NSO: Difference between revisions

Retrieved from "https://switchbrew.org/wiki/NSO"

Please enable JavaScript to pass antispam protection!
Here are the instructions how to enable JavaScript in your web browser http://www.enable-javascript.com.
Antispam by CleanTalk.

@@ Line 1: / Line 1: @@
-[[Category:File formats]]
 NSO is the main executable format.
-It starts with the "NSO" header and mainly describes .text, .rodata, and .data segments (like a short-form of ELF program headers):
+It starts with the "NSO" header and mainly describes .text, .rodata, and .data segments (like a short-form of ELF program headers). If the segments are compressed, they are compressed using LZ4.
-= NSO Header =
+= NsoHeader =
 {| class="wikitable" border="1"
 |-
@@ Line 13: / Line 12: @@
 | 0x0
 | 4
-| Magic "NSO0"
+| Signature ("NSO0")
 |-
 | 0x4
 | 4
-| NSO Version (Always 0)
+| Version
 |-
 | 0x8
 | 4
-| Reserved (Unused)
+| Reserved
 |-
 | 0xC
 | 4
-| Flags, bit 0-2: (.text, .rodata and .data) section is compressed, bit 3-5: check section hash when loading
+| [[#Flags|Flags]]
 |-
 | 0x10
-| 0xC
+| 0x4
-| .text SegmentHeader
+| TextFileOffset
+|-
+| 0x14
+| 0x4
+| TextMemoryOffset
+|-
+| 0x18
+| 0x4
+| TextSize
 |-
 | 0x1C
 | 0x4
-| Module offset (calculated by sizeof(header))
+| ModuleNameOffset (calculated by sizeof(header))
 |-
 | 0x20
-| 0xC
+| 0x4
-| .rodata SegmentHeader
+| RoFileOffset
+|-
+| 0x24
+| 0x4
+| RoMemoryOffset
+|-
+| 0x28
+| 0x4
+| RoSize
 |-
 | 0x2C
 | 0x4
-| Module file size
+| ModuleNameSize
 |-
 | 0x30
-| 0xC
+| 0x4
-| .data SegmentHeader
+| DataFileOffset
+|-
+| 0x34
+| 0x4
+| DataMemoryOffset
+|-
+| 0x38
+| 0x4
+| DataSize
 |-
 | 0x3C
 | 0x4
-| bssSize
+| BssSize
 |-
 | 0x40
 | 0x20
-| Value of "build id" from ELF's GNU .note section. Contains variable sized digest, up to 32bytes.
+| [[#ModuleId|ModuleId]]
 |-
 | 0x60
 | 0x4
-| .text compressed size
+| TextFileSize (.text compressed size)
 |-
 | 0x64
 | 0x4
-| .rodata compressed size
+| RoFileSize (.rodata compressed size)
 |-
 | 0x68
 | 0x4
-| .data compressed size
+| DataFileSize (.data compressed size)
 |-
 | 0x6C
 | 0x1C
-| Reserved (Padding)
+| Reserved
 |-
 | 0x88
-| 0x8
+| 0x4
-| .rodata-relative extents of .api_info
+| EmbeddedOffset (relative to the .rodata section)
+|-
+| 0x8C
+| 0x4
+| EmbeddedSize
 |-
 | 0x90
-| 0x8
+| 0x4
-| .rodata-relative extents of .dynstr
+| DynStrOffset (relative to the .rodata section)
+|-
+| 0x94
+| 0x4
+| DynStrSize
 |-
 | 0x98
-| 0x8
-| .rodata-relative extents of .dynsym
-|-
-| 0xA0
-| 0x20 * 3
-| SHA256 hashes over the decompressed sections using the above byte-sizes: .text, .rodata, and .data.
-|-
-| 0x100
-|
-| Compressed sections
-|}
-Most data in Switch binaries are standard ELF structures, however some are custom.
-For example, the MOD header is essentially a replacement for a PT_DYNAMIC program header.
-== SegmentHeader ==
-{| class="wikitable" border="1"
-|-
-! Offset
-! Size
-! Description
-|-
-| 0x0
 | 0x4
-| FileOffset
+| DynSymOffset (relative to the .rodata section)
 |-
+| 0x9C
 | 0x4
-| 0x4
+| DynSymSize
-| MemoryOffset
 |-
-| 0x8
+| 0xA0
-| 0x4
+| 0x20
-| DecompressedSize
+| TextHash (SHA-256 hash over the decompressed .text section using the above size)
-|}
-== .rodata-relative extent ==
-{| class="wikitable" border="1"
 |-
-! Offset
+| 0xC0
-! Size
+| 0x20
-! Description
+| RoHash (SHA-256 hash over the decompressed .rodata section using the above size)
 |-
-| 0x0
+| 0xE0
-| 4
+| 0x20
-| RegionRoDataOffset
+| DataHash (SHA-256 hash over the decompressed .data section using the above size)
 |-
-| 0x4
+| 0x100
-| 4
+| Variable
-| RegionSize
+| Compressed sections
 |}
-== MOD ==
+== Flags ==
-All offsets are signed 32bit values relative to the magic field.
-The 32bits at image base + 4 must point to the magic field.
-The MOD structure is designed such that it can be placed at image base and point to itself.
-The 2 fields preceding the magic field get copied around with the structure, even if it is relocated to somewhere besides the image base. If MOD is not located at image base, the value at offset 4 must still point to the MOD magic. In the case of .text being at image base, this implies that the first instruction can only be an unconditional branch over the offset literal.
 {| class="wikitable" border="1"
 |-
-! Offset
+! Bits
-! Size
 ! Description
 |-
-| 0x00
+| 0
-| 4
+| TextCompress (.text section is compressed)
-| ZeroPadding
-|-
-| 0x04
-| 4
-| MagicOffset. Always 8 (so it works when MOD is at image_base + 0).
-|-
-| 0x08
-| 4
-| Magic "MOD0"
 |-
-| 0x0C
+| 1
-| 4
+| RoCompress (.rodata section is compressed)
-| .dynamic offset
-|-
-| 0x10
-| 4
-| .bss start offset
 |-
-| 0x14
+| 2
-| 4
+| DataCompress (.data section is compressed)
-| .bss end offset
 |-
-| 0x18
+| 3
-| 4
+| TextHash (.text hash must be checked when loading)
-| .eh_frame_hdr start offset
 |-
-| 0x1C
 | 4
-| .eh_frame_hdr end offset
+| RoHash (.rodata hash must be checked when loading)
 |-
-| 0x20
+| 5
-| 4
+| DataHash (.data hash must be checked when loading)
-| offset to runtime-generated module object. typically equal to .bss base.
 |}
-=Arguments=
+== ModuleId ==
-Loader maps memory and writes the [[Loader_services#AddProcessToLaunchQueue|arguments]] to {end of rwdata section specified by last SegmentHeader}. Official processes use argdata_addr = {page-aligned _end}. svcQueryMemory is used by official sw to verify that argdata_addr is mapped RW, since this memory is only mapped when arguments are specified via that command. Afterwards, official sw aligns the argdata_addr to 4-bytes. Structure located at argdata_addr:
+This is "nn::ro::detail::ModuleId".
+Value of "build id" from ELF's GNU .note section. Contains variable sized digest, up to 32bytes.
+= Arguments =
+[[Loader_services|Loader]] maps memory and writes the [[Loader_services#SetProgramArgument|arguments]] to {end of rwdata section}. Official processes use argdata_addr = {page-aligned _end}. svcQueryMemory is used by official sw to verify that argdata_addr is mapped RW, since this memory is only mapped when arguments are specified via that command. Afterwards, official sw aligns the argdata_addr to 4-bytes.
+The structure located at argdata_addr is as follows:
 {| class="wikitable" border="1"
 |-