115
edits
Changes
Jump to navigation
Jump to search
Line 1:
Line 1: − + − + − + Line 14:
Line 14: − + − + − + − + − + − − Flags bit0: if not set, return port-handle instead of session-handle(from [[SVC|svcCreateSessionToPort]]) when session-handle unavailable (max sessions/timeout?). − + − + − + − − Flags bit0: return 0 instead of port handle if port was found. − + − + − + − + − + − + − + + + − + + + + + + + + + + − + + − + + − − The Register command registers a process with the service-manager, which includes registering the serviceaccesscontrol for the process which normally originates from the [[NCCH/Extended_Header|exheader]]. Line 81:
Line 88: + + − + + + + + + + + + + + + + + + + + + − + + + + + + + + + + + + + + + − + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + − + + + − + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
→Notifications
Services are an abstraction of ports and are the commonly used way of inter-process communication outside of the kernel. While handles of regular ports are retrieved from [[SVC]](svcConnectToPort), service handles are retrieved through the port ''srv:'' ("service manager").
Services are an abstraction of ports and are the commonly used way of inter-process communication outside of the kernel. While handles of regular ports are retrieved from [[SVC|svcConnectToPort]], service handles are retrieved through the port ''srv:'' ("service manager").
When a service is registered, [[SVC|svcCreatePort]] is used without a port-name. This means that the port is inaccessible via the port SVCs outside of sm-module. See below for getting a session handle for sending commands to services.
When a service is registered, [[SVC|svcCreatePort]] is used without a port-name. This means that the port is inaccessible via the port SVCs outside of sm-module. See below for getting a session handle for sending commands to services.
Processes with PID less than or equal to the number of NATIVE_FIRM built-in modules (fs, sm, pm, pxi, ldr) have access to all services. This value is obtained from [[SVC|svcGetSystemInfo]].
Processes with PID less than or equal to the number of NATIVE_FIRM built-in modules (fs, sm, pm, pxi, ldr) have access to all services. This value is obtained from [[SVC|svcGetSystemInfo]]. Other processes are limited to access services listed in their [[NCCH/Extended_Header#ARM11_Local_System_Capabilities|service access control list]], as passed to [[SRVPM:RegisterProcess]].
Attempting to use srvGetServiceSession with a service that the process has access to when that service isn't registered, results in svcSendSyncRequest never returning(the exact cause is unknown).
Attempting to use [[SRV:GetServiceHandle|GetServiceHandle]] with a service that the process has access to when that service isn't registered will block until it is registered.
==Service Manager Port "srv:"==
==Service Manager Port "srv:"==
|-
|-
| 0x00010002
| 0x00010002
| Initialize
| [[SRV:RegisterClient|RegisterClient]]
|-
|-
| 0x00020000
| 0x00020000
| GetProcSemaphore() (the handle from this gets signaled when notifications for this process gets triggered)
| [[SRV:EnableNotification|EnableNotification]]
|-
|-
| 0x00030100
| 0x00030100
| RegisterService(8-byte servicename, u32 strlen, u32 max_sessions)
| [[SRV:RegisterService|RegisterService]]
|-
|-
| 0x000400C0
| 0x000400C0
| UnregisterService(8-byte servicename, u32 strlen)
| [[SRV:UnregisterService|UnregisterService]]
|-
|-
| 0x00050100
| 0x00050100
| GetServiceSession(8-byte servicename, u32 strlen, u32 flags)
| [[SRV:GetServiceHandle|GetServiceHandle]]
|-
|-
| 0x000600C2
| 0x000600C2
| RegisterPort(8-byte servicename, u32 strlen, Handle client_port)
| [[SRV:RegisterPort|RegisterPort]]
|-
|-
| 0x000700C0
| 0x000700C0
| UnregisterPort(8-byte servicename, u32 strlen)
| [[SRV:UnregisterPort|UnregisterPort]]
|-
|-
| 0x00080100
| 0x00080100
| GetPort(8-byte servicename, u32 strlen, u32 flags).
| [[SRV:GetPort|GetPort]]
|-
|-
| 0x00090040
| 0x00090040
| Subscribe(u32 notification_id). This enables the specified notificationID for the current process.
| [[SRV:Subscribe|Subscribe]]
|-
|-
| 0x000A0040
| 0x000A0040
| Unsubscribe(u32 notification_id). This disables the specified notificationID for the current process.
| [[SRV:Unsubscribe|Unsubscribe]]
|-
|-
| 0x000B0000
| 0x000B0000
| ReceiveNotification() This returns the notificationID which was triggered, if any(see GetProcSemaphore).
| [[SRV:ReceiveNotification|ReceiveNotification]]
|-
|-
| 0x000C0080
| 0x000C0080
| PublishToSubscriber(u32 notification_id, u32 flag). This fires an notification. Bit0: only fire if not already fired, bit1: return error if error happens, else it always returns 0.
| [[SRV:PublishToSubscriber|PublishToSubscriber]]
|-
|-
| 0x000D0040
| 0x000D0040
| This can fire notificationIDs and return the number of fired notificationID
| [[SRV:PublishAndGetSubscriber|PublishAndGetSubscriber]]
|-
|-
| 0x000E00C0
| 0x000E00C0
| HasAccessToService(8-byte servicename, u32 strlen). Returns 1 if your process has access to the service.
| [[SRV:IsServiceRegistered|IsServiceRegistered]]
|}
|}
==Service Manager Process-Manager Port "srv:pm"==
It appears these "port" commands can be used for transferring arbitrary handles, however [[SRV:GetPort|GetPort]] still uses the same service-access-control validation as [[SRV:GetServiceHandle|GetServiceHandle]]. Despite this fact, it appears that a "port" and a service with the same name can coexist independently.
==Service Manager Process-Manager Port/Service "srv:pm"==
{| class="wikitable" border="1"
{| class="wikitable" border="1"
|-
|-
! Command Header, prior to [[7.0.0-13]]
! Command Header (port), prior to [[7.0.0-13]]
! Command Header (service), post [[7.0.0-13]]
! Description
! Description
|-
| 0x04010042
| 0x00010042
| [[SRVPM:PublishToProcess|PublishToProcess]]
|-
| 0x04020040
| 0x00020040
| [[SRVPM:PublishToAll|PublishToAll]]
|-
|-
| 0x04030082
| 0x04030082
| RegisterProcess (u32 procid, u32 wordsz, <nowiki>((wordsz<<16) | 2)</nowiki>, serviceaccesscontrol*).
| 0x00030082
| [[SRVPM:RegisterProcess|RegisterProcess]]
|-
|-
| 0x04040040
| 0x04040040
| UnregisterProcess (u32 procid).
| 0x00040040
| [[SRVPM:UnregisterProcess|UnregisterProcess]]
|}
|}
Prior to to [[7.0.0-13]], the commands listed for "srv:" were also accessible under this port with the same command-headers. Starting with [[7.0.0-13]], the "srv:pm" port was changed to a service. With this change, commandIDs for these commands were changed. "srv:pm" was originally vulnerable, this was fixed with [[7.0.0-13]], see [[3DS_exploits|here]]. Originally any process could use "srv:pm", however starting with [[7.0.0-13]] only the built-in NATIVE_FIRM sysmodules have access to it. The only system title which uses "srv:pm" is the [[Process_Manager_Services|Process Manager]].
Prior to to [[7.0.0-13]], the commands listed for "srv:" were also accessible under this port with the same command-headers. Starting with [[7.0.0-13]], the "srv:pm" port was changed to a service. With this change, commandIDs for these commands were changed. "srv:pm" was originally vulnerable, this was fixed with [[7.0.0-13]], see [[3DS_exploits|here]]. Originally any process could use "srv:pm", however starting with [[7.0.0-13]] only the built-in NATIVE_FIRM sysmodules have access to it. The only system title which uses "srv:pm" is the [[Process_Manager_Services|Process Manager]].
|-
|-
! ID
! ID
! Published by
! Subscribed by
! Description
! Description
|-
|-
| 0x100
| 0x100
| This indicates that all processes must terminate: power-off, reboot, or [[FIRM]]-launch.
|
| Not Needed
| This indicates that the recipient must terminate.
|-
| 0x101
| PTM
| NS
| Signaled on sleep mode entry.
|-
| 0x102
| PTM
| NS
| Sleep Mode related?
|-
| 0x103
| PTM
| NS, CSND, NWM, AC, NIM
| Fired on sleep mode entry (Kernel state is modified by PTM after publishing this)
|-
|-
| 0x104
| 0x104
| This indicates that the system is entering sleep mode. (PTM:NotifySleepPreparationComplete needed for this and the following?)
| PTM
| HID
| This indicates that the system is entering sleep mode. (Kernel state is modified by PTM before publishing this)
|-
|-
| 0x105
| 0x105
| PTM
| NS, DSP, CSND, GSP, CODEC, CAMERA, HID, QTM, MIC, IR, NWM, FRIENDS, AC, CECD, ACT, NDM, NIM
| This indicates that the system has exited sleep mode.
| This indicates that the system has exited sleep mode.
|-
| 0x106
| PTM
| NS, MIC, AC, NEWS, CECD, BOSS
| Fired after sleep mode exit.
|-
| 0x107
| PTM
| NWM, CECD, BOSS, NDM, NIM, NEWS
| Unknown.
|-
|-
| 0x108
| 0x108
| error at boot?
| PTM
| GSP, QTM
| System is going to Power Down.
|-
| 0x109
| CFG
| GSP
| CFG block 0x00050001 has been modified, change LCD brightness/PWM settings
|-
| 0x10B
| CFG
| CAMERA
| ?
|-
| 0x10C
| PM
|
| A Regular application has started.
|-
| 0x110-0x11F
| PM
| NS
| Sent on application exit. See [[PMApp:LaunchTitle#Launch_Flags|PM launch flags]].
|-
| 0x179
| PM
| PTM, NS
| All processes other than PTM and NS have terminated.
|-
| 0x200
|
| NS
| Signaled just before sleep mode is exited from.
|-
|-
| 0x202
| 0x202
| MCU
| NS
| POWER button pressed
| POWER button pressed
|-
| 0x203
| MCU
| NS
| POWER button held long
|-
|-
| 0x204
| 0x204
| This indicates that the HOME button was pressed.
| MCU
| NS
| HOME button pressed
|-
|-
| 0x205
| 0x205
| HOME button pressed
| MCU
| NS
| HOME button released
|-
| 0x206
| MCU / NWM
| NWM
| The physical Wi-Fi slider state changed
|-
|-
| 0x207
| 0x207
|
| MENU
| SD card inserted
| SD card inserted
|-
|-
| 0x208
| 0x208
|
| MENU
| Game cartridge inserted
| Game cartridge inserted
|-
|-
| 0x209
| 0x209
|
| NS, MENU
| SD card removed
| SD card removed
|-
|-
| 0x20A
| 0x20A
|
| NS, MENU
| Game cartridge removed
| Game cartridge removed
|-
|-
| 0x20B
| 0x20B
|
| NS, MENU
| Game cartridge inserted or removed
| Game cartridge inserted or removed
|-
| 0x20C
| MCU
| PTM
| Published on a (fatal) hardware condition?, ptm throws fatal error F960D407 in receipt of this
|-
| 0x20D
| MCU
| GSP
| Charger plugged out.
|-
| 0x20E
| MCU
| GSP
| Charger plugged in.
|-
| 0x20F
| MCU
|
| Published by the mcu module when (bitmask & 0x8000) is true. This bitmask is obtained by reading i2c register 0x10.
|-
| 0x210
| MCU
|
| Published by the mcu module when (bitmask & 0x4000) is true. This bitmask is obtained by reading i2c register 0x10.
|-
| 0x211
| PTM
|
| Battery very low (5%)
|-
| 0x212
| PTM
|
| Battery low (10%)
|-
| 0x213
| NS
| CODEC, HID, GSP, CAMERA, MIC, NDM, QTM, PTM
| Shell opened.
|-
| 0x214
| NS
| CODEC, HID, GSP, CAMERA, MIC, NDM, QTM, PTM.
| Shell closed.
|-
| 0x300
| AC
| NDM, MENU
| Signaled after sleep mode exit and during system boot.
|-
| 0x301
| AC
| FRIENDS, NDM
| Signaled just before sleep mode is exited from.
|-
| 0x302
| NWM
| NDM, SOCKET, FRIENDS, AC
| Unknown.
|-
| 0x303
|
| CECD, NDM
| Unknown.
|-
| 0x304
|
| CECD, NDM, SOCKET
| Unknown
|}
|}