Changes

904 bytes added ,  22:27, 26 October 2016
Line 435: Line 435:  
|
 
|
 
| Everyone
 
| Everyone
 +
|-
 +
| [[Memory_layout#ARM11_Detailed_virtual_memory_map|0xEFF00000]] / 0xDFF00000 ARM11 kernel virtual-memory
 +
| The ARM11 kernel-mode 0xEFF00000/0xDFF00000 virtual-memory(size 0x100000) is mapped to phys-mem 0x1FF00000(entire DSP-mem + entire AXIWRAM), with permissions RW-. This is used during ARM11 kernel startup for loading the FIRM-modules from the FIRM section located in DSP-mem, this never seems to be used after that, however. This is never unmapped either.
 +
|
 +
| None
 +
| [[11.2.0-35|11.2.0-X]]
 +
| [[11.2.0-35|11.2.0-X]]
 +
|
 +
|-
 +
|  slowhax
 +
|  svcWaitSynchronizationN does not decrement the references to valid handles in an array before returning an error when it encounters an invalid handle. This allows one to (slowly) overflow the reference count for a handle object to zero.
 +
| ARM11 kernel-mode code execution
 +
| [[11.2.0-35|11.2.0-X]]
 +
| [[11.2.0-35|11.2.0-X]]
 +
| 2016?
 +
| nedwill, derrek, others?
 
|-
 
|-
 
| [[Memory_layout#ARM11_Detailed_virtual_memory_map|0xEFF00000]] / 0xDFF00000 ARM11 kernel virtual-memory
 
| [[Memory_layout#ARM11_Detailed_virtual_memory_map|0xEFF00000]] / 0xDFF00000 ARM11 kernel virtual-memory
29

edits