Mathieulh has revealed another juicey piece of info on his twitter. He has revealed information on patching the 3.41 payload. More specifically, he provides information on a lv2 patch that effectively allows all game updates/patches to work. We reported previously on a few payloads that increased this sort of stability with game updates. However, Mathieulh again has found flaw in how the payloads were patched. He explains that these other payloads missed a check, a check which he reveals below.
Update: Mathieulh has explained the check further in depth, check out what he had to say after the jump.
Please note he will not be adding this to the official psgroove payload as he does not support piracy.
Some game updates use lv2open to check the disc’s param.sfo to make sure the right disc is in the drive and the check fails because psjailbreak patches only patch the vsh open, as such a lot of patches will ask to “insert” the disc if you are playing from a backup, I don’t care much about backups myself but for the sake of it and because some people may actually do a legit use of them, here is the patch : in 3.41 lv2 at offset 0x5745C change to li %r31, 0
Before you ask, because this is mostly backups related I wont be implementing this on the psgroove payload. If others want to implement this patch, that will be their call.
The following comes via http://www.twitlonger.com/show/6efnkb
cmpwi cr7, %r27, 0
ROM:00057430 beq cr7, loc_57458
ROM:00057434 lbz %r0, 0×60(%r28)
ROM:00057438 cmpwi cr7, %r0, 0
ROM:0005743C beq cr7, loc_57458
ROM:00057440 addi %r3, %sp, arg_72+1
ROM:00057444 addi %r4, %r28, 0×61
ROM:00057448 li %r5, 0xA
ROM:00057450 cmpwi cr7, %r3, 0
ROM:00057454 b loc_574A8
ROM:00057458 loc_57458: # CODE XREF: sub_57214+1FCj
ROM:00057458 # sub_57214+21Cj …
ROM:00057458 lis %r31, -0x7FFF # 0x8001003E
ROM:0005745C ori %r31, %r31, 0x
here are the actual checks, it checks if a pointer is null, if it is, it errors, then they check the first char in the game’s title id buffer, if it’s 0 it erros and later a special memcmp is called which compares the title ids from the patch’s sfo with the one from the disc’s sfo.
Anyway I felt like it is better to explain the actual check for people’s educational purposes.
Someone actually pointed out that the check uses the same fs function than the one psjb patches (my mistake on that one) for some reason though, the sfos' title ids do not match which is what the patch I released earlier "fixes"
By the way, new game keys were added in the 3.42 appldr, if you get a 0x80010019 error that means the self/sprx can't decrypt.