SceSblSsSmComm is a kernel module that is primary responsible for sending F00D commands.
Module
Known NIDs
Version |
Name |
World |
Privilege |
NID
|
1.69 |
SceSblSsSmComm |
Non-secure |
Kernel |
0xA6A2A041
|
3.60 |
SceSblSsSmComm |
? |
Kernel |
0xBB4B5D92
|
Libraries
Known NIDs
SceSblSmCommForKernel
sceSblSmCommStopSm
Version |
NID
|
1.69 |
0x0631F8ED
|
3.60 |
0x0631F8ED
|
typedef struct sm_comm_pair
{
uint32_t unk_0;
uint32_t unk_4;
}sm_comm_pair;
int sceSblSmCommStopSm(int id, sm_comm_pair* res);
sceSblSmCommStartSm1
Version |
NID
|
1.69 |
0x992BB9DB
|
3.60 |
0x039C73B1
|
char hardcoded_data[0x90] =
{
0x01,0x00,0x00,0x00, 0x00,0x00,0x08,0x28,
0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,
0x80,0x00,0x00,0x00, 0xC0,0x00,0xF0,0x00,
0x00,0x00,0x00,0x00, 0xFF,0xFF,0xFF,0xFF,
0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,
0x80,0x09,0x80,0x03, 0x00,0x00,0xC3,0x00,
0x00,0x00,0x80,0x09, 0x80,0x00,0x00,0x00,
0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00, 0xFF,0xFF,0xFF,0xFF,
0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,
};
typedef struct sm_comm_ctx_130
{
uint32_t unk_0;
uint32_t unk_1; // 2
char data0[0x90]; //hardcoded data
char data1[0x90];
uint32_t unk_128; // 2
uint32_t unk_12C;
};
int sceSblSmCommStartSm1(int num0, char* elf_data, int elf_size, int num1, sm_comm_ctx_130* ctx_130, int* id);
sceSblSmCommStartSm2
Version |
NID
|
3.60 |
0x7863A0CC
|
int sceSblSmCommStartSm2(int num0, char* elf_path, int num1, sm_comm_ctx_130* ctx_130, int* id);
sceSblSmCommCallFunc
Version |
NID
|
1.69 |
0xDB9FC204
|
3.60 |
0xDB9FC204
|
sm_comm_context is described more here
f00d_resp comes from Request Buffer from offset 0x08
gc_param is generated by game card and has value 0x01
typedef struct sm_comm_context //size is 0x814
{
int unk_0; // 1
int gc_command;
char gc_buffer[0x800];
int gc_param;
int length;
int unk_810; // 0
};
int sceSblSmCommCallFunc(int id, int command_id, int* f00d_resp, sm_comm_context* buffer, int size);
SceSblSsSmComm
sceSblSmCommStopSm
Version |
NID
|
1.69 |
0x631F8ED
|
sceSblSmCommStartSm_
Version |
NID
|
1.69 |
0x992BB9DB
|
sceSblSmCommCallFunc
Version |
NID
|
1.69 |
0xDB9FC204
|