869
edits
Changes
no edit summary
| 4
| 4
|
|
|-style="border-top: double"
| style="background: red" | No
| Clock related?
| 0x10140400
| 1
| NewProcess11
|-
| style="background: red" | No
| Clock related?
| 0x10140410
| 4
| NewProcess11
|-
| style="background: red" | No
| [[#PDN_BOOTROM_OVERLAY_CNT|PDN_BOOTROM_OVERLAY_CNT]]
| 0x10140420
| 4
| NewProcess11
|-
| style="background: red" | No
| [[#PDN_BOOTROM_OVERLAY_VAL|PDN_BOOTROM_OVERLAY_VAL]]
| 0x10140424
| 4
| NewProcess11
|-
| style="background: red" | No
| ?
| 0x10140428
| 4
|
|-style="border-top: double"
| style="background: green" | Yes
| [[#PDN_MPCORE_CFG|PDN_MPCORE_CFG]]
| 0x10140FFC
| 1
| NewKernel11
|-style="border-top: double"
|-style="border-top: double"
| style="background: green" | Yes
| style="background: green" | Yes
| 1
| 1
| Process9, [[PDN Services]]
| Process9, [[PDN Services]]
|}
|-style="border-top: double"
| style="background: red" | No
| [[#PDN_MPCORE_STATUS|PDN_MPCORE_STATUS]]
| 0x10141300
| 2
| NewProcess11
|-
|-
| 0
| style="background: red" | No
| Enable [[SPI Registers]] 0x10160000.
| [[#PDN_MPCORE_CNT|PDN_MPCORE_CNT]]
|-
| 0x10141304
| 1
| 2
| Enable [[SPI Registers]] 0x10142000.
| NewProcess11
|-
|-
| 2
| style="background: red" | No
| Enable [[SPI Registers]] 0x10143800.
| [[#PDN_MPCORE_BOOTCNT|PDN_MPCORE_BOOTCNT]]
| 0x10141310
| 1*4
| NewProcess11
|}
|}
| Enable (0=Disable, 1=Enable)
| Enable (0=Disable, 1=Enable)
|}
|}
== PDN_SPI_CNT ==
{| class="wikitable" border="1"
! Bit
! Description
|-
| 0
| Enable [[SPI Registers]] 0x10160000.
|-
| 1
| Enable [[SPI Registers]] 0x10142000.
|-
| 2
| Enable [[SPI Registers]] 0x10143800.
|}
== PDN_BOOTROM_OVERLAY_CNT ==
Bit0: Enable bootrom overlay functionality.
== PDN_BOOTROM_OVERLAY_VAL ==
The 32-bit value to overlay data-reads to bootrom with. See [[#PDN_MPCORE_BOOTCNT|PDN_MPCORE_BOOTCNT]].
== PDN_MPCORE_CFG ==
Read-only register.
{| class="wikitable" border="1"
! Bits
! Description
|-
| 0
| Always set to 1 on both Old3DS and New3DS.
|-
| 1
| 3rd ARM11 MPCore available maybe?
|-
| 2
| 4th ARM11 MPCore available maybe?
|}
== PDN_MPCORE_STATUS ==
Read-only register.
{| class="wikitable" border="1"
! Bits
! Description
|-
| 0
| Always set to 1 on both Old3DS and New3DS.
|-
| 1
| 3rd ARM11 MPCore powered on maybe?
|-
| 2
| 4th ARM11 MPCore powered on maybe?
|}
== PDN_MPCORE_CNT ==
{| class="wikitable" border="1"
! Bits
! Description
|-
| 0
| Power on 3rd ARM11 MPCore maybe?
|-
| 8
| Power on 4th ARM11 MPCore maybe?
|}
== PDN_MPCORE_BOOTCNT ==
{| class="wikitable" border="1"
! Bits
! Description
|-
| 0
| Enable bootrom instruction overlay. This bit is only writable for core2 and core3.
|-
| 1
| Enable bootrom data overlay. This bit is only writable for core2 and core3.
|-
| 4
| Has core booted maybe?
|-
| 5
| Always 1?
|}
The normal ARM11 bootrom checks cpuid and hangs if cpuid >= 2. This is a problem when booting the 2 additional New3DS ARM11 MPCores. NewKernel11 solves this by using a hardware feature to overlay the bootrom with a configurable branch to a kernel function. This overlay feature was added with the New3DS.
Bit1 in register above enables a bootrom data-override for physical addresses 0xFFFF0000-0xFFFF1000 and 0x10000-0x11000. All _data reads_ made to those regions now read the 32-bit value provided in [[#PDN_BOOTROM_OVERLAY_VAL|PDN_BOOTROM_OVERLAY_VAL]].
Bit0 enables a bootrom instruction-overlay which means that _instruction reads_ made to the bootrom region are overridden. We have not been able to dump what instructions are actually placed at bootrom by this switch (because reading the area only yields data-reads). Jumping randomly into the 0xFFFF0000-0xFFFF1000 region works fine and jumps to the value provided by the data overlay [[#PDN_BOOTROM_OVERLAY_VAL|PDN_BOOTROM_OVERLAY_VAL]]. Thus we may predict that the entire bootrom region is filled by:
ldr pc, [pc]
Or equivalent. However, jumping to some high addresses such as 0xFFFF0FF0+ will crash the core. This may be explained by prefetching in the ARM pipeline, and might help us identify what instructions are placed by the instruction-overlay.
==PDN_WIFI_CNT==
==PDN_WIFI_CNT==