HEN Issue

1. My 3 comments below explain the issue, particularly the last comment. How can we write to the protected segment on HEN? We can on DEX with the debug syscall.
2.  
3.  
4. void PatchInJump(int Address, int Destination){
5.     int FuncBytes[4];
6.     Destination = *(int*)Destination;
7.     FuncBytes[0] = 0x3D600000 + ((Destination >> 16) & 0xFFFF);
8.     if(Destination & 0x8000) FuncBytes[0] += 1;
9.     FuncBytes[1] = 0x396B0000 + (Destination & 0xFFFF);
10.     FuncBytes[2] = 0x7D6903A6;
11.     FuncBytes[3] = 0x4E800420;
12.     Memcpy((void*)Address, FuncBytes, 4*4);//This will work, writing to an address within the eboot due to cobra enabling write on the code segment. Also syscall 8 write works.
13. }
14.  
15. void hookFunctionStart(int Address, int saveStub, int Destination){ //Works on every game
16.     saveStub = *(int*)saveStub;
17.     int BranchtoAddress = Address + (4*4);
18.     int StubData[8];
19.     StubData[0] = 0x3D600000 + ((BranchtoAddress >> 16) & 0xFFFF);
20.     if(BranchtoAddress & 0x8000) StubData[0] += 1;
21.     StubData[1] = 0x396B0000 + (BranchtoAddress & 0xFFFF);
22.     StubData[2] = 0x7D6903A6;
23.     Memcpy(&StubData[3], (void*)Address, 4*4);//This will work with normal write or syscall 8 because StubData is in a writeable segment of the sprx
24.     StubData[7] = 0x4E800420;
25.     Memcpy((void*)saveStub, StubData, 8*4);//This will fail. saveStub is in the code segment of the sprx, and cobra does not enable write on it. Syscall 8 will also not work. The only way to do this is with dex debug write. Is there any way to fix this to work on HEN/CEX?
26.     PatchInJump(Address, Destination);
27. }