Skip to content

PIODev Board Recovery Mode

Jump to bottom
Nicolas Noble edited this page Dec 31, 2019 · 1 revision

While currently untested, it is theoretically possible to boot the PlayStation using the FT2232H exclusively. This page will be populated with more information as more work is done towards building this.

If the A0 line of port A is disabled, and all of the 0x1f000000 address space redirected to it, then all reads will hit the FIFO. If the console is held in a reset state while the FIFO is filled with the relevant data, then the memcpy() call as described here at the beginning of the BIOS boot process will try and read the signature.

Knowing that the instructions are read in little endian, we can then inject code.

Since there wouldn't be any control available during that moment, the FT2232H will need to have its FIFO preloaded with the boot payload. There shouldn't be any need for too much code to be sent over before full FIFO control is restored and a reflashing payload can be sent over to port B.

Clone this wiki locally