int main(int argc, char *argv[]) { SceUID mod; char s[255]; int r; int SDCB1, SDCB2; sceKernelDelayThread(7000000); mod = pspSdkLoadStartModule("ms0:/seplugins/deemerd.prx", PSP_MEMORY_PARTITION_KERNEL); if (mod < 0) { sprintf(s, "Error 0x%08X loading/starting deemerd.prx.\n", mod); debugIssueError(s); } SDCB1 = sceKernelCreateCallback("SaveDataStartCallback", hcDeemerCapturedSDParamsCallback, NULL ); SDCB2 = sceKernelCreateCallback("SaveDataGetStatusCallback", hcDeemerSavedataGetStatusCallback, NULL ); hcDeemerDriverSetupCallbackCapturedSDParams(SDCB1, SDCB2); r = hcDeemerDriverPatchSavedataInitStart(); sceKernelSleepThreadCB(); return 0; }
// Callback thread int CallbackThread(SceSize args, void *argp) { int cbid; cbid = sceKernelCreateCallback("Exit Callback", (void *) exit_callback, NULL); sceKernelRegisterExitCallback(cbid); cbid = sceKernelCreateCallback("Power Callback", (void *) power_callback, NULL); scePowerRegisterCallback(0, cbid); sceKernelSleepThreadCB(); return 0; }
// Thread to create the callbacks and then begin polling int CallbackThread (int args, void *argp) { int cbid; cbid = sceKernelCreateCallback ("Exit Callback", (SceKernelCallbackFunction)ExitCallback, NULL); sceKernelRegisterExitCallback (cbid); cbid = sceKernelCreateCallback ("Power Callback", (SceKernelCallbackFunction)PowerCallback, NULL); scePowerRegisterCallback (0, cbid); sceKernelSleepThreadCB (); }
int psp_callback_thread(SceSize args, void *argp) { int cid; cid = sceKernelCreateCallback("Exit Call Back", psp_exit_callback, NULL); sceKernelRegisterExitCallback(cid); cid = sceKernelCreateCallback("Power Call Back", psp_power_callback, NULL); //scePowerRegisterCallback(0,cid); sceKernelSleepThreadCB(); return 0; }
void PowerCallback (int unknown, int pwrflags) { if (pwrflags & PSP_POWER_CB_HOLD_SWITCH) { extern bool8 g_bShowProfilerIno; g_bShowProfilerInfo = (! g_bShowProfilerInfo); } if (pwrflags & PSP_POWER_CB_POWER_SWITCH){ if (g_bROMLoaded) { scePowerSetClockFrequency (222, 222, 111); S9xSetSoundMute (TRUE); g_bSleep = true; save_config (); Memory.SaveSRAM (S9xGetFilename ("srm")); } } else if (pwrflags & PSP_POWER_CB_RESUME_COMPLETE) { g_bSleep = false; } if (pwrflags & PSP_POWER_CB_BATTERY_LOW){ scePowerSetClockFrequency (222,222,111); S9xSetInfoString ("WARNING: PSP Battery is Low! (Automatically Throttling CPU)"); } int cbid; cbid = sceKernelCreateCallback ("Power Callback", (SceKernelCallbackFunction)PowerCallback, NULL); scePowerRegisterCallback (0, cbid); }
/* Callback thread */ static int callback_thread(SceSize args, void *argp) { int cbid; lprintf("callback_thread started with id %08x, priority %i\n", sceKernelGetThreadId(), sceKernelGetThreadCurrentPriority()); cbid = sceKernelCreateCallback("Exit Callback", exit_callback, NULL); sceKernelRegisterExitCallback(cbid); cbid = sceKernelCreateCallback("Power Callback", power_callback, NULL); scePowerRegisterCallback(0, cbid); sceKernelSleepThreadCB(); return 0; }
static int xCallbackThread(SceSize args, void *argp) { int cbid = sceKernelCreateCallback("xExitCallback", xExitCallback, 0); sceKernelRegisterExitCallback(cbid); sceKernelSleepThreadCB(); return 0; }
extern "C" int main(int argc, char *argv[]) { SceUID cb = sceKernelCreateCallback("refer", &cbFunc, (void *)0xDEADBEEF); SceKernelCallbackInfo info; info.size = sizeof(info); // Crashes. //testRefer("NULL info", cb, NULL); testRefer("Normal", cb, &info); checkpointNext("Sizes:"); int sizes[] = {0, 1, 2, 4, 8, 44, 48, 52, 56, 60, 64, 68, 72, 128, 256, 1024, 0xFF00, 0xFF0000, 0x80000001, 0xCCCCCCCC, 0xFFFFFFFF}; int i, result; for (i = 0; i < sizeof(sizes) / sizeof(sizes[0]); ++i) { info.size = sizes[i]; result = sceKernelReferCallbackStatus(cb, &info); checkpoint(" %08x => %08x (result=%08x)", sizes[i], info.size, result); } sceKernelDeleteCallback(cb); info.size = sizeof(info); checkpointNext("Objects:"); testRefer("NULL", 0, &info); testRefer("Invalid", 0xDEADBEEF, &info); testRefer("Deleted", cb, &info); return 0; }
/* Callback thread */ int CallbackThread(SceSize args, void *argp) { int cbid = sceKernelCreateCallback("Exit Callback", exit_callback, NULL); sceKernelRegisterExitCallback(cbid); sceKernelSleepThreadCB(); return 0; }
static int update_thread (SceSize args, void *argp) { int cbid = sceKernelCreateCallback("Exit Callback", exit_callback, (void *) 0); sceKernelRegisterExitCallback(cbid); sceKernelSleepThreadCB(); return 0; }
/* Callback thread */ int CallbackThread(SceSize /*size*/, void *arg) { int cbid; cbid = sceKernelCreateCallback("Exit Callback", (SceKernelCallbackFunction)exit_callback, NULL); sceKernelRegisterExitCallback(cbid); /* Set up callbacks for PSPIoStream */ cbid = sceKernelCreateCallback("Power Callback", (SceKernelCallbackFunction)power_callback, 0); if (cbid >= 0) { if (scePowerRegisterCallback(-1, cbid) < 0) { PSP_ERROR("Couldn't register callback for power_callback\n"); } } else { PSP_ERROR("Couldn't create a callback for power_callback\n"); } sceKernelSleepThreadCB(); return 0; }
int callbacks_thread(unsigned int, void*) { int id; id = sceKernelCreateCallback("exit_cb", callbacks_exit, NULL); sceKernelRegisterExitCallback(id); sceKernelSleepThreadCB(); return 0; }
int main(int argc, char **argv) { SceUID cb_id; cb_id = sceKernelCreateCallback("MSCB", ms_callback, (void *)0x777); printf("cb_id: %08X\n", (cb_id > 0) ? 1 : 0); printf("MScmRegisterMSInsertEjectCallback: %08X\n", MScmRegisterMSInsertEjectCallback(cb_id)); printf("sceKernelCheckCallback: %08X\n", sceKernelCheckCallback()); printf("MScmUnregisterMSInsertEjectCallback: %08X\n", MScmUnregisterMSInsertEjectCallback(cb_id)); printf("sceKernelDeleteCallback: %08X\n", sceKernelDeleteCallback(cb_id)); return 0; }
// this function gets called by PspThread when starting the new thread void MasterGuRenderer::threadFunction() { DEBUG_ENTER_FUNC(); // Create the callback. It should always get the pointer to MasterGuRenderer _callbackId = sceKernelCreateCallback("Display Callback", guCallback, this); if (_callbackId < 0) { PSP_ERROR("failed to create display callback\n"); } PSP_DEBUG_PRINT("created callback. Going to sleep\n"); sceKernelSleepThreadCB(); // sleep until we get a callback }
/* Callback thread */ int CallbackThread(SceSize args, void *argp) { int cbid; printf("\nCallback Thread Status:\n"); dump_threadstatus(); cbid = sceKernelCreateCallback("Exit Callback", exit_callback, NULL); sceKernelRegisterExitCallback(cbid); sceKernelSleepThreadCB(); return 0; }
/* Callback thread */ int CallbackThread(SceSize args, void *argp) { int cbid; //SceKernelThreadInfo info; //info.size = sizeof(SceKernelThreadInfo); //sceKernelReferThreadStatus (0, &info); //printf("thread '%-12s' sp %p w %08x START\n", info.name, info.stack, info.waitId); cbid = sceKernelCreateCallback("Exit Callback", exit_callback, NULL); sceKernelRegisterExitCallback(cbid); sceKernelSleepThreadCB(); return 0; }
int main(int argc, char **argv) { int umdCbCallbackId; int result; umdCbCallbackId = sceKernelCreateCallback("umdHandler", umdHandler, (void *)0x1234); result = sceUmdRegisterUMDCallBack(umdCbCallbackId); printf("%08X\n", result); printf("%d\n", sceKernelCheckCallback()); result = sceUmdUnRegisterUMDCallBack(umdCbCallbackId); printf("%08X\n", result); result = sceUmdUnRegisterUMDCallBack(umdCbCallbackId); printf("%08X\n", result); return 0; }
// Power callback int power_callback(int unknown, int pwrflags) { int cbid; if (pwrflags & POWER_CB_POWER || pwrflags & POWER_CB_SUSPEND || pwrflags & POWER_CB_EXT) { // Put game in paused state if game is running if (_gameState == GAME_RUNNING) { HandlePauseGame(); } else if (_gameState == GAME_CONTINUE) { // If game is in continue state, wait until it enters the running state // before pausing. Game is only in continue state for about 1 second, // and it cannot be paused from this sate while (_gameState == GAME_CONTINUE ) { sceKernelDelayThread(1000); } HandlePauseGame(); } } // Re-register power callback so it executes again the next time a power event occurs. cbid = sceKernelCreateCallback("Power Callback", (void *) power_callback, NULL); scePowerRegisterCallback(0, cbid); return 0; }
static int hookEntry(SceSize args, void *argp) { SceKernelSemaInfo info; globals_t *globals; SceUID uid; int res; uid = sceKernelGetThreadId(); globals = getGlobals(); sceKernelLockMutexCB(globals->threadmgrMutex, 1, NULL); info.size = sizeof(info); res = sceKernelGetSemaInfo(globals->threadmgrSema, &info); if (res) goto fail; while (globals->threadmgrTable[info.currentCount].uid != uid) { if (info.currentCount >= info.maxCount) { res = SCE_KERNEL_ERROR_ERROR; goto fail; } info.currentCount++; } globals->threadmgrTable[info.currentCount].exitDeleteCb = sceKernelCreateCallback("vhlUserExitDeleteCb", 0, exitDeleteCb, NULL); sceKernelUnlockMutex(globals->threadmgrMutex, 1); return globals->threadmgrTable[info.currentCount].entry(args, argp); fail: sceKernelUnlockMutex(globals->threadmgrMutex, 1); return res; }
int main(int argc, char *argv[]) { SceCtrlData pad; int result; int oldButtons = 0; int cbid = -1; int waitStatThid = -1; pspDebugScreenInit(); if (argc > 0) { printf("Bootpath: %s\n", argv[0]); } printf("Triangle - Exit\n"); printf("Left - sceUmdActivate\n"); printf("Right - sceUmdDeactivate\n"); printf("Cross - Delay CB\n"); printf("Circle - Display umd info\n"); printf("Square - Refer umd callback\n"); printf("L-Trigger - IO test\n"); printf("R-Trigger - Start/Stop wait stat test\n"); SetupCallbacks(); sceCtrlSetSamplingCycle(0); sceCtrlSetSamplingMode(PSP_CTRL_MODE_ANALOG); { printUmdInfo(); // result: // callback events are generated if we launch from iso or immediately after psplink has reset cbid = sceKernelCreateCallback("UMD Callback (not active)", umd_callback, (void*)0x34343434); result = sceUmdRegisterUMDCallBack(cbid); printf("sceUmdRegisterUMDCallBack result %08X\n", result); // Register a second UMD callback: it will overwrite the first one. cbid = sceKernelCreateCallback("UMD Callback", umd_callback, (void*)0x11111111); result = sceUmdRegisterUMDCallBack(cbid); printf("sceUmdRegisterUMDCallBack result %08X\n", result); } while (!done) { sceCtrlReadBufferPositive(&pad, 1); // context switch in here //sceCtrlPeekBufferPositive(&pad, 1); // no context switch version int buttonDown = (oldButtons ^ pad.Buttons) & pad.Buttons; if (buttonDown & PSP_CTRL_LEFT) { result = sceUmdActivate(1, "disc0:"); printf("sceUmdActivate result %08x\n", result); } if (buttonDown & PSP_CTRL_RIGHT) { result = sceUmdDeactivate(1, "disc0:"); printf("sceUmdDeactivate result %08x\n", result); } if (buttonDown & PSP_CTRL_CROSS) { printf("sceKernelDelayThreadCB ...\n"); sceKernelDelayThreadCB(10000); } if (buttonDown & PSP_CTRL_CIRCLE) { printUmdInfo(); } if (buttonDown & PSP_CTRL_SQUARE) { SceKernelCallbackInfo info; memset(&info, 0xee, sizeof(info)); info.size = sizeof(info); result = sceKernelReferCallbackStatus(cbid, &info); printf("sceKernelReferCallbackStatus result %08x\n", result); printf(" size %d (%d)\n", info.size, sizeof(info)); printf(" name '%s'\n", info.name); printf(" threadId %08x (%08x)\n", info.threadId, sceKernelGetThreadId()); printf(" callback %p common %p\n", info.callback, info.common); printf(" notifyCount %08x\n", info.notifyCount); printf(" notifyArg %08x\n", info.notifyArg); } if (buttonDown & PSP_CTRL_LTRIGGER) { test_io(); } if (buttonDown & PSP_CTRL_RTRIGGER) { if (waitStatThid >= 0) { printf("Cleaning up wait stat test ...\n"); referThread(waitStatThid); result = sceUmdCancelWaitDriveStat(); printf("sceUmdCancelWaitDriveStat result %08x\n", result); referThread(waitStatThid); result = sceKernelDeleteThread(waitStatThid); printf("sceKernelDeleteThread result %08x\n", result); //result = sceKernelTerminateDeleteThread(waitStatThid); //printf("sceKernelTerminateDeleteThread result %08x\n", result); waitStatThid = -1; } else { printf("Starting wait stat test ...\n"); // test timeout: // Press Right (deactivate UMD) // Press R-Trigger: // - Press R-Trigger again before 3 seconds: // 0x800201a9 wait cancelled // - Or wait 3 seconds: // 0x800201a8 wait timeout struct WaitStatParams params = { 0x20, 3000000 }; // test internal workings: // - (wantStat & curStat) == wantStat // - (wantStat & curStat) != 0 <-- looks like this is the correct one //struct WaitStatParams params = { 0xFF, 3000000 }; waitStatThid = sceKernelCreateThread("WaitUMDStat", waitstat_thread, 0x20, 0x4000, 0, 0); printf("sceKernelCreateThread result %08x\n", waitStatThid); if (waitStatThid >= 0) { result = sceKernelStartThread(waitStatThid, sizeof(params), ¶ms); printf("sceKernelStartThread result %08x\n", result); } } } if (buttonDown & PSP_CTRL_TRIANGLE) done = 1; oldButtons = pad.Buttons; sceDisplayWaitVblank(); // only catch callback when we press Cross (sceKernelDelayThreadCB) //sceDisplayWaitVblankCB(); // catch all callback events } sceKernelExitGame(); return 0; }
static int ExitCallbackThread(SceSize args, void *argp) { sceKernelRegisterExitCallback(sceKernelCreateCallback("HOME button Callback", exit_callback, NULL)); sceKernelSleepThreadCB(); return 0; }
/* for 6.20/6.35 */ void do_exploit(void) { u32 power_buf_address = 0; //create empty callback int cbid = -1; int result; #ifdef CONFIG_635 if(psp_fw_version == FW_635) { //create a fitting one while(!is_intr_OK((u32)cbid)) { //sceKernelDeleteCallback(cbid); cbid = sceKernelCreateCallback("", NULL, NULL); } } #endif #ifdef CONFIG_620 if (psp_fw_version == FW_620) { cbid = sceKernelCreateCallback("", NULL, NULL); } #endif printk("Got a CBID: 0x%08X\r\n", cbid); //Davee $v1 trick, $v1 would leak the power_buf_address when called on an registered slot 0 scePowerRegisterCallbackPrivate(0, cbid); power_buf_address = get_power_address(cbid); scePowerUnregisterCallbackPrivate(0); printk("power_buf_address 0x%08X\r\n", (uint)power_buf_address); #ifdef CONFIG_635 if(psp_fw_version == FW_635 && !is_pspgo()) { patch_power_arg(cbid, power_buf_address); } #endif //override sysmem function unsigned int smpos = g_offs->patchRangeStart; for(; smpos < g_offs->patchRangeEnd; smpos += 16) { //calculate slot unsigned int slot = get_power_slot_by_address(((u32)0x88000000)+smpos, power_buf_address); //wipe memory with -1... else overriding fails. scePowerUnregisterCallbackPrivate(slot); //register dummy callback (override memory ^^) result = scePowerRegisterCallbackPrivate(slot, cbid); //patching error if(result) break; } //flush changes to memory sync_cache(); //restoring instructions and patching loadexec unsigned int interrupts = pspSdkDisableInterrupts(); #ifdef CONFIG_635 if(psp_fw_version == FW_635) { result = SysMemUserForUser_D8DE5C1E(0xC01DB15D, 0xC00DCAFE, kernelSyscall, 0x12345678, -1); } #endif #ifdef CONFIG_620 if (psp_fw_version == FW_620) { u32 kernel_entry, entry_addr; kernel_entry = (u32) &kernel_permission_call; entry_addr = ((u32) &kernel_entry) - 16; result = sceKernelPowerLock(0, ((u32) &entry_addr) - 0x4234); } #endif pspSdkEnableInterrupts(interrupts); }