#117288 - HyperHacker - Sat Feb 03, 2007 9:29 am
I want to be able to exit from my program back to the DS firmware, as if I'd just turned it off and back on. Would just jumping to 0 on ARM7 and 0xFFFF0000 on ARM9 do (re-run the BIOS), or would I have to actually load the firmware into memory and execute it myself? Or is the power button the only way to do this?
_________________
I'm a PSP hacker now, but I still <3 DS.
#117290 - Lick - Sat Feb 03, 2007 10:34 am
I think running the firmware in memory will work. You could try Chishm's unpacker on your own firmware dump, then include the unpacked fw as bin data and run it from your project, just to test if it works.
You need to reset the Slot-1 (reinsert) and Slot-2 (cartreset or reinsert?) devices. I'm not sure how the firmware reacts on not being able to copy the headers from either of the devices. (Or maybe you'll just get gibberish headers, but that's not what you want right?)
_________________
http://licklick.wordpress.com
#117292 - chishm - Sat Feb 03, 2007 10:52 am
Won't work, unfortunately. The BIOS leaves magic values in RAM that the firmware needs, and I'm not sure what they are.
_________________
http://chishm.drunkencoders.com
http://dldi.drunkencoders.com
#117310 - tepples - Sat Feb 03, 2007 8:00 pm
Would A+B+Select+Start+NDSMP work to dump RAM to CF? If not, meaning that the FlashMe failsafe or NDSMP overwrites these areas, wouldn't it be possible to make a modified firmware that dumps RAM to CF and then runs the failsafe?
_________________
-- Where is he?
-- Who?
-- You know, the human.
-- I think he moved to Tilwick.
#117331 - HyperHacker - Sat Feb 03, 2007 10:53 pm
The failsafe shouldn't, it's just designed to pass control to user code ASAP. I'm almost positive NDSMP does though. LibNDS defines NDSHeader that's supposed to contain the DS card's header at bootup, but launching my programs either through WMB (which I think also does this for security) or NDSMP, there's nothing there. However, I can't read the card header again without reinserting it, so something has already done that and then discarded the results, which suggests NDSMP is overwriting them.
This is actually a bit of a problem as I was hoping to have my program be able to boot DS cards, but it can't read them unless you pop them in just before it loads up. :-/ Is there any chance we'll see a new version that doesn't do this? At this point it's really just another form of DRM, with the same old problems - hurts users (can't run a card booter without reinserting every time, which wears down the spring), not pirates (can use the many other tools available).
_________________
I'm a PSP hacker now, but I still <3 DS.
#117358 - chishm - Sun Feb 04, 2007 3:41 am
NDSMP purposely clears EXRAM to give a clean boot environment for the binaries, especially when used in conjunction with a menu. It will also overwrite the NDS header with the header of the loaded ROM, as all other boot loaders do (or at least, should do).
Even if it didn't, the secure area of the DS card is located somewhere in the first 64KiB of EXRAM, and this will almost certainly be overwritten by any loaded app.
So long story short, it's possible, but it would require specialised NDSMP, ROM menu and loaded app to do.
_________________
http://chishm.drunkencoders.com
http://dldi.drunkencoders.com
#117483 - HyperHacker - Mon Feb 05, 2007 2:16 am
What do you mean by ROM menu? Like Supercard firmware? Surely the card's firmware could simply copy this info to some other unused RAM address. I thought there was a hacked NDSMP that did this somewhere.
_________________
I'm a PSP hacker now, but I still <3 DS.
#117504 - chishm - Mon Feb 05, 2007 5:29 am
As in MoonShell or whatever else is used to select the ROM to load. The easiest method to return to the DS menu is to power off the system. Even Nintendo uses this method.
_________________
http://chishm.drunkencoders.com
http://dldi.drunkencoders.com
#117517 - knight0fdragon - Mon Feb 05, 2007 8:23 am
lick doesnt your lovelite do this, or whatever you call the thing to do the passme reset
_________________
http://www.myspace.com/knight0fdragonds
MK DS FC: Dragon 330772 075464
AC WW FC: Anthony SamsClub 1933-3433-9458
MPFH: Dragon 0215 4231 1206
#117522 - josath - Mon Feb 05, 2007 10:30 am
| chishm wrote: |
| As in MoonShell or whatever else is used to select the ROM to load. The easiest method to return to the DS menu is to power off the system. Even Nintendo uses this method. |
Even in the firmware itself. It always struck me as sloppy coding, having to power-cycle to go from pictochat or settings back to main menu.
#117545 - Lick - Mon Feb 05, 2007 3:05 pm
| knight0fdragon wrote: |
| lick doesnt your lovelite do this, or whatever you call the thing to do the passme reset |
If this is a fullreset:
1) Clear/reset all memory/hardware.
2) Reset NDS card (maybe impossible).
3) Reset GBA cart.
4) Decrypt and decompress firmware.
5) Run the firmware.
4) ARM9 PassMe.
5) ARM7 jump to GBA cart.
.. then libcartreset only does 3,4,5. So that's how bad I need to update libcartreset to add step 1 (and rewrite the code).
josath: agreed. I was like: "Huh? How do I return to the [firmware] menu? Arghh!! I can't!"
_________________
http://licklick.wordpress.com
#117575 - HyperHacker - Mon Feb 05, 2007 10:03 pm
| chishm wrote: |
| As in MoonShell or whatever else is used to select the ROM to load. The easiest method to return to the DS menu is to power off the system. Even Nintendo uses this method. |
OK, well the app I'm making is the ROM loader*. Think GBA Booter, but able to run .nds files as well. :-) It's something you'd generally use as your _BOOT_MP.NDS or similar, so only FlashMe and NDSMP need to be dealt with. Eventually I hope to turn it into a firmware replacement. (BTW, is there anything special that the firmware needs to do to work, like initializing hardware? Or can I pretty much just drop my arm7.bin and arm9.bin in the appropriate places? Obviously I'm rather nervous about this idea.)
It probably won't be necessary to actually implement hard-rebooting, since I plan for it to do everything the firmware does except Pictochat, eliminating the need to use Nintendo's firmware at all. Obviously it won't do all these things from version 1 though, so if there were a simple way to add this feature, that'd be a nice tradeoff until it's no longer necessary.
Is NDSMP open-source? I could just modify it to copy the required info somewhere or just not overwrite it. For that matter how much space is available in the GBAMP firmware? It might be interesting to try replacing it; I remember someone mentioning the idea of embedding GBA-mode emulators in it but I don't think they made much progress.
*Despite the name, I don't intend to add any support for running backups. Don't associate it with r0mloader either. ;-)
BTW is there better code available for launching .nds files? Moonshell's code is really messy. I've only managed to extract the GBAMP code so far, and it's pretty simple because you really just call a routine in the device's firmware, obviously this won't work on other devices. :-/
_________________
I'm a PSP hacker now, but I still <3 DS.
#117594 - tepples - Mon Feb 05, 2007 10:38 pm
| HyperHacker wrote: |
| It probably won't be necessary to actually implement hard-rebooting, since I plan for it to do everything the firmware does except Pictochat, eliminating the need to use Nintendo's firmware at all. |
Including a DS Download Play client? And are you planning on making a .nds chat program that uses the Pictochat protocol?
| Quote: |
| *Despite the name, I don't intend to add any support for running backups. Don't associate it with r0mloader either. ;-) |
Or tying up hens?
_________________
-- Where is he?
-- Who?
-- You know, the human.
-- I think he moved to Tilwick.
#117620 - chishm - Tue Feb 06, 2007 1:27 am
Yes, NDSMP is open source. The source is included in the zip. BTW, it's distributed under GPL, so keep that in mind when releasing anything.
_________________
http://chishm.drunkencoders.com
http://dldi.drunkencoders.com
#117632 - knight0fdragon - Tue Feb 06, 2007 3:19 am
| Lick wrote: |
| knight0fdragon wrote: | | lick doesnt your lovelite do this, or whatever you call the thing to do the passme reset |
If this is a fullreset:
1) Clear/reset all memory/hardware.
2) Reset NDS card (maybe impossible).
3) Reset GBA cart.
4) Decrypt and decompress firmware.
5) Run the firmware.
4) ARM9 PassMe.
5) ARM7 jump to GBA cart.
.. then libcartreset only does 3,4,5. So that's how bad I need to update libcartreset to add step 1 (and rewrite the code).
josath: agreed. I was like: "Huh? How do I return to the [firmware] menu? Arghh!! I can't!" |
hmm well If you are using a flashcard with a multiboot menu, then some steps become pointless because the menu itself plays with mem / registers
_________________
http://www.myspace.com/knight0fdragonds
MK DS FC: Dragon 330772 075464
AC WW FC: Anthony SamsClub 1933-3433-9458
MPFH: Dragon 0215 4231 1206
#117653 - HyperHacker - Tue Feb 06, 2007 10:54 am
| tepples wrote: |
| HyperHacker wrote: | | It probably won't be necessary to actually implement hard-rebooting, since I plan for it to do everything the firmware does except Pictochat, eliminating the need to use Nintendo's firmware at all. |
Including a DS Download Play client? And are you planning on making a .nds chat program that uses the Pictochat protocol? |
I certainly wouldn't install a custom firmware without a Download Play client. It's how I test all my programs! I might try my hand at a standalone Pictochat client but I don't feel it's necessary.
| Quote: |
| Quote: | | *Despite the name, I don't intend to add any support for running backups. Don't associate it with r0mloader either. ;-) |
Or tying up hens? |
No poultry was harmed in the making of this program, except the chicken I had for dinner last night.
chishm, thanks, I'll take a peek at the source hopefully sometime this week. (A few more important projects - ones with actual deadlines - may be cropping up.) I noticed though that my program itself is corrupting these values when I read data from files. Weird, but as long as I can just grab it before it gets overwritten, I suppose it won't be an issue.
_________________
I'm a PSP hacker now, but I still <3 DS.