Homebrew Homebrew app sys-patch - sysmod that patches on boot
- Thread starter Deleted member 413168
- Start date
- Views 506,937
- Replies 1,359
- Likes 120
This has been asked and answered so many times. It's not supposed to stay on, sys-patch does the patching when the console boots, and then quits until next boot.
the overlay is a cosmetic addon which does none of the core functions.
it's a conditonally optional thing which only reads a text-file/config-file for its output and edits the text-file/config-file if the user makes that action.
it's only loaded if the user has sys-ovlloader running on the console.
it's the sysmodule part of sys-patch that actually does anything.
For those that want this, I've added nintendo host blocking to the options in the overlay + added a few changes to the main program. Attached is the souce for those that want to compile themselves.
see
i have already addressed all of the problems relating to this, but your code still has this problem.
also:
https://github.com/borntohonk/sys-patch/blob/master/sysmod/src/main.cpp#L260-L263
(your first patch in this code does ret_cond, with offset of 0, 0, when it should be 0, 4, but testing for ret and patching unrelated bytes is stupid.
see https://github.com/borntohonk/Switch-Ghidra-Guides/blob/master/scripts/known_patterns.py#L91-L166
(also )
for correct alignment.
(incase alignment of nocasigchk is questioned, N refactored that function in 17.0.0)
Last edited by bth,
I know how the code works in reference to the update blocking patch and the ret_cond, and the code I posted is correct. I've tested on every firmware from 10-21+ and it's working just fine. I also have debugging code (not posted) which confirms the checks are correct. I'll take a look at your code later, but currently I already tested all of the patterns I have for each patch on each firmware from 10.x-21.1.0 and don't have any issues. Everything is being patched properly and the checks work fine and return the correct boolean value.
you are applying your patch in territory in padded bytes of "00 00 00 00 00 00 00 00 00 00 00 00" by targeting ret as your validation condition, in most of the firmwares. see: https://github.com/borntohonk/Switch-Ghidra-Guides/blob/master/scripts/known_patterns.py#L91-L139
using your eyes, and not LLM/AI, you can instantly see a visual pattern, of what im talking about.
that and the way sys-patch functions, requires for the pattern to hit a unique address, without the bytes of the entire length of a patch being applied to be within the pattern itself, otherwise it cannot find a match if someone has patched it by .ips patch or hekate applied patch. (* unless one of the bytes of the patch aligns with the address being patched, if it does, wildcard the ones that doesn't)
example of problematic pattern:
on 21.0.0 + nocntchk is fine with "00..0240F9....E8.....00...00...00"
but on 19.0.0 to 20.5.0 that same pattern produces a whole lot of duplicates. ("00..0240F9....08.....00...00...00")
tuning out the duplicates makes the pattern longer, like this "00..0240F9....08.....00...00...0054", theres now zero duplicates produced.
see this for that example:
( using https://github.com/borntohonk/Switch-Ghidra-Guides/blob/master/scripts/find_patterns.py )
on unrelated note:
this needs testing, if anyone is willing.
https://github.com/borntohonk/sys-patch/commit/136d156851b064844ee118f9566ca784529acfc6
do the following:
delete /atmosphere/exefs_patches/
reboot with this version of sys-patch active
check /atmosphere/exefs_patches/
if folders are made, visit /atmosphere/exefs_patches/es_patches/
if an .ips file has been made
provide the filename, and make a .zip of /atmosphere/exefs_patches/ and the ,zip archive and provide the filename of the .ips file that was made
Last edited by bth,
Your code doesn't produce any files or even the folders, you need to mount the sd card for it to create these,( I didn't check your code to see if you are doing this properly) ini files are created without mounting because the ini library deals with that. But for anything else like writing logs/ips files or reading/writing files on the sd card you need to mount it. Did you even test your code on a real switch? You mentioned on 21.0.0 + nocntchk is fine with "00..0240F9....E8.....00...00...00" but on lower firmware it's not, this is not an issue as the patterns are controlled by mix & max HOS Version, so patch patterns will not be used on any other firmware it's not made for.
Last edited by bombayjack,
the ini library doesn't invoke fsdevMountSdmc, sys-patch in all contexts uses 'fsOpenSdCardFileSystem' to mount the sd card. ( a libnx concept, https://github.com/switchbrew/libnx/blob/master/nx/source/services/fs.c#L257 )
https://github.com/borntohonk/sys-patch/blob/dev/sysmod/src/main.cpp#L580
are you using LLM/AI to generate your replies here...?
Last edited by bth,
Your witty reply still doesn't make your code generate any ips patches or folders, maybe concentrate on fixing that and testing your code (on a real switch) before you post it rather than semantics.
As for worrying about my patterns, don't - I can see exactly what's being patched - example:
[NetworkInteface.updateblock-1500+]
IDA_offset_address=0x114600
Actual_offset_address=0x114500
Memory_address=0x5B42F14500
Original_instruction first 4 bytes=0xFD7BBCA9
Patched_instruction=E0031FAA C0035FD6
Result=Patched (sys-patch)
no for real, are you using LLM/AI to generate your replies here?
the implementation is very straight forward, even cited in the libraries you're referencing.
you may think im being "witty", but i'm geniuinly curious.
C++:
static bool ini_open(const char* filename, struct NxFile* nxfile, u32 mode) {
Result rc = {0};
char filename_buf[FS_MAX_PATH] = {0};
if (R_FAILED(rc = fsOpenSdCardFileSystem(&nxfile->system))) {
return false;
}
strcpy(filename_buf, filename);
if (R_FAILED(rc = fsFsOpenFile(&nxfile->system, filename_buf, mode, &nxfile->file))) {
if (mode & FsOpenMode_Write) {
if (R_FAILED(rc = fsFsCreateFile(&nxfile->system, filename_buf, 0, 0))) {
fsFsClose(&nxfile->system);
return false;
} else {
if (R_FAILED(rc = fsFsOpenFile(&nxfile->system, filename_buf, mode, &nxfile->file))) {
fsFsClose(&nxfile->system);
return false;
}
}
} else {
fsFsClose(&nxfile->system);
return false;
}
}
nxfile->offset = 0;
return true;
}As I said, worry more about fixing your untested code. FYI I created a bin launcher overlay, it scans sdmc:/bootloader/payloads folder for bin files and lets you launch them, I was thinking about making a sub menu for sys-patch-plus overlay and adding the code from this so you can reboot to whatever payload you want. Do you think I should bother or just keep it as a seperate overlay.
Last edited by bombayjack,
- Joined
- Sep 23, 2018
- Messages
- 69
- Reaction score
- 212
- Trophies
- 1
- Age
- 28
- Location
- Mayenne, France
- Website
- www.youtube.com
- XP
- 1,240
- Country
Should we be using this instead of 1.5.8 from impeezas git? I noticed the ""Disable CA Verification" options are gone in your 1.5.9. Was that to prevent people from messing with them when they don't know what they do? Also, for a long time I have thought that patching sysMMC should be turned OFF by default, instead of enabled.
There isn't a rush to PR it upstream just yet, 1.5.8 is fine for now, i have just pushed a 1.5.9 myself which refactors almost every pattern and conds, and addresses the overlap memory buffer stuff. (i.e. this commit: https://github.com/borntohonk/sys-patch/commit/e27cc1ad29578a229bda13f000d0ac3d7039b563 )
ideally the ips-beta is tested and validated before i send an official PR upstream,
basically, im unsure if the kernel debug svc atmosphere has implemented provides the header of the module being loaded or not (which is what sys-patch uses!)
if the header isn't loaded then the buildID for the .ips filename also cannot be acquired, if it can't, then 1.5.9 is ready to be PR'd already today. (i haven't yet, as there is no rush to push a refactor, at the current moment, a new feature can be included then it'd be better for it to be 1.5.9 rather than 1.6.0)
https://github.com/borntohonk/sys-patch/releases/tag/v1.5.9-ips-beta
https://github.com/Atmosphere-NX/At...bmesosphere/source/svc/kern_svc_debug.cpp#L96
https://github.com/Atmosphere-NX/At.../include/mesosphere/kern_k_debug_base.hpp#L59
https://github.com/Atmosphere-NX/At...here/svc/svc_stratosphere_shims.hpp#L422-L424
https://github.com/switchbrew/libnx/blob/master/nx/include/switch/kernel/svc.h#L1354
https://github.com/Atmosphere-NX/At...phere/source/svc/kern_svc_debug.cpp#L274-L291
https://github.com/Atmosphere-NX/At...phere/source/svc/kern_svc_debug.cpp#L533-L535
https://github.com/Atmosphere-NX/At...phere/source/svc/kern_svc_debug.cpp#L479-L481
Disable CA Verification was removed because people shouldn't be enabling it, and people who have the actual mitm setups required can use https://github.com/misson20000/exef...osphere/exefs_patches/disable_ca_verification the .ips patches for it.
as for sysmmc, patching there should ideally be off by default, but if it is patching there by default, then well, yeah... the git blame would say that it was iTotalJustice that did that.
https://github.com/impeeza/sys-patc...276c9c4ae95053830d7f1d3deaf009a4625409ad2R369
i personally disagree with that behaviour, but at same time, it's been that way for a long time and changing the behaviour now might inconvenience certain set of users.
(i have PR / merge permissions in impeeza's github, but i feel no desire to force merge a refactor which isn't strictly necessary, as sys-patch 1.5.8 functions just fine, but i will send a PR soon)
Last edited by bth,
The issue with having sysMMC patching disabled by default is that it means syspatch is no longer drag and drop. The user will either have the overlay installed and enable the settings and reboot again (too confusing for most AIO users, and most temp users from what I've read), or manually edit the config.
I don't think syspatch has been problematic enough to where enabling it by default causes issues. I can foresee that changing this behaviour would cause much confusion for many users, and I agree with you that it will break some user setups, including me (I only use sysMMC).
Site & Scene News
New Hot Discussed
-
-
24K views
Twilight Princess PC port "Dusk" gets its first release
It wasn't too long ago we saw our first glimpse of Courage Reborn, another Twilight Princess PC port in the works based on last year's decompilation efforts. With... -
14K views
Pokemon Platinum PC port gets a surprise release
Seemingly out of nowhere a PC port for Pokemon Platinum has surfaced online, bundled alongside the source code for those interested in building and developing it for... -
13K views
Nintendo announces price increases across the board, set to come into effect from September in western regions
After much speculation, Nintendo has finally followed their competitors in announcing price increases for their hardware. You can find a breakdown of what's changing... -
11K views
Star Fox 64 remake for the Switch 2 announced in surprise Nintendo Direct
Airing last night with very little in the way of warning, a brand new Nintendo Direct was aired. Running for 15 minutes in total, it took a moment to celebrate the... -
10K views
Steam Deck gets a major price bump, more than 40% increase for US buyers
With very little in the way of announcement, Valve has today increased the price of the Steam Deck but some fairly considerable margins. Both of the available models... -
9K views
Nintendo president Shuntaro Furukawa explains Switch 2 price increases in recent Financial Results Briefing
As a part of their Financial Results Briefing for the previous year, Nintendo president Shuntaro Furukawa took to the floor to answer key questions around the Switch... -
8K views
Sony announces PlayStation Plus price increase for new customers starting May 20
Earlier this year, Sony announced major price increases for the PS5, PS5 Pro, and PlayStation Portal. Now the company is raising prices again, this time for... -
7K views
Forza Horizon 6 leaks online after Steam preload data was uploaded without encryption
We are once again here to tell you about a game leaking before its release, but for once, it's not one published by Nintendo. The game files for Microsoft's upcoming... -
6K views
Pokémon Crystal gets a PC port titled "suiCune" based on C/C++ language
Continuing with the great news of Pokémon Platinum getting a native unofficial PC port just a few days ago, today, yet another classic title from the franchise has... -
6K views
Paper Mario PC recompilation "ReCut" gets its first pre-release build
The latest in a growing number of native PC ports, Paper Mario ReCut got its first pre-release build earlier this week. Based on the N64 recompilation toolchain, the...
-
-
-
164 replies
Steam Deck gets a major price bump, more than 40% increase for US buyers
With very little in the way of announcement, Valve has today increased the price of the Steam Deck but some fairly considerable margins. Both of the available models... -
163 replies
Twilight Princess PC port "Dusk" gets its first release
It wasn't too long ago we saw our first glimpse of Courage Reborn, another Twilight Princess PC port in the works based on last year's decompilation efforts. With... -
144 replies
Nintendo announces price increases across the board, set to come into effect from September in western regions
After much speculation, Nintendo has finally followed their competitors in announcing price increases for their hardware. You can find a breakdown of what's changing... -
134 replies
Star Fox 64 remake for the Switch 2 announced in surprise Nintendo Direct
Airing last night with very little in the way of warning, a brand new Nintendo Direct was aired. Running for 15 minutes in total, it took a moment to celebrate the... -
100 replies
Pokemon Platinum PC port gets a surprise release
Seemingly out of nowhere a PC port for Pokemon Platinum has surfaced online, bundled alongside the source code for those interested in building and developing it for... -
92 replies
Sony announces PlayStation Plus price increase for new customers starting May 20
Earlier this year, Sony announced major price increases for the PS5, PS5 Pro, and PlayStation Portal. Now the company is raising prices again, this time for... -
83 replies
Nintendo president Shuntaro Furukawa explains Switch 2 price increases in recent Financial Results Briefing
As a part of their Financial Results Briefing for the previous year, Nintendo president Shuntaro Furukawa took to the floor to answer key questions around the Switch... -
73 replies
Paper Mario PC recompilation "ReCut" gets its first pre-release build
The latest in a growing number of native PC ports, Paper Mario ReCut got its first pre-release build earlier this week. Based on the N64 recompilation toolchain, the... -
71 replies
PlayStation State of Play June 2, 2026 broadcast - new God of War announced
A whole hour of PlayStation content is on the way, thanks to the latest State of Play showcase. Headlining the stream will be Marvel's Wolverine, alongside a... -
63 replies
Call of Duty: Modern Warfare 4 to launch on Nintendo Switch 2 in October
For the first time in 13 years, the Call of Duty series will again return to Nintendo's consoles. Set to launch on the 23rd of October, the latest release, Modern...
-
