Install a bootstrap and return to application... how?

[darkness]

:D, thanks!
I'll try this solution yet!

[darkness]

Uff, I've try but when I try to load the executables from the prx I've this error:
SCE_KERNEL_ERROR_ILLEGAL_PERM_CALL

[darkness]

I've try to load the module of the exported function with loadstartmodule and pspSdkLoadStartModule but I've still get error 0x80020149!

Here is the stub file created: ( Execute is my function )

Code: Select all

	.set noreorder

#include "pspstub.s"

	STUB_START "RDLib",0x40090000,0x00030005
	STUB_FUNC  0x7F3D307A,SetConfFile
	STUB_FUNC  0xB64186D0,SetUmdFile
	STUB_FUNC  0xE86CA36E,Execute
	STUB_END

Export file:

Code: Select all

# Define the exports for the prx
PSP_BEGIN_EXPORTS

# These four lines are mandatory (although you can add other functions like module_stop)
# syslib is a psynonym for the single mandatory export.
PSP_EXPORT_START(syslib, 0, 0x8000)
PSP_EXPORT_FUNC_HASH(module_start)
PSP_EXPORT_VAR_HASH(module_info)
PSP_EXPORT_END

PSP_EXPORT_START(RDLib, 0, 0x4001)
PSP_EXPORT_FUNC(SetConfFile)
PSP_EXPORT_FUNC(SetUmdFile)
PSP_EXPORT_FUNC(Execute)
PSP_EXPORT_END

PSP_END_EXPORTS

Here is the prx:

Code: Select all

PSP_MODULE_INFO("KrnlMod", 0x1007, 1, 0);

PSP_HEAP_SIZE_KB(1024);

#define printf pspDebugScreenPrintf
#define sleep(n) sceKernelDelayThread(n)

u32 orig_funcs[2];

int ExitPatched()
{
	int k1 = pspSdkSetK1(0);

	char *program = "ms0:/PSP/GAME/Xplora_v1.0/EBOOT.PBP";
	struct SceKernelLoadExecVSHParam param;

	memset(&param, 0, sizeof(param));
	param.size = sizeof(param);
	param.args = strlen(program)+1;
	param.argp = program;
	param.key = "game";

	int res = sctrlKernelLoadExecVSHMs2(program, &param);
	pspSdkSetK1(k1);
	return res;
}

int ExitPatched2()
{
	return ExitPatched();
}

void SetConfFile(int n)
{
	int k1 = pspSdkSetK1(0);
	sctrlSESetBootConfFileIndex(n);
	pspSdkSetK1(k1);
}

void SetUmdFile(char *umdfile)
{
	int k1 = pspSdkSetK1(0);
	sctrlSESetUmdFile(umdfile);
	pspSdkSetK1(k1);
}

void Execute(char* target)
{
    SceUID mod = sceKernelLoadModuleMs2(target, 0, NULL);
    
    if (mod >= 0)
    {
            mod = sceKernelStartModule(mod, 0, NULL, NULL, NULL);
            if &#40;mod < 0&#41;
                pspDebugScreenInit&#40;&#41;;
                printf&#40;"\nError 0x%08X starting module.\n", mod&#41;;
                sleep&#40;3000000&#41;;
    &#125;
    else
    &#123;
            if &#40;mod == SCE_KERNEL_ERROR_EXCLUSIVE_LOAD&#41;
            &#123;
                    // Ignore this error, it means the module loaded on reboot
            &#125;
            else
            &#123;
                pspDebugScreenInit&#40;&#41;;
                printf&#40;"\nError 0x%08X loading module.\n",  mod&#41;;
                sleep&#40;3000000&#41;;
            &#125;
    &#125;
    
    return;
&#125;

int main_thread&#40;SceSize args, void *argp&#41;
&#123;
/*
    pspDebugScreenInit&#40;&#41;;
    
    char* argm = argp;

    char* arg = strtok&#40;argm, "&#123;"&#41;;

    char arguments&#91;4&#93;&#91;128&#93;;
    
    int n=0;
    
    while&#40;arg!=NULL&#41;
    &#123;
        sprintf&#40;arguments&#91;n&#93;, "%s", arg&#41;;
        arg = strtok&#40;NULL, "&#123;"&#41;;
        n++;
    &#125;
    
    // printf&#40;"\nArg0&#58; %s\nArg1&#58; %s\nArg2&#58; %s\nArg3&#58; %s", arguments&#91;0&#93;, arguments&#91;1&#93;, arguments&#91;2&#93;, arguments&#91;3&#93;&#41;;
    
    // sceKernelDelayThread&#40;3000000&#41;;
*/
    
    
    // Patcher function
    orig_funcs&#91;0&#93; = sctrlHENFindFunction&#40;"sceLoadExec", "LoadExecForUser", 0x05572A5F&#41;;
    orig_funcs&#91;1&#93; = sctrlHENFindFunction&#40;"sceLoadExec", "LoadExecForUser", 0x2AC9954B&#41;;
    sctrlHENPatchSyscall&#40;orig_funcs&#91;0&#93;, ExitPatched&#41;; // sceKernelExitGame
    sctrlHENPatchSyscall&#40;orig_funcs&#91;1&#93;, ExitPatched2&#41;; // sceKernelExitGameWithStatus
    
/*
    
    // Loader funcions
    
    sceDisplaySetHoldMode&#40;1&#41;;
    
    SceUID mod = sceKernelLoadModuleMs2&#40;"ms0&#58;/PSP/GAME/Filer_5.0/EBOOT.PBP", 0, NULL&#41;;
    
    
    // Starter function
    
    if &#40;mod >= 0&#41;
    &#123;
            mod = sceKernelStartModule&#40;mod, 0, NULL, NULL, NULL&#41;;
            if &#40;mod < 0&#41;
                printf&#40;"\nError 0x%08X starting module.\n", mod&#41;;
                sleep&#40;3000000&#41;;
    &#125;
    else
    &#123;
            if &#40;mod == SCE_KERNEL_ERROR_EXCLUSIVE_LOAD&#41;
            &#123;
                    // Ignore this error, it means the module loaded on reboot
            &#125;
            else
            &#123;
                printf&#40;"\nError 0x%08X loading module.\n",  mod&#41;;
                sleep&#40;3000000&#41;;
            &#125;
    &#125;
*/
    
    return 0;
&#125;



int module_start&#40;SceSize args, void *argp&#41;
&#123;
    SceUID th = sceKernelCreateThread&#40;"main_thread", main_thread, 8, 4*1024, 0, NULL&#41;;

    if &#40;th >= 0&#41;
    &#123;
      sceKernelStartThread&#40;th, args, argp&#41;;
    &#125;
    return 0;
&#125;


int module_stop&#40;SceSize args, void *argp&#41;
&#123;
    return 0;
&#125;

Execute function:

Code: Select all

void Execute(char* target)
{
    SceUID mod = sceKernelLoadModuleMs2(target, 0, NULL);
    
    if (mod >= 0)
    {
            mod = sceKernelStartModule(mod, 0, NULL, NULL, NULL);
            if &#40;mod < 0&#41;
                pspDebugScreenInit&#40;&#41;;
                printf&#40;"\nError 0x%08X starting module.\n", mod&#41;;
                sleep&#40;3000000&#41;;
    &#125;
    else
    &#123;
                pspDebugScreenInit&#40;&#41;;
                printf&#40;"\nError 0x%08X loading module.\n",  mod&#41;;
                sleep&#40;3000000&#41;;
    &#125;
&#125;

And here is the function in the main programm:

Code: Select all

    SceUID mod = pspSdkLoadStartModule("ms0:/krnlmod.prx", PSP_MEMORY_PARTITION_KERNEL);
    if&#40;mod<0&#41;
    &#123;
        if &#40;mod == SCE_KERNEL_ERROR_EXCLUSIVE_LOAD&#41;
            &#123;
                    // Ignore this error, it means the module loaded on reboot
            &#125;
        else
            &#123;
                pspDebugScreenInit&#40;&#41;;
                printf&#40;"\n&#40;krnlmod.prx&#41;Errore 0x%08X loading module.\n",  mod&#41;;
                sleep&#40;3000000&#41;;
            &#125;
    &#125;
    
    
    Execute&#40;"ms0&#58;/PSP/GAME/HOMEBREW/EBOOT.PBP"&#41;;

[Pirata Nervo]

the 3rd argument in:
sceKernelLoadModuleMs2
from your execute function cannot be NULL

[darkness]

Code: Select all

/**
  * Load a PBP (used for non updater pbp's) (0x141)
  * 
  * @param path - The path to the module to load.
  * @param flags - Unused, always 0 .
  * @param option  - Pointer to a mod_param_t structure. Can be NULL.
  *
  * @returns The UID of the loaded module on success, otherwise one of ::PspKernelErrorCodes.
  */
SceUID ModuleMgrForKernel_49C5B9E1(const char *path, int flags, SceKernelLMOption *option);

?? This is the function and it says that the 3rd arg can be NULL!

[Pirata Nervo]

try this:

Code: Select all

SceKernelLMOption option;
SceUID mpid = PSP_MEMORY_PARTITION_USER;

memset(&option, 0, sizeof(option));
		   
option.size = sizeof(option);
option.mpidtext = mpid;
option.mpiddata = mpid;

option.position = 0;
option.access = 1;

and use &option instead of NULL

[darkness]

I still get error 0x80020149!

[Pirata Nervo]

when loading the kernel prx I believe.
right? (as you are not checking anything when using the Execute function)
Edit:
this should be your Execute function:

Code: Select all

SceUID modid;
int status;
char args[1024];
int len;

SceKernelLMOption option;
SceUID mpid = PSP_MEMORY_PARTITION_USER;

memset(&option, 0, sizeof(option));
		   
option.size = sizeof(option);
option.mpidtext = mpid;
option.mpiddata = mpid;

option.position = 0;
option.access = 1;

uid = sceKernelLoadModuleMs2(Line[0], 0, &option);
if &#40;uid < 0&#41;

&#123;
	// error
&#125;
else &#123;
	len = build_args&#40;args, Line&#91;0&#93;, 0, NULL&#41;;         

	modid = sceKernelStartModule&#40;uid, len, &#40;void *&#41; args, &status, NULL&#41;;



	if &#40;modid < 0&#41;

	&#123;

		// error

	&#125;
	else &#123;
		// success
	&#125;
&#125;

Edit 2:
make sure you have a build_args function in your code.
Use this one(I got it from psplink's source code)

Code: Select all

int build_args(char *args, const char *execfile, int argc, char **argv)
{
	int loc = 0;
	int i;

	strcpy(args, execfile);
	loc += strlen(execfile) + 1;

	for&#40;i = 0; i < argc; i++&#41;
	&#123;
		strcpy&#40;&args&#91;loc&#93;, argv&#91;i&#93;&#41;;
		loc += strlen&#40;argv&#91;i&#93;&#41; + 1;
	&#125;
	return loc;
&#125;

[darkness]

The error is from the execute function, when try to load the eboot.pbp!
The prx is loaded perfectly, I'm using another solution for args, but the problem is when I try to load a Eboot with the Execute function!

[Pirata Nervo]

Have you tried what I Posted?

[sauron_le_noir]

There is a sample in the sdk of the CF 4.01 released by dark alex called bootload
that correspond what you will do:
Launching iso,psx,homebrew from a program and at end of the iso,psx,homebrew
return to the launcher

[Pirata Nervo]

he already knows but he is trying to use loadmodule* functions which support 3.xx kernel.
the sample included in 4.0.1 m33-x is for 4.0.1 m33-x and only works on those versions

[darkness]

This funcion is the same as my!
However thanks very much Pirata Nervo for your unbelievable patience... :(

[Pirata Nervo]

try what I posted:

Code: Select all

int Execute(char *file)
{
   SceUID modid;
   int status;
   char args[1024];
   int len;

   SceKernelLMOption option;
   SceUID mpid = PSP_MEMORY_PARTITION_USER;

   memset(&option, 0, sizeof(option));
         
   option.size = sizeof(option);
   option.mpidtext = mpid;
   option.mpiddata = mpid;

   option.position = 0;
   option.access = 1;

   uid = sceKernelLoadModuleMs2(file, 0, &option);
   if &#40;uid < 0&#41;
   &#123;
       // error
       return uid;
   &#125;
   else &#123;
      len = build_args&#40;args, file, 0, NULL&#41;;         

      modid = sceKernelStartModule&#40;uid, len, &#40;void *&#41; args, &status, NULL&#41;;

      if &#40;modid < 0&#41;
      &#123;
         // error
         return modid;
      &#125;
      else &#123;
         // success
      &#125;
&#125; 

[darkness]

Still error 0x80020149... :(
Maybe I've do a error in the export file or else because the error means
that the operation is not permitted (ILLEGAL... ), so I've think that I've do a error...

[Pirata Nervo]

are you trying to launch a kernel homebrew? lol
that maybe your problem.
If the homebrew you are trying to load is kernel mode you may get that error :/

[darkness]

No, it's a normal user hb!
I've try to build my prog as a normal Eboot ( no BUILD_PRX) and when I call the execute function the PSP crash! :(

[Pirata Nervo]

get the sample from 4.0.1 and edit what you need.
ps. what do you need to edit?

[darkness]

Ok, I've tryed to edit the DAX sample and if I try to execute a file using the exported function I've error 0x80020149 ( I think it's because I cannot use the module mgr function in a exported funct ) and if I try to load with your Execute function the PSP crash before the error is completely printed!
( For example the last time that I've try to start it I've seen on the screen:
"Erro" and the PSP crash before I can see the error! Why??

EDIT:
Have you already found a solution for that I'm trying to do?

[Pirata Nervo]

there should be NO problem exporting a function with load module.
which Execute function are you using, mine or yours?

[darkness]

yours!

[Pirata Nervo]

then use it like this:
int exec = Execute("path/here");
if (exec < 0) {
printf("0x%08X", exec); // prints error to the screen
sceKernelDelayTHread(100000*2); // waits 2 seconds
}

[darkness]

Still the same error (0x80020149)

[Pirata Nervo]

I know, that was to fix the "I can't see the error" problem lol.
Which firmware are you on?
Do you have 1.50 kernel enabled?

[darkness]

Slim with 3.90 M33-3

[Pirata Nervo]

1.50 kernel enabled?

[darkness]

No

[Pirata Nervo]

you know what you need to load your prx before using the Execute function right?


anyway
Do this instead:
create a pbp.
create a prx which has the execute function. (dont export it)
load the prx from the pbp. the prx loads the path from a file written by the pbp. the prx uses the path got from the file and uses it in the execute function.
Make sure you use the apihook lib from psplink (included in the sample by cpasjuste).
just hook sceKernelExitGame instead of loading dax's driver as it is just useful for 4.xx kernel

[darkness]

Yes, I know, if I didn't load the prx the function isn't executed without errors!
However, I'm using the DAx function for patch the exit game function and it works great!
Anyway why I have to load the path from file? Can't I pass it as a arg? I've already do it and it works fine! ( exep the load error ).
Thanks very much, I'll try your solution!

[Pirata Nervo]

yeh you can pass the path but in my case as I have to pass at least 3 arguments, it's easier than passing the arguments from the pbp to the prx