Editing Syscalls
Jump to navigation
Jump to search
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 1: | Line 1: | ||
<!--// todo : needs to be tabled like the PS3 one | <!--// todo : needs to be tabled like the PS3 one | ||
http://fxr.watson.org/fxr/source/sys/syscall.h?v= | http://fxr.watson.org/fxr/source/sys/syscall.h?v=FREEBSD9 | ||
http://fxr.watson.org/fxr/source/kern/syscalls.master?v=FREEBSD9 | |||
//--> | //--> | ||
PS4 kernel is based on FreeBSD 9.0; a list of FreeBSD 9.0 system calls can be found [http://fxr.watson.org/fxr/source/kern/syscalls.master?v=FREEBSD9 here]. | |||
Compatibility system calls, and some others, have been disabled. | |||
The first custom Sony system call comes immediately after the last FreeBSD system call, wait6, and is number 533. | |||
The final custom Sony system call is 617. | |||
Calling any system calls higher than 617 gives the same result as calling a compatibility or unimplemented system call, "There is not enough free system memory" error. | |||
Of these 85 (617 - 532), 9 always return 0x4e, ENOSYS, leaving us with just 76 which are usable (the disabled 9 may only be callable from development units). | |||
As of firmware version 3.55 there is evidence of new syscalls! | |||
https://i.gyazo.com/aa2bceacf5e5f45a15495fcdb79585cb.png | https://i.gyazo.com/aa2bceacf5e5f45a15495fcdb79585cb.png | ||
You can find an IDA Pro .idc script I made to label system calls in libkernel here: | |||
http://pastebin.com/xch7pb2H | |||
== Functions of custom Sony system calls == | |||
Known calls include those relating to: | |||
# Modules | # Modules | ||
# Memory | # Memory | ||
# | # Sandboxing | ||
# Semaphores | # Semaphores | ||
Other | Other potential calls could be for: | ||
# Mutexes | |||
Other operations, such as file IO and networking are handled through regular FreeBSD system calls. | |||
== Public system calls == | |||
{| class="wikitable sortable" | {| class="wikitable sortable" | ||
|- | |- | ||
! | ! Number !! Prototype !! Notes !! Name | ||
|- | |- | ||
| | | 532 || - || - || sys_regmgr_call | ||
|- | |- | ||
| | | 533 || - || - || sys_jitshm_create | ||
|- | |- | ||
| | | 534 || - || - || sys_jitshm_alias | ||
|- | |- | ||
| | | 535 || - || - || sys_dl_get_list | ||
|- | |- | ||
| | | 536 || - || - || sys_dl_get_info | ||
|- | |- | ||
| | | 537 || disabled || always returns 0x4e || sys_dl_notify_event | ||
|- | |- | ||
| | | 538 || - || - || sys_evf_create | ||
|- | |- | ||
| | | 539 || - || - || sys_evf_delete | ||
|- | |- | ||
| | | 540 || - || - || sys_evf_open | ||
|- | |- | ||
| | | 541 || - || - || sys_evf_close | ||
|- | |- | ||
| | | 542 || - || - || sys_evf_wait | ||
|- | |- | ||
| | | 543 || - || - || sys_evf_trywait | ||
|- | |- | ||
| | | 544 || - || - || sys_evf_set | ||
|- | |- | ||
| | | 545 || - || - || sys_evf_clear | ||
|- | |- | ||
| | | 546 || - || - || sys_evf_cancel | ||
|- | |- | ||
| | | 547 || - || - || sys_query_memory_protection | ||
|- | |- | ||
| | | 548 || - || - || sys_batch_map | ||
|- | |- | ||
| | | 549 || - || - || sys_osem_create | ||
|- | |- | ||
| | | 550 || - || - || sys_osem_delete | ||
|- | |- | ||
| | | 551 || - || - || sys_osem_open | ||
|- | |- | ||
| | | 552 || - || - || sys_osem_close | ||
|- | |- | ||
| | | 553 || - || - || sys_osem_wait | ||
|- | |- | ||
| | | 554 || - || - || sys_osem_trywait | ||
|- | |- | ||
| | | 555 || - || - || sys_osem_post | ||
|- | |- | ||
| | | 556 || - || - || sys_osem_cancel | ||
|- | |- | ||
| | | 557 || - || - || sys_namedobj_create | ||
|- | |- | ||
| | | 558 || - || - || sys_namedobj_delete | ||
|- | |- | ||
| | | 559 || - || - || sys_set_vm_container | ||
|- | |- | ||
| | | 560 || - || - || sys_debug_init | ||
|- | |- | ||
| | | 561 || - || - || sys_suspend_process | ||
|- | |- | ||
| | | 562 || - || - || sys_resume_process | ||
|- | |- | ||
| | | 563 || - || - || sys_opmc_enable | ||
|- | |- | ||
| | | 564 || - || - || sys_opmc_disable | ||
|- | |- | ||
| | | 565 || - || - || sys_opmc_set_ctl | ||
|- | |- | ||
| | | 566 || - || - || sys_opmc_set_ctr | ||
|- | |- | ||
| | | 567 || - || - || sys_opmc_get_ctr | ||
|- | |- | ||
| | | 568 || disabled || always returns 0x4e || sys_budget_create | ||
|- | |- | ||
| | | 569 || disabled || always returns 0x4e || sys_budget_delete | ||
|- | |- | ||
| | | 570 || disabled || always returns 0x4e || sys_budget_get | ||
|- | |- | ||
| | | 571 || disabled || always returns 0x4e || sys_budget_set | ||
|- | |- | ||
| | | 572 || - || - || sys_virtual_query | ||
|- | |- | ||
| | | 573 || disabled || always returns 0x4e || sys_mdbg_call | ||
|- | |- | ||
| | | 574 || - || - || sys_sblock_create | ||
|- | |- | ||
| | | 575 || - || - || sys_sblock_delete | ||
|- | |- | ||
| | | 576 || - || - || sys_sblock_enter | ||
|- | |- | ||
| | | 577 || - || - || sys_sblock_exit | ||
|- | |- | ||
| | | 578 || - || - || sys_sblock_xenter | ||
|- | |- | ||
| | | 579 || - || - || sys_sblock_xexit | ||
|- | |- | ||
| | | 580 || - || - || sys_eport_create | ||
|- | |- | ||
| | | 581 || - || - || sys_eport_delete | ||
|- | |- | ||
| | | 582 || - || - || sys_eport_trigger | ||
|- | |- | ||
| | | 583 || - || - || sys_eport_open | ||
|- | |- | ||
| | | 584 || - || - || sys_eport_close | ||
|- | |- | ||
| | | 585 || - || - || sys_is_in_sandbox | ||
|- | |- | ||
| | | 586 || - || - || sys_dmem_container | ||
|- | |- | ||
| | | 587 || - || - || sys_get_authinfo | ||
|- | |- | ||
| | | 588 || - || - || sys_mname | ||
|- | |- | ||
| | | 589 || disabled || always returns 0x4e || sys_dynlib_dlopen | ||
|- | |- | ||
| | | 590 || - || - || sys_dynlib_dlclose | ||
|- | |- | ||
| | | 591 || - || - || sys_dynlib_dlsym | ||
|- | |- | ||
| | | 592 || - || - || sys_dynlib_get_list | ||
|- | |- | ||
| | | 593 || - || - || sys_dynlib_get_info | ||
|- | |- | ||
| | | 594 || - || - || sys_dynlib_load_prx | ||
|- | |- | ||
| | | 595 || - || - || sys_dynlib_unload_prx | ||
|- | |- | ||
| | | 596 || - || - || sys_dynlib_do_copy_relocations | ||
|- | |- | ||
| | | 597 || - || - || sys_dynlib_prepare_dlclose | ||
|- | |- | ||
| | | 598 || - || - || sys_dynlib_get_proc_param | ||
|- | |- | ||
| | | 599 || - || - || sys_dynlib_process_needed_and_relocate | ||
|- | |- | ||
| | | 600 || - || - || sys_sandbox_path | ||
|- | |- | ||
| | | 601 || - || - || sys_mdbg_service | ||
|- | |- | ||
| | | 602 || - || - || sys_randomized_path | ||
|- | |- | ||
| | | 603 || - || - || sys_rdup | ||
|- | |- | ||
| | | 604 || - || - || sys_dl_get_metadata | ||
|- | |- | ||
| | | 605 || - || - || sys_workaround8849 | ||
|- | |- | ||
| | | 606 || - || - || sys_is_development_mode | ||
|- | |- | ||
| | | 607 || - || - || sys_get_self_auth_info | ||
|- | |- | ||
| | | 608 || - || - || sys_dynlib_get_info_ex | ||
|- | |- | ||
| | | 609 || disabled || always returns 0x4e || sys_budget_getid | ||
|- | |- | ||
| | | 610 || disabled || always returns 0x4e || sys_budget_get_ptype | ||
|- | |- | ||
| | | 611 || - || - || sys_get_paging_stats_of_all_threads | ||
|- | |- | ||
| | | 612 || - || - || sys_get_proc_type_info | ||
|- | |- | ||
| | | 613 || - || - || sys_get_resident_count | ||
|- | |- | ||
| | | 614 || - || - || sys_prepare_to_suspend_process | ||
|- | |- | ||
| | | 615 || - || - || sys_get_resident_fmem_count | ||
|- | |- | ||
| | | 616 || - || - || sys_thr_get_name | ||
|- | |- | ||
| | | 617 || - || - || sys_set_gpo | ||
|- | |- | ||
|} | |} | ||
{{Reverse Engineering}} | {{Reverse Engineering}} | ||
<noinclude>[[Category:Main]]</noinclude> | <noinclude>[[Category:Main]]</noinclude> |