<i>33C3 preroll music</i>

Herald: You have been
here on stage before.

You successfully tampered with the Wii,

You successfully tampered
with the PS3 and got

some legal challenges over there?

marcan: Some unfounded
legal challenges, yes.

Herald: And then you fucked,
and excuse my French over here

– by the way, that is number 8021 to get

the translation on your DECT phone.

So you fucked with the Wii U as well.

“Console Hacking 2016”,
here we go!

marcan: I’m a lazy guy, so I haven’t
turned on my computer yet for the slides.

So let me do that,
hopefully this will work.

My computer is a little bit special.
It runs a lot of Open Source software.

It runs FreeBSD.

<i>applause</i>

It even has things like OpenSSL
in there, and nginx.

And Cairo I think, and WebKit. It runs a
lot of interesting Open Source software.

But we all know that BSD is dying, so
we can make it run something a little bit

more interesting. And hopefully
give a presentation about it.

Let’s see if this works.

It’s a good start, black screen, you know.

It’s syncing to disk
and file system shutting down.

There we go!
<i>applause</i>

<i>continued applause</i>

And yes, I run Gentoo Linux.

<i>applause</i>

This is the “Does Wi-Fi work?” moment.
Hopefully.

NTP, yeah, no… “NTP failed”. Well,
that’s a bit annoying, but it still works.

Hello? Yeah, it takes a bit to boot.
It doesn’t run systemd, you know.

It’s sane, it’s a tiny bit slower,
but it’s sane.

There we go.
<i>applause</i>

This is the “Does my controller
work?” moment.

Bluetooth in Saal 1.
Okay, it does.

Alright, so let’s get started.

So this is “Console Hacking 2016 –
PS4: PC Master Race”.

I apologize for the horrible Nazi joke in
the subtitle, but it’s a Reddit thing.

“PC Master Race”, why? Well.
PS4, is it a PC? Is it not a PC?

But before we get started,
I would like to dedicate this talk

to my good friend Ben Byer
who we all know as “bushing”.

Unfortunately, he passed away
in February of this year and he was

a great hacker, he came to multiple
congresses, one of the nicest people

I’ve ever met. I’m sure that some of you
who have met him would agree with that.

If it weren’t for him, I wouldn’t be here.
So, thank you.

<i>applause</i>

Alright. So, the PS4.
Is it a PC? Is it not a PC?

Well, it’s a little bit different
from previous consoles.

It has x86, it’s an x86 CPU.
It runs FreeBSD, it runs WebKit.

It doesn’t have a hypervisor,
unfortunately.

Then again, the PS3 had a hypervisor
and it was useless, so there you go.

So this is different from the PS3,
but it’s not completely different.

It does have a security processor
that you can just ignore because

it doesn’t secure anything.
So that’s good.

So how to own a PS4? Well, you write
a WebKit exploit and you write

a FreeBSD exploit, duh. Right?
Everything runs WebKit,

and FreeBSD is not exactly the
most secure OS in the world,

especially not with Sony customizations.
So this is completely boring stuff.

Like, what’s the point of talking about
WebKit and FreeBSD exploits?

Instead, this talk is going to be about
something a little bit different.

First of all, after you run an exploit,
well, you know, step 3 “something”,

step 4 “PROFIT”. What is this about?
And not only that, though.

Before you write an exploit, you usually
want to have the code you’re trying

to exploit. And with WebKit and FreeBSD
you kinda do, but not the build they use,

and it’s customized. And it’s annoying to
write an exploit if you don’t have access

to the binary. So how do you get
the binary in the first place?

Well, you dump the code,
that’s an interesting step.

So let’s get started with step zero:
black-box code extraction, the fun way.

A long time ago
in a hackerspace far, far away

fail0verflow got together
after 31c3.

And we looked at the PS4 motherboard
and this is what we saw. So there’s

an Aeolia southbridge, that’s a codename,
by the way. Then there’s the Liverpool APU

which is the main processor.
It’s a GPU and a CPU

which is done by AMD, and
it has some RAM. And then

the southbridge connects to a bunch
of random crap like the USB ports,

a hard disk, which is USB. For some
inexplicable reason the internal disk

on the PS4 is USB. Like it’s SATA to USB,
and then to USB on the southbridge.

Even though it has SATA,
like, what? <i>laughs</i>

The Blu-ray drive is SATA. The Wi-Fi,
Bluetooth, SDIO and Ethernet is GMII.

Okay, how do we attack this?
Well, GDDR5…

What just…?
Oh. I have a screensaver, apparently!

That’s great.
<i>laughter</i>

I thought I killed that,
let me kill that screensaver real quick.

<i>applause</i>
Something had to fail, it always does.

I mean, of course I can
SSH into my PS4, right?

So there we go, okay.
Could have sworn I’d fix that. Anyway…

Which one of these interfaces
do you attack? Well, you know,

USB, SATA, SDIO, GMII – that’s
the raw ethernet interface, by the way –

all these are CPU-controlled. The CPU
issues commands and the devices reply.

The devices can’t really do anything. They
can’t write to memory or anything like that.

You can exploit USB if you
hide a bug in the USB driver,

but we’re back to the no-code issue.

DDR5, that would be great,
we could just write to our memory

and basically own the entire thing.
But it’s a very high-speed bus.

It’s definitely exploitable.
If you were making a secure system

don’t assume we can’t own DDR5,
because we will.

But it’s not the path of least resistance,
so we’re not gonna do that.

However, there’s a thing called
PCI Express in the middle there.

Hmm, that’s interesting!

PCIe is very fun for hacking –
even though it might seem intimidating –

because it’s bus mastering,
that means you can DMA to memory.

It’s complicated, and complicated things
are hard to implement properly.

It’s robust. People think that PCIe is this
voodoo-highspeed… No it’s not!

It’s high-speed, but you don’t need
matched traces to make it work.

It will run over wet string. You can hotwire
PCIe with pieces of wire and it will work.

At least at short distances anyway.
Believe me, it’s not as bad as you think.

It’s delay-tolerant, so you
can take your time to reply.

And the drivers are full of fail because
nobody writes a PCIe driver assuming

the device is evil even though of course
everybody should because devices can

and will be evil.
But nobody does that.

So, what can we do?
Well, we have a PCIe link,

let’s cut the lines and plug in the
southbridge to a PC motherboard

that we stick on the side. Now
the southbridge is a PCIe card for us.

And we connect the APU to an FPGA
board which then can pretend to be

a PCIe device. So we can man-in-the-middle
this PCIe bus and it’s now x1 width

instead of x4 because it’s easier that
way, but it will negotiate, that’s fine.

So how do we connect that
motherboard and the FPGA?

There’s of course many ways of doing this.
How many of you have done

any hardware hacking, even Arduino or
anything like that? Raise your hand!

I think that’s about a third to a half
or something like that, at least.

When you hack some hardware,
you meld some hardware,

after you blink an LED, what is the first
interface you use to talk to your hardware?

Serial port! So we run
PCIe over RS232 at 115 kBaud

which makes this PCIe…
<i>laughter and applause</i>

I said it was delay-tolerant!
So it makes this PCIe 0.00002x.

And eventually there was a
Gigabit ethernet port on the FPGA

so I upgraded to that, but I only got
around to doing it in one direction.

So now it’s PCIe 0.0002x in one direction
and 0.5x in the other direction

which has to make this one of the most
asymmetric buses in the world.

But it works, believe me.
This his hilarious.

We can run PCIe over serial out. Also, we
were ASCII encoding, so half the bandwidth.

It works fine. It’s fine.

So, PCIe 101.
It’s a reliable packet-switched network.

It uses a thing called
“Transaction Layer Packets”

which are basically just packets you send.
It can be… Memory Read, Memory Write,

IO Read, IO Write,
Configuration Read, Configuration Write.

There can be a message-signaled interrupt
which is a way of saying: “Hey,

listen to me!” by writing
to an address in memory.

Because we can write the thing,
so why not write for interrupts?

It has legacy interrupts
which are basically emulating the old

wire-low-for-interrupt-and-
high-for-no-interrupt thing,

you can tunnel that over PCIe.

And it has completions, which are
basically the replies. So if you read

a value from memory the completion
is what you get back with the value

you tried to read. So that’s PCIe,
we can just go wild with DMA.

We can just read all memory, dump
the kernel. Hey, it’s awesome, right?

Except there’s an IOMMU in the APU.

But... first, the IOMMU will protect 
the devices. It will only let you access

what memory is mapped to your device.
So the host has to allow you

to read and write to memory.
But just because there’s an IOMMU

doesn’t mean that Sony uses it properly.
Here’s some pseudo-code,

it has a buffer on the stack, it says:
“please read from flash to this buffer”

with the correct length. Can anyone
see the problem with this code?

Well, it maps the buffer and it
reads and it unmaps the buffer.

But IOMMUs don’t just map
byte “foo” to byte “bar”,

they map pages, and
pages are 64k on the PS4.

So Sony has just mapped 64k
of its stack to the device so

it can just DMA straight into the stack,
basically the whole stack, and take over.

Now we got code execution, FreeBSD
kernel dump, and WebKit and OS libs dump,

just from mapping the flash.

Okay, that’s step zero.
We have the code.

But that’s not the PS4 that we did this
on, it was a giant mess of wires.

Someone here knows about that,
you know, flying over on Facebook.

We don’t make a ‘nice’ exploit.
We’ve done that because, as I said,

WebKit, FreeBSD, whatever.
What comes after that?

We want to do something.
Of course we want to run Linux, duh!

How do you go from FreeBSD to Linux?
It’s not a trivial process.

But you use something
that we call “ps4-kexec”.

So how does this work? It’s simple,
right? You just want to run Linux?

Just ‘jmp’ to Linux, right?
Well… kind of.

You need to load Linux into contiguous
physical RAM, set up boot parameters,

shut down FreeBSD cleanly, halt secondary
CPUs, make new pagetables etc.

A lot of random things. I’m not going to
bore you with this crap because you

can read the code. But there’s a lot
of iteration in getting this to work.

Let’s assume that you do all this magical
cleanup and you get Linux into

a nice state and you can ‘jmp’ Linux.
Now we jmp Linux, right? It’s cool.

Yeah, you can technically jmp to Linux,
and it will technically run

…for a little bit. And it will stop.

And you will not get any serial or any
video or anything. What’s going on here?

Let’s talk about hardware.
What is x86?

x86 is a mediocre instruction set
architecture by Intel.

It’s okay, I guess.
It’s not great.

PS4 is definitely x86, it’s x86-64.

What is a PC? Aah!
PC is a horrible, horrible thing

built upon piles and piles of legacy crap
dating back to 1981.

The PS4 is definitely -not- a PC.

That’s practically Sony-level hardware fail,
so it could be, but it’s not.

So what’s going on? A legacy PC

basically has an 8259 Programmable
Interrupt Controller,

a 8253 Programmable Interval Timer,
a UART at I/O 3f8h,

which is the standard address
for a serial port.

It has a PS/2 keyboard controller, 8042.
It has an RTC, a real-time clock

with a CMOS, and everyone
knows the CMOS, right?

MC146818 is the chip number for that. An
ISA bus – even if you think you don’t have

an ISA bus your computer has an ISA bus
inside the southbridge somewhere.

And it has VGA.
The PS4 doesn’t have -any- of these things.

So what do we do?
Let’s look a little bit how a PC works

and how a PS4 works. This is a general
simple PC system. There’s an APU

or an Intel Core CPU with a southbridge,
Intel calls it PCH, AMD FCH.

There’s an interface that is basically
PCIe although Intel calls it DMI and AMD

calls it UMI. DDR3 RAM and a bunch
of peripherals and SATA, whatever.

The PS4 kind of looks like that, right?
So you think this can’t be that dif…

What’s so hard about this?
Because all the crap I mentioned earlier

is in the southbridge on a PC, right?
The PS4 has a southbridge, right?

Right? Right? Umm… so
the southbridge, the AMD standard FCH

implements Intel legacy from 1981.
The Marvell Aeolia

– Marvell is the maker of the PS4
southbridge – implements Intel legacy

from 2002. What does that mean?
Ah! That’s no southbridge,

that’s a Marvell Armada SoC!
So it’s not actually a southbridge,

it was never a southbridge.
It’s an ARM system-on-a-chip CPU

with everything. It’s a descendant
from Intel StrongARM or XScale.

It has a bunch of peripherals.
And what they did is, they stuck

a PCIe bridge on the side and said: “Hey
x86, you can now use all my ARM shit.”

So it exposes all of its ARM peripherals
to the x86. They added some stuff

they really needed for PCs
and it has its own RAM.

Why do they do this? Well, it also runs
FreeBSD on the ARM in standby mode.

And that’s how they do the whole
“download updates in the background,

get content, update, whatever”.
All that crap is because they have

a separate OS on a separate chip running
in standby mode. Okay, that’s great, but

it’s also batshit insane.
<i>laughter</i>

Quick recap: This is what a
PCIe bus number looks like,

sorry, a device number.
It has a bus number, which is 8 bits,

a device number, which is 5 bits,
and a function number, which is 3 bits.

You’ve probably seen this in lspci
if you ever done that.

This is what a regular southbridge
looks like. It has a USB controller,

a PCI, ISA bridge, SATA, whatever.
And it has a bunch of devices.

So one southbridge pretends
to be multiple devices.

Because you only have three bits
for a function number so you can only have

up to eight functions in one device.

Intel southbridge just says:
“I’m device 14, 16, 1a, 1…,

I’m just a bunch of devices,
and you can talk to all of them.”

If you lspci on a roughly unpatched
Linux kernel on the PS4

you get something like this.
So the Aeolia first of all

clones itself into every PCIe device
because they were too lazy to do

“if device equals my number then
reply, otherwise don’t reply”. No,

they just said: “Oh, just reply to every
single PCIe device that might query”.

Linux sees the southbridge 31 different
times, which is kind of annoying

because it gets really confused when it
sees 31 clones of the same southbridge.

And then it has eight functions:
ACPI, ethernet, SATA, SDMC, PCIe,…

Eight functions, so all three bits.

Turns out, eight functions
are not enough for everybody.

Function no. 4, “PCI Express Glue”, has a
bridge config, MSI interrupt controller,

ICC – we’ll talk about that later –,
HPET timers, Flash controller,

RTC, timers, 2 serial ports, I2C… All
this smashed into one single PCIe device.

Linux has a minimum system requirement
to run on anything.

You need a timer, you need interrupts,
and you need some kind of console.

The PS4 has no PIT, no PIC and no standard
serial so none of the standard PC stuff

is going to work here. The board has
test points for an 8250 standard serial

in a different place. So we run
DMESG over that, okay, fine.

Linux has earlycon which we can
point to a serial port and say:

“Please send all your DMESG here
very early because I really want to see

what’s going on”. Doesn’t need IRQs,
you set console=uart8250,

the type, the address, the speed.
And you’ll see it says 3200 instead of

115 kBaud. That’s because their clock
is different. So you set 3200 but

it really means 115k.
And that gets you DMESG.

That actually gets you “Linux booting,
uncompressing”, whatever.

That’s pretty good.

Okay, we need a timer.
Because otherwise everything explodes.

Linux supports the TSC, a built-in CPU
timer which is super nice and super fun.

And PS4 has that. But Linux tries to
calibrate it against the legacy timer

which on the PS4 doesn’t exist
so that’s fail.

So again, the PS4 -really- is not a PC.

What we need to do here is
defining a new subarchitecture

because Linux supports this concept.
Says: “this is not a PC, this is a PS4”.

The bootloader tells Linux:
“Hey! This is a PS4!”

And then Linux says: “Okay, I’m not gonna
do the old timestamp calibration,

I’m gonna do it for the PS4” which has
a special code that we wrote

that calibrates against the PS4 timer.
And it disables the legacy crap.

So now this is officially
not a PC anymore.

Now we can talk about ACPI.

You might know ACPI for all its
horribleness and all its evilness

and all its Microsoft-y-ness.
ACPI - most people associate it with

“Suspend” and “Suspend to Hibernate”.
It’s not just power,

it does other stuff, too.
So we need ACPI for PCI config,

for the IOMMU, for the CPU frequency.

The PS4 of course has broken ACPI tables
because, of course it would be.

So we fixed them in ps4-kexec.

Now interrupts. We have timers,
we have serial, we fixed some stuff.

The PS4 does message-signaled interrupts
which is, what I said, the non-legacy,

the nice new thing where you just write
a value, and what you do is you tell

the device when you want to interrupt
“please write this value to this address”.

The device does that, and the CPU
interrupt controller sees that write

and says: “Oh, this is an interrupt”
and then just fires off that interrupt

into the CPU. That’s great.
It’s super fast and very efficient.

And the value directly tells the CPU:
“That’s the interrupt vector you have

to go to”. Okay, that’s the standard MSI
way there. Your computer does MSI that way.

This is how the PS4 does MSI: The Aeolia
ignores the MSI config registers

in the standard location. Instead of
has its own MSI controller,

all stuff that’s in Function 4,
which is that “glue” device.

Each function gets a shared address in
memory to write to and the top 27 bits

of data. And every sub function, because
you can’t do a lot of things into one place,

only gets the different 5 bits.
And all MSIs originate from Function 4,

so this device has to fire an interrupt,
then it goes to here, and then

that device fires an interrupt. Like… what…
this is all… what the hell is going on?

Seriously, this is really fucked up. And
– the i’s are missing in the front there.

But yeah. So, driver hell. Now the devices
are interdependent. Then the IRQ vector

location is not sequential, so that’s not
gonna work. And you need to modify

all the drivers. This is really painful to
develop for. So what we ended up doing

is there is a core driver that implements
an interrupt controller for this thing.

And then we have to make sure that loads
first, before the device driver. So Linux

has a mechanism for that. And we had to
patch the drivers. Some drivers we patched,

so to use these interrupts. And others
we wrapped around to use these interrupts.

Unfortunately, because of the top bit
thing, everything has to share one interrupt

within a function. Thankfully, we can fix
that with a IOMMU because it can read

direct interrupt. So we can say:
“Oh, interrupt no. 0 goes to here,

1 goes to here, 2 goes to here…”.
That’s great 'cause it's consecutive, right?

0 1 2 3 4 5… it’s obviously gonna have
the same top bits. But we have to fix

the ACPI table for that because it’s
broken. But this does work. So this

gets us interrupts that function and
they’re individual. So let’s look at

the check list: we have interrupts, timers,
early serial, late serial with interrupts.

We can get some user space, we can stash
some user space and binaries into the kernel.

And it will boot and you can get a console,
but you get a console and you try

writing commands and sometimes it hangs.
Okay. What’s going on there?

So it turns out that FreeBSD masks
interrupts with an AMD proprietary

register set. We had to clean that up,
too. And that fixes serial,

and all the other interrupts.
This took ages to find. It’s like: “why…

interrupts on CPU serial
sometimes don’t…, yeah”.

I ended up dumping register sets,
and I saw this #FFFFF here, not #FFFFF,

what’s that? But tracking through this
stack to find this was really annoying.

Alright. So we have the basics. We have
like a core platform we can run Linux on,

even though it won’t do anything
interesting. Add drivers!

So we have USB xHCI which has three
controllers in one device. Again, because

“Let’s make it insane!”. We have SDHCI,
that’s SDIO for the Wi-Fi and the Bluetooth.

Needs a non-standard config, it needs
quirks. Ethernet needs more hacks.

It’s still partially broken, it only runs at
Gigabit speed. If you plug in a 100Mbit/s

switch it just doesn’t send any data.
Not sure why.

And then all of this worked fine in
Linux 4.4, and then just three days ago

I think I tried to rebase on 4.9, and so
we have the latest and the greatest.

And everything failed. And DMA didn’t
work. And all the drivers were just

throwing their hands up in the air,
“what’s going on here?”.

<i>exhales</i>
Aeolia strikes back. So.

That’s what… the Aeolia looks like,
normally. So you have… again,

it’s an ARM SoC, it’s really not a device.
It’s like its own little system. But

it maps, it’s low 2 GB of the address base
to memory on the PC. And then the PC

has a window into its registers that it
can use to control those devices.

So the PC can kind of play with the
devices, and the DMA is to the same address

and that works great. Because it’s mapped
in the same place. And then has its own RAM,

in its own address space. This works fine.
But now we had an IOMMU. Because

we needed it for the interrupts. And the
IOMMU inserts its own address space

in between and says: “Okay, you can map
anything to anything you want, that’s great.“

It’s a page table, you can say “this
address goes to that address.”

Linux 4.4 did this: it would find some
addresses at the bottom of the IOMMU

address space, say: “page 1 goes to this,
page 2 goes to that, page 3 goes to that”.

And say: “device, you can now write to these
pages”. And they go to this place in the x86.

That worked fine. It turns out Linux 4.9,
or somewhere between 4.4 and 4.9

it started doing this: it would map pages
from the top of the IOMMU address space

and that’s fine for the IOMMU but it’s
not in the window in the Aeolia, so

you say “ethernet DMA to address
FExxx”, and instead of DMA-ing

to the RAM on the PC it DMA-s to the RAM
on the Aeolia which is not gonna work.

Effectively the Aeolia implements 31 bit
DMA, not 32 bit DMA because only

the bottom half is usable. It’s like why…
this is all really fucked up, guys!

Seriously. And this is littered all over
the code in Linux, so they seeded

more patches, and it works, but, yeah.

Painful. Okay. Devices, laying out (?)
devices’ work.

Now for something completely different.
Who can tell me who this character is?

That’s Starsha from Space Battleship Yamato.
And apparently that’s the code name

for the PS4 graphics chip. Or at least that’s
one of the code names. Because

they don’t seem to be able to agree
on like what the code names are.

It’s got “Liverpool” in some places, and
“Starsha” in other places. Then “ThebeJ”

in other places. And we think Sony calls
it “Starsha” and AMD calls it “Liverpool”

but we’re not sure. We are calling it
“Liverpool” everywhere just to avoid

confusion. Okay.
What’s this GPU about?

Well, it’s an AMD Sea
Islands generation GPU,

which is spelled CI instead of SI because
“S” was taken. It’s similar to other chips

in the generation. So at least that’s
not a bat shit crazy new thing.

But it does have quirks and customizations
and oddities and things that don’t work.

What we did is we took Bonaire which is
another GPU that is already supported

by Linux in that generation, and just kind
of added a new chip and said, okay,

do all the Bonaire stuff, and then change
things. And hopefully adapt it to the PS4.

So hacking AMD drivers, okay, well,
they’re open-source but AMD does not

publish register docs. They publish 3D
shader and command queue documentations,

so we get all the user space 3D rendering
commands, that’s documented. But they

don’t publish all the kernel hardware
register documentation. That’s what

we really want for hacking on drivers. So
that’s annoying. And you’re thinking

“the code is the documentation”,
right? “Just read the Linux drivers”.

That’s great. Yeah, but they’re incomplete,
then they have magic numbers, and

it’s, you know, you don’t know if you need
to write a new register that’s not there,

and it really sucks to try to write a GPU
driver by reading other GPU drivers

with no docs. So what do we do? We’re
hackers, right? We google. Everytime

we need information, hopefully Google will
find it because Google knows everything.

And any tip that you could find in any
forum or code dumped somewhere is

great. One of the things we found is we
googled this little string, “R8XXGPU”.

And we get nine results. And the second
result is this place, it’s “Siliconkit”,

token, was that okay? It’s an XML file.
And if we look at that it looks like

it’s an XML file that contains a dump of
the Bonaire GPU register documentation.

But it’s like broken XML, and it’s
incomplete, it stops at one point.

But like: “what’s this doing here?”
And where did this come from, right?

So let’s dig a little deeper. Okay Google,
what do you know about this website?

Well, there’s some random things like
whatthehellno.txt and whatthehellyes.txt

and some Excel files. Those are
really Excel like XML cell sheets.

And then there’s a thing in the (?) there
called RAI.GRAMMAR.4.TXT.

I wonder what that is. And it looks like
it’s a grammar, being a notation description

for a syntax, of some kind of register
documentation file. This looks like

an AMD internal format but it’s on this
website. Okay. So we have these two URLs,

/pragmatic/bonaire.xml
and /RAI/rai.grammar4.txt.

Let’s try something. How about maybe
/pragmatic/bonaire.rai – nah, it’s a 404.

Okay, /pragmatic/RAI/bonaire.rai – aah!
Bingo!

<i>laughter and applause</i>

So this is a full – almost full Bonaire
register documentation with like

full register field descriptions, breakdowns,
all the addresses. It’s not 100% but

like of the vast majority. This seems to
be AMD-internal stuff. And I looked

this guy up, and apparently he worked
at AMD at some point. So…

But yeah… This is really, really helpful
because now you know what everything

means, and debug registers, and… yeah.
So I wrote a working parser for this format.

This was effectively writing an XML parser,
something like convert this thing to XML

but it was all broken. Oh – he was writing
it in PHP, by the way, so there you go …

So I wrote a working one in Python and
you can dump it and then you can see

what each register means, and it’ll tell
you all the options. You can take

a register dump and map it to the (?)(?)
documented. You can diff dumps,

you can generic defines, it’s very useful
for AMD GPUs. And this, grossly speaking

applies to a lot of AMD GPUs, like they
share a lot of registers. So this is useful

for anyone hacking on AMD GPU stuff. Over
4.000 registers are documented in the …

just in the main GPU address space alone.
That’s great. Okay. So we have some docs.

How do we get to a frame buffer? So if you…
Israel (?) is HDMI it’s easy, right? The GPU

has HDMI, and if you query the GPU
information you actually get that it has

an HDMI port and a DisplayPort port. Okay,
maybe it’s unconnected, that’s fine, right?

But if you actually ask the GPU it tells
you: “HDMI is not connected, DP is connected”.

Okay. Yeah, they have an external HDMI
encoder from DisplayPort to HDMI because

just putting a wire from A to B is too
difficult, because this is Sony, so:

“let’s put a chip that converts some
protocol A to protocol B…” <i>sighs</i>

Yeah, yeah.
<i>applause</i>

It’s a Panasonic DisplayPort to HDMI
bridge, not documented by the way.

We parsed config to work, that’s why it
doesn’t just work. Even though some bridges do.

And you’d think, okay, it’s hooked up to the
GPU I2C bus, because GPUs have in the past

used these bridges, and, not this one
particularly but other AMD cards have had

various chips that they stuck in front. And
the code has support for talking to them

through the GPU I2C interface, right?
That’s easy. Yay, you wish – it’s a Sony.

<i>sighs</i>
Enter ICC! So, remember the ICC thing

in the Aeolia – it’s an RPC protocol you
use to send commands to an MCU that is

somewhere else on the motherboard. It’s
a message box system, so you write some

message to a memory place, and then you
tell: “Hey, read this message!” and then

it writes some message back, and it tells
you “Hey, it’s the reply!”.

The Aeolia – not the otherGPU – uses it for things like

Power Button, the LEDs, turning the power
on and off, and also the HDMI encoder I2C.

So now we have the dependency from the
GPU driver to the Aeolia driver, two different

PCI devices and two different… <i>sighs</i>
Yeah. And okay, again, ICC, but it’s I2C,

you know, I2C is a simple protocol.
You read a register, you write a register,

that’s all you need. It super simple.
Right? Now let’s make a byte code

fucking scripting engine to which you I2C
commands and delays and bit masking

and everything. And why, Sony, why, like
why would you do this? Well, because

ICC is so slow? That if you actually tried
to do one read and one write at a time

it takes 2 seconds to bring up HDMI.
<i>exhales</i>

Yeah…

I don’t even know at this point…
<i>applause</i>

I have no idea.
<i>continued applause</i>

And by the way this thing has commands
where you can send scripts in a script

to be run when certain events happen. So
“Yo dawg, I heard you like scripts, I put

scripts in your scripts so you can I2C
while you I2C”. Like: “let’s just go

even deeper at this point”, right? Yeah.
<i>exhales</i>

Okay. We wrote some code for this,
you need more hacks, it needs all

DisplayPort lanes up, Linux tries to downscale,
doesn’t work. Memory bandwidth calculation

is broken. Mouse cursor size is from the
previous GPU generation for some reason,

I guess they forgot to update that. So
wait! All this crap – we get a frame buffer.

But X won’t start. Ah. Well, it turns out
that PS4 uses a unified memory architecture

so it has a single memory pool that is
shared between the x86 and the GPU.

And games just put a texture in memory
and say: “Hey, GPU, render this!” and

that works great. And this makes a lot of
sense, and their driver uses this to the

fullest extents. So there’s a VRAM,
you know, the legacy… GPUs had

a separate VRAM and all these integrated
chip sets can emulate VRAM using a chunk

of the system memory. And you can usually
configure that in the BIOS if you have

a PC that does this. And PS4 sets it to
16 MB which is actually the lowest possible

setting. And 16 Megs is not enough to have
more than one Full HD frame buffer. So,

obviously, that’s going to explode in
Linux pretty badly. So what we do is

we actually reconfigure the memory
controller in the system to give 1 GB

of RAM to the VRAM, and we did it on the
psd-kexec. So it’s basically doing like

BIOSy things. We were reconfiguring the
Northbridge at this point to make this work.

But it works. And with this we can get X
to start because it can allocate its frame buffer.

But okay, it’s 3D time, right? – Neeaah,
GPU acceleration doesn’t quite work yet.

So we got at least, you know, X but let’s
talk a bit about the Radeon GPU

for a second. So when you want to draw
something on the GPU you send it a command

and you do this by putting it into ‘ring’
which is really just a structure in memory,

that’s a (?)(?)(?)(?). And it wraps around.
So that way you can queue things to be done

in the GPU, and then it does it on its own
and you can go and do other things.

There’s a Graphics Ring for drawing,
a Compute Ring for GPGPU, and a DMA Ring

for copying things around. The commands
are processed by the GPU Command Processor

which is really a bunch of different CPUs
inside the GPU. They are called F32.

And they run a proprietary AMD microcode.
So this is a custom architecture.

Also the rings can call out to IBs which
are indirect buffers. So you can say

basically “Call this piece of memory, do
this stuff there, return back to the ring”.

And that’s actually how the user space
thing does things. So this says:

“Draw this stuff” and it tells the kernel:
“Hey, draw this stuff”. And the kernel

tells the GPU: “Jump to that stuff,
read it come back, keep doing stuff”.

This is basically how most GPUs work but
Radeon specifically works like, you know…

with this F32 stuff. Okay. The driver
complains: “Ring 0 test failed”.

Technically (?), you test them, so at least
you know it has nice diagnostic,

and how does the test work? It’s really
easy. It writes a register with a value,

and then it tells the GPU with a command
“Please write this other value

to the register”, runs it and the checks
to see if the register was actually written

with the new value. So the write doesn’t
happen. Thankfully, thanks to that RAI file

earlier we found some debug registers that
tell you exactly what’s going on inside

the GPU. And it shows the Command
Processor is stuck, waiting for data

in the ring, so it needs more data.
After a NOP command?! Yeah…

NOP is hard, let’s go stalling. So packet
headers in this GPU thing have a size

that is SIZE-2. Whoever thought that was
a good idea. So a 2 word packet

has a size of zero. Then AMD implemented
a 1 word packet with a size of -1.

And old firmware doesn’t support that and
thinks: “Oh it’s 3FFF so I’m just gonna wait

for a shitload of code in the buffer”,
right? It turns out that Hawaii,

which is another GPU in the same gen
has the same problem with old firmware.

So they use a different NOP packet, so
there was an exception in the driver

for this. And we had to add ours to that.
But again – getting to this point, many,

many, many hours of headbanging.

Okay. We fixed that. Now it says:
“Ring 3 test failed”.

That’s the SDMA ring. That’s for copying
things in memory and it works

in the same way. It puts a value in RAM.
It tells the SDMA engine: “hey, write

a different value”. And checks. This time
we see the write happens but it writes “0”

instead if the 0xDEADBEEF or whatever.
Okay. So I tried this.

I put two Write commands in the ring
saying: “Write to one place, write to

a different place”. And this time,
if I saw, what it did is it wrote “1”

to the first destination and “0” to the
second destination. I’m thinking:

“Okay, it’s supposed to write 0xDEADBEEF…”
which is what you see there, it’s…

0xDEADBEEF is that word
with the value. It writes “1”.

Well, there’s a “1” there that
wasn’t there before, it was a “0”,

because of this padding, right? So it
turns out they have it off by four,

in the SDMA command parser
and it reads from four words later

than it should.
<i>exhales</i>

Again, this took many hours of
headbanging. It was like:

“Randomly try two commands, oh, one, one?”
– “One”.

So it reads four words too late but only
in ring buffers. Indirect buffers work fine.

That’s good because those come from user
space. So we don’t have to mock with those.

We can work around this, because it’s
only used in two places in the kernel,

by using a Fill command instead of a Write
command. That works fine. Again,…

how do they even make these mistakes?!
Okay. But still the GPU doesn’t work.

The ring tests pass but if you tried
to draw you get a bunch of page faults.

And it turns out that what happens is that
on the PS4 you can’t write the page table

registers from actual commands in the GPU
itself. You can write to them from the CPU

directly. You can say just: “Write memory
– memory register write”, and then

I’ll write. But you can’t tell the GPU:
“Please write to the page table register this”.

So the page tables don’t work, the GPU
can’t see any memory, so everything is broken.

Linux uses this, FreeBSD doesn’t. It uses
direct writes. And we think this is maybe

a Firewall somewhere in the Liverpool,
some kind of security thing they added.

We can directly write from the CPU.
But it like breaks the regular…

like it’s not asynchronous anymore. So
this could break things. And it’s a really

hacky solution. I would really like to fix
this. And I’m thinking: “Maybe the firewall

is in the firmware, right?”. But it’s
proprietary and undocumented firmware.

So let’s look at that firmware. It’s
a thing, it needs microcode, a CP thing.

It’s undocumented. But we take the blobs
out of FreeBSD. And that’s great because

we have don’t have to ship them. Let’s
dig deeper into those blobs. So how do you

reverse-engineer an unknown CPU
architecture? That’s really easy,

run an instruction and see what it did.
And then just keep doing that. Thankfully,

we upload custom firmwares, so it’s
actually really easy to just have like

a two-instruction firmware that does
something, and then writes a register

to a memory location. And that’s actually
really easy to find. If you first like

write the memory instruction, it’s really
easy to find in the binary because you see

like GPU register offsets that stand out
a bit in one column. So long story short,

we wrote F32DIS which is a disassembler
for the proprietary AMD F32 microcode.

I shamelessly stole the instruction
syntax from ARM. So you may recognize

that if you’ve ever seen an ARM disassembly.
And this is not complete but it can

disassemble every single instruction
in all the firmware in Liverpool for PFP,

ME, CE, MEC and RLC which are five
different blocks in the GPU. As far

as I notice that’s never been done before,
all the firmware was like in a voodoo

black magic thing that’s been shipped.
Not even the non-AMD kernel developers

know anything about this. So…
<i>applause</i>

<i>ongoing applause</i>

And you can disassemble the desktop
GPU stuff, too. So this could be good for

debugging strange GPU shenanigans
in non-PS4 stuff.

Alright. Alas, it’s not in the firmware.
It seems to be blocked in hardware.

I found a debug register that actually
says: “there was an access violation

in the bus when you try to write this
thing”. And I tried a bunch of workarounds

and I even bought an AMD APU system,
desktop. Dumped all the registers,

diff’ed them against the one I had on Linux
and tried setting every single value

from the other GPU and hoping I find some
magic bits somewhere, but… no.

They probably have a setting for this,
somewhere, but it’s a sea of ones and zeros,

good luck finding it. It does work with
a CPU Write, workaround, though.

So, hey, at least we get 3D! And it’s
actually pretty stable, so if there’s

a race condition I’m not really seeing it.
So – checklist! What works,

what doesn’t work. We have interrupts,
and timers – the core thing you need

to run any OS – we have a serial port,
we can shutdown the system and reboot,

and you’ll think that’s funny but actually
that goes through ICC, so again,

at least some interesting code there.
I actually just implemented that about

four hours ago. Because pulling the plug
was getting old. The Power button works.

USB works. There’s a funny story with USB
as it used not to work. And we said:

“Fix it later, there seems to be special
code missing.” And then someone

pulled a repo from the USB-not-working
branch, and tested it, and said:

“It’s working!” It seems we fixed it by
accident, by changing something else.

The hard disk works which is via the USB.
Blu-ray works, I wrote a driver for that,

also four hours ago. – Three hours ago
now? Yeah, something like that.

And I spent 20 minutes looking for someone
in the Hackcenter that had a DVD I could

stick in to try. Apparently I’m from
he past if I ask for DVDs.

But it does work. So that’s good. Wi-Fi
and Bluetooth works.

Ethernet works, except only at GBit speeds.
Frame buffer works. HDMI works.

It’s currently hard-coded to 1080p so…
It does work. We can fix that

by improving the encoder implementation.
3D works with the ugly register write hack.

And SPDIF audio works. So that’s good.
HDMI audio doesn’t work. Mostly because

I only got audio grossly working, in
general, recently, and I haven’t had

a chance to program the encoder to support
the audio stuff yet. Because, again,

new more annoying hacks there. And the
real-time clock doesn’t work and everything.

That’s simple, the clock, that device is
simple. But ever since the PS2 the way

Sony has implemented real-time clocks
is that instead of reading and writing

the time on the clock, which is what you
would think is the normal thing to do,

they never write the time on the clock.
Instead, they store an offset from the clock

to the real time, in some kind of storage
location. And there’s a giant mess of…

…registry it’s called, in the PS4, and
I don’t even know where it’s stored.

It might be on the hard drive, it might be
encrypted. So basically, getting

the real-time clock to actually show the
right time involves a pile of nonsense

that I haven’t had the chance to look at
yet. But… we have NTP, right?

So it’s good enough. – Oh, and we have
Blinkenlights! Important! The Power LED

does some interesting things, if you’re
on Linux. So that’s good.

So – the code: you can get the ps4-kexec
code on our Github page. That has

the kexec and the hardware configuration,
and the bootloader Linux stuff.

You can get the ps4 Linux branch which is
the… our fork of the kernel,

rebased on 4.9 which is the latest (?)
version, I think.

You can get our Radeon patches which are
three, I think, really tiny patches for

user space libraries just to support this
new chip. Really simple stuff, the NOP

thing, and a couple of commands. And the
RAI and F32DIS thing I mentioned.

You can get Radeon tools at that Github
repo. Just push that right before the stock.

So if you’re interested – there you go.
And if you going at the RAI file, well,

we wanna put you on a run before the guys
at that website realize they really should

take that down! But I’m sure the internet
wayback machine has it somewhere.

Okay! That’s everything for the story of
how we got Linux running on the PS4.

And you can reach us at that website
or fail0verflow on Twitter.

<i>applause</i>
Thank you!

<i>ongoing applause</i>

I hope that wasn’t too fast, sorry, I had
to rush through my 89 slides a little bit

because I really wanted to do a demo.
I think this kind of is the demo, right.

But we can try something else.
So maybe I can shut this –

so I can aim with my controller.

This is really not meant as a mouse!
That’s not Right Button.

Come on! Yeah, I think it is…

Close? Close! Maybe…

So we have this little icon here.
I wonder what happens if it works.

Do we have internet access? Hopefully
Wi-Fi works, let’s then just check real quick.

<i>keyboard typing sounds</i>

This could bork really badly if we don’t.

<i>keyboard typing sounds</i>

<i>mumbles</i> ping 8.8.8.8

Yeah, we have internet access.
So, Wi-Fi works!

Okay. I wonder what happens
if we click that!

It takes a while to load.
This is not optimized for…

<i>laughter and applause</i>
<i>marcan laughs</i>

So the CPUs on this thing are
a little bit slow. But…

<i>sounds of the machine</i>
Hey, it works!

And now it’s a real game console!

<i>laughter and applause</i>

And this is… there we go, okay.

So I think we can probably take some Q&amp;A
because this is a little bit slow to load.

But we can try a game, maybe.

Herald: If you are for Q&amp;A I think
there will be some questions.

So shall we start with one
from the internet.

Signal Angel: Hey! The internet wants to
know if most of your research will be

published, or if stuff’s
going to stay private.

marcan: All of this… the publishing is
basically the code which… and you know

the explanation I just gave… I said that
everything’s on Github. So all the drivers

we wrote, all the… I mean… and in this
case also the spec is the code.

If you really want to I could write some
Wiki pages on this. But roughly speaking,

what’s in the drivers is what we found
out. The really interesting bit,

I think, is that F32 stuff from the AMD
GPU stuff. And that we have a repo for.

But if you have any general questions, or
name a particular device, or any details,

feel free to ask. I don’t know… again, it
would be nice if we wrote a bunch

of docs and everything. But it’s not really
a matter of not wanting to write them,

it’s lazy engineers not wanting to write
documentation. But the code is at least…

the things we have on Github are fairly
clean. So.

Herald: Okay, so, someone is piling up
on 4. Guys, if you have questions

you see the microphones over here.
Just pile up over there

and I’m gonna point… 4 please!

Question: Just a small question.
How likely is it that you upstream

some of that stuff. Because… I mean…

marcan: So there’s two sides to that.
One side is that we need to actually

get together and upstream it. The code…
some of it has horrible hacks, some of it

isn’t too bad. So we want to upstream it.

We have to sit down and actually do it.
I think most of the custom x86 based

machine stuff and the kernel is doable.
The drivers are probably doable.

Some people might scream at the interrupt
hacks. But it’s probably not terrible.

And if they have a better way of doing it
I’m all ears, there are other kernel devs.

The Radeon stuff is quite fishy because of
the encoder thing that is like (?) non-standard.

And also understandably
AMD GPU driver developers

that work for AMD may want to have nothing
to do with this. And in fact I know

for a fact that at least
one of them doesn’t. But

they can’t really stop us from upstreaming
things into the Linux kernel, right?

So I think as long as we get to come
to a state where it’s doable it’s fine.

But most likely I think…
<i>laughter</i>

…I think most likely the non-GPU stuff
will go in first if we have a chance

to do that. And of course, if you wanna
try upstreaming it go ahead!

It’s open source, right? So.

Herald: Over to microphone 1, please.

Question: Hi. First I think I should
employ you to try and find trouble Hudson. (?)

And control him into using your FreeBSD
kexec implementation in heads.

Instead of having to run all of Linux in it,
as a joke. But my real question is:

if the reason you used Gentoo was
because systemd was yet another hurdle

in getting this to run?

<i>laughter</i>
<i>marcan laughs</i>

marcan: I run Gentoo on my main machine,
I run Gentoo on most of the machines

I care about. I do run Arch on a few of
the others and then I’d live with systemd.

But the reason why I run Gentoo is, first
it’s what I like and use. And second it’s

super easy to use patches on Gentoo.
You get those things we put onto Github,

which are just patch files, it’s not really
a repo. Because they’re so easy

it’s not worth cloning everything. Just
get those patch files, stick them on

/etc/portage/patches/, have a little hook to patch,
and that’s all you need. So it’s really

easy to patch packages in Gentoo,
that’s one of the main reasons.

<i>laughs about something in audience</i>

Herald: No. 3 please!

Question: Will there be new exploits,
new way to boot Linux

on PS3 with modern firmwares
because finding one

with firmware 1.76 is really rare.

marcan: That was 4.05!

Question: Ah, okay.
marcan: But again, our goal is to focus

on… I just told you the story of the
pre-exploit thing because I think

that’s good like a hacker story, a good
knowledge suite trying new platforms.

And the Linux thing we’re working on.
The reason why we don’t want to publish

the exploit or really get involved in the
whole exploit scene is that there is

a lot of drama, it’s not rocket science
in that it’s like super custom code,

this is WebKit and FreeBSD. It’s actually not
that hard. And we know for a fact

that several people have reproduced this
on various firmwares. So there’s no need

for us to be the exploit provider. And
we don’t want to get into that because

it’s a giant drama fest as we all know,
anyway. Please DIY it this time!

Question: Okay. Thanks.

Herald: And what is the internet saying?

Signal Angel: The internet wants to know
if you ever had fun with the BSD

on the second processor.

marcan: Oh, that’s a very good question.
I myself haven’t. I don’t know if anyone

else has looked at it briefly. One of the
commands for rebooting will boot

that CPU into FreeBSD. And there’s
probably fun to be had there.

But we haven’t really looked into it.

Herald: And over to 5, please.

Question: I was wondering if any of that
stuff was applicable to the PS4 VR edition

or whatever it’s called, the new one?
Did you ever test it?

marcan: Sorry, say it again!

Question: Sony brought up a new PS4
I thought.

marcan: Oh, the Pro you mean,
the PS4 Pro?

Question: Yes.
marcan: So Linux boots on the Pro,

we got that far. GPU is broken. So we
would like to get this ported to the Pro

and also working. It’s basically an
incremental update, so it’s not that hard,

but the GPU needs a new definition,
new jBullet(?) stuff.

Yeah, you get a lot of C frames
down-burned (?), yeah…

So, as you can see, 3D works,
and, there you go!

<i>synth speech from game</i>
<i>applause</i>

I only have to look up and down in this game!

<i>continued synth speech from game</i>

Herald: Well, then number 3, please.

Question: I want to ask you if you want to
port these Radeon patches to the new

amdgpu driver because AMD now supports
the Southern Island GPUs?

marcan: Yes, that’s a very good question.
Actually, the first attempt we made

at writing this driver was with amdgpu.
And at the time it wasn’t working at all.

And there was a big concern about its
freshness at the time and it was

experimentally supporting this GPU
generation. I’m told it should work.

So I would like to port this… move to
amdgpu and we have a working

implementation, and we got to clean up
code much better, we know where all

the nits are, I want to try again with
amdgpu and see if that works.

That’s a very good question because the
newer gen might require the driver maybe, so …

Question: Thank you.
Herald: Well then I’m gonna guess we ask

the internet again.

Signal Angel: Okay, the internet states
that about a year ago you argued

with someone on twitter that the PS4 wasn’t
a PC and now you’re saying that kind of

is something. And what’s about that?

marcan: So again, the reason of saying
it’s not a PC is that it’s not an IBM

Personal Computer compatible device.
It’s an x86 device that happens to

be structured roughly like a current PC
but if you look at the details

so many things are completely different.
It really isn’t a PC. Like on Linux I had

to define “sub arch PS4”. It’s an x86
but it’s not a PC. And that’s actually

a very important distinction because
there’s a lot of things you have

never heard of that are x86 but not PC.
It’s like e.g. there’s a high chance

your monitor at home has
an 8186 CPU in it. So, yeah.

Herald: So nobody’s piling at the
microphones any more.

Is there one last question
from the internet?

Signal Angel: Yes, there is.

The question is…

…if there was any
decryption needed.

marcan: No. So this is purely… you
exploit WebKit, you get user mode,

you exploit the kernel, you got kernel
mode. You jump Linux…

there’s no security like… there’s nothing
like stopping you from doing

all that stuff. There’s a sand box in
FreeBSD but obviously you exploit

around the sand box. There’s nothing…
there’s no hypervisor, there’s no monitoring,

there’s nothing like saying: “Oh this code
should not be running.” There’s no

like integrity checking. They have a security
architecture but as it’s tradition for Sony

you can just walk around it.
<i>laughter</i>

<i>applause</i>

The PS3 was notable for the fact that
the PS Jailbreak which is a USB…

it’s effectively a piracy device
that was released by someone

that basically used a USB exploit
in the kernel and only a USB exploit

in the kernel to effectively enable piracy.
So when you have like a stack of security

and you break one thing and you get
piracy that’s a fail! This is basically

the same idea. Except I have no idea what
you do to do piracy and I don’t care.

But Sony doesn’t really know how to
architecture secure systems.

That’s it.

Herald: That’s it, here we go,
that’s your applause!

<i>applause</i>

<i>postroll music</i>

<i>subtitles created by c3subtitles.de
in the year 2017. Join, and help us!</i>