IPL inside NAND-Dump

Discuss the development of new homebrew software, tools and libraries.

Moderators: cheriff, TyRaNiD

Post Reply
CrazyT
Posts: 18
Joined: Sat Dec 23, 2006 6:47 pm

IPL inside NAND-Dump

Post by CrazyT »

Well the basic problem is that i can't find the IPL inside a NAND-Dump that was made by my PSP.
I already read some documents ...
(
http://roland.xtreemhost.com/?p=6
http://hitmen.c02.at/files/yapspd/psp_doc/chap19.html
)
But they do not really describe the offset inside the NAND.
(for example: "The table is located at the
4th physical block of the nand (offset 0x10000)"
at that offset i only have lots of 0xFF values, so it can't be right)

You probably wonder why i'm asking for that.
I was browsing through the net and found a open source psp-emulator.
(called pspplayer: http://code.google.com/p/pspplayer/)
This emulator seems to be able to execute mips-instructions.
Sadly all firmware commands are implemented into the program itself and aren't emulated.
Thats why you can't emulate any firmware.(and only can test hombrew)
My idea was to somehow use a nand-dump to load/emulate a complete psp.(i know ... its kinda difficult to do that because you need to emulate the hardware,too)
Top
Bubbletune
Posts: 22
Joined: Sat Jan 03, 2009 6:51 am

Post by Bubbletune »

It's impossible to emulate enough hardware to make that idea reality, mainly KIRK and SPOCK whichs internals are completely unknown.
Top
cory1492
Posts: 216
Joined: Fri Dec 10, 2004 1:49 pm

Post by cory1492 »

The offsets in YAPSPD were before we really started getting NAND dumps, before the current format 'full' dumps were common. Physical memory locations usually don't include spare data/pages (16 spare bytes for every 512 bytes of user data.) For example, "The table is located at the 4th physical block of the nand (offset 0x10000)" would equate to "The table is located at the 4th block of the nand dump (offset 0x10800)". Block sizes are (512user+16spare)*32 in 'full' NAND dumps, not just 512*32.

Actually decoding the IPL on a PC without PSP hardware in the mix doing the decrypting, probably not gonna happen for the reason Bubbletune mentions - though I guess there is nothing stopping someone from making a small server-client app that handles such hardware functions on the PSP...
Top
User avatar
Torch
Posts: 825
Joined: Wed May 28, 2008 2:50 am

Post by Torch »

I assume you can run a completely decrypted firmware with some patches.
Top
Post Reply

Return to “PSP Development”