Difference between revisions of "17.0.0"

From Nintendo Switch Brew
Jump to navigation Jump to search
(Created page with "The Switch 17.0.0 system update was released on October 11, 2023 (UTC). This Switch update was released for the following regions: ALL, and CHN. Security flaws fixed: <fill t...")
 
 
(12 intermediate revisions by 3 users not shown)
Line 1: Line 1:
 
The Switch 17.0.0 system update was released on October 11, 2023 (UTC). This Switch update was released for the following regions: ALL, and CHN.
 
The Switch 17.0.0 system update was released on October 11, 2023 (UTC). This Switch update was released for the following regions: ALL, and CHN.
  
Security flaws fixed: <fill this in manually later, see the updatedetails page from the ninupdates-report page(s) once available for now>.
+
Security flaws fixed: yes.
 +
 
 +
As of November 9, 2023 (UTC), this sysupdate is now required by [[Account_services|account]] CDN / [[Network|dauth]] (required by online-play).
 +
 
 +
Additionally, a rebootless Switch system update was released for 17.0.0 on November 21, 2023 (UTC). This Switch update was released for the following regions: ALL, and CHN. The following (non-sysver) titles were updated: NgWord, NgWord2.
  
 
==Change-log==
 
==Change-log==
Line 12: Line 16:
 
** SystemData (non-sysver): CertStore, ErrorMessage, MiiModel, BrowserDll, Help, NgWord, SsidList, TimeZoneBinary, FontNintendoExtension, FontStandard, FontKorean, FontChineseTraditional, FontChineseSimple, FirmwareDebugSettings, BootImagePackage, BootImagePackageSafe, BootImagePackageExFat, FatalMessage, PlatformConfigIcosa, PlatformConfigCopper, PlatformConfigHoag, ControllerFirmware, NgWord2, BootImagePackageExFatSafe, PlatformConfigIcosaMariko, ContentActionTable, NgWordT, PlatformConfigAula, AulaDockFirmware.
 
** SystemData (non-sysver): CertStore, ErrorMessage, MiiModel, BrowserDll, Help, NgWord, SsidList, TimeZoneBinary, FontNintendoExtension, FontStandard, FontKorean, FontChineseTraditional, FontChineseSimple, FirmwareDebugSettings, BootImagePackage, BootImagePackageSafe, BootImagePackageExFat, FatalMessage, PlatformConfigIcosa, PlatformConfigCopper, PlatformConfigHoag, ControllerFirmware, NgWord2, BootImagePackageExFatSafe, PlatformConfigIcosaMariko, ContentActionTable, NgWordT, PlatformConfigAula, AulaDockFirmware.
 
** Applets: qlaunch, controller, error, playerSelect, LibAppletWeb, LibAppletShop, LibAppletOff, LibAppletLns, LibAppletAuth.
 
** Applets: qlaunch, controller, error, playerSelect, LibAppletWeb, LibAppletShop, LibAppletOff, LibAppletLns, LibAppletAuth.
 +
 +
[[NPDM]] changes (besides usual version-bump):
 +
* nifm: Service access: added ifcfg, nettc:nd, nettc:nu, removed bsdcfg.
 +
* bsdsocket: Service server access: added ifcfg.
 +
* audio: Service access: removed set:fd.
 +
* wlan: Name updated: wlan -> wlan.autogen.
 +
* ldn: Service access: added ifcfg, removed bsdcfg.
 +
* pcie: Service access: added i2c.
 +
* account: Service access: added caps:dc.
 +
* ns: Service access: added hid.
 +
* npns: Service access: added time:u.
 +
* migration: Fac.FsAccessFlag updated: set bitmask 0x0000000200001000 (ImageManager, SaveDataTransferVersion2).
 +
* qlaunch: Service access: added htcs:sys.
 +
* controller: Service access: added htcs:sys.
 +
* error: Service access: added htcs:sys.
 +
* playerSelect: Service access: added htcs:sys.
 +
* LibAppletWeb: Service access: added htcs:sys.
 +
* LibAppletShop: Service access: added htcs:sys.
 +
* LibAppletOff: Service access: added htcs:sys.
 +
* LibAppletLns: Service access: added htcs:sys.
 +
* LibAppletAuth: Service access: added htcs:sys.
 +
 +
RomFs changes:
 +
* ErrorMessage: updated
 +
* BrowserDll:
 +
** "/buildinfo/buildinfo.dat" updated
 +
** "/nro/netfront/": Various data updated.
 +
* Help: "/legallines.htdocs/index.html" updated
 +
* NgWord: updated
 +
* [[System_Version_Title|SystemVersion]]: All files updated.
 +
* TimeZoneBinary: updated
 +
* [[System_Settings|FirmwareDebugSettings/PlatformConfigAula]]: All files updated.
 +
* NgWord2: updated
 +
* RebootlessSystemUpdateVersion: All files updated.
 +
* NgWordT: All files updated.
 +
* qlaunch applet:
 +
** "/lyt/": Various data updated.
 +
** "/message/": Various data updated.
 +
* controller applet:
 +
** "/lyt/": Various data updated.
 +
** "/message/": Various data updated.
 +
* error applet: "/lyt/common.szs" updated, "/lyt/Error.szs" updated, "/message/KRko/common.msbt.szs" updated, "/message/Ocean.msbp.szs" updated
 +
* playerSelect applet:
 +
** "/lyt/": Various data updated.
 +
** "/message/": Various data updated.
 +
* [[Internet_Browser|LibAppletWeb/LibAppletShop/LibAppletOff/LibAppletLns/LibAppletAuth]]: All files updated.
 +
 +
=== IPC Interface Changes ===
 +
* The following interfaces were removed:
 +
** nn::fgm::sf::IDebugger
 +
* The following interfaces were added:
 +
** nn::account::nas::IDeviceHistoryRequest
 +
** nn::hshl::IBridgeSession
 +
* The following interfaces were changed:
 +
** nn::account::IAccountEntityServiceForAccountPolicy
 +
*** Added command 213 - inbytes: 0x4, inhandles: [1], outbytes: 0x0, outinterfaces: ['nn::account::nas::IOAuthProcedureForUserRegistration']
 +
*** Added command 214 - inbytes: 0x14, inhandles: [1], outbytes: 0x0, outinterfaces: ['nn::account::nas::IOAuthProcedureForUserRegistration']
 +
*** Added command 215 - inbytes: 0x14, inhandles: [1], outbytes: 0x0, outinterfaces: ['nn::account::nas::IOAuthProcedureForUserRegistration']
 +
** nn::account::IAccountServiceForAdministrator
 +
*** Added command 213 - inbytes: 0x4, inhandles: [1], outbytes: 0x0, outinterfaces: ['nn::account::nas::IOAuthProcedureForUserRegistration']
 +
*** Added command 214 - inbytes: 0x14, inhandles: [1], outbytes: 0x0, outinterfaces: ['nn::account::nas::IOAuthProcedureForUserRegistration']
 +
*** Added command 215 - inbytes: 0x14, inhandles: [1], outbytes: 0x0, outinterfaces: ['nn::account::nas::IOAuthProcedureForUserRegistration']
 +
** nn::account::baas::IAdministrator
 +
*** Added command 170 - inbytes: 0x8, inhandles: [1], outbytes: 0x0, outinterfaces: ['nn::account::nas::IDeviceHistoryRequest']
 +
** nn::account::baas::IManagerForSystemService
 +
*** Added command 170 - inbytes: 0x8, inhandles: [1], outbytes: 0x0, outinterfaces: ['nn::account::nas::IDeviceHistoryRequest']
 +
** nn::account::nas::IOAuthProcedureForUserRegistration
 +
*** Added command 200 - buffers: [0x9], inbytes: 0x0, outbytes: 0x0, outinterfaces: ['nn::account::detail::IAsyncContext']
 +
*** Added command 205 - inbytes: 0x0, outbytes: 0x10
 +
*** Added command 210 - inbytes: 0x0, outbytes: 0x1
 +
*** Added command 220 - inbytes: 0x0, outbytes: 0x0, outinterfaces: ['nn::account::detail::IAsyncContext']
 +
*** Added command 221 - buffers: [0x5], inbytes: 0x21, outbytes: 0x0, outinterfaces: ['nn::account::detail::IAsyncContext']
 +
** nn::am::service::IAppletCommonFunctions
 +
*** Added command 300 - inbytes: 0x0, outbytes: 0x8
 +
** nn::am::service::ICommonStateGetter
 +
*** Added command 600 - inbytes: 0x10, outbytes: 0x0, outinterfaces: ['nn::am::service::IStorageChannel']
 +
*** Added command 910 - inbytes: 0x0, outbytes: 0x8
 +
** nn::am::service::IDebugFunctions
 +
*** Added command 52 - inbytes: 0x4, outbytes: 0x8
 +
** nn::am::service::ILibraryAppletSelfAccessor
 +
*** Added command 160 - inbytes: 0x0, outbytes: 0x8
 +
** nn::apm::ISystemManager
 +
*** Added command 8 - inbytes: 0x0, outbytes: 0x4
 +
** nn::arp::detail::IReader
 +
*** Changed command 2 - outbytes: 0x1 -> 0x10 (final state: inbytes: 0x8, outbytes: 0x10)
 +
** nn::arp::detail::IUpdater
 +
*** Changed command 1 - inbytes: 0x10 -> 0x18 (final state: inbytes: 0x18, outbytes: 0x0)
 +
** nn::audio::detail::IAudioDevice
 +
*** Added command 15 - inbytes: 0x8, outbytes: 0x0, outhandles: [1]
 +
*** Added command 16 - inbytes: 0x8, outbytes: 0x0
 +
*** Added command 17 - inbytes: 0x8, outbytes: 0x0, outhandles: [1]
 +
*** Added command 18 - inbytes: 0x8, outbytes: 0x0
 +
** nn::audio::detail::IAudioSnoopManager
 +
*** Removed command 1 - inbytes: 0x0, outbytes: 0x0
 +
*** Removed command 6 - inbytes: 0x0, outbytes: 0x4
 +
** nn::audioctrl::detail::IAudioController
 +
*** Added command 19 - inbytes: 0x1, outbytes: 0x0
 +
*** Added command 20 - inbytes: 0x0, outbytes: 0x1
 +
*** Removed command 27 - buffer_entry_sizes: [0x4], buffers: [0x5], inbytes: 0x4, outbytes: 0x0
 +
** nn::bsdsocket::cfg::ServerInterface
 +
*** Added command 16 - buffers: [0x5, 0x6], inbytes: 0x8, outbytes: 0x0, pid: True
 +
*** Added command 17 - buffers: [0x5], inbytes: 0x8, outbytes: 0x8, pid: True
 +
*** Added command 18 - buffers: [0x5, 0x6, 0x6, 0x6], inbytes: 0x8, outbytes: 0x0, pid: True
 +
*** Added command 19 - buffers: [0x5, 0x6], inbytes: 0x8, outbytes: 0x0, pid: True
 +
*** Added command 20 - buffers: [0x5, 0x6], inbytes: 0x8, outbytes: 0x0, pid: True
 +
*** Added command 21 - buffers: [0x5, 0x6], inbytes: 0x10, outbytes: 0x0, pid: True
 +
*** Added command 22 - buffers: [0x5, 0x6, 0x5], inbytes: 0x8, outbytes: 0x0, pid: True
 +
*** Added command 23 - buffers: [0x5], inbytes: 0x10, outbytes: 0x0, pid: True
 +
*** Added command 50 - buffers: [0x5], inbytes: 0x10, outbytes: 0x0, pid: True
 +
*** Added command 51 - buffers: [0x5], inbytes: 0x8, outbytes: 0x0, pid: True
 +
*** Added command 52 - buffers: [0x5], inbytes: 0x8, outbytes: 0x0, pid: True
 +
*** Added command 53 - buffers: [0x5], inbytes: 0x8, outbytes: 0x0, pid: True
 +
*** Added command 54 - buffers: [0x5], inbytes: 0x10, outbytes: 0x0, pid: True
 +
*** Added command 55 - buffers: [0x5], inbytes: 0x8, outbytes: 0x0, pid: True
 +
*** Added command 56 - buffers: [0x5, 0x5], inbytes: 0x8, outbytes: 0x0, pid: True
 +
*** Added command 57 - buffers: [0x5], inbytes: 0x8, outbytes: 0x0, pid: True
 +
*** Added command 58 - buffers: [0x5], inbytes: 0x8, outbytes: 0x0, pid: True
 +
*** Added command 100 - buffers: [0x5], inbytes: 0x10, outbytes: 0x0, pid: True
 +
** nn::capsrv::sf::IAlbumAccessorService
 +
*** Added command 120 - buffer_entry_sizes: [0x20, 0x0], buffers: [0x6, 0x21], inbytes: 0x18, outbytes: 0x8
 +
*** Added command 130 - buffers: [0x6], inbytes: 0x20, outbytes: 0x8
 +
*** Added command 140 - inbytes: 0x0, outbytes: 0x0, outhandles: [1]
 +
*** Added command 150 - buffer_entry_sizes: [0x400], buffers: [0x16], inbytes: 0x18, outbytes: 0x0
 +
*** Changed command 50000 - buffers: [0x6, 0x6] -> [0x6] (final state: buffers: [0x6], inbytes: 0x18, outbytes: 0x8)
 +
** nn::capsrv::sf::IAlbumApplicationService
 +
*** Added command 145 - buffer_entry_sizes: [0x20], buffers: [0x6], inbytes: 0x20, outbytes: 0x8, pid: True
 +
*** Added command 146 - buffer_entry_sizes: [0x20], buffers: [0x6], inbytes: 0x30, outbytes: 0x8, pid: True
 +
*** Added command 147 - buffer_entry_sizes: [0x20], buffers: [0x6], inbytes: 0x20, outbytes: 0x8, pid: True
 +
** nn::capsrv::sf::IDecoderControlService
 +
*** Added command 4001 - buffers: [0x46, 0x5], inbytes: 0x28, outbytes: 0x8
 +
** nn::dp2hdmi::detail::IDp2hdmiController
 +
*** Added command 9 - inbytes: 0x0, outbytes: 0x10
 +
** nn::erpt::sf::IContext
 +
*** Changed command 10 - inbytes: 0x8 -> 0xC (final state: buffers: [0x5, 0x5, 0x5], inbytes: 0xC, outbytes: 0x0)
 +
*** Added command 12 - buffers: [0x5, 0x5, 0x5], inbytes: 0xC, outbytes: 0x0
 +
** nn::es::IActiveRightsContext
 +
*** Removed command 212 - inbytes: 0x0, outbytes: 0x0, outhandles: [1]
 +
** nn::es::IETicketService
 +
*** Changed command 1006 - buffer_entry_sizes: [0x48, 0x10] -> [0x50, 0x10] (final state: buffer_entry_sizes: [0x50, 0x10], buffers: [0x6, 0x5], inbytes: 0x0, outbytes: 0x4)
 +
*** Added command 1023 - buffer_entry_sizes: [0x10], buffers: [0x6], inbytes: 0x8, outbytes: 0x4
 +
*** Added command 1024 - buffer_entry_sizes: [0x10], buffers: [0x6], inbytes: 0x10, outbytes: 0x4
 +
*** Added command 1025 - buffer_entry_sizes: [0x10], buffers: [0x6], inbytes: 0x8, outbytes: 0x4
 +
*** Added command 1026 - buffer_entry_sizes: [0x10, 0x0], buffers: [0x6, 0x5], inbytes: 0x8, outbytes: 0x4
 +
*** Added command 1027 - buffer_entry_sizes: [0x10, 0x0], buffers: [0x6, 0x5], inbytes: 0x10, outbytes: 0x4
 +
*** Removed command 2002 - inbytes: 0x0, outbytes: 0x0, outhandles: [1]
 +
*** Removed command 2003 - inbytes: 0x0, outbytes: 0x0, outhandles: [1]
 +
** nn::friends::detail::ipc::IServiceCreator
 +
*** Changed command 2 - outinterfaces: ['0x710007990C'] -> ['0x710007AF24'] (final state: inbytes: 0x0, outbytes: 0x0, outinterfaces: ['0x710007AF24'])
 +
** nn::fssrv::sf::IDeviceOperator
 +
*** Added command 6 - inbytes: 0x0, outbytes: 0xC
 +
*** Added command 117 - inbytes: 0x18, outbytes: 0x0
 +
*** Added command 221 - buffers: [0x6], inbytes: 0x8, outbytes: 0x0
 +
** nn::fssrv::sf::IFileSystemProxy
 +
*** Added command 618 - buffer_entry_sizes: [0x301], buffers: [0x19], inbytes: 0x1, outbytes: 0x8
 +
** nn::fssrv::sf::IFileSystemProxyForLoader
 +
*** Changed command 0 - buffer_entry_sizes: [0x124, 0x301] -> [0x301, 0x0], buffers: [0x1A, 0x19] -> [0x19, 0x6] (final state: buffer_entry_sizes: [0x301, 0x0], buffers: [0x19, 0x6], inbytes: 0x10, outbytes: 0x0, outinterfaces: ['nn::fssrv::sf::IFileSystem'])
 +
** nn::fssrv::sf::ISaveDataTransferManagerForSaveDataRepair
 +
*** Changed command 110 - buffers: [0x5] -> [0x5, 0x5], inbytes: 0x28 -> 0x18 (final state: buffers: [0x5, 0x5], inbytes: 0x18, outbytes: 0x0, outinterfaces: ['nn::fssrv::sf::ISaveDataDivisionImporter'])
 +
** nn::fssrv::sf::ISaveDataTransferManagerWithDivision
 +
*** Added command 63 - buffer_entry_sizes: [0x200, 0x0], buffers: [0x19, 0x5], inbytes: 0x2, outbytes: 0x0, outinterfaces: ['nn::fssrv::sf::ISaveDataDivisionImporter']
 +
*** Removed command 67 - buffers: [0x5], inbytes: 0x18, outbytes: 0x0, outinterfaces: ['nn::fssrv::sf::ISaveDataDivisionImporter']
 +
** nn::gpio::IPadSession
 +
*** Removed command 6 - inbytes: 0x0, outbytes: 0x4
 +
*** Removed command 7 - inbytes: 0x0, outbytes: 0x0
 +
** nn::grcsrv::IContinuousRecorder
 +
*** Added command 4 - inbytes: 0x0, outbytes: 0x0
 +
** nn::hid::IHidDebugServer
 +
*** Added command 217 - inbytes: 0x10, inhandles: [1], outbytes: 0x8
 +
*** Added command 351 - inbytes: 0x0, outbytes: 0x4
 +
*** Added command 352 - inbytes: 0x0, outbytes: 0x0
 +
** nn::hid::IHidServer
 +
*** Added command 213 - inbytes: 0x20, outbytes: 0x0, pid: True
 +
*** Added command 214 - buffer_entry_sizes: [0x4, 0x10], buffers: [0x9, 0x9], inbytes: 0x10, outbytes: 0x0
 +
*** Added command 311 - inbytes: 0x8, outbytes: 0x0, pid: True
 +
*** Added command 312 - inbytes: 0x8, outbytes: 0x0, pid: True
 +
*** Added command 1004 - inbytes: 0x10, outbytes: 0x0, pid: True
 +
** nn::hid::IHidSystemServer
 +
*** Added command 1320 - inbytes: 0x0, outbytes: 0x0
 +
*** Added command 1321 - inbytes: 0x0, outbytes: 0x0
 +
** nn::hshl::IManager
 +
*** Added command 9 - inbytes: 0x0, outbytes: 0x0, outinterfaces: ['nn::hshl::IBridgeSession']
 +
*** Added command 10 - inbytes: 0x0, outbytes: 0x1
 +
** nn::hshl::ISetterManager
 +
*** Added command 3 - inbytes: 0x1, outbytes: 0x0
 +
** nn::migration::savedata::IClient
 +
*** Added command 304 - buffer_entry_sizes: [0x8], buffers: [0x6], inbytes: 0x4, outbytes: 0x4
 +
** nn::migration::savedata::IServer
 +
*** Added command 3 - buffer_entry_sizes: [0x8], buffers: [0x6], inbytes: 0x4, outbytes: 0x4
 +
** nn::migration::user::IService
 +
*** Added command 1110 - buffer_entry_sizes: [0x100, 0x8], buffers: [0x19, 0x5], inbytes: 0x18, inhandles: [1], outbytes: 0x0, outinterfaces: ['nn::migration::savedata::IServer']
 +
** nn::mnpp::detail::ipc::IServiceForWebBrowser
 +
*** Added command 100 - buffers: [0x5, 0x5, 0x6], inbytes: 0x10, outbytes: 0x0
 +
** nn::ncm::IContentMetaDatabase
 +
*** Added command 26 - inbytes: 0x10, outbytes: 0x1
 +
** nn::ncm::IContentStorage
 +
*** Added command 30 - inbytes: 0x11, outbytes: 0x8
 +
** nn::ndrm::low::detail::INdrmLowAdminInterface
 +
*** Added command 45 - inbytes: 0x8, outbytes: 0x0, outhandles: [1]
 +
** nn::nim::detail::INetworkInstallManager
 +
*** Added command 142 - inbytes: 0x0, outbytes: 0x0, outhandles: [1], outinterfaces: ['nn::nim::detail::IAsyncResult']
 +
*** Added command 143 - inbytes: 0x18, outbytes: 0x0, outhandles: [1], outinterfaces: ['nn::nim::detail::IAsyncData']
 +
*** Added command 144 - inbytes: 0x18, outbytes: 0x0, outhandles: [1], outinterfaces: ['nn::nim::detail::IAsyncData']
 +
*** Added command 3000 - inbytes: 0x10, outbytes: 0x0, outhandles: [1], outinterfaces: ['nn::nim::detail::IAsyncData']
 +
*** Added command 3001 - inbytes: 0x8, outbytes: 0x0, outhandles: [1], outinterfaces: ['nn::nim::detail::IAsyncData']
 +
** nn::nim::detail::IShopServiceAccessServerInterface
 +
*** Added command 5 - inbytes: 0x10, inhandles: [1], outbytes: 0x0, outinterfaces: ['nn::nim::detail::IShopServiceAccessServer'], pid: True
 +
** nn::npns::INpnsSystem
 +
*** Added command 35 - buffers: [0x5], inbytes: 0x10, outbytes: 0x0
 +
*** Added command 36 - inbytes: 0x10, outbytes: 0x0
 +
*** Added command 40 - inbytes: 0x0, outbytes: 0x0, outhandles: [1]
 +
*** Added command 41 - inbytes: 0x0, outbytes: 0x10
 +
*** Added command 42 - buffers: [0x9], inbytes: 0x10, outbytes: 0x0
 +
*** Added command 43 - inbytes: 0x18, outbytes: 0x0
 +
*** Added command 44 - buffer_entry_sizes: [0x10], buffers: [0x9], inbytes: 0x0, outbytes: 0x0
 +
*** Added command 50 - buffers: [0x9, 0x5], inbytes: 0x0, outbytes: 0x0
 +
** nn::ns::detail::IApplicationManagerInterface
 +
*** Removed command 84 - inbytes: 0x0, outbytes: 0x0, outhandles: [1]
 +
*** Removed command 2521 - inbytes: 0x0, outbytes: 0x0, outhandles: [1]
 +
*** Added command 2523 - inbytes: 0x8, outbytes: 0x8
 +
*** Added command 3100 - inbytes: 0x0, outbytes: 0x10
 +
*** Added command 3101 - inbytes: 0x0, outbytes: 0x0, outhandles: [1], outinterfaces: ['nn::ns::detail::IAsyncResult']
 +
*** Added command 3102 - inbytes: 0x0, outbytes: 0x0
 +
** nn::olsc::srv::IOlscServiceForSystemService
 +
*** Added command 10000 - inbytes: 0x0, outbytes: 0x0, outinterfaces: ['nn::olsc::srv::IOlscServiceForSystemService']
 +
** nn::omm::srv::IDisplayLayerControl
 +
*** Removed command 600 - buffer_entry_sizes: [0x4B8], buffers: [0x15], inbytes: 0x0, outbytes: 0x0
 +
*** Added command 610 - buffer_entry_sizes: [0x4C8], buffers: [0x15], inbytes: 0x0, outbytes: 0x0
 +
*** Added command 611 - buffer_entry_sizes: [0x4C8], buffers: [0x15], inbytes: 0x0, outbytes: 0x0
 +
*** Added command 612 - buffer_entry_sizes: [0x4C8], buffers: [0x15], inbytes: 0x0, outbytes: 0x0
 +
*** Added command 900 - buffers: [0x45], inbytes: 0x0, outbytes: 0x0
 +
** nn::pdm::detail::INotifyService
 +
*** Changed command 0 - inbytes: 0x10 -> 0x18 (final state: inbytes: 0x18, outbytes: 0x0)
 +
** nn::pinmux::ISession
 +
*** Added command 3 - inbytes: 0x1, outbytes: 0x0
 +
*** Added command 4 - inbytes: 0x0, outbytes: 0x1
 +
*** Added command 5 - inbytes: 0x1, outbytes: 0x0
 +
*** Added command 6 - inbytes: 0x0, outbytes: 0x1
 +
*** Added command 7 - inbytes: 0x4, outbytes: 0x0
 +
*** Added command 8 - inbytes: 0x0, outbytes: 0x4
 +
*** Added command 9 - inbytes: 0x4, outbytes: 0x0
 +
*** Added command 10 - inbytes: 0x0, outbytes: 0x4
 +
** nn::pl::detail::IPlatformServiceManagerForSystem
 +
*** Added command 107 - inbytes: 0x18, outbytes: 0x0
 +
** nn::psc::sf::IPmControl
 +
*** Added command 7 - inbytes: 0xC, outbytes: 0x0
 +
** nn::psm::IPsmServer
 +
*** Changed command 17 - outbytes: 0x40 -> 0x54 (final state: inbytes: 0x0, outbytes: 0x54)
 +
** nn::settings::ISystemSettingsServer
 +
*** Added command 221 - inbytes: 0x0, outbytes: 0x1
 +
*** Added command 222 - inbytes: 0x1, outbytes: 0x0
 +
** nn::socket::sf::IClient_MC
 +
*** Added command 35 - buffers: [0x21, 0x22], inbytes: 0x8, outbytes: 0x8
 +
** nn::spsm::detail::IPowerStateInterface
 +
*** Added command 12 - inbytes: 0x0, outbytes: 0x0
 +
*** Added command 13 - inbytes: 0x0, outbytes: 0x0
 +
*** Added command 14 - inbytes: 0x1, outbytes: 0x0
 +
** nn::ts::server::IMeasurementServer
 +
*** Removed command 0 - inbytes: 0x1, outbytes: 0x8
 +
*** Removed command 1 - inbytes: 0x1, outbytes: 0x4
 +
** nn::ts::server::ISession
 +
*** Added command 5 - inbytes: 0x4, outbytes: 0x0
 +
*** Added command 6 - inbytes: 0x4, outbytes: 0x0
 +
*** Added command 7 - inbytes: 0x0, outbytes: 0x4
 +
** nn::uart::IManager
 +
*** Removed command 0 - inbytes: 0x4, outbytes: 0x1
 +
*** Removed command 1 - inbytes: 0x4, outbytes: 0x1
 +
*** Removed command 2 - inbytes: 0x8, outbytes: 0x1
 +
*** Removed command 3 - inbytes: 0x8, outbytes: 0x1
 +
*** Removed command 4 - inbytes: 0x8, outbytes: 0x1
 +
*** Removed command 5 - inbytes: 0x8, outbytes: 0x1
 +
*** Removed command 7 - inbytes: 0x8, outbytes: 0x1
 +
*** Removed command 8 - inbytes: 0x8, outbytes: 0x1
 +
*** Removed command 9 - inbytes: 0x8, outbytes: 0x1
 +
*** Removed command 10 - inbytes: 0x8, outbytes: 0x1
 +
** nn::wlan::detail::IPrivateWirelessCommunicationService
 +
*** Removed command 1 - inbytes: 0x4, outbytes: 0x0
 +
*** Changed command 19 - inbytes: 0x4 -> 0x1 (final state: inbytes: 0x1, outbytes: 0x0)
 +
*** Removed command 20 - inbytes: 0x0, outbytes: 0x0
 +
*** Removed command 21 - inbytes: 0x0, outbytes: 0x4
 +
*** Removed command 22 - inbytes: 0x1, outbytes: 0x0
 +
** nn::wlan::detail::IWirelessCommunicationService
 +
*** Changed command 94 - buffer_entry_sizes: [0x20] -> [0x28] (final state: buffer_entry_sizes: [0x28], buffers: [0xA], inbytes: 0x0, outbytes: 0x4)
 +
*** Added command 200 - inbytes: 0x4, outbytes: 0x0
 +
*** Added command 201 - inbytes: 0x0, outbytes: 0x0
 +
*** Added command 202 - inbytes: 0x0, outbytes: 0x4
 +
*** Added command 203 - inbytes: 0x4, outbytes: 0x0
 +
 +
=== BootImagePackages ===
 +
RomFs changes: all files updated.
 +
 +
Using updated master-key: master_key_10 (previously master_key_0f). See [[NCA]] for the KeyGeneration listing.
 +
 +
[[Package2|INI1]] changes:
 +
* BootImagePackage:
 +
** 0100000000000003 (ProcessMana): MainThreadStackSize updated: 0x1000 -> 0x3000.
 +
** 0100000000000005 (boot): SVC access: added CreateEvent.
 +
* BootImagePackageSafe:
 +
** 0100000000000003 (ProcessMana): MainThreadStackSize updated: 0x1000 -> 0x3000.
 +
** 0100000000000005 (boot): SVC access: added CreateEvent.
 +
* BootImagePackageExFat:
 +
** 0100000000000005 (boot): SVC access: added CreateEvent.
 +
** 0100000000000003 (ProcessMana): MainThreadStackSize updated: 0x1000 -> 0x3000.
 +
* BootImagePackageExFatSafe:
 +
** 0100000000000003 (ProcessMana): MainThreadStackSize updated: 0x1000 -> 0x3000.
 +
** 0100000000000005 (boot): SVC access: added CreateEvent.
 +
 +
The anti-downgrade fuses were [[Fuses#Anti-downgrade|updated]].
 +
 +
==== Secure Monitor ====
 +
* Support for a new EsCommonKeyType was added (type = 2).
 +
** Previously, only 0 (TitleKey) and 1 (ArchiveKey) were supported.
 +
** Correspondingly, PrepareEsDeviceUniqueKeyOption's type field is now bits 6-7 instead of just bit 6.
 +
 +
 +
==== Kernel ====
 +
* Compiler/libc changes:
 +
** The kernel is now linked using RELR for relocations instead of RELA (see compiler support in lld for .relr.dyn).
 +
** This greatly reduces the relocations segment size; it has decreased from 0x3A50 bytes in 16.0.0 to 0x90 in 17.0.0.
 +
** Many minor optimization changes, e.g. mul+add -> madd, madd -> smaddl/umaddl, (a + b - 1) >> 36 is now (a + b) > 0x1000000000, various reordering.
 +
* crt0 changes:
 +
** crt0 is no longer located at _start, instead _start is `b crt0` followed by 0x7FC of zeroes.
 +
** crt0 is now located at the start of .rodata.
 +
*** The crt0 page is now identity-mapped R-X in .rodata instead of RWX at start-of-text.
 +
** Many system registers which were previously set from KInitArguments are now set using a register constants table in the crt0 .rodata segment.
 +
*** These are ttbr0_el1, ttbr1_el1, tcr_el1, mair_el1, and sctlr_el1.
 +
*** This table is initially zeroes, and is initialized to the correct values by KernelLdr before returning to Kernel/setting permissions.
 +
** Kernel Map now stores offsets relative to itself rather than relative to _start.
 +
*** Kernel map also now stores an additional offset (to the "register constants").
 +
** The big idea here is to make the crt0 page no longer executable after init.
 +
*** This mitigates the ability to execute gadgets (via ROP/etc) to set TTBR1_EL1 (and other important registers) to user-controlled values.
 +
**** The *only* ttbr1_el1 gadget in all of kernel now sets it to the constant in .rodata, which can't be modified after KernelLdr finishes.
 +
*** This also enables setting the WXN bit while still identity-mapped, instead of having to do it later in boot.
 +
* KernelLdr changes:
 +
** INI1 is now used in-place, if KSystemControl does not have a preferred layout.
 +
* Initialize0 changes:
 +
** Initialize0 now receives the initial process binary size from KernelLdr and stores it in a global.
 +
*** Initialize1 forwards this to the rest of the kernel as with the address.
 +
** Initialize0 no longer memsets the slab region to zero before calling the ifdef'd out function for the unknown debug region.
 +
*** This is now done by InitializeSlabHeaps().
 +
* All exception returns now migitate post-eret speculative execution.
 +
** All "eret" instructions are now "eret; dsb nsh; isb;"
 +
* KInitialPageAllocator::Allocate(Aligned) now memsets the pages to zero before returning them to the caller.
 +
** Correspondingly, KInitialPageTable no longer memsets those pages to zero after allocating them.
 +
* KInitialProcessReader::CreateProcessParameter now ands sizes with 0x1FFFFF000 before overflow checking.
 +
** This may actually just be compiler-garbage due to the types being u32-cast-to-higher-width?
 +
* CreateAndStartInitialProcesses changes:
 +
** A difference check is now an != when allocating page group.
 +
** Segment loading/uncompressing has now been refactored:
 +
*** The entire page group is no longer mapped while loading the segments.
 +
*** KInitialProcessReader::Load is now responsible; it now takes the page group as argument, clears bss (using linear map), and then calls a helper to load each segment.
 +
**** This helper creates a page group for just the pages relevant to the segment, copies the data (using linear map), and then if compressed maps the page group, uncompresses, and unmaps.
 +
* KMemoryRegionType had a number of large changes:
 +
** A new memory type is now inserted after the SecureAppletMemory region (id is 0xC200028E).
 +
** Low 0x2 ID derivations changed to accommodate this.
 +
** As a knock-on effect(?) type IDs for pool partitions changed substantially (likely due to derivation changes elsewhere).
 +
* New KProcess field ("has application system resource").
 +
** This is set to 1 when initializing a KProcess with CreateProcessFlag_IsApplication and system_resource_num_pages == 0.
 +
** When this is true, svc::GetInfo() always returns 0 for InfoType_SystemResourceSizeTotal and InfoType_SystemResourceSizeUsed.
 +
*** This also modifies the calculations for various SystemResourceSize calculations.
 +
*** MapPhysicalMemory() and UnmapPhysicalMemory() will also now return svc::ResultInvalidState().
 +
* The KProcess::Initialize() overload used by initial processes now supports system_resource_num_pages != 0 (and allocates a system resource in this case).
 +
** NOTE: KInitialProcessReader::CreateProcessParameter still hardcodes param->system_resource_num_pages = 0 for all KIPs.
 +
* Changes to KPageTable(Base) around KMemoryState:
 +
** There is no longer a bijective mapping between svc::MemoryState and kern::KMemoryState.
 +
** In particular, KMemoryState_Io has been split into two memory states:
 +
*** KMemoryState_Io(Register) no longer has bit 13 (0x2000) set (new value is 0x180001).
 +
*** For memory mapped with SvcMapIoRegion called with svc::MemoryMapping_Memory, KMemoryState_Io(Memory) retains that bit set (value is 0x182001).
 +
*** KPageTableBase functions dealing with Io mappings now take in MemoryState arguments, and/or MemoryMapping arguments (for the IoRegion functions).
 +
** KMemoryState_ThreadLocal no longer has bit 13 (0x2000) set (new value is 0x400000C).
 +
** KMemoryState_Kernel no longer has bit 13 (0x2000) set (new value is 0x13).
 +
** KMemoryState_Static no longer has bit 13 (0x2000) set (new value is 0x40002).
 +
** KMemoryState_Insecure now supports FlagCanQueryPhysical (new value is 0x55C3817).
 +
** To accommodate this, KPageTableBase::QueryMapping/Contains/GetRegionAddress/GetRegionSize now take an svc::MemoryState (u8) instead of the full KMemoryState.
 +
*** In a (presumably) happy accident, this produces much, much better assembly for the switch statement.
 +
** KPageTableBase::CheckMemoryState was made ALWAYS_INLINE and now calls an impl-func which takes KMemoryBlock * as argument.
 +
* KPageTableBase::MapPageGroup no longer sets the io bit in page properties.
 +
** This is the overload used by process creation.
 +
* KMemoryBlockManager::UpdateIfMatch now takes set_disable_attr, clear_disable_attr.
 +
** KPageTableBase::MapPhysicalMemory passes true for set_disable_attr if the address is exactly the start of the alias region.
 +
* KPageTableBase::UnmapPhysicalMemory now passes clear_disable_attr = 1 to KMemoryManager::Update if the address is exactly the start of the alias region.
 +
* KProcessPageTable::Initialize no longer has an unused truncated-process-id argument.
 +
* Changes to KPageTable(Base) mapping for first-reference:
 +
** KPageTable::Operate is no longer allowed to take MapFirst as operation.
 +
** KPageTable::MapContiguousWithBaseAttribute no longer supports not_first argument, always calls OpenAdditionalReference.
 +
** KPageTable::OperateOnPageGroup is now allowed to take MapFirst as operation, and MapWithPageGroup can now call OpenFirst or OpenAdditional for page group references.
 +
** KPageTableBase::AllocatePageGroupAndOperate now passes MapFirst.
 +
* Miscellaneous page table changes:
 +
** KSupervisorPageTable::Initialize now checks that the WXN bit is set in sctlr_el1 instead of setting it.
 +
** KPageTable::Finalize now calls a second OnFinalize() stub after NoteUpdated().
 +
* KPageTableBase::MapStatic alignment checks were loosened/changed.
 +
* New KMemoryAttribute bit 0x10 ("PermissionLocked").
 +
** This can be set via SvcSetMemoryAttribute.
 +
*** NOTE: Once set, this bit is irrevocable and can never be unset.
 +
**** This is to enable relro (read only relocations).
 +
*** This requires a new KMemoryStateFlag (bit 27) "FlagCanPermissionLock", which is set only on CodeData and AliasCodeData.
 +
** KPageTable::SetMemoryAttribute now calls a new KMemoryBlockManager::UpdateAttributes function specifically for updating the attributes.
 +
** This bit is allowed to be set when unmapped CodeMemory (as it can be set on (Alias)CodeData).
 +
* HandleException now uses UserspaceAccess functions to retrieve the instruction when EsrEc is Unknown, IllegalState, Bkpt, or Brk.
 +
* InvalidateProcessDataCache now special-cases being called on the current process, with a simpler (new) KPageTableBase function.
 +
* Changes around signaling/thread termination.
 +
** KThread::BeginTerminate no longer calls NotifyAvailable on the thread.
 +
** KThread::DoWorkerTask now acquires the scheduler lock and calls NotifyAvailable on the thread.
 +
** KThread and KProcess exit now use separate KWorkerTaskManagers (0 = Thread, 1 = Process).
 +
*** Main() now initializes the two KWorkerTaskManagers, and now aborts if their priorities (both constant 11) are zero.
 +
* KSleepManager's no longer saves and restores tcr_el1 when saving/restoring system registers.
 +
 +
=== [[NV_services|nvservices]] ===
 +
A vuln was [[Switch_System_Flaws|fixed]].
 +
 +
=== [[NS_services|ns]] ===
 +
Besides IPC changes, a vuln was [[Switch_System_Flaws|fixed]].
 +
 +
=== [[PSC_services|psc]] ===
 +
Besides IPC changes, a vuln was [[Switch_System_Flaws|fixed]].
  
 
==See Also==
 
==See Also==
 
System update report(s):
 
System update report(s):
 
* [https://yls8.mtheall.com/ninupdates/reports.php?date=2023-10-11_00-15-06&sys=hac]
 
* [https://yls8.mtheall.com/ninupdates/reports.php?date=2023-10-11_00-15-06&sys=hac]
 +
* [https://yls8.mtheall.com/ninupdates/reports.php?date=2023-11-21_00-10-36&sys=hac]
  
  

Latest revision as of 00:28, 21 November 2023

The Switch 17.0.0 system update was released on October 11, 2023 (UTC). This Switch update was released for the following regions: ALL, and CHN.

Security flaws fixed: yes.

As of November 9, 2023 (UTC), this sysupdate is now required by account CDN / dauth (required by online-play).

Additionally, a rebootless Switch system update was released for 17.0.0 on November 21, 2023 (UTC). This Switch update was released for the following regions: ALL, and CHN. The following (non-sysver) titles were updated: NgWord, NgWord2.

Change-log

Official ALL change-log:

  • General system stability improvements to enhance the user's experience.

System Titles

  • The following titles were updated:
    • Sysmodules: usb, htc.stub, boot2.ProdBoot, settings, Bus, bluetooth, bcat, friends, nifm, ptm, bsdsocket, hid, audio, LogManager.Prod, wlan, ldn, nvservices, pcv, capmtp, nvnflinger, pcie, account, ns, nfc, psc, capsrv, am, ssl, nim, btm, erpt, vi, pctl, npns, eupld, glue, eclct, es, fatal, creport, ro, sdb, grc, migration, jpegdec, safemode, olsc, ngct, jit, pgl, omm, eth, ngc.
    • SystemData (non-sysver): CertStore, ErrorMessage, MiiModel, BrowserDll, Help, NgWord, SsidList, TimeZoneBinary, FontNintendoExtension, FontStandard, FontKorean, FontChineseTraditional, FontChineseSimple, FirmwareDebugSettings, BootImagePackage, BootImagePackageSafe, BootImagePackageExFat, FatalMessage, PlatformConfigIcosa, PlatformConfigCopper, PlatformConfigHoag, ControllerFirmware, NgWord2, BootImagePackageExFatSafe, PlatformConfigIcosaMariko, ContentActionTable, NgWordT, PlatformConfigAula, AulaDockFirmware.
    • Applets: qlaunch, controller, error, playerSelect, LibAppletWeb, LibAppletShop, LibAppletOff, LibAppletLns, LibAppletAuth.

NPDM changes (besides usual version-bump):

  • nifm: Service access: added ifcfg, nettc:nd, nettc:nu, removed bsdcfg.
  • bsdsocket: Service server access: added ifcfg.
  • audio: Service access: removed set:fd.
  • wlan: Name updated: wlan -> wlan.autogen.
  • ldn: Service access: added ifcfg, removed bsdcfg.
  • pcie: Service access: added i2c.
  • account: Service access: added caps:dc.
  • ns: Service access: added hid.
  • npns: Service access: added time:u.
  • migration: Fac.FsAccessFlag updated: set bitmask 0x0000000200001000 (ImageManager, SaveDataTransferVersion2).
  • qlaunch: Service access: added htcs:sys.
  • controller: Service access: added htcs:sys.
  • error: Service access: added htcs:sys.
  • playerSelect: Service access: added htcs:sys.
  • LibAppletWeb: Service access: added htcs:sys.
  • LibAppletShop: Service access: added htcs:sys.
  • LibAppletOff: Service access: added htcs:sys.
  • LibAppletLns: Service access: added htcs:sys.
  • LibAppletAuth: Service access: added htcs:sys.

RomFs changes:

  • ErrorMessage: updated
  • BrowserDll:
    • "/buildinfo/buildinfo.dat" updated
    • "/nro/netfront/": Various data updated.
  • Help: "/legallines.htdocs/index.html" updated
  • NgWord: updated
  • SystemVersion: All files updated.
  • TimeZoneBinary: updated
  • FirmwareDebugSettings/PlatformConfigAula: All files updated.
  • NgWord2: updated
  • RebootlessSystemUpdateVersion: All files updated.
  • NgWordT: All files updated.
  • qlaunch applet:
    • "/lyt/": Various data updated.
    • "/message/": Various data updated.
  • controller applet:
    • "/lyt/": Various data updated.
    • "/message/": Various data updated.
  • error applet: "/lyt/common.szs" updated, "/lyt/Error.szs" updated, "/message/KRko/common.msbt.szs" updated, "/message/Ocean.msbp.szs" updated
  • playerSelect applet:
    • "/lyt/": Various data updated.
    • "/message/": Various data updated.
  • LibAppletWeb/LibAppletShop/LibAppletOff/LibAppletLns/LibAppletAuth: All files updated.

IPC Interface Changes

  • The following interfaces were removed:
    • nn::fgm::sf::IDebugger
  • The following interfaces were added:
    • nn::account::nas::IDeviceHistoryRequest
    • nn::hshl::IBridgeSession
  • The following interfaces were changed:
    • nn::account::IAccountEntityServiceForAccountPolicy
      • Added command 213 - inbytes: 0x4, inhandles: [1], outbytes: 0x0, outinterfaces: ['nn::account::nas::IOAuthProcedureForUserRegistration']
      • Added command 214 - inbytes: 0x14, inhandles: [1], outbytes: 0x0, outinterfaces: ['nn::account::nas::IOAuthProcedureForUserRegistration']
      • Added command 215 - inbytes: 0x14, inhandles: [1], outbytes: 0x0, outinterfaces: ['nn::account::nas::IOAuthProcedureForUserRegistration']
    • nn::account::IAccountServiceForAdministrator
      • Added command 213 - inbytes: 0x4, inhandles: [1], outbytes: 0x0, outinterfaces: ['nn::account::nas::IOAuthProcedureForUserRegistration']
      • Added command 214 - inbytes: 0x14, inhandles: [1], outbytes: 0x0, outinterfaces: ['nn::account::nas::IOAuthProcedureForUserRegistration']
      • Added command 215 - inbytes: 0x14, inhandles: [1], outbytes: 0x0, outinterfaces: ['nn::account::nas::IOAuthProcedureForUserRegistration']
    • nn::account::baas::IAdministrator
      • Added command 170 - inbytes: 0x8, inhandles: [1], outbytes: 0x0, outinterfaces: ['nn::account::nas::IDeviceHistoryRequest']
    • nn::account::baas::IManagerForSystemService
      • Added command 170 - inbytes: 0x8, inhandles: [1], outbytes: 0x0, outinterfaces: ['nn::account::nas::IDeviceHistoryRequest']
    • nn::account::nas::IOAuthProcedureForUserRegistration
      • Added command 200 - buffers: [0x9], inbytes: 0x0, outbytes: 0x0, outinterfaces: ['nn::account::detail::IAsyncContext']
      • Added command 205 - inbytes: 0x0, outbytes: 0x10
      • Added command 210 - inbytes: 0x0, outbytes: 0x1
      • Added command 220 - inbytes: 0x0, outbytes: 0x0, outinterfaces: ['nn::account::detail::IAsyncContext']
      • Added command 221 - buffers: [0x5], inbytes: 0x21, outbytes: 0x0, outinterfaces: ['nn::account::detail::IAsyncContext']
    • nn::am::service::IAppletCommonFunctions
      • Added command 300 - inbytes: 0x0, outbytes: 0x8
    • nn::am::service::ICommonStateGetter
      • Added command 600 - inbytes: 0x10, outbytes: 0x0, outinterfaces: ['nn::am::service::IStorageChannel']
      • Added command 910 - inbytes: 0x0, outbytes: 0x8
    • nn::am::service::IDebugFunctions
      • Added command 52 - inbytes: 0x4, outbytes: 0x8
    • nn::am::service::ILibraryAppletSelfAccessor
      • Added command 160 - inbytes: 0x0, outbytes: 0x8
    • nn::apm::ISystemManager
      • Added command 8 - inbytes: 0x0, outbytes: 0x4
    • nn::arp::detail::IReader
      • Changed command 2 - outbytes: 0x1 -> 0x10 (final state: inbytes: 0x8, outbytes: 0x10)
    • nn::arp::detail::IUpdater
      • Changed command 1 - inbytes: 0x10 -> 0x18 (final state: inbytes: 0x18, outbytes: 0x0)
    • nn::audio::detail::IAudioDevice
      • Added command 15 - inbytes: 0x8, outbytes: 0x0, outhandles: [1]
      • Added command 16 - inbytes: 0x8, outbytes: 0x0
      • Added command 17 - inbytes: 0x8, outbytes: 0x0, outhandles: [1]
      • Added command 18 - inbytes: 0x8, outbytes: 0x0
    • nn::audio::detail::IAudioSnoopManager
      • Removed command 1 - inbytes: 0x0, outbytes: 0x0
      • Removed command 6 - inbytes: 0x0, outbytes: 0x4
    • nn::audioctrl::detail::IAudioController
      • Added command 19 - inbytes: 0x1, outbytes: 0x0
      • Added command 20 - inbytes: 0x0, outbytes: 0x1
      • Removed command 27 - buffer_entry_sizes: [0x4], buffers: [0x5], inbytes: 0x4, outbytes: 0x0
    • nn::bsdsocket::cfg::ServerInterface
      • Added command 16 - buffers: [0x5, 0x6], inbytes: 0x8, outbytes: 0x0, pid: True
      • Added command 17 - buffers: [0x5], inbytes: 0x8, outbytes: 0x8, pid: True
      • Added command 18 - buffers: [0x5, 0x6, 0x6, 0x6], inbytes: 0x8, outbytes: 0x0, pid: True
      • Added command 19 - buffers: [0x5, 0x6], inbytes: 0x8, outbytes: 0x0, pid: True
      • Added command 20 - buffers: [0x5, 0x6], inbytes: 0x8, outbytes: 0x0, pid: True
      • Added command 21 - buffers: [0x5, 0x6], inbytes: 0x10, outbytes: 0x0, pid: True
      • Added command 22 - buffers: [0x5, 0x6, 0x5], inbytes: 0x8, outbytes: 0x0, pid: True
      • Added command 23 - buffers: [0x5], inbytes: 0x10, outbytes: 0x0, pid: True
      • Added command 50 - buffers: [0x5], inbytes: 0x10, outbytes: 0x0, pid: True
      • Added command 51 - buffers: [0x5], inbytes: 0x8, outbytes: 0x0, pid: True
      • Added command 52 - buffers: [0x5], inbytes: 0x8, outbytes: 0x0, pid: True
      • Added command 53 - buffers: [0x5], inbytes: 0x8, outbytes: 0x0, pid: True
      • Added command 54 - buffers: [0x5], inbytes: 0x10, outbytes: 0x0, pid: True
      • Added command 55 - buffers: [0x5], inbytes: 0x8, outbytes: 0x0, pid: True
      • Added command 56 - buffers: [0x5, 0x5], inbytes: 0x8, outbytes: 0x0, pid: True
      • Added command 57 - buffers: [0x5], inbytes: 0x8, outbytes: 0x0, pid: True
      • Added command 58 - buffers: [0x5], inbytes: 0x8, outbytes: 0x0, pid: True
      • Added command 100 - buffers: [0x5], inbytes: 0x10, outbytes: 0x0, pid: True
    • nn::capsrv::sf::IAlbumAccessorService
      • Added command 120 - buffer_entry_sizes: [0x20, 0x0], buffers: [0x6, 0x21], inbytes: 0x18, outbytes: 0x8
      • Added command 130 - buffers: [0x6], inbytes: 0x20, outbytes: 0x8
      • Added command 140 - inbytes: 0x0, outbytes: 0x0, outhandles: [1]
      • Added command 150 - buffer_entry_sizes: [0x400], buffers: [0x16], inbytes: 0x18, outbytes: 0x0
      • Changed command 50000 - buffers: [0x6, 0x6] -> [0x6] (final state: buffers: [0x6], inbytes: 0x18, outbytes: 0x8)
    • nn::capsrv::sf::IAlbumApplicationService
      • Added command 145 - buffer_entry_sizes: [0x20], buffers: [0x6], inbytes: 0x20, outbytes: 0x8, pid: True
      • Added command 146 - buffer_entry_sizes: [0x20], buffers: [0x6], inbytes: 0x30, outbytes: 0x8, pid: True
      • Added command 147 - buffer_entry_sizes: [0x20], buffers: [0x6], inbytes: 0x20, outbytes: 0x8, pid: True
    • nn::capsrv::sf::IDecoderControlService
      • Added command 4001 - buffers: [0x46, 0x5], inbytes: 0x28, outbytes: 0x8
    • nn::dp2hdmi::detail::IDp2hdmiController
      • Added command 9 - inbytes: 0x0, outbytes: 0x10
    • nn::erpt::sf::IContext
      • Changed command 10 - inbytes: 0x8 -> 0xC (final state: buffers: [0x5, 0x5, 0x5], inbytes: 0xC, outbytes: 0x0)
      • Added command 12 - buffers: [0x5, 0x5, 0x5], inbytes: 0xC, outbytes: 0x0
    • nn::es::IActiveRightsContext
      • Removed command 212 - inbytes: 0x0, outbytes: 0x0, outhandles: [1]
    • nn::es::IETicketService
      • Changed command 1006 - buffer_entry_sizes: [0x48, 0x10] -> [0x50, 0x10] (final state: buffer_entry_sizes: [0x50, 0x10], buffers: [0x6, 0x5], inbytes: 0x0, outbytes: 0x4)
      • Added command 1023 - buffer_entry_sizes: [0x10], buffers: [0x6], inbytes: 0x8, outbytes: 0x4
      • Added command 1024 - buffer_entry_sizes: [0x10], buffers: [0x6], inbytes: 0x10, outbytes: 0x4
      • Added command 1025 - buffer_entry_sizes: [0x10], buffers: [0x6], inbytes: 0x8, outbytes: 0x4
      • Added command 1026 - buffer_entry_sizes: [0x10, 0x0], buffers: [0x6, 0x5], inbytes: 0x8, outbytes: 0x4
      • Added command 1027 - buffer_entry_sizes: [0x10, 0x0], buffers: [0x6, 0x5], inbytes: 0x10, outbytes: 0x4
      • Removed command 2002 - inbytes: 0x0, outbytes: 0x0, outhandles: [1]
      • Removed command 2003 - inbytes: 0x0, outbytes: 0x0, outhandles: [1]
    • nn::friends::detail::ipc::IServiceCreator
      • Changed command 2 - outinterfaces: ['0x710007990C'] -> ['0x710007AF24'] (final state: inbytes: 0x0, outbytes: 0x0, outinterfaces: ['0x710007AF24'])
    • nn::fssrv::sf::IDeviceOperator
      • Added command 6 - inbytes: 0x0, outbytes: 0xC
      • Added command 117 - inbytes: 0x18, outbytes: 0x0
      • Added command 221 - buffers: [0x6], inbytes: 0x8, outbytes: 0x0
    • nn::fssrv::sf::IFileSystemProxy
      • Added command 618 - buffer_entry_sizes: [0x301], buffers: [0x19], inbytes: 0x1, outbytes: 0x8
    • nn::fssrv::sf::IFileSystemProxyForLoader
      • Changed command 0 - buffer_entry_sizes: [0x124, 0x301] -> [0x301, 0x0], buffers: [0x1A, 0x19] -> [0x19, 0x6] (final state: buffer_entry_sizes: [0x301, 0x0], buffers: [0x19, 0x6], inbytes: 0x10, outbytes: 0x0, outinterfaces: ['nn::fssrv::sf::IFileSystem'])
    • nn::fssrv::sf::ISaveDataTransferManagerForSaveDataRepair
      • Changed command 110 - buffers: [0x5] -> [0x5, 0x5], inbytes: 0x28 -> 0x18 (final state: buffers: [0x5, 0x5], inbytes: 0x18, outbytes: 0x0, outinterfaces: ['nn::fssrv::sf::ISaveDataDivisionImporter'])
    • nn::fssrv::sf::ISaveDataTransferManagerWithDivision
      • Added command 63 - buffer_entry_sizes: [0x200, 0x0], buffers: [0x19, 0x5], inbytes: 0x2, outbytes: 0x0, outinterfaces: ['nn::fssrv::sf::ISaveDataDivisionImporter']
      • Removed command 67 - buffers: [0x5], inbytes: 0x18, outbytes: 0x0, outinterfaces: ['nn::fssrv::sf::ISaveDataDivisionImporter']
    • nn::gpio::IPadSession
      • Removed command 6 - inbytes: 0x0, outbytes: 0x4
      • Removed command 7 - inbytes: 0x0, outbytes: 0x0
    • nn::grcsrv::IContinuousRecorder
      • Added command 4 - inbytes: 0x0, outbytes: 0x0
    • nn::hid::IHidDebugServer
      • Added command 217 - inbytes: 0x10, inhandles: [1], outbytes: 0x8
      • Added command 351 - inbytes: 0x0, outbytes: 0x4
      • Added command 352 - inbytes: 0x0, outbytes: 0x0
    • nn::hid::IHidServer
      • Added command 213 - inbytes: 0x20, outbytes: 0x0, pid: True
      • Added command 214 - buffer_entry_sizes: [0x4, 0x10], buffers: [0x9, 0x9], inbytes: 0x10, outbytes: 0x0
      • Added command 311 - inbytes: 0x8, outbytes: 0x0, pid: True
      • Added command 312 - inbytes: 0x8, outbytes: 0x0, pid: True
      • Added command 1004 - inbytes: 0x10, outbytes: 0x0, pid: True
    • nn::hid::IHidSystemServer
      • Added command 1320 - inbytes: 0x0, outbytes: 0x0
      • Added command 1321 - inbytes: 0x0, outbytes: 0x0
    • nn::hshl::IManager
      • Added command 9 - inbytes: 0x0, outbytes: 0x0, outinterfaces: ['nn::hshl::IBridgeSession']
      • Added command 10 - inbytes: 0x0, outbytes: 0x1
    • nn::hshl::ISetterManager
      • Added command 3 - inbytes: 0x1, outbytes: 0x0
    • nn::migration::savedata::IClient
      • Added command 304 - buffer_entry_sizes: [0x8], buffers: [0x6], inbytes: 0x4, outbytes: 0x4
    • nn::migration::savedata::IServer
      • Added command 3 - buffer_entry_sizes: [0x8], buffers: [0x6], inbytes: 0x4, outbytes: 0x4
    • nn::migration::user::IService
      • Added command 1110 - buffer_entry_sizes: [0x100, 0x8], buffers: [0x19, 0x5], inbytes: 0x18, inhandles: [1], outbytes: 0x0, outinterfaces: ['nn::migration::savedata::IServer']
    • nn::mnpp::detail::ipc::IServiceForWebBrowser
      • Added command 100 - buffers: [0x5, 0x5, 0x6], inbytes: 0x10, outbytes: 0x0
    • nn::ncm::IContentMetaDatabase
      • Added command 26 - inbytes: 0x10, outbytes: 0x1
    • nn::ncm::IContentStorage
      • Added command 30 - inbytes: 0x11, outbytes: 0x8
    • nn::ndrm::low::detail::INdrmLowAdminInterface
      • Added command 45 - inbytes: 0x8, outbytes: 0x0, outhandles: [1]
    • nn::nim::detail::INetworkInstallManager
      • Added command 142 - inbytes: 0x0, outbytes: 0x0, outhandles: [1], outinterfaces: ['nn::nim::detail::IAsyncResult']
      • Added command 143 - inbytes: 0x18, outbytes: 0x0, outhandles: [1], outinterfaces: ['nn::nim::detail::IAsyncData']
      • Added command 144 - inbytes: 0x18, outbytes: 0x0, outhandles: [1], outinterfaces: ['nn::nim::detail::IAsyncData']
      • Added command 3000 - inbytes: 0x10, outbytes: 0x0, outhandles: [1], outinterfaces: ['nn::nim::detail::IAsyncData']
      • Added command 3001 - inbytes: 0x8, outbytes: 0x0, outhandles: [1], outinterfaces: ['nn::nim::detail::IAsyncData']
    • nn::nim::detail::IShopServiceAccessServerInterface
      • Added command 5 - inbytes: 0x10, inhandles: [1], outbytes: 0x0, outinterfaces: ['nn::nim::detail::IShopServiceAccessServer'], pid: True
    • nn::npns::INpnsSystem
      • Added command 35 - buffers: [0x5], inbytes: 0x10, outbytes: 0x0
      • Added command 36 - inbytes: 0x10, outbytes: 0x0
      • Added command 40 - inbytes: 0x0, outbytes: 0x0, outhandles: [1]
      • Added command 41 - inbytes: 0x0, outbytes: 0x10
      • Added command 42 - buffers: [0x9], inbytes: 0x10, outbytes: 0x0
      • Added command 43 - inbytes: 0x18, outbytes: 0x0
      • Added command 44 - buffer_entry_sizes: [0x10], buffers: [0x9], inbytes: 0x0, outbytes: 0x0
      • Added command 50 - buffers: [0x9, 0x5], inbytes: 0x0, outbytes: 0x0
    • nn::ns::detail::IApplicationManagerInterface
      • Removed command 84 - inbytes: 0x0, outbytes: 0x0, outhandles: [1]
      • Removed command 2521 - inbytes: 0x0, outbytes: 0x0, outhandles: [1]
      • Added command 2523 - inbytes: 0x8, outbytes: 0x8
      • Added command 3100 - inbytes: 0x0, outbytes: 0x10
      • Added command 3101 - inbytes: 0x0, outbytes: 0x0, outhandles: [1], outinterfaces: ['nn::ns::detail::IAsyncResult']
      • Added command 3102 - inbytes: 0x0, outbytes: 0x0
    • nn::olsc::srv::IOlscServiceForSystemService
      • Added command 10000 - inbytes: 0x0, outbytes: 0x0, outinterfaces: ['nn::olsc::srv::IOlscServiceForSystemService']
    • nn::omm::srv::IDisplayLayerControl
      • Removed command 600 - buffer_entry_sizes: [0x4B8], buffers: [0x15], inbytes: 0x0, outbytes: 0x0
      • Added command 610 - buffer_entry_sizes: [0x4C8], buffers: [0x15], inbytes: 0x0, outbytes: 0x0
      • Added command 611 - buffer_entry_sizes: [0x4C8], buffers: [0x15], inbytes: 0x0, outbytes: 0x0
      • Added command 612 - buffer_entry_sizes: [0x4C8], buffers: [0x15], inbytes: 0x0, outbytes: 0x0
      • Added command 900 - buffers: [0x45], inbytes: 0x0, outbytes: 0x0
    • nn::pdm::detail::INotifyService
      • Changed command 0 - inbytes: 0x10 -> 0x18 (final state: inbytes: 0x18, outbytes: 0x0)
    • nn::pinmux::ISession
      • Added command 3 - inbytes: 0x1, outbytes: 0x0
      • Added command 4 - inbytes: 0x0, outbytes: 0x1
      • Added command 5 - inbytes: 0x1, outbytes: 0x0
      • Added command 6 - inbytes: 0x0, outbytes: 0x1
      • Added command 7 - inbytes: 0x4, outbytes: 0x0
      • Added command 8 - inbytes: 0x0, outbytes: 0x4
      • Added command 9 - inbytes: 0x4, outbytes: 0x0
      • Added command 10 - inbytes: 0x0, outbytes: 0x4
    • nn::pl::detail::IPlatformServiceManagerForSystem
      • Added command 107 - inbytes: 0x18, outbytes: 0x0
    • nn::psc::sf::IPmControl
      • Added command 7 - inbytes: 0xC, outbytes: 0x0
    • nn::psm::IPsmServer
      • Changed command 17 - outbytes: 0x40 -> 0x54 (final state: inbytes: 0x0, outbytes: 0x54)
    • nn::settings::ISystemSettingsServer
      • Added command 221 - inbytes: 0x0, outbytes: 0x1
      • Added command 222 - inbytes: 0x1, outbytes: 0x0
    • nn::socket::sf::IClient_MC
      • Added command 35 - buffers: [0x21, 0x22], inbytes: 0x8, outbytes: 0x8
    • nn::spsm::detail::IPowerStateInterface
      • Added command 12 - inbytes: 0x0, outbytes: 0x0
      • Added command 13 - inbytes: 0x0, outbytes: 0x0
      • Added command 14 - inbytes: 0x1, outbytes: 0x0
    • nn::ts::server::IMeasurementServer
      • Removed command 0 - inbytes: 0x1, outbytes: 0x8
      • Removed command 1 - inbytes: 0x1, outbytes: 0x4
    • nn::ts::server::ISession
      • Added command 5 - inbytes: 0x4, outbytes: 0x0
      • Added command 6 - inbytes: 0x4, outbytes: 0x0
      • Added command 7 - inbytes: 0x0, outbytes: 0x4
    • nn::uart::IManager
      • Removed command 0 - inbytes: 0x4, outbytes: 0x1
      • Removed command 1 - inbytes: 0x4, outbytes: 0x1
      • Removed command 2 - inbytes: 0x8, outbytes: 0x1
      • Removed command 3 - inbytes: 0x8, outbytes: 0x1
      • Removed command 4 - inbytes: 0x8, outbytes: 0x1
      • Removed command 5 - inbytes: 0x8, outbytes: 0x1
      • Removed command 7 - inbytes: 0x8, outbytes: 0x1
      • Removed command 8 - inbytes: 0x8, outbytes: 0x1
      • Removed command 9 - inbytes: 0x8, outbytes: 0x1
      • Removed command 10 - inbytes: 0x8, outbytes: 0x1
    • nn::wlan::detail::IPrivateWirelessCommunicationService
      • Removed command 1 - inbytes: 0x4, outbytes: 0x0
      • Changed command 19 - inbytes: 0x4 -> 0x1 (final state: inbytes: 0x1, outbytes: 0x0)
      • Removed command 20 - inbytes: 0x0, outbytes: 0x0
      • Removed command 21 - inbytes: 0x0, outbytes: 0x4
      • Removed command 22 - inbytes: 0x1, outbytes: 0x0
    • nn::wlan::detail::IWirelessCommunicationService
      • Changed command 94 - buffer_entry_sizes: [0x20] -> [0x28] (final state: buffer_entry_sizes: [0x28], buffers: [0xA], inbytes: 0x0, outbytes: 0x4)
      • Added command 200 - inbytes: 0x4, outbytes: 0x0
      • Added command 201 - inbytes: 0x0, outbytes: 0x0
      • Added command 202 - inbytes: 0x0, outbytes: 0x4
      • Added command 203 - inbytes: 0x4, outbytes: 0x0

BootImagePackages

RomFs changes: all files updated.

Using updated master-key: master_key_10 (previously master_key_0f). See NCA for the KeyGeneration listing.

INI1 changes:

  • BootImagePackage:
    • 0100000000000003 (ProcessMana): MainThreadStackSize updated: 0x1000 -> 0x3000.
    • 0100000000000005 (boot): SVC access: added CreateEvent.
  • BootImagePackageSafe:
    • 0100000000000003 (ProcessMana): MainThreadStackSize updated: 0x1000 -> 0x3000.
    • 0100000000000005 (boot): SVC access: added CreateEvent.
  • BootImagePackageExFat:
    • 0100000000000005 (boot): SVC access: added CreateEvent.
    • 0100000000000003 (ProcessMana): MainThreadStackSize updated: 0x1000 -> 0x3000.
  • BootImagePackageExFatSafe:
    • 0100000000000003 (ProcessMana): MainThreadStackSize updated: 0x1000 -> 0x3000.
    • 0100000000000005 (boot): SVC access: added CreateEvent.

The anti-downgrade fuses were updated.

Secure Monitor

  • Support for a new EsCommonKeyType was added (type = 2).
    • Previously, only 0 (TitleKey) and 1 (ArchiveKey) were supported.
    • Correspondingly, PrepareEsDeviceUniqueKeyOption's type field is now bits 6-7 instead of just bit 6.


Kernel

  • Compiler/libc changes:
    • The kernel is now linked using RELR for relocations instead of RELA (see compiler support in lld for .relr.dyn).
    • This greatly reduces the relocations segment size; it has decreased from 0x3A50 bytes in 16.0.0 to 0x90 in 17.0.0.
    • Many minor optimization changes, e.g. mul+add -> madd, madd -> smaddl/umaddl, (a + b - 1) >> 36 is now (a + b) > 0x1000000000, various reordering.
  • crt0 changes:
    • crt0 is no longer located at _start, instead _start is `b crt0` followed by 0x7FC of zeroes.
    • crt0 is now located at the start of .rodata.
      • The crt0 page is now identity-mapped R-X in .rodata instead of RWX at start-of-text.
    • Many system registers which were previously set from KInitArguments are now set using a register constants table in the crt0 .rodata segment.
      • These are ttbr0_el1, ttbr1_el1, tcr_el1, mair_el1, and sctlr_el1.
      • This table is initially zeroes, and is initialized to the correct values by KernelLdr before returning to Kernel/setting permissions.
    • Kernel Map now stores offsets relative to itself rather than relative to _start.
      • Kernel map also now stores an additional offset (to the "register constants").
    • The big idea here is to make the crt0 page no longer executable after init.
      • This mitigates the ability to execute gadgets (via ROP/etc) to set TTBR1_EL1 (and other important registers) to user-controlled values.
        • The *only* ttbr1_el1 gadget in all of kernel now sets it to the constant in .rodata, which can't be modified after KernelLdr finishes.
      • This also enables setting the WXN bit while still identity-mapped, instead of having to do it later in boot.
  • KernelLdr changes:
    • INI1 is now used in-place, if KSystemControl does not have a preferred layout.
  • Initialize0 changes:
    • Initialize0 now receives the initial process binary size from KernelLdr and stores it in a global.
      • Initialize1 forwards this to the rest of the kernel as with the address.
    • Initialize0 no longer memsets the slab region to zero before calling the ifdef'd out function for the unknown debug region.
      • This is now done by InitializeSlabHeaps().
  • All exception returns now migitate post-eret speculative execution.
    • All "eret" instructions are now "eret; dsb nsh; isb;"
  • KInitialPageAllocator::Allocate(Aligned) now memsets the pages to zero before returning them to the caller.
    • Correspondingly, KInitialPageTable no longer memsets those pages to zero after allocating them.
  • KInitialProcessReader::CreateProcessParameter now ands sizes with 0x1FFFFF000 before overflow checking.
    • This may actually just be compiler-garbage due to the types being u32-cast-to-higher-width?
  • CreateAndStartInitialProcesses changes:
    • A difference check is now an != when allocating page group.
    • Segment loading/uncompressing has now been refactored:
      • The entire page group is no longer mapped while loading the segments.
      • KInitialProcessReader::Load is now responsible; it now takes the page group as argument, clears bss (using linear map), and then calls a helper to load each segment.
        • This helper creates a page group for just the pages relevant to the segment, copies the data (using linear map), and then if compressed maps the page group, uncompresses, and unmaps.
  • KMemoryRegionType had a number of large changes:
    • A new memory type is now inserted after the SecureAppletMemory region (id is 0xC200028E).
    • Low 0x2 ID derivations changed to accommodate this.
    • As a knock-on effect(?) type IDs for pool partitions changed substantially (likely due to derivation changes elsewhere).
  • New KProcess field ("has application system resource").
    • This is set to 1 when initializing a KProcess with CreateProcessFlag_IsApplication and system_resource_num_pages == 0.
    • When this is true, svc::GetInfo() always returns 0 for InfoType_SystemResourceSizeTotal and InfoType_SystemResourceSizeUsed.
      • This also modifies the calculations for various SystemResourceSize calculations.
      • MapPhysicalMemory() and UnmapPhysicalMemory() will also now return svc::ResultInvalidState().
  • The KProcess::Initialize() overload used by initial processes now supports system_resource_num_pages != 0 (and allocates a system resource in this case).
    • NOTE: KInitialProcessReader::CreateProcessParameter still hardcodes param->system_resource_num_pages = 0 for all KIPs.
  • Changes to KPageTable(Base) around KMemoryState:
    • There is no longer a bijective mapping between svc::MemoryState and kern::KMemoryState.
    • In particular, KMemoryState_Io has been split into two memory states:
      • KMemoryState_Io(Register) no longer has bit 13 (0x2000) set (new value is 0x180001).
      • For memory mapped with SvcMapIoRegion called with svc::MemoryMapping_Memory, KMemoryState_Io(Memory) retains that bit set (value is 0x182001).
      • KPageTableBase functions dealing with Io mappings now take in MemoryState arguments, and/or MemoryMapping arguments (for the IoRegion functions).
    • KMemoryState_ThreadLocal no longer has bit 13 (0x2000) set (new value is 0x400000C).
    • KMemoryState_Kernel no longer has bit 13 (0x2000) set (new value is 0x13).
    • KMemoryState_Static no longer has bit 13 (0x2000) set (new value is 0x40002).
    • KMemoryState_Insecure now supports FlagCanQueryPhysical (new value is 0x55C3817).
    • To accommodate this, KPageTableBase::QueryMapping/Contains/GetRegionAddress/GetRegionSize now take an svc::MemoryState (u8) instead of the full KMemoryState.
      • In a (presumably) happy accident, this produces much, much better assembly for the switch statement.
    • KPageTableBase::CheckMemoryState was made ALWAYS_INLINE and now calls an impl-func which takes KMemoryBlock * as argument.
  • KPageTableBase::MapPageGroup no longer sets the io bit in page properties.
    • This is the overload used by process creation.
  • KMemoryBlockManager::UpdateIfMatch now takes set_disable_attr, clear_disable_attr.
    • KPageTableBase::MapPhysicalMemory passes true for set_disable_attr if the address is exactly the start of the alias region.
  • KPageTableBase::UnmapPhysicalMemory now passes clear_disable_attr = 1 to KMemoryManager::Update if the address is exactly the start of the alias region.
  • KProcessPageTable::Initialize no longer has an unused truncated-process-id argument.
  • Changes to KPageTable(Base) mapping for first-reference:
    • KPageTable::Operate is no longer allowed to take MapFirst as operation.
    • KPageTable::MapContiguousWithBaseAttribute no longer supports not_first argument, always calls OpenAdditionalReference.
    • KPageTable::OperateOnPageGroup is now allowed to take MapFirst as operation, and MapWithPageGroup can now call OpenFirst or OpenAdditional for page group references.
    • KPageTableBase::AllocatePageGroupAndOperate now passes MapFirst.
  • Miscellaneous page table changes:
    • KSupervisorPageTable::Initialize now checks that the WXN bit is set in sctlr_el1 instead of setting it.
    • KPageTable::Finalize now calls a second OnFinalize() stub after NoteUpdated().
  • KPageTableBase::MapStatic alignment checks were loosened/changed.
  • New KMemoryAttribute bit 0x10 ("PermissionLocked").
    • This can be set via SvcSetMemoryAttribute.
      • NOTE: Once set, this bit is irrevocable and can never be unset.
        • This is to enable relro (read only relocations).
      • This requires a new KMemoryStateFlag (bit 27) "FlagCanPermissionLock", which is set only on CodeData and AliasCodeData.
    • KPageTable::SetMemoryAttribute now calls a new KMemoryBlockManager::UpdateAttributes function specifically for updating the attributes.
    • This bit is allowed to be set when unmapped CodeMemory (as it can be set on (Alias)CodeData).
  • HandleException now uses UserspaceAccess functions to retrieve the instruction when EsrEc is Unknown, IllegalState, Bkpt, or Brk.
  • InvalidateProcessDataCache now special-cases being called on the current process, with a simpler (new) KPageTableBase function.
  • Changes around signaling/thread termination.
    • KThread::BeginTerminate no longer calls NotifyAvailable on the thread.
    • KThread::DoWorkerTask now acquires the scheduler lock and calls NotifyAvailable on the thread.
    • KThread and KProcess exit now use separate KWorkerTaskManagers (0 = Thread, 1 = Process).
      • Main() now initializes the two KWorkerTaskManagers, and now aborts if their priorities (both constant 11) are zero.
  • KSleepManager's no longer saves and restores tcr_el1 when saving/restoring system registers.

nvservices

A vuln was fixed.

ns

Besides IPC changes, a vuln was fixed.

psc

Besides IPC changes, a vuln was fixed.

See Also

System update report(s):


Nintendo Switch System Versions
1.0.0
2.0.02.1.02.2.02.3.0
3.0.03.0.13.0.2
4.0.04.0.14.1.0
5.0.05.0.15.0.25.1.0
6.0.06.0.16.1.06.2.0
7.0.07.0.1
8.0.08.0.18.1.08.1.1
9.0.09.0.19.1.09.2.0
10.0.010.0.110.0.210.0.310.0.410.1.010.1.110.2.0
11.0.011.0.1
12.0.012.0.112.0.212.0.312.1.0
13.0.013.1.013.2.013.2.1
14.0.014.1.014.1.114.1.2
15.0.015.0.1
16.0.016.0.116.0.216.0.316.1.0
17.0.017.0.1
18.0.018.0.118.1.0
19.0.019.0.1