From 6aa1bdd1c61a5dc817d8d7fdaff1a29f7a50c660 Mon Sep 17 00:00:00 2001 From: "ctcaer@gmail.com" Date: Tue, 23 Apr 2019 03:38:35 +0300 Subject: [PATCH] [HOS] Fix pk2 decr after running 2nd time on 7.x+ This could happen after a pkg1/2 dump or a failed hos launch. The 2nd time a dump or launch would be attempted, it would fail. --- bootloader/frontend/fe_tools.c | 11 ++++++++--- bootloader/hos/hos.c | 6 +++--- 2 files changed, 11 insertions(+), 6 deletions(-) diff --git a/bootloader/frontend/fe_tools.c b/bootloader/frontend/fe_tools.c index 5800a09..9e13f46 100644 --- a/bootloader/frontend/fe_tools.c +++ b/bootloader/frontend/fe_tools.c @@ -91,7 +91,7 @@ void dump_packages12() kb = pkg1_id->kb; - if (!h_cfg.se_keygen_done || kb == KB_FIRMWARE_VERSION_620) + if (!h_cfg.se_keygen_done) { tsec_ctxt.fw = (void *)pkg1 + pkg1_id->tsec_off; tsec_ctxt.pkg1 = (void *)pkg1; @@ -119,8 +119,8 @@ void dump_packages12() // Decrypt. keygen(keyblob, kb, &tsec_ctxt); - - h_cfg.se_keygen_done = 1; + if (kb <= KB_FIRMWARE_VERSION_600) + h_cfg.se_keygen_done = 1; free(keyblob); } @@ -188,6 +188,11 @@ void dump_packages12() pkg2_size_aligned / NX_EMMC_BLOCKSIZE, pkg2); // Decrypt package2 and parse KIP1 blobs in INI1 section. pkg2_hdr_t *pkg2_hdr = pkg2_decrypt(pkg2); + if (!pkg2_hdr) + { + gfx_printf("Pkg2 decryption failed!\n"); + goto out; + } // Display info. u32 kernel_crc32 = crc32c(pkg2_hdr->data, pkg2_hdr->sec_size[PKG2_SEC_KERNEL]); diff --git a/bootloader/hos/hos.c b/bootloader/hos/hos.c index baf6e0d..3ba1f4a 100644 --- a/bootloader/hos/hos.c +++ b/bootloader/hos/hos.c @@ -415,7 +415,7 @@ int hos_launch(ini_sec_t *cfg) gfx_printf("Loaded pkg1 & keyblob\n"); // Generate keys. - if (!h_cfg.se_keygen_done || ctxt.pkg1_id->kb == KB_FIRMWARE_VERSION_620) + if (!h_cfg.se_keygen_done) { tsec_ctxt.fw = (u8 *)ctxt.pkg1 + ctxt.pkg1_id->tsec_off; tsec_ctxt.pkg1 = ctxt.pkg1; @@ -431,8 +431,8 @@ int hos_launch(ini_sec_t *cfg) if (!keygen(ctxt.keyblob, ctxt.pkg1_id->kb, &tsec_ctxt)) return 0; DPRINTF("Generated keys\n"); - - h_cfg.se_keygen_done = 1; + if (ctxt.pkg1_id->kb <= KB_FIRMWARE_VERSION_600) + h_cfg.se_keygen_done = 1; } // Decrypt and unpack package1 if we require parts of it.