This source file includes following definitions.
- taskHook
- boot
- sub_FF810380_my
- sub_FF8111D8_my
- sub_FF814288_my
- sub_FF81A6AC_my
- taskcreate_Startup_my
- task_Startup_my
- taskcreatePhySw_my
- CreateTask_spytask
- init_file_modules_task
1 #include "lolevel.h"
2 #include "platform.h"
3 #include "core.h"
4 #include "dryos31.h"
5 #define offsetof(TYPE, MEMBER) ((int) &((TYPE *)0)->MEMBER)
6
7 const char * const new_sa = &_end;
8
9 void CreateTask_PhySw();
10 void CreateTask_spytask();
11
12 extern void task_CaptSeq();
13 extern void task_InitFileModules();
14 extern void task_MovieRecord();
15 extern void task_ExpDrv();
16 extern void task_PhySw();
17 extern void task_FileWrite();
18
19 void taskHook(context_t **context) {
20
21 task_t *tcb=(task_t*)((char*)context-offsetof(task_t, context));
22
23 if(tcb->entry == (void*)task_PhySw) tcb->entry = (void*)mykbd_task;
24 if(tcb->entry == (void*)task_CaptSeq) tcb->entry = (void*)capt_seq_task;
25 if(tcb->entry == (void*)task_InitFileModules) tcb->entry = (void*)init_file_modules_task;
26 if(tcb->entry == (void*)task_MovieRecord) tcb->entry = (void*)movie_record_task;
27 if(tcb->entry == (void*)task_ExpDrv) tcb->entry = (void*)exp_drv_task;
28 if(tcb->entry == (void*)task_FileWrite) tcb->entry = (void*)filewritetask;
29 }
30
31
32
33 void __attribute__((naked,noinline)) boot( ) {
34 asm volatile (
35 "LDR R1, =0xC0410000\n"
36 "MOV R0, #0\n"
37 "STR R0, [R1]\n"
38 "MOV R1, #0x78\n"
39 "MCR p15, 0, R1, c1, c0\n"
40 "MOV R1, #0\n"
41 "MCR p15, 0, R1, c7, c10, 4\n"
42 "MCR p15, 0, R1, c7, c5\n"
43 "MCR p15, 0, R1, c7, c6\n"
44 "MOV R0, #0x3D\n"
45 "MCR p15, 0, R0, c6, c0\n"
46 "MOV R0, #0xC000002F\n"
47 "MCR p15, 0, R0, c6, c1\n"
48 "MOV R0, #0x33\n"
49 "MCR p15, 0, R0, c6, c2\n"
50 "MOV R0, #0x40000033\n"
51 "MCR p15, 0, R0, c6, c3\n"
52 "MOV R0, #0x80000017\n"
53 "MCR p15, 0, R0, c6, c4\n"
54 "LDR R0, =0xFF80002D\n"
55 "MCR p15, 0, R0, c6, c5\n"
56 "MOV R0, #0x34\n"
57 "MCR p15, 0, R0, c2, c0\n"
58 "MOV R0, #0x34\n"
59 "MCR p15, 0, R0, c2, c0, 1\n"
60 "MOV R0, #0x34\n"
61 "MCR p15, 0, R0, c3, c0\n"
62 "LDR R0, =0x3333330\n"
63 "MCR p15, 0, R0, c5, c0, 2\n"
64 "LDR R0, =0x3333330\n"
65 "MCR p15, 0, R0, c5, c0, 3\n"
66 "MRC p15, 0, R0, c1, c0\n"
67 "ORR R0, R0, #0x1000\n"
68 "ORR R0, R0, #4\n"
69 "ORR R0, R0, #1\n"
70 "MCR p15, 0, R0, c1, c0\n"
71 "MOV R1, #0x80000006\n"
72 "MCR p15, 0, R1, c9, c1\n"
73 "MOV R1, #6\n"
74 "MCR p15, 0, R1, c9, c1, 1\n"
75 "MRC p15, 0, R1, c1, c0\n"
76 "ORR R1, R1, #0x50000\n"
77 "MCR p15, 0, R1, c1, c0\n"
78 "LDR R2, =0xC0200000\n"
79 "MOV R1, #1\n"
80 "STR R1, [R2, #0x10C]\n"
81 "MOV R1, #0xFF\n"
82 "STR R1, [R2, #0xC]\n"
83 "STR R1, [R2, #0x1C]\n"
84 "STR R1, [R2, #0x2C]\n"
85 "STR R1, [R2, #0x3C]\n"
86 "STR R1, [R2, #0x4C]\n"
87 "STR R1, [R2, #0x5C]\n"
88 "STR R1, [R2, #0x6C]\n"
89 "STR R1, [R2, #0x7C]\n"
90 "STR R1, [R2, #0x8C]\n"
91 "STR R1, [R2, #0x9C]\n"
92 "STR R1, [R2, #0xAC]\n"
93 "STR R1, [R2, #0xBC]\n"
94 "STR R1, [R2, #0xCC]\n"
95 "STR R1, [R2, #0xDC]\n"
96 "STR R1, [R2, #0xEC]\n"
97 "STR R1, [R2, #0xFC]\n"
98 "LDR R1, =0xC0400008\n"
99 "LDR R2, =0x430005\n"
100 "STR R2, [R1]\n"
101 "MOV R1, #1\n"
102 "LDR R2, =0xC0243100\n"
103 "STR R2, [R1]\n"
104 "LDR R2, =0xC0242010\n"
105 "LDR R1, [R2]\n"
106 "ORR R1, R1, #1\n"
107 "STR R1, [R2]\n"
108 "LDR R0, =0xFFC0246C\n"
109 "LDR R1, =0x3F1000\n"
110 "LDR R3, =0x4005D4\n"
111 "loc_FF81013C:\n"
112 "CMP R1, R3\n"
113 "LDRCC R2, [R0], #4\n"
114 "STRCC R2, [R1], #4\n"
115 "BCC loc_FF81013C\n"
116 "LDR R0, =0xFFBF6DA4\n"
117 "LDR R1, =0x1900\n"
118 "LDR R3, =0xCFC8\n"
119 "loc_FF810158:\n"
120 "CMP R1, R3\n"
121 "LDRCC R2, [R0], #4\n"
122 "STRCC R2, [R1], #4\n"
123 "BCC loc_FF810158\n"
124 "LDR R1, =0x1585F0\n"
125 "MOV R2, #0\n"
126 "loc_FF810170:\n"
127 "CMP R3, R1\n"
128 "STRCC R2, [R3], #4\n"
129 "BCC loc_FF810170\n"
130
131 "B sub_FF810380_my\n"
132 );
133 }
134
135
136
137
138 void __attribute__((naked,noinline)) sub_FF810380_my( ) {
139
140
141 *(int*)0x1934=(int)taskHook;
142 *(int*)0x1938=(int)taskHook;
143
144
145
146
147 if ((*(int*) 0xC02200F8) & 1)
148 *(int*)(0x24B8+4) = 0x200000;
149 else
150 *(int*)(0x24B8+4) = 0x100000;
151
152 asm volatile (
153 "LDR R0, =0xFF8103F8\n"
154 "MOV R1, #0\n"
155 "LDR R3, =0xFF810430\n"
156 "loc_FF81038C:\n"
157 "CMP R0, R3\n"
158 "LDRCC R2, [R0], #4\n"
159 "STRCC R2, [R1], #4\n"
160 "BCC loc_FF81038C\n"
161 "LDR R0, =0xFF810430\n"
162 "MOV R1, #0x4B0\n"
163 "LDR R3, =0xFF810644\n"
164 "loc_FF8103A8:\n"
165 "CMP R0, R3\n"
166 "LDRCC R2, [R0], #4\n"
167 "STRCC R2, [R1], #4\n"
168 "BCC loc_FF8103A8\n"
169 "MOV R0, #0xD2\n"
170 "MSR CPSR_cxsf, R0\n"
171 "MOV SP, #0x1000\n"
172 "MOV R0, #0xD3\n"
173 "MSR CPSR_cxsf, R0\n"
174 "MOV SP, #0x1000\n"
175 "LDR R0, =0x6C4\n"
176 "LDR R2, =0xEEEEEEEE\n"
177 "MOV R3, #0x1000\n"
178 "loc_FF8103DC:\n"
179 "CMP R0, R3\n"
180 "STRCC R2, [R0], #4\n"
181 "BCC loc_FF8103DC\n"
182
183 "BL sub_FF8111D8_my\n"
184 );
185 }
186
187
188
189
190 void __attribute__((naked,noinline)) sub_FF8111D8_my( ) {
191 asm volatile (
192 "STR LR, [SP, #-4]!\n"
193 "SUB SP, SP, #0x74\n"
194 "MOV R1, #0x74\n"
195 "MOV R0, SP\n"
196 "BL sub_003FC448\n"
197 "MOV R0, #0x57000\n"
198 "STR R0, [SP, #4]\n"
199 #if defined(CHDK_NOT_IN_CANON_HEAP)
200 "LDR R0, =0x1585F0\n"
201 #else
202 "LDR R0, =new_sa\n"
203 "LDR R0, [R0]\n"
204 #endif
205 "LDR R2, =0x2ED440\n"
206 "STR R0, [SP, #8]\n"
207 "SUB R0, R2, R0\n"
208 "STR R0, [SP, #0xC]\n"
209 "MOV R0, #0x22\n"
210 "STR R0, [SP, #0x18]\n"
211 "MOV R0, #0x7C\n"
212 "STR R0, [SP, #0x1C]\n"
213 "LDR R1, =0x2F5C00\n"
214 "LDR R0, =0x1CD\n"
215 "STR R1, [SP]\n"
216 "STR R0, [SP, #0x20]\n"
217 "MOV R0, #0x96\n"
218 "STR R2, [SP, #0x10]\n"
219 "STR R1, [SP, #0x14]\n"
220 "STR R0, [SP, #0x24]\n"
221 "STR R0, [SP, #0x28]\n"
222 "MOV R0, #0x64\n"
223 "STR R0, [SP, #0x2C]\n"
224 "MOV R0, #0\n"
225 "STR R0, [SP, #0x30]\n"
226 "STR R0, [SP, #0x34]\n"
227 "MOV R0, #0x10\n"
228 "STR R0, [SP, #0x5C]\n"
229 "MOV R0, #0x800\n"
230 "STR R0, [SP, #0x60]\n"
231 "MOV R0, #0xA0\n"
232 "STR R0, [SP, #0x64]\n"
233 "MOV R0, #0x280\n"
234 "STR R0, [SP, #0x68]\n"
235
236 "LDR R1, =sub_FF814288_my \n"
237 "MOV R2, #0\n"
238 "MOV R0, SP\n"
239 "BL sub_003F2778\n"
240 "ADD SP, SP, #0x74\n"
241 "LDR PC, [SP], #4\n"
242 );
243 }
244
245
246
247
248 void __attribute__((naked,noinline)) sub_FF814288_my( ) {
249 asm volatile (
250 "STMFD SP!, {R4,LR}\n"
251 "BL sub_FF810B50\n"
252 "BL sub_FF815174\n"
253 "CMP R0, #0\n"
254 "LDRLT R0, =0xFF81439C\n"
255 "BLLT _err_init_task\n"
256 "BL sub_FF813EC0\n"
257 "CMP R0, #0\n"
258 "LDRLT R0, =0xFF8143A4\n"
259 "BLLT _err_init_task\n"
260 "LDR R0, =0xFF8143B4\n"
261 "BL sub_FF813FA8\n"
262 "CMP R0, #0\n"
263 "LDRLT R0, =0xFF8143BC\n"
264 "BLLT _err_init_task\n"
265 "LDR R0, =0xFF8143B4\n"
266 "BL sub_FF8129C8\n"
267 "CMP R0, #0\n"
268 "LDRLT R0, =0xFF8143D0\n"
269 "BLLT _err_init_task\n"
270 "BL sub_FF814B10\n"
271 "CMP R0, #0\n"
272 "LDRLT R0, =0xFF8143DC\n"
273 "BLLT _err_init_task\n"
274 "BL sub_FF8116C8\n"
275 "CMP R0, #0\n"
276 "LDRLT R0, =0xFF8143E8\n"
277 "BLLT _err_init_task\n"
278 "LDMFD SP!, {R4,LR}\n"
279
280 "B sub_FF81A6AC_my \n"
281 );
282 }
283
284
285
286
287 void __attribute__((naked,noinline)) sub_FF81A6AC_my( ) {
288 asm volatile (
289 "STMFD SP!, {R4,LR}\n"
290 "BL sub_FF82EAF4\n"
291
292 "BL taskcreate_Startup_my \n"
293 "MOV R0, #0\n"
294 "LDMFD SP!, {R4,PC}\n"
295 );
296 }
297
298
299
300
301 void __attribute__((naked,noinline)) taskcreate_Startup_my( ) {
302 asm volatile (
303 "STMFD SP!, {R3-R7,LR}\n"
304 "BL sub_FF835BE4\n"
305 "LDR R6, =0xC0220000\n"
306 "MOVS R4, R0\n"
307 "MOV R5, #1\n"
308 "BNE loc_FF81A710\n"
309 "BL sub_FF8306B8\n"
310 "CMP R0, #0\n"
311 "BEQ loc_FF81A710\n"
312 "LDR R0, [R6, #0xFC]\n"
313 "BIC R1, R5, R0\n"
314 "LDR R0, [R6, #0xF8]\n"
315 "BIC R0, R5, R0\n"
316 "ORRS R2, R0, R1\n"
317 "BNE loc_FF81A720\n"
318 "BL sub_FF82E1C0\n"
319 "MOV R0, #0x44\n"
320 "STR R0, [R6, #0x12C]\n"
321 "BL sub_FF82E2D0\n"
322 "loc_FF81A70C:\n"
323 "B loc_FF81A70C\n"
324 "loc_FF81A710:\n"
325 "LDR R0, [R6, #0xF8]\n"
326 "LDR R1, [R6, #0xFC]\n"
327 "BIC R0, R5, R0\n"
328 "BIC R1, R5, R1\n"
329 "loc_FF81A720:\n"
330 "MOV R3, #0\n"
331 "MOV R2, R4\n"
332
333 "BL sub_FF82EAF8\n"
334 "BL sub_003F77E0\n"
335 "LDR R1, =0x34E000\n"
336 "MOV R0, #0\n"
337 "BL sub_FF83421C\n"
338 "BL sub_003F79F8\n"
339 "MOV R3, #0\n"
340 "STR R3, [SP]\n"
341
342 "LDR R3, =task_Startup_my \n"
343 "MOV R2, #0\n"
344 "MOV R1, #0x19\n"
345 "LDR R0, =0xFF81A774\n"
346 "BL _CreateTask\n"
347 "MOV R0, #0\n"
348 "LDMFD SP!, {R3-R7,PC}\n"
349 );
350 }
351
352
353
354
355 void __attribute__((naked,noinline)) task_Startup_my( ) {
356 asm volatile (
357 "STMFD SP!, {R4,LR}\n"
358 "BL sub_FF8148C8\n"
359 "BL sub_FF82FD84\n"
360 "BL sub_FF82DE64\n"
361 "BL sub_FF835C2C\n"
362 "BL sub_FF835E18\n"
363 "BL sub_FF82CC60\n"
364 "BL sub_FF82EF38\n"
365 "BL sub_FF82D828\n"
366
367 "BL sub_FF835F94\n"
368 "BL sub_FF836160\n"
369 "BL sub_FF835F58\n"
370 "BL sub_FF835E48\n"
371 "BL sub_FF834150\n"
372 "BL sub_FF836168\n"
373 "BL CreateTask_spytask\n"
374
375 "BL taskcreatePhySw_my\n"
376 "BL sub_FF8324CC\n"
377 "BL sub_FF836180\n"
378 "BL sub_FF82B9DC\n"
379 "BL sub_FF82C524\n"
380 "BL sub_FF8359A0\n"
381 "BL sub_FF82CB50\n"
382 "BL sub_FF82C4C0\n"
383 "BL sub_FF835F84\n"
384 "BL sub_FF836CD8\n"
385 "BL sub_FF82C484\n"
386 "LDMFD SP!, {R4,LR}\n"
387 "B sub_FF8149E8\n"
388 );
389 }
390
391
392
393
394 void __attribute__((naked,noinline)) taskcreatePhySw_my( ) {
395 asm volatile (
396 "STMFD SP!, {R3-R5,LR}\n"
397 "LDR R4, =0x1C18\n"
398 "LDR R0, [R4, #4]\n"
399 "CMP R0, #0\n"
400 "BNE loc_FF82E9CC\n"
401 "MOV R3, #0\n"
402 "STR R3, [SP]\n"
403
404 "LDR R3, =mykbd_task \n"
405
406 "MOV R2, #0x2000 \n"
407 "MOV R1, #0x17\n"
408 "LDR R0, =0xFF82EBF4\n"
409 "BL sub_003F7A50\n"
410 "STR R0, [R4, #4]\n"
411 "loc_FF82E9CC:\n"
412 "BL sub_FF87CF8C\n"
413 "BL sub_FF830608\n"
414 "CMP R0, #0\n"
415 "BNE loc_FF82E9E8\n"
416 "LDR R1, =0x3116C\n"
417 "MOV R0, #0\n"
418 "BL sub_FF87CEFC\n"
419 "loc_FF82E9E8:\n"
420 "LDMFD SP!, {R3-R5,PC}\n"
421 );
422 }
423
424 void CreateTask_spytask() {
425
426 _CreateTask("SpyTask", 0x19, 0x2000, core_spytask, 0);
427 };
428
429
430
431 void __attribute__((naked,noinline)) init_file_modules_task( ) {
432 asm volatile (
433 "STMFD SP!, {R4-R6,LR}\n"
434 "BL sub_FF87F4F8\n"
435 "LDR R5, =0x5006\n"
436 "MOVS R4, R0\n"
437 "MOVNE R1, #0\n"
438 "MOVNE R0, R5\n"
439 "BLNE _PostLogicalEventToUI\n"
440 "BL sub_FF87F524\n"
441 "BL core_spytask_can_start\n"
442 "CMP R4, #0\n"
443 "LDMNEFD SP!, {R4-R6,PC}\n"
444 "MOV R0, R5\n"
445 "LDMFD SP!, {R4-R6,LR}\n"
446 "MOV R1, #0\n"
447 "B _PostLogicalEventToUI\n"
448 );
449 }