mirror of
https://github.com/CTCaer/hekate
synced 2024-12-22 19:31:12 +00:00
config: Add bootloader protection
`bootprotect=1` enables protection of the `bootloader` folder inside HOS. This disallows any reading/writing of the folder and its contents inside HOS, preventing any corruption of it. This of course has the side-effect of homebrew that depend on it (e.g. hekate Toolbox) to not work fully.
This commit is contained in:
parent
bf222290b8
commit
2f5b52223c
7 changed files with 30 additions and 42 deletions
|
@ -55,6 +55,7 @@ You can find a template [Here](./res/hekate_ipl_template.ini)
|
||||||
| bootwait=3 | 0: Disable (It also disables bootlogo. Having **VOL-** pressed since injection goes to menu.), #: Time to wait for **VOL-** to enter menu. |
|
| bootwait=3 | 0: Disable (It also disables bootlogo. Having **VOL-** pressed since injection goes to menu.), #: Time to wait for **VOL-** to enter menu. |
|
||||||
| autohosoff=1 | 0: Disable, 1: If woke up from HOS via an RTC alarm, shows logo, then powers off completely, 2: No logo, immediately powers off.|
|
| autohosoff=1 | 0: Disable, 1: If woke up from HOS via an RTC alarm, shows logo, then powers off completely, 2: No logo, immediately powers off.|
|
||||||
| autonogc=1 | 0: Disable, 1: Automatically applies nogc patch if unburnt fuses found and a >= 4.0.0 HOS is booted. |
|
| autonogc=1 | 0: Disable, 1: Automatically applies nogc patch if unburnt fuses found and a >= 4.0.0 HOS is booted. |
|
||||||
|
| bootprotect=0 | 0: Disable, 1: Protect bootloader folder from being corrupted by disallowing reading or editing in HOS. |
|
||||||
| updater2p=0 | 0: Disable, 1: Force updates (if needed) the reboot2payload binary to be hekate. |
|
| updater2p=0 | 0: Disable, 1: Force updates (if needed) the reboot2payload binary to be hekate. |
|
||||||
| backlight=100 | Screen backlight level. 0-255. |
|
| backlight=100 | Screen backlight level. 0-255. |
|
||||||
|
|
||||||
|
|
|
@ -42,8 +42,7 @@ void set_default_configuration()
|
||||||
h_cfg.autohosoff = 0;
|
h_cfg.autohosoff = 0;
|
||||||
h_cfg.autonogc = 1;
|
h_cfg.autonogc = 1;
|
||||||
h_cfg.updater2p = 0;
|
h_cfg.updater2p = 0;
|
||||||
h_cfg.brand = NULL;
|
h_cfg.bootprotect = 0;
|
||||||
h_cfg.tagline = NULL;
|
|
||||||
h_cfg.errors = 0;
|
h_cfg.errors = 0;
|
||||||
h_cfg.eks = NULL;
|
h_cfg.eks = NULL;
|
||||||
h_cfg.sept_run = EMC(EMC_SCRATCH0) & EMC_SEPT_RUN;
|
h_cfg.sept_run = EMC(EMC_SCRATCH0) & EMC_SEPT_RUN;
|
||||||
|
@ -107,16 +106,9 @@ int create_config_entry()
|
||||||
f_puts("\nupdater2p=", &fp);
|
f_puts("\nupdater2p=", &fp);
|
||||||
itoa(h_cfg.updater2p, lbuf, 10);
|
itoa(h_cfg.updater2p, lbuf, 10);
|
||||||
f_puts(lbuf, &fp);
|
f_puts(lbuf, &fp);
|
||||||
if (h_cfg.brand)
|
f_puts("\nbootprotect=", &fp);
|
||||||
{
|
itoa(h_cfg.bootprotect, lbuf, 10);
|
||||||
f_puts("\nbrand=", &fp);
|
f_puts(lbuf, &fp);
|
||||||
f_puts(h_cfg.brand, &fp);
|
|
||||||
}
|
|
||||||
if (h_cfg.tagline)
|
|
||||||
{
|
|
||||||
f_puts("\ntagline=", &fp);
|
|
||||||
f_puts(h_cfg.tagline, &fp);
|
|
||||||
}
|
|
||||||
f_puts("\n", &fp);
|
f_puts("\n", &fp);
|
||||||
|
|
||||||
if (mainIniFound)
|
if (mainIniFound)
|
||||||
|
|
|
@ -30,8 +30,7 @@ typedef struct _hekate_config
|
||||||
u32 autohosoff;
|
u32 autohosoff;
|
||||||
u32 autonogc;
|
u32 autonogc;
|
||||||
u32 updater2p;
|
u32 updater2p;
|
||||||
char *brand;
|
u32 bootprotect;
|
||||||
char *tagline;
|
|
||||||
// Global temporary config.
|
// Global temporary config.
|
||||||
bool se_keygen_done;
|
bool se_keygen_done;
|
||||||
bool sept_run;
|
bool sept_run;
|
||||||
|
|
|
@ -767,6 +767,18 @@ static ini_sec_t *get_ini_sec_from_id(ini_sec_t *ini_sec, char **bootlogoCustomE
|
||||||
return cfg_sec;
|
return cfg_sec;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static void _bootloader_corruption_protect()
|
||||||
|
{
|
||||||
|
FILINFO fno;
|
||||||
|
if (!f_stat("bootloader", &fno))
|
||||||
|
{
|
||||||
|
if (!h_cfg.bootprotect && (fno.fattrib & AM_ARC))
|
||||||
|
f_chmod("bootloader", 0, AM_ARC);
|
||||||
|
else if (h_cfg.bootprotect && !(fno.fattrib & AM_ARC))
|
||||||
|
f_chmod("bootloader", AM_ARC, AM_ARC);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
static void _auto_launch_firmware()
|
static void _auto_launch_firmware()
|
||||||
{
|
{
|
||||||
if(b_cfg.extra_cfg & (EXTRA_CFG_NYX_DUMP | EXTRA_CFG_NYX_BIS))
|
if(b_cfg.extra_cfg & (EXTRA_CFG_NYX_DUMP | EXTRA_CFG_NYX_BIS))
|
||||||
|
@ -845,16 +857,8 @@ static void _auto_launch_firmware()
|
||||||
h_cfg.autonogc = atoi(kv->val);
|
h_cfg.autonogc = atoi(kv->val);
|
||||||
else if (!strcmp("updater2p", kv->key))
|
else if (!strcmp("updater2p", kv->key))
|
||||||
h_cfg.updater2p = atoi(kv->val);
|
h_cfg.updater2p = atoi(kv->val);
|
||||||
else if (!strcmp("brand", kv->key))
|
else if (!strcmp("bootprotect", kv->key))
|
||||||
{
|
h_cfg.bootprotect = atoi(kv->val);
|
||||||
h_cfg.brand = malloc(strlen(kv->val) + 1);
|
|
||||||
strcpy(h_cfg.brand, kv->val);
|
|
||||||
}
|
|
||||||
else if (!strcmp("tagline", kv->key))
|
|
||||||
{
|
|
||||||
h_cfg.tagline = malloc(strlen(kv->val) + 1);
|
|
||||||
strcpy(h_cfg.tagline, kv->val);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
boot_entry_id++;
|
boot_entry_id++;
|
||||||
|
|
||||||
|
@ -870,6 +874,9 @@ static void _auto_launch_firmware()
|
||||||
b_cfg.autoboot_list = h_cfg.autoboot_list;
|
b_cfg.autoboot_list = h_cfg.autoboot_list;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Apply bootloader protection against corruption.
|
||||||
|
_bootloader_corruption_protect();
|
||||||
|
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -42,8 +42,7 @@ void set_default_configuration()
|
||||||
h_cfg.autohosoff = 0;
|
h_cfg.autohosoff = 0;
|
||||||
h_cfg.autonogc = 1;
|
h_cfg.autonogc = 1;
|
||||||
h_cfg.updater2p = 0;
|
h_cfg.updater2p = 0;
|
||||||
h_cfg.brand = NULL;
|
h_cfg.bootprotect = 0;
|
||||||
h_cfg.tagline = NULL;
|
|
||||||
h_cfg.errors = 0;
|
h_cfg.errors = 0;
|
||||||
h_cfg.eks = NULL;
|
h_cfg.eks = NULL;
|
||||||
h_cfg.sept_run = EMC(EMC_SCRATCH0) & EMC_SEPT_RUN;
|
h_cfg.sept_run = EMC(EMC_SCRATCH0) & EMC_SEPT_RUN;
|
||||||
|
@ -118,16 +117,9 @@ int create_config_entry()
|
||||||
f_puts("\nupdater2p=", &fp);
|
f_puts("\nupdater2p=", &fp);
|
||||||
itoa(h_cfg.updater2p, lbuf, 10);
|
itoa(h_cfg.updater2p, lbuf, 10);
|
||||||
f_puts(lbuf, &fp);
|
f_puts(lbuf, &fp);
|
||||||
if (h_cfg.brand)
|
f_puts("\nbootprotect=", &fp);
|
||||||
{
|
itoa(h_cfg.bootprotect, lbuf, 10);
|
||||||
f_puts("\nbrand=", &fp);
|
f_puts(lbuf, &fp);
|
||||||
f_puts(h_cfg.brand, &fp);
|
|
||||||
}
|
|
||||||
if (h_cfg.tagline)
|
|
||||||
{
|
|
||||||
f_puts("\ntagline=", &fp);
|
|
||||||
f_puts(h_cfg.tagline, &fp);
|
|
||||||
}
|
|
||||||
f_puts("\n", &fp);
|
f_puts("\n", &fp);
|
||||||
|
|
||||||
if (mainIniFound)
|
if (mainIniFound)
|
||||||
|
|
|
@ -30,8 +30,7 @@ typedef struct _hekate_config
|
||||||
u32 autohosoff;
|
u32 autohosoff;
|
||||||
u32 autonogc;
|
u32 autonogc;
|
||||||
u32 updater2p;
|
u32 updater2p;
|
||||||
char *brand;
|
u32 bootprotect;
|
||||||
char *tagline;
|
|
||||||
// Global temporary config.
|
// Global temporary config.
|
||||||
bool se_keygen_done;
|
bool se_keygen_done;
|
||||||
bool sept_run;
|
bool sept_run;
|
||||||
|
|
|
@ -241,10 +241,8 @@ void load_saved_configuration()
|
||||||
h_cfg.autonogc = atoi(kv->val);
|
h_cfg.autonogc = atoi(kv->val);
|
||||||
else if (!strcmp("updater2p", kv->key))
|
else if (!strcmp("updater2p", kv->key))
|
||||||
h_cfg.updater2p = atoi(kv->val);
|
h_cfg.updater2p = atoi(kv->val);
|
||||||
else if (!strcmp("brand", kv->key))
|
else if (!strcmp("bootprotect", kv->key))
|
||||||
h_cfg.brand = kv->val;
|
h_cfg.bootprotect = atoi(kv->val);
|
||||||
else if (!strcmp("tagline", kv->key))
|
|
||||||
h_cfg.tagline = kv->val;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
break;
|
break;
|
||||||
|
|
Loading…
Reference in a new issue