In normal mode ("game" mode), the function is located at address 0x88068a74. In "vsh" mode (the one i have really been investigating), this function is located at address 0x880bc274.
The parameters are very similar to the sceKernelLoadExec function (i think that almost all of these laod-exec function call to the same function which is the one that does the real stuff).
The function and structure defintion (more or less)
Code: Select all
struct SceKernelLoadExecVSHParam {
/* Size of structure (0x24)*/
SceSize size;
/* Size of the arguments string */
SceSize args;
/* Pointer to the arguments strings */
void * argp;
/* Set to "game" when loading homebrews */
const char * key;
/* unknown, it seems to be some kind of flag. the firmware set it to 0x00000400. it looks like is related with the next fields of the struct, it's better to set it to 0 if we don't know how to use those fields */
u32 unk1;
/* unknown, the firmware always set it to 0x09CF344C, which seems to be a pointer (but it's not a pointer to a string) */
void *unk2;
/* unknown. the firmware sets it to 0 */
u32 unk3;
/* unknown. the firmware sets it to 0 */
u32 unk4;
/* unknown. the firmware sets it to 0 */
u32 unk5
};
int LoadExecForKernel_28D0D249(const char *file, struct SceKernelLoadExecVSHParam *param);
We don't know the name of this function, but i would swear that it has to be something that starts with "sceKernelLoadExecVSH"
I know this may not be very useful since we already have sceKernelLoadExec that it's almost identical, but hey, you should show some respect to LoadExecForKernel_28D0D249, thanks to it we have homebrew ;)