Difference between revisions of "IPC"
| Line 54: | Line 54: | ||
|- | |- | ||
| 0x00000000 | | 0x00000000 | ||
| − | | The corresponding value is a KHandle, that should be closed in calling process | + | | The corresponding value is a KHandle, that should be closed in calling process |
|- | |- | ||
| 0x00000010 | | 0x00000010 | ||
| − | | The corresponding value is a KHandle, that will be | + | | The corresponding value is a KHandle, that will be duplicated |
|- | |- | ||
| 0x00000020 | | 0x00000020 | ||
| Line 63: | Line 63: | ||
|- | |- | ||
| 0x0000???2 <nowiki>|</nowiki> (size<<14) | | 0x0000???2 <nowiki>|</nowiki> (size<<14) | ||
| − | | The corresponding value contains a ptr to a buffer of said size. | + | | The corresponding value contains a ptr to a buffer of said size, that should be copied to an already set-up buffer in destination process at TLS+0x180. |
|- | |- | ||
| 0x0000000A <nowiki>|</nowiki> (size<<4) | | 0x0000000A <nowiki>|</nowiki> (size<<4) | ||
Revision as of 18:29, 1 June 2014
Every IPC command sent to services starts with a u32 header code:
| Bits | Description |
|---|---|
| 0-5 | Number of translate parameters (=x) |
| 6-15 | Number of normal parameters (=y) |
| 16-31 | Command ID |
The entire command has the following structure:
| Word | Size | Description |
|---|---|---|
| 0 | 1 | Header code |
| 1 | x | Normal parameters |
| x | y | Translate parameters |
Translate parameters are modified/translated transparently by the kernel. They are used to transfer handles/buffers between the different processes.
The type of parameter is described by the bits 1-3 in the translation descriptor. Parameter types accepted for sending by the kernel are: 0, 1, 2, 5, 6, 7. Type 0 is used to send handles across processes:
if desc & 0x30 == 0x20:
write process id to value
else:
translate handle
if desc & 0x30 == 0x10:
close handle for caller
For replies, only 0, 1, 5, 6, 7 are allowed. In other words any type 2 fields must be zeroed before calling svcReplyAndReceive on the server-side. For replies type 0, 1, 2 are ignored. Types 5, 6, 7 do something with the mem pointer upon reply. The type 0 descriptor can be used to ignore parameters. The number of parameters covered by a type-0 descriptor is (desc >> 26) + 1.
| Descriptor | Description |
|---|---|
| 0x00000000 | The corresponding value is a KHandle, that should be closed in calling process |
| 0x00000010 | The corresponding value is a KHandle, that will be duplicated |
| 0x00000020 | Let kernel set value to calling process ProcessID |
| 0x0000???2 | (size<<14) | The corresponding value contains a ptr to a buffer of said size, that should be copied to an already set-up buffer in destination process at TLS+0x180. |
| 0x0000000A | (size<<4) | The corresponding value contains a ptr to a buffer of said size. |
| 0x0000000C | (size<<4) | The corresponding value contains a ptr to a buffer of said size. |