YAHM - Yet Another Hack Manager for PalmOS5. Developers info.

Download SDK http://yahm.palmoid.com/yahm_dev.zip

You can ask questions about ARM hack development in yahoo group 'palmnest'.

News

1.00 (October 13, 2003)

Text reorganization
New samples

Index

1. YAHM for PalmOS 5. What is it?
2. Native patches. Pros and contras.
3. Development info.
4. Hack resources.
5. 'TRA5' resource.
6. Hack writing.
7. Native API calls.
8. Hack creation with Prc-Tools 2.3
9. Hack creation with CodeWarrior
10. Resources for ARM hacks
11. Samples
12. Version History
13. Author information
14. My other Palm software

1. YAHM for PalmOS 5. What is it?

YAHM is a hack manager for executing native hacks, written in native ARM code.

YAHM for PalmOS 5 based on YAHM hack manager. YAHM works as usual hack manager, running on top of PalmOS 3.x-4.x with m68k code resources. YAHM can't patch m68k syscalls under PalmOS5, like any other 'legacy' hack manager. You can read about hacks and PalmOS5 in excellent article "Hacks on PalmOS 5" by Daniel Seifert at http://www.dseifert.de/hacks/hack5.html.

Instead YAHM offers completely new approach to writing hacks for PalmOS5. This approach allow you to write syscall patches in native ARM code.

2. Native patches. Pros and contras.

Pros:

No performance loss. There are no switches between ARM execution and M68K emulation layer.
Hack development very similar to writing classic hacks.
Patches influence both m68k and arm applications.
All benefits of hack manager behind direct patches.

Contras:

No direct support for old hacks.
Undocumented native API usage.

3. Development info.

To write hack for PalmOS5 you should learn 3 things:

PNO(armlet) programming. Read all available information about PceNativeCall syscall. Refer to ARM forum, it is the greatest source of information about armlet writing.
Old style hack writing. Refer to classic article How to write a hack.
PalmOS5 native API. You should call native API from you hacks. Native API very similar to original API, so, you can use usual headers with minor exceptions.

4. Hack resources.

ARM hacks looks like old-style hacks. It is resource database with type 'HACK'. Resources:

'armc' #1000-... core resources with patch routines. Like 'code' resources in old hacks there you should place code.
'TRA5' #1000-... trap identification info. Like 'TRAP' resources in old hacks. Instead of trap number you should place more information: offset of table from R9, offset into routine table and kind of code: ARM vs thumb. See below for more info.
'tFRM' #3000 is an About form like old hacks.
'tFRM' #2000... is an Configure form like old hacks.
'code' #2000... is an Configure handler like old hacks. Note, that this is m68k code. I see no reason to include ARM handler (But if anyone want it, I can easily add)
Any other resources like old hacks.

5. 'TRA5' resource.

This resource hold info about 'armc' resource with appropriate resource index. Resource contains structure (with m68k byte order!):

struct ArmTrapInfo{
	UInt32 baseTableOffset; // offset of table from R9 (without negative sign)
	UInt32 offset;		// offset into table
	UInt32 thumb;		// 0 for ARM code, 1 for thumb code 
	UInt32 zero0;		// should be zero
	UInt32 zero1;		// should be zero
};

Following sample show declaration of 'TRA5' resource in PilRC file.

HEX "TRA5" ID 1000 
	00 00 00 12 
	00 00 02 04
	00 00 00 00
	00 00 00 00
	00 00 00 00

This is declaration for FrmCustomAlert syscall. This syscall calls as

LDR	R12, [R9,-12]
MOV	LR,PC
LDR	PC, [R12,#516]

Complete list of syscalls you can found in file SysTables.txt inside archive.

12 encoded in the first word and 516 == 0x204 in second word. Note, that keyword HEX in pilrc doesn't interpret all bytes inside as hex, you should use prefix 0x for it.

6. Hack writing.

No changes from old hacks. You should write them in classic style.

#include <standalone.h>
#include "../Include/endianutils.h"
#include "../Include/os5.h"
#include <palmos.h>
#define RESID 1000

STANDALONE_CODE_RESOURCE_TYPESTR_ID("armc", RESID);
typedef UInt32 (*pfnFrmCustomAlert)(UInt32 alertId, const char * s1, const char * s2, const char * s3);

UInt32 MyFrmCustomAlert1(UInt32 alertId, char * s1, const char * s2, const char * s3){
	pfnFrmCustomAlert oldTrap;

	if (alertId == 11730){ //turn on beam receive after beaming.
		return 1;
	}

	FtrGet('BEAM', RESID, (UInt32 *)&oldTrap);
	return oldTrap(alertId, s1, s2, s3);
}

This is example of hack, that turns off nasty dialog "Do you want to turn beam on now?".

7. Native API calls.

You can use PalmOS SDK headers to make native API calls. Just link each hack code with libarmboot.a and libarmui.a. There are some diffirences in API:

There is no card concept in API. you can use ****V40 function, wich has cardNo parametor, or skip it. You can use my os5.h header file with simple defines. for successfull compilation.

#define DmDatabaseInfo DmDatabaseInfoV40
#define SysCurAppDatabase SysCurAppDatabaseV40
#define DmGetNextDatabaseByTypeCreator DmGetNextDatabaseByTypeCreatorV40
#define SysUIAppSwitch SysUIAppSwitchV40
#define DmCreateDatabase DmCreateDatabaseV40
#define DmFindDatabase DmFindDatabaseV40
#define DmSetDatabaseInfo DmSetDatabaseInfoV40
#define DmOpenDatabaseInfo DmOpenDatabaseInfoV40

Don't forget to use 32-bit little endian resources. You can produce them with pilrc -LE32 option. When m68k program executes under PalmOS5 all resources converts to 32LE and available with DmGetResource. Resource name conversion ('tALT'->'aalt') can be taken from pilrc. Hack specific resources should be big endian.
Don't forget about big endian to little endian conversion.
Keep in mind that some function names were mapped to one new. EvtGetEvent and SysEventGet now call the same function.

8. Hack creation with Prc-Tools 2.3

Prc Tools 2.3 has excellent ARM support. ARM hack creation very similar to old style hacks creation.


arm-palmos-gcc -Wall -Wno-multichar -fshort-enums -fpack-struct -O1  -DMY_CRID='BEAM' -nostartfiles \ 
	-c -o code03e8.o code03e8.c
arm-palmos-gcc -O2 -Wall -nostartfiles -o code03e8 code03e8.c libarmboot.a libarmui.a
build-prc --no-check-resources -o NoBeamDialog.prc -n "NoBeamDialog" \
	 -c BEAM -t 'HACK' NoBeamDialog.ro code03e8

9. Hack creation with CodeWarrior

Cedi Caksana make SyncInfoHack with CW 9.2, hack for changing SyncName. With Cedi permission SyncInfoHack sources was included into YAHM SDK. Hack project for CW is very similar to project for legacy hack.

10. Resources for ARM hacks

PilRC has switch -LE32 for 32-bit little endian resource compilation. All resources, you want to use from hack should be compiled with this switch. About and Configure box should be compiled as usual resources. You can take Pilrc 3.0 alpha from CVS here: http://sourceforge.net/projects/pilrc/

11. Samples

Archive includes some simple hacks with sources.

12. Version History

1.00 (October 13, 2003)
- Text reorganization
- New samples
1.00b (July 7, 2003)
- First public release

13. Author information

Feel free to send bugreports and suggestions to me. Web page: http://yahm.palmoid.com
Email: support@palmoid.com