Retrieved by ultimakillz, http://h4ck.fi.st/index.php/topic,78.0.html
So as said in the introduction, our objective is to make our own sceKernelLoadExec()/sceKernelLoadModule(). First thing we need to know is what kind of executable PSP uses. Well, as its non-portable brothers, PSP uses ELF executables. ELF stands for Executable and Linkable Format. But those ELFs are wrapped inside a DATA.PSP file, which in turn is embedded into an EBOOT.PBP file. To simplify things, we're going straight to the ELFs themselves, skipping all the onion layers removing (EBOOT.PBP and DATA.PSP).
ELFs contain code and data for a program to run. But to run a program in a decent OS you need more information, which is also stored in the ELF. An ELF file is divided into multiple sections, each one containing different type of information. Let's see what information an ELF contains.
Loading address. Well, an ELF, as an executable, needs to be loaded in memory to be run. But at what address should it be loaded? In PSP there are two kinds of ELFs: static and relocatable. Static ones have no relocation information. This means addresses and references into the code are fixed numbers, so we need to always load the code at the same fixed address or it will not work properly. Relocatable ones (better known as PRX, PSP Relocatable Executable) have no fixed loading address, so the kernel can choose where to load them. This is more flexible but need relocation information, that is, how to change the references inside the code with the real loading address. To simplify, we're not going to consider relocatable ELFs by now (for more info about relocation: http://en.wikipedia.org/wiki/Relocation ... r_science))
Imports. An ELF can have calls to external functions provided by the OS, commonly called system calls. Those system calls are just petitions from the application to the OS, such as "open this file", "write this to screen", etc... This code is not included on the application itself (that is, the ELF) but on the OS. Some calls are on the kernel space, some are on user space. To access user space calls, PSP uses direct jumps, using plain j MIPS instructions. For kernel space calls, PSP uses syscall MIPS instructions. So the ELF has a section called .sceStub.text, where all the system calls are stored. If you prxtool -w an ELF file generated by PSPSDK, you'll find something like this:
Code: Select all
; ==== Section .sceStub.text - Address 0x0890F24C Size 0x000000F8 Flags 0x0006
; ======================================================
; Subroutine sceDisplaySetMode - Address 0x0890F24C
sceDisplaySetMode: ; Refs: 0x08900BA0
0x0890F24C: 0x03E00008 '....' - jr $ra
0x0890F250: 0x00000000 '....' - nop
; End Subroutine sceDisplaySetMode
; ======================================================(direct jump - user space system call)
Code: Select all
000002ac: 0a7cfc80 j 0x9f3f200
000002b0: 00000000 nop
(syscall - kernel space system call)
Código: Seleccionar todo
08C9298c: 03e00008 jr $ra
08C92990: 0008b68c syscall 0x022daI think this is all for basic concepts, let's see how to get the ELF load and resolve those imports.
Advertising
