TheOfficialFloW / VitaShell

Multi-functional file manager for PS Vita
GNU General Public License v3.0
1.41k stars 224 forks source link

Safe SELFs incorrectly flagged as UNSAFE #574

Open CreepNT opened 4 years ago

CreepNT commented 4 years ago

According to PSDevWiki, the Authority ID of SDK compiled fSELFs can be 0x2F00000000000001(SDK compiled programs) or 0x2F00000000000002(SDK compiled software using custom make_self.exe argument).

As seen here and here, VitaShell only marks Authority ID 0x2F00000000000002 as safe. This means an app with Authority ID 0x2F00000000000001(which is safe) will be improperly flagged as UNSAFE.

LiEnby commented 4 years ago

No, 0x2F00000000000001 is UNSAFE.

henkaku elevates the permissions of 0x2F00000000000001 to be considered UNSAFE (SceShell) only if the last bit of the AuthID is 1, which is true for 0x2F00000000000001 but not 0x2F00000000000000 or 0x2F00000000000002 https://github.com/henkaku/henkaku/blob/master/plugin/kernel.c#L63

0x2F00000000000001 is infact a UNSAFE self. you can test this yourself, compile any homebrew as UNSAFE and call some syscall that requires elevation (eg, SceIoMount) you will see it uses the same fself authid of 0x2F00000000000001

Infact its because of henkaku messing with this authid that any apps using the default authid are unable to launch on activated dev/test kits ...

there IS a bug, which is that '0x2F00000000000000' would be seen as UNSAFE when it IS safe. however 0x2F00000000000001 is definitely an UNSAFE self.

CreepNT commented 4 years ago

henkaku is wrong then, check psdevwiki

LiEnby commented 4 years ago

henkaku litteally invented the "SAFE / UNSAFE" thing, how could it be wrong?

the devwiki page just tells you that 0x2F00000000000001 is used by FSELF. tbh