-Original file line number
+Diff line change
@@ Expand Up / @@ -629,6 +629,173 @@ int fuse_kernel_patches_1200(struct thread *td) { @@
       return 0;
     }
+    int fuse_kernel_patches_1250(struct thread *td) {
+      void *kernel_base = &((uint8_t *)kernelRdmsr(0xC0000082))[-0x1C0];
+      uint8_t *kernel_ptr = (uint8_t *)kernel_base;
+      int *ksuser_enabled = (int *)(kernel_base + 0x21AD2AC);
+      if (*ksuser_enabled == 1) // kernel already patched
+        return 0;
+      cpu_disable_wp();
+      struct vfsconf *p = (struct vfsconf *)(kernel_base + 0x1A7FA48);
+      // suser_enabled in priv_check_cred
+      *ksuser_enabled = 1;
+      // add jail friendly for fuse file system
+      p->vfc_flags = 0x00400000 | 0x00080000;
+      // avoid enforce_dev_perms checks
+      // default prison_priv_check to 0
+      kernel_ptr[0x317866] = 0;
+      kernel_ptr[0x4913F5] = 0x84;
+      // skip devkit/testkit/dipsw check in fuse_loader
+      kernel_ptr[0x4953CE] = 0xEB;
+      kernel_ptr[0x4953CF] = 0x1B;
+      // skip sceSblACMgrIsSyscoreProcess check in fuse_open_device
+      kernel_ptr[0x48FE05] = 0xEB;
+      kernel_ptr[0x48FE04] = 0x0;
+      // skip sceSblACMgrIsDebuggerProcess/sceSblACMgrIsSyscoreProcess check in
+      // fuse_close_device
+      kernel_ptr[0x48FF02] = 0xEB;
+      // skip sceSblACMgrIsDebuggerProcess/sceSblACMgrIsSyscoreProcess check in
+      // fuse_poll_device
+      kernel_ptr[0x490452] = 0x84;
+      // skip sceSblACMgrIsSyscoreProcess check in fuse_vfsop_mount
+      kernel_ptr[0x4943B7] = 0x85;
+      // skip sceSblACMgrIsMinisyscore/unknown check in fuse_vfsop_unmount
+      kernel_ptr[0x494B0A] = 0x84;
+      // skip sceSblACMgrIsSystemUcred check in fuse_vfsop_statfs
+      kernel_ptr[0x494EBD] = 0xEB;
+      kernel_ptr[0x494EBE] = 0x04;
+      kernel_ptr[0x48FD0E] = 0xB6;
+      // patch kernel
+      cpu_enable_wp();
+      int (*fuse_loader)(void *m, int op, void *arg) =
+          (void *)(kernel_base + 0x4953A0);
+      fuse_loader(NULL, 0, NULL);
+      return 0;
+    }
+    int fuse_kernel_patches_1300(struct thread *td) {
+      void *kernel_base = &((uint8_t *)kernelRdmsr(0xC0000082))[-0x1C0];
+      uint8_t *kernel_ptr = (uint8_t *)kernel_base;
+      int *ksuser_enabled = (int *)(kernel_base + 0x21ad2ac);
+      if (*ksuser_enabled == 1) // kernel already patched
+        return 0;
+      cpu_disable_wp();
+      struct vfsconf *p = (struct vfsconf *)(kernel_base + 0x1A7FA48);
+      // suser_enabled in priv_check_cred
+      *ksuser_enabled = 1;
+      // add jail friendly for fuse file system
+      p->vfc_flags = 0x00400000 | 0x00080000;
+      // avoid enforce_dev_perms checks
+      // default prison_priv_check to 0
+      kernel_ptr[0x317886] = 0;
+      kernel_ptr[0x491415] = 0x84;
+      // skip devkit/testkit/dipsw check in fuse_loader
+      kernel_ptr[0x4953EE] = 0xEB;
+      kernel_ptr[0x4953EF] = 0x1B;
+      // skip sceSblACMgrIsSyscoreProcess check in fuse_open_device
+      kernel_ptr[0x48FE24] = 0x0;
+      kernel_ptr[0x48FE25] = 0xEB;
+      // skip sceSblACMgrIsDebuggerProcess/sceSblACMgrIsSyscoreProcess check in
+      // fuse_close_device
+      kernel_ptr[0x48FF22] = 0xEB;
+      // skip sceSblACMgrIsDebuggerProcess/sceSblACMgrIsSyscoreProcess check in
+      // fuse_poll_device
+      kernel_ptr[0x490472] = 0x84;
+      // skip sceSblACMgrIsSyscoreProcess check in fuse_vfsop_mount
+      kernel_ptr[0x4943D7] = 0x85;
+      // skip sceSblACMgrIsMinisyscore/unknown check in fuse_vfsop_unmount
+      kernel_ptr[0x494B2A] = 0x84;
+      // skip sceSblACMgrIsSystemUcred check in fuse_vfsop_statfs
+      kernel_ptr[0x494EDD] = 0xEB;
+      kernel_ptr[0x494EDE] = 0x04;
+      kernel_ptr[0x48FD2E] = 0xB6;
+      // patch kernel
+      cpu_enable_wp();
+      int (*fuse_loader)(void *m, int op, void *arg) =
+          (void *)(kernel_base + 0x4953C0);
+      fuse_loader(NULL, 0, NULL);
+      return 0;
+    }
+    int fuse_kernel_patches_1302(struct thread *td) {
+      void *kernel_base = &((uint8_t *)kernelRdmsr(0xC0000082))[-0x1C0];
+      uint8_t *kernel_ptr = (uint8_t *)kernel_base;
+      int *ksuser_enabled = (int *)(kernel_base + 0x21ad2ac);
+      if (*ksuser_enabled == 1) // kernel already patched
+        return 0;
+      cpu_disable_wp();
+      struct vfsconf *p = (struct vfsconf *)(kernel_base + 0x1A7FA48);
+      // suser_enabled in priv_check_cred
+      *ksuser_enabled = 1;
+      // add jail friendly for fuse file system
+      p->vfc_flags = 0x00400000 | 0x00080000;
+      // avoid enforce_dev_perms checks
+      // default prison_priv_check to 0
+      kernel_ptr[0x317896] = 0;
+      kernel_ptr[0x491425] = 0x84;
+      // skip devkit/testkit/dipsw check in fuse_loader
+      kernel_ptr[0x4953FE] = 0xEB;
+      kernel_ptr[0x4953FF] = 0x1B;
+      // skip sceSblACMgrIsSyscoreProcess check in fuse_open_device
+      kernel_ptr[0x48FE34] = 0x0;
+      kernel_ptr[0x48FE35] = 0xEB;
+      // skip sceSblACMgrIsDebuggerProcess/sceSblACMgrIsSyscoreProcess check in
+      // fuse_close_device
+      kernel_ptr[0x48FF32] = 0xEB;
+      // skip sceSblACMgrIsDebuggerProcess/sceSblACMgrIsSyscoreProcess check in
+      // fuse_poll_device
+      kernel_ptr[0x490482] = 0x84;
+      // skip sceSblACMgrIsSyscoreProcess check in fuse_vfsop_mount
+      kernel_ptr[0x4943E7] = 0x85;
+      // skip sceSblACMgrIsMinisyscore/unknown check in fuse_vfsop_unmount
+      kernel_ptr[0x494B3A] = 0x84;
+      // skip sceSblACMgrIsSystemUcred check in fuse_vfsop_statfs
+      kernel_ptr[0x494EED] = 0xEB;
+      kernel_ptr[0x494EEE] = 0x04;
+      kernel_ptr[0x48FD3E] = 0xB6;
+      // patch kernel
+      cpu_enable_wp();
+      int (*fuse_loader)(void *m, int op, void *arg) =
+          (void *)(kernel_base + 0x4953D0);
+      fuse_loader(NULL, 0, NULL);
+      return 0;
+    }
     bool fuse_fw_supported() {
       switch (ps4_fw_version()) {
       case 0x507:
@@ Expand Down Expand Up / @@ -673,6 +840,16 @@ bool fuse_fw_supported() { @@
       case 0x1202:
         syscall(11, fuse_kernel_patches_1200);
         return true;
+      case 0x1250:
+      case 0x1252:
+        syscall(11, fuse_kernel_patches_1250);
+        return true;
+      case 0x1300:
+        syscall(11, fuse_kernel_patches_1300);
+        return true;
+      case 0x1302:
+        syscall(11, fuse_kernel_patches_1302);
+        return true;
       default: {
         log_info("fuse: Unsupported firmware version, exiting ...");
         return false;
@@ Expand Down @@

Add fuse support for 12.50/12.52/13.00/13.02 #124

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open

ArabPixel wants to merge 4 commits into LightningMods:main from ArabPixel:main

itemz-daemon/source/fuse.c

-Original file line number
+Diff line change
@@ Expand Up / @@ -629,6 +629,173 @@ int fuse_kernel_patches_1200(struct thread *td) { @@
       return 0;
     }
+    int fuse_kernel_patches_1250(struct thread *td) {
+      void *kernel_base = &((uint8_t *)kernelRdmsr(0xC0000082))[-0x1C0];
+      uint8_t *kernel_ptr = (uint8_t *)kernel_base;
+      int *ksuser_enabled = (int *)(kernel_base + 0x21AD2AC);
+      if (*ksuser_enabled == 1) // kernel already patched
+        return 0;
+      cpu_disable_wp();
+      struct vfsconf *p = (struct vfsconf *)(kernel_base + 0x1A7FA48);
+      // suser_enabled in priv_check_cred
+      *ksuser_enabled = 1;
+      // add jail friendly for fuse file system
+      p->vfc_flags = 0x00400000 | 0x00080000;
+      // avoid enforce_dev_perms checks
+      // default prison_priv_check to 0
+      kernel_ptr[0x317866] = 0;
+      kernel_ptr[0x4913F5] = 0x84;
+      // skip devkit/testkit/dipsw check in fuse_loader
+      kernel_ptr[0x4953CE] = 0xEB;
+      kernel_ptr[0x4953CF] = 0x1B;
+      // skip sceSblACMgrIsSyscoreProcess check in fuse_open_device
+      kernel_ptr[0x48FE05] = 0xEB;
+      kernel_ptr[0x48FE04] = 0x0;
+      // skip sceSblACMgrIsDebuggerProcess/sceSblACMgrIsSyscoreProcess check in
+      // fuse_close_device
+      kernel_ptr[0x48FF02] = 0xEB;
+      // skip sceSblACMgrIsDebuggerProcess/sceSblACMgrIsSyscoreProcess check in
+      // fuse_poll_device
+      kernel_ptr[0x490452] = 0x84;
+      // skip sceSblACMgrIsSyscoreProcess check in fuse_vfsop_mount
+      kernel_ptr[0x4943B7] = 0x85;
+      // skip sceSblACMgrIsMinisyscore/unknown check in fuse_vfsop_unmount
+      kernel_ptr[0x494B0A] = 0x84;
+      // skip sceSblACMgrIsSystemUcred check in fuse_vfsop_statfs
+      kernel_ptr[0x494EBD] = 0xEB;
+      kernel_ptr[0x494EBE] = 0x04;
+      kernel_ptr[0x48FD0E] = 0xB6;
+      // patch kernel
+      cpu_enable_wp();
+      int (*fuse_loader)(void *m, int op, void *arg) =
+          (void *)(kernel_base + 0x4953A0);
+      fuse_loader(NULL, 0, NULL);
+      return 0;
+    }
+    int fuse_kernel_patches_1300(struct thread *td) {
+      void *kernel_base = &((uint8_t *)kernelRdmsr(0xC0000082))[-0x1C0];
+      uint8_t *kernel_ptr = (uint8_t *)kernel_base;
+      int *ksuser_enabled = (int *)(kernel_base + 0x21ad2ac);
+      if (*ksuser_enabled == 1) // kernel already patched
+        return 0;
+      cpu_disable_wp();
+      struct vfsconf *p = (struct vfsconf *)(kernel_base + 0x1A7FA48);
+      // suser_enabled in priv_check_cred
+      *ksuser_enabled = 1;
+      // add jail friendly for fuse file system
+      p->vfc_flags = 0x00400000 | 0x00080000;
+      // avoid enforce_dev_perms checks
+      // default prison_priv_check to 0
+      kernel_ptr[0x317886] = 0;
+      kernel_ptr[0x491415] = 0x84;
+      // skip devkit/testkit/dipsw check in fuse_loader
+      kernel_ptr[0x4953EE] = 0xEB;
+      kernel_ptr[0x4953EF] = 0x1B;
+      // skip sceSblACMgrIsSyscoreProcess check in fuse_open_device
+      kernel_ptr[0x48FE24] = 0x0;
+      kernel_ptr[0x48FE25] = 0xEB;
+      // skip sceSblACMgrIsDebuggerProcess/sceSblACMgrIsSyscoreProcess check in
+      // fuse_close_device
+      kernel_ptr[0x48FF22] = 0xEB;
+      // skip sceSblACMgrIsDebuggerProcess/sceSblACMgrIsSyscoreProcess check in
+      // fuse_poll_device
+      kernel_ptr[0x490472] = 0x84;
+      // skip sceSblACMgrIsSyscoreProcess check in fuse_vfsop_mount
+      kernel_ptr[0x4943D7] = 0x85;
+      // skip sceSblACMgrIsMinisyscore/unknown check in fuse_vfsop_unmount
+      kernel_ptr[0x494B2A] = 0x84;
+      // skip sceSblACMgrIsSystemUcred check in fuse_vfsop_statfs
+      kernel_ptr[0x494EDD] = 0xEB;
+      kernel_ptr[0x494EDE] = 0x04;
+      kernel_ptr[0x48FD2E] = 0xB6;
+      // patch kernel
+      cpu_enable_wp();
+      int (*fuse_loader)(void *m, int op, void *arg) =
+          (void *)(kernel_base + 0x4953C0);
+      fuse_loader(NULL, 0, NULL);
+      return 0;
+    }
+    int fuse_kernel_patches_1302(struct thread *td) {
+      void *kernel_base = &((uint8_t *)kernelRdmsr(0xC0000082))[-0x1C0];
+      uint8_t *kernel_ptr = (uint8_t *)kernel_base;
+      int *ksuser_enabled = (int *)(kernel_base + 0x21ad2ac);
+      if (*ksuser_enabled == 1) // kernel already patched
+        return 0;
+      cpu_disable_wp();
+      struct vfsconf *p = (struct vfsconf *)(kernel_base + 0x1A7FA48);
+      // suser_enabled in priv_check_cred
+      *ksuser_enabled = 1;
+      // add jail friendly for fuse file system
+      p->vfc_flags = 0x00400000 | 0x00080000;
+      // avoid enforce_dev_perms checks
+      // default prison_priv_check to 0
+      kernel_ptr[0x317896] = 0;
+      kernel_ptr[0x491425] = 0x84;
+      // skip devkit/testkit/dipsw check in fuse_loader
+      kernel_ptr[0x4953FE] = 0xEB;
+      kernel_ptr[0x4953FF] = 0x1B;
+      // skip sceSblACMgrIsSyscoreProcess check in fuse_open_device
+      kernel_ptr[0x48FE34] = 0x0;
+      kernel_ptr[0x48FE35] = 0xEB;
+      // skip sceSblACMgrIsDebuggerProcess/sceSblACMgrIsSyscoreProcess check in
+      // fuse_close_device
+      kernel_ptr[0x48FF32] = 0xEB;
+      // skip sceSblACMgrIsDebuggerProcess/sceSblACMgrIsSyscoreProcess check in
+      // fuse_poll_device
+      kernel_ptr[0x490482] = 0x84;
+      // skip sceSblACMgrIsSyscoreProcess check in fuse_vfsop_mount
+      kernel_ptr[0x4943E7] = 0x85;
+      // skip sceSblACMgrIsMinisyscore/unknown check in fuse_vfsop_unmount
+      kernel_ptr[0x494B3A] = 0x84;
+      // skip sceSblACMgrIsSystemUcred check in fuse_vfsop_statfs
+      kernel_ptr[0x494EED] = 0xEB;
+      kernel_ptr[0x494EEE] = 0x04;
+      kernel_ptr[0x48FD3E] = 0xB6;
+      // patch kernel
+      cpu_enable_wp();
+      int (*fuse_loader)(void *m, int op, void *arg) =
+          (void *)(kernel_base + 0x4953D0);
+      fuse_loader(NULL, 0, NULL);
+      return 0;
+    }
     bool fuse_fw_supported() {
       switch (ps4_fw_version()) {
       case 0x507:
@@ Expand Down Expand Up / @@ -673,6 +840,16 @@ bool fuse_fw_supported() { @@
       case 0x1202:
         syscall(11, fuse_kernel_patches_1200);
         return true;
+      case 0x1250:
+      case 0x1252:
+        syscall(11, fuse_kernel_patches_1250);
+        return true;
+      case 0x1300:
+        syscall(11, fuse_kernel_patches_1300);
+        return true;
+      case 0x1302:
+        syscall(11, fuse_kernel_patches_1302);
+        return true;
       default: {
         log_info("fuse: Unsupported firmware version, exiting ...");
         return false;
@@ Expand Down @@

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add fuse support for 12.50/12.52/13.00/13.02 #124

Uh oh!

Diff view

Diff view

There are no files selected for viewing

Add fuse support for 12.50/12.52/13.00/13.02 #124

Are you sure you want to change the base?

Uh oh!

Add fuse support for 12.50/12.52/13.00/13.02 #124

Uh oh!

Uh oh!

Diff view

Diff view

There are no files selected for viewing