API tools faq
paste
Advertisement
Al-Azif

Patches755-Kernel.cpp

Al-Azif
Jan 13th, 2021
3,235
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C++ 4.97 KB | None | 0 0
raw download clone embed print report
  1. // This is an open source non-commercial project. Dear PVS-Studio, please check it.
  2. // PVS-Studio Static Code Analyzer for C, C++, C#, and Java: http://www.viva64.com
  3.  
  4. #include <Boot/Patches.hpp>
  5.  
  6. /*
  7.     Please, please, please!
  8.     Keep patches consistent with the used patch style for readability.
  9. */
  10. void Mira::Boot::Patches::install_prerunPatches_755()
  11. {
  12. #if MIRA_PLATFORM == MIRA_PLATFORM_ORBIS_BSD_755
  13.     // You must assign the kernel base pointer before anything is done
  14.     if (!gKernelBase)
  15.         return;
  16.  
  17.     // Use "kmem" for all patches
  18.     uint8_t *kmem;
  19.  
  20.     // Enable UART
  21.     kmem = (uint8_t *)&gKernelBase[0x01564910];
  22.     kmem[0] = 0x00;
  23.  
  24.     // Verbose Panics
  25.     kmem = (uint8_t *)&gKernelBase[0x0046D11E];
  26.     kmem[0] = 0x90;
  27.     kmem[1] = 0x90;
  28.     kmem[2] = 0x90;
  29.     kmem[3] = 0x90;
  30.     kmem[4] = 0x90;
  31.  
  32.     // sceSblACMgrIsAllowedSystemLevelDebugging
  33.     kmem = (uint8_t *)&gKernelBase[0x003644B0];
  34.     kmem[0] = 0xB8;
  35.     kmem[1] = 0x01;
  36.     kmem[2] = 0x00;
  37.     kmem[3] = 0x00;
  38.     kmem[4] = 0x00;
  39.     kmem[5] = 0xC3;
  40.  
  41.     kmem = (uint8_t *)&gKernelBase[0x00364CD0];
  42.     kmem[0] = 0xB8;
  43.     kmem[1] = 0x01;
  44.     kmem[2] = 0x00;
  45.     kmem[3] = 0x00;
  46.     kmem[4] = 0x00;
  47.     kmem[5] = 0xC3;
  48.  
  49.     kmem = (uint8_t *)&gKernelBase[0x00364CF0];
  50.     kmem[0] = 0xB8;
  51.     kmem[1] = 0x01;
  52.     kmem[2] = 0x00;
  53.     kmem[3] = 0x00;
  54.     kmem[4] = 0x00;
  55.     kmem[5] = 0xC3;
  56.  
  57.     // Enable rwx mapping
  58.     kmem = (uint8_t *)&gKernelBase[0x001754AC];
  59.     kmem[0] = 0x07;
  60.  
  61.     kmem = (uint8_t *)&gKernelBase[0x001754B4];
  62.     kmem[0] = 0x07;
  63.  
  64.     // Patch copyin/copyout: Allow userland + kernel addresses in both params
  65.     // copyin
  66.     kmem = (uint8_t *)&gKernelBase[0x0028FA47];
  67.     kmem[0] = 0x90;
  68.     kmem[1] = 0x90;
  69.  
  70.     kmem = (uint8_t *)&gKernelBase[0x0028FA53];
  71.     kmem[0] = 0x90;
  72.     kmem[1] = 0x90;
  73.     kmem[2] = 0x90;
  74.  
  75.     // copyout
  76.     kmem = (uint8_t *)&gKernelBase[0x0028F952];
  77.     kmem[0] = 0x90;
  78.     kmem[1] = 0x90;
  79.  
  80.     kmem = (uint8_t *)&gKernelBase[0x0028F95E];
  81.     kmem[0] = 0x90;
  82.     kmem[1] = 0x90;
  83.     kmem[2] = 0x90;
  84.  
  85.     // Enable MAP_SELF
  86.     kmem = (uint8_t *)&gKernelBase[0x00364D40];
  87.     kmem[0] = 0xB8;
  88.     kmem[1] = 0x01;
  89.     kmem[2] = 0x00;
  90.     kmem[3] = 0x00;
  91.     kmem[4] = 0x00;
  92.     kmem[5] = 0xC3;
  93.  
  94.     kmem = (uint8_t *)&gKernelBase[0x00364D60];
  95.     kmem[0] = 0xB8;
  96.     kmem[1] = 0x01;
  97.     kmem[2] = 0x00;
  98.     kmem[3] = 0x00;
  99.     kmem[4] = 0x00;
  100.     kmem[5] = 0xC3;
  101.  
  102.     kmem = (uint8_t *)&gKernelBase[0x000DCED1];
  103.     kmem[0] = 0x31;
  104.     kmem[1] = 0xC0;
  105.     kmem[2] = 0x90;
  106.     kmem[3] = 0x90;
  107.     kmem[4] = 0x90;
  108.  
  109.     // Patch copyinstr
  110.     kmem = (uint8_t *)&gKernelBase[0x0028FEF3];
  111.     kmem[0] = 0x90;
  112.     kmem[1] = 0x90;
  113.  
  114.     kmem = (uint8_t *)&gKernelBase[0x0028FEFF];
  115.     kmem[0] = 0x90;
  116.     kmem[1] = 0x90;
  117.     kmem[2] = 0x90;
  118.  
  119.     // Patch memcpy stack
  120.     kmem = (uint8_t *)&gKernelBase[0x0028F80D];
  121.     kmem[0] = 0xEB;
  122.  
  123.     // ptrace patches
  124.     kmem = (uint8_t *)&gKernelBase[0x00361CF5];
  125.     kmem[0] = 0xEB;
  126.  
  127.     // second ptrace patch
  128.     kmem = (uint8_t *)&gKernelBase[0x003621CF];
  129.     kmem[0] = 0xE9;
  130.     kmem[1] = 0x7C;
  131.     kmem[2] = 0x02;
  132.     kmem[3] = 0x00;
  133.     kmem[4] = 0x00;
  134.  
  135.     // setlogin patch (for autolaunch check)
  136.     kmem = (uint8_t *)&gKernelBase[0x0037CF6C];
  137.     kmem[0] = 0x48;
  138.     kmem[1] = 0x31;
  139.     kmem[2] = 0xC0;
  140.     kmem[3] = 0x90;
  141.     kmem[4] = 0x90;
  142.  
  143.     // Patch to remove vm_fault: fault on nofault entry, addr %llx
  144.     kmem = (uint8_t *)&gKernelBase[0x003DF2A6];
  145.     kmem[0] = 0x90;
  146.     kmem[1] = 0x90;
  147.     kmem[2] = 0x90;
  148.     kmem[3] = 0x90;
  149.     kmem[4] = 0x90;
  150.     kmem[5] = 0x90;
  151.  
  152.     // Patch mprotect: Allow RWX (mprotect) mapping
  153.     kmem = (uint8_t *)&gKernelBase[0x003014C8];
  154.     kmem[0] = 0x90;
  155.     kmem[1] = 0x90;
  156.     kmem[2] = 0x90;
  157.     kmem[3] = 0x90;
  158.     kmem[4] = 0x90;
  159.     kmem[5] = 0x90;
  160.  
  161.     // flatz disable pfs signature check
  162.     kmem = (uint8_t *)&gKernelBase[0x006DD9A0];
  163.     kmem[0] = 0x31;
  164.     kmem[1] = 0xC0;
  165.     kmem[2] = 0xC3;
  166.  
  167.     // flatz enable debug RIFs
  168.     kmem = (uint8_t *)&gKernelBase[0x00668140];
  169.     kmem[0] = 0xB0;
  170.     kmem[1] = 0x01;
  171.     kmem[2] = 0xC3;
  172.  
  173.     kmem = (uint8_t *)&gKernelBase[0x00668170];
  174.     kmem[0] = 0xB0;
  175.     kmem[1] = 0x01;
  176.     kmem[2] = 0xC3;
  177.  
  178.     // Enable *all* debugging logs (in vprintf)
  179.     // Patch by: SiSTRo
  180.     kmem = (uint8_t *)&gKernelBase[0x0026F827];
  181.     kmem[0] = 0xEB;
  182.     kmem[1] = 0x3B;
  183.  
  184.     // flatz allow mangled symbol in dynlib_do_dlsym
  185.     kmem = (uint8_t *)&gKernelBase[0x000271A7];
  186.     kmem[0] = 0x90;
  187.     kmem[1] = 0x90;
  188.     kmem[2] = 0x90;
  189.     kmem[3] = 0x90;
  190.     kmem[4] = 0x90;
  191.     kmem[5] = 0x90;
  192.  
  193.     // Enable mount for unprivileged user
  194.     kmem = (uint8_t *)&gKernelBase[0x00076385];
  195.     kmem[0] = 0x90;
  196.     kmem[1] = 0x90;
  197.     kmem[2] = 0x90;
  198.     kmem[3] = 0x90;
  199.     kmem[4] = 0x90;
  200.     kmem[5] = 0x90;
  201.  
  202.     // patch suword_lwpid
  203.     // has a check to see if child_tid/parent_tid is in kernel memory, and it in so patch it
  204.     // Patch by: JOGolden
  205.     kmem = (uint8_t *)&gKernelBase[0x0028FD12];
  206.     kmem[0] = 0x90;
  207.     kmem[1] = 0x90;
  208.  
  209.     kmem = (uint8_t *)&gKernelBase[0x0028FD21];
  210.     kmem[0] = 0x90;
  211.     kmem[1] = 0x90;
  212.  
  213.     // Patch debug setting errors
  214.     kmem = (uint8_t *)&gKernelBase[0x004FF322];
  215.     kmem[0] = 0x00;
  216.     kmem[1] = 0x00;
  217.     kmem[2] = 0x00;
  218.     kmem[3] = 0x00;
  219.  
  220.     kmem = (uint8_t *)&gKernelBase[0x0050059C];
  221.     kmem[0] = 0x00;
  222.     kmem[1] = 0x00;
  223.     kmem[2] = 0x00;
  224.     kmem[3] = 0x00;
  225.  
  226. #endif
  227. }
  228.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!