# Copyright 2008-2009  Segher Boessenkool  <segher@kernel.crashing.org>
# Copyright      2011  roto <roto@mozy.org>
# This code is licensed to you under the terms of the GNU GPL, version 2;
# see file COPYING or http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt

	.section .start,"ax"

start:
	# Set up a stack frame.
	lis 1,0x8080 ; li 0,0 ; stwu 0,-64(1)

	# Stop audio and video.
	lis 0,audio_stop@h ; ori 0,0,audio_stop@l ; mtctr 0 ; bctrl
	lis 0,video_stop@h ; ori 0,0,video_stop@l ; mtctr 0 ; bctrl

	# Move code into place; a generous 32kB, starting at 64kB in
	# the save file.

	# Load address where we're going to move our exploit code to
	# (0x90000020) into R03
	lis 3,main@h ; ori 3,3,main@l ; addi 5,3,-4

	# Load the address for the beginning of our save data
	# (0x91168ea0) into R04
	lis 4,save@h ; ori 4,4,save@l ; addi 4,4,-4

	addis 4,4,1 ; addi 4,4,end-start
	li 0,0x2000 ; mtctr 0
0:	lwzu 0,4(4) ; stwu 0,4(5) ; bdnz 0b

	# Sync caches on it.
	li 0,0x0400 ; mtctr 0 ; mr 5,3
0:	dcbst 0,5 ; sync ; icbi 0,5 ; addi 5,5,0x20 ; bdnz 0b
	sync ; isync

	# Jump to 0x90000020 and go for it!
	mtctr 3 ; bctr
end: