forked from CTCaer/hekate
Refactor various variables and names
This commit is contained in:
parent
82da1aaf2a
commit
638a3909c5
@ -102,7 +102,8 @@ u8 als_init(als_table_t *als_val)
|
|||||||
i2c_init(I2C_2);
|
i2c_init(I2C_2);
|
||||||
|
|
||||||
max77620_regulator_set_volt_and_flags(REGULATOR_LDO6, 2900000, MAX77620_POWER_MODE_NORMAL);
|
max77620_regulator_set_volt_and_flags(REGULATOR_LDO6, 2900000, MAX77620_POWER_MODE_NORMAL);
|
||||||
i2c_send_byte(I2C_5, MAX77620_I2C_ADDR, MAX77620_REG_LDO6_CFG2, 0xD8 | MAX77620_LDO_CFG2_ADE_MASK);
|
i2c_send_byte(I2C_5, MAX77620_I2C_ADDR, MAX77620_REG_LDO6_CFG2,
|
||||||
|
(MAX77620_POWER_MODE_NORMAL << MAX77620_LDO_POWER_MODE_SHIFT | (3 << 3) | MAX77620_LDO_CFG2_ADE_ENABLE));
|
||||||
|
|
||||||
u8 id = i2c_recv_byte(I2C_2, BH1730_I2C_ADDR, BH1730_ADDR(0x12));
|
u8 id = i2c_recv_byte(I2C_2, BH1730_I2C_ADDR, BH1730_ADDR(0x12));
|
||||||
i2c_send_byte(I2C_2, BH1730_I2C_ADDR, BH1730_SPEC(BH1730_SPECCMD_RESET), 0);
|
i2c_send_byte(I2C_2, BH1730_I2C_ADDR, BH1730_SPEC(BH1730_SPECCMD_RESET), 0);
|
||||||
|
@ -206,7 +206,7 @@ static u16 jc_packet_add_uart_hdr(jc_wired_hdr_t *out, u8 wired_cmd, u8 *data, u
|
|||||||
out->uart_hdr.magic[1] = 0x01;
|
out->uart_hdr.magic[1] = 0x01;
|
||||||
out->uart_hdr.magic[2] = 0x3;
|
out->uart_hdr.magic[2] = 0x3;
|
||||||
|
|
||||||
out->uart_hdr.total_size_lsb = 7;
|
out->uart_hdr.total_size_lsb = sizeof(jc_wired_hdr_t) - sizeof(jc_uart_hdr_t);
|
||||||
out->uart_hdr.total_size_msb = 0;
|
out->uart_hdr.total_size_msb = 0;
|
||||||
out->cmd = wired_cmd;
|
out->cmd = wired_cmd;
|
||||||
|
|
||||||
|
@ -361,7 +361,7 @@ int touch_power_on()
|
|||||||
// Enables LDO6 for touchscreen VDD/AVDD supply
|
// Enables LDO6 for touchscreen VDD/AVDD supply
|
||||||
max77620_regulator_set_volt_and_flags(REGULATOR_LDO6, 2900000, MAX77620_POWER_MODE_NORMAL);
|
max77620_regulator_set_volt_and_flags(REGULATOR_LDO6, 2900000, MAX77620_POWER_MODE_NORMAL);
|
||||||
i2c_send_byte(I2C_5, MAX77620_I2C_ADDR, MAX77620_REG_LDO6_CFG2,
|
i2c_send_byte(I2C_5, MAX77620_I2C_ADDR, MAX77620_REG_LDO6_CFG2,
|
||||||
MAX77620_LDO_CFG2_ADE_ENABLE | (3 << 3) | (MAX77620_POWER_MODE_NORMAL << MAX77620_LDO_POWER_MODE_SHIFT));
|
(MAX77620_POWER_MODE_NORMAL << MAX77620_LDO_POWER_MODE_SHIFT | (3 << 3) | MAX77620_LDO_CFG2_ADE_ENABLE));
|
||||||
|
|
||||||
// Configure touchscreen GPIO.
|
// Configure touchscreen GPIO.
|
||||||
PINMUX_AUX(PINMUX_AUX_DAP4_SCLK) = PINMUX_PULL_DOWN | 1;
|
PINMUX_AUX(PINMUX_AUX_DAP4_SCLK) = PINMUX_PULL_DOWN | 1;
|
||||||
|
@ -108,11 +108,11 @@
|
|||||||
#define MAX77620_LDO_VOLT_MASK 0x3F
|
#define MAX77620_LDO_VOLT_MASK 0x3F
|
||||||
#define MAX77620_REG_DVSSD0 0x1B
|
#define MAX77620_REG_DVSSD0 0x1B
|
||||||
#define MAX77620_REG_DVSSD1 0x1C
|
#define MAX77620_REG_DVSSD1 0x1C
|
||||||
#define MAX77620_REG_SD0_CFG 0x1D
|
#define MAX77620_REG_SD0_CFG 0x1D // SD CNFG1.
|
||||||
#define MAX77620_REG_SD1_CFG 0x1E
|
#define MAX77620_REG_SD1_CFG 0x1E // SD CNFG1.
|
||||||
#define MAX77620_REG_SD2_CFG 0x1F
|
#define MAX77620_REG_SD2_CFG 0x1F // SD CNFG1.
|
||||||
#define MAX77620_REG_SD3_CFG 0x20
|
#define MAX77620_REG_SD3_CFG 0x20 // SD CNFG1.
|
||||||
#define MAX77620_REG_SD4_CFG 0x21
|
#define MAX77620_REG_SD4_CFG 0x21 // SD CNFG1.
|
||||||
#define MAX77620_REG_SD_CFG2 0x22
|
#define MAX77620_REG_SD_CFG2 0x22
|
||||||
#define MAX77620_REG_LDO0_CFG 0x23
|
#define MAX77620_REG_LDO0_CFG 0x23
|
||||||
#define MAX77620_REG_LDO0_CFG2 0x24
|
#define MAX77620_REG_LDO0_CFG2 0x24
|
||||||
|
@ -650,7 +650,7 @@ void clock_sdmmc_get_card_clock_div(u32 *pclock, u16 *pdivisor, u32 type)
|
|||||||
*pclock = 40800;
|
*pclock = 40800;
|
||||||
*pdivisor = 1;
|
*pdivisor = 1;
|
||||||
break;
|
break;
|
||||||
case SDHCI_TIMING_MMC_DDR52: // Actual IO Freq: 49.92 MHz.
|
case SDHCI_TIMING_MMC_HS102: // Actual IO Freq: 99.84 MHz.
|
||||||
*pclock = 200000;
|
*pclock = 200000;
|
||||||
*pdivisor = 2;
|
*pdivisor = 2;
|
||||||
break;
|
break;
|
||||||
|
@ -111,6 +111,7 @@ int parse_fss(launch_ctxt_t *ctxt, const char *path, fss0_sept_t *sept_ctxt)
|
|||||||
bool stock = false;
|
bool stock = false;
|
||||||
int sept_used = 0;
|
int sept_used = 0;
|
||||||
|
|
||||||
|
// Skip if stock and Exosphere and warmboot are not needed.
|
||||||
if (!sept_ctxt)
|
if (!sept_ctxt)
|
||||||
{
|
{
|
||||||
LIST_FOREACH_ENTRY(ini_kv_t, kv, &ctxt->cfg->kvs, link)
|
LIST_FOREACH_ENTRY(ini_kv_t, kv, &ctxt->cfg->kvs, link)
|
||||||
|
@ -59,6 +59,9 @@ extern hekate_config h_cfg;
|
|||||||
|
|
||||||
#define PKG2_LOAD_ADDR 0xA9800000
|
#define PKG2_LOAD_ADDR 0xA9800000
|
||||||
|
|
||||||
|
#define SECMON_BCT_CFG_ADDR 0x4003D000
|
||||||
|
#define SECMON6_BCT_CFG_ADDR 0x4003F800
|
||||||
|
|
||||||
// Secmon mailbox.
|
// Secmon mailbox.
|
||||||
#define SECMON_MAILBOX_ADDR 0x40002E00
|
#define SECMON_MAILBOX_ADDR 0x40002E00
|
||||||
#define SECMON7_MAILBOX_ADDR 0x40000000
|
#define SECMON7_MAILBOX_ADDR 0x40000000
|
||||||
@ -87,21 +90,21 @@ static const u8 cmac_keyseed[0x10] =
|
|||||||
static const u8 master_keyseed_retail[0x10] =
|
static const u8 master_keyseed_retail[0x10] =
|
||||||
{ 0xD8, 0xA2, 0x41, 0x0A, 0xC6, 0xC5, 0x90, 0x01, 0xC6, 0x1D, 0x6A, 0x26, 0x7C, 0x51, 0x3F, 0x3C };
|
{ 0xD8, 0xA2, 0x41, 0x0A, 0xC6, 0xC5, 0x90, 0x01, 0xC6, 0x1D, 0x6A, 0x26, 0x7C, 0x51, 0x3F, 0x3C };
|
||||||
|
|
||||||
static const u8 console_keyseed[0x10] =
|
|
||||||
{ 0x4F, 0x02, 0x5F, 0x0E, 0xB6, 0x6D, 0x11, 0x0E, 0xDC, 0x32, 0x7D, 0x41, 0x86, 0xC2, 0xF4, 0x78 };
|
|
||||||
|
|
||||||
const u8 package2_keyseed[0x10] =
|
|
||||||
{ 0xFB, 0x8B, 0x6A, 0x9C, 0x79, 0x00, 0xC8, 0x49, 0xEF, 0xD2, 0x4D, 0x85, 0x4D, 0x30, 0xA0, 0xC7 };
|
|
||||||
|
|
||||||
static const u8 master_keyseed_4xx_5xx_610[0x10] =
|
static const u8 master_keyseed_4xx_5xx_610[0x10] =
|
||||||
{ 0x2D, 0xC1, 0xF4, 0x8D, 0xF3, 0x5B, 0x69, 0x33, 0x42, 0x10, 0xAC, 0x65, 0xDA, 0x90, 0x46, 0x66 };
|
{ 0x2D, 0xC1, 0xF4, 0x8D, 0xF3, 0x5B, 0x69, 0x33, 0x42, 0x10, 0xAC, 0x65, 0xDA, 0x90, 0x46, 0x66 };
|
||||||
|
|
||||||
static const u8 master_keyseed_620[0x10] =
|
static const u8 master_keyseed_620[0x10] =
|
||||||
{ 0x37, 0x4B, 0x77, 0x29, 0x59, 0xB4, 0x04, 0x30, 0x81, 0xF6, 0xE5, 0x8C, 0x6D, 0x36, 0x17, 0x9A };
|
{ 0x37, 0x4B, 0x77, 0x29, 0x59, 0xB4, 0x04, 0x30, 0x81, 0xF6, 0xE5, 0x8C, 0x6D, 0x36, 0x17, 0x9A };
|
||||||
|
|
||||||
|
static const u8 console_keyseed[0x10] =
|
||||||
|
{ 0x4F, 0x02, 0x5F, 0x0E, 0xB6, 0x6D, 0x11, 0x0E, 0xDC, 0x32, 0x7D, 0x41, 0x86, 0xC2, 0xF4, 0x78 };
|
||||||
|
|
||||||
static const u8 console_keyseed_4xx_5xx[0x10] =
|
static const u8 console_keyseed_4xx_5xx[0x10] =
|
||||||
{ 0x0C, 0x91, 0x09, 0xDB, 0x93, 0x93, 0x07, 0x81, 0x07, 0x3C, 0xC4, 0x16, 0x22, 0x7C, 0x6C, 0x28 };
|
{ 0x0C, 0x91, 0x09, 0xDB, 0x93, 0x93, 0x07, 0x81, 0x07, 0x3C, 0xC4, 0x16, 0x22, 0x7C, 0x6C, 0x28 };
|
||||||
|
|
||||||
|
const u8 package2_keyseed[0x10] =
|
||||||
|
{ 0xFB, 0x8B, 0x6A, 0x9C, 0x79, 0x00, 0xC8, 0x49, 0xEF, 0xD2, 0x4D, 0x85, 0x4D, 0x30, 0xA0, 0xC7 };
|
||||||
|
|
||||||
static void _hos_crit_error(const char *text)
|
static void _hos_crit_error(const char *text)
|
||||||
{
|
{
|
||||||
gfx_con.mute = false;
|
gfx_con.mute = false;
|
||||||
@ -214,7 +217,7 @@ void hos_eks_get()
|
|||||||
goto out;
|
goto out;
|
||||||
|
|
||||||
// Decrypt EKS blob.
|
// Decrypt EKS blob.
|
||||||
hos_eks_mbr_t *eks = (hos_eks_mbr_t *)(mbr + 0x60);
|
hos_eks_mbr_t *eks = (hos_eks_mbr_t *)(mbr + 0x80);
|
||||||
se_aes_crypt_ecb(14, 0, eks, sizeof(hos_eks_mbr_t), eks, sizeof(hos_eks_mbr_t));
|
se_aes_crypt_ecb(14, 0, eks, sizeof(hos_eks_mbr_t), eks, sizeof(hos_eks_mbr_t));
|
||||||
|
|
||||||
// Check if valid and for this unit.
|
// Check if valid and for this unit.
|
||||||
@ -292,7 +295,7 @@ void hos_eks_save(u32 kb)
|
|||||||
se_aes_crypt_ecb(14, 1, eks, sizeof(hos_eks_mbr_t), eks, sizeof(hos_eks_mbr_t));
|
se_aes_crypt_ecb(14, 1, eks, sizeof(hos_eks_mbr_t), eks, sizeof(hos_eks_mbr_t));
|
||||||
|
|
||||||
// Write EKS blob to SD.
|
// Write EKS blob to SD.
|
||||||
memcpy(mbr + 0x60, eks, sizeof(hos_eks_mbr_t));
|
memcpy(mbr + 0x80, eks, sizeof(hos_eks_mbr_t));
|
||||||
hos_eks_rw_try(mbr, true);
|
hos_eks_rw_try(mbr, true);
|
||||||
|
|
||||||
|
|
||||||
@ -329,7 +332,7 @@ void hos_eks_clear(u32 kb)
|
|||||||
se_aes_crypt_ecb(14, 1, eks, sizeof(hos_eks_mbr_t), eks, sizeof(hos_eks_mbr_t));
|
se_aes_crypt_ecb(14, 1, eks, sizeof(hos_eks_mbr_t), eks, sizeof(hos_eks_mbr_t));
|
||||||
|
|
||||||
// Write EKS blob to SD.
|
// Write EKS blob to SD.
|
||||||
memcpy(mbr + 0x60, eks, sizeof(hos_eks_mbr_t));
|
memcpy(mbr + 0x80, eks, sizeof(hos_eks_mbr_t));
|
||||||
hos_eks_rw_try(mbr, true);
|
hos_eks_rw_try(mbr, true);
|
||||||
|
|
||||||
EMC(EMC_SCRATCH0) &= ~EMC_SEPT_RUN;
|
EMC(EMC_SCRATCH0) &= ~EMC_SEPT_RUN;
|
||||||
@ -552,7 +555,7 @@ static int _read_emmc_pkg1(launch_ctxt_t *ctxt)
|
|||||||
(emu_cfg.enabled && !h_cfg.emummc_force_disable) ? "\nOr emuMMC corrupt!" : "");
|
(emu_cfg.enabled && !h_cfg.emummc_force_disable) ? "\nOr emuMMC corrupt!" : "");
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
gfx_printf("Identified pkg1 and Keyblob %d\n\n", ctxt->pkg1_id->kb);
|
gfx_printf("Identified pkg1 and mkey %d\n\n", ctxt->pkg1_id->kb);
|
||||||
|
|
||||||
// Read the correct keyblob.
|
// Read the correct keyblob.
|
||||||
ctxt->keyblob = (u8 *)calloc(NX_EMMC_BLOCKSIZE, 1);
|
ctxt->keyblob = (u8 *)calloc(NX_EMMC_BLOCKSIZE, 1);
|
||||||
@ -695,8 +698,10 @@ int hos_launch(ini_sec_t *cfg)
|
|||||||
goto error;
|
goto error;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
bool emummc_enabled = emu_cfg.enabled && !h_cfg.emummc_force_disable;
|
||||||
|
|
||||||
// Enable emummc patching.
|
// Enable emummc patching.
|
||||||
if (emu_cfg.enabled && !h_cfg.emummc_force_disable)
|
if (emummc_enabled)
|
||||||
{
|
{
|
||||||
if (ctxt.stock)
|
if (ctxt.stock)
|
||||||
{
|
{
|
||||||
@ -721,7 +726,7 @@ int hos_launch(ini_sec_t *cfg)
|
|||||||
if ((h_cfg.autonogc &&
|
if ((h_cfg.autonogc &&
|
||||||
((!(fuses & ~0xF) && (kb >= KB_FIRMWARE_VERSION_400)) || // LAFW v2.
|
((!(fuses & ~0xF) && (kb >= KB_FIRMWARE_VERSION_400)) || // LAFW v2.
|
||||||
(!(fuses & ~0x3FF) && (kb >= KB_FIRMWARE_VERSION_900)))) // LAFW v3.
|
(!(fuses & ~0x3FF) && (kb >= KB_FIRMWARE_VERSION_900)))) // LAFW v3.
|
||||||
|| ((emu_cfg.enabled && !h_cfg.emummc_force_disable) &&
|
|| ((emummc_enabled) &&
|
||||||
((fuses & 0x400) && (kb <= KB_FIRMWARE_VERSION_810))))
|
((fuses & 0x400) && (kb <= KB_FIRMWARE_VERSION_810))))
|
||||||
config_kip1patch(&ctxt, "nogc");
|
config_kip1patch(&ctxt, "nogc");
|
||||||
}
|
}
|
||||||
@ -763,7 +768,7 @@ int hos_launch(ini_sec_t *cfg)
|
|||||||
if (kb <= KB_FIRMWARE_VERSION_600)
|
if (kb <= KB_FIRMWARE_VERSION_600)
|
||||||
pkg1_decrypt(ctxt.pkg1_id, ctxt.pkg1);
|
pkg1_decrypt(ctxt.pkg1_id, ctxt.pkg1);
|
||||||
|
|
||||||
if (kb <= KB_FIRMWARE_VERSION_620 && !(emu_cfg.enabled && !h_cfg.emummc_force_disable))
|
if (kb <= KB_FIRMWARE_VERSION_620 && !emummc_enabled)
|
||||||
{
|
{
|
||||||
pkg1_unpack((void *)ctxt.pkg1_id->warmboot_base, (void *)ctxt.pkg1_id->secmon_base, NULL, ctxt.pkg1_id, ctxt.pkg1);
|
pkg1_unpack((void *)ctxt.pkg1_id->warmboot_base, (void *)ctxt.pkg1_id->secmon_base, NULL, ctxt.pkg1_id, ctxt.pkg1);
|
||||||
gfx_puts("Decrypted & unpacked pkg1\n");
|
gfx_puts("Decrypted & unpacked pkg1\n");
|
||||||
@ -780,6 +785,7 @@ int hos_launch(ini_sec_t *cfg)
|
|||||||
memcpy((void *)warmboot_base, ctxt.warmboot, ctxt.warmboot_size);
|
memcpy((void *)warmboot_base, ctxt.warmboot, ctxt.warmboot_size);
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
|
// Patch warmboot on T210 to allow downgrading.
|
||||||
if (kb >= KB_FIRMWARE_VERSION_700)
|
if (kb >= KB_FIRMWARE_VERSION_700)
|
||||||
{
|
{
|
||||||
_hos_crit_error("No warmboot provided!");
|
_hos_crit_error("No warmboot provided!");
|
||||||
@ -795,7 +801,7 @@ int hos_launch(ini_sec_t *cfg)
|
|||||||
if (kb <= KB_FIRMWARE_VERSION_301)
|
if (kb <= KB_FIRMWARE_VERSION_301)
|
||||||
PMC(APBDEV_PMC_SCRATCH1) = warmboot_base;
|
PMC(APBDEV_PMC_SCRATCH1) = warmboot_base;
|
||||||
|
|
||||||
// Replace 'SecureMonitor' if requested.
|
// Replace 'SecureMonitor' if requested or patch Pkg2 checks if needed.
|
||||||
if (ctxt.secmon)
|
if (ctxt.secmon)
|
||||||
memcpy((void *)secmon_base, ctxt.secmon, ctxt.secmon_size);
|
memcpy((void *)secmon_base, ctxt.secmon, ctxt.secmon_size);
|
||||||
else if (ctxt.pkg1_id->secmon_patchset)
|
else if (ctxt.pkg1_id->secmon_patchset)
|
||||||
@ -853,8 +859,8 @@ int hos_launch(ini_sec_t *cfg)
|
|||||||
|
|
||||||
if (!ctxt.stock && (ctxt.svcperm || ctxt.debugmode || ctxt.atmosphere))
|
if (!ctxt.stock && (ctxt.svcperm || ctxt.debugmode || ctxt.atmosphere))
|
||||||
{
|
{
|
||||||
u8 kernel_hash[0x20];
|
|
||||||
// Hash only Kernel when it embeds INI1.
|
// Hash only Kernel when it embeds INI1.
|
||||||
|
u8 kernel_hash[0x20];
|
||||||
if (!ctxt.new_pkg2)
|
if (!ctxt.new_pkg2)
|
||||||
se_calc_sha256_oneshot(kernel_hash, ctxt.kernel, ctxt.kernel_size);
|
se_calc_sha256_oneshot(kernel_hash, ctxt.kernel, ctxt.kernel_size);
|
||||||
else
|
else
|
||||||
@ -976,15 +982,15 @@ int hos_launch(ini_sec_t *cfg)
|
|||||||
// Clear BCT area for retail units and copy it over if dev unit.
|
// Clear BCT area for retail units and copy it over if dev unit.
|
||||||
if (kb <= KB_FIRMWARE_VERSION_500 && !exo_new)
|
if (kb <= KB_FIRMWARE_VERSION_500 && !exo_new)
|
||||||
{
|
{
|
||||||
memset((void *)0x4003D000, 0, 0x3000);
|
memset((void *)SECMON_BCT_CFG_ADDR, 0, 0x3000);
|
||||||
if ((fuse_read_odm(4) & 3) == 3)
|
if ((fuse_read_odm(4) & 3) == 3)
|
||||||
memcpy((void *)0x4003D000, bootConfigBuf, 0x1000);
|
memcpy((void *)SECMON_BCT_CFG_ADDR, bootConfigBuf, 0x1000);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
memset((void *)0x4003F800, 0, 0x800);
|
memset((void *)SECMON6_BCT_CFG_ADDR, 0, 0x800);
|
||||||
if ((fuse_read_odm(4) & 3) == 3)
|
if ((fuse_read_odm(4) & 3) == 3)
|
||||||
memcpy((void *)0x4003F800, bootConfigBuf, 0x800);
|
memcpy((void *)SECMON6_BCT_CFG_ADDR, bootConfigBuf, 0x800);
|
||||||
}
|
}
|
||||||
free(bootConfigBuf);
|
free(bootConfigBuf);
|
||||||
|
|
||||||
@ -1043,13 +1049,15 @@ int hos_launch(ini_sec_t *cfg)
|
|||||||
// emuMMC: Some cards (Sandisk U1), do not like a fast power cycle. Wait min 100ms.
|
// emuMMC: Some cards (Sandisk U1), do not like a fast power cycle. Wait min 100ms.
|
||||||
sdmmc_storage_init_wait_sd();
|
sdmmc_storage_init_wait_sd();
|
||||||
|
|
||||||
// Wait for secmon to get ready.
|
// Launch secmon.
|
||||||
if (smmu_is_used())
|
if (smmu_is_used())
|
||||||
smmu_exit();
|
smmu_exit();
|
||||||
else
|
else
|
||||||
ccplex_boot_cpu0(secmon_base);
|
ccplex_boot_cpu0(secmon_base);
|
||||||
|
|
||||||
|
// Wait for secmon to get ready.
|
||||||
while (!secmon_mailbox->out)
|
while (!secmon_mailbox->out)
|
||||||
; // A usleep(1) only works when in IRAM or with a trained DRAM.
|
;
|
||||||
|
|
||||||
// Signal pkg2 ready and continue boot.
|
// Signal pkg2 ready and continue boot.
|
||||||
secmon_mailbox->in = bootStatePkg2Continue;
|
secmon_mailbox->in = bootStatePkg2Continue;
|
||||||
|
@ -66,17 +66,17 @@ typedef struct _hos_eks_bis_keys_t
|
|||||||
typedef struct _hos_eks_mbr_t
|
typedef struct _hos_eks_mbr_t
|
||||||
{
|
{
|
||||||
u32 magic;
|
u32 magic;
|
||||||
u8 enabled[6];
|
u8 enabled[5];
|
||||||
u8 enabled_bis;
|
u8 enabled_bis;
|
||||||
u8 rsvd;
|
u8 rsvd[2];
|
||||||
u32 sbk_low;
|
u32 sbk_low;
|
||||||
u8 dkg[0x10];
|
u8 dkg[0x10];
|
||||||
u8 dkk[0x10];
|
u8 dkk[0x10];
|
||||||
hos_eks_keys_t keys[6];
|
hos_eks_keys_t keys[5];
|
||||||
hos_eks_bis_keys_t bis_keys[3];
|
hos_eks_bis_keys_t bis_keys[3];
|
||||||
} hos_eks_mbr_t;
|
} hos_eks_mbr_t;
|
||||||
|
|
||||||
static_assert(sizeof(hos_eks_mbr_t) == 336, "HOS EKS size is wrong!");
|
static_assert(sizeof(hos_eks_mbr_t) == 304, "HOS EKS size is wrong!");
|
||||||
|
|
||||||
typedef struct _launch_ctxt_t
|
typedef struct _launch_ctxt_t
|
||||||
{
|
{
|
||||||
|
@ -136,7 +136,7 @@ int emummc_storage_init_mmc(sdmmc_storage_t *storage, sdmmc_t *sdmmc)
|
|||||||
FILINFO fno;
|
FILINFO fno;
|
||||||
emu_cfg.active_part = 0;
|
emu_cfg.active_part = 0;
|
||||||
|
|
||||||
// Always init eMMC even when in emuMMC. eMMC is needed from theh emuMMC driver anyway.
|
// Always init eMMC even when in emuMMC. eMMC is needed from the emuMMC driver anyway.
|
||||||
if (!sdmmc_storage_init_mmc(storage, sdmmc, SDMMC_BUS_WIDTH_8, SDHCI_TIMING_MMC_HS400))
|
if (!sdmmc_storage_init_mmc(storage, sdmmc, SDMMC_BUS_WIDTH_8, SDHCI_TIMING_MMC_HS400))
|
||||||
return 2;
|
return 2;
|
||||||
|
|
||||||
|
@ -272,6 +272,7 @@ static lv_res_t _create_mbox_cal0(lv_obj_t *btn)
|
|||||||
lv_obj_set_width(lb_desc, LV_HOR_RES / 9 * 3);
|
lv_obj_set_width(lb_desc, LV_HOR_RES / 9 * 3);
|
||||||
|
|
||||||
// Read package1.
|
// Read package1.
|
||||||
|
u8 kb = 0;
|
||||||
char *build_date = malloc(32);
|
char *build_date = malloc(32);
|
||||||
u8 *pkg1 = (u8 *)malloc(0x40000);
|
u8 *pkg1 = (u8 *)malloc(0x40000);
|
||||||
sdmmc_storage_init_mmc(&emmc_storage, &emmc_sdmmc, SDMMC_BUS_WIDTH_8, SDHCI_TIMING_MMC_HS400);
|
sdmmc_storage_init_mmc(&emmc_storage, &emmc_sdmmc, SDMMC_BUS_WIDTH_8, SDHCI_TIMING_MMC_HS400);
|
||||||
@ -293,6 +294,8 @@ static lv_res_t _create_mbox_cal0(lv_obj_t *btn)
|
|||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
kb = pkg1_id->kb;
|
||||||
|
|
||||||
tsec_ctxt_t tsec_ctxt;
|
tsec_ctxt_t tsec_ctxt;
|
||||||
tsec_ctxt.fw = (u8 *)pkg1 + pkg1_id->tsec_off;
|
tsec_ctxt.fw = (u8 *)pkg1 + pkg1_id->tsec_off;
|
||||||
tsec_ctxt.pkg1 = pkg1;
|
tsec_ctxt.pkg1 = pkg1;
|
||||||
@ -301,13 +304,13 @@ static lv_res_t _create_mbox_cal0(lv_obj_t *btn)
|
|||||||
|
|
||||||
// Get keys.
|
// Get keys.
|
||||||
hos_eks_get();
|
hos_eks_get();
|
||||||
if (pkg1_id->kb >= KB_FIRMWARE_VERSION_700 && !h_cfg.sept_run)
|
if (kb >= KB_FIRMWARE_VERSION_700 && !h_cfg.sept_run)
|
||||||
{
|
{
|
||||||
u32 key_idx = 0;
|
u32 key_idx = 0;
|
||||||
if (pkg1_id->kb >= KB_FIRMWARE_VERSION_810)
|
if (kb >= KB_FIRMWARE_VERSION_810)
|
||||||
key_idx = 1;
|
key_idx = 1;
|
||||||
|
|
||||||
if (h_cfg.eks && h_cfg.eks->enabled[key_idx] >= pkg1_id->kb)
|
if (h_cfg.eks && h_cfg.eks->enabled[key_idx] >= kb)
|
||||||
h_cfg.sept_run = true;
|
h_cfg.sept_run = true;
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
@ -315,7 +318,7 @@ static lv_res_t _create_mbox_cal0(lv_obj_t *btn)
|
|||||||
b_cfg->autoboot_list = 0;
|
b_cfg->autoboot_list = 0;
|
||||||
b_cfg->extra_cfg = EXTRA_CFG_NYX_BIS;
|
b_cfg->extra_cfg = EXTRA_CFG_NYX_BIS;
|
||||||
|
|
||||||
if (!reboot_to_sept((u8 *)tsec_ctxt.fw, pkg1_id->kb))
|
if (!reboot_to_sept((u8 *)tsec_ctxt.fw, kb))
|
||||||
{
|
{
|
||||||
lv_label_set_text(lb_desc, "#FFDD00 Failed to run sept#\n");
|
lv_label_set_text(lb_desc, "#FFDD00 Failed to run sept#\n");
|
||||||
goto out;
|
goto out;
|
||||||
@ -325,10 +328,10 @@ static lv_res_t _create_mbox_cal0(lv_obj_t *btn)
|
|||||||
|
|
||||||
// Read the correct keyblob.
|
// Read the correct keyblob.
|
||||||
u8 *keyblob = (u8 *)calloc(NX_EMMC_BLOCKSIZE, 1);
|
u8 *keyblob = (u8 *)calloc(NX_EMMC_BLOCKSIZE, 1);
|
||||||
sdmmc_storage_read(&emmc_storage, 0x180000 / NX_EMMC_BLOCKSIZE + pkg1_id->kb, 1, keyblob);
|
sdmmc_storage_read(&emmc_storage, 0x180000 / NX_EMMC_BLOCKSIZE + kb, 1, keyblob);
|
||||||
|
|
||||||
// Generate BIS keys
|
// Generate BIS keys
|
||||||
hos_bis_keygen(keyblob, pkg1_id->kb, &tsec_ctxt);
|
hos_bis_keygen(keyblob, kb, &tsec_ctxt);
|
||||||
|
|
||||||
free(keyblob);
|
free(keyblob);
|
||||||
|
|
||||||
|
@ -45,23 +45,6 @@ extern hekate_config h_cfg;
|
|||||||
|
|
||||||
static u8 *bis_keys = NULL;
|
static u8 *bis_keys = NULL;
|
||||||
|
|
||||||
//#define DPRINTF(...) gfx_printf(__VA_ARGS__)
|
|
||||||
#define DPRINTF(...)
|
|
||||||
|
|
||||||
#define PKG2_LOAD_ADDR 0xA9800000
|
|
||||||
|
|
||||||
// Secmon mailbox.
|
|
||||||
#define SECMON_MB_ADDR 0x40002EF8
|
|
||||||
#define SECMON7_MB_ADDR 0x400000F8
|
|
||||||
typedef struct _secmon_mailbox_t
|
|
||||||
{
|
|
||||||
// < 4.0.0 Signals - 0: Not ready, 1: BCT ready, 2: DRAM and pkg2 ready, 3: Continue boot.
|
|
||||||
// >= 4.0.0 Signals - 0: Not ready, 1: BCT ready, 2: DRAM ready, 4: pkg2 ready and continue boot.
|
|
||||||
u32 in;
|
|
||||||
// Non-zero: Secmon ready.
|
|
||||||
u32 out;
|
|
||||||
} secmon_mailbox_t;
|
|
||||||
|
|
||||||
static const u8 keyblob_keyseeds[][0x10] = {
|
static const u8 keyblob_keyseeds[][0x10] = {
|
||||||
{ 0xDF, 0x20, 0x6F, 0x59, 0x44, 0x54, 0xEF, 0xDC, 0x70, 0x74, 0x48, 0x3B, 0x0D, 0xED, 0x9F, 0xD3 }, // 1.0.0.
|
{ 0xDF, 0x20, 0x6F, 0x59, 0x44, 0x54, 0xEF, 0xDC, 0x70, 0x74, 0x48, 0x3B, 0x0D, 0xED, 0x9F, 0xD3 }, // 1.0.0.
|
||||||
{ 0x0C, 0x25, 0x61, 0x5D, 0x68, 0x4C, 0xEB, 0x42, 0x1C, 0x23, 0x79, 0xEA, 0x82, 0x25, 0x12, 0xAC }, // 3.0.0.
|
{ 0x0C, 0x25, 0x61, 0x5D, 0x68, 0x4C, 0xEB, 0x42, 0x1C, 0x23, 0x79, 0xEA, 0x82, 0x25, 0x12, 0xAC }, // 3.0.0.
|
||||||
@ -77,21 +60,21 @@ static const u8 cmac_keyseed[0x10] =
|
|||||||
static const u8 master_keyseed_retail[0x10] =
|
static const u8 master_keyseed_retail[0x10] =
|
||||||
{ 0xD8, 0xA2, 0x41, 0x0A, 0xC6, 0xC5, 0x90, 0x01, 0xC6, 0x1D, 0x6A, 0x26, 0x7C, 0x51, 0x3F, 0x3C };
|
{ 0xD8, 0xA2, 0x41, 0x0A, 0xC6, 0xC5, 0x90, 0x01, 0xC6, 0x1D, 0x6A, 0x26, 0x7C, 0x51, 0x3F, 0x3C };
|
||||||
|
|
||||||
static const u8 console_keyseed[0x10] =
|
|
||||||
{ 0x4F, 0x02, 0x5F, 0x0E, 0xB6, 0x6D, 0x11, 0x0E, 0xDC, 0x32, 0x7D, 0x41, 0x86, 0xC2, 0xF4, 0x78 };
|
|
||||||
|
|
||||||
const u8 package2_keyseed[0x10] =
|
|
||||||
{ 0xFB, 0x8B, 0x6A, 0x9C, 0x79, 0x00, 0xC8, 0x49, 0xEF, 0xD2, 0x4D, 0x85, 0x4D, 0x30, 0xA0, 0xC7 };
|
|
||||||
|
|
||||||
static const u8 master_keyseed_4xx_5xx_610[0x10] =
|
static const u8 master_keyseed_4xx_5xx_610[0x10] =
|
||||||
{ 0x2D, 0xC1, 0xF4, 0x8D, 0xF3, 0x5B, 0x69, 0x33, 0x42, 0x10, 0xAC, 0x65, 0xDA, 0x90, 0x46, 0x66 };
|
{ 0x2D, 0xC1, 0xF4, 0x8D, 0xF3, 0x5B, 0x69, 0x33, 0x42, 0x10, 0xAC, 0x65, 0xDA, 0x90, 0x46, 0x66 };
|
||||||
|
|
||||||
static const u8 master_keyseed_620[0x10] =
|
static const u8 master_keyseed_620[0x10] =
|
||||||
{ 0x37, 0x4B, 0x77, 0x29, 0x59, 0xB4, 0x04, 0x30, 0x81, 0xF6, 0xE5, 0x8C, 0x6D, 0x36, 0x17, 0x9A };
|
{ 0x37, 0x4B, 0x77, 0x29, 0x59, 0xB4, 0x04, 0x30, 0x81, 0xF6, 0xE5, 0x8C, 0x6D, 0x36, 0x17, 0x9A };
|
||||||
|
|
||||||
|
static const u8 console_keyseed[0x10] =
|
||||||
|
{ 0x4F, 0x02, 0x5F, 0x0E, 0xB6, 0x6D, 0x11, 0x0E, 0xDC, 0x32, 0x7D, 0x41, 0x86, 0xC2, 0xF4, 0x78 };
|
||||||
|
|
||||||
static const u8 console_keyseed_4xx_5xx[0x10] =
|
static const u8 console_keyseed_4xx_5xx[0x10] =
|
||||||
{ 0x0C, 0x91, 0x09, 0xDB, 0x93, 0x93, 0x07, 0x81, 0x07, 0x3C, 0xC4, 0x16, 0x22, 0x7C, 0x6C, 0x28 };
|
{ 0x0C, 0x91, 0x09, 0xDB, 0x93, 0x93, 0x07, 0x81, 0x07, 0x3C, 0xC4, 0x16, 0x22, 0x7C, 0x6C, 0x28 };
|
||||||
|
|
||||||
|
const u8 package2_keyseed[0x10] =
|
||||||
|
{ 0xFB, 0x8B, 0x6A, 0x9C, 0x79, 0x00, 0xC8, 0x49, 0xEF, 0xD2, 0x4D, 0x85, 0x4D, 0x30, 0xA0, 0xC7 };
|
||||||
|
|
||||||
static const u8 mkey_vectors[KB_FIRMWARE_VERSION_MAX + 1][0x10] = {
|
static const u8 mkey_vectors[KB_FIRMWARE_VERSION_MAX + 1][0x10] = {
|
||||||
{ 0x0C, 0xF0, 0x59, 0xAC, 0x85, 0xF6, 0x26, 0x65, 0xE1, 0xE9, 0x19, 0x55, 0xE6, 0xF2, 0x67, 0x3D }, // Zeroes encrypted with mkey 00.
|
{ 0x0C, 0xF0, 0x59, 0xAC, 0x85, 0xF6, 0x26, 0x65, 0xE1, 0xE9, 0x19, 0x55, 0xE6, 0xF2, 0x67, 0x3D }, // Zeroes encrypted with mkey 00.
|
||||||
{ 0x29, 0x4C, 0x04, 0xC8, 0xEB, 0x10, 0xED, 0x9D, 0x51, 0x64, 0x97, 0xFB, 0xF3, 0x4D, 0x50, 0xDD }, // Mkey 00 encrypted with mkey 01.
|
{ 0x29, 0x4C, 0x04, 0xC8, 0xEB, 0x10, 0xED, 0x9D, 0x51, 0x64, 0x97, 0xFB, 0xF3, 0x4D, 0x50, 0xDD }, // Mkey 00 encrypted with mkey 01.
|
||||||
@ -106,7 +89,7 @@ static const u8 mkey_vectors[KB_FIRMWARE_VERSION_MAX + 1][0x10] = {
|
|||||||
{ 0xB8, 0x96, 0x9E, 0x4A, 0x00, 0x0D, 0xD6, 0x28, 0xB3, 0xD1, 0xDB, 0x68, 0x5F, 0xFB, 0xE1, 0x2A }, // Mkey 09 encrypted with mkey 10.
|
{ 0xB8, 0x96, 0x9E, 0x4A, 0x00, 0x0D, 0xD6, 0x28, 0xB3, 0xD1, 0xDB, 0x68, 0x5F, 0xFB, 0xE1, 0x2A }, // Mkey 09 encrypted with mkey 10.
|
||||||
};
|
};
|
||||||
|
|
||||||
static const u8 new_console_keyseed_4xx[KB_FIRMWARE_VERSION_MAX - KB_FIRMWARE_VERSION_400 + 1][0x10] = {
|
static const u8 new_console_keyseed[KB_FIRMWARE_VERSION_MAX - KB_FIRMWARE_VERSION_400 + 1][0x10] = {
|
||||||
{ 0x8B, 0x4E, 0x1C, 0x22, 0x42, 0x07, 0xC8, 0x73, 0x56, 0x94, 0x08, 0x8B, 0xCC, 0x47, 0x0F, 0x5D }, // 4.x New Device Key Source.
|
{ 0x8B, 0x4E, 0x1C, 0x22, 0x42, 0x07, 0xC8, 0x73, 0x56, 0x94, 0x08, 0x8B, 0xCC, 0x47, 0x0F, 0x5D }, // 4.x New Device Key Source.
|
||||||
{ 0x6C, 0xEF, 0xC6, 0x27, 0x8B, 0xEC, 0x8A, 0x91, 0x99, 0xAB, 0x24, 0xAC, 0x4F, 0x1C, 0x8F, 0x1C }, // 5.x New Device Key Source.
|
{ 0x6C, 0xEF, 0xC6, 0x27, 0x8B, 0xEC, 0x8A, 0x91, 0x99, 0xAB, 0x24, 0xAC, 0x4F, 0x1C, 0x8F, 0x1C }, // 5.x New Device Key Source.
|
||||||
{ 0x70, 0x08, 0x1B, 0x97, 0x44, 0x64, 0xF8, 0x91, 0x54, 0x9D, 0xC6, 0x84, 0x8F, 0x1A, 0xB2, 0xE4 }, // 6.x New Device Key Source.
|
{ 0x70, 0x08, 0x1B, 0x97, 0x44, 0x64, 0xF8, 0x91, 0x54, 0x9D, 0xC6, 0x84, 0x8F, 0x1A, 0xB2, 0xE4 }, // 6.x New Device Key Source.
|
||||||
@ -117,7 +100,7 @@ static const u8 new_console_keyseed_4xx[KB_FIRMWARE_VERSION_MAX - KB_FIRMWARE_VE
|
|||||||
{ 0x14, 0xB8, 0x74, 0x12, 0xCB, 0xBD, 0x0B, 0x8F, 0x20, 0xFB, 0x30, 0xDA, 0x27, 0xE4, 0x58, 0x94 }, // 9.1.0 New Device Key Source.
|
{ 0x14, 0xB8, 0x74, 0x12, 0xCB, 0xBD, 0x0B, 0x8F, 0x20, 0xFB, 0x30, 0xDA, 0x27, 0xE4, 0x58, 0x94 }, // 9.1.0 New Device Key Source.
|
||||||
};
|
};
|
||||||
|
|
||||||
static const u8 new_console_keyseed[KB_FIRMWARE_VERSION_MAX - KB_FIRMWARE_VERSION_400 + 1][0x10] = {
|
static const u8 new_console_kekseed[KB_FIRMWARE_VERSION_MAX - KB_FIRMWARE_VERSION_400 + 1][0x10] = {
|
||||||
{ 0x88, 0x62, 0x34, 0x6E, 0xFA, 0xF7, 0xD8, 0x3F, 0xE1, 0x30, 0x39, 0x50, 0xF0, 0xB7, 0x5D, 0x5D }, // 4.x New Device Keygen Source.
|
{ 0x88, 0x62, 0x34, 0x6E, 0xFA, 0xF7, 0xD8, 0x3F, 0xE1, 0x30, 0x39, 0x50, 0xF0, 0xB7, 0x5D, 0x5D }, // 4.x New Device Keygen Source.
|
||||||
{ 0x06, 0x1E, 0x7B, 0xE9, 0x6D, 0x47, 0x8C, 0x77, 0xC5, 0xC8, 0xE7, 0x94, 0x9A, 0xA8, 0x5F, 0x2E }, // 5.x New Device Keygen Source.
|
{ 0x06, 0x1E, 0x7B, 0xE9, 0x6D, 0x47, 0x8C, 0x77, 0xC5, 0xC8, 0xE7, 0x94, 0x9A, 0xA8, 0x5F, 0x2E }, // 5.x New Device Keygen Source.
|
||||||
{ 0x99, 0xFA, 0x98, 0xBD, 0x15, 0x1C, 0x72, 0xFD, 0x7D, 0x9A, 0xD5, 0x41, 0x00, 0xFD, 0xB2, 0xEF }, // 6.x New Device Keygen Source.
|
{ 0x99, 0xFA, 0x98, 0xBD, 0x15, 0x1C, 0x72, 0xFD, 0x7D, 0x9A, 0xD5, 0x41, 0x00, 0xFD, 0xB2, 0xEF }, // 6.x New Device Keygen Source.
|
||||||
@ -125,7 +108,7 @@ static const u8 new_console_keyseed[KB_FIRMWARE_VERSION_MAX - KB_FIRMWARE_VERSIO
|
|||||||
{ 0x86, 0x61, 0xB0, 0x16, 0xFA, 0x7A, 0x9A, 0xEA, 0xF6, 0xF5, 0xBE, 0x1A, 0x13, 0x5B, 0x6D, 0x9E }, // 7.0.0 New Device Keygen Source.
|
{ 0x86, 0x61, 0xB0, 0x16, 0xFA, 0x7A, 0x9A, 0xEA, 0xF6, 0xF5, 0xBE, 0x1A, 0x13, 0x5B, 0x6D, 0x9E }, // 7.0.0 New Device Keygen Source.
|
||||||
{ 0xA6, 0x81, 0x71, 0xE7, 0xB5, 0x23, 0x74, 0xB0, 0x39, 0x8C, 0xB7, 0xFF, 0xA0, 0x62, 0x9F, 0x8D }, // 8.1.0 New Device Keygen Source.
|
{ 0xA6, 0x81, 0x71, 0xE7, 0xB5, 0x23, 0x74, 0xB0, 0x39, 0x8C, 0xB7, 0xFF, 0xA0, 0x62, 0x9F, 0x8D }, // 8.1.0 New Device Keygen Source.
|
||||||
{ 0x03, 0xE7, 0xEB, 0x43, 0x1B, 0xCF, 0x5F, 0xB5, 0xED, 0xDC, 0x97, 0xAE, 0x21, 0x8D, 0x19, 0xED }, // 9.0.0 New Device Keygen Source.
|
{ 0x03, 0xE7, 0xEB, 0x43, 0x1B, 0xCF, 0x5F, 0xB5, 0xED, 0xDC, 0x97, 0xAE, 0x21, 0x8D, 0x19, 0xED }, // 9.0.0 New Device Keygen Source.
|
||||||
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, // TODO: 9.1.0 New Device Keygen Source to be added on next change-of-keys. */
|
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, // TODO: 9.1.0 New Device Keygen Source to be added on next change-of-keys.
|
||||||
};
|
};
|
||||||
|
|
||||||
static const u8 gen_keyseed[0x10] =
|
static const u8 gen_keyseed[0x10] =
|
||||||
@ -179,7 +162,7 @@ void hos_eks_get()
|
|||||||
goto out;
|
goto out;
|
||||||
|
|
||||||
// Decrypt EKS blob.
|
// Decrypt EKS blob.
|
||||||
hos_eks_mbr_t *eks = (hos_eks_mbr_t *)(mbr + 0x60);
|
hos_eks_mbr_t *eks = (hos_eks_mbr_t *)(mbr + 0x80);
|
||||||
se_aes_crypt_ecb(14, 0, eks, sizeof(hos_eks_mbr_t), eks, sizeof(hos_eks_mbr_t));
|
se_aes_crypt_ecb(14, 0, eks, sizeof(hos_eks_mbr_t), eks, sizeof(hos_eks_mbr_t));
|
||||||
|
|
||||||
// Check if valid and for this unit.
|
// Check if valid and for this unit.
|
||||||
@ -257,7 +240,7 @@ void hos_eks_save(u32 kb)
|
|||||||
se_aes_crypt_ecb(14, 1, eks, sizeof(hos_eks_mbr_t), eks, sizeof(hos_eks_mbr_t));
|
se_aes_crypt_ecb(14, 1, eks, sizeof(hos_eks_mbr_t), eks, sizeof(hos_eks_mbr_t));
|
||||||
|
|
||||||
// Write EKS blob to SD.
|
// Write EKS blob to SD.
|
||||||
memcpy(mbr + 0x60, eks, sizeof(hos_eks_mbr_t));
|
memcpy(mbr + 0x80, eks, sizeof(hos_eks_mbr_t));
|
||||||
hos_eks_rw_try(mbr, true);
|
hos_eks_rw_try(mbr, true);
|
||||||
|
|
||||||
|
|
||||||
@ -294,7 +277,7 @@ void hos_eks_clear(u32 kb)
|
|||||||
se_aes_crypt_ecb(14, 1, eks, sizeof(hos_eks_mbr_t), eks, sizeof(hos_eks_mbr_t));
|
se_aes_crypt_ecb(14, 1, eks, sizeof(hos_eks_mbr_t), eks, sizeof(hos_eks_mbr_t));
|
||||||
|
|
||||||
// Write EKS blob to SD.
|
// Write EKS blob to SD.
|
||||||
memcpy(mbr + 0x60, eks, sizeof(hos_eks_mbr_t));
|
memcpy(mbr + 0x80, eks, sizeof(hos_eks_mbr_t));
|
||||||
hos_eks_rw_try(mbr, true);
|
hos_eks_rw_try(mbr, true);
|
||||||
|
|
||||||
EMC(EMC_SCRATCH0) &= ~EMC_SEPT_RUN;
|
EMC(EMC_SCRATCH0) &= ~EMC_SEPT_RUN;
|
||||||
@ -353,7 +336,7 @@ void hos_eks_bis_save()
|
|||||||
se_aes_crypt_ecb(14, 1, eks, sizeof(hos_eks_mbr_t), eks, sizeof(hos_eks_mbr_t));
|
se_aes_crypt_ecb(14, 1, eks, sizeof(hos_eks_mbr_t), eks, sizeof(hos_eks_mbr_t));
|
||||||
|
|
||||||
// Write EKS blob to SD.
|
// Write EKS blob to SD.
|
||||||
memcpy(mbr + 0x60, eks, sizeof(hos_eks_mbr_t));
|
memcpy(mbr + 0x80, eks, sizeof(hos_eks_mbr_t));
|
||||||
hos_eks_rw_try(mbr, true);
|
hos_eks_rw_try(mbr, true);
|
||||||
|
|
||||||
|
|
||||||
@ -576,18 +559,20 @@ int hos_bis_keygen(u8 *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt)
|
|||||||
{
|
{
|
||||||
hos_keygen(keyblob, kb, tsec_ctxt);
|
hos_keygen(keyblob, kb, tsec_ctxt);
|
||||||
|
|
||||||
if (kb >= KB_FIRMWARE_VERSION_400)
|
// New keygen was introduced in 4.0.0.
|
||||||
keygen_rev = fuse_read_odm_keygen_rev();
|
// We check unconditionally in order to support downgrades.
|
||||||
|
keygen_rev = fuse_read_odm_keygen_rev();
|
||||||
|
|
||||||
if (keygen_rev)
|
if (keygen_rev)
|
||||||
{
|
{
|
||||||
|
u8 tmp_mkey[0x10];
|
||||||
|
u32 mkey_idx = sizeof(mkey_vectors) / 0x10;
|
||||||
|
u8 mkey_slot = kb >= KB_FIRMWARE_VERSION_700 ? (!h_cfg.aes_slots_new ? 12 : 13) : (kb == KB_FIRMWARE_VERSION_620 ? 9 : 12);
|
||||||
|
|
||||||
// Keygen revision uses bootloader version, which starts from 1.
|
// Keygen revision uses bootloader version, which starts from 1.
|
||||||
keygen_rev -= (KB_FIRMWARE_VERSION_400 + 1);
|
keygen_rev -= (KB_FIRMWARE_VERSION_400 + 1);
|
||||||
|
|
||||||
// Derive mkey 0.
|
// Derive mkey 0.
|
||||||
u8 tmp_mkey[0x10];
|
|
||||||
u32 mkey_idx = sizeof(mkey_vectors) / 0x10;
|
|
||||||
u8 mkey_slot = kb >= KB_FIRMWARE_VERSION_700 ? (!h_cfg.aes_slots_new ? 12 : 13) : (kb == KB_FIRMWARE_VERSION_620 ? 9 : 12);
|
|
||||||
do
|
do
|
||||||
{
|
{
|
||||||
mkey_idx--;
|
mkey_idx--;
|
||||||
@ -602,9 +587,9 @@ int hos_bis_keygen(u8 *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt)
|
|||||||
|
|
||||||
// Derive new device key.
|
// Derive new device key.
|
||||||
se_aes_key_clear(1);
|
se_aes_key_clear(1);
|
||||||
se_aes_unwrap_key(1, 10, new_console_keyseed_4xx[keygen_rev]); // Uses Device key 4x.
|
se_aes_unwrap_key(1, 10, new_console_keyseed[keygen_rev]); // Uses Device key 4x.
|
||||||
se_aes_crypt_ecb(10, 0, tmp_mkey, 0x10, new_console_keyseed_4xx[keygen_rev], 0x10); // Uses Device key 4x.
|
se_aes_crypt_ecb(10, 0, tmp_mkey, 0x10, new_console_keyseed[keygen_rev], 0x10); // Uses Device key 4x.
|
||||||
se_aes_unwrap_key(1, 2, new_console_keyseed[keygen_rev]); // Uses Master Key 0.
|
se_aes_unwrap_key(1, 2, new_console_kekseed[keygen_rev]); // Uses Master Key 0.
|
||||||
se_aes_unwrap_key(1, 1, tmp_mkey);
|
se_aes_unwrap_key(1, 1, tmp_mkey);
|
||||||
|
|
||||||
console_key_slot = 1;
|
console_key_slot = 1;
|
||||||
|
@ -57,17 +57,17 @@ typedef struct _hos_eks_bis_keys_t
|
|||||||
typedef struct _hos_eks_mbr_t
|
typedef struct _hos_eks_mbr_t
|
||||||
{
|
{
|
||||||
u32 magic;
|
u32 magic;
|
||||||
u8 enabled[6];
|
u8 enabled[5];
|
||||||
u8 enabled_bis;
|
u8 enabled_bis;
|
||||||
u8 rsvd;
|
u8 rsvd[2];
|
||||||
u32 sbk_low;
|
u32 sbk_low;
|
||||||
u8 dkg[0x10];
|
u8 dkg[0x10];
|
||||||
u8 dkk[0x10];
|
u8 dkk[0x10];
|
||||||
hos_eks_keys_t keys[6];
|
hos_eks_keys_t keys[5];
|
||||||
hos_eks_bis_keys_t bis_keys[3];
|
hos_eks_bis_keys_t bis_keys[3];
|
||||||
} hos_eks_mbr_t;
|
} hos_eks_mbr_t;
|
||||||
|
|
||||||
static_assert(sizeof(hos_eks_mbr_t) == 336, "HOS EKS size is wrong!");
|
static_assert(sizeof(hos_eks_mbr_t) == 304, "HOS EKS size is wrong!");
|
||||||
|
|
||||||
typedef struct _launch_ctxt_t
|
typedef struct _launch_ctxt_t
|
||||||
{
|
{
|
||||||
|
Loading…
x
Reference in New Issue
Block a user