Difference between revisions of "8.1.0"

From Nintendo Switch Brew
Jump to navigation Jump to search
 
Line 117: Line 117:
 
System update report(s):
 
System update report(s):
 
* [https://yls8.mtheall.com/ninupdates/reports.php?date=06-17-19_08-05-09&sys=hac]
 
* [https://yls8.mtheall.com/ninupdates/reports.php?date=06-17-19_08-05-09&sys=hac]
 +
 +
{{NavboxVersions}}
 +
 +
[[Category:System versions]]

Latest revision as of 11:52, 6 August 2019

The Switch 8.1.0 system update was released on June 17, 2019. This Switch update was released for the following regions: ALL.

Security flaws fixed: yes.

Change-log

Official ALL change-log:

  • General system stability improvements to enhance the user's experience.

FIRM

All files in RomFS were updated.

Package1ldr

package1ldr was updated. The TSEC secureboot firmware was updated.

NX_BOOTLOADER

NX bootloader was updated.

<check back later for diff>

Secure Monitor

The Secure Monitor was updated.

  • The SE key read disable function no longer writes zero to AES_KEY_READ_DISABLE/RSA_KEY_READ_DISABLE.
  • Functions for locking/checking PMC secure scratch now have additional bitmasks 0x40/0x80 for locking more secure scratch registers.
  • NVDEC/TSECB access to the kernel carveout was removed.
  • On suspend (SC7 Entry), SWR_USBD_RST is now checked, and AHB arbitration disable is now checked to be COP, ARC, USB, USB2.
    • This further mitigates against Deja Vu.
  • TZ/SE context save logic has been changed.
    • The context save function now first generates 16 random bytes, and securely saves them to scratch (using the usual write-writelock-check-readlock-checklocked pattern).
    • It then generates a random aes-256 key, and derives an actual encryption/MAC key by decrypting the random data with that key.
      • Previously, it generated a random aes-256 key and used it directly.
      • This prevents attacks that might coerce the usage of a specific aes-256 key instead of a random one.
    • Calls into the check scratch locked/lock scratch function which previously passed one bitmask at a time now pass multiple
      • Accordingly, the lock/check locked functions now support multiple bitmasks instead of single bitmasks at a time.
  • The function that initializes the SE/derives keys now sets flag 0x100 on AES keyslots 8-15, and RSA keyslots 0-1.

Kernel

Kernel was not changed.

Warmboot

  • The firmware revision magic was changed from 0x129 to 0x14A.
  • Security Engine state validation was changed (first six keyslots now expected to read zeroes instead of FFs).
  • <check back for more diffs later>

FIRM Sysmodules

FIRM sysmodules were updated. Specific diffs available below:

Boot

Only GNU build hash was updated.

FS

Only GNU build hash was updated.

Loader
  • ldr:pm->CreateProcess() now performs additional validation on the NPDM header.
    • When the title id is one of certain hardcoded titles, Loader now validates that the version field at NPDM header is non-zero. This prevents selectively downgrading those titles to versions vulnerable to known exploits.
    • The titles checked are:
      • settings
      • bus
      • audio
      • nvservices
      • ns
      • ssl
      • es
      • creport
      • ro
NCM

Only GNU build hash was updated.

PM

Only GNU build hash was updated.

SM

SM was not updated.

SPL

SPL was not updated.

System Titles

Updated titles:

  • Sysmodules:
    • settings Rebuilt.
    • bus Identical codebin.
    • bcat .text updated.
    • hid .text updated.
    • audio Identical codebin.
    • wlan .text updated.
    • nvservices Only GNU build hash was updated.
    • nvnflinger .text updated.
    • account .text updated.
    • ns .text updated.
    • am .text updated.
    • ssl Rebuilt.
    • vi .text updated.
    • es .text updated.
    • fatal .text updated.
    • creport Identical codebin.
    • ro Identical codebin.
    • grc .text updated.
  • ErrorMessage, BrowserDll, System_Version_Title, FIRM, qlaunch, web-applets (main codebin rebuilt), and RebootlessSystemUpdateVersion.

No changes with IPC service commands.

Titles' RomFS changes, besides System_Version_Title:

  • ErrorMessage: Error 2124-4517 was updated with actual strings etc. "/2181/4017/common" and "/DatabaseInfo" were updated.
  • BrowserDll: the NROs and buildinfo were updated.
  • RebootlessSystemUpdateVersion: The "/version" file was updated.
  • qlaunch: "/lyt/Notification.szs" was updated.
  • Web-applets: "/buildinfo/buildinfo.dat" and "/.nrr/netfront.nrr" were updated.

Keys

Keys were updated.

See Also

System update report(s):

Nintendo Switch System Versions
1.0.0
2.0.02.1.02.2.02.3.0
3.0.03.0.13.0.2
4.0.04.0.14.1.0
5.0.05.0.15.0.25.1.0
6.0.06.0.16.1.06.2.0
7.0.07.0.1
8.0.08.0.18.1.08.1.1
9.0.09.0.19.1.09.2.0
10.0.010.0.110.0.210.0.310.0.410.1.010.1.110.2.0
11.0.011.0.1
12.0.012.0.112.0.212.0.312.1.0
13.0.013.1.013.2.013.2.1
14.0.014.1.014.1.114.1.2
15.0.015.0.1
16.0.016.0.116.0.216.0.316.1.0
17.0.017.0.1
18.0.018.0.118.1.0
19.0.019.0.1