PS3 Understanding nofsm patches

R

Regg

Forum Noob
Hello, I've been working on understanding how the cfw procedure works and I've stumbled upon these so called "nofsm patches". Unfortunately online, on the wiki and on the various discords I couldn't find anything regarding these.
Analyzing the one that ships with dumpchecker I came to the conclusion that it was the rosX section in its entirety.
After figuring out how to extract them from both nor dumps and PUP files I quickly built a program to extract the embedded files and compare them across dumps.
My conclusion is that nofsm patches are a subset of the evilnat's (or other cfws before it) ros.
So I've figured these files need to be patched from ofw: default.spp, emer_init.self, lv0, lv1.self, lv2_kernel.self, sb_iso_spu_module.self, spp_verifier.self, spu_pkg_rvk_verifier.self, spu_token_processor.self
Out of these files all of them are identical between evilnat and nofsm except for lv2_kernel.self (I'm using 4.92 as reference).
Does anyone know how to either build a nofsm-compatible lv2, or if previous lv2 are forward compatible (for example using 4.92 lv2 on 4.93), or if evilnat's lv2 can be used as-is?
Or is there a tool I couldn't find that does this all for me (nofsm looks much different internally than evilnat as the files are sorted differently, even tho it likely has no effect)?
 
only a few people can make the patch. it probably is not too hard to learn, however most people do not have the hardware flasher to fix their console if they make a mistake.
 
yes I'm aware of the flasher problem and I am in fact either searching for one or searching/going to pay someone to test the patch with a flasher.
If I do figure out the flasher problem, are there any tips anyone could give me on how to continue the research as I am kinda lost?
Ideally I'm now trying to unpack the lv2 self file so I can compare it with OFW (hopefully it's just a matter of forcefully returning some functions) but "unself" is giving me a bad header error (invalid keys?).
Also how can I then resign the self file?
If anyone has info please let me know :smile new:

I've done it I've made the patch, I need to make a tool to rebuild the ros now and then test it

I've rebuilt the ros based on 4.93 and comparing it to evilnat my rebuilder's output offsets are slightly different after multiple files are inserted. Some padding is present between the files (I'm referring to the data section not the names table), but rn I don't see a pattern on how it is applied.
Is this padding necessary or not? Some files are already next to each other anyway and I believe the files can be placed arbitrarily in the free space.
 
Last edited by a moderator:
Regg said:
webkit flasher.
Click to expand...
do you mean this thing? it uses a patch that is basically half size of a nofsm patch.

in my opinion, it would be better to update the old tool to use the actual, full nofsm patch that is always made with each cfw update. otherwise a new half-size patch would be needed with every frimware update.
 
I guess that could be done, although looking at the tool I'm quite confused on the ros offsets here.
It doesn't seem to add up as the ros0_start_sector is 512bytes but the "half sized" appears to be 512+48bytes in.
I guess just removing 512+48 (how do I do that if the number is in blocks?) from both ros0 and ros1 start and changing sec_step and sec_endstep so it's 32 bytes at a time till 7mb-32bytes rounded down to by 1 block could work.

Also I need to (understand) and fix the gadgets if they don't work anymore
 
You must log in or register to reply here.

Similar threads

Back
Top