forked from CTCaer/hekate
Make tsec checks faster and cover unluckiest cases
+ changes for readability
This commit is contained in:
parent
30d3c76655
commit
5ed875ce90
@ -184,8 +184,12 @@ int keygen(u8 *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt)
|
|||||||
memset(tmp, 0x00, 0x20);
|
memset(tmp, 0x00, 0x20);
|
||||||
retries++;
|
retries++;
|
||||||
|
|
||||||
if (retries > 3)
|
// We rely on racing conditions, make sure we cover even the unluckiest cases.
|
||||||
|
if (retries > 15)
|
||||||
|
{
|
||||||
|
gfx_printf(&gfx_con, "%k\nFailed to get TSEC keys. Please try again.%k\n\n", 0xFFFF0000, 0xFFCCCCCC);
|
||||||
return 0;
|
return 0;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (kb >= KB_FIRMWARE_VERSION_620)
|
if (kb >= KB_FIRMWARE_VERSION_620)
|
||||||
|
@ -32,6 +32,8 @@
|
|||||||
#define KB_FIRMWARE_VERSION_620 6
|
#define KB_FIRMWARE_VERSION_620 6
|
||||||
#define KB_FIRMWARE_VERSION_MAX KB_FIRMWARE_VERSION_620
|
#define KB_FIRMWARE_VERSION_MAX KB_FIRMWARE_VERSION_620
|
||||||
|
|
||||||
|
#define HOS_PKG11_MAGIC 0x31314B50
|
||||||
|
|
||||||
typedef struct _launch_ctxt_t
|
typedef struct _launch_ctxt_t
|
||||||
{
|
{
|
||||||
void *keyblob;
|
void *keyblob;
|
||||||
|
@ -64,6 +64,7 @@ int tsec_query(u8 *tsec_keys, u8 kb, tsec_ctxt_t *tsec_ctxt)
|
|||||||
int res = 0;
|
int res = 0;
|
||||||
u8 *fwbuf = NULL;
|
u8 *fwbuf = NULL;
|
||||||
u32 *pdir, *car, *fuse, *pmc, *flowctrl, *se, *mc, *iram, *evec;
|
u32 *pdir, *car, *fuse, *pmc, *flowctrl, *se, *mc, *iram, *evec;
|
||||||
|
u32 *pkg11_magic_off;
|
||||||
|
|
||||||
//Enable clocks.
|
//Enable clocks.
|
||||||
clock_enable_host1x();
|
clock_enable_host1x();
|
||||||
@ -161,6 +162,8 @@ int tsec_query(u8 *tsec_keys, u8 kb, tsec_ctxt_t *tsec_ctxt)
|
|||||||
// IRAM
|
// IRAM
|
||||||
iram = page_alloc(0x30);
|
iram = page_alloc(0x30);
|
||||||
memcpy(iram, tsec_ctxt->pkg1, 0x30000);
|
memcpy(iram, tsec_ctxt->pkg1, 0x30000);
|
||||||
|
// PKG1.1 magic offset.
|
||||||
|
pkg11_magic_off = (u32 *)(iram + ((tsec_ctxt->pkg11_off + 0x20) / 4));
|
||||||
smmu_map(pdir, 0x40010000, (u32)iram, 0x30, _READABLE | _WRITABLE | _NONSECURE);
|
smmu_map(pdir, 0x40010000, (u32)iram, 0x30, _READABLE | _WRITABLE | _NONSECURE);
|
||||||
|
|
||||||
// Exception vectors
|
// Exception vectors
|
||||||
@ -216,16 +219,17 @@ int tsec_query(u8 *tsec_keys, u8 kb, tsec_ctxt_t *tsec_ctxt)
|
|||||||
u32 key[16] = {0};
|
u32 key[16] = {0};
|
||||||
u32 kidx = 0;
|
u32 kidx = 0;
|
||||||
|
|
||||||
while (memcmp((u8 *)(iram + ((tsec_ctxt->pkg11_off + 0x20) / 4)), "PK11", 4))
|
while (*pkg11_magic_off != HOS_PKG11_MAGIC)
|
||||||
{
|
{
|
||||||
smmu_flush_all();
|
smmu_flush_all();
|
||||||
|
|
||||||
if (k == se[SE_KEYTABLE_DATA0_REG_OFFSET / 4])
|
if (k == se[SE_KEYTABLE_DATA0_REG_OFFSET / 4])
|
||||||
continue;
|
continue;
|
||||||
k = se[SE_KEYTABLE_DATA0_REG_OFFSET / 4];
|
k = se[SE_KEYTABLE_DATA0_REG_OFFSET / 4];
|
||||||
key[kidx++] = k;
|
key[kidx++] = k;
|
||||||
|
|
||||||
// Failsafe.
|
// Failsafe.
|
||||||
if ((u32)get_tmr_us() - start > 500000)
|
if ((u32)get_tmr_us() - start > 125000)
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -237,6 +241,9 @@ int tsec_query(u8 *tsec_keys, u8 kb, tsec_ctxt_t *tsec_ctxt)
|
|||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Give some extra time to make sure PKG1.1 is decrypted.
|
||||||
|
msleep(50);
|
||||||
|
|
||||||
memcpy(tsec_keys, &key, 0x20);
|
memcpy(tsec_keys, &key, 0x20);
|
||||||
memcpy(tsec_ctxt->pkg1, iram, 0x30000);
|
memcpy(tsec_ctxt->pkg1, iram, 0x30000);
|
||||||
|
|
||||||
|
@ -94,7 +94,7 @@ void smmu_enable()
|
|||||||
|
|
||||||
cluster_boot_cpu0((u32)smmu_payload);
|
cluster_boot_cpu0((u32)smmu_payload);
|
||||||
smmu_used = true;
|
smmu_used = true;
|
||||||
msleep(100);
|
msleep(150);
|
||||||
|
|
||||||
smmu_flush_all();
|
smmu_flush_all();
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user