Changes

Each time the IOSU starts, the ELF loader is the first portion of code that runs in order to make preparations for the actual IOSU binary.

Each time the IOSU starts, the ELF loader is the first portion of code that runs in order to make preparations for the actual IOSU binary.

During the console's initial boot, [[boot1]] is responsible for fetching the IOSU's image and launch it (cold boot). However, IOS-MCP also has to do this when handling a system restart (warm boot).

During the console's initial boot, [[boot1]] is responsible for fetching the IOSU's image and launch it (cold boot). However, IOS-MCP also has to do this when handling a system restart (warm boot).

The IOS-MCP module begins by clearing up MEM1 then fetches the fw.img file from NAND. It verifies the [[Ancast_Image|Ancast header]], decrypts it using the [[Encryption_Keys|Starbuck Ancast Key]] and finally makes use of the [[IOSU_Syscalls|execute_privileged]] system call in order to disable memory protections and jump to the IOSU's ELF loader code.

The IOS-MCP module begins by clearing up MEM1 then fetches the fw.img file from NAND. It verifies the [[Ancast_Image|Ancast header]], decrypts it using the [[Encryption_Keys|Starbuck Ancast Key]] and finally makes use of the execute_privileged system call in order to disable memory protections and jump to the IOSU's ELF loader code.

This loader then does the following:

This loader then does the following: