diff --git a/ipl/hos.c b/ipl/hos.c index 47a1f4d..06bbd98 100755 --- a/ipl/hos.c +++ b/ipl/hos.c @@ -145,6 +145,7 @@ int keygen(u8 *keyblob, u32 kb, void *tsec_fw) switch (kb) { case KB_FIRMWARE_VERSION_100_200: case KB_FIRMWARE_VERSION_300: + case KB_FIRMWARE_VERSION_301: se_aes_unwrap_key(0x0D, 0x0F, console_keyseed); se_aes_unwrap_key(0x0C, 0x0C, master_keyseed_retail); break; @@ -212,7 +213,7 @@ static int _read_emmc_pkg1(launch_ctxt_t *ctxt) ctxt->pkg1_id = pkg1_identify(ctxt->pkg1); if (!ctxt->pkg1_id) { - DPRINTF("%kCould not identify package 1 version (= '%s').%k\n", 0xFF0000FF, (char *)ctxt->pkg1 + 0x10, 0xFFFFFFFF); + DPRINTF("%kCould not identify package1 version (= '%s').%k\n", 0xFF0000FF, (char *)ctxt->pkg1 + 0x10, 0xFFFFFFFF); goto out; } DPRINTF("Identified package1 ('%s'), keyblob version %d\n", (char *)(ctxt->pkg1 + 0x10), ctxt->pkg1_id->kb); @@ -431,14 +432,25 @@ DPRINTF("decrypted and unpacked pkg1\n"); } } - se_aes_key_clear(8); - se_aes_key_clear(11); - //se_aes_key_clear(13); - //se_key_acc_ctrl(10, 0xFF); - se_key_acc_ctrl(12, 0xFF); - //se_key_acc_ctrl(13, 0xFF); - //se_key_acc_ctrl(14, 0xFF); - se_key_acc_ctrl(15, 0xFF); + se_aes_key_clear(0x8); + se_aes_key_clear(0xB); + + switch (ctxt.pkg1_id->kb) { + case KB_FIRMWARE_VERSION_100_200: + case KB_FIRMWARE_VERSION_300: + case KB_FIRMWARE_VERSION_301: + se_key_acc_ctrl(0xC, 0xFF); + se_key_acc_ctrl(0xD, 0xFF); + break; + default: + case KB_FIRMWARE_VERSION_400: + case KB_FIRMWARE_VERSION_500: + se_key_acc_ctrl(0xC, 0xFF); + //se_key_acc_ctrl(0xD, 0xFF); + //se_key_acc_ctrl(0xE, 0xFF); + se_key_acc_ctrl(0xF, 0xFF); + break; + } //Clear 'BootConfig'. memset((void *)0x4003D000, 0, 0x3000); diff --git a/ipl/pkg1.c b/ipl/pkg1.c index c506944..fd5e383 100755 --- a/ipl/pkg1.c +++ b/ipl/pkg1.c @@ -42,6 +42,7 @@ PATCHSET_DEF(_secmon_2_patchset, PATCHSET_DEF(_secmon_3_patchset, //Patch package2 decryption and signature/hash checks. + { 0xAC8 + 0xAB4, _NOP() }, { 0xAC8 + 0xA30, _NOP() }, //Header signature. { 0xAC8 + 0xAC0, _NOP() }, //Version. { 0xAC8 + 0xADC, _NOP() } //Sections SHA2. @@ -78,8 +79,8 @@ PATCHSET_DEF(_secmon_6_patchset, static const pkg1_id_t _pkg1_ids[] = { { "20161121183008", 0, 0x1900, 0x3FE0, { 2, 1, 0 }, 0x40014020, _secmon_1_patchset }, //1.0.0 { "20170210155124", 0, 0x1900, 0x3FE0, { 0, 1, 2 }, 0x4002D000, _secmon_2_patchset }, //2.0.0 - { "20170519101410", 1, 0x1A00, 0x3FE0, { 0, 1, 2 }, 0x4002D000, NULL }, //3.0.0 - { "20170710161758", 2, 0x1A00, 0x3FE0, { 0, 1, 2 }, 0x4002D000, NULL }, //3.0.1 + { "20170519101410", 1, 0x1A00, 0x3FE0, { 0, 1, 2 }, 0x4002D000, _secmon_3_patchset }, //3.0.0 + { "20170710161758", 2, 0x1A00, 0x3FE0, { 0, 1, 2 }, 0x4002D000, _secmon_3_patchset }, //3.0.1 { "20170921172629", 3, 0x1800, 0x3FE0, { 1, 2, 0 }, 0x4002B000, _secmon_5_patchset }, //4.0.0 { "20180220163747", 4, 0x1900, 0x3FE0, { 1, 2, 0 }, 0x4002B000, _secmon_6_patchset }, //5.0.0 { NULL, 0, 0, 0, 0 } //End.