forums.ps2dev.org

[IronPeter]

It seem like these function perfom TILES & ZCULL setup.

First parameters of these functions change from 0 to number of color & depth tiles ( params of lv1_gpu_memory_allocate ).

[androvsky]

[ps2devman]

[jonathan]

[ps2devman]

I don't think it's a mistake. Not even a little bit.
Higher Sony ranks decided officialy (between them) to shutdown anything discovered that may make PS3 appear as a good computer (their new policy since when Kutagari got removed). But they never do any announcement, or reply to public explanation requests, to be sure fw updaters get trapped and that new manufactured PS3's don't appear as good computers at all. I won't be estonished if a new model of PS3 do not allow OtherOS stuff at all, in future. I'm pretty sure PS4 won't.
For sure a word is missing for something decided but not announced, so I said official but silent.

Their absolute objective is to follow Nintendo tracks now. Toy for high profit. And screw the devs!

[jonathan]

Odd, then, that Sony employee Geoff Levand would state on IRC then that it was unintentional broken in the FW update.

The last I'd heard, ps3vram was buggy and unsafe anyway. See http://ozlabs.org/pipermail/cbe-oss-dev/2008-September/005513.html

[jbit]

[ldesnogu]

So much for paranoia: Jim just posted a patch that works with FW 2.50.

EDIT: Here is the link.
_________________
Laurent

[jonwil]

Does this patch tell the kernel/HV hackers anything about the Hypervisor that wasnt previously known?

[zaphod]

well, i have it on fairly good authority that on the new slim ps3s coming out later this year otheros support is getting removed completely.

make of that what you will.

I think it's a big mistake, and that those ps3s will be cracked after that happens...

[jbit]

[lenaxin]

I'm 15 years old and want to start hunting. I live near Allentown, Pennsylvania and just wanted some tips.? I need tips on what equipment, any good hunting locations or anything that would help. Thanks!
_____________________
yahoo keyword tool ~ overture ~ traffic estimator ~ adwords traffic estimator

[emoon]

I recommend a good crossbow and a green hat

[lotharx]

What relation would this have to the updated PS3VRAM code they're using in the YDL 6.2 release? Do they use any of the operational functions?

Also the few people I've seen that actually have done rational research on the security of the PS3 have all suggested this:

1. CBE has the bootloader which does a signature check based on common key and loads the gameos thread from SLC NAND into the 7th SPE. The CBE is the first powered chip. The 7th SPE is identical to others, just a supervisor of sorts do to it's order of loading. The thread here dictates a lot and most importantly continues the trusted processing with signing.
   
   
2. gameos uses a combination of PPC process modes and virtual addressing in the global space to filter for hypervisor calls. There are more hypervisor calls than what's in the Linux kernel source but no way to learn them other than low level probing because they are all cryp text on the SLC NAND and the 7th's local store is possibly protected. The gameos-SPE local store has it's globalization and internal EIB addressing controlled internally like every other one does; you could code another hypervisor like game os with secondary privileges even from the boot loader and run Linux in a 3rd PPE state and proxy hypervisor calls; or do a really good bootkit.
   
   
3. The gameos code on the supervisor SPE puts linux in a virtualized state using the PPC process modes and the RISC is executed by the PPE in a lesser privileged mode/thread, not on a SPE exclusively as is commonly suggested; they are just extended resources. The hypervisor calls are the equivalent to protected mode calls.
   
   
4. Main RAM has no ASLR-w^x-NX etc.. it doesn't need it. It's all given to the otheros environment and only protected by linux kernel allocation if configured. local stores belonging to SPEs don't either as they're also given away. The gameos SPE doesn't have execute security on it's local store but if gameos would have to allow the addressing, so most likely no go.
   
   
5. gameos runs some of it's own signed processes in the same state as otheros. It also runs game images in that same state, no more details are known here but the only logical conclusion is it sets a state flag to allow the buffer operations. This allows the gameos to use it's own exception handler in the privladged CPU mode which is just as good as page locking for preventing stack and heap overflows. So if you're ever fuzzing the XMB browser or BRD loading or whatever else and you get a black screen or some error you know why. The put anything that accepts unknown inputs in that state for good reason.
   

You can believe it or not. Only one person has figured this out outside the Chinese and Russian reverse scenes besides me; the phrack/RISE article also reveals most of this. What it means is you're not going to get RSX support unless gameos allows it.

The x360 actually had more security, just a sloppy bloated design. You open up and PS3 and the PCB is a clean design and you can immediately tell how it works in abstract. The x360 had one data mishandle and it flopped the security and revealed other vulnerabilities that where otherwise protected.

EDIT: Why are people even trying to get pass the hypervisor security for the push buffer operations? You have SIMD acceleration and DMA already without the RSX, just write kernel level code for OpenGL to interface with as has already been suggested.

It's not going to matter anyway. You see what kind of vendor support existing distros with OpenGL have. Nobody is going to spend years with content creation and engine development on a platform that doesn't yield much profit and frowns out of ignorance on priced software licenses. Demoscene doesn't even do much with Linux.

The cell is perfect for discreet mathematics and game engines; provided the game studio gets to use Sony licensing. If you wrote a bare metal game engine for the PS3 Sony would lock vital functions from a firmware update.