Hacking Luma3DS - Noob-proof 3DS Custom Firmware

[Just Passing By]

I did, but that isn't all of them.

I think it is. If there were more, it would've said so in the changelog. Plus the way the changelog was written makes it sound like those are the only button combos.

Edit: hmm ok

 

[Supster131]

https://github.com/AuroraWright/AuReiNand/releases/tag/v3.9 Now I have to update the first post again. Read the changelog carefully!

Whatever happened to never adding dual emuNAND support?

 

[Aurora Wright]

Whatever happened to never adding dual emuNAND support?

With the code as it is now, it can be done more cleanly than in the past.

 

[oFire]

Hey guys, was wondering, does anyone know a good way to backup a save off of a game cart and then inject it into a eshop cia version of that game?

 

[SomeGamer]

Hey guys, was wondering, does anyone know a good way to backup a save off of a game cart and then inject it into a eshop cia version of that game?

There's an official free app on the eShop which does just that.

 

[ac3ds]

Hi everyone I just switched to AuReiNAND and it has been great. I was wondering how to safely update emunand. I was using rxtools where it used to say RX-E instead of ver. But that is not in AuReiNAND so I was wonder how to do this.

 

[daxtsu]

Hey guys, was wondering, does anyone know a good way to backup a save off of a game cart and then inject it into a eshop cia version of that game?

SaveDataFiler.

 

[oFire]

There's an official free app on the eShop which does just that.

oh? does it work with sideloaded cia's that you do not strictly buy off the eshop?

 

[Aurora Wright]

No, I was playing Hyrule Warriors Legends

anyway, let's see if @Aurora Wright can help

I made some changes to the CFW source to try and apply this Home Menu region patch, it compiles fine, but it just sits on the splash screen when I try booting it.
If I comment out my changes and compile again it loads fine.

The changes I made are as follows:

patches.c

const u8 regionPattern[16] = {0x00, 0x00, 0x55, 0xE3, 0x01, 0x10, 0xA0, 0xE3, 0x11, 0x00, 0xA0, 0xE1, 0x03, 0x00, 0x00, 0x0A};
const u8 regionFree[16] = {0x01, 0x00, 0xA0, 0xE3, 0x70, 0x80, 0xBD, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};

void getRegionLoc(void *pos, u32 size, u32 *off){
    *off = (u32)memsearch(pos, regionPattern, size, 16);
}

patches.h

const u8 regionPattern[16];
const u8 regionFree[16];

void getRegionLoc(void *pos, u32 size, u32 *off);

firm.c (patchFirm)

u32 regionOffset = 0;
getRegionLoc(firmLocation, firmSize, &regionOffset);
memcpy((void *)regionOffset, regionFree, sizeof(regionFree));

Eh, if it was that easy I would have done it myself. Problem is, that pattern is in Home Menu's code, not in FIRM. You'd need background ARM11 code to do it.

 

[fr3quency]

_Sorry Off-topic_ is this a nexus phone your using ?? i use the Nexus 6 and i love stock android (but i have it rooted and use Chroma ROM)

and the DIO signature of yours is hilarious XD

Hello. Yes, it's a Nexus 4 ALSO using Chroma. Haha

 

[SomeGamer]

oh? does it work with sideloaded cia's that you do not strictly buy off the eshop?

I think it does. However, it deletes save data on the cart after the transfer.

 

[shinji257]

No, I was playing Hyrule Warriors Legends

anyway, let's see if @Aurora Wright can help

I made some changes to the CFW source to try and apply this Home Menu region patch, it compiles fine, but it just sits on the splash screen when I try booting it.
If I comment out my changes and compile again it loads fine.

The changes I made are as follows:

... snip the changes to shorten the quote ...

I tried this as well. I actually wonder if the patch is being applied at the wrong time. I looked at rxTools and their version is being applied in arm9 thread which isn't available on AuReiNand right now because it was removed early on. The code was also responsible for the Ver. substitution in system settings which tells me that code is actually a background service. We would need to in memory patch the title (not the firmware which is what you are attempting to do right now...) somehow. I tried to relocate the code to launchFirm instead but it is clear that is still the wrong spot.

 

[Shuttleu]

I tried this as well. I actually wonder if the patch is being applied at the wrong time. I looked at rxTools and their version is being applied in arm9 thread which isn't available on AuReiNand right now because it was removed early on. The code was also responsible for the Ver. substitution in system settings which tells me that code is actually a background service. We would need to in memory patch the title (not the firmware which is what you are attempting to do right now...) somehow. I tried to relocate the code to launchFirm instead but it is clear that is still the wrong spot.

So if we got the arm9 thread back, we should be able to get this to work?

 

[Aurora Wright]

So if we got the arm9 thread back, we should be able to get this to work?

ARM9 is a very dirty way. Like for the Ver string, it doesn't know *where* to patch, and so it will patch ALL the instances of that pattern in the 3DS FCRAM.
I don't want bad things to happen, and that's why I removed the Ver. patch in the first place. Both are suitable to do from ARM11.
If you look at the FMP source (I read through it today), if first locates the beginning of the memory info structs for the ARM11 processes, then it finds the Home Menu one, and then it finds the exact range to patch (which is hardcoded). You can't do it from ARM9.

 

[Deleted User]

Very nice chainloading function! I fell in love with @FIX94 A9Select as it was simple and straight to the point. Did a few changes to change the directories everything looked in, but its nice just being able to coldboot a program instantly instead of fussing with a menu and such.

Being able to dump HBL and my SD is sparkling clean. Just 2 folders and a Arm9loaderhax.bin at the root.

 

[shinji257]

ARM9 is a very dirty way. Like for the Ver string, it doesn't know *where* to patch, and so it will patch ALL the instances of that pattern in the 3DS FCRAM.
I don't want bad things to happen, and that's why I removed the Ver. patch in the first place. Both are suitable to do from ARM11.

I was only mentioning how rxtools handled it. I'm not saying there isn't a better way. It is just that the execution point right now might be wrong for this kind of patch. I could be completely wrong on that front though too. I'm no expert on this and very much still learning.

 

[pbanj]

oh? does it work with sideloaded cia's that you do not strictly buy off the eshop?

You can also use jk's save manager

 

[pbanj]

Hi everyone I just switched to AuReiNAND and it has been great. I was wondering how to safely update emunand. I was using rxtools where it used to say RX-E instead of ver. But that is not in AuReiNAND so I was wonder how to do this.

You do it the same way using the system settings from emunand. Aureinand doesn't patch the ver string

 

[Sachi]

Just tape a piece of paper where "Ver." is

 

[Shuttleu]

ARM9 is a very dirty way. Like for the Ver string, it doesn't know *where* to patch, and so it will patch ALL the instances of that pattern in the 3DS FCRAM.
I don't want bad things to happen, and that's why I removed the Ver. patch in the first place. Both are suitable to do from ARM11.
If you look at the FMP source (I read through it today), if first locates the beginning of the memory info structs for the ARM11 processes, then it finds the Home Menu one, and then it finds the exact range to patch (which is hardcoded). You can't do it from ARM9.

So is this hard to do?

I have no idea where to start, otherwise I would do it myself