Latest revision as of 21:26, 5 July 2017

This is the Switch equivalent of 3DS exheader. This is the file with extension ".npdm" in {Switch ExeFS}. The size of this file varies.

Offset	Size	Description
0x0	0x80	META
0x80	<Varies>	ACID
<See META>	<See META>	ACI0

ACID

Offset	Size	Description
0	0x100	RSA-2048 signature
0x100	0x100	RSA-2048 public key
0x200	0x4	Magic "ACID".
0x204	0x8	Zeroes
0x20C	0x4	Format version? (1)
0x210	0x8	Title id
0x218	0x8	Title id again
0x220	0x4	#FS Access Control offset
0x224	0x4	#FS Access Control size
0x228	0x4	#Service Access Control offset
0x22C	0x4	#Service Access Control size
0x230	4	#Kernel Access Control offset
0x234	4	#Kernel Access Control size
0x238	0x8	Padding

ACI0

Looks like an old crappy version of ACID. It has the guessed version field 0 instead of 1.

FS Access Control

Word	Bit	Description
0		Version? Always 1.
1	0	MountContent* is accessible when set.
1	2	Enables access to Bis partitionID 27 and 28?

Web-applets access control:

"LibAppletWeb" and "LibAppletOff" have same access control: word0 bit0 set, word1 bit0 and bit3 set, and word2 bit30 set.
Rest of the web-applets: Same as above except word1 bit0 isn't set.

Service Access Control

This is a list of service-name strings which the title has access to, with the following structure:

 +0: control_byte
 +1: {service-name without nul-terminator}

Bitmask 0x0F in control_byte is the {length of the service-name without nul-terminator} - 1.

Bitmask 0x80 in control_byte means service is allowed to be registered.

The service string can contain a wildcard * character.

Kernel Access Control

On Switch, descriptors are identified by pattern 01..11 in low bits.

Pattern of bits 15-0	Type	Fields
`0bxxxxxxxxxxxx0111`	Kernel flags	5-0: Main thread priority?
`0bxxxxxxxxxxx01111`	Syscall mask	Bits 29-31: Syscall mask table index; Bits 5-28: mask
`0bxxxxxxxxx0111111`	Map IO page	Bits 7-31: page
`0bxxxxxxxx01111111`	Map IO range	Bits 7-31: page then size alternating
`0bxxxx011111111111`	Interrupt pair	Bits 12-21: irq0, bits 20-31: irq1, 0x3FF means empty.

@@ Line 12: / Line 12: @@
 |-
 | 0x80
-| 0x200
-| RSA-2048 signature, followed a RSA-2048 modulus for [[NCA]] header (like 3DS)
-|-
-| 0x280
 | <Varies>
 | ACID
@@ Line 24: / Line 20: @@
 |}
-=META=
+= META =
 {| class="wikitable" border="1"
 |-
@@ Line 33: / Line 29: @@
 | 0x0
 | 0x4
-| Magicnum "META".
+| Magic "META".
 |-
 | 0x20
 | ?
-| Name string
+| Title name
 |-
 | 0x70
 | 0x4
-| Absolute offset for ACI0.
+| [[#ACI0]] offset
 |-
 | 0x74
 | 0x4
-| Size of ACI0.
+| [[#ACI0]] size
 |-
 | 0x78
 | 0x4
-| Absolute offset of the RSA signature.
+| [[#ACID]] offset
 |-
 | 0x7C
 | 0x4
-| Size used with the above offset. Offset+size is normally ACI0_start-8.
+| [[#ACID]] size
 |}
-Switch version of 3DS "System Control Info"?
+= ACID =
-=ACID=
 {| class="wikitable" border="1"
 |-
@@ Line 65: / Line 59: @@
 ! Description
 |-
-| 0x0
+| 0
+| 0x100
+| RSA-2048 signature
+|-
+| 0x100
+| 0x100
+| RSA-2048 public key
+|-
+| 0x200
+| 0x4
+| Magic "ACID".
+|-
+| 0x204
+| 0x8
+| Zeroes
+|-
+| 0x20C
+| 0x4
+| Format version? (1)
+|-
+| 0x210
+| 0x8
+| Title id
+|-
+| 0x218
+| 0x8
+| Title id again
+|-
+| 0x220
+| 0x4
+| [[#FS Access Control]] offset
+|-
+| 0x224
+| 0x4
+| [[#FS Access Control]] size
+|-
+| 0x228
 | 0x4
-| Magicnum "ACID".
+| [[#Service Access Control]] offset
 |-
+| 0x22C
 | 0x4
-| 0xCC
+| [[#Service Access Control]] size
-| ?
+|-
+| 0x230
+| 4
+| [[#Kernel Access Control]] offset
+|-
+| 0x234
+| 4
+| [[#Kernel Access Control]] size
+|-
+| 0x238
+| 0x8
+| Padding
 |}
-Switch version of AccessDesc?
+= ACI0 =
+Looks like an old crappy version of ACID. It has the guessed version field 0 instead of 1.
+= FS Access Control =
-=ACI0=
 {| class="wikitable" border="1"
 |-
-! Offset
+! Word
-! Size
+! Bit
 ! Description
 |-
-| 0x0
+| 0
-| 0x4
+|
-| Magicnum "ACI0".
+| Version? Always 1.
+|-
+| 1
+| 0
+| MountContent* is accessible when set.
 |-
-| 0x4
+| 1
-| 0xB4
+| 2
-| ?
+| Enables access to [[Filesystem_services|Bis]] partitionID 27 and 28?
 |}
+Web-applets access control:
+* "LibAppletWeb" and "LibAppletOff" have same access control: word0 bit0 set, word1 bit0 and bit3 set, and word2 bit30 set.
+* Rest of the web-applets: Same as above except word1 bit0 isn't set.
-Switch version of 3DS ACI(Access Control Info)?
+= Service Access Control =
+This is a list of [[Services_API|service]]-name strings which the title has access to, with the following structure:
+  +0: control_byte
+  +1: {service-name without nul-terminator}
+Bitmask 0x0F in control_byte is the {length of the service-name without nul-terminator} - 1.
+Bitmask 0x80 in control_byte means service is allowed to be registered.
+The service string can contain a wildcard <code>*</code> character.
+= Kernel Access Control =
+On Switch, descriptors are identified by pattern 01..11 in low bits.
+{| class="wikitable" border="1"
+|-
+! Pattern of bits 15-0
+! Type
+! Fields
+|-
+| <code>0bxxxxxxxxxxxx0111</code>
+| Kernel flags
+| 5-0: Main thread priority?
+|-
+| <code>0bxxxxxxxxxxx01111</code>
+| Syscall mask
+| Bits 29-31: Syscall mask table index; Bits 5-28: mask
+|-
+| <code>0bxxxxxxxxx0111111</code>
+| Map IO page
+| Bits 7-31: page
+|-
+| <code>0bxxxxxxxx01111111</code>
+| Map IO range
+| Bits 7-31: page then size alternating
+|-
+| <code>0bxxxx011111111111</code>
+| Interrupt pair
+| Bits 12-21: irq0, bits 20-31: irq1, 0x3FF means empty.
+|}

Difference between revisions of "NPDM"

Latest revision as of 21:26, 5 July 2017

Contents

META

ACID

ACI0

FS Access Control

Service Access Control

Kernel Access Control

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Tools

Offset	Size	Description
0x0	0x4	Magic "META".
0x20	?	Title name
0x70	0x4	#ACI0 offset
0x74	0x4	#ACI0 size
0x78	0x4	#ACID offset
0x7C	0x4	#ACID size