SceSysmem: Difference between revisions

From Vita Development Wiki
Jump to navigation Jump to search
Line 833: Line 833:


#define SCE_KERNEL_PROCESS_ID_SELF 0 // Current running process ID is always 0.
#define SCE_KERNEL_PROCESS_ID_SELF 0 // Current running process ID is always 0.
typedef struct SceKernelPhyMemPart { // size is at least 0x9C on FW 0.931
    undefined field_0x0;
    undefined field_0x1;
    undefined field_0x2;
    undefined field_0x3;
    undefined field_0x4;
    undefined field_0x5;
    undefined field_0x6;
    undefined field_0x7;
    undefined field_0x8;
    undefined field_0x9;
    undefined field_0xa;
    undefined field_0xb;
    undefined4 field_0xc;
    char *name;
    int type;
    int mutex;
    undefined4 field_0x1c;
    SceSize psize;
    int field_0x24;
    int pRoot;
    undefined field_0x2c;
    undefined field_0x2d;
    undefined field_0x2e;
    undefined field_0x2f;
    undefined field_0x30;
    undefined field_0x31;
    undefined field_0x32;
    undefined field_0x33;
    undefined field_0x34;
    undefined field_0x35;
    undefined field_0x36;
    undefined field_0x37;
    undefined field_0x38;
    undefined field_0x39;
    undefined field_0x3a;
    undefined field_0x3b;
    int status;
    int pindex40; //1
    int field_0x44;
    int pindex48; //2
    int field_0x4c;
    int pindex50; //3
    int field_0x54;
    int pindex58; //4
    int field_0x5c;
    int pindex60; //5
    int field_0x64;
    int pindex68; //6
    int field_0x6c;
    int pindex70; //7
    int field_0x74;
    int pindex78; //8
    int field_0x7c;
    int pindex80; //9
    int field_0x84;
    int min;
    int pindex8C; //10
    int field_0x90;
    int nClient;
    undefined4 freeSize;
} SceKernelPhyMemPart;
// SceKernelPhyMemPart type: 0x10000 for Lpddr2Main, 0x30000 for Cdram
</source>
</source>



Revision as of 00:05, 4 January 2020

SceSysmem is a kernel module that acts as the heart of the kernel. It exports multiple libraries for various features. SceSysmem is the first module that is loaded in the kernel load sequence and its libraries are imported by almost all other modules. See Virtual Memory and Physical Memory for more details on the memory subsystem.

Module

This module exists in both non-secure and secure world. The non-secure world SELF can be found in os0:kd/sysmem.skprx. It also can be found in the Boot Image.

Known NIDs

Version Name World Privilege NID
1.50 SceSysmem Non-secure Kernel 0x78D8AA34
1.69 SceSysmem Non-secure Kernel 0xB93950C6
3.57 SceSysmem Non-secure Kernel 0x00CFDC77
3.60-3.61 SceSysmem Non-secure Kernel 0x3380B323
1.69 SceSysmem Secure Kernel 0x502BE0E5
1.80 SceSysmem Secure Kernel 0x72425377

Libraries

Known NIDs

Version Name World Visibility NID
1.50-3.60 SceSysmemForKernel Non-secure Kernel 0x63A519E5
1.50-3.60 SceSysmemForDriver Non-secure Kernel 0x6F25E18A
1.50-1.692 SceSysmemForDebugger Non-secure Kernel 0xC7309957
1.50-3.60 SceSysmem Non-secure User 0x37FE725A
1.50-3.60 SceDipsw Non-secure User 0xB36D5922
1.50-3.60 SceDipswForDriver Non-secure Kernel 0xC9E26388
1.50-3.60 SceUartForKernel Non-secure Kernel 0xC03DBE40
1.50-3.60 SceCpu Non-secure User 0x45265161
1.50-3.60 SceCpuForKernel Non-secure Kernel 0x54BF2BAB
1.50-3.60 SceCpuForDriver Non-secure Kernel 0x40ECDB0E
1.50-1.69 SceSysclibForKernel Non-secure Kernel 0x24878615
3.60 SceSysclibForKernel Non-secure Kernel removed
1.50-3.60 SceSysclibForDriver Non-secure Kernel 0x7EE45391
1.50-3.60 SceSysrootForKernel Non-secure Kernel 0x3691DA45
1.50-3.60 SceSysrootForDriver Non-secure Kernel 0x2ED7F97A
1.50-3.60 SceKernelUtilsForDriver Non-secure Kernel 0x496AD8B4
1.50-3.60 SceZlibForDriver Non-secure Kernel 0xE241534E
1.50-3.60 SceKernelSuspendForDriver Non-secure Kernel 0x7290B21C
1.50-3.60 SceQafMgrForDriver Non-secure Kernel 0x4E29D3B6
1.50-3.60 ScePmMgrForDriver Non-secure Kernel 0xF13F32F9
1.50-3.60 SceSblAIMgrForDriver Non-secure Kernel 0xFD00C69A
1.50-3.60 SceProcEventForDriver Non-secure Kernel 0x887F19D0
1.50-3.60 SceDebugLed Non-secure User 0xAE004C0A
1.50-3.60 SceDebugLedForDriver Non-secure Kernel 0x7BC05EAD
1.50-3.60 SceDebugForKernel Non-secure Kernel 0x88C17370
1.50-3.60 SceDebugForDriver Non-secure Kernel 0x88758561
1.69-1.80 SceSysmemForTZS Secure Kernel 0x8680060
1.69-1.80 SceDipswForTZS Secure Kernel 0x9DBF584C
1.80 SceUartForTZS Secure Kernel 0xA1D740D7
1.80 SceDebugForTZS Secure Kernel 0x028FFADB
1.69-1.80 SceCpuForTZS Secure Kernel 0xC516B23E
1.69-1.80 SceSysclibForTZS Secure Kernel 0xC839BB78
1.69-1.80 SceSysrootForTZS Secure Kernel 0xFEFF641D
1.69-1.80 SceQafMgrForTZS Secure Kernel 0x637069DD
1.69-1.80 ScePmMgrForTZS Secure Kernel 0x27F1AFD8
1.69-1.80 SceSblAIMgrForTZS Secure Kernel 0x60D19047

Types

typedef int threadmgr_core_ctx;

typedef struct tctx_holder {
  int unk0;
  int unk4;
  int unk8;
  int unkC;
  int unk10;
  int unk14;
  int unk18;
  int unk1C;
  int unk20;
  int unk24;
  int unk28;
  int unk2C;
  int unk30;
  threadmgr_core_ctx *tctx_34;
} tctx_holder;

typedef struct callback_holder1 {
  int unk0;
  int (*unk4)(void);
  int (*unk8)(void);
  int (*unkC)(void);
  int unk10;
  int unk14;
  int unk18;
  int unk1C;
  int (*unk20)(void);
  int unk24;
  int unk28;
  int unk2C;
  int unk30;
  int unk34;
  int unk38;
  int (*unk3C)(void);
} callback_holder1;

typedef struct callback_holder2 {
  int size;
  int (__cdecl *unk4)(int result, int *a2);
  int (__cdecl *unk8)(SceUID *a1);
  int (__cdecl *unkC)(int, int *);
  int (__cdecl *sceKernelGetSelfAuthInfoForKernel)(SceUID pid, SceSelfAuthInfo* self_info);
  int (__cdecl *sceKernelGetProcessTitleIdForKernel)(SceUID pid, char *titleid, size_t len);
  int (__cdecl *unk18)(unsigned int a1);
  int (__cdecl *unk1c)(int a1);
} callback_holder2;

typedef struct callback_holder3 {
  int unk0;
  int (*unk4)(void);
  int (*unk8)(void);
  int (__fastcall *unkC)(int);
  int (__fastcall *unk10)(int);
  int (*unk14)(void);
} callback_holder3;

typedef struct sysbase_t {
  tctx_holder *hldr[6];
  char unk[84];
  char *sysroot_buffer;
  int unk70;
  char unk74[616];
  char unk2dc[52];
  int unk310;
  int unk314;
  int unk318;
  int unk31C;
  int unk320;
  int unk324;
  int unk328;
  int unk32C;
  int unk330;
  int unk334;
  int unk338;
  int unk33C;
  int unk340;
  int (__cdecl *GetThreadAccessLevel)();
  int unk348;
  int (*unk34C_some_callback1)(void);
  callback_holder3 *unk350;
  int unk354;
  callback_holder1 *unk358;
  callback_holder2 *unk35C;
  int (*unk360)(void);
  int (*unk364)(void);
  int (__fastcall *unk368)(int, int, int);
  char unk36C[20];
  int (__cdecl *sceSblLicMgrGetLicenseStatusForDriver)();
  int (__cdecl *SceSblPostSsMgrForDriver_22599675)();
  int (__cdecl *SceSblPostSsMgrForDriver_9b49c249)();
  int (__cdecl *SceSblPostSsMgrForDriver_d8a2d465)(unsigned long long);
  int (__cdecl *SceSblPostSsMgrForDriver_abdd68cd)(void *);
  int (__cdecl *sceSblUtMgrHasNpTestFlagForDriver)();
  int (*SceSblUpdateMgr_smth)(void);
  int (*ScePower_smth)(void);
} sysbase_t;

typedef struct sysbase360_t {
	int unk_0x00; // 0
	void *unk_0x04;
	SceSize sysbase_size; // 3.60:0x41C
	uint32_t sysbase_magic1;
	int unk_0x10; // 0
	int unk_0x14; // 0x400
	void *unk_0x18;
	int unk_0x1C; // 0x4
	void *unk_0x20;
	int unk_0x24; // 0
	int unk_0x28; // 0x10
	int unk_0x2C; // 0x1

	int unk_0x30; // 0x40004
	int unk_0x34; // 0
	int unk_0x38; // 0
	void *unk_0x3C;

	void *unk_0x40;
	void *unk_0x44; // SceExcpmgr data vaddr?
	void *unk_0x48; // SceKernelIntrMgr data vaddr?
	void *unk_0x4C;

	void *unk_0x50;
	int unk_0x54; // 0
	void *unk_0x58;
	int unk_0x5C; // 0

	int unk_0x60; // 0
	int unk_0x64; // 0
	int unk_0x68; // 0
	SceBootArgs *KblParam; // old name is sysroot buff

	int unk_0x70; // 0x51030100, paddr?
	int unk_0x74; // 0x80000115
	int unk_0x78; // 0
	int unk_0x7C; // 0x115

	int unk_0x80; // 0x10200
	int unk_0x84; // 0x704
	int unk_0x88; // 0x2800D000
	int unk_0x8C; // 0

	int unk_0x90; // 0x5
	int unk_0x94; // 0
	int unk_0x98; // 0
	int unk_0x9C; // 0

	int unk_0xA0[0x18]; // 0
	int unk_0x100[0x34]; // 0

	int unk_0x1D0; // 0
	int unk_0x1D4; // func ptr?, paddr:0x51003581
	int unk_0x1D8; // 0
	int (* sceKernelSysrootMountDummyTtypDevFs)(void);		// SceIofilemgr + 0x1
	int unk_0x1E0[0x8]; // 0
	int unk_0x200[0x14]; // 0

	int unk_0x250; // 0
	int (* sceKernelSysrootPowerTriggerFlag0x10000)(int a1);	// Temp name, ScePower + 0x21F5
	int unk_0x258; // 0
	int unk_0x25C; // 0

	int unk_0x260[0xC]; // 0

	int unk_0x290; // 0
	int (* sceKernelSysrootDisplayRev1)();				// SceDisplay + 0x1
	int unk_0x298; // 0
	int (* sceKernelSysrootMsifStart)(void);			// SceMsif + 0x3811

	int unk_0x2A0; // 0
	int (* sceKernelSysrootPowerRev1)();				// Temp name, ScePower + 0x7BCD
	int unk_0x2A8; // 0
	int (* sceKernelSysrootPowerTriggerFlag0x10000_2)(void);	// Temp name, ScePower + 0x218D

	int unk_0x2B0; // 0
	int (* sceKernelSysrootPowerEnableSubIntr)(void);		// Temp name, ScePower + 0x5B51
	int unk_0x2B8; // 0
	int unk_0x2BC; // 0

	int unk_0x2C0[0x4]; // 0

	int unk_0x2D0; // 0
	int (* sceKernelSysrootThreadFunction1)(void);			// Temp name, SceKernelThreadMgr + 0x4D85
	int (* sceKernelSysrootIofilemgrStart)(void);			// SceIofilemgr + 0x3E5
	void *unk_0x2DC;

	void *unk_0x2E0;
	void *unk_0x2E4;
	void *unk_0x2E8;
	void *unk_0x2EC;

	void *unk_0x2F0;
	void *unk_0x2F4;
	void *unk_0x2F8;
	void *unk_0x2FC;

	void *unk_0x300;
	void *unk_0x304;
	int unk_0x308; // 0x10001
	void *unk_0x30C;

	void *unk_0x310;
	void *unk_0x314;
	void *unk_0x318;
	int unk_0x31C; // 0

	void *unk_0x320;
	void *unk_0x324;
	SceUID (* sceKernelSysrootGetThreadId)(void);				// Temp name, SceKernelThreadMgr + 0x895
	int (* sceKernelSysrootGetThreadFunction3)(void);			// Temp name, SceKernelThreadMgr + 0xC79,  SceThreadmgrForDriver_91382762

	SceUID (* sceKernelSysrootGetProcessId)(void);				// Temp name, SceKernelThreadMgr + 0x8A9
	int (* sceKernelSysrootGetThreadFunction4)(void);			// Temp name, SceKernelThreadMgr + 0x8D1
	int (* sceKernelSysrootGetThreadFunction5)(void);			// Temp name, SceKernelThreadMgr + 0x8ED
	int (* sceKernelSysrootGetThreadFunction6)(void);			// Temp name, SceKernelThreadMgr + 0x90D

	void (* sceKernelSysrootGetThreadFunction7);				// Temp name, SceKernelThreadMgr + 0xE69
	int (* sceKernelSysrootGetThreadFunction8)(void);			// Temp name, SceKernelThreadMgr + 0x8BD, SceThreadmgrForDriver_332E127C
	int (* sceKernelSysrootThreadFunction9)(int a1, int a2, int a3);	// Temp name, SceKernelThreadMgr + 0x2541
	int (* sceKernelSysrootThreadFunction10)(int a1);			// Temp name, SceKernelThreadMgr + 0xC99, SceThreadmgrForDriver_AB977C72

	void *unk_0x350;
	int unk_0x354; // 0xFFFFFFFF
	void *unk_0x358;
	void *unk_0x35C;

	int unk_0x360;
	int (* sceKernelSysrootGetBusError)(void *dst, uint32_t len);		// SceKernelBusError + 0x23, SceBusErrorForKernel_EBB1F135
	int (* sceKernelSysrootAppMgrFunction1)(int a1, int a2, int a3, int a4, int a5, int a6); // SceAppMgr + 0x2795, SceAppMgrForDriver_324DD34E
	SceUID (* sceKernelSysrootGetShellPid)(void);	// SceAppMgr + 0x101F9, SceAppMgrForDriver_2FEACA9F

	void *unk_func_0x370;				// SceCoredump + 0x7109, SceCoredumpForDriver_A7D214A7
	void *unk_func_0x374;				// SceCoredump + 0x74F9, SceCoredumpForDriver_340856F7
	void *unk_func_0x378;				// SceCoredump + 0x132ED, SceCoredumpForDriver_EF20949F
	int unk_0x37C; // 0

	void *unk_func_0x380;				// SceSblPostSsMgr + 0x9001, sceSblLicMgrGetLicenseStatusForDriver
	int (* unk_func_0x384)(void);			// SceSblPostSsMgr + 0xB005, SceSblPostSsMgrForDriver_22599675, get flag
	int (* unk_func_0x388)(void);			// SceSblPostSsMgr + 0xB011, SceSblPostSsMgrForDriver_9B49C249, get flag
	void *unk_func_0x38C;				// SceSblPostSsMgr + 0xB4ED, SceSblPostSsMgrForDriver_D8A2D465

	void *unk_func_0x390;				// SceSblPostSsMgr + 0xB111, sceSblUtMgrGetTrilithiumBufferForDriver
	int (* sceKernelSysrootHasNpTestFlag)(void);	// SceSblPostSsMgr + 0xB01D
	void *unk_func_0x398;				// SceSblUpdateMgr + 0x8B01
	int (* sceKernelSysrootLedSetMode)(int led, int mode, void *led_configuration); // ScePower + 0x7C05

	void *unk_0x3A0;
	int unk_0x3A4; // 0
	int unk_0x3A8; // 0
	int unk_0x3AC; // 0

	int unk_0x3B0[0x4]; // 0

	int unk_0x3C0; // 0
	int unk_0x3C4; // 0
	int unk_0x3C8; // 0
	void *unk_func_0x3CC; // SceNetPs + 0x3E51, SceNetPsForDriver_83A12CCC

	void *unk_func_0x3D0; // SceNetPs + 0x3F4D, SceNetPsForDriver_C000CA8F
	int unk_0x3D4; // 0
	int unk_0x3D8; // 0
	void *unk_func_0x3DC; // SceNetPs + 0x3E51, SceNetPsForDriver_83A12CCC

	void *unk_func_0x3E0; // SceNetPs + 0x3F4D, SceNetPsForDriver_C000CA8F
	int (* sceKernelSysrootAppMgrFunction3)(int a1, int a2); // SceAppMgr + 0x9F49
	int (* sceKernelSysrootAppMgrFunction4)(int a1, int a2); // SceAppMgr + 0x9EED
	int (* sceKernelSysrootAppMgrFunction5)(int a1);	 // SceAppMgr + 0x9D31

	void *unk_func_0x3F0; // ScePfsMgr + 0x1, ScePfsMgrForKernel_4C148288
	void *unk_0x3F4;
	void *unk_0x3F8;
	int unk_0x3FC; // 0

	int unk_0x400[0x6]; // 0
	uint32_t sysbase_magic2;
} sysbase360_t;

typedef struct SceKernelFreeMemorySizeInfo {
	SceSize size;
	SceSize sizeMain;
	SceSize sizeCdram;
	SceSize sizePhycont;
} SceKernelFreeMemorySizeInfo;

typedef int (*SceClassCallback)(void *item);

typedef struct SceClassInfo_0990 { // size is 0x10 on 0.990
	SceSize size; // Size of this structure
	struct SceClass *next;
	struct SceClass *root; // to confirm
	struct SceClass *prev; // to confirm
} SceClassInfo_0990;

typedef struct SceClass { // size is 0x2C
	struct SceClass *next;				// 0x00
	struct SceClass *root;				// 0x04
	struct SceClass *prev;				// 0x08
	const char *name;				// 0x0C
	struct SceClass *uid_class;			// 0x10
	unsigned int attr;				// 0x14
	unsigned short item_size;			// 0x18
	unsigned short unk_1A;				// 0x1A
	SceClassCallback constructor;			// 0x1C
	SceClassCallback destructor;			// 0x20
	const unsigned int magic;			// 0x24 - 0xABCE9DA5
	SceClassCallback allocMethod;			// 0x28
} SceClass;

typedef struct SceKernelObject { // size is at least 0x24
	void *pObject;			// 0x0
	SceClass pClass;		// 0x4
	uint32_t type;			// 0x8
	uint16_t lcount;		// 0xC
	uint16_t ucount;		// 0xE
	uint16_t ccount;		// 0x10
	uint32_t unk_12;		// 0x12 - 0x54c3
	uint16_t unk_16;		// 0x16
	uint32_t uid;			// 0x18
	char unk_1C[4];			// 0x1C
	const char *name;		// 0x20
	uint32_t indexRaw;		// 0x24
} SceKernelObject;

/** @name Memory types that can be specified with sceKernelAllocMemBlock
 */
/*@{*/

/**
 * @brief User readable / writable LPDDR2 memory
 *
 * This type secures a readable / writable memory block in user space.
 */
#define SCE_KERNEL_MEMBLOCK_TYPE_USER_RW			0x0c20d060U

#define SCE_KERNEL_MEMBLOCK_TYPE_USER_RWDATA			SCE_KERNEL_MEMBLOCK_TYPE_USER_RW

/**
 * @brief User readable / writable LPDDR2 non-cache memory
 *
 * A type to secure a memory block on LPDDR2 that is readable
 * and writable in user space and does not use cache.
 */
#define SCE_KERNEL_MEMBLOCK_TYPE_USER_NC_RW			0x0c208060U

/**
 * @brief An alias for SCE_KERNEL_MEMBLOCK_TYPE_USER_NC_RW.
 */
#define SCE_KERNEL_MEMBLOCK_TYPE_USER_RW_UNCACHE		SCE_KERNEL_MEMBLOCK_TYPE_USER_NC_RW

/**
 * @brief An alias for SCE_KERNEL_MEMBLOCK_TYPE_USER_NC_RW.
 */
#define SCE_KERNEL_MEMBLOCK_TYPE_USER_RWDATA_UNCACHE		SCE_KERNEL_MEMBLOCK_TYPE_USER_RW_UNCACHE

/**
 * @brief User readable and writable LPDDR2 physical continuous memory
 *
 * A type that can read and write in user space and secure
 * memory blocks from the physical continuous memory area.
 */
#define SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_PHYCONT_RW		0x0c80d060U

/**
 * @brief User-readable and non-cacheable physical continuous memory
 *
 * A type for on-cacheable read / write in user space and to secure
 * memory blocks from the physical continuous memory area.
 */
#define SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_PHYCONT_NC_RW	0x0d808060U

/**
 * @brief User-readable and non-cacheable CDRAM memory
 *
 * A type that can be read and written in user space and secures
 * memory blocks on CDRAM.
 */
#define SCE_KERNEL_MEMBLOCK_TYPE_USER_CDRAM_RW			0x09408060U

/**
 * @brief An alias for SCE_KERNEL_MEMBLOCK_TYPE_USER_CDRAM_RW.
 */
#define SCE_KERNEL_MEMBLOCK_TYPE_USER_CDRAM_RWDATA		SCE_KERNEL_MEMBLOCK_TYPE_USER_CDRAM_RW

/*@}*/

/**
 * @brief A type representing a memory type
 *
 * A type that represents the type of memory block secured by sceKernelAllocMemBlock.
 */
typedef int		SceKernelMemoryType;

/**
 * @brief Memory block information structure
 *
 * A structure for obtaining information about memory blocks. Size is 0x14 bytes on FW 0.990.
 */
typedef struct SceKernelMemBlockInfo0990 {
	SceSize				size;			/**< Size of the structure itself */
	void				*mappedBase;		/**< Map base address */
	SceSize				mappedSize;		/**< Mapped size */
	SceKernelMemoryType		memoryType;		/**< Memory type */
	SceUInt32			access;			/**< Access right */
} SceKernelMemBlockInfo0990;

/**
 * @brief Memory block information structure
 *
 * A structure for obtaining information about memory blocks. Size is 0x18 bytes on FW 0.996+.
 */
typedef struct SceKernelMemBlockInfo {
	SceSize				size;			/**< Size of the structure itself */
	void				*mappedBase;		/**< Map base address */
	SceSize				mappedSize;		/**< Mapped size */
	SceKernelMemoryType		memoryType;		/**< Memory type */
	SceUInt32			access;			/**< Access right */
	SceKernelMemBlockType		type;			/**< Memory block type */
} SceKernelMemBlockInfo;

typedef struct SceKernelMemBlockInfoExDetails {
  SceKernelMemBlockType type;
  int unk4;
  char *name;
  int unkC;
  int unk10;
  int memblock_some_size;
  int extraLow;
  int extraHigh;
  int unk20;
  int unk24;
  SceKernelObject *SceUIDPhyMemPartClass_obj;
} SceKernelMemBlockInfoExDetails;

typedef struct SceKernelMemBlockInfoEx { // size is 0xAC on FW 0.990, 0xB8 on FW 3.60
  SceSize size;
  SceKernelMemBlockInfoExDetails details;
  int unk30;
  int unk34;
  int unk38;
  int unk3C;
  int unk40;
  int unk44;
  int unk48;
  int unk4C;
  int unk50;
  int unk54;
  int unk58;
  int unk5C;
  int unk60;
  int unk64;
  int unk68;
  int unk6C;
  int unk70;
  int unk74;
  int unk78;
  int unk7C;
  int unk80;
  int unk84;
  int unk88;
  int unk8C;
  int unk90;
  int unk94;
  int unk98;
  int unk9C;
  int unkA0;
  int unkA4;
  int unkA8;
  int unkAC;
  int unkB0;
  int unkB4;
} SceKernelMemBlockInfoEx;

/*----- memory access permission -----*/

/**
 * @brief readable memory
 */
#define SCE_KERNEL_MEMORY_ACCESS_R		0x04U

/**
 * @brief writable memory
 */
#define SCE_KERNEL_MEMORY_ACCESS_W		0x02U

/**
 * @brief executable memory (kernel only)
 */
#define SCE_KERNEL_MEMORY_ACCESS_X		0x01U

/*----- memory type -----*/

/**
 * @brief uncache normal memory
 */
#define SCE_KERNEL_MEMORY_TYPE_NORMAL_NC	0x80

/**
 * @brief cache normal memory
 */
#define SCE_KERNEL_MEMORY_TYPE_NORMAL		0xD0

/**
 * Optional parameter of sceKernelAllocMemBlock for FW <=0.940.
 */
 typedef struct SceKernelAllocMemBlockOpt0940 {
	SceSize		size;
	SceUInt32	attr;
	SceSize		alignment;			/**< alignment */
	SceUID		uidBaseBlock;			/**< base memory block */
	const char	*strBaseBlockName;
} SceKernelAllocMemBlockOpt0940;

/**
 * Option parameter of sceKernelAllocMemBlock
 */
 typedef struct SceKernelAllocMemBlockOpt {
	/**
	 * Size of this structure
	 */
	SceSize		size;

	/**
	 * Attributes field.
	 */
	SceUInt32	attr;

	/**
	 * Specify alignment.
	 * SCE_KERNEL_ALLOC_MEMBLOCK_ATTR_HAS_ALIGNMENT must be set for the attr member.
	 */
	SceSize		alignment;

	/**
	 * reserved
	 */
	 SceUInt32	reserved;

	/**
	 * reserved2
	 */
	const char	*strBaseBlockName;

#if 0
	/**
	 * mapped base address [out]
	 */
	void		*mappedBase;

	/**
	 * mapped size [out]
	 */
	SceSize		mappedSize;

	/**
	 * memory type [out]
	 */
	SceKernelMemoryType	memoryType;

	SceUInt32	access;
#endif
} SceKernelAllocMemBlockOpt;

/**
 * Option parameter of kernel sceKernelAllocMemBlock on old FWs
 */
typedef struct SceKernelAllocMemBlockOptKernel_old {
    SceSize size;			// 0x28 on 0.910, 0x2C on 0.910, 0x30 on 0.990, 0x34 on ?.??
    SceUInt32 field_4;
    SceUInt32 attr;
    SceUInt32 field_C;
    SceUInt32 paddr;
    SceSize alignment;
    SceUInt32 extraLow;
    SceUInt32 extraHigh;
    SceUInt32 base;
    SceUID pid;
    SceKernelPAVector *paddr_list;
    SceUInt32 field_2C;
    SceUInt32 field_30;
} SceKernelAllocMemBlockOptKernel_old;

/**
 * Option parameter of kernel sceKernelAllocMemBlock on recent FWs (as seen on FW 3.60)
 */
typedef struct SceKernelAllocMemBlockOptKernel {
	SceSize size;			// 0x58 on 3.60
	SceUInt32 field_4;
	SceUInt32 attr;
	SceUInt32 field_C;
	SceUInt32 paddr;
	SceSize alignment;
	SceUInt32 extraLow;
	SceUInt32 extraHigh;
	SceUInt32 base;
	SceUID pid;
	SceKernelPAVector *paddr_list;
	SceUInt32 field_2C;
	SceUInt32 field_30;
	SceUInt32 field_34;
	SceUInt32 field_38;
	SceUInt32 field_3C;
	SceUInt32 field_40;
	SceUInt32 field_44;
	SceUInt32 field_48;
	SceUInt32 field_4C;
	SceUInt32 field_50;
	SceUInt32 field_54;
} SceKernelAllocMemBlockOptKernel;

/**
 * Attributes to enable some SceKernelAllocMemBlockOpt members.
 */
#define SCE_KERNEL_ALLOC_MEMBLOCK_ATTR_HAS_PADDR		0x00000002 // to check
#define SCE_KERNEL_ALLOC_MEMBLOCK_ATTR_HAS_ALIGNMENT		0x00000004
#define SCE_KERNEL_ALLOC_MEMBLOCK_ATTR_HAS_BASE			0x00000040
#define SCE_KERNEL_ALLOC_MEMBLOCK_ATTR_HAS_PID			0x00000080 // to check
#define SCE_KERNEL_ALLOC_MEMBLOCK_ATTR_HAS_BASENAME		0x00000200
#define SCE_KERNEL_ALLOC_MEMBLOCK_ATTR_HAS_PADDR_LIST		0x00001000 // to check

/**
 * Memory area is physically continuous.
 */
#define SCE_KERNEL_ALLOC_MEMBLOCK_ATTR_PHYCONT			0x00200000

#define SCE_KERNEL_ALLOC_MEMBLOCK_ATTR_SHARE_PHYPAGE		0x01000000

/**
 * Allow partial operation. ?What does that mean?
 */
#define SCE_KERNEL_ALLOC_MEMBLOCK_ATTR_ALLOW_PARTIAL_OP		0x04000000

/**
 * UID is created by sceKernelOpen***()
 */
#define SCE_UID_ATTR_OPEN_FLAG			0x00080000U

typedef struct SceKernelHeapInfo { // size is 0xCC on FW 0.990
	SceSize size;			// Size of this structure
	char unk_4[0xC8];
} SceKernelHeapInfo;

typedef struct SceKernelHeapObject { // size is 0x40 on FW 0.990
	SceSize size;				// Size of this structure
	uint32_t unk_4;				// 0x4
	uint32_t unk_8;				// 0x8
	uint32_t unk_C;				// 0xC
	uint32_t unk_10;			// 0x10
	uint32_t unk_14;			// 0x14
	uint32_t unk_18;			// 0x18
	uint32_t unk_1C;			// 0x1C
	uint32_t unk_20;			// 0x20
	uint32_t unk_24;			// 0x24
	uint32_t unk_28;			// 0x28
	uint32_t unk_2C;			// 0x2C
	uint32_t unk_30;			// 0x30
	uint32_t magic;				// 0x34 - 0xD2BBDEC3
	uint32_t unk_38;			// 0x38
	uint32_t unk_3C;			// 0x3C
	uint32_t unk_40;			// 0x40
} SceKernelHeapObject;

typedef struct SceKernelFixedHeap { // size is 0x40 on FW 0.990
	SceSize size;				// Size of this structure
	SceClass pClass;			// 0x4
	uint32_t unk_8;				// 0x8
	uint32_t unk_C;				// 0xC
	uint32_t unk_10;			// 0x10
	uint32_t unk_14;			// 0x14
	uint32_t pageSize;			// 0x18 - min 0x1000 on FW 0.990
	uint16_t itemSize;			// 0x1C
	uint16_t unk_1E;			// 0x1E
	uint32_t unk_20;			// 0x20
	uint32_t unk_24;			// 0x24
	uint32_t magic;				// 0x28 - 0xFD9B28A6
	uint16_t sizeInWords;			// 0x2C
	uint16_t index;				// 0x2E
	SceKernelHeapObject *heapObject;	// 0x30
	uint32_t unk_34;			// 0x34
	uint32_t unk_38;			// 0x38
	uint16_t unk_3C;			// 0x3C
} SceKernelFixedHeap;

typedef struct SceKernelFixedHeapInfo { // size is 0x14 on FW 0.990
	SceSize size;			// Size of this structure
	uint32_t unk_4;			// = (uint32_t)*(uint16_t *)(pObject + 0x1C)
	uint32_t unk_8;			// = *(uint32_t *)(pObject + 0x18) + (uint32_t)*(uint16_t *)(pObject + 0x2E)
	uint32_t unk_C;			// = (uint32_t)*(uint16_t *)(pObject + 0x1E)
	uint32_t unk_10;		// = (uint32_t)*(uint16_t *)(pObject + 0x20)
} SceKernelFixedHeapInfo;

typedef struct SceKernelHeapMemoryOpt { // size is 0x14 on FW 0.990
	SceSize size;			// Size of this structure
	uint32_t unk_4;
	uint32_t unk_8;
	uint32_t unk_C;			// example: 0x20
	uint32_t unk_10;
} SceKernelHeapMemoryOpt;

typedef struct SceAddressSpace {
	char unk[0xDC];
	void *funcAlloc;
	char unk2[0x8];
	uint32_t magic;			// always 0x4d95aeec
} SceAddressSpace;

typedef struct SceKernelAddressSpace { // size is 0x10 bytes on FW 0.940
	SceSize size; // Size of this structure
	char[0xC] unk;
} SceKernelAddressSpace;

typedef struct SceKernelVARange {
	uint32_t vaddr;
	uint32_t length;
} SceKernelVARange;

typedef struct SceKernelPARange {
	uint32_t paddr;
	uint32_t length;
} SceKernelPARange;

typedef struct SceKernelPAVector {
	SceSize size;			// Size of this structure (0x14 on 0.990)
	uint32_t pRanges_size;		// Ex: 8
	uint32_t nDataInVector;		// Must be <= 8
	uint32_t count;
	SceKernelPARange *pRanges;
} SceKernelPAVector;

#define SCE_KERNEL_PROCESS_ID_SELF 0 // Current running process ID is always 0.

typedef struct SceKernelPhyMemPart { // size is at least 0x9C on FW 0.931
    undefined field_0x0;
    undefined field_0x1;
    undefined field_0x2;
    undefined field_0x3;
    undefined field_0x4;
    undefined field_0x5;
    undefined field_0x6;
    undefined field_0x7;
    undefined field_0x8;
    undefined field_0x9;
    undefined field_0xa;
    undefined field_0xb;
    undefined4 field_0xc;
    char *name;
    int type;
    int mutex;
    undefined4 field_0x1c;
    SceSize psize;
    int field_0x24;
    int pRoot;
    undefined field_0x2c;
    undefined field_0x2d;
    undefined field_0x2e;
    undefined field_0x2f;
    undefined field_0x30;
    undefined field_0x31;
    undefined field_0x32;
    undefined field_0x33;
    undefined field_0x34;
    undefined field_0x35;
    undefined field_0x36;
    undefined field_0x37;
    undefined field_0x38;
    undefined field_0x39;
    undefined field_0x3a;
    undefined field_0x3b;
    int status;
    int pindex40; //1
    int field_0x44;
    int pindex48; //2
    int field_0x4c;
    int pindex50; //3
    int field_0x54;
    int pindex58; //4
    int field_0x5c;
    int pindex60; //5
    int field_0x64;
    int pindex68; //6
    int field_0x6c;
    int pindex70; //7
    int field_0x74;
    int pindex78; //8
    int field_0x7c;
    int pindex80; //9
    int field_0x84;
    int min;
    int pindex8C; //10
    int field_0x90;
    int nClient;
    undefined4 freeSize;
} SceKernelPhyMemPart;

// SceKernelPhyMemPart type: 0x10000 for Lpddr2Main, 0x30000 for Cdram

SceKernelAllocMemBlockOpt.attr bitmask

Bitmask Uses
0x00000001 has_field_C
0x00000002 HAS_PADDR (10)
0x00000004 HAS_ALIGNMENT (14)
0x00000008 has_field_18
0x00000010 has_field_1C
0x00000040 HAS_BASE (20)
0x00000080 HAS_PID (24)
0x00000200 HAS_BASENAME (?)
0x00001000 HAS_PADDR_LIST (28)
0x00002000 has_field_2C
0x00010000 has_field_30

Memory Block Type

The type parameter indicates what kind of memory to allocate. Here is a mapping of type flags to ARM MMU flags. Higher bits are used for other options including where to allocate from. Not all flag values are valid, there is a table of valid types in the kernel. You cannot, for example, allocate RWX memory.

Mask Value Description
0x10000 0x10000 Global. nG bit NOT set
0xFF00 0x800 B bit set. Sharable device memory.
0xFF00 0x2000 TEX[2] and TEX[0] bit set. Outer cache Write-back, Write-Allocate. Inner cache non-cachable.
0xFF00 0x4000 TEX[2] and B bit set. Outer cache non-cachable. Inner cache Write-back, Write-Allocate
0xFF00 0x8000 TEX[0] bit set. S bit unset. Outer and inner non-cachable. Not sharable.
0xFF00 0xD000 TEX[0] bit set. C,B bits set. Outer and inner Write-back, Write-Allocate.
0xFF 0x4 AP[2:0] = 5, XN=1. Privileged RO, User NA.
0xFF 0x5 AP[2:0] = 5. Privileged RX, User NA.
0xFF 0x6 AP[2:0] = 1, XN=1. Privileged RW, User NA.
0xFF 0x7 AP[2:0] = 1. Privileged RWX, User NA. (Never used, 3.60 0x80024B01)
0xFF 0x50 AP[2:0] = 7. Privileged RX, User RX.
0xFF 0x60 AP[2:0] = 3, XN=1. Privileged RW, User RW.
0xFF 0x40 AP[2:0] = 7, XN=1. Privileged RO, User RO.
Mask Value Name
0x0F000000 0x09000000 SceKernelUserCdram
0x0F000000 0x0A000000 SceKernelUserShared
0x0F000000 0x0B000000 SceKernelUserIO
0x0F000000 0x0C000000 SceKernelUserMain
0x0F000000 0x0D000000 SceKernelUserUncache
0x0F000000 0x0E000000 SceKernelUserCDialog
0x0F000000 0x0F000000 SceKernelUserCDialogNC
type bits

mask
0x0000000F : only kernel
0x000000F0 : only user

RWXO bit
0 1 1 0
? R W X

RO type when both w bit and x bit are 0

memory device type(?)
mask : 0x00000F00
0x00000200 : SO
0x00000800 : DEVICE

memory cache type
mask : 0x0000F000
0x00002000 : No internal cache only
0x00004000 : No external cache only
0x00008000 : NORMAL_NC (uncache)
0x0000D000 : NORMAL (cache)

memory access type?
mask : 0x00F00000
0x00100000 : IO
0x00200000 : normal?
0x00400000 : CDRAM
0x00500000 : GAME
0x00800000 : PHYCONT
0x00A00000 : UNKNOWN
0x00F00000 : UNKNOWN

memory access type2?(only kernel)
mask : 0xF0000000
0x10000000 : normal?
0x20000000 : IO
0x40000000 : CDRAM
0x50000000 : CDRAM2
0x60000000 : TMP
0xA0000000 : GPU

SCE_KERNEL_MEMBLOCK_TYPE_USER_CDRAM_RW_UNCACHE_EXTERNAL 0x09404060
SCE_KERNEL_MEMBLOCK_TYPE_USER_CDRAM_RO_UNCACHE          0x09408040
SCE_KERNEL_MEMBLOCK_TYPE_USER_CDRAM_RW_UNCACHE          0x09408060
SCE_KERNEL_MEMBLOCK_TYPE_USER_CDRAM_RW                  0x09408060
SCE_KERNEL_MEMBLOCK_TYPE_USER_CDRAM_RWDATA              0x09408060

SCE_KERNEL_MEMBLOCK_TYPE_USER_DEVICE_RW                 0x0C200860
SCE_KERNEL_MEMBLOCK_TYPE_USER_NC_RW                     0x0C208060
SCE_KERNEL_MEMBLOCK_TYPE_USER_RW_UNCACHE                0x0C208060
SCE_KERNEL_MEMBLOCK_TYPE_USER_RWDATA_UNCACHE            0x0C208060
SCE_KERNEL_MEMBLOCK_TYPE_USER_RO                        0x0C20D040
SCE_KERNEL_MEMBLOCK_TYPE_USER_RW                        0x0C20D060
SCE_KERNEL_MEMBLOCK_TYPE_USER_RWDATA                    0x0C20D060
SCE_KERNEL_MEMBLOCK_TYPE_USER_GAME_RW                   0x0C50D060
SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_PHYCONT_RW           0x0C80D060
SCE_KERNEL_MEMBLOCK_TYPE_USER_UNKNOWN_RW_UNCACHE        0x0CA08060
SCE_KERNEL_MEMBLOCK_TYPE_USER_UNKNOWN_RW                0x0CA0D060
SCE_KERNEL_MEMBLOCK_TYPE_USER_UNKNOWN2_RW               0x0CF0D060

SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_PHYCONT_NC_RW        0x0D808060

SCE_KERNEL_MEMBLOCK_TYPE_USER_CDIALOG_RO_UNCACHE        0x0E208040
SCE_KERNEL_MEMBLOCK_TYPE_USER_CDIALOG_RX_UNCACHE        0x0E208050
SCE_KERNEL_MEMBLOCK_TYPE_USER_CDIALOG_RW_UNCACHE        0x0E208060
SCE_KERNEL_MEMBLOCK_TYPE_USER_CDIALOG_RO                0x0E20D040
SCE_KERNEL_MEMBLOCK_TYPE_USER_CDIALOG_RW                0x0E20D060

memory allocate test.

mem type mem size mem base
0x0C200860 0x200000 0x80100000
0x0C208060 0x200000 0x70000000
0x0C20D040 0x200000 0x85200000
0x0C20D060 0x200000 0x85200000
0x0C50D060 0x200000 0x85200000
0x0C80D060 0x200000 0x85200000
0x0CA08060 0x200000 0x70000000
0x0CA0D060 0x200000 0x85200000
0x0CF0D060 0x200000 error, Looks like a memory type to reserve a fairly large size memory
0x0D808060 0x200000 0x70000000
0x0E208040 0x200000 0x68000000
0x0E208050 0x200000 error, It seems that RX memory cannot be allocated from the user
0x0E208060 0x200000 0x68000000
0x0E20D040 0x200000 0xD0300000
0x0E20D060 0x200000 0xD0300000

Types to reverse

from 0.931:

kernel memory types:
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_SO_RW: 0x10200206
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_R: 0x1020d004
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_R_UNCACHE: 0x10208004
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_RW: 0x1020d006
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_RW_UNCACHE: 0x10208006
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_DEVICE_RW: 0x10200806
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_RX: 0x1020d005
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_RW_GAME: 0x1050d006
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_IO_RO: 0x20100804
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_IO_RW: 0x20100806
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_IO_SO_RO: 0x20100204
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_IO_SO_RW: 0x20100206
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_IO_NC_RO: 0x20108004
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_IO_NC_RW: 0x20108006
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_BOOT_IMAGE: 0x1020d007
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_CDRAM_RW: 0x40408006
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_CDRAM2_RW: 0x50408006
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_TMP
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_TMP_RW: 0x6020d006
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_GPU_CDRAM_RW: 0xa0408006

user memory types:
SCE_KERNEL_MEMBLOCK_TYPE_USER_KTMP*****: 0x620d006
SCE_KERNEL_MEMBLOCK_TYPE_USER_TEXT: 0xc20d050
SCE_KERNEL_MEMBLOCK_TYPE_USER_DEVICE_RW: ok
SCE_KERNEL_MEMBLOCK_TYPE_USER_RW: 0xc20d060
SCE_KERNEL_MEMBLOCK_TYPE_USER_RW_UNCACHE: 0xc208060
SCE_KERNEL_MEMBLOCK_TYPE_USER_CDRAM_RW: 0x9408060
SCE_KERNEL_MEMBLOCK_TYPE_USER_CDRAM2_RW: 0x5408060

code memory types:
SCE_KERNEL_MEMBLOCK_CODE_MEMORY_TYPE_L1WBWA: 0x4000
SCE_KERNEL_MEMBLOCK_CODE_MEMORY_TYPE_L2WBWA: 0x2000
SCE_KERNEL_MEMBLOCK_CODE_MEMORY_TYPE_NORMAL_NC

alloc attributes:
SCE_KERNEL_MEMBLOCK_ALLOC_ATTR_HAS_PBASE

from 0.990:

SCE_KERNEL_MEMBLOCK_CODE_MEMORY_TYPE_L1WBWA
SCE_KERNEL_MEMBLOCK_CODE_MEMORY_TYPE_L2WBWA
SCE_KERNEL_MEMBLOCK_CODE_USER_CDRAM_L1WBWA_RW

CDIALOG:
SCE_KERNEL_MEMBLOCK_TYPE_CDIALOG_NC_R

FREE:
SCE_KERNEL_MEMBLOCK_TYPE_FREE

KERNEL:
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_BOOT_IMAGE
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_CDRAM2_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_CDRAM_L1WBWA_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_CDRAM_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_DEVICE_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_GPU_CDRAM_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_IO_DEVICE_R
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_IO_DEVICE_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_IO_NC_R
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_IO_NC_RO
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_IO_NC_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_IO_RO
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_IO_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_IO_SO_R
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_IO_SO_RO
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_IO_SO_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_KMP_TOOL_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_R
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_R_UNCACHE
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_ROOT_CDIALOG_R
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_ROOT_CDIALOG_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_ROOT_DEVICE_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_ROOT_GAME_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_ROOT_NC_R
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_ROOT_NC_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_ROOT_PHYCONT_NC_R
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_ROOT_PHYCONT_NC_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_ROOT_PHYCONT_R
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_ROOT_PHYCONT_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_ROOT_R
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_ROOT_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_ROOT_RX
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_ROOT_SO_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_ROOT_UMAIN_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_RW_GAME
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_RW_UNCACHE
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_RX
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_SO_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_TMP_GAME_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_TMP_NC_R
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_TMP_NC_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_TMP_R
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_TMP_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_TOOL_NC_R
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_TOOL_NC_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_TOOL_R
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_TOOL_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_TOOL_RX

USER:
SCE_KERNEL_MEMBLOCK_TYPE_USER_CDIALOG_NC_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_CDIALOG_R
SCE_KERNEL_MEMBLOCK_TYPE_USER_CDIALOG_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_CDIALOG_RX
SCE_KERNEL_MEMBLOCK_TYPE_USER_CDRAM2_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_CDRAM_NC_R
SCE_KERNEL_MEMBLOCK_TYPE_USER_CDRAM_NC_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_CDRAM_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_IO_DEVICE_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_IO_SO_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_KTMP*****
SCE_KERNEL_MEMBLOCK_TYPE_USER_KTMP_NC_R
SCE_KERNEL_MEMBLOCK_TYPE_USER_KTMP_NC_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_KTMP_R
SCE_KERNEL_MEMBLOCK_TYPE_USER_KTMP_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_DEVICE_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_GAME_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_NC_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_PHYCONT_NC_R
SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_PHYCONT_NC_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_PHYCONT_R
SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_PHYCONT_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_R
SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_RX
SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_TOOL_NC_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_TOOL_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_TOOL_RX
SCE_KERNEL_MEMBLOCK_TYPE_USER_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_RW_UNCACHE
SCE_KERNEL_MEMBLOCK_TYPE_USER_SHARED_CDIALOG_R
SCE_KERNEL_MEMBLOCK_TYPE_USER_SHARED_CDIALOG_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_SHARED_CDIALOG_RX
SCE_KERNEL_MEMBLOCK_TYPE_USER_SHARED_MAIN_R
SCE_KERNEL_MEMBLOCK_TYPE_USER_SHARED_MAIN_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_SHARED_MAIN_RX
SCE_KERNEL_MEMBLOCK_TYPE_USER_SHARED_SHARED_R
SCE_KERNEL_MEMBLOCK_TYPE_USER_SHARED_SHARED_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_SHARED_SHARED_RX
SCE_KERNEL_MEMBLOCK_TYPE_USER_SHARED_TOOL_R
SCE_KERNEL_MEMBLOCK_TYPE_USER_SHARED_TOOL_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_SHARED_TOOL_RX
SCE_KERNEL_MEMBLOCK_TYPE_USER_TEXT

SceSysmemForKernel

sceKernelGetPhyPartKernelForKernel

Version NID
0.931-3.60 0x4D38F861

return gpPhyPartKernel;

int sceKernelGetPhyPartKernelForKernel(void);

sceKernelPhyMemLowAllocForKernel

Version NID
0.931-3.60 0x5E169FEF
// type must be 0x10001, 0x10002 or 0x20001
int sceKernelPhyMemLowAllocForKernel(int type, uint size, uint alignment, void *out);

sceKernelPhyMemLowPA2VAForKernel

Version NID
0.931-3.60 0x0FD6B756
// type must be 0x10002
int sceKernelPhyMemLowPA2VAForKernel(int type, void *PA, void **pVA);

sceKernelGetPhyMemLowInfoForKernel

Version NID
0.931-0.990 0x06A4DA6C
typedef struct SceKernelPhyMemLowInfo { // size is 0x1C on FW 0.931-0.990
	SceSize size;			// Size of this structure
	uint32_t unk_4;
	uint32_t unk_8;
	uint32_t unk_C;
	uint32_t unk_10;
	uint32_t unk_14;
	uint32_t unk_18;
} SceKernelPhyMemLowInfo;

// type must be 0x10001, 0x10002 or 0x20001

int sceKernelGetPhyMemLowInfoForKernel(int type, SceKernelPhyMemLowInfo *info);

sceKernelPhyMemLowFreeForKernel

Version NID
0.931-3.60 0x18B99FDD
// type must be 0x10001, 0x10002 or 0x20001
int sceKernelPhyMemLowFreeForKernel(int type);

SceSysmemForKernel_66636970

Version NID
0.990 0x66636970

Return *class.

int SceSysmemForKernel_66636970(SceUID uid);

SceSysmemForKernel_95ABFDC3

Version NID
0.990-3.60 0x95ABFDC3
int SceSysmemForKernel_95ABFDC3(uint32_t flags);

sceKernelRegisterClassForKernel

Version NID
0.990 0x11761B77

sceKernelAllocKernelHeapForKernel

Version NID
0.990 0x432EADA6
int sceKernelAllocKernelHeapForKernel(SceSize size);

sceUIDCreateEntryHeapForKernel

Version NID
0.990-3.60 0x19CAEF35
int sceUIDCreateEntryHeapForKernel(void);

sceUIDKernelCreateForKernel

Version NID
0.990 0xE6FAD50A

sceUIDObjectSetClassForKernel

Version NID
0.990 0x226DE851
int sceUIDObjectSetClassForKernel(SceKernelObject *pObject, SceClass *pClass);

sceGUIDGetEntryInfoAllForKernel

Version NID
0.990-3.60 0x2A79C51C
int sceGUIDGetEntryInfoAllForKernel(SceUID uid, void *vectors, uint32_t nVector, void *out);

sceGUIDNameForKernel

Version NID
0.990 0x250EE289
char *sceGUIDNameForKernel(SceUID uid);

sceGUIDRegisterForKernel

Version NID
0.990-3.60 0xAF42AAD5
int sceGUIDRegisterForKernel(SceClass *pClass, const char *name, SceKernelObject *pObject);

sceKernelGetAddressSpaceMMUContextForKernel

Version NID
0.990-3.60 0xFBEF93AA
int sceKernelGetAddressSpaceMMUContextForKernel(SceUID uid, void *context);

sceKernelAllocSimpleMemBlockForKernel

Version NID
0.990-3.60 0xF81F4672
typedef struct SceKernelSimpleMemBlock {
	char unk_0[0x14];
	void *base;
	char unk_18[0x14];
	void *PhyPage;
	SceSize size;
} SceKernelSimpleMemBlock;

int sceKernelAllocSimpleMemBlockForKernel(const char *name, SceKernelMemBlockType type, SceSize vsize, SceKernelSimpleMemBlock *smb);

sceKernelGetSimpleMemBlockBaseForKernel

Version NID
0.990-3.60 0x0A8D14EC
int sceKernelGetSimpleMemBlockBaseForKernel(SceKernelSimpleMemBlock *smb, void **base);

sceKernelAddressSpaceVARangeToPAVectorForKernel

Version NID
0.990-3.60 0xF7250E6C
int sceKernelAddressSpaceVARangeToPAVectorForKernel(SceUID uid, const SceKernelVARange *vRange, SceKernelPAVector *pVector);

sceKernelGetPhyMemPartInfoByIDForKernel

Version NID
0.931-3.60 0xF4FA0575
typedef struct SceKernelPhyMemPartInfo { // size is 0x44 on FW 0.931
  SceSize size;   // Size of this structure
  char unk[0x40];
} SceKernelPhyMemPartInfo;

int sceKernelGetPhyMemPartInfoByIDForKernel(SceUID id, SceKernelPhyMemPartInfo *pInfo);

sceKernelCreatePhyMemPartByPbaseForKernel

Version NID
0.931-3.60 0x63D83911
// type: 0x10000 for Lpddr2Main, 0x30000 for Cdram
int sceKernelCreatePhyMemPartByPbaseForKernel(uint32_t param_1, int type, int param_3, uint32_t size, void *out);

sceKernelDeletePhyMemPartForKernel

Version NID
0.931-3.60 0x2AEA9E09
int sceKernelDeletePhyMemPartForKernel(SceKernelPhyMemPart *pPhyMemPart);

sceKernelGetPhyMemPartAllForKernel

Version NID
0.931-3.60 0x2F6F9C2C
int sceKernelGetPhyMemPartAllForKernel(int param_1, int param_2, void *pCountInBuffer);

sceKernelGetPhyMemPartInfoForKernel

Version NID
0.931-0.990 0x67849418
3.60 not present
int sceKernelGetPhyMemPartInfoForKernel(SceKernelPhyMemPart *pPhyMemPart, SceKernelPhyMemPartInfo *pInfo);

sceUIDDeleteEntryHeapForKernel

Version NID
0.990-3.60 0xF0C3FCFC
int sceUIDDeleteEntryHeapForKernel(SceUID uid);

sceGUIDUnregisterForKernel

Version NID
0.931-0.990 0xE79BBCF2
int sceGUIDUnregisterForKernel(SceUID uid);

sceGUIDGetEntryInfoClassForKernel

Version NID
0.990-3.60 0xE90CFD62
int sceGUIDGetEntryInfoClassForKernel(SceUID uid, int a2, void *vectors, int nVector, void *out);

sceKernelGetPhyPageResetForKernel

Version NID
0.990-3.60 0xEB350679
void *sceKernelGetPhyPageResetForKernel(void);

sceKernelFreePhyPageForKernel

Version NID
0.990-3.60 0x00BC5B4A
int sceKernelFreePhyPageForKernel(uint32_t a1, int pPage, uint32_t a3, uint32_t a4);

sceKernelNameHeapInsertForKernel

Version NID
0.990-3.60 0x08AB3DAE
int sceKernelNameHeapInsertForKernel(char *name, uint32_t flags, uint32_t *out);

scePUIDReleaseObjectForKernel

Version NID
3.60 0x3FCA782B

scePUIDGetInfoForKernel

Version NID
3.60 0x12ED88AE

sceGUIDGetEntryForKernel

Version NID
3.60 0x45F2A59C

sceGUIDGetVisibilityLevelForKernel

Version NID
3.60 0xC69666C3

sceGUIDSetVisibilityLevelForKernel

Version NID
3.60 0xCB8D03C0

sceGUIDFindByNameForKernel

Version NID
3.60 0xCEBA8031

sceGUIDFindByNameAllForKernel

Version NID
3.60 0x4B5C85AC

sceGUIDGetPIDForKernel

Version NID
3.60 0xCF5A2311

sceGUIDSetCNOAForKernel

Version NID
3.60 0x8D6AF468

sceGUIDSetForKernel

Version NID
0.931-3.60 0xD7B323EB
int sceGUIDSetForKernel(SceUID uid, SceClass *pClass, const char *name, SceKernelObject *pObject);

sceUIDGetProcUIDVectorByClassForKernel

Version NID
0.990 0x51C08396
3.60 not present

sceUIDReferObjectWithLevelForKernel

Version NID
0.990 0xF79B52B2
3.60 not present

sceKernelPhysicalMemWriteForKernel

Version NID
0.931 0x4B86A751
3.60 not present
int sceKernelPhysicalMemWriteForKernel(void *dest, const void *src, SceSize size);

sceKernelPhysicalMemReadForKernel

Version NID
0.931-0.990 0xF96E3AE2
3.60 not present

Temp name was memcpy_from_paddr.

dest must be a vaddr and src must be a paddr. Return copied size on success.

int sceKernelPhysicalMemReadForKernel(void *dest, const void *src, SceSize dest_size, SceSize src_size);

sceKernelAllocPartitionMemBlockForKernel

Version NID
0.990-3.60 0x5FFE4B79

Temp name was sceKernelAllocSystemCallTableForKernel.

SceUID sceKernelAllocPartitionMemBlockForKernel(SceUID pid, const char *name, SceKernelMemBlockType type, SceSize vsize, const struct SceKernelAllocMemBlockOptKernel *pOpt);

sceKernelUIDEntryHeapGetInfoForKernel

Version NID
0.990 not present
3.60 0x686AA15C

sceUIDEntryHeapCloseAllPUIDForKernel

Version NID
0.990-3.60 0xFAF96C1F
int sceUIDEntryHeapCloseAllPUIDForKernel(SceUID uid);

sceKernelNameHeapGetInfoForKernel

Version NID
0.990 not present
3.60 0xE443253B

sceKernelGetFixedHeapInfoByPointerForKernel

Version NID
0.990-3.60 0x219E90FD
// pObject is of size 0x30
// pObject first 4 bytes are structure size
int sceKernelGetFixedHeapInfoByPointerForKernel(void *pObject, SceKernelFixedHeapInfo *pInfo);

sceKernelGetHeapInfoByPointerForKernel

Version NID
0.990 not present
3.60 0x68451777
int sceKernelGetHeapInfoByPointerForKernel(void *pObject, SceKernelHeapInfo *pInfo);

sceKernelGetHeapInfoForKernel

Version NID
0.990-3.60 0x91733EF4
int sceKernelGetHeapInfoForKernel(SceUID uid, SceKernelHeapInfo *pInfo);

sceKernelFreeSimpleMemBlockForKernel

Version NID
0.990-3.60 0xA1FFA2C9

sceKernelSysrootAllocUnsureForKernel

Version NID
0.990-3.60 0xC0A4D2F3
void *sceKernelSysrootAllocUnsureForKernel(uint32_t size);

sceGUIDGetObjectWithClassForKernel

Version NID
0.990-3.60 0x7ABFA9A7
int sceGUIDGetObjectWithClassForKernel(SceUID uid, SceClass *pClass, SceKernelObject **obj);

SceSysmemForKernel_C38D61FC

Version NID
0.990 0xC38D61FC

Calls SceSysmemForDriver_89A44858.

sceUIDGetObjectForKernel

Version NID
0.990 0xC4893914

SceSysmemForKernel_620E00E7

Version NID
0.990 0x620E00E7
SceSysmemForKernel_620E00E7(int a1, int global_id, _DWORD *out);

SceSysmemForKernel_7C797940

Version NID
0.990 0x7C797940

Calls SceSysmemForKernel_620E00E7 or SceSysmemForDriver_0F5C84B7.

free

Version NID
0.990-3.60 0xABAB0FAB

sceUIDtoObjectForKernel

Version NID
0.990-3.60 0xED221825

Calls sceKernelGUIDGetObjectForDriver.

SceKernelObject *sceUIDtoObjectForKernel(SceUID uid);

sceGUIDKernelCreateWithAttrForKernel

Version NID
0.990-3.60 0x53E1FFDE
int sceGUIDKernelCreateWithAttrForKernel(SceClass *pClass, uint32_t a2, uint32_t a3, SceKernelObject *pObject);

sceGUIDOpenByGUIDForKernel

Version NID
0.990-3.60 0xCF53EEE4

sceGUIDGetUIDVectorByClassForKernel

Version NID
0.931-3.60 0xEC7D36EF

sceUIDGetUIDVectorByClassForKernel

Version NID
0.931-0.990 0xA2F03233
3.60 not present

It is simply a wrapper for sceGUIDGetUIDVectorByClassForKernel.

sceKernelCreateAddressSpaceForKernel

Version NID
0.990-3.60 0x4A3737F0
// flag use 0x10000001
// a4 size is 0x10
int sceKernelCreateAddressSpaceForKernel(SceUID a1, void *a2, int flag, SceKernelAddressSpace **ppAS);

sceKernelDeleteAddressSpaceForKernel

Version NID
0.940-3.60 0xF2D7FE3A
int sceKernelDeleteAddressSpaceForKernel(SceUID guid);

sceKernelAddressSpaceFreeAllMemBlockForKernel

Version NID
0.990-3.60 0x89CE1F31
int sceKernelAddressSpaceFreeAllMemBlockForKernel(SceUID uid);

sceKernelAddressSpaceSetPhyMemPartForKernel

Version NID
0.931-3.60 0x67955EE9
int sceKernelAddressSpaceSetPhyMemPartForKernel(SceUID uid, int a2, SceKernelPhyMemPart *pPhyMemPart);

sceKernelAddressSpaceUnmapForKernel

Version NID
0.940-3.60 0xCE72839E
int sceKernelAddressSpaceUnmapForKernel(SceUID uid, int unk, void *vbase, SceSize size);

3.60:

int sceKernelAddressSpaceUnmapForKernel(SceUID uid, int flags, int unk, uint32_t paddr, SceSize size);

Example: in SceSysStateMgr:

sceKernelAddressSpaceUnmapForKernel(0x10007, 0xF7, 0x51000000, 0x1000000);
sceKernelAddressSpaceUnmapForKernel(0x10007, 0xF0, 0xE0000000, 0x8000000);
sceKernelAddressSpaceUnmapForKernel(0x10007, 0xF0, 0x1A000000, 0x100000);

3.60

sceKernelAddressSpaceUnmapForKernel(0x10007, 0xF7, 0xC, 0x51000000, 0x1000000);
sceKernelAddressSpaceUnmapForKernel(0x10007, 0xF0, 0xC, 0xE0000000, 0x8000000);
sceKernelAddressSpaceUnmapForKernel(0x10007, 0xF0, 0xC, 0x1A000000, 0x100000);

sceKernelAddressSpaceVAtoPAForKernel

Version NID
0.990-3.60 0xF2179820
int sceKernelAddressSpaceVAtoPAForKernel(SceAddressSpace *pAS, uint32_t mode, void *pVA, void **pPA);

sceKernelAddressSpaceGetMemoryTypeForKernel

Version NID
0.990-3.60 0xCC7BB240
int sceKernelAddressSpaceGetMemoryTypeForKernel(uint32_t *memory_type);

sceKernelRxMemcpyKernelToUserForPidForKernel

Version NID
1.69-3.60 0x30931572

Unrestricted memcpy to the virtual address space for process pid. Both dst and src must be in the address space of pid but src must also be accessible in the address space of the caller. This is normally used for resolving stubs in module loads. Same as write to RO but does a cache flush.

int sceKernelRxMemcpyKernelToUserForPidForKernel(SceUID pid, uintptr_t dst, const void *src, size_t len);

sceKernelFindClassByNameForKernel

Version NID
3.60 0x62989905
int sceKernelFindClassByNameForKernel(const char *name, SceClass **class);

sceKernelGetMemBlockTypeForKernel

Version NID
3.60 0x289BE3EC
/***
 * Gets the memory block type of a memory block
 *
 * @param[in] uid - SceUID of the memory block
 * @param[out] type - Type of the memory block identified by uid
 *
 * @return 0 on success, < 0 on error.
*/
int sceKernelGetMemBlockTypeForKernel(SceUID uid, unsigned int *type);

sceKernelCreateUidObjForKernel

Version NID
3.60 0xDF0288D7
SceUID sceKernelCreateUidObjForKernel(SceClass *class, const char *name, SceCreateUidObjOpt *opt, SceKernelObject **obj);

sceKernelGetUidHeapClassForKernel

Version NID
3.60 0x4CCA935D
SceClass *sceKernelGetUidHeapClassForKernel(void);

sceKernelGetUidMemBlockClassForKernel

Version NID
3.60 0xAF729575
SceClass *sceKernelGetUidMemBlockClassForKernel(void);

sceKernelGetUidDLinkClassForKernel

Version NID
0.990-3.60 0xC105604E
SceClass *sceKernelGetUidDLinkClassForKernel(void);

SceSysmemForDriver

SceSysmemForDriver_65B9B393

Version NID
0.990 0x65B9B393
3.60 not present

Return *class.

uint32_t SceSysmemForDriver_65B9B393(SceUID uid);

get_class

Version NID
0.990 0xFE28F5EB
3.60 not present
SceClass *get_class(void);

sceUIDKernelCreateForDriver

Version NID
0.990 0x7FC849B1
3.60 not present

sceUIDClassInitForDriver

Version NID
0.931-0.990 0xE6D75E99
3.60 not present
int sceUIDClassInitForDriver(SceClass *class, const char *name, uint32_t uid_class, uint32_t item_size, void *constructor, void *destructor);

sceKernelCopyFromUserForDriver

Version NID
0.990 0xE08F3967
3.60 not present
int sceKernelCopyFromUserForDriver(void *dst, const void *src, SceSize size);

add_heap

Version NID
0.990 0xB800123C
3.60 not present
int add_heap(SceUID uid, const char *name, SceClass *class);

compare_struct_0x10

Version NID
0.990 0x6484D03E
3.60 not present
uint32_t compare_struct_0x10(char *a1, const char *a2);

sceGUIDNameForDriver

Version NID
0.990 0xB2BB6216
3.60 not present
char *sceGUIDNameForDriver(SceUID id);

sceKernelGetMemBlockAllocSizeForDriver

Version NID
0.990 0x63E5754B
3.60 not present
int sceKernelGetMemBlockAllocSizeForDriver(SceUID id, SceSize *size);

sceUIDGetClassInfoAllForDriver

Version NID
0.990 0x3EF32C6C
3.60 not present
int sceUIDGetClassInfoAllForDriver(SceClassInfo_0990 *vector, uint32_t maxNumClass, uint32_t *pNumClassInBuf);

sceKernelUIDCloseForDriver

Version NID
0.990 0x32C5F628
3.60 not present

a2 is addr or flags. (a2 & 0x40000000) == 0) means kernel uid else userland uid.

int sceKernelUIDCloseForDriver(SceUID uid, uint32_t a2);

sceKernelStrncpyToUserForDriver

Version NID
0.990 0x369355F1
3.60 not present
int sceKernelStrncpyToUserForDriver(char **dst_str, const char *src_str, SceSize to_copy_size, SceSize *dst_size);

sceKernelProcUserStrcpyForDriver

Version NID
0.990 0xEBCB3970
3.60 not present
int sceKernelProcUserStrcpyForDriver(SceUID pid, char *dst, const char *src);

sceKernelUserStrncpyForDriver

Version NID
0.940-0.990 0xE6D5EFE4
3.60 not present

Return 0 on success.

int sceKernelUserStrcpyForDriver(char *dst, const char *src);

sceKernelUserStrnlenForDriver

Version NID
0.940-0.990 0xFF06898A
3.60 not present
SceSize sceKernelUserStrnlenForDriver(const char *s, SceSize maxlen);

SceSysmemForDriver_F09A7D09

Version NID
0.990 0xF09A7D09
3.60 not present

Calls sceKernelGUIDCloseForDriver.

int SceSysmemForDriver_F09A7D09(SceUID uid);

Switch TTB For PID

Version NID
1.69 0x6F2ACDAE
3.60 not present

Changes the TTBR to point to the tables for a given PID.

int switch_ttb_for_pid(SceUID pid);

sceKernelRoMemcpyKernelToUserForPidForDriver

Version NID
1.69 0x571D2739
3.60 not present
int sceKernelRoMemcpyKernelToUserForPidForDriver(SceUID pid, void *dst, const void *src, SceSize size);

sceKernelAllocHeapMemoryForDriver

Version NID
0.990-3.60 0x7B4CB60A

Temp name was sceKernelMemPoolAlloc.

Calls sceKernelAllocHeapMemoryWithOptionForDriver with a3 = 0.

void* sceKernelAllocHeapMemoryForDriver(SceUID uid, SceSize size);

sceKernelAllocHeapMemoryFromGlobalHeapForDriver

Version NID
3.60 0x7750CEA7

Calls sceKernelAllocHeapMemoryForDriver with uid = -1 (global heap uid).

void* sceKernelAllocHeapMemoryFromGlobalHeapForDriver(SceSize size);

sceKernelAllocHeapMemoryFromGlobalHeapWithOptForDriver

Version NID
0.990-3.60 0x0B4ED16A

Calls sceKernelAllocHeapMemoryWithOptionForDriver with uid = -1 (global heap uid).

void* sceKernelAllocHeapMemoryFromGlobalHeapWithOptForDriver(SceSize size, SceKernelHeapMemoryOpt *pOpt);

sceKernelAllocHeapMemoryWithOptForDriver

Version NID
3.60 0xB415B5A8

Same as sceKernelAllocHeapMemoryForDriver but uses pOpt.

void* sceKernelAllocHeapMemoryWithOptForDriver(SceUID uid, SceSize size, SceKernelHeapMemoryOpt *pOpt);

sceKernelAllocHeapMemoryWithOptionForDriver

Version NID
0.990-3.60 0x49D4DD9B

Temp name was sceKernelAllocHeapMemoryWithOpt2ForDriver.

Same as sceKernelAllocHeapMemoryForDriver but uses pOpt.

void* sceKernelAllocHeapMemoryWithOptionForDriver(SceUID uid, SceSize size, SceKernelHeapMemoryOpt *pOpt);

sceKernelAllocMemBlockWithInfoForDriver

Version NID
0.990-3.60 0xD44F464D

Temp name was sceKernelAllocMemBlockExtForDriver.

SceUID sceKernelAllocMemBlockWithInfoForDriver(const char *name, SceKernelMemBlockType type, SceSize vsize, const struct SceKernelAllocMemBlockOptKernel *pOpt, SceKernelMemBlockInfo *info);

sceKernelAllocMemBlockForDriver

Version NID
0.990-1.50 0x59F3159C
1.69-3.60 0xC94850C9
SceUID sceKernelAllocMemBlockForDriver(const char *name, SceKernelMemBlockType type, SceSize vsize, const struct SceKernelAllocMemBlockOptKernel *pOpt);

The interface is the same as the userland version of this function, however more types can be specified and more options are in the pOpt argument.

To allocate a kernel RW block of memory, specify type = SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_TMP_RW.

To allocate a block of memory with a specific physical address, specify type = SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_IO_SO_RW or type = SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_IO_RW, pOpt->attr = 2, and pOpt->paddr = physical address.

To allocate a block of memory that is kernel executable, specify type = SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_RX.

To allocate a block of memory that is physically contiguous, specify type = 0x30808006, pOpt->attr = 0x200004 and an alignment to pOpt->alignment.

To allocate a block of memory inside the CDRAM, specify type = 0x40404006.

sceKernelCreateClassForDriver

Version NID
3.60 0x61317102
int sceKernelCreateClassForDriver(SceClass *cls, const char *name, struct SceClass *uid_class, size_t item_size, SceClassCallback create, SceClassCallback destroy);

sceKernelCreateHeapForDriver

Version NID
1.69-3.60 0x9328E0E8
typedef struct SceKernelHeapCreateOpt { // size is 0x14 on FW 0.990, 0x28 on FW 3.60
  SceSize size;
  SceUInt32 uselock; // ex: 0x100
  SceUInt32 field_8; // ex: 0x8000
  SceUInt32 field_C;
  SceUInt32 block_type;
  SceUInt32 field_14;
  SceUInt32 field_18;
} SceKernelHeapCreateOpt;

// pOpt can be NULL
SceUID sceKernelCreateHeapForDriver(const char *name, SceSize size, SceKernelHeapCreateOpt *pOpt);

The heap pool is thread safe.

sceKernelCreateUidObjForDriver

Version NID
3.60 0x56A13E90
SceUID sceKernelCreateUidObjForDriver(SceClass *cls, const char *name, SceKernelObject **obj);

sceKernelCreateUidObjForUidForDriver

Version NID
0.990-3.60 0x89A44858

Calls sceUIDtoObjectForKernel.

SceUID sceKernelCreateUidObjForUidForDriver(SceClass *cls, const char *name, SceUID uid, SceKernelObject **obj);

scePUIDOpenByGUIDWithFlagsForDriver

Version NID
0.990-3.60 0xCED1547B

Temp name was sceKernelCreateUserUidForClassForDriver.

SceUID scePUIDOpenByGUIDWithFlagsForDriver(SceUID pid, SceUID uid, uint32_t flags);

sceKernelCreateUserUidForDriver

Version NID
3.60 0xBF209859
SceUID sceKernelCreateUserUidForDriver(SceUID pid, SceUID uid);

sceKernelCreateUserUidForNameForDriver

Version NID
3.60 0x513B9DDD
SceUID sceKernelCreateUserUidForNameForDriver(SceUID pid, char *name);

sceKernelCreateUserUidForNameWithClassForDriver

Version NID
3.60 0x8DA0BCA5
SceUID sceKernelCreateUserUidForNameWithClassForDriver(SceUID pid, char *name, SceClass *cls);

sceKernelDeleteHeapForDriver

Version NID
0.940-3.60 0xD6437637
int sceKernelDeleteHeapForDriver(SceUID uid);

sceKernelGUIDCloseForDriver

Version NID
0.990-3.60 0x047D32F2

Temp name was sceKernelDeleteUidForDriver.

int sceKernelGUIDCloseForDriver(SceUID uid);

sceKernelPUIDCloseForDriver

Version NID
0.990-3.60 0x84A4AF5E

Temp name was sceKernelDeleteUserUidForDriver.

int sceKernelPUIDCloseForDriver(SceUID pid, SceUID uid);

sceKernelGetMemBlockMemtypeByAddrForDriver

Version NID
0.990-3.60 0xF3BBE2E1

Temp name was sceKernelFindMemBlockByAddrForDefaultSizeForDriver.

SceKernelMemoryType sceKernelGetMemBlockMemtypeByAddrForDriver(const void *addr);

sceKernelFindMemBlockByAddrForDriver

Version NID
1.69-3.60 0x8A1742F6
SceUID sceKernelFindMemBlockByAddrForDriver(const void *addr, SceSize size);

sceKernelFindProcMemBlockByAddrForDriver

Version NID
0.990-3.60 0x857F1D5A

Temp name was sceKernelFindMemBlockByAddrForPidForDriver.

SceUID sceKernelFindProcMemBlockByAddrForDriver(SceUID pid, const void *addr, SceSize size);

sceKernelFindMemBlockForDriver

Version NID
3.57 not present, added on 3.60
3.60 0x9C78064C
SceUID sceKernelFindMemBlockForDriver(int flags, void *addr, SceSize size);

sceKernelFindMemBlockProcForDriver

Version NID
3.60 0x9F6E45E3

Temp name was sceKernelFindMemBlockForPidForDriver.

SceUID sceKernelFindMemBlockProcForDriver(SceUID pid, int flags, void *addr, SceSize size);

sceKernelFirstDifferentBlock32UserForDriver

Version NID
3.60 0xBDA6E42B
int sceKernelFirstDifferentBlock32UserForDriver(unsigned int *ptr, int value, int byte_size);

sceKernelFirstDifferentBlock32UserForPidForDriver

Version NID
1.69-3.60 0x8334454F

Looks for an integer in userspace.

int sceKernelFirstDifferentBlock32UserForPidForDriver(SceUID pid, unsigned int *ptr, int value, int byte_size);

sceKernelFirstDifferentBlock64UserForDriver

Version NID
3.60 0xBB3B02C2
int sceKernelFirstDifferentBlock64UserForDriver(unsigned long long *ptr, int unused, unsigned long long value, int byte_size);

sceKernelFirstDifferentBlock64UserForPidForDriver

Version NID
3.60 0xE83855FD
int sceKernelFirstDifferentBlock64UserForPidForDriver(SceUID pid, unsigned long long *ptr, unsigned long long value, int byte_size);

sceKernelFreeHeapMemoryForDriver

Version NID
0.990-3.60 0x3EBCE343

Temp name was sceKernelMemPoolFreeForDriver.

int sceKernelFreeHeapMemoryForDriver(SceUID uid, void *ptr);

sceKernelFreeHeapMemoryFromGlobalHeapForDriver

Version NID
3.60 0xFB817A59
int sceKernelFreeHeapMemoryFromGlobalHeapForDriver(void *ptr);

sceKernelFreeMemBlockForDriver

Version NID
3.60 0x009E1C61
int sceKernelFreeMemBlockForDriver(SceUID uid);

sceKernelPUIDGetClassForDriver

Version NID
0.990-3.60 0xE9728A12

Temp name was sceKernelGetClassForPidForUidForDriver.

int sceKernelPUIDGetClassForDriver(SceUID pid, SceUID uid, SceClass **cls);

sceKernelGUIDGetClassForDriver

Version NID
0.990-3.60 0xC74B0152

Temp name was sceKernelGetClassForUidForDriver.

int sceKernelGUIDGetClassForDriver(SceUID uid, SceClass **cls);

sceKernelGetMemBlockPARangeForDriver

Version NID
0.990-3.60 0x98C15666

Previous name was sceKernelGetMemBlockAddrPairForUidForDriver

Returns the paddr and size (pRange) of the memory block if it is physically continuous.

int sceKernelGetMemBlockPARangeForDriver(SceUID uid, SceKernelPARange *pRange);

sceKernelGetMemBlockBaseForDriver

Version NID
0.990-3.60 0xA841EDDA
/**
 * @brief Get mapped base address of memory block.
 *
 * Get base address of memory block.
 * @param[in]	uid		block id
 * @param[out]	ppBase		base address of memory block
 * @retval	SCE_OK		success
 * @retval	<SCE_OK		Error
 */
int sceKernelGetMemBlockBaseForDriver(SceUID uid, void **ppBase);

sceKernelGetMemBlockVBaseForDriver

Version NID
3.60 0xB81CF0A3

Wrongly named sceKernelGetMemBlockKernelPageForDriver.

int sceKernelGetMemBlockVBaseForDriver(SceUID uid, void **kernel_page);

sceKernelGetMemBlockMappedBaseForDriver

Version NID
3.60 0x0B1FD5C3
int sceKernelGetMemBlockMappedBaseForDriver(SceUID uid, void **basep);

sceKernelGetMemBlockPAVectorForDriver

Version NID
0.990-3.60 0x19A51AC7

Temp name was sceKernelGetMemBlockPaddrListForUidForDriver.

int sceKernelGetMemBlockPAVectorForDriver(SceUID uid, SceKernelPAVector *pVector);

sceKernelPUIDGetEntryHeapNameForDriver

Version NID
0.990-3.60 0x09896EB7

Temp name was sceKernelGetNameForPidByUidForDriver. Real name might be sceKernelPUIDGetEntryHeapNameForDriver.

int sceKernelPUIDGetEntryHeapNameForDriver(SceUID pid, SceUID uid, char **name);

sceKernelGetNameForUid2ForDriver

Version NID
3.60 0xE655852F
const char* sceKernelGetNameForUid2ForDriver(SceUID uid);

sceKernelGetNameForUidForDriver

Version NID
3.60 0xA78755EB
int sceKernelGetNameForUidForDriver(SceUID uid, char **name);

sceUIDtoObjectForDriver

Version NID
0.990 0xAB7AC3D1

Calls sceUIDtoObjectForKernel.

SceKernelObject *sceUIDtoObjectForDriver(SceUID uid);

sceKernelGetObjectForPidForUidForDriver

Version NID
0.990-3.60 0xFE6D7FAE
int sceKernelGetObjectForPidForUidForDriver(SceUID pid, SceUID uid, SceKernelObject **obj);

sceKernelGetObjectForUidForAttrForDriver

Version NID
3.60 0xF6DB54BA
int sceKernelGetObjectForUidForAttrForDriver(SceUID uid, unsigned int attr, SceKernelObject **obj);

sceGUIDReferObjectWithClassLevelForDriver

Version NID
0.990-3.60 0x77066FD1

Temp name was sceKernelGetObjectForUidForClassForAttrForDriver.

int sceGUIDReferObjectWithClassLevelForDriver(SceUID uid, SceClass *pClass, uint32_t attr, SceKernelObject **pEntry);

sceKernelGetObjectForUidForClassForDriver

Version NID
3.60 0x00ED6C14

Temp name was sceKernelGetObjForUidForDriver.

int sceKernelGetObjectForUidForClassForDriver(SceUID uid, SceClass *cls, SceKernelObject **obj);

sceKernelGUIDReferObjectClassForDriver

Version NID
0.990-3.60 0x72A98D17

Temp name was sceKernelGetObjectForUidForClassTreeForDriver. Actual name might be sceKernelGUIDReferObjectClassForDriver.

int sceKernelGUIDReferObjectClassForDriver(SceUID uid, SceClass *cls, SceKernelObject **obj);

sceKernelGUIDGetObjectForDriver

Version NID
0.990-3.60 0x0FC24464

Temp name was sceKernelGetObjectForUidForDefaultClassForDriver.

int sceKernelGUIDGetObjectForDriver(SceUID uid, SceKernelObject **pEntry);

sceKernelGetObjectForUidForDriver

Version NID
3.60 0x0F5C84B7
int sceKernelGetObjectForUidForDriver(SceUID uid, SceKernelObject **obj);

sceKernelVAtoPAForDriver

Version NID
0.990-3.60 0x8D160E65

Temp name was sceKernelGetPaddrForDriver.

This will write the physical address for a virtual address pVA to memory pointed to by pPA.

Returns <0 on error, values >=0 indicate success.

int sceKernelVAtoPAForDriver(void *pVA, void **pPA);

sceKernelProcVAtoPAForDriver

Version NID
0.990 0xC51934BD
int sceKernelProcVAtoPAForDriver(SceUID pid, void *pVA, void **pPA);

sceKernelProcModeVAtoPAForDriver

Version NID
0.990-3.60 0x61A67D32

Temp name was sceKernelGetPaddrForPidForDriver.

int sceKernelProcModeVAtoPAForDriver(SceUID pid, uint32_t mode, void *pVA, void **pPA);

sceKernelVARangeToPAVectorForDriver

Version NID
0.931-3.60 0xE68BEEBD

Temp name was sceKernelGetPaddrListForDriver.

This function writes into pVector->output_buffer an array of vRange that encompasses the block of memory specified in the input. pVector->ret_count will contain the number of entries written. If pVector->output_buffer is null, it will just write the count.

int sceKernelVARangeToPAVectorForDriver(const SceKernelVARange *vRange, SceKernelPAVector *pVector);

sceKernelGetPaddrListForLargePageForDriver

Version NID
3.60 0x08A8A7E8
int sceKernelGetPaddrListForLargePageForDriver(const SceKernelVARange *vRange, SceKernelPAVector *pVector);

sceKernelGetPaddrListForSmallPageForDriver

Version NID
3.60 0x16844CE6
int sceKernelGetPaddrListForSmallPageForDriver(const SceKernelVARange *vRange, SceKernelPAVector *pVector);

sceKernelVARangeToPARangeForDriver

Version NID
0.940-3.60 0xAE36C775

Temp name was sceKernelGetPaddrPairForDriver.

int sceKernelVARangeToPARangeForDriver(const SceKernelVARange *vRange, SceKernelPARange *pRange);

sceKernelGetPaddrPairForLargePageForDriver

Version NID
3.60 0x32257A24
int sceKernelGetPaddrPairForLargePageForDriver(SceKernelVARange *pair, SceKernelPARange *result_pair);

sceKernelGetPaddrPairForSmallPageForDriver

Version NID
3.60 0xB3575090
int sceKernelGetPaddrPairForSmallPageForDriver(SceKernelVARange *pair, SceKernelPARange *result_pair);

sceKernelVAtoPABySWForDriver

Version NID
0.990-3.60 0x65419BD3

Temp name was sceKernelGetPaddrWithSectionTypeCheckForDriver. Wrong name was sceKernelAddressSpaceVAtoPABySWForDriver.

int sceKernelVAtoPABySWForDriver(void *pVA, void **pPA);

sceKernelGetPidContextForDriver

Version NID
3.60 0x2ECF7944
struct SceKernelProcessContext
{
  SceUInt32 TTBR1;
  SceUInt32 DACR;
  SceUInt32 CONTEXTIDR;
};

int sceKernelGetPidContextForDriver(SceUID pid, SceKernelProcessContext **ctx);

sceKernelGetUidClassForDriver

Version NID
3.60 0x85336A1C
SceClass *sceKernelGetUidClassForDriver();

sceKernelGetUnknownValidPhysAddressSpaceForDriver

Version NID
3.60 0xC9928F5E
int sceKernelGetUnknownValidPhysAddressSpaceForDriver(void **start, void **end);

sceKernelIsPaddrWithinSameSectionForUidForDriver

Version NID
3.60 0xF4AD89D8
int sceKernelIsPaddrWithinSameSectionForUidForDriver(SceUID pid, int permission_type, void *vaddr, unsigned int len);

sceKernelIsPaddrWithinUnknownValidPhysAddressSpaceForDriver

Version NID
3.60 0xA7C0D1FC
int sceKernelIsPaddrWithinUnknownValidPhysAddressSpaceForDriver(void *vaddr);

sceKernelKernelUidForUserUidForClassForDriver

Version NID
3.60 0x184172B1
SceUID sceKernelKernelUidForUserUidForClassForDriver(SceUID pid, SceUID user_uid, SceClass *cls);

scePUIDtoGUIDForDriver

Version NID
0.990-3.60 0x45D22597

Temp name was sceKernelKernelUidForUserUidForDriver.

Process UID to Global UID.

SceUID scePUIDtoGUIDForDriver(SceUID pid, SceUID uid);

sceKernelPartitionMapMemBlockForDriver

Version NID
0.990-3.60 0x58D21746

Temp name was sceKernelMapBlockUserVisibleForDriver.

int sceKernelPartitionMapMemBlockForDriver(SceUID uid);

sceKernelMapBlockUserVisibleWithFlagForDriver

Version NID
3.60 0x04059C4B
int sceKernelMapBlockUserVisibleWithFlagForDriver(SceUID uid, int some_flag);

sceKernelUserMapForDriver

Version NID
0.990-3.60 0x278BC201

Wrongly named sceKernelMapUserBlockDefaultTypeForDriver.

Assigns type 0.

int sceKernelUserMapForDriver(char *name, int permission, void *user_buf, int size, void **kernel_page, int *kernel_size, int *kernel_offset);

sceKernelProcUserMapForDriver

Version NID
3.60 0x0091D74D

Wrongly named sceKernelMapUserBlockForDefaultTypeForPidForDriver. sceKernelProcUserMapForDriver is certainly real name.

Assigns type 0.

int sceKernelProcUserMapForDriver(SceUID pid, const char *name, int permission, void *user_buf, int size, void **kernel_page, int *kernel_size, int *kernel_offset);

sceKernelMapUserBlockForDriver

Version NID
1.69-3.60 0x7D4F8B5F

Permission is either "1" for read only, no execute or "2"/"3" for read write, no execute. Type is either 0, 1, or 17 and affects the block type. 0 is default. This will allocate kernel memory starting at kernel_page. To get the same memory as the user pointer, add the kernel_offset. kernel_size is how much is allocated.

//this signature is for 1.69
int sceKernelMapUserBlockForDriver(int permission, int type, void *user_buf, int size, void **kernel_page, int *kernel_size, int *kernel_offset);

//this signature is for 3.60 - now allows to give a name
int sceKernelMapUserBlockForDriver(char *name, int permission, int type, void *user_buf, int size, void **kernel_page, int *kernel_size, int *kernel_offset);

sceKernelDecRefCountMemBlockForDriver

Version NID
0.990-3.60 0xF50BDC0C

Temp name was sceKernelMemBlockDecRefCounterAndReleaseUidForDriver.

int sceKernelDecRefCountMemBlockDriver(SceUID uid);

sceKernelMemBlockGetInfoExForDriver

Version NID
3.60 0x24A99FFF
int sceKernelMemBlockGetInfoExForDriver(SceUID uid, SceKernelMemBlockInfoEx *info);

sceKernelGetMemBlockInfoForDriver

Version NID
0.990-3.60 0xA73CFFEF

Temp name was sceKernelMemBlockGetInfoExForVisibilityLevelForDriver.

int sceKernelGetMemBlockInfoForDriver(SceUID uid, uint32_t level, SceKernelMemBlockInfoEx *pInfo);

sceKernelMemBlockGetSomeSizeForDriver

Version NID
3.60 0x78337B62
int sceKernelMemBlockGetSomeSizeForDriver(SceUID uid, int *some_size);

sceKernelIncRefCountMemBlockForDriver

Version NID
0.990-3.60 0xEAF3849B

Temp name was sceKernelMemBlockIncRefCounterAndReleaseUidForDriver.

int sceKernelIncRefCountMemBlockForDriver(SceUID uid);

sceKernelUserUnmapForDriver

Version NID
0.990-3.60 0x00575B00

Temp name was sceKernelMemBlockReleaseForDriver.

int sceKernelUserUnmapForDriver(SceUID uid);

sceKernelMemBlockType2MemtypeForDriver

Version NID
0.990-3.60 0x20C811FA
int sceKernelMemBlockType2MemtypeForDriver(SceKernelMemBlockType type);

sceKernelMemBlockTypeGetPrivilegesForDriver

Version NID
3.60 0x6A0792A3
int sceKernelMemBlockTypeGetPrivilegesForDriver(SceKernelMemBlockType type);

sceKernelMemBlockTypeGetUnknownForDriver

Version NID
0.990-3.60 0xCB0F3A33
int sceKernelMemBlockTypeGetUnknownForDriver(SceKernelMemBlockType type);

sceKernelMemRangeReleaseForDriver

Version NID
3.60 0x75C70DE0
int sceKernelMemRangeReleaseForDriver(void *addr, SceSize size);

sceKernelMemRangeReleaseForPidForDriver

Version NID
3.60 0xA8525B06
int sceKernelMemRangeReleaseForPidForDriver(SceUID pid, void *addr, SceSize size);

sceKernelMemRangeReleaseWithPermForDriver

Version NID
3.60 0x22CBE925

Decrease references to pages.

int sceKernelMemRangeReleaseWithPermForDriver(SceKernelMemoryRefPerm perm, void *addr, SceSize size);

sceKernelMemRangeRetainForDriver

Version NID
3.60 0x59A4402F
int sceKernelMemRangeRetainForDriver(void *addr, SceSize size);

sceKernelMemRangeRetainForPidForDriver

Version NID
3.60 0x659586BF
int sceKernelMemRangeRetainForPidForDriver(SceUID pid, void *addr, SceSize size);

sceKernelMemRangeRetainWithPermForDriver

Version NID
3.60 0xBC0A1D60

Increase references to pages.

int sceKernelMemRangeRetainWithPermForDriver(SceKernelMemoryRefPerm perm, void *addr, SceSize size);

sceKernelCopyToUserForDriver

Version NID
0.990-3.60 0x6D88EF8A

Temp name was sceKernelMemcpyKernelToUserForDriver.

int sceKernelCopyToUserForDriver(void *dst, const void *kern_src, SceSize len);

sceKernelCopyoutProcForDriver

Version NID
0.990-3.60 0x6B825479

Temp name was sceKernelMemcpyKernelToUserForPidForDriver.

This will not crash on invalid user pointers, but instead return error.

int sceKernelCopyoutProcForDriver(SceUID pid, void *dst, const void *src, SceSize size);

sceKernelMemcpyKernelToUserForPidUncheckedForDriver

Version NID
1.69-3.60 0xFED82F2D
int sceKernelMemcpyKernelToUserForPidUncheckedForDriver(SceUID pid, void *dst, const void *kern_src, SceSize size);

sceKernelCopyFromUserForDriver

Version NID
0.990-3.60 0xBC996A7A

Temp name was sceKernelMemcpyUserToKernelForDriver.

int sceKernelCopyFromUserForDriver(void *dst, const void *src, SceSize size);

sceKernelProcCopyFromUserForDriver

Version NID
0.990-3.60 0x605275F8

Temp name was sceKernelMemcpyUserToKernelForPidForDriver.

int sceKernelProcCopyFromUserForDriver(SceUID pid, void *dst, void *src, SceSize size);

sceKernelMemcpyUserToUserForDriver

Version NID
3.60 0x1BD44DD5
int sceKernelMemcpyUserToUserForDriver(void *dst, const void *src, SceSize size);

sceKernelMemcpyUserToUserForPidForDriver

Version NID
1.69-3.60 0x8E086C33
int sceKernelMemcpyUserToUserForPidForDriver(SceUID pid, void *dst, const void *src, SceSize size);

sceUIDOpenByNameForDriver

Version NID
0.990 0x796881D6
3.60 not present
SceUID sceUIDOpenByNameForDriver(char *name);

sceKernelOpenUidForNameForDriver

Version NID
0.990-3.60 0xD76E7452

Name to be checked.

SceUID sceKernelOpenUidForNameForDriver(char *name);

sceKernelRemapBlockForDriver

Version NID
1.05 0x8D332AE1
1.69-3.60 0xDFE2C8CB
int sceKernelRemapBlockForDriver(SceUID uid, SceKernelMemBlockType type);

This is used to remap RW memory as RX. To do this, first allocate a memory block of type 0x1020D006. After you are done writing, call this with type set to 0x1020D005.

sceKernelPUIDSetNameForDriver

Version NID
0.990-3.60 0x12624884

Temp name was sceKernelSetNameForPidForUidForDriver.

int sceKernelPUIDSetNameForDriver(SceUID pid, SceUID uid, const char *name);

sceKernelSetObjectForUidForDriver

Version NID
3.60 0x4CFA4100
int sceKernelSetObjectForUidForDriver(SceUID uid, char *name);

sceKernelStrnlenUserForDriver

Version NID
1.69-3.60 0xB429D419
int sceKernelStrnlenUserForDriver(uintptr_t usr_addr, SceSize maxlen);

sceKernelStrnlenUserForPidForDriver

Version NID
1.69-3.60 0x9929EB07
int sceKernelStrnlenUserForPidForDriver(SceUID pid, uintptr_t usr_addr, SceSize size);

sceKernelStrncpyKernelToUserForDriver

Version NID
1.69-3.60 0x80BD6FEB
int sceKernelStrncpyKernelToUserForDriver(char* usr_dst, const void *kern_src, SceSize maxlen);

sceKernelStrncpyKernelToUserForPidForDriver

Version NID
1.69-3.60 0x75AAF178
int sceKernelStrncpyKernelToUserForPidForDriver(SceUID pid, char *usr_dst, const char *kern_src, SceSize size);

sceKernelStrncpyUserToKernelForDriver

Version NID
1.69-3.60 0xDB3EC244
int sceKernelStrncpyUserToKernelForDriver(void *kern_dst, uintptr_t usr_src, SceSize maxlen);

sceKernelSwitchPidContextForDriver

Version NID
3.60 0x2D711589
int sceKernelSwitchPidContextForDriver(SceKernelProcessContext *new_context, SceKernelProcessContext *prev_context);

sceKernelUidReleaseForDriver

Version NID
3.60 0x149885C4
int sceKernelUidReleaseForDriver(SceUID uid);

sceKernelUnmapMemBlockForDriver

Version NID
3.60 0xFFCD9B60
int sceKernelUnmapMemBlockForDriver(SceUID uid);

sceKernelGetPhysicalMemoryTypeForDriver

Version NID
0.990-3.60 0x0AAA4FDD

Temp name was sceKernelVaddrMaybeGetSectionTypeForDriver

int sceKernelGetPhysicalMemoryTypeForDriver(void *vaddr);

some_memblock_operation

Version NID
3.60 0x13805CA8
int some_memblock_operation(SceUID uid, int a2, int a3, int a4);

some_memblock_operation

Version NID
3.60 0x16713BE8

Same as above but with different flags.

int some_memblock_operation(SceUID uid, int a2, int a3, int a4);

some_memblock_operation

Version NID
3.60 0x16713BE8

Same as above but with different flags.

int some_memblock_operation(SceUID uid, int a2, int a3, int a4);

some_memblock_operation

Version NID
3.60 0x4C584B29

Same as above but with different flags.

int some_memblock_operation(SceUID uid, int a2, int a3, int a4);

some_memblock_operation

Version NID
3.60 0x6C76AD89

Same as above but with different flags.

int some_memblock_operation(SceUID uid, int a2, int a3, int a4);

some_memblock_operation

Version NID
3.60 0x8C43B052

Same as above but with different flags.

int some_memblock_operation(SceUID uid, int a2, int a3, int a4);

sceKernelGetMemBlockProcessForDriver

Version NID
0.990-3.60 0x1EFC96EA
int sceKernelGetMemBlockProcessForDriver(SceUID uid);

memblock_related_operation

Version NID
3.60 0x64DBE472
int memblock_related_operation(SceUID uid, int a2);

memblock_related_operation

Version NID
3.60 0x987EE587
struct result_987ee587
{
  int unk0;
  int unk4;
  int unk8;
  int unkC;
  int unk10;
};

int memblock_related_operation(SceUID uid, result_987ee587 *result);

SceSysmemForDriver_856fa2e3

Version NID
3.60 0x856FA2E3
int SceSysmemForDriver_856fa2e3(SceUID uid);

sceKernelGetPhyMemInfoForDriver

Version NID
0.931-3.60 0x89475192
typedef struct SceKernelPhyMemInfo { // Size is 0xC on 0.931-3.60
  SceSize size; // Size of this structure
  uint32_t unk4; 
  uint32_t unk8;
} SceKernelPhyMemInfo;

// as of FW 0.931-0.990, pindex must be one of these values: 1 PhyPartKernel, 8 PageVenezia, 9 PageVIP
#define SCE_KERNEL_PHYMEMPART_KERNEL_INDEX 1
#define SCE_KERNEL_PHYMEMPART_LPDDR2MAIN_KERNEL_INDEX 6
#define SCE_KERNEL_PAGE_VENEZIA_INDEX 8
#define SCE_KERNEL_PAGE_VIP_INDEX 9

int sceKernelGetPhyMemInfoForDriver(uint32_t pindex, SceKernelPhyMemInfo *pInfo);

sceKernelVerifyHeapForDriver

Version NID
0.990-3.60 0xC50A9C0D
int sceKernelVerifyHeapForDriver(SceUID uid, int a2);

SceSysmemForDebugger

This library was removed somewhere between 1.692 and 3.60.

sceKernelPhysicalAddressSpaceStartForDebugger

Version NID
0.931 0x6AE2188F
3.60 not present
int sceKernelPhysicalAddressSpaceStartForDebugger(void);

sceKernelGetPhysicalAddressSpaceForDebugger

Version NID
0.931 0xE8905626
3.60 not present

In FW 0.931 calls sceKernelPhysicalAddressSpaceStartForDebugger.

void *sceKernelGetPhysicalAddressSpaceForDebugger(void);

sceKernelIsAccessibleRangeProcForDebugger

Version NID
0.990-1.50 0x01DFC193
3.60 not present

In 1.50 call sceKernelFindMemBlockForPidForDriver.

int sceKernelIsAccessibleRangeProcForDebugger(SceUID pid, uint32_t mode, const void *vaddr, SceSize size);

sceKernelIsAccessibleRangeForDebugger

Version NID
0.990-1.50 0xD027761F
3.60 not present

In 1.50 call sceKernelFindMemBlockForDriver.

int sceKernelIsAccessibleRangeForDebugger(uint32_t mode, const void *vaddr, SceSize size);

SceSysmem

The SceSysmem library is responsible for both low-level and high-level memory management. There are functions for allocating raw blocks of memory (similar to Linux sbrk) as well as functions for maintaining a heap-like structure (similar to malloc) for kernel, however SceLibKernel implements a proper heap and that is used for user code.

sceKernelMapMemBlock

Version NID
0.990-1.69 0x7B763A21
3.60 not present

sceKernelRemapMemBlock

Version NID
0.990-1.69 0x3B29E0F5
3.60 not present

sceKernelPartialMapMemBlock

Version NID
0.990 not present
1.69 0xC0A59868
3.60 not present

sceKernelUnmapMemBlock

Version NID
0.990-1.69 0xEE30D976
3.60 not present
int sceKernelUnmapMemBlock(SceUID uid);

sceKernelPartialUnmapMemBlock

Version NID
0.990 not present
1.69 0xCA99929B
3.60 not present

sceKernelGetMemBlockInfoByRange

Version NID
0.990 not present
0.996-3.60 0x006F3DB4
/**
 * @brief Get memory block informaton by virtual address range

 * @param[in]		vbase	base address
 * @param[in]		vsize   size
 * @param[inout]	pInfo	information structure
 */
int sceKernelGetMemBlockInfoByRange(void *vbase, SceSize vsize, SceKernelMemBlockInfo *pInfo);

sceKernelGetMemBlockInfoByAddr

Version NID
0.990-3.60 0x4010AD65
/**
 * @brief Get memory block information.
 *
 * Get information about a memory block.
 * @param[in]		vbase	Base address
 * @param[inout]	pInfo	Information structure
 */
int sceKernelGetMemBlockInfoByAddr(void *vbase, SceKernelMemBlockInfo *pInfo);

sceKernelGetSubbudgetInfo

Version NID
0.990 not present
1.69-3.60 0x832B4A65
typedef struct SceKernelSubbudgetInfo { // size is 0xC
  int size; // Size of this structure
  int unk_4;
  int unk_8;
} SceKernelSubbudgetInfo;

int sceKernelGetSubbudgetInfo(int unk_boolean, SceKernelSubbudgetInfo *pInfo);

sceKernelGetFreeMemorySize

Version NID
1.69-3.60 0x87CC580B
/**
 * Get free memory size
 */
int sceKernelGetFreeMemorySize(SceKernelFreeMemorySizeInfo *info);

sceKernelOpenMemBlock

Version NID
0.990-3.60 0x8EB8DFBB
// on FW <= 1.691, flags is not used
SceUID sceKernelOpenMemBlock(const char *name, int flags);

sceKernelFindMemBlockByAddr

Version NID
0.990-3.60 0xA33B99D1
/**
 * Find memory block by virtual range (base address and size)
 * If size == 0, API returns a memory block which contains 'start'
 * If size > 0, API returns a memory block just fit range [start, start + size].
 * @param[in]	vaddr		base address
 * @param[in]	size		address size
 * @retval	>=SCE_OK	block id
 * @retval	<SCE_OK		error
 */
SceUID sceKernelFindMemBlockByAddr(void *vaddr, SceSize size);

sceKernelFreeMemBlock

Version NID
0.990-3.60 0xA91E15EE
/**
 * Free memory block.
 *
 * @param[in]	uid		block uid
 * @retval	SCE_OK		Success
 * @retval	<SCE_OK		Error code
 */
int sceKernelFreeMemBlock(SceUID uid);

sceKernelFreeMemBlockForVM

Version NID
3.60 0x4EA13FEA
int sceKernelFreeMemBlockForVM(SceUID uid);

sceKernelCloseMemBlock

Version NID
0.990-3.60 0xB680E3A0
int sceKernelCloseMemBlock(SceUID uid);

sceKernelGetMemBlockBase

Version NID
0.996-3.60 0xB8EF5818
/**
 * @brief Get mapped base address of memory block.
 *
 * Get base address of memory block.
 * @param[in]	uid		block id
 * @param[out]	ppBase		base address of memory block
 * @retval	SCE_OK		success
 * @retval	<SCE_OK		Error
 */
int sceKernelGetMemBlockBase(SceUID uid, void **ppBase);

sceKernelAllocMemBlock

Version NID
0.990-3.60 0xB9D5EBDE
/**
 * Reserve a new memory block.
 *
 * The memory types that can be specified for type are as follows.
 * - SCE_KERNEL_MEMBLOCK_TYPE_USER_RW
 * - SCE_KERNEL_MEMBLOCK_TYPE_USER_RW_UNCACHE
 * - SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_PHYCONT_RW
 * - SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_PHYCONT_NC_RW
 * - SCE_KERNEL_MEMBLOCK_TYPE_USER_CDRAM_RW
 *
 * Allocate a memory block.
 *
 * @param[in]		name		Memory block name
 * @param[in]		vsize		Memory block virtual size
 * @param[in]		flags		Options
 * @retval		id		UID of memory block
 * @retval		<SCE_OK		Error code
 */
SceUID sceKernelAllocMemBlock(const char *name, SceKernelMemBlockType type, SceSize vsize, const struct SceKernelAllocMemBlockOpt *pOpt);

sceKernelAllocUnmapMemBlock

Version NID
3.60 0xEC636BCB
int sceKernelAllocUnmapMemBlock(char *name, SceSize size);

sceKernelOpenVMDomain

Version NID
1.69-3.60 0x9CA3EB2B
int sceKernelOpenVMDomain();

sceKernelSyncVMDomain

Version NID
1.69-3.60 0x19D2A81A
int sceKernelSyncVMDomain(SceUID uid, void *data, SceSize size);

sceKernelCloseVMDomain

Version NID
1.69-3.60 0xD6CA56CA
int sceKernelCloseVMDomain();

sceKernelAllocMemBlockForVM

Version NID
1.69-3.60 0xE2D7E137
SceUID sceKernelAllocMemBlockForVM(const char *name, SceSize vsize);

sceKernelCheckModelCapability

Version NID
3.60 0x0144FBD9
int sceKernelCheckModelCapability(int bit);

sceKernelGetModelForCDialog

Version NID
3.60 0xA2CB322F
int sceKernelGetModelForCDialog();

sceKernelGetModel

Version NID
3.60 0xD0D4F729
int sceKernelGetModel();

sceKernelIsPSVitaTV

Version NID
3.60 0x1453A5E5
int sceKernelIsPSVitaTV();

SceDipsw

sceKernelCheckDipsw

Version NID
1.69-3.60 0x1C783FB2

sceKernelClearDipsw

Version NID
1.69-3.60 0x800EDCC1

sceKernelSetDipsw

Version NID
1.69-3.60 0x817053D4

SceDipswForDriver

sceKernelCheckDipswForDriver

Version NID
3.60 0xA98FC2FD
sceKernelCheckDipswForDriver(int bit);

sceKernelGetDipswInfoForDriver

Version NID
3.60 0xB2AD48BE

return *(int *)(dipsw_addr + 4 * info_id);

0 0x40 0x4 DevKit CP timestamp 1

1 0x44 0x2 DevKit CP Version

2 0x46 0x2 DevKit CP Build ID

3 0x48 0x4 DevKit CP timestamp 2 (strangely also set on Retail and TesKit)

int sceKernelGetDipswInfoForDriver(int info_id);

sceKernelClearDipswForDriver

Version NID
3.60 0xF1F3E9FE
sceKernelClearDipswForDriver(int bit);

sceKernelSetDipswForDriver

Version NID
3.60 0x82E45FBF
sceKernelSetDipswForDriver(int bit);

SceUartForKernel

sceUartWriteForKernel

Version NID
3.60 0x41973874
int sceUartWriteForKernel(int device, unsigned char data);

sceUartReadAvailableForKernel

Version NID
3.60 0x38DB7629

Returns the number of words available to read from the read FIFO.

int sceUartReadAvailableForKernel(int device);

sceUartReadForKernel

Version NID
3.60 0x9BBF1255
int sceUartReadForKernel(int device);

sceUartInitForKernel

Version NID
3.60 0xA9C74212

It initializes the clock generator registers for the device. The default baud rate is 115200 for devices 0-5 and 250000 for the device 6.

int sceUartInitForKernel(int device);

SceCpu

This library provides wrapper for much ARM CP15 co-processor access as well as low level support of spinlocks and other synchronization primitives.

sceKernelCpuGetCpuId

Version NID
1.69-3.60 0x2704CFEE

Return the CPU ID of the current core.

int sceKernelCpuGetCpuId(void);

SceCpuForKernel

sceKernelTlsKernelSetForKernel

Version NID
0.940 0x7A180AA4
3.60 not present
// thread_index must be < 8
void *sceKernelTlsKernelSetForKernel(SceUInt32 thread_index, void *tls);

sceKernelTlsKernelGetForKernel

Version NID
0.940 0x28E080BC
3.60 not present
// thread_index must be < 8
void *sceKernelTlsKernelGetForKernel(SceUInt32 thread_index);

sceKernelCallRoundupDCacheLineFuncForKernel

Version NID
0.990 0xED512F50
3.60 not present

Calls the function previously registered by sceKernelGetRoundupDCacheLineFuncForKernel.

int sceKernelCallRoundupDCacheLineFuncForKernel(int a1);

sceKernelGetRoundupDCacheLineFuncForKernel

Version NID
0.990 0x66C3AA93
3.60 not present

Uses CTR and CTR-DMINLINE to determine which function to return.

(int sceKernelCallRoundupDCacheLineFuncForKernel(int) *) sceKernelGetRoundupDCacheLineFuncForKernel(void);

sceKernelVMWrite8ForKernel

Version NID
0.931 0xA3C65664
3.60 not present
int sceKernelVMWrite8ForKernel(uint8_t *dest, uint8_t val);

sceKernelVMWrite16ForKernel

Version NID
0.931 0xBF38A460
3.60 not present
int sceKernelVMWrite16ForKernel(uint16_t *dest, uint16_t val);

sceKernelVMWrite32ForKernel

Version NID
0.931 0x04D129B2
3.60 not present
int sceKernelVMWrite32ForKernel(uint32_t *dest, uint32_t val);

sceKernelVMReadUser8ForKernel

Version NID
0.990 0x942B92C3
3.60 not present
int sceKernelVMReadUser8ForKernel(uint8_t *dest, uint8_t *psrc);

sceKernelVMReadUser16ForKernel

Version NID
0.990 unk
3.60 unk
int sceKernelVMReadUser16ForKernel(uint16_t *dest, uint16_t *psrc);

sceKernelVMReadUser32ForKernel

Version NID
0.990 0x6091086F
3.60 not present
int sceKernelVMReadUser32ForKernel(uint32_t *dest, uint32_t *psrc);

sceKernelVMRead8ForKernel

Version NID
0.990 0xA2F0FE9D
3.60 not present
int sceKernelVMRead8ForKernel(uint8_t *dest, uint8_t *psrc);

sceKernelVMRead16ForKernel

Version NID
0.990 0xF31D4D10
3.60 not present
int sceKernelVMRead16ForKernel(uint16_t *dest, uint16_t *psrc);

sceKernelVMRead32ForKernel

Version NID
0.990 0x316574B1
3.60 not present
int sceKernelVMRead32ForKernel(uint32_t *dest, uint32_t *psrc);

sceKernelMMUUnmapSectionsWithFlagsForKernel

Version NID
0.990 0xFC657FD1
3.60 not present
int sceKernelMMUUnmapSectionsWithFlagsForKernel(uint32_t a1, uint32_t a2, void *vbase, SceSize size, uint32_t a5);

sceKernelMMUUnmapSupersectionsWithFlagsForKernel

Version NID
0.990 0x0E4D29C6
3.60 not present
int sceKernelMMUUnmapSupersectionsWithFlagsForKernel(uint32_t a1, uint32_t a2, void *vbase, SceSize size, uint32_t a5);

sceKernelMMUMapSmallPagesForKernel

Version NID
0.990 0xB953E022
3.60 not present
int sceKernelMMUMapSmallPagesForKernel(uint32_t vbase, uint32_t voffset, uint32_t vsize, uint32_t pbase);

sceKernelMMUMapSmallPageForKernel

Version NID
0.990 0xCC7C16F8
3.60 not present
int sceKernelMMUMapSmallPageForKernel(uint32_t vbase, uint32_t voffset, uint32_t vsize, uint32_t pbase);

sceKernelMMUL1VAtoPABySWForKernel

Version NID
0.990 0x8E4ECF17
3.60 not present
int sceKernelMMUL1VAtoPABySWForKernel(uint32_t a1, void *pVA, void **pPA);

SceCpuForKernel_CA4124DE

Version NID
0.990 0xCA4124DE
3.60 not present
int SceCpuForKernel_CA4124DE(uint32_t a1, void *pVA, void **pPA);

sceKernelCpuSaveContextForKernel

Version NID
0.00 0x211B89DA
3.60 not present

sceKernelCpuRestoreContextForKernel

Version NID
0.00 0x0A4F0FB9
3.60 not present

sceKernelCpuGetCONTEXTIDRForKernel

Version NID
3.60 0x5B6B3274

The CONTEXTIDR, bits [31:0] contain the process ID number.

  return (unsigned __int8)__mrc(15, 0, 13, 0, 1); // Read CONTEXTIDR (Context ID Register)
void sceKernelCpuGetCONTEXTIDRForKernel(void);

sceKernelCpuUpdateSCTLRForKernel

Version NID
3.60 0x04008CF7
  int result;
  result = __mrc(15, 0, 1, 0, 0) | 0x1806; // Read SCTLR (System Control Register)
  __mcr(15, 0, result, 1, 0, 0); // Write SCTLR (System Control Register)
  return result;
void sceKernelCpuUpdateSCTLRForKernel(void); // SCTLR (System Control Register)

sceKernelCpuBranchPredictorInvalidateAllISForKernel

Version NID
3.60 0x1BB2BB8D
void sceKernelCpuBranchPredictorInvalidateAllISForKernel(void); // BPIALLIS, Branch predictor invalidate all (IS)

sceKernelCpuBranchPredictorInvalidateAllForKernel

Version NID
3.60 0x4C4C7D6B
void sceKernelCpuBranchPredictorInvalidateAllForKernel(void); // BPIALL, Branch predictor invalidate all

sceKernelCpuDcacheInvalidateMVACForKernel

Version NID
3.60 0x470EAE1E
void sceKernelCpuDcacheInvalidateMVACForKernel(int mva); // DCIMVAC, Data cache invalidate by MVA (PoC)

sceKernelCpuDcacheInvalidateMVACRangeForKernel

Version NID
3.60 0x583F30D1
void sceKernelCpuDcacheInvalidateMVACRangeForKernel(void *addr, unsigned int size); // DCIMVAC, Data cache invalidate by MVA (PoC)

sceKernelCpuDcacheCleanInvalidateMVACRangeForKernel

Version NID
3.60 0x6BA2E51C
void sceKernelCpuDcacheCleanInvalidateMVACRangeForKernel(void *addr, unsigned int size); // DCCIMVAC, Data cache clean and invalidate by MVA (PoC)

sceKernelCpuDcacheInvalidateSWForKernel

Version NID
3.60 0x2F3BF020
void sceKernelCpuDcacheInvalidateSWForKernel(void); // DCISW, Data cache invalidate by set/way (all the cache)

sceKernelCpuDcacheCleanSWForKernel

Version NID
3.60 0x73A30DB2
void sceKernelCpuDcacheCleanSWForKernel(void); // DCCSW, Data cache clean by set/way (all the cache)

sceKernelCpuDcacheCleanInvalidateSWForKernel

Version NID
3.60 0x76DAB4D0
void sceKernelCpuDcacheCleanInvalidateSWForKernel(void); // DCCISW, Data cache clean and invalidate by set/way (all the cache)

sceKernelCpuDcacheCleanMVACForKernel

Version NID
3.60 0xF7159B55
void sceKernelCpuDcacheCleanMVACForKernel(int mva); // DCCMVAC, Data cache clean by MVA (PoC)

sceKernelCpuDcacheCleanMVACRangeForKernel

Version NID
3.60 0xC5C1EE4E
void sceKernelCpuDcacheCleanMVACRangeForKernel(void *addr, unsigned int size); // DCCMVAC, Data cache clean by MVA (PoC)

sceKernelCpuDcacheCleanInvalidateMVACForKernel

Version NID
3.60 0xC8E8C9E9
void sceKernelCpuDcacheCleanInvalidateMVACForKernel(int mva); // DCCIMVAC, Data cache clean and invalidate by MVA (PoC)

sceKernelCpuIcacheInvalidateAllUISForKernel

Version NID
3.60 0x264DA250
void sceKernelCpuIcacheInvalidateAllUISForKernel(void); // ICIALLUIS, Instruction cache invalidate all (PoU, IS)

sceKernelCpuIcacheInvalidateAllUForKernel

Version NID
3.60 0xAEE0B489
void sceKernelCpuIcacheInvalidateAllUForKernel(void); // ICIALLU, Instruction cache invalidate all (PoU)

sceKernelCpuIcacheInvalidateMVAURangeForKernel

Version NID
3.60 0xF4C7F578
void sceKernelCpuIcacheInvalidateMVAURangeForKernel(void *addr, unsigned int size); // ICIMVAU, Instruction cache invalidate by MVA (PoU)

sceKernelCpuIcacheAndL2InvalidateMVAURangeForKernel

Version NID
3.60 0x19F17BD0
3.65-3.68 0x73E895EA
int sceKernelCpuIcacheAndL2InvalidateMVAURangeForKernel(void *addr, unsigned int size);

sceKernelCpuPreloadEngineKill

Version NID
3.60 0xD0D85FF8
  • NSACR (Non-Secure Access Control Register)
  • Test bit NS access to the Preload Engine resources
  • [>] PLEFF (Preload Engine FIFO flush operation)
  • [>] PLEKC (Preload Engine kill channel operation)
  • [<] PLEASR (Preload Engine Activity Status Register)
int sceKernelCpuPreloadEngineKill(void);

sceKernelCpuUnrestrictedMemcpyForKernel

Version NID
1.69-3.60 0x8C683DEC

Unrestricted memcpy by first setting the DACR register to 0xFFFF0000 and then doing a memcpy.

int sceKernelCpuUnrestrictedMemcpyForKernel(void *dest, const void *src, size_t len);

sceKernelMMUVAtoPAWithModeForKernel

Version NID
0.990-3.60 0x67343A07

Temp name was sceKernelCpuGetPaddrWithMaskForKernel.

mode (maskPAR) is usually 0x33, sometimes 2.

int sceKernelMMUVAtoPAWithModeForKernel(int mode, void *pVA, void **pPA);

sceKernelCpuGetPaddrForKernel

Version NID
0.990-3.60 0x2A46E800

Uses maskPAR 0x33.

int sceKernelCpuGetPaddrForKernel(void *VA, void **pPA);

sceKernelCpuForKernel_9B8173F4

Version NID
3.60 0x9B8173F4

Might be get_vaddr_memory_type.

Return value can be:

  • 2
  • 8
  • 0x40
  • 0x80
  • 0xD0
  • 0x80022007 (SCE_KERNEL_ERROR_VA2PA_FAULT)
int sceKernelCpuForKernel_9B8173F4(void *vaddr);

SceCpuForKernel_A5C9DBBA

Version NID
3.60 0xA5C9DBBA

Uses sceKernelCpuGetCpuIdForDriver, sceKernelCpuAtomicGetAndSub16ForDriver and sceKernelCpuUnlockStoreLRForDriver.

int SceCpuForKernel_A5C9DBBA(void *addr);

SceCpuForKernel_9D72DD1B

Version NID
3.60 0x9D72DD1B

Uses sceKernelCpuGetCpuIdForDriver and sceKernelCpuLockStoreLRForDriver.

int SceCpuForKernel_9D72DD1B(void *addr);

SceCpuForKernel_4CD4D921

Version NID
3.60 0x4CD4D921
*(uint32_t *)addr = 1;
*((uint16_t *)addr + 2) = 4;
*((uint16_t *)addr + 3) = 4;
return result;

aka write 01 00 00 00 04 00 04 00 at addr.

int SceCpuForKernel_4CD4D921(void *addr);

SceCpuForKernel_43CC6E20

Version NID
3.60 0x43CC6E20

Only used by SceKernelThreadmgr.

DACR off

Does some memory copies between the args.

int SceCpuForKernel_43CC6E20(void *addr, int a2, int a3, int a4);

SceCpuUnrestrictedBzeroIntForKernel

Version NID
3.60 0x76EB0DD4

Only used by SceKernelThreadmgr.

DACR off

int SceCpuUnrestrictedBzeroIntForKernel(int *addr);

SceCpuForKernel_337473B5

Version NID
3.60 0x337473B5

Only used by SceKernelThreadmgr.

DACR off

int SceCpuForKernel_337473B5(volatile void *ptr, unsigned int value);

SceCpuForKernel_37FBFD12

Version NID
3.60 0x37FBFD12

Only used by SceKernelThreadmgr.

same as SceCpuForKernel_337473B5 but DACR is not disabled

int SceCpuForKernel_37FBFD12(volatile void *ptr, unsigned int value);

SceCpuForKernel_D37AABE5

Version NID
3.60 0xD37AABE5

Only used by SceKernelThreadmgr.

similar as SceCpuForKernel_37FBFD12 but with a3

DACR is not disabled

int SceCpuForKernel_D37AABE5(volatile void *ptr, unsigned int value, int a3);

SceCpuForKernel_4553FBDE

Version NID
3.60 0x4553FBDE

Only used by SceKernelThreadmgr.

DACR is not disabled

  unsigned __int64 v2;
  do
  {
    v2 = __ldrexd(result);
    LODWORD(v2) = a2;
    HIDWORD(v2) = a2;
  }
  while ( __strexd(v2, result) );
  return result;
int SceCpuForKernel_4553FBDE(unsigned uint64_t *result, int a2);

SceCpuForKernel_6190A018

Version NID
3.60 0x6190A018

Only used by SceKernelThreadmgr.

similar as SceCpuForKernel_37FBFD12

DACR is not disabled

int SceCpuForKernel_6190A018(unsigned __int64 *a1, signed int a2);

SceCpuForKernel_D8A7216C

Version NID
3.60 0xD8A7216C

Only used by SceKernelThreadmgr.

similar as SceCpuForKernel_37FBFD12

DACR is not disabled

int SceCpuForKernel_D8A7216C(unsigned __int64 *a1, int a2, int a3);

SceCpuForKernel_7FB4E7AC

Version NID
3.60 0x7FB4E7AC

Only used by SceKernelThreadmgr.

similar as SceCpuForKernel_37FBFD12

DACR is not disabled

int SceCpuForKernel_7FB4E7AC(unsigned __int64 *result, int a2);

SceCpuForKernel_8510FA52

Version NID
3.60 0x8510FA52

Only used by SceKernelThreadmgr.

similar as SceCpuForKernel_37FBFD12

DACR is not disabled

int SceCpuForKernel_8510FA52(unsigned int *a1);

SceCpuForKernel_5F64E5ED

Version NID
3.60 0x5F64E5ED

Only used by SceKernelThreadmgr.

similar as SceCpuForKernel_37FBFD12

DACR is not disabled

int SceCpuForKernel_5F64E5ED(unsigned int *a1);

SceCpuForKernel_98E91C1C

Version NID
3.60 0x98E91C1C

Only used by SceKernelThreadmgr.

similar as SceCpuForKernel_37FBFD12

DACR is not disabled

int SceCpuForKernel_98E91C1C(unsigned int *a1, int a2, signed int a3);

SceCpuForKernel_6C7E7B57

Version NID
3.60 0x6C7E7B57
a1 = a1 | 0x4A;
return a1;
int SceCpuForKernel_6C7E7B57(int a1);

SceCpuForKernel_9A3281C0

Version NID
3.60 0x9A3281C0
*result = 0x810227EC;
*a2 = 0x81022B40;
return result;
int SceCpuForKernel_9A3281C0(int *result_0, int *result_1);

SceCpuForKernel_9CB82EB0

Version NID
3.60 0x9CB82EB0
return;
int SceCpuForKernel_9CB82EB0(void);

SceCpuForDriver

sceKernelRoundupDCacheLine3ForDriver

Version NID
0.990 0xF0849812
3.60 not present
int sceKernelRoundupDCacheLine3ForDriver(int a1);

sceKernelAbortForDriver

Version NID
0.990 0x6DCA6903
3.60 not present
void sceKernelAbortForDriver(void);

sceKernelCpuGetCpuIdForDriver

Version NID
0.990-3.60 0x5E4D5DE1

Return the CPU ID of the current core.

int sceKernelCpuGetCpuIdForDriver(void);

sceKernelCpuAtomicAddAndGet8ForDriver

Version NID
3.60 0x1E850481
unsigned char sceKernelCpuAtomicAddAndGet8ForDriver (unsigned char *addr, unsigned char val);

sceKernelCpuAtomicAddAndGet16ForDriver

Version NID
3.60 0x59F74E94
unsigned short sceKernelCpuAtomicAddAndGet16ForDriver(unsigned short *addr, unsigned short val);

sceKernelCpuAtomicAddAndGet32ForDriver

Version NID
3.60 0x5F6A8743
unsigned int sceKernelCpuAtomicAddAndGet32ForDriver(unsigned int *addr, unsigned int val);

sceKernelCpuAtomicAddAndGet64ForDriver

Version NID
3.60 0x4E459A03
unsigned long long sceKernelCpuAtomicAddAndGet64ForDriver(unsigned long long *addr, int unused, unsigned long long val);

sceKernelCpuAtomicAddUnless8ForDriver

Version NID
3.60 0x5CC62CEC
int sceKernelCpuAtomicAddUnless8ForDriver(unsigned char *addr, unsigned char val, unsigned char cmp);

sceKernelCpuAtomicAddUnless16ForDriver

Version NID
3.60 0x0F84AFE9
int sceKernelCpuAtomicAddUnless16ForDriver(unsigned short *addr, unsigned short val, unsigned short cmp);

sceKernelCpuAtomicAddUnless32ForDriver

Version NID
3.60 0x1F157DC3
int sceKernelCpuAtomicAddUnless32ForDriver(unsigned int *addr, unsigned int val, unsigned int cmp);

sceKernelCpuAtomicAddUnless64ForDriver

Version NID
3.60 0x06CCFA4B
int sceKernelCpuAtomicAddUnless64ForDriver(unsigned long long *addr, int unused, unsigned long long val, unsigned long long cmp);

sceKernelCpuAtomicAndAndGet8ForDriver

Version NID
3.60 0x32B62B1A
unsigned char sceKernelCpuAtomicAndAndGet8ForDriver(unsigned char *addr, unsigned char val);

sceKernelCpuAtomicAndAndGet16ForDriver

Version NID
3.60 0xB281D52A
unsigned short sceKernelCpuAtomicAndAndGet16ForDriver(unsigned short *addr, unsigned short val);

sceKernelCpuAtomicAndAndGet32ForDriver

Version NID
3.60 0xDF899E4B
unsigned int sceKernelCpuAtomicAndAndGet32ForDriver(unsigned int *addr, unsigned int val);

sceKernelCpuAtomicAndAndGet64ForDriver

Version NID
3.60 0xD18E7B54
unsigned long long sceKernelCpuAtomicAndAndGet64ForDriver(unsigned long long *addr, int unused, unsigned long long val);

sceKernelCpuAtomicClearAndGet8ForDriver

Version NID
3.60 0x8E538AB5
unsigned char sceKernelCpuAtomicClearAndGet8ForDriver(unsigned char *addr, unsigned char val);

sceKernelCpuAtomicClearAndGet16ForDriver

Version NID
3.60 0x6B050D7C
unsigned short sceKernelCpuAtomicClearAndGet16ForDriver(unsigned short *addr, unsigned short val);

sceKernelCpuAtomicClearAndGet32ForDriver

Version NID
3.60 0x78C1F148
unsigned int sceKernelCpuAtomicClearAndGet32ForDriver(unsigned int *addr, unsigned int val);

sceKernelCpuAtomicClearAndGet64ForDriver

Version NID
3.60 0x2149CD4C
unsigned long long sceKernelCpuAtomicClearAndGet64ForDriver(unsigned long long *addr, int unused, unsigned long long val);

sceKernelCpuAtomicClearMask8ForDriver

Version NID
3.60 0x1B3336B0
void sceKernelCpuAtomicClearMask8ForDriver(unsigned char *addr, unsigned char val);

sceKernelCpuAtomicClearMask16ForDriver

Version NID
3.60 0x1BE58599
void sceKernelCpuAtomicClearMask16ForDriver(unsigned short *addr, unsigned short val);

sceKernelCpuAtomicClearMask32ForDriver

Version NID
3.60 0x4AE1BCC0
void sceKernelCpuAtomicClearMask32ForDriver(unsigned int *addr, unsigned int val);

sceKernelCpuAtomicClearMask64ForDriver

Version NID
3.60 0x55760309
void sceKernelCpuAtomicClearMask64ForDriver(unsigned long long *addr, int unused, unsigned long long val);

sceKernelCpuAtomicCompareAndSet8ForDriver

Version NID
3.60 0x3627F4E0
unsigned char sceKernelCpuAtomicCompareAndSet8ForDriver(unsigned char *addr, unsigned char cmp, unsigned char val);

sceKernelCpuAtomicCompareAndSet16ForDriver

Version NID
3.60 0x6F63F56D
unsigned short sceKernelCpuAtomicCompareAndSet16ForDriver(unsigned short *addr, unsigned short cmp, unsigned short val);

sceKernelCpuAtomicCompareAndSet32ForDriver

Version NID
3.60 0xCDA96E81
unsigned int sceKernelCpuAtomicCompareAndSet32ForDriver(unsigned int *addr, unsigned int cmp, unsigned int val);

sceKernelCpuAtomicCompareAndSet64ForDriver

Version NID
3.60 0x4B527009
unsigned long long sceKernelCpuAtomicCompareAndSet64ForDriver(unsigned long long *addr, int unused, unsigned long long cmp, unsigned long long val);

sceKernelCpuAtomicDecIfPositive8ForDriver

Version NID
3.60 0x45153D4E
unsigned char sceKernelCpuAtomicDecIfPositive8ForDriver(unsigned char *addr);

sceKernelCpuAtomicDecIfPositive16ForDriver

Version NID
3.60 0x9A693F5B
unsigned short sceKernelCpuAtomicDecIfPositive16ForDriver(unsigned short *addr);

sceKernelCpuAtomicDecIfPositive32ForDriver

Version NID
3.60 0x2A71B03C
unsigned int sceKernelCpuAtomicDecIfPositive32ForDriver(unsigned int *addr);

sceKernelCpuAtomicDecIfPositive64ForDriver

Version NID
3.60 0x267D0B33
unsigned long long sceKernelCpuAtomicDecIfPositive64ForDriver(unsigned long long *addr);

sceKernelCpuAtomicGetAndAdd8ForDriver

Version NID
3.60 0xFCDCD4DE
unsigned char sceKernelCpuAtomicGetAndAdd8ForDriver(unsigned char *addr, unsigned char val);

sceKernelCpuAtomicGetAndAdd16ForDriver

Version NID
3.60 0x225DF91A
unsigned short sceKernelCpuAtomicGetAndAdd16ForDriver(unsigned short *addr, unsigned short val);

sceKernelCpuAtomicGetAndAdd32ForDriver

Version NID
3.60 0x341B6E81
unsigned int sceKernelCpuAtomicGetAndAdd32ForDriver(unsigned int *addr, unsigned int val);

sceKernelCpuAtomicGetAndAdd64ForDriver

Version NID
3.60 0x043FD446
unsigned long long sceKernelCpuAtomicGetAndAdd64ForDriver(unsigned long long *addr, int unused, unsigned long long val);

sceKernelCpuAtomicGetAndAnd8ForDriver

Version NID
3.60 0xD8E675C0
unsigned char sceKernelCpuAtomicGetAndAnd8ForDriver(unsigned char *a1, unsigned char a2);

sceKernelCpuAtomicGetAndAnd16ForDriver

Version NID
3.60 0x4A820BC5
unsigned short sceKernelCpuAtomicGetAndAnd16ForDriver(unsigned short *addr, unsigned short val);

sceKernelCpuAtomicGetAndAnd32ForDriver

Version NID
3.60 0x10EB35EB
unsigned int sceKernelCpuAtomicGetAndAnd32ForDriver(unsigned int *addr, unsigned int val);

sceKernelCpuAtomicGetAndAnd64ForDriver

Version NID
3.60 0x18A17E07
unsigned long long sceKernelCpuAtomicGetAndAnd64ForDriver(unsigned long long *addr, int unused, unsigned long long val);

sceKernelCpuAtomicGetAndClear8ForDriver

Version NID
3.60 0x382D1466
unsigned char sceKernelCpuAtomicGetAndClear8ForDriver(unsigned char *addr, unsigned char val);

sceKernelCpuAtomicGetAndClear16ForDriver

Version NID
3.60 0x8E9C086D
unsigned short sceKernelCpuAtomicGetAndClear16ForDriver(unsigned short *addr, unsigned short val);

sceKernelCpuAtomicGetAndClear32ForDriver

Version NID
3.60 0xE36F3A46
unsigned int sceKernelCpuAtomicGetAndClear32ForDriver(unsigned int *addr, unsigned int val);

sceKernelCpuAtomicGetAndClear64ForDriver

Version NID
3.60 0x88BA6002
unsigned long long sceKernelCpuAtomicGetAndClear64ForDriver(unsigned long long *addr, int unused, unsigned long long val);

sceKernelCpuAtomicGetAndOr8ForDriver

Version NID
3.60 0xBDF6F8E4
unsigned char sceKernelCpuAtomicGetAndOr8ForDriver(unsigned char *var, unsigned char value);

sceKernelCpuAtomicGetAndOr16ForDriver

Version NID
3.60 0x004F09D1
unsigned short sceKernelCpuAtomicGetAndOr16ForDriver(unsigned short *addr, unsigned short val);

sceKernelCpuAtomicGetAndOr32ForDriver

Version NID
3.60 0x2A40BB93
unsigned int sceKernelCpuAtomicGetAndOr32ForDriver(unsigned int *addr, unsigned int val);

sceKernelCpuAtomicGetAndOr64ForDriver

Version NID
3.60 0xCB73D6D5
unsigned long long sceKernelCpuAtomicGetAndOr64ForDriver(unsigned long long *addr, int unused, unsigned long long val);

sceKernelCpuAtomicGetAndSet8ForDriver

Version NID
3.60 0x29599FC8
unsigned char sceKernelCpuAtomicGetAndSet8ForDriver(unsigned char *addr, unsigned char val);

sceKernelCpuAtomicGetAndSet16ForDriver

Version NID
3.60 0x085532C8
unsigned short sceKernelCpuAtomicGetAndSet16ForDriver(unsigned short *addr, unsigned short val);

sceKernelCpuAtomicGetAndSet32ForDriver

Version NID
3.60 0x0EE04C03
unsigned int sceKernelCpuAtomicGetAndSet32ForDriver(unsigned int *addr, unsigned int val);

sceKernelCpuAtomicGetAndSet64ForDriver

Version NID
3.60 0xD2DEE625
unsigned long long sceKernelCpuAtomicGetAndSet64ForDriver(unsigned long long *addr, int unused, unsigned long long val);

sceKernelCpuAtomicGetAndSub8ForDriver

Version NID
3.60 0x7B43D0D7
unsigned char sceKernelCpuAtomicGetAndSub8ForDriver (unsigned char *addr, unsigned char val);

sceKernelCpuAtomicGetAndSub16ForDriver

Version NID
3.60 0x3EE9B5B8
unsigned short sceKernelCpuAtomicGetAndSub16ForDriver(unsigned short *addr, unsigned short val);

sceKernelCpuAtomicGetAndSub32ForDriver

Version NID
3.60 0xF891CF2A
unsigned int sceKernelCpuAtomicGetAndSub32ForDriver(unsigned int *addr, unsigned int val);

sceKernelCpuAtomicGetAndSub64ForDriver

Version NID
3.60 0xA7585370
unsigned long long sceKernelCpuAtomicGetAndSub64ForDriver(unsigned long long *addr, int unused, unsigned long long val);

sceKernelCpuAtomicGetAndXor8ForDriver

Version NID
3.60 0xBAF47F7B
unsigned char sceKernelCpuAtomicGetAndXor8ForDriver(unsigned char *addr, unsigned char val);

sceKernelCpuAtomicGetAndXor16ForDriver

Version NID
3.60 0x711801E6
unsigned short sceKernelCpuAtomicGetAndXor16ForDriver(unsigned short *addr, unsigned short val);

sceKernelCpuAtomicGetAndXor32ForDriver

Version NID
3.60 0x77E34309
unsigned int sceKernelCpuAtomicGetAndXor32ForDriver(unsigned int *addr, unsigned int val);

sceKernelCpuAtomicGetAndXor64ForDriver

Version NID
3.60 0xE212ECAD
unsigned long long sceKernelCpuAtomicGetAndXor64ForDriver(unsigned long long *addr, int unused, unsigned long long val);

sceKernelCpuAtomicOrAndGet8ForDriver

Version NID
3.60 0x5D515F1B
unsigned char sceKernelCpuAtomicOrAndGet8ForDriver(unsigned char *addr, unsigned char val);

sceKernelCpuAtomicOrAndGet16ForDriver

Version NID
3.60 0xADD39B84
unsigned short sceKernelCpuAtomicOrAndGet16ForDriver (unsigned short *addr, unsigned short val);

sceKernelCpuAtomicOrAndGet32ForDriver

Version NID
3.60 0xBC248C30
unsigned int sceKernelCpuAtomicOrAndGet32ForDriver (unsigned int *addr, unsigned int val);

sceKernelCpuAtomicOrAndGet64ForDriver

Version NID
3.60 0x3E218AF7
unsigned long long sceKernelCpuAtomicOrAndGet64ForDriver(unsigned long long *addr, int unused, long long val);

sceKernelCpuAtomicSet8ForDriver

Version NID
3.60 0x0836537E
void sceKernelCpuAtomicSet8ForDriver(unsigned char *addr, unsigned char val);

sceKernelCpuAtomicSet16ForDriver

Version NID
3.60 0x532CA3E8
void sceKernelCpuAtomicSet16ForDriver(unsigned short *addr, unsigned short val);

sceKernelCpuAtomicSet32ForDriver

Version NID
3.60 0x3168BC57
void sceKernelCpuAtomicSet32ForDriver(unsigned int *addr, unsigned int val);

sceKernelCpuAtomicSet64ForDriver

Version NID
3.60 0xC381CE8C
void sceKernelCpuAtomicSet64ForDriver(unsigned long long *addr, int unused, unsigned long long val);

sceKernelCpuAtomicSetIfGreaterGet8ForDriver

Version NID
3.60 0xC3868071
unsigned char sceKernelCpuAtomicSetIfGreaterGet8ForDriver(unsigned char *addr, unsigned char val);

sceKernelCpuAtomicSetIfGreaterGet16ForDriver

Version NID
3.60 0x875B094D
unsigned short sceKernelCpuAtomicSetIfGreaterGet16ForDriver(unsigned short *addr, unsigned short val);

sceKernelCpuAtomicSetIfGreaterGet32ForDriver

Version NID
3.60 0x26F71995
unsigned int sceKernelCpuAtomicSetIfGreaterGet32ForDriver(unsigned int *a1, unsigned int val);

sceKernelCpuAtomicSubAndGet8ForDriver

Version NID
3.60 0xEB085370
unsigned char sceKernelCpuAtomicSubAndGet8ForDriver(unsigned char *addr, unsigned char val);

sceKernelCpuAtomicSubAndGet16ForDriver

Version NID
3.60 0x515682C9
unsigned short sceKernelCpuAtomicSubAndGet16ForDriver(unsigned short *addr, unsigned short val);

sceKernelCpuAtomicSubAndGet32ForDriver

Version NID
3.60 0xA4884C4E
unsigned int sceKernelCpuAtomicSubAndGet32ForDriver(unsigned int *addr, unsigned int val);

sceKernelCpuAtomicSubAndGet64ForDriver

Version NID
3.60 0xB5F8919C
unsigned long long sceKernelCpuAtomicSubAndGet64ForDriver(unsigned long long *addr, int unused, unsigned long long val);

sceKernelCpuAtomicXorAndGet8ForDriver

Version NID
3.60 0x03887992
unsigned char sceKernelCpuAtomicXorAndGet8ForDriver (unsigned char *a1, unsigned char a2);

sceKernelCpuAtomicXorAndGet16ForDriver

Version NID
3.60 0x646003D6
unsigned short sceKernelCpuAtomicXorAndGet16ForDriver (unsigned short *addr, unsigned short val);

sceKernelCpuAtomicXorAndGet32ForDriver

Version NID
3.60 0x4244BE65
unsigned int sceKernelCpuAtomicXorAndGet32ForDriver(unsigned int *addr, unsigned int val);

sceKernelCpuAtomicXorAndGet64ForDriver

Version NID
3.60 0x692C51B3
unsigned long long sceKernelCpuAtomicXorAndGet64ForDriver(unsigned long long *addr, int unused, unsigned long long val);

sceKernelCpuDcacheAndL2InvalidateMVACRange_1ForDriver

Version NID
0.990-3.60 0x02796361

1

Temp name was sceKernelCpuDcacheAndL2InvalidateRangeForDriver.

int sceKernelCpuDcacheAndL2InvalidateMVACRange_1ForDriver(void *start, size_t size);

sceKernelCpuDcacheAndL2InvalidateMVACRange_10ForDriver

Version NID
0.990 0x614C6698
3.60 not present

0x10

int sceKernelCpuDcacheAndL2InvalidateMVACRange_10ForDriver(void *start, size_t size);


sceKernelCpuDcacheAndL2InvalidateMVACRange_20ForDriver

Version NID
0.990-3.60 0x8B4C26DF

0x20

Temp name was sceKernelCpuDcacheInvalidateRangeForDriver.

int sceKernelCpuDcacheAndL2InvalidateMVACRange_20ForDriver(void *start, size_t size);

sceKernelCpuDcacheAndL2CleanInvalidateMVACRange_1ForDriver

Version NID
3.60 0x364E68A4

1

int sceKernelCpuDcacheAndL2CleanInvalidateMVACRange_1ForDriver(void *ptr, size_t len);

sceKernelCpuDcacheAndL2CleanInvalidateMVACRange_20ForDriver

Version NID
3.60 0xE551F99B

0x20

int sceKernelCpuDcacheAndL2CleanInvalidateMVACRange_20ForDriver(void *ptr, size_t len);

sceKernelCpuDcacheAndL2CleanMVACRange_1ForDriver

Version NID
0.990-3.60 0x103872A5

1

int sceKernelCpuDcacheAndL2CleanMVACRange_1ForDriver(void *start, size_t size);

sceKernelCpuDcacheAndL2CleanMVACRange_20ForDriver

Version NID
0.990-3.68 0x9CB9F0CE

Also named sceKernelCpuDcacheWritebackRangeForDriver, flush_dcache.

0x20

int sceKernelCpuDcacheAndL2CleanMVACRange_20ForDriver(void *start, size_t size);

SceCpuForDriver_E813EBB2

Version NID
3.60 0xE813EBB2
#define SceL2CacheReg 0x1A002000
__dsb();
*(int *)(SceL2CacheReg + 0x730) = 0;
while ( *(int *)(SceL2CacheReg + 0x730) & 1 )
    ;
__dmb();
int SceCpuForDriver_E813EBB2(void);

sceKernelCpuIsVaddrMappedForDriver

Version NID
3.60 0x337CBDF3
  uint32_t vaddr_memory_type = SceCpuForKernel_9B8173F4(vaddr);
  if (vaddr_memory_type != 8) {
    if (vaddr_memory_type <= 8) {
      if (vaddr_memory_type != 2)
        return 0;
    } else if (vaddr_memory_type != 0x40 && vaddr_memory_type != 0x80)
      return 0;
  }
  return 1;
int sceKernelCpuIsVaddrMappedForDriver(void *vaddr);

These functions implement a simple mutual exclusive access on a resource address using LDREX/STREX.

sceKernelCpuLockStoreLRForDriver

Version NID
1.60-3.60 0xBF82DEB2
void sceKernelCpuLockStoreLRForDriver(unsigned int *addr);

sceKernelCpuTryLockStoreLRForDriver

Version NID
3.60 0x5AC9D394
unsigned int sceKernelCpuTryLockStoreLRForDriver(unsigned int *addr);

sceKernelCpuUnlockStoreLRForDriver

Version NID
1.60-3.60 0xD6ED0C46
void sceKernelCpuUnlockStoreLRForDriver(unsigned int *addr);

sceKernelCpuLockStoreFlagForDriver

Version NID
3.60 0x3F42B434
void sceKernelCpuLockStoreFlagForDriver(unsigned int *result);

sceKernelCpuTryLockStoreFlagForDriver

Version NID
3.60 0x4F7790B4
unsigned int sceKernelCpuTryLockStoreFlagForDriver(unsigned int *addr);

sceKernelCpuUnlockStoreFlagForDriver

Version NID
3.60 0xCB8ABDF0
void sceKernelCpuUnlockStoreFlagForDriver(unsigned int *addr);

These functions implement a simple mutual exclusive access on a resource addr using LDREX/STREX.

LR is stored as addr value.

While mutex is held, interrupts are disabled.

Used like this:

int prev_state = sceKernelCpuLockSuspendIntrStoreLRForDriver(mutex);
// do work
sceKernelCpuUnlockResumeIntrStoreLRForDriver(mutex, prev_state);

sceKernelCpuLockSuspendIntrStoreLRForDriver

Version NID
3.35-3.60 0xD32ACE9E
unsigned int sceKernelCpuLockSuspendIntrStoreLRForDriver(unsigned int *addr);

sceKernelCpuTryLockSuspendIntrStoreLRForDriver

Version NID
3.60 0x27C0B340
unsigned int sceKernelCpuTryLockSuspendIntrStoreLRForDriver(int *addr);

sceKernelCpuUnlockResumeIntrStoreLRForDriver

Version NID
3.35-3.60 0x7BB9D5DF
void sceKernelCpuUnlockResumeIntrStoreLRForDriver(unsigned int *addr, int prev_state);

These functions implement a simple mutual exclusive access on a resource addr using LDREX/STREX.

0x80000000 is stored as addr value.

While mutex is held, interrupts are disabled.

Used like this:

int prev_state = sceKernelCpuLockSuspendIntrStoreFlagForDriver(mutex);
// do work
sceKernelCpuUnlockResumeIntrStoreFlagForDriver(mutex, prev_state);

sceKernelCpuLockSuspendIntrStoreFlagForDriver

Version NID
3.35-3.60 0x4C38CE4D
unsigned int sceKernelCpuLockSuspendIntrStoreFlagForDriver(unsigned int *addr);

sceKernelCpuTryLockSuspendIntrStoreFlagForDriver

Version NID
3.60 0xDE6482C6
unsigned int sceKernelCpuTryLockSuspendIntrStoreFlagForDriver(unsigned int *addr);

sceKernelCpuUnlockResumeIntrStoreFlagForDriver

Version NID
3.35-3.60 0x9EC91017
void sceKernelCpuUnlockResumeIntrStoreFlagForDriver(unsigned int *addr, unsigned int prev_state);

sceKernelCpuSpinLockStoreLRForDriver

Version NID
3.60 0xCAC9AE80
void sceKernelCpuSpinLockStoreLRForDriver(unsigned int *result);

sceKernelCpuTrySpinLockStoreLRForDriver

Version NID
3.60 0x093925BD
unsigned int sceKernelCpuTrySpinLockStoreLRForDriver(unsigned int *addr);

sceKernelCpuSpinUnlockStoreLRForDriver

Version NID
3.60 0xF5FD5676
void sceKernelCpuSpinUnlockStoreLRForDriver(unsigned int *result);

sceKernelCpuSpinLockSuspendIntrStoreLRForDriver

Version NID
3.60 0xEC53D007
unsigned int sceKernelCpuSpinLockSuspendIntrStoreLRForDriver(unsigned int *addr);

sceKernelCpuTrySpinLockSuspendIntrStoreLRForDriver

Version NID
3.60 0xF02467D1
unsigned int sceKernelCpuTrySpinLockSuspendIntrStoreLRForDriver(unsigned int *addr);

sceKernelCpuSpinUnlockResumeIntrStoreLRForDriver

Version NID
3.60 0x740A0750
void sceKernelCpuSpinUnlockResumeIntrStoreLRForDriver(unsigned int *addr, unsigned int prev_state);

sceKernelCpuDisableInterruptsForDriver

Version NID
1.60 0x821FC0EE
3.60 0x821FC0EE

Disable irq (but not fiq) and returns previous interrupt bit status (so either 0 or 0x80).

unsigned int sceKernelCpuDisableInterruptsForDriver(void);

sceKernelCpuEnableInterruptsForDriver

Version NID
1.60 0xF5BAD43B
3.60 0xF5BAD43B

Restore previous irq state, pass either 0 or 0x80.

unsigned int sceKernelCpuEnableInterruptsForDriver(unsigned int prev_state);

SceSysclibForKernel

Was present on 1.69. Doesn't exist on 3.60.

SceSysclibForKernel_E38E7605

Version NID
0.990-1.50 0xE38E7605

Looks like vprintf.

SceSysclibForKernel_F7E34376

Version NID
1.50 0xF7E34376

SceSysclibForKernel_FA746181

Version NID
1.50 0xFA746181

SceSysclibForDriver

The C standard library for use in kernel only. (Userland have SceLibKernel, which confusingly is userland only).

Include standard string functions (no insecure variants like strcpy).

__aeabi_idiv

Version NID
3.60 0x2518CD9E

__aeabi_uidiv

Version NID
0.990-3.60 0xA9FF1205

__aeabi_uidivmod

Version NID
0.990-3.60 0xA46CB7DE

__aeabi_ldivmod

Version NID
3.60 0x7554AB04

__memcpy_chk

Version NID
3.60 0x8A0B0815

__memmove_chk

Version NID
3.60 0x35DBB110

__memset_chk

Version NID
3.60 0x1A30BB28

__stack_chk_fail

Version NID
1.50-3.60 0xB997493D

__strncat_chk

Version NID
3.60 0x33EE298B

__strncpy_chk

Version NID
3.60 0x96268C53

look_ctype_table

Version NID
3.60 0xCDF7F155

memchr

Version NID
3.60 0x60DAEA30

memcmp

Version NID
3.60 0xB5A4D745

timing constant memcmp

memcmp2

Version NID
1.69-3.60 0xF939E83D

memcpy

Version NID
1.50-3.60 0x40C88316

memmove

Version NID
1.50-3.60 0x6CC9C1A1

On 1.69, this seems to be implemented incorrectly.

memset

Version NID
1.60-3.60 0x0AB9BF5C

memset2

Version NID
1.50-1.69 0x502B000D
3.60 not present

rshift

Version NID
1.69-3.60 0x1D89F6C0

snprintf

Version NID
1.69-3.60 0xAE7A8981

strchr

Version NID
1.50-3.60 0x38463759

strcmp

Version NID
1.69-3.60 0x0B33BC43

strlcat

Version NID
3.60 0x12504E09

strlcpy

Version NID
3.60 0x7FB4EBEC

strlen

Version NID
1.69-3.60 0xCFC6A9AC

strncat

Version NID
1.69-3.60 0xA1D1C32C

strncmp

Version NID
1.60-3.60 0x12CEE649

strncpy

Version NID
3.60 0x6D286146

strnlen

Version NID
1.69-3.60 0xCD4BD884

strrchr

Version NID
1.69-3.60 0x7F0E0835

strstr

Version NID
1.69-3.60 0x1304A69D

strtol

Version NID
1.69-3.60 0xAB77C5AA

strtoll

Version NID
3.60 0x87AAAFA2

strtoul

Version NID
3.60 0x4E5042DA

tolower

Version NID
3.60 0x0021DAF9

toupper

Version NID
3.60 0xA685DCB1

vsnprintf

Version NID
3.60 0x3DDBE2E1

SceSysrootForKernel

SceSysrootForKernel_06182D59

Version NID
3.60 0x06182D59

int SceSysrootForKernel_06182D59(int a1)
{
	return *(uint32_t *)(sysbase + 0x20) + (a1 << 0x5);
}

int SceSysrootForKernel_06182D59(int a1);

get_SceKernelSysrootClass_itemsize

Version NID
0.990-3.60 0xEEB867C0

On FW 0.990 return hardcoded value 0x470.

On FW 3.60 return hardcoded value 0x41C.

SceSize get_SceKernelSysrootClass_itemsize(void);

get_SceKernelSysrootClass_object

Version NID
0.990-3.60 0x085C2BCB
SceKernelObject *get_SceKernelSysrootClass_object(void);

sceKernelSysrootBacktraceForKernel

Version NID
0.940-3.60 0xCC893F37

sceKernelSysrootGetLibraryDBForKernel

Version NID
0.990 0xCD70C9D7

sceKernelSysrootSetLibraryDBForKernel

Version NID
0.990 0xCB58A0F4

sceKernelSysrootAllocForKernel

Version NID
0.940-0.990 0xB0149E69
void *sceKernelSysrootAllocForKernel(uint32_t size);

sceKernelSysrootSetStatusForKernel

Version NID
0.990-3.60 0xA84676E3

sceKernelSysrootGetProcessCBExitDeleteThreadForKernel

Version NID
0.990-3.60 0xBBFD2E3C

sceKernelSysrootGetCurrentProcessCBForKernel

Version NID
0.990-3.60 0x9991B1AF

sceKernelSysrootGetCurrentThreadAttrForKernel

Version NID
0.990-3.60 0x73601453

sceKernelGetCurrentTimeForKernel

Version NID
0.990 0x4FCFA359
SceRtcTick *sceKernelGetCurrentTimeForKernel(void);

sceKernelGetCurrentTimeInBufferForKernel

Version NID
0.990 0xE0D41319
int sceKernelGetCurrentTimeInBufferForKernel(SceRtcTick *tick)

sceKernelGetSystemTimeLowForKernel

Version NID
0.990 0x2464329D

sceKernelSysrootAssertSysrootForKernel

Version NID
0.990 0x1B7F150F

Check sysroot->magic (offset 0xC must be 0xBA97F5A1) and sysroot->magic2 (offset 0x20C must be 0xA008B0C3‬).

int sceKernelSysrootAssertSysrootForKernel(void *sysroot);

sceKernelSysrootSetVbaseResetVectorForKernel

Version NID
0.990-3.60 0x0F2F2B4E

sceKernelSysrootThreadMgrStartAfterProcessForKernel

Version NID
0.990-3.60 0x0EB5D7CD

sceKernelSysrootGetCurrentProcessForKernel

Version NID
0.990 0x5B7570C5

Return the current process id.

SceUID sceKernelSysrootGetCurrentProcessForKernel(void);

sceKernelSysrootTrapThreadAfterSyscallForKernel

Version NID
0.990-3.60 0x9139E22B

sceKernelSysrootReturnFromExcpToThreadForKernel

Version NID
0.990-3.60 0xDADFF828

sceKernelSysrootPrintBacktraceForKernel

Version NID
0.990-3.60 0x491CE8DF

sceKernelSysrootGetSharedMemoryForKernel

Version NID
0.990-3.60 0xC8C8C321

sceKernelSysrootSetSharedMemoryForKernel

Version NID
0.990-3.60 0xFBB91741

sceKernelSysrootGetPUIDEntryHeapForKernel

Version NID
0.990-3.60 0x88DE85EF

sceKernelSysrootGetStatusForKernel

Version NID
0.990-3.60 0x5C426B19

sceKernelSysrootIofilemgrStartForKernel

Version NID
0.990-3.60 0xF6A6D205

sceKernelSysrootGetCurrentUIDEntryHeapCBForKernel

Version NID
0.990-3.60 0xB4C24588

F9FB9A2A

sceKernelSysrootSetCurrentAddressSpaceCBForKernel

Version NID
0.940 0x63EBB05B
3.60 not present
int sceKernelSysrootSetCurrentAddressSpaceCBForKernel(void *asCB);

sceKernelSysrootGetCurrentAddressSpaceCBForKernel

Version NID
0.940-3.60 0x63EBB05B
callback *sceKernelSysrootGetCurrentAddressSpaceCBForKernel();

sceKernelSysrootAppMgrSpawnProcessForKernel

Version NID
0.990-3.60 0x3ACACD22

sceKernelSysrootGetSmSelfInfoForKernel

Version NID
3.60 0xF10AB792
typedef struct sm_self_info { // size is 0x0C
   uint32_t size; // Size of this structure
   void* sm_self_data; 
   uint32_t sm_self_size;
} sm_self_info;

int sceSysrootGetSmSelfInfoForKernel(int index, sm_self_info* info);
Index SM SELF location
0 os0:sm/gcauthmgr_sm.self
1 os0:sm/rmauth_sm.self
2 os0:sm/encdec_w_portability_sm.self

sceKernelSysrootGetProcessSelfAuthInfoForKernel

Version NID
0.940-3.60 0x4F0A4066

Temp name was sceSysrootGetSelfAuthInfoForKernel.

typedef struct SceSelfAuthInfo { // size is 0x90
   SceUInt64 program_authority_id;
   uint8_t padding1[8];
   uint8_t capability[0x20];
   uint8_t attribute[0x20];
   uint8_t padding2[0x10];
   uint8_t klicensee[0x10];
   uint32_t unk_70;
   uint32_t unk_74;
   uint32_t unk_78;
   uint32_t unk_7C;
   uint32_t unk_80; // ex: 0x10
   uint32_t unk_84;
   uint32_t unk_88;
   uint32_t unk_8C;
} SceSelfAuthInfo;

int sceKernelSysrootGetProcessSelfAuthInfoForKernel(SceUID pid, SceSelfAuthInfo *self_auth_info);

sceSysrootGetProcessTitleIdForPidForKernel

Version NID
3.60 0xEC3124A3
int sceSysrootGetProcessTitleIdForPidForKernel(SceUID pid, char *titleid, size_t len);

sceSysrootGetNidNameForKernel

Version NID
3.60 0x0B79E220
int sceSysrootGetNidNameForKernel(unsigned int nid, const char **name);

sceSysrootGetModuleInfoForPidForKernel

Version NID
3.60 0xFF9F80FF

Returns export info at address for pid (contains module, lib and NID and their names).

int sceSysrootGetModuleInfoForPidForKernel(SceUID pid, const void *addr, unsigned int *info); // info[0] = 0x3C

sceKernelSysrootGetVbaseResetVectorForKernel

Version NID
0.990-3.60 0xCC85905B

Returns the exception vectors base address. The address of the exception vectors for the CPU i is: sceKernelSysrootGetVbaseResetVectorForKernel() + 0x40 * i.

void *sceKernelSysrootGetVbaseResetVectorForKernel(void);

sceSysrootCallLicMgrGetLicenseStatusForKernel

Version NID
3.60 0x377895EB

Calls sceSblLicMgrGetLicenseStatusForDriver of SceSblPostSsMgr.

Returns 0 on success, -1 if sceSblLicMgrGetLicenseStatusForDriver is not registered.

int sceSysrootCallLicMgrGetLicenseStatusForKernel(void);

Called by sceSblAuthMgrAuthHeaderForKernel before F00D request.

sceSysrootGetSysbaseForKernel

Version NID
3.60 0x3E455842

Temp name was sceKernelGetSysbaseForKernel.

sysbase_t* sceSysrootGetSysbaseForKernel();

sceKernelSysrootGetKblParamForKernel

Version NID
3.60 0x9DB56D1F

Temp name was sceSysrootGetSysrootBufferForKernel.

Returns pointer to Sysroot buffer.

SceBootArgs *sceKernelSysrootGetKblParamForKernel(void);

sceSysrootGetFactorySystemSwVersionForKernel

Version NID
3.60 0xD3872270

return (int)(sysroot_buffer->factory_fw_version);

int sceSysrootGetFactorySystemSwVersionForKernel(void);

sceSysrootGetUnkCForKernel

Version NID
3.60 0xFFD6E24D

return (int)(sysroot_buffer->unk_C);

int sceSysrootGetUnkCForKernel(void);

sceSysrootGetUnk10ForKernel

Version NID
3.60 0x403B509E

return (int)(sysroot_buffer->unk_C + 4);

int sceSysrootGetUnk10ForKernel(void);

sceSysrootGetUnkC0ForKernel

Version NID
3.60 0xAB3CC7D0

return sysroot_buffer->unk_C0;

int sceSysrootGetUnkC0ForKernel(void);

sceSysrootGetWakeupFactorForKernel

Version NID
3.60 0x2F97041A

return sysroot_buffer->wakeup_factor;

int sceSysrootGetWakeupFactorForKernel(void);

sceSysrootGetHardwareInfoForKernel

Version NID
3.60 0x930B1342

return sysroot_buffer->hardware_info;

int sceSysrootGetHardwareInfoForKernel(void);

sceSysrootGetSessionIdForKernel

Version NID
3.60 0x84783B71

Writes sysroot_buffer->session_id to buffer.

Buffer size is 0x10.

int sceSysrootGetSessionIdForKernel(char *buffer);

sceSysrootGetHardwareFlagsForKernel

Version NID
3.60 0x46E72428

Writes sysroot_buffer->hardware_flags to buffer.

Buffer size is 0x10.

int sceSysrootGetHardwareFlagsForKernel(char *buffer);

sceSysrootIsExternalBootModeForKernel

Version NID
3.60 0x89D19090

return *(int *)(sysroot_buffer->boot_type_indicator_1) & 1;

int sceSysrootIsExternalBootModeForKernel(void);

sceKernelIsSomeBootModeForKernel

Version NID
3.60 0x7B7F8171

return (*(int *)(sysroot_buffer->boot_type_indicator_1) >> 19) & 1;

int sceSysrootIsSomeBootModeForKernel(void);

sceSysrootIsSomeBootMode2ForKernel

Version NID
3.60 0x7918D44E

return sysroot_buffer->boot_type_indicator_1[2] & 1;

int sceSysrootIsSomeBootMode2ForKernel(void);

sceSysrootIsSomeModeForKernel

Version NID
3.60 0xAE7A8F1D

Returns true if (sysroot->boot_flags[0x1] != 0xFF).

int sceSysrootIsSomeModeForKernel(void);

sceSysrootIsSomeModeForKernel

Version NID
3.60 0xAE7A8F1D

Returns true if (sysroot->boot_flags[0x1] != 0xFF).

int sceSysrootIsSomeModeForKernel(void);

sceKernelSysrootIsSafeModeForKernel

Version NID
0.990-3.60 0x834439A7
int sceKernelSysrootIsSafeModeForKernel(void);

sceSysrootIsUpdateModeForKernel

Version NID
3.60 0xB0E1FC67
int sceSysrootIsUpdateModeForKernel(void);

sceSysrootIsBsodRebootForKernel

Version NID
3.60 0x4373AC96

return (*(int *)(sysroot_buffer->wakeup_factor) & 0x7Fu) <= 0x17;

int sceSysrootIsBsodRebootForKernel(void);

sceSysrootIsUsbEnumWakeupForKernel

Version NID
3.60 0x79C9AE10
 if ( *(int *)(sysroot_buffer->unk_C0) & 0x90000 )
   result = 1;
 else
   result = (*(int *)(sysroot_buffer->wakeup_factor) & 0x7Fu) <= 0xF;
 return result;
int sceSysrootIsUsbEnumWakeupForKernel(void);

sceSysrootIsUnknownRebootForKernel

Version NID
3.60 0xE4EA1960

return (*(int *)(sysroot_buffer->wakeup_factor) & 0x7Fu) <= 1;

int sceSysrootIsUnknownRebootForKernel(void);

sceSysrootUseExternalStorageForKernel

Version NID
0.940-3.60 0x55392965

When returns true it allows loading sd0:psp2config.skprx.

Returns true when Manufacturing Mode flag is set:

return (*(int *)(sysroot_buffer->boot_type_indicator_1) >> 2) & 1;

int sceSysrootUseExternalStorageForKernel(void);

sceSysrootUseInternalStorageForKernel

Version NID
3.60 0x50FE3B4D

Returns true when use internal storage flag is not set:

return *(char *)(sysroot_buffer->boot_flags[5]) & 1 ^ 1;

int sceSysrootUseInternalStorageForKernel(void);

sceSysrootRegisterLicMgrGetLicenseStatusForKernel

Version NID
3.60 0x71DB83A2

Write value at sysroot_ctx + 0x380 (on FW 3.60).

Normally, sceSblLicMgrGetLicenseStatusForDriver of SceSblPostSsMgr module is registered.

int sceSysrootRegisterLicMgrGetLicenseStatusForKernel(int (__cdecl *sceSblLicMgrGetLicenseStatusForDriver)());

sceKernelSysrootRegisterBacktraceForKernel

Version NID
0.940 0x1C307A31
3.60 not present
int sceKernelSysrootRegisterBacktraceForKernel(int (__cdecl *func)());

sceKernelSysrootGetThreadAccessLevelForKernel

Version NID
3.60 0x20009397

Calls int (__cdecl *GetThreadAccessLevel)(); // 0x344 on 3.60

int sceKernelSysrootGetThreadAccessLevelForKernel(void);

sceKernelSysrootAllocRemoteProcessHeapForKernel

Version NID
0.990-3.60 0xD351EBC8

Temp name was sceKernelAllocHeapMemoryForKernel.

Same as sceKernelAllocHeapMemoryWithOpt1ForDriver but does set pid to 0x1000B.

Checks that pid is 0x10013 or 0x10005.

void* sceKernelSysrootAllocRemoteProcessHeapForKernel(SceUID pid, SceSize size, SceKernelHeapMemoryOpt *pOpt);

sceKernelSysrootGetModulePrivateForKernel

Version NID
0.990-3.60 0x37EC12BB

sceKernelSysrootSetModulePrivateForKernel

Version NID
0.990-3.60 0x7A7E7C0C

sceKernelSysrootSetSysrootForKernel

Version NID
0.940-3.60 0x36916C30
int sceKernelSysrootSetSysrootForKernel(int sysroot);

sceKernelSysrootProcessmgrStart2ForKernel

Version NID
0.990-3.60 0x62E8F511

sceKernelSysrootDbgpSuspendProcessAndWaitResumeForKernel

Version NID
0.990-3.60 0x256B2394

sceKernelSysrootRegisterIsUserModeThreadForKernel

Version NID
0.940 0x5BD911A8
3.60 not present
int sceKernelSysrootRegisterIsUserModeThreadForKernel(void *func);

sceKernelSysrootIsUserModeThreadForKernel

Version NID
0.940-3.60 0x7FC7A163

sceKernelSysrootGetSecureStatusForKernel

Version NID
0.940 0x0A63CA5E
3.60 not present

return *(uint *)some_buf->field_0x28 & 1;

int sceKernelSysrootGetSecureStatusForKernel(void);

sceKernelIsSecureStateForKernel

Version NID
0.940 0x3193DAB2
3.60 not present

return (*(uint *)some_buf->field_0x28 ^ 1) & 1;

SceBool sceKernelIsSecureStateForKernel(void);

sceKernelIsColdBootForKernel

Version NID
0.940-3.60 0xD7198963

return (*(uint *)some_buf->field_0x28 & 10; // IDA PRO FW 3.60

return ((*(uint *)some_buf->field_0x28 ^ 0x10) << 0x1b) >> 0x1f; // Ghidra FW 0.940

int sceKernelIsColdBootForKernel(void);

SceSysrootForDriver

SceSysrootForDriver_EE934615

Version NID
3.60 0xEE934615
void SceSysrootForDriver_EE934615(undefined4 param_1,undefined4 param_2,undefined4 param_3,undefined4 param_4) {
  ksceKernelCpuAtomicGetAndAdd32(&DAT_810300a8,0x10,param_3,param_4,param_4);
  return;
}

sceSysrootRegisterSblPostSsMgrForDriver_D8A2D465ForDriver

Version NID
3.60 0x35875119
int sceSysrootRegisterSblPostSsMgrForDriver_D8A2D465ForDriver(sceSysrootRegisterSblPostSsMgrForDriver_D8A2D465ForDriver *cb);

sceSysrootCallSblPostSsMgrForDriver_D8A2D465ForDriver

Version NID
3.60 0xD75D4F37

sceKernelSysrootCoredumpCancelForDriver

Version NID
0.990-3.60 0x80FBC69D

sceKernelRegisterInitCallbackForDriver

Version NID
0.990-3.60 0x778D0966

sceKernelSysrootSetProcessHandlerForDriver

Version NID
3.60 0x0F07C3FC

sceKernelSysrootDbgpSuspendProcessAndWaitResumeForDriver

Version NID
0.990-3.60 0x256B2394

sceKernelInvokeInitCallbackForDriver

Version NID
0.990-3.60 0x93CD44CD

sceKernelSysrootCoredumpTriggerForDriver

Version NID
0.990-3.60 0xCD8CD242

sceKernelSysrootRegisterCoredumpTriggerForDriver

Version NID
0.990-3.60 0xDD473B05

sceKernelSysrootGetShellPidForDriver

Version NID
0.990-3.60 0x05093E7B

sceKernelSysrootCheckRemapCodeForUserForDriver

Version NID
0.990-3.60 0xF8769E86

sceKernelSysrootAppMgrSpawnProcessForDriver

Version NID
0.990-3.60 0x3ACACD22

SceSysrootForDriver_421EFC96

Version NID
3.60 0x421EFC96

Patched by HENkaku payload.c and update365 by TheFloW.

sceKernelSysrootSetSwInfoIntForDriver

Version NID
0.990-3.60 0x631141E2

sceKernelSysrootSetSwInfoStrForDriver

Version NID
0.990-3.60 0x17DD213C

sceKernelSysrootSetSwInfoBinForDriver

Version NID
0.990-3.60 0x9E96D990

sceKernelSysrootSetSystemSwVersionForDriver

Version NID
3.60 0x3276086B

Set System Software version as int in SceSysmem memory. For exemple: 0x0365000 on 3.65.

int sceKernelSysrootSetSystemSwVersionForDriver(int sw_version);

sceKernelSysrootGetSystemSwVersionForDriver

Version NID
3.60 0x67AAB627

Returns System Software version as int from SceSysmem memory. For exemple: 0x0365000 on 3.65.

int sceKernelSysrootGetSystemSwVersionForDriver(void);

?sceKernelSysrootInitI2cForDriver?

Version NID
3.60 0x930B1342
int ?sceKernelSysrootInitI2cForDriver?(void);

sceKernelSysrootIsSafeModeForDriver

Version NID
0.990-3.60 0x834439A7
int sceKernelSysrootIsSafeModeForDriver(void);

sceKernelSysrootUtMgrHasNpTestFlagForDriver

Version NID
3.60 0xA43599E9

Calls int (__cdecl *sceSblUtMgrHasNpTestFlagForDriver)();

int sceKernelSysrootUtMgrHasNpTestFlagForDriver(void);

sceKernelSysrootCheckModelCapabilityForDriver

Version NID
3.60 0x8AA268D6

SceSysrootForDriver_56D85EB0

Version NID
3.60 0x56D85EB0

Used by SceSblACMgr.

SceKernelUtilsForDriver

sceAesDecrypt1ForDriver

Decrypt with AES.

Version NID
0.990-3.60 0xD8678061
int sceAesDecrypt1ForDriver(void *ctx, const void *src, void *dst);

Do normal Aes Decrypt

sceAesDecrypt2ForDriver

Version NID
3.60 0xE39CD272
int sceAesDecrypt2ForDriver(void *ctx, const void *src, void *dst);

Perform Aes Decrypt using encryption round key

sceAesEncrypt1ForDriver

Encrypt with AES. There are two functions that are the same on 1.69.

Version NID
0.990-3.60 0xC2A61770
int sceAesEncrypt1ForDriver(void *ctx, const void *src, void *dst);

sceAesEncrypt2ForDriver

Encrypt with AES. There are two functions that are the same on 1.69.

Version NID
1.69 0x302947B6
3.60 0x302947B6
int sceAesEncrypt2ForDriver(void *ctx, const void *src, void *dst);

sceAesInit1ForDriver

This sets up the AES engine. ctx is a 960 byte buffer (int 1.69). blocksize and keysize is the security in bits. 128/196/256 are supported values.

Version NID
1.69 0xF12B6451
3.60 0xF12B6451

last arg to subroutine is 0

int sceAesInit1ForDriver(void *ctx, int blocksize, int keysize, const void *key);

sceAesInit2ForDriver

Version NID
3.60 0xEDA97D6D

last arg to subroutine is 1

int sceAesInit2ForDriver(void *ctx, int blocksize, int keysize, const void *key);

sceAesInit3ForDriver

Version NID
3.60 0x72408E29

last arg to subroutine is 2

int sceAesInit3ForDriver(void *ctx, int blocksize, int keysize, const void *key);

SceKernelUtilsForDriver_C76A7685

Version NID
3.60 0xC76A7685

Looks like it relates to Aes InvMixColumns

SceKernelUtilsForDriver_60ED6EA9

Version NID
3.60 0x60ED6EA9

Aes getSBox32Value

sceDeflateDecompressForDriver

Version NID
3.60 0x8AF1FAD4

sceDeflateDecompressPartialForDriver

Version NID
3.60 0x3D74CCDF

sceGzipDecompressForDriver

Version NID
3.60 0x367EE3DF

sceGzipGetCommentForDriver

Version NID
3.60 0xCD3AE08F

sceGzipGetCompressedDataForDriver

Version NID
3.60 0x63619124

sceGzipGetInfoForDriver

Version NID
3.60 0xFFC6A10F

sceGzipGetNameForDriver

Version NID
3.60 0xF901FD3E

sceGzipIsValidForDriver

Version NID
3.60 0xD8FAEFD4

sceHmacSha1DigestForDriver

Version NID
3.60 0x29A28957
int sceHmacSha1DigestForDriver(const void *key, int key_len, const void *data, int data_len, void *digest);

sceHmacSha224DigestForDriver

Version NID
3.60 0x7F2A7B99
int sceHmacSha224DigestForDriver(const void *key, int key_len, const void *data, int data_len, void *digest);

sceHmacSha256DigestForDriver

Version NID
3.60 0x83EFA1CC
int sceHmacSha256DigestForDriver(const void *key, int key_len, const void *data, int data_len, void *digest);

sceMt19937GlobalInitForDriver

Version NID
3.60 0xD428CC2A

sceMt19937GlobalUninitForDriver

Version NID
3.60 0x875B2A1C

sceMt19937InitForDriver

Version NID
3.60 0x4C9A5730

sceMt19937UIntForDriver

Version NID
3.60 0x92AEDFBC

sceSfmt19937FillArray32ForDriver

Version NID
3.60 0x2B30548B

sceSfmt19937FillArray64ForDriver

Version NID
3.60 0x49B41540

sceSfmt19937GenRand32ForDriver

Version NID
3.60 0xBBE4701A

sceSfmt19937GenRand64ForDriver

Version NID
3.60 0x45DEAAD6

sceSfmt19937InitByArrayForDriver

Version NID
3.60 0x33AE1203

sceSfmt19937InitGenRandForDriver

Version NID
3.60 0xAB48C3CA

sceSha1BlockInitForDriver

Version NID
3.60 0xE4390FFA
int sceSha1BlockInitForDriver(void* ctx);

sceSha1BlockResultForDriver

Version NID
3.60 0x48F24106
int sceSha1BlockResultForDriver(void* ctx, void *digest);

sceSha1BlockUpdateForDriver

Version NID
3.60 0x478A6F3C
int sceSha1BlockUpdateForDriver(void* ctx, const void *data, int size);

sceSha1DigestForDriver

Version NID
3.60 0x87DC7F2F
int sceSha1DigestForDriver(const void *data, int size, void *digest);

sceSha224BlockInitForDriver

Version NID
3.60 0xC762EA6D
int sceSha224BlockInitForDriver(void* ctx);

sceSha224BlockResultForDriver

Version NID
3.60 0xFBF2A442
int sceSha224BlockResultForDriver(void* ctx, void *digest);

sceSha224BlockUpdateForDriver

Version NID
3.60 0x7556E611
int sceSha224BlockUpdateForDriver(void* ctx, const void *data, int size);

sceSha224DigestForDriver

Version NID
3.60 0x9EA9D4DC
int sceSha224DigestForDriver(const void *data, int size, void *digest);

sceSha256BlockInitForDriver

Version NID
3.60 0xD909FA2C
int sceSha256BlockInitForDriver(void* ctx);

sceSha256BlockResultForDriver

Version NID
3.60 0x4899CD4B
int sceSha256BlockResultForDriver(void* ctx, void *digest);

sceSha256BlockUpdateForDriver

Version NID
3.60 0x236A9097
int sceSha256BlockUpdateForDriver(void* ctx, const void *data, int size);

sceSha256DigestForDriver

Version NID
3.60 0xA773A6A8
int sceSha256DigestForDriver(const void *data, int size, void *digest);

sceZlibDecompressForDriver

Version NID
3.60 0x900148DB

sceZlibGetCompressedDataForDriver

Version NID
3.60 0x01EB6C45

sceZlibGetInfoForDriver

Version NID
3.60 0x5B9BCD75

SceZlibForDriver

zlib compression library.

Firmware zlib version
1.60 1.2.5
3.60 1.2.5

inflate

Version NID
1.60-3.60 0xE4F34A68

deflate

Version NID
1.60-3.60 0xE859D60F

deflateReset

Version NID
1.60-3.60 0x68CFEA45

crc32

Version NID
1.60-3.60 0xE0CE06C0

adler32

Version NID
1.60-3.60 0x98619620

inflateSetDictionary

Version NID
1.60-3.60 0x7B16DBD6

SceZlibForDriver_20A122F8

Version NID
3.60 0x20A122F8

used by SceCoredump


int SceZlibForDriver_20A122F8(int a1, int a2, int a3, int a4, int a5, int a6, int a7, int a8);

SceZlibForDriver_5492B3F2

Version NID
3.60 0x5492B3F2

used by SceCoredump


int SceZlibForDriver_5492B3F2(int arg1);

SceZlibForDriver_5B718E55

Version NID
3.60 0x5B718E55

used by SceCoredump


int SceZlibForDriver_5B718E55(int arg1, int arg2);

SceKernelSuspendForDriver

Used to register callbacks for handling suspend/resume related events.

sceKernelRegisterSysEventHandlerForDriver

Version NID
0.990-3.60 0x04C05D10

Previous name was sceKernelSuspendRegisterCallbackForDriver

typedef struct {
    uint32_t size; // 24
    uint32_t unk1;
    uint32_t unk2;
    uint32_t unk3;
    uint32_t unk4;
    uint32_t unk5;
} suspend_args_t;

typedef int (suspend_callback_t)(int resume, int event_id, suspend_args_t *args, void *opt);

int sceKernelRegisterSysEventHandlerForDriver(const char *name, suspend_callback_t *callback_func, void *opt);

Registers a function for handling suspend/resume. resume is 0 if we are currently suspending and 1 if we are currently resuming. opt is passed from the registration. Registration adds an entry to a linked list and returns the block id for the new entry.

Returns the suspend_callback_id.

sceKernelUnregisterSysEventHandlerForDriver

Version NID
0.990-3.60 0xDD61D621
int sceKernelUnregisterSysEventHandlerForDriver(int id);

Call with the id returned from suspend_register_callback to remove the entry from the linked list and free the memory.

sceKernelSysEventDispatchForDriver

Version NID
0.990-3.60 0xD4622EA8
int sceKernelSysEventDispatchForDriver(int resume, int eventid, suspend_args_t *args, int stop_on_error);

This will go through the linked list and call each callback. If stop_on_error is set, then the first callback that returns a negative value will stop the call chain and return the block id of the callback that broke the chain. Otherwise, this function will invoke each callback and return zero.

sceKernelPowerTickForDriver

Version NID
0.990-3.60 0xE0489831
typedef enum SceKernelPowerTickType {
	/** Cancel all timers */
	SCE_KERNEL_POWER_TICK_DEFAULT			= 0,
	/** Cancel automatic suspension timer */
	SCE_KERNEL_POWER_TICK_DISABLE_AUTO_SUSPEND	= 1,
	/** Cancel OLED-off timer */
	SCE_KERNEL_POWER_TICK_DISABLE_OLED_OFF		= 4,
	/** Cancel OLED dimming timer */
	SCE_KERNEL_POWER_TICK_DISABLE_OLED_DIMMING	= 6
} SceKernelPowerTickType;

int sceKernelPowerTickForDriver(int type);

Cancel specified idle timers to prevent entering in power save processing.

Returns 0 on success.

suspend_before_nvs_write

Version NID
0.990-3.60 0x4DF40893
int suspend_before_nvs_write(int maybe_pid);

resume_after_nvs_write

Version NID
0.990-3.60 0x2BB92967
int resume_after_nvs_write(int maybe_pid);

SceQafMgrForDriver

Provides many device permission checks including running app privilege checks, debugging enabled checks, and so on.

SceQafMgrForDriver_41E04800

Version NID
3.60 0x41E04800

Only used by SceAppMgr.

SceQafMgrForDriver_7B14DC45

Version NID
3.60 0x7B14DC45

Only used by SceAppMgr.

return ((unsigned int)*(char *)(sceKernelSysrootGetKblParamForKernel() + 0x2D) >> 1) & 1; // = 0x2D + BIT number 30

int SceQafMgrForDriver_7B14DC45(void);

SceQafMgrForDriver_082A4FC2

Version NID
0.990-3.60 0x082A4FC2

Used by sceSblFwLoaderLockForDriver, SceKernelModulemgr, SceSysStateMgr and SceSblPostSsMgr.

Used by sceSblSpsfoMgrOpenForDriver.

When this flag is set, it allows for example to load spsfo from host0:, and host0:psp2config.skprx.

SceQafMgrForDriver_694D1096

Version NID
3.60 0x694D1096

Only used by SceSblACMgr.

SceQafMgrForDriver_0E588747

Version NID
0.990-3.60 0x0E588747

Only used by SceRegistryMgr.

Returns true if the PSVita is an "Internal system".

sceSblQafMgrIsAllowSystemAppDebugForDriver

Version NID
0.990-3.60 0xCAD47130

Used by SceDeci4pDtracep and SceSblACMgr.

If it returns false, syscalls debug trace printf is disabled.

sceSblQafMgrIsAllowMarlinTestForDriver

Version NID
1.03-3.60 0x10283EB8

sceSblQafMgrIsAllowLoadMagicGateForDriver

Version NID
3.60 0x36E5312E

sceQafMgrIsAllowKernelDebugForDriver

Version NID
3.60 0x382C71E8

Used by SceKernelModulemgr, SceExcpmgr


QA Bit : *(uint8_t *)((int)sysroot + 0x2D) & 1;

int sceQafMgrIsAllowKernelDebugForDriver(void);

SceQafMgrForDriver_3CB55F98

Version NID
3.60 0x3CB55F98

Only used by SceSblUpdateMgr.

sceSblQafMgrIsAllowGameDebugForDriver

Version NID
3.60 0x4BC1883F

SceQafMgrForDriver_52B4E164

Version NID
3.60 0x52B4E164

Only used by SceWlanBt.

SceQafMgrForDriver_70A67A4B

Version NID
3.60 0x70A67A4B

SceQafMgrForDriver_883E9465

Version NID
0.940-3.60 0x883E9465

Used by SceSysStateMgr.

Allows loading unencrypted psp2config.txt.

SceQafMgrForDriver_8C423C18

Version NID
3.60 0x8C423C18

Only used by SceSblUpdateMgr.

sceSblQafMgrIsAllowNearTestForDriver

Version NID
1.03-3.60 0x9644171D

SceQafMgrForDriver_AE033133

Version NID
3.60 0xAE033133

Only used by SceNpDrm.

SceQafMgrForDriver_DEC6DF4E

Version NID
3.60 0xDEC6DF4E

Only used by SceNpDrm.

sceSblQafMgrIsAllowPSPEmuShowQAInfoForDriver

Version NID
3.60 0xB7B195B2

SceQafMgrForDriver_B9770A13

Version NID
3.60 0xB9770A13

Used by SceKernelModulemgr and SceSysmodule.

sceSblQafMgrIsAllowRemotePlayDebugForDriver

Version NID
3.60 0xBFD5E463

sceSblQafMgrIsAllowKeepCoreFileForDriver

Version NID
3.60 0xC1EA75C8

SceQafMgrForDriver_E573F124

Version NID
3.60 0xE573F124

sceSblQafMgrIsAllowDtcpIpResetForDriver

Version NID
3.60 0xE8B8F31F

sceSblQafMgrIsAllowControlIduAutoUpdateForDriver

Version NID
3.60 0xF8BFEE48

ScePmMgrForDriver

scePmMgrGetProductModeForDriver

Version NID
0.990-3.60 0x2AC815A2

Returns 0 on success.

Gets sysroot_buffer using sceKernelSysrootGetKblParamForKernel.

result = ((int *)(sysroot_buffer->boot_type_indicator_1) >> 2) & 1; // manufacturing mode flag

int scePmMgrGetProductModeForDriver(int* result);

scePmMgrIsExternalBootModeForDriver

Version NID
3.60 0xBD1F193B

Gets sysroot_buffer using sceKernelSysrootGetKblParamForKernel.

return (int *)(sysroot_buffer->boot_type_indicator_1) & 1;

int scePmMgrIsExternalBootModeForDriver(void);

SceSblAIMgrForDriver

sceSblAIMgrGetSMIForDriver

Version NID
3.60 0x47D9CF13
int sceSblAIMgrGetSMIForDriver(int *shipped_fw_version);

sceSblAIMgrGetProductCodeForDriver

Version NID
3.60 0x14345161

Product Code = Target Id

int sceSblAIMgrGetProductCodeForDriver(void);

sceSblAIMgrGetProductSubCodeForDriver

Version NID
3.60 0xB33CEC8F

Product Sub Code = Model revision

int sceSblAIMgrGetProductSubCodeForDriver(void);

sceSblAIMgrIsTestForDriver

Version NID
3.60 0x3B638885

TEST = Internal Test Unit

Returns true if PsCode Product Code <= 0x100.

int sceSblAIMgrIsTestForDriver(void);

sceSblAIMgrIsToolOrTestForDriver

Version NID
3.60 0x274663A0

TOOL = DevKit

Returns true if PsCode Product Code <= 0x101.

int sceSblAIMgrIsToolOrTestForDriver(void);

sceSblAIMgrIsNonCEXForDriver

Version NID
3.60 0xF4B98F66

Returns true if PsCode Product Code <= 0x102.

int sceSblAIMgrIsNonCEXForDriver(void);

sceSblAIMgrIsCEXForDriver

Version NID
3.60 0xD78B04A2

Returns true if PsCode Product Code <= 0x111 AND sceSblAIMgrIsJapaneseFatForDriver returns false.

int sceSblAIMgrIsCEXForDriver(void);

sceSblAIMgrIsVITAForDriver

Version NID
3.60 0x4273B97B

Returns sceSblAIMgrIsGenuineVITAForDriver.

int sceSblAIMgrIsVITAForDriver(void);

sceSblAIMgrIsDolceForDriver

Version NID
3.60 0x71608CA3

Returns sceSblAIMgrIsGenuineDolceForDriver if returns true else returns sceKernelCheckDipswForDriver(0x98).

int sceSblAIMgrIsDolceForDriver(void);

sceSblAIMgrIsGenuineVITAForDriver

Version NID
3.60 0x963CA644

Returns true if:

  • PsCode Product Code <= 0x111 AND sceSblAIMgrIsGenuineDolceForDriver returns false
  • sceSblAIMgrIsJapaneseFatForDriver returns true AND HardwareInfo != 0x700000 != 0x720000 != 0x510000
int sceSblAIMgrIsGenuineVITAForDriver(void);

sceSblAIMgrIsGenuineDolceForDriver

Version NID
3.60 0xC6E83F34
int sceSblAIMgrIsGenuineDolceForDriver(void);

sceSblAIMgrIsJapaneseFatForDriver

Version NID
3.60 0x6D5A3FC9
int sceSblAIMgrIsJapaneseFatForDriver(void);

sceSblAIMgrIsToolDVT1ForDriver

Version NID
3.60 0xBB9D146B

Returns true if PsCode Product Code == 0x101 and PsCode Product Sub Code <= 3.

int sceSblAIMgrIsToolDVT1ForDriver(void);

sceSblAIMgrIsToolRev4ForDriver

Version NID
3.60 0x37A79140

Returns true if PsCode Product Code == 0x101 and PsCode Product Sub Code <= 4.

int sceSblAIMgrIsToolRev4ForDriver(void);

sceSblAIMgrIsToolRev5ForDriver

Version NID
3.60 0xE5E47FF7

Returns true if PsCode Product Code == 0x101 and PsCode Product Sub Code <= 5.

int sceSblAIMgrIsToolRev5ForDriver(void);

sceSblAIMgrIsPrototypeRev2ForDriver

Version NID
3.60 0xFF5784B9

Returns true if PsCode Product Code == 0x103 and PsCode Product Sub Code <= 2.

int sceSblAIMgrIsPrototypeRev2ForDriver(void);

sceSblAIMgrIsPrototypeRev7ForDriver

Version NID
3.60 0x05F79D4A

Returns true if PsCode Product Code == 0x103 and PsCode Product Sub Code <= 7.

int sceSblAIMgrIsPrototypeRev7ForDriver(void);

SceProcEventForDriver

sceKernelUnregisterProcEventHandlerForDriver

Version NID
3.60 0x3DED57CC

Previous name was sceProcEventDeleteUidForDriver.

Wrapper to sceKernelGUIDCloseForDriver.

int sceKernelUnregisterProcEventHandlerForDriver(int uid);

sceKernelRegisterProcEventHandlerForDriver

Version NID
0.990-3.60 0x2A43912D

Previous name was sceProcEventCreateEventForDriver

Uses sceKernelCreateEventForDriver.

Returns uid.

SceUID sceKernelRegisterProcEventHandlerForDriver(const char *name, int *a2, int a3);

sceKernelInvokeProcEventHandlerForDriver

Version NID
3.60 0x414CC813

Uses suspend/resume LR.

int sceKernelInvokeProcEventHandlerForDriver(int a1, int a2, int a3, int a4, int *a5, int a6);

SceDebugLed

sceKernelGetGPI

Version NID
3.60 0x14F582CF
int sceKernelGetGPI(void);

sceKernelSetGPO

Version NID
3.60 0x78E702D3
/**
 * @brief Output to LED
 *
 * Setting the LED display contents
 * @param[in]	uiBitd	Only bit pattern, lower 8 bits are valid
 */
int sceKernelSetGPO(uint32_t uiBits);

get_74

Version NID
3.60 0x2B6EABAD
int get_74(void);

get_78

Version NID
3.60 0x0E6B9890
int get_78(void);

SceDebugLedForDriver

sceKernelGetGPIForDriver

Version NID
3.60 0x14F582CF

Only SceDebugLedForDriver function used by SceCoredump.

int sceKernelGetGPIForDriver(void);

sceKernelSetGPIForDriver

Version NID
3.60 0x51C5325A
int sceKernelSetGPIForDriver(int value);

sceKernelGetGPOForDriver

Version NID
3.60 0x3BB289F7
int sceKernelGetGPOForDriver(void);

sceKernelSetGPOForDriver

Version NID
3.60 0x78E702D3
int sceKernelSetGPOForDriver(int value);

sceKernelSetGPOMaskForDriver

Version NID
3.60 0x098473B0
sceKernelSetGPOMaskForDriver(int a1, int a2);

get_74

Version NID
3.60 0x2B6EABAD
int get_74(void);

set_74

Version NID
3.60 0x24173819
int set_74(int value);

get_78

Version NID
3.60 0x0E6B9890
int get_78(void);

set_78

Version NID
3.60 0xF62154E7
int set_78(int value);

SceDebugForKernel

sceDebugSetHandlersForKernel

Version NID
3.60 0x10067B7B
int sceDebugSetHandlersForKernel(void (*func)(int unk, const char *format, const uint32_t *args), void *args);

sceDebugPutcharForKernel

Version NID
3.60 0x82D2EDCE

Print character.

int sceDebugPutcharForKernel(int character);

sceDebugGetPutcharHandlerForKernel

Version NID
3.60 0xE783518C

Returns pointer to current debug print char handler.

void *sceDebugGetPutcharHandlerForKernel(void);

sceDebugRegisterPutcharHandlerForKernel

Version NID
3.60 0xE6115A72

Set debug print char handler.

int sceDebugRegisterPutcharHandlerForKernel(int (*func)(void *args, char c), void *args);

SceDebugForKernel_082B8D6A

Version NID
3.60 0x082B8D6A

Print kernel exception information.

// name can be:
// UNDEF - ?
// PABT - Prefetch Abort
// DABT - Data Abort
// NEST - ?
int SceDebugForKernel_082B8D6A(void *unk, void *ctx, int index, char *name);

sceDebugDisableInfoDumpForKernel

Version NID
3.60 0xF857CDD6
// ex: sceDebugDisableInfoDumpForKernel(0); as used in henkaku/payload.c
int sceDebugDisableInfoDumpForKernel(int flag);

SceDebugForDriver

Types

typedef struct kernel_message_ctx {
  int hex_value0_hi;
  int hex_value0_lo;
  int hex_value1;
  char* msg0;
  int num;
  char* msg1;
} struct kernel_message_ctx;

sceKernelPrintfForDriver

Version NID
0.990-3.60 0x391B74B7
int sceKernelPrintfForDriver(const char *fmt, ...);

sceKernelPrintfLevelForDriver

Version NID
0.931-3.60 0x1A3F2AA4

level: usually 1

int sceKernelPrintfLevelForDriver(int level, const char *fmt, ...);

sceKernelPrintfLevel_asyncForDriver

Version NID
3.60 0x611A158B

level: usually 1

int sceKernelPrintfLevel_asyncForDriver(int level, const char *fmt, ...);

sceKernelPrintf3ForDriver

Version NID
3.60 0x02B04343
int sceKernelPrintf3ForDriver(int level, kernel_message_ctx *msg_ctx, const char *fmt, ...);

sceKernelPrintf4ForDriver

Version NID
3.60 0xD9703808

Very similar to sceKernelPrintf3ForDriver.

int sceKernelPrintf4ForDriver(int level, kernel_message_ctx *msg_ctx, const char *fmt, ...);

print_kernel_panic

Version NID
3.60 0x391B5B74
int print_kernel_panic(kernel_message_ctx *msg_ctx, void *some_address);

printf_kernel_panic_2

Version NID
3.60 0x00CCE39C
int printf_kernel_panic_2(kernel_message_ctx *msg_ctx, void *some_address, const char* fmt, ...);

print_kernel_assertion

Version NID
0.990-3.60 0x35A35322

Temp name is sceDebugPrintKernelAssertionForDriver.

int print_kernel_assertion(int condition, const char* file_name, const char* function_name, uint32_t line);
int print_kernel_assertion(int condition, kernel_message_ctx *msg_ctx, void *some_address);

printf_kernel_assertion

Version NID
3.60 0x821A2D59
int printf_kernel_assertion(int unk, int condition, kernel_message_ctx *msg_ctx, int some_address, const char *fmt, ...);

invoke_some_callback

Version NID
3.60 0x411C0733

Uses sceKernelCpuLockSuspendIntrStoreLRForDriver and sceKernelCpuLockResumeIntrStoreLRForDriver.

Calls SceSysclibForDriver_E38E7605.

Maybe invoke debug handler.

int invoke_some_callback(char *format, va_list ap);

SceSysmemForTZS

sceKernelProcModeVAtoPAForTZS

Version NID
0.931 0x119B9547
int sceKernelProcModeVAtoPAForTZS(SceUID pid, uint32_t mode, void *pVA, void **pPA);

sceKernelAllocPartitionStackMemBlockForTZS

Version NID
0.931 0x69022B7F

sceKernelGetPhyPageResetForTZS

Version NID
0.940-1.80 0x3FEF6B39

sceKernelDeleteHeapForTZS

Version NID
0.931-1.80 0x624454BC

sceKernelCreateHeapForTZS

Version NID
0.931-1.80 0x56A16D84

sceKernelAllocHeapMemoryWithOptionForTZS

Version NID
0.931-1.80 0xEA712806

sceKernelAllocHeapMemoryForTZS

Version NID
0.931-1.80 0x473871D8

sceKernelAllocHeapMemoryFromGlobalHeapForTZS

Version NID
0.940-1.80 0x29DE887D

sceKernelFreeHeapMemoryForTZS

Version NID
0.931-1.80 0x42FB5B12

sceKernelAllocUncacheHeapMemoryWithOptionForTZS

Version NID
0.931-1.80 0x6A3FBAF0

sceKernelFreeUncacheHeapMemoryForTZS

Version NID
0.931-1.80 0x2F18E288

sceKernelNameHeapDeleteForTZS

Version NID
0.990-1.80 0xF459D09D

sceKernelNameHeapInsertForTZS

Version NID
0.990-1.80 0x42AD34AB

sceKernelSetSuspendIntrFuncForTZS

Version NID
0.940-1.80 0xB4306D21

sceKernelSetResumeIntrFuncForTZS

Version NID
0.940-1.80 0x418111B0

sceKernelAddressSpaceUnmapForTZS

Version NID
0.940-1.80 0x31273DC7

sceKernelGetMemBlockBaseForTZS

Version NID
0.931-1.80 0xE1DEDFF4
/**
 * @brief Get mapped base address of memory block.
 *
 * Get base address of memory block.
 * @param[in]	uid		block id
 * @param[out]	ppBase		base address of memory block
 * @retval	SCE_OK		success
 * @retval	<SCE_OK		Error
 */
int sceKernelGetMemBlockBaseForTZS(SceUID uid, void **ppBase);

sceKernelFreeMemBlockForTZS

Version NID
0.940-1.80 0x658EACE3

sceKernelAllocMemBlockForTZS

Version NID
0.940-1.80 0x402EB970
SceUID sceKernelAllocMemBlockForTZS(const char *name, SceKernelMemBlockType type, SceSize vsize, const struct SceKernelAllocMemBlockOptKernel *pOpt);

sceKernelAllocPartitionMemBlockForTZS

Version NID
0.940-1.80 0x0028E26C

Temp name was sceKernelAllocMemBlockForPidForTZS.

SceUID sceKernelAllocPartitionMemBlockForTZS(SceUID pid, const char *name, SceKernelMemBlockType type, SceSize vsize, const struct SceKernelAllocMemBlockOptKernel *pOpt);

sceKernelVAtoPAForTZS

Version NID
0.931-1.80 0x1DEADF6C

This will write the physical address for a virtual address vaddr to memory pointed to by result.

Returns <0 on error, values >=0 indicate success.

int sceKernelVAtoPAForTZS(void *vaddr, void **result);

sceKernelVARangeToPAVectorForTZS

Version NID
0.931-1.80 0x9D43E416

sceKernelCreateAddressSpaceForTZS

Version NID
0.931 0x21906368

SceDipswForTZS

sceKernelCheckDipswForTZS

Version NID
0.940-1.80 0xA98FC2FD

SceUartForTZS

sceUartWriteForTZS

Version NID
0.990-1.80 0x3AFD5E71

SceDebugForTZS

FW 1.80:

     NID 0: 0x1655E0E3
     NID 1: 0x2F9B8AA8: sceKernelAssert
     NID 2: 0x563B623D
     NID 3: 0xC70CBB58: sceKernelPrintfLevel
     NID 4: 0xD4E6A0C0: sceKernelPrintfLevelCore0

sceKernelAssertForTZS

Version NID
0.931-1.80 0x2F9B8AA8
int sceKernelAssertForTZS(int expected_value, const char *file_name, const char *function_name, int line);

_sceKernelPrintDebugLogForTZS

Version NID
0.931 0x4FF6536C

sceKernelPrintfLevelForTZS

Version NID
0.931-1.80 0xC70CBB58
//print_level: ex: 1
int sceKernelPrintfLevelForTZS(int print_level, const char *fmt, ...);

sceKernelStoppedForTZS

Version NID
0.931-0.990 0xCB502FD1
1.80 not present

sceKernelPrintfLevelCore0ForTZS

Version NID
0.931-1.80 0xD4E6A0C0

sceKernelDebugModuleStart2ForTZS

Version NID
0.931 0x32E3D4B9

SceCpuForTZS

     sceKernelL1DcacheCleanRange
     sceKernelL1DcacheCleanInvalidateAll
     sceKernelL1IcacheInvalidateEntireAllCore
     sceKernelL1IcacheInvalidateRange
     sceKernelDcacheCleanRange
     sceKernelDcacheInvalidateRange
     sceKernelDcacheCleanInvalidateRange
     sceKernelGetCpsr
     sceKernelGetSpsr
     sceKernelCpuId
     sceKernelSendEvent
     sceKernelWaitForEvent
     sceKernelSpinlockLowLock
     sceKernelSpinlockLowUnlock
     sceKernelSpinlockLowUnlockCpuResumeIntr
     sceKernelSpinlockLowLockCpuSuspendIntr
     sceKernelSpinlockLowTrylockCpuSuspendIntr
     sceKernelPleFlushRequest
     sceKernelDomainTextMemcpy
     atomicCompareAndSet8
  • 0.931-0.990: 0x40DEC1B6: sceKernelWaitForEvent
  • 0.931-0.990: 0xF42F079B: sceKernelSendEvent
  • 0.940: 0x1266F962: sceKernelAbort
  • 0.931-0.940: 0x98BF47D3: sceKernelGetVmaccessRange
  • 0.931: 0x49AD8B60: sceKernelSetFIQModeStack
  • 0.931: 0xC2A428F3: sceKernelSetMonModeStack
  • 0.931: 0xD9013440: sceKernelSetIRQModeStack
  • 0.931: 0xDF17E4A3: sceKernelSetUndModeStack
  • 0.931: 0xF832C341: sceKernelSetAbtModeStack
  • 0.931: 0xFB1D3114: sceKernelSetSvcModeStack
  • 0.931: 0xF6CE21EA: sceKernelPrintCpuMode
     NID 0: 0x0A15B41C: sceKernelL1DcacheCleanInvalidateAll
     NID 1: 0x17A88E69: sceKernelL1DcacheCleanRange
     NID 2: 0x190D96D5: sceKernelDcacheCleanRange
     NID 3: 0x2A0A3DC6
     NID 4: 0x2B6403F8
     NID 5: 0x2FE24445
     NID 6: 0x308D7ABE
     NID 7: 0x324727D1: sceKernelGetCpsr
     NID 8: 0x39FCFCC2: sceKernelDomainTextMemcpy
     NID 9: 0x44C423D3: sceKernelCpuId
     NID 10: 0x49B11FF8
     NID 11: 0x71FD9AB5: sceKernelSpinlockLowLock
     NID 12: 0x72CA4F7A: sceKernelGetSpsr
     NID 13: 0x75D87321
     NID 14: 0x7A5373EB: sceKernelDcacheCleanInvalidateRange
     NID 15: 0x7CCE9480: sceKernelDcacheCleanInvalidateAll
     NID 16: 0x864E3DED
     NID 17: 0x9E4C0D0D
     NID 18: 0xA5965CBF: sceKernelL1IcacheInvalidateEntireAllCore
     NID 19: 0xACF209F3: sceKernelSpinlockLowTrylockCpuSuspendIntr
     NID 20: 0xB421FAFD: sceKernelL1IcacheInvalidateRange
     NID 21: 0xB8F00FBE: sceKernelSpinlockLowUnlockCpuResumeIntr
     NID 22: 0xC4137AED: sceKernelPleFlushRequest
     NID 23: 0xCD98416C: sceKernelSpinlockLowUnlock
     NID 24: 0xCDD46655: sceKernelDcacheInvalidateRange
     NID 25: 0xD67A4356: sceKernelSpinlockLowLockCpuSuspendIntr
     NID 26: 0xEFD6F289: atomicCompareAndSet8

SceSysclibForTZS

SceSysclibForTZS_E5457B97

Version NID
1.80 0xE5457B97

SceSysclibForTZS_361850BB

Version NID
0.940-1.80 0x361850BB

maybe_strncpy

memcpy

Version NID
0.931-1.80 0xBE3AF2EE

memset

Version NID
0.931-1.80 0x956DB750

SceSysrootForTZS

sceKernelSysrootBacktraceForTZS

Version NID
0.931 0xF26A5E68

sceKernelSysrootPrintBacktraceForTZS

Version NID
0.931 0x463EA380

sceKernelSysrootShowCallerInfoForTZS

Version NID
0.931 0x2F3D9414

sceKernelSysrootGetModulePrivateForTZS

Version NID
0.931-1.80 0xC9DD8EB3

sceKernelSysrootSetModulePrivateForTZS

Version NID
0.931-1.80 0xEA572BD9

sceKernelSysrootSetSharedMemoryForTZS

Version NID
0.940-1.80 0x45EEB2E0

sceKernelSysrootGetKermitRevisionForTZS

Version NID
0.940-1.80 0xDB3DAB76

sceKernelSysrootGetSharedMemoryForTZS

Version NID
0.931-1.80 0x1C96096F

sceKernelSysrootCorelockLockForTZS

Version NID
0.931-1.80 0xD653194A

sceKernelSysrootGetVbaseMonitorVectorForTZS

Version NID
0.931-1.80 0xD4E6D8E8

sceKernelSysrootGetKernelMMUContextForTZS

Version NID
0.931-1.80 0xA8B7DAF9

sceKernelSysrootCorelockUnlockForTZS

Version NID
0.931-1.80 0x2F5FD9A8

sceKernelSysrootGetVbaseResetVectorForTZS

Version NID
0.931-1.80 0x2460ADFA

sceKernelIsColdBootForTZS

Version NID
0.940-1.80 0x0567B4B9

sceKernelIsSecureStateForTZS

Version NID
0.940 0xEFA54B46

sceKernelSysrootGetErnieWakeupFactorForTZS

Version NID
0.940-1.80 0x8E871C6D

sceKernelSysrootGetKblParamForTZS

Version NID
0.931-1.80 0x29C1049E

Returns pointer to Sysroot buffer.

void *sceKernelSysrootGetKblParamForTZS(void);

sceKernelSysrootAllocForTZS

Version NID
0.940-1.80 0x1A9E1D28
void *sceKernelSysrootAllocForTZS(uint32_t size);

SceQafMgrForTZS

sceSblQafManagerIsAllowKernelDebugForTZS

Version NID
0.990-1.80 0x54D22D74

return *(char *)(sceKernelSysrootGetKblParamForTZS() + 0x2D) & 1;

ScePmMgrForTZS

sceSblPmMgrGetProductModeForTZS

Version NID
0.990-1.80 0xCF554E69

SceSblAIMgrForTZS

sceSblAIMgrIsCEXForTZS

Version NID
0.990-1.80 0x536B38F4