From 072bbcabf4a03d9da0b0db0cda5c887a6f54c467 Mon Sep 17 00:00:00 2001 From: "ctcaer@gmail.com" Date: Tue, 23 Apr 2019 18:17:55 +0300 Subject: [PATCH] [HOS] Use sha256 for kernel hashing --- bootloader/frontend/fe_tools.c | 2 - bootloader/hos/hos.c | 10 ++--- bootloader/hos/pkg2.c | 80 +++++++++++++++++----------------- bootloader/hos/pkg2.h | 6 +-- bootloader/utils/util.c | 14 ------ bootloader/utils/util.h | 1 - 6 files changed, 48 insertions(+), 65 deletions(-) diff --git a/bootloader/frontend/fe_tools.c b/bootloader/frontend/fe_tools.c index 9e13f46..e3fcf2c 100644 --- a/bootloader/frontend/fe_tools.c +++ b/bootloader/frontend/fe_tools.c @@ -195,8 +195,6 @@ void dump_packages12() } // Display info. - u32 kernel_crc32 = crc32c(pkg2_hdr->data, pkg2_hdr->sec_size[PKG2_SEC_KERNEL]); - gfx_printf("\n%kKernel CRC32C: %k0x%08X\n\n", 0xFFC7EA46, 0xFFCCCCCC, kernel_crc32); gfx_printf("%kKernel size: %k0x%05X\n\n", 0xFFC7EA46, 0xFFCCCCCC, pkg2_hdr->sec_size[PKG2_SEC_KERNEL]); gfx_printf("%kINI1 size: %k0x%05X\n\n", 0xFFC7EA46, 0xFFCCCCCC, pkg2_hdr->sec_size[PKG2_SEC_INI1]); diff --git a/bootloader/hos/hos.c b/bootloader/hos/hos.c index 1471ce9..0fcecf5 100644 --- a/bootloader/hos/hos.c +++ b/bootloader/hos/hos.c @@ -515,15 +515,15 @@ int hos_launch(ini_sec_t *cfg) if (!ctxt.stock && (ctxt.svcperm || ctxt.debugmode || ctxt.atmosphere)) { - u32 kernel_crc32; - // New Kernel with INI1 takes long to hash with crc32c. Hash kernel only. + u8 kernel_hash[0x20]; + // Hash only Kernel when it embeds INI1. if (!ctxt.new_pkg2) - kernel_crc32 = crc32c(ctxt.kernel, ctxt.kernel_size); + se_calc_sha256(kernel_hash, ctxt.kernel, ctxt.kernel_size); else - kernel_crc32 = crc32c(ctxt.kernel + PKG2_NEWKERN_START, + se_calc_sha256(kernel_hash, ctxt.kernel + PKG2_NEWKERN_START, *(u32 *)(ctxt.kernel + PKG2_NEWKERN_INI1_START) - PKG2_NEWKERN_START); - ctxt.pkg2_kernel_id = pkg2_identify(kernel_crc32); + ctxt.pkg2_kernel_id = pkg2_identify(kernel_hash); // In case a kernel patch option is set; allows to disable SVC verification or/and enable debug mode. kernel_patch_t *kernel_patchset = ctxt.pkg2_kernel_id->kernel_patchset; diff --git a/bootloader/hos/pkg2.c b/bootloader/hos/pkg2.c index a8f112c..b01c85c 100644 --- a/bootloader/hos/pkg2.c +++ b/bootloader/hos/pkg2.c @@ -288,18 +288,18 @@ KERNEL_PATCHSET_DEF(_kernel_8_patchset, _B(FREE_CODE_OFF_2ND_800 + sizeof(PRC_ID_RCV_700), ID_RCV_OFF_800 + sizeof(u32) * 4), NULL} ); +// Kernel sha256 hashes. static const pkg2_kernel_id_t _pkg2_kernel_ids[] = { - { 0x427f2647, _kernel_1_patchset }, //1.0.0 - { 0xae19cf1b, _kernel_2_patchset }, //2.0.0 - 2.3.0 - { 0x73c9e274, _kernel_3_patchset }, //3.0.0 - 3.0.1 - { 0xe0e8cdc4, _kernel_302_patchset }, //3.0.2 - { 0x485d0157, _kernel_4_patchset }, //4.0.0 - 4.1.0 - { 0xf3c363f2, _kernel_5_patchset }, //5.0.0 - 5.1.0 - { 0x64ce1a44, _kernel_6_patchset }, //6.0.0 - 6.2.0 - { 0x908175e1, _kernel_7_patchset }, //7.0.0 - { 0x22832de4, _kernel_8_patchset }, //8.0.0. Kernel only. - { 0, 0 } //End. + { "\xb8\xc5\x0c\x68\x25\xa9\xb9\x5b", _kernel_1_patchset }, //1.0.0 + { "\x64\x0b\x51\xff\x28\x01\xb8\x30", _kernel_2_patchset }, //2.0.0 - 2.3.0 + { "\x50\x84\x23\xac\x6f\xa1\x5d\x3b", _kernel_3_patchset }, //3.0.0 - 3.0.1 + { "\x81\x9d\x08\xbe\xe4\x5e\x1f\xbb", _kernel_302_patchset }, //3.0.2 + { "\xe6\xc0\xb7\xe3\x2f\xf9\x44\x51", _kernel_4_patchset }, //4.0.0 - 4.1.0 + { "\xb2\x38\x61\xa8\xe1\xe2\xe4\xe4", _kernel_5_patchset }, //5.0.0 - 5.1.0 + { "\x85\x97\x40\xf6\xc0\x3e\x3d\x44", _kernel_6_patchset }, //6.0.0 - 6.2.0 + { "\xa2\x5e\x47\x0c\x8e\x6d\x2f\xd7", _kernel_7_patchset }, //7.0.0 + { "\xf1\x5e\xc8\x34\xfd\x68\xf0\xf0", _kernel_8_patchset } //8.0.0. Kernel only. }; enum kip_offset_section @@ -595,38 +595,38 @@ static kip1_patchset_t _fs_patches_800_exfat[] = // SHA256 hashes. static kip1_id_t _kip_ids[] = { - { "FS", "\xde\x9f\xdd\xa4\x08\x5d\xd5\xfe\x68\xdc\xb2\x0b\x41\x09\x5b\xb4", _fs_patches_100 }, // FS 1.0.0 - { "FS", "\xfc\x3e\x80\x99\x1d\xca\x17\x96\x4a\x12\x1f\x04\xb6\x1b\x17\x5e", _fs_patches_100 }, // FS 1.0.0 exfat - { "FS", "\xcd\x7b\xbe\x18\xd6\x13\x0b\x28\xf6\x2f\x19\xfa\x79\x45\x53\x5b", _fs_patches_200 }, // FS 2.0.0 - { "FS", "\xe7\x66\x92\xdf\xaa\x04\x20\xe9\xfd\xd6\x8e\x43\x63\x16\x18\x18", _fs_patches_200 }, // FS 2.0.0 exfat - { "FS", "\x0d\x70\x05\x62\x7b\x07\x76\x7c\x0b\x96\x3f\x9a\xff\xdd\xe5\x66", _fs_patches_210 }, // FS 2.1.0 - { "FS", "\xdb\xd8\x5f\xca\xcc\x19\x3d\xa8\x30\x51\xc6\x64\xe6\x45\x2d\x32", _fs_patches_210 }, // FS 2.1.0 exfat - { "FS", "\xa8\x6d\xa5\xe8\x7e\xf1\x09\x7b\x23\xda\xb5\xb4\xdb\xba\xef\xe7", _fs_patches_300 }, // FS 3.0.0 - { "FS", "\x98\x1c\x57\xe7\xf0\x2f\x70\xf7\xbc\xde\x75\x31\x81\xd9\x01\xa6", _fs_patches_300 }, // FS 3.0.0 exfat - { "FS", "\x57\x39\x7c\x06\x3f\x10\xb6\x31\x3f\x4d\x83\x76\x53\xcc\xc3\x71", _fs_patches_30x }, // FS 3.0.1 - { "FS", "\x07\x30\x99\xd7\xc6\xad\x7d\x89\x83\xbc\x7a\xdd\x93\x2b\xe3\xd1", _fs_patches_30x }, // FS 3.0.1 exfat - { "FS", "\x06\xe9\x07\x19\x59\x5a\x01\x0c\x62\x46\xff\x70\x94\x6f\x10\xfb", _fs_patches_40x }, // FS 4.0.1 - { "FS", "\x54\x9b\x0f\x8d\x6f\x72\xc4\xe9\xf3\xfd\x1f\x19\xea\xce\x4a\x5a", _fs_patches_40x }, // FS 4.0.1 exfat - { "FS", "\x80\x96\xaf\x7c\x6a\x35\xaa\x82\x71\xf3\x91\x69\x95\x41\x3b\x0b", _fs_patches_410 }, // FS 4.1.0 - { "FS", "\x02\xd5\xab\xaa\xfd\x20\xc8\xb0\x63\x3a\xa0\xdb\xae\xe0\x37\x7e", _fs_patches_410 }, // FS 4.1.0 exfat - { "FS", "\xa6\xf2\x7a\xd9\xac\x7c\x73\xad\x41\x9b\x63\xb2\x3e\x78\x5a\x0c", _fs_patches_50x }, // FS 5.0.0 - { "FS", "\xce\x3e\xcb\xa2\xf2\xf0\x62\xf5\x75\xf8\xf3\x60\x84\x2b\x32\xb4", _fs_patches_50x }, // FS 5.0.0 exfat - { "FS", "\x76\xf8\x74\x02\xc9\x38\x7c\x0f\x0a\x2f\xab\x1b\x45\xce\xbb\x93", _fs_patches_510 }, // FS 5.1.0 - { "FS", "\x10\xb2\xd8\x16\x05\x48\x85\x99\xdf\x22\x42\xcb\x6b\xac\x2d\xf1", _fs_patches_510 }, // FS 5.1.0 exfat - { "FS", "\x1b\x82\xcb\x22\x18\x67\xcb\x52\xc4\x4a\x86\x9e\xa9\x1a\x1a\xdd", _fs_patches_600 }, // FS 6.0.0-4.0 - { "FS", "\x96\x6a\xdd\x3d\x20\xb6\x27\x13\x2c\x5a\x8d\xa4\x9a\xc9\xd8\xdd", _fs_patches_600_exfat }, // FS 6.0.0-4.0 exfat - { "FS", "\x3a\x57\x4d\x43\x61\x86\x19\x1d\x17\x88\xeb\x2c\x0f\x07\x6b\x11", _fs_patches_600 }, // FS 6.0.0-5.0 - { "FS", "\x33\x05\x53\xf6\xb5\xfb\x55\xc4\xc2\xd7\xb7\x36\x24\x02\x76\xb3", _fs_patches_600_exfat }, // FS 6.0.0-5.0 exfat - { "FS", "\x2A\xDB\xE9\x7E\x9B\x5F\x41\x77\x9E\xC9\x5F\xFE\x26\x99\xC9\x33", _fs_patches_700 }, // FS 7.0.0 - { "FS", "\x2C\xCE\x65\x9C\xEC\x53\x6A\x8E\x4D\x91\xF3\xBE\x4B\x74\xBE\xD3", _fs_patches_700_exfat }, // FS 7.0.0 exfat - { "FS", "\xB2\xF5\x17\x6B\x35\x48\x36\x4D\x07\x9A\x29\xB1\x41\xA2\x3B\x06", _fs_patches_800 }, // FS 8.0.0 - { "FS", "\xDB\xD9\x41\xC0\xC5\x3C\x52\xCC\xF7\x20\x2C\x84\xD8\xE0\xF7\x80", _fs_patches_800_exfat } // FS 8.0.0 exfat + { "FS", "\xde\x9f\xdd\xa4\x08\x5d\xd5\xfe", _fs_patches_100 }, // FS 1.0.0 + { "FS", "\xfc\x3e\x80\x99\x1d\xca\x17\x96", _fs_patches_100 }, // FS 1.0.0 exfat + { "FS", "\xcd\x7b\xbe\x18\xd6\x13\x0b\x28", _fs_patches_200 }, // FS 2.0.0 + { "FS", "\xe7\x66\x92\xdf\xaa\x04\x20\xe9", _fs_patches_200 }, // FS 2.0.0 exfat + { "FS", "\x0d\x70\x05\x62\x7b\x07\x76\x7c", _fs_patches_210 }, // FS 2.1.0 + { "FS", "\xdb\xd8\x5f\xca\xcc\x19\x3d\xa8", _fs_patches_210 }, // FS 2.1.0 exfat + { "FS", "\xa8\x6d\xa5\xe8\x7e\xf1\x09\x7b", _fs_patches_300 }, // FS 3.0.0 + { "FS", "\x98\x1c\x57\xe7\xf0\x2f\x70\xf7", _fs_patches_300 }, // FS 3.0.0 exfat + { "FS", "\x57\x39\x7c\x06\x3f\x10\xb6\x31", _fs_patches_30x }, // FS 3.0.1 + { "FS", "\x07\x30\x99\xd7\xc6\xad\x7d\x89", _fs_patches_30x }, // FS 3.0.1 exfat + { "FS", "\x06\xe9\x07\x19\x59\x5a\x01\x0c", _fs_patches_40x }, // FS 4.0.1 + { "FS", "\x54\x9b\x0f\x8d\x6f\x72\xc4\xe9", _fs_patches_40x }, // FS 4.0.1 exfat + { "FS", "\x80\x96\xaf\x7c\x6a\x35\xaa\x82", _fs_patches_410 }, // FS 4.1.0 + { "FS", "\x02\xd5\xab\xaa\xfd\x20\xc8\xb0", _fs_patches_410 }, // FS 4.1.0 exfat + { "FS", "\xa6\xf2\x7a\xd9\xac\x7c\x73\xad", _fs_patches_50x }, // FS 5.0.0 + { "FS", "\xce\x3e\xcb\xa2\xf2\xf0\x62\xf5", _fs_patches_50x }, // FS 5.0.0 exfat + { "FS", "\x76\xf8\x74\x02\xc9\x38\x7c\x0f", _fs_patches_510 }, // FS 5.1.0 + { "FS", "\x10\xb2\xd8\x16\x05\x48\x85\x99", _fs_patches_510 }, // FS 5.1.0 exfat + { "FS", "\x1b\x82\xcb\x22\x18\x67\xcb\x52", _fs_patches_600 }, // FS 6.0.0-4.0 + { "FS", "\x96\x6a\xdd\x3d\x20\xb6\x27\x13", _fs_patches_600_exfat }, // FS 6.0.0-4.0 exfat + { "FS", "\x3a\x57\x4d\x43\x61\x86\x19\x1d", _fs_patches_600 }, // FS 6.0.0-5.0 + { "FS", "\x33\x05\x53\xf6\xb5\xfb\x55\xc4", _fs_patches_600_exfat }, // FS 6.0.0-5.0 exfat + { "FS", "\x2A\xDB\xE9\x7E\x9B\x5F\x41\x77", _fs_patches_700 }, // FS 7.0.0 + { "FS", "\x2C\xCE\x65\x9C\xEC\x53\x6A\x8E", _fs_patches_700_exfat }, // FS 7.0.0 exfat + { "FS", "\xB2\xF5\x17\x6B\x35\x48\x36\x4D", _fs_patches_800 }, // FS 8.0.0 + { "FS", "\xDB\xD9\x41\xC0\xC5\x3C\x52\xCC", _fs_patches_800_exfat } // FS 8.0.0 exfat }; -const pkg2_kernel_id_t *pkg2_identify(u32 id) +const pkg2_kernel_id_t *pkg2_identify(u8 *hash) { - for (u32 i = 0; _pkg2_kernel_ids[i].crc32c_id; i++) - if (id == _pkg2_kernel_ids[i].crc32c_id) + for (u32 i = 0; sizeof(_pkg2_kernel_ids) / sizeof(pkg2_kernel_id_t); i++) + if (!memcmp(hash, _pkg2_kernel_ids[i].hash, sizeof(_pkg2_kernel_ids[0].hash))) return &_pkg2_kernel_ids[i]; return NULL; } @@ -778,7 +778,7 @@ const char* pkg2_patch_kips(link_t *info, char* patchNames) if (patchNames == NULL || patchNames[0] == 0) return NULL; - static const u32 MAX_NUM_PATCHES_REQUESTED = sizeof(u32)*8; + static const u32 MAX_NUM_PATCHES_REQUESTED = sizeof(u32) * 8; char* patches[MAX_NUM_PATCHES_REQUESTED]; u32 numPatches = 1; diff --git a/bootloader/hos/pkg2.h b/bootloader/hos/pkg2.h index 2274b39..fe98d2d 100644 --- a/bootloader/hos/pkg2.h +++ b/bootloader/hos/pkg2.h @@ -114,7 +114,7 @@ typedef struct _pkg2_kip1_info_t typedef struct _pkg2_kernel_id_t { - u32 crc32c_id; + u8 hash[8]; kernel_patch_t *kernel_patchset; } pkg2_kernel_id_t; @@ -135,7 +135,7 @@ typedef struct _kip1_patchset_t typedef struct _kip1_id_t { const char* name; - u8 hash[16]; + u8 hash[8]; kip1_patchset_t* patchset; } kip1_id_t; @@ -146,7 +146,7 @@ void pkg2_add_kip(link_t *info, pkg2_kip1_t *kip1); void pkg2_merge_kip(link_t *info, pkg2_kip1_t *kip1); const char* pkg2_patch_kips(link_t *info, char* patchNames); -const pkg2_kernel_id_t *pkg2_identify(u32 id); +const pkg2_kernel_id_t *pkg2_identify(u8 *hash); pkg2_hdr_t *pkg2_decrypt(void *data); void pkg2_build_encrypt(void *dst, void *kernel, u32 kernel_size, link_t *kips_info, bool new_pkg2); diff --git a/bootloader/utils/util.c b/bootloader/utils/util.c index 7673057..6474d5a 100644 --- a/bootloader/utils/util.c +++ b/bootloader/utils/util.c @@ -106,17 +106,3 @@ void power_off() //TODO: we should probably make sure all regulators are powered off properly. i2c_send_byte(I2C_5, MAX77620_I2C_ADDR, MAX77620_REG_ONOFFCNFG1, MAX77620_ONOFFCNFG1_PWR_OFF); } - -#define CRC32C_POLY 0x82F63B78 -u32 crc32c(const void *buf, u32 len) -{ - const u8 *cbuf = (const u8 *)buf; - u32 crc = 0xFFFFFFFF; - while (len--) - { - crc ^= *cbuf++; - for (int i = 0; i < 8; i++) - crc = crc & 1 ? (crc >> 1) ^ CRC32C_POLY : crc >> 1; - } - return ~crc; -} diff --git a/bootloader/utils/util.h b/bootloader/utils/util.h index 8aa3632..f261035 100644 --- a/bootloader/utils/util.h +++ b/bootloader/utils/util.h @@ -39,6 +39,5 @@ void reboot_normal(); void reboot_rcm(); void power_off(); void exec_cfg(u32 *base, const cfg_op_t *ops, u32 num_ops); -u32 crc32c(const void *buf, u32 len); #endif