Downgrading for dummies, by Dummies

[LeperMessiah]

This is for Dummies, by Dummies
Ok now bear in mind I am not a programmer nor do I claim to be.

But this is theoretically feasible.

for the PSP to "boot up", it would have an operation in it's kernel to tell it the process to boot up. For example the PSP knows whether to launch a UMD or to boot to the "Main Menu".

Think of this as a PC Bios.

Well if someone could figure out a way to have a boot sequence that started with the memory stick, then theoretically you could have an interruption in the process stored in an app on the memory stick that would allow a different version FW to be run. So you boot up and the PSP recognizes the memory stick first, and then just like a dual boot PC, you have the option of "Boot from A (Memory Stick), or Boot from B (Internal Bios)."

Also if this option is feasible then, your PSP would never truly change FW It would always be 2.0 or 2.6 or whatever it is. You would just fool the hardware into thinking it had version 1.0 or 1.5 or whatever upon booting, (if you choose to).

This thing is not so highly encrypted or protected that it can't be broken, I mean the first proof of that I think would be the GTA Exploit.
Remember the Xbox softmod started with a MechAssault Exploit.

So we are on the way, but maybe the real solution is to get some of these hacking whiz's that don't give a sh*t about the PSP to suddenly take interest in it and view it as a personal challenge.

After all there are very few hardware/software issues that I have ever seen that could not be cracked by hackers. I think we just need to start playing a broader field to crack this puppy.

[IndianCheese]

These are the kind of people I like to see trying to hack the PSP. Not some lame "uh juzt liek feind a way 2 downgrad lol itz nawt taht harrd" kind of person. Think outside the box!

What I would really aim for is a custom firmware. Simply forget about the people who already have 2.70 and combine modules from firmwares into an installer to build the ultimate firmware.

[mavsman4457]

^ I agree completely. Once someone creates a custom firmware, then the doors are wide open and we can truly realize the PSP's potential.

[jman420]

yeah, but tell me... who is going to write your psp custom F/W's here?? good coders without the training can barely write a I/O sequence for a PC BIOS... you probobly dont understand, but the F/W itsself is everything about a psp, it is the reason it works... there isnt a magical chip in there that makes it work... the FirmWare itsself is the I/O controller, it is the FSB controller, its everything lol.... so yall' have fun programming a custom F/W but, remember the first 100 tries will brick psp's....

[Ghengis]

Sure they'll brick the PSP, but isn't the new mod chip supposed to be able to "unbrick"? I think that the Xbox hacking scene grew by leaps and bounds once the first hardware mods allowed people to test flashing their BIOS without fear of bricking the system. I don't know much about it, but I got the impression the new PSP modchip was going to allow for the same thing. If some enterprising coder wants to hack-and-slash his way to a better firmware, and doesn't mind shelling out a hundred bucks extra for the privledge, I say hurrah for him, and hope to get something out of his work ;-)

[robotdevil]

Hmmm.....I see 2 problems, but before I go into those I would like to say good idea. Ok, here goes;

Prob 1. The comparison of the PSP boot sequence to a PC's BIOS is a bit off. Basically, the PSP boots straight to the OS, then has a "run" command of sorts. Inturrupting the boot process would involve creating your own FW.

Prob 2. It's fairly impossible. What you're talking about doing is writing straight to the hardware, the only way to really accomplish what you want is assmbler. And without knowing all the gateways and paths in a PSP you won't just brick the FW, you actually damage the circuits. If you think I'm wrong, program in assembler for your PC (it should only take you about 1-2 years as a FT student to learn) and see what happens.

Now, you will notice that I never said it was completly impossible, just not doable with the resources we have. We would need a full tech white pages to get it done, and if we could get that we wouldn't need to do it. Don't give up though, it was a great line of thought, there's just a bit more to it than you realized.

But hey, a dual boot custom FW would be pretty cool too.

[Mr.Ree]

Would it be possible to redirect the UMD "bios call" to the memory stick "drive" by rewriting the address in the interrupt vector table to point to a custom routine? Or would writing anything to the IVT cause a crash due to the PSP security checks?

I wrote a few terminate and stay resident progs for the PC quite a few years ago in assembler. The process is pretty straight foward IF you have a list of the bios and dos interrupts and their location in the IVT.

I've been lurking in quite a few forums the last few weeks trying to find some info on the PSP boot process, memory map, and system calls. But... I can see that Sony wants to keep all PSP programmers under a firm thumb.

I'd like to see the PSP main memu changed by the memory stick "drive" to reflect whats in the "drive".

For example if you put in a mem stick with MP3 data the menu would change to audio apps. Pop in your mem stick with your back up isos and a new main menu for game apps comes up.

Is it possible by using TSRs and the IVT?

[jman420]

I would kind of like to see an EBOOT loader for 2.00-2.60, as someone has kernel mode on these system softwares, it seems that someone should be able to build a loader(rather then a downgrader) I understand that a lot of people want 1.5 firmware, but there are better things on 2.0 and up, (music, MP3 on memory stick PRO duo, it reads from the stick far fewer times and as a result, it saves batery time, and preserves the memory cards life) And on 2.60 you have WMA playback, so I think that rather then cracking, hacking or in general downgrading a system to 1.5, we need a loader for the higher level firmwares (for added music, and movie playback).

also on a side note, I'm sure that people still use the user mode EBOOT loaders, but since they are inferior, a few people have downgraded, but if someone has kernel access, shouldnt it be possible to access that to use software?

[MasterChafed]

jman, it may be true that there are better features on 2.0+ but isnt that what we have devhook for? I mean, now that it emulates 2.71 firmware, whats the point in staying above 1.5?

[jman420]

whats the point of staying at 1.5 if you have full kernel mode processor access??

I understand that DevHook loads firmwares now? like MPH's firmware loader? but how does that work? it loads the files from the memorystick rather then flsah???

I am also looking for someone (since this is a downgrading thread) I'm looking for someone with a 1.00 psp to help me downgrade my 1.5, if anyone has one can you plz help me? :P