libnice 0.1.4 released!

Hey everyone,

I have just released a new version of libnice, the NAT traversal library.

Version 0.1.4 has a few bug fixes but the major changes are the addition of an SDP parsing and generation API.

You can now more easily generate your credentials and candidates and parse them with a single API call, making it much easier to exchange candidates and establish a successful connection.

Also, I have added three examples to the examples/ subdirectoy from the libnice source tree. Those examples should help anyone learn how to use libnice and what to do in order to establish a successful connection.

The first example, simple-example.c will create a new agent, and gather its candidates and print out a single line to paste on the peer. It uses the signals to asynchronously wait for events and continue the code execution.

The second example, threaded-example.c, will run the mainloop on the main thread and do everything else sequentially in another thread, waiting for signals to release the libnice thread to continue processing.

The final example, sdp-example.c, is based on the threaded example but uses the new SDP generate/parsing API to generate the candidates and credentials line to exchange between the two instances. It will base64 the SDP to make it all fit into a single line, making it easier to exchange the SDP between clients without having to parse the multi-line SDP in the example, keeping it small and concise.

I hope you will find this release useful, let me know if you have any comments.

You can get the latest version here and the documentation has been updated here.

KaKaRoTo

Network emulator tool for Linux

I have finally decided to blog about my netem tool that I wrote a couple of months ago.
First, the introductions, netem is a kernel component for controlling QoS, rate control and various network properties that allows you to emulate a network by modifying the kernel’s IP stack’s queue disciplines. You can read more about it here : http://www.linuxfoundation.org/collaborate/workgroups/networking/netem

The issue I had with the netem queue was that it was hard/complicated to use and required a fair bit of reading and understanding of how the Linux IP stack worked in order to even use it properly. I needed an easy to use tool in order to test multiple network properties quickly. I looked around for a tool that would help me with that and only found phpnetemgui which is a very old piece of code, not even compatible with the latest php versions and which requires you to run a server on localhost and give sudo access to the web server… I didn’t like that, so I wrote my own tool for easy netem configuration (thanks to the phpnetemgui code, it was helpful in providing some of the commands).

You can find my netem tool here : http://cgit.collabora.com/git/user/kakaroto/netem.git/

The README has all the information you need in order to use it, so make sure you read it, but let me summarize a bit how it works.
Netem uses a CSV file in which you can set multiple rules, each with its own set of properties (10% packet loss, 5% duplicated packets, 100ms delay with 25ms of jitter, limit bandwidth to 256Kbps, etc..). Each rule has a name and you can have multiple rules with the same name (limit bandwidth to 256Kbps for IP 1.2.3.4, and 512Kbps to IP 1.2.3.5). All these sub-rules with the same name will be considered as being a single rule. You can run netem on an interface, giving it the CSV filename and the name of the rule that you want to activate and it will output all the commands you need to execute in order to emulate the network as specified in the rules from the CSV file.

To actually run the network emulation, just pipe the output to ‘sh’, for example : ./netem eth0 my_rules.csv 256kbps | sudo sh

The reason I did this was to help my colleague Olivier Crete who was working on TFRC (Tcp-Friendly Rate Control) for RTP in Farsight. He needed to be able to emulate various network configurations, change the bandwidth limitations, introduce packet drop, etc.. and see how TFRC would react to make sure that the video/audio stream’s quality stays acceptable and the bitrate calculation adapts correctly to changing network conditions. I’ve also been recently working on HLS (HTTP Live Streaming) support in GStreamer and I’ve used the tool to make sure that the HLS stream correctly adapts to the network bandwidth and switches the bitrate/resolution correctly. This tool has been a great help in doing all these tests, so it’s time now to share it with whoever it might interest.

I’ll conclude with these example outputs for three different rules (taken from the provided test.csv in git) :

  • Limit inbound and outbound bandwidth to 1024Kbps (2 sub-rules)

kakaroto@kakaroto:~/coding/netem$ ./netem wlan0 test.csv 1024kbps
modprobe ifb
ip link set dev ifb0 up
tc qdisc del dev wlan0 ingress
tc qdisc add dev wlan0 ingress
tc filter add dev wlan0 parent ffff: protocol ip u32 match u32 0 0 flowid 1:1 action mirred egress redirect dev ifb0
tc qdisc del dev ifb0 root
tc qdisc add dev ifb0 root handle 1: prio bands 10
tc qdisc del dev wlan0 root
tc qdisc add dev wlan0 root handle 1: prio bands 10
tc qdisc add dev ifb0 parent 1:1 handle 10: htb default 1
tc class add dev ifb0 parent 10: classid 0:1 htb rate 1024kbit ceil 1024kbit burst 0 cburst 0
tc qdisc add dev wlan0 parent 1:1 handle 10: htb default 1
tc class add dev wlan0 parent 10: classid 0:1 htb rate 1024kbit ceil 1024kbit burst 0 cburst 0
tc filter add dev wlan0 protocol ip parent 1:0 prio 1 u32 match ip src 0.0.0.0/0 match ip dst 0.0.0.0/0 flowid 10:1
tc filter add dev ifb0 protocol ip parent 1:0 prio 1 u32 match ip src 0.0.0.0/0 match ip dst 0.0.0.0/0 flowid 10:1

  • A rule to add 100ms of delay with 25ms of jitter using a normal distribution with 25% of correlation

kakaroto@kakaroto:~/coding/netem$ ./netem wlan0 test.csv delay
tc qdisc del dev wlan0 root
tc qdisc add dev wlan0 root handle 1: prio bands 10
tc qdisc add dev wlan0 parent 1:1 handle 10: netem delay 100ms 25ms 25% distribution normal
tc filter add dev wlan0 protocol ip parent 1:0 prio 1 u32 match ip src 0.0.0.0/0 match ip dst 0.0.0.0/0 flowid 10:1

  • A rule that emulates various packet loss, delay, duplication, packet reordering, rate control, for both inbound and outbound connection with IP and port matching (3 sub-rules)

kakaroto@kakaroto:~/coding/netem$ ./netem wlan0 test.csv test1
modprobe ifb
ip link set dev ifb0 up
tc qdisc del dev wlan0 ingress
tc qdisc add dev wlan0 ingress
tc filter add dev wlan0 parent ffff: protocol ip u32 match u32 0 0 flowid 1:1 action mirred egress redirect dev ifb0
tc qdisc del dev ifb0 root
tc qdisc add dev ifb0 root handle 1: prio bands 10
tc qdisc del dev wlan0 root
tc qdisc add dev wlan0 root handle 1: prio bands 10
tc qdisc add dev wlan0 parent 1:1 handle 10: htb default 1
tc class add dev wlan0 parent 10: classid 0:1 htb rate 256kbit ceil 256kbit burst 0 cburst 0
tc qdisc add dev wlan0 parent 10:1 handle 11: netem loss 0.5% 25% duplicate 5% delay 100ms 50ms 25% distribution pareto reorder 1% limit 1000
tc qdisc add dev wlan0 parent 1:2 handle 20: netem loss 0.5% 50% limit 1000
tc qdisc add dev ifb0 parent 1:1 handle 10: netem loss 5% reorder 5% limit 1000
tc filter add dev wlan0 protocol ip parent 1:0 prio 1 u32 match ip dst 1.2.3.4/32 match ip dport 1234 0xffff flowid 10:1
tc filter add dev wlan0 protocol ip parent 1:0 prio 2 u32 match ip sport 4321 0xffff flowid 10:1
tc qdisc add dev wlan0 parent 1:3 handle 30: pfifo
tc filter add dev wlan0 protocol ip parent 1:0 prio 3 u32 match ip src 0.0.0.0/0 match ip dst 0.0.0.0/0 flowid 30:3
tc filter add dev ifb0 protocol ip parent 1:0 prio 1 u32 match ip src 1.2.3.4/32 match ip sport 1234 0xffff flowid 10:1
tc qdisc add dev ifb0 parent 1:2 handle 20: pfifo
tc filter add dev ifb0 protocol ip parent 1:0 prio 2 u32 match ip src 0.0.0.0/0 match ip dst 0.0.0.0/0 flowid 20:2

The Humble Homebrew Collection

Finally, after almost 2 months of hard work, I’m proud and happy to announce the release of the Homebrew game I’ve been working on : SGT Puzzles. It’s a collection of portable puzzle games for Windows, Mac, Linux, Android, PocketPC, Android, etc.. and I’ve ported it to the PS3 too!

The release of this homebrew game comes with the  release of The Humble Homebrew Collection which is inspired by the Humble Indie Bundle Initiative (but not endorsed by it). The difference here is that you don’t have to pay anything in order to enjoy the games, they are free to download by anyone, but you are also able to donate any amount to the developer of the puzzle games (Simon Tatham) as well as the PS3 port developer (me!) and the EFF. You decide who to send the money to just like with the Humble Bundle. I’ve also linked to the game’s Windows, Mac and Android ports if you want them (they are already available in most Linux distributions).

The addition here and probably the most important part is a petition where yo get to sign and send a message to Sony asking for a legitimate way of having homebrew games on the PS3. Every signature will send an email to SCEE, SCEA, SCE Australia, SCE New Zealand and Kazuo Hirai, the CEO of Sony Computer Entertainment.  This is done in the hopes that Sony will finally see the light, learn from the mistakes they’ve been doing these past few years, and finally give us a legitimate and officially supported way of developing homebrew applications for our PS3 Systems.

Sony would be stupid not to answer to that, considering that Apple complied, Microsoft complied and Google complied, and they are all generating huge revenues thanks to homebrewers, with zero investment from their part. I know that the Sony execs only understand when you talk about money, so I hope this is a good enough incentive for them. Clearly, they do not care about their customers, so I don’t think they’ll change anything only to do what is right.

The SGT Puzzles game includes 33 puzzles, which are excellent for the most part. My favorite is and always will be Pattern, as I’ve spent countless hours playing it. I’ve recently also discovered Rectangles and Net which are also very good (in higher difficulties). I suggest you give those puzzles a try. Above all, I hope everyone can enjoy these games.

This all started about 2 months ago when I found a copy of Pattern on my PC and started playing it again. I tweeted about it and asked if someone wanted to port it to the PS3. Clement Bouvet (@TeToNN) quickly made a proof of concept using cairo. That got me excited and I decided to help him. We ended up writing a PS3 application over Simon Tatham’s Portable Puzzle Collection which, I must say, is very well written and made porting it to the PS3 very easy. It took maybe a day or two and the first game was playable on the PS3. At that point, I discovered the Cairo Drawing API which I loved and and I decided to invest myself entirely in this. It took 3 more weeks of hard work to get the whole system working (choose your puzzle game, change difficulty (Select) and writing the whole menu system for the game). I’ve received various help, Surenix made the designs for the menu graphics and buttons, and BeGamer helped design the HHC website.

The game still lacks a few things, and I will continue to work on it and improve it so everyone can enjoy a quality homebrew game, that, I hope, will make the anti-homebrew purists jealous.

The funny thing is that since day one, the source code for this game was available on my github account, but no one noticed it. Only a few people who accidently ended up on my github page found it, but no news website author found it or reported on it. I’m glad, because it allowed me to make this happen the way I wanted it to and launch this HHC initiative when it became ready. I’d like to ask the various websites out there not to link directly to the games (even if you are allowed to) and instead link to humblehomebrew.com so people can sign the petition while downloading.

Most of the code is licensed under the MIT license. Parts of the code (the cairo menu system) is licensed under the LGPL license and I plan on extracting that into its own library for other developers to use in their applications.

The website took about 3 weeks to code. I learned two valuable lessons.. first, HTML coding is crap… secondly, it’s much more complicated than it looks. I hope people will appreciate this effort and I hope the Humble Homebrew Collection will make a difference.

In the future, I hope to enhance it by adding new homebrew games whenever I find something of quality, and keep the website and this whole initiative going for a long time, for as long as necessary.

 

So.. go ahead, download the games, sign the petition, maybe donate if you’re feeling generous, and most importantly, have fun!

Thank you!

 

Second Humble Indie Bundle + Braid Linux release!

Hi all,

After the huge success of the Humble Indie Bundle from last May, which I absolutely loved, the group of Indie developers decided to release a second Humble Indie Bundle with five other games, one of which is Braid, my favorite Independent game.

I suggest everyone goes over to http://humblebundle.com and buys those games, you name your price and you get five great games with no DRM and with Linux, Mac and Windows binaries available for you to install on any and all of your PCs. you can also decide how to share that money you just spent, how much you want to send to the developers, or to the EFF or Child’s Play charities. Don’t waste any time and go show your appreciation of good games and your support to the open spirit of writing multiplatofrm, non-DRM games. Maybe this time again, like in the first bundle, the developers will decide to release their games to an open source license (I wish:)).

In the last bundle, I was a bit sad that Braid wasn’t included, but it was because it wasn’t available for Linux yet. I had previously discussed with Jonathan Blow (the author of Braid) about Linux support and he said that it would eventually be available, and he indeed delivered! Although there has been no news about this and no release of Braid for Linux so far, the Humble Indie Bundle also marks the release of the Linux version of Braid. Get the bundle and you will be able to download a native version of Braid for Linux (although it’s been reported that the Windows version worked under Wine).

I’ve tried running Braid on my  Linux system and had the horrible issue of the ‘missing GL extension’ that so many people are having. I checked the game’s bugzilla on icculus and found the related bug report in which Scott Mansell found the solution : The missing extension is “GL_EXT_texture_compression_s3tc” which is disabled on the open source drivers because it is covered by a patent and requires a licence.
If you live in a country where the patent doesn’t apply, you can enable it using driconf. Simply install it (“sudo apt-get install driconf” or “sudo yum install driconf”) then run ‘driconf’ and enable the S3TC extension in the “Image quality” tab of driconf.

Thank you Scott Mansell! 🙂

I hope this helps a few of you, enjoy!

KaKaRoTo

PS3: Registry viewer and PDB generator

Hi all,

Here’s a quick post to share these small tools I wrote.

First, there’s  a .pdb file generator, it’s useful to install demos, I wrote this 6 days ago, but didn’t want to release it, I didn’t want people to use it to pirate PSN games, but it turns out it only works for demos… Even if it installs full retail games, they won’t run because you still need a license to run them. Also, two other people released similar tools (but much better, with more customization, good UIs, etc..) so I don’t need to keep this to myself anymore!

Second is a registry viewer! The /dev_flash2/etc/xRegistry.sys file contains a lot of interesting stuff, mostly your user settings, but it also contains some settings that you cannot change through the XMB (like QAMode or debugSoftwareUpdate, etc..). The file format is quite weird, SKFU attempted to reverse engineer it but didn’t really succeed, but thanks to Matsy who figured out how to link the keys with their values, I was able to understand the file format (most of it anyways) and write this app.  It’s just a crappy tcl/tk script that I wrote real quick! I’m really bad at UIs so I thought I’d put a quick and dirty tcl/tk script to build the UI for it.. it’s not much, it doesn’t allow you to change values, so don’t pay it much attention. Matsy is working on building a QT application to allow you to view and edit the registry values, so be patient, in the meantime, you can use this simple viewer to check out the contents of the file!

You can grab these tools (and possibly other stuff I might write in the future) from my new git repository at : http://github.com/kakaroto/ps3utils. They are both released under the GPL license.

On a side note, I just upgraded to firmware 3.42, so I’ll be taking a bit less active from the ps3 hacking scene for a little while, until I get enough money to buy a new (used actually) PS3. I also want to thank everyone who donated so far, so… thank you 🙂

KaKaRoTo

PSFreedom news, homebrew and donations

Hi all,

I suppose many people are now following my blog and you’re all eager to learn more about the latest PSFreedom news!

Important things first : Please stop asking me if PSFreedom will work on your phone, NO it will not work on any Symbian phones and it won’t work on iPhones (see next paragraph though). Stop asking and just accept that and buy yourself a Teensy board or an AT90USB microcontroller or similar and install PSGroove on it, then you’ll have your own dedicated dongle.

Now that that’s out of the way, let’s get back to business! I told you last time that NTAuthority almost had the iPhoneLinux port working, well the good news is that it does indeed work and it’s been released! Please read the instructions to get it installed from the wiki. Note however that it only works on iPod Touch 1G, iPhone 2G and iPhone 3G, it will not work on iPhone 3GS or 4G or any other iPod… so please don’t even ask about it!!!!

In similar news, we’ve added support for many new Android devices, the list almost reaches 40 models, and about 25 unique devices are now PSFreedom compatible! Again, you can see the whole list of supported devices in the wiki. I just want to make one thing clear : I made PSFreedom for the N800/N810/N900 phones, but I didn’t port it to android. Although I helped some developers port PSFreedom to new USB controllers, I didn’t port or compile any build of PSFreedom for any Android device, so your thanks should go to those responsible for doing it. This is a community effort and those from the community who helped this project should receive our thanks!

Now, what you’ve been waiting for, what’s new in the  PS3 scene, well, many things. First, I’ve recently joined the group of Mathieulh and I’ve been working with them to figure out how the kernel and payload works! I’ve also recently created a new branch in git for writing custom assembly for the payloads instead of using the hardcoded binary blob from PSJailbreak. I’ve cleaned up the payload used by PSJailbreak as well as documented it so others can read it and better understand how it works. The reverse engineering and information has been provided by the group of Mathieulh as well as some of my own reverse engineering work. You can find the ASM payload file here. AerialX from the PSGroove team is also working on cool payloads so you should check out his git repository too!

Also, Matsy and I have reverse engineered the xRegistry.sys file format and are now able to modify the XMB registry in order to enable new features (QA mode, debug options, etc..), and we’ll be working in the next few days on making a homebrew application that would allow you to change these settings safely.

Now for the sad news.. I will be forced to update my PS3 system very soon, for multiple reasons.. First, I’m getting the PS Move tomorrow and I really want to buy Tumble (PSN game) which looks like an awesome game and I can’t do that if I don’t upgrade my PS3 since PSN is locked for firmware 3.41. I also am a PSN+ subscriber and not being able to connect to PSN and enjoy the content I paid for is absurd and it feels like it’s wasting those 50$ I paid for PSN+. Finally, I had to reformat (and restore from backup, Thank God) my PS3 hardrive yesterday because as I was testing the payloads, I kept crashing the PS3 and I kept shutting it down the hard way which seemed to have corrupted my hard drive. After I restored my backup, all my content is there, but when I try to launch a game it says “To access this content, you must active this system. Go to ‘Playstation Network->Account Management’ to activate this system”, which I cannot do without connecting to PSN. This basically means that the 50+ games that I have bought on PSN are now inaccessible to me. So for all these reasons, I have chosen to update my PS3 to the latest firmware version.

As you all know by now, Sony has fixed the vulnerability we’re using to run homebrew in the latest firmware update, which means that once I update, I won’t be able to use PSFreedom or run homebrew applications anymore. This means that I won’t be able to work anymore on homebrew and custom payloads.. I could try to write something but I won’t be able to use it or test it, so the motivation will not be the same. For that, I’m asking you, those of you who used and enjoyed PSFreedom and are grateful for it or those who would like to see more of my work in the future, that you please donate a little something. Your donation will be used in order to buy a new PS3 that will be used only for homebrew and development. Note that I am not requesting you to donate, you have no obligations to do so and I’m not promising you anything either in exchange for a donation. Also note that, as stated earlier, I do not make ports of PSFreedom to new devices/phones, so don’t hope or expect me to make it work for your phone because you donated something. So only donate to me if you are grateful for everything I’ve done so far and you want to show your appreciation. If you decide to donate to me, then thank you very much! Your donations are very much appreciated and they might allow me to release something cool and useful to the PS3 homebrew scene in the future (but I can’t guarantee anything to anyone of course).

So if you want to donate some money, just click on the Donate button below! If you want to donate some hardware (a PS3 maybe, or a Teensy board or anything), contact me and let me know.

Thank you all for your support!
KaKaRoTo

PSFreedom 1.0 and lots of news!

Hi all,

I’ve wanted to post about PSFreedom for the last 4 days now but everytime there’s something that prevents me from doing so.. there is so much happening that it’s hard to keep up and I’ve been overwhelmed by the reaction!

PSFreedom has seen a tremendous success, it’s been featured on multiple news sites  including Engadget, we’ve had a huge number of ‘fans’ (more like leechers:p) popping up on the newly created IRC channel (#PSFreedom @ irc.freenode.net). Someone (devz3ro) donated a domain and web hosting for our new http://psfreedom.com/wiki website. The number of people who have worked hard to create a beautiful and well organized wiki to keep track of all the ports. The number of  people who have tried (and many succeeded) to port PSFreedom to so many different devices and those who sent me pull requests on github as well as those who simply read my code and reviewed it and decided to comment on my commits so I can improve the code.

Anyways, it has been a tremendous success, real community work and I want to thank personally everyone involved, everyone who helped, whether it be with a small or a big contribution to the project.

Now about the news, I have quite a few… first, a lot of people are asking me how to get this working on the N800 and N810! Well, it’s been working for a few days now, but the mass storage driver was conflicting and made the controller unstable. However, today, drizztbsd contributed a patch that fixes this issue (by killing hald-addon-usb) without modifying any file from your system, so enabling the exploit on the N800, N810 and N900 is all a matter of running the ./psfreedom-enable-maemo.sh script! There is also an easy to use graphical application that should be released today by MohammadAG and a special thank you to Bash who also contributed the PSFreedom logo.

I have also received a ton of requests from people to port this to the iPhone and/or one of their Symbian devices… my answer to that is : RTFM!! In other words, no it is simply *impossible*. It can only be ported to other Linux devices. However, we are close to having it work with IphoneLinux (actually, I just got confirmation a few seconds ago that it’s finally working) as NTAuthority spent countless hours porting it and fixing the controller’s incomplete driver in order to make this work. Once his port is finished, and stable, he will make it available to everyone, so stay tuned and follow the Device compatibility list on the wiki!

Other good news, PSFreedom has been ported to a huge amount of devices already, and the list keeps growing every day! We currently support and have working binaries for not only the N800/N810/N900 but also the Palm Pre, Archos 5 (Generation 6), Archos 5 IMT (Generation 7), as well as, thanks to the work of DocMon in porting PSFreedom to the MSM72K controller, The HTC Desire (Bravo), Nexus One, HTC Dream (G1), HTC Sapphire (HTC Magic 32A/32B), HTC HD2 (running Android), HTC Wildfire and I’ve received confirmation a few minutes ago that it’s been successfully ported to the HTC Evo as well as HTC Diamond. Also, waninkoko recently ported PSFreedom to work on the Dingoo open game console.

For the future, you can expect a lot more devices to be supported, like the iPhone/iPod (Through iPhoneLinux only) as well as the Gp2x Wiz game console, and the huge list of compatible devices available in our wiki. Also note that running the PSFreedom on an Android device isn’t as easy as it is on the N900, you need to flash some nandroid thing, then flash a custom kernel (because Android’s kernel sucks) then run PSFreedom in that environment, then run Nandroid again to restore your system… It is quite complicated but many people are working on making it much simpler to do, the famous AmonRA contacted me and said he started working on building a PSFreedom-compatible recovery image with a menu item to enable/disable the PSFreedom functionality.

There is one last  important bit of news I want to share with you : PSFreedom 1.0 has been released (more like tagged) and it adds support for many devices, the Makefile allows you to build for a specific platform by specifying it as a target, ‘make N900’ or ‘make Desire’ or ‘make Dingoo’ will build it for your needs with the right configuration. Also more importantly, this version will allow you to customize which payload or shellcode you want to send to your PS3 during the exploit. Many people have requested a version that allows you to play backups, while the original release of PSFreedom didn’t allow that, it quickly got patched to allow the backup manager to work. The new release of the PSGroove yesterday also adds 2 system calls that allows user space application to modify the GameOS kernel, and that meant a new payload is available for developers. This version of PSFreedom provides all these payloads and you can choose which one to set by simply copying it to /proc/psfreedom/payload once the module has been loaded. The same also applies to the shellcode.

That’s it for now, there are a ton of other news I’d like to share, but this post is long enough and I’d like to keep some surprises for next time!

Thanks to all for your support!

KaKaRoTo

PSFreedom source code released!

Hi again,

As promised yesterday, I’ve just released the source code for PSFreedom. You can grab it now on github.

If you want to port it to work on another device, then fork the repository and start working, you can send me a pull request once it’s done. See the end of this post for a little howto on porting it to a new device.

I have also decided to remove that video I put yesterday on youtube. I didn’t give the link to anyone, but somehow people found it and it got linked on multiple news sites… that video is useless, hard to watch, and I’m sorry! I’ve made a new video that you can view here :

Since yesterday I’ve been spammed with emails, comments on my blog, PMs and pings on IRC, etc.. and my server even went down (doesn’t seem to be because of high traffic). So I’d like to answer everyone with this FAQ :

Q : What is your relationship with the PSGroove project ?

A: PSGroove was released a while ago while I was already working (about 50% done) on PSFreedom. I had help from Mathieulh and Phire from the PSGroove team, who gave me insight on what the jailbreak does. When PSGroove was released, I read its code to understand what it does and to make sure my code worked in the same way. I copied the descriptors and payload from the code of PSGroove, and I give them credit for what they did, and for what I copied from their project. I set my license to GPL v3 to match theirs, and I gave credits to those who helped me on IRC. However, I say and I insist that PSFreedom is not a port of PSGroove, because I never took their code and ported it to the N900, this is my original work, and I wrote all of its code from scratch. Some of the PSGroove team seem to be in conflict with me because of that, they insist that “if you looked at our code, then it is a without question a port of PSGroove”, and I believe we have two very different understanding of the term ‘port’.

Q : Can/when is it going to work on the iPhone/Symbian/My phone ?

A: PSFreedom is a  Linux driver, so it will only work on Linux-enabled devices.. which means, not on iOS, and not on Symbian, so please stop asking about that!

Q: Will it work on the 770/N800/N810 ?

A: I only did this for the N900, I might port it to other devices, but right now, I cannot give any guarantees to anyone that it will be ported or that it will work on another device… The source code has been released and whoever wants to contribute can go ahead, fork my repository, and send me a pull request when you got something working.

These are linux devices, so yes, it should work, but just like any other device, they use a different controller than the N900, so a little porting will be necessary.

Q: Will it work from a linux PC ?

A: Unfortunately, no, most PCs have a USB controller  that only supports Host mode, but you need Slave mode to be able to make this work.

Q: Can I run backups with this ?

A: At the moment, no, I have used the same payload as PSGroove, which means backups are disabled, although someone already released a version of PSFreedom with backups enabled. In the future, I will hopefully  make the module load any payload at runtime, this way you could choose between different payloads.

Q: Can you make it easier to use ?

A: Me? No.. someone else? Yes.. there is already someone working on a UI for PSFreedom, and it will be available once it’s ready.

Q: What do I need to use PSFreedom on my N900 ?

A: First, you need a N900 (duh) and a PS3 (duh) with firmware 3.41. The N900 should be running the stock kernel (-omap1) not a modified kernel. Then you just need to scp the files to the N900 and run the -enable script.

Q: How much of the source is Nokia N900 specific? Are you using the Linux USB Gadgets library?

A: Very little is N900 specific, I’m using the include/linux/gadget.h if that’s what you mean. See next Q/A for more info.

Q: How hard is it to port it to a new device ?

A: Well, I’ve just separated my code from the N900 specific stuff, so it’s quite easy, there are mainly two functions to write, one to get and one to set the USB address.. two other functions that only return some static result depending on the configuration of the controller (the name of the endpoints, and whether the controller supports high speed or full speed mode).

Read the README file provided with PSFreedom, and check the psfreedom_machine.c file for specifics on what to implement.

Q: How can I port it to a new device.

A: Well, first, you need to figure out what controller your device uses, in the case of the N900, it’s ‘musb’..

Then go to the driver code for that controller (probably in drivers/usb/gadget) and look for ‘SET_ADDRESS’. In the case of musb, it was in drivers/usb/musb/musb_gadget_ep0.c. In there it was setting the address to the USB device, so just copy that code into the psfreedom_machine.c to allow setting the address, and add a similar function to be able to retreive the address.

Then add a function to return 0 or 1 depending on whether the controller supports HIGH, FULL or LOW speed mode (go to usb_gadget_register_driver for your controller, and in the first lines, it should validate the speed argument, it will tell you which ones are acceptable), set LOW speed mode to return TRUE only if FULL speed isn’t available .

Finally, add a function to return the endpoint names.. it will usually be something like ‘epXin’ and ‘epXout’ (where X is the endpoint number), or “epXin-bulk”, etc.. look at how the driver initializes its endpoints or grep for “->name” in the file to find where it sets it…

That should be enough!

Ok this is it for now with the FAQ. Next time, I’ll tell you all about my experience, what problems I encountered and how I fixed them, maybe it will help others!

Enjoy it!

KaKaRoTo

PSFreedom (Jailbreak PS3 with N900) worked, finished and released!

Hi everyone,

As promised, here’s an update on my implementation of the PSJailbreak exploit : IT WORKS!

I made a video to show you, but I suck at making videos, so we can’t really see what’s going…  I’ll do a better one tomorrow.

It’s 9:30 AM here, and I really need to go to sleep, I’ll post more about this tomorrow, and I’ll release the code tomorrow for everyone to enjoy, compile, contribute, read, laugh at, etc…

So here’s the binary release of PSFreedom (thanks to xnt14 for the name) : PSFreedom driver

I would like to thank 3 people in particular who helped me, encouraged me and helped debug with me : NTAuth, philhug and phire (a.k.a phiren) from EFNet.

So here’s how it works.. download the .tar.gz, extract it, copy the files to your n900 (with scp, into /root), then ssh into your N900 and type : ./psfreedom-enable.sh

Then you can follow the usual procedure, unplug the PS3 from power, plug in the N900, connect the power to the PS3, then press power and *quickly* press the eject button… Then just let  the magic happen!

Once you’re done or want to revert back to the normal operation mode of the N900 (or to charge it) run the command ./psfreedom-disable.sh

In the future, we’ll have a nice package to install, a GUI application, I’ll make use of the LEDs  to show you the status of what it’s doing, and i’ll have it auto-revert to mass storage mode, so you can use your N900 not only to enable homebrew but also to store your homebrew!

See you tomorrow! Good night!

KaKaRoTo

Update on PSJailbreak linux kernel (for N900 devices)

Hi all,

For all those who kept bugging me on IRC about “what’s your status” and “when will you release it”, etc.. I’d like to give you a quick status update on my project :

First, this is NOT and I repeat, it’s NOT a port of PSGroove for the N900.. I started my project long before PSGroove was released, and my code has absolutely nothing to do with theirs and we don’t share any code in common. It is NOT a port, it’s a different implementation of the same exploit!
Secondly, it’s going pretty well so far, I finished writing it, all the code is there, and I’m testing it but I’m still getting some issues, for some reason the PS3 isn’t accepting the JIG, I hope I can get this fixed soon, so please, everyone just be patient, I will release it when it’s ready! But the good news is that it’s doable apparently!

For those who read my previous post, here’s an update :

– The kernel OOPS I was getting on linux was because my ‘hub’ was a high speed one, and when a device gets connected, the reply to GetPortStatus ommitted the ‘high speed’ flag in the response.. apparently, a high speed hub can only have high speed devices plugged into it, you can’t plug full speed or low speed devices in a hub, otherwise, your linux kernel crashes! It’s a use case the kernel developers didn’t think of (or didn’t find a way to test it). I will also soon release the code to reproduce that oops so people can look into it.

– I was able to get and set the address on the controller, but I had to add two new functions to the usb-gadget API. This means that you will eventually need to flash your device’s kernel to get advantage of the new functions.

– I figured out how to send a NAK in response to a IN interrupt.. you simply don’t queue anything, the controller apparently takes care of that automatically for you! and I had to read almost all of the controller’s code to figure that one out!

By writing this exploit as a standard linux driver, this means that my module can be used on any other linux-enabled devices.. this means not only the N900, but also the 770, N800, N810, Android phones and future Meego devices. It might need a little porting for some devices though, but it should still work…

That’s it, I’ll keep you informed on how it goes. Hopefully, we’ll soon be able to run homebrew on our PS3 simply by plugging our N900 to it, what a wonderful device it is 🙂

KaKaRoTo