static void finalize_module(void)
{
uint64_t meminfo[5];
sys_prx_id_t prx = prx_get_module_id_by_address(finalize_module);
meminfo[0] = 0x28;
meminfo[1] = 2;
meminfo[3] = 0;
system_call_3(482, prx, 0, (uint64_t)(uint32_t)meminfo);
}
/***********************************************************************
* ring buzzer
***********************************************************************/
void buzzer(uint8_t mode)
{
uint16_t param = 0;
switch(mode)
{
case 1: param = 0x0006; break; // single beep
case 2: param = 0x0036; break; // double beep
case 3: param = 0x01B6; break; // triple beep
case 4: param = 0x0FFF; break; // continuous beep, gruesome!!!
}
system_call_3(392, 0x1007, 0xA, param);
}
int ps3mapi_get_current_process(process_t process)
{
system_call_3(8, SYSCALL8_OPCODE_PS3MAPI, PS3MAPI_OPCODE_GET_CURRENT_PROC, (uint64_t)((uint32_t)process));
return_to_user_prog(int);
}
int ps3mapi_get_all_processes_pid(process_id_t *pid_list)
{
system_call_3(8, SYSCALL8_OPCODE_PS3MAPI, PS3MAPI_OPCODE_GET_ALL_PROC_PID, (uint64_t)((uint32_t)pid_list));
return_to_user_prog(int);
}
int ps3mapi_get_fw_type(char *fw)
{
system_call_3(8, (uint64_t)SYSCALL8_OPCODE_PS3MAPI, (uint64_t)PS3MAPI_OPCODE_GET_FW_TYPE, (uint64_t)((uint32_t)fw));
return_to_user_prog(int);
}
int ring_buzzer_triple(void)
{
system_call_3(392, 0x1004, 0xa, 0x1b6);
return_to_user_prog(int);
}
int ring_buzzer_double(void)
{
system_call_3(392, 0x1004, 0x7, 0x36);
return_to_user_prog(int);
}
int ring_buzzer_simple(void)
{
system_call_3(392, 0x1004, 0x4, 0x6);
return_to_user_prog(int);
}
int ps3_soft_restart(void)
{
cellFsUnlink((char*)"/dev_hdd0/tmp/turnoff");
system_call_3(379, 0x200 , NULL, 0);
return_to_user_prog(int);
}
int ps3mapi_get_psid(uint64_t *psid)
{
system_call_3(8, SYSCALL8_OPCODE_PS3MAPI, PS3MAPI_OPCODE_GET_PSID, (uint64_t)((uint32_t)psid));
return_to_user_prog(int);
}
int ps3mapi_get_idps(uint64_t *idps)
{
system_call_3(8, SYSCALL8_OPCODE_PS3MAPI, PS3MAPI_OPCODE_GET_IDPS, (uint64_t)((uint32_t)idps));
return_to_user_prog(int);
}
int ps3mapi_pdisable_syscall8(int mode)
{
system_call_3(8, SYSCALL8_OPCODE_PS3MAPI, PS3MAPI_OPCODE_PDISABLE_SYSCALL8, (uint64_t)mode);
return_to_user_prog(int);
}
int ps3mapi_disable_syscall(int num)
{
system_call_3(8, SYSCALL8_OPCODE_PS3MAPI, PS3MAPI_OPCODE_DISABLE_SYSCALL, (uint64_t)num);
return_to_user_prog(int);
}
int ps3mapi_check_syscall(int num)
{
system_call_3(8, SYSCALL8_OPCODE_PS3MAPI, PS3MAPI_OPCODE_CHECK_SYSCALL, (uint64_t)num);
return_to_user_prog(int);
}
int ps3mapi_unload_vsh_plugin(char *name)
{
system_call_3(8, SYSCALL8_OPCODE_PS3MAPI, PS3MAPI_OPCODE_UNLOAD_VSH_PLUGIN, (uint64_t)((uint32_t)name));
return_to_user_prog(int);
}
void load_payload(void)
{
char *ptr, *ptr2;
unsigned long long addr, value;
int patches = 0;
#ifdef USE_MEMCPY_SYSCALL
/* This does not work on some PS3s */
pokeq(NEW_POKE_SYSCALL_ADDR, 0x4800000428250000ULL);
pokeq(NEW_POKE_SYSCALL_ADDR + 8, 0x4182001438a5ffffULL);
pokeq(NEW_POKE_SYSCALL_ADDR + 16, 0x7cc428ae7cc329aeULL);
pokeq(NEW_POKE_SYSCALL_ADDR + 24, 0x4bffffec4e800020ULL);
#ifdef WITH_PL3
system_call_3(NEW_POKE_SYSCALL, 0x800000000000ef48ULL, (unsigned long long) &&_binary_payload_pl3_payload_bin_start,
(uint64_t) & _binary_payload_pl3_payload_bin_size);
#else
system_call_3(new_poke_syscall, 0x80000000002be4a0ULL,
(unsigned long long) &_binary_payload_syscall36_payload_bin_start,
(uint64_t) & _binary_payload_syscall36_payload_bin_size);
#endif
/* restore syscall */
remove_new_poke();
pokeq(NEW_POKE_SYSCALL_ADDR + 16, 0xebc2fe287c7f1b78);
pokeq(NEW_POKE_SYSCALL_ADDR + 24, 0x3860032dfba100e8);
#else
/* WARNING!! It supports only payload with a size multiple of 4 */
uint32_t i;
#ifdef WITH_PL3
uint64_t *pl64 = (uint64_t *) (uint64_t) & _binary_payload_pl3_payload_bin_start;
for (i = 0; i < (uint64_t) & _binary_payload_pl3_payload_bin_size / sizeof(uint64_t); i++) {
pokeq(0x800000000000ef48ULL + i * sizeof(uint64_t), *pl64++);
}
if ((uint64_t) & _binary_payload_pl3_payload_bin_size % sizeof(uint64_t)) {
pokeq32(0x800000000000ef48ULL + i * sizeof(uint64_t), (uint32_t) * pl64);
}
#else
uint64_t *pl64 = (uint64_t *) (uint64_t) & _binary_payload_syscall36_payload_bin_start;
for (i = 0; i < (uint64_t) & _binary_payload_syscall36_payload_bin_size / sizeof(uint64_t); i++) {
pokeq(0x80000000002be4a0ULL + i * sizeof(uint64_t), *pl64++);
}
if ((uint64_t) & _binary_payload_syscall36_payload_bin_size % sizeof(uint64_t)) {
pokeq(0x80000000002be4a0ULL + i * sizeof(uint64_t), (uint32_t) * pl64);
}
#endif
#endif
#ifdef WITH_PL3
char *tmp = strtok((char *) &_binary_payload_pl3_patch_txt_start, "\n");
#else
char *tmp = strtok((char *) &_binary_payload_syscall36_patch_txt_start, "\n");
#endif
do {
ptr = strchr(tmp, '#');
if (ptr)
*ptr = 0;
ptr = tmp;
while (*ptr == ' ' || *ptr == '\t')
ptr++;
if (!strchr("0123456789abcdefABCDEF", *ptr))
continue;
addr = strtoull(ptr, &ptr, 16);
if (*ptr != ':')
continue;
else
ptr++;
while (*ptr == ' ' || *ptr == '\t')
ptr++;
if (!strchr("0123456789abcdefABCDEF", *ptr))
continue;
ptr2 = ptr;
value = strtoull(ptr, &ptr, 16);
patches++;
if (ptr - ptr2 == 8) {
_poke32(addr, value);
} else if (ptr - ptr2 == 16) {
_poke(addr, value);
} else
patches--;
}
while ((tmp = strtok(NULL, "\n")));
}
