Newer
Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
// THE CODE IS NOT FROM ME !
#include <string.h>
#include <stdio.h>
#include <stdbool.h>
#include <iostream>
#include "Reboot.hpp"
#define IRAM_PAYLOAD_MAX_SIZE 0x2F000
#define IRAM_PAYLOAD_BASE 0x40010000
alignas(0x1000) u8 g_reboot_payload[IRAM_PAYLOAD_MAX_SIZE];
alignas(0x1000) u8 g_ff_page[0x1000];
alignas(0x1000) u8 g_work_page[0x1000];
void do_iram_dram_copy(void *buf, uintptr_t iram_addr, size_t size, int option) {
memcpy(g_work_page, buf, size);
SecmonArgs args = {0};
args.X[0] = 0xF0000201; /* smcAmsIramCopy */
args.X[1] = (uintptr_t)g_work_page; /* DRAM Address */
args.X[2] = iram_addr; /* IRAM Address */
args.X[3] = size; /* Copy size */
args.X[4] = option; /* 0 = Read, 1 = Write */
svcCallSecureMonitor(&args);
memcpy(buf, g_work_page, size);
}
void copy_to_iram(uintptr_t iram_addr, void *buf, size_t size) {
do_iram_dram_copy(buf, iram_addr, size, 1);
}
void copy_from_iram(void *buf, uintptr_t iram_addr, size_t size) {
do_iram_dram_copy(buf, iram_addr, size, 0);
}
static void clear_iram(void) {
memset(g_ff_page, 0xFF, sizeof(g_ff_page));
for (size_t i = 0; i < IRAM_PAYLOAD_MAX_SIZE; i += sizeof(g_ff_page)) {
copy_to_iram(IRAM_PAYLOAD_BASE + i, g_ff_page, sizeof(g_ff_page));
}
}
static void reboot_to_payload(void) {
clear_iram();
for (size_t i = 0; i < IRAM_PAYLOAD_MAX_SIZE; i += 0x1000) {
copy_to_iram(IRAM_PAYLOAD_BASE + i, &g_reboot_payload[i], 0x1000);
}
splSetConfig((SplConfigItem)65001, 2);
}
Reboot::Reboot(){
}
std::string whichPayload(int payload)
{
chdir("romfs:/");
if (payload == 0) //HEKATE
{
return "payload/hekate.bin";
}
else if (payload == 1) //AMS
{
return "payload/fusee.bin";
}
else if (payload == 2) //LOCKPICK
{
return "payload/lockpick.bin";
}
}
}
void Reboot::rebootNow(int payload) //0 = hekate, 1 = ams, 2 = lockpick, 3 = lakka
{
Result rc = splInitialize();
FILE *f = fopen(whichPayload(payload).c_str(), "rb");
std::cout << "test\n";
if (f == NULL) {
std::cout << "Payload not found" << std::endl;
}
fread(g_reboot_payload, 1, sizeof(g_reboot_payload), f);
fclose(f);
reboot_to_payload();
spsmInitialize();
spsmShutdown(true);
}