Merge pull request #10 from sleirsgoevy/path-override

Add filename override

README.md

@@ -1,6 +1,6 @@
 # ps5-linux
 
-**ps5-linux** leverages a patched HV vulnerability to transform your PS5 Phat console running **3.xx or 4.xx firmwares** into a highly capable Linux PC, unlocking its full hardware potential for desktop use. Powered by 8 CPU cores (16 threads) at **3.5 GHz** and a GPU at **2.23 GHz**, it provides enough performance to run Steam games and various emulators with impressive fluidity. It supports HDMI 4K60 video and audio output. Furthermore, it allows you to utilize an **M.2 SSD** as a dedicated Linux partition, as well as all USB ports on the console.
+**ps5-linux** leverages a patched HV vulnerability to transform your PS5 Phat console running **3.xx or 4.xx firmwares** (and soon also on **firmware 6.02**) into a highly capable Linux PC, unlocking its full hardware potential for desktop use. Powered by 8 CPU cores (16 threads) at **3.5 GHz** and a GPU at **2.23 GHz**, it provides enough performance to run Steam games and various emulators with impressive fluidity. It supports HDMI 4K60 video and audio output. Furthermore, it allows you to utilize an **M.2 SSD** as a dedicated Linux partition, as well as all USB ports on the console.
 
 ![Alt Text](logo.webp)
 
@@ -8,14 +8,13 @@
 
 *ps5-linux* is currently only supported on PS5 Phat on 3.xx and 4.xx firmwares.
 
-- **3.00**, **3.10**, **3.20**, **3.21**, without M.2 support
+- **3.00**, **3.10**, **3.20**, **3.21** without M.2 support
 - **4.00**, **4.02**, **4.03**, **4.50**, **4.51** with M.2 support
+- **Soon: 6.02** with M2 support
 
 Support for 1.xx and 2.xx firmwares may be added in the future, but we will not prioritize this effort.
 
-Support for 5.xx firmwares may be added in the future, but for those firmwares, Linux will run within the GameOS VM, thus it will have less features (still unknown what limitations there will be) and it may not perform as good.
-
-If you want to update to a specific firmware, [download the correct PUP](https://darthsternie.net/ps5-firmwares/) and follow the [official guide](https://www.playstation.com/en-us/support/hardware/reinstall-playstation-system-software-safe-mode) to upgrade your PS5.
+If you want to update to a specific firmware, [download the correct PUP](https://darthsternie.net/ps5-firmwares/) and follow the [official guide](https://www.playstation.com/en-us/support/hardware/reinstall-playstation-system-software-safe-mode) to upgrade your PS5. Obviously you cannot downgrade.
 
 ## Hardwares
 
@@ -30,21 +29,34 @@ To run *ps5-linux*, you need some required and optional hardwares:
 
 ## Configure PS5 settings
 
-- **Required**: Enable Rest Mode features:
+- **VERY IMPORTANT**: Enable Rest Mode features:
   - Go to `Settings` → `System` → `Power Saving` → `Features Available in Rest Mode` and set `Supply Power to USB Ports` to `Always`.
-- **Required**: Disable HDMI Device Link:
+- **VERY IMPORTANT**: Disable HDMI Device Link:
   - Go to `Settings` → `HDMI` → `Enable HDMI Device Link`
 - *Recommended*: Disable automatic updates:
   - Go to `Settings` → `System Software` → `System Software Update and Settings`
 - *Recommended*: Disable automatic error reporting:
   - Go to `Settings` → `System Software` → `Report System Software Errors Automatically`
 
+If you reset your PS5 settings or reinstall the FW, you need to reapply these settings again.
+
 ## Installation
 
 ### 1. Get a Linux image
 
 #### Linux/macOS:
 
+Install docker:
+
+```bash
+sudo apt update
+sudo apt install docker.io -y
+sudo service docker start
+sudo usermod -aG docker $USER
+```
+
+Restart the terminal.
+
 ```bash
 git clone https://github.com/ps5-linux/ps5-linux-image
 cd ps5-linux-image
@@ -99,36 +111,7 @@ sudo dd if=output/ps5-ubuntu2604.img of=/dev/sdX bs=4M status=progress conv=fsyn
 
 #### Windows (Balena Etcher):
 
-Download Balena Etcher, select the .img file, select your USB drive, click Flash.
-
-#### Windows (WSL2 + usbipd):
-
-Install usbipd in PowerShell as administrator:
-
-```bash
-winget install usbipd
-```
-
-Plug in your USB drive, list devices and find the busid of your drive:
-
-```bash
-usbipd list
-```
-
-Bind and attach it to WSL (replace 5-3 with your busid):
-
-```bash
-usbipd bind --busid 5-3
-usbipd attach --busid 5-3 --wsl
-```
-
-Then flash from WSL:
-
-```bash
-lsblk  # confirm the drive appeared, e.g. /dev/sdb
-sudo wipefs -a /dev/sdX
-sudo dd if=output/ps5-ubuntu2604.img of=/dev/sdX bs=4M status=progress
-```
+Download [Balena Etcher](https://etcher.balena.io/), select the `.img` file, select your USB drive, click Flash.
 
 ### 3. Plug the USB drive into your PS5
 
@@ -157,6 +140,12 @@ cd ps5-linux-loader
 make
 ```
 
+If you're on ARM64 Linux, then additionall install the x86-64 cross-compilation tools before:
+
+```bash
+sudo apt install gcc-x86-64-linux-gnu binutils-x86-64-linux-gnu
+```
+
 Find your PS5 IP at `Settings → Network → View Connection Status`.
 
 ```bash
@@ -167,11 +156,13 @@ If all is successful, the payload will automatically go into rest mode. Wait unt
 
 If the LED is white, but you still have a blackscreen then:
 
+- Try removing `video=DP-1:1920x1080@60` line in cmdline.txt.
 - Try different monitors or capture cards, ideally with different resolutions. Currently, some monitors have issues.
 - Try setting `amdgpu.force_1080p=1` in `cmdline.txt` in the FAT32 partition of the USB drive.
 
 If none of this helps, please report the issue in our [Discord server](https://discord.gg/PeMGVB7BAm) and provide your EDID information.
 
+
 ## First Boot
 
 Configure your system and memorize your login password.
@@ -182,36 +173,51 @@ Then, there are certain settings and commands we recommend doing:
 
 2. Possibly, you have to disable and reenable your Wired/WLAN connection to get internet connection.
 
-3. Install Firefox:
+3. Hold packages to prevent updating the kernel when doing `apt upgrade`:
+   ```bash
+   sudo apt-mark hold linux-generic linux-generic-hwe-24.04 linux-generic-hwe-26.04 linux-image-generic linux-image-generic-hwe-24.04 linux-image-generic-hwe-26.04 linux-headers-generic linux-headers-generic-hwe-24.04 linux-headers-generic-hwe-26.04
+   ```
+
+4. Install Firefox:
 
    ```bash
    sudo snap install firefox
-   sudo snap refresh mesa-2404 --channel=latest/edge
    ```
 
-4. Clone our [ps5-linux-tools](https://github.com/ps5-linux/ps5-linux-tools):
+5. Update mesa:
 
    ```bash
+   sudo snap refresh mesa-2404 --channel=latest/edge
+   sudo add-apt-repository ppa:kisak/kisak-mesa
+   sudo apt update
+   sudo apt upgrade
+   ```
+
+6. Clone our [ps5-linux-tools](https://github.com/ps5-linux/ps5-linux-tools):
+
+   ```bash
+   sudo apt install zlib1g-dev
    git clone https://github.com/ps5-linux/ps5-linux-tools
+   cd ps5-linux-tools
+   make
    ```
 
 ## M.2 installation
 
 You can use a M.2 SSD exclusively for Linux (which means you cannot use it for PS5 game storage).
 
-1. Attach the M.SSD and format it on your PS5.
-2. Boot Linux on your PS5 and run these commands to initialize your M.2:
+1. Attach the M.2 SSD by following the [official guide](https://www.playstation.com/en-us/support/hardware/ps5-install-m2-ssd).
+2. **VERY IMPORTANT**: If you used the M2. SSD for games before, reformat it on the PS5 under `Settings` → `Storage` → `M.2 SSD Storage`.
+3. Boot Linux on your PS5 and run these commands to initialize your M.2:
 
 ```bash
-sudo apt install zlib1g-dev
 cd ps5-linux-tools
-gcc -o m2_init m2_init.c -lz
 sudo ./m2_init
 ```
 
-3. Reboot via `sudo reboot`. If your PS5 asks you to format your M.2 again, please report this issue to us in our [Discord server](https://discord.gg/PeMGVB7BAm) and provide your M.2 model and storage size.
-4. Relaunch Linux on your PS5.
-5. Copy the `ps5-ubuntu2604.img` image that you built during installation or rebuild it on your PS5. Then, install it onto your M.2:
+4. Reboot via `sudo reboot`. If your PS5 asks you to format your M.2 again, please report this issue to us in our [Discord server](https://discord.gg/PeMGVB7BAm) and provide your M.2 model and storage size.
+5. Relaunch Linux on your PS5.
+6. Copy the `ps5-ubuntu2604.img` image that you built during installation or rebuild it on your PS5. Then, install it onto your M.2:
 
 ```bash
 cd ps5-linux-tools
@@ -227,7 +233,9 @@ chmod +x ./m2_exec.sh
 sudo ./m2_exec.sh
 ```
 
-In order to always boot Linux from your M.2, you can edit the label at `/boot/efi/cmdline.txt` from `root=LABEL=ubuntu2604` to `root=LABEL=ubuntu2604-m2`.
+Then follow the same instructions again as the previous section.
+
+In order to always boot Linux from your M.2, you can edit the label at `/boot/efi/cmdline.txt` from `root=LABEL=ubuntu2604` to `root=LABEL=ubuntu2604-m2`. You will still require a USB drive with the FAT32, but you can reformat the ext4 partition.
 
 ## Fan & boost control
 
@@ -235,7 +243,6 @@ We provide a simple tool that allows you to boost your CPU to 3500Mhz and GPU to
 
 ```bash
 cd ps5-linux-tools
-gcc -o ps5_control ps5_control.c
 sudo ./ps5_control --fan on
 sudo ./ps5_control --boost on
 ```
@@ -248,24 +255,27 @@ Always turn on fan when your turn on boost, as this is what the official PS5 OS
   - A: No, this is a soft-mod. You need to re-run the exploit in order to boot into Linux.
 - Q: Can I put Linux into standby and resume?
   - A: No, this is not supported. We may however add a shutdown feature that puts your PS5 into rest-mode allowing you to relaunch Linux when powering up again.
-
 - Q: Can I continue using my PS5 if I install Linux?
   - A: Yes, the internal SSD is not modified
 - Q: Can I use the PS5's NIC/WLAN module in Linux?
   - A: In theory yes, but someone needs to write or adapt drivers to use them.
-- Q: Will higher >=6.xx firmwares be supported?
+- Q: Will higher >=6.50 firmwares be supported?
   - A: No.
 - Q: Does the DualSense controller work?
   - A: Via a Bluetooth dongle. Built-in Bluetooth is not yet supported.
 - Q: What resolutions and refresh rates are supported?
-  - A: So far only 1080p, 1440p and 2160p at 60Hz. 120Hz or 30Hz may be added in the future.
+  - A: 1080p, 1440p and 2160p at 60Hz are broadly supported. 1440p@120Hz has been the only confirmed working on the DELL S3225QC yet. 120Hz or 30Hz may be added in the future.
 
 
 ## Tips and tricks
 
+- If you see graphical issues in your games, add the environment variable `RADV_DEBUG=nohiz` as [recommended for BC250](https://elektricm.github.io/amd-bc250-docs/drivers/environment/#critical-environment-variables) as well.
 - You can adjust the kernel cmdline in `cmdline.txt` in the FAT32 partition.
 - You can adjust the VRAM size in `vram.txt` in the FAT32 partition. By default, it uses 512MB (0x20000000) which enables [Dynamic VRAM allocation](https://elektricm.github.io/amd-bc250-docs/bios/flashing/#why-flash-the-bios).
 - Monitor hotswap may work, but it will not change resolution automatically.
+- Some monitors have a black screen if a video=DP-1: parameter is set in `cmdline.txt`. Confirmed working without `video=DP-1:1920x1080@60` on:
+  - MSI MAG274Q QD E2, DELL S2721DGF, DELL U2515H (1440p@60Hz)
+  - Possibly also: LG 27GL850, Lenovo Legion Y27q, ViewSonic Elite XG270QG
 
 Many configurations, tips and tricks from the [AMD BC250 Documentation](https://elektricm.github.io/amd-bc250-docs/) also apply to PS5.
 

include/utils.h

@@ -42,6 +42,7 @@ struct linux_info {
   size_t initrd_size;
   size_t vram_size;
   char cmdline[2048];
+  int kit_type;
   uintptr_t linux_info; // PA of linux_info
 };
 
@@ -156,4 +157,17 @@ void enter_rest_mode(void);
 #define DEBUG_PRINT(fmt, ...)
 #endif
 
+
+bool if_exists(const char* path);
+bool sceKernelIsTestKit(void);
+bool sceKernelIsDevKit(void);
+
+enum kit_type {
+    KIT_RETAIL,
+    KIT_TESTKIT,
+    KIT_DEVKIT
+};
+
+enum kit_type get_kit_type(void);
+
 #endif

shellcode_hypervisor/Makefile

@@ -3,9 +3,16 @@ ifndef PS5_PAYLOAD_SDK
 endif
 
 # 1. Variables
+ifeq ($(shell uname -m),aarch64)
+CC      = x86_64-linux-gnu-gcc
+LD      = x86_64-linux-gnu-ld
+OBJCOPY = x86_64-linux-gnu-objcopy
+else
 CC      = gcc
 LD      = ld
-CFLAGS  = -O2 -fno-stack-protector -ffreestanding -nostdlib -fcf-protection=none -I$(PS5_PAYLOAD_SDK)/target/include
+OBJCOPY = objcopy
+endif
+CFLAGS  = -O2 -fno-stack-protector -ffreestanding -nostdlib -fcf-protection=none -m64 -I$(PS5_PAYLOAD_SDK)/target/include
 LDFLAGS = -T linker.ld
 TARGET  = shellcode_hypervisor.elf
 TEXT_BIN = shellcode_hypervisor.bin
@@ -23,7 +30,7 @@ $(TARGET): $(OBJ)
 	$(CC) $(CFLAGS) -c $< -o $@
 
 $(TEXT_BIN): $(TARGET)
-	objcopy -O binary -j .shell_code $(TARGET) $(TEXT_BIN)
+	$(OBJCOPY) -O binary -j .shell_code $(TARGET) $(TEXT_BIN)
 
 clean:
 	rm -f $(OBJ) $(TARGET) $(TEXT_BIN) $(dump)

shellcode_hypervisor/boot_linux.c

@@ -12,6 +12,7 @@ struct linux_info {
   size_t initrd_size;
   size_t vram_size;
   char cmdline[2048];
+  int kit_type;
 };
 
 static struct linux_info info;
@@ -88,8 +89,16 @@ static void e820_memory_setup(struct boot_params *bp) {
   append_e820_table(bp, 0x0f0000000, 0x0f8000000, E820_TYPE_RESERVED);
   append_e820_table(bp, 0x100000000, VRAM_BASE, E820_TYPE_RAM);
   append_e820_table(bp, VRAM_BASE, 0x470000000, E820_TYPE_RESERVED); // VRAM
-  append_e820_table(bp, 0x470000000, 0x47f300000, E820_TYPE_RAM);
-  append_e820_table(bp, 0x47f300000, 0x480000000, E820_TYPE_RESERVED);
+
+  // DevKits have 32GB
+  if (info.kit_type != KIT_DEVKIT) {
+    append_e820_table(bp, 0x470000000, 0x47f300000, E820_TYPE_RAM);
+    append_e820_table(bp, 0x47f300000, 0x480000000, E820_TYPE_RESERVED);
+  }
+  else {
+    append_e820_table(bp, 0x470000000, 0x87f300000, E820_TYPE_RAM);
+    append_e820_table(bp, 0x87f300000, 0x880000000, E820_TYPE_RESERVED);
+  }
 }
 
 void boot_linux(void) {
@@ -124,7 +133,7 @@ void boot_linux(void) {
 
   memcpy((void *)kernel_pa, (void *)(info.bzimage + setup_size), kernel_size);
 
-  // printf("This is kernel_pa: "); print_val64(kernel_pa); printf("\n");
+
   void (*startup_64)(uint64_t physaddr, struct boot_params *bp) =
       (void *)(kernel_pa + 0x200);
   startup_64(kernel_pa, bp);
@@ -159,7 +168,7 @@ void entry(void) {
   }
 
   // Disable IOMMU.
-  *(volatile uint64_t *)0xfdd80018 &= ~1;
+  *(volatile uint64_t *)(AMDIOMMU_MMIO_BASE + AMDIOMMU_CTRL) &= ~1;
 
   memcpy(&info, (void *)(cave_linux_info), sizeof(struct linux_info));
 

shellcode_hypervisor/boot_linux.h

@@ -37,7 +37,16 @@
 #define DCHUBBUB_WHITELIST_BASE_ADDR_0 0x24878
 #define DCHUBBUB_WHITELIST_TOP_ADDR_0 0x2487c
 
+#define AMDIOMMU_MMIO_BASE 0xfdd80000
+#define AMDIOMMU_CTRL 0x18
+
 #define MAXCPU 16
 
 void entry(void);
-void boot_linux(void);
+void boot_linux(void);
+
+enum kit_type {
+    KIT_RETAIL,
+    KIT_TESTKIT,
+    KIT_DEVKIT
+};

shellcode_kernel/Makefile

@@ -3,9 +3,16 @@ ifndef PS5_PAYLOAD_SDK
 endif
 
 
+ifeq ($(shell uname -m),aarch64)
+CC      = x86_64-linux-gnu-gcc
+LD      = x86_64-linux-gnu-ld
+OBJCOPY = x86_64-linux-gnu-objcopy
+else
 CC      = gcc
 LD      = ld
-CFLAGS  = -O2 -fno-stack-protector -ffreestanding -nostdlib -I$(PS5_PAYLOAD_SDK)/target/include
+OBJCOPY = objcopy
+endif
+CFLAGS  = -O2 -fno-stack-protector -ffreestanding -nostdlib -m64 -I$(PS5_PAYLOAD_SDK)/target/include
 LDFLAGS = -T linker.ld
 TARGET  = shellcode_kernel.elf
 TEXT_BIN = shellcode_text.bin
@@ -24,7 +31,7 @@ $(TARGET): $(OBJ)
 	$(CC) $(CFLAGS) -c $< -o $@
 
 $(TEXT_BIN): $(TARGET)
-	objcopy -O binary -j .text $(TARGET) $(TEXT_BIN)
+	$(OBJCOPY) -O binary -j .text $(TARGET) $(TEXT_BIN)
 
 clean:
 	rm -f $(OBJ) $(TARGET) $(TEXT_BIN) $(dump)

shellcode_kernel/kernel_code.c

@@ -46,6 +46,7 @@ struct linux_info {
   size_t initrd_size;
   size_t vram_size;
   char cmdline[2048];
+  int kit_type;
 };
 
 static struct linux_info info;

source/hv_defeat.c

@@ -217,8 +217,7 @@ int stage4_force_vmcb_reload(void) {
 int stage5_remove_xotext(void) {
   DEBUG_PRINT("\nHV-Defeat [stage5] xotext removal\n");
 
-  uint64_t start =
-      ktext - 0xF0000; // Include first pages where fun stuff is located
+  uint64_t start = ktext;
   uint64_t end = kdata;
   int n __attribute__((unused)) = 0;
 

source/loader.c

@@ -79,11 +79,52 @@ const char *file_paths[] = {
     "/mnt/usb2/PS5/Linux/", "/mnt/usb3/PS5/Linux/",
 };
 
+long find_and_get_size_of_file(const char *filename, char *found_path);
+int find_and_read_file(const char *filename, void *buf, size_t bufsize);
+
+static const char *get_overridden_filename(const char *filename) {
+  static int state = 0;
+  static char *overrides_start = nullptr;
+  static char *overrides_end = nullptr;
+
+  if (state == 0) {
+    state = 1;
+    char found_path[256];
+    ssize_t size = find_and_get_size_of_file("path-override.txt", found_path);
+    if (size > 0) {
+      overrides_start = malloc(size + 1);
+      overrides_end = overrides_start + size + 1;
+      if (read_file(found_path, overrides_start, size) == size) {
+        state = 2;
+        for (char *p = overrides_start; p < overrides_end; p++)
+          if (*p == '\n')
+            *p = 0;
+        overrides_start[size] = 0; // make sure the last string is null-terminated
+      }
+    }
+  }
+
+  if (state == 1) // overrides not found, or unreadable, or currently looking for it
+    return filename;
+
+  size_t needle_len = strlen(filename);
+  for (const char *p = overrides_start; p < overrides_end;) {
+    size_t haystack_len = strlen(p);
+    if (haystack_len > needle_len && !strncmp(p, filename, needle_len) && p[needle_len] == '=')
+      return p + needle_len + 1;
+    p += haystack_len + 1;
+  }
+
+  // haven't found an override, return original filename
+  return filename;
+}
+
 long find_and_get_size_of_file(const char *filename, char *found_path) {
 
   char full_path[256];
   struct stat st;
 
+  filename = get_overridden_filename(filename);
   int num_paths = sizeof(file_paths) / sizeof(file_paths[0]);
 
   for (int i = 0; i < num_paths; i++) {
@@ -220,6 +261,7 @@ int fetch_linux(struct linux_info *info) {
   info->initrd_size = initrd_size;
   info->vram_size = vram_size;
   strcpy(info->cmdline, cmdline);
+  info->kit_type = (int) get_kit_type();
 
   uint64_t page = alloc_page();
   kwrite(pa_to_dmap(page), info, sizeof(struct linux_info));

source/offsets.c

@@ -5,8 +5,8 @@ offset_list off_0300 = {
     .HV_VCPU_ARRAY_OFF = 0x5D0,
     .HV_VCPU_STRIDE = 0x320,
     .HV_VCPU_VMCB_PTR = 0x08,
-    .KERNEL_CODE_CAVE = 0x0043000,
-    .KERNEL_DATA_CAVE = 0x0043000 + 0xBBE300,
+    .KERNEL_CODE_CAVE = 0x500,
+    .KERNEL_DATA_CAVE = 0xC01300,
     .IOMMU_SOFTC = 0x33175E0,
     .VMSPACE_VM_VMID = 0x1E4,
     .VMSPACE_VM_PMAP = 0x1D0,
@@ -37,8 +37,8 @@ offset_list off_0310 = {
     .HV_VCPU_ARRAY_OFF = 0x5D0,
     .HV_VCPU_STRIDE = 0x320,
     .HV_VCPU_VMCB_PTR = 0x08,
-    .KERNEL_CODE_CAVE = 0x0043000,
-    .KERNEL_DATA_CAVE = 0x0043000 + 0xBBE300,
+    .KERNEL_CODE_CAVE = 0x500,
+    .KERNEL_DATA_CAVE = 0xC01300,
     .IOMMU_SOFTC = 0x33175E0,
     .VMSPACE_VM_VMID = 0x1E4,
     .VMSPACE_VM_PMAP = 0x1D0,
@@ -69,8 +69,8 @@ offset_list off_0320 = {
     .HV_VCPU_ARRAY_OFF = 0x5D0,
     .HV_VCPU_STRIDE = 0x320,
     .HV_VCPU_VMCB_PTR = 0x08,
-    .KERNEL_CODE_CAVE = 0x0043000,
-    .KERNEL_DATA_CAVE = 0x0043000 + 0xBBE300,
+    .KERNEL_CODE_CAVE = 0x500,
+    .KERNEL_DATA_CAVE = 0xC01300,
     .IOMMU_SOFTC = 0x33175E0,
     .VMSPACE_VM_VMID = 0x1E4,
     .VMSPACE_VM_PMAP = 0x1D0,
@@ -101,8 +101,8 @@ offset_list off_0321 = {
     .HV_VCPU_ARRAY_OFF = 0x5D0,
     .HV_VCPU_STRIDE = 0x320,
     .HV_VCPU_VMCB_PTR = 0x08,
-    .KERNEL_CODE_CAVE = 0x0043000,
-    .KERNEL_DATA_CAVE = 0x0043000 + 0xBBE300,
+    .KERNEL_CODE_CAVE = 0x500,
+    .KERNEL_DATA_CAVE = 0xC01300,
     .IOMMU_SOFTC = 0x33175E0,
     .VMSPACE_VM_VMID = 0x1E4,
     .VMSPACE_VM_PMAP = 0x1D0,
@@ -133,8 +133,8 @@ offset_list off_0400 = {
     .HV_VCPU_ARRAY_OFF = 0x5D0,
     .HV_VCPU_STRIDE = 0x320,
     .HV_VCPU_VMCB_PTR = 0x08,
-    .KERNEL_CODE_CAVE = 0x0043000,
-    .KERNEL_DATA_CAVE = 0x0043000 + 0xBBE300,
+    .KERNEL_CODE_CAVE = 0x500,
+    .KERNEL_DATA_CAVE = 0xC01300,
     .IOMMU_SOFTC = 0x33C7680,
     .VMSPACE_VM_VMID = 0x1E4,
     .VMSPACE_VM_PMAP = 0x1D0,
@@ -165,8 +165,8 @@ offset_list off_0402 = {
     .HV_VCPU_ARRAY_OFF = 0x5D0,
     .HV_VCPU_STRIDE = 0x320,
     .HV_VCPU_VMCB_PTR = 0x08,
-    .KERNEL_CODE_CAVE = 0x0043000,
-    .KERNEL_DATA_CAVE = 0x0043000 + 0xBBE300,
+    .KERNEL_CODE_CAVE = 0x500,
+    .KERNEL_DATA_CAVE = 0xC01300,
     .IOMMU_SOFTC = 0x33C7680,
     .VMSPACE_VM_VMID = 0x1E4,
     .VMSPACE_VM_PMAP = 0x1D0,
@@ -198,7 +198,7 @@ offset_list off_0403 = {
     .HV_VCPU_STRIDE = 0x320,
     .HV_VCPU_VMCB_PTR = 0x08,
     .KERNEL_CODE_CAVE = 0x500,
-    .KERNEL_DATA_CAVE = 0x0043000 + 0xBBE300,
+    .KERNEL_DATA_CAVE = 0xC01300,
     .IOMMU_SOFTC = 0x33C7680,
     .VMSPACE_VM_VMID = 0x1E4,
     .VMSPACE_VM_PMAP = 0x1D0,
@@ -229,8 +229,8 @@ offset_list off_0450 = {
     .HV_VCPU_ARRAY_OFF = 0x5D0,
     .HV_VCPU_STRIDE = 0x320,
     .HV_VCPU_VMCB_PTR = 0x08,
-    .KERNEL_CODE_CAVE = 0x0043000,
-    .KERNEL_DATA_CAVE = 0x0043000 + 0xBBE300,
+    .KERNEL_CODE_CAVE = 0x500,
+    .KERNEL_DATA_CAVE = 0xC01300,
     .IOMMU_SOFTC = 0x33C7680,
     .VMSPACE_VM_VMID = 0x1E4,
     .VMSPACE_VM_PMAP = 0x1D0,
@@ -261,8 +261,8 @@ offset_list off_0451 = {
     .HV_VCPU_ARRAY_OFF = 0x5D0,
     .HV_VCPU_STRIDE = 0x320,
     .HV_VCPU_VMCB_PTR = 0x08,
-    .KERNEL_CODE_CAVE = 0x0043000,
-    .KERNEL_DATA_CAVE = 0x0043000 + 0xBBE300,
+    .KERNEL_CODE_CAVE = 0x500,
+    .KERNEL_DATA_CAVE = 0xC01300,
     .IOMMU_SOFTC = 0x33C7680,
     .VMSPACE_VM_VMID = 0x1E4,
     .VMSPACE_VM_PMAP = 0x1D0,

source/utils.c

@@ -6,6 +6,7 @@
 #include <sys/param.h>
 #include <sys/proc.h>
 #include <unistd.h>
+#include <sys/stat.h>
 
 /* Global Variables */
 offset_list env_offset;
@@ -247,4 +248,32 @@ void enter_rest_mode(void) {
   sceKernelNotifySystemSuspendStart();
   sceKernelSetEventFlag(event, 0x400);
   sceKernelCloseEventFlag(&event);
+}
+
+
+// Kit type by EchoStretch
+bool if_exists(const char* path) {
+  struct stat st;
+  return stat(path, &st) == 0;
+}
+
+bool sceKernelIsTestKit(void) {
+  return if_exists("/system/priv/lib/libSceDeci5Ttyp.sprx");
+}
+
+bool sceKernelIsDevKit(void) {
+  return if_exists("/system/priv/lib/libSceDeci5Dtracep.sprx");
+}
+
+enum kit_type get_kit_type(void) {
+  if (sceKernelIsDevKit()) {
+    notify("DevKit detected\n");
+    return KIT_DEVKIT;
+  }
+  if (sceKernelIsTestKit()) {
+    notify("TestKit detected\n");
+    return KIT_TESTKIT;
+  }
+  notify("Retail console detected\n");
+  return KIT_RETAIL;
 }