(Sadly, they did not give me a spot at the Sony E3 conference, so I have to make do with this blog post.) I am excited to announce Rejuvenate, a native homebrew platform for PS Vita. The tools that will be released through the next couple of weeks will allow developers (not in contract with Sony) to develop and test games, apps, and more on the PS Vita. These unofficial software can run on any PS Vita handheld device without approval by Sony. These tools cannot enable pirated or backup games to run (I’m not just saying this… the exploits used does not have enough privilege to enable such tasks). Rejuvenate requires PlayStation Mobile Development Assistant to be installed on your Vita! Sony will remove this from PSN soon, so if you wish to ever run homebrew apps on your PS Vita, you must download this app now!
It’s been almost three years since I found the first native exploit for the PS Vita. Many people have asked me why I did not release my tools for public consumption. Other than laziness, the two main reasons were: 1) I believed that PSM was a great platform for indie developers and feared that releasing this would ensure PSM a death like OtherOS, and 2) there was no SDK for Vita homebrew so releasing the exploit would not benefit any users at all since they have no use for it. Now that Sony is killing PSM anyways and there is significant progress on the SDK, it seems that the time is right for a release.
Rejuvenate
Rejuvenate is composed of three main tools which together provides a platform for developers to write Vita homebrew.
-
UVLoader 1.0 allows executables to be loaded on the PS Vita. The original version was written three years ago for firmware version 1.80. Since then, Sony has taken the source code and made loading code much, much, harder. However, there is no barrier that cannot be bypassed! The latest version includes support for SCE ELF relocations, NID poison antidote, and more. It can run homebrews on Vitas up to firmware 3.51 (at time of writing)
-
VitaDefiler is a RPC (remote procedure call) system for Vita userland. Main features includes live peek/poke of userspace memory, execution of arbitrary ARM code, and a scripting interface for quickly running tasks. Originally developed for finding exploits, this tool can also be used by homebrew developers to test and debug their apps. VitaDefiler also serves as the ASLR (address-space-layout-randomization, a technique used by Sony to discourage exploitation) bypass for UVLoader.
-
PSM+ is what I call the method I found to bypass the two kill-switches Sony placed into PSM to prevent this very scenario. First, app-keys which are issued by Sony to developers to sign PSM content are required for the exploit to run. These keys usually expire every three months, and Sony can refuse to issue them later. This can be bypassed. Second, every day, PSM phones home to see if it is revoked. If Sony decides to kill the Dev Assistant (and they will), it will refuse to run even if you have it installed. This can also be bypassed.
These tools, along with the open SDK (currently in development) will allow for developers to write Vita homebrew. The demonstration video above shows UVLoader running as a VitaDefiler script (which supplies information for ASLR bypass). The spinning-cube demo was coded up by me, linked together by hand (as the open SDK is currently incomplete), and launched with UVLoader. It is running natively with direct access to the GPU API calls (not within the PSM sandbox).
Limitations
So what’s the catch? The good news is you don’t have to buy any obscure or expensive game (everything is free!). The bad news is that launching homebrews is not as simple as copying some files over. Hopefully, most of these limitations can be bypassed in a later release, but at this point, the following side effects will apply
-
USB connection is required each time you wish to launch a homebrew. The exploit requires a PC to run, so this is unfortunately a requirement. This also means that the VitaTV is not supported.
-
Windows PC is required. Blame Sony for never porting PSM tools to other operating systems.
-
Network is required once each day you decide to run homebrew. This is because PSM has to phone home every day. Although we have a means of bypassing the revoke, we currently cannot bypass the phone-home.
-
Firmware 3.00+ recommended. Although technically the exploit works on 1.69+, the latest version of the tools have only been tested (and will only support) 3.00+. If there is enough interest, I can port it to lower firmware versions, but it will be very low priority.
FAQ
I don’t want to bother with [insert limitation from above], should I still download PSM Developer Assistant?
Yes, if you ever want to run homebrew at some point. PSM DevAssistant is the only application on the PS Vita that has the required permissions to run arbitrary code in memory. WebKit exploits does not allow for this. Any game exploit does not allow for this. Any system application exploit does not allow for this. PSM DevAssistant is the only application allowed to execute code other than the kernel (operating system), which nobody is even close to hacking. In other words, expect at least a dozen more exploits of PSM DevAssistant (each of which may require less hassle to use) before someone finds a kernel exploit.
Can I run backups/ISOs/copied games for Vita? For PSP? For PSOne?
No.
Stop acting all high any mighty with your anti-piracy stance.
Inability to decrypt/dump/execute official software and games is not something I decided to include by choice (however, I am glad it’s there). The exploits that are used physically does not give permissions for this. Sony did a really good job with security in depth, no application has more privileges than necessary. PSM DevAssistant would never be used officially to decrypt, dump, or execute signed games so it cannot do so even when exploited.
What kind of homebrews will we see? Is it any better than PSP homebrew?
This depends on how many developers are willing to invest time in writing homebrew for the Vita. I’m as hopeful as you are. In terms of pure statistics, the PSP-3000 has 64MB of shared memory, 333MHz CPU, and 166MHz GPU. The Vita has 512MB of main memory and 128MB of dedicated video RAM. It has four cores of CPU running at around ~1GHz and four cores of GPU running at around ~200MHz. In addition, the Vita also has the entire PSP hardware inside its silicon.
The exploit used also allow for developers to use dynamic-recompilation features for speeding up emulators.
Can I install Android, custom themes, cheats, or plugins?
No, this exploit does not give kernel or bootloader level of access. It cannot access the filesystem (unsandboxed), modify system files, or access other process’ memory.
Schedule
-
Today, early beta access of Rejuvenate is being distributed to SDK developers (to complete and test the SDK) as well as hackers who will begin searching for more exploits (and hopefully bypass the current limitations)
-
By end of the month (or whenever Sony removes PSM DevAssistant from PSN), a public beta goes out. However, it is only recommended that homebrew developers use it as there would be no homebrew for users to try yet. Hopefully at this point, the open SDK would be complete and ready for developers to write apps.
-
When PSM is revoked, the directions for using PSM+ to bypass the revokes will be released.
EDIT: Public beta is now out.
In the meantime, we have two IRC channels for Vita discussions (sorry about the confusion, it’s a long story)! This is the preferred way to speak with me and other unofficial Vita developers. For discussion of UVLoader, VitaDefiler, and other exploit related things, join #vitadev on irc.efnet.net. For discussion on the open SDK, APIs, and homebrew development, join #vitasdk on chat.freenode.net.
Thanks to everyone who helped out with this, especially Davee, Proxima, and xyz. I hope that this is the start of something great. Every day, people clamor about the death of the Vita, but we will prove them wrong. We will give new life to the Vita.
Ok, so isn’t it time to port PSM Dev to other platforms (especially Android)? Well, I can’t do that, but you have reversed CMA protocol, haven’t you? ;)
Great job, Yifan Lu!
Currently being tethered to a PC is disappointing, but doesn’t take away how awesome this is! Would be amazing if someone found a way to remove that limitation though. Would it be possible to port the required features of the PSM windows client to other devices, say android if someone eventually reverse engineered the code? Or is it a lot more complex than CMA? (I believe this is what 173210 is asking too)
Yeah I can do it, but I would rather do a lot of other things first. Like adding breakpoints to vitadefiler for example (no promises)
Thanks for all your hard work!!
Thanks for all your hard work!
Congratulations, looking forward to the release.
Awesome! I always knew this day would come. Thanks for your hard work!! :)
will it be possible to run emulators?
Simply amazing. Can’t wait to tinker with homebrew once the SDK is released!
It’s a very good news for psv. I’m just wondering if the homebrew can support Emulator apps (like gba/sfc/psp emulator). You just mentioned the homebrew doesn’t have permission to run ISOs but you also mentioned that dynamic-recompilation can be used for Emulators so I’m really confused.
Wow, this is amazing. I can’t wait to finally see the Vita homebrew scene.
@psv holder Homebrew emulators will work, vita isos and piracy in the official psp and ps1 emulators does not work.
Technically someone should be able to create a homebrew psp or ps1 emulator, but with the official ones existing and working so well , and the amount of work that’d be required to code one would make it pretty pointless.
Good Job Yifan Lu :D I’m really exiting by the idea to develop a lot of homebrew on Vita :p
It would be great if we find way to install hombrews and dont need to connect psvita everytime to pc.
Great work !! Congratulations for you hard work :D
Thanks and congratulations for this great achievement, Yifan Lu!!
Nice work!
Great stuff, I’m looking forward to seeing more.
too sad im too late to download psm development assistant :(
Great Great work!!!
Cool McCool..
Awesome work! Thanks.
Kind of bummed that the PS TV isn’t supported for now, but here’s hoping that restriction goes away quickly.
As for homebrews, I’d love to see PPSSPP and Retroarch get ported. Aside from not being able to play the games bought from PSN, those two emulators blow Sony’s official ones out of the water in terms of functionality and flexibility.
Shame about the required USB connection, but at least its a trillion times better than requiring a 2nd vita/psp(and its not crappy ePSP!). And it doesnt bother me much as I tend to play my Vita infront of the PC while watching a movie or something :P
This is a huge step towards greater things nonetheless. Bring on the full speed SNES emus ! I wish I was good enough at coding to help out, but my skills are novice at best -.-
Awesome!
Nice… Any IRC client recommendation on win 8.1? It´s been ages since I used a Scripted mIRC client on win98…. kkkk
Kinda unrelated, but Yi, can you please share us the method to bypass whitelist on PS TV? also i would love to make homebrew for vita, but i only know C# programming, will i be of use?
Regards
Damn, you should have gotten a spot at E3! Thanks for all your work, Yifan Lu and all the developers of the Vita scene for not giving up on the Vita for all this time.
I have a question: Would it be possible to overcome the minimal firmware needed for Vita games? Like being able to play new games on old firmwares? Maybe the Vita has a whitelist for this too and it can be bypassed using the PS TV method? Just speculation, but back to the topic, congrats for reaching this far!
Congrats! Hope many developers will start some cool homebrews in the future! Also Thank You Yifan!
Absolutely brilliant. Maybe the Vita will make that comeback in the west after all c:
Beautiful work yifan, respect. I’m so thankful for everything you did for the vita! Keep going!
Awesome, please keep up the good work!
great work! I have been following this topic very closely since I first got my vita and now I am very excited to see if I can conjure up any good homebrew with the upcoming sdk! .. now I just have to learn to use irc..
GREATNESS AWAITS LOL $ONY =d
You’re the man
yifan excellent job congratulations !! my question is: I’m currently at 3.18 pending the progress of Webkit, and in turn have the PSMdev in the firmware 3.18. What should I do? worth upgrading to the latest firmware or remain at 3.18 with webkit and Rejuvenate ??
Yifan, where would homebrew developers download this?
That will be announced after sdk is done
Outstanding!!! Thanks a lot. Good stuff!!!
publishing licence is necessary ?
Awesome, so once i’ve completed witcher 2 (50%) and witcher 3 ill have some time to go ahead and start a POC GBC emulator in JS, once i’ve got that running the SDK & scene should have had enough progress and ill start a GB emulator. My only question is what else does this give the user from what current PSM apps can? Cant we just write PSM apps, use your tools to bypass the checks, and run those? What gives this the advantage over them?
Thanks
You posted this news too late Cannot register for PSM Dev account since May 31st… Or can I still get the PSM Dev app without a dev account somehow?
Wow, SWEET!! Fantastic job, Yifan!! High-fives, bro! Awesomeness. :-) Well done, man.
It’s a great start Yifan Lu keep up the hack work
I’ve posted the news at the start of May.
smootch, it was announced over a month ago, and there have been constant reminders. Its your own fault for not getting it in time.
Great! Well done. Cant wait for what comes next.
Awesome Yfan Lu, thanks for all the effort put into this amazing job! Cheers!!
How’s this any different than PSM Studio? Is it just a replacement for PSM Studio since it’s going to be removed?
i have a question…i have a vita on 3.36 and a game installed that wants an update.i clicked update and it’s downloading in the notification bar.i can pause or cancel…the question is..can i use charles proxy to make ps vita into downloading package installer instead the update? will it work?
“The spinning-cube demo was coded up by me, linked together by hand (as the open SDK is currently incomplete), and launched with UVLoader. It is running natively with direct access to the GPU API calls (not within the PSM sandbox).”
Did you even read?
sorry…i mean downloading psm dev asistant not “package installer”…however i tried what i said..psm dev asistant downloaded…installed succesfully…and the result is an error whenever i start the game…good thing i have a backup
My bad then :(
Thank you! Cant wait to start create/port homebrew’s.
will this be able to emulate gba games?
Wouldn’t it be cool if somebody took a raspberry pi, installed windows 10 on it, put it in a small box, connected a usb to micro usb, made it have a portable battery, and make it run whatever needs to be run whenever your vita is connected?
So basically, we won’t be able to play PS1, PSP, N64, Game Boy, Neo Geo, Mega Drive, what have you, even though it is a Vita hack? Only custom homebrew, like a tetris made by someone or something? If that’s the case, it’s not very useful :S
Someone will have to port an emulator to the Vita by adapting the source code and all that jazz.
when my friend will be released to us here mere companions
@Yifan Lu I already noticed this sentence ‘‘In addition, the Vita also has the entire PSP hardware inside its silicon.’’ the first time reading your post, but I didn’t pay too much attention to it then, But now I have two questions about this:
Does this mean that the ‘‘ePSP’’ is indeed not a PSP emulator, but rather a built-in PSP inside the Vita casing? I read some speculations about this on wololo’s forum quite a while ago, but a confirmation would be great. :)
Why did you mention the PSP hardware in the context of the Vita specs in the first place? (does this maybe mean that devs can somehow utilize the power of the PSP hardware as well for their homebrews, or did I completely misunderstand this part?)
Sorry, if these are stupid questions. I’m a complete noob, but I’m still interested in these things. :)
Quick question: does the version of PSM Dev Assistant matter? My vita has been off PSN for a year, still on firmware 3.01, but I downloaded PSM Dev Assistant v1.12 before I took the device online. Will this still work with Rejuvenate, or must I have the most recent Dev Assistant, v1.2?
u can no longer download psm dev assistant :(
Yeah the PSM Dev Assistant is gone, probably in reply to your homebrew tool. I hate Sony and this will be my last console by them. They want the Vita to just die and go away.
[…] 過去の2か月間にわたって、molecule(私と、Davee、Proxima、そしてxyzで構成される)は、あなたたちに利用の簡単なHomebrewソリューションをもたらすべく努力してきました。その結果がHENkaku(変革)、Vitaのための最初のHENです。1年前のRejuvenateのリリース以来、開発者たちは膨大な量のすばらしいエミュレータ、ゲーム、そしてアプリをVitaのために作成してきました。残念なことに、Rejuvenateはそのセットアップの難易度が高く、たくさんの煩わしい制限を抱え、古いファームウェアのみしかサポートしていません。結果として、私たちはRejuvenateを、Vitaのアプリケーションを書く非公式の方法を望む開発者たちのみに推奨しました。私が初めてRejuvenateと、新しいオープンツールチェインのための呼びかけを告知したとき、私はSDKがVitaのネイティブローダーとバイナリ互換でなければならないことを強調しました。私は仕様書を発行し、何人かの親切な開発者たちが計画を受理してvita-toolchainを書いてくれました。その時期に、私たちがローダーが書くのに際し、なぜ私がバイナリ互換に固執するのかについて否定的な反応がいくらかありました。ええ、その理由はこれです: 開発者たちは(ほとんど)彼らのコードに何の変更も加える必要がありません。もしあなたのhomebrewがRejuvenateで動作したのなら、それは最小限の作業をもってHENkakuで動かすことができるでしょう。私たちは開発者たちに、HENkaku互換のためにいま、彼らのコードを最新のtoolchainでビルドするよう要望します。 […]
[…] homebrew solution. The result is HENkaku (変革), the first HEN for the Vita. Since the release of Rejuvenate a year ago, developers have created tons of wonderful emulators, games, and apps for the Vita. […]
[…] Rejuvenate: Native homebrew for PSVita […]