JIT services: Difference between revisions

Line 50:

The first buffer contains the [[NRR]], the second buffer contains the [[NRO]].

The tmem is temporarily mapped & cleared, when any errors this will also be done again.

The tmem is temporarily mapped & cleared, when any errors this will also be done again. This always only mapped temporarily. This is referred to as "WorkMemory".

The input NRR is used with [[RO_services#RegisterModuleInfo2|RegisterModuleInfo2]], then the NRO is used with [[RO_services#LoadModule|LoadModule]] (these are copied into another buffer with the required alignment). Afterwards, various symbol lookup is done with the loaded module.

The input NRR is used with [[RO_services#RegisterModuleInfo2|RegisterModuleInfo2]], then the NRO is used with [[RO_services#LoadModule|LoadModule]] (these are copied into another buffer with the required alignment). Afterwards, various symbol lookup is done with the loaded module:

* "nnjitpluginGetVersion", error is handled on failure. This is called with no args, if the u32 output is >1 an error is thrown.

* "nnjitpluginResolveBasicSymbols", this is optional. When successful and the funcptr is valid, this is called with x0 = {funcptr which can be called by the plugin for symbol-lookup. funcptr x0 = symbol_str*, ret = symbol_funcptr - this internally calls "nn::ro::LookupSymbol"}.

* "nnjitpluginSetupDiagnostics", this is optional. When successful and the funcptr is valid, this is called with w0=1 and x1 = {ptr to a funcptr on stack, the func for this is a duplicate of the one referenced above}.

* "nnjitpluginConfigure", error is handled on failure. When [[Settings_services#GetDebugModeFlag|GetDebugModeFlag]] returns true, the symbol funcptr is called with x0 = {ptr where 2 output u32s are located}, and then the two output u32s are loaded (that data on stack is cleared prior to calling the funcptr). Otherwise when false, it's called with x0=0 and the fields which would contain the output u32s are cleared to 0. These fields are "nn::jit::MemorySecurityMode".

* {calls a vtable funcptr, and handles error on failure}

* TransferMemory init is done here. An ASLR'd address for the TransferMemory mapped-address is determined, which will then be reused for all later mappings.

* CodeMemory init func-calling is done for both regions, where w1={first output from "nnjitpluginConfigure" above}. Likewise with the TransferMemory, with w1={second output from "nnjitpluginConfigure" above}.

* "nnjitpluginOnPrepared", error is handled on failure. Before/after calling this symbol funcptr, the TransferMemory is mapped/unmapped. The symbol funcptr is called with x0 = {ptr to struct on stack}. The struct has following structure: +0 = 0x20-bytes of data from state, +0x20 = TransferMemory map-addr, +0x28 = TransferMemory size, and +0x30 size 0x10-bytes is cleared.

* Then this does cleanup and returns.

== GetCodeAddress ==

@@ Line 50: / Line 50: @@
 The first buffer contains the [[NRR]], the second buffer contains the [[NRO]].
-The tmem is temporarily mapped & cleared, when any errors this will also be done again.
+The tmem is temporarily mapped & cleared, when any errors this will also be done again. This always only mapped temporarily. This is referred to as "WorkMemory".
-The input NRR is used with [[RO_services#RegisterModuleInfo2|RegisterModuleInfo2]], then the NRO is used with [[RO_services#LoadModule|LoadModule]] (these are copied into another buffer with the required alignment). Afterwards, various symbol lookup is done with the loaded module.
+The input NRR is used with [[RO_services#RegisterModuleInfo2|RegisterModuleInfo2]], then the NRO is used with [[RO_services#LoadModule|LoadModule]] (these are copied into another buffer with the required alignment). Afterwards, various symbol lookup is done with the loaded module:
+* "nnjitpluginGetVersion", error is handled on failure. This is called with no args, if the u32 output is >1 an error is thrown.
+* "nnjitpluginResolveBasicSymbols", this is optional. When successful and the funcptr is valid, this is called with x0 = {funcptr which can be called by the plugin for symbol-lookup. funcptr x0 = symbol_str*, ret = symbol_funcptr - this internally calls "nn::ro::LookupSymbol"}.
+* "nnjitpluginSetupDiagnostics", this is optional. When successful and the funcptr is valid, this is called with w0=1 and x1 = {ptr to a funcptr on stack, the func for this is a duplicate of the one referenced above}.
+* "nnjitpluginConfigure", error is handled on failure. When [[Settings_services#GetDebugModeFlag|GetDebugModeFlag]] returns true, the symbol funcptr is called with x0 = {ptr where 2 output u32s are located}, and then the two output u32s are loaded (that data on stack is cleared prior to calling the funcptr). Otherwise when false, it's called with x0=0 and the fields which would contain the output u32s are cleared to 0. These fields are "nn::jit::MemorySecurityMode".
+* {calls a vtable funcptr, and handles error on failure}
+* TransferMemory init is done here. An ASLR'd address for the TransferMemory mapped-address is determined, which will then be reused for all later mappings.
+* CodeMemory init func-calling is done for both regions, where w1={first output from "nnjitpluginConfigure" above}. Likewise with the TransferMemory, with w1={second output from "nnjitpluginConfigure" above}.
+* "nnjitpluginOnPrepared", error is handled on failure. Before/after calling this symbol funcptr, the TransferMemory is mapped/unmapped. The symbol funcptr is called with x0 = {ptr to struct on stack}. The struct has following structure: +0 = 0x20-bytes of data from state, +0x20 = TransferMemory map-addr, +0x28 = TransferMemory size, and +0x30 size 0x10-bytes is cleared.
+* Then this does cleanup and returns.
 == GetCodeAddress ==