This source file includes following definitions.
- taskHook
- boot
- sub_FF000380_my
- sub_FF0011D8_my
- sub_FF004288_my
- taskcreate_Startup_my
- sub_FF00A694_my
- sub_FF00A6EC_my
- task_Startup_my
- taskcreatePhySw_my
- CreateTask_spytask
- init_file_modules_task
1 #include "lolevel.h"
2 #include "platform.h"
3 #include "core.h"
4 #include "dryos31.h"
5
6 #define offsetof(TYPE, MEMBER) ((int) &((TYPE *)0)->MEMBER)
7
8 const char * const new_sa = &_end;
9
10 void CreateTask_PhySw();
11 void CreateTask_spytask();
12
13 extern void task_CaptSeq();
14 extern void task_InitFileModules();
15 extern void task_MovieRecord();
16 extern void task_ExpDrv();
17 extern void task_PhySw();
18 extern void task_FileWrite();
19
20 void taskHook(context_t **context) {
21 task_t *tcb=(task_t*)((char*)context-offsetof(task_t, context));
22
23 if(tcb->entry == (void*)task_PhySw) tcb->entry = (void*)mykbd_task;
24 if(tcb->entry == (void*)task_CaptSeq) tcb->entry = (void*)capt_seq_task;
25 if(tcb->entry == (void*)task_InitFileModules) tcb->entry = (void*)init_file_modules_task;
26 if(tcb->entry == (void*)task_MovieRecord) tcb->entry = (void*)movie_record_task;
27 if(tcb->entry == (void*)task_ExpDrv) tcb->entry = (void*)exp_drv_task;
28 if(tcb->entry == (void*)task_FileWrite) tcb->entry = (void*)filewritetask;
29 }
30
31
32
33 void __attribute__((naked,noinline)) boot( ) {
34 asm volatile (
35 "LDR R1, =0xC0410000\n"
36 "MOV R0, #0\n"
37 "STR R0, [R1]\n"
38 "MOV R1, #0x78\n"
39 "MCR p15, 0, R1, c1, c0\n"
40 "MOV R1, #0\n"
41 "MCR p15, 0, R1, c7, c10, 4\n"
42 "MCR p15, 0, R1, c7, c5\n"
43 "MCR p15, 0, R1, c7, c6\n"
44 "MOV R0, #0x3D\n"
45 "MCR p15, 0, R0, c6, c0\n"
46 "MOV R0, #0xC000002F\n"
47 "MCR p15, 0, R0, c6, c1\n"
48 "MOV R0, #0x35\n"
49 "MCR p15, 0, R0, c6, c2\n"
50 "MOV R0, #0x40000035\n"
51 "MCR p15, 0, R0, c6, c3\n"
52 "MOV R0, #0x80000017\n"
53 "MCR p15, 0, R0, c6, c4\n"
54 "LDR R0, =0xFF00002F\n"
55 "MCR p15, 0, R0, c6, c5\n"
56 "MOV R0, #0x34\n"
57 "MCR p15, 0, R0, c2, c0\n"
58 "MOV R0, #0x34\n"
59 "MCR p15, 0, R0, c2, c0, 1\n"
60 "MOV R0, #0x34\n"
61 "MCR p15, 0, R0, c3, c0\n"
62 "LDR R0, =0x3333330\n"
63 "MCR p15, 0, R0, c5, c0, 2\n"
64 "LDR R0, =0x3333330\n"
65 "MCR p15, 0, R0, c5, c0, 3\n"
66 "MRC p15, 0, R0, c1, c0\n"
67 "ORR R0, R0, #0x1000\n"
68 "ORR R0, R0, #4\n"
69 "ORR R0, R0, #1\n"
70 "MCR p15, 0, R0, c1, c0\n"
71 "MOV R1, #0x80000006\n"
72 "MCR p15, 0, R1, c9, c1\n"
73 "MOV R1, #6\n"
74 "MCR p15, 0, R1, c9, c1, 1\n"
75 "MRC p15, 0, R1, c1, c0\n"
76 "ORR R1, R1, #0x50000\n"
77 "MCR p15, 0, R1, c1, c0\n"
78 "LDR R2, =0xC0200000\n"
79 "MOV R1, #1\n"
80 "STR R1, [R2, #0x10C]\n"
81 "MOV R1, #0xFF\n"
82 "STR R1, [R2, #0xC]\n"
83 "STR R1, [R2, #0x1C]\n"
84 "STR R1, [R2, #0x2C]\n"
85 "STR R1, [R2, #0x3C]\n"
86 "STR R1, [R2, #0x4C]\n"
87 "STR R1, [R2, #0x5C]\n"
88 "STR R1, [R2, #0x6C]\n"
89 "STR R1, [R2, #0x7C]\n"
90 "STR R1, [R2, #0x8C]\n"
91 "STR R1, [R2, #0x9C]\n"
92 "STR R1, [R2, #0xAC]\n"
93 "STR R1, [R2, #0xBC]\n"
94 "STR R1, [R2, #0xCC]\n"
95 "STR R1, [R2, #0xDC]\n"
96 "STR R1, [R2, #0xEC]\n"
97 "STR R1, [R2, #0xFC]\n"
98 "LDR R1, =0xC0400008\n"
99 "LDR R2, =0x430005\n"
100 "STR R2, [R1]\n"
101 "MOV R1, #1\n"
102 "LDR R2, =0xC0243100\n"
103 "STR R2, [R1]\n"
104 "LDR R2, =0xC0242010\n"
105 "LDR R1, [R2]\n"
106 "ORR R1, R1, #1\n"
107 "STR R1, [R2]\n"
108 "LDR R0, =0xFF4ACDBC\n"
109 "LDR R1, =0x471000\n"
110 "LDR R3, =0x48078C\n"
111 "loc_FF00013C:\n"
112 "CMP R1, R3\n"
113 "LDRCC R2, [R0], #4\n"
114 "STRCC R2, [R1], #4\n"
115 "BCC loc_FF00013C\n"
116 "LDR R0, =0xFF49EA20\n"
117 "LDR R1, =0x1900\n"
118 "LDR R3, =0xFC9C\n"
119 "loc_FF000158:\n"
120 "CMP R1, R3\n"
121 "LDRCC R2, [R0], #4\n"
122 "STRCC R2, [R1], #4\n"
123 "BCC loc_FF000158\n"
124 "LDR R1, =0x1716E8\n"
125 "MOV R2, #0\n"
126 "loc_FF000170:\n"
127 "CMP R3, R1\n"
128 "STRCC R2, [R3], #4\n"
129 "BCC loc_FF000170\n"
130
131 "B sub_FF000380_my\n"
132 );
133 }
134
135
136
137 void __attribute__((naked,noinline)) sub_FF000380_my() {
138
139 *(int*)0x1938=(int)taskHook;
140 *(int*)0x193C=(int)taskHook;
141
142
143
144
145 if ((*(int*) 0xC022012C) & 0x800000)
146 *(int*)(0x262C+4) = 0x200000;
147 else
148 *(int*)(0x262C+4) = 0x100000;
149
150 asm volatile (
151 "LDR R0, =0xFF0003F8\n"
152 "MOV R1, #0\n"
153 "LDR R3, =0xFF000430\n"
154 "loc_FF00038C:\n"
155 "CMP R0, R3\n"
156 "LDRCC R2, [R0], #4\n"
157 "STRCC R2, [R1], #4\n"
158 "BCC loc_FF00038C\n"
159 "LDR R0, =0xFF000430\n"
160 "MOV R1, #0x4B0\n"
161 "LDR R3, =0xFF000644\n"
162 "loc_FF0003A8:\n"
163 "CMP R0, R3\n"
164 "LDRCC R2, [R0], #4\n"
165 "STRCC R2, [R1], #4\n"
166 "BCC loc_FF0003A8\n"
167 "MOV R0, #0xD2\n"
168 "MSR CPSR_cxsf, R0\n"
169 "MOV SP, #0x1000\n"
170 "MOV R0, #0xD3\n"
171 "MSR CPSR_cxsf, R0\n"
172 "MOV SP, #0x1000\n"
173 "LDR R0, =0x6C4\n"
174 "LDR R2, =0xEEEEEEEE\n"
175 "MOV R3, #0x1000\n"
176 "loc_FF0003DC:\n"
177 "CMP R0, R3\n"
178 "STRCC R2, [R0], #4\n"
179 "BCC loc_FF0003DC\n"
180
181 "BL sub_FF0011D8_my\n"
182 );
183 }
184
185
186
187 void __attribute__((naked,noinline)) sub_FF0011D8_my() {
188 asm volatile (
189 "STR LR, [SP, #-4]!\n"
190 "SUB SP, SP, #0x74\n"
191 "MOV R1, #0x74\n"
192 "MOV R0, SP\n"
193 "BL sub_0047C448\n"
194 "MOV R0, #0x57000\n"
195 "STR R0, [SP, #4]\n"
196
197 #if defined(CHDK_NOT_IN_CANON_HEAP)
198 "LDR R0, =0x1716E8\n"
199 #else
200 "LDR R0, =new_sa\n"
201 "LDR R0, [R0]\n"
202 #endif
203
204 "LDR R2, =0x36D440\n"
205 "STR R0, [SP, #8]\n"
206 "SUB R0, R2, R0\n"
207 "STR R0, [SP, #0xC]\n"
208 "MOV R0, #0x22\n"
209 "STR R0, [SP, #0x18]\n"
210 "MOV R0, #0x7C\n"
211 "STR R0, [SP, #0x1C]\n"
212 "LDR R1, =0x375C00\n"
213 "LDR R0, =0x1CD\n"
214 "STR R1, [SP]\n"
215 "STR R0, [SP, #0x20]\n"
216 "MOV R0, #0x96\n"
217 "STR R2, [SP, #0x10]\n"
218 "STR R1, [SP, #0x14]\n"
219 "STR R0, [SP, #0x24]\n"
220 "STR R0, [SP, #0x28]\n"
221 "MOV R0, #0x64\n"
222 "STR R0, [SP, #0x2C]\n"
223 "MOV R0, #0\n"
224 "STR R0, [SP, #0x30]\n"
225 "STR R0, [SP, #0x34]\n"
226 "MOV R0, #0x10\n"
227 "STR R0, [SP, #0x5C]\n"
228 "MOV R0, #0x800\n"
229 "STR R0, [SP, #0x60]\n"
230 "MOV R0, #0xA0\n"
231 "STR R0, [SP, #0x64]\n"
232 "MOV R0, #0x280\n"
233 "STR R0, [SP, #0x68]\n"
234
235 "LDR R1, =sub_FF004288_my\n"
236 "MOV R2, #0\n"
237 "MOV R0, SP\n"
238 "BL sub_00472778\n"
239 "ADD SP, SP, #0x74\n"
240 "LDR PC, [SP], #4\n"
241 );
242 }
243
244
245
246 void __attribute__((naked,noinline)) sub_FF004288_my() {
247 asm volatile (
248 "STMFD SP!, {R4,LR}\n"
249 "BL sub_FF000B50\n"
250 "BL sub_FF005174\n"
251 "CMP R0, #0\n"
252 "LDRLT R0, =0xFF00439C\n"
253 "BLLT _err_init_task\n"
254 "BL sub_FF003EC0\n"
255 "CMP R0, #0\n"
256 "LDRLT R0, =0xFF0043A4\n"
257 "BLLT _err_init_task\n"
258 "LDR R0, =0xFF0043B4\n"
259 "BL sub_FF003FA8\n"
260 "CMP R0, #0\n"
261 "LDRLT R0, =0xFF0043BC\n"
262 "BLLT _err_init_task\n"
263 "LDR R0, =0xFF0043B4\n"
264 "BL sub_FF0029C8\n"
265 "CMP R0, #0\n"
266 "LDRLT R0, =0xFF0043D0\n"
267 "BLLT _err_init_task\n"
268 "BL sub_FF004B10\n"
269 "CMP R0, #0\n"
270 "LDRLT R0, =0xFF0043DC\n"
271 "BLLT _err_init_task\n"
272 "BL sub_FF0016C8\n"
273 "CMP R0, #0\n"
274 "LDRLT R0, =0xFF0043E8\n"
275 "BLLT _err_init_task\n"
276 "LDMFD SP!, {R4,LR}\n"
277
278 "B taskcreate_Startup_my\n"
279 );
280 }
281
282
283
284 void __attribute__((naked,noinline)) taskcreate_Startup_my() {
285 asm volatile (
286 "STMFD SP!, {R3,LR}\n"
287 "BL sub_004777E0\n"
288 "BL sub_004779F8\n"
289 "MOV R3, #0\n"
290 "STR R3, [SP]\n"
291
292 "LDR R3, =sub_FF00A694_my\n"
293 "MOV R2, #0x200\n"
294 "MOV R1, #0x19\n"
295 "LDR R0, =0xFF00A798\n"
296 "BL _CreateTask\n"
297 "MOV R0, #0\n"
298 "LDMFD SP!, {R3,PC}\n"
299 );
300 }
301
302
303
304 void __attribute__((naked,noinline)) sub_FF00A694_my() {
305 asm volatile (
306 "STMFD SP!, {R4,LR}\n"
307 "BL sub_FF01E5B0\n"
308 "BL sub_FF01F840\n"
309 "BL sub_FF01D43C\n"
310 "BL sub_FF025FF8\n"
311 "BL sub_FF01E9F4\n"
312 "BL sub_FF01DB08\n"
313 "BL sub_FF01CBF0\n"
314 "LDMFD SP!, {R4,LR}\n"
315
316 "B sub_FF00A6EC_my\n"
317 );
318 }
319
320
321
322
323 void __attribute__((naked,noinline)) sub_FF00A6EC_my() {
324 asm volatile (
325 "STMFD SP!, {R3-R7,LR}\n"
326 "BL sub_FF025D94\n"
327 "LDR R6, =0xC0220000\n"
328 "MOVS R4, R0\n"
329 "MOV R5, #1\n"
330 "BNE loc_FF00A73C\n"
331 "BL sub_FF020174\n"
332 "CMP R0, #0\n"
333 "BEQ loc_FF00A73C\n"
334 "LDR R0, [R6, #0x128]\n"
335 "BIC R1, R5, R0\n"
336 "LDR R0, [R6, #0x12C]\n"
337 "BIC R0, R5, R0\n"
338 "ORRS R2, R0, R1\n"
339 "BNE loc_FF00A74C\n"
340 "BL sub_FF01D7EC\n"
341 "MOV R0, #0x44\n"
342 "STR R0, [R6, #0x1C]\n"
343 "BL sub_FF01D9DC\n"
344 "loc_FF00A738:\n"
345 "B loc_FF00A738\n"
346 "loc_FF00A73C:\n"
347 "LDR R0, [R6, #0x12C]\n"
348 "LDR R1, [R6, #0x128]\n"
349 "BIC R0, R5, R0\n"
350 "BIC R1, R5, R1\n"
351 "loc_FF00A74C:\n"
352 "MOV R3, #0\n"
353 "MOV R2, R4\n"
354
355 "BL sub_FF01E5B4\n"
356 "BL sub_004777E0\n"
357 "LDR R1, =0x3CE000\n"
358 "MOV R0, #0\n"
359 "BL sub_FF024374\n"
360 "BL sub_004779F8\n"
361 "MOV R3, #0\n"
362 "STR R3, [SP]\n"
363
364 "LDR R3, =task_Startup_my \n"
365 "MOV R2, #0\n"
366 "MOV R1, #0x19\n"
367 "LDR R0, =0xFF00A7AC\n"
368 "BL _CreateTask\n"
369 "MOV R0, #0\n"
370 "LDMFD SP!, {R3-R7,PC}\n"
371 );
372 }
373
374
375
376
377 void __attribute__((naked,noinline)) task_Startup_my() {
378 asm volatile (
379 "STMFD SP!, {R4,LR}\n"
380 "BL sub_FF0048C8\n"
381 "BL sub_FF025E0C\n"
382
383 "BL sub_FF026154\n"
384 "BL sub_FF026320\n"
385 "BL sub_FF026148\n"
386 "BL sub_FF026028\n"
387 "BL sub_FF0242A8\n"
388 "BL sub_FF026328\n"
389 "BL CreateTask_spytask\n"
390
391 "BL taskcreatePhySw_my\n"
392 "BL sub_FF021FD8\n"
393 "BL sub_FF026340\n"
394 "BL sub_FF01BA14\n"
395 "BL sub_FF01C55C\n"
396 "BL sub_FF025B04\n"
397 "BL sub_FF01CB94\n"
398 "BL sub_FF01C4F8\n"
399 "BL sub_FF02614C\n"
400 "BL sub_FF026FF8\n"
401 "BL sub_FF01C4BC\n"
402 "LDMFD SP!, {R4,LR}\n"
403 "B sub_FF0049E8\n"
404 );
405 }
406
407
408
409 void __attribute__((naked,noinline)) taskcreatePhySw_my() {
410 asm volatile (
411 "STMFD SP!, {R3-R5,LR}\n"
412 "LDR R4, =0x1C30\n"
413 "LDR R0, [R4, #4]\n"
414 "CMP R0, #0\n"
415 "BNE loc_FF01E488\n"
416 "MOV R3, #0\n"
417 "STR R3, [SP]\n"
418
419 "LDR R3, =task_PhySw\n"
420
421 "MOV R2, #0x2000\n"
422 "MOV R1, #0x17\n"
423 "LDR R0, =0xFF01E6B0\n"
424 "BL sub_00477A50\n"
425 "STR R0, [R4, #4]\n"
426 "loc_FF01E488:\n"
427 "BL sub_FF078570\n"
428 "BL sub_FF0200C4\n"
429 "CMP R0, #0\n"
430 "BNE loc_FF01E4A4\n"
431 "LDR R1, =0x33DE0\n"
432 "MOV R0, #0\n"
433 "BL sub_FF0784E0\n"
434 "loc_FF01E4A4:\n"
435 "LDMFD SP!, {R3-R5,PC}\n"
436 );
437 }
438
439 void CreateTask_spytask() {
440 _CreateTask("SpyTask", 0x19, 0x2000, core_spytask, 0);
441 };
442
443
444
445
446 void __attribute__((naked,noinline)) init_file_modules_task( ) {
447 asm volatile (
448 "STMFD SP!, {R4-R6,LR}\n"
449 "BL sub_FF07AB30\n"
450 "LDR R5, =0x5006\n"
451 "MOVS R4, R0\n"
452 "MOVNE R1, #0\n"
453 "MOVNE R0, R5\n"
454 "BLNE _PostLogicalEventToUI\n"
455 "BL sub_FF07AB64\n"
456 "BL core_spytask_can_start\n"
457 "CMP R4, #0\n"
458 "LDMNEFD SP!, {R4-R6,PC}\n"
459 "MOV R0, R5\n"
460 "LDMFD SP!, {R4-R6,LR}\n"
461 "MOV R1, #0\n"
462 "B _PostLogicalEventToUI\n"
463 );
464 }