Kxploits questions

[Theredbaron]

With all the fuss around Kxploits, I thought I would ask a few questions, maybe learn a bit.

First up, here is what little I "think" I know.

Usermode exploits are game specific exploits that gives us access to anything that game would have access, so if it used a camera, we could have camera access, ect. Nothing more nothing less. That is what makes compatibility a problem.

Kxploits are exploits in the psp emu's kernel. These give us access to the whole, emulated, hardware. This means they are more compatible, but harder to find.

Now question time.

Kxploits are kernel mode, thus am I correct in assuming that they have nothing to do with any one game? You simply need any random usermode exploit to launch the kxploit? Ok, maybe not random, but you get my point So once a kxploit is released, it can be backported to earlier VHBL releases?

If that is the case, why are there CEF/ARK releases? I would thing it would be of much more use to the community to not release a kxpolit intill it is patched by sony. Case in point the ones fixed. If Uno was released as a VHBL release, then come 2.05 and the kxploits were fixed, you can release them for Uno. Why would they release a Kxploit that sony doesn't know about, instead of waiting till it is fixed. That way they are keeping a backlog of kxploits, as it were, and people can just update to a kxploit when it is fixed on a newer firmware.


Or, is it just because Sony is so slow normally, and kxploits are not found till they are released by homebrew devs?

[yifanlu]

With all the fuss around Kxploits, I thought I would ask a few questions, maybe learn a bit.

First up, here is what little I "think" I know.

Usermode exploits are game specific exploits that gives us access to anything that game would have access, so if it used a camera, we could have camera access, ect. Nothing more nothing less. That is what makes compatibility a problem.

Kxploits are exploits in the psp emu's kernel. These give us access to the whole, emulated, hardware. This means they are more compatible, but harder to find.

Now question time.

Kxploits are kernel mode, thus am I correct in assuming that they have nothing to do with any one game? You simply need any random usermode exploit to launch the kxploit? Ok, maybe not random, but you get my point So once a kxploit is released, it can be backported to earlier VHBL releases?

If that is the case, why are there CEF/ARK releases? I would thing it would be of much more use to the community to not release a kxpolit intill it is patched by sony. Case in point the ones fixed. If Uno was released as a VHBL release, then come 2.05 and the kxploits were fixed, you can release them for Uno. Why would they release a Kxploit that sony doesn't know about, instead of waiting till it is fixed. That way they are keeping a backlog of kxploits, as it were, and people can just update to a kxploit when it is fixed on a newer firmware.


Or, is it just because Sony is so slow normally, and kxploits are not found till they are released by homebrew devs?

I don't think Sony takes the time and money to sit and find kxploits. Only when they're released do Sony go in and fix them. For example, the latest ones with the kermit wlan drivers apparently didn't do kernel security checks so all the functions are vulnerable. If sony did security audits, they would have found it a while ago, but I guess it's more efficient for them to just patch it when outsiders take the time to find it.

[Acid_Snake]

well they do take extra measures with games created by the same company as a known exploited game, one example is seven wonders of the ancient world, having the same exploit (and being created by the same compaby) as super collapse 3, sony patched it without us knowing it was exploitable

[yifanlu]

Stupid question, how do they patch game exploits without patching the games? Is it done on the emulator side or on the Vita side? I'm guessing there's some code in some prx module that makes sure the savefiles are in a correct format, but what do they really do?

[Acid_Snake]

first few exploits (as well as exploits released for the psp when the vita didn't existed) where patched with a prx (there is a thread about it that explains it better). Newer exploits (ever since Monster Hunter) patch it on the vita side, probably cause sony thinks the pspemu is not secure, even though you need a new exploit if you want to unpatch an old exploit

[JVC]

even though you need a new exploit if you want to unpatch an old exploit

Very true,it will take time for a development on a more serious note,to stop the cat and mouse game everyone is annoyed with,but has to live with it.

[The Z]

Why would they release a Kxploit that sony doesn't know about, instead of waiting till it is fixed.
[...]
kxploits are not found till they are released by homebrew devs?

Blue answers red.

[Omega2058]

Stupid question, how do they patch game exploits without patching the games?

For the most part, this is done via savedata_utility.prx. Inside, you'll find a list of the gameID's which are patched.