Hacking Wii U support in Dolphin

CarlKenner

Member
OP
Newcomer
Joined
Jun 17, 2014
Messages
16
Trophies
0
Age
46
XP
97
Country
I started adding Wii U support to the Dolphin emulator.
Currently it can recognize your Wii U games (in addition to your GameCube and Wii games) in either WUD or ISO format, recognize what region it is, what size it is, get the game ID, and most importantly read the file system and extract files for all partitions except the game partition. Also it lets you open RPX files, although they don't load correctly.
It can only find the partitions and read the file system for games where the title key has been released. Don't ask me how to rip your games from your WiiU, because I don't know, but some people seem to manage it.

Currently this is only useful for hackers who want to examine the update partition (I heard some exploit authors wanted binaries), or collectors who want to show off their list of games, or people who are curious what's on those discs, or people who want to work on emulating the Wii U.
IT DOES NOT PLAY WII U GAMES YET.

The source code is here on github (requires Visual Studio 2013, or if you are on linux you may need to modify the build system to include the extra files in the DiscIO module):
https://github.com/CarlKenner/dolphin/tree/WiiU

There is a bug with at least 3 of the file names on SM3DW, where the names are not read correctly, which I believe is caused by the filenames being split across the cluster boundary. Which means there is probably also a bug which corrupts some of the contents of other files where that happens. So don't rely on files being 100% accurate. The files whose formats I can understand, like app.xml or update.inf.USA, seem to be working perfectly (which is an especially good sign because those files are actually garbled when you decrypt the entire disc image with OpenSSL, at least on SM3DW).

I hope this will provide a starting point for other people who want to work on adding Wii U support to Dolphin. I believe the next step should be to try to get RPX files to load and to be viewable in Dolphin's debugger (use the command line option -d I think). Then we can work on getting simple hello world rpx files to work with high level emulation of SDK functions.

EDIT: I should point out that this is not in the official dolphin builds, just in my unofficial branch that I posted above.

EDIT: Screenshot
 

Flame

Me > You
Global Moderator
Joined
Jul 15, 2008
Messages
7,429
Trophies
4
XP
20,023
Country
United Kingdom
I think this isn't work and the games doesn't run in fullspeed.

Oh really? and we expecting that it run full speed on a Gameboy flashcart.




anyway this is great and as all ways great work by the dolphin team.. hopefully we will swim in Wii U games in no time with Dolphin.
 

driverdis

I am Justice
Member
Joined
Sep 21, 2011
Messages
2,867
Trophies
2
Age
32
Location
1.048596β
XP
2,848
Country
United States
even if we can get Wii U games to start on dolphin, they will be unplayable for years to come, as the processor is roughly a 3 core Wii running at twice the clock speed. The problem is that currently, high end PCs struggle emulating some Wii games, yet alone any Wii U games.
 

Bladexdsl

fanboys triggered 9k+
Member
Joined
Nov 17, 2008
Messages
21,574
Trophies
2
Location
Queensland
XP
13,213
Country
Australia
Really? You don't say! There's nothing wrong with them allowing this for debugging, hacking, etc.
there's nothing stopping an exploit now. NOTHING!

even if we can get Wii U games to start on dolphin, they will be unplayable for years to come, as the processor is roughly a 3 core Wii running at twice the clock speed. The problem is that currently, high end PCs struggle emulating some Wii games, yet alone any Wii U games.
nah it's possible you just need an 8 core cpu, 128gb ram, and 2 gtx titan Z SLI together. EASY :creep:
 

lampdemon

Well-Known Member
Member
Joined
Oct 28, 2013
Messages
206
Trophies
0
Age
33
Location
Where the land sea lions live.
XP
955
Country
Canada
even if we can get Wii U games to start on dolphin, they will be unplayable for years to come, as the processor is roughly a 3 core Wii running at twice the clock speed. The problem is that currently, high end PCs struggle emulating some Wii games, yet alone any Wii U games.

High end PCs shouldn't have problems running Wii games these day, do the ones that struggle also lag when played on the Wii?

Unless you're talking about running them at max settings...
 

the_randomizer

The Temp's official fox whisperer
Member
Joined
Apr 29, 2011
Messages
31,284
Trophies
3
Age
39
Location
Dr. Wahwee's castle
XP
18,990
Country
United States
High end PCs shouldn't have problems running Wii games these day, do the ones that struggle also lag when played on the Wii?

Unless you're talking about running them at max settings...


Some games like Xenoblade and The Last Story still have issues with speed on most CPUs, unless you overclock :P But yeah, most Wii games should run very well.
 
  • Like
Reactions: Deleted User

CarlKenner

Member
OP
Newcomer
Joined
Jun 17, 2014
Messages
16
Trophies
0
Age
46
XP
97
Country
I hope you're being sarcastic otherwise you're extremely retarded. Did you even read the post?

English isn't his native language, so I'm sure he meant that it won't run at full speed if we ever get it running games at all.
And that's probably true, but I don't really care about that myself. For me it's more about the principle that we should be able to emulate things, and less about the practicality for end users. I know other people have different priorities though, and that's OK.
even if we can get Wii U games to start on dolphin, they will be unplayable for years to come, as the processor is roughly a 3 core Wii running at twice the clock speed. The problem is that currently, high end PCs struggle emulating some Wii games, yet alone any Wii U games.
The 3 cores aren't really a problem, since Dolphin currently leaves many of your CPU's cores doing nothing. The sensible thing to do would be to have each core running on its own core, so it wouldn't slow anything down significantly. Twice the clock speed is still an issue, but many games might not be using 100% of the CPU anyway, since many games don't look any more demanding than Wii games. I'm hoping Wii U games don't use as much low-level code, and we won't have to emulate half the hardware if we just emulate the OS calls that the game makes. But I don't really know. It could end up being super slow or running at playable speeds. We'll just have to try and see, and hopefully let people much more capable than me have a go at coding.

Anyway, it's way too early to think about running actual games... I'm taking little baby steps here. But now Dolphin knows there is such a thing as a Wii U game and can read some of its files. Later we might be able to get a hello world RPX file (like in the leaked SDK) to load and maybe even run, and output some debug prints to the Dolphin console. Exciting if you are a hacker, but not useful for anyone else.
 

Bug_Checker_

Well-Known Member
Member
Joined
Jun 10, 2006
Messages
950
Trophies
1
XP
674
Country
United States
I started adding Wii U support to the Dolphin emulator.
Currently it can recognize your Wii U games (in addition to your GameCube and Wii games) in either WUD or ISO format, recognize what region it is, what size it is, get the game ID, and most importantly read the file system and extract files for all partitions except the game partition. Also it lets you open RPX files, although they don't load correctly.
It can only find the partitions and read the file system for games where the title key has been released. Don't ask me how to rip your games from your WiiU, because I don't know, but some people seem to manage it.

Currently this is only useful for hackers who want to examine the update partition (I heard some exploit authors wanted binaries), or collectors who want to show off their list of games, or people who are curious what's on those discs, or people who want to work on emulating the Wii U.
IT DOES NOT PLAY WII U GAMES YET.

The source code is here on github (requires Visual Studio 2013, or if you are on linux you may need to modify the build system to include the extra files in the DiscIO module):
https://github.com/CarlKenner/dolphin/tree/WiiU

There is a bug with at least 3 of the file names on SM3DW, where the names are not read correctly, which I believe is caused by the filenames being split across the cluster boundary. Which means there is probably also a bug which corrupts some of the contents of other files where that happens. So don't rely on files being 100% accurate. The files whose formats I can understand, like app.xml or update.inf.USA, seem to be working perfectly (which is an especially good sign because those files are actually garbled when you decrypt the entire disc image with OpenSSL, at least on SM3DW).

I hope this will provide a starting point for other people who want to work on adding Wii U support to Dolphin. I believe the next step should be to try to get RPX files to load and to be viewable in Dolphin's debugger (use the command line option -d I think). Then we can work on getting simple hello world rpx files to work with high level emulation of SDK functions.

EDIT: I should point out that this is not in the official dolphin builds, just in my unofficial branch that I posted above.


Nice job so far.
The "bug" you speak of is that each and every encrypted cluster/sector size of 0x10000(65536 bytes in size according to blu ray specs) must be decrypted individually or the first 16 bytes of each cluster/sector WILL be incorrect. That is why you can't just run it through openssl.
If you are decrypting correctly,You will notice that empty decrypted cluster/sectors will be numbered "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 xx". Also since app.xml starts on a new cluster/sector if you just run it through openssl the 1st 16 bytes will be screwed up. Only makes sense that the FST will work the same way.(Well actually Nintendo can do it anyway they want and for consistance probably kept it similiar to the wii format.
Be careful and look out for unecrypted cluster/sector after update partition but right before encrypted FST of game partition (appears to be different between some games). Good luck.
 

CarlKenner

Member
OP
Newcomer
Joined
Jun 17, 2014
Messages
16
Trophies
0
Age
46
XP
97
Country
Well, that explains OpenSSL. However, as far as I was aware, I was decrypting each cluster individually (with an IV initialized to zero). But since that would explain my bug, and why it was affecting three filenames rather than one, it must be the problem.

Clusters appear to be 0x8000, not 0x10000, so I'm (trying to) decrypt each 0x8000 individually. Is that the problem? Should I be using 0x10000 blocks for decryption? FST blocks usually seem to start on a 0x8000 boundary after an unecrypted cluster, so I'm not sure how I could decrypt in 0x10000 blocks anyway.

I didn't look at empty decrypted sectors except in the bugged OpenSSL decrypted file.

Here's my code (and yes, I know the read current block part would be more efficient inside the next if):
Code:
bool CVolumeWiiUCrypted::Read(u64 _ReadOffset, u64 _Length, u8* _pBuffer) const
{
    if (m_pReader == nullptr)
    {
        return(false);
    }
 
    // The first cluster of a partition is unencrypted
    if (_ReadOffset < 0x8000)
        return RAWRead(_ReadOffset + m_VolumeOffset + dataOffset, _Length, _pBuffer);
 
    while (_Length > 0)
    {
 
        // math block offset
        u64 Block  = _ReadOffset / 0x8000;
        u64 Offset = _ReadOffset % 0x8000;
 
        // read current block
        if (!m_pReader->Read(m_VolumeOffset + dataOffset + Block * 0x8000, 0x8000, m_pBuffer))
        {
            return(false);
        }
 
        if (m_LastDecryptedBlockOffset != Block)
        {
            u8 IV[16] = { 0 };
            aes_crypt_cbc(m_AES_ctx, AES_DECRYPT, 0x8000, IV, m_pBuffer, m_LastDecryptedBlock);
 
            m_LastDecryptedBlockOffset = Block;
        }
 
        // copy the encrypted data
        u64 MaxSizeToCopy = 0x8000 - Offset;
        u64 CopySize = (_Length > MaxSizeToCopy) ? MaxSizeToCopy : _Length;
        memcpy(_pBuffer, &m_LastDecryptedBlock[Offset], (size_t)CopySize);
 
        // increase buffers
        _Length -= CopySize;
        _pBuffer    += CopySize;
        _ReadOffset += CopySize;
    }
 
    return(true);
}

Actually... those 3 filenames were correct in the OpenSSL decrypted file. It's just my code they were wrong in.
 

LawnMeower

Well-Known Member
Member
Joined
Apr 18, 2013
Messages
1,779
Trophies
2
Location
on the cool side of the pillow
Website
lawnmeower.de
XP
3,098
Country
Germany
Too bad it can't read the fst of the game partition, yet (I am really curious about if there are all these beta levels in the WW remake or even new test stages).
But nice job anyways :)
Are there any screenshots or is there a demonstration video of it?
(i dont have any Wii U game rip so i can'T try it out on myself)
 

uyjulian

Homebrewer
Member
Joined
Nov 26, 2012
Messages
2,568
Trophies
2
Location
United States
Website
sites.google.com
XP
4,054
Country
United States
Too bad it can't read the fst of the game partition, yet (I am really curious about if there are all these beta levels in the WW remake or even new test stages).
But nice job anyways :)
Are there any screenshots or is there a demonstration video of it?
(i dont have any Wii U game rip so i can'T try it out on myself)

you can't play games yet
 

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
  • No one is chatting at the moment.
    SylverReZ @ SylverReZ: https://www.youtube.com/watch?v=u3N-2lIE11k