885
edits
Changes
→Kernel: >
** This is used by some services to make sure we can't connect to them from outside a privileged module.
** This is used by some services to make sure we can't connect to them from outside a privileged module.
* svcReadWriteRegister was updated, now always goes through TZ for both PMC and MC. Whitelist for MC remains the same.
* svcReadWriteRegister was updated, now always goes through TZ for both PMC and MC. Whitelist for MC remains the same.
* Support was added for loading non-KIP processes into the Secure pool via a flag in SvcCreateProcess.
** This is used by only for es, to prevent attackers from using GPU DMA to take over the es sysmodule to pirate games.
** Correspondingly, the KHeapArrange calculation of the secure pool size now has an extra 0x13A000 factored in (to ensure there is enough space for es).
===FIRM===
===FIRM===