chaoskagami / corbenik Goto Github PK

I don't know how hard it would be to change (I haven't taken a look at the source of this) but how about a configuration file that's editable form an editor instead of the way it's currently stored?
That way it would also be easier to change multiple settings at once since it's a little cumbersome to do so on the 3DS since one might have to go into several menus and have a lot of options one can turn on.

In bytecode for the op fwd it says "number of bytes to rewind" which I'm pretty sure is incorrect.

So. The top splash shows up if I enter the menu, but NOT if I don't and just autoboot.

The bottom image never shows up.

Here is the error:

firm/firm.c: In function 'dump_firm':
firm/firm.c:57:22: warning: cast increases required alignment of target type [-Wcast-align]
sdmmc_get_cid(1, (uint32_t_)cid);
^
firm/firm.c: In function 'decrypt_cetk_key':
firm/firm.c:211:5: error: implicit declaration of function 'cbc_decrypt' [-Werror=implicit-function-declaration]
cbc_decrypt(key, key, 1, AES_CNT_TITLEKEY_DECRYPT_MODE, iv);
^
firm/firm.c: In function 'decrypt_firm_title':
firm/firm.c:230:53: error: 'AES_CNT_CBC_DECRYPT_MODE' undeclared (first use in this function)
cbc_decrypt(ncch, ncch, *size / AES_BLOCK_SIZE, AES_CNT_CBC_DECRYPT_MODE, f
^
firm/firm.c:230:53: note: each undeclared identifier is reported only once for each function it appears in
firm/firm.c:240:22: warning: cast increases required alignment of target type [-Wcast-align]
exefs_h *exefs = (exefs_h *)((uint8_t *)ncch + ncch->exeFSOffset * MEDIA_UN
^
firm/firm.c: In function 'decrypt_arm9bin':
firm/firm.c:275:9: error: implicit declaration of function 'ecb_decrypt' [-Werror=implicit-function-declaration]
ecb_decrypt(header->slot0x16keyX, decrypted_keyx, 1, AES_CNT_ECB_DECRYP
^
firm/firm.c:275:62: error: 'AES_CNT_ECB_DECRYPT_MODE' undeclared (first use in this function)
ecb_decrypt(header->slot0x16keyX, decrypted_keyx, 1, AES_CNT_ECB_DECRYP
^
firm/firm.c: In function 'boot_firm':
firm/firm.c:432:43: error: 'AES_CNT_ECB_DECRYPT_MODE' undeclared (first use in this function)
ecb_decrypt(keydata, keyx, 1, AES_CNT_ECB_DECRYPT_MODE);
^
firm/firm.c: In function 'find_proc9':
firm/firm.c:482:13: warning: assuming pointer wraparound does not occur when comparing P +- C1 with P +- C2 [-Wstrict-overflow]
while (arm9section < arm9section + section->size) {
^
firm/firm.c:484:36: warning: cast increases required alignment of target type [-Wcast-align]
ncch_h *ncch = (ncch_h *)((uint8_t_)arm9section - sizeof(nc
^
cc1: all warnings being treated as errors

As you see, I think it should be slightly wider as to cover the whole top.

It's not noticeable on a black screen, but if you use a background, it certainly is.

I've got a translation patch in the form of romfs file but don't know where exactly it belongs to it since cannot find anything regarding that in this repo.

I'm not sure why, as the system still boots and everything seems to work. However, when I go to launch a legit DS cartridge (New Super Mario Bros) it just blackscreens, but the game works without the option enabled so I don't know what the problem is. I don't know if logs would be helpful because the issue occurs after boot is completed but if you need the logs I will upload. TWL patches don't have to be enabled to reproduce. Interestingly, if I enable TWL patches, the system appears to apply the O3DS patches. Maybe there is something different about my specific console? I really don't know and I am hoping you can help.
If you need anything else feel free to ask.

Something like Luma's, where if the config format changes, Corbenik/Skeith will know the config is older, and delete it, forcing the user to make a new one. I'd say that's a pretty cool feature.

When you insert a foreign region cart, the cursor moves to the cart slot, but no icon appears.
Booting the home menu with a cart inserted works.
jpn o3ds, latest fw

The VM might be something we want a few enhancements on, like:

• rel offset to top and bottom framebuffer (rate limit writes to 30FPS)
• Button checks.
• Delaying.

This is to keep track of build failures on windows. Currently known, actual issues:

• Mingw is unusable.
• bdfe misgenerates font.h on Cygwin for one specific character. I'm unsure why.
• Python shebang causes issues on Windows. Find some way to get the correct python in the Makefile on windows targets.

This is only for keeping track of them. Note that I don't actually care if it's buildable on Windows.

I encountered an issue earlier today with Skeith CFW. For some reason, whenever I load a HighMem game on my 3DS, it will not reboot. I just wanted to bring this to your attention and help you out. Thank you so much for developing this CFW!

P.S. I also checked in-case I forgot to enable reboot patches, but they were enabled...

Corbenik should be buildable as a firm payload. This entails a bit more work than I'd like, but time to strap down and get to work I guess.

• Build firm payload
• FIX CRASH (fml) <- not really fixed, worked around for now
• Figure out why TWL/AGB won't properly decrypt now (keys?)
• Add support for chainloading firm payloads
• Add a fallback mode for when no SD is inserted

At some point in the nightly builds, EmuNAND broke. I need to fix it (ugh)

It's not something of high priority, but it would be a great enhancement. I don't care too much about this, but I do use it in 2 or 3 games.

It would be neat too if you could implement a RomFS dump like the code sections dump, only if it's possible, but that is more low priority (at least for me)

I guess this is somewhat important?

I'm running the latest Skeith, it writes

Module: injected /skeith/lib/module/native/loader.cxi

then hangs.

After running make, gcc says
clang: error: treating 'c' input as 'c++' when in C++ mode, this behavior is deprecated

Followed all instructions, tried multiple versions of all required files. Invariably boots with 'FAILED TO LOAD NATIVE_FIRM'. Needs complete overhaul.

I compiled corbenik from source an noticed that everytime I enabled the custom loader, the CFW would get stuck in a loop warning me that the loader.cxi is to big (L41 here) and that it would need to grow 1 unit.

It probably hangs because the following continue; just jumps back to the while-condition, which hasn't changed, and thus executes the same code again ad infinitum. I don't know if that's intended this way.

Too find out why it complained that it'd need to grow, I did a git bisect. Starting with 19cc0eb the issue appeared for me the first time and also did the size of loader.cxi change from previously 12288 bytes to 12800 bytes after.

I understand that the 'shift all the modules'-code is not implemented right now, but can you confirm that the custom loader indeed exceeds the size of the original?

Anyway, cool project! If I could get any ressources on how develop patches/what patches are needed, I'd be on board writing some!

"It has a few features that no other CFW has:
IPC logging (which logs commands from/to services).
Arbitrary memory read/write over the network.
Testing services calls over the network.
Some kind of debugging with breakpoints over the network? Not sure what I'm reading in 3dshaxclient.c.
The memory setup for webkitdebug.s from https://github.com/yellows8/3ds_browserhax_common.
Some nim URL patches (though that effect can also be achieved, for the most part, with ctr-httpwn + another CFW)."
~beefhash, /r/3dshacks

I read that. Is any of these useful to be implemented in Corbenik, given that it is a poweruser/dev-oriented CFW?

• Finish adding that debug dump instruction @Wolfvak wanted
• Clean up some text formatting and do greedy linewrapping with descriptions
• Add a stack to the VM and instructions to manipulate and act upon it

Honestly, things are so stable now there's really not much to do. It's all longterm stuff now.

I keep pushing this back. It's getting absurd.

So, apparently, Corbenik no longer works if using noscreeinit A9LH / Using AuroraWright's A9LH with arm9loaderhax.bin (no screen init) and just black screens.

When I merged ctr9io, I forgot that the build method bombs out due to makefiles not allowing dependencies as such.

The only real solution is to build externally or finish switching to autoconf, so make won'y work parallel atm.

This is a notice to people compiling corbenik so they aren't surprised. Yes, it's broken.

I know that TWLoader is in development, but it works in other CFW, but not in this one.
Also test it with the "TWL Patches" on and off.

The logs I do not see much of use since they only log the information of boot by what I understand, but I leave them.

logs.zip

emuNAND is objectively a piece of shit.

I'm wanting to implement a specialized FS meant for the following:

• Large files
• Fast seek
• Only one level (root only)
• Arbitrary numbers of files
• Guaranteed contiguity.

Another idea for enhancement.
Maybe together with Build Info, put what NATIVE/AGB/TWL_FIRM version is being loaded from SD. It's not something I care too much, but I seen to keep forgetting what firmware I used last for testing (normally my emuNAND) days after making the test an trying to load sysNAND and maybe it's helpful for someone else too.

So, I want to build Corbenik as Skeith as not to replace the stable, but I can't seem to figure out how to do so. Where do I change the directory for the CFW?

@TiniVi isn't credited for the screen deinit code:
https://github.com/chaoskagami/corbenik/blob/master/source/firm/firm.c#L288-L292
https://github.com/AuroraWright/Luma3DS/wiki/Credits

@TuxSH, @delebile, @AuroraWright, @Steveice10 aren't credited for the Process9/Kernel9 patches, for the loader patches, and for the AGB and TWL patches.
https://gist.github.com/Steveice10/8a6965c59192ac970832
https://github.com/AuroraWright/Luma3DS/blob/developer/source/patches.c#L171-L179

@dark-samus, @b1l1s, @Normmatt, @delebile (and other contributors) aren't credited for figuring out screen init.

@yifanlu's crediting is unclear: @yifanlu made 3ds_injector, which is an opensource replacement for Process9's loader module.

@Reisyukaku, @AuroraWright and @Normmatt aren't credited for the emuNAND/redNAND patches.

Just an idea for an enhancement. It's not something I particularly care about using that much, it's not very important, and I've no idea what is needed for this to happen, but hey, it'd be an enhancement, so I've decided to post it here.

Welp, just like the title says. It's not a useful feature, but I loved my A9LH splash screen back in Luma. So, I'm suggesting the addition of this feature.

Well, it seems that, with the latest commit (both Corbenik-UN and Skeith, so it's not an issue with my compilation), the garbage before splash is back.

If it matters, I'm using arm9loaderhax_si.bin as my arm9loaderhax payload.

There's no garbage if I use non-screeninit a9lh (/arm9loaderhax.bin) .

I'm probably being stupid here, but how do I do this?

Or just set them to 300 at boot.

corbenik already does this with:
/corbenik/firmware/
--agb
--native
--twl

so keeping with its standard, why not with:
/corbenik/cetk/
--agb.cetk
--native.cetk
--twl.cetk

and:
/corbenik/keys/
--11.key
--agb.key
--native.key
--twl.cetk

So people apparently want this. I don't really like the overhead involved, but w/e. It doesn't take much work to do this.

I'd prefer to have this be able to be cut out at compile time.

I don't know if region/language emulation isn't working at all or if it's just for Japanese games but the two games that I've tested (only two Japanese games with DLC I possess) tell me that not every DLC could be read. But none of the DLCs are showing up.
The games in question are 000400000102F00 and 000400000190E00 (too lazy for Shift-JIS, it's Taiko no Tatsujin 2 and 3), which I've tried running on a European o3DS and European o3DS XL.
The DLCs' are dumped from my Japanese n3DS XL where they work fine, even if I delete both ticket and DLC from it and install the cia files.
Unfortunately, I don't have any European DLC I could test on the n3DS XL for the region emulation.
Also, I've tried to change the JA in both locale files to JP since I thought that it could have been because of 3dsdb.com's labeling of Japanese as ja instead of jp. But that didn't help either.
Not sure if it will help but here's a verbose output of the boot.log, perhaps some patch is interfering with the emulation (which I doubt but hey, some even stranger bugs happened).

10.3 fixed a number of vulnerabilities (notably the ones used on 10.2 to get a9lh), and unfortunately, also bumped minver. There's no reason, ABI/API wise that should be needed, but it was probably done to prevent FIRM downgrade. NS now panics if the kernel is not the version intended for 10.3.

As of now, one needs 10.3 FIRM to boot 10.3 NAND.

I strongly recommend people hold back for now; it doesn't work without 10.3 FIRM, and quite a few things are now broken and in need of fixing.

It would be nice if corbenik that defaults to a set global locale for titles when /corbenik/locale/TITLE is not present. As you already know, the issue is with loading out of region tiles that have multiple languages available, but defaults to the console's region (annoying for people who imported). For example, loading a USA Bravely Second cia will default to JPN language on a JPN console.

I understand there is probably no way to fix this at all except for disabiling sending of information and hiding what title is currently being played in the friends list applet. But we need a way to patch it so nintendo can't ban people like that. The cause of the ban is the friends list applet. Basically what is happening is a invalid title ID is seen, then a ban request is sent, then the user's 3ds gets banned from online play. The only way to unban is to inject a not banned localfriendseed_B or sell themselves to hackerone. This is a very serious issue. Affecting all cfw users.

It would be nice if, when a patch aborts, it displayed the name of the patch that aborted, so that you can go in and disable the patch after rebooting. Useful when turning on a bunch of patches, and then one aborts... and you're not sure which one.

Compiling gives me an error at block_cart_update.pco. Can't exactly paste the log right now, though. :/
28e9cfa

I don't know if this is getting fixed and you expected this to break and are fixing it on your repo, but, well, I might as well report this issue. :D

idk what is happening i click boot firmware and i get this

Exactly what it says.
Due to several reasons I decided to change my o3DS' region to Japan and corbenik has been unable to boot it since (on both 9.2.0-20J and 11.4.0-37J).
Luma3DS booted just fine into both 9.2.0-20J and updated to 11.4.0-37J.
Weird thing however is that I had region changed my o3DS at some point to Japan and back then it worked (either 11.1.0-34 or 11.2.0-35 were the latest update).
Here are the logs of corbenik's successful and failed boot for 11.4.0-37{E,J} respectively. Running diff on the logs shows that the region changed one just stops midway and it doesn't matter how long I wait on this one.
corbenik was also built on the latest commit (1032b8c).

https://github.com/AuroraWright/Luma3DS/pull/305/files

Something like that. it doesn't have it yet, does it?

Unless otherwise noted, these are all longterm goals. They are going to take a while and potentially a good amount of RE.

• RomFs redirection (preferrably NTR overlay style)
• Persistent background thread
• Memory modification while processes are running
• Finish rewriting the assembler in C

I won't bump the major version until all of these are done, and these are far more involved than their description implies.

Hey. I've just noticed, I am unable to start the Sun/Moon demo with the current Skeith.

I don't know if this happens with other games like SSB or MH4U, as I don't have the carts with me now, sooo.... They work on Luma though. I do have the Firmlaunch Hook.

As title states, this only happens on the very first boot attempt (or rather, the first time firm is decrypted); haven't really looked into possible causes

EUR New3DS
Boot log:
boot.txt

Ideally, Autoboot and Silent Mode together should not initialize the screen unless the menu key (R) is held.

Apparently, if you use the 11.2 payload, and you're using Luma and 11.4, you can still get into the HBL, for some reason. This is above my tier, but is this functionality available in corbenik? I have carefully dug through all of your posted information and haven't managed to find anything, although I may well have missed it. I'll close this asap once I hear from you.