[ZT]Porting a 1.50 firmware homebrew to 3.xx firmware

3.xx firmwares require your homebrew be in prx format. To get your homebrew in this format, you need to follow a few basic steps:


1. Modify your Makefile – You need to add the following to your Makefile to compile a prx (before the include $(PSPSDK)/lib/build.mak line):
Code:
BUILD_PRX = 1
PSP_FW_VERSION = 371
2. Set your homebrew to user mode – Your homebrew needs to start in user mode. To do this, change the 2rd argument in PSP_MODULE_INFO to 0. For most homebrew you will also need to increase your heap size. The heap size is the amount of memory available to malloc. I set mine to 20mb. The bellow code should be at the top of your main source file (normally main.c).
Code:
PSP_MODULE_INFO(“My Homebrew”, 0, 1, 0);
PSP_HEAP_SIZE_KB(20480);
Alternatively you can use PSP_HEAP_SIZE_MAX(); if you have a toolchain compiled on or after Sep. 30th, 2007 (revision 2321). This will allocate as big of a heap as it can. Please note you should recompile your entire toolchain (or at least pspsdk and newlib) to use this, otherwise your homebrew will crash with a Exception – Bus error (data).
3. Try running your app – You should now be able to compile your app with a normal make and copy over the EBOOT.PBP per usual. There is no kxploit or % folder for 3.xx firmware. If you are running your application from psplink, you need to run the prx file instead of the elf file or it will not run. At this point your homebrew should run unless you have kernel calls in your code. If your code has kernel calls you will get a 0x8002013C error when you try to start the homebrew. Don’t panic, move on to step 4. If your homebrew runs, great, skip step 4.
4. Locate and deal with your kernel calls – You need to figure out what is a kernel call and what isn’t. To do this, you can use prxtool -f . Here is a example output:
Code:
$ prxtool -f project.prx
… output left out (it’s a lot of output) …
Import 9, Name UtilsForUser, Functions 1, Variables 0, flags 40010000
Functions:
0x79D1C3FA [0x0008CF34] – UtilsForUser_79D1C3FA
Import 10, Name LoadExecForUser, Functions 2, Variables 0, flags 40010000
Functions:
0x05572A5F [0x0008CF3C] – LoadExecForUser_05572A5F
0x4AC57943 [0x0008CF44] – LoadExecForUser_4AC57943
Import 11, Name IoFileMgrForKernel, Functions 1, Variables 0, flags 00010000
Functions:
0x411106BA [0x0008CF4C] – IoFileMgrForKernel_411106BA
Done
If you look at the above output you can see there is a import called IoFileMgrForKernel. This import has one function. Refer to this page: http://silverspring.lan.st/1.5x/kd/iofilemgr.html. Search on the page and you will find that 0x411106BA matches the function sceIoGetThreadCwd. You can now search for this function and either (a) replace the kernel call with user mode code -or- (b) move the kernel call into a kernel mode prx and load that kernel mode prx from your homebrew. Option B is out of the scope of this tutorial so search the forums to figure out how to do this. Option A is the preferable solution unless you have to use a kernel call. I went to the main page http://silverspring.lan.st and clicked on 1.5x firmware. From this page I found sceIOFileManager in the list and clicked on it to get to the above page. A search function would have been nice.

博主友情提示:

如您在评论中需要提及如QQ号、电子邮件地址或其他隐私敏感信息,欢迎使用>>博主专用加密工具v3<<处理后发布,原文只有博主可以看到。