Apparently we're on twitter too
The most requested feature ever for the HBL, is an iso loader: many “developers” promised the release of an iso loader for HBL, but nobody managed to code one so far. To understand what an iso loader is and why it won’t work on HBL, first, we have to know what a .iso file is.
What are isos?
The ISO 9660 is a filesystem standard for optical discs (CDs, DVDs, and even UMDs use it). It’s pretty simple to implement if you’re a developer, and it’s widely documented.
An .iso file is just a raw disc image, that you can burn on a disc, or mount with some software, that does nothing but implement the ISO 9660 filesystem.
If you have a CFW, and your CFW can run isos and has a vsh menu, you’ll notice an option in your vsh menu called “ISO Driver”: usually, a custom firmware has more than just one implementation of the filesystem (driver), each one can have its advantages and works differently (some implement caching, other implement .cso support, and so on).
The OFW itself has an ISO driver, as UMDs use that filesystem aswell: some CFW drivers just patch that driver to make it work with your .iso files.
Now you may be asking yourself “Can’t HBL do the same?”
Well, it can’t patch the OFW driver as it is a kernel module, it’s in kernel memory, and HBL runs in usermode: it can’t just write to kernel memory! It can’t implement a kernel mode driver (like the ones CFWs have) because that requires access to some kernel-only functions (such as sceIoAddDrv).
Yet, an .iso dumped from an UMD contains some resource files and…an EBOOT.BIN, what’s that?
Couldn’t HBL implement the iso specifications?
The EBOOT.bin inside your iso is just a usermode executable (ELF or PRX), so HBL could technically implement the 9660 filesystem, get that EBOOT.BIN and load it?
Not so fast! First of all, the executable is encrypted, and decryption requires kernel access. But this could be easily bypassed by decrypting the executable on a hacked PSP.
The main problem is that some games come with some kernel modules bundled with them (not sure why, backwards compatibility probably).
When the PSP system executes a game from an UMD, it looks for those modules, and allows the game to load them in order to override some OFW modules.
Doesn’t that make the system somewhat vulnerable? Probably, but since only certified software houses should be able to burn images onto UMDs, it’s not very risky.
The HBL just can’t load those modules, as loading kernel modules requires kernel permissions; mounting the ISO as a “legit” UMD would make the OFW do that for us, but that requires a kernel mode driver.
So, when HBL executes a game which requires some of those “extra” modules, the game will just not work, as it will most likely check if those modules were loaded or not.
Conclusion
I hope now you understand why we developers, find so annoying such requests. Also, let’s face it, most people who ask for an iso loader are pirates: I’m not saying people who really backup their own games to protect them don’t exist, but they’re just a small part of the “group”.
Again, I tried to keep this as simple as possible, if you didn’t understand something, let me know in the comments 
– Freddy
-
Theoretically, couldn’t we also hijack the LoadModule functions to load equivalent user-mode modules? Random example, if the game is trying to load an old mp3 module in kernel, couldn’t we hook all the logic for that? This would be a workaround for the impossibility to load those kernel modules?
-
Well, I’ve seen some games override modules such as ifhandle which should require kernel permissions. User modules could be theoretically loaded, but they are signed too.
-
-
not to mention that VHBL only has access to 24 MB RAM, which makes the implementation of this close to impossible
-
That is a critical problem too, games already use most resources.
-
-
What about signed eboots of psp games?
-
You don’t need an isoloader for those, as you said, they are signed, you can just buy them from PSN and run them.
-
he meant the Fake NP trick for signed games.
Well, the version 1.0 supports signing of them for 6.60.
But the problem is that we can’t copy eboots inside a psp emulator, and we can’t launch it without the vita itself helping us to do so (and from livearea). Although someone else might look into it, but I think it’s like this.-
Oh, I thought he meant digital copies of games
-
i remember that Davee used a digital PSN psp game in his “Vita PSP HEN” video. So i suppose it’s meant to be only kernel-possible, if the psp or vita itself doesn’t run it for us
-
also, all these “signed eboots” are in fact digital copies of games too. Just not of the paid ones, but of the demos. a demo header is used to make psp think it’s a valid game
-
-
-
in other words, making a “signed game” to run is equivalent to make Super Collapse 3 Eboot to run from within VHBL.
-
-
-
lets just keep the psvita like it is now loading hombrews
-
+ Emulators. Can’t leave out the classics. I still have a PSP 1000 from 2006 just for that.
-
-
shoot me down if this is a stupid question, but could it be possible to store a “virtual kernel” of some sort and get HBL to load that so we dont have to get access to the real one?
-
StepS on June 12, 2012 at 2:39 pm
not to mention that VHBL only has access to 24 MB RAM, which makes the implementation of this close to impossibleSo no free RAM-sorry
-
In essence, that is what VHBL already is. It overrides the functions that cannot be accessed with fake ones. Some of them work well, some of them don’t.
-
-
Wouldn’t it be possible to use the signed eboots(both for games and homebrews) on a Vita if a “custom” memory stick/memory stick reader is produced and does anyone knows what hardware securities are applied to them so that they are not yet available
-
Do you guys have a twitter I want to be updated on everything you guys release. I work 7 days a week and don’t wanna miss the next exploit when and if it comes out
-
I remember a very good and smart hack on psp when hackers took a demoversion (which was signed eboot) and replaced all game content from this eboot with another info
The left “package” so the psp could recognize and run it
it was like a trojan Eboot
-
So we need a kernel exploit to have full kernel/filesystem read/write and ram read/write access right? Sigh… hope wololo can find one! that would be great!
Good luck -
Remember that we’re only talking of the PSP here, this wouldn’t give us access to more than what the PSP emulator can do.
-
Could you rephrase that please?
-
The “Kernel exploit” we would have for now (for example, the one discussed here: http://wololo.net/2012/06/14/psx-on-the-vita-an-interview-with-the-mysterious-vita-hacker/ ) is a PSP Kernel exploit.
It means, once run in the Vita, that we have access to everything the PSP emulator lets us access, which is not much: we are still “inside” the PSP sandbox. So, we have access to the PSP emulated hardware and the PSP emulated ram. In particular, a PSP kernel exploit would not give us access to the full Vita Ram, or to the touch screen, for example.
A “vita Kernel exploit” is still a very blurry concept and I don’t think it makes sense to talk about such a thing for now.
-
Oh I think I understand now. we have a PSP kernel exploit that works in the vita, but we need a PSVita kernel exploit for the full access of all the hardware in the vita.
-
Yes.
-
-
-
-
-
I’m pretty sure a partial compatibility ISO Loader can be developed.
The EBOOT.BIN encryption is not a real problem, and some of the games with custom kernel modules might work just fine with the OFW modules.
Reply
Latest entries on our Smart TV dedicated sister site
- Tronsmart MK908: Quad Core Android HDMI sticks are here!
- Streaming Netflix on your Kindle Fire HD: watch Netflix on your Kindle from outside the US
- The mk802 IV: Rikomagic announces the 4th Generation of the mk802 series
- Netflix on PS3: Watch Netflix with your PS3 from outside the US
- Watch Netflix outside of the US: how to setup Unblock-US on your Android Smart TV
27 comments
Comments feed for this article
Trackback link: http://wololo.net/2012/06/12/iso-loaders-why-they-dont-work-on-hbl/trackback/