Syscalls: Difference between revisions

From PS4 Developer wiki
Jump to navigation Jump to search
No edit summary
(added system call idc script)
Line 18: Line 18:


https://i.gyazo.com/aa2bceacf5e5f45a15495fcdb79585cb.png
https://i.gyazo.com/aa2bceacf5e5f45a15495fcdb79585cb.png
You can find an IDA Pro .idc script I made to label system calls in libkernel here:
http://pastebin.com/xch7pb2H


== Functions of custom Sony system calls ==
== Functions of custom Sony system calls ==

Revision as of 00:31, 14 August 2016

PS4 kernel is based on FreeBSD 9.0; a list of FreeBSD 9.0 system calls can be found here.

Compatibility system calls, and some others, have been disabled.

The first custom Sony system call comes immediately after the last FreeBSD system call, wait6, and is number 533.

The final custom Sony system call is 617.

Calling any system calls higher than 617 gives the same result as calling a compatibility or unimplemented system call, "There is not enough free system memory" error.

Of these 85 (617 - 532), 9 always return 0x4e, ENOSYS, leaving us with just 76 which are usable (the disabled 9 may only be callable from development units).

As of firmware version 3.55 there is evidence of new syscalls!

https://i.gyazo.com/aa2bceacf5e5f45a15495fcdb79585cb.png


You can find an IDA Pro .idc script I made to label system calls in libkernel here:

http://pastebin.com/xch7pb2H

Functions of custom Sony system calls

Known calls include those relating to:

  1. Modules
  2. Memory
  3. Sandboxing
  4. Semaphores

Other potential calls could be for:

  1. Mutexes

Other operations, such as file IO and networking are handled through regular FreeBSD system calls.

Public system calls

Number Prototype Notes Name
532 - - sys_regmgr_call
533 - - sys_jitshm_create
534 - - sys_jitshm_alias
535 - - sys_dl_get_list
536 - - sys_dl_get_info
537 disabled always returns 0x4e sys_dl_notify_event
538 - - sys_evf_create
539 - - sys_evf_delete
540 - - sys_evf_open
541 - - sys_evf_close
542 - - sys_evf_wait
543 - - sys_evf_trywait
544 - - sys_evf_set
545 - - sys_evf_clear
546 - - sys_evf_cancel
547 - - sys_query_memory_protection
548 - - sys_batch_map
549 - - sys_osem_create
550 - - sys_osem_delete
551 - - sys_osem_open
552 - - sys_osem_close
553 - - sys_osem_wait
554 - - sys_osem_trywait
555 - - sys_osem_post
556 - - sys_osem_cancel
557 - - sys_namedobj_create
558 - - sys_namedobj_delete
559 - - sys_set_vm_container
560 - - sys_debug_init
561 - - sys_suspend_process
562 - - sys_resume_process
563 - - sys_opmc_enable
564 - - sys_opmc_disable
565 - - sys_opmc_set_ctl
566 - - sys_opmc_set_ctr
567 - - sys_opmc_get_ctr
568 disabled always returns 0x4e sys_budget_create
569 disabled always returns 0x4e sys_budget_delete
570 disabled always returns 0x4e sys_budget_get
571 disabled always returns 0x4e sys_budget_set
572 - - sys_virtual_query
573 disabled always returns 0x4e sys_mdbg_call
574 - - sys_sblock_create
575 - - sys_sblock_delete
576 - - sys_sblock_enter
577 - - sys_sblock_exit
578 - - sys_sblock_xenter
579 - - sys_sblock_xexit
580 - - sys_eport_create
581 - - sys_eport_delete
582 - - sys_eport_trigger
583 - - sys_eport_open
584 - - sys_eport_close
585 - - sys_is_in_sandbox
586 - - sys_dmem_container
587 - - sys_get_authinfo
588 - - sys_mname
589 disabled always returns 0x4e sys_dynlib_dlopen
590 - - sys_dynlib_dlclose
591 - - sys_dynlib_dlsym
592 - - sys_dynlib_get_list
593 - - sys_dynlib_get_info
594 - - sys_dynlib_load_prx
595 - - sys_dynlib_unload_prx
596 - - sys_dynlib_do_copy_relocations
597 - - sys_dynlib_prepare_dlclose
598 - - sys_dynlib_get_proc_param
599 - - sys_dynlib_process_needed_and_relocate
600 - - sys_sandbox_path
601 - - sys_mdbg_service
602 - - sys_randomized_path
603 - - sys_rdup
604 - - sys_dl_get_metadata
605 - - sys_workaround8849
606 - - sys_is_development_mode
607 - - sys_get_self_auth_info
608 - - sys_dynlib_get_info_ex
609 disabled always returns 0x4e sys_budget_getid
610 disabled always returns 0x4e sys_budget_get_ptype
611 - - sys_get_paging_stats_of_all_threads
612 - - sys_get_proc_type_info
613 - - sys_get_resident_count
614 - - sys_prepare_to_suspend_process
615 - - sys_get_resident_fmem_count
616 - - sys_thr_get_name
617 - - sys_set_gpo