Hacking Question NSO entry point

[Green;Dog]

I don't even know if this is the right place to ask this, but I've searched online, and I can't seem to find where code execution actually begins when an NSO is loaded. As far as I can tell the header doesn't contain an entry point, and elf2nso never touches the elf entry point, so how does the switch know where to start executing?

It would be very much appreciated if someone could provide an explanation of exactly what happens when the switch loads an NSO into memory.

 

[ghjfdtg]

There is no fixed entrypoint. Everything uses ASLR and is relocated automatically.

 

[Green;Dog]

Yes, I understand the actual loading location is randomized, but what I don't understand is this:

random_image_base + (insert wizardry) = start_of_code

what is that wizardry? how does the switch make the jump from OS code to game code?