFILES = $(CFILES:source/%.c=build/%.d) +SFILES = $(wildcard source/*.s) +OFILES += $(SFILES:source/%.s=build/%.o) +OFILES += $(BINFILES:data/%=build/%.o) +PROJECTNAME = ${shell basename "$(CURDIR)"} +CWD = "$(CURDIR)"" + +#--------------------------------------------------------------------------------- +# canned command sequence for binary data, taken from devkitARM +#--------------------------------------------------------------------------------- +define bin2o + bin2s $< | $(AS) -o $(@) + echo "extern const u8" `(echo $( source/`(echo $(> source/`(echo $(> source/`(echo $( $@ + +$(PROJECTNAME).elf: $(OFILES) + $(LINK) $(LDFLAGS) -o $(PROJECTNAME).elf $(sort $(filter-out build/crt0.o, $(OFILES))) + +clean: + @rm -f build/*.o build/*.d + @rmdir build 2>/nul; true + @rm -f $(PROJECTNAME).elf $(PROJECTNAME).bin $(PROJECTNAME)_bin.h + @echo "all cleaned up !" + +-include $(DFILES) + +build/%.o: source/%.c + $(CC) $(CFLAGS) -c $< -o $@ + @$(CC) -MM $< > build/$*.d + +build/%.o: source/%.s + $(CC) $(CFLAGS) -xassembler-with-cpp -c $< -o $@ + @$(CC) -MM $< > build/$*.d + +build/%.bin.o: data/%.bin + @echo $(notdir $<) + @$(bin2o) + +build/%.tga.o: data/%.tga + @echo $(notdir $<) + @$(bin2o) diff --git a/dsrom/iosu_patcher/titleprot2/ccd00.ld b/dsrom/iosu_patcher/titleprot2/ccd00.ld new file mode 100644 index 0000000..3fca35e --- /dev/null +++ b/dsrom/iosu_patcher/titleprot2/ccd00.ld @@ -0,0 +1,16 @@ +OUTPUT_ARCH(arm) + +MEMORY +{ + RAMX (rx) : ORIGIN = 0x0510D9AC, LENGTH = 0x0000110 +} + +SECTIONS +{ + .text : { + build/crt0.o(.init) + *(.text) + *(.rodata) + } +} + diff --git a/dsrom/iosu_patcher/titleprot2/ccd00.specs b/dsrom/iosu_patcher/titleprot2/ccd00.specs new file mode 100644 index 0000000..ccff243 --- /dev/null +++ b/dsrom/iosu_patcher/titleprot2/ccd00.specs @@ -0,0 +1,4 @@ +%rename link old_link + +*link: +%(old_link) -T ./ccd00.ld%s diff --git a/dsrom/iosu_patcher/titleprot2/source/crt0.s b/dsrom/iosu_patcher/titleprot2/source/crt0.s new file mode 100644 index 0000000..953d345 --- /dev/null +++ b/dsrom/iosu_patcher/titleprot2/source/crt0.s @@ -0,0 +1,24 @@ +.section ".init" +.thumb +.syntax unified + +.globl _start + +_start: + ldr r0, [r4,#0x10] + ldr r1, =#0x00050000 + cmp r0, r1 + bne exit_ok + ldr r0, [r4,#0x14] + ldr r1, =#0x00000000 @will be written in by CBHC + cmp r0, r1 + bne exit_ok + @return our error message + ldr r0, =#0x99999999 + ldr r3, =#(0x050146A4+1) + bx r3 +exit_ok: + @original code + lsrs r2, r3, #0x10 + lsls r3, r2, #0x10 + bx lr diff --git a/installer/src/main.c b/installer/src/main.c index 8ccca09..8f1313c 100644 --- a/installer/src/main.c +++ b/installer/src/main.c @@ -126,9 +126,9 @@ int availSort(const void *c1, const void *c2) void printhdr_noflip() { #ifdef CB - println_noflip(0,"CBHC v1.4u2 by FIX94"); + println_noflip(0,"CBHC v1.5 by FIX94"); #else - println_noflip(0,"Haxchi v2.4u1 by FIX94"); + println_noflip(0,"Haxchi v2.5 by FIX94"); #endif println_noflip(1,"Credits to smea, plutoo, yellows8, naehrwert, derrek and dimok"); } diff --git a/release/wiiu/apps/cbhc/meta.xml b/release/wiiu/apps/cbhc/meta.xml index 2027975..da09488 100644 --- a/release/wiiu/apps/cbhc/meta.xml +++ b/release/wiiu/apps/cbhc/meta.xml @@ -2,9 +2,9 @@ CBHC FIX94 - 1.4u2 + 1.5 https://github.com/FIX94/haxchi - 20161223200000 + 20161229200000 Coldboot Haxchi Installer WARNING! This will install Coldboot Haxchi on your system. ONLY USE THIS IF YOU ARE WILLING TO TAKE A RISK OF BRICKING YOUR CONSOLE. diff --git a/release/wiiu/apps/haxchi/meta.xml b/release/wiiu/apps/haxchi/meta.xml index 9b18563..70cc99d 100644 --- a/release/wiiu/apps/haxchi/meta.xml +++ b/release/wiiu/apps/haxchi/meta.xml @@ -2,9 +2,9 @@ Haxchi FIX94 - 2.4u1 + 2.5 https://github.com/FIX94/haxchi - 20161223200000 + 20161229200000 Haxchi Installer This will install Haxchi on your system.