Add 6.2.0 support to tools

- Print TSEC info
- Dump pkg1/2
This commit is contained in:
Kostas Missos 2018-12-02 11:11:07 +02:00
parent 1b075c91bd
commit 22e179d1cf
4 changed files with 94 additions and 15 deletions

View file

@ -30,6 +30,7 @@
#include "../soc/fuse.h" #include "../soc/fuse.h"
#include "../soc/i2c.h" #include "../soc/i2c.h"
#include "../soc/kfuse.h" #include "../soc/kfuse.h"
#include "../soc/smmu.h"
#include "../soc/t210.h" #include "../soc/t210.h"
#include "../storage/mmc.h" #include "../storage/mmc.h"
#include "../storage/nx_emmc.h" #include "../storage/nx_emmc.h"
@ -347,6 +348,10 @@ void print_tsec_key()
gfx_clear_partial_grey(&gfx_ctxt, 0x1B, 0, 1256); gfx_clear_partial_grey(&gfx_ctxt, 0x1B, 0, 1256);
gfx_con_setpos(&gfx_con, 0, 0); gfx_con_setpos(&gfx_con, 0, 0);
u32 retries = 0;
u32 key_ver_max = 3;
tsec_ctxt_t tsec_ctxt;
sdmmc_storage_t storage; sdmmc_storage_t storage;
sdmmc_t sdmmc; sdmmc_t sdmmc;
@ -366,11 +371,48 @@ void print_tsec_key()
} }
u8 keys[0x10 * 3]; u8 keys[0x10 * 3];
for (u32 i = 1; i <= 3; i++)
{
int res = tsec_query(keys + ((i - 1) * 0x10), i, pkg1 + pkg1_id->tsec_off);
tsec_ctxt.size = 0xF00;
tsec_ctxt.fw = (u8 *)pkg1 + pkg1_id->tsec_off;
tsec_ctxt.pkg1 = pkg1;
tsec_ctxt.pkg11_off = pkg1_id->pkg11_off;
tsec_ctxt.secmon_base = pkg1_id->secmon_base;
if (pkg1_id->kb >= KB_FIRMWARE_VERSION_620)
{
tsec_ctxt.size = 0x2900;
u8 *tsec_paged = (u8 *)page_alloc(3);
memcpy(tsec_paged, (void *)tsec_ctxt.fw, tsec_ctxt.size);
tsec_ctxt.fw = tsec_paged;
key_ver_max = 1;
}
for (u32 i = 1; i <= key_ver_max; i++)
{
tsec_ctxt.key_ver = i;
int res = 0;
while (tsec_query(keys + ((i - 1) * 0x10), pkg1_id->kb, &tsec_ctxt) < 0)
{
if (pkg1_id->kb <= KB_FIRMWARE_VERSION_600)
memset(keys + ((i - 1) * 0x10), 0x00, 0x10);
else
memset(keys, 0x00, 0x30);
retries++;
if (retries > 3)
{
res = -1;
break;
}
}
if (pkg1_id->kb <= KB_FIRMWARE_VERSION_600)
{
gfx_printf(&gfx_con, "%kTSEC key %d: %k", 0xFF00DDFF, i, 0xFFCCCCCC); gfx_printf(&gfx_con, "%kTSEC key %d: %k", 0xFF00DDFF, i, 0xFFCCCCCC);
if (res >= 0) if (res >= 0)
{ {
for (u32 j = 0; j < 0x10; j++) for (u32 j = 0; j < 0x10; j++)
@ -380,6 +422,26 @@ void print_tsec_key()
EPRINTFARGS("ERROR %X", res); EPRINTFARGS("ERROR %X", res);
gfx_putc(&gfx_con, '\n'); gfx_putc(&gfx_con, '\n');
} }
else
{
gfx_printf(&gfx_con, "%kTSEC key: %k", 0xFF00DDFF, 0xFFCCCCCC);
if (res >= 0)
{
for (u32 j = 0; j < 0x10; j++)
gfx_printf(&gfx_con, "%02X", keys[j]);
gfx_putc(&gfx_con, '\n');
gfx_printf(&gfx_con, "%kTSEC root: %k", 0xFF00DDFF, 0xFFCCCCCC);
for (u32 j = 0; j < 0x10; j++)
gfx_printf(&gfx_con, "%02X", keys[0x10 + j]);
}
else
EPRINTFARGS("ERROR %X", res);
gfx_putc(&gfx_con, '\n');
}
}
gfx_puts(&gfx_con, "\nPress POWER to dump them to SD Card.\nPress VOL to go to the menu.\n"); gfx_puts(&gfx_con, "\nPress POWER to dump them to SD Card.\nPress VOL to go to the menu.\n");

View file

@ -29,6 +29,7 @@
#include "../libs/fatfs/ff.h" #include "../libs/fatfs/ff.h"
#include "../mem/heap.h" #include "../mem/heap.h"
#include "../power/max7762x.h" #include "../power/max7762x.h"
#include "../sec/se.h"
#include "../storage/nx_emmc.h" #include "../storage/nx_emmc.h"
#include "../storage/sdmmc.h" #include "../storage/sdmmc.h"
#include "../utils/btn.h" #include "../utils/btn.h"
@ -58,6 +59,9 @@ void dump_packages12()
u8 *secmon = (u8 *)calloc(1, 0x40000); u8 *secmon = (u8 *)calloc(1, 0x40000);
u8 *loader = (u8 *)calloc(1, 0x40000); u8 *loader = (u8 *)calloc(1, 0x40000);
u8 *pkg2 = NULL; u8 *pkg2 = NULL;
u8 kb = 0;
tsec_ctxt_t tsec_ctxt;
gfx_clear_partial_grey(&gfx_ctxt, 0x1B, 0, 1256); gfx_clear_partial_grey(&gfx_ctxt, 0x1B, 0, 1256);
gfx_con_setpos(&gfx_con, 0, 0); gfx_con_setpos(&gfx_con, 0, 0);
@ -82,18 +86,28 @@ void dump_packages12()
goto out_free; goto out_free;
} }
if (!h_cfg.se_keygen_done) kb = pkg1_id->kb;
if (!h_cfg.se_keygen_done || kb >= KB_FIRMWARE_VERSION_620)
{ {
tsec_ctxt.key_ver = 1;
tsec_ctxt.fw = (void *)pkg1 + pkg1_id->tsec_off;
tsec_ctxt.pkg1 = (void *)pkg1;
tsec_ctxt.pkg11_off = pkg1_id->pkg11_off;
tsec_ctxt.secmon_base = pkg1_id->secmon_base;
// Read keyblob. // Read keyblob.
u8 *keyblob = (u8 *)calloc(NX_EMMC_BLOCKSIZE, 1); u8 *keyblob = (u8 *)calloc(NX_EMMC_BLOCKSIZE, 1);
sdmmc_storage_read(&storage, 0x180000 / NX_EMMC_BLOCKSIZE + pkg1_id->kb, 1, keyblob); sdmmc_storage_read(&storage, 0x180000 / NX_EMMC_BLOCKSIZE + kb, 1, keyblob);
// Decrypt. // Decrypt.
keygen(keyblob, pkg1_id->kb, (u8 *)pkg1 + pkg1_id->tsec_off); keygen(keyblob, kb, &tsec_ctxt);
h_cfg.se_keygen_done = 1; h_cfg.se_keygen_done = 1;
free(keyblob); free(keyblob);
} }
if (kb <= KB_FIRMWARE_VERSION_600)
pkg1_decrypt(pkg1_id, pkg1); pkg1_decrypt(pkg1_id, pkg1);
pkg1_unpack(warmboot, secmon, loader, pkg1_id, pkg1); pkg1_unpack(warmboot, secmon, loader, pkg1_id, pkg1);
@ -194,6 +208,9 @@ out_free:
sdmmc_storage_end(&storage); sdmmc_storage_end(&storage);
sd_unmount(); sd_unmount();
if (kb >= KB_FIRMWARE_VERSION_620)
se_aes_key_clear(8);
btn_wait(); btn_wait();
} }

View file

@ -559,7 +559,7 @@ int hos_launch(ini_sec_t *cfg)
_se_lock(ctxt.pkg1_id->kb <= KB_FIRMWARE_VERSION_600); _se_lock(ctxt.pkg1_id->kb <= KB_FIRMWARE_VERSION_600);
// Reset sysctr0 counters. // Reset sysctr0 counters.
if (kb >= KB_FIRMWARE_VERSION_620) if (ctxt.pkg1_id->kb >= KB_FIRMWARE_VERSION_620)
_sysctr0_reset(); _sysctr0_reset();
// Free allocated memory. // Free allocated memory.