Difference between revisions of "Loader services"
(→ldr:ro: LoadNrrEx is a really weird command.) |
(ro:1) |
||
| Line 155: | Line 155: | ||
= ldr:ro = | = ldr:ro = | ||
| + | = ro:1 = | ||
[1.0.0-2.3.0] This is "nn::ldr::detail::IRoInterface" | [1.0.0-2.3.0] This is "nn::ldr::detail::IRoInterface" | ||
[3.0.0+] This is "nn::ro::detail::IRoInterface". | [3.0.0+] This is "nn::ro::detail::IRoInterface". | ||
| + | |||
| + | [7.0.0+] ro:1 was added, and also creates nn::ro::detail::IRoInterface objects. | ||
{| class="wikitable" border="1" | {| class="wikitable" border="1" | ||
| Line 261: | Line 264: | ||
When called from an ro:1 session, the field at NRR header + 0x33C must be 0x1. When called from ldr:ro session, the field at NRR header + 0x33C must be 0x0. | When called from an ro:1 session, the field at NRR header + 0x33C must be 0x1. When called from ldr:ro session, the field at NRR header + 0x33C must be 0x0. | ||
| − | |||
| − | |||
| − | |||
[[Category:Services]] | [[Category:Services]] | ||
Revision as of 23:44, 29 January 2019
ldr:dmnt
This is "nn::ldr::detail::IDebugMonitorInterface".
| Cmd | Name |
|---|---|
| 0 | AddProcessToDebugLaunchQueue |
| 1 | ClearDebugLaunchQueue |
| 2 | GetNsoInfos |
AddProcessToDebugLaunchQueue
Same as AddProcessToLaunchQueue but for processes marked as debug.
ClearDebugLaunchQueue
Same as ClearLaunchQueue.
GetNsoInfos
Takes in a u64 ProcessID, and a C descriptor. Returns the number of NsoInfos copied to output.
NsoInfo has the following layout:
| Offset | Size | Description |
|---|---|---|
| 0x0 | 0x20 | "Build ID", from NSO header+0x40. |
| 0x20 | 0x8 | Mapped address for this NSO |
| 0x28 | 0x8 | Mapped size for this NSO |
ldr:pm
This is "nn::ldr::detail::IProcessManagerInterface".
| Cmd | Name |
|---|---|
| 0 | CreateProcess |
| 1 | #GetProgramInfo |
| 2 | #RegisterTitle |
| 3 | #UnregisterTitle |
GetProgramInfo
Takes a TitleId + StorageId, parses the NPDM, and writes output to a C descriptor buffer as follows:
| Offset | Size | Description |
|---|---|---|
| 0x0 | 0x1 | MainThreadPrio. Arg1 to svcStartProcess |
| 0x1 | 0x1 | DefaultCpuId. Arg2 to svcStartProcess |
| 0x2 | 0x1 | ApplicationType, see here. |
| 0x3 | 0x1 | Padding |
| 0x4 | 0x4 | MainThreadStackSize. Arg3 to svcStartProcess |
| 0x8 | 0x8 | TitleIdRange_Min |
| 0x10 | 0x4 | ACID Service Access Control list size |
| 0x14 | 0x4 | ACI0 Service Access Control list size |
| 0x18 | 0x4 | ACID FS Access Control buffer size |
| 0x1C | 0x4 | ACI0 FS Access Control buffer size |
| 0x20 | <Varies> | ACID Service Access Control list |
| <Varies> | <Varies> | ACI0 Service Access Control list |
| <Varies> | <Varies> | ACID FS Access Control buffer |
| <Varies> | <Varies> | ACI0 FS Access Control |
RegisterTitle
Takes a TitleId + StorageId, returns an index.
UnregisterTitle
Takes the index from #RegisterTitle.
ldr:shel
This is "nn::ldr::detail::IShellInterface".
| Cmd | Name |
|---|---|
| 0 | #AddProcessToLaunchQueue |
| 1 | #ClearLaunchQueue |
AddProcessToLaunchQueue
Takes a type-0x19 input buffer with launch arguments (as string), an u32 (size of arguments string), and an input title-id.
Loads a process for the specified title-id and passes along the supplied arguments. Loaded processes are kept in a queue waiting for PM to launch them. The maximum number of waiting processes in this list is 10.
ClearLaunchQueue
Clears the loaded processes waiting queue.
ldr:ro
ro:1
[1.0.0-2.3.0] This is "nn::ldr::detail::IRoInterface"
[3.0.0+] This is "nn::ro::detail::IRoInterface".
[7.0.0+] ro:1 was added, and also creates nn::ro::detail::IRoInterface objects.
| Cmd | Name |
|---|---|
| 0 | #LoadNro |
| 1 | UnloadNro |
| 2 | #LoadNrr |
| 3 | UnloadNrr |
| 4 | #Initialize |
| 10 | [7.0.0+] #LoadNrrEx |
LoadNro
| Word | Value |
|---|---|
| 0 | 0x00000004 |
| 1 | 0x80000012 |
| 2 | 0x00000001 |
| 0-1 | Pid |
| 0 | "SCFI" |
| 1 | 0x00000000 |
| 2 | Always 0. |
| 3 | Nro heap address |
| 4 | Nro size |
| 5 | Bss backing heap address |
| 6 | Bss size |
LoadNrr
[7.0.0+] A new 8-bit field at NRR + 0x33C (previously padding) must be 0 for this function to succeed.
| Word | Value |
|---|---|
| 0 | 0x00000004 |
| 1 | 0x8000000E |
| 2 | 0x00000001 |
| 0-1 | Pid |
| 0 | "SFCI" |
| 1 | 0x00000002 |
| 2 | Always 0. |
| 3 | Nrr address |
| 4 | Nrr size |
Initialize
| Word | Value |
|---|---|
| 0 | 0x00000004 |
| 1 | 0x8000000A |
| 2 | 0x00000003 |
| 0-1 | Pid |
| 2 | Process handle (0xFFFF8001) |
| 0 | "SFCI" |
| 1 | 0x00000004 |
| 2 | Always 0. |
LoadNrrEx
Takes in a u64 nrr_address, a u64 nrr_size, a pid descriptor, and a process handle.
First, this validates that the pid descriptor matches the pid for the process handle sent to this->Initialize() earlier.
Then, this calls the same function as LoadNrr, except using the passed process handle instead of the one sent to Initialize.
When called from an ro:1 session, the field at NRR header + 0x33C must be 0x1. When called from ldr:ro session, the field at NRR header + 0x33C must be 0x0.