From 943f06ddc3f85f9e3d300aed4f06aaa6f7457db1 Mon Sep 17 00:00:00 2001
From: Al Azif <33132478+Al-Azif@users.noreply.github.com>
Date: Tue, 24 Jun 2025 04:19:56 -0700
Subject: [PATCH] Update 900.c

---
 src/kpatch/900.c | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/src/kpatch/900.c b/src/kpatch/900.c
index cdaa7e1..ff61475 100644
--- a/src/kpatch/900.c
+++ b/src/kpatch/900.c
@@ -66,7 +66,7 @@ static inline void do_patch(void *kbase) {
     disable_cr0_wp();
 
     // ChendoChap's patches from pOOBs4
-    write16(kbase, 0x626874, 0x9090); // veriPatch
+    write16(kbase, 0x626874, 0x00eb); // veriPatch
     write8(kbase, 0xacd, 0xeb); // bcopy
     write8(kbase, 0x2713fd, 0xeb); // bzero
     write8(kbase, 0x271441, 0xeb); // pagezero
@@ -76,6 +76,9 @@ static inline void do_patch(void *kbase) {
     write8(kbase, 0x271b5d, 0xeb); // copyinstr
     write8(kbase, 0x271c2d, 0xeb); // copystr
 
+    // stop sysVeri from causing a delayed panic on suspend
+    write16(kbase, 0x62715f, 0x00eb);
+
     // patch amd64_syscall() to allow calling syscalls everywhere
     // struct syscall_args sa; // initialized already
     // u64 code = get_u64_at_user_address(td->tf_frame-tf_rip);
@@ -111,8 +114,8 @@ static inline void do_patch(void *kbase) {
     //
     // sy_call() is the function that will execute the requested syscall.
     write8(kbase, 0x4c2, 0xeb);
-    write16(kbase, 0x4b9, 0x9090);
-    write16(kbase, 0x4b5, 0x9090);
+    write16(kbase, 0x4b9, 0x00eb);
+    write16(kbase, 0x4b5, 0x00eb);
 
     // patch sys_setuid() to allow freely changing the effective user ID
     // ; PRIV_CRED_SETUID = 50
@@ -131,7 +134,7 @@ static inline void do_patch(void *kbase) {
     // }
     write32(kbase, 0x80b8d, 0);
 
-    // TODO: Description of this patch. "prx"
+    // TODO: Description of this patch. patch sys_dynlib_load_prx()
     write16(kbase, 0x23aec4, 0xe990);
 
     // patch sys_dynlib_dlsym() to allow dynamic symbol resolution everywhere