SceKernelIntrMgr

From Vita Development Wiki
Jump to: navigation, search

SceKernelIntrMgr is a kernel module that is primary responsible for setting up external and internal interrupts. Notably, it facilitates communication with the F00D Processor.

Module

This module exists in both non-secure and secure world. The non-secure world SELF can be found in os0:kd/intrmgr.skprx. It also can be found in the Boot Image.

Known NIDs

Version Name World Privilege NID
1.69 SceKernelIntrMgr Non-secure Kernel 0xB3A12CDC
1.69 SceKernelIntrMgr Secure Kernel 0x8A9875BC

Libraries

This module only exports kernel libraries.

Known NIDs

Version Name World Visibility NID
1.69 SceIntrmgrForDriver Non-secure Kernel 0x9DF04041
1.69 SceIntrmgrForKernel Non-secure Kernel 0x7AC5E3A
1.69 SceIntrmgrForTZS Secure Kernel 0xEC3056FE

SceIntrmgrForDriver

Setting up interrupt

Version World NID
1.69 secure 0x6B84DA8F
1.69 non-secure 0x5C1FEB29
typedef int (SceKernelIntrCallback)(int code, int unk);

typedef struct SceKernelRegisterInterruptOptionsExtended
{
	unsigned int size;
	unsigned int unk_4;
	unsigned int unk_8;
	unsigned int unk_C;
	SceKernelIntrCallback *fptr0; // function pointer
	SceKernelIntrCallback *fptr1; // function pointer
	SceKernelIntrCallback *fptr2; // function pointer
	unsigned int unk_1C;
	unsigned int unk_20;
	unsigned int unk_24;
} SceKernelRegisterInterruptOptionsExtended; /* size = 0x28 */

typedef struct SceKernelRegisterInterruptOptions
{
	unsigned int size;
	unsigned int num;
	SceKernelRegisterInterruptOptionsExtended *opt2;
	unsigned int flags; /* 0b1 = use sensitivity param */
	unsigned int sensitivity;
} SceKernelRegisterInterruptOptions; /* size = 0x14 */

typedef int (SceKernelIntrHandler)(int unk, void* userCtx);

int register_interrupt(int code, const char *name, int interrupt_type, SceKernelIntrHandler *handler, void* userCtx, int priority, int targetcpu, SceKernelRegisterInterruptOptions *opt);

Remove interrupt handler

Version NID
3.60 0xD6009B98
int SceIntrmgrForDriver_D6009B98(int intr_code);

This function first performs a clear-enable and then removes the current interrupt handler associated with the interrupt intr_code.

Clear-enable interrupt

Version NID
3.60 0x180435EC
int SceIntrmgrForDriver_180435EC(int intr_code);

This function writes 1 << (intr_code % 32) to the Interrupt Clear-Enable Registers (offset 0x180 from the Interrupt Distributor registers) at 0x180 + (intr_code / 32) * 4.

Set-enable interrupt

Version NID
3.60 0x7117E827
int SceIntrmgrForDriver_7117E827(int intr_code);

This function writes 1 << (intr_code % 32) to the Interrupt Set-Enable Registers (offset 0x100 from the Interrupt Distributor registers) at 0x100 + (intr_code / 32) * 4.

Set interrupt enabled

Version NID
3.60 0xA4C772AF
int SceIntrmgrForDriver_A4C772AF(int intr_code, int enabled);

Enables or disables an interrupt. If a 0 is passed to enabled, it acts as Clear-enable interrupt, and if a 1 is passed, it acts as Set-enable interrupt.

Get interrupt enabled

Version NID
3.60 0x6EC07C56
int SceIntrmgrForDriver_6EC07C56(int intr_code, int *enabled);

This function returns whether the interrupt intr_code is enabled or not. If it's enabled, a 1 will be written to enabled and a 0 otherwise. To check the enable status, the function checks the bit number intr_code % 32 of the Interrupt Set-Enable register (offset 0x100 from the Interrupt Distributor registers) at 0x100 + (intr_code / 32) * 4.

Get interrupt pending

Version NID
3.60 0xA269003D
int SceIntrmgrForKernel_A269003D(int intr_code);

This function returns whether the interrupt intr_code is pending or not. If it's pending, a 1 will be returned, and a 0 will be returned otherwise. To check the pending status, the function checks the bit number intr_code % 32 of the Interrupt Set-Pending Registers (offset 0x200 from the Interrupt Distributor registers) at 0x200 + (intr_code / 32) * 4.

Clear interrupt pending

Version NID
3.60 0x4DC48A01
int SceIntrmgrForKernel_4DC48A01(int intr_code);

This function writes 1 << (intr_code % 32) to the Interrupt Clear-Pending Registers (offset 0x280 from the Interrupt Distributor registers) at 0x280 + (intr_code / 32) * 4.

Set interrupt priority

Version NID
3.60 0x71020E29
int SceIntrmgrForDriver_71020E29(int intr_code, unsigned char priority);

This function writes priority to the Interrupt Priority Registers (offset 0x400 from the Interrupt Distributor registers) at 0x400 + intr_code.

Set processor target

Version NID
3.60 0x973BACCC
int SceIntrmgrForDriver_973BACCC(int intr_code, int cpu_mask);

This function writes the bits 0-8 or 16-24 of cpu_mask, depending on whether the mask is in former or the latter bits, to the Interrupt Processor Targets Registers (offset 0x800 from the Interrupt Distributor registers) at 0x800 + intr_code

Trigger SGI (Software generated interrupt)

Version NID
3.60 0x29F62500
int SceIntrmgrForDriver_29F62500(int intr_code, unsigned int target_list_filter, unsigned int cpu_target_list);

This function triggers a software generated interrupt by writing intr_code | (target_list_filter << 0x18) | (cpu_target_list) << 16 to the Software Generated Interrupt Register (offset 0xF00 from the Interrupt Distributor registers). Note: intr_code must be between 0x0 and 0xF.

Context allowed

Version NID
3.60 0x182EE3E3
int SceIntrmgrForDriver_182EE3E3(int intr_code);

If the current "PL1 only Thread ID Register" is != 0 it returns 0, else checks if the current "Multiprocessor Affinity Register" is a target of the interrupt intr_code and returns 1 if it is, and 0 otherwise.

Setting up a subinterrupt

Version World NID
3.60 non-secure? 0x96576C18
int SceIntrmgrForDriver_96576C18(int intr_code, int subintr_code, const char *name, void *handler, void *register_arg);

Trigger a subinterrupt

Version World NID
3.60 non-secure? 0xCC94B294
int SceIntrmgrForDriver_CC94B294(int intr_code, int subintr_code, void *subintr_arg);

Enable a subinterrupt

Version World NID
3.60 non-secure? 0x901E41D8
int SceIntrmgrForDriver_901E41D8(unsigned int intrcode, unsigned int subintr_code);

It also calls fptr1 of the registered reg_intr_opt2 as: reg_intr_opt2.fptr1(intrcode, subintr_code).

Calls reg_intr_opt2::fptr2

Version World NID
3.60 non-secure? 0x259C6D9E
int call_fptr2(int intr_code, int arg);

Calls fptr2 of the registered reg_intr_opt2 as: reg_intr_opt2.fptr2(code, arg).

Registering SMC call (secure only)

Version World NID
1.69 secure 0xC188114F
int register_smc(int service_id, void **func);

SceIntrmgrForKernel

SceIntrmgrForTZS

Controller

The interrupt controller is defined in the MPCore TRM [1]. The PERIPHBASE address (physical) is 0x1A000000.

Registered Interrupts

As specified in GIC Architecture, interrupt 0-15 are software generated interrupts. There are also no private peripheral interrupts (16-31) implemented. Core Handler indicates which core handles the exception. "All" means it can be handled by any core.

Code World Registered names Core Handler Priority
0 Non-secure  ? 0 16
1 Non-secure  ? 0 32
2 Non-secure SceThreadmgrSGI 0 48
4 Non-secure SceSblSmSchedProxySGI 0 128
6 Non-secure SceKernelProcessmgr 0 80
8 Non-secure SceDisplayVbStartSGI, SceCtrlVblank 0 160
10 Non-secure ScePowerMain 0 80
11 Secure ScePervasive 0 80
32 Non-secure SceBusError All 16
33 Secure SceBusErrorSecure All 16
34 Secure SceEmcTop All 80
36 Non-secure SceIntrmgrVfpException0 All 16
37 Non-secure SceIntrmgrVfpException1 All 16
38 Non-secure SceIntrmgrVfpException2 All 16
39 Non-secure SceIntrmgrVfpException3 All 16
49 Non-secure SceGpio1Gate2 All 160
50 Non-secure SceGpio1Gate3 All 192
51 Non-secure SceGpio1Gate4 All 208
52 Non-secure SceGpuLisr All 80
56 Non-secure SceVipMailbox0 All 208
60 Non-secure SceMsifIns All 128
61 Non-secure SceMsifSmshc All 128
68 Non-secure SceCompat4 0 160
69 Non-secure SceCompat5 1 160
70 Non-secure SceCompat6 2 160
71 Non-secure SceCompat7 0 160
72 Non-secure SceCompat8 1 160
73 Non-secure SceCompat9 2 160
74 Non-secure SceCompat10 0 160
80 Non-secure SceVeneziaMailbox00 All 208
81 Non-secure SceVeneziaMailbox01 All 208
82 Non-secure SceVeneziaMailbox02 All 208
83 Non-secure SceVeneziaMailbox03 All 208
84 Non-secure SceVeneziaMailbox04 All 208
85 Non-secure SceVeneziaMailbox05 All 208
86 Non-secure SceVeneziaMailbox06 All 208
87 Non-secure SceVeneziaMailbox07 All 208
88 Non-secure SceVeneziaMailbox08 All 208
89 Non-secure SceVeneziaMailbox09 All 208
90 Non-secure SceVeneziaMailbox10 All 208
91 Non-secure SceVeneziaMailbox11 All 208
92 Non-secure SceVeneziaMailbox12 All 208
93 Non-secure SceVeneziaMailbox13 All 208
94 Non-secure SceVeneziaMailbox14 All 208
95 Non-secure SceVeneziaMailbox15 All 208
112 Non-secure SceDmacmgrDmac0Ch0 All 128
113 Non-secure SceDmacmgrDmac0Ch1 All 128
114 Non-secure SceDmacmgrDmac1Ch0 All 128
115 Non-secure SceDmacmgrDmac1Ch1 All 128
116 Non-secure SceDmacmgrDmac2Ch0 All 128
117 Non-secure SceDmacmgrDmac2Ch1 All 128
118 Non-secure SceDmacmgrDmac3Ch0 All 128
119 Non-secure SceDmacmgrDmac3Ch1 All 128
120 Non-secure SceDmacmgrDmac4Gate0 3 128
121 Non-secure SceDmacmgrDmac4Gate1 3 128
122 Non-secure SceDmacmgrDmac4Gate2 3 128
123 Non-secure SceDmacmgrDmac4Gate3 3 128
124 Non-secure SceDmacmgrDmac5Ch0 All 128
125 Non-secure SceDmacmgrDmac5Ch1 All 128
126 Non-secure SceDmacmgrDmac6Ch0 All 128
127 Non-secure SceDmacmgrDmac6Ch1 All 128
128 Non-secure SceSystimerWordTimer0 All 128
129 Non-secure SceSystimerWordTimer1 All 128
130 Non-secure SceSystimerWordTimer2 All 128
131 Non-secure SceSystimerWordTimer3 All 128
132 Non-secure SceSystimerWordTimer4 All 128
133 Non-secure SceSystimerWordTimer5 All 128
134 Non-secure SceSystimerWordTimer6 All 128
135 Secure usleep 2 128
136 Non-secure SceSystimerLongrangeTimer0 All 128
137 Non-secure SceSystimerLongrangeTimer1 All 128
138 Non-secure SceSystimerLongrangeTimer2 All 128
139 Non-secure SceSystimerLongrangeTimer3 All 128
140 Non-secure SceSystimerLongrangeTimer4 All 128
141 Non-secure SceThreadmgrTimer All 48
142 Non-secure SceI2c0 All 160
143 Non-secure SceI2c1 All 160
145 Non-secure  ? All 160
146 Non-secure SceUsbEhci0 All 160
147 Non-secure  ? All 160
148 Non-secure SceUsbEhci1 All 160
149 Non-secure  ? All 160
150 Non-secure SceUsbEhci2 All 160
151 Non-secure SceUdcd1_EP0 All 128
152 Non-secure SceUdcd1_EP1-7 All 128
155 Non-secure SceUdcd2_EP0 All 128
156 Non-secure SceUdcd2_EP1-7 All 128
160 Non-secure SceCsi0 All 160
162 Non-secure SceCsi1 All 160
164 Non-secure SceUdcd1_phy-ready All 128
165 Non-secure SceUdcd1_vbus All 128
166 Non-secure SceCif0 All 160
168 Non-secure SceCif1 All 160
170 Non-secure SceUdcd2_phy-ready All 128
171 Non-secure SceUdcd2_vbus All 128
176 Non-secure  ? All 16
176 Non-secure  ? 0 16
177 Non-secure  ? 1 16
178 Non-secure  ? 2 16
179 Non-secure  ? 3 16
181 Non-secure SceUdcd0_EP0 All 128
182 Non-secure SceUdcd0_EP1-7 All 128
184 Non-secure  ? All 128
190 Non-secure SceUdcd0_phy-ready All 128
191 Non-secure SceUdcd0_vbus All 128
193 Non-secure  ? 3 160
194 Non-secure SceI2s1 3 160
193 Non-secure SceI2s0 3 160
196 Non-secure SceI2s2 3 160
200 Secure SceSblSmSchedCry2Arm0 3 128
201 Secure SceSblSmSchedCry2Arm123 3 128
202 Secure SceSblSmSchedCry2Arm123 3 128
203 Secure SceSblSmSchedCry2Arm123 3 128
204 Non-secure SceIftu0a All 80
205 Non-secure SceIftu0b All 80
206 Non-secure SceIftu1a All 80
207 Non-secure SceIftu1b All 80
210 Non-secure SceDisplayVbStartHDMI / SceDsi1 All 160
213 Non-secure SceDisplayVbStartMainLCD / SceDsi0 All 160
220 Non-secure SceSdif0 All 128
221 Non-secure SceSdif1 All 128
222 Non-secure SceSdif2 All 128
223  ? SceSdif3 (not present on 1.69)  ?  ?
225 Non-secure SceUart1 All 80
248 Non-secure SceGpio0Gate0 All 80
249 Non-secure SceGpio0Gate1 All 112
250 Non-secure SceGpio0Gate2 All 160
251 Non-secure SceGpio0Gate3 All 192
252 Non-secure SceGpio0Gate4 All 208
253 Non-secure SceGpio1Gate0 All 80
254 Non-secure SceGpio1Gate1 All 112
255 Non-secure SceIftu2 All 80

Registered Subinterrupts

Interrupt code Subinterrupt code World Registered names
8 3 Non-secure SceCtrlVblank
8 5 Non-secure SceTouchVblank
8 25 Non-secure SceLedVblank
8 26 Non-secure ScePowerVblank
248 4 Non-secure SceSysconCmdclr
249 13 Non-secure SceHdmiIntr