September 21, 2010 // 2:54 am
- Following up on his previous
work, today AerialX Tweeted
that the beginnings of a PS3 LV2 Userland (GameOS) patch framework dubbed Kammy are available for PSGroove linked above at Github or directly below.
Download: Kammy Userland PS3 LV2 GameOS Patches for PSGroove
To quote: Kammy is a system for loading patches to lv2 (PlayStation 3's Game OS) from a user application, using PSGroove or any other implementation of the exploit that adds the peek/poke syscalls. Kammy was inspired by Treeki's Nintendo Wii game patching system, Kamek.
Building Kammy requires three different gcc compiler toolchains.
• gcc: A normal host gcc is required to build the raw2h application.
• ppu-lv2-gcc: Used to compile the loader, only available from Sony.
• ppu-gcc, ppu-binutils: A version of gcc that will compile 64bit PowerPC instructions is required to build the patches. Linux packages can be found on BSC.es
. (note: ppu-lv2-gcc may suffice for this, untested)
• xxd: Creating patch bin files requires the xxd tool to be installed.
With these dependencies installed, you can build Kammy by simply cd'ing to the loader directory and running:
Kammy must be used with a payload that supports poke/peek. This includes PSGroove and most of its forks - including my own - among others. To apply a Kammy patch, a loader application must be started on the PS3. This is usually done from XMB from an installed package, or from USB using my PSGroove fork's apploader payload.
Kammy is made up of two main components:
• lv2: This folder contains the lv2 patches to be built. See the main kammy patch for an example. It is up to the patch to apply any hooks needed to lv2.
• libkammy: This is the basic library that handles the loading of Kammy patches.
The loader/ folder contains an example of using libkammy to load a patch from the lv2 folder.
Internally, Kammy obliderates syscalls 8 and 9, so try not to run it with payloads that provide those syscalls (like my debug payload).