NSKBL
Non-Secure Kernel Boot Loader (NSKBL) is a Non-Secure world program that performs eMMC setup, base kernel modules loading, etc. during PSVita boot.
Module
The NSKBL contains an embedded and likely stripped version of SceSysmem, SceKernelModulemgr, SceSblSmschedProxy, SceExcpmgr, SceKernelIntrMgr, SceSblAuthMgr, SceProcessmgr (maybe), SceSdif, SceIofilemgr (Simple version?), and some other core drivers.
How to debug NSKBL
NSKBL supports sd0: for debugging.
sysroot->boot_type_indicator_1:0x40000 is required.
Types
/* Many pointers are NSKBL heap relationships */ typedef struct SceNskblSysrootInfo { // size is at least 0xC8 on FW 3.60 SceUID unk_0x00; // maybe some PID. ex: 0x10089 int unk_0x04; void *unk_0x08; void *unk_0x0C; void *unk_0x10; void *unk_0x14; void *unk_0x18; void *unk_0x1C; void *unk_0x20; void *unk_0x24; void *unk_0x28; void *unk_0x2C; SceUID unk_0x30; // maybe some PID. ex: 0x1000B const void *unk_0x34; // mapped paddr in vaddr const void *unk_0x38; // mapped paddr in vaddr void *unk_0x3C; int unk_0x40; // ex: 0x80000000 int unk_0x44; // ex: 0x20000000 void *unk_0x48; void *unk_0x4C; void *unk_0x50; void *unk_0x54; void *unk_0x58; void *unk_0x5C; void *unk_0x60; void *unk_0x64; void *unk_0x68; void *unk_0x6C; void *unk_0x70; void *unk_0x74; void *unk_0x78; void *unk_0x7C; void *unk_0x80; void *unk_0x84; void *unk_0x88; void *unk_0x8C; void *unk_0x90; void *unk_0x94; void *unk_0x98; SceUInt32 magic; // 0x 19442EA8 int unk_0xA0; // ex: 0x1000 int unk_0xA4; // ex: 0x1000 int unk_0xA8; // ex: 0x40000 int unk_0xAC; // ex: 0x200000 int unk_0xB0; // ex: 7 int unk_0xB4; int unk_0xB8; // ex: 0x80 sysroot_t *pSysroot; void *unk_0xC0; void *unk_0xC4; // more...? } SceNskblSysrootInfo; // 3.60 SceNskblSysrootInfo *nskbl_sysroot_info = (SceNskblSysrootInfo *)(0x51000000 + 0x138980); // 3.60
Libraries
Known NIDs
Version | Name | World | Visibility | NID |
---|---|---|---|---|
3.60-3.65 | SceKblForKernel | Non-secure | Kernel | 0xD0FC2991 |
SceKblForKernel
SceKblForKernel_230456F3
Version | NID |
---|---|
0.990 | 0x230456F3 |
3.60 | not present |
SceKblForKernel_29A8524D
Version | NID |
---|---|
0.990 | 0x29A8524D |
3.60 | not present |
Related to SDbgSdio (System Debug Sdio) and requires DIPSW 193.
int SceKblForKernel_29A8524D(void);
SceKblForKernel_99B2F981
Version | NID |
---|---|
0.990 | 0x99B2F981 |
3.60 | not present |
SceKblForKernel_A7D60F71
Version | NID |
---|---|
0.990 | 0xA7D60F71 |
3.60 | not present |
SceKblForKernel_AA8005E4
Version | NID |
---|---|
0.990 | 0xAA8005E4 |
3.60 | not present |
SceKblForKernel_FAE33FDD
Version | NID |
---|---|
0.990 | 0xFAE33FDD |
3.60 | not present |
sceKblPutcharForKernel
Version | NID |
---|---|
0.990-3.60 | 0x08E9FAEB |
In 3.60 this function is at 0x510172BD
int sceKblPutcharForKernel(void *args, char c);
sceKernelPrintfForKernel
Version | NID |
---|---|
0.990-3.60 | 0x13A5ABEF |
In 3.60 this function is at 0x510137A9
int sceKernelPrintfForKernel(const char *fmt, ...);
sceKernelPrintfLevelForKernel
Version | NID |
---|---|
0.990-3.60 | 0x752E7EEC |
In 3.60 this function is at 0x51013841.
int sceKernelPrintfLevelForKernel(int level, const char *fmt, ...);
sceKblGetMinimumLogLevelForKernel
Version | NID |
---|---|
0.990-3.60 | 0xC011935A |
In 3.60 this function is at 0x51013921.
int sceKblGetMinimumLogLevelForKernel(void);
sceKblGetPutcharHandlerForKernel
Version | NID |
---|---|
0.990-3.60 | 0x9B868276 |
In 3.60 this function is at 0x51013765.
void *sceKblGetPutcharHandlerForKernel(void);
sceKernelSysrootProcessmgrStart2ForKernel
Version | NID |
---|---|
0.990-3.60 | 0x161D6FCC |
In 3.60 this function is at 0x510123DD.
int sceKernelSysrootProcessmgrStart2ForKernel(void);
sceKernelSysrootThreadMgrStartAfterProcessForKernel
Version | NID |
---|---|
0.990-3.60 | 0x1DB28F02 |
In 3.60 this function is at 0x510123A1.
int sceKernelSysrootThreadMgrStartAfterProcessForKernel(void);
sceKernelSysrootIofilemgrStartForKernel
Version | NID |
---|---|
0.990-3.60 | 0xC7B77991 |
In 3.60 this function is at 0x5101297D.
int sceKernelSysrootIofilemgrStartForKernel(void);
sceKernelSysrootCorelockUnlockForKernel
Version | NID |
---|---|
0.990-3.60 | 0x314AA770 |
In 3.60 this function is at 0x510124FD.
void sceKernelSysrootCorelockUnlockForKernel(void);
sceKernelSysrootCorelockLockForKernel
Version | NID |
---|---|
0.990-3.60 | 0x807B4437 |
In 3.60 this function is at 0x510124E5.
void sceKernelSysrootCorelockLockForKernel(SceUInt32 core);
sceKblCpuDisableIrqInterruptsForKernel
Version | NID |
---|---|
0.990 | not present |
3.60 | 0xDDB3A1A8 |
In 3.60 this function is at 0x51003554.
Old wrong name is sceKblCpuSwitchInterruptsForKernel.
void sceKblCpuDisableIrqInterruptsForKernel(void);
sceSblAimgrIsCEXForKernel
Version | NID |
---|---|
0.990-3.60 | 0x8A416887 |
In 3.60 this function is at 0x510171B5.
int sceSblAimgrIsCEXForKernel(void);
sceSblAimgrIsDiagForKernel
Version | NID |
---|---|
0.990-3.60 | 0xC3DDDE15 |
In 3.60 this function is at 0x51017175.
int sceSblAimgrIsDiagForKernel(void);
sceSblAimgrIsDEXForKernel
Version | NID |
---|---|
0.990 | not present |
3.60 | 0x5945F065 |
In 3.60 this function is at 0x51017159.
int sceSblAimgrIsDEXForKernel(void);
sceSblAimgrIsToolForKernel
Version | NID |
---|---|
0.990 | not present |
3.60 | 0xB6C9ACF1 |
In 3.60 this function is at 0x51017139.
int sceSblAimgrIsToolForKernel(void);
sceSblAimgrIsTestForKernel
Version | NID |
---|---|
0.990 | not present |
3.60 | 0x943E7537 |
In 3.60 this function is at 0x5101711D.
int sceSblAimgrIsTestForKernel(void);
sceSblAimgrIsVITAForKernel
Version | NID |
---|---|
0.990 | not present |
3.60 | 0x838466E9 |
In 3.60 this function is at 0x51017299.
int sceSblAimgrIsVITAForKernel(void);
sceSblAimgrIsDolceForKernel
Version | NID |
---|---|
0.990 | not present |
3.60 | 0xA7BD4417 |
In 3.60 this function is at 0x510172A1.
int sceSblAimgrIsDolceForKernel(void);
sceSblAimgrIsGenuineDolceForKernel
Version | NID |
---|---|
0.990 | not present |
3.60 | 0xB6D00D6D |
In 3.60 this function is at 0x510171E5.
int sceSblAimgrIsGenuineDolceForKernel(void);
sceKblLoadModuleForKernel
Version | NID |
---|---|
0.990 | not present |
3.60 | 0x6D7A1F18 |
In 3.60 this function is at 0x51001551.
typedef struct SceModuleLoadList { const char *filename; } __attribute__((packed)) SceModuleLoadList; int sceKblLoadModuleForKernel(const SceModuleLoadList *pList, SceUID *pUidList, SceUInt32 count, SceBool is_file_at_partition_root);
sceKblStartModuleForKernel
Version | NID |
---|---|
0.990 | not present |
3.60 | 0x9A92436E |
In 3.60 this function is at 0x51001571
int sceKblStartModuleForKernel(SceUID *pUidList, SceUInt32 count, SceSize args, void *argp);
sceKblAuthMgrCloseForKernel
Version | NID |
---|---|
0.990 | not present |
3.60 | 0x79241ACF |
In 3.60 this function is at 0x51001345.
int sceKblAuthMgrCloseForKernel(void);
sceKblSetNonSyncModuleStartForKernel
Version | NID |
---|---|
0.990 | not present |
3.60 | 0x9F4F3F98 |
In 3.60 this function is at 0x51001561.
int sceKblSetNonSyncModuleStartForKernel(void);
sceKernelCpuIdForKernel
Version | NID |
---|---|
0.990-3.60 | 0xB506A10E |
In 3.60 this function is at 0x510147C9.
int sceKernelCpuIdForKernel(void);
sceKernelCheckDipswForKernel
Version | NID |
---|---|
0.990-3.60 | 0xC8F4DE71 |
In 3.60 this function is at 0x51015851.
int sceKernelCheckDipswForKernel(int bit);
sceSblQafManagerIsAllowKernelDebugForKernel
Version | NID |
---|---|
0.990-3.60 | 0xCE94F329 |
In 3.60 this function is at 0x51016FD1
int sceSblQafManagerIsAllowKernelDebugForKernel(void);
sceKblGetHardwareFlagsForKernel
Version | NID |
---|---|
0.990 | not present |
3.60 | 0xD3A516D5 |
get some device flags function
In 3.60 this function is at 0x510128AD
typedef struct SceSysrootHardwareFlags { uint32_t data[4]; } __attribute__((packed)) SceSysrootHardwareFlags; int sceKblGetHardwareFlagsForKernel(SceSysrootHardwareFlags *data);
sceKblInitDeviceForKernel
Version | NID |
---|---|
0.990-3.60 | 0xF7AF8690 |
some device init function
In 3.60 this function is at 0x5100124D.
int sceKblInitDeviceForKernel(void);
sceKblFreeFileSystemCtxForKernel
Version | NID |
---|---|
0.990-3.60 | 0x261F2747 |
In 3.60 this function is at 0x51001321.
int sceKblFreeFileSystemCtxForKernel(void);