Difference between revisions of "8.1.0"
m (→See Also) |
|||
(5 intermediate revisions by 2 users not shown) | |||
Line 22: | Line 22: | ||
The Secure Monitor was updated. | The Secure Monitor was updated. | ||
− | + | * The SE key read disable function no longer writes zero to AES_KEY_READ_DISABLE/RSA_KEY_READ_DISABLE. | |
+ | * Functions for locking/checking PMC secure scratch now have additional bitmasks 0x40/0x80 for locking more secure scratch registers. | ||
+ | * NVDEC/TSECB access to the kernel carveout was removed. | ||
+ | * On suspend (SC7 Entry), SWR_USBD_RST is now checked, and AHB arbitration disable is now checked to be COP, ARC, USB, USB2. | ||
+ | ** This further mitigates against Deja Vu. | ||
+ | * TZ/SE context save logic has been changed. | ||
+ | ** The context save function now first generates 16 random bytes, and securely saves them to scratch (using the usual write-writelock-check-readlock-checklocked pattern). | ||
+ | ** It then generates a random aes-256 key, and derives an actual encryption/MAC key by decrypting the random data with that key. | ||
+ | *** Previously, it generated a random aes-256 key and used it directly. | ||
+ | *** This prevents attacks that might coerce the usage of a specific aes-256 key instead of a random one. | ||
+ | ** Calls into the check scratch locked/lock scratch function which previously passed one bitmask at a time now pass multiple | ||
+ | *** Accordingly, the lock/check locked functions now support multiple bitmasks instead of single bitmasks at a time. | ||
+ | * The function that initializes the SE/derives keys now sets flag 0x100 on AES keyslots 8-15, and RSA keyslots 0-1. | ||
====Kernel==== | ====Kernel==== | ||
Line 68: | Line 80: | ||
==System Titles== | ==System Titles== | ||
+ | Updated titles: | ||
+ | * Sysmodules: | ||
+ | ** settings Rebuilt. | ||
+ | ** bus Identical codebin. | ||
+ | ** bcat .text updated. | ||
+ | ** hid .text updated. | ||
+ | ** audio Identical codebin. | ||
+ | ** wlan .text updated. | ||
+ | ** nvservices Only GNU build hash was updated. | ||
+ | ** nvnflinger .text updated. | ||
+ | ** account .text updated. | ||
+ | ** ns .text updated. | ||
+ | ** am .text updated. | ||
+ | ** ssl Rebuilt. | ||
+ | ** vi .text updated. | ||
+ | ** es .text updated. | ||
+ | ** fatal .text updated. | ||
+ | ** creport Identical codebin. | ||
+ | ** ro Identical codebin. | ||
+ | ** grc .text updated. | ||
+ | * ErrorMessage, BrowserDll, [[System_Version_Title]], FIRM, qlaunch, web-applets (main codebin rebuilt), and RebootlessSystemUpdateVersion. | ||
No changes with IPC service commands. | No changes with IPC service commands. | ||
− | Titles' RomFS changes: | + | Titles' RomFS changes, besides [[System_Version_Title]]: |
+ | * ErrorMessage: Error 2124-4517 was updated with actual strings etc. "/2181/4017/common" and "/DatabaseInfo" were updated. | ||
* BrowserDll: the NROs and buildinfo were updated. | * BrowserDll: the NROs and buildinfo were updated. | ||
+ | * RebootlessSystemUpdateVersion: The "/version" file was updated. | ||
+ | * qlaunch: "/lyt/Notification.szs" was updated. | ||
+ | * Web-applets: "/buildinfo/buildinfo.dat" and "/.nrr/netfront.nrr" were updated. | ||
==Keys== | ==Keys== | ||
Line 80: | Line 117: | ||
System update report(s): | System update report(s): | ||
* [https://yls8.mtheall.com/ninupdates/reports.php?date=06-17-19_08-05-09&sys=hac] | * [https://yls8.mtheall.com/ninupdates/reports.php?date=06-17-19_08-05-09&sys=hac] | ||
+ | |||
+ | {{NavboxVersions}} | ||
+ | |||
+ | [[Category:System versions]] |
Latest revision as of 11:52, 6 August 2019
The Switch 8.1.0 system update was released on June 17, 2019. This Switch update was released for the following regions: ALL.
Security flaws fixed: yes.
Change-log
Official ALL change-log:
- General system stability improvements to enhance the user's experience.
FIRM
All files in RomFS were updated.
Package1ldr
package1ldr was updated. The TSEC secureboot firmware was updated.
NX_BOOTLOADER
NX bootloader was updated.
<check back later for diff>
Secure Monitor
The Secure Monitor was updated.
- The SE key read disable function no longer writes zero to AES_KEY_READ_DISABLE/RSA_KEY_READ_DISABLE.
- Functions for locking/checking PMC secure scratch now have additional bitmasks 0x40/0x80 for locking more secure scratch registers.
- NVDEC/TSECB access to the kernel carveout was removed.
- On suspend (SC7 Entry), SWR_USBD_RST is now checked, and AHB arbitration disable is now checked to be COP, ARC, USB, USB2.
- This further mitigates against Deja Vu.
- TZ/SE context save logic has been changed.
- The context save function now first generates 16 random bytes, and securely saves them to scratch (using the usual write-writelock-check-readlock-checklocked pattern).
- It then generates a random aes-256 key, and derives an actual encryption/MAC key by decrypting the random data with that key.
- Previously, it generated a random aes-256 key and used it directly.
- This prevents attacks that might coerce the usage of a specific aes-256 key instead of a random one.
- Calls into the check scratch locked/lock scratch function which previously passed one bitmask at a time now pass multiple
- Accordingly, the lock/check locked functions now support multiple bitmasks instead of single bitmasks at a time.
- The function that initializes the SE/derives keys now sets flag 0x100 on AES keyslots 8-15, and RSA keyslots 0-1.
Kernel
Kernel was not changed.
Warmboot
- The firmware revision magic was changed from 0x129 to 0x14A.
- Security Engine state validation was changed (first six keyslots now expected to read zeroes instead of FFs).
- <check back for more diffs later>
FIRM Sysmodules
FIRM sysmodules were updated. Specific diffs available below:
Boot
Only GNU build hash was updated.
FS
Only GNU build hash was updated.
Loader
- ldr:pm->CreateProcess() now performs additional validation on the NPDM header.
- When the title id is one of certain hardcoded titles, Loader now validates that the version field at NPDM header is non-zero. This prevents selectively downgrading those titles to versions vulnerable to known exploits.
- The titles checked are:
- settings
- bus
- audio
- nvservices
- ns
- ssl
- es
- creport
- ro
NCM
Only GNU build hash was updated.
PM
Only GNU build hash was updated.
SM
SM was not updated.
SPL
SPL was not updated.
System Titles
Updated titles:
- Sysmodules:
- settings Rebuilt.
- bus Identical codebin.
- bcat .text updated.
- hid .text updated.
- audio Identical codebin.
- wlan .text updated.
- nvservices Only GNU build hash was updated.
- nvnflinger .text updated.
- account .text updated.
- ns .text updated.
- am .text updated.
- ssl Rebuilt.
- vi .text updated.
- es .text updated.
- fatal .text updated.
- creport Identical codebin.
- ro Identical codebin.
- grc .text updated.
- ErrorMessage, BrowserDll, System_Version_Title, FIRM, qlaunch, web-applets (main codebin rebuilt), and RebootlessSystemUpdateVersion.
No changes with IPC service commands.
Titles' RomFS changes, besides System_Version_Title:
- ErrorMessage: Error 2124-4517 was updated with actual strings etc. "/2181/4017/common" and "/DatabaseInfo" were updated.
- BrowserDll: the NROs and buildinfo were updated.
- RebootlessSystemUpdateVersion: The "/version" file was updated.
- qlaunch: "/lyt/Notification.szs" was updated.
- Web-applets: "/buildinfo/buildinfo.dat" and "/.nrr/netfront.nrr" were updated.
Keys
Keys were updated.
See Also
System update report(s):
Nintendo Switch System Versions | |
---|---|
1.0.0 | |
2.0.0 • 2.1.0 • 2.2.0 • 2.3.0 | |
3.0.0 • 3.0.1 • 3.0.2 | |
4.0.0 • 4.0.1 • 4.1.0 | |
5.0.0 • 5.0.1 • 5.0.2 • 5.1.0 | |
6.0.0 • 6.0.1 • 6.1.0 • 6.2.0 | |
7.0.0 • 7.0.1 | |
8.0.0 • 8.0.1 • 8.1.0 • 8.1.1 | |
9.0.0 • 9.0.1 • 9.1.0 • 9.2.0 | |
10.0.0 • 10.0.1 • 10.0.2 • 10.0.3 • 10.0.4 • 10.1.0 • 10.1.1 • 10.2.0 | |
11.0.0 • 11.0.1 | |
12.0.0 • 12.0.1 • 12.0.2 • 12.0.3 • 12.1.0 | |
13.0.0 • 13.1.0 • 13.2.0 • 13.2.1 | |
14.0.0 • 14.1.0 • 14.1.1 • 14.1.2 | |
15.0.0 • 15.0.1 | |
16.0.0 • 16.0.1 • 16.0.2 • 16.0.3 • 16.1.0 | |
17.0.0 • 17.0.1 | |
18.0.0 • 18.0.1 • 18.1.0 | |
19.0.0 • 19.0.1 |