From 191bc128ee5c20875d1935b9857cf8e236174ddd Mon Sep 17 00:00:00 2001 From: dark-samus Date: Thu, 25 Feb 2016 16:07:22 -0500 Subject: [PATCH 1/2] Screen_init! --- Makefile | 32 +-- payload_stage2/Makefile | 9 +- payload_stage2/source/main.c | 47 +++- payload_stage2/source/screen_init.c | 8 + payload_stage2/source/screen_init.h | 1 + screen_init/Makefile | 59 +++++ screen_init/screen_init.ld | 21 ++ screen_init/screen_init.specs | 4 + screen_init/source/screen_init/screen_init.c | 221 +++++++++++++++++++ 9 files changed, 374 insertions(+), 28 deletions(-) create mode 100644 payload_stage2/source/screen_init.c create mode 100644 payload_stage2/source/screen_init.h create mode 100644 screen_init/Makefile create mode 100644 screen_init/screen_init.ld create mode 100644 screen_init/screen_init.specs create mode 100644 screen_init/source/screen_init/screen_init.c diff --git a/Makefile b/Makefile index 40c7b91..b8bbb48 100644 --- a/Makefile +++ b/Makefile @@ -1,4 +1,4 @@ -.PHONY : all hax firm0 firm1 sector stage2 installer clean +.PHONY : all hax firm0 firm1 sector screen_init stage2 installer clean TARGET = arm9loaderhax PYTHON = python @@ -7,29 +7,34 @@ OUTDIR = data_output all : $(OUTDIR) hax installer -hax : $(OUTDIR) firm0 firm1 sector stage2 +hax : $(OUTDIR) firm0 firm1 sector screen_init stage2 $(OUTDIR): @[ -d $(OUTDIR) ] || mkdir -p $(OUTDIR) -firm0 : +firm0: @cd payload_stage1 && make @cp $(INDIR)/new3ds90.firm $(OUTDIR)/firm0.bin @dd if=payload_stage1/payload_stage1.bin of=$(OUTDIR)/firm0.bin bs=512 seek=1922 conv=notrunc @echo FIRM0 done! -firm1 : +firm1: @cp $(INDIR)/new3ds10.firm $(OUTDIR)/firm1.bin @echo FIRM1 done! -sector : +sector: @$(PYTHON) common/sector_generator.py $(INDIR)/secret_sector.bin $(INDIR)/otp.bin $(OUTDIR)/sector.bin @echo SECTOR done! +screen_init: + @[ -d payload_stage2/data ] || mkdir -p payload_stage2/data + $(MAKE) -C screen_init + @cp screen_init/screen_init.bin payload_stage2/data/ + stage2: - @cd payload_stage2 && make - @dd if=payload_stage2/payload_stage2.bin of=$(OUTDIR)/firm1.bin bs=512 seek=1936 conv=notrunc - @cp payload_stage2/payload_stage2.bin $(OUTDIR)/stage0x5C000.bin + @cp screen_init/screen_init.bin payload_stage2/data + @$(MAKE) -C payload_stage2 + @cp payload_stage2/payload_stage2.bin $(OUTDIR)/stage0x5C000.bin installer: @cp $(OUTDIR)/sector.bin payload_installer/brahma2/data/sector.bin @@ -38,11 +43,10 @@ installer: @cp $(OUTDIR)/stage0x5C000.bin payload_installer/brahma2/data/stage2.bin @cd payload_installer && make TARGET=../$(OUTDIR)/$(TARGET) @echo INSTALLER done! - + clean: @echo clean... - @cd payload_stage1 && make clean - @cd payload_stage2 && make clean - @cd payload_installer && make clean TARGET=../$(TARGET) - @rm -fr $(OUTDIR) payload_installer/brahma2/data/*.bin - \ No newline at end of file + @$(MAKE) -C payload_stage1 clean + @$(MAKE) -C screen_init clean + @$(MAKE) -C payload_stage2 clean + @$(MAKE) -C payload_installer clean TARGET=../$(TARGET) diff --git a/payload_stage2/Makefile b/payload_stage2/Makefile index bcf67b4..2e0145c 100644 --- a/payload_stage2/Makefile +++ b/payload_stage2/Makefile @@ -40,7 +40,7 @@ CFLAGS += $(INCLUDE) CXXFLAGS := $(CFLAGS) -fno-rtti -fno-exceptions -ASFLAGS := -g $(ARCH) +ASFLAGS := -g $(ARCH) LDFLAGS = -nostartfiles -g $(ARCH) -Wl,-Map,$(TARGET).map LDFLAGS += --specs=../../common/payload_stage2.specs @@ -62,6 +62,7 @@ ifneq ($(BUILD),$(notdir $(CURDIR))) #--------------------------------------------------------------------------------- export OUTPUT := $(CURDIR)/$(TARGET) +export DATA := data export VPATH := $(foreach dir,$(SOURCES),$(CURDIR)/$(dir)) \ $(foreach dir,$(DATA),$(CURDIR)/$(dir)) @@ -104,12 +105,13 @@ all: $(BUILD) $(BUILD): @[ -d $(OUTPUT_D) ] || mkdir -p $(OUTPUT_D) @[ -d $(BUILD) ] || mkdir -p $(BUILD) + @[ -d $(DATA) ] || mkdir -p $(DATA) @make --no-print-directory -C $(BUILD) -f $(CURDIR)/Makefile - + #--------------------------------------------------------------------------------- clean: @echo clean ... - @rm -fr $(BUILD) $(OUTPUT).bin + @rm -fr $(DATA) $(BUILD) $(OUTPUT).elf $(OUTPUT).bin #--------------------------------------------------------------------------------- else @@ -126,7 +128,6 @@ $(OUTPUT).elf : $(OFILES) %.bin: %.elf @$(OBJCOPY) --set-section-flags .bss=alloc,load,contents -O binary $< $@ @echo built ... $(notdir $@) - @rm -f $(OUTPUT).elf #--------------------------------------------------------------------------------- # you need a rule like this for each extension you use as binary data diff --git a/payload_stage2/source/main.c b/payload_stage2/source/main.c index d7244c7..bb78399 100644 --- a/payload_stage2/source/main.c +++ b/payload_stage2/source/main.c @@ -2,32 +2,57 @@ #include "sdmmc.h" #include "i2c.h" #include "fatfs/ff.h" +#include "screen_init.h" #define PAYLOAD_ADDRESS 0x23F00000 #define PAYLOAD_SIZE 0x00100000 +#define A11_PAYLOAD_LOC 0x1FFF4C80 //keep in mind this needs to be changed in the ld script for screen_init too +#define SCREEN_SIZE 400 * 240 * 3 / 4 //yes I know this is more than the size of the bootom screen -u8 arm11code[] = { - 0x3E, 0x02, 0xE0, 0xE3, 0x1C, 0x10, 0x9F, 0xE5, - 0x00, 0x10, 0x80, 0xE5, 0x7E, 0x02, 0xE0, 0xE3, - 0x00, 0x10, 0xA0, 0xE3, 0x00, 0x10, 0x80, 0xE5, - 0x00, 0x20, 0x90, 0xE5, 0x02, 0x00, 0x51, 0xE1, - 0xFC, 0xFF, 0xFF, 0x0A, 0x12, 0xFF, 0x2F, 0xE1, - 0xBE, 0xBA, 0xAD, 0xAB, -}; + +extern u8 screen_init_bin[]; +extern u32 screen_init_bin_size; void ownArm11() { - memcpy((void*)0x1FFF4C80, arm11code, sizeof(arm11code)); + memcpy((void*)A11_PAYLOAD_LOC, screen_init_bin, screen_init_bin_size); *((u32*)0x1FFAED80) = 0xE51FF004; - *((u32*)0x1FFAED84) = 0x1FFF4C80; + *((u32*)0x1FFAED84) = A11_PAYLOAD_LOC; for(int i = 0; i < 0x80000; i++) { *((u8*)0x1FFFFFF0) = 2; } + for(volatile unsigned int i = 0; i < 0xF; ++i); + while(*(volatile uint32_t *)0x1FFFFFF8 != 0); +} + +//fixes the snow issue +clearScreen() +{ + for(int i = 0; i < (SCREEN_SIZE); i++) + { + *((unsigned int*)0x18300000 + i) = 0; + *((unsigned int*)0x18346500 + i) = 0; + } } int main() { + //gateway + *(volatile uint32_t*)0x80FFFC0 = 0x18300000; // framebuffer 1 top left + *(volatile uint32_t*)0x80FFFC4 = 0x18300000; // framebuffer 2 top left + *(volatile uint32_t*)0x80FFFC8 = 0x18300000; // framebuffer 1 top right + *(volatile uint32_t*)0x80FFFCC = 0x18300000; // framebuffer 2 top right + *(volatile uint32_t*)0x80FFFD0 = 0x18346500; // framebuffer 1 bottom + *(volatile uint32_t*)0x80FFFD4 = 0x18346500; // framebuffer 2 bottom + *(volatile uint32_t*)0x80FFFD8 = 1; // framebuffer select top + *(volatile uint32_t*)0x80FFFDC = 1; // framebuffer select bottom + + //cakehax + *(u32*)0x23FFFE00 = 0x18300000; + *(u32*)0x23FFFE04 = 0x18300000; + *(u32*)0x23FFFE08 = 0x18346500; + FATFS fs; FIL payload; u32 br; @@ -38,6 +63,8 @@ int main() { f_read(&payload, PAYLOAD_ADDRESS, PAYLOAD_SIZE, &br); ownArm11(); + screenInit(); + clearScreen(); ((void (*)())PAYLOAD_ADDRESS)(); } } diff --git a/payload_stage2/source/screen_init.c b/payload_stage2/source/screen_init.c new file mode 100644 index 0000000..ee86c8d --- /dev/null +++ b/payload_stage2/source/screen_init.c @@ -0,0 +1,8 @@ +#include "i2c.h" + +void screenInit() +{ + + i2cWriteRegister(3, 0x22, 0x2A); // 0x2A -> boot into firm with no backlight + +} diff --git a/payload_stage2/source/screen_init.h b/payload_stage2/source/screen_init.h new file mode 100644 index 0000000..37bad3b --- /dev/null +++ b/payload_stage2/source/screen_init.h @@ -0,0 +1 @@ +void screenInit(); diff --git a/screen_init/Makefile b/screen_init/Makefile new file mode 100644 index 0000000..ab6a1c8 --- /dev/null +++ b/screen_init/Makefile @@ -0,0 +1,59 @@ +export PATH := $(DEVKITARM)/bin:$(PATH) + +CC=arm-none-eabi-gcc +CP=arm-none-eabi-g++ +OC=arm-none-eabi-objcopy +LD=arm-none-eabi-ld +MV=mv -f +RM=rm -rf + +LIBNAME=screen_init +ELFNAME=$(LIBNAME).elf +BINNAME=$(LIBNAME).bin +DATNAME=$(LIBNAME).dat + +SRC_DIR:=source/$(LIBNAME) +OBJ_DIR:=obj/$(LIBNAME) +LIB_DIR:=lib +DEP_DIR:=obj/$(LIBNAME) + +LIBS= +CFLAGS=-std=gnu99 -Os -g -mword-relocations -fomit-frame-pointer -ffast-math +C9FLAGS=-mcpu=arm946e-s -march=armv5te -mlittle-endian +C11FLAGS=-mcpu=mpcore -mlittle-endian +LDFLAGS=$(LIBS) +OCFLAGS=--set-section-flags .bss=alloc,load,contents + +OBJS:=$(patsubst $(SRC_DIR)/%.c, $(OBJ_DIR)/%.o, $(wildcard $(SRC_DIR)/*.c)) +OBJS+=$(patsubst $(SRC_DIR)/%.s, $(OBJ_DIR)/%.o, $(wildcard $(SRC_DIR)/*.s)) +OBJS+=$(patsubst $(SRC_DIR)/%.S, $(OBJ_DIR)/%.o, $(wildcard $(SRC_DIR)/*.S)) + +OUT_DIR= obj/$(LIBNAME) + +.PHONY: clean + +all: screen_init.bin + +screen_init.bin: $(OBJS) + $(CC) -nostartfiles --specs=$(LIBNAME).specs $(OBJS) $(LDFLAGS) -o $(ELFNAME) + $(OC) $(OCFLAGS) -O binary $(ELFNAME) $(BINNAME) + +obj/%.o: source/%.c | dirs + @echo Compiling $< + $(CC) -c $(CFLAGS) $(C11FLAGS) $< -o $@ + +obj/%.o: source/%.s | dirs + @echo Compiling $< + $(CC) -c $(CFLAGS) $(C11FLAGS) $< -o $@ + +obj/%.o: source/%.S | dirs + @echo Compiling $< + $(CC) -c $(CFLAGS) $(C11FLAGS) $< -o $@ + +dirs: ${OUT_DIR} + +${OUT_DIR}: + mkdir -p ${OUT_DIR} + +clean: + rm -rf *.elf *.bin obj/* diff --git a/screen_init/screen_init.ld b/screen_init/screen_init.ld new file mode 100644 index 0000000..5122d89 --- /dev/null +++ b/screen_init/screen_init.ld @@ -0,0 +1,21 @@ +OUTPUT_ARCH(arm) +ENTRY(_entry) +SECTIONS +{ + . = 0x1FFF4C80; + .text : { + *(.text.start) + *(.text) + } + .data : { + *(.data) + } + .bss : { + *(.bss COMMON) + } + .rodata : { + *(.rodata) + } + . = ALIGN(4); + _stack = . + 0x100; +} diff --git a/screen_init/screen_init.specs b/screen_init/screen_init.specs new file mode 100644 index 0000000..a5d7391 --- /dev/null +++ b/screen_init/screen_init.specs @@ -0,0 +1,4 @@ +%rename link old_link + +*link: +%(old_link) -T screen_init.ld%s diff --git a/screen_init/source/screen_init/screen_init.c b/screen_init/source/screen_init/screen_init.c new file mode 100644 index 0000000..5faf97e --- /dev/null +++ b/screen_init/source/screen_init/screen_init.c @@ -0,0 +1,221 @@ +#include + +#define BRIGHTNESS 0x39 +#define FB_TOP_LEFT 0x18300000 +#define FB_TOP_RIGHT 0x18300000 +#define FB_BOTTOM 0x18346500 + +void __attribute__ ((naked)) a11Entry() +{ + __asm__ ("ldr r0,=_stack\n\t mov sp, r0"); + regSet(); +} + +void regSet() +{ + + volatile uint32_t *entry = (uint32_t *)0x1FFFFFF8; + + // pdn sub_101D98 + *((volatile uint32_t*)0x10141200) = 0x10000; // PDN_GPU_CNT + // Delay here pls + for(volatile int i = 0xC; i > 0; i-=2); + *((volatile uint32_t*)0x10141200) = 0x1007F; // PDN_GPU_CNT + + // gsp sub_1021F4 init_screen_maybe + *((volatile uint32_t*)0x10400004) |= 0x100; + *((volatile uint32_t*)0x10400030) &= 0xFFFFF0FF; + + // sub_107A34 + // Top screen + *((volatile uint32_t*)0x10400400) = 0x000001c2; + *((volatile uint32_t*)0x10400404) = 0x000000d1; + *((volatile uint32_t*)0x10400408) = 0x000001c1; + *((volatile uint32_t*)0x1040040c) = 0x000001c1; + *((volatile uint32_t*)0x10400410) = 0x00000000; + *((volatile uint32_t*)0x10400414) = 0x000000cf; + *((volatile uint32_t*)0x10400418) = 0x000000d1; + *((volatile uint32_t*)0x1040041c) = 0x01c501c1; + *((volatile uint32_t*)0x10400420) = 0x00010000; + *((volatile uint32_t*)0x10400424) = 0x0000019d; + *((volatile uint32_t*)0x10400428) = 0x00000002; + *((volatile uint32_t*)0x1040042c) = 0x00000192; + *((volatile uint32_t*)0x10400430) = 0x00000192; + *((volatile uint32_t*)0x10400434) = 0x00000192; + *((volatile uint32_t*)0x10400438) = 0x00000001; + *((volatile uint32_t*)0x1040043c) = 0x00000002; + *((volatile uint32_t*)0x10400440) = 0x01960192; + *((volatile uint32_t*)0x10400444) = 0x00000000; + *((volatile uint32_t*)0x10400448) = 0x00000000; + *((volatile uint32_t*)0x1040044c) = 0x0000ff00; + *((volatile uint32_t*)0x1040045c) = 0x019000f0; + *((volatile uint32_t*)0x10400460) = 0x01c100d1; + *((volatile uint32_t*)0x10400464) = 0x01920002; + *((volatile uint32_t*)0x10400490) = 0x000003c0; + *((volatile uint32_t*)0x1040049c) = 0x00000000; + *((volatile uint32_t*)0x10400468) = 0x18000000; + *((volatile uint32_t*)0x1040046c) = 0x18000000; + *((volatile uint32_t*)0x10400494) = 0x18000000; + *((volatile uint32_t*)0x10400498) = 0x18000000; + *((volatile uint32_t*)0x10400470) = 0x00080340; + *((volatile uint32_t*)0x10400480) = 0x00000000; + + for(int i = 0, temp = 0; i < 256; i++) + *((volatile uint32_t*)0x10400484) = 0x10101 * i; + + // Bottom screen + *((volatile uint32_t*)0x10400500) = 0x000001c2; + *((volatile uint32_t*)0x10400504) = 0x000000d1; + *((volatile uint32_t*)0x10400508) = 0x000001c1; + *((volatile uint32_t*)0x1040050c) = 0x000001c1; + *((volatile uint32_t*)0x10400510) = 0x000000cd; + *((volatile uint32_t*)0x10400514) = 0x000000cf; + *((volatile uint32_t*)0x10400518) = 0x000000d1; + *((volatile uint32_t*)0x1040051c) = 0x01c501c1; + *((volatile uint32_t*)0x10400520) = 0x00010000; + *((volatile uint32_t*)0x10400524) = 0x0000019d; + *((volatile uint32_t*)0x10400528) = 0x00000052; + *((volatile uint32_t*)0x1040052c) = 0x00000192; + *((volatile uint32_t*)0x10400530) = 0x00000192; + *((volatile uint32_t*)0x10400534) = 0x0000004f; + *((volatile uint32_t*)0x10400538) = 0x00000050; + *((volatile uint32_t*)0x1040053c) = 0x00000052; + *((volatile uint32_t*)0x10400540) = 0x01970193; + *((volatile uint32_t*)0x10400544) = 0x00000000; + *((volatile uint32_t*)0x10400548) = 0x00000011; + *((volatile uint32_t*)0x1040054c) = 0x000000ff; + *((volatile uint32_t*)0x1040055c) = 0x014000f0; + *((volatile uint32_t*)0x10400560) = 0x01c100d1; + *((volatile uint32_t*)0x10400564) = 0x01920052; + *((volatile uint32_t*)0x10400590) = 0x000003c0; + *((volatile uint32_t*)0x1040059c) = 0x00000000; + *((volatile uint32_t*)0x10400568) = 0x18000000; + *((volatile uint32_t*)0x1040056c) = 0x18000000; + *((volatile uint32_t*)0x10400594) = 0x18000000; + *((volatile uint32_t*)0x10400598) = 0x18000000; + *((volatile uint32_t*)0x10400570) = 0x00080301; + *((volatile uint32_t*)0x10400580) = 0x00000000; + + for(int i = 0, temp = 0; i < 256; i++) + *((volatile uint32_t*)0x10400584) = 0x10101 * i; + + *((volatile uint32_t*)0x10400478) = 0x00000000; + *((volatile uint32_t*)0x10400578) = 0x00000000; + *((volatile uint32_t*)0x10400474) = 0x00010501; + *((volatile uint32_t*)0x10400574) = 0x00010501; + + // sub_10915C + *((volatile uint32_t*)0x10202014) = 0x00000001; + *((volatile uint32_t*)0x10202204) = 0x00000000; // color fill disable + *((volatile uint32_t*)0x10202a04) = 0x00000000; // color fill disable + *((volatile uint32_t*)0x1020200C) &= 0xFFFEFFFE;// wtf register + + *((volatile uint32_t*)0x10202240) = BRIGHTNESS; + *((volatile uint32_t*)0x10202244) = 0x1023E; + + *((volatile uint32_t*)0x10202A40) = BRIGHTNESS; + *((volatile uint32_t*)0x10202A44) = 0x1023E; + + // After hm call cmd 0x00160042 to acquire rights + // and cmd 00130042 RegisterInterruptRelayQueue + *((volatile uint32_t*)0x10401000) = 0; + *((volatile uint32_t*)0x10401080) = 0x12345678; + *((volatile uint32_t*)0x104010C0) = 0xFFFFFFF0; + *((volatile uint32_t*)0x104010D0) = 1; + *((volatile uint32_t*)0x10400400) = 0x000001c2; + *((volatile uint32_t*)0x10400404) = 0x000000d1; + *((volatile uint32_t*)0x10400408) = 0x000001c1; + *((volatile uint32_t*)0x1040040c) = 0x000001c1; + *((volatile uint32_t*)0x10400410) = 0x00000000; + *((volatile uint32_t*)0x10400414) = 0x000000cf; + *((volatile uint32_t*)0x10400418) = 0x000000d1; + *((volatile uint32_t*)0x1040041c) = 0x01c501c1; + *((volatile uint32_t*)0x10400420) = 0x00010000; + *((volatile uint32_t*)0x10400424) = 0x0000019d; + *((volatile uint32_t*)0x10400428) = 0x00000002; + *((volatile uint32_t*)0x1040042c) = 0x00000192; + *((volatile uint32_t*)0x10400430) = 0x00000192; + *((volatile uint32_t*)0x10400434) = 0x00000192; + *((volatile uint32_t*)0x10400438) = 0x00000001; + *((volatile uint32_t*)0x1040043c) = 0x00000002; + *((volatile uint32_t*)0x10400440) = 0x01960192; + *((volatile uint32_t*)0x10400444) = 0x00000000; + *((volatile uint32_t*)0x10400448) = 0x00000000; + *((volatile uint32_t*)0x1040045c) = 0x019000f0; + *((volatile uint32_t*)0x10400460) = 0x01c100d1; + *((volatile uint32_t*)0x10400464) = 0x01920002; + *((volatile uint32_t*)0x10400470) = 0x00080340; + *((volatile uint32_t*)0x1040049C) = 0x00000000; + // (122500 log) + *((volatile uint32_t*)0x10400500) = 0x000001c2; + *((volatile uint32_t*)0x10400504) = 0x000000d1; + *((volatile uint32_t*)0x10400508) = 0x000001c1; + *((volatile uint32_t*)0x1040050c) = 0x000001c1; + *((volatile uint32_t*)0x10400510) = 0x000000cd;//diff + *((volatile uint32_t*)0x10400514) = 0x000000cf; + *((volatile uint32_t*)0x10400518) = 0x000000d1; + *((volatile uint32_t*)0x1040051c) = 0x01c501c1; + *((volatile uint32_t*)0x10400520) = 0x00010000; + *((volatile uint32_t*)0x10400524) = 0x0000019d; + *((volatile uint32_t*)0x10400528) = 0x00000052;//diff + *((volatile uint32_t*)0x1040052c) = 0x00000192; + *((volatile uint32_t*)0x10400530) = 0x00000192; + *((volatile uint32_t*)0x10400534) = 0x0000004f;//diff + *((volatile uint32_t*)0x10400538) = 0x00000050;//diff + *((volatile uint32_t*)0x1040053c) = 0x00000052;//diff + *((volatile uint32_t*)0x10400540) = 0x01980194;//diff + *((volatile uint32_t*)0x10400544) = 0x00000000; + *((volatile uint32_t*)0x10400548) = 0x00000011;//diff + *((volatile uint32_t*)0x1040055c) = 0x014000f0;//diff + *((volatile uint32_t*)0x10400560) = 0x01c100d1; + *((volatile uint32_t*)0x10400564) = 0x01920052;//diff + *((volatile uint32_t*)0x1040059C) = 0x00000000; + //(122860 log) + + *((volatile uint32_t*)0x10400468) = FB_TOP_LEFT; + *((volatile uint32_t*)0x1040046c) = FB_TOP_LEFT; + *((volatile uint32_t*)0x10400494) = FB_TOP_RIGHT; + *((volatile uint32_t*)0x10400498) = FB_TOP_RIGHT; + + *((volatile uint32_t*)0x10400568) = FB_BOTTOM; + *((volatile uint32_t*)0x1040056c) = FB_BOTTOM; + + *((volatile uint32_t*)0x10400478) = 0x00000001; + *((volatile uint32_t*)0x10400578) = 0x00000001; + + // dma stuffs + // skipped + + // called by hm + *((volatile uint32_t*)0x10400004) = 0x00070100; + + //(123030 log) + *((volatile uint32_t*)0x1040001C) &= 0xFFFFFFFD; + *((volatile uint32_t*)0x1040002C) &= 0xFFFFFFFD; + *((volatile uint32_t*)0x10400050) = 0x22221200; + *((volatile uint32_t*)0x10400054) = 0xFF2; + + //(123097 log) + *((volatile uint32_t*)0x10400474) = 0x00010501; + *((volatile uint32_t*)0x10400574) = 0x00010501; + + // from hm + // command list skipped + *((volatile uint32_t*)0x10400470) = 0x00080341; + *((volatile uint32_t*)0x10400490) = 0x000002D0; + + *((volatile uint32_t*)0x10400570) = 0x00080301; + *((volatile uint32_t*)0x10400590) = 0x000002D0; + + *((volatile uint32_t*)0x10401000) = 0x00000000; + + // Reset the entry + *entry = 0; + + // Wait for entry to be set + while(!*entry); + + // Jump + ((void (*)())*entry)(); + +} From db133258caacdfe6822ebc870e84e4b0cab66157 Mon Sep 17 00:00:00 2001 From: dark-samus Date: Sat, 27 Feb 2016 14:57:23 -0500 Subject: [PATCH 2/2] add credits --- README.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 8e1139a..f59fd09 100644 --- a/README.md +++ b/README.md @@ -67,7 +67,7 @@ sdmmc.c & sdmmc.h originally written by Normatt Licensed under GPLv2 or any later version, refer to the license.txt file included. * Smealum and contributors for libctru -* Normatt for sdmmc.c and .h, and also for .ld files +* Normatt for sdmmc.c and .h, and also for .ld files and the log from 3dmoo9 that provided us with some of the information needed to get screen init * Christophe Devine for the SHA codes * Archshift for i2c.c and .h * Megazig for crypto.c and .h @@ -75,6 +75,8 @@ Licensed under GPLv2 or any later version, refer to the license.txt file include * Smealum, Derrek, Plutoo for publishing the exploit * Yellows8 and Plutoo as ideators of it * [3dbrew community](http://3dbrew.org/) +* bilis/b1l1s for his screen init code, and work on inegrating it into stage 2 +* dark_samus for work on integrating screen init into stage 2