From f88fe95e36c1f9abda8c7f782f7a96b25bcfaf53 Mon Sep 17 00:00:00 2001 From: Guillem Orellana Trullols Date: Thu, 27 Sep 2018 17:35:27 +0200 Subject: [PATCH 1/3] Clean up of FS module patch --- src/firmware.c | 103 +++++++++++++++++++++++++++---------------------- 1 file changed, 57 insertions(+), 46 deletions(-) diff --git a/src/firmware.c b/src/firmware.c index 9d0f935..2ccf664 100644 --- a/src/firmware.c +++ b/src/firmware.c @@ -42,6 +42,58 @@ pk11_offs *pkg11_offsentify(u8 *pkg1) { return NULL; } +void patchFS(pkg2_kip1_info_t* ki) { + u8 kipHash[0x20]; + + print("Patching FS\n"); + + se_calc_sha256(&kipHash, ki->kip1, ki->size); + se_calc_sha256(&kipHash, ki->kip1, ki->size); + + //Create header + size_t sizeDiff = ki->kip1->sections[0].size_decomp - ki->kip1->sections[0].size_comp; + size_t newSize = ki->size + sizeDiff; + pkg2_kip1_t *moddedKip = malloc(newSize); + memcpy(moddedKip, ki->kip1, newSize); + u32 pos = 0; + for(int i = 0; i < KIP1_NUM_SECTIONS; i++) { + if(!i) { + //Get decomp .text segment + u8 *kipDecompText = blz_decompress(moddedKip->data, moddedKip->sections[i].size_comp); + + kippatchset_t *pset = kippatch_find_set(kipHash, kip_patches); + if (!pset) { + print(" could not find patchset with matching hash\n"); + } else { + int res = kippatch_apply_set(kipDecompText, moddedKip->sections[i].size_decomp, pset); + if (res) error("kippatch_apply_set() failed\n"); + } + + moddedKip->flags &= ~1; + memcpy((void*)moddedKip->data, kipDecompText, moddedKip->sections[i].size_decomp); + free(kipDecompText); + pos += moddedKip->sections[i].size_comp; + moddedKip->sections[i].size_comp = moddedKip->sections[i].size_decomp; + } else { + if(moddedKip->sections[i].offset == 0) continue; + memcpy((void*)moddedKip->data + pos + sizeDiff, (void*)ki->kip1->data + pos, moddedKip->sections[i].size_comp); + pos += moddedKip->sections[i].size_comp; + } + } + + free(ki->kip1); + ki->size = newSize; + ki->kip1 = moddedKip; +} + +pkg2_kip1_info_t* find_by_tid(link_t* kip_list, u64 tid) { + LIST_FOREACH_ENTRY(pkg2_kip1_info_t, ki, kip_list, link) { + if(ki->kip1->tid == 0x0100000000000000) + return ki; + } + return NULL; +} + void patch(pk11_offs *pk11, pkg2_hdr_t *pkg2, link_t *kips) { //Patch Secmon if(!customSecmon){ @@ -224,53 +276,12 @@ void patch(pk11_offs *pk11, pkg2_hdr_t *pkg2, link_t *kips) { end:; } - - u8 kipHash[0x20]; - //Patch FS module (truly not my proudest code TODO cleanup) - LIST_FOREACH_ENTRY(pkg2_kip1_info_t, ki, kips, link) { - //Patch FS - if(ki->kip1->tid == 0x0100000000000000) { - print("Patching FS\n"); - - se_calc_sha256(&kipHash, ki->kip1, ki->size); - se_calc_sha256(&kipHash, ki->kip1, ki->size); - - //Create header - size_t sizeDiff = ki->kip1->sections[0].size_decomp - ki->kip1->sections[0].size_comp; - size_t newSize = ki->size + sizeDiff; - pkg2_kip1_t *moddedKip = malloc(newSize); - memcpy(moddedKip, ki->kip1, newSize); - u32 pos = 0; - for(int i = 0; i < KIP1_NUM_SECTIONS; i++) { - if(!i) { - //Get decomp .text segment - u8 *kipDecompText = blz_decompress(moddedKip->data, moddedKip->sections[i].size_comp); - - kippatchset_t *pset = kippatch_find_set(kipHash, kip_patches); - if (!pset) { - print(" could not find patchset with matching hash\n"); - } else { - int res = kippatch_apply_set(kipDecompText, moddedKip->sections[i].size_decomp, pset); - if (res) error("kippatch_apply_set() failed\n"); - } - - moddedKip->flags &= ~1; - memcpy((void*)moddedKip->data, kipDecompText, moddedKip->sections[i].size_decomp); - free(kipDecompText); - pos += moddedKip->sections[i].size_comp; - moddedKip->sections[i].size_comp = moddedKip->sections[i].size_decomp; - } else { - if(moddedKip->sections[i].offset == 0) continue; - memcpy((void*)moddedKip->data + pos + sizeDiff, (void*)ki->kip1->data + pos, moddedKip->sections[i].size_comp); - pos += moddedKip->sections[i].size_comp; - } - } - - free(ki->kip1); - ki->size = newSize; - ki->kip1 = moddedKip; - } + pkg2_kip1_info_t* FS_module = find_by_tid(kips, 0x0100000000000000); + if(FS_module == NULL) { + error("Could not find FS Module.\n"); + } else { + patchFS(FS_module); } } From 6fae934ca7dbfea06c7c8e8381fe8640906828e6 Mon Sep 17 00:00:00 2001 From: Guillem Orellana Date: Thu, 27 Sep 2018 21:23:38 +0200 Subject: [PATCH 2/3] Delete useless if inside for loop --- src/firmware.c | 39 ++++++++++++++++++++------------------- 1 file changed, 20 insertions(+), 19 deletions(-) diff --git a/src/firmware.c b/src/firmware.c index 2ccf664..b7ac7b2 100644 --- a/src/firmware.c +++ b/src/firmware.c @@ -52,30 +52,31 @@ void patchFS(pkg2_kip1_info_t* ki) { //Create header size_t sizeDiff = ki->kip1->sections[0].size_decomp - ki->kip1->sections[0].size_comp; + size_t newSize = ki->size + sizeDiff; pkg2_kip1_t *moddedKip = malloc(newSize); memcpy(moddedKip, ki->kip1, newSize); + u32 pos = 0; - for(int i = 0; i < KIP1_NUM_SECTIONS; i++) { - if(!i) { - //Get decomp .text segment - u8 *kipDecompText = blz_decompress(moddedKip->data, moddedKip->sections[i].size_comp); - - kippatchset_t *pset = kippatch_find_set(kipHash, kip_patches); - if (!pset) { - print(" could not find patchset with matching hash\n"); - } else { - int res = kippatch_apply_set(kipDecompText, moddedKip->sections[i].size_decomp, pset); - if (res) error("kippatch_apply_set() failed\n"); - } + //Get decomp .text segment + u8 *kipDecompText = blz_decompress(moddedKip->data, moddedKip->sections[0].size_comp); - moddedKip->flags &= ~1; - memcpy((void*)moddedKip->data, kipDecompText, moddedKip->sections[i].size_decomp); - free(kipDecompText); - pos += moddedKip->sections[i].size_comp; - moddedKip->sections[i].size_comp = moddedKip->sections[i].size_decomp; - } else { - if(moddedKip->sections[i].offset == 0) continue; + kippatchset_t *pset = kippatch_find_set(kipHash, kip_patches); + if (!pset) { + print(" could not find patchset with matching hash\n"); + } else { + int res = kippatch_apply_set(kipDecompText, moddedKip->sections[0].size_decomp, pset); + if (res) error("kippatch_apply_set() failed\n"); + } + + moddedKip->flags &= ~1; + memcpy((void*)moddedKip->data, kipDecompText, moddedKip->sections[0].size_decomp); + free(kipDecompText); + pos += moddedKip->sections[0].size_comp; + moddedKip->sections[0].size_comp = moddedKip->sections[0].size_decomp; + + for(int i = 0; i < KIP1_NUM_SECTIONS; i++) { + if(moddedKip->sections[i].offset != 0) { memcpy((void*)moddedKip->data + pos + sizeDiff, (void*)ki->kip1->data + pos, moddedKip->sections[i].size_comp); pos += moddedKip->sections[i].size_comp; } From c5850b2a5de77cf53feec8cdd0be12d1477db96b Mon Sep 17 00:00:00 2001 From: Guillem Orellana Date: Thu, 27 Sep 2018 21:25:20 +0200 Subject: [PATCH 3/3] Loop shoud start with i = 1 now --- src/firmware.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/firmware.c b/src/firmware.c index b7ac7b2..fd9daff 100644 --- a/src/firmware.c +++ b/src/firmware.c @@ -75,7 +75,7 @@ void patchFS(pkg2_kip1_info_t* ki) { pos += moddedKip->sections[0].size_comp; moddedKip->sections[0].size_comp = moddedKip->sections[0].size_decomp; - for(int i = 0; i < KIP1_NUM_SECTIONS; i++) { + for(int i = 1; i < KIP1_NUM_SECTIONS; i++) { if(moddedKip->sections[i].offset != 0) { memcpy((void*)moddedKip->data + pos + sizeDiff, (void*)ki->kip1->data + pos, moddedKip->sections[i].size_comp); pos += moddedKip->sections[i].size_comp;