int map_path_user(char *oldpath, char *newpath, uint32_t flags)
{
char *oldp, *newp;
#ifdef DEBUG
DPRINTF("map_path_user, called by process %s: %s -> %s\n", get_process_name(get_current_process_critical()), oldpath, newpath);
#endif
if (oldpath == 0) return -1;
int ret = pathdup_from_user(get_secure_user_ptr(oldpath), &oldp);
if (ret != 0) return ret;
if (newpath == 0) newp = NULL;
else
{
ret = pathdup_from_user(get_secure_user_ptr(newpath), &newp);
if (ret != 0)
{
dealloc(oldp, 0x27);
return ret;
}
}
ret = map_path(oldp, newp, flags | FLAG_COPY);
dealloc(oldp, 0x27);
if (newp) dealloc(newp, 0x27);
return ret;
}
int sys_psp_set_umdfile(char *file, char *id, int prometheus)
{
int ret;
file = get_secure_user_ptr(file);
id = get_secure_user_ptr(id);
if (file == NULL)
{
if (umd_file)
{
dealloc(umd_file, 0x27);
umd_file = NULL;
}
if (mutex)
{
if (user_mutex)
user_mutex = 0;
else
mutex_destroy(mutex);
mutex = NULL;
}
if (patches_backup)
{
for (int i = 0; patches_backup[i].offset != 0; i++)
copy_to_process(vsh_process, &patches_backup[i].data, (void *)(uint64_t)(0x10000+patches_backup[i].offset), 4);
dealloc(patches_backup, 0x27);
patches_backup = NULL;
}
condition_psp_iso = 0;
condition_psp_dec = 0;
condition_psp_keys = 0;
condition_psp_prometheus = 0;
return 0;
}
strncpy(psp_id, id, 10);
psp_id[10] = 0;
if (strlen(psp_id) != 10)
return EINVAL;
ret = pathdup_from_user(file, &umd_file);
if (ret != 0)
return ret;
condition_psp_iso = 1;
condition_psp_prometheus = prometheus;
#ifdef DEBUG
if (prometheus)
DPRINTF("Using prometheus patch.\n");
#endif
if (!patches_backup)
{
switch(vsh_check)
{
case VSH_HASH:
#ifdef DEBUG
DPRINTF("Now patching PSP DRM In Retail VSH..\n");
#endif
patches_backup = alloc(sizeof(psp_drm_patches), 0x27);
memcpy(patches_backup, &psp_drm_patches, sizeof(psp_drm_patches));
for (int i = 0; psp_drm_patches[i].offset != 0; i++)
{
#ifdef DEBUG
DPRINTF("Offset: 0x%08X | Data: 0x%08X\n", (uint32_t)psp_drm_patches[i].offset, (uint32_t)psp_drm_patches[i].data);
#endif
copy_from_process(vsh_process, (void *)(uint64_t)(0x10000+patches_backup[i].offset), &patches_backup[i].data, 4);
if (copy_to_process(vsh_process, &psp_drm_patches[i].data, (void *)(uint64_t)(0x10000+psp_drm_patches[i].offset), 4) != 0)
fatal("copy_to_process failed, you forgot to make vsh text writable, retard!\n");
}
break;
default:
#ifdef DEBUG
DPRINTF("Unknown VSH HASH, PSP DRM was not patched!\n");
#endif
break;
}
}
return 0;
}
int sys_psp_set_umdfile(char *file, char *id, int prometheus)
{
if(vsh_offset == 0)
return EINVAL;
int ret;
file = get_secure_user_ptr(file);
id = get_secure_user_ptr(id);
if (file == NULL)
{
if (umd_file)
{
dealloc(umd_file, 0x27);
umd_file = NULL;
}
if (mutex)
{
if (user_mutex)
{
user_mutex = 0;
}
else
{
mutex_destroy(mutex);
}
mutex = NULL;
}
if (patches_backup)
{
#ifdef DEBUG
DPRINTF("[PSP VSH PATCHES] Restore original data\n");
#endif
for (int i = 0; patches_backup[i].offset != 0; i++)
{
lv1_pokew(patches_backup[i].offset, patches_backup[i].data);
#ifdef DEBUG
DPRINTF("%d) poke 0x%x at address 0x%x\n", i + 1, patches_backup[i].data, patches_backup[i].offset);
#endif
}
dealloc(patches_backup, 0x27);
patches_backup = NULL;
}
condition_psp_iso = 0;
condition_psp_dec = 0;
condition_psp_keys = 0;
condition_psp_prometheus = 0;
return 0;
}
strncpy(psp_id, id, 10);
psp_id[10] = 0;
if (strlen(psp_id) != 10)
return EINVAL;
ret = pathdup_from_user(file, &umd_file);
if (ret != 0)
return ret;
condition_psp_iso = 1;
condition_psp_prometheus = prometheus;
#ifdef DEBUG
if (prometheus)
{
DPRINTF("Using prometheus patch.\n");
}
#endif
if(get_psp_patches())
return EINVAL;
if (!patches_backup)
{
patches_backup = alloc(sizeof(psp_drm_patches), 0x27);
memcpy(patches_backup, &psp_drm_patches, sizeof(psp_drm_patches));
#ifdef DEBUG
DPRINTF("Making patches..\n");
#endif
for (int i = 0; psp_drm_patches[i].offset != 0; i++)
{
patches_backup[i].data = lv1_peekw(patches_backup[i].offset);
lv1_pokew(psp_drm_patches[i].offset, psp_drm_patches[i].data);
#ifdef DEBUG
DPRINTF("Offset: 0x%08X | Poked Data: 0x%08X | Original Data: 0x%08X\n", (uint32_t)psp_drm_patches[i].offset, (uint32_t)psp_drm_patches[i].data, (uint32_t)patches_backup[i].data);
#endif
}
}
return 0;
}
int sys_psp_set_umdfile(char *file, char *id, int prometheus)
{
int ret;
file = get_secure_user_ptr(file);
id = get_secure_user_ptr(id);
if (file == NULL)
{
if (umd_file)
{
dealloc(umd_file, 0x27);
umd_file = NULL;
}
if (mutex)
{
if (user_mutex)
{
user_mutex = 0;
}
else
{
mutex_destroy(mutex);
}
mutex = NULL;
}
if (patches_backup)
{
for (int i = 0; patches_backup[i].offset != 0; i++)
{
copy_to_process(vsh_process, &patches_backup[i].data, (void *)(uint64_t)(0x10000+patches_backup[i].offset), 4);
}
dealloc(patches_backup, 0x27);
patches_backup = NULL;
}
condition_psp_iso = 0;
condition_psp_dec = 0;
condition_psp_keys = 0;
condition_psp_prometheus = 0;
return 0;
}
strncpy(psp_id, id, 10);
psp_id[10] = 0;
if (strlen(psp_id) != 10)
return EINVAL;
ret = pathdup_from_user(file, &umd_file);
if (ret != 0)
return ret;
condition_psp_iso = 1;
condition_psp_prometheus = prometheus;
#ifdef DEBUG
if (prometheus)
{
DPRINTF("Using prometheus patch.\n");
}
#endif
if (!patches_backup)
{
switch(vsh_check)
{
case VSH_HASH:
DPRINTF("Now patching PSP DRM into spoofed DEBUG VSH..\n");
patches_backup = alloc(sizeof(psp_drm_patches), 0x27);
memcpy(patches_backup, &psp_drm_patches, sizeof(psp_drm_patches));
for (int i = 0; psp_drm_patches[i].offset != 0; i++)
{
DPRINTF("Offset: 0x%08X | Data: 0x%08X\n", (uint32_t)psp_drm_patches[i].offset, (uint32_t)psp_drm_patches[i].data);
copy_from_process(vsh_process, (void *)(uint64_t)(0x10000+patches_backup[i].offset), &patches_backup[i].data, 4);
if (copy_to_process(vsh_process, &psp_drm_patches[i].data, (void *)(uint64_t)(0x10000+psp_drm_patches[i].offset), 4) != 0)
{
fatal("copy_to_process failed, you forgot to make spoofed DEBUG VSH text writable, retard!\n");
}
}
break;
case VSH_NRM_HASH:
DPRINTF("Now patching PSP DRM into normal DEBUG VSH..\n");
patches_backup = alloc(sizeof(psp_drm_patches), 0x27);
memcpy(patches_backup, &psp_drm_patches, sizeof(psp_drm_patches));
for (int i = 0; psp_drm_patches[i].offset != 0; i++)
{
DPRINTF("Offset: 0x%08X | Data: 0x%08X\n", (uint32_t)psp_drm_patches[i].offset, (uint32_t)psp_drm_patches[i].data);
copy_from_process(vsh_process, (void *)(uint64_t)(0x10000+patches_backup[i].offset), &patches_backup[i].data, 4);
if (copy_to_process(vsh_process, &psp_drm_patches[i].data, (void *)(uint64_t)(0x10000+psp_drm_patches[i].offset), 4) != 0)
{
fatal("copy_to_process failed, you forgot to make normal DEBUG VSH text writable, retard!\n");
}
}
break;
case VSH_CEX_HASH:
DPRINTF("Now patching PSP DRM into spoofed RETAIL VSH..\n");
patches_backup = alloc(sizeof(cex_psp_drm_patches), 0x27);
memcpy(patches_backup, &cex_psp_drm_patches, sizeof(cex_psp_drm_patches));
for (int i = 0; cex_psp_drm_patches[i].offset != 0; i++)
{
DPRINTF("Offset: 0x%08X | Data: 0x%08X\n", (uint32_t)cex_psp_drm_patches[i].offset, (uint32_t)cex_psp_drm_patches[i].data);
copy_from_process(vsh_process, (void *)(uint64_t)(0x10000+patches_backup[i].offset), &patches_backup[i].data, 4);
if (copy_to_process(vsh_process, &cex_psp_drm_patches[i].data, (void *)(uint64_t)(0x10000+cex_psp_drm_patches[i].offset), 4) != 0)
{
fatal("copy_to_process failed, you forgot to make spoofed RETAIL VSH text writable, retard!\n");
}
}
break;
default:
DPRINTF("WARNING: Unknown VSH loaded.\n Cannot patch PSP DRM into vsh.self\n");
break;
}
}
return 0;
}
