Roughly idea of how "fix patches" works with consoles

Discussion in 'Computer Programming, Emulation, and Game Modding' started by dreampeppers99, Mar 3, 2013.

  1. dreampeppers99
    OP

    Member dreampeppers99 GBAtemp Regular

    Joined:
    Jul 21, 2010
    Messages:
    121
    Country:
    Brazil
    In general we have a burned media with signed content (let's say Super Mario Wii U).
    And then the dev team figures out a severe bug.
    So they provide a patch as update.

    Let's say (very high level) this is the original game.

    [header]
    [signed binary content 0 -- 1000]
    [signed binary content 1001 -- 2000]
    ...
    [signed binary content x -- y]

    And then the patch needs to "replace" or "response" part of code in section 3.
    Now we have the situation where my original is loaded at memory and then "somehow" it applies the update patch.

    Do you know how "the patch" is applied?
    Do you think it's an OS (internal OS from consoles) thing?
     
  2. Rydian

    Member Rydian Resident Furvertâ„¢

    Joined:
    Feb 4, 2010
    Messages:
    27,883
    Location:
    Cave Entrance, Watching Cyan Write Letters
    Country:
    United States
    It either loads the replacement binary from somewhere else, or patches it (difference file, etc.) in RAM depending on which would be less resource-intensive (I guess initial boot speed is the main concern in this case).

    Game binaries themselves are often relatively small when they're segregated from the resources (that is, don't need to keep game data compressed internally), so you're generally talking about patching up to 50MB at the most. When it's reading the game it already has the binary segregated from the gigs of other info.
     
    dreampeppers99 likes this.
  3. FAST6191

    Reporter FAST6191 Techromancer

    pip
    Joined:
    Nov 21, 2005
    Messages:
    21,735
    Country:
    United Kingdom
    What Rydian said, if you are actually interested in a real world example then the 360 "title update" format and patching process is fairly well documented, as Rydian said it is a patch format that applies to main executable (a xex file in this case). The tool to do it and a nice search term would be "xextool title update", I would link one but 360 sites have odd policies on hosting XBLA and DLC and I would rather not have inadvertently linked a ROM site.

    However not all consoles do this well- the wii was abysmal requiring a crazy workaround at IOS level if you were going to do it in software hence there being very few patches for games other than actual new pressings of the disc with fixes. Going further back it was mainly new cart, new disc, the occasional save patch/edit if you took your game somewhere and if you had a game genie then that could fix a few things as well (theoretically action replays might have done something but it would be harder).
     
    dreampeppers99 likes this.
  4. Rydian

    Member Rydian Resident Furvertâ„¢

    Joined:
    Feb 4, 2010
    Messages:
    27,883
    Location:
    Cave Entrance, Watching Cyan Write Letters
    Country:
    United States
    I assume all ARs would have been used for back then would have been unsticking your save after hitting a bug (modifying your coordinates to get you out of a wall, your room ID to get you past an area, event flags if found, etc.)
     
  5. dreampeppers99
    OP

    Member dreampeppers99 GBAtemp Regular

    Joined:
    Jul 21, 2010
    Messages:
    121
    Country:
    Brazil
    Nice, thanks for the info.

    I guess maybe the game itself has instruction to see if there is an available patch, then it applies or this feature would be implemented inside the iOS.
    Anyway, both case it executes "code" thus this chunk of code must be signed too, I was wondering if there were any hacking based on fix patches. I guess not because if we tried to to change the "patch" it probably lost its authenticity.
     
  6. FAST6191

    Reporter FAST6191 Techromancer

    pip
    Joined:
    Nov 21, 2005
    Messages:
    21,735
    Country:
    United Kingdom
    As for "games checking", most likely not or at least not in the sense you are thinking about- most games are run in a fairly locked down mode compared to the menu (or the "root" access) so it would be the menu that checks what is running and applies the patches.

    As far as the 360 goes patches are usually signed and I can not think of any that have allowed for hacks (save for those cases where patches introduced a new bug/brought back an old one), I mean if you are going to go to the effort of making a proper patch engine (and given how much MS charge for such things-http://www.thetechgame.com/News/article/sid=3012.html you can bet they make the effort) it is a fairly obvious attack vector so it would be closed as a matter of course. Indeed the system itself might have necessitated a workaround to get patches working vs the "simple" method in the first place.
    On the wii patching via IOS is a really roundabout way of patching an actual error in a game.

    Depending upon how you view it certain hacks work in a related manner- the old gamecube broadband adapter hacks saw that the game took code in via the network and attacked from there, the DSi/3ds flash cart method uses the overlays (code designed to come and go a lot)

    That said if you are editing PC programs then looking at their internal update methods is often a good place to go looking at.
     
    dreampeppers99 likes this.
  7. dreampeppers99
    OP

    Member dreampeppers99 GBAtemp Regular

    Joined:
    Jul 21, 2010
    Messages:
    121
    Country:
    Brazil
    Man you're very wise and smart, thank you very much! Your thoughts helped me a lot to at least understand it roughly! Where do you got all that info?

    btw sorry for my non-sharp English.
     
  8. Scuba156

    Member Scuba156 GBAtemp Fan

    Joined:
    Jan 19, 2010
    Messages:
    340
    Country:
    Australia
    No 360 game saves allowed for any hacks afaik. Changing any bits in the file would break the signature, making it fail to run (the game would still run I believe, it would just ignore the update patch). It would have to be resigned which is impossible without the proper keys.

    While I'm sure you know this, I just wanted to expand on it :)

    Dreampeppers - the best way to learn is by lots of reading and getting your hands dirty. There's a bit of information on both wiibrew.org and free60.org on Wii hacking and 360 hacking respectably. There's a few books about hacking as well but I can't think of the names off the top of my head. Also learning your way around a hex editor is a good start :P
     
    dreampeppers99 likes this.
  9. dreampeppers99
    OP

    Member dreampeppers99 GBAtemp Regular

    Joined:
    Jul 21, 2010
    Messages:
    121
    Country:
    Brazil
    Thanks for the links, WiiBrew I already knew but Free 60 is new !
     

Share This Page