his update is necessary in order to run the incoming port of devhook launcher to 2.71.
- Revision A (22 september):
* Initial release
- Revision B (24 september):
* Some kernel prx's didn't load because the kernel tried to load them to user partition. This problem affected devhook.prx and some other kernel prx's.
This problem has been fixed.
This program enables homebrew to be run in 2.71 through the XMB. It makes a patch that remains
permanent until hardwar reset. Sleep mode won't remove the patch.
Note: this program writes some small files in the flash, ONLY the first time is executed.
IT does NOY rewrite any existing file in the system, it writes new files, so the probabilities of
bricking are practically null.
Update Instruction for people with revision A installed
To update from HEN revision A to B, hard reset your psp (to make sure that hen is not running).
Then copy the new files to the memory stick and run the tif. The new files will be automatically
People without any version of hen installed, just follow the instructions below.
- Copy all contents inside MS_ROOT to the root of your memory stick.
- Go to the PHOTO viewer of the XMB and enter in the folder "HEN".
- If the psp just freeze, reboot your psp and try again. Currently the tiff is very unstable and it is only executed sometimes. I'll try to improve that in the future.
- The first time you run the program, you will see quickly a blue screen, and after that a screen that can be of two colors:
* Red: the files couldn't be written to the flash (it hapens a few times). Just keep trying.
* Green: The files were written succesfully. After that, the xmb will be rebooted. Now you can run the homebrew in format prepared for 2.71. (see details below).
- As mentioned before, the patch will remain resident in memory, and even entering sleep mode won't delete it. Only a hardware reset will remove the program from memory.
- When you do a hardware reset, you'll have to run the tiff again.
This time there won't be green or red screen, just a blue screen and xmb reboot, sincethis time there is no need to write to the flash.
Note: the files pspbtknf.txt, pspbtknf_game.txt, pspbtknf_updater, and systemctrl.prx in the root of the memory stick are only needed the first time the program is executed. After that you can delete those. However, don't delete patch.bin, h.bin and the folder with the tiff, since you will need those the next time you do a hard reset and want to run the program again.
Note2: Once the program is loaded, it is independant of the memory stick contents. So you can freely swap memory sticks.
Notes about homebrew running
- Current homebrews are not supported. Since current homebrews are in static elf format, they won't run (they are rejected by the 2.71 kernel). Homebrews for 2.71 have to be in prx format.
Programmers see the programming notes.
In future versions i may patch the kernel to allow it to accept static elf's.
- There are some samples in the "GAME" directory, all of them ported from the pspsdk samples, except the nanddumper written by me.
* polyphonic, pspsdk sample (user mode).
* cube, pspsdk sample (user mode). It shows a cube rotating.
* kdumper, pspsdk sample (kernel mode). It dumps kernel memory to the memory stick.
* ipldumper, pspsdk sample (kernel mode). It dumps the ipl to the memory stick.
* systemparam, pspsdk sample (user mode). It displays info about the system
* nanddumper, by me. (kernel mode). It dumps the full nand content to the file
"nandimage.flash" in the memory stick. The format of the dump is compliant with u.p. chip.
(It requires 33 MB of free space in the memory stick).
Programming notes for developers
- As mentioned before, homebrew has to be in prx format, at least atm. Furthermore, the main prx, the one in the pbp, has to be an user prx. However this user prx can load unsigned kernel modules from the memory stick, allowing kernel mode apps.
- There is no need for noplainmodule check patch or nodevicecheck patch, since those are done by the homebrew enabler.
- Try to use USE_KERNEL_LIBS = 1 in your kernel prx's. In 2.XX, the separation between user and kernel mode is higher than in 1.XX.
Some functions in "*ForUser" are now totally separated (different address) from their "*ForKernel" equivalents. A good example is ModuleMgr. If you are in a kernel prx and you call the sceKernelLoadModule of ModuleMgrForUser, you will get a "ILLEGA_PERMANENT_CAL L" error.
- Currently devhook emulated 2.71 is not supported. I'll try to add support to devhook, so programs for 2.71 can be developed in a 1.50
- See the source code of the samples to have a hint on how to program for 2.71.
Credits and thanks.
- Coded by Dark_AleX
- Booster for creating devhook. HEN reboot method is based on devhook one.
- Nopx86, psp250, fanjita and all the others of the tiff exploit.
- hitchhikr for the kernel exploit of 2.50-2.71.
- Mathieulh for the help provided these two months that Dark_Alex was without psp.
Anticredits: ps2*nfo for impersonating Dark_Alex in their forums.
Port of devhook (by Booster) launcher to 2.71 by Dark_AleX.
Only the launcher needed to be ported, since the core prx (devhook.prx) loads fine in hen revision B.
The included version of devhook is 0.45, since 0.46 seems to have problems in emulating 1.50 (this also happens in 1.50)
If you want to use 0.46, you can overwrite the files in the dh folder.
There is no currently firmware installer, so you'll have to get the files for firmwares "magically" :P
- 2.71 direct flash (no ms emulation).
Currently not available, because devhook msreboot.bin destroys the "unsign check" that reboot.bin does to the files of flash.
- Port the installer to 2.71
- You need Homebrew Enabler for 2.71 revision B (minimum) to run this port.
- Get the files to emulate firmwares yourself.
- Run the pbp with the title "Devhook 0.4X launcher for 2.71". The 1.50 launcher is also included because in the emulated 1.50 you can launch it.
Note: only 1.50 and 2.71 have been tested.
When going from firmware 2.71 to 1.50, you will get the error "Couldn't start game".
Don't worry, this is normal and it is done in purpose as a current temporal solution for reboot.bin parameters being differents in both firmwares.