ps5-kstuff: fix missing copy_to_kernel of authinfo

sleirsgoevy · Oct 4, 2023 · e6c15ef · e6c15ef
1 parent c9b47b1
commit e6c15ef
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 2 deletions.
diff --git a/ps5-kstuff/uelf/fself.c b/ps5-kstuff/uelf/fself.c
@@ -76,8 +76,6 @@ extern char decryptMultipleSelfBlocks_watchpoint_lr[];
 extern char decryptMultipleSelfBlocks_epilogue[];
 extern char mini_syscore_header[];
 
-extern char kdata_base[];
-
 static void set_dbgregs_for_watchpoint(uint64_t* regs, const uint64_t* dbgregs, size_t frame_size)
 {
     uint64_t buf[frame_size/8 + 6];
@@ -226,6 +224,7 @@ int try_handle_fself_trap(uint64_t* regs)
                 else
                     p_authinfo = s_auth_info_for_exec;
             }
+            copy_to_kernel(regs[R8], p_authinfo, 0x88);
             pop_stack(regs, &regs[RIP], 8);
             regs[RAX] = 0;
             copy_to_kernel(regs[RDI] + 62, &(const uint16_t[1]){0xdeb7}, 2);

diff --git a/ps5-kstuff/uelf/main.c b/ps5-kstuff/uelf/main.c
@@ -150,6 +150,8 @@ void handle(uint64_t* regs)
         return;
     else if(handle_fself_parasites(regs))
         return;
+    else if(handle_unsorted_parasites(regs))
+        return;
     else if(try_handle_fpkg_trap(regs))
         return;
     else if(try_handle_syscall_fix_trap(regs))

diff --git a/ps5-kstuff/uelf/parasites.h b/ps5-kstuff/uelf/parasites.h
@@ -39,3 +39,19 @@ static int handle_fself_parasites(uint64_t* regs)
     return 0;
 #endif
 }
+
+static int handle_unsorted_parasites(uint64_t* regs)
+{
+#ifndef FREEBSD
+    if(regs[RIP] == (uint64_t)kdata_base - 0x479a0e)
+    {
+        regs[RAX] |= 0xffffull << 48;
+        regs[R15] |= 0xffffull << 48;
+    }
+    else
+        return 0;
+    return 1;
+#else
+    return 0;
+#endif
+}