Don't run hos keygen twice + Fix memory leaks

ipl/hos.c

@@ -43,6 +43,8 @@ extern void sd_unmount();
 //#define DPRINTF(...) gfx_printf(&gfx_con, __VA_ARGS__)
 #define DPRINTF(...)
 
+extern int se_keygen_done;
+
 typedef struct _launch_ctxt_t
 {
 	void *keyblob;
@@ -209,7 +211,7 @@ int keygen(u8 *keyblob, u32 kb, void *tsec_fw)
 	return 1;
 }
 
-static void _copy_bootconfig(launch_ctxt_t *ctxt)
+static void _copy_bootconfig()
 {
 	sdmmc_storage_t storage;
 	sdmmc_t sdmmc;
@@ -247,7 +249,7 @@ static int _read_emmc_pkg1(launch_ctxt_t *ctxt)
 	gfx_printf(&gfx_con, "Identified package1 ('%s'),\nKeyblob version %d\n\n", (char *)(ctxt->pkg1 + 0x10), ctxt->pkg1_id->kb);
 
 	//Read the correct keyblob.
-	ctxt->keyblob = (u8 *)malloc(NX_EMMC_BLOCKSIZE);
+	ctxt->keyblob = (u8 *)calloc(NX_EMMC_BLOCKSIZE, 1);
 	sdmmc_storage_read(&storage, 0x180000 / NX_EMMC_BLOCKSIZE + ctxt->pkg1_id->kb, 1, ctxt->keyblob);
 
 	res = 1;
@@ -406,6 +408,16 @@ static int _config(launch_ctxt_t *ctxt, ini_sec_t *cfg)
 	return 1;
 }
 
+static void _free_launch_components(launch_ctxt_t *ctxt)
+{
+	free(ctxt->keyblob);
+	free(ctxt->pkg1);
+	free(ctxt->pkg2);
+	free(ctxt->warmboot);
+	free(ctxt->secmon);
+	free(ctxt->kernel);
+}
+
 int hos_launch(ini_sec_t *cfg)
 {
 	int bootStateDramPkg2 = 0;
@@ -434,8 +446,11 @@ int hos_launch(ini_sec_t *cfg)
 	gfx_printf(&gfx_con, "Loaded package1 and keyblob\n");
 
 	// Generate keys.
-	keygen(ctxt.keyblob, ctxt.pkg1_id->kb, (u8 *)ctxt.pkg1 + ctxt.pkg1_id->tsec_off);
-	DPRINTF("Generated keys\n");
+	if (!se_keygen_done)
+	{
+		keygen(ctxt.keyblob, ctxt.pkg1_id->kb, (u8 *)ctxt.pkg1 + ctxt.pkg1_id->tsec_off);
+		DPRINTF("Generated keys\n");
+	}
 
 	// Decrypt and unpack package1 if we require parts of it.
 	if (!ctxt.warmboot || !ctxt.secmon)
@@ -552,11 +567,11 @@ int hos_launch(ini_sec_t *cfg)
 		if (!exoFwNumber)
 			exoFwNumber = 3;
 		break;
-	default:
 	case KB_FIRMWARE_VERSION_400:
 		if (!exoFwNumber)
 			exoFwNumber = 4;
 	case KB_FIRMWARE_VERSION_500:
+	default:
 		se_key_acc_ctrl(12, 0xFF);
 		se_key_acc_ctrl(15, 0xFF);
 		bootStateDramPkg2 = 2;
@@ -566,6 +581,10 @@ int hos_launch(ini_sec_t *cfg)
 		break;
 	}
 
+	// Free allocated memory.
+	ini_free_section(cfg);
+	_free_launch_components(&ctxt);
+
 	// Copy BCT if debug mode is enabled.
 	memset((void *)0x4003D000, 0, 0x3000);
 	if(ctxt.debugmode)

ipl/main.c

@@ -78,6 +78,8 @@ u8 *Kc_MENU_LOGO;
 
 hekate_config h_cfg;
 
+int se_keygen_done = 0;
+
 int sd_mount()
 {
 	if (sd_mounted)
@@ -1539,12 +1541,18 @@ void dump_package1()
 		goto out;
 	}
 
-	// Read keyblob.
-	u8 * keyblob = (u8 *)malloc(NX_EMMC_BLOCKSIZE);
-	sdmmc_storage_read(&storage, 0x180000 / NX_EMMC_BLOCKSIZE + pkg1_id->kb, 1, keyblob);
+	if (!se_keygen_done)
+	{
+		// Read keyblob.
+		u8 *keyblob = (u8 *)calloc(NX_EMMC_BLOCKSIZE, 1);
+		sdmmc_storage_read(&storage, 0x180000 / NX_EMMC_BLOCKSIZE + pkg1_id->kb, 1, keyblob);
 
-	// Decrypt.
-	keygen(keyblob, pkg1_id->kb, (u8 *)pkg1 + pkg1_id->tsec_off);
+		// Decrypt.
+		keygen(keyblob, pkg1_id->kb, (u8 *)pkg1 + pkg1_id->tsec_off);
+
+		se_keygen_done = 1;
+		free(keyblob);
+	}
 	pkg1_decrypt(pkg1_id, pkg1);
 
 	pkg1_unpack(warmboot, secmon, loader, pkg1_id, pkg1);
@@ -1587,10 +1595,7 @@ void dump_package1()
 		goto out;
 	}
 	gfx_puts(&gfx_con, "Warmboot dumped to warmboot.bin\n");
-
-
-	sdmmc_storage_end(&storage);
-	sd_unmount();
+	
 	gfx_puts(&gfx_con, "\nDone. Press any key...\n");
 
 out:;
@@ -1598,6 +1603,8 @@ out:;
 	free(secmon);
 	free(warmboot);
 	free(loader);
+	sdmmc_storage_end(&storage);
+	sd_unmount();
 
 	btn_wait();
 }