6.72 port to main branch

.gitmodules

@@ -1,6 +1,6 @@
 [submodule "ps4-payload-sdk"]
 	path = ps4-payload-sdk
-	url = https://github.com/xvortex/ps4-payload-sdk.git
+	url = https://github.com/GiantPluto/ps4-payload-sdk.git
 [submodule "ps4-ksdk"]
 	path = ps4-ksdk
-	url = https://github.com/xemio/ps4-ksdk.git
+	url = https://github.com/GiantPluto/ps4-ksdk.git

README.md

@@ -1,4 +1,4 @@
-# ps4debug
+# ps4debug for 6.72
 This is a debugger for the PlayStation 4. Yes thats right! Look around and you will find some very useful tools online or on the PS4 Source Discord channel. Anything is possible, except kernel mode debugging, which I decided to leave out.
 
 ### Quickstart Guide
@@ -16,5 +16,13 @@ Please look at the libdebug folder for a library to use with this payload.
 ### Contributing
 If you want to contribute, then feel free to make a pull request or open an issue with a bug that you have found! I am always in need of people to test for me. Join the PS4 Source Discord and look for golden. Also I need someone that is good at writing to spiff up this readme document. I am always in need of people to do work! It seems like I do everything...
 
-##### Created by **golden**
-###### Shout out to ChendoChap, berkayylmao, 2much4u, idc, and zecoxao!
+### Created by **golden**
+
+### Contributors
+
+- ChendoChap - For his intial work till 5.05 and his guidance during 6.72 porting on ptrace
+- berkayylmao
+- 2much4u
+- idc
+- zecoxao
+- DeathRGH - For second [ptrace](https://github.com/GiantPluto/ps4debug/blob/457c2bf5468329e68a272b5f1e1ab88957f5f2d8/installer/source/installer.c#L53) patch for 6.72

debugger/include/ptrace.h

@@ -91,13 +91,6 @@
 #define SIGUSR1 30	/* user defined signal 1 */
 #define SIGUSR2 31	/* user defined signal 2 */
 
-struct ptrace_io_desc {
-    int	piod_op;        /* I/O operation */
-    void *piod_offs;	/* child offset */
-    void *piod_addr;	/* parent offset */
-    uint64_t piod_len;	/* request length */
-};
-
 TYPE_BEGIN(struct ptrace_lwpinfo, 0x98);
 TYPE_FIELD(uint32_t pl_lwpid, 0);
 TYPE_FIELD(char pl_tdname[24], 0x80);

debugger/source/console.c

@@ -78,8 +78,8 @@ int console_notify_handle(int fd, struct cmd_packet *packet) {
 }
 
 int console_info_handle(int fd, struct cmd_packet *packet) {
-    struct cmd_console_info_response resp;
-    size_t len;
+    //struct cmd_console_info_response resp;
+    //size_t len;
 
     //extern int (*sysctl)(int *name, unsigned int namelen, char *oldval, size_t *oldlen, char *newval, size_t newlen);
     //extern int (*sysctlbyname)(char *name, char *oldval, size_t *oldlen, char *newval, size_t newlen);

debugger/source/main.c

@@ -19,7 +19,7 @@ int _main(void) {
     sceKernelSleep(2);
 
     // just a little notify
-    sceSysUtilSendSystemNotificationWithText(222, "ps4debug by golden");
+    sceSysUtilSendSystemNotificationWithText(222, "ps4debug by golden\n 6.72 port by GiantPluto");
 
     // jailbreak current thread
     sys_console_cmd(SYS_CONSOLE_CMD_JAILBREAK, NULL);

debugger/source/proc.c

@@ -2,7 +2,7 @@
 // 6/12/2018
 //
 
-#include "proc.h"
+#include "include/proc.h"
 
 int proc_list_handle(int fd, struct cmd_packet *packet) {
     void *data;

installer/Makefile

@@ -1,18 +1,16 @@
 KSDK	:= ../ps4-ksdk/
 
-TEXT	:=	0x926200000
-DATA	:=	0x926300000
-
 CC		:=	gcc
 AS		:=	gcc
 OBJCOPY	:=	objcopy
 ODIR	:=	build
 SDIR	:=	source
 IDIRS	:=	-I$(KSDK)/include -I. -Iinclude
 LDIRS	:=	-L$(KSDK) -L. -Llib
-CFLAGS	:=	$(IDIRS) -O2 -std=c11 -fno-builtin -nostartfiles -nostdlib -Wall -masm=intel -march=btver2 -mtune=btver2 -m64 -mabi=sysv -mcmodel=large -DTEXT_ADDRESS=$(TEXT) -DDATA_ADDRESS=$(DATA)
+MAPFILE := $(shell basename $(CURDIR)).map
+CFLAGS	:=	$(IDIRS) -Os -std=gnu11 -ffunction-sections -fdata-sections -fno-builtin -nostartfiles -nostdlib -Wall -masm=intel -march=btver2 -mtune=btver2 -m64 -mabi=sysv -mcmodel=small -fpie
 SFLAGS	:=	-nostartfiles -nostdlib -march=btver2 -mtune=btver2
-LFLAGS	:=	$(LDIRS) -Xlinker -T linker.x -Wl,--build-id=none -Ttext=$(TEXT) -Tdata=$(DATA)
+LFLAGS	:=	$(LDIRS) -Xlinker -T linker.x -Wl,--build-id=none -Wl,--gc-sections
 CFILES	:=	$(wildcard $(SDIR)/*.c)
 SFILES	:=	$(wildcard $(SDIR)/*.s)
 OBJS	:=	$(patsubst $(SDIR)/%.c, $(ODIR)/%.o, $(CFILES)) $(patsubst $(SDIR)/%.s, $(ODIR)/%.o, $(SFILES))

installer/source/installer.c

@@ -27,39 +27,37 @@ void patch_kernel() {
     uint64_t kernbase = get_kbase();
 
     // patch memcpy first
-    *(uint8_t *)(kernbase + 0x1EA53D) = 0xEB;
+    *(uint8_t *)(kernbase + 0x003C15BD) = 0xEB;
 
     // patch sceSblACMgrIsAllowedSystemLevelDebugging
-    memcpy((void *)(kernbase + 0x11730), "\x48\xC7\xC0\x01\x00\x00\x00\xC3", 8);
+    memcpy((void *)(kernbase + 0x00233BD0), "\x48\xC7\xC0\x01\x00\x00\x00\xC3", 8);
 
     // patch sceSblACMgrHasMmapSelfCapability
-    memcpy((void *)(kernbase + 0x117B0), "\x48\xC7\xC0\x01\x00\x00\x00\xC3", 8);
+    memcpy((void *)(kernbase + 0x00233C40), "\x48\xC7\xC0\x01\x00\x00\x00\xC3", 8);
 
     // patch sceSblACMgrIsAllowedToMmapSelf
-    memcpy((void *)(kernbase + 0x117C0), "\x48\xC7\xC0\x01\x00\x00\x00\xC3", 8);
+    memcpy((void *)(kernbase + 0x00233C50), "\x48\xC7\xC0\x01\x00\x00\x00\xC3", 8);
 
     // disable sysdump_perform_dump_on_fatal_trap
     // will continue execution and give more information on crash, such as rip
-    *(uint8_t *)(kernbase + 0x7673E0) = 0xC3;
+    *(uint8_t *)(kernbase + 0x00784120) = 0xC3;
 
     // self patches
-    memcpy((void *)(kernbase + 0x13F03F), "\x31\xC0\x90\x90\x90", 5);
+    memcpy((void *)(kernbase + 0x000AD2E4), "\x31\xC0\x90\x90\x90", 5);
 
     // patch vm_map_protect check
-    memcpy((void *)(kernbase + 0x1A3C08), "\x90\x90\x90\x90\x90\x90", 6);
+    memcpy((void *)(kernbase + 0x00451DB8), "\x90\x90\x90\x90\x90\x90", 6);
 
-    // patch ptrace, thanks 2much4u
-    *(uint8_t *)(kernbase + 0x30D9AA) = 0xEB;
+    // patch ptrace
+    *(uint8_t *)(kernbase + 0x0010F879) = 0xEB;
+    memcpy((void *)(kernbase + 0x10FD22), "\xE9\xE2\x02\x00\x00", 5);
 
-    // remove all these bullshit checks from ptrace, by golden
-    memcpy((void *)(kernbase + 0x30DE01), "\xE9\xD0\x00\x00\x00", 5);
-
-    // patch ASLR, thanks 2much4u
-    *(uint16_t *)(kernbase + 0x194875) = 0x9090;
+	// disable ASLR
+    *(uint8_t *)(kernbase + 0x003CECE1) = 0xEB;
 
     // patch kmem_alloc
-    *(uint8_t *)(kernbase + 0xFCD48) = VM_PROT_ALL;
-    *(uint8_t *)(kernbase + 0xFCD56) = VM_PROT_ALL;
+    *(uint8_t *)(kernbase + 0x002507F5) = VM_PROT_ALL;
+    *(uint8_t *)(kernbase + 0x00250803) = VM_PROT_ALL;
 
     cpu_enable_wp();
 }
@@ -145,7 +143,7 @@ int load_debugger() {
 int runinstaller() {
     init_ksdk();
 
-    // enable uart
+    //// enable uart
     *disable_console_output = 0;
 
     ascii_art();

installer/source/proc.c

@@ -266,25 +266,25 @@ int proc_create_thread(struct proc *p, uint64_t address) {
         }
 
         if (!memcmp(entries[i].name, "libkernel.sprx", 14)) {
-            _scePthreadAttrInit = entries[i].start + 0x12660;
-            _scePthreadAttrSetstacksize = entries[i].start + 0x12680;
-            _scePthreadCreate = entries[i].start + 0x12AA0;
-            _thr_initial = entries[i].start + 0x84C20;
+            _scePthreadAttrInit = entries[i].start + 0x00013A40;
+            _scePthreadAttrSetstacksize = entries[i].start + 0x00013A60;
+            _scePthreadCreate = entries[i].start + 0x00013E80;
+            _thr_initial = entries[i].start + 0x00435420;
             break;
         }
         if (!memcmp(entries[i].name, "libkernel_web.sprx", 18))
         {
-            _scePthreadAttrInit = entries[i].start + 0x1E730;
-            _scePthreadAttrSetstacksize = entries[i].start + 0xFA80;
-            _scePthreadCreate = entries[i].start + 0x98C0;
-            _thr_initial = entries[i].start + 0x84C20;
+            _scePthreadAttrInit = entries[i].start + 0x0001FD20;
+            _scePthreadAttrSetstacksize = entries[i].start + 0x00010540;
+            _scePthreadCreate = entries[i].start + 0x0000A0F0;
+            _thr_initial = entries[i].start + 0x00435420;
             break;
         }
         if (!memcmp(entries[i].name, "libkernel_sys.sprx", 18)) {
-            _scePthreadAttrInit = entries[i].start + 0x13190;
-            _scePthreadAttrSetstacksize = entries[i].start + 0x131B0;
-            _scePthreadCreate = entries[i].start + 0x135D0;
-            _thr_initial = entries[i].start + 0x89030;
+            _scePthreadAttrInit = entries[i].start + 0x00014570;
+            _scePthreadAttrSetstacksize = entries[i].start + 0x00014590;
+            _scePthreadCreate = entries[i].start + 0x000149B0;
+            _thr_initial = entries[i].start + 0x00435830;
             break;
         }
     }

kdebugger/source/proc.c

@@ -269,25 +269,25 @@ int proc_create_thread(struct proc *p, uint64_t address) {
         }
 
         if (!memcmp(entries[i].name, "libkernel.sprx", 14)) {
-            _scePthreadAttrInit = entries[i].start + 0x12660;
-            _scePthreadAttrSetstacksize = entries[i].start + 0x12680;
-            _scePthreadCreate = entries[i].start + 0x12AA0;
-            _thr_initial = entries[i].start + 0x84C20;
+            _scePthreadAttrInit = entries[i].start + 0x00013A40;
+            _scePthreadAttrSetstacksize = entries[i].start + 0x00013A60;
+            _scePthreadCreate = entries[i].start + 0x00013E80;
+            _thr_initial = entries[i].start + 0x00435420;
             break;
         }
         if (!memcmp(entries[i].name, "libkernel_web.sprx", 18))
         {
-            _scePthreadAttrInit = entries[i].start + 0x1E730;
-            _scePthreadAttrSetstacksize = entries[i].start + 0xFA80;
-            _scePthreadCreate = entries[i].start + 0x98C0;
-            _thr_initial = entries[i].start + 0x84C20;
+            _scePthreadAttrInit = entries[i].start + 0x0001FD20;
+            _scePthreadAttrSetstacksize = entries[i].start + 0x00010540;
+            _scePthreadCreate = entries[i].start + 0x0000A0F0;
+            _thr_initial = entries[i].start + 0x00435420;
             break;
         }
         if (!memcmp(entries[i].name, "libkernel_sys.sprx", 18)) {
-            _scePthreadAttrInit = entries[i].start + 0x13190;
-            _scePthreadAttrSetstacksize = entries[i].start + 0x131B0;
-            _scePthreadCreate = entries[i].start + 0x135D0;
-            _thr_initial = entries[i].start + 0x89030;
+            _scePthreadAttrInit = entries[i].start + 0x00014570;
+            _scePthreadAttrSetstacksize = entries[i].start + 0x00014590;
+            _scePthreadCreate = entries[i].start + 0x000149B0;
+            _thr_initial = entries[i].start + 0x00435830;
             break;
         }
     }