Switch System Flaws: Difference between revisions
→Hardware: i vape |
→Hardware: i vape |
||
| Line 44: | Line 44: | ||
This also bypasses the SBK protection of the bootROM: indeed, at warmboot, bootROM will always clear keyslot 0xE to prevent malicious code from saving the SBK. Moving the SBK to another keyslot in the saved context renders this protection moot. | This also bypasses the SBK protection of the bootROM: indeed, at warmboot, bootROM will always clear keyslot 0xE to prevent malicious code from saving the SBK. Moving the SBK to another keyslot in the saved context renders this protection moot. | ||
| | |||
HAC-001-01 (Mariko/Tegra214/Tegra210b01): Fixes this by streamlining the context save process; security engine contexts are now saved to protected memory which the CPU cannot access or modify. | |||
| HAC-001-01 (Mariko/Tegra214/Tegra210b01) | |||
| HAC-001 (Tegra210) | | HAC-001 (Tegra210) | ||
| December 2017 | | December 2017 | ||