Flash Filesystem: Difference between revisions
→Keyblob: Regarding "fun fact: failing this CMAC check will blow fuses" |
|||
| Line 68: | Line 68: | ||
| 0x0 | | 0x0 | ||
| 0x10 | | 0x10 | ||
| Keyblob AES-CMAC | | Keyblob AES-CMAC over the remaining 0xA0-bytes (Checked with a safe memcmp which won't abort early, calls the general panic() func on failure) | ||
|- | |- | ||
| 0x10 | | 0x10 | ||
| Line 88: | Line 88: | ||
Which keyblob is loaded from here during install is presumably somewhere in BCT? <v3.0 use index0, v3.0 uses index1. Hence, the installed keyblob was changed with v3.0. | Which keyblob is loaded from here during install is presumably somewhere in BCT? <v3.0 use index0, v3.0 uses index1. Hence, the installed keyblob was changed with v3.0. | ||
==== panic ==== | |||
The ARM7 panic() function does the following: | |||
* Clears memory. | |||
* ... | |||
* Writes 0x1 to FUSE_DIS_PGM. From nvdia source: "check that fuse options write access hasn't been disabled". | |||
* ... | |||
* Executes: while(1)*((u32*)0x60007004) = 0x5<<28; | |||
== User Partitions == | == User Partitions == | ||