diff --git a/ipl/hos.c b/ipl/hos.c index 5522025..9d779d9 100755 --- a/ipl/hos.c +++ b/ipl/hos.c @@ -84,7 +84,7 @@ typedef struct _merge_kip_t #define KB_FIRMWARE_VERSION_500 4 #define KB_FIRMWARE_VERSION_MAX KB_FIRMWARE_VERSION_500 -// Exosphère magic "XBC0" +// Exosphère magic "XBC0". #define MAGIC_EXOSPHERE 0x30434258 static const u8 keyblob_keyseeds[][0x10] = { @@ -122,12 +122,12 @@ static void _se_lock() for (u32 i = 0; i < 2; i++) se_rsa_acc_ctrl(i, 1); - SE(0x4) = 0; //Make this reg secure only. - SE(SE_KEY_TABLE_ACCESS_LOCK_OFFSET) = 0; //Make all key access regs secure only. - SE(SE_RSA_KEYTABLE_ACCESS_LOCK_OFFSET) = 0; //Make all rsa access regs secure only. - SE(SE_SECURITY_0) &= 0xFFFFFFFB; //Make access lock regs secure only. + SE(0x4) = 0; // Make this reg secure only. + SE(SE_KEY_TABLE_ACCESS_LOCK_OFFSET) = 0; // Make all key access regs secure only. + SE(SE_RSA_KEYTABLE_ACCESS_LOCK_OFFSET) = 0; // Make all RSA access regs secure only. + SE(SE_SECURITY_0) &= 0xFFFFFFFB; // Make access lock regs secure only. - //This is useful for documenting the bits in the SE config registers, so we can keep it around. + // This is useful for documenting the bits in the SE config registers, so we can keep it around. /*gfx_printf(&gfx_con, "SE(SE_SECURITY_0) = %08X\n", SE(SE_SECURITY_0)); gfx_printf(&gfx_con, "SE(0x4) = %08X\n", SE(0x4)); gfx_printf(&gfx_con, "SE(SE_KEY_TABLE_ACCESS_LOCK_OFFSET) = %08X\n", SE(SE_KEY_TABLE_ACCESS_LOCK_OFFSET)); @@ -151,19 +151,19 @@ int keygen(u8 *keyblob, u32 kb, void *tsec_fw) se_key_acc_ctrl(13, 0x15); se_key_acc_ctrl(14, 0x15); - //Get TSEC key. + // Get TSEC key. if (tsec_query(tmp, 1, tsec_fw) < 0) return 0; se_aes_key_set(13, tmp, 0x10); - //Derive keyblob keys from TSEC+SBK. + // Derive keyblob keys from TSEC+SBK. se_aes_crypt_block_ecb(13, 0, tmp, keyblob_keyseeds[0]); se_aes_unwrap_key(15, 14, tmp); se_aes_crypt_block_ecb(13, 0, tmp, keyblob_keyseeds[kb]); se_aes_unwrap_key(13, 14, tmp); - //Clear SBK. + // Clear SBK. se_aes_key_clear(14); //TODO: verify keyblob CMAC. @@ -175,7 +175,7 @@ int keygen(u8 *keyblob, u32 kb, void *tsec_fw) se_aes_crypt_block_ecb(13, 0, tmp, cmac_keyseed); se_aes_unwrap_key(11, 13, cmac_keyseed); - //Decrypt keyblob and set keyslots. + // Decrypt keyblob and set keyslots. se_aes_crypt_ctr(13, keyblob + 0x20, 0x90, keyblob + 0x20, 0x90, keyblob + 0x10); se_aes_key_set(11, keyblob + 0x20 + 0x80, 0x10); //Package1 key. se_aes_key_set(12, keyblob + 0x20, 0x10); @@ -205,7 +205,7 @@ int keygen(u8 *keyblob, u32 kb, void *tsec_fw) break; } - //Package2 key. + // Package2 key. se_key_acc_ctrl(8, 0x15); se_aes_unwrap_key(8, 12, key8_keyseed); @@ -219,7 +219,7 @@ static void _copy_bootconfig() sdmmc_storage_init_mmc(&storage, &sdmmc, SDMMC_4, SDMMC_BUS_WIDTH_8, 4); - //Read BCT. + // Read BCT. u8 *buf = (u8 *)0x4003D000; sdmmc_storage_set_mmc_partition(&storage, 1); sdmmc_storage_read(&storage, 0, 0x3000 / NX_EMMC_BLOCKSIZE, buf); @@ -237,19 +237,19 @@ static int _read_emmc_pkg1(launch_ctxt_t *ctxt) sdmmc_storage_init_mmc(&storage, &sdmmc, SDMMC_4, SDMMC_BUS_WIDTH_8, 4); - //Read package1. + // Read package1. ctxt->pkg1 = (u8 *)malloc(0x40000); sdmmc_storage_set_mmc_partition(&storage, 1); sdmmc_storage_read(&storage, 0x100000 / NX_EMMC_BLOCKSIZE, 0x40000 / NX_EMMC_BLOCKSIZE, ctxt->pkg1); ctxt->pkg1_id = pkg1_identify(ctxt->pkg1); if (!ctxt->pkg1_id) { - gfx_printf(&gfx_con, "%kCould not identify package1,\nVersion (= '%s').%k\n", 0xFFFF0000, (char *)ctxt->pkg1 + 0x10, 0xFFCCCCCC); + gfx_printf(&gfx_con, "%kUnknown package1,\nVersion (= '%s').%k\n", 0xFFFF0000, (char *)ctxt->pkg1 + 0x10, 0xFFCCCCCC); goto out; } gfx_printf(&gfx_con, "Identified package1 ('%s'),\nKeyblob version %d\n\n", (char *)(ctxt->pkg1 + 0x10), ctxt->pkg1_id->kb); - //Read the correct keyblob. + // Read the correct keyblob. ctxt->keyblob = (u8 *)calloc(NX_EMMC_BLOCKSIZE, 1); sdmmc_storage_read(&storage, 0x180000 / NX_EMMC_BLOCKSIZE + ctxt->pkg1_id->kb, 1, ctxt->keyblob); @@ -269,16 +269,16 @@ static int _read_emmc_pkg2(launch_ctxt_t *ctxt) sdmmc_storage_init_mmc(&storage, &sdmmc, SDMMC_4, SDMMC_BUS_WIDTH_8, 4); sdmmc_storage_set_mmc_partition(&storage, 0); - //Parse eMMC GPT. + // Parse eMMC GPT. LIST_INIT(gpt); nx_emmc_gpt_parse(&gpt, &storage); DPRINTF("Parsed GPT\n"); - //Find package2 partition. + // Find package2 partition. emmc_part_t *pkg2_part = nx_emmc_part_find(&gpt, "BCPKG2-1-Normal-Main"); if (!pkg2_part) goto out; - //Read in package2 header and get package2 real size. + // Read in package2 header and get package2 real size. //TODO: implement memalign for DMA buffers. u8 *tmp = (u8 *)malloc(NX_EMMC_BLOCKSIZE); nx_emmc_part_read(&storage, pkg2_part, 0x4000 / NX_EMMC_BLOCKSIZE, 1, tmp); diff --git a/ipl/main.c b/ipl/main.c index aad77a6..296bccb 100755 --- a/ipl/main.c +++ b/ipl/main.c @@ -99,7 +99,7 @@ int sd_mount() } else { - EPRINTFARGS("Failed to mount SD card (FatFS Error %d).\n(make sure that a FAT type partition exists)", res); + EPRINTFARGS("Failed to mount SD card (FatFS Error %d).\nMake sure that a FAT partition exists..", res); } } @@ -390,12 +390,9 @@ void print_fuseinfo() { if (sd_mount()) { - char fuseFilename[23]; f_mkdir("Backup"); f_mkdir("Backup/Dumps"); - memcpy(fuseFilename, "Backup/Dumps/fuses.bin", 23); - - if (!sd_save_to_file((u8 *)0x7000F900, 0x2FC, fuseFilename)) + if (!sd_save_to_file((u8 *)0x7000F900, 0x2FC, "Backup/Dumps/fuses.bin")) gfx_puts(&gfx_con, "\nDone!\n"); sd_unmount(); } @@ -423,12 +420,9 @@ void print_kfuseinfo() { if (sd_mount()) { - char kfuseFilename[24]; f_mkdir("Backup"); f_mkdir("Backup/Dumps"); - memcpy(kfuseFilename, "Backup/Dumps/kfuses.bin", 24); - - if (!sd_save_to_file((u8 *)buf, KFUSE_NUM_WORDS * 4, kfuseFilename)) + if (!sd_save_to_file((u8 *)buf, KFUSE_NUM_WORDS * 4, "Backup/Dumps/kfuses.bin")) gfx_puts(&gfx_con, "\nDone!\n"); sd_unmount(); } @@ -457,7 +451,7 @@ void print_mmc_info() u16 card_type; u32 speed; - gfx_printf(&gfx_con, "%kCard IDentification:%k\n", 0xFF00DDFF, 0xFFCCCCCC); + gfx_printf(&gfx_con, "%kCID:%k\n", 0xFF00DDFF, 0xFFCCCCCC); switch (storage.csd.mmca_vsn) { case 0: /* MMC v1.0 - v1.2 */ @@ -500,7 +494,7 @@ void print_mmc_info() EPRINTF("Unknown CSD structure."); else { - gfx_printf(&gfx_con, "%kExtended Card-Specific Data V1.%d:%k\n", + gfx_printf(&gfx_con, "%kExtended CSD V1.%d:%k\n", 0xFF00DDFF, storage.ext_csd.ext_struct, 0xFFCCCCCC); card_type = storage.ext_csd.card_type; u8 card_type_support[96]; @@ -664,7 +658,7 @@ void print_tsec_key() const pkg1_id_t *pkg1_id = pkg1_identify(pkg1); if (!pkg1_id) { - EPRINTFARGS("Could not identify package1 version\nto read TSEC firmware (= '%s').", + EPRINTFARGS("Unknown package1 version for reading\nTSEC firmware (= '%s').", (char *)pkg1 + 0x10); goto out_wait; } @@ -693,20 +687,15 @@ void print_tsec_key() { if (sd_mount()) { - char tsec_keyFilename[26]; f_mkdir("Backup"); f_mkdir("Backup/Dumps"); - memcpy(tsec_keyFilename, "Backup/Dumps/tsec_key.bin", 26); - - if (!sd_save_to_file(keys, 0x10 * 3, tsec_keyFilename)) + if (!sd_save_to_file(keys, 0x10 * 3, "Backup/Dumps/tsec_key.bin")) gfx_puts(&gfx_con, "\nDone!\n"); sd_unmount(); } } else - { goto out; - } out_wait:; btn_wait(); @@ -1556,7 +1545,7 @@ void dump_packages12() if (!pkg1_id) { gfx_con.fntsz = 8; - EPRINTFARGS("Could not identify package1 version to read TSEC firmware (= '%s').", (char *)pkg1 + 0x10); + EPRINTFARGS("Unknown package1 version for reading\nTSEC firmware (= '%s').", (char *)pkg1 + 0x10); goto out; } @@ -1610,23 +1599,23 @@ void dump_packages12() goto out; gfx_puts(&gfx_con, "Warmboot dumped to warmboot.bin\n\n\n"); - // Dump package2.1 + // Dump package2.1. sdmmc_storage_set_mmc_partition(&storage, 0); - //Parse eMMC GPT. + // Parse eMMC GPT. LIST_INIT(gpt); nx_emmc_gpt_parse(&gpt, &storage); - //Find package2 partition. + // Find package2 partition. emmc_part_t *pkg2_part = nx_emmc_part_find(&gpt, "BCPKG2-1-Normal-Main"); if (!pkg2_part) goto out; - //Read in package2 header and get package2 real size. + // Read in package2 header and get package2 real size. u8 *tmp = (u8 *)malloc(NX_EMMC_BLOCKSIZE); nx_emmc_part_read(&storage, pkg2_part, 0x4000 / NX_EMMC_BLOCKSIZE, 1, tmp); u32 *hdr_pkg2_raw = (u32 *)(tmp + 0x100); u32 pkg2_size = hdr_pkg2_raw[0] ^ hdr_pkg2_raw[2] ^ hdr_pkg2_raw[3]; free(tmp); - //Read in package2. + // Read in package2. u32 pkg2_size_aligned = ALIGN(pkg2_size, NX_EMMC_BLOCKSIZE); pkg2 = malloc(pkg2_size_aligned); nx_emmc_part_read(&storage, pkg2_part, 0x4000 / NX_EMMC_BLOCKSIZE, @@ -2234,12 +2223,9 @@ void print_battery_info() { if (sd_mount()) { - char fuelFilename[28]; f_mkdir("Backup"); f_mkdir("Backup/Dumps"); - memcpy(fuelFilename, "Backup/Dumps/fuel_gauge.bin", 28); - - if (sd_save_to_file((u8 *)buf, 0x200, fuelFilename)) + if (sd_save_to_file((u8 *)buf, 0x200, "Backup/Dumps/fuel_gauge.bin")) EPRINTF("\nError creating fuel.bin file."); else gfx_puts(&gfx_con, "\nDone!\n"); diff --git a/ipl/pkg2.c b/ipl/pkg2.c index fd0722f..0ee64fc 100755 --- a/ipl/pkg2.c +++ b/ipl/pkg2.c @@ -296,15 +296,15 @@ pkg2_hdr_t *pkg2_decrypt(void *data) { u8 *pdata = (u8 *)data; - //Skip signature. + // Skip signature. pdata += 0x100; pkg2_hdr_t *hdr = (pkg2_hdr_t *)pdata; - //Skip header. + // Skip header. pdata += sizeof(pkg2_hdr_t); - //Decrypt header. + // Decrypt header. se_aes_crypt_ctr(8, hdr, sizeof(pkg2_hdr_t), hdr, sizeof(pkg2_hdr_t), hdr); //gfx_hexdump(&gfx_con, (u32)hdr, hdr, 0x100); @@ -330,11 +330,11 @@ void pkg2_build_encrypt(void *dst, void *kernel, u32 kernel_size, link_t *kips_i { u8 *pdst = (u8 *)dst; - //Signature. + // Signature. memset(pdst, 0, 0x100); pdst += 0x100; - //Header. + // Header. pkg2_hdr_t *hdr = (pkg2_hdr_t *)pdst; memset(hdr, 0, sizeof(pkg2_hdr_t)); pdst += sizeof(pkg2_hdr_t); @@ -342,7 +342,7 @@ void pkg2_build_encrypt(void *dst, void *kernel, u32 kernel_size, link_t *kips_i hdr->base = 0x10000000; DPRINTF("kernel @ %08X (%08X)\n", (u32)kernel, kernel_size); - //Kernel. + // Kernel. memcpy(pdst, kernel, kernel_size); hdr->sec_size[PKG2_SEC_KERNEL] = kernel_size; hdr->sec_off[PKG2_SEC_KERNEL] = 0x10000000; @@ -350,7 +350,7 @@ DPRINTF("kernel @ %08X (%08X)\n", (u32)kernel, kernel_size); pdst += kernel_size; DPRINTF("kernel encrypted\n"); - //INI1. + // INI1. u32 ini1_size = sizeof(pkg2_ini1_t); pkg2_ini1_t *ini1 = (pkg2_ini1_t *)pdst; memset(ini1, 0, sizeof(pkg2_ini1_t));