Editing Talk:Hypervisor Reverse Engineering
Jump to navigation
Jump to search
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 1: | Line 1: | ||
Merge needed | Merge needed (?) : https://webcache.googleusercontent.com/search?q=cache:http%3A%2F%2Fwiki.gitbrew.org%2Fwikibrew%2FPS3%3AHvReverseEngineering | ||
== MMIO / Memorymap == | == MMIO / Memorymap == | ||
Line 13: | Line 10: | ||
| 0x200000 || 0x400000 || || LV1 Code Region || || | | 0x200000 || 0x400000 || || LV1 Code Region || || | ||
|- | |- | ||
| 0x20000000000 || 0x80000 || || SPE0 MMIO Memory Region || || | |||
| 0x20000000000 || 0x80000 || || SPE0 MMIO Memory Region || || | |||
|- | |- | ||
| 0x20000080000 || 0x80000 || || SPE1 MMIO Memory Region || 0x003ABC20 || | | 0x20000080000 || 0x80000 || || SPE1 MMIO Memory Region || 0x003ABC20 || | ||
Line 29: | Line 24: | ||
| 0x20000300000 || 0x80000 || || SPE6 MMIO Memory Region || 0x003B5BE0 || | | 0x20000300000 || 0x80000 || || SPE6 MMIO Memory Region || 0x003B5BE0 || | ||
|- | |- | ||
| 0x20000509000 || 0x1000 || || Pervasive Memory || || Contains 48 bit Serial Number | | 0x20000509000 || 0x1000 || || Pervasive Memory || || Contains 48 bit Serial Number(???) | ||
|- | |- | ||
| || 0x1000 || || SPE1 Shadow Registers Memory Region || 0x003ABDA0 || | | || 0x1000 || || SPE1 Shadow Registers Memory Region || 0x003ABDA0 || | ||
Line 49: | Line 44: | ||
| 0x2000050A210 || 0x4 || || XDR Memory Channel Type || || For use with above memory locations | | 0x2000050A210 || 0x4 || || XDR Memory Channel Type || || For use with above memory locations | ||
|- | |- | ||
| 0x24000000000 || || || SB bus subsystem || || | | 0x24000000000 || || || SB bus subsystem || || | ||
|- | |- | ||
| 0x24000002000 || 0x200 || 1 || SATA Controller 1 || || | | 0x24000002000 || 0x200 || 1 || SATA Controller 1 || || | ||
Line 125: | Line 120: | ||
| 0x2401F000000 || 0x1000000 || || NOR Flash || || | | 0x2401F000000 || 0x1000000 || || NOR Flash || || | ||
|- | |- | ||
| 0x28000000000 || 0x2000 || || AV Manager (/dev/ioif0) || || only mmap system call | |||
| 0x28000000000 || 0x2000 || || AV Manager (/dev/ioif0) || || | |||
|- | |- | ||
| 0x28001800000 || 0x1000 || || AV Manager (/dev/ioif0) || || only mmap system call | | 0x28001800000 || 0x1000 || || AV Manager (/dev/ioif0) || || only mmap system call | ||
Line 154: | Line 147: | ||
|- | |- | ||
| 0x28000080100 || 0x8000 || 5 || GPU Device Memory Region || 0x003BB420 || | | 0x28000080100 || 0x8000 || 5 || GPU Device Memory Region || 0x003BB420 || | ||
|- | |- | ||
| || || 9 || FLASH Controller device (StarShip - SS) || || FLASH controller doesn't have MMIO regions | | || || 9 || FLASH Controller device (StarShip - SS) || || FLASH controller doesn't have MMIO regions | ||
Line 181: | Line 160: | ||
|} | |} | ||
* Linux driver for playing with BE MMIO: http://pastie.org/private/zkzpmj5j6hixacxppk9waq | * Linux driver for playing with BE MMIO: http://pastie.org/private/zkzpmj5j6hixacxppk9waq | ||
== PS3 ea memory map == | == PS3 ea memory map == | ||
Line 219: | Line 198: | ||
| Unmapped Area | | | Unmapped Area | | ||
0x0000_0000 +-------------------------------+ | 0x0000_0000 +-------------------------------+ | ||
</pre>http://pastie.org/private/bfqqa2cpadolns9bm0eqa | |||
== Packet ID Entries == | |||
<pre> | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x2001, 0x34># 0 <-vtrm | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x2002, 0x35># 1 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x2003, 0x36># 2 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x2006, 0x39># 3 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x2004, 0x37># 4 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x2005, 0x38># 5 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x200A, 0x3D># 6 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x200B, 0x3E># 7 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x200C, 0x3F># 8 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x200D, 0x40># 9 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x200E, 0x41># 10 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x2012, 0x7B># 11 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x2013, 0x7C># 12 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x2016, 0x7D># 13 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x2014, 0x7E># 14 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x2015, 0x7F># 15 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x2017, 0x80># 16 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x3001, 0x4A># 17 <-srtc | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x3002, 0x27># 18 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x3003, 0x28># 19 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x6002, 0x6B># 20 <- um | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x6001, 0x33># 21 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x6005, 0x2D># 22 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x6006, 0x2E># 23 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x6003, 0x30># 24 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x6004, 0x2F># 25 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x6007, 0x32># 26 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x6008, 0x4D># 27 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x6009, 0x4E># 28 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x600A, 0x4F># 29 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x600B, 0x54># 30 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x600C, 0x55># 31 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x6011, 0x82># 32 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x8001, 4># 33 <- ??? | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x8002, 5># 34 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x8003, 6># 35 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x8004, 3># 36 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x8005, 7># 37 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x9001, 0x16># 38 <-scm | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x9002, 0x1E># 39 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x9006, 0x14># 40 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x9007, 0x1D># 41 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x9008, 0x49># 42 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x9009, 0x17># 43 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x900A, 0x1C># 44 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x9003, 0x13># 45 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x9004, 0x12># 46 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x9005, 0x1A># 47 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x900B, 0x1B># 48 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x900C, 0x1F># 49 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x900E, 0x15># 50 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x900D, 0x19># 51 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x9011, 0x62># 52 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x9012, 0x64># 53 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x9013, 0x65># 54 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x9014, 0x75># 55 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x9015, 0x79># 56 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x9016, 0x7A># 57 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x10001, 0x10># 58 <- sbm | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x10002, 0xF># 59 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x10004, 0x47># 60 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x10005, 0x69># 61 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x10006, 0x6F># 62 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x10007, 0x71># 63 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x11002, 0x2C># 64 <- SPM | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x14001, 0x21># 65 <- SLL | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x14002, 0x20># 66 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x14003, 0x22># 67 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x14004, 0x45># 68 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x14005, 0x46># 69 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x14006, 0x48># 70 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x15001, 0x25># 71 <-SPL | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x15002, 0x26># 72 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x15003, 0x23># 73 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x15004, 0x24># 74 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x15009, 0x81># 75 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x5001, 0x2B># 76 <- SM | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x5002, 0x29># 77 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x5003, 0x2A># 78 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x5004, 0x50># 79 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x5005, 0x51># 80 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x5007, 0x63># 81 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x5008, 0x6A># 82 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x5009, 0x70># 83 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x500A, 0x72># 84 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x18001, 1># 85 <-dm | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x18002, 2># 86 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x17001, 9># 87 <-iim | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x17002, 0xB># 88 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x17003, 0xA># 89 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x17004, 0xC># 90 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x17005, 0xE># 91 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x17006, 8># 92 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x17007, 0xD># 93 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x17009, 0x59># 94 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x17010, 0x5A># 95 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x17011, 0x5B># 96 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x17012, 0x5C># 97 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x17013, 0x5D># 98 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x17014, 0x5E># 99 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x17015, 0x5F># 100 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x17016, 0x60># 101 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x17017, 0x61># 102 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x19002, 0x43># 103 <- AIM | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x19003, 0x44># 104 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x19004, 0x57># 105 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x19005, 0x68># 106 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x22001, 0x52># 107 <- fdm | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x22002, 0x53># 108 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x22003, 0x66># 109 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x22004, 0x67># 110 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x24001, 0x73># 111 <- UDA | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x24002, 0x74># 112 | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x25001, 0x83># 113 <- UTM | |||
seg002:C0000180 packet_id_ss_id_map_entry <0x25002, 0x84># 114 | |||
</pre> | </pre> | ||
from SPM | from SPM | ||
[http://pastie.org/private/mdw6lcgcp6sby1qvlipog possible process names | [http://pastie.org/private/mdw6lcgcp6sby1qvlipog possible process names] | ||
[http://pastie.org/private/guigb77nctwvsq50tkaeq possible process / packet ids 1 | [http://pastie.org/private/guigb77nctwvsq50tkaeq possible process / packet ids 1] | ||
[http://pastie.org/private/j7cv141bu5jw2acundzla possible process / packet ids 2 | [http://pastie.org/private/j7cv141bu5jw2acundzla possible process / packet ids 2] | ||
==coolstuf== | ==coolstuf== | ||
Line 261: | Line 337: | ||
Repositories: | Repositories: | ||
* http://www.sendspace.com/file/qlkzkd | * http://www.sendspace.com/file/qlkzkd | ||
* http://www.mirrorcreator.com/files/0NFBM0PC/coolstuff_0.rar_links | * http://www.mirrorcreator.com/files/0NFBM0PC/coolstuff_0.rar_links | ||
Line 267: | Line 342: | ||
* http://fileape.com/index.php?act=download&id=aG4VzHXWKqwXbi50 | * http://fileape.com/index.php?act=download&id=aG4VzHXWKqwXbi50 | ||
* | * http://ps3devwiki.com/files/coolstuf/ | ||
===Content=== | ===Content=== | ||
Line 609: | Line 684: | ||
ps3wiki/XRegistry File Format_2.htm 52.7 KB | ps3wiki/XRegistry File Format_2.htm 52.7 KB | ||
</pre> | </pre> | ||
==emer init.self== | ==emer init.self== | ||
=== Program 1 === | ===Program 1=== | ||
Crossreference: [http://portal.gitbrew.org/wikibrew/PS3:HvReverseEngineering:emer_init.self:Program_1 gitbrew.org::emer_init.self:Program_1] <br /> | |||
Crossreference: [ | |||
<pre> | <pre> | ||
Line 835: | Line 910: | ||
</pre> | </pre> | ||
=== Program 2 === | ===Program 2=== | ||
Crossreference: [http://portal.gitbrew.org/wikibrew/PS3:HvReverseEngineering:emer_init.self:Program_2 gitbrew.org::emer_init.self:Program_2] <br /> | |||
Crossreference: [ | |||
<pre> | <pre> | ||
0x80308 | 0x80308 | ||
Line 1,152: | Line 1,226: | ||
0x66604200 | 0x66604200 | ||
</pre> | </pre> | ||
---- | ---- | ||