Console Hacking 2016
So you have an exploit. You have code execution. Great! But what do you do now? In the past, console homebrew usually focused on bringing up a development environment similar to the one used for commercial games. However, with the increasing complexity of console hardware, it's becoming impractical for a small team of hackers to create a full blown development SDK. Using leaked official SDKs is illegal. What can we do? Well, there's Linux. The PS4 is particularly great for Linux, because it is based on a modified x86 platform and a modified Radeon GPU. That means that once the basic OS port is complete, it can run existing games - even Steam games and other commercial software. But just how similar is the PS4 to a PC? Can you just throw GRUB on it and boot an Ubuntu kernel? Not quite. In this talk we'll cover the PS4 hardware and part of its software environment, and how we reverse engineered enough of it to write Linux drivers and kernel patches. We'll go over how we went from basic code execution to building a 'kexec' function that can boot into Linux from the PS4's FreeBSD-based kernel. We'll reverse engineer the PS4's special hardware, from special PCI interrupt management to the HDMI encoder. We'll dive deep into the Radeon-based GPU architecture, and we'll share some previously unreleased research and tools of interest to AMD Radeon driver developers and hackers. If you're interested in the strange world of x86 hardware that isn't quite a PC, then this talk is for you.