Reboot after sctrlKernelLoadExecVSHMs2

_BenJi · Post by **_BenJi** » Wed Jan 16, 2008 6:42 am

Hi,

I'm using 'sctrlKernelLoadExecVSHMs2' to launch an homebrew in my own plugin, but when the launched hombrew stop, the psp restart itself...

Is it normal ? Or do I something wrong ?

Hellcat · Post by **Hellcat** » Wed Jan 16, 2008 8:33 pm

How does the homebrew exit?
If it's using sceKernelExitGame() the reboot is pretty much the way it's supposed to go, yes....

_BenJi · Post by **_BenJi** » Thu Jan 17, 2008 6:32 am

I don't know :P

I've just tried with an hombrew using sceKernelExitGame() and yes, it reset the PSP. But if I launch this hombrew directly from the XMB, when it stops, the PSP go back on the XMB.

Is there a meaning to avoid the reset ?

Hellcat · Post by **Hellcat** » Thu Jan 17, 2008 12:32 pm

The return to the XMB actually is a reboot, but it skips the coldboot sequence usually in that case.

Only thing I could think of at the moment to prevent the reboot would be to patch/redirect the sceKernelExitGame() syscall to a function of your own that goes back into your app, instead of rebooting the PSP.

_BenJi · Post by **_BenJi** » Fri Jan 18, 2008 3:57 am

Ok... but why that doens't skip the coldboot here ? :(

I'll try to find how to patch/redirect the sceKernelExitGame()

moonlight · Post by **moonlight** » Fri Jan 18, 2008 5:48 am

_BenJi wrote:Ok... but why that doens't skip the coldboot here ? :(

I'll try to find how to patch/redirect the sceKernelExitGame()

You have to pass certain params in the vshmain_args fields of the structure, as the XMB does.

Cpasjuste · Post by **Cpasjuste** » Fri Jan 18, 2008 6:00 am

_BenJi wrote:Ok... but why that doens't skip the coldboot here ? :(

I'll try to find how to patch/redirect the sceKernelExitGame()

If your goal is to hook the sceKernelExitGame function, you can take a look at the excellent psplink sources on svn (look at psplink.c i think).

_BenJi · Post by **_BenJi** » Fri Jan 18, 2008 8:01 am

moonlight wrote:You have to pass certain params in the vshmain_args fields of the structure, as the XMB does.

I don't find the correct params ; I looked at the source of Dark_Alex's 1.5 POC, but the params to skip the coldboot doesn't work here... It may have changed for a while.

But it can be found somewhere... ahhhhhh

I'll have a look at psplink sources...

EDIT: http://forums.ps2dev.org/viewtopic.php?p=42242#42242 that doesn't work :/ (it's like in the source that I mentioned above)

_BenJi · Post by **_BenJi** » Sat Jan 19, 2008 9:31 pm

Well, does somebody know what is correct the vshmain_args ?

I looked at the psplink sources, but it uses functions that require kernel mode, and on my psp slim I cannot use them. Is it possible to hook function without being in kernel mode ?

Hellcat · Post by **Hellcat** » Sun Jan 20, 2008 2:13 am

_BenJi wrote:Is it possible to hook function without being in kernel mode ?

I don't think so, I doubt the memory parts you have to manipulate are writable from usermose.... didn't try so far, always put my hooking/patching stuff in a kernel module, since I anticipate it failing in usermode anyway.... worth a try ;)

However, you could make a simple replacement vshmain.prx that dumps the arguments passed to it into a file....

moonlight · Post by **moonlight** » Sun Jan 20, 2008 6:44 pm

This is what i dumped within vshctrl in 3.80.

Code: Select all

u8 vshmain_args&#91;0x400&#93;;
struct SceKernelLoadExecVSHParam param;

memset&#40;vshmain_args, 0, sizeof&#40;vshmain_args&#41;&#41;;
vshmain_args&#91;0x40&#93; = 1;
vshmain_args&#91;0x280&#93; = 1;
vshmain_args&#91;0x284&#93; = 3;
vshmain_args&#91;0x286&#93; = 5;

memset&#40;&param, 0, sizeof&#40;param&#41;&#41;;
param.size = sizeof&#40;param&#41;;
param.args = strlen&#40;EBOOT&#41; + 1;
param.argp = EBOOT;
param.key = "game";
param.vshmain_args_size = sizeof&#40;vshmain_args&#41;;
param.vshmain_args = vshmain_args;

_BenJi · Post by **_BenJi** » Sun Jan 20, 2008 7:32 pm

moonlight wrote:This is what i dumped within vshctrl in 3.80.

Code: Select all

u8 vshmain_args&#91;0x400&#93;;
struct SceKernelLoadExecVSHParam param;

memset&#40;vshmain_args, 0, sizeof&#40;vshmain_args&#41;&#41;;
vshmain_args&#91;0x40&#93; = 1;
vshmain_args&#91;0x280&#93; = 1;
vshmain_args&#91;0x284&#93; = 3;
vshmain_args&#91;0x286&#93; = 5;

memset&#40;&param, 0, sizeof&#40;param&#41;&#41;;
param.size = sizeof&#40;param&#41;;
param.args = strlen&#40;EBOOT&#41; + 1;
param.argp = EBOOT;
param.key = "game";
param.vshmain_args_size = sizeof&#40;vshmain_args&#41;;
param.vshmain_args = vshmain_args;

Wow thx a lot ! That doesn't work [The game could not be started (80010002)] but I think it's because I'm running 3.71. Can you explain how did you dump this ? I'll test on a 3.80M33

moonlight · Post by **moonlight** » Sun Jan 20, 2008 8:08 pm

Well, M33 vsh core hooks some LoadExec functions to do its stuff, so i just dumped the params in the hooked function.

Torch · Post by **Torch** » Wed May 28, 2008 8:14 pm

Can you explain the vshmain_args in a bit more detail?

I made a replacement vshmain.prx and when booting from power off, it has argc=0. If I exit recovery menu, then it has argc=19.

How do I capture the arguements in my replacement vshmain.prx and forward them to vshmain_real.prx?
You've decalred vshmain_args with 0x400 (1024) chars... Does each char correspond to one element in the *argv[] array or what?

Is vshmain_args even the same as *argv[] ??