How to use ES_DiVerify(ES_Identify)?

In older IOS you could provide valid ticket/tmd/cert to identify in system as specific title.
In new IOS (for example 53,55,58) ES_Identify gives error -1017.

So, is there a way to identify in system as title besides loading it as channel?

I know i can patch IOS, but i want to do this without patching.

Is there a way to identify in system by providing valid ticket/tmd?

I'm pretty sure Ninty prevented this, hence there ARE patches for it. If your app will use HW_AHBPROT flags, you could patch the IOS on-the-fly wiht ES_Identify (see dop-Mii source for that)

Thanks for reply. I know how to patch - it's not a problem.
Problem comes when i want to launch channel with its correct IOS, but cannot use standard ES_LaunchTitle because i want to pre-patch binary before start (Ocarina cheat engine).

The funny thing is that you can use ES_DiVerify indirectly when you open partition of DVD game, but there is no similar way to execute ES_DiVerify directly or indirectly for installed Channels.
That's why i decided to ask this question here... It looks stupid when you easily can invoke identification as DVD title, but can not with Channel. Well, some exceptions could be applied for SystemMenu or other system titles, but for all channels it looks strange and funny.



Edited 2 time(s). Last edit at 09/16/2010 09:03PM by sorg.

I don't know what you want to achieve, but is all that's necessary not just to be able to call ES_Identify before you load the channel? or is there more to it than that?

Without ES_Identify channel won't be identified with its correct TitleID and thus won't work because won't be able to access its data and content folders.

The main idea is:
1) uning AHBPROT access channel's content
2) load its executable
3) load correct IOS (AHBPROT will be lost at this stage!)
4) patch executable
5) execute ES_Identify with channel's TitleID
6) start channel's executable

All these steps are just to execute step 4. Otherwise all these steps can be replaced by single ES_LaunchTitle.



Edited 1 time(s). Last edit at 09/16/2010 09:36PM by sorg.

Well, you can use the runtime IOS patching stuff from dop-Mii to allow ES_Identify on the current IOS without it being actually patched. Is that not good enough?

that's what i'm using on steps 1 and 2.
On step 3 you will loose ahbprot and ability to patch IOS in memory.

You're trying to make the system run channels in a way that it wasn't designed to. If you really want to do it that way you're going to have to learn how to reload IOS without losing AHBPROT.

tueidj,
good answer. It's a really masterpiece to answer without answering ;)

I pretty much told you exactly what to do. Not my fault if you're not up to the task, sorry if you expect me to spoonfeed you patch code like everyone else.

I'm pretty sure dop-Mii reloads IOS without losing AHBPROT, go read its source.

tueidj is right, unless you learn how to do an IOS Reload without loosing the direct hardware access, you won't get a clean solution for your problem.

But if you can learn anything from "warez loaders", then it's the fact that >90% of games run fine with any IOS. So you can temporary stay on IOS58 and just fix 002 error in memory. If you execute some kind of apploader that writes into memory which IOS the game wants, then add this to your code, after the apploader stuff(it's beed a long time, i don't think this happens for channels, but for disc games):

*(u32 *)0x80003188 = *(u32 *)0x80003140;

or use this:

*(u16 *)0x80003140 = requested_ios;
*(u16 *)0x80003142 = 0xffff;
*(u16 *)0x80003188 = requested_ios;
*(u16 *)0x8000318A = 0xffff;

I know it's not nice, but it will work until you fixed your IOS Reload. And writing to 0x80003188 might be required anyways to get rid of 002 errors as the game expects the apploader to do it.

Do you know about my project that can't be talked about here, but could be a useful source for some code? Namely decompression code for compressed lz77 files.

SifJar,
i will check but it's highly unlikely it uses IOS realod. It simply unneeded for its tastk.

WiiPower,
thanks for the info. Unfortunately, i know 002 trick and how to trick games to use only one IOS for all. So, i'm using it already.
Seams there is no known way to reload IOS for Channels.

There is one crazy method coming to my mind: setup small hidden channel-helper with AHBPROT. Everytime you want to reload IOS, just change IOS in its TMD and load it just like DVDx :)



Edited 1 time(s). Last edit at 09/18/2010 07:23AM by sorg.

hmm.. not so crazy :)

it works well!

I think even waninkoko would be ashamed of that.

I know you are very smart tueidj, but there is no help from you at all.
You don't need to spend time for such useless comments.

P.S.: already discovered how to reload IOS without loosing AHBPROT. N again did it by wrong way :)



Edited 1 time(s). Last edit at 09/18/2010 11:30AM by sorg.

Quote
tueidj
I think even waninkoko would be ashamed of that.

Doesn't seem much different to what DVDx was for a long time.

And sorg: I am almost certain dop-Mii DOES reload IOS, because Arikado said so in this thread : [forum.wiibrew.org]

Quote
SifJar
I'm pretty sure dop-Mii reloads IOS without losing AHBPROT, go read its source.

Nope. It doesn't.

Quote
Tantric

Quote
SifJar
I'm pretty sure dop-Mii reloads IOS without losing AHBPROT, go read its source.

Nope. It doesn't.

So was Arikado wrong? (see the post I linked above)

Quote
SifJar
So was Arikado wrong? (see the post I linked above)

His post was about how to disable automatic IOS loading on application startup. Old (seams very very old) libogc loads IOS36 at startup which disables AHBPROT.