UP Open Source??

I remember when the news that a PSP modchip was coming out the creators said they will be going open source for the modchip. So my question is, where are all the documentation for developing on the UP? Also, is there any program to view the contents of the .flash files? I used Hex Edit but it doesn't rely do me any good. Now for the most important question, if I were to have made some software for the UP what format do I save it as to upload it to the up?

Hex edit is perfect. Search for "MY LITTLE LOVER" in the UP dumps to see if its real or,

"Mr.Children"
"thee michelle gun elephant"
"MOON CHILD"
"LOVE PSYCHEDELICO"
"little by little"

JanW: I've been wondering the same thing for quite a while... there is documentation in the readme's about the UP .flash file system structure, hasnt really been put to use yet though (its not all that complete).

Though now too I am wondering what UP_PSP is on.

Haha cory open up a UP NAND dump in a Hex Editor and search for those strings without the quotes and it'll be there... lol

EDIT: Theres also

"SOUL FUCKTRY.....Soulhead"

Yes, and they are also present in the dumps from 0okm's NAND dumper and the dumps from Booster's NAND dumper... whats that got to do with the docs that were supposed to be released by UP? (aka: what are you going on about/what are you on?) Dont forget PENICILLIN, Whiteberry, Folder 5, BUMP OF CHICKEN and -Rhythym too.

He asked how to view the contents right? Lol thats what a "valid" NAND dump contains.

Actually, he said something a little more like:

Quote:

I used Hex Edit but it doesn't rely do me any good. Now for the most important question, if I were to have made some software for the UP what format do I save it as to upload it to the up?

Offset of the idstorage block? Offset of the IPL block? Offset of the flash0 FAT? Offset of the flash1 FAT? How to interpret those with the interspersed NAND paging info to be able to extract the files just like from a real FAT? How to recreate the structure to have a valid .flash file that can be used by the UP programming software? (lots of these questions can be answered easily with current info in the UP/Epsilon readmes, some cant.)

There is a bit more to it than just picking phrases out with a hex editor (though, you got me on that one, I cant figure out why those are in there unless its something to do with the MP3 player). There is also the question of switching chips through PSP software (though Dark Alex has done a bit of work on this using some form of resets).

As UP team didn't want to make their code opensource (unlike what they first claimed) I figured some people might need to code specific psp applications for UPs, thus I am now posting the code needed to swap nands from the UP.
This code is to USE FROM THE UP NAND ONLY.
The UP nand is totally invisible when running the psp from the onboard nand (pressing L at startup), thus you cannot swich to the UP nand from the onboard nand if you started from it.

This code has been found by Dark_Alex while performing disassembly of the vshmain.prx file from the Epsilon boostrap (that is in fact the Epsilon recovery menu)
Of course seeing that this piece of code can hardly be guessed, I suggest Team Epsilon have STRONG relation ( not to say they might be the same team) with team UP and that they might not wish to make their UP opensource as they claimed for comercial reasons, giving the exclusives to the Epsilon product wich I don't think is much fair.

Here is the code:


#define NAND_STATUS (*((volatile unsigned *)0xBD101004))
#define NAND_COMMAND (*((volatile unsigned *)0xBD101008))
#define NAND_ADDRESS (*((volatile unsigned *)0xBD10100C))
#define NAND_READDATA (*((volatile unsigned *)0xBD101300))
#define NAND_ENDTRANS (*((volatile unsigned *)0xBD101014))

u32 commands[20] =
{
0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x01, 0x01,
0x00, 0x01, 0x00, 0x00, 0x01, 0x01, 0x00, 0x01,
0x00, 0x00, 0x01, 0xFF
};

u32 commands_2[20] =
{
0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x01, 0x01,
0x00, 0x01, 0x00, 0x00, 0x01, 0x01, 0x00, 0x01,
0x01, 0x01, 0x00, 0xFF
};

void SetActiveNand(u32 unit)
{
// unit 0 -> UP, unit 1 -> internal nand
int i;

commands[19] = unit;

for (i = 0; i < 20; i++)
{
NAND_COMMAND = commands[i];
NAND_ADDRESS = 0;
NAND_ENDTRANS = 1;
}
}

u8 unk()
{
int i;
u8 read; // read?

commands_2[19] = 1;

for (i = 0; i < 20; i++)
{
NAND_COMMAND = commands_2[i];
}

read = (u8)NAND_READDATA;

commands_2[19] = 0;

for (i = 0; i < 20; i++)
{
NAND_COMMAND = commands_2[i];
}

return read;
}



void SwapFlash(int unit)
{
sceIoUnassign("flash0:");
sceIoUnassign("flash1:");

sceNandLock(0);

SetActiveNand(unit);
unk();

sceNandUnlock();

sceIoAssign("flash0:", "lflash0:0,0", "flashfat0:", 0, IOASSIGN_RDWR , 0);
sceIoAssign("flash1:", "lflash0:0,1", "flashfat1:", 0, IOASSIGN_RDWR , 0);
}

UPDATE: I also added an open source nand dumper that dumps complying UP nand binaries to flash using either Epsilon recovery or the UP flasher program.
I would encourage any people who want to post opensource UP related aplications to do so in this thread.

UPDATE #2: Added Crossdater, a special and more advanced downdater based on the 1.50 to 1.00 Downdater, it is meant to downdate onboard nand from the UP nand, exact features:

- Uses ipl_updater module from 2.00-2.60 updaters to overwrite any IPL data
- Formats flash0:/ successfully
- Swaps nand from UP to internal nand

To make sure nobody missuses it I did not release the binary, it is up to you to compile it after reading the code properly.

Quote:

Originally Posted by UP_PSP

Hex edit is perfect. Search for "MY LITTLE LOVER" in the UP dumps to see if its real or,

"Mr.Children"
"thee michelle gun elephant"
"MOON CHILD"
"LOVE PSYCHEDELICO"
"little by little"

Yes it is, it comes from the original SCE psp nand data, it's probably part of some dictionary used internaly by SCE, I am not really sure what it's for.

Quote:

Originally Posted by Mathieulh

Yes it is, it comes from the original SCE psp nand data, it's probably part of some dictionary used internaly by SCE, I am not really sure what it's for.

These are the more popular bands of Japan, I think... Mr. Children and Moon Child I've heard of.

First and foremost, thanks Mathieulh for sharing what you and Dark_Alex have come up with.

To quote the "press release" (link):

Quote:

In order to maximise the benefits that U.P. can provide its users, we have decided to take an open source approach with U.P and will be releasing source code for any software we release as well as full documentation for the U.P. hardware interface - including information on how to control U.P. from within PSP programs. This will allow anybody to create software which can take advantage of what U.P. has to offer. We have also sent a few prototype units away to some of the scene's best software hackers in order to give them a headstart at working on custom flash replacements - cant wait to see what people will come up with!

I think in the end it will be (and has indeed been) faster and simpler for you guys to hack what "epsilon" has done wrather than wait on these vague promises. Even if they are going to release this stuff still, it really doesnt seem to be any type of priority of UP/Epsilon to give direct end-user support beyond what we have seen so far (teasers).

Quote:

Originally Posted by Mathieulh

The UP nand is totally invisible when running the psp from the onboard nand (pressing L at startup), thus you cannot swich to the UP nand from the onboard nand if you started from it.

I dont agree with this (unless I am totally wrong in catching what you are getting at and you simply mean like epsilon you have to first boot from UP or else it is put "to sleep"). There is a way to switch back and forth between chips, its just hidden in the 2.71 reboot/patches somewhere. Install epsilon/2.71, start FA (for 1.5) and browse flash0. Return to the menu, then start FA (Tiff exploit), and browse flash again. Comparing memory dumps from patched / unpatched might reveal some interesting things about how the chip works to someone who knows how to analyze such dumps and is actually interested in what went into epsilon's patches.

Quote:

Yes it is, it comes from the original SCE psp nand data, it's probably part of some dictionary used internaly by SCE, I am not really sure what it's for.

Pseudo random dictionary checks to ensure non-modification? Leftover "junk data" simply used to buffer an area to a specific size? Someone #included their music library/playlist? Perhaps they are all just bands under $ony label.

"Also, Dark_AleX shared with us a UP Open NAND Dumper For PSP (currently includes a Crossdater, Undiluted Platinum Open NAND Dumper, and SRC code) today, and has informed us of his latest PSP hack, which will be a v2.71 PSP XMB homebrew launcher. The way it will work is via TIFF exploit patch will remain on the PSP until it is hard reset, and he may release a proof of concept tomorrow with the ultimate goal being to execute kernel homebrew. At the moment his project will be limited to User Mode only and homebrew will have to be a single PBP/PRX and not in ELF format"

Quote from ps2nfo.

I am fed up of ps2nfo lies, Alex never shared anything with them (and I doubt he ever will)

Now I am more pissed than ever

Quote:

Originally Posted by Mathieulh

"Also, Dark_AleX shared with us a UP Open NAND Dumper For PSP (currently includes a Crossdater, Undiluted Platinum Open NAND Dumper, and SRC code) today, and has informed us of his latest PSP hack, which will be a v2.71 PSP XMB homebrew launcher. The way it will work is via TIFF exploit patch will remain on the PSP until it is hard reset, and he may release a proof of concept tomorrow with the ultimate goal being to execute kernel homebrew. At the moment his project will be limited to User Mode only and homebrew will have to be a single PBP/PRX and not in ELF format"

Quote from ps2nfo.

I am fed up of ps2nfo lies, Alex never shared anything with them (and I doubt he ever will)

Now I am more pissed than ever

I know, you can always tell when they haven't got permission. They award points to people who submit homebrew etc to them but don't award anything when they steal stuff.

I am banned from there since the gamecube scene
and proud of it

Quote:

Originally Posted by cory149

I dont agree with this (unless I am totally wrong in catching what you are getting at and you simply mean like epsilon you have to first boot from UP or else it is put "to sleep"). There is a way to switch back and forth between chips, its just hidden in the 2.71 reboot/patches somewhere. Install epsilon/2.71, start FA (for 1.5) and browse flash0. Return to the menu, then start FA (Tiff exploit), and browse flash again. Comparing memory dumps from patched / unpatched might reveal some interesting things about how the chip works to someone who knows how to analyze such dumps and is actually interested in what went into epsilon's patches.

When you run Epsilon you start the psp from the UP nand, thus both nands remain visible even after swiching to onboard nand.

However when you start the psp from onboard nand (pressing L at startup) UP nand is totally invisible. This is a great move as it prevents sony from detecting the chip in future firmware updates.