Add nim crashfix for blanker/incognito

[borntohonk]

Saw your post on gbatemp and decided to address the nim crash that incognito users / ams blanker / hekate cal0 blanker users experience.

(force-pushed a typo where i incorrectly set 14.0.0 instead of 17.0.0)

[borntohonk]

I pushed a second commit addressing what i personally see as flawed patches.
@impeeza

[shadow2560]

Could we use something like that for incognito patch pattern instead of using 2 patches?
{ "nim", "0x.00F00351F2003D5", 8, 0, adr_cond, mov2_patch, mov2_applied, true, MAKEHOSVERSION(17,0,0) },

[borntohonk]

Could we use something like that for incognito patch pattern instead of using 2 patches? { "nim", "0x.00F00351F2003D5", 8, 0, adr_cond, mov2_patch, mov2_applied, true, MAKEHOSVERSION(17,0,0) },

for the specific pattern, not really, it will hit an earlier address with first bit wildcarded.

[borntohonk]

Not that it matters that there's "two patches", only one is used.

[shadow2560]

OK, thanks for the explanations, you are far experienced than me, it was just a question for my own curiosity.

[borntohonk]

That got real dirty fast rebasing the wrong one, but last force push should be enough

also @shadow2560 seems you were correct, i was searching the wrong module in ghidra, could wildcard it.

[borntohonk]

(i merged in some other patterns from @lsp199308 and removed redundant patterns as consequence)

[borntohonk]

I've uploaded a compiled release of this latest force push to https://github.com/borntohonk/sys-patch/releases/tag/v1.5.4

[impeeza]

Wow guys, that is a great work and really great optimizations on the code; I have a question more by curiosity, the pattern definition:

{ "es3", "0x..00...0094a0..d1..ff97.......a9", 16, 0, mov2_cond, mov0_patch, mov0_applied, true, MAKEHOSVERSION(9,0,0) },//fw9-fw19

At the end of line the code have defined only the minimum firmware, and the argument for maximum FW is not used, but on the comments of the main.cpp is told to use FW_VER_ANY as wildcard to ignore, I realize what FW_VER_ANY have the value of 0 so if you do not use it, do not really matters, but just to be clear, can the FW_VER_ANY value be added like the maximum FW value for the pattern? I know is only aesthetic but my OCT is triggered 😸

I am thinking something like:

{ "es3", "0x..00...0094a0..d1..ff97.......a9", 16, 0, mov2_cond, mov0_patch, mov0_applied, true, MAKEHOSVERSION(9,0,0), FW_VER_ANY },//fw9-fw19

[borntohonk]

FW_VER_ANY has been pushed into code, 🤷

uploaded compiled binary from said commit to refreshed release:
https://github.com/borntohonk/sys-patch/releases/tag/v1.5.4

[impeeza]

FW_VER_ANY has been pushed into code, 🤷

uploaded compiled binary from said commit to refreshed release: https://github.com/borntohonk/sys-patch/releases/tag/v1.5.4

Thanks for the quick answer, I proced with the commit of the PR

[lsp199308]

In the code, es is limited to fw2.0.0, so for ES1 it can be removed. I have a question, fspatch, in fw1-fw9, there are 4 patch locations, while fw10+ has only two patch locations, and by wildcards, it can be done to match fw10-16, and Fw17+, while for fw1-fw9 I don't understand why there are 4 patch locations

[borntohonk]

In the code, es is limited to fw2.0.0, so for ES1 it can be removed. I have a question, fspatch, in fw1-fw9, there are 4 patch locations, while fw10+ has only two patch locations, and by wildcards, it can be done to match fw10-16, and Fw17+, while for fw1-fw9 I don't understand why there are 4 patch locations

https://github.com/borntohonk/Atmosphere/blob/master/fusee/program/source/fusee_stratosphere.cpp#L502-L627

Nintendo moved acid check from FS to loader in 10.0.0 (that is what "atmosphere loader patch" is for now)

[lsp199308]

In the code, es is limited to fw2.0.0, so for ES1 it can be removed. I have a question, fspatch, in fw1-fw9, there are 4 patch locations, while fw10+ has only two patch locations, and by wildcards, it can be done to match fw10-16, and Fw17+, while for fw1-fw9 I don't understand why there are 4 patch locations

https://github.com/borntohonk/Atmosphere/blob/master/fusee/program/source/fusee_stratosphere.cpp#L502-L627

Nintendo moved acid check from FS to loader in 10.0.0 (that is what "atmosphere loader patch" is for now)

Thank you very much, for exfat and fat32, they sometimes patch different locations, using sys-patch, you need to patch different locations, in fw16.0.3, fat32 patches 0x148b7c, exfat patches 0x15375c, and the wildcard can only match for fat32, and for exfat, the patch locations are obviously different.？Thank you again, your switch-gdidra-geides are very helpful to me!

[borntohonk]

Thank you very much, for exfat and fat32, they sometimes patch different locations, using sys-patch, you need to patch different locations, in fw16.0.3, fat32 patches 0x148b7c, exfat patches 0x15375c, and the wildcard can only match for fat32, and for exfat, the patch locations are obviously different.？Thank you again, your switch-gdidra-geides are very helpful to me!

nintendo refactored FS in 17.0.0, and i refactored my patches as consequence.

before:

patch was in unique offset belonging to fat32 or exfat

after it's in the section before it becomes different, no longer need different addresses (i also reverse engineered the patch new again, which is why its different after 17.0.0)