mirror of
https://github.com/Atmosphere-NX/Atmosphere
synced 2024-12-22 20:31:14 +00:00
warmboot: add code for decrypting/restoring tzram.
This commit is contained in:
parent
3924a2ef76
commit
95a9e1e215
4 changed files with 63 additions and 1 deletions
|
@ -51,6 +51,11 @@
|
|||
#define APBDEV_PMC_SECURE_SCRATCH34_0 MAKE_PMC_REG(0x368)
|
||||
#define APBDEV_PMC_SECURE_SCRATCH35_0 MAKE_PMC_REG(0x36C)
|
||||
|
||||
#define APBDEV_PMC_SECURE_SCRATCH112_0 MAKE_PMC_REG(0x718)
|
||||
#define APBDEV_PMC_SECURE_SCRATCH113_0 MAKE_PMC_REG(0x71C)
|
||||
#define APBDEV_PMC_SECURE_SCRATCH114_0 MAKE_PMC_REG(0x720)
|
||||
#define APBDEV_PMC_SECURE_SCRATCH115_0 MAKE_PMC_REG(0x724)
|
||||
|
||||
#define APBDEV_PMC_IO_DPD3_REQ_0 MAKE_PMC_REG(0x45C)
|
||||
#define APBDEV_PMC_IO_DPD3_STATUS_0 MAKE_PMC_REG(0x460)
|
||||
|
||||
|
|
|
@ -236,3 +236,17 @@ void se_compute_aes_cmac(unsigned int keyslot, void *cmac, size_t cmac_size, con
|
|||
void se_compute_aes_256_cmac(unsigned int keyslot, void *cmac, size_t cmac_size, const void *data, size_t data_size) {
|
||||
se_compute_aes_cmac(keyslot, cmac, cmac_size, data, data_size, 0x202);
|
||||
}
|
||||
|
||||
void se_aes_256_cbc_decrypt(unsigned int keyslot, void *dst, size_t dst_size, const void *src, size_t src_size) {
|
||||
volatile tegra_se_t *se = se_get_regs();
|
||||
|
||||
if (keyslot >= KEYSLOT_AES_MAX || src_size < 0x10) {
|
||||
reboot();
|
||||
}
|
||||
|
||||
se->CONFIG_REG = (ALG_AES_DEC | DST_MEMORY) | (0x202 << 16);
|
||||
se->CRYPTO_REG = (keyslot << 24) | 0x66;
|
||||
clear_aes_keyslot_iv(keyslot);
|
||||
se->BLOCK_COUNT_REG = (src_size >> 4) - 1;
|
||||
trigger_se_blocking_op(OP_START, dst, dst_size, src, src_size);
|
||||
}
|
|
@ -183,5 +183,6 @@ void clear_rsa_keyslot(unsigned int keyslot);
|
|||
void clear_aes_keyslot_iv(unsigned int keyslot);
|
||||
|
||||
void se_compute_aes_256_cmac(unsigned int keyslot, void *cmac, size_t cmac_size, const void *data, size_t data_size);
|
||||
void se_aes_256_cbc_decrypt(unsigned int keyslot, void *dst, size_t dst_size, const void *src, size_t src_size);
|
||||
|
||||
#endif
|
||||
|
|
|
@ -25,6 +25,7 @@
|
|||
/* "private" functions. */
|
||||
static bool secmon_should_clear_aes_keyslot(unsigned int keyslot);
|
||||
static void secmon_clear_unused_keyslots(void);
|
||||
static void secmon_decrypt_saved_image(void *dst, const void *src, size_t size);
|
||||
|
||||
void secmon_restore_to_tzram(const uint32_t target_firmware) {
|
||||
/* Newer warmboot binaries clear the untouched keyslots for safety. */
|
||||
|
@ -32,10 +33,51 @@ void secmon_restore_to_tzram(const uint32_t target_firmware) {
|
|||
secmon_clear_unused_keyslots();
|
||||
}
|
||||
|
||||
/* Decrypt Secure Monitor from DRAM into TZRAM. */
|
||||
void *tzram_src = (void *)(0x80010000);
|
||||
void *tzram_dst = (void *)(target_firmware >= ATMOSPHERE_TARGET_FIRMWARE_500 ? 0x7C012000 : 0x7C010000);
|
||||
const size_t tzram_size = 0xE000;
|
||||
secmon_decrypt_saved_image(tzram_dst, tzram_src, tzram_size);
|
||||
|
||||
/* Nintendo clears DRAM, but I'm not sure why, given they lock out BPMP access to DRAM. */
|
||||
for (size_t i = 0; i < tzram_size/sizeof(uint32_t); i++) {
|
||||
((volatile uint32_t *)tzram_src)[i] = 0;
|
||||
}
|
||||
|
||||
/* Make security engine require secure busmaster. */
|
||||
se_get_regs()->_0x4 = 0;
|
||||
|
||||
/* TODO: stuff */
|
||||
}
|
||||
|
||||
void secmon_decrypt_saved_image(void *dst, const void *src, size_t size) {
|
||||
/* First, AES-256-CBC decrypt the image into TZRAM. */
|
||||
se_aes_256_cbc_decrypt(KEYSLOT_SWITCH_LP0TZRAMKEY, dst, size, src, size);
|
||||
|
||||
/* Next, calculate CMAC. */
|
||||
uint32_t tzram_cmac[4] = {0, 0, 0, 0};
|
||||
se_compute_aes_256_cmac(KEYSLOT_SWITCH_LP0TZRAMKEY, tzram_cmac, sizeof(tzram_cmac), dst, size);
|
||||
|
||||
/* Validate the MAC against saved one in PMC scratch. */
|
||||
if (tzram_cmac[0] != APBDEV_PMC_SECURE_SCRATCH112_0 ||
|
||||
tzram_cmac[1] != APBDEV_PMC_SECURE_SCRATCH113_0 ||
|
||||
tzram_cmac[2] != APBDEV_PMC_SECURE_SCRATCH114_0 ||
|
||||
tzram_cmac[3] != APBDEV_PMC_SECURE_SCRATCH115_0) {
|
||||
reboot();
|
||||
}
|
||||
|
||||
/* Clear the PMC scratch registers that hold the CMAC. */
|
||||
APBDEV_PMC_SECURE_SCRATCH112_0 = 0;
|
||||
APBDEV_PMC_SECURE_SCRATCH113_0 = 0;
|
||||
APBDEV_PMC_SECURE_SCRATCH114_0 = 0;
|
||||
APBDEV_PMC_SECURE_SCRATCH115_0 = 0;
|
||||
|
||||
/* Clear keyslot now that we're done with it. */
|
||||
clear_aes_keyslot(KEYSLOT_SWITCH_LP0TZRAMKEY);
|
||||
}
|
||||
|
||||
bool secmon_should_clear_aes_keyslot(unsigned int keyslot) {
|
||||
/* We'll just compare keyslot against a hardcoded list of keys. */
|
||||
static const uint8_t saved_keyslots[6] = {
|
||||
KEYSLOT_SWITCH_LP0TZRAMKEY,
|
||||
KEYSLOT_SWITCH_SESSIONKEY,
|
||||
|
|
Loading…
Reference in a new issue