Patches Update

src/Boot/Patches/Patches405.cpp

@@ -1,14 +1,12 @@
 #include <Boot/Patches.hpp>
 
-using namespace Mira::Boot;
-
 // Patches done by SiSTRo & Joonie
 
 /*
 	Please, please, please!
 	Keep patches consistent with the used patch style for readability.
 */
-void Patches::install_prerunPatches_405() 
+void Mira::Boot::Patches::install_prerunPatches_405() 
 {
 #if MIRA_PLATFORM == MIRA_PLATFORM_ORBIS_BSD_405
 	// You must assign the kernel base pointer before anything is done
@@ -30,14 +28,45 @@ void Patches::install_prerunPatches_405()
 	kmem[3] = 0x90;
 	kmem[4] = 0x90;
 
+	// sceSblACMgrIsAllowedSystemLevelDebugging
+	kmem = (uint8_t *)&gKernelBase[0x0035FE40];
+	kmem[0] = 0xB8;
+	kmem[1] = 0x01;
+	kmem[2] = 0x00;
+	kmem[3] = 0x00;
+	kmem[4] = 0x00;
+	kmem[5] = 0xC3;
+	kmem[6] = 0x90;
+	kmem[7] = 0x90;
+
+	kmem = (uint8_t *)&gKernelBase[0x00360570];
+	kmem[0] = 0xB8;
+	kmem[1] = 0x01;
+	kmem[2] = 0x00;
+	kmem[3] = 0x00;
+	kmem[4] = 0x00;
+	kmem[5] = 0xC3;
+	kmem[6] = 0x90;
+	kmem[7] = 0x90;
+
+	kmem = (uint8_t *)&gKernelBase[0x00360590];
+	kmem[0] = 0xB8;
+	kmem[1] = 0x01;
+	kmem[2] = 0x00;
+	kmem[3] = 0x00;
+	kmem[4] = 0x00;
+	kmem[5] = 0xC3;
+	kmem[6] = 0x90;
+	kmem[7] = 0x90;
+
 	// Enable rwx mapping
-	kmem = (uint8_t*)&gKernelBase[0x0036958D];
+	kmem = (uint8_t *)&gKernelBase[0x0036958D];
 	kmem[0] = 0x07;
 
-	kmem = (uint8_t*)&gKernelBase[0x003695A5];
+	kmem = (uint8_t *)&gKernelBase[0x003695A5];
 	kmem[0] = 0x07;
 
-	// Patch copy(in/out)
+	// Patch copyin/copyout to allow userland + kernel addresses in both params
 	kmem = (uint8_t *)&gKernelBase[0x00286E21];
 	kmem[0] = 0x90;
 	kmem[1] = 0x90;
@@ -47,13 +76,28 @@ void Patches::install_prerunPatches_405()
 	kmem[1] = 0x90;
 
 	// Enable MAP_SELF
-	kmem = (uint8_t *)&gKernelBase[0x0031EE40];
-	kmem[0] = 0x90;
-	kmem[1] = 0xE9;
-
-	kmem = (uint8_t *)&gKernelBase[0x0031EF98];
-	kmem[0] = 0x90;
-	kmem[1] = 0x90;
+	kmem = (uint8_t *)&gKernelBase[0x003605F0];
+	kmem[0] = 0xB8;
+	kmem[1] = 0x01;
+	kmem[2] = 0x00;
+	kmem[3] = 0x00;
+	kmem[4] = 0x00;
+	kmem[5] = 0xC3;
+
+	kmem = (uint8_t *)&gKernelBase[0x00360600];
+	kmem[0] = 0xB8;
+	kmem[1] = 0x01;
+	kmem[2] = 0x00;
+	kmem[3] = 0x00;
+	kmem[4] = 0x00;
+	kmem[5] = 0xC3;
+
+	kmem = (uint8_t *)&gKernelBase[0x0031EE37];
+	kmem[0] = 0x31;
+	kmem[1] = 0xC0;
+	kmem[2] = 0x90;
+	kmem[3] = 0x90;
+	kmem[4] = 0x90;
 
 	// Patch copyinstr
 	kmem = (uint8_t *)&gKernelBase[0x0028718D];
@@ -65,20 +109,82 @@ void Patches::install_prerunPatches_405()
 	kmem[1] = 0x90;
 
 	// ptrace patches
-	kmem = (uint8_t *)&gKernelBase[0x000AC31E];
+	kmem = (uint8_t *)&gKernelBase[0x000AC2F1];
+	kmem[0] = 0xEB;
+
+	// second ptrace patch
+	kmem = (uint8_t *)&gKernelBase[0x000AC612];
+	kmem[0] = 0xE9;
+	kmem[1] = 0x08;
+	kmem[2] = 0x01;
+	kmem[3] = 0x00;
+	kmem[4] = 0x00;
+
+	// setlogin patch (for autolaunch check)
+	kmem = (uint8_t *)&gKernelBase[0x0008822C];
+	kmem[0] = 0x48;
+	kmem[1] = 0x31;
+	kmem[2] = 0xC0;
+	kmem[3] = 0x90;
+	kmem[4] = 0x90;
+
+	// Patch to remove vm_fault: fault on nofault entry, addr %llx
+	kmem = (uint8_t *)&gKernelBase[0x000C6991];
 	kmem[0] = 0x90;
 	kmem[1] = 0x90;
 	kmem[2] = 0x90;
 	kmem[3] = 0x90;
 	kmem[4] = 0x90;
 	kmem[5] = 0x90;
 
-	// setlogin patch (for autolaunch check)
-	kmem = (uint8_t *)&gKernelBase[0x0008822C];
-	kmem[0] = 0x48;
-	kmem[1] = 0x31;
-	kmem[2] = 0xC0;
+	// patch mprotect to allow RWX (mprotect) mapping 4.05
+	kmem = (uint8_t *)&gKernelBase[0x004423E9];
+	kmem[0] = 0x90;
+	kmem[1] = 0x90;
+	kmem[2] = 0x90;
+	kmem[3] = 0x90;
+	kmem[4] = 0x90;
+	kmem[5] = 0x90;
+
+	// flatz disable pfs signature check
+	kmem = (uint8_t *)&gKernelBase[0x0068E990];
+	kmem[0] = 0x31;
+	kmem[1] = 0xC0;
+	kmem[2] = 0xC3;
+	kmem[3] = 0x90;
+
+	// flatz enable debug RIFs
+	kmem = (uint8_t *)&gKernelBase[0x00620B20];
+	kmem[0] = 0xB0;
+	kmem[1] = 0x01;
+	kmem[2] = 0xC3;
+	kmem[3] = 0x90;
+
+	kmem = (uint8_t *)&gKernelBase[0x00620B40];
+	kmem[0] = 0xB0;
+	kmem[1] = 0x01;
+	kmem[2] = 0xC3;
+	kmem[3] = 0x90;
+
+	// Enable *all* debugging logs (in vprintf)
+	kmem = (uint8_t *)&gKernelBase[0x00347665];
+	kmem[0] = 0xEB;
+	kmem[1] = 0x13;
+
+	// Enable mount for unprivileged user
+	kmem = (uint8_t *)&gKernelBase[0x00201556];
+	kmem[0] = 0x90;
+	kmem[1] = 0x90;
+	kmem[2] = 0x90;
 	kmem[3] = 0x90;
 	kmem[4] = 0x90;
+	kmem[5] = 0x90;
+
+	// patch suword_lwpid
+	// has a check to see if child_tid/parent_tid is in kernel memory, and it in so patch it
+	kmem = (uint8_t *)&gKernelBase[0x00287074];
+	kmem[0] = 0x90;
+	kmem[1] = 0x90
+
 #endif
-}
+}

src/Boot/Patches/Patches455.cpp

@@ -26,17 +26,14 @@ void Mira::Boot::Patches::install_prerunPatches_455()
 	kmem = (uint8_t *)&gKernelBase[0x01997BC8];
 	kmem[0] = 0x00;
 
-	// Verbose Panics patch
+	// Verbose Panics
 	// Done by WildCard
 	kmem = (uint8_t *)&gKernelBase[0x003DBDC7];
 	kmem[0] = 0x90;
 	kmem[1] = 0x90;
 	kmem[2] = 0x90;
 	kmem[3] = 0x90;
 	kmem[4] = 0x90;
-	//kmem[5] = 0x65;
-	//kmem[6] = 0x8B;
-	//kmem[7] = 0x34;
 
 	// sceSblACMgrIsAllowedSystemLevelDebugging
 	kmem = (uint8_t *)&gKernelBase[0x00169E00];
@@ -70,11 +67,11 @@ void Mira::Boot::Patches::install_prerunPatches_455()
 	kmem[7] = 0x90;
 
 	// Enable rwx mapping
-	// Done By WildCard
-	kmem = (uint8_t*)&gKernelBase[0x0016ED8C];
+	// Done by WildCard
+	kmem = (uint8_t *)&gKernelBase[0x0016ED8C];
 	kmem[0] = 0x07;
 
-	kmem = (uint8_t*)&gKernelBase[0x0016EDA2];
+	kmem = (uint8_t *)&gKernelBase[0x0016EDA2];
 	kmem[0] = 0x07;
 
 	// Patch copyin/copyout to allow userland + kernel addresses in both params
@@ -129,13 +126,16 @@ void Mira::Boot::Patches::install_prerunPatches_455()
 
 	// ptrace patches
 	// Done by WildCard
-	kmem = (uint8_t *)&gKernelBase[0x0017D2EE];
-	kmem[0] = 0x90;
-	kmem[1] = 0x90;
-	kmem[2] = 0x90;
-	kmem[3] = 0x90;
-	kmem[4] = 0x90;
-	kmem[5] = 0x90;
+	kmem = (uint8_t *)&gKernelBase[0x0017D2C1];
+	kmem[0] = 0xEB;
+
+	// second ptrace patch
+	kmem = (uint8_t *)&gKernelBase[0x0017D636];
+	kmem[0] = 0xE9;
+	kmem[1] = 0x15;
+	kmem[2] = 0x01;
+	kmem[3] = 0x00;
+	kmem[4] = 0x00;
 
 	// setlogin patch (for autolaunch check)
 	kmem = (uint8_t *)&gKernelBase[0x00116B9C];
@@ -146,7 +146,7 @@ void Mira::Boot::Patches::install_prerunPatches_455()
 	kmem[4] = 0x90;
 
 	// Patch to remove vm_fault: fault on nofault entry, addr %llx
-	kmem = (uint8_t*)&gKernelBase[0x0029F45E];    
+	kmem = (uint8_t *)&gKernelBase[0x0029F45E];
 	kmem[0] = 0x90;
 	kmem[1] = 0x90;
 	kmem[2] = 0x90;
@@ -185,8 +185,8 @@ void Mira::Boot::Patches::install_prerunPatches_455()
 
 	// Enable *all* debugging logs (in vprintf)
 	// Patch by: SiSTRo (ported by kiwidog)
-	kmem = (uint8_t*)&gKernelBase[0x0001801A];
-	kmem[0] = 0xEB; // jmp +0x3b
+	kmem = (uint8_t *)&gKernelBase[0x0001801A];
+	kmem[0] = 0xEB;
 	kmem[1] = 0x39;
 
 	// Enable mount for unprivileged user
@@ -201,13 +201,13 @@ void Mira::Boot::Patches::install_prerunPatches_455()
 	// patch suword_lwpid
 	// has a check to see if child_tid/parent_tid is in kernel memory, and it in so patch it
 	// Patch by: JOGolden
-
 	kmem = (uint8_t *)&gKernelBase[0x0014AB92];
 	kmem[0] = 0x90;
 	kmem[1] = 0x90;
 
 	kmem = (uint8_t *)&gKernelBase[0x0014ABA1];
 	kmem[0] = 0x90;
 	kmem[1] = 0x90;
+
 #endif
 }

src/Boot/Patches/Patches474.cpp

@@ -1,12 +1,10 @@
 #include <Boot/Patches.hpp>
 
-using namespace Mira::Boot;
-
 /*
 	Please, please, please!
 	Keep patches consistent with the used patch style for readability.
 */
-void Patches::install_prerunPatches_474()
+void Mira::Boot::Patches::install_prerunPatches_474()
 {
 #if MIRA_PLATFORM == MIRA_PLATFORM_ORBIS_BSD_474
 	// You must assign the kernel base pointer before anything is done
@@ -17,7 +15,7 @@ void Patches::install_prerunPatches_474()
 	uint8_t *kmem;
 
 	// Enable UART
-	kmem = (uint8_t *)&gKernelBase[0x0199FC18]; //based on 5.01 patch
+	kmem = (uint8_t *)&gKernelBase[0x0199FC18];
 	kmem[0] = 0x00;
 
 	// Verbose Panics
@@ -27,9 +25,6 @@ void Patches::install_prerunPatches_474()
 	kmem[2] = 0x90;
 	kmem[3] = 0x90;
 	kmem[4] = 0x90;
-	kmem[5] = 0x65;
-	kmem[6] = 0x8B;
-	kmem[7] = 0x34;
 
 	// sceSblACMgrIsAllowedSystemLevelDebugging
 	kmem = (uint8_t *)&gKernelBase[0x00169060];
@@ -112,17 +107,20 @@ void Patches::install_prerunPatches_474()
 	kmem[1] = 0x90;
 
 	// Patch memcpy stack
-	kmem = (uint8_t *)&gKernelBase[0x00149D4D];//ok
+	kmem = (uint8_t *)&gKernelBase[0x00149D4D];
 	kmem[0] = 0xEB;
 
 	// ptrace patches
-	kmem = (uint8_t *)&gKernelBase[0x0017C54E];//based on 4.55
-	kmem[0] = 0x90;
-	kmem[1] = 0x90;
-	kmem[2] = 0x90;
-	kmem[3] = 0x90;
-	kmem[4] = 0x90;
-	kmem[5] = 0x90;
+	kmem = (uint8_t *)&gKernelBase[0x0017C521];
+	kmem[0] = 0xEB;
+
+	// second ptrace patch
+	kmem = (uint8_t *)&gKernelBase[0x0017C896];
+	kmem[0] = 0xE9;
+	kmem[1] = 0x15;
+	kmem[2] = 0x01;
+	kmem[3] = 0x00;
+	kmem[4] = 0x00;
 
 	// setlogin patch (for autolaunch check)
 	kmem = (uint8_t *)&gKernelBase[0x0011622C];
@@ -133,7 +131,7 @@ void Patches::install_prerunPatches_474()
 	kmem[4] = 0x90;
 
 	// Patch to remove vm_fault: fault on nofault entry, addr %llx
-	kmem = (uint8_t*)&gKernelBase[0x002A160E];    
+	kmem = (uint8_t *)&gKernelBase[0x002A160E];
 	kmem[0] = 0x90;
 	kmem[1] = 0x90;
 	kmem[2] = 0x90;
@@ -172,8 +170,8 @@ void Patches::install_prerunPatches_474()
 
 	// Enable *all* debugging logs (in vprintf)
 	// Patch by: SiSTRo (ported by kiwidog)
-	kmem = (uint8_t*)&gKernelBase[0x0001801A]; // This needs to be verified
-	kmem[0] = 0xEB; // jmp +0x3b
+	kmem = (uint8_t *)&gKernelBase[0x0001801A];
+	kmem[0] = 0xEB;
 	kmem[1] = 0x39;
 
 	// Enable mount for unprivileged user
@@ -188,7 +186,6 @@ void Patches::install_prerunPatches_474()
 	// patch suword_lwpid
 	// has a check to see if child_tid/parent_tid is in kernel memory, and it in so patch it
 	// Patch by: JOGolden
-
 	kmem = (uint8_t *)&gKernelBase[0x0014A222];
 	kmem[0] = 0x90;
 	kmem[1] = 0x90;