mirror of
https://github.com/Atmosphere-NX/Atmosphere
synced 2025-01-08 21:47:57 +00:00
Fix PK2LDR bugs, Fix SE bugs
This commit is contained in:
parent
7850d3fd57
commit
205d3b8b80
2 changed files with 47 additions and 13 deletions
|
@ -10,6 +10,7 @@
|
||||||
#include "interrupt.h"
|
#include "interrupt.h"
|
||||||
#include "masterkey.h"
|
#include "masterkey.h"
|
||||||
#include "arm.h"
|
#include "arm.h"
|
||||||
|
#include "pmc.h"
|
||||||
#include "randomcache.h"
|
#include "randomcache.h"
|
||||||
#include "timers.h"
|
#include "timers.h"
|
||||||
|
|
||||||
|
@ -30,6 +31,8 @@ static void setup_se(void) {
|
||||||
p_security_engine->RSA_KEY_READ_DISABLE_REG = 0;
|
p_security_engine->RSA_KEY_READ_DISABLE_REG = 0;
|
||||||
p_security_engine->_0x0 &= 0xFFFFFFFB;
|
p_security_engine->_0x0 &= 0xFFFFFFFB;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/* Currently unknown what each flag does. */
|
/* Currently unknown what each flag does. */
|
||||||
for (unsigned int i = 0; i < KEYSLOT_AES_MAX; i++) {
|
for (unsigned int i = 0; i < KEYSLOT_AES_MAX; i++) {
|
||||||
set_aes_keyslot_flags(i, 0x15);
|
set_aes_keyslot_flags(i, 0x15);
|
||||||
|
@ -140,7 +143,7 @@ static void verify_header_signature(package2_header_t *header) {
|
||||||
|
|
||||||
/* This is normally only allowed on dev units, but we'll allow it anywhere. */
|
/* This is normally only allowed on dev units, but we'll allow it anywhere. */
|
||||||
if (bootconfig_is_package2_unsigned() == 0 && se_rsa2048_pss_verify(header->signature, 0x100, modulus, 0x100, header->encrypted_header, 0x100) == 0) {
|
if (bootconfig_is_package2_unsigned() == 0 && se_rsa2048_pss_verify(header->signature, 0x100, modulus, 0x100, header->encrypted_header, 0x100) == 0) {
|
||||||
generic_panic();
|
panic(0xF0000001); /* Invalid PK21 signature. */
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -177,6 +180,7 @@ static bool validate_package2_metadata(package2_meta_t *metadata) {
|
||||||
bool entrypoint_found = false;
|
bool entrypoint_found = false;
|
||||||
|
|
||||||
/* Header has space for 4 sections, but only 3 are validated/potentially loaded on hardware. */
|
/* Header has space for 4 sections, but only 3 are validated/potentially loaded on hardware. */
|
||||||
|
size_t cur_section_offset = 0;
|
||||||
for (unsigned int section = 0; section < PACKAGE2_SECTION_MAX; section++) {
|
for (unsigned int section = 0; section < PACKAGE2_SECTION_MAX; section++) {
|
||||||
/* Validate section size alignment. */
|
/* Validate section size alignment. */
|
||||||
if (metadata->section_sizes[section] & 3) {
|
if (metadata->section_sizes[section] & 3) {
|
||||||
|
@ -203,12 +207,17 @@ static bool validate_package2_metadata(package2_meta_t *metadata) {
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Validate section hashes. */
|
/* Validate section hashes. */
|
||||||
void *section_data = (void *)((uint8_t *)NX_BOOTLOADER_PACKAGE2_LOAD_ADDRESS + sizeof(package2_header_t) + metadata->section_offsets[section]);
|
if (metadata->section_sizes[section]) {
|
||||||
|
void *section_data = (void *)((uint8_t *)NX_BOOTLOADER_PACKAGE2_LOAD_ADDRESS + sizeof(package2_header_t) + cur_section_offset);
|
||||||
uint8_t calculated_hash[0x20];
|
uint8_t calculated_hash[0x20];
|
||||||
|
flush_dcache_range((uint8_t *)section_data, (uint8_t *)section_data + metadata->section_sizes[section]);
|
||||||
se_calculate_sha256(calculated_hash, section_data, metadata->section_sizes[section]);
|
se_calculate_sha256(calculated_hash, section_data, metadata->section_sizes[section]);
|
||||||
if (memcmp(calculated_hash, metadata->section_hashes[section], sizeof(metadata->section_hashes[section])) != 0) {
|
if (memcmp(calculated_hash, metadata->section_hashes[section], sizeof(metadata->section_hashes[section])) != 0) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
cur_section_offset += metadata->section_sizes[section];
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Ensure that entrypoint is present in one of our sections. */
|
/* Ensure that entrypoint is present in one of our sections. */
|
||||||
|
@ -219,10 +228,10 @@ static bool validate_package2_metadata(package2_meta_t *metadata) {
|
||||||
/* Perform version checks. */
|
/* Perform version checks. */
|
||||||
/* We will be compatible with all package2s released before current, but not newer ones. */
|
/* We will be compatible with all package2s released before current, but not newer ones. */
|
||||||
if (metadata->version_max >= PACKAGE2_MINVER_THEORETICAL && metadata->version_min < PACKAGE2_MAXVER_400_CURRENT) {
|
if (metadata->version_max >= PACKAGE2_MINVER_THEORETICAL && metadata->version_min < PACKAGE2_MAXVER_400_CURRENT) {
|
||||||
return false;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
return true;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Decrypts package2 header, and returns the master key revision required. */
|
/* Decrypts package2 header, and returns the master key revision required. */
|
||||||
|
@ -233,7 +242,7 @@ static uint32_t decrypt_and_validate_header(package2_header_t *header) {
|
||||||
uint32_t mkey_rev;
|
uint32_t mkey_rev;
|
||||||
|
|
||||||
/* Try to decrypt for all possible master keys. */
|
/* Try to decrypt for all possible master keys. */
|
||||||
for (mkey_rev = 0; mkey_rev < MASTERKEY_REVISION_MAX; mkey_rev++) {
|
for (mkey_rev = 0; mkey_rev <= mkey_get_revision(); mkey_rev++) {
|
||||||
package2_crypt_ctr(mkey_rev, &metadata, sizeof(package2_meta_t), &header->metadata, sizeof(package2_meta_t), header->metadata.ctr, sizeof(header->metadata.ctr));
|
package2_crypt_ctr(mkey_rev, &metadata, sizeof(package2_meta_t), &header->metadata, sizeof(package2_meta_t), header->metadata.ctr, sizeof(header->metadata.ctr));
|
||||||
/* Copy the ctr (which stores information) into the decrypted metadata. */
|
/* Copy the ctr (which stores information) into the decrypted metadata. */
|
||||||
memcpy(metadata.ctr, header->metadata.ctr, sizeof(header->metadata.ctr));
|
memcpy(metadata.ctr, header->metadata.ctr, sizeof(header->metadata.ctr));
|
||||||
|
@ -245,7 +254,9 @@ static uint32_t decrypt_and_validate_header(package2_header_t *header) {
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Ensure we successfully decrypted the header. */
|
/* Ensure we successfully decrypted the header. */
|
||||||
generic_panic();
|
if (mkey_rev > mkey_get_revision()) {
|
||||||
|
panic(0xFAF00003);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -297,6 +308,7 @@ static void load_package2_sections(package2_meta_t *metadata, uint32_t master_ke
|
||||||
load_buf = (void *)potential_base_start;
|
load_buf = (void *)potential_base_start;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
size_t cur_section_offset = 0;
|
||||||
/* Copy each section to its appropriate location, decrypting if necessary. */
|
/* Copy each section to its appropriate location, decrypting if necessary. */
|
||||||
for (unsigned int section = 0; section < PACKAGE2_SECTION_MAX; section++) {
|
for (unsigned int section = 0; section < PACKAGE2_SECTION_MAX; section++) {
|
||||||
if (metadata->section_sizes[section] == 0) {
|
if (metadata->section_sizes[section] == 0) {
|
||||||
|
@ -304,7 +316,7 @@ static void load_package2_sections(package2_meta_t *metadata, uint32_t master_ke
|
||||||
}
|
}
|
||||||
|
|
||||||
void *dst_start = (void *)(DRAM_BASE_PHYSICAL + (uint64_t)metadata->section_offsets[section]);
|
void *dst_start = (void *)(DRAM_BASE_PHYSICAL + (uint64_t)metadata->section_offsets[section]);
|
||||||
void *src_start = load_buf + sizeof(package2_header_t) + metadata->section_offsets[section];
|
void *src_start = load_buf + sizeof(package2_header_t) + cur_section_offset;
|
||||||
size_t size = (size_t)metadata->section_sizes[section];
|
size_t size = (size_t)metadata->section_sizes[section];
|
||||||
|
|
||||||
if (bootconfig_is_package2_plaintext()) {
|
if (bootconfig_is_package2_plaintext()) {
|
||||||
|
@ -312,6 +324,7 @@ static void load_package2_sections(package2_meta_t *metadata, uint32_t master_ke
|
||||||
} else {
|
} else {
|
||||||
package2_crypt_ctr(master_key_rev, dst_start, size, src_start, size, metadata->section_ctrs[section], 0x10);
|
package2_crypt_ctr(master_key_rev, dst_start, size, src_start, size, metadata->section_ctrs[section], 0x10);
|
||||||
}
|
}
|
||||||
|
cur_section_offset += size;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Clear the encrypted package2 from memory. */
|
/* Clear the encrypted package2 from memory. */
|
||||||
|
@ -325,6 +338,7 @@ uintptr_t get_pk2ldr_stack_address(void) {
|
||||||
/* This function is called during coldboot init, and validates a package2. */
|
/* This function is called during coldboot init, and validates a package2. */
|
||||||
/* This package2 is read into memory by a concurrent BPMP bootloader. */
|
/* This package2 is read into memory by a concurrent BPMP bootloader. */
|
||||||
void load_package2(void) {
|
void load_package2(void) {
|
||||||
|
|
||||||
/* Setup the Security Engine. */
|
/* Setup the Security Engine. */
|
||||||
setup_se();
|
setup_se();
|
||||||
|
|
||||||
|
@ -346,6 +360,9 @@ void load_package2(void) {
|
||||||
/* Let NX Bootloader know that we're running. */
|
/* Let NX Bootloader know that we're running. */
|
||||||
MAILBOX_NX_BOOTLOADER_IS_SECMON_AWAKE = 1;
|
MAILBOX_NX_BOOTLOADER_IS_SECMON_AWAKE = 1;
|
||||||
|
|
||||||
|
/* Wait for 1 second, to allow time for NX_BOOTLOADER to draw to the screen. This is useful for debugging. */
|
||||||
|
wait(1000000);
|
||||||
|
|
||||||
/* Synchronize with NX BOOTLOADER. */
|
/* Synchronize with NX BOOTLOADER. */
|
||||||
if (MAILBOX_NX_BOOTLOADER_SETUP_STATE == NX_BOOTLOADER_STATE_INIT) {
|
if (MAILBOX_NX_BOOTLOADER_SETUP_STATE == NX_BOOTLOADER_STATE_INIT) {
|
||||||
while (MAILBOX_NX_BOOTLOADER_SETUP_STATE < NX_BOOTLOADER_STATE_MOVED_BOOTCONFIG) {
|
while (MAILBOX_NX_BOOTLOADER_SETUP_STATE < NX_BOOTLOADER_STATE_MOVED_BOOTCONFIG) {
|
||||||
|
@ -353,6 +370,7 @@ void load_package2(void) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/* Load Boot Config into global. */
|
/* Load Boot Config into global. */
|
||||||
setup_boot_config();
|
setup_boot_config();
|
||||||
|
|
||||||
|
@ -369,15 +387,20 @@ void load_package2(void) {
|
||||||
memcpy(&header, NX_BOOTLOADER_PACKAGE2_LOAD_ADDRESS, sizeof(header));
|
memcpy(&header, NX_BOOTLOADER_PACKAGE2_LOAD_ADDRESS, sizeof(header));
|
||||||
flush_dcache_range((uint8_t *)&header, (uint8_t *)&header + sizeof(header));
|
flush_dcache_range((uint8_t *)&header, (uint8_t *)&header + sizeof(header));
|
||||||
|
|
||||||
|
|
||||||
/* Perform signature checks. */
|
/* Perform signature checks. */
|
||||||
verify_header_signature(&header);
|
verify_header_signature(&header);
|
||||||
|
|
||||||
|
|
||||||
/* Decrypt header, get key revision required. */
|
/* Decrypt header, get key revision required. */
|
||||||
uint32_t package2_mkey_rev = decrypt_and_validate_header(&header);
|
uint32_t package2_mkey_rev = decrypt_and_validate_header(&header);
|
||||||
|
|
||||||
|
|
||||||
/* Load Package2 Sections. */
|
/* Load Package2 Sections. */
|
||||||
load_package2_sections(&header.metadata, package2_mkey_rev);
|
load_package2_sections(&header.metadata, package2_mkey_rev);
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/* Clean up cache. */
|
/* Clean up cache. */
|
||||||
flush_dcache_all();
|
flush_dcache_all();
|
||||||
invalidate_icache_all_inner_shareable();
|
invalidate_icache_all_inner_shareable();
|
||||||
|
|
|
@ -460,6 +460,13 @@ void se_aes_ctr_crypt(unsigned int keyslot, void *dst, size_t dst_size, const vo
|
||||||
generic_panic();
|
generic_panic();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (src_size) {
|
||||||
|
flush_dcache_range((uint8_t *)src, (uint8_t *)src + src_size);
|
||||||
|
}
|
||||||
|
if (dst_size) {
|
||||||
|
flush_dcache_range((uint8_t *)dst, (uint8_t *)dst + dst_size);
|
||||||
|
}
|
||||||
|
|
||||||
unsigned int num_blocks = src_size >> 4;
|
unsigned int num_blocks = src_size >> 4;
|
||||||
|
|
||||||
/* Unknown what this write does, but official code writes it for CTR mode. */
|
/* Unknown what this write does, but official code writes it for CTR mode. */
|
||||||
|
@ -483,6 +490,10 @@ void se_aes_ctr_crypt(unsigned int keyslot, void *dst, size_t dst_size, const vo
|
||||||
}
|
}
|
||||||
se_perform_aes_block_operation(dst + aligned_size, last_block_size, (uint8_t *)src + aligned_size, src_size - aligned_size);
|
se_perform_aes_block_operation(dst + aligned_size, last_block_size, (uint8_t *)src + aligned_size, src_size - aligned_size);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (dst_size) {
|
||||||
|
flush_dcache_range((uint8_t *)dst, (uint8_t *)dst + dst_size);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
void se_aes_ecb_encrypt_block(unsigned int keyslot, void *dst, size_t dst_size, const void *src, size_t src_size, unsigned int config_high) {
|
void se_aes_ecb_encrypt_block(unsigned int keyslot, void *dst, size_t dst_size, const void *src, size_t src_size, unsigned int config_high) {
|
||||||
|
|
Loading…
Reference in a new issue