ConsoleCrunch.com wurde von einer anonymen Person kontaktiert welche womöglich eine ALTER ENTWICKLER zu sein scheint. Dieser UNBEKANNTE könnte möglicherweise MEHR über eine evtl. CFW 4.21 sowie der Methode mit der TEAM NoDRM ihre EBOOTs patcht wissen.
Sehr Vereinfacht geht es darum mit Hilfe einer DEX Konsole & dem ProDG 4.21.1 Teile der Firmware und mit MemDump die EBOOTS zu entschlüsseln.
Die entschlüsselten Dateien der 4.21 DEX Firmware werden dann in eine CFW 3.55 integriert & die 4.21 EBOOTS mit den 3.55 Keys neu verschlüsselt.
Was von den (bis jetzt) Mutmaßungen zu halten ist wird sich in der nächsten Monaten zeigen.
Einige namhafte Entwickler u.a. eussNL scheinen sich bereits damit zu befassen.
Die Infos scheinen für Entwickler SO INTERESSANT zu sein das wir uns VIELLEICHT auf NEUE ENTWICKLUNGEN freuen können !!!
Schritt 1: ANONYMER ENTWICKLER via Mujarrad auf ConsoleCrunch.com
Possible CFW 4.21 Theory And NoDRM Method?
[Blockierte Grafik: http://consolecrunch.com/wp-co…oads/2012/09/PS3-Cell.jpg]
Today Anonymous contacted us who claims to be an old developer and has some news about CFW 4.21 and possible theorys and method that N0DRM use to patch Eboots.
ZitatAlles anzeigen
Hello ConsoleCrunch i’m a old dev and i have a big news about the CFW 4.21, some people call me a lier and today they use what i was explaining about CEX-DEX, Decrypt Eboot etc… i’m going to reveal some news about the 4.21 CFW
Easy to make a CFW 4.21, first you absolutely need to have a PS3 4.21 DEX for that, that help you to decrypt all the dev_flash and co… also you need to dump the LV2 from the 4.21 DEX (that let you decrypt the 4.21 LV2) and after all you can resign and play with poke and co
Extract the 4.21 CEX pup, decrypt the files with PS3 4.21 DEX, keep the keys safe, make a PUP CFW 4.21 with the new 4.21 files resigned/modifie d, that all…
Hi Mujarrad, already tested a long time ago… this is one of the solution, you can dump the 4.21 kernel from the 4.21 DEX and take example from this one to make your own CFW DEX and also for CEX that is pretty similar but you need a PS3 DEX to work under development mode that let you execute under debugger mode
You can decrypt/encrypt everything with a PS3 4.21 DEX and the right App… for example just with the Multiman you can dump the LV2 4.21 and decrypt this one with the PS3 (you also need to active log mode) that log every of your action and save it into your usb storage
This is way that NoDRM work to make patch for the PS3 Games, you can even do it yourself if you don’t want to wait the release
One of the best app available is memdump that let you dump lv1/lv2 and flash memory don’t forget this app, it’s usefull with a PS3 4.21 DEX
Schritt 2: ANONYMER ENTWICKLER via Mujarrad auf ConsoleCrunch.com
Step Two: Reveal Of BlueDisk/Red Ribbon/Red Power With Bonus
[Blockierte Grafik: http://consolecrunch.com/wp-co…ads/2012/09/blue-disk.jpg]
Following up on the previous article, today Anonymous has been in contact with us again and releases this quote below with bonus files (Password: 1984).
ZitatAlles anzeigen
This is just the beginning (if you don’t want to read the clue, check directly the bonus at the end)
Clue 1 :
A Man talk with somebody about a long story happen in the Past, this Man find every solution to fix this story but he didn’t have time to show all he’s know, after this long story some bad guys who didn’t respect the open solution, make their own private solution.
Clue 2 :
Ask this to a commercial worker in Private
How you can sell a product that don’t exist yet ?
The commercial will answer to you that, it’s simple, keep them waiting for it, more they wait, more wait and more it’s easy to sell it easily… because the people want what they don’t need and what unaccessible (Apple Method). We call that easy money with easy product
Clue 3 :
Check my announcement before and check the reaction after of this pretty dev… action/reaction… you can understand that they always lie behind the words they said… try to defend themselve to hide the real point, that is the method of a dev who want to make money but let you know that it will never do that…
The point is, if you work on a project, you should don’t care about what the people said and keep working until the end, release and leave it open source… have a difference between a Commercial dev and a Open source dev.
Clue 4 :
The PS3 community is not stupid at all, the stupid is represented by the gesture in here.
Simple fact, buying the Trueblue Dongle is not stupid because you believe that the product will give you some advantage on the PS3, what is stupid is the dev that let you think you are stupid.. and let them to think you are stupid -> believe that the dev we know can’t make a commercial product with other dev help.
Clue 5 :
A suitable to the Clue 4, on the dev commercial position (show a little bit more than show all is better for commercial)
FlashBack : We know from the beginning how to work on PS3 but we don’t show anything until we make something big and usefull…
SCE Helpfull Position (Jailbreak, SCE tools, CEX-DEX and nothing really from the dev, only one who did really all)
Phase 1 : 3.41 release commercial dongle (Jailbreak) commercial didn’t work that much, let’s release this free on every platform possible (N900, Palm Pre, Texas instru…)
we know almost all about the PS3 and the 3.41 firmware
Phase 2 : let’s release a CFW for while to keep patient the PS3 community, welcome to the 3.55 (we know after all that Sony are going to release a firmware update..)
Release of the 3.6x, ok it’s time to make the Trueblue plan… let’s them believe of this product
Release Trueblue and alternative (money money that didn’t work on 3.41)
Pause : you know that every new product from a new company need a beginning and after the next product they release will be simple to sell because the company have enough time to know what the public want.
Back on the story… let’s stop a little bit the Trueblue because they start to know what’s going on…
Phase 3 : Somebody piss off say too much things about the CEX-DEX and the Eboot decrypt… we need to find another solution and try to find a new product… because the people will not accept to pay again a Trueblue..
Oh damm we find… let’s talk about a new CFW-> they go talk about it around the web and after let’s say that people need to pay to use it and you can only use it on the 3.55…
Conclusion : About the Clue 5 and the Phase 1/2/3, let check the reaction of the PS3 community about every of commercial product released and let’s make a new product that we can sell again without any problem…
play with old stuff that we know from a long time to make new stuff…
most of this dev don’t know what they doing because one release all the hard work already and because we have also receive a big help from the PS3 Official Development Source (CEX-DEX is a big step already but with the help of SCE, like the JIG/Jailbreak )
Now let think about, why release a CFW 4.21/4.25 that is only compatible 3.55 when you can release one compatible every PS3.. because like i said most of this dev don’t know anything about it or how they can broke the new PS3 model… have a way to do it but the problem is that you need to use Official Sony tools, that conclude the point
Bonus :
I’m going to explain two way that you can exploit correctly your PS3 3.55.
First possibility : Forget about CFW 3.55, CEX-DEX is already the best step you have and even better than CFW
you can execute everything you want but that some dev don’t let you know (check what happend just after the leak), i really recommend to be on DEX, also check this bonus files and read all (1-2-3) you should do what you want after (don’t be lazy to execute stuff and don’t be scared you can’t really brick a PS3 if you have any jailbreak next to you)
After all the read, you should know a to decrypt/Load every program and even make your own cfw, patch what you need
File you need to read
The password is represented by a movie of Michael Anderson who was release in 1956
http://www10.zippyshare.com/v/39922218/file.html
Second Possibility : that is more for pro and amateur dev or anyone who want to learn FreeBSD and co…
You need to construct a FreeBSD base under a PS3 DEX and make your own kernel with the last driver released (gpu/cell/etc…) use petitboot to choose to boot under GameOs or OtherOS… like that you can load the important part of the system to work with it (decrypt, make your own cfw, etc…) they have a way to launch application/games under FreeBSD but you should make your own loader for that, seriously as a dev is kinda easy to do it.
The idea is to use a Cell Emulator under the PS3 Dex, load PS3 Kernel and dump what you need to be decrypted… the debugger will do the job for you.
Bonus Public method for the PS Vita Remote Play :
You can force the 480p on the PS Vita and Play every games in 480p and even push to 576p
1- You need a PS3 DEX 3.55
2- Update your PS3 DEX 3.55 to DEX 4.20/4.21
3- After updating, save your PS Vita to the PS3 with the register functionnality in private network
4- after that downgrade the PS3 DEX 4.20/4.21 to PS3 DEX CFW 3.55
5- In DEX CFW 3.55, go to your computer take every Param.SFO of you game
use the last PS3Gen and force the 480p PS Vita only
6- Connect the PS Vita in remote play to the PS3 DEX 3.55 CFW (the system keep register your PS Vita on the PS3)
7- on the PS Vita Remote Play, go to the debug settings and force the resolution to 576p
8- Now you can launch every games in 480p/576p, better quality…
Schritt 3: ANONYMER ENTWICKLER via Mujarrad auf ConsoleCrunch.com
Step Three: Sony A New Hacking Dev
[Blockierte Grafik: http://consolecrunch.com/wp-co…oads/2012/09/ps3-slim.jpg]
Following the article released a few hours ago, Anonymous is here again see the quote below:
ZitatAlles anzeigen
Step 3 :
Welcome to the world of Sony
I just want to say a hello to Geo (no the one you are thinking) and tell him that
Remember 2OFive ? Are you making a new dongle, the first commercial one was not enough ? Sony Still keep the dongle plan alive (win money with commercial hacking/piracy) ? SONY MAKE.BELIEVE PIRACY
Anyway
Back to the past
ZitatAlles anzeigen
+#define DEVICE_NAME "ps3disk"
+
+#define BOUNCE_SIZE (64*1024)
+
+#define PS3DISK_MAX_DISKS 16
+#define PS3DISK_MINORS 16
+
+#define KERNEL_SECTOR_SIZE 512
+
+
+#define PS3DISK_NAME "ps3d%c"
+
+
+struct ps3disk_private {
+ spinlock_t lock; /* Request queue spinlock */
+ struct request_queue *queue;
+ struct gendisk *gendisk;
+ unsigned int blocking_factor;
+ struct request *req;
+ u64 raw_capacity;
+ unsigned char model[ATA_ID_PROD_LEN+1];
+};
+#define ps3disk_priv(dev) ((dev)->sbd.core.driver_data)
+
+
+#define LV1_STORAGE_SEND_ATA_COMMAND (2)
+#define LV1_STORAGE_ATA_HDDOUT (0x23)
+
+struct lv1_ata_cmnd_block {
+ u16 features;
+ u16 sector_count;
+ u16 LBA_low;
+ u16 LBA_mid;
+ u16 LBA_high;
+ u8 device;
+ u8 command;
+ u32 is_ext;
+ u32 proto;
+ u32 in_out;
+ u32 size;
+ u64 buffer;
+ u32 arglen;
+};
+
+enum lv1_ata_proto {
+ NON_DATA_PROTO = 0,
+ PIO_DATA_IN_PROTO = 1,
+ PIO_DATA_OUT_PROTO = 2,
+ DMA_PROTO = 3
+};
+
+enum lv1_ata_in_out {
+ DIR_WRITE = 0, /* memory -> device */
+ DIR_READ = 1 /* device -> memory */
+};
+
+static int ps3disk_major;
+
+
+static struct block_device_operations ps3disk_fops = {
+ .owner = THIS_MODULE,
+};
+
+
+static void ps3disk_scatter_gather(struct ps3_storage_device *dev,
+ struct request *req, int gather)
+{
+ unsigned int sectors = 0, offset = 0;
+ struct bio *bio;
+ sector_t sector;
+ struct bio_vec *bvec;
+ unsigned int i = 0, j;
+ size_t size;
+ void *buf;
+
+ rq_for_each_bio(bio, req) {
+ sector = bio->bi_sector;
+ dev_dbg(&dev->sbd.core,
+ "%s:%u: bio %u: %u segs %u sectors from %lu\n",
+ __func__, __LINE__, i, bio_segments(bio),
+ bio_sectors(bio), sector);
+ bio_for_each_segment(bvec, bio, j) {
+ size = bio_cur_sectors(bio)*KERNEL_SECTOR_SIZE;
+ buf = __bio_kmap_atomic(bio, j, KM_IRQ0);
+ if (gather)
+ memcpy(dev->bounce_buf+offset, buf, size);
+ else
+ memcpy(buf, dev->bounce_buf+offset, size);
+ offset += size;
+ flush_kernel_dcache_page(bio_iovec_idx(bio, j)->bv_page);
+ __bio_kunmap_atomic(bio, KM_IRQ0);
+ }
+ sectors += bio_sectors(bio);
+ i++;
+ }
+}
+
+static int ps3disk_submit_request_sg(struct ps3_storage_device *dev,
+ struct request *req)
+{
+ struct ps3disk_private *priv = ps3disk_priv(dev);
+ int write = rq_data_dir(req), res;
+ const char *op = write ? "write" : "read";
+ u64 start_sector, sectors;
+ unsigned int region_id = dev->regions[dev->region_idx].id;
+
+#ifdef DEBUG
+ unsigned int n = 0;
+ struct bio *bio;
+ rq_for_each_bio(bio, req)
+ n++;
+ dev_dbg(&dev->sbd.core,
+ "%s:%u: %s req has %u bios for %lu sectors %lu hard sectors\n",
+ __func__, __LINE__, op, n, req->nr_sectors,
+ req->hard_nr_sectors);
+#endif
+
+ start_sector = req->sector*priv->blocking_factor;
+ sectors = req->nr_sectors*priv->blocking_factor;
+ dev_dbg(&dev->sbd.core, "%s:%u: %s %lu sectors starting at %lu\n",
+ __func__, __LINE__, op, sectors, start_sector);
+
+ if (write) {
+ ps3disk_scatter_gather(dev, req, 1);
+
+ res = lv1_storage_write(dev->sbd.dev_id, region_id,
+ start_sector, sectors, 0,
+ dev->bounce_lpar, &dev->tag);
+ } else {
+ res = lv1_storage_read(dev->sbd.dev_id, region_id,
+ start_sector, sectors, 0,
+ dev->bounce_lpar, &dev->tag);
+ }
+ if (res) {
+ dev_err(&dev->sbd.core, "%s:%u: %s failed %d\n", __func__,
+ __LINE__, op, res);
+ end_request(req, 0);
+ return 0;
+ }
+
+ priv->req = req;
+ return 1;
+}
+
+static int ps3disk_submit_flush_request(struct ps3_storage_device *dev,
+ struct request *req)
+{
+ struct ps3disk_private *priv = ps3disk_priv(dev);
+ u64 res;
+
+ dev_dbg(&dev->sbd.core, "%s:%u: flush request\n", __func__, __LINE__);
+
+ res = lv1_storage_send_device_command(dev->sbd.dev_id,
+ LV1_STORAGE_ATA_HDDOUT, 0, 0, 0,
+ 0, &dev->tag);
+ if (res) {
+ dev_err(&dev->sbd.core, "%s:%u: sync cache failed 0x%lx\n",
+ __func__, __LINE__, res);
+ end_request(req, 0);
+ return 0;
+ }
+
+ priv->req = req;
+ return 1;
+}
+
+static void ps3disk_do_request(struct ps3_storage_device *dev,
+ request_queue_t *q)
+{
+ struct request *req;
+
+ dev_dbg(&dev->sbd.core, "%s:%u\n", __func__, __LINE__);
+
+ while ((req = elv_next_request(q))) {
+ if (blk_fs_request(req)) {
+ if (ps3disk_submit_request_sg(dev, req))
+ break;
+ } else if (req->cmd_type == REQ_TYPE_FLUSH) {
+ if (ps3disk_submit_flush_request(dev, req))
+ break;
+ } else {
+ blk_dump_rq_flags(req, DEVICE_NAME " bad request");
+ end_request(req, 0);
+ continue;
+ }
+ }
+}
+
+static void ps3disk_request(request_queue_t *q)
+{
+ struct ps3_storage_device *dev = q->queuedata;
+ struct ps3disk_private *priv = ps3disk_priv(dev);
+
+ if (priv->req) {
+ dev_dbg(&dev->sbd.core, "%s:%u busy\n", __func__, __LINE__);
+ return;
+ }
+
+ ps3disk_do_request(dev, q);
+}
+
+static irqreturn_t ps3disk_interrupt(int irq, void *data)
+{
+ struct ps3_storage_device *dev = data;
+ struct ps3disk_private *priv;
+ struct request *req;
+ int res, read, uptodate;
+ u64 tag, status;
+ unsigned long num_sectors;
+ const char *op;
+
+ res = lv1_storage_get_async_status(dev->sbd.dev_id, &tag, &status);
+
+ if (tag != dev->tag)
+ dev_err(&dev->sbd.core,
+ "%s:%u: tag mismatch, got %lx, expected %lx\n",
+ __func__, __LINE__, tag, dev->tag);
+
+ if (res) {
+ dev_err(&dev->sbd.core, "%s:%u: res=%d status=0x%lx\n",
+ __func__, __LINE__, res, status);
+ return IRQ_HANDLED;
+ }
+
+ priv = ps3disk_priv(dev);
+ req = priv->req;
+ if (!req) {
+ dev_dbg(&dev->sbd.core,
+ "%s:%u non-block layer request completed\n", __func__,
+ __LINE__);
+ dev->lv1_status = status;
+ complete(&dev->done);
+ return IRQ_HANDLED;
+ }
+
+ if (req->cmd_type == REQ_TYPE_FLUSH) {
+ read = 0;
+ num_sectors = req->hard_cur_sectors;
+ op = "flush";
+ } else {
+ read = !rq_data_dir(req);
+ num_sectors = req->nr_sectors;
+ op = read ? "read" : "write";
+ }
+ if (status) {
+ dev_dbg(&dev->sbd.core, "%s:%u: %s failed 0x%lx\n", __func__,
+ __LINE__, op, status);
+ uptodate = 0;
+ } else {
+ dev_dbg(&dev->sbd.core, "%s:%u: %s completed\n", __func__,
+ __LINE__, op);
+ uptodate = 1;
+ if (read)
+ ps3disk_scatter_gather(dev, req, 0);
+ }
+
+ spin_lock(&priv->lock);
+ if (!end_that_request_first(req, uptodate, num_sectors)) {
+ add_disk_randomness(req->rq_disk);
+ blkdev_dequeue_request(req);
+ end_that_request_last(req, uptodate);
+ }
+ priv->req = NULL;
+ ps3disk_do_request(dev, priv->queue);
+ spin_unlock(&priv->lock);
+
+ return IRQ_HANDLED;
+}
+
+static int ps3disk_sync_cache(struct ps3_storage_device *dev)
+{
+ u64 res;
+
+ dev_dbg(&dev->sbd.core, "%s:%u: sync cache\n", __func__, __LINE__);
+
+ res = ps3stor_send_command(dev, LV1_STORAGE_ATA_HDDOUT, 0, 0, 0, 0);
+ if (res) {
+ dev_err(&dev->sbd.core, "%s:%u: sync cache failed 0x%lx\n",
+ __func__, __LINE__, res);
+ return -EIO;
+ }
+ return 0;
+}
+
+
+/* ATA helpers copied from drivers/ata/libata-core.c */
+
+static void swap_buf_le16(u16 *buf, unsigned int buf_words)
+{
+#ifdef __BIG_ENDIAN
+ unsigned int i;
+
+ for (i = 0; i < buf_words; i++)
+ buf[i] = le16_to_cpu(buf[i]);
+#endif /* __BIG_ENDIAN */
+}
+
+static u64 ata_id_n_sectors(const u16 *id)
+{
+ if (ata_id_has_lba(id)) {
+ if (ata_id_has_lba48(id))
+ return ata_id_u64(id, 100);
+ else
+ return ata_id_u32(id, 60);
+ } else {
+ if (ata_id_current_chs_valid(id))
+ return ata_id_u32(id, 57);
+ else
+ return id[1] * id[3] * id[6];
+ }
+}
+
+static void ata_id_string(const u16 *id, unsigned char *s, unsigned int ofs,
+ unsigned int len)
+{
+ unsigned int c;
+
+ while (len > 0) {
+ c = id[ofs] >> 8;
+ *s = c;
+ s++;
+
+ c = id[ofs] & 0xff;
+ *s = c;
+ s++;
+
+ ofs++;
+ len -= 2;
+ }
+}
+
+static void ata_id_c_string(const u16 *id, unsigned char *s, unsigned int ofs,
+ unsigned int len)
+{
+ unsigned char *p;
+
+ WARN_ON(!(len & 1));
+
+ ata_id_string(id, s, ofs, len - 1);
+
+ p = s + strnlen(s, len - 1);
+ while (p > s && p[-1] == ' ')
+ p--;
+ *p = '\0';
+}
+
+static int ps3disk_identify(struct ps3_storage_device *dev)
+{
+ struct ps3disk_private *priv = ps3disk_priv(dev);
+ struct lv1_ata_cmnd_block ata_cmnd;
+ u16 *id = dev->bounce_buf;
+ u64 res;
+
+ dev_dbg(&dev->sbd.core, "%s:%u: identify disk\n", __func__, __LINE__);
+
+ memset(&ata_cmnd, 0, sizeof(struct lv1_ata_cmnd_block));
+ ata_cmnd.command = ATA_CMD_ID_ATA;
+ ata_cmnd.sector_count = 1;
+ ata_cmnd.size = ata_cmnd.arglen = ATA_ID_WORDS * 2;
+ ata_cmnd.buffer = dev->bounce_lpar;
+ ata_cmnd.proto = PIO_DATA_IN_PROTO;
+ ata_cmnd.in_out = DIR_READ;
+
+ res = ps3stor_send_command(dev, LV1_STORAGE_SEND_ATA_COMMAND,
+ ps3_mm_phys_to_lpar(__pa(&ata_cmnd)),
+ sizeof(ata_cmnd), ata_cmnd.buffer,
+ ata_cmnd.arglen);
+ if (res) {
+ dev_err(&dev->sbd.core, "%s:%u: identify disk failed 0x%lx\n",
+ __func__, __LINE__, res);
+ return -EIO;
+ }
+
+ swap_buf_le16(id, ATA_ID_WORDS);
+
+ /* All we're interested in are raw capacity and model name */
+ priv->raw_capacity = ata_id_n_sectors(id);
+ ata_id_c_string(id, priv->model, ATA_ID_PROD, sizeof(priv->model));
+ return 0;
+}
+
+static void ps3disk_prepare_flush(request_queue_t *q, struct request *req)
+{
+ struct ps3_storage_device *dev = q->queuedata;
+
+ dev_dbg(&dev->sbd.core, "%s:%u\n", __func__, __LINE__);
+
+ memset(req->cmd, 0, sizeof(req->cmd));
+ req->cmd_type = REQ_TYPE_FLUSH;
+}
+
+static int ps3disk_issue_flush(request_queue_t *q, struct gendisk *gendisk,
+ sector_t *sector)
+{
+ struct ps3_storage_device *dev = q->queuedata;
+ struct request *req;
+ int res;
+
+ dev_dbg(&dev->sbd.core, "%s:%u\n", __func__, __LINE__);
+
+ req = blk_get_request(q, WRITE, __GFP_WAIT);
+ ps3disk_prepare_flush(q, req);
+ res = blk_execute_rq(q, gendisk, req, 0);
+ if (res)
+ dev_err(&dev->sbd.core, "%s:%u: flush request failed %d\n",
+ __func__, __LINE__, res);
+ blk_put_request(req);
+ return res;
+}
+
+
+static unsigned long ps3disk_mask;
+
+static int __devinit ps3disk_probe(struct ps3_system_bus_device *_dev)
+{
+ struct ps3_storage_device *dev = to_ps3_storage_device(&_dev->core);
+ struct ps3disk_private *priv;
+ int error;
+ unsigned int devidx;
+ struct request_queue *queue;
+ struct gendisk *gendisk;
+
+ if (dev->blk_size < KERNEL_SECTOR_SIZE) {
+ dev_err(&dev->sbd.core,
+ "%s:%u: cannot handle block size %lu\n", __func__,
+ __LINE__, dev->blk_size);
+ return -EINVAL;
+ }
+
+ BUILD_BUG_ON(PS3DISK_MAX_DISKS > BITS_PER_LONG);
+ devidx = find_first_zero_bit(&ps3disk_mask, PS3DISK_MAX_DISKS);
+ if (devidx >= PS3DISK_MAX_DISKS) {
+ dev_err(&dev->sbd.core, "%s:%u: Too many disks\n", __func__,
+ __LINE__);
+ return -ENOSPC;
+ }
+ __set_bit(devidx, &ps3disk_mask);
+
+ priv = kzalloc(sizeof(*priv), GFP_KERNEL);
+ if (!priv) {
+ error = -ENOMEM;
+ goto fail;
+ }
+
+ ps3disk_priv(dev) = priv;
+ spin_lock_init(&priv->lock);
+
+ dev->bounce_size = BOUNCE_SIZE;
+ dev->bounce_buf = kmalloc(BOUNCE_SIZE, GFP_DMA);
+ if (!dev->bounce_buf) {
+ error = -ENOMEM;
+ goto fail_free_priv;
+ }
+
+ error = ps3stor_setup(dev, ps3disk_interrupt);
+ if (error)
+ goto fail_free_bounce;
+
+ ps3disk_identify(dev);
+
+ queue = blk_init_queue(ps3disk_request, &priv->lock);
+ if (!queue) {
+ dev_err(&dev->sbd.core, "%s:%u: blk_init_queue failed\n",
+ __func__, __LINE__);
+ error = -ENOMEM;
+ goto fail_teardown;
+ }
+
+ priv->queue = queue;
+ queue->queuedata = dev;
+
+ blk_queue_bounce_limit(queue, BLK_BOUNCE_HIGH);
+
+ blk_queue_max_sectors(queue, dev->bounce_size/KERNEL_SECTOR_SIZE);
+ blk_queue_segment_boundary(queue, -1UL);
+ blk_queue_dma_alignment(queue, dev->blk_size-1);
+ blk_queue_hardsect_size(queue, dev->blk_size);
+
+ blk_queue_issue_flush_fn(queue, ps3disk_issue_flush);
+ blk_queue_ordered(queue, QUEUE_ORDERED_DRAIN_FLUSH,
+ ps3disk_prepare_flush);
+
+ blk_queue_max_phys_segments(queue, -1);
+ blk_queue_max_hw_segments(queue, -1);
+ blk_queue_max_segment_size(queue, dev->bounce_size);
+
+ gendisk = alloc_disk(PS3DISK_MINORS);
+ if (!gendisk) {
+ dev_err(&dev->sbd.core, "%s:%u: alloc_disk failed\n", __func__,
+ __LINE__);
+ error = -ENOMEM;
+ goto fail_cleanup_queue;
+ }
+
+ priv->gendisk = gendisk;
+ gendisk->major = ps3disk_major;
+ gendisk->first_minor = devidx * PS3DISK_MINORS;
+ gendisk->fops = &ps3disk_fops;
+ gendisk->queue = queue;
+ gendisk->private_data = dev;
+ gendisk->driverfs_dev = &dev->sbd.core;
+ snprintf(gendisk->disk_name, sizeof(gendisk->disk_name), PS3DISK_NAME,
+ devidx+'a');
+ priv->blocking_factor = dev->blk_size/KERNEL_SECTOR_SIZE;
+ set_capacity(gendisk,
+ dev->regions[dev->region_idx].size*priv->blocking_factor);
+
+ dev_info(&dev->sbd.core,
+ "%s is a %s (%lu MiB total, %lu MiB for OtherOS)\n",
+ gendisk->disk_name, priv->model, priv->raw_capacity >> 11,
+ get_capacity(gendisk) >> 11);
+
+ add_disk(gendisk);
+ return 0;
+
+fail_cleanup_queue:
+ blk_cleanup_queue(queue);
+fail_teardown:
+ ps3stor_teardown(dev);
+fail_free_bounce:
+ kfree(dev->bounce_buf);
+fail_free_priv:
+ kfree(priv);
+ ps3disk_priv(dev) = NULL;
+fail:
+ __clear_bit(devidx, &ps3disk_mask);
+ return error;
+}
+
+static int ps3disk_remove(struct ps3_system_bus_device *_dev)
+{
+ struct ps3_storage_device *dev = to_ps3_storage_device(&_dev->core);
+ struct ps3disk_private *priv = ps3disk_priv(dev);
+
+ __clear_bit(priv->gendisk->first_minor / PS3DISK_MINORS,
+ &ps3disk_mask);
+ del_gendisk(priv->gendisk);
+ blk_cleanup_queue(priv->queue);
+ put_disk(priv->gendisk);
+ dev_notice(&dev->sbd.core, "Synchronizing disk cache\n");
+ ps3disk_sync_cache(dev);
+ ps3stor_teardown(dev);
+ kfree(dev->bounce_buf);
+ kfree(priv);
+ ps3disk_priv(dev) = NULL;
+ return 0;
+}
+
+static struct ps3_system_bus_driver ps3disk = {
+ .match_id = PS3_MATCH_ID_STOR_DISK,
+ .core.name = DEVICE_NAME,
+ .core.owner = THIS_MODULE,
+ .probe = ps3disk_probe,
+ .remove = ps3disk_remove,
+ .shutdown = ps3disk_remove,
+};
+
+
+static int __init ps3disk_init(void)
+{
+ int error;
+
+ if (!firmware_has_feature(FW_FEATURE_PS3_LV1))
+ return -ENODEV;
+
+ error = register_blkdev(0, DEVICE_NAME);
+ if (error + printk(KERN_ERR "%s:%u: register_blkdev failed %d\n", __func__,
+ __LINE__, error);
+ return error;
+ }
+ ps3disk_major = error;
+
+ pr_info("%s:%u: registered block device major %d\n", __func__,
+ __LINE__, ps3disk_major);
+
+ error = ps3_system_bus_driver_register(&ps3disk);
+ if (error)
+ unregister_blkdev(ps3disk_major, DEVICE_NAME);
+
+ return error;
+}
+
+static void __exit ps3disk_exit(void)
+{
+ ps3_system_bus_driver_unregister(&ps3disk);
+ unregister_blkdev(ps3disk_major, DEVICE_NAME);
+}
+
+module_init(ps3disk_init);
+module_exit(ps3disk_exit);
+
+MODULE_LICENSE("GPL");
+MODULE_DESCRIPTION("PS3 Disk Storage Driver");
+MODULE_AUTHOR("Sony Corporation");
+MODULE_ALIAS(PS3_MODULE_ALIAS_STOR_DISK);
Schritt 5: via PasteBin.com
Step 5 Can we see ? :
Like the number of the movie 10000, Sony employees were laid off in April (it was not a April fool infornutely).
With all what happens, you false Dev and Sony still playing around with this.
Ok guys, let's play with the debugger mode of the PS3
Launch TM or Debugger
Reset the LV1-LV2 to Debugging Station (not software)
And that you can do under Debugging Station (you can make a core dump and also load the core dump you made)
----->
Running your game
Loading object modules
Loading a core dump file
PRX debugging
MSELF Support
CFW 4.21/CFW 4.25 is a hybrid firmware (3.55 + 4.xx files dex) that load the necessary module to launch every game you need
It's kinda a hot swapping files, we load the module we need to launch the game, remember the similar situation on PSP ? that we need to load new module to launch higher games ? let's say that is a similar method.
You can also read this that help you a lot to understand the point of using TM/Debugger on PS3 DEX (you don't need to be on a 4.21 DEX, a 3.55 DEX Prodg can also work and you should have more accessibility)
About the Kernel Linux Part point before it was a reference to a story happen between some Sony dev who worked together on the OtherOS/GameOS PS3. It's just a message to the DEV we all know.
This part is available on the LV2 Manual a example to execute a MSELF/PRX File
13. 2 Open and Close an MSELF File
MSELF files are opened by cellFsOpen() with the CELL_FS_O_MSELF option.
#include <sys/types.h>
#include <sys/paths.h>
#include <sys/fs_external.h>
#include <sys/process.h> /* SYS_PROCESS_PARAM */
#include <cell/fs/cell_fs_file_api.h>
#include <cell/sysmodule.h>
SYS_PROCESS_PARAM(1001, 0x10000);
#define MSELF_FILENAME "scene_data.ppu.mself"
int main(int argc, char *argv[])
{
int fd, retval;
...
/* Load CELL_SYSMODULE_FS PRX */
retval = cellSysmoduleLoadModule(CELL_SYSMODULE_FS);
...
/* Open the MSELF file */
retval = cellFsOpen(SYS_APP_HOME "/" MSELF_FILENAME,
CELL_FS_O_MSELF,
&fd, NULL, 0);
...
The above example opens the MSELF file, "/app_home/scene_data.ppu.mself." Note that PRX or SPU program files cannot be loaded from an MSELF file that has not been opened with the CELL_FS_O_MSELF option.
The access permission of a file which is opened with CELL_FS_O_MSELF is regarded as CELL_FS_O_RDONLY, and operations such as cellFsRead() and cellFsLseek() can be performed on that opened file. The file is closed by cellFsClose().
13. 3 Load and Unload the PRX
The PRX stored in an MSELF file is opened by sys_prx_load_module_by_fd().
#include <sys/types.h>
#include <sys/paths.h>
#include <sys/process.h> /* SYS_PROCESS_PARAM */
#include <sys/prx.h>
#include <sys/fs_external.h>
#include <cell/fs/cell_fs_file_api.h>
#include <cell/sysmodule.h>
SYS_PROCESS_PARAM(1001, 0x10000);
#define MSELF_FILENAME "scene_data.ppu.mself"
#define SPRX_OFFSET 65536 /* Offset from the head of the MSELF file */
int main(int argc, char *argv[])
{
sys_prx_id_t id;
int fd, retval;
...
/* Open the MSELF file */
retval = cellFsOpen(SYS_APP_HOME "/" MSELF_FILENAME,
CELL_FS_O_MSELF,
&fd, NULL, 0);
...
/* Load the PRX */
id = sys_prx_load_module_by_fd(fd, SPRX_OFFSET, 0, NULL);
...
The above example loads the PRX stored in the position that is SPRX_OFFSET bytes from the head of the "/app_home/scene_data.ppu.mself" MSELF file, onto memory. On success of sys_prx_load_module_by_fd(), it returns the ID of the PRX. It fails with ENOTMSELF if the MSELF file that stores the PRX is not opened with the CELL_FS_O_MSELF option. PRX is unloaded by sys_prx_unload_module().
13. 4 Open and Close an SPU Program File
SPU program files stored in MSELF files are opened by sys_spu_image_open_by_fd().
#include <sys/types.h>
#include <sys/paths.h>
#include <sys/process.h> /* SYS_PROCESS_PARAM */
#include <sys/spu_image.h>
#include <sys/fs_external.h>
#include <cell/fs/cell_fs_file_api.h>
#include <cell/sysmodule.h>
SYS_PROCESS_PARAM(1001, 0x10000);
#define MSELF_FILENAME "scene_data.ppu.mself"
/* Offset from the head of the MSELF file */
#define SPU_IMAGE_OFFSET 524228
int main(int argc, char *argv[])
{
sys_spu_image_t img;
int fd, retval;
...
/* Open the MSELF file */
retval = cellFsOpen(SYS_APP_HOME "/" MSELF_FILENAME,
CELL_FS_O_MSELF,
&fd, NULL, 0);
...
/* Open the SPU program file */
retval = sys_spu_image_open_by_fd(&img, fd, SPU_IMAGE_OFFSET);
...
The above example loads an SPU program file stored in the position that is SPU_IMAGE_OFFSET bytes from the head of the "/app_home/scene_data.ppu.mself" MSELF file, onto memory. On success, the management information of the SPU program file is stored in the area pointed to by img. It fails with ENOTMSELF if the MSELF file that stores the SPU program file is not opened with the CELL_FS_O_MSELF option. The SPU program file is closed by sys_spu_image_close().
Alles anzeigen
Download ProDG_v.420.1 PDF Tutorials
Quellen: ConsoleCrunch.com & PasteBin.com