KaKaroToKS 大大今天成功 dump 了 PS3 LV1 的系統呼叫函式, 並且計劃放出能夠 dump PS3 LV1 的韌體讓其他開發者也能夠 dump LV1, LV1的系統呼叫一般被用來呼叫需要管理者權限的函式, 它也是系統最底層的函式用來直接存取硬體, 而作業系統都是執行在LV1之上, 而作業系統提供的函式稱為 LV2, (目前改機都是修改 LV2 的系統呼叫) 像是常見的執行遊戲用的 GameOS, 和讓使用者可以安裝 linux 的 OtherOS, 都是使用相同 LV1 系統呼叫, 目前的 payload 只能夠 dump LV1 還無法存取或是修改 LV1, 但是對於 PS3 的了解還相當有幫助的 關係示意圖: --------------------------- 遊戲或自製程式| Linux 程式 --------------------------- GameOS(LV2) | OtherOS --------------------------- LV1 --------------------------- 硬體 --------------------------- ============================ 原文連結 : http://0rz.tw/2Rff4 Today Dertyp at PSX-Scene (linked above) reports that KaKaroToKS has dumped the PS3 LV1 syscalls, and plans to update his payload soon to allow other developers to dump the calls. To quote: For Those Of You Who Are Asking What This Is: level-1 syscalls are used to call hypervisor functions. On a PS3 the hypervisor is known as as 「lv1〞 (level1) since it is the lowest level that runs directly on top of the hardware. The operating system is executed on top of this and is known as 「lv2〞 (level2). The two common operating systems are GameOS which PS3 games run on, and OtherOS which is usually used to run linux. Since both OSes run on top of the same lv1 hypervisor, they use the same set of hypercalls which has been partially documented here. KaKaRoToKS Recent Tweets: FINALLY able to dump (over eth) all lv1 calls!! Will push it soon! To everyone misunderstanding: no lv1 access, all I did was be able to dump the "call trace" of lv1 hypercalls. same as payload_dump_syscalls And Finally What Does These All Mean To Us Right Now! This is work-in-progress, once KaKaRoToKS has finished his poking around the dumps, and detailing the info on his GIT, I will update this thread, even after he is done, it will take some time for various PS3 developers to study all this new information, before it will help out the "end-user" but it is another big step forward in the daily forever-changing and growing-fast PS3 Scene World! -- ※ 發信站: 批踢踢實業坊(ptt.cc) ◆ From: 114.32.118.136