SceSysmem

From Vita Development Wiki
Jump to navigation Jump to search

SceSysmem is a kernel module that acts as the heart of the kernel. It exports multiple libraries for various features. SceSysmem is the first module that is loaded in the kernel load sequence and its libraries are imported by almost all other modules. See Virtual Memory and Physical Memory for more details on the memory subsystem.

Module

This module exists in both non-secure and secure world. The non-secure world SELF can be found in os0:kd/sysmem.skprx. It also can be found in the Boot Image.

Known NIDs

Version Name World Privilege NID
1.50 SceSysmem Non-secure Kernel 0x78D8AA34
1.69 SceSysmem Non-secure Kernel 0xB93950C6
3.57 SceSysmem Non-secure Kernel 0x00CFDC77
3.60-3.61 SceSysmem Non-secure Kernel 0x3380B323
1.69 SceSysmem Secure Kernel 0x502BE0E5
1.80 SceSysmem Secure Kernel 0x72425377

Libraries

Known NIDs

Version Name World Visibility NID
1.50-3.60 SceSysmemForKernel Non-secure Kernel 0x63A519E5
1.50-3.60 SceSysmemForDriver Non-secure Kernel 0x6F25E18A
1.50-1.692 SceSysmemForDebugger Non-secure Kernel 0xC7309957
1.50-3.60 SceSysmem Non-secure User 0x37FE725A
1.50-3.60 SceDipsw Non-secure User 0xB36D5922
1.50-3.60 SceDipswForDriver Non-secure Kernel 0xC9E26388
1.50-3.60 SceUartForKernel Non-secure Kernel 0xC03DBE40
1.50-3.60 SceCpu Non-secure User 0x45265161
1.50-3.60 SceCpuForKernel Non-secure Kernel 0x54BF2BAB
1.50-3.60 SceCpuForDriver Non-secure Kernel 0x40ECDB0E
1.50-1.69 SceSysclibForKernel Non-secure Kernel 0x24878615
3.60 SceSysclibForKernel Non-secure Kernel removed
1.50-3.60 SceSysclibForDriver Non-secure Kernel 0x7EE45391
1.50-3.60 SceSysrootForKernel Non-secure Kernel 0x3691DA45
1.50-3.60 SceSysrootForDriver Non-secure Kernel 0x2ED7F97A
1.50-3.60 SceKernelUtilsForDriver Non-secure Kernel 0x496AD8B4
1.50 SceZlibForDriver Non-secure Kernel 0xE241534E
1.50-3.60 SceKernelSuspendForDriver Non-secure Kernel 0x7290B21C
1.50-3.60 SceQafMgrForDriver Non-secure Kernel 0x4E29D3B6
1.50-3.60 ScePmMgrForDriver Non-secure Kernel 0xF13F32F9
1.50-3.60 SceSblAIMgrForDriver Non-secure Kernel 0xFD00C69A
1.50-3.60 SceProcEventForDriver Non-secure Kernel 0x887F19D0
1.50-3.60 SceDebugLed Non-secure User 0xAE004C0A
1.50-3.60 SceDebugLedForDriver Non-secure Kernel 0x7BC05EAD
1.50-3.60 SceDebugForKernel Non-secure Kernel 0x88C17370
1.50-3.60 SceDebugForDriver Non-secure Kernel 0x88758561
1.69-1.80 SceSysmemForTZS Secure Kernel 0x8680060
1.69-1.80 SceDipswForTZS Secure Kernel 0x9DBF584C
1.80 SceUartForTZS Secure Kernel 0xA1D740D7
1.80 SceDebugForTZS Secure Kernel 0x028FFADB
1.69-1.80 SceCpuForTZS Secure Kernel 0xC516B23E
1.69-1.80 SceSysclibForTZS Secure Kernel 0xC839BB78
1.69-1.80 SceSysrootForTZS Secure Kernel 0xFEFF641D
1.69-1.80 SceQafMgrForTZS Secure Kernel 0x637069DD
1.69-1.80 ScePmMgrForTZS Secure Kernel 0x27F1AFD8
1.69-1.80 SceSblAIMgrForTZS Secure Kernel 0x60D19047

Types

typedef int threadmgr_core_ctx;

typedef struct tctx_holder {
  int unk0;
  int unk4;
  int unk8;
  int unkC;
  int unk10;
  int unk14;
  int unk18;
  int unk1C;
  int unk20;
  int unk24;
  int unk28;
  int unk2C;
  int unk30;
  threadmgr_core_ctx *tctx_34;
} tctx_holder;

typedef struct callback_holder1 {
  int unk0;
  int (*unk4)(void);
  int (*unk8)(void);
  int (*unkC)(void);
  int unk10;
  int unk14;
  int unk18;
  int unk1C;
  int (*unk20)(void);
  int unk24;
  int unk28;
  int unk2C;
  int unk30;
  int unk34;
  int unk38;
  int (*unk3C)(void);
} callback_holder1;

typedef struct callback_holder2 {
  int size;
  int (__cdecl *unk4)(int result, int *a2);
  int (__cdecl *unk8)(SceUID *a1);
  int (__cdecl *unkC)(int, int *);
  int (__cdecl *sceKernelSysrootGetProcessSelfAuthInfoForKernel)(SceUID pid, SceSelfAuthInfo* self_auth_info);
  int (__cdecl *sceKernelSysrootGetProcessTitleIdForKernel)(SceUID pid, char *title_id, SceSize len);
  int (__cdecl *unk18)(unsigned int a1);
  int (__cdecl *unk1c)(int a1);
} callback_holder2;

typedef struct callback_holder3 {
  int unk0;
  int (*unk4)(void);
  int (*unk8)(void);
  int (__fastcall *unkC)(int);
  int (__fastcall *unk10)(int);
  int (*unk14)(void);
} callback_holder3;

typedef struct sysbase_t {
  tctx_holder *hldr[6];
  char unk[84];
  char *sysroot_buffer;
  int unk70;
  char unk74[616];
  char unk2dc[52];
  int unk310;
  int unk314;
  int unk318;
  int unk31C;
  int unk320;
  int unk324;
  int unk328;
  int unk32C;
  int unk330;
  int unk334;
  int unk338;
  int unk33C;
  int unk340;
  int (__cdecl *GetThreadAccessLevel)();
  int unk348;
  int (*unk34C_some_callback1)(void);
  callback_holder3 *unk350;
  int unk354;
  callback_holder1 *unk358;
  callback_holder2 *unk35C;
  int (*unk360)(void);
  int (*unk364)(void);
  int (__fastcall *unk368)(int, int, int);
  char unk36C[20];
  int (__cdecl *sceSblLicMgrGetLicenseStatusForDriver)();
  int (__cdecl *SceSblPostSsMgrForDriver_22599675)();
  int (__cdecl *SceSblPostSsMgrForDriver_9b49c249)();
  int (__cdecl *SceSblPostSsMgrForDriver_d8a2d465)(unsigned long long);
  int (__cdecl *SceSblPostSsMgrForDriver_abdd68cd)(void *);
  int (__cdecl *sceSblUtMgrHasNpTestFlagForDriver)();
  int (*SceSblUpdateMgr_smth)(void);
  int (*ScePower_smth)(void);
} sysbase_t;

typedef struct sysbase360_t {
	int unk_0x00; // 0
	void *unk_0x04;
	SceSize sysbase_size; // 3.60:0x41C
	uint32_t sysbase_magic1;
	int unk_0x10; // 0
	int unk_0x14; // 0x400
	void *unk_0x18;
	int unk_0x1C; // 0x4
	void *unk_0x20;
	int unk_0x24; // 0
	int unk_0x28; // 0x10
	int unk_0x2C; // 0x1

	int unk_0x30; // 0x40004
	int unk_0x34; // 0
	int unk_0x38; // 0
	void *unk_0x3C;

	void *unk_0x40;
	void *unk_0x44; // SceExcpmgr data vaddr?
	void *unk_0x48; // SceKernelIntrMgr data vaddr?
	void *unk_0x4C;

	void *unk_0x50;
	int unk_0x54; // 0
	void *unk_0x58;
	int unk_0x5C; // 0

	int unk_0x60; // 0
	int unk_0x64; // 0
	int unk_0x68; // 0
	SceBootArgs *KblParam; // old name is sysroot buff

	int unk_0x70; // 0x51030100, paddr?
	int unk_0x74; // 0x80000115
	int unk_0x78; // 0
	int unk_0x7C; // 0x115

	int unk_0x80; // 0x10200
	int unk_0x84; // 0x704
	int unk_0x88; // 0x2800D000
	int unk_0x8C; // 0

	int unk_0x90; // 0x5
	int unk_0x94; // 0
	int unk_0x98; // 0
	int unk_0x9C; // 0

	int unk_0xA0[0x18]; // 0
	int unk_0x100[0x34]; // 0

	int unk_0x1D0; // 0
	int unk_0x1D4; // func ptr?, paddr:0x51003581
	int unk_0x1D8; // 0
	int (* sceKernelSysrootMountDummyTtypDevFs)(void);		// SceIofilemgr + 0x1
	int unk_0x1E0[0x8]; // 0
	int unk_0x200[0x14]; // 0

	int unk_0x250; // 0
	int (* sceKernelSysrootPowerTriggerFlag0x10000)(int a1);	// Temp name, ScePower + 0x21F5
	int unk_0x258; // 0
	int unk_0x25C; // 0

	int unk_0x260[0xC]; // 0

	int unk_0x290; // 0
	int (* sceKernelSysrootDisplayRev1)();				// SceDisplay + 0x1
	int unk_0x298; // 0
	int (* sceKernelSysrootMsifStart)(void);			// SceMsif + 0x3811

	int unk_0x2A0; // 0
	int (* sceKernelSysrootPowerRev1)();				// Temp name, ScePower + 0x7BCD
	int unk_0x2A8; // 0
	int (* sceKernelSysrootPowerTriggerFlag0x10000_2)(void);	// Temp name, ScePower + 0x218D

	int unk_0x2B0; // 0
	int (* sceKernelSysrootPowerEnableSubIntr)(void);		// Temp name, ScePower + 0x5B51
	int unk_0x2B8; // 0
	int unk_0x2BC; // 0

	int unk_0x2C0[0x4]; // 0

	int unk_0x2D0; // 0
	int (* sceKernelSysrootThreadFunction1)(void);			// Temp name, SceKernelThreadMgr + 0x4D85
	int (* sceKernelSysrootIofilemgrStart)(void);			// SceIofilemgr + 0x3E5
	void *unk_0x2DC;

	void *unk_0x2E0;
	void *unk_0x2E4;
	void *unk_0x2E8;
	void *unk_0x2EC;

	void *unk_0x2F0;
	void *unk_0x2F4;
	void *unk_0x2F8;
	void *unk_0x2FC;

	void *unk_0x300;
	void *unk_0x304;
	int unk_0x308; // 0x10001
	void *unk_0x30C;

	void *unk_0x310;
	void *unk_0x314;
	void *unk_0x318;
	int unk_0x31C; // 0

	void *unk_0x320;
	void *unk_0x324;
	SceUID (* sceKernelSysrootGetThreadId)(void);				// Temp name, SceKernelThreadMgr + 0x895
	int (* sceKernelSysrootGetThreadFunction3)(void);			// Temp name, SceKernelThreadMgr + 0xC79,  SceThreadmgrForDriver_91382762

	SceUID (* sceKernelSysrootGetProcessId)(void);				// Temp name, SceKernelThreadMgr + 0x8A9
	int (* sceKernelSysrootGetThreadFunction4)(void);			// Temp name, SceKernelThreadMgr + 0x8D1
	int (* sceKernelSysrootGetThreadFunction5)(void);			// Temp name, SceKernelThreadMgr + 0x8ED
	int (* sceKernelSysrootGetThreadFunction6)(void);			// Temp name, SceKernelThreadMgr + 0x90D

	void (* sceKernelSysrootGetThreadFunction7);				// Temp name, SceKernelThreadMgr + 0xE69
	int (* sceKernelSysrootGetThreadFunction8)(void);			// Temp name, SceKernelThreadMgr + 0x8BD, SceThreadmgrForDriver_332E127C
	int (* sceKernelSysrootThreadFunction9)(int a1, int a2, int a3);	// Temp name, SceKernelThreadMgr + 0x2541
	int (* sceKernelSysrootThreadFunction10)(int a1);			// Temp name, SceKernelThreadMgr + 0xC99, SceThreadmgrForDriver_AB977C72

	void *unk_0x350;
	int unk_0x354; // 0xFFFFFFFF
	void *unk_0x358;
	void *unk_0x35C;

	int unk_0x360;
	int (* sceKernelSysrootGetBusError)(void *dst, uint32_t len);		// SceKernelBusError + 0x23, SceBusErrorForKernel_EBB1F135
	int (* sceKernelSysrootAppMgrFunction1)(int a1, int a2, int a3, int a4, int a5, int a6); // SceAppMgr + 0x2795, SceAppMgrForDriver_324DD34E
	SceUID (* sceKernelSysrootGetShellPid)(void);	// SceAppMgr + 0x101F9, SceAppMgrForDriver_2FEACA9F

	void *unk_func_0x370;				// SceCoredump + 0x7109, SceCoredumpForDriver_A7D214A7
	void *unk_func_0x374;				// SceCoredump + 0x74F9, SceCoredumpForDriver_340856F7
	void *unk_func_0x378;				// SceCoredump + 0x132ED, SceCoredumpForDriver_EF20949F
	int unk_0x37C; // 0

	void *unk_func_0x380;				// SceSblPostSsMgr + 0x9001, sceSblLicMgrGetLicenseStatusForDriver
	int (* unk_func_0x384)(void);			// SceSblPostSsMgr + 0xB005, SceSblPostSsMgrForDriver_22599675, get flag
	int (* unk_func_0x388)(void);			// SceSblPostSsMgr + 0xB011, SceSblPostSsMgrForDriver_9B49C249, get flag
	void *unk_func_0x38C;				// SceSblPostSsMgr + 0xB4ED, SceSblPostSsMgrForDriver_D8A2D465

	void *unk_func_0x390;				// SceSblPostSsMgr + 0xB111, sceSblUtMgrGetTrilithiumBufferForDriver
	int (* sceKernelSysrootHasNpTestFlag)(void);	// SceSblPostSsMgr + 0xB01D
	void *unk_func_0x398;				// SceSblUpdateMgr + 0x8B01
	int (* sceKernelSysrootLedSetMode)(int led, int mode, void *led_configuration); // ScePower + 0x7C05

	void *unk_0x3A0;
	int unk_0x3A4; // 0
	int unk_0x3A8; // 0
	int unk_0x3AC; // 0

	int unk_0x3B0[0x4]; // 0

	int unk_0x3C0; // 0
	int unk_0x3C4; // 0
	int unk_0x3C8; // 0
	void *unk_func_0x3CC; // SceNetPs + 0x3E51, SceNetPsForDriver_83A12CCC

	void *unk_func_0x3D0; // SceNetPs + 0x3F4D, SceNetPsForDriver_C000CA8F
	int unk_0x3D4; // 0
	int unk_0x3D8; // 0
	void *unk_func_0x3DC; // SceNetPs + 0x3E51, SceNetPsForDriver_83A12CCC

	void *unk_func_0x3E0; // SceNetPs + 0x3F4D, SceNetPsForDriver_C000CA8F
	int (* sceKernelSysrootAppMgrFunction3)(int a1, int a2); // SceAppMgr + 0x9F49
	int (* sceKernelSysrootAppMgrFunction4)(int a1, int a2); // SceAppMgr + 0x9EED
	int (* sceKernelSysrootAppMgrFunction5)(int a1);	 // SceAppMgr + 0x9D31

	void *unk_func_0x3F0; // ScePfsMgr + 0x1, ScePfsMgrForKernel_4C148288
	void *unk_0x3F4;
	void *unk_0x3F8;
	int unk_0x3FC; // 0

	int unk_0x400[0x6]; // 0
	uint32_t sysbase_magic2;
} sysbase360_t;

typedef struct SceKernelFreeMemorySizeInfo {
	SceSize size;
	SceSize sizeMain;
	SceSize sizeCdram;
	SceSize sizePhycont;
} SceKernelFreeMemorySizeInfo;

typedef int (*SceClassCallback)(void *item);

typedef struct SceClass_0990 { // size is 0x10 on FW 0.990
	SceSize size; // Size of this structure
	struct SceClass *next;
	struct SceClass *root; // to confirm
	struct SceClass *prev; // to confirm
} SceClass_0990;

typedef struct SceClass { // size is 0x2C on FW 3.60
	struct SceClass *next;				// 0x00
	struct SceClass *root;				// 0x04
	struct SceClass *prev;				// 0x08
	const char *name;				// 0x0C
	struct SceClass *uid_class;			// 0x10
	unsigned int attr;				// 0x14
	unsigned short item_size;			// 0x18
	unsigned short unk_1A;				// 0x1A
	SceClassCallback constructor;			// 0x1C
	SceClassCallback destructor;			// 0x20
	const unsigned int magic;			// 0x24 - 0xABCE9DA5
	SceClassCallback allocMethod;			// 0x28
} SceClass;

typedef struct SceKernelObject { // size is at least 0x24
	void *pObject;			// 0x0
	SceClass pClass;		// 0x4
	uint32_t type;			// 0x8
	uint16_t lcount;		// 0xC
	uint16_t ucount;		// 0xE
	uint16_t ccount;		// 0x10
	uint32_t unk_12;		// 0x12 - 0x54c3
	uint16_t unk_16;		// 0x16
	uint32_t uid;			// 0x18
	char unk_1C[4];			// 0x1C
	const char *name;		// 0x20
	uint32_t indexRaw;		// 0x24
} SceKernelObject;

/** @name Memory types that can be specified with sceKernelAllocMemBlock
 */
/*@{*/

/**
 * @brief User readable / writable LPDDR2 memory
 *
 * This type secures a readable / writable memory block in user space.
 */
#define SCE_KERNEL_MEMBLOCK_TYPE_USER_RW			0x0c20d060U

#define SCE_KERNEL_MEMBLOCK_TYPE_USER_RWDATA			SCE_KERNEL_MEMBLOCK_TYPE_USER_RW

/**
 * @brief User readable / writable LPDDR2 non-cache memory
 *
 * A type to secure a memory block on LPDDR2 that is readable
 * and writable in user space and does not use cache.
 */
#define SCE_KERNEL_MEMBLOCK_TYPE_USER_NC_RW			0x0c208060U

/**
 * @brief An alias for SCE_KERNEL_MEMBLOCK_TYPE_USER_NC_RW.
 */
#define SCE_KERNEL_MEMBLOCK_TYPE_USER_RW_UNCACHE		SCE_KERNEL_MEMBLOCK_TYPE_USER_NC_RW

/**
 * @brief An alias for SCE_KERNEL_MEMBLOCK_TYPE_USER_NC_RW.
 */
#define SCE_KERNEL_MEMBLOCK_TYPE_USER_RWDATA_UNCACHE		SCE_KERNEL_MEMBLOCK_TYPE_USER_RW_UNCACHE

/**
 * @brief User readable and writable LPDDR2 physical continuous memory
 *
 * A type that can read and write in user space and secure
 * memory blocks from the physical continuous memory area.
 */
#define SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_PHYCONT_RW		0x0c80d060U

/**
 * @brief User-readable and non-cacheable physical continuous memory
 *
 * A type for on-cacheable read / write in user space and to secure
 * memory blocks from the physical continuous memory area.
 */
#define SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_PHYCONT_NC_RW	0x0d808060U

/**
 * @brief User-readable and non-cacheable CDRAM memory
 *
 * A type that can be read and written in user space and secures
 * memory blocks on CDRAM.
 */
#define SCE_KERNEL_MEMBLOCK_TYPE_USER_CDRAM_RW			0x09408060U

/**
 * @brief An alias for SCE_KERNEL_MEMBLOCK_TYPE_USER_CDRAM_RW.
 */
#define SCE_KERNEL_MEMBLOCK_TYPE_USER_CDRAM_RWDATA		SCE_KERNEL_MEMBLOCK_TYPE_USER_CDRAM_RW

/*@}*/

/**
 * @brief A type representing a memory type
 *
 * A type that represents the type of memory block secured by sceKernelAllocMemBlock.
 */
typedef int		SceKernelMemoryType;

/**
 * @brief Memory block information structure
 *
 * A structure for obtaining information about memory blocks. Size is 0x14 bytes on FW 0.990.
 */
typedef struct SceKernelMemBlockInfo0990 {
	SceSize				size;			/**< Size of the structure itself */
	void				*mappedBase;		/**< Map base address */
	SceSize				mappedSize;		/**< Mapped size */
	SceKernelMemoryType		memoryType;		/**< Memory type */
	SceUInt32			access;			/**< Access right */
} SceKernelMemBlockInfo0990;

/**
 * @brief Memory block information structure
 *
 * A structure for obtaining information about memory blocks. Size is 0x18 bytes on FWs 0.996+.
 */
typedef struct SceKernelMemBlockInfo {
	SceSize				size;			/**< Size of the structure itself */
	void				*mappedBase;		/**< Map base address */
	SceSize				mappedSize;		/**< Mapped size */
	SceKernelMemoryType		memoryType;		/**< Memory type */
	SceUInt32			access;			/**< Access right */
	SceKernelMemBlockType		type;			/**< Memory block type */
} SceKernelMemBlockInfo;

typedef struct SceKernelMemBlockInfoExDetails {
  SceKernelMemBlockType type;
  SceUID memblk_uid;
  const char *name;
  void *mappedBase;
  SceSize mappedSize;
  SceSize memblock_some_size_or_alignment;
  int extraLow;
  int extraHigh;
  int unk20;
  SceUID unk24; // ex:0x10045
  SceKernelObject *SceUIDPhyMemPartClass_obj;
} SceKernelMemBlockInfoExDetails;

typedef struct SceKernelMemBlockInfoEx { // size is 0xAC on FW 0.990, 0xB8 on FW 3.60
  SceSize size;
  SceKernelMemBlockInfoExDetails details;
  int unk30;
  int unk34;
  void *base_paddr;
  int unk3C;
  int unk40;
  int unk44;
  int unk48;
  int unk4C;
  int unk50;
  int unk54;
  int unk58;
  int unk5C;
  int unk60;
  int unk64;
  int unk68;
  int unk6C;
  int unk70;
  int unk74;
  SceSize unk78;
  int unk7C;
  int unk80;
  int unk84;
  int unk88;
  int unk8C;
  int unk90;
  int unk94;
  int unk98;
  int unk9C;
  int unkA0;
  int unkA4;
  int unkA8;
  int unkAC;
  int unkB0;
  int unkB4;
} SceKernelMemBlockInfoEx;

/*----- memory access permission -----*/

/**
 * @brief readable memory
 */
#define SCE_KERNEL_MEMORY_ACCESS_R		0x04U

/**
 * @brief writable memory
 */
#define SCE_KERNEL_MEMORY_ACCESS_W		0x02U

/**
 * @brief executable memory (kernel only)
 */
#define SCE_KERNEL_MEMORY_ACCESS_X		0x01U

/*----- memory type -----*/

/**
 * @brief uncache normal memory
 */
#define SCE_KERNEL_MEMORY_TYPE_NORMAL_NC	0x80

/**
 * @brief cache normal memory
 */
#define SCE_KERNEL_MEMORY_TYPE_NORMAL		0xD0

/**
 * Optional parameter of sceKernelAllocMemBlock for FWs <=0.940.
 */
 typedef struct SceKernelAllocMemBlockOpt0940 {
	SceSize		size;				/**< Size of this structure */
	SceUInt32	attr;				/**< Attributes field */
	SceSize		alignment;			/**< Specify alignment.
							SCE_KERNEL_ALLOC_MEMBLOCK_ATTR_HAS_ALIGNMENT must be set for the attr member. */
	SceUID		uidBaseBlock;			/**< Base memory block UID */
	const char	*strBaseBlockName;		/**< Base memory block UID name */
} SceKernelAllocMemBlockOpt0940;

/**
 * Option parameter of sceKernelAllocMemBlock
 */
 typedef struct SceKernelAllocMemBlockOpt {
	/**
	 * Size of this structure
	 */
	SceSize		size;

	/**
	 * Attributes field
	 */
	SceUInt32	attr;

	/**
	 * Specify alignment.
	 * SCE_KERNEL_ALLOC_MEMBLOCK_ATTR_HAS_ALIGNMENT must be set for the attr member.
	 */
	SceSize		alignment;

	/**
	 * reserved
	 */
	 SceUInt32	uidBaseBlock;

	/**
	 * reserved2
	 */
	const char	*strBaseBlockName;

#if 0
	/**
	 * mapped base address [out]
	 */
	void		*mappedBase;

	/**
	 * mapped size [out]
	 */
	SceSize		mappedSize;

	/**
	 * memory type [out]
	 */
	SceKernelMemoryType	memoryType;

	SceUInt32	access;
#endif
} SceKernelAllocMemBlockOpt;

/**
 * Option parameter of kernel sceKernelAllocMemBlock on old FWs (as seen on FWs 0.900-0.990)
 */
typedef struct SceKernelAllocMemBlockOptKernel_old { // size is 0x28 on 0.900, 0x2C on 0.910, 0x30 on 0.931-0.990, 0x34 on ?.??
    SceSize size;			// Size of this structure
    SceUInt32 unk_4;
    SceUInt32 attr;
    void *vbase;
    void *pbase;			// Physical address to use as base
    SceSize alignment;
    SceUInt32 extraLow;
    SceUInt32 extraHigh;
    void *base;
    SceUID pid;
    SceKernelPAVector *pPAV;
    SceSize vsize;
    SceUInt32 unk_30;
} SceKernelAllocMemBlockOptKernel_old;

/**
 * Option parameter of kernel sceKernelAllocMemBlock on recent FWs (as seen on FW 3.60)
 */
typedef struct SceKernelAllocMemBlockOptKernel { // size is 0x58 on FW 3.60
	SceSize size;			// Size of this structure
	SceUInt32 unk_4;
	SceUInt32 attr;
	void *vbase;
	void *pbase;			// Physical address to use as base
	SceSize alignment;
	SceUInt32 extraLow;
	SceUInt32 extraHigh;
	void *base;
	SceUID pid;
	SceKernelPAVector *pPAV;
	SceSize vsize;
	SceUInt32 unk_30;
	SceUInt32 unk_34;
	SceUInt32 unk_38;
	SceUInt32 unk_3C;
	SceUInt32 unk_40;
	SceUInt32 unk_44;
	SceUInt32 unk_48;
	SceUInt32 unk_4C;
	SceUInt32 unk_50;
	SceUInt32 unk_54;
} SceKernelAllocMemBlockOptKernel;

/**
 * Attributes to enable some SceKernelAllocMemBlockOpt members.
 */
#define SCE_KERNEL_ALLOC_MEMBLOCK_ATTR_HAS_VBASE		0x00000001
#define SCE_KERNEL_ALLOC_MEMBLOCK_ATTR_HAS_PBASE		0x00000002
#define SCE_KERNEL_ALLOC_MEMBLOCK_ATTR_HAS_ALIGNMENT		0x00000004
#define SCE_KERNEL_ALLOC_MEMBLOCK_ATTR_HAS_EXTRA_LOW		0x00000008
#define SCE_KERNEL_ALLOC_MEMBLOCK_ATTR_HAS_EXTRA_HIGH		0x00000010
#define SCE_KERNEL_ALLOC_MEMBLOCK_ATTR_HAS_BASE			0x00000040
#define SCE_KERNEL_ALLOC_MEMBLOCK_ATTR_HAS_PID			0x00000080
#define SCE_KERNEL_ALLOC_MEMBLOCK_ATTR_HAS_BASENAME		0x00000200 // Need to find where basename is located in the structure
#define SCE_KERNEL_ALLOC_MEMBLOCK_ATTR_HAS_PPAV			0x00001000
#define SCE_KERNEL_ALLOC_MEMBLOCK_ATTR_HAS_SIZE			0x00002000
#define SCE_KERNEL_ALLOC_MEMBLOCK_ATTR_HAS_FIELD_30		0x00010000
#define SCE_KERNEL_ALLOC_MEMBLOCK_ATTR_NOPHYPAGE		0x00020000
#define SCE_KERNEL_ALLOC_MEMBLOCK_ATTR_PHYCONT			0x00200000 // Memory area is physically continuous.
#define SCE_KERNEL_ALLOC_MEMBLOCK_ATTR_UNK			0x00400000
#define SCE_KERNEL_ALLOC_MEMBLOCK_ATTR_SHARE_VBASE		0x00800000
#define SCE_KERNEL_ALLOC_MEMBLOCK_ATTR_SHARE_PHYPAGE		0x01000000
#define SCE_KERNEL_ALLOC_MEMBLOCK_ATTR_ALLOW_PARTIAL_OP		0x04000000 // Allow partial operation. ?What does that mean?

/**
 * UID is created by sceKernelOpen***()
 */
#define SCE_UID_ATTR_OPEN_FLAG			0x00080000U

typedef struct SceKernelHeapInfo { // size is 0xCC on FW 0.990
	SceSize size;			// Size of this structure
	char unk_4[0xC8];
} SceKernelHeapInfo;

typedef struct SceKernelHeapObject { // size is 0x40 on FW 0.990
	SceSize size;				// Size of this structure
	uint32_t unk_4;				// 0x4
	uint32_t unk_8;				// 0x8
	uint32_t unk_C;				// 0xC
	uint32_t unk_10;			// 0x10
	uint32_t unk_14;			// 0x14
	uint32_t unk_18;			// 0x18
	uint32_t unk_1C;			// 0x1C
	uint32_t unk_20;			// 0x20
	uint32_t unk_24;			// 0x24
	uint32_t unk_28;			// 0x28
	uint32_t unk_2C;			// 0x2C
	uint32_t unk_30;			// 0x30
	uint32_t magic;				// 0x34 - 0xD2BBDEC3
	uint32_t unk_38;			// 0x38
	uint32_t unk_3C;			// 0x3C
	uint32_t unk_40;			// 0x40
} SceKernelHeapObject;

typedef struct SceKernelFixedHeap { // size is 0x40 on FW 0.990
	SceSize size;				// Size of this structure
	SceClass pClass;			// 0x4
	uint32_t unk_8;				// 0x8
	uint32_t unk_C;				// 0xC
	uint32_t unk_10;			// 0x10
	uint32_t unk_14;			// 0x14
	uint32_t pageSize;			// 0x18 - min 0x1000 on FW 0.990
	uint16_t itemSize;			// 0x1C
	uint16_t unk_1E;			// 0x1E
	uint32_t unk_20;			// 0x20
	uint32_t unk_24;			// 0x24
	uint32_t magic;				// 0x28 - 0xFD9B28A6
	uint16_t sizeInWords;			// 0x2C
	uint16_t index;				// 0x2E
	SceKernelHeapObject *heapObject;	// 0x30
	uint32_t unk_34;			// 0x34
	uint32_t unk_38;			// 0x38
	uint16_t unk_3C;			// 0x3C
} SceKernelFixedHeap;

typedef struct SceKernelFixedHeapInfo { // size is 0x14 on FW 0.990
	SceSize size;			// Size of this structure
	uint32_t unk_4;			// = (uint32_t)*(uint16_t *)(pObject + 0x1C)
	uint32_t unk_8;			// = *(uint32_t *)(pObject + 0x18) + (uint32_t)*(uint16_t *)(pObject + 0x2E)
	uint32_t unk_C;			// = (uint32_t)*(uint16_t *)(pObject + 0x1E)
	uint32_t unk_10;		// = (uint32_t)*(uint16_t *)(pObject + 0x20)
} SceKernelFixedHeapInfo;

typedef struct SceKernelHeapMemoryOpt { // size is 0x14 on FW 0.990
	SceSize size;			// Size of this structure
	uint32_t unk_4;
	uint32_t unk_8;
	uint32_t unk_C;			// example: 0x20
	uint32_t unk_10;
} SceKernelHeapMemoryOpt;

typedef struct SceAddressSpace { // size is at least 0xEC
	char unk[0x14];
	SceKernelMMUContext *context;
	char unk[0xC4];
	void *funcAlloc;
	char unk2[0x8];
	uint32_t magic;			// always 0x4d95AEEC
} SceAddressSpace;

typedef struct SceKernelAddressSpace { // size is 0x10 bytes on FW 0.940-3.60
    SceSize size; // Size of this structure
    int flag;
    void *data_0x08; // info dst buff ptr, need AddrSpace.flag  = 2;
    void *data_0x0C; // info dst buff ptr, need AddrSpace.flag |= 4;
} SceKernelAddressSpace;

typedef struct SceKernelVARange {
	uint32_t vaddr;
	uint32_t length;
} SceKernelVARange;

typedef struct SceKernelPARange {
	uint32_t paddr;
	uint32_t length;
} SceKernelPARange;

typedef struct SceKernelPAVector {
	SceSize size;			// Size of this structure (0x14 on 0.990)
	uint32_t pRanges_size;		// Ex: 8
	uint32_t nDataInVector;		// Must be <= 8
	uint32_t count;
	SceKernelPARange *pRanges;
} SceKernelPAVector;

#define SCE_KERNEL_PROCESS_ID_SELF 0 // Current running process ID is always 0.

typedef struct SceKernelPhyMemPart { // size is at least 0x9C on FW 0.931
    uint32_t field_0x0;
    uint32_t field_0x4;
    uint32_t some_counter; // always positive
    uint32_t field_0xc;
    char *name;
    int type; // 0x10000 for Lpddr2Main, 0x30000 for Cdram
    int mutex;
    uint32_t field_0x1c;
    SceSize psize;
    int field_0x24;
    int pRoot;
    uint32_t field_0x2c;
    uint32_t field_0x30;
    uint32_t field_0x34;
    uint32_t field_0x38;
    int status;
    int pindex40; //1
    int field_0x44;
    int pindex48; //2
    int field_0x4c;
    int pindex50; //3
    int field_0x54;
    int pindex58; //4
    int field_0x5c;
    int pindex60; //5
    int field_0x64;
    int pindex68; //6
    int field_0x6c;
    int pindex70; //7
    int field_0x74;
    int pindex78; //8
    int field_0x7c;
    int pindex80; //9
    SceSize psize2;
    int min;
    int pindex8C; //10
    int field_0x90;
    int nClient;
    SceSize freeSize;
} SceKernelPhyMemPart;

/**
 * An enumeration to represent the various logging levels which can be output by sceDbgLoggingHandler().
 */
typedef enum SceDbgLogLevel {
    SCE_DBG_LOG_LEVEL_TRACE = 0, /* An extremely verbose logging level, mostly useful for internal developers. */
    SCE_DBG_LOG_LEVEL_DEBUG,     /* A diagnostic logging level. */
    SCE_DBG_LOG_LEVEL_INFO,      /* An informational logging level. */
    SCE_DBG_LOG_LEVEL_WARNING,   /* A logging level that gives warnings of situations detrimental to proper execution. */
    SCE_DBG_LOG_LEVEL_ERROR,     /* A logging level that will report erroneous conditions in execution. */
    SCE_DBG_NUM_LOG_LEVELS       /* The number of logging levels available. */
} SceDbgLogLevel;

GetPhyMemPartIndex

uint GetPhyMemPartIndex(uint param_1) {
  uint cpuId;
  
  if (param_1 == 0xea0d050) goto LAB_81009494;
  if (param_1 < 0xea0d051) {
    if (param_1 == 0x620d004) {
      return 6;
    }
    if (param_1 < 0x620d005) {
      if (param_1 != 0x3b0d060) {
        if (param_1 < 0x3b0d061) {
          if (param_1 != 0x3a0d060) {
            if (param_1 < 0x3a0d061) {
              if (param_1 == 0x3a0d040) goto LAB_81009494;
              if (param_1 == 0x3a0d050) {
                return 10;
              }
            }
            else {
              if (param_1 == 0x3b0d040) goto LAB_81009494;
              if (param_1 == 0x3b0d050) {
                return 0xb;
              }
            }
            goto LAB_81009402;
          }
        }
        else {
          if (param_1 != 0x3f0d060) {
            if (param_1 < 0x3f0d061) {
              if ((param_1 == 0x3f0d040) || (param_1 == 0x3f0d050)) goto LAB_81009494;
            }
            else {
              if (param_1 == 0x6208004) {
                return 6;
              }
              if (param_1 == 0x6208006) {
                return 6;
              }
            }
            goto LAB_81009402;
          }
        }
      }
LAB_81009494:
      return (param_1 << 8) >> 0x1c;
    }
    if (param_1 == 0xc208060) {
      return 0xb;
    }
    if (param_1 < 0xc208061) {
      if (param_1 == 0x9408060) {
        return 0xc;
      }
      if (param_1 < 0x9408061) {
        if (param_1 == 0x620d006) {
          return 6;
        }
        if (param_1 == 0x9404060) {
          return 0xc;
        }
      }
      else {
        if (param_1 == 0xb100860) {
          return 1;
        }
        if (param_1 == 0xc200860) {
          return 0xb;
        }
      }
    }
    else {
      if (param_1 == 0xea08040) goto LAB_81009494;
      if (param_1 < 0xea08041) {
        if (param_1 == 0xc20d050) {
          return 0xb;
        }
        if (param_1 == 0xc20d060) {
          return 0xb;
        }
      }
      else {
        if (param_1 == 0xea08060) goto LAB_81009494;
        if (param_1 == 0xea0d040) {
          return 10;
        }
      }
    }
  }
  else {
    if (param_1 == 0x20108004) {
      return 1;
    }
    if (param_1 < 0x20108005) {
      if (param_1 == 0x1020d006) {
        return 6;
      }
      if (param_1 < 0x1020d007) {
        if (param_1 == 0x10208004) {
          return 6;
        }
        if (param_1 < 0x10208005) {
          if (param_1 == 0xea0d060) goto LAB_81009494;
          if (param_1 == 0x10200806) {
            return 6;
          }
        }
        else {
          if (param_1 == 0x10208006) {
            return 6;
          }
          if (param_1 == 0x1020d004) {
            return 6;
          }
        }
      }
      else {
        if (param_1 == 0x20100206) {
          return 1;
        }
        if (param_1 < 0x20100207) {
          if (param_1 == 0x1050d006) {
            return 5;
          }
          if (param_1 == 0x20100204) {
            return 1;
          }
        }
        else {
          if (param_1 == 0x20100804) {
            return 1;
          }
          if (param_1 == 0x20100806) {
            return 1;
          }
        }
      }
    }
    else {
      if (param_1 == 0x60208006) {
        return 6;
      }
      if (param_1 < 0x60208007) {
        if (param_1 == 0x40404006) {
          return 0xc;
        }
        if (param_1 < 0x40404007) {
          if (param_1 == 0x20108006) {
            return 1;
          }
          if (param_1 == 0x2010d006) {
            return 1;
          }
        }
        else {
          if (param_1 == 0x40408006) {
            return 0xc;
          }
          if (param_1 == 0x60208004) {
            return 6;
          }
        }
      }
      else {
        if (param_1 == 0x6050d006) goto LAB_81009494;
        if (param_1 < 0x6050d007) {
          if (param_1 == 0x6020d004) {
            return 6;
          }
          if (param_1 == 0x6020d006) {
            return 6;
          }
        }
        else {
          if (0x70f0d003 < param_1) {
            if (param_1 < 0x70f0d007) goto LAB_81009494;
            if (param_1 == 0xa0408006) {
              return 0xc;
            }
          }
        }
      }
    }
  }
LAB_81009402:
  cpuId = ksceKernelCpuGetCpuId();
  SceDebugForDriver_1A3F2AA4
            (1,
             "%d:address_space.c:%s:Warning:Using SCE_KERNEL_PHYMEMPART_LPDDR2MAIN_KERNEL_INDEX for0x%08x\n"
             ,cpuId,"GetPhyMemPartIndex",param_1);
  return 6;
}

Memory Block Type

The type parameter indicates what kind of memory to allocate. Here is a mapping of type flags to ARM MMU flags. Higher bits are used for other options including where to allocate from. Not all flag values are valid, there is a table of valid types in the kernel. You cannot, for example, allocate RWX memory.

Mask Value Description
0x10000 0x10000 Global. nG bit NOT set
0xFF00 0x800 B bit set. Sharable device memory.
0xFF00 0x2000 TEX[2] and TEX[0] bit set. Outer cache Write-back, Write-Allocate. Inner cache non-cachable.
0xFF00 0x4000 TEX[2] and B bit set. Outer cache non-cachable. Inner cache Write-back, Write-Allocate
0xFF00 0x8000 TEX[0] bit set. S bit unset. Outer and inner non-cachable. Not sharable.
0xFF00 0xD000 TEX[0] bit set. C,B bits set. Outer and inner Write-back, Write-Allocate.
0xFF 0x4 AP[2:0] = 5, XN=1. Privileged RO, User NA.
0xFF 0x5 AP[2:0] = 5. Privileged RX, User NA.
0xFF 0x6 AP[2:0] = 1, XN=1. Privileged RW, User NA.
0xFF 0x7 AP[2:0] = 1. Privileged RWX, User NA. (Never used, 3.60 0x80024B01)
0xFF 0x50 AP[2:0] = 7. Privileged RX, User RX.
0xFF 0x60 AP[2:0] = 3, XN=1. Privileged RW, User RW.
0xFF 0x40 AP[2:0] = 7, XN=1. Privileged RO, User RO.
Mask Value Name
0x0F000000 0x09000000 SceKernelUserCdram
0x0F000000 0x0A000000 SceKernelUserShared
0x0F000000 0x0B000000 SceKernelUserIO
0x0F000000 0x0C000000 SceKernelUserMain
0x0F000000 0x0D000000 SceKernelUserUncache
0x0F000000 0x0E000000 SceKernelUserCDialog
0x0F000000 0x0F000000 SceKernelUserCDialogNC
type bits

mask
0x0000000F : only kernel
0x000000F0 : only user

RWXO bit
0 1 1 0
? R W X

RO type when both w bit and x bit are 0

memory device type(?)
mask : 0x00000F00
0x00000200 : SO
0x00000800 : DEVICE

memory cache type
mask : 0x0000F000
0x00002000 : No internal cache only
0x00004000 : No external cache only
0x00008000 : NORMAL_NC (uncache)
0x0000D000 : NORMAL (cache)

memory access type?
mask : 0x00F00000
0x00100000 : IO
0x00200000 : normal?
0x00400000 : CDRAM
0x00500000 : GAME
0x00800000 : PHYCONT
0x00A00000 : UNKNOWN
0x00F00000 : UNKNOWN

memory access type?
mask : 0x0F000000
0x05000000 : CDRAM2
0x06000000 : KTMP
0x09000000 : CDRAM
0x0C000000 : normal?
0x0D000000 : MAIN PHYCONT
0x0E000000 : CDIALOG

memory access type2? (only kernel)
mask : 0xF0000000
0x00000000 : USER
0x10000000 : normal?
0x20000000 : IO
0x40000000 : CDRAM
0x50000000 : CDRAM2
0x60000000 : TMP
0xA0000000 : GPU

SCE_KERNEL_MEMBLOCK_TYPE_USER_CDRAM2_RW                 0x05408060

SCE_KERNEL_MEMBLOCK_TYPE_USER_KTMP*****                 0x0620D006

SCE_KERNEL_MEMBLOCK_TYPE_USER_CDRAM_RW_UNCACHE_EXTERNAL 0x09404060
SCE_KERNEL_MEMBLOCK_TYPE_USER_CDRAM_RO_UNCACHE          0x09408040
SCE_KERNEL_MEMBLOCK_TYPE_USER_CDRAM_RW_UNCACHE          0x09408060
SCE_KERNEL_MEMBLOCK_TYPE_USER_CDRAM_RW                  0x09408060
SCE_KERNEL_MEMBLOCK_TYPE_USER_CDRAM_RWDATA              0x09408060

SCE_KERNEL_MEMBLOCK_TYPE_USER_DEVICE_RW                 0x0C200860
SCE_KERNEL_MEMBLOCK_TYPE_USER_NC_RW                     0x0C208060
SCE_KERNEL_MEMBLOCK_TYPE_USER_RW_UNCACHE                0x0C208060
SCE_KERNEL_MEMBLOCK_TYPE_USER_RWDATA_UNCACHE            0x0C208060
SCE_KERNEL_MEMBLOCK_TYPE_USER_RO                        0x0C20D040
SCE_KERNEL_MEMBLOCK_TYPE_USER_TEXT                      0x0C20D050
SCE_KERNEL_MEMBLOCK_TYPE_USER_RW                        0x0C20D060
SCE_KERNEL_MEMBLOCK_TYPE_USER_RWDATA                    0x0C20D060
SCE_KERNEL_MEMBLOCK_TYPE_USER_GAME_RW                   0x0C50D060
SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_PHYCONT_RW           0x0C80D060
SCE_KERNEL_MEMBLOCK_TYPE_USER_UNKNOWN_RW_UNCACHE        0x0CA08060
SCE_KERNEL_MEMBLOCK_TYPE_USER_UNKNOWN_RW                0x0CA0D060
SCE_KERNEL_MEMBLOCK_TYPE_USER_UNKNOWN2_RW               0x0CF0D060

SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_PHYCONT_NC_RW        0x0D808060

SCE_KERNEL_MEMBLOCK_TYPE_USER_CDIALOG_RO_UNCACHE        0x0E208040
SCE_KERNEL_MEMBLOCK_TYPE_USER_CDIALOG_RX_UNCACHE        0x0E208050
SCE_KERNEL_MEMBLOCK_TYPE_USER_CDIALOG_RW_UNCACHE        0x0E208060
SCE_KERNEL_MEMBLOCK_TYPE_USER_CDIALOG_RO                0x0E20D040
SCE_KERNEL_MEMBLOCK_TYPE_USER_CDIALOG_RW                0x0E20D060


kernel memory types:
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_SO_RW: 0x10200206
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_R: 0x1020d004
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_R_UNCACHE: 0x10208004
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_RW: 0x1020d006
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_RW_UNCACHE: 0x10208006
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_DEVICE_RW: 0x10200806
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_RX: 0x1020d005
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_RW_GAME: 0x1050d006
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_IO_RO: 0x20100804
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_IO_RW: 0x20100806
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_IO_SO_RO: 0x20100204
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_IO_SO_RW: 0x20100206
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_IO_NC_RO: 0x20108004
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_IO_NC_RW: 0x20108006
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_BOOT_IMAGE: 0x1020d007
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_CDRAM_RW: 0x40408006
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_CDRAM2_RW: 0x50408006
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_TMP_GAME_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_TMP_NC_R: 0x60208004
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_TMP_NC_RW: 0x60208006
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_TMP_R: 0x6020d004
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_TMP
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_TMP_RW: 0x6020d006
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_GPU_CDRAM_RW: 0xa0408006

code memory types:
SCE_KERNEL_MEMBLOCK_CODE_MEMORY_TYPE_L2WBWA: 0x2000
SCE_KERNEL_MEMBLOCK_CODE_MEMORY_TYPE_L1WBWA: 0x4000
SCE_KERNEL_MEMBLOCK_CODE_MEMORY_TYPE_NORMAL_NC: 0x8000

memory allocate test.

mem type mem size mem base
0x0C200860 0x200000 0x80100000
0x0C208060 0x200000 0x70000000
0x0C20D040 0x200000 0x85200000
0x0C20D060 0x200000 0x85200000
0x0C50D060 0x200000 0x85200000
0x0C80D060 0x200000 0x85200000
0x0CA08060 0x200000 0x70000000
0x0CA0D060 0x200000 0x85200000
0x0CF0D060 0x200000 error, Looks like a memory type to reserve a fairly large size memory
0x0D808060 0x200000 0x70000000
0x0E208040 0x200000 0x68000000
0x0E208050 0x200000 error, It seems that RX memory cannot be allocated from the user
0x0E208060 0x200000 0x68000000
0x0E20D040 0x200000 0xD0300000
0x0E20D060 0x200000 0xD0300000

Types to reverse

from 0.990:

CDIALOG:
SCE_KERNEL_MEMBLOCK_TYPE_CDIALOG_NC_R

FREE:
SCE_KERNEL_MEMBLOCK_TYPE_FREE

KERNEL:
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_CDRAM_L1WBWA_RW

SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_IO_DEVICE_R
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_IO_DEVICE_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_IO_NC_R
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_IO_SO_R

SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_KMP_TOOL_RW

SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_ROOT_CDIALOG_R
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_ROOT_CDIALOG_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_ROOT_DEVICE_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_ROOT_GAME_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_ROOT_NC_R
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_ROOT_NC_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_ROOT_PHYCONT_NC_R
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_ROOT_PHYCONT_NC_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_ROOT_PHYCONT_R
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_ROOT_PHYCONT_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_ROOT_R
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_ROOT_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_ROOT_RX
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_ROOT_SO_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_ROOT_UMAIN_RW

SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_TMP_GAME_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_TMP_NC_R
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_TMP_NC_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_TMP_R

SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_TOOL_NC_R
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_TOOL_NC_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_TOOL_R
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_TOOL_RW
SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_TOOL_RX

USER:
SCE_KERNEL_MEMBLOCK_TYPE_USER_CDIALOG_NC_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_CDIALOG_R
SCE_KERNEL_MEMBLOCK_TYPE_USER_CDIALOG_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_CDIALOG_RX

SCE_KERNEL_MEMBLOCK_TYPE_USER_CDRAM_NC_R
SCE_KERNEL_MEMBLOCK_TYPE_USER_CDRAM_NC_RW

SCE_KERNEL_MEMBLOCK_TYPE_USER_IO_DEVICE_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_IO_SO_RW

SCE_KERNEL_MEMBLOCK_TYPE_USER_KTMP_NC_R
SCE_KERNEL_MEMBLOCK_TYPE_USER_KTMP_NC_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_KTMP_R
SCE_KERNEL_MEMBLOCK_TYPE_USER_KTMP_RW

SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_DEVICE_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_GAME_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_NC_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_PHYCONT_NC_R
SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_PHYCONT_NC_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_PHYCONT_R
SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_PHYCONT_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_R
SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_RX
SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_TOOL_NC_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_TOOL_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_TOOL_RX

SCE_KERNEL_MEMBLOCK_TYPE_USER_SHARED_CDIALOG_R
SCE_KERNEL_MEMBLOCK_TYPE_USER_SHARED_CDIALOG_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_SHARED_CDIALOG_RX
SCE_KERNEL_MEMBLOCK_TYPE_USER_SHARED_MAIN_R
SCE_KERNEL_MEMBLOCK_TYPE_USER_SHARED_MAIN_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_SHARED_MAIN_RX
SCE_KERNEL_MEMBLOCK_TYPE_USER_SHARED_SHARED_R
SCE_KERNEL_MEMBLOCK_TYPE_USER_SHARED_SHARED_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_SHARED_SHARED_RX
SCE_KERNEL_MEMBLOCK_TYPE_USER_SHARED_TOOL_R
SCE_KERNEL_MEMBLOCK_TYPE_USER_SHARED_TOOL_RW
SCE_KERNEL_MEMBLOCK_TYPE_USER_SHARED_TOOL_RX

SceSysmemForKernel

sceKernelGrowPhyMemPartForKernel

Version NID
0.990-3.60 0x6B3F4102

Calls sceKernelGrowPhyMemPartWithFlagsForKernel with flags = 0.

int sceKernelGrowPhyMemPartForKernel(SceKernelPhyMemPart *pPhyMemPart, SceSize psize);

sceKernelGrowPhyMemPartWithFlagsForKernel

Version NID
0.990 not present
3.60 0x775AA5E3

Grows physical memory partition with flags.

int sceKernelGrowPhyMemPartWithFlagsForKernel(SceKernelPhyMemPart *pPhyMemPart, int flags, SceSize psize);

sceKernelGetGrownPhyMemPartSizeForKernel

Version NID
0.990 not present
3.60 0x4D809B47

This is a temp name.

Returns a global variable. This global variable is either a size or offset or address and is incremented by sceKernelGrowPhyMemPartWithFlagsForKernel.

int sceKernelGetGrownPhyMemPartSizeForKernel(void);

sceKernelAddressSpaceChangeMMUContextForKernel

Version NID
0.931-3.60 0x653B0849
int sceKernelAddressSpaceChangeMMUContextForKernel(SceUID uid);

sceKernelAddressSpaceGetMMUL1InfoForKernel

Version NID
0.931 0x671A3444
3.60 not present
int sceKernelAddressSpaceGetMMUL1InfoForKernel(SceUID uid, const void *addr, void *pInfo);

sceKernelAddressSpaceGetMMUL2InfoForKernel

Version NID
0.931 0xCB6E1C80
3.60 not present
int sceKernelAddressSpaceGetMMUL2InfoForKernel(SceUID uid, const void *addr, void *pInfo);

sceKernelAddressSpaceGetMMUL1AllInfoForKernel

Version NID
0.931 0x1A898F2E
3.60 not present
typedef struct SceKernelAddressSpaceMMUL1AllInfo { // size is 0x400C on FW 0.931
  SceSize size; // Size of this structure
  char unk[0x4008];
} SceKernelAddressSpaceMMUL1AllInfo;

int sceKernelAddressSpaceGetMMUL1AllInfoForKernel(SceUID uid, SceKernelAddressSpaceMMUL1AllInfo *pInfo);

sceKernelAddressSpaceGetMMUL2AllInfoForKernel

Version NID
0.931 0x1E1AA29B
3.60 not present
typedef struct SceKernelAddressSpaceMMUL2AllInfo { // size is 0x404 on FW 0.931
  SceSize size; // Size of this structure
  char unk[0x400];
} SceKernelAddressSpaceMMUL2AllInfo;

int sceKernelAddressSpaceGetMMUL2AllInfoForKernel(SceUID uid, const void *addr, SceKernelAddressSpaceMMUL2AllInfo *pInfo);

sceKernelGetPhyPartKernelForKernel

Version NID
0.931-3.60 0x4D38F861

return gpPhyPartKernel;

int sceKernelGetPhyPartKernelForKernel(void);

sceKernelPhyMemLowAllocForKernel

Version NID
0.931-3.60 0x5E169FEF
// type must be 0x10001, 0x10002 or 0x20001
int sceKernelPhyMemLowAllocForKernel(int type, uint size, uint alignment, void *out);

sceKernelPhyMemLowPA2VAForKernel

Version NID
0.931-3.60 0x0FD6B756
// type must be 0x10002
int sceKernelPhyMemLowPA2VAForKernel(int type, void *PA, void **pVA);

sceKernelGetPhyMemLowInfoForKernel

Version NID
0.931-0.990 0x06A4DA6C
typedef struct SceKernelPhyMemLowInfo { // size is 0x1C on FW 0.931-0.990
	SceSize size;			// Size of this structure
	uint32_t unk_4;
	uint32_t unk_8;
	uint32_t unk_C;
	uint32_t unk_10;
	uint32_t unk_14;
	uint32_t unk_18;
} SceKernelPhyMemLowInfo;

// type must be 0x10001, 0x10002 or 0x20001

int sceKernelGetPhyMemLowInfoForKernel(int type, SceKernelPhyMemLowInfo *info);

sceKernelPhyMemLowFreeForKernel

Version NID
0.931-3.60 0x18B99FDD
// type must be 0x10001, 0x10002 or 0x20001
int sceKernelPhyMemLowFreeForKernel(int type);

SceSysmemForKernel_66636970

Version NID
0.990 0x66636970

Return *class.

int SceSysmemForKernel_66636970(SceUID uid);

SceSysmemForKernel_95ABFDC3

Version NID
0.990-3.60 0x95ABFDC3
int SceSysmemForKernel_95ABFDC3(uint32_t flags);

sceKernelRegisterClassForKernel

Version NID
0.990 0x11761B77

sceKernelAllocKernelHeapForKernel

Version NID
0.931-0.990 0x432EADA6
int sceKernelAllocKernelHeapForKernel(SceSize size);

sceUIDCreateEntryHeapForKernel

Version NID
0.990-3.60 0x19CAEF35
int sceUIDCreateEntryHeapForKernel(void);

sceUIDKernelCreateForKernel

Version NID
0.990 0xE6FAD50A

sceUIDObjectSetClassForKernel

Version NID
0.931-0.990 0x226DE851
3.60 not present
int sceUIDObjectSetClassForKernel(SceKernelObject *pObject, SceClass *pClass);

sceGUIDGetEntryInfoAllForKernel

Version NID
0.990-3.60 0x2A79C51C
int sceGUIDGetEntryInfoAllForKernel(SceUID uid, void *vectors, uint32_t nVector, void *out);

sceGUIDNameForKernel

Version NID
0.990 0x250EE289
char *sceGUIDNameForKernel(SceUID uid);

sceGUIDRegisterForKernel

Version NID
0.990-3.60 0xAF42AAD5
int sceGUIDRegisterForKernel(SceClass *pClass, const char *name, SceKernelObject *pObject);

sceUIDRegisterForKernel

Version NID
0.931-0.990 0x59162CD7
3.60 not present

Calls sceGUIDRegisterForKernel.

int sceUIDRegisterForKernel(SceClass *pClass, const char *name, SceKernelObject *pObject);

sceKernelGetAddressSpaceMMUContextForKernel

Version NID
0.990-3.60 0xFBEF93AA
int sceKernelGetAddressSpaceMMUContextForKernel(SceUID uid, void *context);

sceKernelAllocSimpleMemBlockForKernel

Version NID
0.990-3.60 0xF81F4672
typedef struct SceKernelSimpleMemBlock {
	char unk_0[0x14];
	void *base;
	char unk_18[0x14];
	void *PhyPage;
	SceSize size;
} SceKernelSimpleMemBlock;

int sceKernelAllocSimpleMemBlockForKernel(const char *name, SceKernelMemBlockType type, SceSize vsize, SceKernelSimpleMemBlock *smb);

sceKernelGetSimpleMemBlockBaseForKernel

Version NID
0.990-3.60 0x0A8D14EC
int sceKernelGetSimpleMemBlockBaseForKernel(SceKernelSimpleMemBlock *smb, void **base);

sceKernelAddressSpaceVARangeToPAVectorForKernel

Version NID
0.990-3.60 0xF7250E6C
int sceKernelAddressSpaceVARangeToPAVectorForKernel(SceUID uid, const SceKernelVARange *vRange, SceKernelPAVector *pVector);

sceKernelCreatePhyMemPartForKernel

Version NID
0.931-3.60 0x2E36E0C4

Calls sceKernelCreatePhyMemPartByPbaseForKernel with pbase = 0.

int sceKernelCreatePhyMemPartForKernel(const char *name, int type, SceSize psize, SceKernelPhyMemPart *pPhyMemPart);

sceKernelCreatePhyMemPartByPbaseForKernel

Version NID
0.931-3.60 0x63D83911
// type: 0x10000 for Lpddr2Main, 0x30000 for Cdram
int sceKernelCreatePhyMemPartByPbaseForKernel(const char *name, int type, void *pbase, SceSize psize, SceKernelPhyMemPart *pPhyMemPart);

sceKernelDeletePhyMemPartForKernel

Version NID
0.931-3.60 0x2AEA9E09
int sceKernelDeletePhyMemPartForKernel(SceKernelPhyMemPart *pPhyMemPart);

sceKernelGetPhyMemPartAllForKernel

Version NID
0.931-3.60 0x2F6F9C2C
int sceKernelGetPhyMemPartAllForKernel(int param_1, int param_2, void *pCountInBuffer);

sceKernelGetPhyMemPartInfoForKernel

Version NID
0.931-0.990 0x67849418
3.60 not present
int sceKernelGetPhyMemPartInfoForKernel(SceKernelPhyMemPart *pPhyMemPart, SceKernelPhyMemPartInfo *pInfo);

sceKernelGetPhyMemPartInfoByIDForKernel

Version NID
0.931-3.60 0xF4FA0575
typedef struct SceKernelPhyMemPartInfo { // size is 0x44 on FW 0.931-0.990
  SceSize size;   // Size of this structure
  uint32_t unk_4; // some size or address
  uint32_t unk_8; // some size or address
  char unk1[0xC];
  char *name; // name, maybe pointer or array
  char unk2[0x24];
} SceKernelPhyMemPartInfo;

int sceKernelGetPhyMemPartInfoByIDForKernel(SceUID id, SceKernelPhyMemPartInfo *pInfo);

sceUIDDeleteEntryHeapForKernel

Version NID
0.990-3.60 0xF0C3FCFC
int sceUIDDeleteEntryHeapForKernel(SceUID uid);

sceGUIDUnregisterForKernel

Version NID
0.931-0.990 0xE79BBCF2
int sceGUIDUnregisterForKernel(SceUID uid);

sceGUIDGetEntryInfoClassForKernel

Version NID
0.990-3.60 0xE90CFD62
int sceGUIDGetEntryInfoClassForKernel(SceUID uid, int a2, void *vectors, int nVector, void *out);

sceKernelGetPhyPageResetForKernel

Version NID
0.990-3.60 0xEB350679
void *sceKernelGetPhyPageResetForKernel(void);

sceKernelFreePhyPageForKernel

Version NID
0.990-3.60 0x00BC5B4A
int sceKernelFreePhyPageForKernel(uint32_t a1, int pPage, uint32_t a3, uint32_t a4);

sceKernelNameHeapInsertForKernel

Version NID
0.990-3.60 0x08AB3DAE
int sceKernelNameHeapInsertForKernel(char *name, uint32_t flags, uint32_t *out);

scePUIDReleaseObjectForKernel

Version NID
3.60 0x3FCA782B

scePUIDGetInfoForKernel

Version NID
3.60 0x12ED88AE

sceGUIDGetEntryForKernel

Version NID
3.60 0x45F2A59C

sceGUIDGetVisibilityLevelForKernel

Version NID
3.60 0xC69666C3

sceGUIDSetVisibilityLevelForKernel

Version NID
3.60 0xCB8D03C0

sceGUIDFindByNameForKernel

Version NID
3.60 0xCEBA8031

sceGUIDFindByNameAllForKernel

Version NID
3.60 0x4B5C85AC

sceGUIDGetPIDForKernel

Version NID
3.60 0xCF5A2311

sceGUIDSetCNOAForKernel

Version NID
3.60 0x8D6AF468

sceGUIDSetForKernel

Version NID
0.931-3.60 0xD7B323EB
int sceGUIDSetForKernel(SceUID uid, SceClass *pClass, const char *name, SceKernelObject *pObject);

sceUIDGetProcUIDVectorByClassForKernel

Version NID
0.990 0x51C08396
3.60 not present

sceUIDReferObjectWithLevelForKernel

Version NID
0.990 0xF79B52B2
3.60 not present

sceKernelPhysicalMemWriteForKernel

Version NID
0.931 0x4B86A751
3.60 not present
int sceKernelPhysicalMemWriteForKernel(void *dest, const void *src, SceSize size);

sceKernelPhysicalMemReadForKernel

Version NID
0.931-0.990 0xF96E3AE2
3.60 not present

Temp name was memcpy_from_paddr.

dest must be a vaddr and src must be a paddr. Return copied size on success.

int sceKernelPhysicalMemReadForKernel(void *dest, const void *src, SceSize dest_size, SceSize src_size);

sceKernelAllocPartitionMemBlockForKernel

Version NID
0.931-3.60 0x5FFE4B79

Temp name was sceKernelAllocSystemCallTableForKernel.

SceUID sceKernelAllocPartitionMemBlockForKernel(SceUID part, const char *name, SceKernelMemBlockType type, SceSize size, const struct SceKernelAllocMemBlockOptKernel *pOpt);

sceKernelUIDEntryHeapGetInfoForKernel

Version NID
0.990 not present
3.60 0x686AA15C

sceUIDEntryHeapCloseAllPUIDForKernel

Version NID
0.931-3.60 0xFAF96C1F
int sceUIDEntryHeapCloseAllPUIDForKernel(SceUID uid);

sceKernelNameHeapGetInfoForKernel

Version NID
0.990 not present
3.60 0xE443253B

sceKernelGetFixedHeapInfoByPointerForKernel

Version NID
0.990-3.60 0x219E90FD
// pObject is of size 0x30
// pObject first 4 bytes are structure size
int sceKernelGetFixedHeapInfoByPointerForKernel(void *pObject, SceKernelFixedHeapInfo *pInfo);

sceKernelGetHeapInfoByPointerForKernel

Version NID
0.990 not present
3.60 0x68451777
int sceKernelGetHeapInfoByPointerForKernel(void *pObject, SceKernelHeapInfo *pInfo);

sceKernelGetHeapInfoForKernel

Version NID
0.990-3.60 0x91733EF4
int sceKernelGetHeapInfoForKernel(SceUID uid, SceKernelHeapInfo *pInfo);

sceKernelFreeSimpleMemBlockForKernel

Version NID
0.990-3.60 0xA1FFA2C9

sceKernelAllocForKernel

Version NID
0.990-3.60 0xC0A4D2F3
3.65 0x85571907
void *sceKernelAllocForKernel(SceSize len);

sceKernelAllocAlignForKernel

Version NID
3.60 0xA2CD1697

typedef struct SceAllocOpt {
    SceSize size;   // 0x14
    SceSize data04; // maybe len align?
    SceSize align;
    int data0C;
    int data10; 
} SceAllocOpt;

void *sceKernelAllocAlignForKernel(SceSize len, SceAllocOpt *pOpt);

sceKernelFreeForKernel

Version NID
0.990-3.60 0xABAB0FAB
3.65 0x4233C16D
void sceKernelFreeForKernel(void *ptr);

sceGUIDGetObjectWithClassForKernel

Version NID
0.990-3.60 0x7ABFA9A7
int sceGUIDGetObjectWithClassForKernel(SceUID uid, SceClass *pClass, SceKernelObject **obj);

SceSysmemForKernel_C38D61FC

Version NID
0.990 0xC38D61FC

Calls SceSysmemForDriver_89A44858.

sceUIDGetObjectForKernel

Version NID
0.931-0.990 0xC4893914

Calls sceKernelGUIDGetObjectForDriver.

int sceUIDGetObjectForKernel(SceUID gid, SceKernelObject **pEntry);

SceSysmemForKernel_620E00E7

Version NID
0.990 0x620E00E7
SceSysmemForKernel_620E00E7(int a1, int global_id, _DWORD *out);

SceSysmemForKernel_7C797940

Version NID
0.990 0x7C797940

Calls SceSysmemForKernel_620E00E7 or SceSysmemForDriver_0F5C84B7.

sceUIDtoObjectForKernel

Version NID
0.990-3.60 0xED221825

Calls sceKernelGUIDGetObjectForDriver.

SceKernelObject *sceUIDtoObjectForKernel(SceUID uid);

sceGUIDKernelCreateWithAttrForKernel

Version NID
0.990-3.60 0x53E1FFDE
int sceGUIDKernelCreateWithAttrForKernel(SceClass *pClass, uint32_t a2, uint32_t a3, SceKernelObject *pObject);

sceGUIDOpenByGUIDForKernel

Version NID
0.990-3.60 0xCF53EEE4

sceGUIDGetUIDVectorByClassForKernel

Version NID
0.931-3.60 0xEC7D36EF

sceUIDGetUIDVectorByClassForKernel

Version NID
0.931-0.990 0xA2F03233
3.60 not present

It is simply a wrapper for sceGUIDGetUIDVectorByClassForKernel.

sceKernelCreateAddressSpaceForKernel

Version NID
0.990-3.60 0x4A3737F0
3.65 0x8EE89D2C
// flag use 0x10000001
int sceKernelCreateAddressSpaceForKernel(SceUID a1, void *a2, int flag, SceKernelAddressSpace **ppAS);

3.60
SceUID sceKernelCreateAddressSpaceForKernel(SceUID pid, const char *titleid, int flag, SceKernelAddressSpace *pAS);

sceKernelDeleteAddressSpaceForKernel

Version NID
0.931-3.60 0xF2D7FE3A
int sceKernelDeleteAddressSpaceForKernel(SceUID guid);

sceKernelAddressSpaceFreeAllMemBlockForKernel

Version NID
0.931-3.60 0x89CE1F31
int sceKernelAddressSpaceFreeAllMemBlockForKernel(SceUID guid);

sceKernelAddressSpaceSetPhyMemPartForKernel

Version NID
0.931-3.60 0x67955EE9
int sceKernelAddressSpaceSetPhyMemPartForKernel(SceUID uid, int a2, SceKernelPhyMemPart *pPhyMemPart);

sceKernelAddressSpaceUnmapForKernel

Version NID
0.931-3.60 0xCE72839E
int sceKernelAddressSpaceUnmapForKernel(SceUID uid, int unk, void *vbase, SceSize size);

3.60:

int sceKernelAddressSpaceUnmapForKernel(SceUID uid, int flags, int unk, uint32_t paddr, SceSize size);

Example: in SceSysStateMgr:

sceKernelAddressSpaceUnmapForKernel(0x10007, 0xF7, 0x51000000, 0x1000000);
sceKernelAddressSpaceUnmapForKernel(0x10007, 0xF0, 0xE0000000, 0x8000000);
sceKernelAddressSpaceUnmapForKernel(0x10007, 0xF0, 0x1A000000, 0x100000);

3.60

sceKernelAddressSpaceUnmapForKernel(0x10007, 0xF7, 0xC, 0x51000000, 0x1000000);
sceKernelAddressSpaceUnmapForKernel(0x10007, 0xF0, 0xC, 0xE0000000, 0x8000000);
sceKernelAddressSpaceUnmapForKernel(0x10007, 0xF0, 0xC, 0x1A000000, 0x100000);

sceKernelAddressSpaceVAtoPAForKernel

Version NID
0.990-3.60 0xF2179820
int sceKernelAddressSpaceVAtoPAForKernel(SceAddressSpace *pAS, uint32_t mode, void *pVA, void **pPA);

sceKernelAddressSpaceGetMemoryTypeForKernel

Version NID
0.990-3.60 0xCC7BB240
int sceKernelAddressSpaceGetMemoryTypeForKernel(uint32_t *memory_type);

sceKernelRxMemcpyKernelToUserForPidForKernel

Version NID
1.69-3.60 0x30931572

Unrestricted memcpy to the virtual address space for process pid. Both dst and src must be in the address space of pid but src must also be accessible in the address space of the caller. This is normally used for resolving stubs in module loads. Same as write to RO but does a cache flush.

int sceKernelRxMemcpyKernelToUserForPidForKernel(SceUID pid, uintptr_t dst, const void *src, size_t len);

sceKernelFindClassByNameForKernel

Version NID
3.60 0x62989905
int sceKernelFindClassByNameForKernel(const char *name, SceClass **class);

sceKernelGetMemBlockTypeForKernel

Version NID
3.60 0x289BE3EC
/***
 * Gets the memory block type of a memory block
 *
 * @param[in] uid - SceUID of the memory block
 * @param[out] type - Type of the memory block identified by uid
 *
 * @return 0 on success, < 0 on error.
*/
int sceKernelGetMemBlockTypeForKernel(SceUID uid, unsigned int *type);

sceKernelCreateUidObjForKernel

Version NID
3.60 0xDF0288D7
SceUID sceKernelCreateUidObjForKernel(SceClass *class, const char *name, SceCreateUidObjOpt *opt, SceKernelObject **obj);

sceKernelGetUidHeapClassForKernel

Version NID
3.60 0x4CCA935D
SceClass *sceKernelGetUidHeapClassForKernel(void);

sceKernelGetUidMemBlockClassForKernel

Version NID
3.60 0xAF729575
SceClass *sceKernelGetUidMemBlockClassForKernel(void);

sceKernelGetUidDLinkClassForKernel

Version NID
0.990-3.60 0xC105604E
SceClass *sceKernelGetUidDLinkClassForKernel(void);

SceSysmemForDriver

SceSysmemForDriver_65B9B393

Version NID
0.990 0x65B9B393
3.60 not present

Return *class.

uint32_t SceSysmemForDriver_65B9B393(SceUID uid);

get_class

Version NID
0.931-0.990 0xFE28F5EB
3.60 not present
SceClass *get_class(void);

sceUIDKernelCreateForDriver

Version NID
0.990 0x7FC849B1
3.60 not present

sceUIDClassInitForDriver

Version NID
0.931-0.990 0xE6D75E99
3.60 not present
int sceUIDClassInitForDriver(SceClass *class, const char *name, uint32_t uid_class, uint32_t item_size, void *constructor, void *destructor);

sceKernelCopyFromUserForDriver

Version NID
0.990 0xE08F3967
3.60 not present
int sceKernelCopyFromUserForDriver(void *dst, const void *src, SceSize size);

add_heap

Version NID
0.990 0xB800123C
3.60 not present
int add_heap(SceUID uid, const char *name, SceClass *class);

compare_struct_0x10

Version NID
0.990 0x6484D03E
3.60 not present
uint32_t compare_struct_0x10(char *a1, const char *a2);

sceGUIDNameForDriver

Version NID
0.990 0xB2BB6216
3.60 not present
char *sceGUIDNameForDriver(SceUID id);

sceKernelGetMemBlockAllocSizeForDriver

Version NID
0.990 0x63E5754B
3.60 not present
int sceKernelGetMemBlockAllocSizeForDriver(SceUID id, SceSize *size);

sceUIDGetClassInfoAllForDriver

Version NID
0.990 0x3EF32C6C
3.60 not present
int sceUIDGetClassInfoAllForDriver(SceClassInfo_0990 *vector, uint32_t maxNumClass, uint32_t *pNumClassInBuf);

sceKernelUIDCloseForDriver

Version NID
0.990 0x32C5F628
3.60 not present

a2 is addr or flags. (a2 & 0x40000000) == 0) means kernel uid else userland uid.

int sceKernelUIDCloseForDriver(SceUID uid, uint32_t a2);

sceKernelStrncpyToUserForDriver

Version NID
0.990 0x369355F1
3.60 not present
int sceKernelStrncpyToUserForDriver(char **dst_str, const char *src_str, SceSize to_copy_size, SceSize *dst_size);

sceKernelProcUserStrcpyForDriver

Version NID
0.990 0xEBCB3970
3.60 not present
int sceKernelProcUserStrcpyForDriver(SceUID pid, char *dst, const char *src);

sceKernelUserStrncpyForDriver

Version NID
0.940-0.990 0xE6D5EFE4
3.60 not present

Return 0 on success.

int sceKernelUserStrcpyForDriver(char *dst, const char *src);

sceKernelUserStrnlenForDriver

Version NID
0.940-0.990 0xFF06898A
3.60 not present
SceSize sceKernelUserStrnlenForDriver(const char *s, SceSize maxlen);

SceSysmemForDriver_F09A7D09

Version NID
0.990 0xF09A7D09
3.60 not present

Calls sceKernelGUIDCloseForDriver.

int SceSysmemForDriver_F09A7D09(SceUID uid);

Switch TTB For PID

Version NID
1.69 0x6F2ACDAE
3.60 not present

Changes the TTBR to point to the tables for a given PID.

int switch_ttb_for_pid(SceUID pid);

sceKernelRoMemcpyKernelToUserForPidForDriver

Version NID
1.69 0x571D2739
3.60 not present
int sceKernelRoMemcpyKernelToUserForPidForDriver(SceUID pid, void *dst, const void *src, SceSize size);

sceKernelAllocHeapMemoryForDriver

Version NID
0.931-3.60 0x7B4CB60A

Temp name was sceKernelMemPoolAlloc.

Calls sceKernelAllocHeapMemoryWithOptionForDriver with a3 = 0.

void* sceKernelAllocHeapMemoryForDriver(SceUID uid, SceSize size);

sceKernelAllocHeapMemoryFromGlobalHeapForDriver

Version NID
3.60 0x7750CEA7

Calls sceKernelAllocHeapMemoryForDriver with uid = -1 (global heap uid).

void* sceKernelAllocHeapMemoryFromGlobalHeapForDriver(SceSize size);

sceKernelAllocHeapMemoryFromGlobalHeapWithOptForDriver

Version NID
0.990-3.60 0x0B4ED16A

Calls sceKernelAllocHeapMemoryWithOptionForDriver with uid = -1 (global heap uid).

void* sceKernelAllocHeapMemoryFromGlobalHeapWithOptForDriver(SceSize size, SceKernelHeapMemoryOpt *pOpt);

sceKernelAllocHeapMemoryWithOptForDriver

Version NID
3.60 0xB415B5A8

Same as sceKernelAllocHeapMemoryForDriver but uses pOpt.

void* sceKernelAllocHeapMemoryWithOptForDriver(SceUID uid, SceSize size, SceKernelHeapMemoryOpt *pOpt);

sceKernelAllocHeapMemoryWithOptionForDriver

Version NID
0.990-3.60 0x49D4DD9B

Temp name was sceKernelAllocHeapMemoryWithOpt2ForDriver.

Same as sceKernelAllocHeapMemoryForDriver but uses pOpt.

void* sceKernelAllocHeapMemoryWithOptionForDriver(SceUID uid, SceSize size, SceKernelHeapMemoryOpt *pOpt);

sceKernelAllocMemBlockWithInfoForDriver

Version NID
0.990-3.60 0xD44F464D

Temp name was sceKernelAllocMemBlockExtForDriver.

SceUID sceKernelAllocMemBlockWithInfoForDriver(const char *name, SceKernelMemBlockType type, SceSize vsize, const struct SceKernelAllocMemBlockOptKernel *pOpt, SceKernelMemBlockInfo *pInfo);

sceKernelAllocMemBlockForDriver

Version NID
0.931-1.50 0x59F3159C
1.69-3.60 0xC94850C9
SceUID sceKernelAllocMemBlockForDriver(const char *name, SceKernelMemBlockType type, SceSize vsize, const struct SceKernelAllocMemBlockOptKernel *pOpt);

The interface is the same as the userland version of this function, however more types can be specified and more options are in the pOpt argument.

To allocate a kernel RW block of memory, specify type = SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_TMP_RW.

To allocate a block of memory with a specific physical address, specify type = SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_IO_SO_RW or type = SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_IO_RW, pOpt->attr = 2, and pOpt->paddr = physical address.

To allocate a block of memory that is kernel executable, specify type = SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_RX.

To allocate a block of memory that is physically contiguous, specify type = 0x30808006, pOpt->attr = 0x200004 and an alignment to pOpt->alignment.

To allocate a block of memory inside the CDRAM, specify type = 0x40404006.

sceKernelCreateClassForDriver

Version NID
3.60 0x61317102
int sceKernelCreateClassForDriver(SceClass *cls, const char *name, struct SceClass *uid_class, size_t item_size, SceClassCallback create, SceClassCallback destroy);

sceKernelCreateHeapForDriver

Version NID
0.931-3.60 0x9328E0E8

The heap pool is thread safe.

typedef struct SceKernelHeapCreateOpt { // size is 0x14 on FW 0.931-0.990, 0x28 on FW 3.60
  SceSize size;
  SceUInt32 uselock; // ex: 1, 0x100
  SceUInt32 field_8; // ex: 0x8000
  SceUInt32 field_C;
  SceUInt32 block_type;
  SceUInt32 field_14;
  SceUInt32 field_18;
  SceUInt32 field_1C;
  SceUInt32 field_20;
  SceUInt32 field_24;
} SceKernelHeapCreateOpt;

// pOpt can be NULL
SceUID sceKernelCreateHeapForDriver(const char *name, SceSize size, SceKernelHeapCreateOpt *pOpt);

sceKernelCreateUidObjForDriver

Version NID
3.60 0x56A13E90

Temp name was sceKernelCreateUidObj2ForDriver.

SceUID sceKernelCreateUidObjForDriver(SceClass *cls, const char *name, SceKernelObject **obj);

sceKernelCreateUidObjForUidForDriver

Version NID
0.990-3.60 0x89A44858

Calls sceUIDtoObjectForKernel.

SceUID sceKernelCreateUidObjForUidForDriver(SceClass *cls, const char *name, SceUID uid, SceKernelObject **obj);

scePUIDOpenByGUIDWithFlagsForDriver

Version NID
0.990-3.60 0xCED1547B

Temp name was sceKernelCreateUserUidForClassForDriver.

SceUID scePUIDOpenByGUIDWithFlagsForDriver(SceUID pid, SceUID gid, SceUInt32 flags);

scePUIDOpenByGUIDForDriver

Version NID
0.931-3.60 0xBF209859

Temp name was sceKernelCreateUserUidForDriver.

SceUID scePUIDOpenByGUIDForDriver(SceUID pid, SceUID uid);

sceKernelCreateUserUidForNameForDriver

Version NID
0.931-3.60 0x513B9DDD
SceUID sceKernelCreateUserUidForNameForDriver(SceUID pid, const char *name);

sceKernelCreateUserUidForNameWithClassForDriver

Version NID
0.931-3.60 0x8DA0BCA5
SceUID sceKernelCreateUserUidForNameWithClassForDriver(SceUID pid, const char *name, SceClass *cls);

sceKernelDeleteHeapForDriver

Version NID
0.940-3.60 0xD6437637
int sceKernelDeleteHeapForDriver(SceUID uid);

sceKernelGUIDCloseForDriver

Version NID
0.990-3.60 0x047D32F2

Temp name was sceKernelDeleteUidForDriver.

int sceKernelGUIDCloseForDriver(SceUID uid);

sceKernelPUIDCloseForDriver

Version NID
0.990-3.60 0x84A4AF5E

Temp name was sceKernelDeleteUserUidForDriver.

int sceKernelPUIDCloseForDriver(SceUID pid, SceUID uid);

sceKernelGetMemBlockMemtypeByAddrForDriver

Version NID
0.990-3.60 0xF3BBE2E1

Temp name was sceKernelFindMemBlockByAddrForDefaultSizeForDriver.

SceKernelMemoryType sceKernelGetMemBlockMemtypeByAddrForDriver(const void *addr);

sceKernelFindMemBlockByAddrForDriver

Version NID
1.69-3.60 0x8A1742F6
SceUID sceKernelFindMemBlockByAddrForDriver(const void *addr, SceSize size);

sceKernelFindProcMemBlockByAddrForDriver

Version NID
0.990-3.60 0x857F1D5A

Temp name was sceKernelFindMemBlockByAddrForPidForDriver.

SceUID sceKernelFindProcMemBlockByAddrForDriver(SceUID pid, const void *addr, SceSize size);

sceKernelFindMemBlockForDriver

Version NID
3.57 not present, added on 3.60
3.60 0x9C78064C
SceUID sceKernelFindMemBlockForDriver(int flags, void *addr, SceSize size);

sceKernelFindMemBlockProcForDriver

Version NID
3.60 0x9F6E45E3

Temp name was sceKernelFindMemBlockForPidForDriver.

SceUID sceKernelFindMemBlockProcForDriver(SceUID pid, int flags, void *addr, SceSize size);

sceKernelFirstDifferentBlock32UserForDriver

Version NID
3.60 0xBDA6E42B
int sceKernelFirstDifferentBlock32UserForDriver(unsigned int *ptr, int value, int byte_size);

sceKernelFirstDifferentBlock32UserForPidForDriver

Version NID
1.69-3.60 0x8334454F

Looks for an integer in userspace.

int sceKernelFirstDifferentBlock32UserForPidForDriver(SceUID pid, unsigned int *ptr, int value, int byte_size);

sceKernelFirstDifferentBlock64UserForDriver

Version NID
3.60 0xBB3B02C2
int sceKernelFirstDifferentBlock64UserForDriver(unsigned long long *ptr, int unused, unsigned long long value, int byte_size);

sceKernelFirstDifferentBlock64UserForPidForDriver

Version NID
3.60 0xE83855FD
int sceKernelFirstDifferentBlock64UserForPidForDriver(SceUID pid, unsigned long long *ptr, unsigned long long value, int byte_size);

sceKernelFreeHeapMemoryForDriver

Version NID
0.990-3.60 0x3EBCE343

Temp name was sceKernelMemPoolFreeForDriver.

int sceKernelFreeHeapMemoryForDriver(SceUID uid, void *ptr);

sceKernelFreeHeapMemoryFromGlobalHeapForDriver

Version NID
3.60 0xFB817A59
int sceKernelFreeHeapMemoryFromGlobalHeapForDriver(void *ptr);

sceKernelFreeMemBlockForDriver

Version NID
3.60 0x009E1C61
int sceKernelFreeMemBlockForDriver(SceUID uid);

sceKernelPUIDGetClassForDriver

Version NID
0.990-3.60 0xE9728A12

Temp name was sceKernelGetClassForPidForUidForDriver.

int sceKernelPUIDGetClassForDriver(SceUID pid, SceUID uid, SceClass **cls);

sceKernelGUIDGetClassForDriver

Version NID
0.990-3.60 0xC74B0152

Temp name was sceKernelGetClassForUidForDriver.

int sceKernelGUIDGetClassForDriver(SceUID uid, SceClass **cls);

sceKernelGetMemBlockPARangeForDriver

Version NID
0.990-3.60 0x98C15666

Previous name was sceKernelGetMemBlockAddrPairForUidForDriver

Returns the paddr and size (pRange) of the memory block if it is physically continuous.

int sceKernelGetMemBlockPARangeForDriver(SceUID uid, SceKernelPARange *pRange);

sceKernelGetMemBlockBaseForDriver

Version NID
0.990-3.60 0xA841EDDA
/**
 * @brief Get mapped base address of memory block.
 *
 * Get base address of memory block.
 * @param[in]	uid		block id
 * @param[out]	ppBase		base address of memory block
 * @retval	SCE_OK		success
 * @retval	<SCE_OK		Error
 */
int sceKernelGetMemBlockBaseForDriver(SceUID uid, void **ppBase);

sceKernelGetMemBlockVBaseForDriver

Version NID
3.60 0xB81CF0A3

Wrongly named sceKernelGetMemBlockKernelPageForDriver.

int sceKernelGetMemBlockVBaseForDriver(SceUID uid, void **kernel_page);

sceKernelGetMemBlockMappedBaseForDriver

Version NID
3.60 0x0B1FD5C3
int sceKernelGetMemBlockMappedBaseForDriver(SceUID uid, void **basep);

sceKernelGetMemBlockPAVectorForDriver

Version NID
0.990-3.60 0x19A51AC7

Temp name was sceKernelGetMemBlockPaddrListForUidForDriver.

int sceKernelGetMemBlockPAVectorForDriver(SceUID uid, SceKernelPAVector *pVector);

sceKernelPUIDGetEntryHeapNameForDriver

Version NID
0.990-3.60 0x09896EB7

Temp name was sceKernelGetNameForPidByUidForDriver. Real name might be sceKernelPUIDGetEntryHeapNameForDriver.

int sceKernelPUIDGetEntryHeapNameForDriver(SceUID pid, SceUID uid, char **name);

sceKernelGetNameForUid2ForDriver

Version NID
3.60 0xE655852F
const char* sceKernelGetNameForUid2ForDriver(SceUID uid);

sceKernelGetNameForUidForDriver

Version NID
3.60 0xA78755EB
int sceKernelGetNameForUidForDriver(SceUID uid, char **name);

sceUIDtoObjectForDriver

Version NID
0.990 0xAB7AC3D1

Calls sceUIDtoObjectForKernel.

SceKernelObject *sceUIDtoObjectForDriver(SceUID uid);

sceKernelGetObjectForPidForUidForDriver

Version NID
0.990-3.60 0xFE6D7FAE
int sceKernelGetObjectForPidForUidForDriver(SceUID pid, SceUID uid, SceKernelObject **obj);

sceKernelGetObjectForUidForAttrForDriver

Version NID
3.60 0xF6DB54BA
int sceKernelGetObjectForUidForAttrForDriver(SceUID uid, unsigned int attr, SceKernelObject **obj);

sceGUIDReferObjectWithClassLevelForDriver

Version NID
0.990-3.60 0x77066FD1

Temp name was sceKernelGetObjectForUidForClassForAttrForDriver.

int sceGUIDReferObjectWithClassLevelForDriver(SceUID uid, SceClass *pClass, uint32_t attr, SceKernelObject **pEntry);

sceKernelGetObjectForUidForClassForDriver

Version NID
3.60 0x00ED6C14

Temp name was sceKernelGetObjForUidForDriver.

int sceKernelGetObjectForUidForClassForDriver(SceUID uid, SceClass *cls, SceKernelObject **obj);

sceKernelGUIDReferObjectClassForDriver

Version NID
0.990-3.60 0x72A98D17

Temp name was sceKernelGetObjectForUidForClassTreeForDriver. Actual name might be sceKernelGUIDReferObjectClassForDriver.

int sceKernelGUIDReferObjectClassForDriver(SceUID uid, SceClass *cls, SceKernelObject **obj);

sceKernelGUIDGetObjectForDriver

Version NID
0.990-3.60 0x0FC24464

Temp name was sceKernelGetObjectForUidForDefaultClassForDriver.

int sceKernelGUIDGetObjectForDriver(SceUID uid, SceKernelObject **pEntry);

sceKernelGetObjectForUidForDriver

Version NID
3.60 0x0F5C84B7
int sceKernelGetObjectForUidForDriver(SceUID uid, SceKernelObject **obj);

sceKernelVAtoPAForDriver

Version NID
0.990-3.60 0x8D160E65

Temp name was sceKernelGetPaddrForDriver.

This will write the physical address for a virtual address pVA to memory pointed to by pPA.

Returns <0 on error, values >=0 indicate success.

int sceKernelVAtoPAForDriver(void *pVA, void **pPA);

sceKernelProcVAtoPAForDriver

Version NID
0.990 0xC51934BD
int sceKernelProcVAtoPAForDriver(SceUID pid, void *pVA, void **pPA);

sceKernelProcModeVAtoPAForDriver

Version NID
0.990-3.60 0x61A67D32

Temp name was sceKernelGetPaddrForPidForDriver.

int sceKernelProcModeVAtoPAForDriver(SceUID pid, uint32_t mode, void *pVA, void **pPA);

sceKernelVARangeToPAVectorForDriver

Version NID
0.931-3.60 0xE68BEEBD

Temp name was sceKernelGetPaddrListForDriver.

This function writes into pVector->output_buffer an array of vRange that encompasses the block of memory specified in the input. pVector->ret_count will contain the number of entries written. If pVector->output_buffer is null, it will just write the count.

int sceKernelVARangeToPAVectorForDriver(const SceKernelVARange *vRange, SceKernelPAVector *pVector);

sceKernelGetPaddrListForLargePageForDriver

Version NID
3.60 0x08A8A7E8
int sceKernelGetPaddrListForLargePageForDriver(const SceKernelVARange *vRange, SceKernelPAVector *pVector);

sceKernelGetPaddrListForSmallPageForDriver

Version NID
3.60 0x16844CE6
int sceKernelGetPaddrListForSmallPageForDriver(const SceKernelVARange *vRange, SceKernelPAVector *pVector);

sceKernelVARangeToPARangeForDriver

Version NID
0.940-3.60 0xAE36C775

Temp name was sceKernelGetPaddrPairForDriver.

int sceKernelVARangeToPARangeForDriver(const SceKernelVARange *vRange, SceKernelPARange *pRange);

sceKernelGetPaddrPairForLargePageForDriver

Version NID
3.60 0x32257A24
int sceKernelGetPaddrPairForLargePageForDriver(SceKernelVARange *pair, SceKernelPARange *result_pair);

sceKernelGetPaddrPairForSmallPageForDriver

Version NID
3.60 0xB3575090
int sceKernelGetPaddrPairForSmallPageForDriver(SceKernelVARange *pair, SceKernelPARange *result_pair);

sceKernelVAtoPABySWForDriver

Version NID
0.990-3.60 0x65419BD3

Temp name was sceKernelGetPaddrWithSectionTypeCheckForDriver. Wrong name was sceKernelAddressSpaceVAtoPABySWForDriver.

int sceKernelVAtoPABySWForDriver(void *pVA, void **pPA);

sceKernelGetPidContextForDriver

Version NID
3.60 0x2ECF7944
struct SceKernelProcessContext
{
  SceUInt32 TTBR1;
  SceUInt32 DACR;
  SceUInt32 CONTEXTIDR;
};

int sceKernelGetPidContextForDriver(SceUID pid, SceKernelProcessContext **ctx);

sceKernelGetUidClassForDriver

Version NID
3.60 0x85336A1C
SceClass *sceKernelGetUidClassForDriver();

sceKernelGetUnknownValidPhysAddressSpaceForDriver

Version NID
3.60 0xC9928F5E
int sceKernelGetUnknownValidPhysAddressSpaceForDriver(void **start, void **end);

sceKernelIsPaddrWithinSameSectionForUidForDriver

Version NID
3.60 0xF4AD89D8
int sceKernelIsPaddrWithinSameSectionForUidForDriver(SceUID pid, int permission_type, void *vaddr, unsigned int len);

sceKernelIsPaddrWithinUnknownValidPhysAddressSpaceForDriver

Version NID
3.60 0xA7C0D1FC
int sceKernelIsPaddrWithinUnknownValidPhysAddressSpaceForDriver(void *vaddr);

sceKernelKernelUidForUserUidForClassForDriver

Version NID
3.60 0x184172B1
SceUID sceKernelKernelUidForUserUidForClassForDriver(SceUID pid, SceUID user_uid, SceClass *cls);

scePUIDtoGUIDForDriver

Version NID
0.990-3.60 0x45D22597

Temp name was sceKernelKernelUidForUserUidForDriver.

Process UID to Global UID.

SceUID scePUIDtoGUIDForDriver(SceUID pid, SceUID uid);

sceKernelPartitionMapMemBlockForDriver

Version NID
0.990-3.60 0x58D21746

Temp name was sceKernelMapBlockUserVisibleForDriver.

int sceKernelPartitionMapMemBlockForDriver(SceUID uid);

sceKernelMapBlockUserVisibleWithFlagForDriver

Version NID
3.60 0x04059C4B
int sceKernelMapBlockUserVisibleWithFlagForDriver(SceUID uid, int some_flag);

sceKernelUserMapForDriver

Version NID
0.990-3.60 0x278BC201

Wrongly named sceKernelMapUserBlockDefaultTypeForDriver.

Assigns type 0.

int sceKernelUserMapForDriver(char *name, int permission, void *user_buf, int size, void **kernel_page, int *kernel_size, int *kernel_offset);

sceKernelProcUserMapForDriver

Version NID
3.60 0x0091D74D

Wrongly named sceKernelMapUserBlockForDefaultTypeForPidForDriver. sceKernelProcUserMapForDriver is certainly real name.

Assigns type 0.

int sceKernelProcUserMapForDriver(SceUID pid, const char *name, int permission, void *user_buf, int size, void **kernel_page, int *kernel_size, int *kernel_offset);

sceKernelMapUserBlockForDriver

Version NID
1.69-3.60 0x7D4F8B5F

Permission is either "1" for read only, no execute or "2"/"3" for read write, no execute. Type is either 0, 1, or 17 and affects the block type. 0 is default. This will allocate kernel memory starting at kernel_page. To get the same memory as the user pointer, add the kernel_offset. kernel_size is how much is allocated.

//this signature is for 1.69
int sceKernelMapUserBlockForDriver(int permission, int type, void *user_buf, int size, void **kernel_page, int *kernel_size, int *kernel_offset);

//this signature is for 3.60 - now allows to give a name
int sceKernelMapUserBlockForDriver(char *name, int permission, int type, void *user_buf, int size, void **kernel_page, int *kernel_size, int *kernel_offset);

sceKernelDecRefCountMemBlockForDriver

Version NID
0.990-3.60 0xF50BDC0C

Temp name was sceKernelMemBlockDecRefCounterAndReleaseUidForDriver.

int sceKernelDecRefCountMemBlockDriver(SceUID uid);

sceKernelMemBlockGetInfoExForDriver

Version NID
3.60 0x24A99FFF
int sceKernelMemBlockGetInfoExForDriver(SceUID uid, SceKernelMemBlockInfoEx *info);

sceKernelGetMemBlockInfoForDriver

Version NID
0.990-3.60 0xA73CFFEF

Temp name was sceKernelMemBlockGetInfoExForVisibilityLevelForDriver.

int sceKernelGetMemBlockInfoForDriver(SceUID uid, uint32_t level, SceKernelMemBlockInfoEx *pInfo);

sceKernelMemBlockGetSomeSizeForDriver

Version NID
3.60 0x78337B62
int sceKernelMemBlockGetSomeSizeForDriver(SceUID uid, int *some_size);

sceKernelIncRefCountMemBlockForDriver

Version NID
0.990-3.60 0xEAF3849B

Temp name was sceKernelMemBlockIncRefCounterAndReleaseUidForDriver.

int sceKernelIncRefCountMemBlockForDriver(SceUID uid);

sceKernelUserUnmapForDriver

Version NID
0.990-3.60 0x00575B00

Temp name was sceKernelMemBlockReleaseForDriver.

int sceKernelUserUnmapForDriver(SceUID uid);

sceKernelMemBlockType2MemtypeForDriver

Version NID
0.931-3.60 0x20C811FA
int sceKernelMemBlockType2MemtypeForDriver(SceKernelMemBlockType type);

sceKernelMemBlockTypeGetPrivilegesForDriver

Version NID
3.60 0x6A0792A3
int sceKernelMemBlockTypeGetPrivilegesForDriver(SceKernelMemBlockType type);

sceKernelMemBlockTypeGetUnknownForDriver

Version NID
0.990-3.60 0xCB0F3A33
int sceKernelMemBlockTypeGetUnknownForDriver(SceKernelMemBlockType type);

sceKernelMemRangeReleaseForDriver

Version NID
3.60 0x75C70DE0
int sceKernelMemRangeReleaseForDriver(void *addr, SceSize size);

sceKernelMemRangeReleaseForPidForDriver

Version NID
3.60 0xA8525B06
int sceKernelMemRangeReleaseForPidForDriver(SceUID pid, void *addr, SceSize size);

sceKernelMemRangeReleaseWithPermForDriver

Version NID
3.60 0x22CBE925

Decrease references to pages.

int sceKernelMemRangeReleaseWithPermForDriver(SceKernelMemoryRefPerm perm, void *addr, SceSize size);

sceKernelMemRangeRetainForDriver

Version NID
3.60 0x59A4402F
int sceKernelMemRangeRetainForDriver(void *addr, SceSize size);

sceKernelMemRangeRetainForPidForDriver

Version NID
3.60 0x659586BF
int sceKernelMemRangeRetainForPidForDriver(SceUID pid, void *addr, SceSize size);

sceKernelMemRangeRetainWithPermForDriver

Version NID
3.60 0xBC0A1D60

Increase references to pages.

int sceKernelMemRangeRetainWithPermForDriver(SceKernelMemoryRefPerm perm, void *addr, SceSize size);

sceKernelCopyToUserForDriver

Version NID
0.990-3.60 0x6D88EF8A

Temp name was sceKernelMemcpyKernelToUserForDriver.

int sceKernelCopyToUserForDriver(void *dst, const void *kern_src, SceSize len);

sceKernelCopyoutProcForDriver

Version NID
0.990-3.60 0x6B825479

Temp name was sceKernelMemcpyKernelToUserForPidForDriver.

This will not crash on invalid user pointers, but instead return error.

int sceKernelCopyoutProcForDriver(SceUID pid, void *dst, const void *src, SceSize size);

sceKernelMemcpyKernelToUserForPidUncheckedForDriver

Version NID
1.69-3.60 0xFED82F2D
int sceKernelMemcpyKernelToUserForPidUncheckedForDriver(SceUID pid, void *dst, const void *kern_src, SceSize size);

sceKernelCopyFromUserForDriver

Version NID
0.931-3.60 0xBC996A7A

Temp name was sceKernelMemcpyUserToKernelForDriver.

int sceKernelCopyFromUserForDriver(void *dst, const void *src, SceSize size);

sceKernelProcCopyFromUserForDriver

Version NID
0.990-3.60 0x605275F8

Temp name was sceKernelMemcpyUserToKernelForPidForDriver.

int sceKernelProcCopyFromUserForDriver(SceUID pid, void *dst, void *src, SceSize size);

sceKernelMemcpyUserToUserForDriver

Version NID
3.60 0x1BD44DD5
int sceKernelMemcpyUserToUserForDriver(void *dst, const void *src, SceSize size);

sceKernelMemcpyUserToUserForPidForDriver

Version NID
1.69-3.60 0x8E086C33
int sceKernelMemcpyUserToUserForPidForDriver(SceUID pid, void *dst, const void *src, SceSize size);

sceUIDOpenByNameForDriver

Version NID
0.931-0.990 0x796881D6
3.60 not present

Calls sceGUIDOpenByNameForDriver.

SceUID sceUIDOpenByNameForDriver(const char *name);

sceGUIDOpenByNameForDriver

Version NID
0.931-3.60 0xD76E7452

Temp name was sceKernelOpenUidForNameForDriver.

SceUID sceGUIDOpenByNameForDriver(const char *name);

sceKernelRemapMemBlockForDriver

Version NID
0.931-1.05 0x8D332AE1
1.69-3.60 0xDFE2C8CB

Temp name was sceKernelRemapBlockForDriver.

This can be used to remap RW memory as RX. To do this, first allocate a memory block of type SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_RW. After you are done writing, call sceKernelRemapMemBlockForDriver with type SCE_KERNEL_MEMBLOCK_TYPE_KERNEL_RX.

int sceKernelRemapMemBlockForDriver(SceUID uid, SceKernelMemBlockType type);

sceKernelPUIDSetNameForDriver

Version NID
0.990-3.60 0x12624884

Temp name was sceKernelSetNameForPidForUidForDriver.

int sceKernelPUIDSetNameForDriver(SceUID pid, SceUID uid, const char *name);

scePUIDSetNameForDriver

Version NID
0.931-3.60 0x4CFA4100

Temp name was sceKernelSetObjectForUidForDriver.

int scePUIDSetNameForDriver(SceUID pid, const char *name);

sceKernelStrnlenUserForDriver

Version NID
1.69-3.60 0xB429D419
int sceKernelStrnlenUserForDriver(uintptr_t usr_addr, SceSize maxlen);

sceKernelStrnlenUserForPidForDriver

Version NID
1.69-3.60 0x9929EB07
int sceKernelStrnlenUserForPidForDriver(SceUID pid, uintptr_t usr_addr, SceSize size);

sceKernelStrncpyKernelToUserForDriver

Version NID
1.69-3.60 0x80BD6FEB
int sceKernelStrncpyKernelToUserForDriver(char* usr_dst, const void *kern_src, SceSize maxlen);

sceKernelStrncpyKernelToUserForPidForDriver

Version NID
1.69-3.60 0x75AAF178
int sceKernelStrncpyKernelToUserForPidForDriver(SceUID pid, char *usr_dst, const char *kern_src, SceSize size);

sceKernelStrncpyUserToKernelForDriver

Version NID
1.69-3.60 0xDB3EC244
int sceKernelStrncpyUserToKernelForDriver(void *kern_dst, uintptr_t usr_src, SceSize maxlen);

sceKernelSwitchPidContextForDriver

Version NID
3.60 0x2D711589
int sceKernelSwitchPidContextForDriver(SceKernelProcessContext *new_context, SceKernelProcessContext *prev_context);

sceKernelUidReleaseForDriver

Version NID
3.60 0x149885C4
int sceKernelUidReleaseForDriver(SceUID uid);

sceKernelUnmapMemBlockForDriver

Version NID
3.60 0xFFCD9B60
int sceKernelUnmapMemBlockForDriver(SceUID uid);

sceKernelGetPhysicalMemoryTypeForDriver

Version NID
0.990-3.60 0x0AAA4FDD

Temp name was sceKernelVaddrMaybeGetSectionTypeForDriver

int sceKernelGetPhysicalMemoryTypeForDriver(void *vaddr);

some_memblock_operation

Version NID
3.60 0x13805CA8
int some_memblock_operation(SceUID uid, int a2, int a3, int a4);

some_memblock_operation

Version NID
3.60 0x16713BE8

Same as above but with different flags.

int some_memblock_operation(SceUID uid, int a2, int a3, int a4);

some_memblock_operation

Version NID
3.60 0x16713BE8

Same as above but with different flags.

int some_memblock_operation(SceUID uid, int a2, int a3, int a4);

some_memblock_operation

Version NID
3.60 0x4C584B29

Same as above but with different flags.

int some_memblock_operation(SceUID uid, int a2, int a3, int a4);

some_memblock_operation

Version NID
3.60 0x6C76AD89

Same as above but with different flags.

int some_memblock_operation(SceUID uid, int a2, int a3, int a4);

some_memblock_operation

Version NID
3.60 0x8C43B052

Same as above but with different flags.

int some_memblock_operation(SceUID uid, int a2, int a3, int a4);

sceKernelGetMemBlockProcessForDriver

Version NID
0.990-3.60 0x1EFC96EA
int sceKernelGetMemBlockProcessForDriver(SceUID uid);

memblock_related_operation

Version NID
3.60 0x64DBE472
int memblock_related_operation(SceUID uid, int a2);

memblock_related_operation

Version NID
3.60 0x987EE587
struct result_987ee587
{
  int unk0;
  int unk4;
  int unk8;
  int unkC;
  int unk10;
};

int memblock_related_operation(SceUID uid, result_987ee587 *result);

SceSysmemForDriver_856fa2e3

Version NID
3.60 0x856FA2E3
int SceSysmemForDriver_856fa2e3(SceUID uid);

sceKernelGetPhyMemInfoForDriver

Version NID
0.931-3.60 0x89475192
typedef struct SceKernelPhyMemInfo { // Size is 0xC on 0.931-3.60
  SceSize size; // Size of this structure
  uint32_t unk4; 
  uint32_t unk8;
} SceKernelPhyMemInfo;

// as of FW 0.931-0.990, pindex must be one of these values: 1 PhyPartKernel, 8 PageVenezia, 9 PageVIP
#define SCE_KERNEL_PHYMEMPART_KERNEL_INDEX 1
#define SCE_KERNEL_PHYMEMPART_LPDDR2MAIN_KERNEL_INDEX 6
#define SCE_KERNEL_PAGE_VENEZIA_INDEX 8
#define SCE_KERNEL_PAGE_VIP_INDEX 9

int sceKernelGetPhyMemInfoForDriver(uint32_t pindex, SceKernelPhyMemInfo *pInfo);

sceKernelVerifyHeapForDriver

Version NID
0.990-3.60 0xC50A9C0D
int sceKernelVerifyHeapForDriver(SceUID uid, void *ptr);

SceSysmemForDebugger

This library was removed somewhere between 1.692 and 3.60.

sceKernelPhysicalAddressSpaceStartForDebugger

Version NID
0.931 0x6AE2188F
3.60 not present
int sceKernelPhysicalAddressSpaceStartForDebugger(void);

sceKernelGetPhysicalAddressSpaceForDebugger

Version NID
0.931 0xE8905626
3.60 not present

In FW 0.931 calls sceKernelPhysicalAddressSpaceStartForDebugger.

void *sceKernelGetPhysicalAddressSpaceForDebugger(void);

sceKernelIsAccessibleRangeProcForDebugger

Version NID
0.990-1.50 0x01DFC193
3.60 not present
int sceKernelIsAccessibleRangeProcForDebugger(SceUID pid, SceUInt32 mode, const void *pVA, SceSize size);

sceKernelIsAccessibleRangeForDebugger

Version NID
0.931-1.50 0xD027761F
3.60 not present
int sceKernelIsAccessibleRangeForDebugger(SceUInt32 mode, const void *pVA, SceSize size);

SceSysmem

The SceSysmem library is responsible for both low-level and high-level memory management. There are functions for allocating raw blocks of memory (similar to Linux sbrk) as well as functions for maintaining a heap-like structure (similar to malloc) for kernel, however SceLibKernel implements a proper heap and that is used for user code.

sceKernelMapMemBlock

Version NID
0.990-1.69 0x7B763A21
3.60 not present

sceKernelRemapMemBlock

Version NID
0.990-1.69 0x3B29E0F5
3.60 not present

sceKernelPartialMapMemBlock

Version NID
0.990 not present
1.69 0xC0A59868
3.60 not present

sceKernelUnmapMemBlock

Version NID
0.990-1.69 0xEE30D976
3.60 not present
int sceKernelUnmapMemBlock(SceUID uid);

sceKernelPartialUnmapMemBlock

Version NID
0.990 not present
1.69 0xCA99929B
3.60 not present

sceKernelGetMemBlockInfoByRange

Version NID
0.990 not present
0.996-3.60 0x006F3DB4
/**
 * @brief Get memory block informaton by virtual address range

 * @param[in]		vbase	base address
 * @param[in]		vsize   size
 * @param[inout]	pInfo	information structure
 */
int sceKernelGetMemBlockInfoByRange(void *vbase, SceSize vsize, SceKernelMemBlockInfo *pInfo);

sceKernelGetMemBlockInfoByAddr

Version NID
0.990-3.60 0x4010AD65
/**
 * @brief Get memory block information.
 *
 * Get information about a memory block.
 * @param[in]		vbase	Base address
 * @param[inout]	pInfo	Information structure
 */
int sceKernelGetMemBlockInfoByAddr(void *vbase, SceKernelMemBlockInfo *pInfo);

sceKernelGetSubbudgetInfo

Version NID
0.990 not present
1.69-3.60 0x832B4A65
typedef struct SceKernelSubbudgetInfo { // size is 0xC
  int size; // Size of this structure
  int unk_4;
  int unk_8;
} SceKernelSubbudgetInfo;

int sceKernelGetSubbudgetInfo(int unk_boolean, SceKernelSubbudgetInfo *pInfo);

sceKernelGetFreeMemorySize

Version NID
1.69-3.60 0x87CC580B
/**
 * Get free memory size
 */
int sceKernelGetFreeMemorySize(SceKernelFreeMemorySizeInfo *info);

sceKernelOpenMemBlock

Version NID
0.990-3.60 0x8EB8DFBB
// on FW <= 1.691, flags is not used
SceUID sceKernelOpenMemBlock(const char *name, int flags);

sceKernelFindMemBlockByAddr

Version NID
0.990-3.60 0xA33B99D1
/**
 * Find memory block by virtual range (base address and size)
 * If size == 0, API returns a memory block which contains 'start'
 * If size > 0, API returns a memory block just fit range [start, start + size].
 * @param[in]	vaddr		base address
 * @param[in]	size		address size
 * @retval	>=SCE_OK	block id
 * @retval	<SCE_OK		error
 */
SceUID sceKernelFindMemBlockByAddr(void *vaddr, SceSize size);

sceKernelFreeMemBlock

Version NID
0.990-3.60 0xA91E15EE
/**
 * Free memory block.
 *
 * @param[in]	uid		block uid
 * @retval	SCE_OK		Success
 * @retval	<SCE_OK		Error code
 */
int sceKernelFreeMemBlock(SceUID uid);

sceKernelFreeMemBlockForVM

Version NID
3.60 0x4EA13FEA
int sceKernelFreeMemBlockForVM(SceUID uid);

sceKernelCloseMemBlock

Version NID
0.990-3.60 0xB680E3A0
int sceKernelCloseMemBlock(SceUID uid);

sceKernelGetMemBlockBase

Version NID
0.996-3.60 0xB8EF5818
/**
 * @brief Get mapped base address of memory block.
 *
 * Get base address of memory block.
 * @param[in]	uid		block id
 * @param[out]	ppBase		base address of memory block
 * @retval	SCE_OK		success
 * @retval	<SCE_OK		Error
 */
int sceKernelGetMemBlockBase(SceUID uid, void **ppBase);

sceKernelAllocMemBlock

Version NID
0.990-3.60 0xB9D5EBDE
/**
 * Reserve a new memory block.
 *
 * The memory types that can be specified for type are as follows.
 * - SCE_KERNEL_MEMBLOCK_TYPE_USER_RW
 * - SCE_KERNEL_MEMBLOCK_TYPE_USER_RW_UNCACHE
 * - SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_PHYCONT_RW
 * - SCE_KERNEL_MEMBLOCK_TYPE_USER_MAIN_PHYCONT_NC_RW
 * - SCE_KERNEL_MEMBLOCK_TYPE_USER_CDRAM_RW
 *
 * Allocate a memory block.
 *
 * @param[in]		name		Memory block name
 * @param[in]		vsize		Memory block virtual size
 * @param[in]		flags		Options
 * @retval		id		UID of memory block
 * @retval		<SCE_OK		Error code
 */
SceUID sceKernelAllocMemBlock(const char *name, SceKernelMemBlockType type, SceSize vsize, const struct SceKernelAllocMemBlockOpt *pOpt);

sceKernelAllocUnmapMemBlock

Version NID
3.60 0xEC636BCB
int sceKernelAllocUnmapMemBlock(char *name, SceSize size);

sceKernelOpenVMDomain

Version NID
1.69-3.60 0x9CA3EB2B
int sceKernelOpenVMDomain();

sceKernelSyncVMDomain

Version NID
1.69-3.60 0x19D2A81A
int sceKernelSyncVMDomain(SceUID uid, void *data, SceSize size);

sceKernelCloseVMDomain

Version NID
1.69-3.60 0xD6CA56CA
int sceKernelCloseVMDomain();

sceKernelAllocMemBlockForVM

Version NID
1.69-3.60 0xE2D7E137
SceUID sceKernelAllocMemBlockForVM(const char *name, SceSize vsize);

sceKernelCheckModelCapability

Version NID
3.60 0x0144FBD9
int sceKernelCheckModelCapability(int bit);

sceKernelGetModelForCDialog

Version NID
3.60 0xA2CB322F
int sceKernelGetModelForCDialog();

sceKernelGetModel

Version NID
3.60 0xD0D4F729
int sceKernelGetModel();

sceKernelIsPSVitaTV

Version NID
3.60 0x1453A5E5
int sceKernelIsPSVitaTV();

SceDipsw

sceKernelCheckDipsw

Version NID
1.69-3.60 0x1C783FB2

sceKernelClearDipsw

Version NID
1.69-3.60 0x800EDCC1

sceKernelSetDipsw

Version NID
1.69-3.60 0x817053D4

SceDipswForDriver

sceKernelCheckDipswForDriver

Version NID
3.60 0xA98FC2FD
sceKernelCheckDipswForDriver(int bit);

sceKernelGetDipswInfoForDriver

Version NID
3.60 0xB2AD48BE

return *(int *)(dipsw_addr + 4 * info_id);

0 0x40 0x4 DevKit CP timestamp 1

1 0x44 0x2 DevKit CP Version

2 0x46 0x2 DevKit CP Build ID

3 0x48 0x4 DevKit CP timestamp 2 (strangely also set on Retail and TesKit)

int sceKernelGetDipswInfoForDriver(int info_id);

sceKernelClearDipswForDriver

Version NID
3.60 0xF1F3E9FE
sceKernelClearDipswForDriver(int bit);

sceKernelSetDipswForDriver

Version NID
3.60 0x82E45FBF
sceKernelSetDipswForDriver(int bit);

SceUartForKernel

sceKernelUartInitForKernel

Version NID
0.9313.60 0xA9C74212

Temp name was sceUartInitForKernel.

It initializes the clock generator registers for the port. The default baud rate is 115200 for ports 0-5 and 250000 for port 6.

int sceKernelUartInitForKernel(int port);

sceKernelUartReadAvailableForKernel

Version NID
0.990 not present
3.60 0x38DB7629

Temp name was sceUartReadAvailableForKernel.

Returns the number of words available to read from the read FIFO.

int sceKernelUartReadAvailableForKernel(int port);

sceKernelUartReadForKernel

Version NID
0.931-3.60 0x9BBF1255

Temp name was sceUartReadForKernel.

int sceKernelUartReadForKernel(int port);

sceKernelUartWriteForKernel

Version NID
0.931-3.60 0x41973874

Temp name was sceUartWriteForKernel.

int sceKernelUartWriteForKernel(int port, char c);

sceKernelUartPutcharForKernel

Version NID
0.931-0.990 0xAF243C6A
3.60 not present
int sceKernelUartPutcharForKernel(char c);

SceCpu

This library provides wrapper for much ARM CP15 co-processor access as well as low level support of spinlocks and other synchronization primitives.

sceKernelCpuGetCpuId

Version NID
1.69-3.60 0x2704CFEE

Return the CPU ID of the current core.

int sceKernelCpuGetCpuId(void);

SceCpuForKernel

sceKernelSendEventForKernel

Version NID
0.990 0x45885327
3.60 not present
void sceKernelSendEventForKernel(void);

sceKernelWaitForEventForKernel

Version NID
0.931 0xD2629465
3.60 not present
void sceKernelWaitForEventForKernel(void);

sceKernelMMUIsValidMapForKernel

Version NID
0.931 0x4891F923
3.60 not present
int sceKernelMMUIsValidMapForKernel(SceKernelMMUContext *context, const void *vbase, SceSize size, const void *pbase);

sceKernelMMUIsValidUnmapForKernel

Version NID
0.931 0x60EA8433
3.60 not present
int sceKernelMMUIsValidUnmapForKernel(SceKernelMMUContext *context, const void *vbase, SceSize size);

sceKernelPrintCpuModeForKernel

Version NID
0.931 0xDC99515C
3.60 not present

get_mmu_l1_info

Version NID
0.931 0x9D346F87
3.60 not present
int get_mmu_l1_info(int a1, void *addr, void *pInfo);

get_mmu_l2_info

Version NID
0.931 0x247629A7
3.60 not present
int get_mmu_l2_info(int a1, void *addr, void *pInfo);

sceKernelTlsKernelSetForKernel

Version NID
0.940 0x7A180AA4
3.60 not present
// thread_index must be < 8
void *sceKernelTlsKernelSetForKernel(SceUInt32 thread_index, void *tls);

sceKernelTlsKernelGetForKernel

Version NID
0.940 0x28E080BC
3.60 not present
// thread_index must be < 8
void *sceKernelTlsKernelGetForKernel(SceUInt32 thread_index);

sceKernelCallRoundupDCacheLineFuncForKernel

Version NID
0.990 0xED512F50
3.60 not present

Calls the function previously registered by sceKernelGetRoundupDCacheLineFuncForKernel.

int sceKernelCallRoundupDCacheLineFuncForKernel(int a1);

sceKernelGetRoundupDCacheLineFuncForKernel

Version NID
0.990 0x66C3AA93
3.60 not present

Uses CTR and CTR-DMINLINE to determine which function to return.

(int sceKernelCallRoundupDCacheLineFuncForKernel(int) *) sceKernelGetRoundupDCacheLineFuncForKernel(void);

sceKernelVMWrite8ForKernel

Version NID
0.931 0xA3C65664
3.60 not present
int sceKernelVMWrite8ForKernel(uint8_t *dest, uint8_t val);

sceKernelVMWrite16ForKernel

Version NID
0.931 0xBF38A460
3.60 not present
int sceKernelVMWrite16ForKernel(uint16_t *dest, uint16_t val);

sceKernelVMWrite32ForKernel

Version NID
0.931 0x04D129B2
3.60 not present
int sceKernelVMWrite32ForKernel(uint32_t *dest, uint32_t val);

sceKernelVMReadUser8ForKernel

Version NID
0.990 0x942B92C3
3.60 not present
int sceKernelVMReadUser8ForKernel(uint8_t *dest, uint8_t *psrc);

sceKernelVMReadUser16ForKernel

Version NID
0.990 unk
3.60 unk
int sceKernelVMReadUser16ForKernel(uint16_t *dest, uint16_t *psrc);

sceKernelVMReadUser32ForKernel

Version NID
0.990 0x6091086F
3.60 not present
int sceKernelVMReadUser32ForKernel(uint32_t *dest, uint32_t *psrc);

sceKernelVMRead8ForKernel

Version NID
0.990 0xA2F0FE9D
3.60 not present
int sceKernelVMRead8ForKernel(uint8_t *dest, uint8_t *psrc);

sceKernelVMRead16ForKernel

Version NID
0.990 0xF31D4D10
3.60 not present
int sceKernelVMRead16ForKernel(uint16_t *dest, uint16_t *psrc);

sceKernelVMRead32ForKernel

Version NID
0.990 0x316574B1
3.60 not present
int sceKernelVMRead32ForKernel(uint32_t *dest, uint32_t *psrc);

sceKernelMMUMapSectionsForKernel

Version NID
0.931-0.990 0x868B471A
3.60 not present
int sceKernelMMUMapSectionsForKernel(const void *ttbr, SceKernelMemoryType code, void *vaddr, SceSize vsize, void *paddr);

sceKernelMMUMapSupersectionsForKernel

Version NID
0.931-0.990 0x0D9DA15F
3.60 not present
int sceKernelMMUMapSupersectionsForKernel(const void *ttbr, SceKernelMemoryType code, void *vaddr, SceSize vsize, void *paddr);

sceKernelMMUMapSmallPagesForKernel

Version NID
0.931-0.990 0xB953E022
3.60 not present
int sceKernelMMUMapSmallPagesForKernel(const void *table, SceKernelMemoryType code, void *vbase, SceUInt32 voffset, SceSize vsize, void *paddr);

sceKernelMMUMapSmallPageForKernel

Version NID
0.931-0.990 0xCC7C16F8
3.60 not present
int sceKernelMMUMapSmallPageForKernel(const void *table, SceKernelMemoryType code, void *vbase, SceUInt32 voffset, void *paddr);

sceKernelMMUMapLargePagesForKernel

Version NID
0.931-0.990 0x78D32D38
3.60 not present
int sceKernelMMUMapLargePagesForKernel(const void *table, SceKernelMemoryType code, void *vbase, SceUInt32 voffset, SceSize vsize, void *paddr);

sceKernelMMUUnmapSectionsWithFlagsForKernel

Version NID
0.931-0.990 0xFC657FD1
3.60 not present
int sceKernelMMUUnmapSectionsWithFlagsForKernel(const void *table, uint32_t maybe_ttbr0, void *vbase, SceSize vsize, SceUInt32 flags);

sceKernelMMUUnmapSupersectionsWithFlagsForKernel

Version NID
0.931-0.990 0x0E4D29C6
3.60 not present
int sceKernelMMUUnmapSupersectionsWithFlagsForKernel(const void *table, uint32_t maybe_ttbr0, void *vbase, SceSize vsize, SceUInt32 flags);

sceKernelMMUUnmapSmallPagesWithFlagsForKernel

Version NID
0.931-0.990 0x11EBA8CE
3.60 not present
int sceKernelMMUUnmapSmallPagesWithFlagsForKernel(const void *table, uint32_t maybe_ttbr0, void *vbase, SceUInt32 voffset, SceSize vsize, SceUInt32 flags);

sceKernelMMUUnmapLargePagesWithFlagsForKernel

Version NID
0.931-0.990 0x44319918
3.60 not present
int sceKernelMMUUnmapLargePagesWithFlagsForKernel(const void *table, uint32_t maybe_ttbr0, void *vbase, SceUInt32 voffset, SceSize vsize, SceUInt32 flags);

sceKernelMMUL1VAtoPABySWForKernel

Version NID
0.990 0x8E4ECF17
3.60 not present
int sceKernelMMUL1VAtoPABySWForKernel(const void *table, void *pVA, void **pPA);

sceKernelMMUSetL2PageTableForKernel

Version NID
0.990 0xAECA0820
3.60 not present
int sceKernelMMUSetL2PageTableForKernel(const void *ttbr, const void *map, const void *pbase);

sceKernelMMUUnsetL2PageTableeForKernel

Version NID
0.990 0xCB519DF3
3.60 not present
int sceKernelMMUUnsetL2PageTableForKernel(const void *ttbr, const void *PTE);

SceCpuForKernel_CA4124DE

Version NID
0.990 0xCA4124DE
3.60 not present

Returns 1, 2 or 6 based on some page/section properties.

int SceCpuForKernel_CA4124DE(const void *table, void *pVA, void **pPA);

sceKernelMMUGetContextForKernel

Version NID
0.931 0x211B89DA
3.60 not present

Temp name was sceKernelCpuSaveContextForKernel.

typedef struct SceKernelMMUContext { // size is 0xC on FW 0.931
  uint32_t unk_0;
  uint32_t unk_4;
  uint32_t unk_8;
} SceKernelMMUContext;

int sceKernelMMUGetContextForKernel(SceKernelMMUContext *context);

sceKernelMMUChangeContextForKernel

Version NID
0.931 0x0A4F0FB9
3.60 not present

Temp name was sceKernelCpuRestoreContextForKernel.

int sceKernelMMUChangeContextForKernel(SceKernelMMUContext *context);

sceKernelCpuGetCONTEXTIDRForKernel

Version NID
3.60 0x5B6B3274

The CONTEXTIDR, bits [31:0] contain the process ID number.

  return (unsigned __int8)__mrc(15, 0, 13, 0, 1); // Read CONTEXTIDR (Context ID Register)
void sceKernelCpuGetCONTEXTIDRForKernel(void);

sceKernelCpuUpdateSCTLRForKernel

Version NID
3.60 0x04008CF7
  int result;
  result = __mrc(15, 0, 1, 0, 0) | 0x1806; // Read SCTLR (System Control Register)
  __mcr(15, 0, result, 1, 0, 0); // Write SCTLR (System Control Register)
  return result;
void sceKernelCpuUpdateSCTLRForKernel(void); // SCTLR (System Control Register)

sceKernelCpuBranchPredictorInvalidateAllISForKernel

Version NID
3.60 0x1BB2BB8D
void sceKernelCpuBranchPredictorInvalidateAllISForKernel(void); // BPIALLIS, Branch predictor invalidate all (IS)

sceKernelCpuBranchPredictorInvalidateAllForKernel

Version NID
3.60 0x4C4C7D6B
void sceKernelCpuBranchPredictorInvalidateAllForKernel(void); // BPIALL, Branch predictor invalidate all

sceKernelCpuDcacheInvalidateMVACForKernel

Version NID
3.60 0x470EAE1E
void sceKernelCpuDcacheInvalidateMVACForKernel(int mva); // DCIMVAC, Data cache invalidate by MVA (PoC)

sceKernelCpuDcacheInvalidateMVACRangeForKernel

Version NID
3.60 0x583F30D1
void sceKernelCpuDcacheInvalidateMVACRangeForKernel(void *addr, unsigned int size); // DCIMVAC, Data cache invalidate by MVA (PoC)

sceKernelDcacheWritebackInvalidateRangeForKernel

Version NID
0.931-3.60 0x6BA2E51C

Temp name was sceKernelCpuDcacheCleanInvalidateMVACRangeForKernel, sceKernelCpuDcacheWritebackInvalidateRangeForKernel.

// DCCIMVAC, Data cache clean and invalidate by MVA (PoC)
void sceKernelDcacheWritebackInvalidateRangeForKernel(const void *addr, unsigned int size);

sceKernelCpuDcacheInvalidateSWForKernel

Version NID
3.60 0x2F3BF020
void sceKernelCpuDcacheInvalidateSWForKernel(void); // DCISW, Data cache invalidate by set/way (all the cache)

sceKernelCpuDcacheCleanSWForKernel

Version NID
3.60 0x73A30DB2
void sceKernelCpuDcacheCleanSWForKernel(void); // DCCSW, Data cache clean by set/way (all the cache)

sceKernelCpuDcacheCleanInvalidateSWForKernel

Version NID
3.60 0x76DAB4D0
void sceKernelCpuDcacheCleanInvalidateSWForKernel(void); // DCCISW, Data cache clean and invalidate by set/way (all the cache)

sceKernelCpuDcacheCleanMVACForKernel

Version NID
3.60 0xF7159B55
void sceKernelCpuDcacheCleanMVACForKernel(int mva); // DCCMVAC, Data cache clean by MVA (PoC)

sceKernelCpuDcacheCleanMVACRangeForKernel

Version NID
3.60 0xC5C1EE4E
void sceKernelCpuDcacheCleanMVACRangeForKernel(void *addr, unsigned int size); // DCCMVAC, Data cache clean by MVA (PoC)

sceKernelCpuDcacheCleanInvalidateMVACForKernel

Version NID
3.60 0xC8E8C9E9
void sceKernelCpuDcacheCleanInvalidateMVACForKernel(int mva); // DCCIMVAC, Data cache clean and invalidate by MVA (PoC)

sceKernelCpuIcacheInvalidateAllUISForKernel

Version NID
3.60 0x264DA250
void sceKernelCpuIcacheInvalidateAllUISForKernel(void); // ICIALLUIS, Instruction cache invalidate all (PoU, IS)

sceKernelCpuIcacheInvalidateAllUForKernel

Version NID
3.60 0xAEE0B489
void sceKernelCpuIcacheInvalidateAllUForKernel(void); // ICIALLU, Instruction cache invalidate all (PoU)

sceKernelCpuIcacheInvalidateMVAURangeForKernel

Version NID
0.931-3.60 0xF4C7F578

Temp name was sceKernelCpuIcacheInvalidateRangeForKernel.

// ICIMVAU, Instruction cache invalidate by MVA (PoU)
void sceKernelCpuIcacheInvalidateMVAURangeForKernel(void *start, SceSize size);

sceKernelIcacheInvalidateRangeForKernel

Version NID
0.931-3.60 0x19F17BD0
3.65-3.68 0x73E895EA

Temp name was sceKernelCpuIcacheAndL2InvalidateMVAURangeForKernel, sceKernelCpuIcacheAndL2WritebackInvalidateRangeForKernel.

int sceKernelIcacheInvalidateRangeForKernel(void *start, SceSize size);

sceKernelCpuPreloadEngineKill

Version NID
3.60 0xD0D85FF8
  • NSACR (Non-Secure Access Control Register)
  • Test bit NS access to the Preload Engine resources
  • [>] PLEFF (Preload Engine FIFO flush operation)
  • [>] PLEKC (Preload Engine kill channel operation)
  • [<] PLEASR (Preload Engine Activity Status Register)
int sceKernelCpuPreloadEngineKill(void);

sceKernelCpuUnrestrictedMemcpyForKernel

Version NID
1.69-3.60 0x8C683DEC

Unrestricted memcpy by first setting the DACR register to 0xFFFF0000 and then doing a memcpy.

int sceKernelCpuUnrestrictedMemcpyForKernel(void *dest, const void *src, size_t len);

sceKernelMMUVAtoPAWithModeForKernel

Version NID
0.931-3.60 0x67343A07

Temp name was sceKernelCpuGetPaddrWithMaskForKernel.

mode (maskPAR) is usually 0x33, sometimes 2.

int sceKernelMMUVAtoPAWithModeForKernel(int mode, void *pVA, void **ppPA);

sceKernelMMUCheckRangeWithModeForKernel

Version NID
0.931 0xCCDA3B8C
3.60 not present

Return 0 if all pages are valid, < 0 else.

int sceKernelMMUCheckRangeWithModeForKernel(int mode, void *start, SceSize size);

sceKernelMMUVAtoPAForKernel

Version NID
0.931-3.60 0x2A46E800

Temp name was sceKernelCpuGetPaddrForKernel.

Uses mode (maskPAR) 0x33.

This will write the physical address for a virtual address pVA to memory pointed to by pPA.

Returns <0 on error, values >=0 indicate success.

int sceKernelMMUVAtoPAForKernel(void *pVA, void **pPA);

sceKernelCpuForKernel_9B8173F4

Version NID
3.60 0x9B8173F4

Might be get_vaddr_memory_type.

Return value can be:

  • 2
  • 8
  • 0x40
  • 0x80
  • 0xD0
  • 0x80022007 (SCE_KERNEL_ERROR_VA2PA_FAULT)
int sceKernelCpuForKernel_9B8173F4(void *vaddr);

SceCpuForKernel_A5C9DBBA

Version NID
3.60 0xA5C9DBBA

Changes addr.cpuId and addr.unk_4.

int SceCpuForKernel_A5C9DBBA(CpuUnkStruct *addr);

SceCpuForKernel_9D72DD1B

Version NID
0.931-3.60 0x9D72DD1B

Overrides cpuId in addr structure. Maybe changes core.

int SceCpuForKernel_9D72DD1B(CpuUnkStruct *addr, int cpuid);

SceCpuForKernel_4CD4D921

Version NID
0.931-3.60 0x4CD4D921
*(uint32_t *)addr = 1;
*((uint16_t *)addr + 2) = 4;
*((uint16_t *)addr + 3) = 4;

aka write 01 00 00 00 04 00 04 00 at addr.

typedef struct CpuUnkStruct {
  uint32_t unk_0; // ex: 1
  uint16_t unk_4; // ex: 4, is decremented
  uint16_t cpuId; // 0, 1, 2 or 3 for actual CPU ids, 4 for disabled
} CpuUnkStruct;

int SceCpuForKernel_4CD4D921(CpuUnkStruct *addr);

SceCpuForKernel_43CC6E20

Version NID
3.60 0x43CC6E20

DACR off

Does some memory copies between the args.

int SceCpuForKernel_43CC6E20(void *addr, int a2, int a3, int a4);

sceCpuUnrestrictedBzeroIntForKernel

Version NID
3.60 0x76EB0DD4

DACR off

int sceCpuUnrestrictedBzeroIntForKernel(int *addr);

SceCpuForKernel_337473B5

Version NID
0.931-3.60 0x337473B5

DACR off

If addr.unk_0 equals 0, changes addr.unk_0 to new_val, else increase addr.unk_4.

int SceCpuForKernel_337473B5(CpuUnkStruct *addr, unsigned int new_val);

sceKernelCpuAtomicSubIfGreater64ForKernel

Version NID
3.60 0x37FBFD12

DACR is not disabled

int sceKernelCpuAtomicSubIfGreater64ForKernel(unsigned long long *a1, unsigned int a2);

sceKernelCpuAtomicLimit64ForKernel

Version NID
3.60 0x6190A018

DACR is not disabled

int sceKernelCpuAtomicLimit64ForKernel(unsigned long long *result, int limit);

sceKernelCpuAtomicAdd32AndGet64InRangeForKernel

Version NID
3.60 0xD8A7216C

DACR is not disabled

int sceKernelCpuAtomicAdd32AndGet64InRangeForKernel(unsigned long long *val, int add_val, int limit);

sceKernelCpuAtomicAdd32AndGet64InHiLoRangeForKernel

Version NID
3.60 0xD37AABE5

DACR is not disabled

int sceKernelCpuAtomicAdd32AndGet64InHiLoRangeForKernel(unsigned long long *val, int add_val, int limit);

sceKernelCpuAtomicGet32AndSet64ForKernel

Version NID
0.990 not present
3.60 0x4553FBDE

DACR is not disabled

int sceKernelCpuAtomicGet32AndSet64ForKernel(unsigned long long *result, int src);

sceKernelCpuAtomicGet32AndSet64_2ForKernel

Version NID
0.990 not present
3.60 0x7FB4E7AC

Exact same code as SceCpuForKernel_4553FBDE.

DACR is not disabled

int sceKernelCpuAtomicGet32AndSet64_2ForKernel(unsigned long long *result, int src);

sceKernelCpuAtomicDecIfLowPositive32ForKernel

Version NID
3.60 0x8510FA52

DACR is not disabled

int sceKernelCpuAtomicDecIfLowPositive32ForKernel(unsigned int *addr);

sceKernelCpuAtomicHiLoAlgorithmForKernel

Version NID
3.60 0x5F64E5ED

DACR is not disabled

Returns current value (high + low), and sets it to max_low.

int sceKernelCpuAtomicHiLoAlgorithmForKernel(SceUInt32 *max_low);

sceKernelCpuAtomicAddAndGetPositive32InRangeForKernel

Version NID
3.60 0x98E91C1C

DACR is not disabled

If val is negative, returns 2 and does not override val.

int sceKernelCpuAtomicAddAndGetPositive32InRangeForKernel(int *val, int add_val, int limit);

SceCpuForKernel_6C7E7B57

Version NID
0.931-3.60 0x6C7E7B57
return pbase | 0x4A;
int SceCpuForKernel_6C7E7B57(const void *pbase);

SceCpuForKernel_AED8F8D7

Version NID
0.931 0xAED8F8D7
3.60 not present

Initialize TTBR.

int SceCpuForKernel_AED8F8D7(const void *ttbr);

SceCpuForKernel_9A3281C0

Version NID
3.60 0x9A3281C0

Gets addresses to 2 functions.

// On 3.60, functions addresses are as following:
*func0 = 0x810227EC;
*func1 = 0x81022B40;
return result;
int SceCpuForKernel_9A3281C0(void **func0, void **func1);

SceCpuForKernel_9CB82EB0

Version NID
3.60 0x9CB82EB0
return;
int SceCpuForKernel_9CB82EB0(void);

SceCpuForDriver

sceKernelRoundupDCacheLine3ForDriver

Version NID
0.990 0xF0849812
3.60 not present
int sceKernelRoundupDCacheLine3ForDriver(int a1);

sceKernelAbortForDriver

Version NID
0.931-0.990 0x6DCA6903
3.60 not present
void sceKernelAbortForDriver(void);

sceKernelCpuGetCpuIdForDriver

Version NID
0.990-3.60 0x5E4D5DE1

Return the CPU ID of the current core.

int sceKernelCpuGetCpuIdForDriver(void);

sceKernelCpuAtomicAddAndGet8ForDriver

Version NID
3.60 0x1E850481
unsigned char sceKernelCpuAtomicAddAndGet8ForDriver (unsigned char *addr, unsigned char val);

sceKernelCpuAtomicAddAndGet16ForDriver

Version NID
3.60 0x59F74E94
unsigned short sceKernelCpuAtomicAddAndGet16ForDriver(unsigned short *addr, unsigned short val);

sceKernelCpuAtomicAddAndGet32ForDriver

Version NID
3.60 0x5F6A8743
unsigned int sceKernelCpuAtomicAddAndGet32ForDriver(unsigned int *addr, unsigned int val);

sceKernelCpuAtomicAddAndGet64ForDriver

Version NID
3.60 0x4E459A03
unsigned long long sceKernelCpuAtomicAddAndGet64ForDriver(unsigned long long *addr, int unused, unsigned long long val);

sceKernelCpuAtomicAddUnless8ForDriver

Version NID
3.60 0x5CC62CEC
int sceKernelCpuAtomicAddUnless8ForDriver(unsigned char *addr, unsigned char val, unsigned char cmp);

sceKernelCpuAtomicAddUnless16ForDriver

Version NID
3.60 0x0F84AFE9
int sceKernelCpuAtomicAddUnless16ForDriver(unsigned short *addr, unsigned short val, unsigned short cmp);

sceKernelCpuAtomicAddUnless32ForDriver

Version NID
3.60 0x1F157DC3
int sceKernelCpuAtomicAddUnless32ForDriver(unsigned int *addr, unsigned int val, unsigned int cmp);

sceKernelCpuAtomicAddUnless64ForDriver

Version NID
3.60 0x06CCFA4B
int sceKernelCpuAtomicAddUnless64ForDriver(unsigned long long *addr, int unused, unsigned long long val, unsigned long long cmp);

sceKernelCpuAtomicAndAndGet8ForDriver

Version NID
3.60 0x32B62B1A
unsigned char sceKernelCpuAtomicAndAndGet8ForDriver(unsigned char *addr, unsigned char val);

sceKernelCpuAtomicAndAndGet16ForDriver

Version NID
3.60 0xB281D52A
unsigned short sceKernelCpuAtomicAndAndGet16ForDriver(unsigned short *addr, unsigned short val);

sceKernelCpuAtomicAndAndGet32ForDriver

Version NID
3.60 0xDF899E4B
unsigned int sceKernelCpuAtomicAndAndGet32ForDriver(unsigned int *addr, unsigned int val);

sceKernelCpuAtomicAndAndGet64ForDriver

Version NID
3.60 0xD18E7B54
unsigned long long sceKernelCpuAtomicAndAndGet64ForDriver(unsigned long long *addr, int unused, unsigned long long val);

sceKernelCpuAtomicClearAndGet8ForDriver

Version NID
3.60 0x8E538AB5
unsigned char sceKernelCpuAtomicClearAndGet8ForDriver(unsigned char *addr, unsigned char val);

sceKernelCpuAtomicClearAndGet16ForDriver

Version NID
3.60 0x6B050D7C
unsigned short sceKernelCpuAtomicClearAndGet16ForDriver(unsigned short *addr, unsigned short val);

sceKernelCpuAtomicClearAndGet32ForDriver

Version NID
3.60 0x78C1F148
unsigned int sceKernelCpuAtomicClearAndGet32ForDriver(unsigned int *addr, unsigned int val);

sceKernelCpuAtomicClearAndGet64ForDriver

Version NID
3.60 0x2149CD4C
unsigned long long sceKernelCpuAtomicClearAndGet64ForDriver(unsigned long long *addr, int unused, unsigned long long val);

sceKernelCpuAtomicClearMask8ForDriver

Version NID
3.60 0x1B3336B0
void sceKernelCpuAtomicClearMask8ForDriver(unsigned char *addr, unsigned char val);

sceKernelCpuAtomicClearMask16ForDriver

Version NID
3.60 0x1BE58599
void sceKernelCpuAtomicClearMask16ForDriver(unsigned short *addr, unsigned short val);

sceKernelCpuAtomicClearMask32ForDriver

Version NID
3.60 0x4AE1BCC0
void sceKernelCpuAtomicClearMask32ForDriver(unsigned int *addr, unsigned int val);

sceKernelCpuAtomicClearMask64ForDriver

Version NID
3.60 0x55760309
void sceKernelCpuAtomicClearMask64ForDriver(unsigned long long *addr, int unused, unsigned long long val);

sceKernelCpuAtomicCompareAndSet8ForDriver

Version NID
3.60 0x3627F4E0
unsigned char sceKernelCpuAtomicCompareAndSet8ForDriver(unsigned char *addr, unsigned char cmp, unsigned char val);

sceKernelCpuAtomicCompareAndSet16ForDriver

Version NID
3.60 0x6F63F56D
unsigned short sceKernelCpuAtomicCompareAndSet16ForDriver(unsigned short *addr, unsigned short cmp, unsigned short val);

sceKernelCpuAtomicCompareAndSet32ForDriver

Version NID
3.60 0xCDA96E81
unsigned int sceKernelCpuAtomicCompareAndSet32ForDriver(unsigned int *addr, unsigned int cmp, unsigned int val);

sceKernelCpuAtomicCompareAndSet64ForDriver

Version NID
3.60 0x4B527009
unsigned long long sceKernelCpuAtomicCompareAndSet64ForDriver(unsigned long long *addr, int unused, unsigned long long cmp, unsigned long long val);

sceKernelCpuAtomicDecIfPositive8ForDriver

Version NID
3.60 0x45153D4E
unsigned char sceKernelCpuAtomicDecIfPositive8ForDriver(unsigned char *addr);

sceKernelCpuAtomicDecIfPositive16ForDriver

Version NID
3.60 0x9A693F5B
unsigned short sceKernelCpuAtomicDecIfPositive16ForDriver(unsigned short *addr);

sceKernelCpuAtomicDecIfPositive32ForDriver

Version NID
3.60 0x2A71B03C
unsigned int sceKernelCpuAtomicDecIfPositive32ForDriver(unsigned int *addr);

sceKernelCpuAtomicDecIfPositive64ForDriver

Version NID
3.60 0x267D0B33
unsigned long long sceKernelCpuAtomicDecIfPositive64ForDriver(unsigned long long *addr);

sceKernelCpuAtomicGetAndAdd8ForDriver

Version NID
3.60 0xFCDCD4DE
unsigned char sceKernelCpuAtomicGetAndAdd8ForDriver(unsigned char *addr, unsigned char val);

sceKernelCpuAtomicGetAndAdd16ForDriver

Version NID
3.60 0x225DF91A
unsigned short sceKernelCpuAtomicGetAndAdd16ForDriver(unsigned short *addr, unsigned short val);

sceKernelCpuAtomicGetAndAdd32ForDriver

Version NID
3.60 0x341B6E81
unsigned int sceKernelCpuAtomicGetAndAdd32ForDriver(unsigned int *addr, unsigned int val);

sceKernelCpuAtomicGetAndAdd64ForDriver

Version NID
3.60 0x043FD446
unsigned long long sceKernelCpuAtomicGetAndAdd64ForDriver(unsigned long long *addr, int unused, unsigned long long val);

sceKernelCpuAtomicGetAndAnd8ForDriver

Version NID
3.60 0xD8E675C0
unsigned char sceKernelCpuAtomicGetAndAnd8ForDriver(unsigned char *a1, unsigned char a2);

sceKernelCpuAtomicGetAndAnd16ForDriver

Version NID
3.60 0x4A820BC5
unsigned short sceKernelCpuAtomicGetAndAnd16ForDriver(unsigned short *addr, unsigned short val);

sceKernelCpuAtomicGetAndAnd32ForDriver

Version NID
3.60 0x10EB35EB
unsigned int sceKernelCpuAtomicGetAndAnd32ForDriver(unsigned int *addr, unsigned int val);

sceKernelCpuAtomicGetAndAnd64ForDriver

Version NID
3.60 0x18A17E07
unsigned long long sceKernelCpuAtomicGetAndAnd64ForDriver(unsigned long long *addr, int unused, unsigned long long val);

sceKernelCpuAtomicGetAndClear8ForDriver

Version NID
3.60 0x382D1466
unsigned char sceKernelCpuAtomicGetAndClear8ForDriver(unsigned char *addr, unsigned char val);

sceKernelCpuAtomicGetAndClear16ForDriver

Version NID
3.60 0x8E9C086D
unsigned short sceKernelCpuAtomicGetAndClear16ForDriver(unsigned short *addr, unsigned short val);

sceKernelCpuAtomicGetAndClear32ForDriver

Version NID
3.60 0xE36F3A46
unsigned int sceKernelCpuAtomicGetAndClear32ForDriver(unsigned int *addr, unsigned int val);

sceKernelCpuAtomicGetAndClear64ForDriver

Version NID
3.60 0x88BA6002
unsigned long long sceKernelCpuAtomicGetAndClear64ForDriver(unsigned long long *addr, int unused, unsigned long long val);

sceKernelCpuAtomicGetAndOr8ForDriver

Version NID
3.60 0xBDF6F8E4
unsigned char sceKernelCpuAtomicGetAndOr8ForDriver(unsigned char *var, unsigned char value);

sceKernelCpuAtomicGetAndOr16ForDriver

Version NID
3.60 0x004F09D1
unsigned short sceKernelCpuAtomicGetAndOr16ForDriver(unsigned short *addr, unsigned short val);

sceKernelCpuAtomicGetAndOr32ForDriver

Version NID
3.60 0x2A40BB93
unsigned int sceKernelCpuAtomicGetAndOr32ForDriver(unsigned int *addr, unsigned int val);

sceKernelCpuAtomicGetAndOr64ForDriver

Version NID
3.60 0xCB73D6D5
unsigned long long sceKernelCpuAtomicGetAndOr64ForDriver(unsigned long long *addr, int unused, unsigned long long val);

sceKernelCpuAtomicGetAndSet8ForDriver

Version NID
3.60 0x29599FC8
unsigned char sceKernelCpuAtomicGetAndSet8ForDriver(unsigned char *addr, unsigned char val);

sceKernelCpuAtomicGetAndSet16ForDriver

Version NID
3.60 0x085532C8
unsigned short sceKernelCpuAtomicGetAndSet16ForDriver(unsigned short *addr, unsigned short val);

sceKernelCpuAtomicGetAndSet32ForDriver

Version NID
3.60 0x0EE04C03
unsigned int sceKernelCpuAtomicGetAndSet32ForDriver(unsigned int *addr, unsigned int val);

sceKernelCpuAtomicGetAndSet64ForDriver

Version NID
3.60 0xD2DEE625
unsigned long long sceKernelCpuAtomicGetAndSet64ForDriver(unsigned long long *addr, int unused, unsigned int lo_val, unsigned int hi_val);

sceKernelCpuAtomicGetAndSub8ForDriver

Version NID
3.60 0x7B43D0D7
unsigned char sceKernelCpuAtomicGetAndSub8ForDriver (unsigned char *addr, unsigned char val);

sceKernelCpuAtomicGetAndSub16ForDriver

Version NID
3.60 0x3EE9B5B8
unsigned short sceKernelCpuAtomicGetAndSub16ForDriver(unsigned short *addr, unsigned short val);

sceKernelCpuAtomicGetAndSub32ForDriver

Version NID
3.60 0xF891CF2A
unsigned int sceKernelCpuAtomicGetAndSub32ForDriver(unsigned int *addr, unsigned int val);

sceKernelCpuAtomicGetAndSub64ForDriver

Version NID
3.60 0xA7585370
unsigned long long sceKernelCpuAtomicGetAndSub64ForDriver(unsigned long long *addr, int unused, unsigned long long val);

sceKernelCpuAtomicGetAndXor8ForDriver

Version NID
3.60 0xBAF47F7B
unsigned char sceKernelCpuAtomicGetAndXor8ForDriver(unsigned char *addr, unsigned char val);

sceKernelCpuAtomicGetAndXor16ForDriver

Version NID
3.60 0x711801E6
unsigned short sceKernelCpuAtomicGetAndXor16ForDriver(unsigned short *addr, unsigned short val);

sceKernelCpuAtomicGetAndXor32ForDriver

Version NID
3.60 0x77E34309
unsigned int sceKernelCpuAtomicGetAndXor32ForDriver(unsigned int *addr, unsigned int val);

sceKernelCpuAtomicGetAndXor64ForDriver

Version NID
3.60 0xE212ECAD
unsigned long long sceKernelCpuAtomicGetAndXor64ForDriver(unsigned long long *addr, int unused, unsigned long long val);

sceKernelCpuAtomicOrAndGet8ForDriver

Version NID
3.60 0x5D515F1B
unsigned char sceKernelCpuAtomicOrAndGet8ForDriver(unsigned char *addr, unsigned char val);

sceKernelCpuAtomicOrAndGet16ForDriver

Version NID
3.60 0xADD39B84
unsigned short sceKernelCpuAtomicOrAndGet16ForDriver (unsigned short *addr, unsigned short val);

sceKernelCpuAtomicOrAndGet32ForDriver

Version NID
3.60 0xBC248C30
unsigned int sceKernelCpuAtomicOrAndGet32ForDriver (unsigned int *addr, unsigned int val);

sceKernelCpuAtomicOrAndGet64ForDriver

Version NID
3.60 0x3E218AF7
unsigned long long sceKernelCpuAtomicOrAndGet64ForDriver(unsigned long long *addr, int unused, long long val);

sceKernelCpuAtomicSet8ForDriver

Version NID
3.60 0x0836537E
void sceKernelCpuAtomicSet8ForDriver(unsigned char *addr, unsigned char val);

sceKernelCpuAtomicSet16ForDriver

Version NID
3.60 0x532CA3E8
void sceKernelCpuAtomicSet16ForDriver(unsigned short *addr, unsigned short val);

sceKernelCpuAtomicSet32ForDriver

Version NID
3.60 0x3168BC57
void sceKernelCpuAtomicSet32ForDriver(unsigned int *addr, unsigned int val);

sceKernelCpuAtomicSet64ForDriver

Version NID
3.60 0xC381CE8C
void sceKernelCpuAtomicSet64ForDriver(unsigned long long *addr, int unused, unsigned long long val);

sceKernelCpuAtomicSetIfGreaterGet8ForDriver

Version NID
3.60 0xC3868071
unsigned char sceKernelCpuAtomicSetIfGreaterGet8ForDriver(unsigned char *addr, unsigned char val);

sceKernelCpuAtomicSetIfGreaterGet16ForDriver

Version NID
3.60 0x875B094D
unsigned short sceKernelCpuAtomicSetIfGreaterGet16ForDriver(unsigned short *addr, unsigned short val);

sceKernelCpuAtomicSetIfGreaterGet32ForDriver

Version NID
3.60 0x26F71995
unsigned int sceKernelCpuAtomicSetIfGreaterGet32ForDriver(unsigned int *a1, unsigned int val);

sceKernelCpuAtomicSubAndGet8ForDriver

Version NID
3.60 0xEB085370
unsigned char sceKernelCpuAtomicSubAndGet8ForDriver(unsigned char *addr, unsigned char val);

sceKernelCpuAtomicSubAndGet16ForDriver

Version NID
3.60 0x515682C9
unsigned short sceKernelCpuAtomicSubAndGet16ForDriver(unsigned short *addr, unsigned short val);

sceKernelCpuAtomicSubAndGet32ForDriver

Version NID
3.60 0xA4884C4E
unsigned int sceKernelCpuAtomicSubAndGet32ForDriver(unsigned int *addr, unsigned int val);

sceKernelCpuAtomicSubAndGet64ForDriver

Version NID
3.60 0xB5F8919C
unsigned long long sceKernelCpuAtomicSubAndGet64ForDriver(unsigned long long *addr, int unused, unsigned long long val);

sceKernelCpuAtomicXorAndGet8ForDriver

Version NID
3.60 0x03887992
unsigned char sceKernelCpuAtomicXorAndGet8ForDriver (unsigned char *a1, unsigned char a2);

sceKernelCpuAtomicXorAndGet16ForDriver

Version NID
3.60 0x646003D6
unsigned short sceKernelCpuAtomicXorAndGet16ForDriver (unsigned short *addr, unsigned short val);

sceKernelCpuAtomicXorAndGet32ForDriver

Version NID
3.60 0x4244BE65
unsigned int sceKernelCpuAtomicXorAndGet32ForDriver(unsigned int *addr, unsigned int val);

sceKernelCpuAtomicXorAndGet64ForDriver

Version NID
3.60 0x692C51B3
unsigned long long sceKernelCpuAtomicXorAndGet64ForDriver(unsigned long long *addr, int unused, unsigned long long val);

sceKernelDcacheInvalidateRangeForDriver

Version NID
0.931-3.60 0x02796361

1

Temp name was sceKernelCpuDcacheAndL2InvalidateMVACRange_1ForDriver, sceKernelCpuDcacheAndL2InvalidateRangeForDriver.

int sceKernelDcacheInvalidateRangeForDriver(void *start, SceSize size);

sceKernelCpuDcacheAndL2InvalidateMVACRange_10ForDriver

Version NID
0.990 0x614C6698
3.60 not present

0x10

int sceKernelCpuDcacheAndL2InvalidateMVACRange_10ForDriver(void *start, size_t size);


sceKernelCpuDcacheAndL2InvalidateMVACRange_20ForDriver

Version NID
0.990-3.60 0x8B4C26DF

0x20

Temp name was sceKernelCpuDcacheInvalidateRangeForDriver.

int sceKernelCpuDcacheAndL2InvalidateMVACRange_20ForDriver(void *start, size_t size);

sceKernelDcacheCleanInvalidateRangeForDriver

Version NID
0.931-3.60 0x364E68A4

1

Temp name was sceKernelCpuDcacheAndL2CleanInvalidateMVACRange_1ForDriver, sceKernelCpuDcacheAndL2WritebackInvalidateRangeForDriver.

int sceKernelDcacheCleanInvalidateRangeForDriver(const void *start, SceSize size);

sceKernelCpuDcacheAndL2CleanInvalidateMVACRange_20ForDriver

Version NID
3.60 0xE551F99B

0x20

int sceKernelCpuDcacheAndL2CleanInvalidateMVACRange_20ForDriver(void *ptr, size_t len);

sceKernelDcacheCleanRangeForDriver

Version NID
0.931-3.60 0x103872A5

1

Temp name was sceKernelCpuDcacheAndL2CleanMVACRange_1ForDriver, sceKernelCpuDcacheAndL2WritebackRangeForDriver.

int sceKernelDcacheCleanRangeForDriver(const void *start, SceSize size);

sceKernelCpuDcacheAndL2CleanMVACRange_20ForDriver

Version NID
0.990-3.68 0x9CB9F0CE

Also named sceKernelCpuDcacheWritebackRangeForDriver, flush_dcache.

0x20

int sceKernelCpuDcacheAndL2CleanMVACRange_20ForDriver(void *start, size_t size);

SceCpuForDriver_E813EBB2

Version NID
3.60 0xE813EBB2
#define SceL2CacheReg 0x1A002000
__dsb();
*(int *)(SceL2CacheReg + 0x730) = 0;
while ( *(int *)(SceL2CacheReg + 0x730) & 1 )
    ;
__dmb();
int SceCpuForDriver_E813EBB2(void);

sceKernelCpuIsVaddrMappedForDriver

Version NID
3.60 0x337CBDF3
  uint32_t vaddr_memory_type = SceCpuForKernel_9B8173F4(vaddr);
  if (vaddr_memory_type != 8) {
    if (vaddr_memory_type <= 8) {
      if (vaddr_memory_type != 2)
        return 0;
    } else if (vaddr_memory_type != 0x40 && vaddr_memory_type != 0x80)
      return 0;
  }
  return 1;
int sceKernelCpuIsVaddrMappedForDriver(void *vaddr);

These functions implement a simple mutual exclusive access on a resource address using LDREX/STREX.

sceKernelCpuLockStoreLRForDriver

Version NID
1.60-3.60 0xBF82DEB2
void sceKernelCpuLockStoreLRForDriver(unsigned int *addr);

sceKernelCpuTryLockStoreLRForDriver

Version NID
3.60 0x5AC9D394
unsigned int sceKernelCpuTryLockStoreLRForDriver(unsigned int *addr);

sceKernelCpuUnlockStoreLRForDriver

Version NID
1.60-3.60 0xD6ED0C46
void sceKernelCpuUnlockStoreLRForDriver(unsigned int *addr);

sceKernelCpuLockStoreFlagForDriver

Version NID
3.60 0x3F42B434
void sceKernelCpuLockStoreFlagForDriver(unsigned int *result);

sceKernelCpuTryLockStoreFlagForDriver

Version NID
3.60 0x4F7790B4
unsigned int sceKernelCpuTryLockStoreFlagForDriver(unsigned int *addr);

sceKernelCpuUnlockStoreFlagForDriver

Version NID
3.60 0xCB8ABDF0
void sceKernelCpuUnlockStoreFlagForDriver(unsigned int *addr);

These functions implement a simple mutual exclusive access on a resource addr using LDREX/STREX.

LR is stored as addr value.

While mutex is held, interrupts are disabled.

Used like this:

int prev_state = sceKernelCpuLockSuspendIntrStoreLRForDriver(mutex);
// do work
sceKernelCpuUnlockResumeIntrStoreLRForDriver(mutex, prev_state);

sceKernelCpuLockSuspendIntrStoreLRForDriver

Version NID
3.35-3.60 0xD32ACE9E
unsigned int sceKernelCpuLockSuspendIntrStoreLRForDriver(unsigned int *addr);

sceKernelCpuTryLockSuspendIntrStoreLRForDriver

Version NID
3.60 0x27C0B340
unsigned int sceKernelCpuTryLockSuspendIntrStoreLRForDriver(int *addr);

sceKernelCpuUnlockResumeIntrStoreLRForDriver

Version NID
3.35-3.60 0x7BB9D5DF
void sceKernelCpuUnlockResumeIntrStoreLRForDriver(unsigned int *addr, int prev_state);

These functions implement a simple mutual exclusive access on a resource addr using LDREX/STREX.

0x80000000 is stored as addr value.

While mutex is held, interrupts are disabled.

Used like this:

int prev_state = sceKernelCpuLockSuspendIntrStoreFlagForDriver(mutex);
// do work
sceKernelCpuUnlockResumeIntrStoreFlagForDriver(mutex, prev_state);

sceKernelCpuLockSuspendIntrStoreFlagForDriver

Version NID
3.35-3.60 0x4C38CE4D
unsigned int sceKernelCpuLockSuspendIntrStoreFlagForDriver(unsigned int *addr);

sceKernelCpuTryLockSuspendIntrStoreFlagForDriver

Version NID
3.60 0xDE6482C6
unsigned int sceKernelCpuTryLockSuspendIntrStoreFlagForDriver(unsigned int *addr);

sceKernelCpuUnlockResumeIntrStoreFlagForDriver

Version NID
3.35-3.60 0x9EC91017
void sceKernelCpuUnlockResumeIntrStoreFlagForDriver(unsigned int *addr, unsigned int prev_state);

sceKernelCpuSpinLockStoreLRForDriver

Version NID
3.60 0xCAC9AE80
void sceKernelCpuSpinLockStoreLRForDriver(unsigned int *result);

sceKernelCpuTrySpinLockStoreLRForDriver

Version NID
3.60 0x093925BD
unsigned int sceKernelCpuTrySpinLockStoreLRForDriver(unsigned int *addr);

sceKernelCpuSpinUnlockStoreLRForDriver

Version NID
3.60 0xF5FD5676
void sceKernelCpuSpinUnlockStoreLRForDriver(unsigned int *result);

sceKernelCpuSpinLockSuspendIntrStoreLRForDriver

Version NID
3.60 0xEC53D007
unsigned int sceKernelCpuSpinLockSuspendIntrStoreLRForDriver(unsigned int *addr);

sceKernelCpuTrySpinLockSuspendIntrStoreLRForDriver

Version NID
3.60 0xF02467D1
unsigned int sceKernelCpuTrySpinLockSuspendIntrStoreLRForDriver(unsigned int *addr);

sceKernelCpuSpinUnlockResumeIntrStoreLRForDriver

Version NID
3.60 0x740A0750
void sceKernelCpuSpinUnlockResumeIntrStoreLRForDriver(unsigned int *addr, unsigned int prev_state);

sceKernelCpuDisableInterruptsForDriver

Version NID
1.60 0x821FC0EE
3.60 0x821FC0EE

Disable irq (but not fiq) and returns previous interrupt bit status (so either 0 or 0x80).

unsigned int sceKernelCpuDisableInterruptsForDriver(void);

sceKernelCpuEnableInterruptsForDriver

Version NID
1.60 0xF5BAD43B
3.60 0xF5BAD43B

Restore previous irq state, pass either 0 or 0x80.

unsigned int sceKernelCpuEnableInterruptsForDriver(unsigned int prev_state);

SceSysclibForKernel

Was present on 1.69. Doesn't exist on 3.60.

SceSysclibForKernel_E38E7605

Version NID
0.990-1.50 0xE38E7605

Looks like vprintf.

SceSysclibForKernel_F7E34376

Version NID
1.50 0xF7E34376

SceSysclibForKernel_FA746181

Version NID
1.50 0xFA746181

SceSysclibForDriver

The C standard library for use in kernel only. (Userland have SceLibKernel, which confusingly is userland only).

Include standard string functions (no insecure variants like strcpy).

__aeabi_idiv

Version NID
3.60 0x2518CD9E

__aeabi_uidiv

Version NID
0.990-3.60 0xA9FF1205

__aeabi_uidivmod

Version NID
0.990-3.60 0xA46CB7DE

__aeabi_ldivmod

Version NID
3.60 0x7554AB04

__memcpy_chk

Version NID
3.60 0x8A0B0815

__memmove_chk

Version NID
3.60 0x35DBB110

__memset_chk

Version NID
3.60 0x1A30BB28

__stack_chk_fail

Version NID
1.50-3.60 0xB997493D

__strncat_chk

Version NID
3.60 0x33EE298B

__strncpy_chk

Version NID
3.60 0x96268C53

look_ctype_table

Version NID
3.60 0xCDF7F155

memchr

Version NID
3.60 0x60DAEA30

memcmp

Version NID
3.60 0xB5A4D745

timing constant memcmp

memcmp2

Version NID
0.931-3.60 0xF939E83D

memcpy

Version NID
0.931-3.60 0x40C88316

memmove

Version NID
1.50-3.60 0x6CC9C1A1

On 1.69, this seems to be implemented incorrectly.

memset

Version NID
0.931-3.60 0x0AB9BF5C

memset2

Version NID
1.50-1.69 0x502B000D
3.60 not present

rshift

Version NID
1.69-3.60 0x1D89F6C0

snprintf

Version NID
1.69-3.60 0xAE7A8981

strchr

Version NID
1.50-3.60 0x38463759

strcmp

Version NID
1.69-3.60 0x0B33BC43

strlcat

Version NID
3.60 0x12504E09

strlcpy

Version NID
3.60 0x7FB4EBEC

strlen

Version NID
0.931-3.60 0xCFC6A9AC

strncat

Version NID
1.69-3.60 0xA1D1C32C

strncmp

Version NID
1.60-3.60 0x12CEE649

strncpy

Version NID
3.60 0x6D286146

strnlen

Version NID
1.69-3.60 0xCD4BD884

strrchr

Version NID
1.69-3.60 0x7F0E0835

strstr

Version NID
1.69-3.60 0x1304A69D

strtol

Version NID
1.69-3.60 0xAB77C5AA

strtoll

Version NID
3.60 0x87AAAFA2

strtoul

Version NID
3.60 0x4E5042DA

tolower

Version NID
3.60 0x0021DAF9

toupper

Version NID
3.60 0xA685DCB1

vsnprintf

Version NID
3.60 0x3DDBE2E1
int vsnprintf(char *s, size_t n, const char *fmt, va_list arg);

SceSysclibForDriver_FE900DE8

Version NID
0.931-3.60 0xFE900DE8
// Returns -1 if first is strictly inferior to first. Returns 1 if first is strictly superior to first. Returns 0 if equality.
int SceSysclibForDriver_FE900DE8(uint32_t first_low, uint32_t first_high, uint32_t second_low, uint32_t second_high);

SceSysclibForDriver_9D148CDE

Version NID
0.931-3.60 0x9D148CDE
int SceSysclibForDriver_9D148CDE(int a1, int a2, int a3, int a4);

SceSysrootForKernel

SceSysrootForKernel_AE55B7CC

Version NID
0.990-3.60 0xAE55B7CC

Calls SceCpuForKernel_A5C9DBBA. Related to cpuId.

int SceSysrootForKernel_AE55B7CC(void);

SceSysrootForKernel_21F5790B

Version NID
0.931 not present
3.60 0x21F5790B

Registers a callback related to kernel panic.

int SceSysrootForKernel_21F5790B(void *func);

SceSysrootForKernel_4D98B15B

Version NID
0.931 not present
3.60 0x4D98B15B

Gets the callback related to kernel panic set by SceSysrootForKernel_21F5790B.

void *SceSysrootForKernel_4D98B15B(void);

SceSysrootForKernel_0DF574A9

Version NID
0.931 not present
3.60 0x0DF574A9

Calls the callback related to kernel panic set by SceSysrootForKernel_21F5790B.

int SceSysrootForKernel_0DF574A9(void);

SceSysrootForKernel_B171CC2D

Version NID
0.931 not present
3.60 0xB171CC2D

Seams to be used to store some callbacks.

typedef struct SceSysrootForKernel_B171CC2D_struct { // size is 0x18 on FW 3.60
  SceSize size; // Size of this structure
  char unk[0x14];
} SceSysrootForKernel_B171CC2D_struct;

int SceSysrootForKernel_B171CC2D(SceSysrootForKernel_B171CC2D_struct *pInfo);

SceSysrootForKernel_1D84C4D4

Version NID
0.931 not present
3.60 0x1D84C4D4
int SceSysrootForKernel_1D84C4D4(SceUID pid, int a2, int *a3, int *a4, int a5);

SceSysrootForKernel_E20F6FC8

Version NID
0.931 not present
3.60 0xE20F6FC8

Related to SceDebug Kernel Exceptions handlers.

int SceSysrootForKernel_E20F6FC8(void);

SceSysrootForKernel_8E4B61F1

Version NID
0.931-3.60 0x8E4B61F1

Calls SceCpuForKernel_9D72DD1B.

int SceSysrootForKernel_8E4B61F1(int cpuid);

SceSysrootForKernel_06182D59

Version NID
3.60 0x06182D59

int SceSysrootForKernel_06182D59(int a1) {
	return *(uint32_t *)(sysbase + 0x20) + (a1 << 0x5);
}

int SceSysrootForKernel_06182D59(int a1);

get_SceKernelSysrootClass_itemsize

Version NID
0.990-3.60 0xEEB867C0

On FW 0.990 return hardcoded value 0x470.

On FW 3.60 return hardcoded value 0x41C.

SceSize get_SceKernelSysrootClass_itemsize(void);

get_SceKernelSysrootClass_object

Version NID
0.990-3.60 0x085C2BCB
SceKernelObject *get_SceKernelSysrootClass_object(void);

sceKernelSysrootBacktraceForKernel

Version NID
0.940-3.60 0xCC893F37

sceKernelSysrootGetLibraryDBForKernel

Version NID
0.990 0xCD70C9D7

sceKernelSysrootSetLibraryDBForKernel

Version NID
0.990 0xCB58A0F4

sceKernelSysrootAllocForKernel

Version NID
0.940-0.990 0xB0149E69
void *sceKernelSysrootAllocForKernel(SceSize len);

sceKernelSysrootSetStatusForKernel

Version NID
0.990-3.60 0xA84676E3

sceKernelSysrootGetProcessCBExitDeleteThreadForKernel

Version NID
0.990-3.60 0xBBFD2E3C

sceKernelSysrootGetCurrentProcessCBForKernel

Version NID
0.990-3.60 0x9991B1AF

sceKernelSysrootGetCurrentThreadAttrForKernel

Version NID
0.990-3.60 0x73601453

sceKernelGetCurrentTimeForKernel

Version NID
0.990 0x4FCFA359
SceRtcTick *sceKernelGetCurrentTimeForKernel(void);

sceKernelGetCurrentTimeInBufferForKernel

Version NID
0.990 0xE0D41319
int sceKernelGetCurrentTimeInBufferForKernel(SceRtcTick *tick)

sceKernelGetSystemTimeLowForKernel

Version NID
0.990 0x2464329D

sceKernelSysrootAssertSysrootForKernel

Version NID
0.990 0x1B7F150F

Check sysroot->magic (offset 0xC must be 0xBA97F5A1) and sysroot->magic2 (offset 0x20C must be 0xA008B0C3‬).

int sceKernelSysrootAssertSysrootForKernel(void *sysroot);

sceKernelSysrootSetVbaseResetVectorForKernel

Version NID
0.990-3.60 0x0F2F2B4E

sceKernelSysrootThreadMgrStartAfterProcessForKernel

Version NID
0.990-3.60 0x0EB5D7CD

sceKernelSysrootGetCurrentProcessForKernel

Version NID
0.990 0x5B7570C5

Return the current process id.

SceUID sceKernelSysrootGetCurrentProcessForKernel(void);

sceKernelSysrootTrapThreadAfterSyscallForKernel

Version NID
0.990-3.60 0x9139E22B

sceKernelSysrootReturnFromExcpToThreadForKernel

Version NID
0.990-3.60 0xDADFF828

sceKernelSysrootPrintBacktraceForKernel

Version NID
0.990-3.60 0x491CE8DF

sceKernelSysrootGetSharedMemoryForKernel

Version NID
0.990-3.60 0xC8C8C321

sceKernelSysrootSetSharedMemoryForKernel

Version NID
0.990-3.60 0xFBB91741

sceKernelSysrootGetPUIDEntryHeapForKernel

Version NID
0.990-3.60 0x88DE85EF

sceKernelSysrootGetStatusForKernel

Version NID
0.990-3.60 0x5C426B19

sceKernelSysrootIofilemgrStartForKernel

Version NID
0.990-3.60 0xF6A6D205

sceKernelSysrootGetCurrentUIDEntryHeapCBForKernel

Version NID
0.990-3.60 0xB4C24588

F9FB9A2A

sceKernelSysrootSetCurrentAddressSpaceCBForKernel

Version NID
0.940 0x63EBB05B
3.60 not present
int sceKernelSysrootSetCurrentAddressSpaceCBForKernel(void *asCB);

sceKernelSysrootGetCurrentAddressSpaceCBForKernel

Version NID
0.940-3.60 0x63EBB05B
callback *sceKernelSysrootGetCurrentAddressSpaceCBForKernel();

sceKernelSysrootAppMgrSpawnProcessForKernel

Version NID
0.990-3.60 0x3ACACD22

sceKernelSysrootGetSmSelfInfoForKernel

Version NID
3.60 0xF10AB792
typedef struct sm_self_info { // size is 0x0C
   uint32_t size; // Size of this structure
   void* sm_self_data; 
   uint32_t sm_self_size;
} sm_self_info;

int sceSysrootGetSmSelfInfoForKernel(int index, sm_self_info* info);
Index SM SELF location
0 os0:sm/gcauthmgr_sm.self
1 os0:sm/rmauth_sm.self
2 os0:sm/encdec_w_portability_sm.self

sceKernelSysrootGetProcessSelfAuthInfoForKernel

Version NID
0.940-3.60 0x4F0A4066

Temp name was sceSysrootGetSelfAuthInfoForKernel.

typedef struct SceSelfAuthInfo { // size is 0x90
   SceUInt64 program_authority_id;
   uint8_t padding1[8];
   uint8_t capability[0x20];
   uint8_t attribute[0x20];
   uint8_t padding2[0x10];
   uint8_t klicensee[0x10];
   uint32_t unk_70;
   uint32_t unk_74;
   uint32_t unk_78;
   uint32_t unk_7C;
   uint32_t unk_80; // ex: 0x10
   uint32_t unk_84;
   uint32_t unk_88;
   uint32_t unk_8C;
} SceSelfAuthInfo;

int sceKernelSysrootGetProcessSelfAuthInfoForKernel(SceUID pid, SceSelfAuthInfo *self_auth_info);

sceKernelSysrootGetProcessTitleIdForKernel

Version NID
3.60 0xEC3124A3

Temp name was sceSysrootGetProcessTitleIdForPidForKernel.

int sceKernelSysrootGetProcessTitleIdForKernel(SceUID pid, char *title_id, SceSize len);

sceSysrootGetNidNameForKernel

Version NID
3.60 0x0B79E220
int sceSysrootGetNidNameForKernel(unsigned int nid, const char **name);

sceSysrootGetModuleInfoForPidForKernel

Version NID
3.60 0xFF9F80FF

Returns export info at address for pid (contains module, lib and NID and their names).

int sceSysrootGetModuleInfoForPidForKernel(SceUID pid, const void *addr, unsigned int *info); // info[0] = 0x3C

sceKernelSysrootGetVbaseResetVectorForKernel

Version NID
0.990-3.60 0xCC85905B

Returns the exception vectors base address. The address of the exception vectors for the CPU i is: sceKernelSysrootGetVbaseResetVectorForKernel() + 0x40 * i.

void *sceKernelSysrootGetVbaseResetVectorForKernel(void);

sceSysrootCallLicMgrGetLicenseStatusForKernel

Version NID
3.60 0x377895EB

Calls sceSblLicMgrGetLicenseStatusForDriver of SceSblPostSsMgr.

Returns 0 on success, -1 if sceSblLicMgrGetLicenseStatusForDriver is not registered.

int sceSysrootCallLicMgrGetLicenseStatusForKernel(void);

Called by sceSblAuthMgrAuthHeaderForKernel before F00D request.

sceSysrootGetSysbaseForKernel

Version NID
3.60 0x3E455842

Temp name was sceKernelGetSysbaseForKernel.

sysbase_t* sceSysrootGetSysbaseForKernel();

sceKernelSysrootGetKblParamForKernel

Version NID
3.60 0x9DB56D1F

Temp name was sceSysrootGetSysrootBufferForKernel.

Returns pointer to Sysroot buffer.

SceBootArgs *sceKernelSysrootGetKblParamForKernel(void);

sceSysrootGetFactorySystemSwVersionForKernel

Version NID
3.60 0xD3872270

return (int)(sysroot_buffer->factory_fw_version);

int sceSysrootGetFactorySystemSwVersionForKernel(void);

sceSysrootGetUnkCForKernel

Version NID
3.60 0xFFD6E24D

return (int)(sysroot_buffer->unk_C);

int sceSysrootGetUnkCForKernel(void);

sceSysrootGetUnk10ForKernel

Version NID
3.60 0x403B509E

return (int)(sysroot_buffer->unk_C + 4);

int sceSysrootGetUnk10ForKernel(void);

sceSysrootGetUnkC0ForKernel

Version NID
3.60 0xAB3CC7D0

return sysroot_buffer->unk_C0;

int sceSysrootGetUnkC0ForKernel(void);

sceSysrootGetWakeupFactorForKernel

Version NID
3.60 0x2F97041A

return sysroot_buffer->wakeup_factor;

int sceSysrootGetWakeupFactorForKernel(void);

sceSysrootGetHardwareInfoForKernel

Version NID
3.60 0x930B1342

return sysroot_buffer->hardware_info;

int sceSysrootGetHardwareInfoForKernel(void);

sceSysrootGetSessionIdForKernel

Version NID
3.60 0x84783B71

Writes sysroot_buffer->session_id to buffer.

Buffer size is 0x10.

int sceSysrootGetSessionIdForKernel(char *buffer);

sceSysrootGetHardwareFlagsForKernel

Version NID
3.60 0x46E72428

Writes sysroot_buffer->hardware_flags to buffer.

Buffer size is 0x10.

int sceSysrootGetHardwareFlagsForKernel(char *buffer);

sceSysrootIsExternalBootModeForKernel

Version NID
3.60 0x89D19090

return *(int *)(sysroot_buffer->boot_type_indicator_1) & 1;

int sceSysrootIsExternalBootModeForKernel(void);

sceKernelIsSomeBootModeForKernel

Version NID
3.60 0x7B7F8171

return (*(int *)(sysroot_buffer->boot_type_indicator_1) >> 19) & 1;

int sceSysrootIsSomeBootModeForKernel(void);

sceSysrootIsSomeBootMode2ForKernel

Version NID
3.60 0x7918D44E

return sysroot_buffer->boot_type_indicator_1[2] & 1;

int sceSysrootIsSomeBootMode2ForKernel(void);

sceSysrootIsSomeModeForKernel

Version NID
0.931-3.60 0xAE7A8F1D

Returns true if (sysroot->boot_flags[0x1] != 0xFF).

Is used to check if UART must be initialized or not.

int sceSysrootIsSomeModeForKernel(void);

sceKernelSysrootIsSafeModeForKernel

Version NID
0.990-3.60 0x834439A7
int sceKernelSysrootIsSafeModeForKernel(void);

sceSysrootIsUpdateModeForKernel

Version NID
3.60 0xB0E1FC67
int sceSysrootIsUpdateModeForKernel(void);

sceSysrootIsBsodRebootForKernel

Version NID
3.60 0x4373AC96

return (*(int *)(sysroot_buffer->wakeup_factor) & 0x7Fu) <= 0x17;

int sceSysrootIsBsodRebootForKernel(void);

sceSysrootIsUsbEnumWakeupForKernel

Version NID
3.60 0x79C9AE10
 if ( *(int *)(sysroot_buffer->unk_C0) & 0x90000 )
   result = 1;
 else
   result = (*(int *)(sysroot_buffer->wakeup_factor) & 0x7Fu) <= 0xF;
 return result;
int sceSysrootIsUsbEnumWakeupForKernel(void);

sceSysrootIsUnknownRebootForKernel

Version NID
3.60 0xE4EA1960

return (*(int *)(sysroot_buffer->wakeup_factor) & 0x7Fu) <= 1;

int sceSysrootIsUnknownRebootForKernel(void);

sceSysrootUseExternalStorageForKernel

Version NID
0.940-3.60 0x55392965

When returns true it allows loading sd0:psp2config.skprx.

Returns true when Manufacturing Mode flag is set:

return (*(int *)(sysroot_buffer->boot_type_indicator_1) >> 2) & 1;

int sceSysrootUseExternalStorageForKernel(void);

sceSysrootUseInternalStorageForKernel

Version NID
3.60 0x50FE3B4D

Returns true when use internal storage flag is not set:

return *(char *)(sysroot_buffer->boot_flags[5]) & 1 ^ 1;

int sceSysrootUseInternalStorageForKernel(void);

sceSysrootRegisterLicMgrGetLicenseStatusForKernel

Version NID
3.60 0x71DB83A2

Write value at sysroot_ctx + 0x380 (on FW 3.60).

Normally, sceSblLicMgrGetLicenseStatusForDriver of SceSblPostSsMgr module is registered.

int sceSysrootRegisterLicMgrGetLicenseStatusForKernel(int (__cdecl *sceSblLicMgrGetLicenseStatusForDriver)());

sceKernelSysrootRegisterBacktraceForKernel

Version NID
0.940 0x1C307A31
3.60 not present
int sceKernelSysrootRegisterBacktraceForKernel(int (__cdecl *func)());

sceKernelSysrootGetThreadAccessLevelForKernel

Version NID
3.60 0x20009397

Calls int (__cdecl *GetThreadAccessLevel)(); // 0x344 on 3.60

int sceKernelSysrootGetThreadAccessLevelForKernel(void);

sceKernelSysrootAllocRemoteProcessHeapForKernel

Version NID
0.990-3.60 0xD351EBC8

Temp name was sceKernelAllocHeapMemoryForKernel.

Same as sceKernelAllocHeapMemoryWithOpt1ForDriver but does set pid to 0x1000B.

Checks that pid is 0x10013 or 0x10005.

void* sceKernelSysrootAllocRemoteProcessHeapForKernel(SceUID pid, SceSize size, SceKernelHeapMemoryOpt *pOpt);

sceKernelSysrootGetModulePrivateForKernel

Version NID
0.990-3.60 0x37EC12BB
void *sceKernelSysrootGetModulePrivateForKernel(int idx);

sceKernelSysrootSetModulePrivateForKernel

Version NID
0.990-3.60 0x7A7E7C0C

sceKernelSysrootSetSysrootForKernel

Version NID
0.940-3.60 0x36916C30
int sceKernelSysrootSetSysrootForKernel(int sysroot);

sceKernelSysrootProcessmgrStart2ForKernel

Version NID
0.990-3.60 0x62E8F511

sceKernelSysrootDbgpSuspendProcessAndWaitResumeForKernel

Version NID
0.990-3.60 0x256B2394

sceKernelSysrootRegisterIsUserModeThreadForKernel

Version NID
0.940 0x5BD911A8
3.60 not present
int sceKernelSysrootRegisterIsUserModeThreadForKernel(void *func);

sceKernelSysrootIsUserModeThreadForKernel

Version NID
0.940-3.60 0x7FC7A163

sceKernelSysrootGetSecureStatusForKernel

Version NID
0.940 0x0A63CA5E
3.60 not present

return *(uint *)some_buf->field_0x28 & 1;

int sceKernelSysrootGetSecureStatusForKernel(void);

sceKernelIsSecureStateForKernel

Version NID
0.940 0x3193DAB2
3.60 not present

return (*(uint *)some_buf->field_0x28 ^ 1) & 1;

SceBool sceKernelIsSecureStateForKernel(void);

sceKernelIsColdBootForKernel

Version NID
0.940-3.60 0xD7198963

return (*(uint *)some_buf->field_0x28 & 10; // IDA PRO FW 3.60

return ((*(uint *)some_buf->field_0x28 ^ 0x10) << 0x1b) >> 0x1f; // Ghidra FW 0.940

int sceKernelIsColdBootForKernel(void);

SceSysrootForDriver

SceSysrootForDriver_26AA237C

Version NID
0.990 not present
3.60 0x26AA237C

Calls the callback registered by SceSysrootForDriver_E25D2FD5.

int SceSysrootForDriver_26AA237C(void);

SceSysrootForDriver_E25D2FD5

Version NID
0.990 not present
3.60 0xE25D2FD5

Registers the callback called by SceSysrootForDriver_26AA237C.

int SceSysrootForDriver_E25D2FD5(void *func);

SceSysrootForDriver_EE934615

Version NID
3.60 0xEE934615

return sceKernelCpuAtomicGetAndAdd32ForDriver(&someflag_from_kbl_param, 0x10);

int SceSysrootForDriver_EE934615(void);

SceSysrootForDriver_EEF091A7

Version NID
3.60 0xEEF091A7

return sceKernelCpuAtomicGetAndAdd32ForDriver(&someflag_from_kbl_param, 0xfffffff0);

int SceSysrootForDriver_EEF091A7(void);

sceSysrootRegisterSblPostSsMgrForDriver_D8A2D465ForDriver

Version NID
3.60 0x35875119
int sceSysrootRegisterSblPostSsMgrForDriver_D8A2D465ForDriver(sceSysrootRegisterSblPostSsMgrForDriver_D8A2D465ForDriver *cb);

sceSysrootCallSblPostSsMgrForDriver_D8A2D465ForDriver

Version NID
3.60 0xD75D4F37

sceKernelSysrootRegisterCoredumpTriggerForDriver

Version NID
0.990-3.60 0xDD473B05
int sceKernelSysrootRegisterCoredumpTriggerForDriver(void *func);

sceKernelSysrootCoredumpTriggerForDriver

Version NID
0.990-3.60 0xCD8CD242
int sceKernelSysrootCoredumpTriggerForDriver(int a1, int a2, int a3, SceCoredumpForDriver_A7D214A7_Opt *pOpt);

sceKernelSysrootRegisterCoredumpCancelForDriver

Version NID
0.990-3.60 0x400B9793
int sceKernelSysrootRegisterCoredumpCancelForDriver(void *func);

sceKernelSysrootCoredumpCancelForDriver

Version NID
0.990-3.60 0x80FBC69D
int sceKernelSysrootCoredumpCancelForDriver(int a1);

sceKernelRegisterInitCallbackForDriver

Version NID
0.990-3.60 0x778D0966

sceKernelSysrootSetProcessHandlerForDriver

Version NID
3.60 0x0F07C3FC

sceKernelSysrootDbgpSuspendProcessAndWaitResumeForDriver

Version NID
0.990-3.60 0x256B2394

sceKernelInvokeInitCallbackForDriver

Version NID
0.990-3.60 0x93CD44CD

idx

5 : disable nskbl, more...?

int sceKernelInvokeInitCallbackForDriver(int idx);

sceKernelSysrootGetShellPidForDriver

Version NID
0.990-3.60 0x05093E7B
SceUID sceKernelSysrootGetShellPidForDriver(void);

sceKernelSysrootCheckRemapCodeForUserForDriver

Version NID
0.990-3.60 0xF8769E86

sceKernelSysrootAppMgrSpawnProcessForDriver

Version NID
0.990-3.60 0x3ACACD22

SceSysrootForDriver_421EFC96

Version NID
3.60 0x421EFC96

Patched by HENkaku payload.c and update365 by TheFloW.

sceKernelSysrootInformUpdateStartedForDriver

Version NID
0.990-3.60 0x9A486846
int sceKernelSysrootInformUpdateStartedForDriver(int number1, int number2, const char *str, SceSize len);

sceKernelSysrootInformUpdateOngoingForDriver

Version NID
0.990-3.60 0x9EC02A41
int sceKernelSysrootInformUpdateOngoingForDriver(int number1, int number2);

sceKernelSysrootInformUpdateFinishedForDriver

Version NID
0.990-3.60 0x217B2871
int sceKernelSysrootInformUpdateFinishedForDriver(int number, const char *str, SceSize len);

sceKernelSysrootSetSwInfoIntForDriver

Version NID
0.990-3.60 0x631141E2
int sceKernelSysrootSetSwInfoIntForDriver(char *str, SceSize len, SceUInt32 number);

sceKernelSysrootSetSwInfoStrForDriver

Version NID
0.990-3.60 0x17DD213C
int sceKernelSysrootSetSwInfoStrForDriver(char *str1, SceSize len1, char *str2, SceSize len2);

sceKernelSysrootSetSwInfoBinForDriver

Version NID
0.990-3.60 0x9E96D990
int sceKernelSysrootSetSwInfoBinForDriver(char *str1, SceSize size1, char *str2, SceSize size2);

sceKernelSysrootRegisterGetSystemSwVersionForDriver

Version NID
3.60 0x3276086B

Temp name was sceKernelSysrootSetSystemSwVersionForDriver.

int sceKernelSysrootRegisterGetSystemSwVersionForDriver(void *cb);

sceKernelSysrootGetSystemSwVersionForDriver

Version NID
3.60 0x67AAB627

Returns System Software version as int from SceSysmem memory. For exemple: 0x0365000 on 3.65.

int sceKernelSysrootGetSystemSwVersionForDriver(void);

?sceKernelSysrootInitI2cForDriver?

Version NID
3.60 0x930B1342
int ?sceKernelSysrootInitI2cForDriver?(void);

sceKernelSysrootIsSafeModeForDriver

Version NID
0.990-3.60 0x834439A7
int sceKernelSysrootIsSafeModeForDriver(void);

sceKernelSysrootUtMgrHasNpTestFlagForDriver

Version NID
3.60 0xA43599E9

Calls int (__cdecl *sceSblUtMgrHasNpTestFlagForDriver)();

int sceKernelSysrootUtMgrHasNpTestFlagForDriver(void);

sceKernelSysrootCheckModelCapabilityForDriver

Version NID
3.60 0x8AA268D6

SceSysrootForDriver_56D85EB0

Version NID
3.60 0x56D85EB0

Used by SceSblACMgr.

SceKernelUtilsForDriver

sceAesDecrypt1ForDriver

Version NID
0.990-3.60 0xD8678061

Perform normal AES decrypt.

int sceAesDecrypt1ForDriver(void *ctx, const void *src, void *dst);

sceAesDecrypt2ForDriver

Version NID
3.60 0xE39CD272

Perform AES decrypt using encryption round key.

int sceAesDecrypt2ForDriver(void *ctx, const void *src, void *dst);

sceAesEncrypt1ForDriver

Version NID
0.990-3.60 0xC2A61770

Perform AES encrypt. There are two functions that are the same on 1.69.

int sceAesEncrypt1ForDriver(void *ctx, const void *src, void *dst);

sceAesEncrypt2ForDriver

Version NID
1.69-3.60 0x302947B6

Perform AES encrypt. Similar to sceAesEncrypt1ForDriver.

int sceAesEncrypt2ForDriver(void *ctx, const void *src, void *dst);

sceAesInit1ForDriver

Version NID
1.69-3.60 0xF12B6451

This sets up the AES engine. ctx is a 960 byte buffer (int 1.69). blocksize and keysize is the security in bits. 128/196/256 are supported values.

last arg to subroutine is 0

int sceAesInit1ForDriver(void *ctx, int blocksize, int keysize, const void *key);

sceAesInit2ForDriver

Version NID
3.60 0xEDA97D6D

last arg to subroutine is 1

int sceAesInit2ForDriver(void *ctx, int blocksize, int keysize, const void *key);

sceAesInit3ForDriver

Version NID
3.60 0x72408E29

last arg to subroutine is 2

int sceAesInit3ForDriver(void *ctx, int blocksize, int keysize, const void *key);

SceKernelUtilsForDriver_C76A7685

Version NID
3.60 0xC76A7685

Looks like it relates to AES InvMixColumns.

SceKernelUtilsForDriver_60ED6EA9

Version NID
3.60 0x60ED6EA9

Equivalent to AES getSBox32Value

sceDeflateDecompressForDriver

Version NID
3.60 0x8AF1FAD4

sceDeflateDecompressPartialForDriver

Version NID
3.60 0x3D74CCDF

sceGzipDecompressForDriver

Version NID
3.60 0x367EE3DF

sceGzipGetCommentForDriver

Version NID
3.60 0xCD3AE08F

sceGzipGetCompressedDataForDriver

Version NID
3.60 0x63619124

sceGzipGetInfoForDriver

Version NID
3.60 0xFFC6A10F

sceGzipGetNameForDriver

Version NID
3.60 0xF901FD3E

sceGzipIsValidForDriver

Version NID
3.60 0xD8FAEFD4

sceHmacSha1DigestForDriver

Version NID
3.60 0x29A28957
int sceHmacSha1DigestForDriver(const void *key, int key_len, const void *data, int data_len, void *digest);

sceHmacSha224DigestForDriver

Version NID
3.60 0x7F2A7B99
int sceHmacSha224DigestForDriver(const void *key, int key_len, const void *data, int data_len, void *digest);

sceHmacSha256DigestForDriver

Version NID
3.60 0x83EFA1CC
int sceHmacSha256DigestForDriver(const void *key, int key_len, const void *data, int data_len, void *digest);

sceMt19937GlobalInitForDriver

Version NID
3.60 0xD428CC2A

sceMt19937GlobalUninitForDriver

Version NID
3.60 0x875B2A1C

sceMt19937InitForDriver

Version NID
3.60 0x4C9A5730

sceMt19937UIntForDriver

Version NID
3.60 0x92AEDFBC

sceSfmt19937FillArray32ForDriver

Version NID
3.60 0x2B30548B

sceSfmt19937FillArray64ForDriver

Version NID
3.60 0x49B41540

sceSfmt19937GenRand32ForDriver

Version NID
3.60 0xBBE4701A

sceSfmt19937GenRand64ForDriver

Version NID
3.60 0x45DEAAD6

sceSfmt19937InitByArrayForDriver

Version NID
3.60 0x33AE1203

sceSfmt19937InitGenRandForDriver

Version NID
3.60 0xAB48C3CA

sceSha1BlockInitForDriver

Version NID
3.60 0xE4390FFA
int sceSha1BlockInitForDriver(void* ctx);

sceSha1BlockResultForDriver

Version NID
3.60 0x48F24106
int sceSha1BlockResultForDriver(void* ctx, void *digest);

sceSha1BlockUpdateForDriver

Version NID
3.60 0x478A6F3C
int sceSha1BlockUpdateForDriver(void* ctx, const void *data, int size);

sceSha1DigestForDriver

Version NID
3.60 0x87DC7F2F
int sceSha1DigestForDriver(const void *data, int size, void *digest);

sceSha224BlockInitForDriver

Version NID
3.60 0xC762EA6D
int sceSha224BlockInitForDriver(void* ctx);

sceSha224BlockResultForDriver

Version NID
3.60 0xFBF2A442
int sceSha224BlockResultForDriver(void* ctx, void *digest);

sceSha224BlockUpdateForDriver

Version NID
3.60 0x7556E611
int sceSha224BlockUpdateForDriver(void* ctx, const void *data, int size);

sceSha224DigestForDriver

Version NID
3.60 0x9EA9D4DC
int sceSha224DigestForDriver(const void *data, int size, void *digest);

sceSha256BlockInitForDriver

Version NID
3.60 0xD909FA2C
int sceSha256BlockInitForDriver(void* ctx);

sceSha256BlockResultForDriver

Version NID
3.60 0x4899CD4B
int sceSha256BlockResultForDriver(void* ctx, void *digest);

sceSha256BlockUpdateForDriver

Version NID
3.60 0x236A9097
int sceSha256BlockUpdateForDriver(void* ctx, const void *data, int size);

sceSha256DigestForDriver

Version NID
0.931-3.60 0xA773A6A8
int sceSha256DigestForDriver(const void *data, SceSize size, void *digest);

sceZlibDecompressForDriver

Version NID
3.60 0x900148DB

sceZlibGetCompressedDataForDriver

Version NID
3.60 0x01EB6C45

sceZlibGetInfoForDriver

Version NID
3.60 0x5B9BCD75

SceZlibForDriver

zlib compression library.

Firmware zlib version
1.60 1.2.5
3.60 1.2.5

inflate

Version NID
1.60-3.60 0xE4F34A68

deflate

Version NID
1.60-3.60 0xE859D60F

deflateReset

Version NID
1.60-3.60 0x68CFEA45

crc32

Version NID
1.60-3.60 0xE0CE06C0

adler32

Version NID
1.60-3.60 0x98619620

inflateSetDictionary

Version NID
1.60-3.60 0x7B16DBD6

SceZlibForDriver_20A122F8

Version NID
3.60 0x20A122F8

used by SceCoredump

maybe init function

int SceZlibForDriver_20A122F8(void *ctx, int a2, int a3, int a4, int a5, int a6, const char *verstr, int a8);

SceZlibForDriver_5492B3F2

Version NID
3.60 0x5492B3F2

used by SceCoredump


int SceZlibForDriver_5492B3F2(int arg1);

SceZlibForDriver_5B718E55

Version NID
3.60 0x5B718E55

used by SceCoredump


int SceZlibForDriver_5B718E55(int arg1, int arg2);

SceKernelSuspendForDriver

Used to register callbacks for handling suspend/resume related events.

sceKernelRegisterSysEventHandlerForDriver

Version NID
0.990-3.60 0x04C05D10

Previous name was sceKernelSuspendRegisterCallbackForDriver

typedef struct {
    uint32_t size; // 24
    uint32_t unk1;
    uint32_t unk2;
    uint32_t unk3;
    uint32_t unk4;
    uint32_t unk5;
} suspend_args_t;

typedef int (suspend_callback_t)(int resume, int event_id, suspend_args_t *args, void *opt);

int sceKernelRegisterSysEventHandlerForDriver(const char *name, suspend_callback_t *callback_func, void *opt);

Registers a function for handling suspend/resume. resume is 0 if we are currently suspending and 1 if we are currently resuming. opt is passed from the registration. Registration adds an entry to a linked list and returns the block id for the new entry.

Returns the suspend_callback_id.

sceKernelUnregisterSysEventHandlerForDriver

Version NID
0.990-3.60 0xDD61D621
int sceKernelUnregisterSysEventHandlerForDriver(int id);

Call with the id returned from suspend_register_callback to remove the entry from the linked list and free the memory.

sceKernelSysEventDispatchForDriver

Version NID
0.990-3.60 0xD4622EA8
int sceKernelSysEventDispatchForDriver(int resume, int eventid, suspend_args_t *args, int stop_on_error);

This will go through the linked list and call each callback. If stop_on_error is set, then the first callback that returns a negative value will stop the call chain and return the block id of the callback that broke the chain. Otherwise, this function will invoke each callback and return zero.

sceKernelPowerTickForDriver

Version NID
0.990-3.60 0xE0489831
typedef enum SceKernelPowerTickType {
	/** Cancel all timers */
	SCE_KERNEL_POWER_TICK_DEFAULT			= 0,
	/** Cancel automatic suspension timer */
	SCE_KERNEL_POWER_TICK_DISABLE_AUTO_SUSPEND	= 1,
	/** Cancel OLED-off timer */
	SCE_KERNEL_POWER_TICK_DISABLE_OLED_OFF		= 4,
	/** Cancel OLED dimming timer */
	SCE_KERNEL_POWER_TICK_DISABLE_OLED_DIMMING	= 6
} SceKernelPowerTickType;

int sceKernelPowerTickForDriver(int type);

Cancel specified idle timers to prevent entering in power save processing.

Returns 0 on success.

suspend_before_nvs_write

Version NID
0.990-3.60 0x4DF40893
int suspend_before_nvs_write(int maybe_pid);

resume_after_nvs_write

Version NID
0.990-3.60 0x2BB92967
int resume_after_nvs_write(int maybe_pid);

SceQafMgrForDriver

Provides many device permission checks including running app privilege checks, debugging enabled checks, and so on.

SceQafMgrForDriver_41E04800

Version NID
3.60 0x41E04800

Only used by SceAppMgr.

SceQafMgrForDriver_7B14DC45

Version NID
3.60 0x7B14DC45

Only used by SceAppMgr.

return ((unsigned int)*(char *)(sceKernelSysrootGetKblParamForKernel() + 0x2D) >> 1) & 1; // = 0x2D + BIT number 30

int SceQafMgrForDriver_7B14DC45(void);

SceQafMgrForDriver_082A4FC2

Version NID
0.990-3.60 0x082A4FC2

Used by sceSblFwLoaderLockForDriver, SceKernelModulemgr, SceSysStateMgr and SceSblPostSsMgr.

Used by sceSblSpsfoMgrOpenForDriver.

When this flag is set, it allows for example to load spsfo from host0:, and host0:psp2config.skprx.

SceQafMgrForDriver_694D1096

Version NID
3.60 0x694D1096

Only used by SceSblACMgr.

SceQafMgrForDriver_0E588747

Version NID
0.990-3.60 0x0E588747

Only used by SceRegistryMgr.

Returns true if the PSVita is an "Internal system".

sceSblQafMgrIsAllowSystemAppDebugForDriver

Version NID
0.990-3.60 0xCAD47130

Used by SceDeci4pDtracep and SceSblACMgr.

If it returns false, syscalls debug trace printf is disabled.

sceSblQafMgrIsAllowMarlinTestForDriver

Version NID
1.03-3.60 0x10283EB8

sceSblQafMgrIsAllowLoadMagicGateForDriver

Version NID
3.60 0x36E5312E

sceQafMgrIsAllowKernelDebugForDriver

Version NID
3.60 0x382C71E8

Used by SceKernelModulemgr, SceExcpmgr, SceCrashDump

return *(uint8_t *)((int)kbl_param + 0x2D) & 1;

int sceQafMgrIsAllowKernelDebugForDriver(void);

sceQafMgrIsAllowQAUpdateForDriver

Version NID
3.60 0x3CB55F98

Only used by SceSblUpdateMgr.

sceSblQafMgrIsAllowGameDebugForDriver

Version NID
3.60 0x4BC1883F

SceQafMgrForDriver_52B4E164

Version NID
3.60 0x52B4E164

Only used by SceWlanBt.

SceQafMgrForDriver_70A67A4B

Version NID
3.60 0x70A67A4B

SceQafMgrForDriver_883E9465

Version NID
0.940-3.60 0x883E9465

Used by SceSysStateMgr.

Allows loading unencrypted psp2config.txt.

sceSblQafMgrIsAllowForceUpdateForDriver

Version NID
0.990-3.60 0x8C423C18

Only used by SceSblUpdateMgr.

sceSblQafMgrIsAllowNearTestForDriver

Version NID
1.03-3.60 0x9644171D

SceQafMgrForDriver_AE033133

Version NID
3.60 0xAE033133

Only used by SceNpDrm.

SceQafMgrForDriver_DEC6DF4E

Version NID
3.60 0xDEC6DF4E

Only used by SceNpDrm.

sceSblQafMgrIsAllowPSPEmuShowQAInfoForDriver

Version NID
3.60 0xB7B195B2

SceQafMgrForDriver_B9770A13

Version NID
3.60 0xB9770A13

Used by SceKernelModulemgr and SceSysmodule.

sceSblQafMgrIsAllowRemotePlayDebugForDriver

Version NID
3.60 0xBFD5E463

sceSblQafMgrIsAllowKeepCoreFileForDriver

Version NID
3.60 0xC1EA75C8

SceQafMgrForDriver_E573F124

Version NID
3.60 0xE573F124

sceSblQafMgrIsAllowDtcpIpResetForDriver

Version NID
3.60 0xE8B8F31F

sceSblQafMgrIsAllowControlIduAutoUpdateForDriver

Version NID
3.60 0xF8BFEE48

ScePmMgrForDriver

scePmMgrGetProductModeForDriver

Version NID
0.931-3.60 0x2AC815A2

Returns 0 on success, 0x800f0a29 on failure.

Gets kbl_param using sceKernelSysrootGetKblParamForKernel.

result = ((int *)(kbl_param->boot_type_indicator_1) >> 2) & 1; // manufacturing mode flag

int scePmMgrGetProductModeForDriver(char* result);

scePmMgrIsExternalBootModeForDriver

Version NID
3.60 0xBD1F193B

Gets kbl_param using sceKernelSysrootGetKblParamForKernel.

return (int *)(kbl_param->boot_type_indicator_1) & 1; // external boot mode flag

int scePmMgrIsExternalBootModeForDriver(void);

SceSblAIMgrForDriver

sceSblAIMgrGetSMIForDriver

Version NID
3.60 0x47D9CF13

SMI means Service / Manufacturing Information.

shipped_fw_version is gotten from SceKblParam.

int sceSblAIMgrGetSMIForDriver(int *shipped_fw_version);

sceSblAIMgrGetProductCodeForDriver

Version NID
3.60 0x14345161

Temp name was sceSblAIMgrGetTargetIdForDriver.

Product Code = Target Id

int sceSblAIMgrGetProductCodeForDriver(void);

sceSblAIMgrGetProductSubCodeForDriver

Version NID
3.60 0xB33CEC8F

Product Sub Code = model revision

int sceSblAIMgrGetProductSubCodeForDriver(void);

sceSblAIMgrIsTestForDriver

Version NID
3.60 0x3B638885

TEST = Internal Test Unit

Returns true if PsCode Product Code <= 0x100.

int sceSblAIMgrIsTestForDriver(void);

sceSblAIMgrIsToolOrTestForDriver

Version NID
3.60 0x274663A0

TOOL = DevKit

Returns true if PsCode Product Code <= 0x101.

int sceSblAIMgrIsToolOrTestForDriver(void);

sceSblAIMgrIsNonCEXForDriver

Version NID
3.60 0xF4B98F66

Returns true if PsCode Product Code <= 0x102.

int sceSblAIMgrIsNonCEXForDriver(void);

sceSblAIMgrIsCEXForDriver

Version NID
3.60 0xD78B04A2

Returns true if PsCode Product Code <= 0x111 AND sceSblAIMgrIsJapaneseFatForDriver returns false.

int sceSblAIMgrIsCEXForDriver(void);

sceSblAIMgrIsVITAForDriver

Version NID
3.60 0x4273B97B

Returns sceSblAIMgrIsGenuineVITAForDriver.

int sceSblAIMgrIsVITAForDriver(void);

sceSblAIMgrIsDolceForDriver

Version NID
3.60 0x71608CA3

Returns sceSblAIMgrIsGenuineDolceForDriver if returns true else returns sceKernelCheckDipswForDriver(0x98).

int sceSblAIMgrIsDolceForDriver(void);

sceSblAIMgrIsGenuineVITAForDriver

Version NID
3.60 0x963CA644

Returns true if:

  • PsCode Product Code <= 0x111 AND sceSblAIMgrIsGenuineDolceForDriver returns false
  • sceSblAIMgrIsJapaneseFatForDriver returns true AND HardwareInfo != 0x700000 != 0x720000 != 0x510000
int sceSblAIMgrIsGenuineVITAForDriver(void);

sceSblAIMgrIsGenuineDolceForDriver

Version NID
3.60 0xC6E83F34
int sceSblAIMgrIsGenuineDolceForDriver(void);

sceSblAIMgrIsJapaneseFatForDriver

Version NID
3.60 0x6D5A3FC9

Returns true if PsCode Product Code == 0x103 (Japanese), PsCode Product Sub Code == 0x10 (FAT) and PsCode Factory Code == 0x24 (refurbished).

int sceSblAIMgrIsJapaneseFatForDriver(void);

sceSblAIMgrIsToolDVT1ForDriver

Version NID
3.60 0xBB9D146B

Returns true if PsCode Product Code == 0x101 and PsCode Product Sub Code <= 3.

int sceSblAIMgrIsToolDVT1ForDriver(void);

sceSblAIMgrIsToolRev4ForDriver

Version NID
3.60 0x37A79140

Returns true if PsCode Product Code == 0x101 and PsCode Product Sub Code <= 4.

int sceSblAIMgrIsToolRev4ForDriver(void);

sceSblAIMgrIsToolRev5ForDriver

Version NID
3.60 0xE5E47FF7

Returns true if PsCode Product Code == 0x101 and PsCode Product Sub Code <= 5.

int sceSblAIMgrIsToolRev5ForDriver(void);

sceSblAIMgrIsPrototypeRev2ForDriver

Version NID
3.60 0xFF5784B9

Returns true if PsCode Product Code == 0x103 and PsCode Product Sub Code <= 2.

int sceSblAIMgrIsPrototypeRev2ForDriver(void);

sceSblAIMgrIsPrototypeRev7ForDriver

Version NID
3.60 0x05F79D4A

Returns true if PsCode Product Code == 0x103 and PsCode Product Sub Code <= 7.

int sceSblAIMgrIsPrototypeRev7ForDriver(void);

SceProcEventForDriver

sceKernelUnregisterProcEventHandlerForDriver

Version NID
3.60 0x3DED57CC

Previous name was sceProcEventDeleteUidForDriver.

Wrapper to sceKernelGUIDCloseForDriver.

int sceKernelUnregisterProcEventHandlerForDriver(int uid);

sceKernelRegisterProcEventHandlerForDriver

Version NID
0.990-3.60 0x2A43912D

Previous name was sceProcEventCreateEventForDriver

Uses sceKernelCreateEventForDriver.

Returns uid.

typedef struct SceProcEventHandler {
	SceSize size;						// SceProcEventHandler struct size : 0x1C
	int (* create)(SceUID pid);
	int (* exit)(SceUID pid);				// current process exit
	int (* kill_by_sce_shell)(SceUID pid);
	int (* stop)(SceUID pid);				// It is called many times by one process switch
	int (* start)(SceUID pid);				// It is called many times by one process switch
	int (* switch_process)(int event_id, SceUID pid);	// It is called only once in one process switch (start/stop...?)
} SceProcEventHandler;

a3 - set zero

SceUID sceKernelRegisterProcEventHandlerForDriver(const char *name, SceProcEventHandler *pHandler, int a3);

sceKernelInvokeProcEventHandlerForDriver

Version NID
3.60 0x414CC813

Uses suspend/resume LR.

int sceKernelInvokeProcEventHandlerForDriver(int a1, int a2, int a3, int a4, int *a5, int a6);

SceDebugLed

sceKernelGetGPI

Version NID
3.60 0x14F582CF
int sceKernelGetGPI(void);

sceKernelSetGPO

Version NID
3.60 0x78E702D3
/**
 * @brief Output to LED
 *
 * Setting the LED display contents
 * @param[in]	uiBitd	Only bit pattern, lower 8 bits are valid
 */
int sceKernelSetGPO(uint32_t uiBits);

call_cb74

Version NID
3.60 0x2B6EABAD
int call_cb74(void);

call_cb78

Version NID
3.60 0x0E6B9890
int call_cb78(void);

SceDebugLedForDriver

sceKernelGetGPIForDriver

Version NID
3.60 0x14F582CF

Only SceDebugLedForDriver function used by SceCoredump.

int sceKernelGetGPIForDriver(void);

sceKernelSetGPIForDriver

Version NID
3.60 0x51C5325A
int sceKernelSetGPIForDriver(int value);

sceKernelGetGPOForDriver

Version NID
3.60 0x3BB289F7
int sceKernelGetGPOForDriver(void);

sceKernelSetGPOForDriver

Version NID
3.60 0x78E702D3
int sceKernelSetGPOForDriver(int value);

sceKernelSetGPOMaskForDriver

Version NID
3.60 0x098473B0
sceKernelSetGPOMaskForDriver(int a1, int a2);

call_cb74

Version NID
3.60 0x2B6EABAD
int call_cb74(void);

set_cb74

Version NID
3.60 0x24173819
int set_cb74(void *cb);

call_cb78

Version NID
3.60 0x0E6B9890
int call_cb78(void);

set_cb78

Version NID
3.60 0xF62154E7
int set_cb78(void *cb);

SceDebugForKernel

sceKernelDebugModuleStart2ForKernel

Version NID
0.931-3.60 0xF624CE22
int sceKernelDebugModuleStart2ForKernel(void);

sceKernelRegisterKprintfHandlerForKernel

Version NID
0.931-3.60 0x10067B7B

Temp name was sceDebugSetHandlersForKernel.

int sceKernelRegisterKprintfHandlerForKernel(int (*kprintf)(const char *fmt, ...), const void *args);

sceKernelGetDebugPutcharForKernel

Version NID
3.60 0xE783518C

Temp name was sceDebugGetPutcharHandlerForKernel.

Returns pointer to current debug putchar handler.

void *sceKernelGetDebugPutcharForKernel(void);

sceKernelRegisterDebugPutcharForKernel

Version NID
3.60 0xE6115A72

Temp name was sceDebugRegisterPutcharHandlerForKernel.

Set debug print char handler.

int sceKernelRegisterDebugPutcharForKernel(int (*debug_putchar)(const void *args, char c), const void *args);

sceKernelDebugPutcharForKernel

Version NID
0.931-3.60 0x82D2EDCE

Temp name was sceDebugPutcharForKernel.

Print character.

int sceKernelDebugPutcharForKernel(char c);

sceKernelStoppedForKernel

Version NID
0.931 0xF1F0C365
3.60 not present
int sceKernelStoppedForKernel(const char *maybe_pFile, const char *maybe_pFunc, int maybe_line);

print_kernel_excp_info

Version NID
0.931 not present
3.60 0x082B8D6A

Prints Kernel Exception information, and certainly calls SceCoredump.

// excp_name can be:
// UNDEF - Undefined?
// PABT - Prefetch Abort
// DABT - Data Abort
// NEST - Nested?
// buf_400 size is 0x400 bytes
int print_kernel_excp_info(kernel_message_ctx *msg_ctx, void *buf_400, int index, const char *excp_name);

register_unk_handler

Version NID
0.931 not present
3.60 0x66D82EC8

handler definition:

handler(int some_level, void *unk, const void *buf);
int register_unk_handler(void *handler);

set_info_dump_flag

Version NID
0.931 not present
3.60 0xF857CDD6

Temp name was sceDebugDisableInfoDumpForKernel.

// ex: set_info_dump_flag(0); as used in henkaku/payload.c
// flag: 0: disable, 1: enable
int set_info_dump_flag(int flag);

register_log_buffer

Version NID
0.931 0x4703ECC4
3.60 not present
int register_log_buffer(const void *log_buffer_addr, SceSize log_buffer_size);

start_logging

Version NID
0.931 0x4C377B11
3.60 not present

Returns 1 if logging has been started successfully, -1 else.

int start_logging(int state);

stop_logging

Version NID
0.931 0x604F56AE
3.60 not present

If state is not zero, stops logging and return 1, else does nothing and return 0.

Returns 1 if logging has been stopped, 0 else.

int stop_logging(void);

refresh_logs

Version NID
0.931 0x04A3046D
3.60 not present
int refresh_logs(void);

_sceKernelPrintDebugLogForKernel

Version NID
0.931 0xEFDE973B
3.60 not present

If a2 is not zero, the current log buffer address is updated, else it is unchanged.

maxNum is guessed to be either the number of entries or the index of the chosen entry. Entry size is 0x40 bytes.

Uses sceKernelPrintfLevelForDriver to print.

int _sceKernelPrintDebugLogForKernel(int a1, int a2, int maxNum);

sceKernelPrintDebugLogForKernel

Version NID
0.931 0xBD5D0BB0
3.60 not present

Calls _sceKernelPrintDebugLogForKernel with maxNum = (log_buf_end - log_buf_start) / 0x40.

int sceKernelPrintDebugLogForKernel(int a1, int a2);

print_with_log_buffer

Version NID
0.931 0x904FF72D
3.60 not present
int print_with_log_buffer(const char *string, SceSize maxlen);

sceKernelPrintfCore0ForKernel

Version NID
0.931 0x2D7380FE
3.60 not present

Same as sceKernelPrintfForDriver but only prints if CPU ID is 0.

int sceKernelPrintfCore0ForKernel(const char *fmt, ...);

sceKernelPrintfLevelCore0ForKernel

Version NID
0.931 0x14241F51
3.60 not present

Same as sceKernelPrintfLevelForDriver but only prints if CPU ID is 0.

int sceKernelPrintfLevelCore0ForKernel(int level, const char *fmt, ...);

sceKernelSetMinimumLogLevelForKernel

Version NID
0.931-3.60 0xBE2C05A2
/**
 * @brief Specifies the minimum severity level for the output of logging information.
 *
 * Specifies the minimum severity level for the output of logging information. The default level is SCE_DBG_LOG_LEVEL_TRACE.
 *
 * @param	minimumLogLevel	The minimum severity at which debugging messages should be output.
 * @retval	SCE_OK          The operation was completed successfully.
 * @retval	Negative value	Error code
 */
int sceKernelSetMinimumLogLevelForKernel(SceInt32 minimumLogLevel);

sceKernelGetMinimumLogLevelForKernel

Version NID
0.931 0xDA6B6770
3.60 not present

Returns the minimumLogLevel set by sceKernelSetMinimumLogLevelForKernel.

SceInt32 sceKernelGetMinimumLogLevelForKernel(void);

sceKernelSetMinimumAssertionLevelForKernel

Version NID
0.931-3.60 0xCE9060F1

Overrides in memory the minimumAssertionLevel set by DIP switches 201 and 202.

SceInt32 sceKernelSetMinimumAssertionLevelForKernel(SceUInt32 minimumAssertionLevel);

sceKernelGetMinimumAssertionLevelForKernel

Version NID
0.931 0x374B7868
3.60 moved to ForDriver

Returns the minimumAssertionLevel from memory.

SceInt32 sceKernelGetMinimumAssertionLevelForKernel(void);

SceDebugForKernel_BEF921A2

Version NID
0.931 not present
3.60 0xBEF921A2
/*
buf     : 0x87C000
cpuId     : 0x2
a3     : 0x6123CD7
a4     : 0x0
msg_ctx     : 0x1A3E858
buf_400     : 0x8D6CA0
a7     : 0x1
ret     : 0x710
*/

// buf size is 0x1000 bytes
// buf_400 size is 0x400 bytes
int SceDebugForKernel_BEF921A2(void *buf, int cpuId, int a3, int a4, kernel_message_ctx *msg_ctx, void *buf_400, int a7);

add_entry

Version NID
0.931 0x1208240D
3.60 not present
int add_entry(int a1, int a2, int a3, void *log_buffer_start);

add_entry2

Version NID
0.931 0x061A4657
3.60 not present
int add_entry2(int a1, const char *msg, void *log_buffer_start, int a4);

register_unk_cb

Version NID
0.931-3.60 0xEFF9962B

The callback has this definition:

// unk: 2 or 3
int unk_cb(SceUID pid, void *buf, SceSize size, int *pOut, int unk);

If unk_cb runs successfully (return >= 0), pOut is used as third argument of unk_cb2, else unk_cb2 is not called at all.

int register_unk_cb(void *some_cb);

register_unk_cb2

Version NID
0.931-3.60 0xB5943011

The callback has this definition:

int unk_cb2(SceUID pid, void *buf, int unk);
int register_unk_cb2(void *some_cb);

SceDebugForDriver

Types

typedef struct kernel_message_ctx { // size is 0x18 on FW 3.60
  int hex_value0_hi;
  int hex_value0_lo;
  int hex_value1;
  const char* pFunc;
  int line;
  const char* pFile;
} kernel_message_ctx;

sceKernelPrintfForDriver

Version NID
0.931-3.60 0x391B74B7
int sceKernelPrintfForDriver(const char *fmt, ...);

sceKernelVprintfForDriver

Version NID
0.931-3.60 0x411C0733
int sceKernelVprintfForDriver(const char *fmt, va_list arg);

sceKernelPrintfLevelForDriver

Version NID
0.931-3.60 0x1A3F2AA4
int sceKernelPrintfLevelForDriver(int level, const char *fmt, ...);

sceKernelVprintfLevelForDriver

Version NID
0.931 not present
3.60 0x611A158B
int sceKernelVprintfLevelForDriver(int level, const char *fmt, va_list arg);

sceKernelPrintfLevelWithCtxForDriver

Version NID
0.931 not present
3.60 0xD9703808
int sceKernelPrintfLevelWithCtxForDriver(int level, kernel_message_ctx *msg_ctx, const char *fmt, ...);

sceKernelVprintfLevelWithCtxForDriver

Version NID
0.931 not present
3.60 0x02B04343

Temp name was sceDebugPrintf2ForDriver.

int sceKernelVprintfLevelWithCtxForDriver(int level, kernel_message_ctx *msg_ctx, const char *fmt, va_list arg);

print_kernel_panic

Version NID
0.931 not present
3.60 0x391B5B74

Temp name was sceDebugPrintKernelPanicForDriver.

int print_kernel_panic(kernel_message_ctx *msg_ctx, const void *addr);

vprintf_kernel_panic

Version NID
0.931 not present
3.60 0x00CCE39C
int printf_kernel_panic(kernel_message_ctx *msg_ctx, const void *addr, const char* fmt, va_list arg);

sceKernelAssertForDriver

Version NID
0.931-3.60 0x35A35322

Temp name was sceDebugPrintKernelAssertionForDriver.

// 0.931:
// addr is maybe not an argument but the stack pointer got within the function
int sceKernelAssertForDriver(SceBool condition, const char* pFile, const char* pFunc, int line, const void *addr);

// 3.60:
int sceKernelAssertForDriver(SceBool condition, kernel_message_ctx *msg_ctx, const void *addr);

sceKernelAssertLevelForDriver

Version NID
0.931-3.60 0xFD753E7A
// 0.931:
int sceKernelAssertLevelForDriver(int level, SceBool condition, const char* pFile, const char* pFunc, int line, const void *addr);

// 3.60:
int sceKernelAssertLevelForDriver(int level, SceBool condition, kernel_message_ctx *msg_ctx, const void *addr);

vprintf_assert_level

Version NID
0.931 not present
3.60 0x821A2D59
int vprintf_assert_level(int level, SceBool condition, kernel_message_ctx *msg_ctx, const void *addr, const char *fmt, va_list arg);

sceKernelGetMinimumAssertionLevelForDriver

Version NID
0.931 in ForKernel
3.60 0x374B7868

Returns the minimumAssertionLevel from memory.

SceInt32 sceKernelGetMinimumAssertionLevelForDriver(void);

SceDebugForDriver_62466B0A

Version NID
0.931 not present
3.60 0x62466B0A

Copy some exception information from memory to the provided buffer.

// max size is 0x1000
int SceDebugForDriver_62466B0A(void *out_buf, SceSize size);

SceSysmemForTZS

sceKernelProcModeVAtoPAForTZS

Version NID
0.931 0x119B9547
int sceKernelProcModeVAtoPAForTZS(SceUID pid, uint32_t mode, void *pVA, void **pPA);

sceKernelAllocPartitionStackMemBlockForTZS

Version NID
0.931 0x69022B7F

sceKernelGetPhyPageResetForTZS

Version NID
0.940-1.80 0x3FEF6B39

sceKernelDeleteHeapForTZS

Version NID
0.931-1.80 0x624454BC

sceKernelCreateHeapForTZS

Version NID
0.931-1.80 0x56A16D84

sceKernelAllocHeapMemoryWithOptionForTZS

Version NID
0.931-1.80 0xEA712806

sceKernelAllocHeapMemoryForTZS

Version NID
0.931-1.80 0x473871D8

sceKernelAllocHeapMemoryFromGlobalHeapForTZS

Version NID
0.940-1.80 0x29DE887D

sceKernelFreeHeapMemoryForTZS

Version NID
0.931-1.80 0x42FB5B12

sceKernelAllocUncacheHeapMemoryWithOptionForTZS

Version NID
0.931-1.80 0x6A3FBAF0

sceKernelFreeUncacheHeapMemoryForTZS

Version NID
0.931-1.80 0x2F18E288

sceKernelNameHeapDeleteForTZS

Version NID
0.990-1.80 0xF459D09D

sceKernelNameHeapInsertForTZS

Version NID
0.990-1.80 0x42AD34AB

sceKernelSetSuspendIntrFuncForTZS

Version NID
0.940-1.80 0xB4306D21

sceKernelSetResumeIntrFuncForTZS

Version NID
0.940-1.80 0x418111B0

sceKernelAddressSpaceUnmapForTZS

Version NID
0.940-1.80 0x31273DC7

sceKernelGetMemBlockBaseForTZS

Version NID
0.931-1.80 0xE1DEDFF4
/**
 * @brief Get mapped base address of memory block.
 *
 * Get base address of memory block.
 * @param[in]	uid		block id
 * @param[out]	ppBase		base address of memory block
 * @retval	SCE_OK		success
 * @retval	<SCE_OK		Error
 */
int sceKernelGetMemBlockBaseForTZS(SceUID uid, void **ppBase);

sceKernelFreeMemBlockForTZS

Version NID
0.940-1.80 0x658EACE3

sceKernelAllocMemBlockForTZS

Version NID
0.940-1.80 0x402EB970
SceUID sceKernelAllocMemBlockForTZS(const char *name, SceKernelMemBlockType type, SceSize vsize, const struct SceKernelAllocMemBlockOptKernel *pOpt);

sceKernelAllocPartitionMemBlockForTZS

Version NID
0.940-1.80 0x0028E26C

Temp name was sceKernelAllocMemBlockForPidForTZS.

SceUID sceKernelAllocPartitionMemBlockForTZS(SceUID pid, const char *name, SceKernelMemBlockType type, SceSize vsize, const struct SceKernelAllocMemBlockOptKernel *pOpt);

sceKernelVAtoPAForTZS

Version NID
0.931-1.80 0x1DEADF6C

This will write the physical address for a virtual address pVA to memory pointed to by ppPA.

Returns <0 on error, values >=0 indicate success.

int sceKernelVAtoPAForTZS(void *pVA, void **ppPA);

sceKernelVARangeToPAVectorForTZS

Version NID
0.931-1.80 0x9D43E416

sceKernelCreateAddressSpaceForTZS

Version NID
0.931 0x21906368

SceDipswForTZS

sceKernelCheckDipswForTZS

Version NID
0.940-1.80 0xA98FC2FD

SceUartForTZS

sceUartWriteForTZS

Version NID
0.990-1.80 0x3AFD5E71

SceDebugForTZS

sceKernelDebugModuleStart2ForTZS

Version NID
0.931 0x32E3D4B9
int sceKernelDebugModuleStart2ForTZS(void);

sceKernelRegisterKprintfHandlerForTZS

Version NID
0.931 0x0AD558D5
int sceKernelRegisterKprintfHandlerForTZS(int (*kprintf)(const char *fmt, ...), const void *args);

sceKernelDebugPutcharForTZS

Version NID
0.931 0xD36F27BA

Print character.

int sceKernelDebugPutcharForTZS(char c);

sceKernelStoppedForTZS

Version NID
0.931-0.990 0xCB502FD1
1.80 not present
int sceKernelStoppedForTZS(const char *maybe_pFile, const char *maybe_pFunc, int maybe_line);

sceKernelAssertForTZS

Version NID
0.931-1.80 0x2F9B8AA8
int sceKernelAssertForTZS(SceBool condition, const char *pFile, const char *pFunc, int line, const void *addr);

_sceKernelPrintDebugLogForTZS

Version NID
0.931 0x4FF6536C
int _sceKernelPrintDebugLogForTZS(int a1, int a2, int maxNum);

sceKernelPrintDebugLogForTZS

Version NID
0.931 0x85BF33E1
int sceKernelPrintDebugLogForTZS(int a1, int a2);

print_with_log_buffer

Version NID
0.931 0x1FD92289
int print_with_log_buffer(const char *string, SceSize maxlen);

sceKernelPrintfForTZS

Version NID
0.931-1.80 0x1655E0E3
int sceKernelPrintfForTZS(const char *fmt, ...);

sceKernelPrintfLevelForTZS

Version NID
0.931-1.80 0xC70CBB58
int sceKernelPrintfLevelForTZS(int level, const char *fmt, ...);

sceKernelPrintfCore0ForTZS

Version NID
0.931 0x08F8AD70

Same as sceKernelPrintfForTZS but only prints if CPU ID is 0.

int sceKernelPrintfCore0ForTZS(const char *fmt, ...);

sceKernelPrintfLevelCore0ForTZS

Version NID
0.931-1.80 0xD4E6A0C0

Same as sceKernelPrintfLevelForTZS but only prints if CPU ID is 0.

int sceKernelPrintfLevelCore0ForTZS(int level, const char *fmt, ...);

sceKernelSetMinimumLogLevelForTZS

Version NID
0.931 0x898E417E
/**
 * @brief Specifies the minimum severity level for the output of logging information.
 *
 * Specifies the minimum severity level for the output of logging information. The default level is SCE_DBG_LOG_LEVEL_TRACE.
 *
 * @param	minimumLogLevel	The minimum severity at which debugging messages should be output.
 * @retval	SCE_OK          The operation was completed successfully.
 * @retval	Negative value	Error code
 */
int sceKernelSetMinimumLogLevelForTZS(SceInt32 minimumLogLevel);

register_log_buffer

Version NID
0.931 0xF2A87E96
int register_log_buffer(const void *log_buffer_addr, SceSize log_buffer_size);

start_logging

Version NID
0.931 0x1FF65E15
int start_logging(int state);

stop_logging

Version NID
0.931 0x5A35E3E0

If state is not zero, stops logging and return 1, else does nothing and return 0.

Returns 1 if logging has been stopped, 0 else.

int stop_logging(void);

refresh_logs

Version NID
0.931 0x91B41C34
int refresh_logs(void);

add_entry

Version NID
0.931 0x95E1A80B
int add_entry(int a1, int a2, int a3, void *log_buffer_start);

add_entry2

Version NID
0.931 0x538319EB
int add_entry2(int a1, const char *msg, void *log_buffer_start, int a4);

register_unk_cb

Version NID
0.931 0x3598118B

The callback has this definition:

// unk: 2 or 3
int unk_cb(SceUID pid, void *buf, SceSize size, int *pOut, int unk);

If unk_cb runs successfully (return >= 0), pOut is used as third argument of unk_cb2, else unk_cb2 is not called at all.

int register_unk_cb(void *some_cb);

register_unk_cb2

Version NID
0.931 0xE844FC5A

The callback has this definition:

int unk_cb2(SceUID pid, void *buf, int unk);
int register_unk_cb2(void *some_cb);

SceDebugForTZS_563B623D

Version NID
0.931 not present
1.80 0x563B623D

SceCpuForTZS

  • 0.931: 0xE0B34336: unknown, same as SceCpuForKernel_9D72DD1B
  • 0.931-0.990: 0x40DEC1B6: sceKernelWaitForEvent
  • 0.931-0.990: 0xF42F079B: sceKernelSendEvent
  • 0.940: 0x1266F962: sceKernelAbort
  • 0.931-0.940: 0x98BF47D3: sceKernelGetVmaccessRange
  • 0.931: 0x49AD8B60: sceKernelSetFIQModeStack
  • 0.931: 0xC2A428F3: sceKernelSetMonModeStack
  • 0.931: 0xD9013440: sceKernelSetIRQModeStack
  • 0.931: 0xDF17E4A3: sceKernelSetUndModeStack
  • 0.931: 0xF832C341: sceKernelSetAbtModeStack
  • 0.931: 0xFB1D3114: sceKernelSetSvcModeStack
  • 0.931: 0xF6CE21EA: sceKernelPrintCpuMode

1.80:

     NID 0: 0x0A15B41C: sceKernelL1DcacheCleanInvalidateAll
     NID 1: 0x17A88E69: sceKernelL1DcacheCleanRange
     NID 2: 0x190D96D5: sceKernelDcacheCleanRange
     NID 3: 0x2A0A3DC6
     NID 4: 0x2B6403F8
     NID 5: 0x2FE24445: sceKernelCpuAtomicSet32
     NID 6: 0x308D7ABE: sceKernelCpuDcacheInvalidateMVACRange
     NID 7: 0x324727D1: sceKernelGetCpsr
     NID 8: 0x39FCFCC2: sceKernelDomainTextMemcpy
     NID 9: 0x44C423D3: sceKernelCpuId
     NID 10: 0x49B11FF8
     NID 11: 0x71FD9AB5: sceKernelSpinlockLowLock
     NID 12: 0x72CA4F7A: sceKernelGetSpsr
     NID 13: 0x75D87321: sceKernelCpuAtomicOrAndGet32
     NID 14: 0x7A5373EB: sceKernelDcacheCleanInvalidateRange
     NID 15: 0x7CCE9480: sceKernelDcacheCleanInvalidateAll
     NID 16: 0x864E3DED
     NID 17: 0x9E4C0D0D
     NID 18: 0xA5965CBF: sceKernelL1IcacheInvalidateEntireAllCore
     NID 19: 0xACF209F3: sceKernelSpinlockLowTrylockCpuSuspendIntr
     NID 20: 0xB421FAFD: sceKernelL1IcacheInvalidateRange
     NID 21: 0xB8F00FBE: sceKernelSpinlockLowUnlockCpuResumeIntr
     NID 22: 0xC4137AED: sceKernelPleFlushRequest
     NID 23: 0xCD98416C: sceKernelSpinlockLowUnlock
     NID 24: 0xCDD46655: sceKernelDcacheInvalidateRange
     NID 25: 0xD67A4356: sceKernelSpinlockLowLockCpuSuspendIntr
     NID 26: 0xEFD6F289: sceKernelCpuAtomicCompareAndSet8

SceSysclibForTZS

__stack_chk_fail

Version NID
1.80 0xE5457B97

SceSysclibForTZS_361850BB

Version NID
0.940-1.80 0x361850BB

maybe_strncpy

memcpy

Version NID
0.931-1.80 0xBE3AF2EE

memset

Version NID
0.931-1.80 0x956DB750

SceSysrootForTZS

sceKernelSysrootBacktraceForTZS

Version NID
0.931 0xF26A5E68

sceKernelSysrootPrintBacktraceForTZS

Version NID
0.931 0x463EA380

sceKernelSysrootShowCallerInfoForTZS

Version NID
0.931 0x2F3D9414

sceKernelSysrootGetModulePrivateForTZS

Version NID
0.931-1.80 0xC9DD8EB3

sceKernelSysrootSetModulePrivateForTZS

Version NID
0.931-1.80 0xEA572BD9

sceKernelSysrootSetSharedMemoryForTZS

Version NID
0.940-1.80 0x45EEB2E0

sceKernelSysrootGetKermitRevisionForTZS

Version NID
0.940-1.80 0xDB3DAB76

sceKernelSysrootGetSharedMemoryForTZS

Version NID
0.931-1.80 0x1C96096F

sceKernelSysrootCorelockLockForTZS

Version NID
0.931-1.80 0xD653194A

sceKernelSysrootGetVbaseMonitorVectorForTZS

Version NID
0.931-1.80 0xD4E6D8E8

sceKernelSysrootGetKernelMMUContextForTZS

Version NID
0.931-1.80 0xA8B7DAF9

sceKernelSysrootCorelockUnlockForTZS

Version NID
0.931-1.80 0x2F5FD9A8

sceKernelSysrootGetVbaseResetVectorForTZS

Version NID
0.931-1.80 0x2460ADFA

sceKernelIsColdBootForTZS

Version NID
0.940-1.80 0x0567B4B9

sceKernelIsSecureStateForTZS

Version NID
0.940 0xEFA54B46

sceKernelSysrootGetErnieWakeupFactorForTZS

Version NID
0.940-1.80 0x8E871C6D

sceKernelSysrootGetKblParamForTZS

Version NID
0.931-1.80 0x29C1049E

Returns pointer to Sysroot buffer.

void *sceKernelSysrootGetKblParamForTZS(void);

sceKernelSysrootAllocForTZS

Version NID
0.940-1.80 0x1A9E1D28
void *sceKernelSysrootAllocForTZS(uint32_t size);

SceQafMgrForTZS

sceSblQafManagerIsAllowKernelDebugForTZS

Version NID
0.990-1.80 0x54D22D74

return *(char *)(sceKernelSysrootGetKblParamForTZS() + 0x2D) & 1;

ScePmMgrForTZS

sceSblPmMgrGetProductModeForTZS

Version NID
0.990-1.80 0xCF554E69

SceSblAIMgrForTZS

sceSblAIMgrIsCEXForTZS

Version NID
0.990-1.80 0x536B38F4