handsomematt/3ds_svc_calls.py

## 3ds_svc_calls.py
"""
//
// 3ds_svc_calls.py
//
// This will go through each svc call and leave a comment based on it's
// service call
//
"""

from idaapi import *
from idautils import *
import re

svcCalls = {
    0x01: "Result ControlMemory(u32* outaddr, u32 addr0, u32 addr1, u32 size, u32 operation, u32 permissions)  Outaddr is usually the same as the input addr0.",
    0x02: "Result QueryMemory(MemoryInfo* info, PageInfo* out, u32 Addr)",
    0x03: "void ExitProcess(void)",
    0x04: "Result GetProcessAffinityMask(u8* affinitymask, Handle process, s32 processorcount)",
    0x05: "Result SetProcessAffinityMask(Handle process, u8* affinitymask, s32 processorcount)",
    0x06: "Result GetProcessIdealProcessor(s32 *idealprocessor, Handle process)",
    0x07: "Result SetProcessIdealProcessor(Handle process, s32 idealprocessor)",
    0x08: "Result CreateThread(Handle* thread, func entrypoint, u32 arg, u32 stacktop, s32 threadpriority, s32 processorid)",
    0x09: "void ExitThread(void)",
    0x0A: "void SleepThread(s64 nanoseconds)",
    0x0B: "Result GetThreadPriority(s32* priority, Handle thread)",
    0x0C: "Result SetThreadPriority(Handle thread, s32 priority)",
    0x0D: "Result GetThreadAffinityMask(u8* affinitymask, Handle thread, s32 processorcount)",
    0x0E: "Result SetThreadAffinityMask(Handle thread, u8* affinitymask, s32 processorcount)",
    0x0F: "Result GetThreadIdealProcessor(s32* processorid, Handle thread)",
    0x10: "Result SetThreadIdealProcessor(Handle thread, s32 processorid)",
    0x11: "s32 GetCurrentProcessorNumber(void)",
    0x12: "Result Run(Handle process, StartupInfo* info)",
    0x13: "Result CreateMutex(Handle* mutex, bool initialLocked)",
    0x14: "Result ReleaseMutex(Handle mutex)",
    0x15: "Result CreateSemaphore(Handle* semaphore, s32 initialCount, s32 maxCount)",
    0x16: "Result ReleaseSemaphore(s32* count, Handle semaphore, s32 releaseCount)",
    0x17: "Result CreateEvent(Handle* event, ResetType resettype)",
    0x18: "Result SignalEvent(Handle event)",
    0x19: "Result ClearEvent(Handle event)",
    0x1A: "Result CreateTimer(Handle* timer, ResetType resettype)",
    0x1B: "Result SetTimer(Handle timer, s64 initial, s64 interval)",
    0x1C: "Result CancelTimer(Handle timer)",
    0x1D: "Result ClearTimer(Handle timer)",
    0x1E: "Result CreateMemoryBlock(Handle* memblock, u32 addr, u32 size, u32 mypermission, u32 otherpermission)",
    0x1F: "Result MapMemoryBlock(Handle memblock, u32 addr, u32 mypermissions, u32 otherpermission)",
    0x20: "Result UnmapMemoryBlock(Handle memblock, u32 addr)",
    0x21: "Result CreateAddressArbiter(Handle* arbiter)",
    0x22: "Result ArbitrateAddress(Handle arbiter, u32 addr, ArbitrationType type, s32 value, s64 nanoseconds)",
    0x23: "Result CloseHandle(Handle handle)",
    0x24: "Result WaitSynchronization1(Handle handle, s64 nanoseconds)",
    0x25: "Result WaitSynchronizationN(s32* out, Handle* handles, s32 handlecount, bool waitAll, s64 nanoseconds)",
    0x26: "Result SignalAndWait(s32* out, Handle signal, Handle* handles, s32 handleCount, bool waitAll, s64 nanoseconds)",
    0x27: "Result DuplicateHandle(Handle* out, Handle original)",
    0x28: "s64 GetSystemTick(void) (This returns the total CPU ticks elapsed since the CPU was powered-on)",
    0x29: "Result GetHandleInfo(s64* out, Handle handle, HandleInfoType type)",
    0x2A: "Result GetSystemInfo(s64* out, SystemInfoType type, s32 param)",
    0x2B: "Result GetProcessInfo(s64* out, Handle process, ProcessInfoType type)",
    0x2C: "Result GetThreadInfo(s64* out, Handle thread, ThreadInfoType type)",
    0x2D: "Result ConnectToPort(Handle* out, const char* portName)",
    0x2E: "Result SendSyncRequest1(Handle session)",
    0x2F: "Result SendSyncRequest2(Handle session)",
    0x30: "Result SendSyncRequest3(Handle session)",
    0x31: "Result SendSyncRequest4(Handle session)",
    0x32: "Result SendSyncRequest(Handle session)",
    0x33: "Result OpenProcess(Handle* process, u32 processId)",
    0x34: "Result OpenThread(Handle* thread, Handle process, u32 threadId)",
    0x35: "Result GetProcessId(u32* processId, Handle process)",
    0x36: "Result GetProcessIdOfThread(u32* processId, Handle thread)",
    0x37: "Result GetThreadId(u32* threadId, Handle thread)",
    0x38: "Result GetResourceLimit(Handle* resourceLimit, Handle process)",
    0x39: "Result GetResourceLimitLimitValues(s64* values, Handle resourceLimit, LimitableResource* names, s32 nameCount)",
    0x3A: "Result GetResourceLimitCurrentValues(s64* values, Handle resourceLimit, LimitableResource* names, s32 nameCount)",
    0x3B: "Result GetThreadContext(ThreadContext* context, Handle thread)",
    0x3C: "Break(BreakReason)",
    0x3D: "OutputDebugString(void const, int)  Does nothing on non-debug units.",
    0x3E: "ControlPerformanceCounter(unsigned long long, int, unsigned int, unsigned long long)",
    0x47: "Result CreatePort(Handle* portServer, Handle* portClient, const char* name, s32 maxSessions)",
    0x48: "Result CreateSessionToPort(Handle* session, Handle port)",
    0x49: "Result CreateSession(Handle* sessionServer, Handle* sessionClient)",
    0x4A: "Result AcceptSession(Handle* session, Handle port)",
    0x4B: "Result ReplyAndReceive1(s32* index, Handle* handles, s32 handleCount, Handle replyTarget)",
    0x4C: "Result ReplyAndReceive2(s32* index, Handle* handles, s32 handleCount, Handle replyTarget)",
    0x4D: "Result ReplyAndReceive3(s32* index, Handle* handles, s32 handleCount, Handle replyTarget)",
    0x4E: "Result ReplyAndReceive4(s32* index, Handle* handles, s32 handleCount, Handle replyTarget)",
    0x4F: "Result ReplyAndReceive(s32* index, Handle* handles, s32 handleCount, Handle replyTarget)",
    0x50: "Result BindInterrupt(Interrupt name, Handle syncObject, s32 priority, bool isManualClear)",
    0x51: "Result UnbindInterrupt(Interrupt name, Handle syncObject)",
    0x52: "Result InvalidateProcessDataCache(Handle process, void* addr, u32 size)",
    0x53: "Result StoreProcessDataCache(Handle process, void const* addr, u32 size)",
    0x54: "Result FlushProcessDataCache(Handle process, void const* addr, u32 size)",
    0x55: "Result StartInterProcessDma(Handle* dma, Handle dstProcess, void* dst, Handle srcProcess, const void* src, u32 size, const DmaConfig& config)",
    0x56: "Result StopDma(Handle dma)",
    0x57: "Result GetDmaState(DmaState* state, Handle dma)",
    0x58: "RestartDma(nn::Handle, void *, void const*, unsigned int, signed char)",
    0x60: "Result DebugActiveProcess(Handle* debug, u32 processID)",
    0x61: "Result BreakDebugProcess(Handle debug)",
    0x62: "Result TerminateDebugProcess(Handle debug)",
    0x63: "Result GetProcessDebugEvent(DebugEventInfo* info, Handle debug)",
    0x64: "Result ContinueDebugEvent(Handle debug, u32 flags)",
    0x65: "Result GetProcessList(s32* processCount, u32* processIds, s32 processIdMaxCount)",
    0x66: "Result GetThreadList(s32* threadCount, u32* threadIds, s32 threadIdMaxCount, Handle domain)",
    0x67: "Result GetDebugThreadContext(ThreadContext* context, Handle debug, u32 threadId, u32 controlFlags)",
    0x68: "Result SetDebugThreadContext(Handle debug, u32 threadId, ThreadContext* context, u32 controlFlags)",
    0x69: "Result QueryDebugProcessMemory(MemoryInfo* blockInfo, PageInfo* pageInfo, Handle process, u32 addr)",
    0x6A: "Result ReadProcessMemory(void* buffer, Handle debug, u32 addr, u32 size)",
    0x6B: "Result WriteProcessMemory(Handle debug, void const* buffer, u32 addr, u32 size)",
    0x6C: "Result SetHardwareBreakPoint(s32 registerId, u32 control, u32 value)",
    0x6D: "GetDebugThreadParam(long long *, int *, nn::Handle, unsigned int, nn::dmnt::DebugThreadParam)",
    0x70: "Result ControlProcessMemory(Handle KProcess, unsigned int Addr0, unsigned int Addr1, unsigned int Size, unsigned int Type, unsigned int Permissions)",
    0x71: "Result MapProcessMemory(Handle KProcess, unsigned int StartAddr, unsigned int EndAddr)",
    0x72: "Result UnmapProcessMemory(Handle KProcess, unsigned int StartAddr, unsigned int EndAddr)",
    0x73: "Result CreateCodeSet(Handle* handle_out, struct CodeSetInfo, u32 code_ptr, u32 ro_ptr, u32 data_ptr)",
    0x74: "Result RandomStub()",
    0x75: "Result CreateProcess(Handle* handle_out, Handle codeset_handle, u32 arm11kernelcaps_ptr, u32 arm11kernelcaps_num)",
    0x76: "TerminateProcess(Handle)",
    0x77: "Result SetProcessResourceLimits(Handle KProcess, Handle KResourceLimit)",
    0x78: "Result CreateResourceLimit(Handle *KResourceLimit)",
    0x79: "Result SetResourceLimitValues(Handle res_limit, LimitableResource* resource_type_list, s64* resource_list, u32 count)",
    0x7A: "AddCodeSegment (unsigned int Addr, unsigned int Size)",
    0x7B: "Backdoor(unsigned int CodeAddress)",
    0x7C: "KernelSetState(unsigned int Type, unsigned int Param0, unsigned int Param1, unsigned int Param2)",
    0x7D: "Result QueryProcessMemory(MemInfo *Info, unsigned int *Out, Handle KProcess, unsigned int Addr)",
    0xFF: "???"
}

def main():
    ea = SegByName(".text")
    for funcea in Functions(ea, SegEnd(ea)):
        E = list(FuncItems(funcea))
        for e in E:
            if (GetMnem(e) == "SVC"):
                opval = idc.GetOperandValue(e, 0)

                if opval in svcCalls:
                    print "%X"%e, "SVC", opval, "found in", GetFunctionName(funcea), svcCalls[opval]
                    MakeComm(e, svcCalls[opval])
                else:
                    print "%X"%e, "UNKNOWN SVC", opval, "found in", GetFunctionName(funcea)
                    MakeComm(e, "Unknown Supervisor Call")

main()
	"""
	//
	// 3ds_svc_calls.py
	//
	// This will go through each svc call and leave a comment based on it's
	// service call
	//
	"""

	from idaapi import *
	from idautils import *
	import re

	svcCalls = {
	0x01: "Result ControlMemory(u32* outaddr, u32 addr0, u32 addr1, u32 size, u32 operation, u32 permissions) Outaddr is usually the same as the input addr0.",
	0x02: "Result QueryMemory(MemoryInfo* info, PageInfo* out, u32 Addr)",
	0x03: "void ExitProcess(void)",
	0x04: "Result GetProcessAffinityMask(u8* affinitymask, Handle process, s32 processorcount)",
	0x05: "Result SetProcessAffinityMask(Handle process, u8* affinitymask, s32 processorcount)",
	0x06: "Result GetProcessIdealProcessor(s32 *idealprocessor, Handle process)",
	0x07: "Result SetProcessIdealProcessor(Handle process, s32 idealprocessor)",
	0x08: "Result CreateThread(Handle* thread, func entrypoint, u32 arg, u32 stacktop, s32 threadpriority, s32 processorid)",
	0x09: "void ExitThread(void)",
	0x0A: "void SleepThread(s64 nanoseconds)",
	0x0B: "Result GetThreadPriority(s32* priority, Handle thread)",
	0x0C: "Result SetThreadPriority(Handle thread, s32 priority)",
	0x0D: "Result GetThreadAffinityMask(u8* affinitymask, Handle thread, s32 processorcount)",
	0x0E: "Result SetThreadAffinityMask(Handle thread, u8* affinitymask, s32 processorcount)",
	0x0F: "Result GetThreadIdealProcessor(s32* processorid, Handle thread)",
	0x10: "Result SetThreadIdealProcessor(Handle thread, s32 processorid)",
	0x11: "s32 GetCurrentProcessorNumber(void)",
	0x12: "Result Run(Handle process, StartupInfo* info)",
	0x13: "Result CreateMutex(Handle* mutex, bool initialLocked)",
	0x14: "Result ReleaseMutex(Handle mutex)",
	0x15: "Result CreateSemaphore(Handle* semaphore, s32 initialCount, s32 maxCount)",
	0x16: "Result ReleaseSemaphore(s32* count, Handle semaphore, s32 releaseCount)",
	0x17: "Result CreateEvent(Handle* event, ResetType resettype)",
	0x18: "Result SignalEvent(Handle event)",
	0x19: "Result ClearEvent(Handle event)",
	0x1A: "Result CreateTimer(Handle* timer, ResetType resettype)",
	0x1B: "Result SetTimer(Handle timer, s64 initial, s64 interval)",
	0x1C: "Result CancelTimer(Handle timer)",
	0x1D: "Result ClearTimer(Handle timer)",
	0x1E: "Result CreateMemoryBlock(Handle* memblock, u32 addr, u32 size, u32 mypermission, u32 otherpermission)",
	0x1F: "Result MapMemoryBlock(Handle memblock, u32 addr, u32 mypermissions, u32 otherpermission)",
	0x20: "Result UnmapMemoryBlock(Handle memblock, u32 addr)",
	0x21: "Result CreateAddressArbiter(Handle* arbiter)",
	0x22: "Result ArbitrateAddress(Handle arbiter, u32 addr, ArbitrationType type, s32 value, s64 nanoseconds)",
	0x23: "Result CloseHandle(Handle handle)",
	0x24: "Result WaitSynchronization1(Handle handle, s64 nanoseconds)",
	0x25: "Result WaitSynchronizationN(s32* out, Handle* handles, s32 handlecount, bool waitAll, s64 nanoseconds)",
	0x26: "Result SignalAndWait(s32* out, Handle signal, Handle* handles, s32 handleCount, bool waitAll, s64 nanoseconds)",
	0x27: "Result DuplicateHandle(Handle* out, Handle original)",
	0x28: "s64 GetSystemTick(void) (This returns the total CPU ticks elapsed since the CPU was powered-on)",
	0x29: "Result GetHandleInfo(s64* out, Handle handle, HandleInfoType type)",
	0x2A: "Result GetSystemInfo(s64* out, SystemInfoType type, s32 param)",
	0x2B: "Result GetProcessInfo(s64* out, Handle process, ProcessInfoType type)",
	0x2C: "Result GetThreadInfo(s64* out, Handle thread, ThreadInfoType type)",
	0x2D: "Result ConnectToPort(Handle* out, const char* portName)",
	0x2E: "Result SendSyncRequest1(Handle session)",
	0x2F: "Result SendSyncRequest2(Handle session)",
	0x30: "Result SendSyncRequest3(Handle session)",
	0x31: "Result SendSyncRequest4(Handle session)",
	0x32: "Result SendSyncRequest(Handle session)",
	0x33: "Result OpenProcess(Handle* process, u32 processId)",
	0x34: "Result OpenThread(Handle* thread, Handle process, u32 threadId)",
	0x35: "Result GetProcessId(u32* processId, Handle process)",
	0x36: "Result GetProcessIdOfThread(u32* processId, Handle thread)",
	0x37: "Result GetThreadId(u32* threadId, Handle thread)",
	0x38: "Result GetResourceLimit(Handle* resourceLimit, Handle process)",
	0x39: "Result GetResourceLimitLimitValues(s64* values, Handle resourceLimit, LimitableResource* names, s32 nameCount)",
	0x3A: "Result GetResourceLimitCurrentValues(s64* values, Handle resourceLimit, LimitableResource* names, s32 nameCount)",
	0x3B: "Result GetThreadContext(ThreadContext* context, Handle thread)",
	0x3C: "Break(BreakReason)",
	0x3D: "OutputDebugString(void const, int) Does nothing on non-debug units.",
	0x3E: "ControlPerformanceCounter(unsigned long long, int, unsigned int, unsigned long long)",
	0x47: "Result CreatePort(Handle* portServer, Handle* portClient, const char* name, s32 maxSessions)",
	0x48: "Result CreateSessionToPort(Handle* session, Handle port)",
	0x49: "Result CreateSession(Handle* sessionServer, Handle* sessionClient)",
	0x4A: "Result AcceptSession(Handle* session, Handle port)",
	0x4B: "Result ReplyAndReceive1(s32* index, Handle* handles, s32 handleCount, Handle replyTarget)",
	0x4C: "Result ReplyAndReceive2(s32* index, Handle* handles, s32 handleCount, Handle replyTarget)",
	0x4D: "Result ReplyAndReceive3(s32* index, Handle* handles, s32 handleCount, Handle replyTarget)",
	0x4E: "Result ReplyAndReceive4(s32* index, Handle* handles, s32 handleCount, Handle replyTarget)",
	0x4F: "Result ReplyAndReceive(s32* index, Handle* handles, s32 handleCount, Handle replyTarget)",
	0x50: "Result BindInterrupt(Interrupt name, Handle syncObject, s32 priority, bool isManualClear)",
	0x51: "Result UnbindInterrupt(Interrupt name, Handle syncObject)",
	0x52: "Result InvalidateProcessDataCache(Handle process, void* addr, u32 size)",
	0x53: "Result StoreProcessDataCache(Handle process, void const* addr, u32 size)",
	0x54: "Result FlushProcessDataCache(Handle process, void const* addr, u32 size)",
	0x55: "Result StartInterProcessDma(Handle* dma, Handle dstProcess, void* dst, Handle srcProcess, const void* src, u32 size, const DmaConfig& config)",
	0x56: "Result StopDma(Handle dma)",
	0x57: "Result GetDmaState(DmaState* state, Handle dma)",
	0x58: "RestartDma(nn::Handle, void , void const, unsigned int, signed char)",
	0x60: "Result DebugActiveProcess(Handle* debug, u32 processID)",
	0x61: "Result BreakDebugProcess(Handle debug)",
	0x62: "Result TerminateDebugProcess(Handle debug)",
	0x63: "Result GetProcessDebugEvent(DebugEventInfo* info, Handle debug)",
	0x64: "Result ContinueDebugEvent(Handle debug, u32 flags)",
	0x65: "Result GetProcessList(s32* processCount, u32* processIds, s32 processIdMaxCount)",
	0x66: "Result GetThreadList(s32* threadCount, u32* threadIds, s32 threadIdMaxCount, Handle domain)",
	0x67: "Result GetDebugThreadContext(ThreadContext* context, Handle debug, u32 threadId, u32 controlFlags)",
	0x68: "Result SetDebugThreadContext(Handle debug, u32 threadId, ThreadContext* context, u32 controlFlags)",
	0x69: "Result QueryDebugProcessMemory(MemoryInfo* blockInfo, PageInfo* pageInfo, Handle process, u32 addr)",
	0x6A: "Result ReadProcessMemory(void* buffer, Handle debug, u32 addr, u32 size)",
	0x6B: "Result WriteProcessMemory(Handle debug, void const* buffer, u32 addr, u32 size)",
	0x6C: "Result SetHardwareBreakPoint(s32 registerId, u32 control, u32 value)",
	0x6D: "GetDebugThreadParam(long long , int , nn::Handle, unsigned int, nn::dmnt::DebugThreadParam)",
	0x70: "Result ControlProcessMemory(Handle KProcess, unsigned int Addr0, unsigned int Addr1, unsigned int Size, unsigned int Type, unsigned int Permissions)",
	0x71: "Result MapProcessMemory(Handle KProcess, unsigned int StartAddr, unsigned int EndAddr)",
	0x72: "Result UnmapProcessMemory(Handle KProcess, unsigned int StartAddr, unsigned int EndAddr)",
	0x73: "Result CreateCodeSet(Handle* handle_out, struct CodeSetInfo, u32 code_ptr, u32 ro_ptr, u32 data_ptr)",
	0x74: "Result RandomStub()",
	0x75: "Result CreateProcess(Handle* handle_out, Handle codeset_handle, u32 arm11kernelcaps_ptr, u32 arm11kernelcaps_num)",
	0x76: "TerminateProcess(Handle)",
	0x77: "Result SetProcessResourceLimits(Handle KProcess, Handle KResourceLimit)",
	0x78: "Result CreateResourceLimit(Handle *KResourceLimit)",
	0x79: "Result SetResourceLimitValues(Handle res_limit, LimitableResource* resource_type_list, s64* resource_list, u32 count)",
	0x7A: "AddCodeSegment (unsigned int Addr, unsigned int Size)",
	0x7B: "Backdoor(unsigned int CodeAddress)",
	0x7C: "KernelSetState(unsigned int Type, unsigned int Param0, unsigned int Param1, unsigned int Param2)",
	0x7D: "Result QueryProcessMemory(MemInfo Info, unsigned int Out, Handle KProcess, unsigned int Addr)",
	0xFF: "???"
	}

	def main():
	ea = SegByName(".text")
	for funcea in Functions(ea, SegEnd(ea)):
	E = list(FuncItems(funcea))
	for e in E:
	if (GetMnem(e) == "SVC"):
	opval = idc.GetOperandValue(e, 0)

	if opval in svcCalls:
	print "%X"%e, "SVC", opval, "found in", GetFunctionName(funcea), svcCalls[opval]
	MakeComm(e, svcCalls[opval])
	else:
	print "%X"%e, "UNKNOWN SVC", opval, "found in", GetFunctionName(funcea)
	MakeComm(e, "Unknown Supervisor Call")

	main()