mirror of
https://github.com/CTCaer/hekate
synced 2024-11-16 00:49:27 +00:00
fuse/hwinit: move automatic SBK set into fuse
This commit is contained in:
CTCaer
parent
73df5e6743
commit
7c72c9777a
3 changed files with 33 additions and 21 deletions
|
|
@ -19,6 +19,8 @@
|
|||
|
||||
#include <string.h>
|
||||
|
||||
#include <sec/se.h>
|
||||
#include <sec/se_t210.h>
|
||||
#include <soc/fuse.h>
|
||||
#include <soc/hw_init.h>
|
||||
#include <soc/t210.h>
|
||||
|
|
@ -124,6 +126,30 @@ u32 fuse_read_hw_type()
|
|||
return FUSE_NX_HW_TYPE_ICOSA;
|
||||
}
|
||||
|
||||
int fuse_set_sbk()
|
||||
{
|
||||
if (FUSE(FUSE_PRIVATE_KEY0) != 0xFFFFFFFF)
|
||||
{
|
||||
// Read SBK from fuses.
|
||||
u32 sbk[4] = {
|
||||
FUSE(FUSE_PRIVATE_KEY0),
|
||||
FUSE(FUSE_PRIVATE_KEY1),
|
||||
FUSE(FUSE_PRIVATE_KEY2),
|
||||
FUSE(FUSE_PRIVATE_KEY3)
|
||||
};
|
||||
|
||||
// Set SBK to slot 14.
|
||||
se_aes_key_set(14, sbk, SE_KEY_128_SIZE);
|
||||
|
||||
// Lock SBK from being read.
|
||||
se_key_acc_ctrl(14, SE_KEY_TBL_DIS_KEYREAD_FLAG);
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
void fuse_wait_idle()
|
||||
{
|
||||
u32 ctrl;
|
||||
|
|
|
|||
|
|
@ -98,6 +98,7 @@ u32 fuse_read_odm_keygen_rev();
|
|||
u32 fuse_read_dramid(bool raw_id);
|
||||
u32 fuse_read_hw_state();
|
||||
u32 fuse_read_hw_type();
|
||||
int fuse_set_sbk();
|
||||
void fuse_wait_idle();
|
||||
int fuse_read_ipatch(void (*ipatch)(u32 offset, u32 value));
|
||||
int fuse_read_evp_thunk(u32 *iram_evp_thunks, u32 *iram_evp_thunks_len);
|
||||
|
|
|
|||
|
|
@ -250,29 +250,14 @@ static void _mbist_workaround()
|
|||
|
||||
static void _config_se_brom()
|
||||
{
|
||||
// Enable fuse clock.
|
||||
// Enable Fuse visibility.
|
||||
clock_enable_fuse(true);
|
||||
|
||||
// Skip SBK/SSK if sept was run.
|
||||
bool sbk_skip = b_cfg.boot_cfg & BOOT_CFG_SEPT_RUN || FUSE(FUSE_PRIVATE_KEY0) == 0xFFFFFFFF;
|
||||
if (!sbk_skip)
|
||||
{
|
||||
// Bootrom part we skipped.
|
||||
u32 sbk[4] = {
|
||||
FUSE(FUSE_PRIVATE_KEY0),
|
||||
FUSE(FUSE_PRIVATE_KEY1),
|
||||
FUSE(FUSE_PRIVATE_KEY2),
|
||||
FUSE(FUSE_PRIVATE_KEY3)
|
||||
};
|
||||
// Set SBK to slot 14.
|
||||
se_aes_key_set(14, sbk, SE_KEY_128_SIZE);
|
||||
// Try to set SBK from fuses. If patched, skip.
|
||||
fuse_set_sbk();
|
||||
|
||||
// Lock SBK from being read.
|
||||
se_key_acc_ctrl(14, SE_KEY_TBL_DIS_KEYREAD_FLAG);
|
||||
|
||||
// Lock SSK (although it's not set and unused anyways).
|
||||
se_key_acc_ctrl(15, SE_KEY_TBL_DIS_KEYREAD_FLAG);
|
||||
}
|
||||
// Lock SSK (although it's not set and unused anyways).
|
||||
// se_key_acc_ctrl(15, SE_KEY_TBL_DIS_KEYREAD_FLAG);
|
||||
|
||||
// This memset needs to happen here, else TZRAM will behave weirdly later on.
|
||||
memset((void *)TZRAM_BASE, 0, 0x10000);
|
||||
|
|
@ -352,7 +337,7 @@ void hw_init()
|
|||
// Enable Security Engine clock.
|
||||
clock_enable_se();
|
||||
|
||||
// Enable Fuse clock.
|
||||
// Enable Fuse visibility.
|
||||
clock_enable_fuse(true);
|
||||
|
||||
// Disable Fuse programming.
|
||||
|
|
|
|||
Loading…
Reference in a new issue