Hacking Luma3DS - Noob-proof 3DS Custom Firmware

[TuxSH]

Hi,
Also, I did not understand in the code example above: why destAddress for map call is 0x00100000? What is that magic number? I thought that I should allocate in rosalina process some buffer and pass its address to map svc call.

0x00100000 is the virtual address where programs (their .text+.rodata+.data+.bss) usually start (except for loader, ro, and rosalina which start at VA 0x14000000. In this case this is where the mapped process memory is mapped and it could be any arbitrary page-aligned address indeed.

Also please not that those svcGetProcessInfo "IDs" and svc(Un)MapProcessMemoryEx are Luma-only syscalls (fwiw).

 

[duckbill007]

Yes. I do understand that it is a Luma specific calls. I saw K11 extensions and understand how it works.

What I asking is a example how to patch other process memory at specific offset:

I found correct pid for game process. Check via svcGetProcessInfo its titleId. So, I am sure that it is a correct process. However as i wrote above startAddress for that process is 0x14018208, and not 0x00100000 as you told. Or it is a PA, not VA? Also, textTotalRoundedSize+rodataTotalRoundedSize+dataTotalRoundedSize gives me 0x00100000 and this is strange.

Can you please provide example how to set or process with pid for example 0x27 memory at offset for example 0x0045003C to 0xE3A00001?
I do understand that it should be
svcOpenProcess(), then svcMapProcessMemoryEx(), then simple *((u32*)(start+0x0045003x)) = 0xE3A00001 then svcUnMapMemoryEx(), then svcCloseProcess() but I can not get what parameters should I pass to that calls (except for svcOpenProcess and svcCloseProcess). All my tries lead to exception on write.

 

[Deleted User]

Nightly releases http://astronautlevel2.github.io/Luma3DS/
If anyone else is looking for them

 

[duckbill007]

[removed invalid code]

 

[Dracari]

did the latest nightly switch to a new ctrulib or library ? Compiling broke again :/

 

[astronautlevel]

did the latest nightly switch to a new ctrulib or library ? Compiling broke again :/

Compiles fine for me, nightly site updated just fine.

 

[Dracari]

Compiles fine for me, nightly site updated just fine.

i haven't updated devkit arm yet if that makes any diff and probably my ctrulib is a bit out of date.

 

[astronautlevel]

i haven't updated devkit arm yet if that makes any diff and probably my ctrulib is a bit out of date.

I'm pretty sure I'm still running dkp r47 and an older version of ctrulib

 

[Pacman`]

It works with devkitPro_1.6.0 using devkitARM_r46-win32, libctru-1.3.0 and citro3d-1.3.0

 

[duckbill007]

OK. I managed how to patch memory. Thank you all that helps so much.

 

[MelonGx]

Uploaded the last commit of Luma 7.1 for B9S 1.2 on #8 .
Use it at your own risk.

 

[TheGuyMadeOfTofu]

Uploaded the last commit of Luma 7.1 for B9S 1.2 on #8 .
Use it at your own risk.

Implaying theres any risk to begin with

 

[Asia81]

I made a custom cia (extracted and rebuilt without any change), but it crash (Tetris Ultimate EUR).
I don't guess the cia is corrupted, but I may be wrong.

An error occured (ErrDisp)
Error type: generic
Process ID: 15
Process name: menu
Process tile ID: 0x0004003000009802
Adresse: 0x00229504
Error code: 0xc8804464

Press any buttons to reboot.

Any ideas why it crash, and how to solve?

 

[TVL]

I pretty much only use the Rosalina menu to shut my 3DS off and to toggle Wifi. I wish I could bind those actions to keypresses and not even see the menu, select and L for shutdown and select and R to toggle Wifi. I hope some people agree and that it will be implemented as an option.

I also wonder what happens during shutdown, when you shut the 3DS off normally it takes about as long time as with the poweroff option in Rosalina (haven't measured the time it takes, but probably the same). Now Rosalina poweroff doesn't save changes to the home menu if you moved games around etc you need a "real" shutdown to make that stick.
Now I've had an errorscreen with one game and the "press a key to shutdown", and that's instantanious and doesn't seem to effect anything. Why is the error one possible to shut it down so quickly, and if it doesn't have a downside why not create an error on purpose, not show the info and just turn the console off super fast.

 

[Asia81]

I pretty much only use the Rosalina menu to shut my 3DS off and to toggle Wifi. I wish I could bind those actions to keypresses and not even see the menu, select and L for shutdown and select and R to toggle Wifi. I hope some people agree and that it will be implemented as an option.

Totally agree

 

[Kubas_inko]

Don't know where to ask. Guys, what does this problem mean?

Processor: ARM9
Exception type: prefetch abort (svcBreak)

 

[Metion]

Is there a version of luma (b9s) that only patches sigchecks (no luma settings at boot, no chainloading, no rosalina no user version strings in settings no region free no flashcart patches)?

 

[godreborn]

I have a question. I recently installed bootctr9 to have a splash screen on my system. however, a couple of times, I've gotten an error on boot where it says something like "the firmware can not be boot from this location. it's a luma error. it's happened once before installing b9s 1.3 and once afterwards. it doesn't happen very often, but it seems to be related to bootctr9. anyone else seen this error?

 

[godreborn]

I just remembered: I may have found the culprit a few days ago. I still had arm9loaderhax_si.bin on my micro sd card which may have been throwing off bootctr9 or luma. I haven't gotten that error since I deleted it.

 

[ihaveahax]

Don't know where to ask. Guys, what does this problem mean?

Processor: ARM9
Exception type: prefetch abort (svcBreak)

there's a lot more information that needs to be here.

Is there a version of luma (b9s) that only patches sigchecks (no luma settings at boot, no chainloading, no rosalina no user version strings in settings no region free no flashcart patches)?

use a different custom firmware if you really need all of these disabled. or change the source and use a custom build. you could also chainload a patched NATIVE_FIRM.