This source file includes following definitions.
- taskHook
- boot
- sub_FF810358_my
- sub_FF8111B0_my
- sub_FF815EE0_my
- taskcreate_Startup_my
- task_Startup_my
- taskcreatePhySw_my
- CreateTask_spytask
- init_file_modules_task
1 #include "lolevel.h"
2 #include "platform.h"
3 #include "core.h"
4 #include "dryos31.h"
5
6 #define offsetof(TYPE, MEMBER) ((int) &((TYPE *)0)->MEMBER)
7
8 const char * const new_sa = &_end;
9
10 extern void task_CaptSeq();
11 extern void task_InitFileModules();
12 extern void task_MovieRecord();
13 extern void task_ExpDrv();
14 extern void task_PhySw();
15 extern void task_FileWrite();
16
17 #define LED_GR 0xC0220014
18 #define LED_OR 0xC0220010
19 #define LED_AF 0xC022000C
20
21 void taskHook(context_t **context) {
22
23 task_t *tcb=(task_t*)((char*)context-offsetof(task_t, context));
24
25
26 if(tcb->entry == (void*)task_PhySw) tcb->entry = (void*)mykbd_task;
27 if(tcb->entry == (void*)task_InitFileModules) tcb->entry = (void*)init_file_modules_task;
28 if(tcb->entry == (void*)task_MovieRecord) tcb->entry = (void*)movie_record_task;
29 if(tcb->entry == (void*)task_CaptSeq) tcb->entry = (void*)capt_seq_task;
30 if(tcb->entry == (void*)task_ExpDrv) tcb->entry = (void*)exp_drv_task;
31 if(tcb->entry == (void*)task_FileWrite) tcb->entry = (void*)filewritetask;
32 }
33
34 void __attribute__((naked,noinline)) boot( ) {
35
36 volatile int *p=(void*)LED_AF;
37 *p=0x46;
38 asm volatile (
39 " LDR R1, =0xC0410000 \n"
40 " MOV R0, #0 \n"
41 " STR R0, [R1] \n"
42 " MOV R1, #0x78 \n"
43 " MCR p15, 0, R1, c1, c0 \n"
44 " MOV R1, #0 \n"
45 " MCR p15, 0, R1, c7, c10, 4 \n"
46 " MCR p15, 0, R1, c7, c5 \n"
47 " MCR p15, 0, R1, c7, c6 \n"
48 " MOV R0, #0x3D \n"
49 " MCR p15, 0, R0, c6, c0 \n"
50 " MOV R0, #0xC000002F \n"
51 " MCR p15, 0, R0, c6, c1 \n"
52 " MOV R0, #0x33 \n"
53 " MCR p15, 0, R0, c6, c2 \n"
54 " MOV R0, #0x40000033 \n"
55 " MCR p15, 0, R0, c6, c3 \n"
56 " MOV R0, #0x80000017 \n"
57 " MCR p15, 0, R0, c6, c4 \n"
58 " LDR R0, =0xFF80002D \n"
59 " MCR p15, 0, R0, c6, c5 \n"
60 " MOV R0, #0x34 \n"
61 " MCR p15, 0, R0, c2, c0 \n"
62 " MOV R0, #0x34 \n"
63 " MCR p15, 0, R0, c2, c0, 1 \n"
64 " MOV R0, #0x34 \n"
65 " MCR p15, 0, R0, c3, c0 \n"
66 " LDR R0, =0x3333330 \n"
67 " MCR p15, 0, R0, c5, c0, 2 \n"
68 " LDR R0, =0x3333330 \n"
69 " MCR p15, 0, R0, c5, c0, 3 \n"
70 " MRC p15, 0, R0, c1, c0 \n"
71 " ORR R0, R0, #0x1000 \n"
72 " ORR R0, R0, #4 \n"
73 " ORR R0, R0, #1 \n"
74 " MCR p15, 0, R0, c1, c0 \n"
75 " MOV R1, #0x80000006 \n"
76 " MCR p15, 0, R1, c9, c1 \n"
77 " MOV R1, #6 \n"
78 " MCR p15, 0, R1, c9, c1, 1 \n"
79 " MRC p15, 0, R1, c1, c0 \n"
80 " ORR R1, R1, #0x50000 \n"
81 " MCR p15, 0, R1, c1, c0 \n"
82 " LDR R2, =0xC0200000 \n"
83 " MOV R1, #1 \n"
84 " STR R1, [R2, #0x10C] \n"
85 " MOV R1, #0xFF \n"
86 " STR R1, [R2, #0xC] \n"
87 " STR R1, [R2, #0x1C] \n"
88 " STR R1, [R2, #0x2C] \n"
89 " STR R1, [R2, #0x3C] \n"
90 " STR R1, [R2, #0x4C] \n"
91 " STR R1, [R2, #0x5C] \n"
92 " STR R1, [R2, #0x6C] \n"
93 " STR R1, [R2, #0x7C] \n"
94 " STR R1, [R2, #0x8C] \n"
95 " STR R1, [R2, #0x9C] \n"
96 " STR R1, [R2, #0xAC] \n"
97 " STR R1, [R2, #0xBC] \n"
98 " STR R1, [R2, #0xCC] \n"
99 " STR R1, [R2, #0xDC] \n"
100 " STR R1, [R2, #0xEC] \n"
101 " STR R1, [R2, #0xFC] \n"
102 " LDR R1, =0xC0400008 \n"
103 " LDR R2, =0x430005 \n"
104 " STR R2, [R1] \n"
105 " MOV R1, #1 \n"
106 " LDR R2, =0xC0243100 \n"
107 " STR R2, [R1] \n"
108 " LDR R2, =0xC0242010 \n"
109 " LDR R1, [R2] \n"
110 " ORR R1, R1, #1 \n"
111 " STR R1, [R2] \n"
112 " LDR R0, =0xFFC2B8D4 \n"
113 " LDR R1, =0x1900 \n"
114 " LDR R3, =0xECD8 \n"
115 "loc_FF81013C:\n"
116 " CMP R1, R3 \n"
117 " LDRCC R2, [R0], #4 \n"
118 " STRCC R2, [R1], #4 \n"
119 " BCC loc_FF81013C \n"
120 " LDR R1, =0x16913C \n"
121 " MOV R2, #0 \n"
122 "loc_FF810154:\n"
123 " CMP R3, R1 \n"
124 " STRCC R2, [R3], #4 \n"
125 " BCC loc_FF810154 \n"
126 " B sub_FF810358_my \n"
127 );
128 }
129
130 void __attribute__((naked,noinline)) sub_FF810358_my() {
131
132 *(int*)0x1938=(int)taskHook;
133 *(int*)0x193C=(int)taskHook;
134
135
136 if ((*(int*) 0xC0220118) & 1)
137 *(int*)(0x24CC) = 0x200000;
138 else
139 *(int*)(0x24CC) = 0x100000;
140
141
142
143 asm volatile (
144 " LDR R0, =0xFF8103D0 \n"
145 " MOV R1, #0 \n"
146 " LDR R3, =0xFF810408 \n"
147 "loc_FF810364:\n"
148 " CMP R0, R3 \n"
149 " LDRCC R2, [R0], #4 \n"
150 " STRCC R2, [R1], #4 \n"
151 " BCC loc_FF810364 \n"
152 " LDR R0, =0xFF810408 \n"
153 " MOV R1, #0x4B0 \n"
154 " LDR R3, =0xFF81061C \n"
155 "loc_FF810380:\n"
156 " CMP R0, R3 \n"
157 " LDRCC R2, [R0], #4 \n"
158 " STRCC R2, [R1], #4 \n"
159 " BCC loc_FF810380 \n"
160 " MOV R0, #0xD2 \n"
161 " MSR CPSR_cxsf, R0 \n"
162 " MOV SP, #0x1000 \n"
163 " MOV R0, #0xD3 \n"
164 " MSR CPSR_cxsf, R0 \n"
165 " MOV SP, #0x1000 \n"
166 " LDR R0, =0x6C4 \n"
167 " LDR R2, =0xEEEEEEEE \n"
168 " MOV R3, #0x1000 \n"
169 "loc_FF8103B4:\n"
170 " CMP R0, R3 \n"
171 " STRCC R2, [R0], #4 \n"
172 " BCC loc_FF8103B4 \n"
173 " BL sub_FF8111B0_my \n"
174
175 "loc_LOOPED:\n"
176 " LDR R0, =0xC0220010 \n"
177 " MOV R1, #0x46 \n"
178 " STR R1, [R0] \n"
179 " B loc_LOOPED\n"
180
181 );
182 }
183
184 void __attribute__((naked,noinline)) sub_FF8111B0_my( ) {
185
186 asm volatile (
187 " STR LR, [SP, #-4]! \n"
188 " SUB SP, SP, #0x74 \n"
189 " MOV R1, #0x74 \n"
190 " MOV R0, SP \n"
191 " BL sub_FFB5288C \n"
192 " MOV R0, #0x53000 \n"
193 " STR R0, [SP, #4] \n"
194 #if defined(CHDK_NOT_IN_CANON_HEAP)
195 " LDR R0, =0x16913C \n"
196 #else
197 " LDR R0, =new_sa \n"
198 " LDR R0, [R0] \n"
199 #endif
200 " LDR R2, =0x2F1F80 \n"
201 " STR R0, [SP, #8] \n"
202 " SUB R0, R2, R0 \n"
203 " STR R0, [SP, #0xC] \n"
204 " MOV R0, #0x22 \n"
205 " STR R0, [SP, #0x18] \n"
206 " MOV R0, #0x68 \n"
207 " STR R0, [SP, #0x1C] \n"
208 " LDR R1, =0x2F9C00 \n"
209 " LDR R0, =0x19B \n"
210 " STR R1, [SP] \n"
211 " STR R0, [SP, #0x20] \n"
212 " MOV R0, #0x96 \n"
213 " STR R2, [SP, #0x10] \n"
214 " STR R1, [SP, #0x14] \n"
215 " STR R0, [SP, #0x24] \n"
216 " STR R0, [SP, #0x28] \n"
217 " MOV R0, #0x64 \n"
218 " STR R0, [SP, #0x2C] \n"
219 " MOV R0, #0 \n"
220 " STR R0, [SP, #0x30] \n"
221 " STR R0, [SP, #0x34] \n"
222 " MOV R0, #0x10 \n"
223 " STR R0, [SP, #0x5C] \n"
224 " MOV R0, #0x800 \n"
225 " STR R0, [SP, #0x60] \n"
226 " MOV R0, #0xA0 \n"
227 " STR R0, [SP, #0x64] \n"
228 " MOV R0, #0x280 \n"
229 " STR R0, [SP, #0x68] \n"
230 " LDR R1, =sub_FF815EE0_my \n"
231 " MOV R2, #0 \n"
232 " MOV R0, SP \n"
233 " BL sub_FF8134C4 \n"
234 " ADD SP, SP, #0x74 \n"
235 " LDR PC, [SP], #4 \n"
236 );
237 }
238
239 void __attribute__((naked,noinline)) sub_FF815EE0_my( ) {
240
241 asm volatile (
242 " STMFD SP!, {R4,LR} \n"
243 " BL sub_FF810B28 \n"
244 " BL sub_FF81A374 \n"
245 " CMP R0, #0 \n"
246 " LDRLT R0, =0xFF815FF4 \n"
247 " BLLT sub_FF815FD4 \n"
248 " BL sub_FF815B18 \n"
249 " CMP R0, #0 \n"
250 " LDRLT R0, =0xFF815FFC \n"
251 " BLLT sub_FF815FD4 \n"
252 " LDR R0, =0xFF81600C \n"
253 " BL sub_FF815C00 \n"
254 " CMP R0, #0 \n"
255 " LDRLT R0, =0xFF816014 \n"
256 " BLLT sub_FF815FD4 \n"
257 " LDR R0, =0xFF81600C \n"
258 " BL sub_FF813CA8 \n"
259 " CMP R0, #0 \n"
260 " LDRLT R0, =0xFF816028 \n"
261 " BLLT sub_FF815FD4 \n"
262 " BL sub_FF819D00 \n"
263 " CMP R0, #0 \n"
264 " LDRLT R0, =0xFF816034 \n"
265 " BLLT sub_FF815FD4 \n"
266 " BL sub_FF811690 \n"
267 " CMP R0, #0 \n"
268 " LDRLT R0, =0xFF816040 \n"
269 " BLLT sub_FF815FD4 \n"
270 " LDMFD SP!, {R4,LR} \n"
271 " B taskcreate_Startup_my \n"
272 );
273 }
274
275 void __attribute__((naked,noinline)) taskcreate_Startup_my( ) {
276
277 asm volatile (
278 " STMFD SP!, {R3-R9,LR} \n"
279 " MOV R6, #0 \n"
280 " BL sub_FF834038 \n"
281 " BL sub_FF83BB9C \n"
282 " LDR R9, =0xC0220000 \n"
283 " MOVS R7, R0 \n"
284 " MOV R8, #1 \n"
285 " BNE loc_FF81FCC0 \n"
286 " BL sub_FF83593C \n"
287 " CMP R0, #0 \n"
288 " BEQ loc_FF81FCC0 \n"
289 " LDR R0, [R9, #0x11C] \n"
290 " BIC R5, R8, R0 \n"
291 " LDR R0, [R9, #0x118] \n"
292 " BIC R4, R8, R0 \n"
293 " BL sub_FF8333F0 \n"
294 " CMP R0, #1 \n"
295 " MOVEQ R6, #1 \n"
296 " ORR R0, R4, R5 \n"
297 " ORRS R0, R0, R6 \n"
298 " BNE loc_FF81FCD0 \n"
299 " BL sub_FF8336DC \n"
300 " MOV R0, #0x44 \n"
301 " STR R0, [R9, #0x80] \n"
302 " BL sub_FF8338D0 \n"
303 "loc_FF81FCBC:\n"
304 " B loc_FF81FCBC \n"
305 "loc_FF81FCC0:\n"
306 " LDR R0, [R9, #0x118] \n"
307 " BIC R4, R8, R0 \n"
308 " LDR R0, [R9, #0x11C] \n"
309 " BIC R5, R8, R0 \n"
310 "loc_FF81FCD0:\n"
311 " MOV R3, R6 \n"
312 " MOV R2, R7 \n"
313 " MOV R1, R5 \n"
314 " MOV R0, R4 \n"
315
316 " BL sub_FF83403C \n"
317 " BL sub_FF839D6C \n"
318 " LDR R1, =0x34E000 \n"
319 " MOV R0, #0 \n"
320 " BL sub_FF83A1DC \n"
321 " BL sub_FF839F84 \n"
322 " MOV R3, #0 \n"
323 " STR R3, [SP] \n"
324
325 " LDR R3, =task_Startup_my \n"
326 " MOV R2, #0 \n"
327 " MOV R1, #0x19 \n"
328 " LDR R0, =0xFF81FD2C \n"
329 " BL sub_FF81E9B0 \n"
330 " MOV R0, #0 \n"
331 " LDMFD SP!, {R3-R9,PC} \n"
332 );
333 }
334
335
336 void __attribute__((naked,noinline)) task_Startup_my( ) {
337
338 asm volatile (
339 " STMFD SP!, {R4,LR} \n"
340 " BL sub_FF816588 \n"
341 " BL sub_FF8351AC \n"
342 " BL sub_FF833400 \n"
343 " BL sub_FF83BBE4 \n"
344 " BL sub_FF83BDD0 \n"
345
346 " BL sub_FF83BF6C \n"
347 " BL sub_FF832208 \n"
348 " BL sub_FF83BE00 \n"
349 " BL sub_FF839510 \n"
350 " BL sub_FF83BF70 \n"
351 " BL CreateTask_spytask \n"
352
353 " BL taskcreatePhySw_my \n"
354 " BL sub_FF8378AC \n"
355 " BL sub_FF83BF88 \n"
356 " BL sub_FF831600 \n"
357 " BL sub_FF832E0C \n"
358 " BL sub_FF83B958 \n"
359 " BL sub_FF8333A0 \n"
360 " BL sub_FF832DAC \n"
361 " BL sub_FF83223C \n"
362 " BL sub_FF83CA1C \n"
363 " BL sub_FF832D70 \n"
364 " LDMFD SP!, {R4,LR} \n"
365 " STMFD SP!, {R0,R1} \n"
366 " LDR R0, =0xC0220010 \n"
367 " MOV R1, #0x46 \n"
368 " STR R1, [R0] \n"
369 " LDMFD SP!, {R0,R1} \n"
370 " B sub_FF8166A8 \n"
371 );
372 }
373
374 void __attribute__((naked,noinline)) taskcreatePhySw_my( ) {
375
376 asm volatile (
377 " STMFD SP!, {R3-R5,LR} \n"
378 " LDR R4, =0x1C30 \n"
379 " LDR R0, [R4, #4] \n"
380 " CMP R0, #0 \n"
381 " BNE sub_FF833F34 \n"
382 " MOV R3, #0 \n"
383 " STR R3, [SP] \n"
384 " LDR R3, =0xFF833ECC \n"
385
386
387 " MOV R2, #0x2000 \n"
388 " B sub_FF833F24 \n"
389 );
390 }
391
392 void CreateTask_spytask() {
393
394 _CreateTask("SpyTask", 0x19, 0x2000, core_spytask, 0);
395 }
396
397 void __attribute__((naked,noinline)) init_file_modules_task() {
398
399 asm volatile (
400 " STMFD SP!, {R4-R6,LR} \n"
401 " BL sub_FF88A7C8 \n"
402 " LDR R5, =0x5006 \n"
403 " MOVS R4, R0 \n"
404 " MOVNE R1, #0 \n"
405 " MOVNE R0, R5 \n"
406 " BLNE sub_FF88E65C \n"
407 " BL sub_FF88A7F4 \n"
408 " BL core_spytask_can_start \n"
409 " B sub_FF8928E0 \n"
410 );
411 }