- Joined
- Apr 2, 2011
- Messages
- 11,005
- Trophies
- 1
- Location
- The Twilight Zone
- Website
- www.hacksden.com
- XP
- 4,339
- Country
I would like the option to be able to restore a NAND dump in software, if possible. I realise that this would only be possible to run if the vWii is still in a state such that it can run unsigned code (and so wouldn't help to restore a bricked vWii for example), but it would still be helpful if you wanted to revert a vWii to a near-virgin state before sending off to Nintendo for repair for example. See Is it possible to have a virgin vWii nand dump?
why would we not want the option to re-write back to nand? writing to the nand would mean any problems could be resolved by taking a copy of your original vwii nand and then you have a fresh nand again??? or am i missin the point of writing to the nand?
Hi Maxternal. I'm trying to run Dump Mii NAND on a virgin vWii. My intention is to dump the NAND before loading Homebrew Channel or any cIOS's. See my posts in the thread:
"Is it possible to have a virgin vWii nand dump?" where you'll see how I'm using Smash Stack, and have converted your boot.dol to a boot.elf so that Smash Stack will load it. I've got to the point where Dump Mii NAND boots but only displays:
and seems to freeze at that point. I guess the problem is that I have no IOS 254 installed.
Is there a way to run Dump Mii NAND successfully from Smash Stack on a virgin vWii?
"Is it possible to have a virgin vWii nand dump?" where you'll see how I'm using Smash Stack, and have converted your boot.dol to a boot.elf so that Smash Stack will load it. I've got to the point where Dump Mii NAND boots but only displays:
Code:
Will dump NAND to sd:/nand.bin
Loading IOS 254.Is there a way to run Dump Mii NAND successfully from Smash Stack on a virgin vWii?
- Joined
- Apr 2, 2011
- Messages
- 11,005
- Trophies
- 1
- Location
- The Twilight Zone
- Website
- www.hacksden.com
- XP
- 4,339
- Country
Not with the current Dump Mii NAND code, I agree, but Maxternal indicated that it would be possible to code writing to the NAND if he wanted to. Or it could be written back in hardware.
In any case, whatever my reasons are, I would very much like to have a copy of my virgin vWii NAND if it was possible to do so, and I feel like I must be close. If nothing else, it would be a good base for sneek-type EmuNand.
- Joined
- Apr 2, 2011
- Messages
- 11,005
- Trophies
- 1
- Location
- The Twilight Zone
- Website
- www.hacksden.com
- XP
- 4,339
- Country
Well you can't make a NAND dump without installing the HBC or BootMii. Installing IOS254 won't change anything on vSNEEK either.
Compiling a vWii compatible version of SNEEK
Theoretically, and as far as I understand it, the reason for needing HBC or BootMii is because they handle disabling AHBPROT which is needed for NAND access. In the version of the small block of code by Crediar, if AHBPROT is disabled by HBC or BootMii (which is set by the flag in meta.xml), it works by editing memory. If the app handled requesting access from ES to get it rather than rely on BootMii, HBC, or IOS254, it should work. If someone with more knowledge of Wii subsystems knows of a reason why this wouldn't work, please tell me because when I get time I may look into doing something along these lines.
I was thinking a live memory patch might work and if riivolution does not need to be installed and does not have a bunch of anti-tampering crap, a patch might be possible. But it would need AHBPROT / MEMPROT / usb /sd /nand and probably a couple more. Almost like bootmii but as replacement/patch for riivolution. IF you added wifi, then you could dump without usbgecko like Devolution loader with netcat.
I thought you had to use hardware registers good to know. only thing holding back appears to be requirement of ES.
54 int set_ahbprot(u32 enable) Enable/Disable PPC AHBPROT setting (can only be called from ES) 0 on success, -1 on error
btw, to be clear, when I said AHBPROT I meant the register HW_AHBPROT (0x0d800064)
- Joined
- Apr 2, 2011
- Messages
- 11,005
- Trophies
- 1
- Location
- The Twilight Zone
- Website
- www.hacksden.com
- XP
- 4,339
- Country
Just saying, if its something this simple, a short inline asm would make this a distinct possibility.
[Edit] I'm not quite sure whether nintendont disables AHB or just takes the setting from HBC as it seems to do both. [End Edit]
from the nintendont source: svn/trunk/kernel/
syscall.h:
#define EnableAHBProt(a) syscall_54(a)
void syscall_54( u32 a );
syscall.s:
.global syscall_54
.type syscall_54 STT_FUNC
syscall_54:
.long 0xe6000a90
bx lr
main.c:
EnableAHBProt(-1); //Disable AHBPROT
[Edit] I'm not quite sure whether nintendont disables AHB or just takes the setting from HBC as it seems to do both. [End Edit]
from the nintendont source: svn/trunk/kernel/
syscall.h:
#define EnableAHBProt(a) syscall_54(a)
void syscall_54( u32 a );
syscall.s:
.global syscall_54
.type syscall_54 STT_FUNC
syscall_54:
.long 0xe6000a90
bx lr
main.c:
EnableAHBProt(-1); //Disable AHBPROT
Similar threads
- S salazarcosplay
-
Xdqwerty
what are you looking at?
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@
CameronCataclysm:
Why no blog posts about Nitendont going after Garry's Mod repos that have been up for a decade or 2? -
-
-
@
Xdqwerty:
Is it safe to update a modded ps3?
Can I play online in pirated games? (with ps3hen either enabled or not) -
-
-
-
-
-
@
Xdqwerty:
@salazarcosplay, I used apollo save tool to activate my ps3 offline so i could play a game that wasnt working
-
S @ salazarcosplay:from what I understood. you load up the piratged game. you the clear the syscalls, then you play
S
@
salazarcosplay:
from what I understood. you load up the piratged game. you the clear the syscalls, then you play