333
edits
Changes
Jump to navigation
Jump to search
Line 139:
Line 139: − + − + + + + + Line 358:
Line 362: + + + + + + − + − + − + − + − + − + − + + + + + + + Line 578:
Line 594: − + Line 620:
Line 636: − + Line 939:
Line 955: − + + + Line 953:
Line 971: − + + + − + + + + + + Line 986:
Line 1,011: − + + + Line 1,060:
Line 1,087: − + Line 1,073:
Line 1,100: + + + Line 1,089:
Line 1,119: − + − + − + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Line 1,097:
Line 1,157: + + + + + + + + + + + + + + + + + + + + + + + + + + + + Line 1,129:
Line 1,217: − + − + Line 1,140:
Line 1,228: − Same registers as in the Erista's fuse [[#Driver|driver]].+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Line 1,189:
Line 1,354: − + − + − + − + − + − + − + − + − + − + − + − + Line 1,282:
Line 1,447: − + Line 1,402:
Line 1,567: − + Line 1,498:
Line 1,663: − + − + − + − + Line 1,540:
Line 1,705: − + − + − + − + Line 1,618:
Line 1,783: − + − + − + − + Line 1,750:
Line 1,915: + + + + + + + + + + + + + + + + + + + + + + + + + Line 1,775:
Line 1,965: − + + + + − + Line 2,344:
Line 2,537: − + − + − + − + − + − |-+ − | reshift_fcpu2+ − | 108+ − | None+ − | 0-31 − |- − | reshift_fcpu3 − | 109 − | None − | 0-31 − |- − | reshift_fl2_tbank0 − | 110 − | None − | 0-31 − |- − | reshift_fl2_tbank1 − | 111 − | None − | 0-31 − |- − | reshift_fl2_tbank2 − | 112 − | None − | 0-31 − |- − | reshift_fl2_tbank3 − | 113 − | None − | 0-31 − |- − | [[#irom_patch|irom_patch]] − | 114 − | None − | Variable − − − − Line 2,700:
Line 2,858: − + − − Line 2,730:
Line 2,886: − + Line 2,780:
Line 2,936: − + − − It allows controlling the debug authentication configuration using a fuse. Line 2,803:
Line 2,957: − + − − It prevents overflowing IRAM (0x40010000) when copying the warmboot binary from DRAM. Line 2,835:
Line 2,987: − + − − It sets the correct warmboot binary entrypoint address for RSA signature verification, which would be done in DRAM instead of IRAM without this patch. Line 3,237:
Line 3,387: − + − | 168 − | None − | 0-31 − |- − | reshift_fcpu1 − | 169 − | None − | 0-31 − |- − | reshift_fcpu2 − + − + − + − + − |-+ − | reshift_fl2_tbank0 − | 172 − | None − | 0-31 − |- − | reshift_fl2_tbank1 − | 173 − | None − | 0-31 − |- − | reshift_fl2_tbank2 − | 174 − | None − | 0-31 − |- − | reshift_fl2_tbank3 − | 175 − | None − | 0-31 − |- − | [[#irom_patch_2|irom_patch]] − | 176 − | None − | Variable − Line 3,300:
Line 3,415: − + Line 3,499:
Line 3,614: − + Line 3,590:
Line 3,705: − + − + − How many fuses are expected to be burnt depends the device's unit type as below.+ + + + + + + + + + + + + + + − + − + − + − + − + − + − + − + − + − + − + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Line 3,652:
Line 3,870: − + + + + + + + + + + + + + + + + + + + + + + + + +
no edit summary
FUSE_FUSECTRL_MARGIN_READ changes the fuse read trip point setting to margin read mode.
FUSE_FUSECTRL_MARGIN_READ changes the fuse read trip point setting to margin read mode.
FUSE_FUSECTRL_RWL selects the fuse redundancy information row.
FUSE_FUSECTRL_RWL allows accessing the RIR (redundant information row).
FUSE_FUSECTRL_TRCS triggers record shifting.
FUSE_FUSECTRL_TRCS allows accessing the TRCS (test rows and columns).
FUSE_FUSECTRL_AT1 selects the TRCS test column (always 0).
FUSE_FUSECTRL_AT0 selects the TRCS test row (0 or 1).
FUSE_FUSECTRL_PD_CTRL controls the fuse macro's power down mode.
FUSE_FUSECTRL_PD_CTRL controls the fuse macro's power down mode.
|-
|-
| 9
| 9
| FUSE_PRIV2RESHIFT_TRIG_1_SCPU_VAL
|-
| 10
| FUSE_PRIV2RESHIFT_TRIG_1_SL2_TBANK_VAL
|-
| 11
| FUSE_PRIV2RESHIFT_STATUS_1_FCPU0_VAL
| FUSE_PRIV2RESHIFT_STATUS_1_FCPU0_VAL
|-
|-
| 10
| 12
| FUSE_PRIV2RESHIFT_STATUS_1_FCPU1_VAL
| FUSE_PRIV2RESHIFT_STATUS_1_FCPU1_VAL
|-
|-
| 11
| 13
| FUSE_PRIV2RESHIFT_STATUS_1_FCPU2_VAL
| FUSE_PRIV2RESHIFT_STATUS_1_FCPU2_VAL
|-
|-
| 12
| 14
| FUSE_PRIV2RESHIFT_STATUS_1_FCPU3_VAL
| FUSE_PRIV2RESHIFT_STATUS_1_FCPU3_VAL
|-
|-
| 13
| 15
| FUSE_PRIV2RESHIFT_STATUS_1_FL2_TBANK0_VAL
| FUSE_PRIV2RESHIFT_STATUS_1_FL2_TBANK0_VAL
|-
|-
| 14
| 16
| FUSE_PRIV2RESHIFT_STATUS_1_FL2_TBANK1_VAL
| FUSE_PRIV2RESHIFT_STATUS_1_FL2_TBANK1_VAL
|-
|-
| 15
| 17
| FUSE_PRIV2RESHIFT_STATUS_1_FL2_TBANK2_VAL
| FUSE_PRIV2RESHIFT_STATUS_1_FL2_TBANK2_VAL
|-
|-
| 16
| 18
| FUSE_PRIV2RESHIFT_STATUS_1_FL2_TBANK3_VAL
| FUSE_PRIV2RESHIFT_STATUS_1_FL2_TBANK3_VAL
|-
| 19
| FUSE_PRIV2RESHIFT_STATUS_1_SCPU_VAL
|-
| 20
| FUSE_PRIV2RESHIFT_STATUS_1_SL2_TBANK_VAL
|}
|}
| 0x7000F9B4
| 0x7000F9B4
|-
|-
| FUSE_ARM_JTAG_DIS
| [[#FUSE_ARM_JTAG_DIS|FUSE_ARM_JTAG_DIS]]
| 0x7000F9B8
| 0x7000F9B8
|-
|-
| 0x7000F9F0
| 0x7000F9F0
|-
|-
| FUSE_SKU_DIRECT_CONFIG
| [[#FUSE_SKU_DIRECT_CONFIG|FUSE_SKU_DIRECT_CONFIG]]
| 0x7000F9F4
| 0x7000F9F4
|-
|-
Stores the FT (Final Test) revision.
Stores the FT (Final Test) revision.
Original launch units have this value set to 0xA0 (revision 5.0). The first batch of patched units have this value set to 0xC0 (revision 6.0). The second batch of patched units have this value set to 0xE0 (revision 7.0)
Original Erista units have this value set to 0xA0 (revision 5.0). The first batch of patched Erista units have this value set to 0xC0 (revision 6.0). The second batch of patched Erista units have this value set to 0xE0 (revision 7.0).
Mariko and Lite units have this value set to 0x60 (revision 3.0). OLED units have this value set to 0x81 (revision 4.1).
==== FUSE_SOC_SPEEDO_1_CALIB ====
==== FUSE_SOC_SPEEDO_1_CALIB ====
Stores the CP (Chip Probing) revision.
Stores the CP (Chip Probing) revision.
Original launch units have this value set to 0xA0 (revision 5.0). Patched units have this value set to 0x103 (revision 8.3).
Original Erista units have this value set to 0xA0 (revision 5.0). Patched Erista units have this value set to 0x103 (revision 8.3).
Mariko units have this value set to 0x40 (revision 2.0). Lite units have this value set to 0x41 (revision 2.1). OLED units have this value set to 0x100 (revision 8.0).
==== FUSE_PRIVATE_KEY ====
==== FUSE_PRIVATE_KEY ====
Stores the 160-bit private key (128 bit SBK + 32-bit device key).
Stores the 160-bit private key (128 bit SBK + 32-bit device key).
Reads to these registers after the SBK is locked out produce all-FF output.
Reads to these registers after [[#FUSE_PRIVATEKEYDISABLE|FUSE_PRIVATEKEYDISABLE]] is set produce all-FF output.
==== FUSE_ARM_JTAG_DIS ====
Controls access to the Arm JTAG interface.
Production Erista and Mariko units have this value set to 0x1, while development Erista and Mariko units do not.
==== FUSE_RESERVED_SW ====
==== FUSE_RESERVED_SW ====
Stores software reserved configuration values.
Stores software reserved configuration values.
Original launch units have the RCM USB controller mode set to USB 2.0, while the first batch of patched units have the RCM USB controller mode set to XUSB.
Production Erista and Mariko units have the forced RCM two button mode set, while development Erista and Mariko units do not.
Original Erista units have the RCM USB controller mode set to USB 2.0, while the first batch of patched Erista units have the RCM USB controller mode set to XUSB. Mariko ignores this and uses XUSB regardless for RCM.
==== FUSE_RESERVED_ODM0 ====
==== FUSE_RESERVED_ODM0 ====
| [1.0.0-3.0.2] 3-5
| [1.0.0-3.0.2] 3-5
[4.0.0+] 3-7
[4.0.0+] 3-7
| DramId
| [15.0.0+] DramId1 ([4.0.0-14.1.2] DramId)
|-
|-
| 8
| 8
| 11
| 11
| [5.0.0+] FormatVersion
| [5.0.0+] FormatVersion
|-
| 12-14
| [15.0.0+] DramId2
|-
|-
| 16-19
| 16-19
Returns the value of the [[#reserved_odm7|reserved_odm7]] anti-downgrade fuse.
Returns the value of the [[#reserved_odm7|reserved_odm7]] anti-downgrade fuse.
==== FUSE_OPT_SEC_DEBUG_EN ====
==== FUSE_SKU_DIRECT_CONFIG ====
Controls the [[TSEC#TSEC_SCP_CTL_STAT|Falcon SCP]] debug mode.
{| class="wikitable" border="1"
! Bits
! Description
|-
| 0
| Disable SCPU
|-
| 1
| Disable FCPU0
|-
| 2
| Disable FCPU1
|-
| 3
| Disable FCPU2
|-
| 4
| Disable FCPU3
|-
| 5
| Disable all CPUs
|}
Controls which CPUs can be used.
Erista units have this value set to 0x00 (both Cortex-A53 and Cortex-A57 clusters are usable).
Mariko units have this value set to 0x01 (only the Cortex-A57 cluster is usable).
==== FUSE_OPT_SEC_DEBUG_EN ====
Controls the [[TSEC#TSEC_SCP_CTL_STAT|Falcon SCP]] debug mode.
==== FUSE_OPT_PRIV_SEC_DIS ====
==== FUSE_OPT_PRIV_SEC_DIS ====
Controls the [[TSEC#FALCON_SCTL|Falcon Light Secure]] feature.
Controls the [[TSEC#FALCON_SCTL|Falcon Light Secure]] feature.
==== FUSE_PKC_DISABLE ====
==== FUSE_PKC_DISABLE ====
Returns if public key crypto is used or not.
Returns if public key crypto is used or not.
==== FUSE_ODM_INFO ====
{| class="wikitable" border="1"
! Bits
! Description
|-
| 0-7
| Reserved
|-
| 8
| Disable DBGEN
|-
| 9
| Disable NIDEN
|-
| 10
| Disable SPIDEN
|-
| 11
| Disable SPNIDEN
|-
| 12
| Disable DEVICEEN
|}
Production Erista and Mariko units have this value set to 0x1F00 (all signals disabled).
Development Erista and Mariko units have this value set to 0x0000 (all signals enabled).
==== FUSE_ECO_RESERVE_0 ====
==== FUSE_ECO_RESERVE_0 ====
==== FUSE_SPARE_BIT_5 ====
==== FUSE_SPARE_BIT_5 ====
Must be non-zero on retail units, otherwise the first bootloader panics.
Must be non-zero on production units, otherwise the first bootloader panics.
On prototype units it can be zero, which tells the bootloader to choose from two pre-production master key seeds. If set to non-zero on a prototype unit, it tells the bootloader to choose from two master key seeds (with the second one being the same as the retail master key seed).
On prototype units it can be zero, which tells the bootloader to choose from two pre-production master key seeds. If set to non-zero on a prototype unit, it tells the bootloader to choose from two master key seeds (with the second one being the same as the production master key seed).
[4.0.0+] This value is no longer used during boot.
[4.0.0+] This value is no longer used during boot.
=== Driver ===
=== Driver ===
{| class="wikitable" border="1"
! Name
! Address
|-
| [[#FUSE_FUSECTRL|FUSE_FUSECTRL]]
| 0x7000F800
|-
| [[#FUSE_FUSEADDR|FUSE_FUSEADDR]]
| 0x7000F804
|-
| [[#FUSE_FUSERDATA|FUSE_FUSERDATA]]
| 0x7000F808
|-
| [[#FUSE_FUSEWDATA|FUSE_FUSEWDATA]]
| 0x7000F80C
|-
| [[#FUSE_FUSETIME_RD1|FUSE_FUSETIME_RD1]]
| 0x7000F810
|-
| [[#FUSE_FUSETIME_RD2|FUSE_FUSETIME_RD2]]
| 0x7000F814
|-
| [[#FUSE_FUSETIME_PGM1|FUSE_FUSETIME_PGM1]]
| 0x7000F818
|-
| [[#FUSE_FUSETIME_PGM2|FUSE_FUSETIME_PGM2]]
| 0x7000F81C
|-
| [[#FUSE_PRIV2INTFC_START|FUSE_PRIV2INTFC_START]]
| 0x7000F820
|-
| [[#FUSE_FUSEBYPASS|FUSE_FUSEBYPASS]]
| 0x7000F824
|-
| [[#FUSE_PRIVATEKEYDISABLE|FUSE_PRIVATEKEYDISABLE]]
| 0x7000F828
|-
| [[#FUSE_DISABLEREGPROGRAM|FUSE_DISABLEREGPROGRAM]]
| 0x7000F82C
|-
| [[#FUSE_WRITE_ACCESS_SW|FUSE_WRITE_ACCESS_SW]]
| 0x7000F830
|-
| [[#FUSE_PRIV2RESHIFT|FUSE_PRIV2RESHIFT]]
| 0x7000F83C
|-
| [[#FUSE_FUSETIME_RD3|FUSE_FUSETIME_RD3]]
| 0x7000F84C
|-
| [[#FUSE_SPARE_ADDR_START|FUSE_SPARE_ADDR_START]]
| 0x7000F860
|-
| [[#FUSE_PRIVATE_KEY0_NONZERO|FUSE_PRIVATE_KEY0_NONZERO]]
| 0x7000F880
|-
| [[#FUSE_PRIVATE_KEY1_NONZERO|FUSE_PRIVATE_KEY1_NONZERO]]
| 0x7000F884
|-
| [[#FUSE_PRIVATE_KEY2_NONZERO|FUSE_PRIVATE_KEY2_NONZERO]]
| 0x7000F888
|-
| [[#FUSE_PRIVATE_KEY3_NONZERO|FUSE_PRIVATE_KEY3_NONZERO]]
| 0x7000F88C
|-
| [[#FUSE_PRIVATE_KEY4_NONZERO|FUSE_PRIVATE_KEY4_NONZERO]]
| 0x7000F890
|}
==== FUSE_SPARE_ADDR_START ====
{| class="wikitable" border="1"
! Bits
! Description
|-
| 0-31
| FUSE_SPARE_ADDR_START_DATA
|}
Returns the offset of the spare bit fuse registers (always 0x380).
=== Cache ===
=== Cache ===
| 0x7000F8CC
| 0x7000F8CC
|-
|-
| FUSE_KEK00
| [[#FUSE_KEK|FUSE_KEK00]]
| 0x7000F8D0
| 0x7000F8D0
|-
|-
| FUSE_KEK01
| [[#FUSE_KEK|FUSE_KEK01]]
| 0x7000F8D4
| 0x7000F8D4
|-
|-
| FUSE_KEK02
| [[#FUSE_KEK|FUSE_KEK02]]
| 0x7000F8D8
| 0x7000F8D8
|-
|-
| FUSE_KEK03
| [[#FUSE_KEK|FUSE_KEK03]]
| 0x7000F8DC
| 0x7000F8DC
|-
|-
| FUSE_BEK00
| [[#FUSE_BEK|FUSE_BEK00]]
| 0x7000F8E0
| 0x7000F8E0
|-
|-
| FUSE_BEK01
| [[#FUSE_BEK|FUSE_BEK01]]
| 0x7000F8E4
| 0x7000F8E4
|-
|-
| FUSE_BEK02
| [[#FUSE_BEK|FUSE_BEK02]]
| 0x7000F8E8
| 0x7000F8E8
|-
|-
| FUSE_BEK03
| [[#FUSE_BEK|FUSE_BEK03]]
| 0x7000F8EC
| 0x7000F8EC
|-
|-
|
| FUSE_OPT_RAM_RTSEL_TSMCSP_PO4SVT
| 0x7000F8F0
| 0x7000F8F0
|-
|-
|
| FUSE_OPT_RAM_WTSEL_TSMCSP_PO4SVT
| 0x7000F8F4
| 0x7000F8F4
|-
|-
|
| FUSE_OPT_RAM_RTSEL_TSMCPDP_PO4SVT
| 0x7000F8F8
| 0x7000F8F8
|-
|-
|
| FUSE_OPT_RAM_MTSEL_TSMCPDP_PO4SVT
| 0x7000F8FC
| 0x7000F8FC
|-
|-
| 0x7000F948
| 0x7000F948
|-
|-
| FUSE_RESERVED_PRODUCTION
| [[#FUSE_RESERVED_PRODUCTION|FUSE_RESERVED_PRODUCTION]]
| 0x7000F94C
| 0x7000F94C
|-
|-
| 0x7000F9E8
| 0x7000F9E8
|-
|-
|
| [[#FUSE_OPT_NVJTAG_PROTECTION_ENABLE|FUSE_OPT_NVJTAG_PROTECTION_ENABLE]]
| 0x7000F9EC
| 0x7000F9EC
|-
|-
| 0x7000FA68
| 0x7000FA68
|-
|-
|
| FUSE_OPT_RAM_RTSEL_TSMCSP_PO4HVT
| 0x7000FA6C
| 0x7000FA6C
|-
|-
|
| FUSE_OPT_RAM_WTSEL_TSMCSP_PO4HVT
| 0x7000FA70
| 0x7000FA70
|-
|-
|
| FUSE_OPT_RAM_RTSEL_TSMCPDP_PO4HVT
| 0x7000FA74
| 0x7000FA74
|-
|-
|
| FUSE_OPT_RAM_MTSEL_TSMCPDP_PO4HVT
| 0x7000FA78
| 0x7000FA78
|-
|-
| 0x7000FAA8
| 0x7000FAA8
|-
|-
|
| FUSE_OPT_RAM_WTSEL_TSMCPDP_PO4SVT
| 0x7000FAB0
| 0x7000FAB0
|-
|-
|
| FUSE_OPT_RAM_RCT_TSMCDP_PO4SVT
| 0x7000FAB4
| 0x7000FAB4
|-
|-
|
| FUSE_OPT_RAM_WCT_TSMCDP_PO4SVT
| 0x7000FAB8
| 0x7000FAB8
|-
|-
|
| FUSE_OPT_RAM_KP_TSMCDP_PO4SVT
| 0x7000FABC
| 0x7000FABC
|-
|-
| 0x7000FB20
| 0x7000FB20
|-
|-
|
| FUSE_OPT_RAM_WTSEL_TSMCPDP_PO4HVT
| 0x7000FB24
| 0x7000FB24
|-
|-
|
| FUSE_OPT_RAM_RCT_TSMCDP_PO4HVT
| 0x7000FB28
| 0x7000FB28
|-
|-
|
| FUSE_OPT_RAM_WCT_TSMCDP_PO4HVT
| 0x7000FB2C
| 0x7000FB2C
|-
|-
|
| FUSE_OPT_RAM_KP_TSMCDP_PO4HVT
| 0x7000FB30
| 0x7000FB30
|-
|-
| 0x7000FBF4
| 0x7000FBF4
|}
|}
==== FUSE_KEK ====
Stores the 128-bit KEK (Key Encryption Key) encrypted with the FEK (Fuse Encryption Key) selected by [[#FUSE_RESERVED_PRODUCTION|FUSE_RESERVED_PRODUCTION]] and [[#FUSE_BOOT_SECURITY_INFO|FUSE_BOOT_SECURITY_INFO]].
Reads to these registers after [[#FUSE_PRIVATEKEYDISABLE|FUSE_PRIVATEKEYDISABLE]] is set produce all-FF output.
==== FUSE_BEK ====
Stores the 128-bit BEK (Boot Encryption Key) encrypted with the FEK (Fuse Encryption Key) selected by [[#FUSE_RESERVED_PRODUCTION|FUSE_RESERVED_PRODUCTION]] and [[#FUSE_BOOT_SECURITY_INFO|FUSE_BOOT_SECURITY_INFO]].
Reads to these registers after [[#FUSE_PRIVATEKEYDISABLE|FUSE_PRIVATEKEYDISABLE]] is set produce all-FF output.
==== FUSE_RESERVED_PRODUCTION ====
{| class="wikitable" border="1"
! Bits
! Description
|-
| 0-1
| Reserved
|-
| 2
| FEK bank select
|}
==== FUSE_OPT_NVJTAG_PROTECTION_ENABLE ====
Controls the NVJTAG protection feature. If enabled, this will permanently disable access to all DFT (Design for Test) functions which include the ability put the chip in FA (Failure Analysis) mode.
==== FUSE_RESERVED_ODM28 ====
==== FUSE_RESERVED_ODM28 ====
|-
|-
| 4-6
| 4-6
| Fuse encryption select (0 = TEST_KEY, 1 = NVIDIA_KEY, 2 to 7 = OEM_KEY_1 to OEM_KEY_6)
| Fuse encryption select (0 = TEST_KEY, 1 = NVIDIA_KEY, 2 to 7 = OEM_KEY_0 to OEM_KEY_5)
|-
| 7
| SE atomic context save (0 = DISABLE, 1 = ENABLE)
|}
|}
Stores configuration values for the new boot security mechanism.
Stores configuration values for the new boot security mechanism.
Mariko units have authentication set to PKC_RSA, encryption enabled, fuse encryption enabled and fuse encryption select set to OEM_KEY_1 (development) or OEM_KEY_2 (retail).
Mariko units have authentication set to PKC_RSA, encryption enabled, fuse encryption enabled and fuse encryption select set to OEM_KEY_0 (development units) or OEM_KEY_1 (production units).
= Bitmap =
= Bitmap =
| 0-1
| 0-1
|-
|-
| reshift_fcpu0
| reshift_records
| 106
| 106
| None
| None
| 0-31
| 0-192
|-
|-
| reshift_fcpu1
| [[#irom_patch|irom_patch]]
| 107
| 112
| None
| None
| 0-31
| 0-2560
|}
=== reserved_odm6 ===
Used for [[#Anti-downgrade|anti-downgrade]] control.
|}
=== reserved_odm6 ===
Used for [[#Anti-downgrade|anti-downgrade]] control.
=== reserved_odm7 ===
=== reserved_odm7 ===
==== IROM patch 1 ====
==== IROM patch 1 ====
This patch is a bugfix.
This patch sets APBDEV_PMC_SCRATCH190_0 to 0x01, which LP0 resume code expects.
LP0 resume code expects APBDEV_PMC_SCRATCH190_0 to be set to 0x01, but the bootrom didn't set it.
<syntaxhighlight lang="c">
<syntaxhighlight lang="c">
This patch ensures that waiting on PRC_PENDING from the XUSB_DEV register T_XUSB_DEV_XHCI_PORTSC never fails.
This patch ensures that waiting on PRC_PENDING from the XUSB_DEV register T_XUSB_DEV_XHCI_PORTSC never fails.
In the second batch of patched units ([[#FUSE_OPT_FT_REV|FUSE_OPT_FT_REV]] set to revision 7.0) this patch has been replaced with a fix for [[Switch_System_Flaws#Hardware|CVE-2018-6242]] (arbitrary copy when handling USB control requests in RCM). By setting R1 to 0 at address 0x0010769A in the bootrom, the upper 16 bits of the USB control request's wLength field are cleared out, effectively limiting the request's size to a maximum of 255 bytes.
In the second batch of patched units ([[#FUSE_OPT_FT_REV|FUSE_OPT_FT_REV]] set to revision 7.0) this patch has been replaced with a fix for [[Switch_System_Flaws#Hardware|CVE-2018-6242]] (arbitrary copy when handling USB control requests in RCM). By setting R1 to 0 at address 0x0010769A in the bootrom, the upper 8 bits of the USB control request's wLength field are cleared out, effectively limiting the request's size to a maximum of 255 bytes.
==== IROM patch 4 ====
==== IROM patch 4 ====
==== IROM patch 6 ====
==== IROM patch 6 ====
This patch is a factory backdoor.
This patch allows controlling the debug authentication configuration using a fuse.
<syntaxhighlight lang="c">
<syntaxhighlight lang="c">
==== IROM patch 7 ====
==== IROM patch 7 ====
This patch is a bugfix.
This patch prevents overflowing IRAM (0x40010000) when copying the warmboot binary from DRAM.
<syntaxhighlight lang="c">
<syntaxhighlight lang="c">
==== IROM patch 8 ====
==== IROM patch 8 ====
This patch is a bugfix.
This patch sets the correct warmboot binary entrypoint address for RSA signature verification, which would be done in DRAM instead of IRAM without this patch.
<syntaxhighlight lang="c">
<syntaxhighlight lang="c">
| 31
| 31
|-
|-
| reshift_fcpu0
| reshift_records
| 170
| 170
| None
| None
| 0-31
| 0-192
|-
|-
| reshift_fcpu3
| [[#irom_patch_2|irom_patch]]
| 171
| 176
| None
| None
| 0-31
| 0-2560
|}
|}
=== irom_patch ===
=== irom_patch ===
RAM:00000000 ; 6: 0x4103df2b 0x00108206 0x0000df2b : svc #0x2b (offset 0x9e)
RAM:00000000 ; 6: 0x4103df2b 0x00108206 0x0000df2b : svc #0x2b (offset 0x9e)
RAM:00000000 ; 7: 0x495c0060 0x001092b8 0x00000060 : lsls r0, r4, #1
RAM:00000000 ; 7: 0x495c0060 0x001092b8 0x00000060 : lsls r0, r4, #1
RAM:00000000 ; 8: 0x62e3ef5b 0x0010c5c6 0x0000ef5b
RAM:00000000 ; 8: 0x62e3ef5b 0x0010c5c6 0x0000ef5b : svc #0x5b (offset 0xfe)
RAM:00000000 ; 9: 0x10d1df6a 0x001021a2 0x0000df6a : svc #0x6a (offset 0x11c)
RAM:00000000 ; 9: 0x10d1df6a 0x001021a2 0x0000df6a : svc #0x6a (offset 0x11c)
RAM:00000004 MOV R2, LR
RAM:00000004 MOV R2, LR
RAM:000000FE
RAM:000000FE
RAM:000000FE
RAM:000000FE
RAM:000000FE sub_FE
RAM:000000FE sub_FE ; 8: 0x62e3ef5b 0x0010c5c6 0x0000ef5b : svc #0x5b (offset 0xfe)
RAM:000000FE POP {R2}
RAM:000000FE POP {R2}
RAM:00000100 MOV R4, SP
RAM:00000100 MOV R4, SP
</syntaxhighlight>
</syntaxhighlight>
= Anti-downgrade =
==== IROM patch 1 ====
The first bootloader verifies [[#FUSE_RESERVED_ODM7|FUSE_RESERVED_ODM7]] to prevent downgrading.
This patch stubs the function responsible for disabling read access for the SE AES keyslots.
Due to a programming mistake, when loading the OEM AES keys the aforementioned function would be called with the wrong arguments. The patch prevents this by simply stubbing the function altogether, which is only acceptable because the Mariko's SE hardware already boots with keyslot reading permanently disabled.
==== IROM patch 2 ====
This patch forces the function responsible for checking if SE context atomic save is enabled (by checking a fuse) to always return true.
Some Mariko units have been found to not have the relevant fuse bit (bit 7 in [[#FUSE_BOOT_SECURITY_INFO|FUSE_BOOT_SECURITY_INFO]]) burned, so the patch serves as a workaround for this.
==== IROM patch 3 ====
This patch forces a jump to the same routine used by [[#IROM_patch_0_2|IROM patch 0]] if loading a bootloader failed.
By setting all IRAM memory from 0x4000FC20 to 0x40040000 to 0xEAFFFFFE, a bootloader that somehow failed validation is effectively erased from memory.
==== IROM patch 4 ====
This patch stores a stack cookie (value 0x5A55F0E1) after a RCM message is received and before it's validated.
{| class="wikitable" border="1"
==== IROM patch 5 ====
|-
This patch checks the stack cookie stored by [[#IROM_patch_4_2|IROM patch 4]] right after a RCM message is validated.
! System version
! Expected number of burnt fuses (retail)
If the stack cookie's value is still 0x5A55F0E1, the bootrom jumps to a panic. If it changed to anything other than 0, the same routine used by [[#IROM_patch_0_2|IROM patch 0]] is called. Presumably, this is an attempt at mitigating fault injection attacks against skipping the validation of RCM messages.
! Expected number of burnt fuses (non-retail)
|-
==== IROM patch 6 ====
| 1.0.0
This patch sanitizes the crypto context right before receiving a RCM message.
| 1
| 0
<syntaxhighlight lang="c">
|-
u32 FUSE_PRIVATEKEYDISABLE = 0x7000F828;
| 2.0.0-2.3.0
u32 SE1_CRYPTO_KEYTABLE_ADDR = 0x7001231C;
u32 SE2_CRYPTO_KEYTABLE_ADDR = 0x7041231C;
u32 SE1_CRYPTO_KEYTABLE_DATA = 0x70012320;
u32 SE2_CRYPTO_KEYTABLE_DATA = 0x70412320;
// Hide the private key fuses
*(u32 *)FUSE_PRIVATEKEYDISABLE = 0x1;
u32 crypto_keytable_val = 0xE0;
// Clear SE1/SE2 keyslot 0xE (contains the SBK)
for (int i = 0; i < 0x7; i++) {
*(u32 *)SE1_CRYPTO_KEYTABLE_ADDR = crypto_keytable_val;
*(u32 *)SE1_CRYPTO_KEYTABLE_DATA = 0;
*(u32 *)SE2_CRYPTO_KEYTABLE_ADDR = crypto_keytable_val;
*(u32 *)SE2_CRYPTO_KEYTABLE_DATA = 0;
crypto_keytable_val++;
}
crypto_keytable_val = 0xF0;
// Clear SE1/SE2 keyslot 0xF (contains the SSK)
for (int i = 0; i < 0x07; i++) {
*(u32 *)SE1_CRYPTO_KEYTABLE_ADDR = crypto_keytable_val;
*(u32 *)SE1_CRYPTO_KEYTABLE_DATA = 0;
*(u32 *)SE2_CRYPTO_KEYTABLE_ADDR = crypto_keytable_val;
*(u32 *)SE2_CRYPTO_KEYTABLE_DATA = 0;
crypto_keytable_val++;
}
crypto_keytable_val = 0xC0;
// Clear SE1/SE2 keyslot 0xC (contains the KEK)
for (int i = 0; i < 0x7; i++) {
*(u32 *)SE1_CRYPTO_KEYTABLE_ADDR = crypto_keytable_val;
*(u32 *)SE1_CRYPTO_KEYTABLE_DATA = 0;
*(u32 *)SE2_CRYPTO_KEYTABLE_ADDR = crypto_keytable_val;
*(u32 *)SE2_CRYPTO_KEYTABLE_DATA = 0;
crypto_keytable_val++;
}
u8 se_instance = 0; // SE1
u8 se_src_key_slot = 0xD;
u8 se_src_key_size = 0; // 128 bits
u8 se_dst_key_slot = 0xD;
u8 se_dst_key_size = 0; // 128 bits
u8 *se_src_key_data = 0x40004164;
// Overwrite SE1 keyslot 0xD (contains the BEK)
se_decrypt_key_into_key_slot(se_instance, se_src_key_slot, se_src_key_size, se_dst_key_slot, se_dst_key_size, se_src_key_data);
se_instance = 1; // SE2
// Overwrite SE2 keyslot 0xD (contains the BEK)
se_decrypt_key_into_key_slot(se_instance, se_src_key_slot, se_src_key_size, se_dst_key_slot, se_dst_key_size, se_src_key_data);
/*
Untranslated instructions:
LDR R0, =0x4000FC20
MOV R8, R0
*/
return;
</syntaxhighlight>
==== IROM patch 7 ====
This patch doubles the maximum value passed to the function responsible for generating random numbers with the SE. These values are then used for randomizing the duration of wait loops scattered around the bootrom.
==== IROM patch 8 ====
This patch forces memcpy to always fall outside of current stack limits.
==== IROM patch 9 ====
This patch forces TZRAM to be cleared on any boot type (instead of clearing it only on coldboot).
= Anti-downgrade =
The first bootloader verifies [[#FUSE_RESERVED_ODM7|FUSE_RESERVED_ODM7]] to prevent downgrading.
How many fuses are expected to be burnt depends the device's unit type as below.
{| class="wikitable" border="1"
|-
! System version
! Expected number of burnt fuses (production)
! Expected number of burnt fuses (development)
|-
| 1.0.0
| 1
| 0
|-
| 2.0.0-2.3.0
| 2
| 2
| 0
| 0
| 1
| 1
|-
|-
| 11.0.0-11.0.1-12.0.0
| 11.0.0-12.0.1
| 14
| 14
| 1
|-
| 12.0.2-13.1.0
| 15
| 1
|-
| 13.2.1-14.1.2
| 16
| 1
|-
| 15.0.0-15.0.1
| 17
| 1
|-
| 16.0.0-16.1.0
| 18
| 1
|-
| 17.0.0-18.1.0
| 19
| 1
|-
| 19.0.0-19.0.1
| 20
| 1
| 1
|}
|}