forked from CTCaer/hekate
fuse/hwinit: move automatic SBK set into fuse
This commit is contained in:
parent
73df5e6743
commit
7c72c9777a
@ -19,6 +19,8 @@
|
|||||||
|
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
|
|
||||||
|
#include <sec/se.h>
|
||||||
|
#include <sec/se_t210.h>
|
||||||
#include <soc/fuse.h>
|
#include <soc/fuse.h>
|
||||||
#include <soc/hw_init.h>
|
#include <soc/hw_init.h>
|
||||||
#include <soc/t210.h>
|
#include <soc/t210.h>
|
||||||
@ -124,6 +126,30 @@ u32 fuse_read_hw_type()
|
|||||||
return FUSE_NX_HW_TYPE_ICOSA;
|
return FUSE_NX_HW_TYPE_ICOSA;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
int fuse_set_sbk()
|
||||||
|
{
|
||||||
|
if (FUSE(FUSE_PRIVATE_KEY0) != 0xFFFFFFFF)
|
||||||
|
{
|
||||||
|
// Read SBK from fuses.
|
||||||
|
u32 sbk[4] = {
|
||||||
|
FUSE(FUSE_PRIVATE_KEY0),
|
||||||
|
FUSE(FUSE_PRIVATE_KEY1),
|
||||||
|
FUSE(FUSE_PRIVATE_KEY2),
|
||||||
|
FUSE(FUSE_PRIVATE_KEY3)
|
||||||
|
};
|
||||||
|
|
||||||
|
// Set SBK to slot 14.
|
||||||
|
se_aes_key_set(14, sbk, SE_KEY_128_SIZE);
|
||||||
|
|
||||||
|
// Lock SBK from being read.
|
||||||
|
se_key_acc_ctrl(14, SE_KEY_TBL_DIS_KEYREAD_FLAG);
|
||||||
|
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
void fuse_wait_idle()
|
void fuse_wait_idle()
|
||||||
{
|
{
|
||||||
u32 ctrl;
|
u32 ctrl;
|
||||||
|
@ -98,6 +98,7 @@ u32 fuse_read_odm_keygen_rev();
|
|||||||
u32 fuse_read_dramid(bool raw_id);
|
u32 fuse_read_dramid(bool raw_id);
|
||||||
u32 fuse_read_hw_state();
|
u32 fuse_read_hw_state();
|
||||||
u32 fuse_read_hw_type();
|
u32 fuse_read_hw_type();
|
||||||
|
int fuse_set_sbk();
|
||||||
void fuse_wait_idle();
|
void fuse_wait_idle();
|
||||||
int fuse_read_ipatch(void (*ipatch)(u32 offset, u32 value));
|
int fuse_read_ipatch(void (*ipatch)(u32 offset, u32 value));
|
||||||
int fuse_read_evp_thunk(u32 *iram_evp_thunks, u32 *iram_evp_thunks_len);
|
int fuse_read_evp_thunk(u32 *iram_evp_thunks, u32 *iram_evp_thunks_len);
|
||||||
|
@ -250,29 +250,14 @@ static void _mbist_workaround()
|
|||||||
|
|
||||||
static void _config_se_brom()
|
static void _config_se_brom()
|
||||||
{
|
{
|
||||||
// Enable fuse clock.
|
// Enable Fuse visibility.
|
||||||
clock_enable_fuse(true);
|
clock_enable_fuse(true);
|
||||||
|
|
||||||
// Skip SBK/SSK if sept was run.
|
// Try to set SBK from fuses. If patched, skip.
|
||||||
bool sbk_skip = b_cfg.boot_cfg & BOOT_CFG_SEPT_RUN || FUSE(FUSE_PRIVATE_KEY0) == 0xFFFFFFFF;
|
fuse_set_sbk();
|
||||||
if (!sbk_skip)
|
|
||||||
{
|
|
||||||
// Bootrom part we skipped.
|
|
||||||
u32 sbk[4] = {
|
|
||||||
FUSE(FUSE_PRIVATE_KEY0),
|
|
||||||
FUSE(FUSE_PRIVATE_KEY1),
|
|
||||||
FUSE(FUSE_PRIVATE_KEY2),
|
|
||||||
FUSE(FUSE_PRIVATE_KEY3)
|
|
||||||
};
|
|
||||||
// Set SBK to slot 14.
|
|
||||||
se_aes_key_set(14, sbk, SE_KEY_128_SIZE);
|
|
||||||
|
|
||||||
// Lock SBK from being read.
|
// Lock SSK (although it's not set and unused anyways).
|
||||||
se_key_acc_ctrl(14, SE_KEY_TBL_DIS_KEYREAD_FLAG);
|
// se_key_acc_ctrl(15, SE_KEY_TBL_DIS_KEYREAD_FLAG);
|
||||||
|
|
||||||
// Lock SSK (although it's not set and unused anyways).
|
|
||||||
se_key_acc_ctrl(15, SE_KEY_TBL_DIS_KEYREAD_FLAG);
|
|
||||||
}
|
|
||||||
|
|
||||||
// This memset needs to happen here, else TZRAM will behave weirdly later on.
|
// This memset needs to happen here, else TZRAM will behave weirdly later on.
|
||||||
memset((void *)TZRAM_BASE, 0, 0x10000);
|
memset((void *)TZRAM_BASE, 0, 0x10000);
|
||||||
@ -352,7 +337,7 @@ void hw_init()
|
|||||||
// Enable Security Engine clock.
|
// Enable Security Engine clock.
|
||||||
clock_enable_se();
|
clock_enable_se();
|
||||||
|
|
||||||
// Enable Fuse clock.
|
// Enable Fuse visibility.
|
||||||
clock_enable_fuse(true);
|
clock_enable_fuse(true);
|
||||||
|
|
||||||
// Disable Fuse programming.
|
// Disable Fuse programming.
|
||||||
|
Loading…
Reference in New Issue
Block a user