Guest User

pastie.org/2000330

a guest
Apr 29th, 2012
540
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. ## channel.h
  2.  
  3. //Add this defines.
  4.  
  5. //SPU channels.
  6. #define SPU_RdEventStat 0
  7. #define SPU_WrEventMask 1
  8. #define SPU_WrEventAck 2
  9. #define SPU_RdSigNotify1 3
  10. #define SPU_RdSigNotify2 4
  11. #define SPU_WrDec 7
  12. #define SPU_RdDec 8
  13. #define SPU_RdEventMask 11
  14. #define SPU_RdMachStat 13
  15. #define SPU_WrSRR0 14
  16. #define SPU_RdSRR0 15
  17. #define SPU_WrOutMbox 28
  18. #define SPU_RdInMbox 29
  19. #define SPU_WrOutIntrMbox 30
  20.  
  21. //MFC channels.
  22. #define MFC_WrMSSyncReq 9
  23. #define MFC_RdTagMask 12
  24. #define MFC_LSA 16
  25. #define MFC_EAH 17
  26. #define MFC_EAL 18
  27. #define MFC_Size 19
  28. #define MFC_TagID 20
  29. #define MFC_Cmd 21
  30. #define MFC_WrTagMask 22
  31. #define MFC_WrTagUpdate 23
  32. #define MFC_RdTagStat 24
  33. #define MFC_RdListStallStat 25
  34. #define MFC_WrListStallAck 26
  35. #define MFC_RdAtomicStat 27
  36.  
  37. //MFC DMA commands.
  38. #define MFC_PUT_CMD 0x20
  39. #define MFC_GET_CMD 0x40
  40.  
  41. //MFC tag update commands.
  42. #define MFC_TAG_UPDATE_IMMEDIATE 0
  43. #define MFC_TAG_UPDATE_ANY 1
  44. #define MFC_TAG_UPDATE_ALL 2
  45.  
  46.  
  47. ## channel.c
  48.  
  49. // Copyright 2010 fail0verflow <master@fail0verflow.com>
  50. // Licensed under the terms of the GNU GPL, version 2
  51. // http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt
  52.  
  53. #include <stdio.h>
  54. #include <string.h>
  55. #include <stdarg.h>
  56. #include <stdlib.h>
  57. #include <unistd.h>
  58.  
  59. #include "types.h"
  60. #include "main.h"
  61. #include "config.h"
  62. #include "channel.h"
  63.  
  64. //Channel names.
  65. static char *ch_names[] =
  66. {
  67. "SPU_RdEventStat", //0
  68. "SPU_WrEventMask", //1
  69. "SPU_WrEventAck", //2
  70. "SPU_RdSigNotify1", //3
  71. "SPU_RdSigNotify2", //4
  72. "UNKNOWN", //5
  73. "UNKNOWN", //6
  74. "SPU_WrDec", //7
  75. "SPU_RdDec", //8
  76. "MFC_WrMSSyncReq", //9
  77. "UNKNOWN", //10
  78. "SPU_RdEventMask", //11
  79. "MFC_RdTagMask", //12
  80. "SPU_RdMachStat", //13
  81. "SPU_WrSRR0", //14
  82. "SPU_RdSRR0", //15
  83. "MFC_LSA", //16
  84. "MFC_EAH", //17
  85. "MFC_EAL", //18
  86. "MFC_Size ", //19
  87. "MFC_TagID", //20
  88. "MFC_Cmd", //21
  89. "MFC_WrTagMask", //22
  90. "MFC_WrTagUpdate", //23
  91. "MFC_RdTagStat", //24
  92. "MFC_RdListStallStat", //25
  93. "MFC_WrListStallAck", //26
  94. "MFC_RdAtomicStat", //27
  95. "SPU_WrOutMbox", //28
  96. "SPU_RdInMbox", //29
  97. "SPU_WrOutIntrMbox" //30
  98. };
  99.  
  100. //MFC channel values.
  101. static u32 _MFC_LSA;
  102. static u32 _MFC_EAH;
  103. static u32 _MFC_EAL;
  104. static u32 _MFC_Size;
  105. static u32 _MFC_TagID;
  106. static u32 _MFC_TagMask;
  107. static u32 _MFC_TagStat;
  108.  
  109. //Endian swap.
  110. #define _BE(val) ((((val) & 0xff00000000000000ull) >> 56) | \
  111. (((val) & 0x00ff000000000000ull) >> 40) | \
  112. (((val) & 0x0000ff0000000000ull) >> 24) | \
  113. (((val) & 0x000000ff00000000ull) >> 8 ) | \
  114. (((val) & 0x00000000ff000000ull) << 8 ) | \
  115. (((val) & 0x0000000000ff0000ull) << 24) | \
  116. (((val) & 0x000000000000ff00ull) << 40) | \
  117. (((val) & 0x00000000000000ffull) << 56))
  118.  
  119. void handle_mfc_command(u32 cmd)
  120. {
  121. printf("Local address %08x, EA = %08x:%08x, Size=%08x, TagID=%08x, Cmd=%08x\n",
  122. _MFC_LSA, _MFC_EAH, _MFC_EAL, _MFC_Size, _MFC_TagID, cmd);
  123. #ifdef DEBUG_CHANNEL
  124. getchar();
  125. #endif
  126.  
  127. switch (cmd)
  128. {
  129. case MFC_PUT_CMD:
  130. printf("MFC_PUT (DMA out of LS)\n");
  131. {
  132. FILE *fp = fopen("out.bin", "a+");
  133. fwrite(ctx->ls + _MFC_LSA, sizeof(u8), _MFC_Size, fp);
  134. fclose(fp);
  135. }
  136. break;
  137. case MFC_GET_CMD:
  138. printf("MFC_GET (DMA into LS)\n");
  139. {
  140. static int round = 0;
  141. //module debug output address, set both to 0x0 for none
  142. static u64 data0[2] = {_BE(0xbeef0110dead0000), _BE(0xbeef0220dead0000)};
  143. static u64 data1[4] = {_BE(0xbeef0110dead0000), _BE(0xbeef0220dead0000),
  144. _BE(0x0000000200000000), _BE(0x0000000000000000)};
  145. //^-- 1,2,3,4 (device type/id, pscode, psid)
  146. if(round == 0)
  147. memcpy(ctx->ls + _MFC_LSA, &data0, _MFC_Size);
  148. else if(round == 1)
  149. memcpy(ctx->ls + _MFC_LSA, &data1, _MFC_Size);
  150. else if(round == 2)
  151. {
  152. //Load EID0.
  153. printf("loading eid...");
  154. FILE *fp = fopen("EID0", "rb");
  155. fread(ctx->ls + _MFC_LSA, sizeof(u8), _MFC_Size, fp);
  156. fclose(fp);
  157. printf("done\n");
  158. }
  159. round++;
  160. }
  161. break;
  162. default:
  163. printf("unknown command\n");
  164. }
  165. }
  166.  
  167. void handle_mfc_tag_update(u32 tag)
  168. {
  169. switch (tag)
  170. {
  171. case MFC_TAG_UPDATE_IMMEDIATE:
  172. printf("-> MFC_TAG_UPDATE_IMMEDIATE\n");
  173. _MFC_TagStat = _MFC_TagMask;
  174. break;
  175. case MFC_TAG_UPDATE_ANY:
  176. printf("-> MFC_TAG_UPDATE_ANY\n");
  177. break;
  178. case MFC_TAG_UPDATE_ALL:
  179. printf("-> MFC_TAG_UPDATE_ALL\n");
  180. break;
  181. default:
  182. printf("-> UNKNOWN\n");
  183. break;
  184. }
  185.  
  186. _MFC_TagStat = _MFC_TagMask;
  187. }
  188.  
  189. void channel_wrch(int ch, int reg)
  190. {
  191. u32 r = ctx->reg[reg][0];
  192.  
  193. printf("CHANNEL: wrch ch%d(= %s) r%d(= 0x%08x)\n", ch, (ch <= 30 ? ch_names[ch] : "UNKNOWN"), reg, r);
  194. #ifdef DEBUG_CHANNEL
  195. getchar();
  196. #endif
  197.  
  198. switch(ch)
  199. {
  200. case MFC_LSA:
  201. _MFC_LSA = r;
  202. break;
  203. case MFC_EAH:
  204. _MFC_EAH = r;
  205. break;
  206. case MFC_EAL:
  207. _MFC_EAL = r;
  208. break;
  209. case MFC_Size:
  210. _MFC_Size = r;
  211. break;
  212. case MFC_TagID:
  213. _MFC_TagID = r;
  214. break;
  215. case MFC_Cmd:
  216. handle_mfc_command(r);
  217. break;
  218. case MFC_WrTagMask:
  219. _MFC_TagMask = r;
  220. break;
  221. case MFC_WrTagUpdate:
  222. handle_mfc_tag_update(r);
  223. break;
  224. }
  225. }
  226.  
  227. void channel_rdch(int ch, int reg)
  228. {
  229. u32 r = 0;
  230.  
  231. printf("CHANNEL: rdch ch%d(= %s) r%d\n", ch, (ch <= 30 ? ch_names[ch] : "UNKNOWN"), reg);
  232. #ifdef DEBUG_CHANNEL
  233. getchar();
  234. #endif
  235.  
  236. switch (ch)
  237. {
  238. case SPU_RdDec:
  239. break;
  240. case MFC_RdTagStat:
  241. r = _MFC_TagStat;
  242. break;
  243. case MFC_RdAtomicStat:
  244. break;
  245. }
  246.  
  247. //Set register.
  248. ctx->reg[reg][0] = r;
  249. ctx->reg[reg][1] = 0;
  250. ctx->reg[reg][2] = 0;
  251. ctx->reg[reg][3] = 0;
  252. }
  253.  
  254. int channel_rchcnt(int ch)
  255. {
  256. u32 r = 0;
  257.  
  258. printf("CHANNEL: rchcnt ch%d(%s)\n", ch, (ch <= 30 ? ch_names[ch] : "UNKNOWN"));
  259. #ifdef DEBUG_CHANNEL
  260. getchar();
  261. #endif
  262.  
  263. switch (ch)
  264. {
  265. case MFC_WrTagUpdate:
  266. r = 1;
  267. break;
  268. case MFC_RdTagStat:
  269. r = 1;
  270. break;
  271. case MFC_RdAtomicStat:
  272. break;
  273. }
  274.  
  275. return r;
  276. }
  277.  
  278.  
  279.  
  280. ## main.c
  281.  
  282. int main(int argc, char *argv[])
  283. {
  284. u32 done;
  285. memset(&_ctx, 0x00, sizeof _ctx);
  286. ctx = &_ctx;
  287. parse_args(argc, argv);
  288.  
  289. //Remove old output.
  290. system("rm -f out.bin");
  291.  
  292. //Set module parameters.
  293. //PU DMA area start address.
  294. //Dummy to make the module happy.
  295. ctx->reg[3][0] = 0xdead0000;
  296. ctx->reg[3][1] = 0xbeef0000;
  297. //PU DMA area size.
  298. //ctx->reg[4][0] = 0x80;
  299. ctx->reg[4][1] = 0x80;
  300. //PU EID area start address (first param).
  301. //Dummy to make the module happy.
  302. ctx->reg[5][0] = 0xcafe0000;
  303. ctx->reg[5][1] = 0xbabe0000;
  304. //First param size.
  305. //ctx->reg[6][0] = 0x860;
  306. ctx->reg[6][1] = 0x860;
  307.  
  308. ctx->ls = malloc(LS_SIZE);
  309. if (ctx->ls == NULL)
  310. fail("Unable to allocate local storage.");
  311. memset(ctx->ls, 0, LS_SIZE);
  312.  
  313. //Write EID master key (to start of LS).
  314. u8 eid_mkey[] = {/* ... */};
  315. memcpy(ctx->ls, eid_mkey, sizeof(eid_mkey));
  316.  
  317. //...
  318. }
RAW Paste Data