Page 1 of 3 123 LastLast
Results 1 to 10 of 23

Thread:
Trinux (3-core programming for Wii mode on Wii U)

  1. #1
    Developer
    Join Date
    Aug 2013
    Posts
    14
    Thanked: 11
    Mentioned
    0 Post(s)

    Trinux (3-core programming for Wii mode on Wii U)

    I initially hoped to make a thread as a guide as to how to program 3-core vWii homebrew although now I realize that, at best, this will become a place to post 3-core Linux development updates and, maybe, eventually, a 3-core library of sorts to try to add minimal ASMP 3-core support to libogc homebrew

    I just thought I'd make a place where everyone who knows anything about this can contribute and compare notes with discoveries, code spinets, further detail on the process, etc.



    I'll start with what little I've found / come up with so far (Haven't found TOO much time between different day to day activities so if it seems too limited, don't complain about it, just add to it )




    First is Marcan's blog entry.
    http://fail0verflow.com/blog/2013/espresso.html
    Here's a summary of the process as I understood it
    1. Load your app into memory. It either needs to be loaded into memory areas that won't be overwritten with 1-200 when it's loaded and running or be prepared to load the rest of it later from a drive or NAND.
    2. The 1-200 title needs to be loaded into memory (1-200 that Marcan mentioned in the blog is a name based off hex values. This might be more commonly recognized as 1-512 or, more incorrectly, IOS512)
    3. Starting from PPC, work some magic to load some ARM code into memory and get it running.
    4. Wait for and replace the right instruction with a link to your PPC code (this should already be in memory before or as part of step 3 since I'm not sure if you'll have time to load it at once 1-200 has started doing it's thing.)
    5. The PPC binary loaded at this point can either be the Linux kernel or you're traditional homebrew app. Either way, one of the first things it needs to do is init the cores

    #1, #2 : loading 1-512 into memory

    Since Mini didn't really have NAND file system support and we didn't really want to write that support into it, the above code also includes code to preload the 1-512 title into memory from the PPC side before running the ARM code. We were lucky that none of the memory addresses clashed so our Linux kernel, the 1-512 title AND the nSwitch code can all coexist at once in memory. To get access to this, we used AHBPROT access and patched out NAND access.

    #3 : getting custom ARM code running to reset and watch PPC

    We used Mini as a base for ARM code and nSwitch as a base to get it running since it was already loading a version of Mini into memory and running it.
    Here's that code :
    https://code.google.com/p/gbadev/sou.../source/main.c
    Since the HackMii installer for Wii U doesn't install the BootMii IOS (which nSwitch depends on) We also included a WAD for that IOS in our repository. Crediar was also nice enough to hand us some code that could be used to load Mini WITHOUT using the BootMii IOS ... but since the IOS's built-in method of reloading an IOS (such as the BootMii IOS) shuts everything down nicely to make it ready for the new IOS being loaded ... with this new code WE had to do that part. We've only recently figured out how to do that and it now works fine for the v2.6 Linux Kernel (previously, it would get stuck when we used that loading method because it couldn't get access to Bluetooth or USB. The latter was needed for a keyboard and mouse to login with.) The v3.X Linux kernels, though, do NOT work with this loading method yet so we still have both code options in there.

    #4 : the actual race attack

    most of the code for that is to be found here ... as well as a lot of garbage I need to get rid of
    https://code.google.com/p/gbadev/sou.../powerpc_elf.c

    #5 : Initializing the new cores

    I tried taking the pseudo-C code he had down there and converting it into Assembly like it should be. I don't have a lot of experience with assembly so it's obviously not complete (and may not have good syntax) but it's what I've got.
    - I put parenthesis after the SPR register numbers in his original code and then commented them out when replacing them with ASM.


    https://code.google.com/p/gbadev/sou...1/stub_sb_on.s
    This is on our GoogleCode page. I basically copied and pasted the assembly from here into that and then went through and figured out which lines I had to remove to make Linux not crash on me.

    (They're still there, just commented out or bypassed.)
    The
    bcr |= 0x08000000;
    in the global init and the
    if(pvr & 0xFFFF == 0x101)
    section had Linux getting stuck while the Linux kernel started up (and I can't remember if there was something else, too)

    and while with a few variations to make Linux run on core1 or core2 DID execute, their state coming out of a fresh reset (unlike core0 that comes out of the bootROM execution) also made them get stuck in the middle of the Linux kernel startup process.
    Also, in the above code, I mostly assumed on my first tests that Linux would already contain a lot of the "standard, boring init" sequences mentioned by Marcan so I left that out. It was good enough to get things running for now but all this code will eventually have to be unified to make sure everything is REALLY happening as it should



    - - - - - - - - - - - - - - - - - - - - - - - - -




    Alternate course of action
    My original idea was to just make a library that could be compiled into an app (creating a single DOL for each app that could be run from HBC) and be used to unlock and kickstart the extra cores and provide a simple means to run code on them. The problem with this is that we would need to get the IOS back in place in order to run any liboGC code. Without Boot2, Mini finds that difficult so we would need to patch the unlocking code into the IOS. THIS poses a problem because that process needs to invalidate the ARM cache which can only be done, to my knowledge, from the kernel and the kernel code for the IOS is in a memory location that PPC just CAN'T access even with AHBPROT disabled.

    This doesn't mean it's impossible ... it's just complicated.

    additional note : I was looking through this page http://wiibrew.org/wiki/IOS/Syscalls and it looks like syscalls 0x3F and 0x40 are to invalidate and flush the cache respectively. This is EXACTLY what I was looking for to be able to patch the race attack into the IOS. libogc number crunching here we come!!! (just as soon as I brush up a bit on my ARM assembly :P )

    Current course of action
    What we're currently doing is taking advantage of the ELF loader built into the mini to make a kind of ELF forwarder DOL that unlocks and inits the cores with 1-200 and then run a second ELF file. I'll try to pack it up and post a link when I can but the code can be found at http://gbadev.googlecode.com/


    Last edited by stomp_442; 01-01-2014 at 02:00 PM. Reason: Found a simple way to patch the race attack into the IOS

  2. The Following 7 Users Say Thank You to Maxternal For This Useful Post:


  3. #2
    Administrator
    News Hack
    stomp_442's Avatar
    Join Date
    Mar 2011
    Location
    Southeast Michigan
    Posts
    5,816
    Thanked: 1446
    Blog Entries
    3
    Mentioned
    4 Post(s)
    Nice interesting post. I may try this in the near future, but not now. Maybe when the snow flies.

  4. #3
    Supreme Overlord
    Administrator
    JoostinOnline's Avatar
    Join Date
    Mar 2011
    Location
    Behind you!
    Posts
    7,797
    Thanked: 1518
    Blog Entries
    10
    Mentioned
    12 Post(s)
    Thanks for posting this.

    By the way, I'd just like to say, whoever made that logo (especially making that chain, which probably took a long time) has some kickass graphics skills!
    "Macs are the Perfect Computers," said the Perfect Idiot.

    (\__/)
    (='.'=)This is Bunny. Copy and paste Bunny into your
    (")_(")signature to help him gain world domination.

  5. #4
    Senior Member the_randomizer's Avatar
    Join Date
    Jun 2013
    Posts
    293
    Thanked: 17
    Mentioned
    0 Post(s)
    Wait did I miss something? That OP started off kinda weird, what link? I don't see anything on here. What does this have to do with TriLinux?
    Custom Desktop:
    CPU 3rd Gen Intel Core i5 3750 3.4/3.8 GHz
    GPU MSI nVidia GTX 660 2 GB GDDR5
    RAM 8 GB DDR3 SDRAM
    OS Windows 7 Pro 64-bit
    HDD Western Digital 1 TB 7200 RPM

    Wii hacks
    Homebrew Channel 1.1.0
    RetroArch Wii -0.99.1
    Dios Mios
    USB Loader GX

  6. #5
    Administrator
    News Hack
    stomp_442's Avatar
    Join Date
    Mar 2011
    Location
    Southeast Michigan
    Posts
    5,816
    Thanked: 1446
    Blog Entries
    3
    Mentioned
    4 Post(s)
    Can you see it now.

    There is some weird permissions thing going on. If a new member has below a certain number of posts and puts links in the post, then the post gets moderated. It's an anti spam thing. But for some reason, approving the post seems to be a difficult task, even for the admim. I was playing around with it and it looks like the first post is on display now.

  7. The Following User Says Thank You to stomp_442 For This Useful Post:


  8. #6
    Developer
    Join Date
    Aug 2013
    Posts
    14
    Thanked: 11
    Mentioned
    0 Post(s)
    I guess I'll just have to make some more posts then :P
    (legit ones, of course)

  9. #7
    Supreme Overlord
    Administrator
    JoostinOnline's Avatar
    Join Date
    Mar 2011
    Location
    Behind you!
    Posts
    7,797
    Thanked: 1518
    Blog Entries
    10
    Mentioned
    12 Post(s)
    Just spam till you have 10 posts. Yay for activity!

    Sent from behind you
    "Macs are the Perfect Computers," said the Perfect Idiot.

    (\__/)
    (='.'=)This is Bunny. Copy and paste Bunny into your
    (")_(")signature to help him gain world domination.

  10. The Following User Says Thank You to JoostinOnline For This Useful Post:


  11. #8
    Senior Member the_randomizer's Avatar
    Join Date
    Jun 2013
    Posts
    293
    Thanked: 17
    Mentioned
    0 Post(s)
    Okay, NOW I see it!

    Whoops, didn't realize it was Maxternal. Sorry about that ROFL!

    What's been going on on the TriLinux scene, I got so lost on GBATemp.
    Custom Desktop:
    CPU 3rd Gen Intel Core i5 3750 3.4/3.8 GHz
    GPU MSI nVidia GTX 660 2 GB GDDR5
    RAM 8 GB DDR3 SDRAM
    OS Windows 7 Pro 64-bit
    HDD Western Digital 1 TB 7200 RPM

    Wii hacks
    Homebrew Channel 1.1.0
    RetroArch Wii -0.99.1
    Dios Mios
    USB Loader GX

  12. #9
    Supreme Overlord
    Administrator
    JoostinOnline's Avatar
    Join Date
    Mar 2011
    Location
    Behind you!
    Posts
    7,797
    Thanked: 1518
    Blog Entries
    10
    Mentioned
    12 Post(s)
    Well I decided to commit to learning assembly so I could contribute more. That lasted about an hour.

    Sent from behind you
    "Macs are the Perfect Computers," said the Perfect Idiot.

    (\__/)
    (='.'=)This is Bunny. Copy and paste Bunny into your
    (")_(")signature to help him gain world domination.

  13. #10
    Senior Member the_randomizer's Avatar
    Join Date
    Jun 2013
    Posts
    293
    Thanked: 17
    Mentioned
    0 Post(s)
    Quote Originally Posted by JoostinOnline View Post
    Well I decided to commit to learning assembly so I could contribute more. That lasted about an hour.

    Sent from behind you
    Yeah, ASM....makes my brain hurt.
    Custom Desktop:
    CPU 3rd Gen Intel Core i5 3750 3.4/3.8 GHz
    GPU MSI nVidia GTX 660 2 GB GDDR5
    RAM 8 GB DDR3 SDRAM
    OS Windows 7 Pro 64-bit
    HDD Western Digital 1 TB 7200 RPM

    Wii hacks
    Homebrew Channel 1.1.0
    RetroArch Wii -0.99.1
    Dios Mios
    USB Loader GX

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •