1
/*
2
 * Atmosphère Package 3 parser.
3
 *
4
 * Copyright (c) 2019-2025 CTCaer
5
 *
6
 * This program is free software; you can redistribute it and/or modify it
7
 * under the terms and conditions of the GNU General Public License,
8
 * version 2, as published by the Free Software Foundation.
9
 *
10
 * This program is distributed in the hope it will be useful, but WITHOUT
11
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
12
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
13
 * more details.
14
 *
15
 * You should have received a copy of the GNU General Public License
16
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
17
 */
18

19
#include <string.h>
20

21
#include <bdk.h>
22

23
#include "pkg3.h"
24
#include "hos.h"
25
#include "../config.h"
26
#include <libs/fatfs/ff.h>
27
#include "../storage/emummc.h"
28

29
//#define DPRINTF(...) gfx_printf(__VA_ARGS__)
30
#define DPRINTF(...)
31

32
extern hekate_config h_cfg;
33

34
extern bool is_ipl_updated(void *buf, const char *path, bool force);
35

36
#define PKG3_KIP_SKIP_MAX 16
37

38
// PKG3 Magic and Meta header offset.
39
#define PKG3_MAGIC 0x30535346 // FSS0.
40
#define PKG3_META_OFFSET 0x4
41
#define PKG3_VERSION_0_17_0 0x110000
42

43
// PKG3 Content Types.
44
#define CNT_TYPE_FSP 0
45
#define CNT_TYPE_EXO 1  // Exosphere (Secure Monitor).
46
#define CNT_TYPE_WBT 2  // Warmboot (SC7Exit fw).
47
#define CNT_TYPE_RBT 3  // Rebootstub (Warmboot based reboot fw).
48
#define CNT_TYPE_SP1 4  // Sept Primary (TSEC and Sept Secondary loader).
49
#define CNT_TYPE_SP2 5  // Sept Secondary (Acts as pkg11 and derives keys).
50
#define CNT_TYPE_KIP 6  // KIP1 (Used for replacement or addition).
51
#define CNT_TYPE_BMP 7
52
#define CNT_TYPE_EMC 8
53
#define CNT_TYPE_KLD 9  // Kernel Loader.
54
#define CNT_TYPE_KRN 10 // Kernel.
55
#define CNT_TYPE_EXF 11 // Exosphere Mariko fatal payload.
56
#define CNT_TYPE_TKG 12 // Tsec Keygen.
57

58
// PKG3 Content Flags.
59
#define CNT_FLAG0_EXPERIMENTAL BIT(0)
60

61
// PKG3 Meta Header.
62
typedef struct _pkg3_meta_t
63
{
64
	u32 magic;
65
	u32 size;
66
	u32 crt0_off;
67
	u32 cnt_off;
68
	u32 cnt_count;
69
	u32 hos_ver;
70
	u32 version;
71
	u32 git_rev;
72
} pkg3_meta_t;
73

74
// PKG3 Content Header.
75
typedef struct _pkg3_content_t
76
{
77
	u32 offset;
78
	u32 size;
79
	u8 type;
80
	u8 flags0;
81
	u8 flags1;
82
	u8 flags2;
83
	u32 rsvd1;
84
	char name[0x10];
85
} pkg3_content_t;
86

87
static void _pkg3_update_r2p()
88
{
89
	u8 *r2p_payload = sd_file_read("atmosphere/reboot_payload.bin", NULL);
90

91
	is_ipl_updated(r2p_payload, "atmosphere/reboot_payload.bin", h_cfg.updater2p ? true : false);
92

93
	free(r2p_payload);
94
}
95

96
static int _pkg3_kip1_skip(char ***pkg3_kip1_skip, u32 *pkg3_kip1_skip_num, char *value)
97
{
98
	int len = strlen(value);
99
	if (!len || (*pkg3_kip1_skip_num) >= PKG3_KIP_SKIP_MAX)
100
		return 0;
101

102
	// Allocate pointer list memory.
103
	if (!(*pkg3_kip1_skip))
104
		(*pkg3_kip1_skip) = calloc(PKG3_KIP_SKIP_MAX, sizeof(char *));
105

106
	// Set first kip name.
107
	(*pkg3_kip1_skip)[(*pkg3_kip1_skip_num)++] = value;
108

109
	// Check if more names are set separated by comma.
110
	for (char *c = value; *c != 0; c++)
111
	{
112
		if (*c == ',')
113
		{
114
			*c = 0; // Null termination.
115

116
			// Set next kip name to the list.
117
			(*pkg3_kip1_skip)[(*pkg3_kip1_skip_num)++] = c + 1;
118

119
			if ((*pkg3_kip1_skip_num) >= PKG3_KIP_SKIP_MAX)
120
				return 0;
121
		}
122
	}
123

124
	return 1;
125
}
126

127
int parse_pkg3(launch_ctxt_t *ctxt, const char *path)
128
{
129
	FIL fp;
130

131
	char **pkg3_kip1_skip = NULL;
132
	u32    pkg3_kip1_skip_num = 0;
133

134
	bool stock = false;
135
	bool experimental = false;
136

137
	// Skip if stock and Exosphere and warmboot are not needed.
138
	bool pkg1_old = ctxt->pkg1_id->kb <= HOS_KB_VERSION_620; // Should check if t210b01?
139
	bool emummc_disabled = !emu_cfg.enabled || h_cfg.emummc_force_disable;
140

141
	LIST_FOREACH_ENTRY(ini_kv_t, kv, &ctxt->cfg->kvs, link)
142
	{
143
		if (!strcmp("stock", kv->key))
144
			if (kv->val[0] == '1')
145
				stock = true;
146

147
		if (!strcmp("pkg3ex", kv->key))
148
			if (kv->val[0] == '1')
149
				experimental = true;
150

151
		if (!strcmp("pkg3kip1skip", kv->key))
152
			_pkg3_kip1_skip(&pkg3_kip1_skip, &pkg3_kip1_skip_num, kv->val);
153
	}
154

155
#ifdef HOS_MARIKO_STOCK_SECMON
156
	if (stock && emummc_disabled && (pkg1_old || h_cfg.t210b01))
157
		return 1;
158
#else
159
	if (stock && emummc_disabled && pkg1_old)
160
		return 1;
161
#endif
162

163
	// Try to open PKG3.
164
	if (f_open(&fp, path, FA_READ) != FR_OK)
165
		return 0;
166

167
	void *pkg3 = malloc(f_size(&fp));
168

169
	// Read first 1024 bytes of the PKG3 file.
170
	f_read(&fp, pkg3, 1024, NULL);
171

172
	// Get PKG3 Meta header offset.
173
	u32 pkg3_meta_addr = *(u32 *)(pkg3 + PKG3_META_OFFSET);
174
	pkg3_meta_t *pkg3_meta = (pkg3_meta_t *)(pkg3 + pkg3_meta_addr);
175

176
	// Check if valid PKG3 and parse it.
177
	if (pkg3_meta->magic == PKG3_MAGIC)
178
	{
179
		gfx_printf("Atmosphere %d.%d.%d-%08x via PKG3\n"
180
			"Max HOS: %d.%d.%d\n"
181
			"Unpacking..  ",
182
			pkg3_meta->version >> 24, (pkg3_meta->version >> 16) & 0xFF, (pkg3_meta->version >> 8) & 0xFF, pkg3_meta->git_rev,
183
			pkg3_meta->hos_ver >> 24, (pkg3_meta->hos_ver >> 16) & 0xFF, (pkg3_meta->hos_ver >> 8) & 0xFF);
184

185
		ctxt->patch_krn_proc_id = true;
186
		ctxt->pkg3_hosver = pkg3_meta->hos_ver;
187

188
		// Parse PKG3 contents.
189
		pkg3_content_t *curr_pkg3_cnt = (pkg3_content_t *)(pkg3 + pkg3_meta->cnt_off);
190
		void *content;
191
		for (u32 i = 0; i < pkg3_meta->cnt_count; i++)
192
		{
193
			content = (void *)(pkg3 + curr_pkg3_cnt[i].offset);
194

195
			// Check if offset is inside limits.
196
			if ((curr_pkg3_cnt[i].offset + curr_pkg3_cnt[i].size) > pkg3_meta->size)
197
				continue;
198

199
			// If content is experimental and experimental config is not enabled, skip it.
200
			if ((curr_pkg3_cnt[i].flags0 & CNT_FLAG0_EXPERIMENTAL) && !experimental)
201
				continue;
202

203
			// Prepare content.
204
			switch (curr_pkg3_cnt[i].type)
205
			{
206
			case CNT_TYPE_KIP:
207
				if (stock)
208
					continue;
209

210
				bool should_skip = false;
211
				for (u32 k = 0; k < pkg3_kip1_skip_num; k++)
212
				{
213
					if (!strcmp(curr_pkg3_cnt[i].name, pkg3_kip1_skip[k]))
214
					{
215
						gfx_printf("Skipped %s.kip1 from PKG3\n", curr_pkg3_cnt[i].name);
216
						should_skip = true;
217
						break;
218
					}
219
				}
220
				if (should_skip)
221
					continue;
222

223
				merge_kip_t *mkip1 = (merge_kip_t *)malloc(sizeof(merge_kip_t));
224
				mkip1->kip1 = content;
225
				list_append(&ctxt->kip1_list, &mkip1->link);
226
				DPRINTF("Loaded %s.kip1 from PKG3 (size %08X)\n", curr_pkg3_cnt[i].name, curr_pkg3_cnt[i].size);
227
				break;
228

229
			case CNT_TYPE_KRN:
230
				if (stock)
231
					continue;
232
				ctxt->kernel_size = curr_pkg3_cnt[i].size;
233
				ctxt->kernel = content;
234
				break;
235

236
			case CNT_TYPE_EXO:
237
				ctxt->secmon_size = curr_pkg3_cnt[i].size;
238
				ctxt->secmon = content;
239
				break;
240

241
			case CNT_TYPE_EXF:
242
				ctxt->exofatal_size = curr_pkg3_cnt[i].size;
243
				ctxt->exofatal = content;
244
				break;
245

246
			case CNT_TYPE_WBT:
247
				if (h_cfg.t210b01)
248
					continue;
249
				ctxt->warmboot_size = curr_pkg3_cnt[i].size;
250
				ctxt->warmboot = content;
251
				break;
252

253
			default:
254
				continue;
255
			}
256

257
			// Load content to launch context.
258
			f_lseek(&fp, curr_pkg3_cnt[i].offset);
259
			f_read(&fp, content, curr_pkg3_cnt[i].size, NULL);
260
		}
261

262
		gfx_printf("Done!\n");
263
		f_close(&fp);
264

265
		ctxt->pkg3 = pkg3;
266

267
		// Update r2p if needed.
268
		_pkg3_update_r2p();
269

270
		free(pkg3_kip1_skip);
271

272
		return 1;
273
	}
274

275
	// Failed. Close and free all.
276
	f_close(&fp);
277

278
	free(pkg3_kip1_skip);
279
	free(pkg3);
280

281
	return 0;
282
}
283

284