Any way to disable no-execute protection on 3.55?

[Robo Hobo]

Is there a known way to disable NX? The only method I know of works with Kammy on 3.41 firmware only. Not being able to work around it will throw a wrench in any emulator projects that need recompiler cores to run well.

I've tried what's probably the most obvious solution, messing with the section flags in the elf file. Either the loader on the PS3 ignores it, or make_self_npdrm doesn't copy it over.

Surely there is some way to run a JIT compiler on GameOS?

[cookie42]

Someone i follow on twitter mentioned something you might be interested in.
https://twitter.com/codetwink

[zylor]

Someone i follow on twitter mentioned something you might be interested in.
https://twitter.com/codetwink

On Wednesday 2nd February 2011, @codetwink said:

v3.55 blocked access to lv2 kernel "execute" access, however, if you can patch back in a method to lv1_write_htab_entry, you can re-enable this area

i.e. for 0x80000000007f0000's page:

pte0 = lv2_peek(0x800000000f003f80ULL);
res = lv1_write_htab_entry(0, 0x3f8, pte0, 0x7f0190);

or for complete r/w/x access:

#define HTAB_BASE 0x800000000f000000ULL
#define HTAB_LV2_START 0x01000000ULL
#define HTAB_LV2_END 0x01800000ULL

/* enable full r/w/x access */
void ps3_fix_htab_lv2_access()
{
int i;
uint64_t pte0, pte1;

/* process entire lv2 */
for (i = 0; i < 128; i++)
{
/* read the old value */
pte0 = lv2_peek(HTAB_BASE | (i << 7));
pte1 = lv2_peek(HTAB_BASE | (i << 7) + 8);

/* verify entry is lv2 */
if ((pte1 >= HTAB_LV2_START) && (pte1 < HTAB_LV2_END))
{
/* patch proper htab settings */
lv1_write_htab_entry(0, i << 3, pte0, (pte1 & 0xff0000) | 0x190);
}
}
}

Typo in previous post, i << 3 instead of i << 4

This