- Mar 10, 2018
- 6,512
- 28,157
Following his repo commit earlier this week indicating that he has been working on FPKG support for PS5, Sleirsgoevy continues to press forward and today issued a change in which he included a hooking method for decryptMultipleSelfBlocks in sceSblServiceMailbox.
What exactly is SBL on the PS4/PS5?
SBL and Secure Block refer to a component of PlayStation consoles that controls the Secure Kernel and Secure Module. To cut a long tale short, SceSbl* functions on the PS4 often refer to cryptography-related manipulation.
In this situation, it is fair to conclude that Sleirsgoevy has discovered a means to hijack a function responsible for decrypting SELF files. Although I won't pretend to understand half of what's going on in the code he uploaded, my understanding is that FPKG and FSELF files will not be encrypted, which means the kernel routines in charge of decrypting them must be either bypassed or altered in order to just transfer the information "as is." This is, I believe, what the decryptMultipleSelfBlocks hijack performs after establishing via a header check that the file being loaded is really a "fake" SELF file.
Source: https://github.com/sleirsgoevy/ps4jb-payloads/
