LV2 Functions and Syscalls

From PS3 Developer wiki
Jump to navigation Jump to search

Functions

string.h

Function Notes Offset in 3.55 Offset in 3.41 Offset in 3.15 Offset in 3.10 Offset in 3.01 Offset in 2.76
char *strcpy(char *dest, const char *src) 0x4E684 0x4D2F0 0x4CDAC 0X4CDA8 0x4AAC4 0x469B8
int strlen(char *str) 0x4E6AC 0x4D318 0X4CDD4 0X4CDD0 0x4AAEC 0x469E0
char *strcat(char *destination, const char *source) 0x4E5B4 0x4D220 0x4CCDC
char *strchr(const char* str, char chr) 0x4E5EC 0x4D258 0x4CD14
char *strrchr(const char* str, char chr) 0x4CEE4
int strcmp(const char *s1, const char *s2) 0x4E630 0x4D29C 0x4CD58
int strncmp(const char *s1, const char *s2, size_t n) 0x4E6D8 0x4D344 0X4CE00 0X4CDFC 0x4AB18 0x46A0C
char *strncpy(char *destination, const char *source, size_t num) 0x4E74C 0x4D3B8 0x4CE74
int memcmp(void *v1, void *v2, size_t n) 0x4D7E8 0x4C454 0x4BF10
void *memchr(void *s, int c, size_t n) 0x4BEC0
void *memcpy(void *dest, const void *src, size_t n) 0x7C3A4 0x7C01C 0X7BE9C 0X7BE98 0x77E84 0x7395C
void *memset(void *s, int c, size_t n) 0x4E4D8 0x4D144 0X4CC00 0X4CBFC 0x4A95C 0x46850

stdio.h

Function Notes Offset in 3.55 Offset in 3.41 Offset in 3.15
int snprintf(char *str, size_t size, char *format, ...) 0x4F86C 0x4E4D8 0x4DF94
int sprintf(char *str, char *format, ...) 0x4F900 0x4E56C 0x4E028
int printf(char *format, ...) This prints to the serial debug console. 0x29285C 0x28A654 0x28A11C

lv2

Function Notes Offset in 3.55 Offset in 3.41 Offset in 3.15 Offset in 3.10 Offset in 3.01 Offset in 2.76
void* alloc(size_t size, int unk) unk is possibly pool? PSGroove uses 0x27. 0x60b78 0x62088 0x61CF0 0x61CEC 0x5DF4C 0x59D54
void dealloc(void* ptr, int unk) unk is possibly pool? Should be the same value of unk given to alloc. 0x60fb4 0x624C8 0x62138 0x62134 0x5E38C 0x5A194
void process_utils::create_initial_system_process(). Called to start the first userspace process, which is normally "sys_init_osd.self" but it can also launch recovery mode or update mode. 0x287D50 0x287858
void Panic(int unk) This function does not return.

(It seems that the offset point to a location that will cause panic after, not the real panic function, use with caution)

0x288568 0x288070
USBGetDeviceDescriptor USB function 0xd2998 0xd3474 0xCCD2C
USBOpenEndpoint 0xd29c4 0xd34ac 0xCCD58
USBControlTransfer 0xd292c 0xd3408 0xCCCC0
USBRegisterDriver 0xd22d8 0xd2978 0xCC6A0

Lv2 System Table Offset

FW version Alloc Free Syscall
Table
Mem_base Notes
3.55 Retail 0x60b78 0x60fb4 0x346570 0x0ef48
3.55 DEX 0x361578
3.41 Retail 0x62088 0x624c8 0x2eb128 0x50b3c
3.41 DEX 0x65974 0x65db4 0x303130 0x54400
3.41 KIOSK 0x62084 0x624c4 0x2eb128 0x50b3c
3.40 Retail 0x62084 0x624c4 0x2eb128 0x50b38
3.30 Retail 0x62080 0x624c0 0x2ea728
3.21 Retail 0x61cf0 0x62138 0x2ea8a0
3.15 Retail 0x61cf0 0x62138 0x2ea820 0x50608
3.10 Retail 0x61cec 0x62134 0x2ea820
3.01 Retail 0x5df4c 0x5e38c 0x2cfb40
2.85 Retail 0x5daf4 0x5df34 0x2cbec0
2.76 Retail 0x59d54 0x5a194 0x2c4318
2.70 Retail 0x59d50 0x5a190 0x2c4318
2.60 Retail 0x59040 0x5944c 0x2b67c0
2.53 Retail 0x5903c 0x59448 0x2b5bb8
2.43 Retail 0x6c2e0 0x6c708 0x2d2b18
2.43 JIG 0x31ddb0
2.42 DEX 0x2ed980
1.92 TOOL 0x361e40
1.60 TOOL 0x36c880
1.02 Retail 0x322428
1.00 DEX 0x3206e0

Syscalls

LV2 Syscalls

Number Name Notes
#sys_process Syscalls (1-31)
1 sys_process_getpid sys_pid_t sys_process_getpid(void);
2 sys_process_wait_for_child 3 params
3 sys_process_? 1 param = "cellProcessElf"
4 sys_process_get_status 1 param
5 sys_process_detach_child 1 param
12 sys_process_get_number_of_object int sys_process_get_number_of_object(uint32_t object, size_t * nump);
13 sys_process_get_id int sys_process_get_id(uint32_t object, uint32_t * buff, size_t size, size_t * set_size);
14 sys_process_is_spu_lock_line_reservation_address int sys_process_is_spu_lock_line_reservation_address(sys_addr_t addr, uint64_t flags);
18 sys_process_getppid sys_pid_t sys_process_getppid(void);
19 sys_process_kill int sys_process_kill(sys_pid_t pid);
21 7 param
22 sys_process_exit void sys_process_exit(int error_code,0,0)
23 sys_process_wait_for_child2 6 params
24 8 params
25 sys_process_get_sdk_version 2 params :sys_pid_t pid, *outbuf?
26 3 params
27 8 params
28 1 params
29 4 params
30 sys_process_get_paramsfo int sys_process_get_paramsfo(uint64_t buffer); Buffer Size 40h, returns infos from sfo.sample: 00000000 01 42 4C 45 53 38 30 36 30 38 00 00 00 00 00 00 �BLES80608......
31 sys_process_get_ppu_guid sys_addr_t sys_process_get_ppu_guid(void);
41 1 param: Error-Code
#sys_ppu_thread Syscalls (43-58)
43 sys_ppu_thread_yield void sys_ppu_thread_yield(void);
44 sys_ppu_thread_join int sys_ppu_thread_join(sys_ppu_thread_t thread_id, uint64_t * vptr);
45 sys_ppu_thread_detach int sys_ppu_thread_detach(sys_ppu_thread_t thread_id);
46 sys_ppu_thread_get_join_state void sys_ppu_thread_get_join_state(int *isjoinable);
47 sys_ppu_thread_set_priority int sys_ppu_thread_set_priority(sys_ppu_thread_t thread_id, int prio);
48 sys_ppu_thread_get_priority int sys_ppu_thread_get_priority(sys_ppu_thread_t thread_id, int *prio);
49 sys_ppu_thread_get_stack_information int sys_ppu_thread_get_stack_information(sys_ppu_thread_stack_t * info);
56 sys_ppu_thread_rename int sys_ppu_thread_rename(sys_ppu_thread_t thread_id, const char *name);
57 sys_ppu_thread_recover_page_fault int sys_ppu_thread_recover_page_fault(sys_ppu_thread_t thread_id);
58 sys_ppu_thread_get_page_fault_context int sys_ppu_thread_get_page_fault_context(sys_ppu_thread_t thread_id, sys_ppu_thread_icontext_t * ctxp);
#sys_trace Syscalls (67-69+77)
67 sys_trace_allocate_buffer
68 sys_trace_free_buffer
69 sys_trace_create2
#sys_timer Syscalls (70-76+141+142)
70 sys_timer_create int sys_timer_create(sys_timer_t * timer_id);
71 sys_timer_destroy int sys_timer_destroy(sys_timer_t timer_id);
72 sys_timer_get_information int sys_timer_get_information(sys_timer_t timer_id, sys_timer_information_t * info);
73 sys_timer_start int sys_timer_start(sys_timer_t timer_id, system_time_t base_time, usecond_t period);
74 sys_timer_stop int sys_timer_stop(sys_timer_t timer_id);
75 sys_timer_connect_event_queue int sys_timer_connect_event_queue(sys_timer_t timer_id, sys_event_queue_t queue_id, uint64_t name, uint64_t data1, uint64_t data2);
76 sys_timer_disconnect_event_queue int sys_timer_disconnect_event_queue(sys_timer_t timer_id);
#sys_trace Syscalls (67-69+77)
77 sys_trace_create2_in_cbepm
#sys_interrupt Syscalls (80+81+84+88+89)
80 sys_interrupt_tag_create int sys_interrupt_tag_create(sys_interrupt_tag_t * intrtag, sys_irqoutlet_id_t irq, sys_hw_thread_t hwthread);
81 sys_interrupt_tag_destroy int sys_interrupt_tag_destroy(sys_interrupt_tag_t intrtag);
#sys_event Syscalls (82+83+85-87+118+128-140)
82 sys_event_flag_create int sys_event_flag_create(sys_event_flag_t * id, sys_event_flag_attribute_t * attr, uint64_t init);
83 sys_event_flag_destroy int sys_event_flag_destroy(sys_event_flag_t id);
#sys_interrupt Syscalls (80+81+84+88+89)
84 sys_interrupt_thread_establish int sys_interrupt_thread_establish(sys_interrupt_thread_handle_t * ih, sys_interrupt_tag_t intrtag, uint64_t intrthread, uint64_t arg1, uint64_t arg2);
#sys_event Syscalls (82+83+85-87+118+128-140)
85 sys_event_flag_wait int sys_event_flag_wait(sys_event_flag_t id, uint64_t bitptn, uint32_t mode, uint64_t * result, usecond_t timeout);
86 sys_event_flag_trywait int sys_event_flag_trywait(sys_event_flag_t id, uint64_t bitptn, uint32_t mode, uint64_t * result);
87 sys_event_flag_set int sys_event_flag_set(sys_event_flag_t id, uint64_t bitptn);
#sys_interrupt Syscalls (80+81+84+88+89)
88 sys_interrupt_thread_eoi void sys_interrupt_thread_eoi(void);
89 sys_interrupt_thread_disestablish int sys_interrupt_thread_disestablish(sys_interrupt_thread_handle_t ih);
#sys_semaphore Syscalls (90-94+114)
90 sys_semaphore_create int sys_semaphore_create(sys_semaphore_t * sem, sys_semaphore_attribute_t * attr, sys_semaphore_value_t initial_val, sys_semaphore_value_t max_val);
91 sys_semaphore_destroy int sys_semaphore_destroy(sys_semaphore_t sem);
92 sys_semaphore_wait int sys_semaphore_wait(sys_semaphore_t sem, usecond_t timeout);
93 sys_semaphore_trywait int sys_semaphore_trywait(sys_semaphore_t sem);
94 sys_semaphore_post int sys_semaphore_post(sys_semaphore_t sem, sys_semaphore_value_t val);
#sys_lwmutex Syscalls (95-99)
95 sys_lwmutex_create int sys_lwmutex_create(sys_lwmutex_t *lwmutex, sys_lwmutex_attribute_t *attr)
96 sys_lwmutex_destroy int sys_lwmutex_destroy(sys_lwmutex_t *lwmutex)
97 sys_lwmutex_lock int sys_lwmutex_lock(sys_lwmutex_t *lwmutex, usecond_t timeout)
98 sys_lwmutex_trylock int sys_lwmutex_trylock(sys_lwmutex_t *lwmutex)
99 sys_lwmutex_unlock int sys_lwmutex_unlock(sys_lwmutex_t *lwmutex)
#sys_mutex Syscalls (100-104)
100 sys_mutex_create int sys_mutex_create(sys_mutex_t * mutex_id, sys_mutex_attribute_t * attr);
101 sys_mutex_destroy int sys_mutex_destroy(sys_mutex_t mutex_id);
102 sys_mutex_lock int sys_mutex_lock(sys_mutex_t mutex_id, usecond_t timeout);
103 sys_mutex_trylock int sys_mutex_trylock(sys_mutex_t mutex_id);
104 sys_mutex_unlock int sys_mutex_unlock(sys_mutex_t mutex_id);
#sys_cond Syscalls (105-110)
105 sys_cond_create int sys_cond_create(sys_cond_t * cond_id, sys_mutex_t mutex_id, sys_cond_attribute_t * attr);
106 sys_cond_destroy int sys_cond_destroy(sys_cond_t cond_id);
107 sys_cond_wait int sys_cond_wait(sys_cond_t cond_id, usecond_t timeout);
108 sys_cond_signal int sys_cond_signal(sys_cond_t cond_id);
109 sys_cond_signal_all int sys_cond_signal_all(sys_cond_t cond_id);
110 sys_cond_signal_to int sys_cond_signal_to(sys_cond_t cond_id, sys_ppu_thread_t thread);
#sys_lwcond Syscalls (111+112)
111 sys_lwcond_create int sys_lwcond_create(sys_lwcond_t *lwcond, sys_lwmutex_t *lwmutex, sys_lwcond_attribute_t *attr)
112 sys_lwcond_destroy int sys_lwcond_destroy(sys_lwcond_t *lwcond)
113 3 params
#sys_semaphore Syscalls (90-94+114)
114 sys_semaphore_get_value int sys_semaphore_get_value(sys_semaphore_t sem, sys_semaphore_value_t * val);
115 4 params
116 3 params
117 1 params
#sys_event Syscalls (82+83+85-87+118+128-140)
118 sys_event_flag_clear int sys_event_flag_clear(sys_event_flag_t id, uint64_t bitptn);
119 1 Param
#sys_rwlock Syscalls (120-127+148)
120 sys_rwlock_create int sys_rwlock_create(sys_rwlock_t * rw_lock_id, sys_rwlock_attribute_t * attr);
121 sys_rwlock_destroy int sys_rwlock_destroy(sys_rwlock_t rw_lock_id);
122 sys_rwlock_rlock int sys_rwlock_rlock(sys_rwlock_t rw_lock_id, usecond_t timeout);
123 sys_rwlock_tryrlock int sys_rwlock_tryrlock(sys_rwlock_t rw_lock_id);
124 sys_rwlock_runlock int sys_rwlock_runlock(sys_rwlock_t rw_lock_id);
125 sys_rwlock_wlock int sys_rwlock_wlock(sys_rwlock_t rw_lock_id, usecond_t timeout);
126 sys_rwlock_trywlock int sys_rwlock_trywlock(sys_rwlock_t rw_lock_id);
127 sys_rwlock_wunlock int sys_rwlock_wunlock(sys_rwlock_t rw_lock_id);
#sys_event Syscalls (82+83+85-87+118+128-140)
128 sys_event_queue_create int sys_event_queue_create(sys_event_queue_t * equeue_id, sys_event_queue_attribute_t * attr, sys_ipc_key_t event_queue_key, int size);
129 sys_event_queue_destroy int sys_event_queue_destroy(sys_event_queue_t equeue_id, int mode);
130 sys_event_queue_receive int sys_event_queue_receive(sys_event_queue_t equeue_id, sys_event_t * event, usecond_t timeout);
131 sys_event_queue_tryreceive int sys_event_queue_tryreceive(sys_event_queue_t equeue_id, sys_event_t * event_array, int size, int *number);
132 sys_event_flag_cancel int sys_event_flag_cancel(sys_event_flag_t id, int *num);
133 sys_event_queue_drain int sys_event_queue_drain(sys_event_queue_t equeue_id);
134 sys_event_port_create int sys_event_port_create(sys_event_port_t * eport_id, int port_type, uint64_t name);
135 sys_event_port_destroy int sys_event_port_destroy(sys_event_port_t eport_id);
136 sys_event_port_connect_local int sys_event_port_connect_local(sys_event_port_t event_port_id, sys_event_queue_t event_queue_id);
137 sys_event_port_disconnect int sys_event_port_disconnect(sys_event_port_t event_port_id);
138 sys_event_port_send int sys_event_port_send(sys_event_port_t eport_id, unint64_t data1, uint64_t data2, uint64_t data3);
139 sys_event_flag_get int sys_event_flag_get(sys_event_flag_t id, uint64_t * bitptn);
140 sys_event_port_connect_ipc int sys_event_port_connect_ipc(sys_event_port_t eport_id, ??);
#sys_timer Syscalls (70-76+141+142)
141 sys_timer_usleep int sys_timer_usleep(usecond_t sleep_time);
142 sys_timer_sleep int sys_timer_sleep(second_t sleep_time);
143 2 Params
144 1 Param
#sys_time Syscalls (145-147)
145 sys_time_get_current_time int sys_time_get_current_time(sys_time_sec_t * sec, sys_time_nsec_t * nsec);
146 sys_time_get_system_time system_time_t sys_time_get_system_time(void)
147 sys_time_get_timebase_frequency uint64_t sys_time_get_timebase_frequency(void);
#sys_rwlock Syscalls (120-127+148)
148 sys_rwlock_trywlock int sys_rwlock_trywlock(sys_rwlock_t rw_lock_id);
#sys_spu/sys_raw_spu Syscalls (150-260)
150 sys_raw_spu_create_interrupt_tag int sys_raw_spu_create_interrupt_tag(sys_raw_spu_t id,sys_class_id_t class_id, sys_hw_thread_t hwthread, sys_interrupt_tag_t *intrtag)
151 sys_raw_spu_set_int_mask int sys_raw_spu_set_int_mask(sys_raw_spu_t id, sys_class_id_t class_id, uint64_t mask)
152 sys_raw_spu_get_int_mask int sys_raw_spu_get_int_mask(sys_raw_spu_t id, sys_class_id_t class_id, uint64_t *mask)
153 sys_raw_spu_set_int_stat int sys_raw_spu_set_int_stat(sys_raw_spu_t id, sys_class_id_t class_id, uint64_t stat)
154 sys_raw_spu_get_int_stat int sys_raw_spu_get_int_stat(sys_raw_spu_t id, sys_class_id_t class_id, uint64_t *stat)
156 sys_spu_image_open int sys_spu_image_open(sys_spu_image_t *img, const char *path)
157 sys_spu_image_import int sys_spu_image_import(sys_spu_image_t *img, const void *src, uint32_t type)
158 sys_spu_image_close int sys_spu_image_close(sys_spu_image_t *img);
159 3 Params
160 sys_raw_spu_create int sys_raw_spu_create(sys_raw_spu_t *id, sys_raw_spu_attribute_t *attr)
161 sys_raw_spu_destroy int sys_raw_spu_destroy(sys_raw_spu_t id)
163 sys_raw_spu_read_puint_mb int sys_raw_spu_read_puint_mb(sys_raw_spu_t id, uint32_t *value)
165 sys_spu_thread_get_exit_status int sys_spu_thread_get_exit_status(sys_spu_thread_t id, int *status)
166 sys_spu_thread_set_argument int sys_spu_thread_set_argument(sys_spu_thread_t id, sys_spu_thread_argument_t *arg)
167 sys_spu_thread_group_start_on_exit
169 sys_spu_initialize int sys_spu_initialize(unsigned int max_usable_spu, unsigned int max_raw_spu)
170 sys_spu_thread_group_create int sys_spu_thread_group_create(sys_spu_thread_group_t *id, unsigned int num, int prio, sys_spu_thread_group_attribute_t *attr)
171 sys_spu_thread_group_destroy int sys_spu_thread_group_destroy(sys_spu_thread_group_t id)
172 sys_spu_thread_initialize int sys_spu_thread_initialize(sys_spu_thread_t *thread,sys_spu_thread_group_t group,uint spu_num,sys_spu_image_t *img,sys_spu_thread_attribute_t *attr,sys_spu_thread_argument_t *arg)
173 sys_spu_thread_group_start int sys_spu_thread_group_start(sys_spu_thread_group_t id)
174 sys_spu_thread_group_suspend int sys_spu_thread_group_suspend(sys_spu_thread_group_t id)
175 sys_spu_thread_group_resume int sys_spu_thread_group_resume(sys_spu_thread_group_t id)
176 sys_spu_thread_group_yield int sys_spu_thread_group_yield(sys_spu_thread_group_t id)
177 sys_spu_thread_group_terminate int sys_spu_thread_group_terminate(sys_spu_thread_group_t id, int value)
178 sys_spu_thread_group_join int sys_spu_thread_group_join(sys_spu_thread_group_t gid, int *cause, int *status)
179 sys_spu_thread_group_set_priority int sys_spu_thread_group_set_priority(sys_spu_thread_group_t id, int priority)
180 sys_spu_thread_group_get_priority int sys_spu_thread_group_get_priority(sys_spu_thread_group_t id, int *priority)
181 sys_spu_thread_write_ls int sys_spu_thread_write_ls(sys_spu_thread_t id, uint32_t address, uint64_t value, size_t type)
182 sys_spu_thread_read_ls int sys_spu_thread_read_ls(sys_spu_thread_t id, uint32_t address, uint64_t *value, size_t type)
184 sys_spu_thread_write_snr int sys_spu_thread_write_snr(sys_spu_thread_t id, int number, uint32_t value)
185 sys_spu_thread_group_connect_event int sys_spu_thread_group_connect_event(sys_spu_thread_group_t id, sys_event_queue_t eq, sys_event_type_t et)
186 sys_spu_thread_group_disconnect_event int sys_spu_thread_group_disconnect_event(sys_spu_thread_group_t id, sys_event_type_t et)
187 sys_spu_thread_set_spu_cfg int sys_spu_thread_set_spu_cfg(sys_spu_thread_t id, uint64_t value)
188 sys_spu_thread_get_spu_cfg int sys_spu_thread_get_spu_cfg(sys_spu_thread_t id, uint64_t *value)
190 sys_spu_thread_write_spu_mb int sys_spu_thread_write_spu_mb(sys_spu_thread_t id, uint32_t value);
191 sys_spu_thread_connect_event int sys_spu_thread_connect_event(sys_spu_thread_t id, sys_event_queue_t eq, sys_event_type_t et, uint8_t spup)
192 sys_spu_thread_disconnect_event int sys_spu_thread_disconnect_event(sys_spu_thread_t id, sys_event_type_t et, uint8_t spup)
193 sys_spu_thread_bind_queue int sys_spu_thread_bind_queue(sys_spu_thread_t id,sys_event_queue_t spuq,uint32_t spuq_num)
194 sys_spu_thread_unbind_queue int sys_spu_thread_unbind_queue(sys_spu_thread_t id, uint32_t spuq_num)
196 sys_raw_spu_set_spu_cfg int sys_raw_spu_set_spu_cfg(sys_raw_spu_t id, uint32_t value)
197 sys_raw_spu_get_spu_cfg int sys_raw_spu_get_spu_cfg(sys_raw_spu_t id, uint32_t *value)
198 sys_spu_thread_recover_page_fault int sys_spu_thread_recover_page_fault(sys_spu_thread_t id)
199 sys_raw_spu_recover_page_fault int sys_raw_spu_recover_page_fault(sys_raw_spu_t id)
230 sys_iso_spu_load_image? 6 params: (out: spu id?,in: ptr_isoSCEimage,in?: args?,0,0,0) - related to SPU SELFs, isolation, and lv1sc_209 isoldr
first do sys_spu_initialize(1,1) then load img
231 1 Param
232 1 Param: iso_spuID
233 4 Params : get ? (iso_spuID,2,-2,out:interrupt_tag)
234 3 Params : (0,2,0 or iso_spuID,2,7)
235 3 Params
236 3 Params : ((iso) spu id?,2, uint64_t *(syscall237 outbuff :o) or 0)
237 3 Params : ((iso) spu id?,2, uint64_t *out)
238 2 Params
239 2 Params
240 2 Params : (iso spu id?,uint64_t *out)
244 sys_spu_thread_group_system_set_next_group int sys_spu_thread_group_system_set_next_group(void)
245 sys_spu_thread_group_system_unset_next_group int sys_spu_thread_group_system_unset_next_group(void)
246 sys_spu_thread_group_system_set_switch_group int sys_spu_thread_group_system_set_switch_group(void)
247 sys_spu_thread_group_system_unset_switch_group int sys_spu_thread_group_system_unset_switch_group(void)
248 5 Params
249 1 Param
250 sys_spu_thread_group_set_cooperative_victims 2 Params
251 sys_spu_thread_group_connect_event_all_threads int sys_spu_thread_group_connect_event_all_threads(sys_spu_thread_group_t id, sys_event_queue_t eq, uint64_t req, uint8_t *spup)
252 sys_spu_thread_group_disconnect_event_all_threads int sys_spu_thread_group_disconnect_event_all_threads(sys_spu_thread_group_t id, uint8_t spup)
253 2 Params
254 sys_spu_thread_group_log int sys_spu_thread_group_log(int command, int *stat)
260 sys_spu_image_open_by_fd int sys_spu_image_open_by_fd(sys_spu_image_t *img, int fd, off64_t offset)
#sys_vm/sys_memory/sys_mmapper Syscalls (300-352)
300 sys_vm_memory_map int sys_vm_memory_map(size_t vsize, size_t psize, sys_memory_container_t container, uint64_t flag, uint64_t policy, sys_addr_t * addr);
301 sys_vm_unmap int sys_vm_unmap(sys_addr_t addr);
302 sys_vm_append_memory int sys_vm_append_memory(sys_addr_t addr, size_t size);
303 sys_vm_return_memory int sys_vm_return_memory(sys_addr_t addr, size_t size);
304 sys_vm_lock int sys_vm_lock(sys_addr_t addr, size_t size);
305 sys_vm_unlock int sys_vm_unlock(sys_addr_t addr, size_t size);
306 sys_vm_touch int sys_vm_touch(sys_addr_t addr, size_t size);
307 sys_vm_flush int sys_vm_flush(sys_addr_t addr, size_t size);
308 sys_vm_invalidate int sys_vm_invalidate(sys_addr_t addr, size_t size);
309 sys_vm_store int sys_vm_store(sys_addr_t addr, size_t size);
310 sys_vm_sync int sys_vm_sync(sys_addr_t addr, size_t size);
311 sys_vm_test int sys_vm_test(sys_addr_t addr, size_t size, uint64_t * result);
312 sys_vm_get_statistics int sys_vm_get_statistics(sys_addr_t addr, sys_vm_statistics_t * stat);
313 6 Params
314 2 Params
315 1 Param
324 sys_memory_container_create int sys_memory_container_create(sys_memory_container_t * cid, size_t yield_size);
325 sys_memory_container_destroy int sys_memory_container_destroy(sys_memory_container_t cid);
326 sys_mmapper_allocate_fixed_address int sys_mmapper_allocate_fixed_address(void);
327 sys_mmapper_enable_page_fault_notification int sys_mmapper_enable_page_fault_notification(sys_addr_t start_addr, sys_event_queue_t queue_id);
328 7 Params
329 sys_mmapper_free_shared_memory int sys_mmapper_free_shared_memory(sys_addr_t start_addr);
330 sys_mmapper_allocate_address int sys_mmapper_allocate_address(size_t size, uint64_t flags, size_t alignment, sys_addr_t * alloc_addr);
331 sys_mmapper_free_address int sys_mmapper_free_address(sys_addr_t start_addr);
332 sys_mmapper_allocate_shared_memory 4 Params: (size_t size, uint64_t flags, size_t alignment, sys_addr_t * alloc_addr) ?
333 sys_mmapper_set_shared_memory_flag int sys_mmapper_set_shared_memory_flag(sys_addr_t, flags) ?;
334 sys_mmapper_map_shared_memory 3 Params: (sys_addr_t start_addr, sys_memory_t mem_id, uint64_t flags) ?
335 sys_mmapper_unmap_shared_memory 2 Params: (sys_addr_t start_addr,sys_memory_t *mem_id ) ?
336 sys_mmapper_change_address_access_right int sys_mmapper_change_address_access_right(sys_addr_t start_addr, uint64_t flags);
337 sys_mmapper_search_and_map int sys_mmapper_search_and_map(sys_addr_t start_addr, sys_memory_t mem_id, uint64_t flags, sys_addr_t * alloc_addr);
338 sys_mmapper_get_shared_memory_attribute 2 Params:
339 5 Params
340 2 Params
341 sys_memory_container_create int sys_memory_container_create(sys_memory_container_t * cid, size_t yield_size);
342 sys_memory_container_destroy int sys_memory_container_destroy(sys_memory_container_t cid);
343 sys_memory_container_get_size int sys_memory_container_get_size(sys_memory_info_t * mem_info, sys_memory_container_t cid);
345 3 Params
346
348 sys_memory_allocate int sys_memory_allocate(size_t size, uint64_t flags, sys_addr_t * alloc_addr);
349 sys_memory_free int sys_memory_free(sys_addr_t start_addr);
350 sys_memory_allocate_from_container int sys_memory_allocate_from_container(size_t size, sys_memory_container_t container, uint64_t flags, sys_addr_t * alloc_addr);
351 sys_memory_get_page_attribute int sys_memory_get_page_attribute(sys_addr_t addr, sys_page_attr_t * attr);
352 sys_memory_get_user_memory_size int sys_memory_get_user_memory_size(sys_memory_info_t * mem_info);
353 1 Param
354 3 Params
355 1 Param
356 4 Params
357 2 Params
358 5 Params
359 2 Params
360 7 Params
361 5 Params
362 5 Params
363 6 Params
367 syscall(367, void);
368 3 Params
#sys_game Syscalls (372-376+410-412)
369
370 1 input
372 sys_game_watchdog_start 1 param
373 sys_game_watchdog_stop int sys_game_watchdog_stop(void)
374 sys_game_watchdog_clear int sys_game_watchdog_clear(void)
375 1 param
376 sys_game_get_system_sw_version int sys_game_get_system_sw_version(void)
#sys_sm/sys_ctrl Syscalls (378-396)
377 1 Param
378 sys_sm_get_ext_event2 4 Param
379 sys_sm_shutdown system_call_4(379,0x200,0,0,0); // 0x1100/0x100 = turn off,0x1200/0x200=reboot
380 sys_sm_get_params alias sys_get_system_parameter
381 2Params: syscall(381,uint64_t out_buff, 0x600 (size?));
382 sys_sm_clear?/get?_rtc_alarm int syscall(382, void);
383 2 Params; used by sys_game_get_temperature
384 sys_sm_get_tzpb syscall(384,uint64_t *tzpb); used by sys_game_get_temperature
385 2 Params:
386 sys_ctrl_led(?) Controls Power LED - Parameters: value1,value2
387 syscall(387, out_info) / OS Version, Revision, System Software Version?
392 lv2_sm_ring_buzzer? Lv2Syscall(392, 0x1004, 0xA, 0x1B6) / (392,0x1004,0x7,0x36) / (392,0x1004,0x4,0x6) for example
393 gets hw? model: syscall(393,uint8_t *out1, uint64_t *out2)
394 gets some stuff,3 Params : syscall(394,uint64_t *v1,uint64_t *v2,uint64_t *v3); v1-3 pre set with -1
395 6 Param
396 sys_sm_set_rtc_alarm 1 Param
397 sys_sm_compare?_rtc_alarm 1 Param
398
400 3 Params
401 2 Params
#sys_tty Syscalls (402-403)
402 sys_tty_read int sys_tty_read(unsigned int ch, void *buf, unsigned int len, unsigned int *preadlen);
403 sys_tty_write int sys_tty_write(unsigned int ch, const void *buf, unsigned int len, unsigned int *pwritelen);
404 2 Params
405 2 Params
406 2 Params
407 1 Param
408 1 Param
409 5 Params
#sys_game Syscalls (372-376+410-412)
410 sys_game_board_storage_read 2 Params
411 sys_game_board_storage_write 2 Params
412 sys_game_get_rtc_status
413 3 Params
414 3 Params
415 3 Params
#sys_overlay Syscalls (450-457)
450 sys_overlay_load_module int sys_overlay_load_module(sys_overlay_t * ovlmid, const char *path, uint64_t flags, sys_addr_t * entry)
451 sys_overlay_unload_module int sys_overlay_unload_module(sys_overlay_t ovlmid)
452 sys_overlay_get_module_list int sys_overlay_get_module_list(sys_pid_t pid, size_t ovlmids_num, sys_overlay_t * ovlmids, size_t * num_of_modules)
453 sys_overlay_get_module_info int sys_overlay_get_module_info(sys_pid_t pid,sys_overlay_t ovlmid, sys_overlay_module_info_t * info)
454 sys_overlay_load_module_by_fd int sys_overlay_load_module_by_fd(sys_overlay_t * ovlmid, int fd, off64_t offset, uint64_t flags, sys_addr_t * entry)
455 sys_overlay_get_module_info2 int sys_overlay_get_module_info2(sys_pid_t pid, sys_overlay_t ovlmid, sys_overlay_module_info2_t * info)
456 sys_overlay_get_sdk_version 2 Params
457 sys_overlay_get_module_dbg_info 3 Params: (sys_pid_t pid, sys_overlay_t ovlmid, sys_overlay_module_dbg_t * info) ?
458 sys_overlay_get_module_dbg_info too 3 Params:
#sys_prx Syscalls (461-499)
461 sys_prx_get_module_id_by_address sys_prx_id_t sys_prx_get_module_id_by_address(void* addr)
463 sys_prx_load_module_by_fd sys_prx_id_t sys_prx_load_module_by_fd(int fd, off64_t offset, sys_prx_flags_t flags, sys_prx_load_module_option_t pOpt)
464 sys_prx_load_module_on_memcontainer_by_fd sys_prx_id_t sys_prx_load_module_on_memcontainer_by_fd(int fd,off64_t offset,sys_memory_container_t mem_container,sys_prx_flags_t flags,sys_prx_load_module_option_t pOpt)
465 sys_prx_load_module_list int sys_prx_load_module_list(int n, const char **path_list, uint64_t flags, sys_prx_load_module_list_option_t * pOpt, sys_prx_id_t * idlist)
466 sys_prx_load_module_list_on_memcontainer sys_prx_id_t sys_prx_load_module_by_fd(int fd, off64_t offset, uint64_t flags, sys_prx_load_module_option_t * pOpt)
467 sys_prx_get_ppu_guid sys_addr_t sys_prx_get_ppu_guid(sys_prx_id_t id)
470 2 Params:
471 int syscall_471(uint32_t type, char* titleID, void* klicensee, uint8_t* actdat, uint8_t* rif, int32_t licenseType, uint8_t* magicVersion);
472 2 Params:
473
474
475 6 Params:
476 2 Params:
480 sys_prx_load_module sys_prx_id_t sys_prx_load_module(const char* path, sys_prx_flags_t flags, sys_prx_load_module_option_t pOpt)
481 sys_prx_start_module int sys_prx_start_module(sys_prx_id_t id, size_t args, void *argp, int *modres, sys_prx_flags_t flags, sys_prx_start_module_option_t pOpt)
482 sys_prx_stop_module int sys_prx_stop_module(sys_prx_id_t id, size_t args, void *argp, int *modres, sys_prx_flags_t flags, sys_prx_stop_module_option_t pOpt)
483 sys_prx_unload_module int sys_prx_unload_module(sys_prx_id_t id, sys_prx_flags_t flags, sys_prx_unload_module_option_t pOpt);
484 sys_prx_register_module int sys_prx_register_module(const sys_prx_register_module_option_t * pOpt)
485 sys_prx_query_module
486 sys_prx_register_library int sys_prx_register_library(void* library)
487 sys_prx_unregister_library int sys_prx_unregister_library(void* library)
488 sys_prx_link_library
489 sys_prx_unlink_library
490 sys_prx_query_library
492 4 Params:
493 sys_prx_dbg_get_module_info 3 Params:
494 sys_prx_get_module_list int sys_prx_get_module_list(sys_prx_flags_t flags, sys_prx_get_module_list_t *pInfo);
495 sys_prx_get_module_info int sys_prx_get_module_info(sys_prx_id_t id, sys_prx_flags_t flags, sys_prx_module_info_t *pInfo)
496 sys_prx_get_module_id_by_name sys_prx_id_t sys_prx_get_module_id_by_name(const char* name, sys_prx_flags_t flags, sys_prx_get_module_id_by_name_option_t *pOpt)
497 sys_prx_load_module_on_memcontainer sys_prx_id_t sys_prx_load_module_on_memcontainer(const char* path, sys_memory_container_t mem_container, sys_prx_flags_t flags, sys_prx_load_module_option_t pOpt)
498 sys_prx_start
499 sys_prx_stop
500 2 Params
501 1 Param
502 3 Params
503 4 Params
504 3 Params
505 3 Params
506 2 Params
507 2 Params
508 1 Param
509 1 Param
510 int syscall(510, void), returns pid?/threadid?
511 1 Param
512 1 Param : int syscall(512,sys_pid_t pid);
513 4 Params
514 3 Params
516 2 Params
517 sys_config_close 1 Param
518 sys_config_get_service_event 4 Params:
519 6 Params
520
521
522
523
524
525
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
#sys_gl819 Syscalls Cardcontroller cf/sd/mmc/sm/ms
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
577
578
580
581
582
583
#sys_dfu Syscalls
584
585
586
587
588
589
590
591
592
593
594
595
596
597 bt_cancel_connect_accept_controller()
598 0 Param
599 2 Params
#sys_storage Syscalls (600-623+837+838)
600 sys_storage_open int sys_storage_open(uint64_t id, int *fd)
601 sys_storage_close int sys_storage_close(int fd)
602 sys_storage_read int sys_storage_read(int fd, uint32_t start_sector, uint32_t sectors, uint8_t *bounce_buf, uint8_t *sectors_read)
603 sys_storage_write
604 sys_storage_send_device_command 6 Params:
605 sys_storage_async_configure 4 Params:
606 sys_storage_async_read 7 Params:
607 sys_storage_async_write 7 Params:
608 sys_storage_async_cancel 2 Params
609 sys_storage_get_device_info int sys_storage_get_device_info(uint64_t device, uint8_t *buffer), buffer[40]=total sectors,buffer[48]=sector size
610 sys_storage_get_device_config 2 Params: int sys_storage_get_device_config(uint64_t device, uint8_t *config) ?
611 sys_storage_report_devices 4 Params:
612 sys_storage_configure_medium_event 3 Params
613 sys_storage_set_medium_polling_interval 2 Params
614 sys_storage_create_region
615 sys_storage_delete_region int sys_storage_delete_region(uint32_t dev_id,uint64_t index);
616 sys_storage_execute_device_command
617 sys_storage_check_region_acl alias int sys_storage_get_region_acl(device_id, region_id, index, authority, mask);
618 sys_storage_set_region_acl int sys_storage_set_region_acl(device_id, region_id, authority, permission);
619 sys_storage_async_send_device_command
620 sending storage mediacontrolkey /-command? (param1: ?,0,1,2 or 3;param2;param3;param4;param5)
621 3 Params: get smth, syscall(621,9,0,uint8_t *out)
622 sys_storage_get_region_offset
623 sys_storage_set_emulated_speed
#sys_io Syscalls (624-627)
624 sys_io_buffer_create
625 sys_io_buffer_destroy
626 sys_io_buffer_allocate
627 sys_io_buffer_free
#sys_gpio Syscalls (630-631)
630 sys_gpio_set int sys_gpio_set (uint64_t device_id, uint64_t mask, uint64_t value)
631 sys_gpio_get int sys_gpio_get (uint64_t device_id, uint64_t *value)
#sys_fsw Syscalls (633-634)
633 sys_fsw_connect_event int sys_fsw_connect_event(sys_event_queue_t eq_id)
634 sys_fsw_disconnect_event int sys_fsw_disconnect_event(void)
#usbbtaudio Syscalls
640
649 1 Params: 0 ; UsbBTAudio/RSX related
654 1 Params: 1=text like "G5B5_Z1R5G5B5"  ; UsbBTAudio/RSX related
655 1 Params:; UsbBTAudio/RSX related
656 1 Params: 1=text like "G5B5_Z1R5G5B5" ; UsbBTAudio/RSX related
659 3 Params: 1=text like "G5B5_Z1R5G5B5", 2= 0 or 1, 3= ptr
#sys_rsx Syscalls (666-667)
666 sys_rsx_device_open 1 Param
667 sys_rsx_device_close
668 sys_rsx_memory_allocate
669 sys_rsx_memory_free
670 sys_rsx_context_allocate
671 sys_rsx_context_free
672 sys_rsx_context_iomap
673 sys_rsx_context_iounmap
674 sys_rsx_context_attribute
675 sys_rsx_device_map
676 sys_rsx_device_unmap
677 sys_rsx_attribute
#sys_bdemu Syscalls (699)
699 sys_bdemu_send_command
#sys_net Syscalls (700-726)
700 sys_net_bnet_accept
701 sys_net_bnet_bind
702 sys_net_bnet_connect
703 sys_net_bnet_getpeername
704 sys_net_bnet_getsockname
705 sys_net_bnet_getsockopt
706 sys_net_bnet_listen
707 sys_net_bnet_recvfrom
708 sys_net_bnet_recvmsg
709 sys_net_bnet_sendmsg
710 sys_net_bnet_sendto
711 sys_net_bnet_setsockop
712 sys_net_bnet_shutdown
713 sys_net_bnet_socket
714 sys_net_bnet_close
715 sys_net_bnet_poll
716 sys_net_bnet_select
724 sys_net_bnet_ioctl
725 sys_net_bnet_sysctl
726
800
#lv2Fs Syscalls (801-834)
801 lv2FsOpen char* path = r3, s32 oflags = r4, u64* file_id = r5, s32 mode = r6 (???), void* arg = r7 (???), u32 argcount = r8
802 lv2FsRead u32 file_id = r3, void* buf = r4, u64 size = r5, u64* readed_count = r6
803 lv2FsWrite u32 file_id = r3, const void* buf = r4, u64 size = r5, u64* written_count = r6
804 lv2FsClose u32 file_id = r3
805 lv2FsOpenDir char* path = r3, s32 file_id = r4
806 lv2FsReadDir u32 file_id = r3, Lv2FsDirent* fs_dirent = r4, u64* readed_count = r5
807 lv2FsCloseDir u32 file_id = r3
808 lv2FsStat
809 lv2FsFstat
810 lv2FsLink
811 lv2FsMkdir char* path = r3, u32 mode = r4
812 lv2FsRename
813 lv2FsRmdir
814 lv2FsUnlink
815 lv2FsUtime
816
817 fs_ps2disc
818 lv2FsLSeek
819
820 lv2FsFSync
821
822
823
824
825
826
827
828
829
831 lv2FsTruncate
832 lv2FsFTruncate
833
834 lv2FsChmod
835
#sys_storage Syscalls (600-623+837+838)
837 sys_storage_util_mount(?) Parameters: Device Name (e.g CELL_FS_IOS:BUILTIN_FLSH1), Device File System (e.g CELL_FS_FAT), Device Path (e.g. /dev_flash), 0, Write Protection (0 or 1), 0, 0, 0
838 sys_storage_util_unmount(?) Parameters: Device Path (e.g. /dev_flash)
839 sys_storage_util_sync(?) Parameter: Device Path (e.g. /dev_hdd0)
840
841 sys_storage_util_get_mount_info_size 1 Param
842 sys_storage_util_get_mount_info 3 Params
843
844
845
846
847
#process socket service syscalls (862-864)
862 [trm_manager_if (Interface)]
863 [update_manager_if (Interface)]
864 [storage_manager_if (Interface)]
#sys_ss/sys_get Syscalls (865-879)
865 sys_ss_random_number_generator alias sys_get_random_number
866 [secure_rtc_manager_if (Interface)]
867 sys_get_system_parameter int sys_get_system_parameter(uint32_t packet_id, uint64_t *ptr); id<=19006 [aim_manager_if ?(Interface)]
868 [indi_info_manager_if (Interface)]
869 syscall(869,0x22001 or 0x22002 or 0x22003 or 0x22004, ??)
870 sys_ss_get_console_id int sys_ss_get_console_id(uint8_t *buf) //returns IDPS in buf
871 sys_ss_access_control_engine input params: param1 (1,2,3), param2, param3
872 sys_ss_get_open_psid int sys_ss_get_open_psid(CellSsOpenPSID *ptr) ; typedef struct CellSsOpenPSID { uint64_t high; uint64_t low;}
873 sys_ss_get_cache_of_product_mode int sys_ss_get_cache_of_product_mode(uint8_t *ptr);
874 sys_ss_get_cache_of_flash_ext_flag int sys_ss_get_cache_of_flash_ext_flag(uint8_t *flag)
875 sys_ss_get_boot_device return Lv2Syscall1(875, uint8_t * buf);
876 sys_ss_disc_access_control valid parameters (from liblv2/lv2krnl) are (PS2 = 0x20001,1) and (0x20000,??)
877 syscall(877,0x25003 or 0x25004 or 0x25005, ??, ??)
878 sys_ss_ad_sign syscall(878, 0x26001, ??, ??)
879 sys_ss_media_id syscall(879, 0x10001, ??)
#sys_deci3 Syscalls (880-884)
880 sys_deci3_open int sys_deci3_open(sys_deci3_protocol_t protocol, sys_deci3_port_t port, void *option, sys_deci3_session_t * session_id);
881 sys_deci3_create_event_path int sys_deci3_create_event_path(sys_deci3_session_t session_id, size_t bufsize, sys_event_queue_t event_queue_id);
882 sys_deci3_close int sys_deci3_close(sys_deci3_session_t session_id);
883 sys_deci3_send int sys_deci3_send(sys_deci3_session_t session_id, uint8_t * buf, __CSTD size_t size);
884 sys_deci3_receive int sys_deci3_receive(sys_deci3_session_t session_id, uint8_t * buf, __CSTD size_t size);
#sys_dbg Syscalls (900-970)
900 sys_dbg_stop_processes
909 sys_dbg_get_thread_list
914 sys_dbg_get_process_info
921 sys_dbg_set_process_event_cntl_flag
923 sys_dbg_set_spu_thread_group_event_cntl_flag
925 sys_dbg_get_raw_spu_list
932 sys_dbg_get_mutex_list
934 sys_dbg_get_cond_list
936 sys_dbg_get_rwlock_list
938 sys_dbg_get_lwmutex_list
942 sys_dbg_get_event_queue_list
946 sys_dbg_get_semaphore_list
948 sys_dbg_get_kernel_thread_list
949 sys_dbg_get_kernel_thread_info
950 sys_dbg_get_lwcond_list
951
952 sys_dbg_create_scratch_data_area_ext
954 sys_dbg_vm_get_info
957
959
970 sys_dbg_get_event_flag_list
971
972
974
975
976
977
978
979
980
981
982
983
984
985 seems to return Console Type, syscall(985,out_buffer,0,0), return values:2=DEX,3=TOOL,1=CEX
986 seems to return Game Application Title ID , syscall(986,out_buffer)
987 smth related? to vsh.self, syscall(987,0 or 1, ??)
988 2 Params: syscall(988,1 or 4,0)
989

Network Syscalls

Networking uses syscalls 700-726

File Syscalls

OFLAGS

Name Value
LV2_O_RDONLY 0x000000
LV2_O_WRONLY 0x000001
LV2_O_RDWR 0x000002
LV2_O_ACCMODE 0x000003
LV2_O_CREAT 0x000100
LV2_O_EXCL 0x000200
LV2_O_TRUNC 0x001000
LV2_O_APPEND 0x002000
LV2_O_MSELF 0x010000

Classes

Name Structure Packed
Lv2FsStat s32 st_mode; s32 st_uid; s32 st_gid; u64 st_access_time; u64 st_modify_time; u64 st_create_time; u64 st_size; u64 st_blksize; yes
Lv2FsUtimbuf u64 access_time; u64 modify_time; no
Lv2FsDirent u8 d_type; u8 d_namlen; char d_name[256]; no

Filesystem Syscalls

Filesystem uses syscalls 700-726

Unofficial Syscalls added

See also : Syscalls, what they mean for you and for multiMAN

Number Function - Added by Notes
6 lv2_peek - PL3-DEV, PSGroove v1.1, Payloader3 r3 is a 64 bit address to read. A 64 bit value will be returned in r3
7 lv2_poke - PL3-DEV, PSGroove v1.1, Payloader3 r4 is a 64 bit value. r3 is the address to write that value to.
8 lv2_lv1_peek - graf_chokolo r3 is a 64 bit address to read. A 64 bit value will be returned in r3
8 Peek - ps3cobra r3 is a 64 bit address to read. A 64 bit value will be returned in r3
8 Remapper - Hermes4 redirections of any paths, including /dev_usb for AVCHD HDD
9 lv2_lv1_poke - graf_chokolo r4 is a 64 bit value. r3 is the address to write that value to.
35 Remapper - PL3, PSGroove, PSFreedom syscall_35 (char *old_path, char *new_path);
36 Remapper - Hermes, PSJailbreak hardcoded /dev_bdvd & /app_home remapping
200 Run_Payload - Payloader3
201 Alloc - Payloader3
202 Free - Payloader3



See also: psl1ght::Syscalls