How to fix the connection issue while running in AHBPROT mode

Discussion in 'Wii - Hacking' started by davebaol, Jul 12, 2011.

  1. davebaol
    OP

    davebaol GBAtemp Advanced Fan

    Member
    2
    Sep 3, 2010
    Italy
    @madri1
    Let me say "I told you" [​IMG]
     
  2. madri1

    madri1 GBAtemp Regular

    Member
    3
    Feb 15, 2006
    France
    i already tried to to the E6000... | blabla
     
  3. tueidj

    tueidj I R Expert

    Member
    7
    Jan 8, 2009
    They didn't try to warn Nintendo about AHBPROT (they didn't even know about it at the time, read the blog post again), they warned them about the DVD driver being easily patched to read "backup" discs - and do you really think they were ignored, given that it wasn't long afterwards that the first non-dvd-video capable drives appeared?
     
  4. ZRicky11

    ZRicky11 Member

    Newcomer
    1
    Feb 26, 2011
    Italy
    Hi
    I've made a mod of WADManager 1.7 to work with AHBPROTH: it works perfectly!
    Maybe (after some other modifications) I'll release it [​IMG]
     
  5. stfour

    stfour GBAtemp Advanced Maniac

    Member
    3
    May 24, 2011
    Italy
    davebaol... it is possible that priiloader run installed dol with ios70 and AHBPROT enabled ? This is what appears to me as postLoader start.

    HAVE_AHBPROT ((*(vu32*)0xcd800064 == 0xFFFFFFFF) ? 1 : 0)

    return true, and current ios is 70.

    If it is true, with your method can I reload 58 keeping AHBPROT ?
     
  6. davebaol
    OP

    davebaol GBAtemp Advanced Fan

    Member
    2
    Sep 3, 2010
    Italy
    @stfour
    I think so, but I'm the wrong person to ask.
    Ask DacoTaco.
     
  7. Slimmmmmm

    Slimmmmmm GBAtemp MoNkEeE

    Member
    4
    Nov 1, 2007
    the land of lol
    @stfour I'm not sure, however if the installed dol is a forwarder to your latest postloader then you can set it from there.

    Priiloader > forward.dol (sets the AHBPROT) > postloader.dol

    Oh and while I'm posting [​IMG] great post davebaol
     
  8. stfour

    stfour GBAtemp Advanced Maniac

    Member
    3
    May 24, 2011
    Italy
    For my understanding only channels started from system menu should enable AHBPROT via title tmd flags. There isn't a forwarder.dol that can do that under legit ios..

    But as I'm checking ahbprot I've not realized until few hour ago ([​IMG]) that priiloader started postloader (or any dol) under ios70 with ahbprot flags enabled. Maybe I'm wrong or have dreamed of it, but I'm quite sure that flags where right after priiloader.

    When I've seen priiloader pass to .dol ios70, I've chosen to force to 249 if ios is != 58, to allow postloader to be executed by forwarder / hbc keeping ahbprot. But if I'm right, using davebaol path can reload to 58 with full hw rights.



    mmm... also it is not clear to me what I've written.... [​IMG]
     
  9. davebaol
    OP

    davebaol GBAtemp Advanced Fan

    Member
    2
    Sep 3, 2010
    Italy
    I don't know exactly how priiloader and postloader work but if your PPC code is actually running with AHBPROT rights then you can patch the IOS running on ARM.
    AHBPROT is the only prerequisite for this approach.
     
  10. stfour

    stfour GBAtemp Advanced Maniac

    Member
    3
    May 24, 2011
    Italy
    Davebaol, You are a great man (even if you don't know priiloader and postloader). It works !!!

    Started postLoader from priiloader, detected ios70 with ahbprot, patched with your code and loaded ios58. Executed MMM 13.4 with from postloader and ta-da... it is running with full hw access.

    Fantastic !

    Maybe I need to say thanks also to dacotaco and priiloader [​IMG]
     
  11. Jacobeian

    Jacobeian GBAtemp Advanced Maniac

    Member
    3
    May 15, 2008
    Cuba
    Well, I tried to add your code (directly copy-pasted without any modifications + some include for read/write prototypes) at the start of main() in a few emulators so i can use them without having wifi always connected but DVD support stopped to work in them after that (worked fine before). It is exacly as when reloading IOS without AHBPROT being set.
    I'm using HBC with IOS70.
     
  12. davebaol
    OP

    davebaol GBAtemp Advanced Fan

    Member
    2
    Sep 3, 2010
    Italy
    Notice we are reusing ahbprot_pattern, but it should work.
    If it works I'll give you a better pattern.
     
  13. Jacobeian

    Jacobeian GBAtemp Advanced Maniac

    Member
    3
    May 15, 2008
    Cuba
    I don't know, it's part of the emulators code which apparently all use libDI/libiso9660. I don't really know what commands those library are using. By "stopped to work" I mean that the DVD is not recognized anymore by the application and I got an error message so I guess DVD access is not authorized anymore. The same actually happen if the flag is removed for HBC.

    Does that mean that AHBPROT is not enough to get DVD access like DVDX was doing ? And that HBC also had the DVD Mode bit set in its TMD ? Thanks for the new patch anyway, will test it asap

    EDIT: indeed, by reading Bushing's article again, it seems that DVDX/libDI stuff and AHBPROT are two different things even if related, nice to know that. This means that apps that only need access to DVD (not NAND or protected registers) does not need the AHBPROT patch to be applied but only the DVDMODE one.
     
  14. davebaol
    OP

    davebaol GBAtemp Advanced Fan

    Member
    2
    Sep 3, 2010
    Italy
    Yeah I think that libdi uses dvd video commands.
    And bit 1 ON in tmd activates dvd video commands recognition by DI module.
     
  15. Jacobeian

    Jacobeian GBAtemp Advanced Maniac

    Member
    3
    May 15, 2008
    Cuba
    Hum, adding this patch does not seem to be working either, DVD is still being unrecognized after IOS Reload.

    Also, after looking at DI.c in libdi, it seems that AHBPROT (0xcd800064 == 0xFFFFFFFF) is first checked when calling DI_Init then:

    - if it is not set, DI_Init will not open /dev/di on IOS side and libDI handles reads with 0xA0 or 0xD8 DVD commands (?) which are sent to DI via IOS ioctl
    - if it is set, /dev/di is opened on IOS side but reads are handle with direct DVD commands through HW registers so no access to IOS is needed.

    In the first case, commands will always return an error since di was not opened. Also, DI_Mount will always return an error if /dev/di has not been opened.
    This makes impossible to mount DVD if ahbprot was not set, while I'd have thought that having at least DVD_VIDEO mode set would have been enough...

    I'm not sure to understand how this has been designed, is this a mistake from libogc devs or a misunderstanding on my side ?
     
  16. Jacobeian

    Jacobeian GBAtemp Advanced Maniac

    Member
    3
    May 15, 2008
    Cuba
    I figured why it does not work, it's because DI_Init uses the same AHBPROT detection as you, that's is (0xcd800064 == 0xFFFFFFFF) but off course this specific value is only set when loading from HBC, because they set all bits (flags ?) to be safe. When reloading an IOS, it's the IOS itself that writes this register and it will set another value (as shown in Bushing's post), which is not 0xFFFFFFF but still give some access to hardware (maybe not as much as with 0xFFFFFFFF ?).

    Anyway, I will test with a modified libDI that assumes ahbprot is always detected and see if it works now.

    Another (better) solution would be to modify the value written by IOS to this address so it matches 0xFFFFFFFF.

    Is that possible by simply modifying the previous patch and how ?
     
  17. davebaol
    OP

    davebaol GBAtemp Advanced Fan

    Member
    2
    Sep 3, 2010
    Italy
    @Jacobeian
    Well, after reloading the ios you have ahbprot rights, so you might set that location to 0xFFFFFFFF before initializing libdi.
    Am I missing something?
     
  18. Jacobeian

    Jacobeian GBAtemp Advanced Maniac

    Member
    3
    May 15, 2008
    Cuba
    You right off course but it doesn't matter because I tested the value written in AHBPROT after reload (without doing anything else) and it was already 0xFFFFFFFF so the problem is something else.

    I forwarded this thread to tantric and eke-eke in case they had other ideas. Tantric told me he already had a similar solution but was prefering and hoping for an HBC update that fixe the issues rather than a patch ...
     
  19. lulwut

    lulwut GBAtemp Fan

    Member
    1
    Mar 19, 2010
    yes, its the AHBPROT that sets that FFFFFFFF, if its FFFFFFFF you have ahbprot. thats just how it works
     
  20. davebaol
    OP

    davebaol GBAtemp Advanced Fan

    Member
    2
    Sep 3, 2010
    Italy
    The last HBC has been released more than 1 year ago so don't hold your breath for a fix. [​IMG]
     
Loading...