Difference between revisions of "14.0.0"
Jump to navigation
Jump to search
(→BootImagePackage: secmon/kernel) |
|||
Line 76: | Line 76: | ||
=== BootImagePackage === | === BootImagePackage === | ||
All files in RomFs were updated. | All files in RomFs were updated. | ||
+ | |||
+ | ====Secure Monitor==== | ||
+ | * Compiler upgrade to latest llvm (now using same compiler revision as kernel). | ||
+ | ** Secure Monitor is now compiled with -fomit-frame-pointer. | ||
+ | *** >:( | ||
+ | * GenerateSeTestVectorImpl now uses a helper to mix each key into the vector. | ||
+ | * ExceptionHandler is now linked in (@ .text + 0x3E04). | ||
+ | ** Previously, this was garbage collected/only present in debug secure monitors. | ||
+ | ** NOTE: This is unreachable, and stripped (as e.g. logging isn't emitted, likely because the macros are empty on release builds). | ||
+ | |||
+ | ====Kernel==== | ||
+ | * Kernel is now compiled with -O3 again instead of -Os | ||
+ | ** >:( | ||
+ | * crt0 no longer supports booting in EL2. | ||
+ | ** Infinite Loop/Panic is performed instead. | ||
+ | * Initialize0 changes: | ||
+ | ** KernelStack setup now uses same helper to determine aslr as other random aligned regions. | ||
+ | ** KernelTemp setup now uses same helper to determine aslr as other random aligned regions. | ||
+ | * Slab changes: | ||
+ | ** When assigned extra resource, the slab heap is now 0x148000 larger instead of 0x68000 larger. | ||
+ | ** Correspondingly, instead of increasing the thread resource limit by 160, the thread resource limit is now increased by 736. | ||
+ | *** This corresponds to changes in userland for pm management of resource limits. | ||
+ | *** Old Intended Resource Limits: | ||
+ | **** System (96 + 512) -> (256 + 512) | ||
+ | **** Applet 96 -> 96 | ||
+ | **** Application 96 -> 96 | ||
+ | *** New Intended Resource Limits: | ||
+ | **** System (96 + 512) -> 1024 | ||
+ | **** Applet 96 -> 256 | ||
+ | **** Application 96 -> 256 | ||
+ | * SetupPoolPartitionMemoryRegions now panics if the end of the pool partition region is not coincidence with the end of dram. | ||
+ | * KThreadContext was completely revised. | ||
+ | ** Most of KThreadContext is now stored inline in kernel stack. | ||
+ | *** Kernel stack layout is now u8 stack[0xDB0]; KThreadContext thread_context; KThreadStackParameters stack_parameters; | ||
+ | ** KThreadContext now only stores the 8 callee-save FPU registers. | ||
+ | *** The remaining 24 caller-save FPU registers are stored inside KThread, where KThreadContext used to be. | ||
+ | *** NOTE that 32-bit fpu has 4 callee-save FPU registers and 12 caller-save registers, which use the start of the relevant 64-bit storages as usual. | ||
+ | ** KThreadStackParameters was revised to facilitate this. | ||
+ | *** The pointer to KThreadContext previously stored in stack parameters now points to the external FPU register array. | ||
+ | *** The members at end of params are now: u16 disable_count; u8 current_svc_id; u8 unused_2c; u8 exception_flags; u8 is_pinned; u8 unused_2f; | ||
+ | **** The "exception_flags" field is a new set of bitflags (encoding old state was were previously separate bools + new state). | ||
+ | ***** Bit 0x1 = is_calling_svc | ||
+ | ***** Bit 0x2 = is_in_exception_handler | ||
+ | ***** Bit 0x4 = is_fpu_state_restore_needed | ||
+ | ***** Bit 0x8 = is_64_bit_fpu | ||
+ | ***** Bit 0x10 = has_exception_svc_permissions | ||
+ | ***** Bit 0x20 = is_in_cache_operation | ||
+ | ***** Bit 0x40 = is_in_tlb_operation | ||
+ | ** Exception exits now check is_fpu_state_restore_needed, and restore FPU registers only if needed (and clear is_fpu_state_restore_needed on restore). | ||
+ | *** is_fpu_state_restore_needed is set to true *only* on thread switch with FPU enabled. | ||
+ | **** Caller-save FPU registers are saved *only* if a thread is in an SVC and does not have exception svc permissions. | ||
+ | **** All other thread switches save only the 8 (or 4) callee-save FPU registers. | ||
+ | **** All thread switches now guarantee as post-condition that the fpu is disabled leaving the switch (it will be re-enabled on exception exit if needed). | ||
+ | *** On SVC exception return, all caller-save FPU registers are set to zero unless the thread has exception svc permissions. | ||
+ | ** KThread::CloneFpuStatus now uses KScopedDisableInterrupt | ||
+ | * Various hw maintenance changes: | ||
+ | ** KernelLdr no longer does cache maintenance by set/way when setting up initial identity mapping, no longer invalidates instruction cache/tlb, no longer does dsb after setting sctlr_el1. | ||
+ | ** FlushEntireDataCacheLocal/Shared in init now perform dsb sy, FlushEntireDataCacheAndInvalidateTlbForInit no longer does after calling them. | ||
+ | ** dsb sy/isb is now performed after setting sctlr_el1, when disabling mmu/icache. | ||
+ | ** KInitialPageTable::Map no longer does dsb ish after all attribute writes. | ||
+ | *** Instead does it before writing table entries, and at the end of the function. | ||
+ | ** KInitialPageTable::PhysicallyRandomize no longer does StoreEntireCacheForInit. | ||
+ | *** Now does dc cvac on randomized virtual address range, dsb ish, ic iallu, dsb ish, isb. (see weaker-barriers section of diff) | ||
+ | ** KInitialPageTable::SwapBlocks now does dsb ish after memcpy to swap blocks. | ||
+ | ** KInitialPageTable::Reprotect no longer does dsb ish before performing reprotection. | ||
+ | ** KInitialProcessReader::Load no longer calls cpu::FlushEntireDataCache/cpu::InvalidateInstructionCache. | ||
+ | ** Set/way cache operations now perform dsb sy before configuring csselr. | ||
+ | *** This affects InvalidateDataCacheForResumeEntry, FlushEntireDataCache, KCacheHelperInterruptHandler, and the initial cache maintenance when disabling the mmu. | ||
+ | ** FlushEntireDataCache now does dsb sy after doing full set/way cache flush, instead of after each set/way op. | ||
+ | *** NOTE: This is still only a local flush without coherence guarantees, set/way aren't supposed to be used after multiple cores are online. | ||
+ | ** KSystemControl::CpuSleepHandler no longer embeds unreachable cache maintenance assembly after CpuSuspend. | ||
+ | ** Kernel now performs different hw maintenance if a thread is in a hw maintenance operation when interrupted: | ||
+ | *** If a thread is interrupted while performing cache maintenance in EL1 (tracked via new exception flags bit 0x20), KInterruptManager::OnHandleInterrupt performs dsb sy. | ||
+ | **** Set and cleared for scope of cpu::InvalidateDataCache instead of disabling core migration. | ||
+ | **** Set and cleared for scope of cpu::StoreDataCache instead of disabling core migration. | ||
+ | **** Set and cleared for scope of cpu::FlushDataCache instead of disabling core migration. | ||
+ | *** If a thread is interrupted while performing tlb maintenance in EL1 (tracked via new exception flags bit 0x40), KInterruptManager::OnHandleInterrupt performs dsb ish. | ||
+ | **** Set and cleared for scope of KPageTable::NoteUpdated | ||
+ | *** If a thread is interrupted while performing cache maintenance in EL0 (tracked via new bool @ TLS + 0x104), KInterruptManager::OnHandleInterrupt performs dsb sy. | ||
+ | **** This is equivalent to the EL1 cache maintenance tracking above, providing an opt-in way for userland to ensure its cache maintenance is coherent even when interrupted. | ||
+ | **** Note that official userland code now sets this bit before performing cache maintenance. | ||
+ | ** Memory barriers were revised in many places -- barriers were weakened in many places, and some functions which previously lacked barriers had them added, including: | ||
+ | *** cpu::InvalidateEntireInstructionCache: dsb sy -> dsb ish | ||
+ | *** cpu::EnsureInstructionConsistency: dsb sy; isb; -> dsb ish; isb; | ||
+ | **** NOTE: Functions written in assembly still use the old pattern for ensuring instruction consistency. | ||
+ | *** KCacheInterruptHandler::RequestOperation: dsb sy -> dsb ish | ||
+ | *** KScheduler::EnableScheduling: dsb sy -> dsb ish | ||
+ | *** KScheduler::SwitchThread no longer does dsb sy before setting ttbr0/contextidr_el1. | ||
+ | *** KPageTable::NoteUpdated: dsb sy; if (m_kernel) { ... dsb sy; } else { ... dsb sy; isb; } -- dsb ishst; if (m_kernel) { ... dsb ish; } else { ... dsb ish; isb; } | ||
+ | **** KPageTable::NoteSingleKernelPageUpdated now similarly does dsb ishst for outer and dsb ish for inner barriers. | ||
+ | *** KPageTable::ClearPageTable: now does dsb ish after clearing page to zero via dc zva | ||
+ | *** KPageTable::MapContiguous: now does dsb ishst after merging pages. | ||
+ | *** KPageTable::MapPageGroup: now does dsb ishst after merging pages. | ||
+ | *** KPageTable::PteDataSynchronizationBarrier: now dmb ishst instead of dsb ish (probably KPageTable::PteDataMemoryBarrier, now?) | ||
+ | *** KPageTable::MapL2Blocks/MapL3Blocks: pattern for setting entry for new table went from Barrier(); WriteEntry(); Barrier(); -> Barrier(); WriteEntry(); | ||
+ | **** This was PteDataSynchronizationBarrier(), and correspondingly asm is dsb ish; str; dsb ish; -> dmb ishst; str; | ||
+ | *** KSupervisorPageTable::SetTtbr0 no longer does dsb sy before setting ttbr0/contextidr_el1. | ||
+ | ** UserspaceAccess::InvalidateInstructionCache was removed (previously unused). | ||
+ | * Various changes to KInterruptName/interrupt management: | ||
+ | ** Enum values for IPIs were revised: | ||
+ | *** KInterruptName_ThreadTerminate 4 -> 0 | ||
+ | *** KInterruptName_CacheOperation 5 -> 1 | ||
+ | *** KInterruptName_Scheduler 6 -> 2 | ||
+ | ** New KInterruptName (KInterruptName_CoreBarrier) = 3 | ||
+ | *** Interrupt handler for this is registered with KInterruptControllerPriority_Scheduler after ThreadTerminate handler is registered. | ||
+ | ** Interrupt handler for the user cycle counter interrupt is no longer registered. | ||
+ | *** This is presumably now under the same ifdef that enables svc::InfoType_PerformanceCounter. | ||
+ | * KCapability now has a new member "physical_core_mask", which tracks what physical cores are allowable. | ||
+ | ** KThread::FinishTermination now calls a new function (cpu::ForceSynchronizeAllCores) after waiting for the thread to not be current on any scheduler. | ||
+ | *** This function sends an IPI (KInterruptName_CoreBarrier) to all cores, and waits for all cores to acknowledge the interrupt. | ||
+ | * Changes to KMemoryManager allocation: | ||
+ | ** KPageHeap now has an additional KPageHeapBitmapRng @ 0x328 to facilitate additional allocation randomization. | ||
+ | ** KMemoryManager::AllocateAndOpenContinuous now uses a new KPageHeap method "AllocateRandomBlock" | ||
+ | *** KPhysicalAddress KPageHeap::AllocateRandomBlock(s32 index, size_t num_pages, size_t align_pages); | ||
+ | *** This method allocates `num_pages` pages (aligned to at least `align_pages`) at random. | ||
+ | **** First, the kernel chooses a random block index to allocate from. | ||
+ | ***** This is done by increasing the block index until there are at least 4 possible random choices for the desired alignment, then selecting the block that corresponds to a random pick from those choices. | ||
+ | **** Next, the kernel allocates a random block from within that index. | ||
+ | **** Finally, the kernel selects a random (align_pages)-aligned offset within that block, frees the memory before/after the allocated chunk, and returns the memory. | ||
+ | ** Allocation of KPageGroups still uses a `random` argument, however: | ||
+ | *** KPageHeap::PopBlock no longer takes a random argument. | ||
+ | *** KPageHeap::AllocateBlock now calls new new KPageHeap method "AllocateRandomBlock". | ||
+ | **** KPageHeap::AllocateRandomBlock(s32 index, size_t num_pages); | ||
+ | **** This is effectively the same logic as above, but with align_pages == # of pages for the argument block index. | ||
+ | * CreateProcess now calls a new function to validate the user-capabilities before creating the KProcess. | ||
+ | ** This checks that the capabilities are user-readable and that the map region capabilities correspond to actually-present regions. | ||
+ | ** This corresponds to changes in Loader allowing for map region capabilities (previously, these were only allowed via KIP, and Loader always rejected them). | ||
+ | * New InfoType 0x1A ("InfoType_IsSvcPermitted"). | ||
+ | ** Returns whether the current process can access a given SVC. | ||
+ | ** Nintendo returns InvalidCombination when checking SVCs other than SynchronizePreemptionState. | ||
+ | *** Official userland code now aborts if the process does not have permission to use SynchronizePreemptionState before incrementing ThreadLocalRegion->disable_count for the first time. | ||
==See Also== | ==See Also== |
Revision as of 09:34, 22 March 2022
The Switch 14.0.0 system update was released on March 22, 2022 (UTC). This Switch update was released for the following regions: ALL.
Security flaws fixed: <fill this in manually later, see the updatedetails page from the ninupdates-report page(s) once available for now>.
Change-log
Official ALL change-log:
- "Groups" feature was added to the All Software menu.
- You can now create groups of software to help organize your software titles.
- Making groups for different game genres, developers, or whatever you’d like to organize by may make it easier to find the application you want.
- Up to 100 groups can be created with a max of 200 titles per group.
- The button to proceed to the "All Software" screen is displayed only when there are 13 or more software title icons on the system.
- For more information, see How to Create Groups of Software.
- Bluetooth® Audio volume behavior was changed.
- You can now adjust the volume of Bluetooth audio devices using either the Nintendo Switch™ console or through volume control buttons on the Bluetooth audio device.
- The Bluetooth audio device must support AVRCP profiles for these changes to work.
- The volume displayed on the console will reflect the Bluetooth audio volume when using the device’s control buttons.
- The maximum volume output for some Bluetooth audio devices has been increased.
- When first connecting a device, volume will be reduced to avoid sudden loudness.
- For more information, see How to Pair and Manage Bluetooth Audio Devices.
System Titles
- New sysmodule omm was added, various hosted services from am were moved here.
- Most system titles were updated, except for the following (besides stubs): both Dictionary SystemData, AvatarImage, Eula, UrlBlackList, ControllerIcon, ApplicationBlackList, FunctionBlackList.
NPDM changes:
- ptm had the order of various accessible-services changed.
- pcv: access to IO page 0x07009f000 was removed. The order of various hosted/accessible-services changed. Access to fsp-srv, pwm, and set:cal were removed.
- ns now has access to pm:info.
- am: access to svcSleepSystem was removed. FS permission bitmask 0x0000000080000000 was removed. Hosted services idle:sys, omm, and spsm were removed. Access to the following services were removed: bgtc:sc, bgtc:t, bpc, cec-mgr, gpio, hshl:set, hshl:sys, led, psc:c, psc:m, psm, tc, time:p, usb:hs, usb:pd, usb:pd:c, vi:m/vi:s, xcd:sys. Access to the following services were added: idle:sys, ommdisp, spsm.
- qlaunch had access to nd:sys removed.
- cabinet had a duplicate service-access entry for set:sys removed.
- playerSelect had a duplicate service-access entry for acc:su removed.
- starter now has access to audctl.
RomFs changes:
- ErrorMessage: various errors added / localization updated.
- BrowserDll:
- "/browser/ErrorPageFilteringTemplate.html" updated
- "/browser/ErrorPageSubFrameTemplate.html" updated
- "/browser/ErrorPageTemplate.html" updated
- "/browser/MediaControlsInline.css" updated
- "/browser/MediaControlsInline.js" updated
- "/browser/RootCaEtc.pem" and "/browser/RootCaSdkAdditional.pem" updated
- "/buildinfo/buildinfo.dat" updated
- "/lyt/Dialog/DAuthentication.arc" updated
- Various localization data under "/message/" was updated.
- The NROs under "/nro/netfront/core_0/" were moved to "/nro/netfront/core_0/default/cfi_disabled".
- The NROs under "/nro/netfront/core_1/" were moved to "/nro/netfront/core_2/default/cfi_enabled" (the core_1 directory was removed).
- "/sound/" was added, which contains "cruiser.bfsar".
- Help: "/legallines.htdocs/index.html" updated
- LocalNews: "/message/revision.txt" updated
- FirmwareDebugSettings/PlatformConfigIcosa/PlatformConfigCopper/PlatformConfigHoag/PlatformConfigIcosaMariko/PlatformConfigAula: updated
- ControllerFirmware:
- "/FirmwareInfo.csv" and "/TouchScreenFirmwareInfo.csv" updated
- "/FTS_50000001.ftb" removed
- "/FTS_50000002.ftb" added
- "/ukyosakyo_ep2_ota.bin" updated
- NgWordT: "/mars_dirty_words_db" updated
- Various graphics/UI/localization data was updated in various applets.
- web-applets: "/sound/" was removed, it's now located in BrowserDll. "/buildinfo/buildinfo.dat" and "/.nrr/modules.nrr" were updated.
BootImagePackage
All files in RomFs were updated.
Secure Monitor
- Compiler upgrade to latest llvm (now using same compiler revision as kernel).
- Secure Monitor is now compiled with -fomit-frame-pointer.
- >:(
- Secure Monitor is now compiled with -fomit-frame-pointer.
- GenerateSeTestVectorImpl now uses a helper to mix each key into the vector.
- ExceptionHandler is now linked in (@ .text + 0x3E04).
- Previously, this was garbage collected/only present in debug secure monitors.
- NOTE: This is unreachable, and stripped (as e.g. logging isn't emitted, likely because the macros are empty on release builds).
Kernel
- Kernel is now compiled with -O3 again instead of -Os
- >:(
- crt0 no longer supports booting in EL2.
- Infinite Loop/Panic is performed instead.
- Initialize0 changes:
- KernelStack setup now uses same helper to determine aslr as other random aligned regions.
- KernelTemp setup now uses same helper to determine aslr as other random aligned regions.
- Slab changes:
- When assigned extra resource, the slab heap is now 0x148000 larger instead of 0x68000 larger.
- Correspondingly, instead of increasing the thread resource limit by 160, the thread resource limit is now increased by 736.
- This corresponds to changes in userland for pm management of resource limits.
- Old Intended Resource Limits:
- System (96 + 512) -> (256 + 512)
- Applet 96 -> 96
- Application 96 -> 96
- New Intended Resource Limits:
- System (96 + 512) -> 1024
- Applet 96 -> 256
- Application 96 -> 256
- SetupPoolPartitionMemoryRegions now panics if the end of the pool partition region is not coincidence with the end of dram.
- KThreadContext was completely revised.
- Most of KThreadContext is now stored inline in kernel stack.
- Kernel stack layout is now u8 stack[0xDB0]; KThreadContext thread_context; KThreadStackParameters stack_parameters;
- KThreadContext now only stores the 8 callee-save FPU registers.
- The remaining 24 caller-save FPU registers are stored inside KThread, where KThreadContext used to be.
- NOTE that 32-bit fpu has 4 callee-save FPU registers and 12 caller-save registers, which use the start of the relevant 64-bit storages as usual.
- KThreadStackParameters was revised to facilitate this.
- The pointer to KThreadContext previously stored in stack parameters now points to the external FPU register array.
- The members at end of params are now: u16 disable_count; u8 current_svc_id; u8 unused_2c; u8 exception_flags; u8 is_pinned; u8 unused_2f;
- The "exception_flags" field is a new set of bitflags (encoding old state was were previously separate bools + new state).
- Bit 0x1 = is_calling_svc
- Bit 0x2 = is_in_exception_handler
- Bit 0x4 = is_fpu_state_restore_needed
- Bit 0x8 = is_64_bit_fpu
- Bit 0x10 = has_exception_svc_permissions
- Bit 0x20 = is_in_cache_operation
- Bit 0x40 = is_in_tlb_operation
- The "exception_flags" field is a new set of bitflags (encoding old state was were previously separate bools + new state).
- Exception exits now check is_fpu_state_restore_needed, and restore FPU registers only if needed (and clear is_fpu_state_restore_needed on restore).
- is_fpu_state_restore_needed is set to true *only* on thread switch with FPU enabled.
- Caller-save FPU registers are saved *only* if a thread is in an SVC and does not have exception svc permissions.
- All other thread switches save only the 8 (or 4) callee-save FPU registers.
- All thread switches now guarantee as post-condition that the fpu is disabled leaving the switch (it will be re-enabled on exception exit if needed).
- On SVC exception return, all caller-save FPU registers are set to zero unless the thread has exception svc permissions.
- is_fpu_state_restore_needed is set to true *only* on thread switch with FPU enabled.
- KThread::CloneFpuStatus now uses KScopedDisableInterrupt
- Most of KThreadContext is now stored inline in kernel stack.
- Various hw maintenance changes:
- KernelLdr no longer does cache maintenance by set/way when setting up initial identity mapping, no longer invalidates instruction cache/tlb, no longer does dsb after setting sctlr_el1.
- FlushEntireDataCacheLocal/Shared in init now perform dsb sy, FlushEntireDataCacheAndInvalidateTlbForInit no longer does after calling them.
- dsb sy/isb is now performed after setting sctlr_el1, when disabling mmu/icache.
- KInitialPageTable::Map no longer does dsb ish after all attribute writes.
- Instead does it before writing table entries, and at the end of the function.
- KInitialPageTable::PhysicallyRandomize no longer does StoreEntireCacheForInit.
- Now does dc cvac on randomized virtual address range, dsb ish, ic iallu, dsb ish, isb. (see weaker-barriers section of diff)
- KInitialPageTable::SwapBlocks now does dsb ish after memcpy to swap blocks.
- KInitialPageTable::Reprotect no longer does dsb ish before performing reprotection.
- KInitialProcessReader::Load no longer calls cpu::FlushEntireDataCache/cpu::InvalidateInstructionCache.
- Set/way cache operations now perform dsb sy before configuring csselr.
- This affects InvalidateDataCacheForResumeEntry, FlushEntireDataCache, KCacheHelperInterruptHandler, and the initial cache maintenance when disabling the mmu.
- FlushEntireDataCache now does dsb sy after doing full set/way cache flush, instead of after each set/way op.
- NOTE: This is still only a local flush without coherence guarantees, set/way aren't supposed to be used after multiple cores are online.
- KSystemControl::CpuSleepHandler no longer embeds unreachable cache maintenance assembly after CpuSuspend.
- Kernel now performs different hw maintenance if a thread is in a hw maintenance operation when interrupted:
- If a thread is interrupted while performing cache maintenance in EL1 (tracked via new exception flags bit 0x20), KInterruptManager::OnHandleInterrupt performs dsb sy.
- Set and cleared for scope of cpu::InvalidateDataCache instead of disabling core migration.
- Set and cleared for scope of cpu::StoreDataCache instead of disabling core migration.
- Set and cleared for scope of cpu::FlushDataCache instead of disabling core migration.
- If a thread is interrupted while performing tlb maintenance in EL1 (tracked via new exception flags bit 0x40), KInterruptManager::OnHandleInterrupt performs dsb ish.
- Set and cleared for scope of KPageTable::NoteUpdated
- If a thread is interrupted while performing cache maintenance in EL0 (tracked via new bool @ TLS + 0x104), KInterruptManager::OnHandleInterrupt performs dsb sy.
- This is equivalent to the EL1 cache maintenance tracking above, providing an opt-in way for userland to ensure its cache maintenance is coherent even when interrupted.
- Note that official userland code now sets this bit before performing cache maintenance.
- If a thread is interrupted while performing cache maintenance in EL1 (tracked via new exception flags bit 0x20), KInterruptManager::OnHandleInterrupt performs dsb sy.
- Memory barriers were revised in many places -- barriers were weakened in many places, and some functions which previously lacked barriers had them added, including:
- cpu::InvalidateEntireInstructionCache: dsb sy -> dsb ish
- cpu::EnsureInstructionConsistency: dsb sy; isb; -> dsb ish; isb;
- NOTE: Functions written in assembly still use the old pattern for ensuring instruction consistency.
- KCacheInterruptHandler::RequestOperation: dsb sy -> dsb ish
- KScheduler::EnableScheduling: dsb sy -> dsb ish
- KScheduler::SwitchThread no longer does dsb sy before setting ttbr0/contextidr_el1.
- KPageTable::NoteUpdated: dsb sy; if (m_kernel) { ... dsb sy; } else { ... dsb sy; isb; } -- dsb ishst; if (m_kernel) { ... dsb ish; } else { ... dsb ish; isb; }
- KPageTable::NoteSingleKernelPageUpdated now similarly does dsb ishst for outer and dsb ish for inner barriers.
- KPageTable::ClearPageTable: now does dsb ish after clearing page to zero via dc zva
- KPageTable::MapContiguous: now does dsb ishst after merging pages.
- KPageTable::MapPageGroup: now does dsb ishst after merging pages.
- KPageTable::PteDataSynchronizationBarrier: now dmb ishst instead of dsb ish (probably KPageTable::PteDataMemoryBarrier, now?)
- KPageTable::MapL2Blocks/MapL3Blocks: pattern for setting entry for new table went from Barrier(); WriteEntry(); Barrier(); -> Barrier(); WriteEntry();
- This was PteDataSynchronizationBarrier(), and correspondingly asm is dsb ish; str; dsb ish; -> dmb ishst; str;
- KSupervisorPageTable::SetTtbr0 no longer does dsb sy before setting ttbr0/contextidr_el1.
- UserspaceAccess::InvalidateInstructionCache was removed (previously unused).
- Various changes to KInterruptName/interrupt management:
- Enum values for IPIs were revised:
- KInterruptName_ThreadTerminate 4 -> 0
- KInterruptName_CacheOperation 5 -> 1
- KInterruptName_Scheduler 6 -> 2
- New KInterruptName (KInterruptName_CoreBarrier) = 3
- Interrupt handler for this is registered with KInterruptControllerPriority_Scheduler after ThreadTerminate handler is registered.
- Interrupt handler for the user cycle counter interrupt is no longer registered.
- This is presumably now under the same ifdef that enables svc::InfoType_PerformanceCounter.
- Enum values for IPIs were revised:
- KCapability now has a new member "physical_core_mask", which tracks what physical cores are allowable.
- KThread::FinishTermination now calls a new function (cpu::ForceSynchronizeAllCores) after waiting for the thread to not be current on any scheduler.
- This function sends an IPI (KInterruptName_CoreBarrier) to all cores, and waits for all cores to acknowledge the interrupt.
- KThread::FinishTermination now calls a new function (cpu::ForceSynchronizeAllCores) after waiting for the thread to not be current on any scheduler.
- Changes to KMemoryManager allocation:
- KPageHeap now has an additional KPageHeapBitmapRng @ 0x328 to facilitate additional allocation randomization.
- KMemoryManager::AllocateAndOpenContinuous now uses a new KPageHeap method "AllocateRandomBlock"
- KPhysicalAddress KPageHeap::AllocateRandomBlock(s32 index, size_t num_pages, size_t align_pages);
- This method allocates `num_pages` pages (aligned to at least `align_pages`) at random.
- First, the kernel chooses a random block index to allocate from.
- This is done by increasing the block index until there are at least 4 possible random choices for the desired alignment, then selecting the block that corresponds to a random pick from those choices.
- Next, the kernel allocates a random block from within that index.
- Finally, the kernel selects a random (align_pages)-aligned offset within that block, frees the memory before/after the allocated chunk, and returns the memory.
- First, the kernel chooses a random block index to allocate from.
- Allocation of KPageGroups still uses a `random` argument, however:
- KPageHeap::PopBlock no longer takes a random argument.
- KPageHeap::AllocateBlock now calls new new KPageHeap method "AllocateRandomBlock".
- KPageHeap::AllocateRandomBlock(s32 index, size_t num_pages);
- This is effectively the same logic as above, but with align_pages == # of pages for the argument block index.
- CreateProcess now calls a new function to validate the user-capabilities before creating the KProcess.
- This checks that the capabilities are user-readable and that the map region capabilities correspond to actually-present regions.
- This corresponds to changes in Loader allowing for map region capabilities (previously, these were only allowed via KIP, and Loader always rejected them).
- New InfoType 0x1A ("InfoType_IsSvcPermitted").
- Returns whether the current process can access a given SVC.
- Nintendo returns InvalidCombination when checking SVCs other than SynchronizePreemptionState.
- Official userland code now aborts if the process does not have permission to use SynchronizePreemptionState before incrementing ThreadLocalRegion->disable_count for the first time.
See Also
System update report(s):
Nintendo Switch System Versions | |
---|---|
1.0.0 | |
2.0.0 • 2.1.0 • 2.2.0 • 2.3.0 | |
3.0.0 • 3.0.1 • 3.0.2 | |
4.0.0 • 4.0.1 • 4.1.0 | |
5.0.0 • 5.0.1 • 5.0.2 • 5.1.0 | |
6.0.0 • 6.0.1 • 6.1.0 • 6.2.0 | |
7.0.0 • 7.0.1 | |
8.0.0 • 8.0.1 • 8.1.0 • 8.1.1 | |
9.0.0 • 9.0.1 • 9.1.0 • 9.2.0 | |
10.0.0 • 10.0.1 • 10.0.2 • 10.0.3 • 10.0.4 • 10.1.0 • 10.1.1 • 10.2.0 | |
11.0.0 • 11.0.1 | |
12.0.0 • 12.0.1 • 12.0.2 • 12.0.3 • 12.1.0 | |
13.0.0 • 13.1.0 • 13.2.0 • 13.2.1 | |
14.0.0 • 14.1.0 • 14.1.1 • 14.1.2 | |
15.0.0 • 15.0.1 | |
16.0.0 • 16.0.1 • 16.0.2 • 16.0.3 • 16.1.0 | |
17.0.0 • 17.0.1 | |
18.0.0 • 18.0.1 • 18.1.0 | |
19.0.0 • 19.0.1 |