From fc972374473dc5c27698449cb2ab947fb1177447 Mon Sep 17 00:00:00 2001 From: Michael Scire Date: Sun, 15 Nov 2020 03:23:23 -0800 Subject: [PATCH] exo: add logging to boot under debug config --- exosphere/program/program.ld | 6 +++++- exosphere/program/source/boot/secmon_boot_functions.cpp | 8 +++++--- exosphere/program/source/boot/secmon_boot_setup.cpp | 2 +- exosphere/program/source/boot/secmon_main.cpp | 6 +++--- 4 files changed, 14 insertions(+), 8 deletions(-) diff --git a/exosphere/program/program.ld b/exosphere/program/program.ld index feb219f59..ed062f0d3 100644 --- a/exosphere/program/program.ld +++ b/exosphere/program/program.ld @@ -116,21 +116,24 @@ SECTIONS { KEEP(secmon_main.o(.text*)) KEEP(secmon_boot_functions.o(.text*)) - KEEP (secmon_boot_cache.o(.text*)) + KEEP(secmon_boot_cache.o(.text*)) KEEP(secmon_boot_config.o(.text*)) KEEP(secmon_boot_setup.o(.text*)) + KEEP(secmon_boot_rsa.o(.text*)) KEEP(secmon_package2.o(.text*)) secmon_main.o(.rodata*) secmon_boot_functions.o(.rodata*) secmon_boot_cache.o(.rodata*) secmon_boot_config.o(.rodata*) secmon_boot_setup.o(.rodata*) + secmon_boot_rsa.o(.rodata*) secmon_package2.o(.rodata*) secmon_main.o(.data*) secmon_boot_functions.o(.data*) secmon_boot_cache.o(.data*) secmon_boot_config.o(.data*) secmon_boot_setup.o(.data*) + secmon_boot_rsa.o(.data*) secmon_package2.o(.data*) . = ALIGN(8); } >tzram_boot AT>glob @@ -143,6 +146,7 @@ SECTIONS secmon_boot_cache.o(.bss* COMMON) secmon_boot_config.o(.bss* COMMON) secmon_boot_setup.o(.bss* COMMON) + secmon_boot_rsa.o(.bss* COMMON) secmon_package2.o(.bss* COMMON) __boot_bss_end__ = ABSOLUTE(.); } >tzram_boot AT>glob diff --git a/exosphere/program/source/boot/secmon_boot_functions.cpp b/exosphere/program/source/boot/secmon_boot_functions.cpp index b64c0563e..2e0d7bab2 100644 --- a/exosphere/program/source/boot/secmon_boot_functions.cpp +++ b/exosphere/program/source/boot/secmon_boot_functions.cpp @@ -157,7 +157,7 @@ namespace ams::secmon::boot { const u8 * const mod = secmon::boot::GetPackage2RsaModulus(pkg1::IsProductionForPublicKey()); const size_t mod_size = se::RsaSize; if (verify) { - CheckVerifyResult(secmon::boot::VerifyPackage2Signature(header, mod, mod_size), pkg1::ErrorInfo_InvalidPackage2Signature, "package2 header sign verification failed"); + CheckVerifyResult(secmon::boot::VerifyPackage2Signature(header, mod, mod_size), pkg1::ErrorInfo_InvalidPackage2Signature, "pkg2 sign FAIL"); } } @@ -177,10 +177,10 @@ namespace ams::secmon::boot { void VerifyPackage2Header(const pkg2::Package2Meta &meta) { /* Validate the metadata. */ - CheckVerifyResult(VerifyPackage2Meta(meta), pkg1::ErrorInfo_InvalidPackage2Meta, "package2 meta verification failed"); + CheckVerifyResult(VerifyPackage2Meta(meta), pkg1::ErrorInfo_InvalidPackage2Meta, "pkg2 meta FAIL"); /* Validate the version. */ - CheckVerifyResult(VerifyPackage2Version(meta), pkg1::ErrorInfo_InvalidPackage2Version, "package2 version verification failed"); + CheckVerifyResult(VerifyPackage2Version(meta), pkg1::ErrorInfo_InvalidPackage2Version, "pkg2 version FAIL"); } void DecryptAndLoadPackage2Payloads(uintptr_t dst, const pkg2::Package2Meta &meta, uintptr_t src, bool encrypted) { @@ -188,6 +188,8 @@ namespace ams::secmon::boot { const u8 key_generation = meta.GetKeyGeneration(); /* Decrypt or load each payload in order. */ for (int i = 0; i < pkg2::PayloadCount; ++i) { + AMS_SECMON_LOG("pkg2 payload[%d]: %09lx -> %09lx size=%08x\n", i, dst + meta.payload_offsets[i], src, meta.payload_sizes[i]); + if (encrypted) { DecryptPayload(dst + meta.payload_offsets[i], src, meta.payload_sizes[i], meta.payload_ivs[i], sizeof(meta.payload_ivs[i]), key_generation); } else { diff --git a/exosphere/program/source/boot/secmon_boot_setup.cpp b/exosphere/program/source/boot/secmon_boot_setup.cpp index 3bc771380..a725b7846 100644 --- a/exosphere/program/source/boot/secmon_boot_setup.cpp +++ b/exosphere/program/source/boot/secmon_boot_setup.cpp @@ -179,7 +179,7 @@ namespace ams::secmon::boot { void DeriveAllMasterKeys(bool is_prod, u8 * const work_block) { /* Determine the generation. */ const int generation = DetermineKeyGeneration(is_prod); - AMS_SECMON_LOG("Using Key Generation %02X\n", static_cast(generation)); + AMS_SECMON_LOG("KeyGen: %02X\n", static_cast(generation)); /* Set the global generation. */ ::ams::secmon::impl::SetKeyGeneration(generation); diff --git a/exosphere/program/source/boot/secmon_main.cpp b/exosphere/program/source/boot/secmon_main.cpp index 15a0b6f50..852ba5ad9 100644 --- a/exosphere/program/source/boot/secmon_main.cpp +++ b/exosphere/program/source/boot/secmon_main.cpp @@ -56,7 +56,7 @@ namespace ams::secmon { /* This checks the security engine's validity, and configures common interrupts in the GIC. */ /* This also initializes the global configuration context. */ secmon::Setup1(); - AMS_SECMON_LOG("%s\n", "SecureMonitor boot begin."); + AMS_SECMON_LOG("%s\n", "Boot begin."); /* Save the boot info. */ secmon::SaveBootInfo(secmon_params); @@ -163,7 +163,7 @@ namespace ams::secmon { } /* Verify the package2 payloads. */ - secmon::boot::CheckVerifyResult(secmon::boot::VerifyPackage2Payloads(pkg2_meta, pkg2_payloads_start), pkg1::ErrorInfo_InvalidPackage2Payload, "package2 payload verification failed"); + secmon::boot::CheckVerifyResult(secmon::boot::VerifyPackage2Payloads(pkg2_meta, pkg2_payloads_start), pkg1::ErrorInfo_InvalidPackage2Payload, "pkg2 payload FAIL"); /* Decrypt/Move the package2 payloads to the right places. */ secmon::boot::DecryptAndLoadPackage2Payloads(Package2LoadAddress, pkg2_meta, pkg2_payloads_start, !bc.signed_data.IsPackage2EncryptionDisabled()); @@ -194,7 +194,7 @@ namespace ams::secmon { /* Configure the smc handler tables to reflect the current target firmware. */ secmon::smc::ConfigureSmcHandlersForTargetFirmware(); - AMS_SECMON_LOG("%s\n", "SecureMonitor boot end."); + AMS_SECMON_LOG("%s\n", "Boot end."); } }