Added support for 3.65/3.67

TheOfficialFloW · Mar 11, 2018 · 4080be0 · 4080be0
1 parent c51b0bb
commit 4080be0
Show file tree

Hide file tree

Showing 29 changed files with 5,478 additions and 5,069 deletions.
diff --git a/adrenaline_compat.h b/adrenaline_compat.h
@@ -20,7 +20,7 @@
 #define __ADRENALINE_COMPAT_H__
 
 #define ADRENALINE_VERSION_MAJOR 6
-#define ADRENALINE_VERSION_MINOR 0
+#define ADRENALINE_VERSION_MINOR 1
 #define ADRENALINE_VERSION ((ADRENALINE_VERSION_MAJOR << 16) | ADRENALINE_VERSION_MINOR)
 
 #define xstr(s) #s

diff --git a/bubble/pkg/sce_module/adrenaline_kernel.skprx b/bubble/pkg/sce_module/adrenaline_kernel.skprx
diff --git a/bubble/pkg/sce_module/adrenaline_user.suprx b/bubble/pkg/sce_module/adrenaline_user.suprx
diff --git a/cef/flash0/kd/popcorn.prx b/cef/flash0/kd/popcorn.prx
diff --git a/cef/flash0/kd/systemctrl.prx b/cef/flash0/kd/systemctrl.prx
diff --git a/cef/flash0/kd/vshctrl.prx b/cef/flash0/kd/vshctrl.prx
diff --git a/cef/flash0/payloadex.bin b/cef/flash0/payloadex.bin
diff --git a/cef/flash0/vsh/module/recovery.prx b/cef/flash0/vsh/module/recovery.prx
diff --git a/cef/flash0/vsh/module/satelite.prx b/cef/flash0/vsh/module/satelite.prx
diff --git a/cef/payloadex/main.c b/cef/payloadex/main.c
@@ -23,7 +23,6 @@
 
 #define REBOOT_MODULE "/rtm.prx"
 
-int (* sceBoot)(void *a0, void *a1, void *a2) = (void *)0x886025E8;
 int (* DcacheClear)(void) = (void *)0x886018AC;
 int (* IcacheClear)(void) = (void *)0x88601E40;
 
@@ -50,12 +49,16 @@ void SetMemoryPartitionTablePatched(void *sysmem_config, SceSysmemPartTable *tab
 int PatchSysMem(void *a0, void *sysmem_config) {
 	int (* module_bootstart)(SceSize args, void *sysmem_config) = (void *)_lw((u32)a0 + 0x28);
 
-	// Patch to add new partition	
-	SetMemoryPartitionTable = (void *)0x88012258;
-	MAKE_CALL(0x880115E0, SetMemoryPartitionTablePatched);
+	u32 i;
+	for (i = 0; i < 0x14000; i += 4) {
+		u32 addr = 0x88000000 + i;
 
-	// Fake as slim model
-	// _sw(1, sysmem_config + 0x14);
+		// Patch to add new partition
+		if (_lw(addr) == 0x14600003) {
+			K_HIJACK_CALL(addr - 0x1C, SetMemoryPartitionTablePatched, SetMemoryPartitionTable);
+			continue;
+		}
+	}
 
 	ClearCaches();
 
@@ -75,9 +78,17 @@ int DecryptExecutablePatched(void *buf, int size, int *retSize) {
 int PatchLoadCore(int (* module_bootstart)(SceSize args, void *argp), void *argp) {
 	u32 text_addr = ((u32)module_bootstart) - 0xAF8;
 
-	// Allow custom modules
-	DecryptExecutable = (void *)text_addr + 0x77B4;
-	MAKE_CALL(text_addr + 0x5864, DecryptExecutablePatched);
+	u32 i;
+	for (i = 0; i < 0x8000; i += 4) {
+		u32 addr = text_addr + i;
+
+		// Allow custom modules
+		if (_lw(addr) == 0xAE2D0048) {
+			DecryptExecutable = (void *)K_EXTRACT_CALL(addr + 8);
+			MAKE_CALL(addr + 8, DecryptExecutablePatched);
+			break;
+		}
+	}
 
 	ClearCaches();
 
@@ -208,26 +219,54 @@ int loadParamsPatched(int a0) {
 
 int _start(void *a0, void *a1, void *a2) __attribute__((section(".text.start")));
 int _start(void *a0, void *a1, void *a2) {
+	int (* sceBoot)(void *a0, void *a1, void *a2);
+
 	*(u32 *)0x89FF0000 = 0x200;
 	*(u32 *)0x89FF0004 = 0x2;
 
-	// Don't load pspemu params
-	MAKE_CALL(0x8860266C, loadParamsPatched);
+	u32 i;
+	for (i = 0; i < 0x4000; i += 4) {
+		u32 addr = 0x88600000 + i;
 
-	// Patch call to SysMem module_bootstart
-	_sw(0x02202021, 0x88602858); //move $a0, $s1
-	MAKE_CALL(0x88602854, PatchSysMem);
+		// Find sceBoot
+		if (_lw(addr) == 0x27BD01C0) {
+			sceBoot = (void *)(addr + 4);
+			continue;
+		}
+
+		// Don't load pspemu params
+		if (_lw(addr) == 0x240500CF) {
+			MAKE_CALL(addr + 4, loadParamsPatched);
+			continue;
+		}
 
-	// Patch call to LoadCore module_bootstart
-	_sw(0x00602021, 0x88602700); //move $a0, $v1
-	MAKE_JUMP(0x88602708, PatchLoadCore);
+		// Patch call to SysMem module_bootstart
+		if (_lw(addr) == 0x24040004) {
+			_sw(0x02202021, addr); //move $a0, $s1
+			MAKE_CALL(addr - 4, PatchSysMem);
+			continue;
+		}
 
-	// Patch sceKernelCheckPspConfig
-	MAKE_CALL(0x8860323C, sceKernelCheckPspConfigPatched);
+		// Patch call to LoadCore module_bootstart
+		if (_lw(addr) == 0x00600008) {
+			_sw(0x00602021, addr - 8); //move $a0, $v1
+			MAKE_JUMP(addr, PatchLoadCore);
+			continue;
+		}
 
-	// Patch sceKernelBootLoadFile
-	sceKernelBootLoadFile = (void *)0x88602210;
-	MAKE_CALL(0x88602E88, sceKernelBootLoadFilePatched);
+		// Patch sceKernelCheckPspConfig
+		if (_lw(addr) == 0x04400029) {
+			MAKE_CALL(addr - 8, sceKernelCheckPspConfigPatched);
+			continue;
+		}
+
+		// Patch sceKernelBootLoadFile
+		if (_lw(addr) == 0xAFBF0000 && _lw(addr + 8) == 0x00000000) {
+			sceKernelBootLoadFile = (void *)K_EXTRACT_CALL(addr + 4);
+			MAKE_CALL(addr + 4, sceKernelBootLoadFilePatched);
+			continue;
+		}
+	}
 
 	ClearCaches();
 

diff --git a/cef/rebootex/main.c b/cef/rebootex/main.c
@@ -50,12 +50,16 @@ void SetMemoryPartitionTablePatched(void *sysmem_config, SceSysmemPartTable *tab
 int PatchSysMem(void *a0, void *sysmem_config) {
 	int (* module_bootstart)(SceSize args, void *sysmem_config) = (void *)_lw((u32)a0 + 0x28);
 
-	// Patch to add new partition	
-	SetMemoryPartitionTable = (void *)0x88012258;
-	MAKE_CALL(0x880115E0, SetMemoryPartitionTablePatched);
-
-	// Fake as slim model
-	// _sw(1, sysmem_config + 0x14);
+	u32 i;
+	for (i = 0; i < 0x14000; i += 4) {
+		u32 addr = 0x88000000 + i;
+
+		// Patch to add new partition
+		if (_lw(addr) == 0x14600003) {
+			K_HIJACK_CALL(addr - 0x1C, SetMemoryPartitionTablePatched, SetMemoryPartitionTable);
+			continue;
+		}
+	}
 
 	ClearCaches();
 
@@ -75,9 +79,17 @@ int DecryptExecutablePatched(void *buf, int size, int *retSize) {
 int PatchLoadCore(int (* module_bootstart)(SceSize args, void *argp), void *argp) {
 	u32 text_addr = ((u32)module_bootstart) - 0xAF8;
 
-	// Allow custom modules
-	DecryptExecutable = (void *)text_addr + 0x77B4;
-	MAKE_CALL(text_addr + 0x5864, DecryptExecutablePatched);
+	u32 i;
+	for (i = 0; i < 0x8000; i += 4) {
+		u32 addr = text_addr + i;
+
+		// Allow custom modules
+		if (_lw(addr) == 0xAE2D0048) {
+			DecryptExecutable = (void *)K_EXTRACT_CALL(addr + 8);
+			MAKE_CALL(addr + 8, DecryptExecutablePatched);
+			break;
+		}
+	}
 
 	ClearCaches();
 
@@ -185,20 +197,37 @@ int sceKernelBootLoadFilePatched(BootFile *file, void *a1, void *a2, void *a3, v
 
 int _start(void *reboot_param, struct SceKernelLoadExecVSHParam *vsh_param, int api, int initial_rnd) __attribute__((section(".text.start")));
 int _start(void *reboot_param, struct SceKernelLoadExecVSHParam *vsh_param, int api, int initial_rnd) {
-	// Patch call to SysMem module_bootstart
-	_sw(0x02402021, 0x886024F8); //move $a0, $s2
-	MAKE_CALL(0x8860255C, PatchSysMem);
+	u32 i;
+	for (i = 0; i < 0x4000; i += 4) {
+		u32 addr = 0x88600000 + i;
+
+		// Patch call to SysMem module_bootstart
+		if (_lw(addr) == 0x24040004) {
+			_sw(0x02402021, addr); //move $a0, $s2
+			MAKE_CALL(addr + 0x64, PatchSysMem);
+			continue;
+		}
 
-	// Patch call to LoadCore module_bootstart
-	_sw(0x00602021, 0x8860241C); //move $a0, $v1
-	MAKE_JUMP(0x88602424, PatchLoadCore);
+		// Patch call to LoadCore module_bootstart
+		if (_lw(addr) == 0x00600008) {
+			_sw(0x00602021, addr - 8); //move $a0, $v1
+			MAKE_JUMP(addr, PatchLoadCore);
+			continue;
+		}
 
-	// Patch sceKernelCheckPspConfig
-	MAKE_CALL(0x88602C04, sceKernelCheckPspConfigPatched);
+		// Patch sceKernelCheckPspConfig
+		if (_lw(addr) == 0x04400022) {
+			MAKE_CALL(addr - 8, sceKernelCheckPspConfigPatched);
+			continue;
+		}
 
-	// Patch sceKernelBootLoadFile
-	sceKernelBootLoadFile = (void *)0x886020BC;
-	MAKE_CALL(0x886022FC, sceKernelBootLoadFilePatched);
+		// Patch sceKernelBootLoadFile
+		if (_lw(addr) == 0xAFBF0000 && _lw(addr + 8) == 0x00000000) {
+			sceKernelBootLoadFile = (void *)K_EXTRACT_CALL(addr + 4);
+			MAKE_CALL(addr + 4, sceKernelBootLoadFilePatched);
+			continue;
+		}
+	}
 
 	ClearCaches();
 

diff --git a/cef/systemctrl/binary.h b/cef/systemctrl/binary.h
@@ -19,7 +19,7 @@ static unsigned char binary[] __attribute__((aligned(16))) = {
 	0x00, 0x00, 0x00, 0x00, 0x08, 0x00, 0xe0, 0x03, 0x08, 0x00, 0xbd, 0x27, 0x00, 0x24, 0x04, 0x00, 
 	0xc0, 0xbf, 0x06, 0x3c, 0x34, 0x12, 0x02, 0x3c, 0xcc, 0xab, 0x03, 0x3c, 0x25, 0x20, 0x85, 0x00, 
 	0x00, 0x08, 0xc6, 0x34, 0x78, 0x56, 0x42, 0x34, 0xf8, 0xff, 0xbd, 0x27, 0x04, 0x00, 0x62, 0xac, 
-	0x00, 0x00, 0xc4, 0xac, 0x04, 0x00, 0xc3, 0xac, 0x00, 0x00, 0x65, 0xac, 0x08, 0x00, 0x63, 0xac, 
+	0x04, 0x00, 0xc3, 0xac, 0x00, 0x00, 0xc4, 0xac, 0x08, 0x00, 0x63, 0xac, 0x00, 0x00, 0x65, 0xac, 
 	0x04, 0x00, 0xbf, 0xaf, 0x23, 0x40, 0x00, 0x0c, 0x00, 0x00, 0x00, 0x00, 0x30, 0xbc, 0x04, 0x3c, 
 	0x50, 0x00, 0x84, 0x34, 0x00, 0x00, 0x83, 0x8c, 0x04, 0x00, 0xbf, 0x8f, 0xef, 0xff, 0x02, 0x24, 
 	0x24, 0x10, 0x62, 0x00, 0x10, 0x00, 0x63, 0x34, 0x00, 0x00, 0x82, 0xac, 0x08, 0x00, 0xbd, 0x27, 

diff --git a/cef/systemctrl/main.c b/cef/systemctrl/main.c
@@ -140,62 +140,121 @@ void PatchModuleMgr() {
 	SceModule2 *mod = sceKernelFindModuleByName661("sceModuleManager");
 	u32 text_addr = mod->text_addr;
 
-	// Patch to allow a full coverage of loaded modules
-	PrologueModule = (void *)text_addr + 0x8270;
-	MAKE_CALL(text_addr + 0x7158, PrologueModulePatched);
+	int i;
+	for (i = 0; i < mod->text_size; i += 4) {
+		u32 addr = text_addr + i;
+
+		if (_lw(addr) == 0xA4A60024) {
+			// Patch to allow a full coverage of loaded modules
+			PrologueModule = (void *)K_EXTRACT_CALL(addr - 4);
+			MAKE_CALL(addr - 4, PrologueModulePatched);
+			continue;
+		}
 
-	// Patch PartitionCheck
-	HIJACK_FUNCTION(text_addr + 0x811C, PartitionCheckPatched, PartitionCheck);
+		if (_lw(addr) == 0x27BDFFE0 && _lw(addr + 4) == 0xAFB10014) {
+			HIJACK_FUNCTION(addr, PartitionCheckPatched, PartitionCheck);
+			continue;
+		}
+	}
 
 	// Dummy patch for LEDA
-	MAKE_JUMP(sctrlHENFindImport("sceModuleManager", "ThreadManForKernel", 0x446D8DE6), sceKernelCreateThread);
+	MAKE_JUMP(sctrlHENFindImport(mod->modname, "ThreadManForKernel", 0x446D8DE6), sceKernelCreateThread);
 }
 
+
 void PatchLoadCore() {
 	SceModule2 *mod = sceKernelFindModuleByName661("sceLoaderCore");
 	u32 text_addr = mod->text_addr;
 
-	// Patch to allow homebrews
 	HIJACK_FUNCTION(K_EXTRACT_IMPORT(&sceKernelCheckExecFile661), sceKernelCheckExecFilePatched, _sceKernelCheckExecFile);
 	HIJACK_FUNCTION(K_EXTRACT_IMPORT(&sceKernelProbeExecutableObject661), sceKernelProbeExecutableObjectPatched, _sceKernelProbeExecutableObject);
 
-	// Allow custom modules
-	PspUncompress = (void *)text_addr + 0x55E4;
-	MAKE_CALL(text_addr + 0x4360, PspUncompressPatched);
+	int i;
+	for (i = 0; i < mod->text_size; i += 4) {
+		u32 addr = text_addr + i;
+
+		// Allow custom modules
+		if (_lw(addr) == 0x1440FF55) {
+			PspUncompress = (void *)K_EXTRACT_CALL(addr - 8);
+			MAKE_CALL(addr - 8, PspUncompressPatched);
+			continue;
+		}
 
-	// Patch relocation check in switch statement (7 -> 0)
-	_sw(_lw(text_addr + 0x7F10), text_addr + 0x7F2C);
+		// Patch relocation check in switch statement (7 -> 0)
+		if (_lw(addr) == 0x00A22021) {
+			u32 high = (((u32)_lh(addr - 0xC)) << 16);
+			u32 low = ((u32)_lh(addr - 0x4));
 
-	// Allow kernel modules to have syscall imports
-	_sw(0x3C090000, text_addr + 0x3D70);
+			if (low & 0x8000) high -= 0x10000;
 
-	// Allow lower devkit version
-	_sw(0x1000FFCB, text_addr + 0x6AD0);
+			u32 *RelocationTable = (u32 *)(high | low);
 
-	// Allow higher devkit version
-	_sw(0, text_addr + 0x7308);
+			RelocationTable[7] = RelocationTable[0];
 
-	// Patch to resolve NIDs
-	_sw(0x02203021, text_addr + 0x3A40); //move $a2, $s1
-	search_nid_in_entrytable = (void *)text_addr + 0xEA8;
-	MAKE_CALL(text_addr + 0x3A44, search_nid_in_entrytable_patched);
-	_sw(0x02403821, text_addr + 0x3A48); //move $a3, $s2
-	_sw(0, text_addr + 0x3BAC);
-	_sw(0, text_addr + 0x3BB4);
+			continue;
+		}
+
+		// Allow kernel modules to have syscall imports
+		if (_lw(addr) == 0x30894000) {
+			_sw(0x3C090000, addr);
+			continue;
+		}
 
-	// Patch to undo prometheus patches
-	HIJACK_FUNCTION(text_addr + 0x3BB8, aLinkLibEntriesPatched, aLinkLibEntries);
+		// Allow lower devkit version
+		if (_lw(addr) == 0x14A0FFCB) {
+			_sh(0x1000, addr + 2);
+			continue;
+		}
 
-	// Patch call to init module_bootstart
-	MAKE_CALL(text_addr + 0x1A28, PatchInit);
-	_sw(0x02E02021, text_addr + 0x1A2C); //move $a0, $s7
+		// Allow higher devkit version
+		if (_lw(addr) == 0x14C0FFDF) {
+			_sw(0, addr);
+			continue;
+		}
 
-	// Restore original call
-	MAKE_CALL(text_addr + 0x5864, FindProc("sceMemlmd", "memlmd", 0xEF73E85B));
+		// Patch to resolve NIDs
+		if (_lw(addr) == 0x8D450000) {
+			_sw(0x02203021, addr + 4); //move $a2, $s1
+			search_nid_in_entrytable = (void *)K_EXTRACT_CALL(addr + 8);
+			MAKE_CALL(addr + 8, search_nid_in_entrytable_patched);
+			_sw(0x02403821, addr + 0xC); //move $a3, $s2
+			continue;
+		}
 
-	// Find removed nids
-	LoadCoreForKernel_nids[0].function = (void *)text_addr + 0x73B0;
-	LoadCoreForKernel_nids[1].function = (void *)text_addr + 0x73F0;
+		if (_lw(addr) == 0xADA00004) {
+			// Patch to resolve NIDs
+			_sw(0, addr);
+			_sw(0, addr + 8);
+
+			// Patch to undo prometheus patches
+			HIJACK_FUNCTION(addr + 0xC, aLinkLibEntriesPatched, aLinkLibEntries);
+
+			continue;
+		}
+
+		// Patch call to init module_bootstart
+		if (_lw(addr) == 0x02E0F809) {
+			MAKE_CALL(addr, PatchInit);
+			_sw(0x02E02021, addr + 4); //move $a0, $s7
+			continue;
+		}
+
+		// Restore original call
+		if (_lw(addr) == 0xAE2D0048) {
+			MAKE_CALL(addr + 8, FindProc("sceMemlmd", "memlmd", 0xEF73E85B));
+			continue;
+		}
+
+		if (_lw(addr) == 0x40068000 && _lw(addr + 4) == 0x7CC51180) {
+			LoadCoreForKernel_nids[0].function = (void *)addr;
+			continue;
+		}
+
+		if (_lw(addr) == 0x40068000 && _lw(addr + 4) == 0x7CC51240) {
+			LoadCoreForKernel_nids[1].function = (void *)addr;
+			continue;
+		}
+	}
 }
 
 void PatchSysmem() {
@@ -423,7 +482,7 @@ int OnModuleStart(SceModule2 *mod) {
 }
 
 int module_start(SceSize args, void *argp) {
-	PatchSysmem();
+	// PatchSysmem();
 	PatchLoadCore();
 	PatchInterruptMgr();
 	PatchIoFileMgr();