Recently PS4 Scene developer @zecoxao announced on Twitter that he's added PS5 Non-Volatile Storage (NVS) Documentation to the PS5DevWiki for the PS5 Scene alongside rumors from both notzecoxao and @oneman123 aka ZiL0G80 of 'something coming' for both the PS4 and PS5 respectively with "it's an exploit" proceeded by "full chain" in response to the initial Tweets.
Since last week's release of both a PS4 v9.00 Firmware and PS5 v4.03 Firmware WebKit Exploit with no details publicly disclosed thus far on @CTurt's $10K PlayStation Bug Bounty, only time will tell if there is any correlation... until then, from PlayStationDev.wiki: PS5 Non Volatile Storage
Short for NVS, holds some information about the console, including console unique identifiers, tokens, flags, and registry flags, as well as some semi-permanent ones.
Mapping of the detailed area (NVS service)
Permanently Enabling NVS Flags when Servicing PS4 or PS5 Unit
Non Volatile Storage Flags (such as IDU Mode or permanent UART) sometimes do not apply correctly.
The reason for this is because all of these flags are stored in the memory of the southbridge (which persists after reboots as long as battery is on)
So you must completely drain the power battery by removing the power cable and, if necessary, remove CMOS battery to completely drain.
Finally, if that doesn't work, recheck if you have written the flag correctly. Sometimes that may not happen. Credit to @flatz for this information.
Since last week's release of both a PS4 v9.00 Firmware and PS5 v4.03 Firmware WebKit Exploit with no details publicly disclosed thus far on @CTurt's $10K PlayStation Bug Bounty, only time will tell if there is any correlation... until then, from PlayStationDev.wiki: PS5 Non Volatile Storage
Short for NVS, holds some information about the console, including console unique identifiers, tokens, flags, and registry flags, as well as some semi-permanent ones.
Bank # | Block # | Start Offset in /dev/sflash0s0x34 | Start Offset in Sflash | Size | Notes |
0 | 0 | 0 | 0x1C4000 | 0x2000 | Size decrease since PS4, previous size was 0x3000, now it's 0x2000 |
0 | 1 | 0x2000 | 0x1C6000 | 0x1000 | |
0 | 2 | 0x3000 | 0x1C7000 | 0x800 | console data region |
0 | 3 | 0x3800 | 0x1C7800 | 0x800 | all ffs |
0 | 4 | 0x4000 | 0x1C8000 | 0x3000 | tokens and flags region |
1 | 0 | 0x7000 | 0x1CB000 | 0x3000 | tokens and flags region (backup) |
1 | 1 | 0xA000 | 0x1CE000 | 0x1000 |
Bank # | Block # | Start Offset | Start Offset in Sflash | Size | Notes |
0 | 2 | 0x210 | 0x1C7210 | 0x11 | hw_info (padded with 0xF FFs) |
0 | 2 | 0x230 | 0x1C7230 | 0x20 | hw_model |
0 | 2 | 0x250 | 0x1C7250 | 0x10 | board_id |
0 | 2 | 0x260 | 0x1C7260 | 0x10 | SOCUID ? |
0 | 2 | 0x5FC | 0x1C75FC | 4 | EAP Magic |
0 | 4 | 0x68 | 0x1C8068 | 4 | Current Firmware Version ??? (little endian) (upper half) |
0 | 4 | 0x1FC | 0x1C81FC | 4 | EAP Magic |
0 | 4 | 0xC10 | 0x1C8C10 | 8 | Factory Firmware Version ??? (little endian) |
0 | 4 | 0xC18 | 0x1C8C18 | 8 | Factory Firmware Version TimeStamp ??? (little endian) |
0 | 4 | 0xC20 | 0x1C8C20 | 8 | Minimum Firmware Version ??? (little endian) |
0 | 4 | 0xC28 | 0x1C8C28 | 8 | Minimum Firmware Version TimeStamp ??? (little endian) |
0 | 4 | 0xC30 | 0x1C8C30 | 8 | Current Firmware Version ??? (little endian) |
1 | 0 | 0x68 | 0x1CB068 | 4 | Current Firmware Version ??? (little endian) (upper half) |
1 | 0 | 0x1FC | 0x1CB1FC | 4 | EAP Magic |
1 | 0 | 0xC10 | 0x1CBC10 | 8 | Factory Firmware Version ??? (little endian) |
1 | 0 | 0xC18 | 0x1CBC18 | 8 | Factory Firmware Version TimeStamp ??? (little endian) |
1 | 0 | 0xC20 | 0x1CBC20 | 8 | Minimum Firmware Version ??? (little endian) |
1 | 0 | 0xC28 | 0x1CBC28 | 8 | Minimum Firmware Version TimeStamp ??? (little endian) |
1 | 0 | 0xC30 | 0x1CBC30 | 8 | Current Firmware Version ??? (little endian) |
Non Volatile Storage Flags (such as IDU Mode or permanent UART) sometimes do not apply correctly.
The reason for this is because all of these flags are stored in the memory of the southbridge (which persists after reboots as long as battery is on)
So you must completely drain the power battery by removing the power cable and, if necessary, remove CMOS battery to completely drain.
Finally, if that doesn't work, recheck if you have written the flag correctly. Sometimes that may not happen. Credit to @flatz for this information.