spl: fix legacy physical keyslot compatibility

This commit is contained in:
Michael Scire 2021-10-30 11:21:25 -07:00
parent b9c90b9234
commit 6cf5205a28
3 changed files with 17 additions and 8 deletions

View file

@ -51,7 +51,7 @@ namespace ams::spl::impl {
Result AllocateAesKeySlot(s32 *out_keyslot); Result AllocateAesKeySlot(s32 *out_keyslot);
Result DeallocateAesKeySlot(s32 keyslot); Result DeallocateAesKeySlot(s32 keyslot);
Result TestAesKeySlot(s32 *out_index, s32 keyslot); Result TestAesKeySlot(s32 *out_index, bool *out_virtual, s32 keyslot);
os::SystemEvent *GetAesKeySlotAvailableEvent(); os::SystemEvent *GetAesKeySlotAvailableEvent();

View file

@ -729,9 +729,10 @@ namespace ams::spl::impl {
return ResultSuccess(); return ResultSuccess();
} }
Result TestAesKeySlot(s32 *out_index, s32 keyslot) { Result TestAesKeySlot(s32 *out_index, bool *out_virtual, s32 keyslot) {
if (g_is_physical_keyslot_allowed && IsPhysicalAesKeySlot(keyslot)) { if (g_is_physical_keyslot_allowed && IsPhysicalAesKeySlot(keyslot)) {
*out_index = keyslot; *out_index = keyslot;
*out_virtual = false;
return ResultSuccess(); return ResultSuccess();
} }
@ -740,7 +741,8 @@ namespace ams::spl::impl {
const s32 index = GetVirtualAesKeySlotIndex(keyslot); const s32 index = GetVirtualAesKeySlotIndex(keyslot);
R_UNLESS(g_is_aes_keyslot_allocated[index], spl::ResultInvalidKeySlot()); R_UNLESS(g_is_aes_keyslot_allocated[index], spl::ResultInvalidKeySlot());
*out_index = index; *out_index = index;
*out_virtual = true;
return ResultSuccess(); return ResultSuccess();
} }

View file

@ -131,11 +131,17 @@ namespace ams::spl {
} }
Result SecureMonitorManager::AllocateAesKeySlot(s32 *out_keyslot, const void *owner) { Result SecureMonitorManager::AllocateAesKeySlot(s32 *out_keyslot, const void *owner) {
/* Allocate a new virtual keyslot. */
s32 keyslot; s32 keyslot;
R_TRY(impl::AllocateAesKeySlot(std::addressof(keyslot))); R_TRY(impl::AllocateAesKeySlot(std::addressof(keyslot)));
/* Get the keyslot's index. */
s32 index; s32 index;
R_ABORT_UNLESS(impl::TestAesKeySlot(std::addressof(index), keyslot)); bool virt;
R_ABORT_UNLESS(impl::TestAesKeySlot(std::addressof(index), std::addressof(virt), keyslot));
/* All allocated keyslots must be virtual. */
AMS_ABORT_UNLESS(virt);
m_aes_keyslot_owners[index] = owner; m_aes_keyslot_owners[index] = owner;
*out_keyslot = keyslot; *out_keyslot = keyslot;
@ -174,10 +180,11 @@ namespace ams::spl {
Result SecureMonitorManager::TestAesKeySlot(s32 *out_index, s32 keyslot, const void *owner) { Result SecureMonitorManager::TestAesKeySlot(s32 *out_index, s32 keyslot, const void *owner) {
/* Validate the keyslot (and get the index). */ /* Validate the keyslot (and get the index). */
s32 index; s32 index;
R_TRY(impl::TestAesKeySlot(std::addressof(index), keyslot)); bool virt;
R_TRY(impl::TestAesKeySlot(std::addressof(index), std::addressof(virt), keyslot));
/* Check that the keyslot is owned by the request maker. */ /* Check that the keyslot is physical (for legacy compat) or owned by the request maker. */
R_UNLESS(m_aes_keyslot_owners[index] == owner, spl::ResultInvalidKeySlot()); R_UNLESS(!virt || m_aes_keyslot_owners[index] == owner, spl::ResultInvalidKeySlot());
/* Set output index. */ /* Set output index. */
if (out_index != nullptr) { if (out_index != nullptr) {