6,264
edits
Changes
Jump to navigation
Jump to search
Line 14:
Line 14: − + + + + + + + + + + + +
→NATIVE_FIRM
[[3DS_System_Flaws#Kernel11|memchunkhax2]] was fixed by reading the [[MemoryBlockHeader]] next pointer before it is mapped to userland.
[[3DS_System_Flaws#Kernel11|memchunkhax2]] was fixed by reading the [[MemoryBlockHeader]] next pointer before it is mapped to userland.
The only updated FIRM sysmodules were fs and loader, for fs only a version-field in .code was updated used with a debug NOP-instruction. The loader process .text was previously 0x331C-bytes, it's now 0x36F0-bytes.
The only updated FIRM sysmodules were fs and loader, for fs only a version-field in .code was updated used with a debug NOP-instruction.
====loader====
The loader process .text was previously 0x331C-bytes, it's now 0x36F0-bytes.
All code changes:
* Some code using svcGetSystemTick was added, this appears to be debug code that wasn't disabled(the output from this is never used).
* L_140022b8(L_14002234 in previous loader version): This is the function which calls L_140025f0. Code was added between the code which loads the memregion value from exheader, and the func call for mapping it(L_140025f0). This new code determines what to pass for the L_140025f0 insp4 flag. By default the value passed for that flag is 0.
** When the process memregion is APPLICATION, the programID is for a CTR title, and the uniqueid matches the eShop system-application(''all'' regions including CHN), the flag is set to 1.
** When the process memregion is SYSTEM, the flag is set to 1 when the reslimit_category is not LIB_APPLET.
* L_140025f0(L_140024e4 in previous loader version) now calls another function(L_14002670) instead of svcControlMemory directly, for mapping the codebin memory. The insp4 flag from the L_140025f0 input is passed to L_14002670 as sp0.
* L_14002670: New function used for mapping the codebin. When the insp0 flag is zero, this does the normal memory-mapping, otherwise a special memory-mapping codepath is used. This codepath still uses the same memregion specified in the exheader.
===NS===
===NS===