Editing IOCTL

Jump to navigation Jump to search
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.

The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.

Latest revision Your text
Line 1: Line 1:
In computing, ioctl (an abbreviation of input/output control) is a system call for device-specific input/output operations and other operations which cannot be expressed by regular file semantics. It takes a parameter specifying a request code; the effect of a call depends completely on the request code. Request codes are often device-specific. For instance, a CD-ROM device driver which can instruct a physical device to eject a disc would provide an ioctl request code to do so. Device-independent request codes are sometimes used to give usermode access to kernel functions which are only used by core system software or still under development.
See also [https://en.wikipedia.org/wiki/Ioctl wikipedia page about IOCTL].
See also [[Devices]] and [https://www.psdevwiki.com/ps5/IOCTL PS5 IOCTL]s.
= Description =
= Description =


Line 31: Line 25:
</pre>
</pre>


= List of IOCTL by kernel device =
= List =


== npdrm ==
* Thanks to SocraticBliss for the names.
 
=== crepo ===


<pre>
<pre>
C0404E03 npdrm_decrypt_isolated_rif
400C4302 sceSblCryptReleaseContext
C0404E02 npdrm_decrypt_disc_rif
C00C4303 crepo_get_sign_crypt_handle
C0404E01 npdrm_decrypt_kds_rif
C00C4304 crepo_get_encdec_cryp_handle
</pre>
</pre>
== sbl ==


=== pup_update / sc_fw_update ===
=== pup_update / sc_fw_update ===
Line 51: Line 45:
C0184404 decrypt_pup_segment
C0184404 decrypt_pup_segment
C0284405 decrypt_pup_segment_block
C0284405 decrypt_pup_segment_block
80014406 set_partion_updated ?typo for partition?
80014406 set_partion_updated
20004407 switch_bank
20004407 switch_bank
C0104408 ?unknown name?
C0104408  
C0284409 decrypt_pup_header_with_response
C0284409 decrypt_pup_header_with_response
C010440A generate_challenge
C010440A generate_challenge
Line 61: Line 55:
</pre>
</pre>


=== crepo ===
=== gbase ===


<pre>
<pre>
400C4302 sceSblCryptReleaseContext
C0044507 sceKernelSetBaseModeClock
C00C4303 crepo_get_sign_crypt_handle
C0044508 sceKernelSetGpuCu
C00C4304 crepo_get_encdec_cryp_handle
C0044511 sceKernelSetMemoryPstate
40084516 sceKernelGetMemoryPstate
</pre>
</pre>


Line 86: Line 81:
C020536D manu_mode_sm_exit
C020536D manu_mode_sm_exit
C020536E isSpecialWake
C020536E isSpecialWake
</pre>
=== encdec ===
<pre>
C0284501 sceSblSsDecryptWithPortability
</pre>
=== manu_mode_mgr ===
<pre>
C0205364 _sceSblIdataGetCprm
C0205365 _sceSblIdataGetHddKey
C0205366 _sceSblIdataGetEapHddKey
C0205367 _sceSblIdataGetCprm
C0205368 _sceSblIdataGetChallenge
C0205369 _sceSblIdataVeriResponse
C020536A manu_mode_sm_start
C020536B _sceSblIdataGetManuMode
C020536C _sceSblIdataSetManuMode
C020536D manu_mode_sm_exit
</pre>
=== pfsctl ===
<pre>
80709101 pfs_format
80049102 pfs_sbram_clear_useflag
80389103 pfs_img_compaction
20009104 pfs_img_compaction_cancel
80289105 pfs_sbram_write_metadata
C0389106 pfs_img_clean
80389107 pfs_img_clean_cancel
C0309108 pfs_sbram_get_header
20009109 pfs_sbram_init
</pre>
=== pfs ===
<pre>
C03866A7 pfs_get_data_chunks
80089167
80209168 pfs_allocate_full_icv_cache
80089169 pfs_cmp_get_offset_aio
8080916A
</pre>
== av_control ==
=== av_control ===
<pre>
C0089A01 enable_crtc_ioctl
C0089A02 blank_crtc_ioctl
C0089A03 enable_display_data_request_ioctl
C0089A04 set_double_buff_cntl_ioctl
C0089A05 set_master_update_lock_ioctl
C0089A06 enable_dcfe_clock_ioctl
C0189A07 set_crtc_timing_ioctl
C0089A08 enable_crtc_prefetch_ioctl
C0089A09 set_early_control_ioctl
20009A0A cancel_vga_ioctl
C0049A0C setup_audiopll_ioctl
C0109A0D setup_pixelpll_ioctl
C0109A0E setup_dispclk_ioctl
C0189A0F dp_on_ioctl
C0189A10 dp_off_ioctl
C0089A13 set_pixel_encoding_ioctl
C0089A14 set_subsampling_mode_ioctl
C0089A15 set_truncation_depth_ioctl
C0109A16 set_fmt_spatial_dither_ioctl
C00C9A17 enable_fmt_crc_ioctl
C0109A18 get_fmt_crc_ioctl
C0109A19 set_clamp_ioctl
C0089A1A enable_fmt_truncate_ioctl
C0049A1B disable_fmt_truncate_ioctl
C0089A1C set_formatter_src_ioctl
C0089A1D set_truncation_mode_ioctl
C0089A1E enable_pti_ioctl
C0089A1F dvo_on_ioctl
20009A20 dvo_off_ioctl
</pre>
== bt ==
=== bt_dev ===
<pre>
C0106206 bt_reg_name_lookup
80206216 bt_audio_send_req
80206217 bt_audio_recv_req
20046204 sceBtStartInquiry
20046205 sceBtStopInquiry
80186201 get_registered_info
80186207 reply_pin_code
80106227 bt_get_jedi_vol_gain
80106228 bt_set_jedi_vol_gain
80106208 sceBtReplyUserConfirmation
8004622A sceBtStartMode
80086225
80086202 bt_reg_delete
80086203 sceBtGetConnectingInfo
8008620A sceBtStartConnect
8008620B sceBtStartDisconnect
80086213 bt_avctp_read_volume
8008621A
8008621D
20046226
</pre>
== hdmi ==
=== hdmi ===
<pre>
20008D01 sceHdmiInitVideoConfig
C0108D02 sceHdmiSetVideoConfig
C01C8D03 sceHdmiSetAudioConfig
C0048D05 sceHdmiSetAudioMute
C0108D07 sceHdmiSetGamutMetaData
C0048D0A sceSetHdmiEventConfig
C0088D0B sceHdmiGetMonitorInformation
C0088D0C sceHdmiGetState
C0088D0D getHdmiConnectState
C0108D0E sceHdmiGetKsv
C0088D0F sceHdmiGetKsvSize
C0048D13 sceChangeEdidPassMode
C0048D14 sceChangeHdcpMode
C0108D15 sceHdmiGetAksv
C0048D16 sceHdmiSetScrambleMode
20008D17 sceHdmiTransmitCecSignal
C0048D1E sceChangeCecMode
20008D1F sceHdmiCecOneTouchPlay
C0048D20 sceHdmiCecSetStandyResult
</pre>
== camera ==
=== luke ===
?none?
== Unclassified ==
=== gbase ===
<pre>
C0044507 sceKernelSetBaseModeClock
C0044508 sceKernelSetGpuCu
C0044511 sceKernelSetMemoryPstate
40084516 sceKernelGetMemoryPstate
</pre>
</pre>


Line 287: Line 131:
40048806 sceKernelCheckDipsw
40048806 sceKernelCheckDipsw
</pre>
</pre>
=== hdmi ===
<pre>
20008D01 sceHdmiInitVideoConfig
C0108D02 sceHdmiSetVideoConfig
C01C8D03 sceHdmiSetAudioConfig
C0048D05 sceHdmiSetAudioMute
C0108D07 sceHdmiSetGamutMetaData
C0048D0A sceSetHdmiEventConfig
C0088D0B sceHdmiGetMonitorInformation
C0088D0C sceHdmiGetState
C0088D0D getHdmiConnectState
C0108D0E sceHdmiGetKsv
C0088D0F sceHdmiGetKsvSize
C0048D13 sceChangeEdidPassMode
C0048D14 sceChangeHdcpMode
C0108D15 sceHdmiGetAksv
C0048D16 sceHdmiSetScrambleMode
20008D17 sceHdmiTransmitCecSignal
C0048D1E sceChangeCecMode
20008D1F sceHdmiCecOneTouchPlay
C0048D20 sceHdmiCecSetStandyResult
</pre>
=== luke ===


=== icc_fan ===
=== icc_fan ===
Line 304: Line 175:
C0169001
C0169001
C0169002
C0169002
</pre>
=== pfs ===
<pre>
80709101 pfs_format
80049102 pfs_sbram_clear_useflag
80389103 pfs_img_compaction
20009104 pfs_img_compaction_cancel
80289105 pfs_sbram_write_metadata
C0389106 pfs_img_clean
80389107 pfs_img_clean_cancel
C0309108 pfs_sbram_get_header
20009109 pfs_sbram_init
</pre>
</pre>


Line 316: Line 201:
80019208 icc_configuration_set_cp_mode
80019208 icc_configuration_set_cp_mode
</pre>
</pre>
=== uipc_control ===


=== icc_indicator ===
=== icc_indicator ===
Line 331: Line 218:
2000950A icc_indicator_set_dynamic_led_standby_boot
2000950A icc_indicator_set_dynamic_led_standby_boot
</pre>
</pre>
=== sce_exfatfs_vop ===


=== icc_nvs ===
=== icc_nvs ===
Line 347: Line 236:
C0109905 icc_power_get_operating_time
C0109905 icc_power_get_operating_time
20009906 icc_power_set_bootup_at_poweron
20009906 icc_power_set_bootup_at_poweron
</pre>
=== av_control ===
<pre>
C0089A01 enable_crtc_ioctl
C0089A02 blank_crtc_ioctl
C0089A03 enable_display_data_request_ioctl
C0089A04 set_double_buff_cntl_ioctl
C0089A05 set_master_update_lock_ioctl
C0089A06 enable_dcfe_clock_ioctl
C0189A07 set_crtc_timing_ioctl
C0089A08 enable_crtc_prefetch_ioctl
C0089A09 set_early_control_ioctl
20009A0A cancel_vga_ioctl
C0049A0C setup_audiopll_ioctl
C0109A0D setup_pixelpll_ioctl
C0109A0E setup_dispclk_ioctl
C0189A0F dp_on_ioctl
C0189A10 dp_off_ioctl
C0089A13 set_pixel_encoding_ioctl
C0089A14 set_subsampling_mode_ioctl
C0089A15 set_truncation_depth_ioctl
C0109A16 set_fmt_spatial_dither_ioctl
C00C9A17 enable_fmt_crc_ioctl
C0109A18 get_fmt_crc_ioctl
C0109A19 set_clamp_ioctl
C0089A1A enable_fmt_truncate_ioctl
C0049A1B disable_fmt_truncate_ioctl
C0089A1C set_formatter_src_ioctl
C0089A1D set_truncation_mode_ioctl
C0089A1E enable_pti_ioctl
C0089A1F dvo_on_ioctl
20009A20 dvo_off_ioctl
</pre>
</pre>


Line 367: Line 290:
40019C08 icc_device_power_get_bd_power_state
40019C08 icc_device_power_get_bd_power_state
</pre>
</pre>
=== uipc_control ===
?none?
=== sce_exfatfs_vop ===
?none?


=== sbi ===
=== sbi ===
Line 383: Line 298:
</pre>
</pre>


* Thanks to SocraticBliss for the names.
=== encdec ===
 
<pre>
C0284501 sceSblSsDecryptWithPortability
</pre>


= Finding the IOCTL handler address for a device in kernel =
=== manu ===


# Find a string of the device name in kernel.
<pre>
# There should be only two cross-references from function: make_dev and mutex_init. make_dev is the interesting one.
C0205364 _sceSblIdataGetCprm
# The structure before the device string is what we want to look.
C0205365 _sceSblIdataGetHddKey
# Follow the structure then go to the very last offset of the structure. It is the handler function in charge of IOCTLs for that device.
C0205366 _sceSblIdataGetEapHddKey
C0205367 _sceSblIdataGetCprm
C0205368 _sceSblIdataGetChallenge
C0205369 _sceSblIdataVeriResponse
C020536A manu_mode_sm_start
C020536B _sceSblIdataGetManuMode
C020536C _sceSblIdataSetManuMode
C020536D manu_mode_sm_exit
</pre>
</pre>


=== bt_dev ===
<pre>
C0106206 bt_reg_name_lookup
80206216 bt_audio_send_req
80206217 bt_audio_recv_req
20046204 sceBtStartInquiry
20046205 sceBtStopInquiry
80186201 get_registered_info
80186207 reply_pin_code
80106227 bt_get_jedi_vol_gain
80106228 bt_set_jedi_vol_gain
80106208 sceBtReplyUserConfirmation
8004622A sceBtStartMode
80086225
80086202 bt_reg_delete
80086203 sceBtGetConnectingInfo
8008620A sceBtStartConnect
8008620B sceBtStartDisconnect
80086213 bt_avctp_read_volume
8008621A
8008621D
20046226
</pre>


{{Reverse Engineering}}
{{Reverse Engineering}}
<noinclude>
<noinclude>[[Category:Main]]</noinclude>
[[Category:Main]]
</noinclude>
Please note that all contributions to PS4 Developer wiki are considered to be released under the GNU Free Documentation License 1.2 (see PS4 Developer wiki:Copyrights for details). If you do not want your writing to be edited mercilessly and redistributed at will, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource. Do not submit copyrighted work without permission!

To protect the wiki against automated edit spam, we kindly ask you to solve the following hCaptcha:

Cancel Editing help (opens in new window)