TSEC: Difference between revisions - Nintendo Switch Brew

Line 3,804:

| [[#SEQ|SEQ]]'s state

0: Idle

1: Recording ~~is active~~ (cs0begin/cs1begin)

1: Recording (cs0begin/cs1begin)

2: Executing (cs0exec/cs1exec)

|-

| 4-7

| Number of ~~instructions~~ left in [[#SEQ|SEQ]]

| Number of cycles left for [[#SEQ|SEQ]]'s current sequence

|-

| 12-15

Line 4,083:

Line 4,084:

|-

| 0

| ~~Unknown~~

| Security mode changed during sequence execution (cs0exec/cs1exec)

|-

| 1-2

| ~~Unknown~~

| Security mode at the beginning of sequence execution

0: Non-secure

1: Heavy Secure

|-

| 4

| ~~Unknown~~

| Security mode changed during sequence recording (cs0begin/cs1begin)

|-

| 5-6

| ~~Unknown~~

| Security mode at the beginning of sequence recording

0: Non-secure

1: Heavy Secure

|-

| 16

| ~~Unknown~~

| Security mode changed while reading from crypto register/stream (cxsout or xdld)

|-

| 17-18

| ~~Unknown~~

| Security mode at the beginning of reading from crypto register/stream

0: Non-secure

1: Heavy Secure

|-

| 20

| ~~Unknown~~

| Security mode and memory source changed while writing to crypto register/stream (cxsin or xdst)

|-

| 21-22

| ~~Unknown~~

| Security mode when memory source changed while writing to crypto register/stream

0: Non-secure

1: Heavy Secure

|-

| 24

| ~~Unknown~~

| Security mode changed while writing to crypto register/stream (cxsin or xdst)

|-

| 25-26

| ~~Unknown~~

| Security mode at the beginning of writing to crypto register/stream

0: Non-secure

1: Heavy Secure

|-

| 31

Line 4,845:

Line 4,856:

| 16-17

| TSEC_BAR0_CTL_SEC_MODE

0: ~~None~~

0: Non-secure

1: Invalid

2: Light Secure

Line 5,189:

Line 5,200:

! Operand1

! Operation

! ~~Condition~~

! Precondition

! Postcondition

|-

| 0 || nop || N/A || N/A || ||

| 0 || nop || N/A || N/A || N/A || N/A || N/A

|-

| 1 || mov || $cX || $cY || <code>$cX = $cY; ACL(X) = ACL(Y);</code> ||

| 1 || mov || $cX || $cY || <code><nowiki>$cX = $cY;</nowiki></code> || N/A || <code><nowiki>ACL($cX) = ACL($cY);</nowiki></code>

|-

| 2 || ~~sin~~ || $cX || N/A || <code>$cX = ~~read_stream~~(); ACL(X) = ???;</code> ||

| 2 || xsin || $cX || N/A || <code><nowiki>$cX = read_from_stream();</nowiki></code> || N/A || <code><nowiki>ACL($cX) = is_mode_hs ? 0x3 : 0x1F;</nowiki></code>

|-

| 3 || ~~sout~~ || $cX || N/A || <code>~~write_stream~~($cX);</code> || ?

| 3 || xsout || $cX || N/A || <code><nowiki>write_to_stream($cX);</nowiki></code> || <code><nowiki>(is_mode_hs && (ACL($cX) & 0x2)) || (!is_mode_hs && (ACL($cX) & 0xA))</nowiki></code> || N/A

|-

| 4 || [[#rnd|rnd]] || $cX || N/A || <code>$cX = ~~read_rnd~~(); ACL(X) = ???;</code> ||

| 4 || [[#rnd|rnd]] || $cX || N/A || <code><nowiki>$cX = read_from_rnd();</nowiki></code> || N/A || <code><nowiki>ACL($cX) = is_mode_hs ? 0x3 : 0x1F;</nowiki></code>

|-

| 5 || s0begin || immX || N/A || <code>record_macro_for_N_instructions(0, immX);</code> ||

| 5 || s0begin || immX || N/A || <code><nowiki>record_macro_for_N_instructions(0, immX);</nowiki></code>|| N/A || N/A

|-

| 6 || s0exec || immX || N/A || <code>execute_macro_N_times(0, immX);</code> ||

| 6 || s0exec || immX || N/A || <code><nowiki>execute_macro_N_times(0, immX);</nowiki></code> || N/A || N/A

|-

| 7 || s1begin || immX || N/A || <code>record_macro_for_N_instructions(1, immX);</code> ||

| 7 || s1begin || immX || N/A || <code><nowiki>record_macro_for_N_instructions(1, immX);</nowiki></code> || N/A || N/A

|-

| 8 || s1exec || immX || N/A || <code>execute_macro_N_times(1, immX);</code> ||

| 8 || s1exec || immX || N/A || <code><nowiki>execute_macro_N_times(1, immX);</nowiki></code> || N/A || N/A

|-

| 9 || <invalid> || || || ||

| 9 || <invalid> || N/A || N/A || N/A || N/A ||

|-

| 0xA || [[#chmod|chmod]] || $cX || immY || ~~Complicated, see~~ [[#~~ACL~~|~~ACL~~]]. ||

| 0xA || [[#chmod|chmod]] || $cX || immY || <code><nowiki>ACL($cX) = immY;</nowiki></code> || See [[#ACLs|ACLs]] || N/A

|-

| 0xB || xor || $cX || $cY || <code>$cX ^= $cY;</code> || <code>(ACL(X) & 2) && (ACL(Y) & 2)</code>

| 0xB || xor || $cX || $cY || <code><nowiki>$cX ^= $cY;</nowiki></code> || <code><nowiki>(is_mode_hs && (ACL($cX) & 0x2) && (ACL($cY) & 0x2)) || (!is_mode_hs && (ACL($cX) & 0x1A) && (ACL($cY) & 0xA))</nowiki></code> || <code><nowiki>ACL($cX) = ACL($cY);</nowiki></code>

|-

| 0xC || add || $cX || immY || <code>$cX += immY;</code> || <code>(ACL(X) & 2)</code>

| 0xC || add || $cX || immY || <code><nowiki>$cX += immY;</nowiki></code> || <code><nowiki>(is_mode_hs && (ACL($cX) & 0x2)) || (!is_mode_hs && (ACL($cX) & 0x1A))</nowiki></code> || N/A

|-

| 0xD || and || $cX || $cY || <code>$cX &= $cY;</code> || <code>(ACL(X) & 2) && (ACL(Y) & 2)</code>

| 0xD || and || $cX || $cY || <code><nowiki>$cX &= $cY;</nowiki></code> || <code><nowiki>(is_mode_hs && (ACL($cX) & 0x2) && (ACL($cY) & 0x2)) || (!is_mode_hs && (ACL($cX) & 0x1A) && (ACL($cY) & 0xA))</nowiki></code> || <code><nowiki>ACL($cX) = ACL($cY);</nowiki></code>

|-

| 0xE || rev || $cX || $cY || <code>$cX = endian_swap128($cY); ACL(X) = ACL(Y);</code> ||

| 0xE || rev || $cX || $cY || <code><nowiki>$cX = endian_swap128($cY);</nowiki></code> || <code><nowiki>(!is_mode_hs && (ACL($cX) & 0x10))</nowiki></code> || <code><nowiki>ACL($cX) = ACL($cY);</nowiki></code>

|-

| 0xF || gfmul || $cX || $cY || <code>$cX = gfmul($cY); ACL(X) = ACL(Y);</code> || <code>(ACL(~~Y) & 2~~)</code>

| 0xF || gfmul || $cX || $cY || <code><nowiki>$cX = gfmul($cY);</nowiki></code>|| <code><nowiki>(is_mode_hs && (ACL($cX) & 0x2) && (ACL($cY) & 0x2)) || (!is_mode_hs && (ACL($cX) & 0x1A) && (ACL($cY) & 0xA))</nowiki></code> || <code><nowiki>ACL($cX) = ACL($cY);</nowiki></code>

|-

| 0x10 || secret || $cX || immY || <code>$cX = load_secret(immY); ACL(X) = load_secret_acl(immY);</code> ||

| 0x10 || secret || $cX || immY || <code><nowiki>$cX = load_secret(immY);</nowiki></code> || N/A || <code><nowiki>ACL($cX) = load_secret_acl(immY);</nowiki></code>

|-

| 0x11 || keyreg || $cX || N/A || <code>active_key_idx = $cX;</code> ||

| 0x11 || keyreg || $cX || N/A || <code><nowiki>active_key_idx = $cX;</nowiki></code> || N/A || N/A

|-

| 0x12 || kexp || $cX || $cY || <code>$cX = ~~aes_kexp~~($cY); ACL(X) = ACL(Y);</code> ||

| 0x12 || kexp || $cX || $cY || <code><nowiki>$cX = aes_key_expand($cY);</nowiki></code> || <code><nowiki>(!is_mode_hs && (ACL($cX) & 0x10))</nowiki></code> || <code><nowiki>ACL($cX) = ACL($cY);</nowiki></code>

|-

| 0x13 || krexp || $cX || $cY || <code>$cX = ~~aes_kexp_reverse~~($cY); ACL(X) = ACL(Y);</code> ||

| 0x13 || krexp || $cX || $cY || <code><nowiki>$cX = aes_key_reverse_expand($cY);</nowiki></code> || <code><nowiki>(!is_mode_hs && (ACL($cX) & 0x10))</nowiki></code> || <code><nowiki>ACL($cX) = ACL($cY);</nowiki></code>

|-

| 0x14 || enc || $cX || $cY || <code>$cX = aes_enc(active_key_idx, $cY); ACL(X) = ACL(active_key_idx) & ACL(Y);</code> ||

| 0x14 || enc || $cX || $cY || <code><nowiki>$cX = aes_enc(active_key_idx, $cY);</nowiki></code> || N/A || <code><nowiki>ACL($cX) = (ACL(active_key_idx) & ACL($cY));</nowiki></code>

|-

| 0x15 || dec || $cX || $cY || <code>$cX = aes_dec(active_key_idx, $cY); ACL(X) = ACL(active_key_idx) & ACL(Y);</code> ||

| 0x15 || dec || $cX || $cY || <code><nowiki>$cX = aes_dec(active_key_idx, $cY);</nowiki></code> || N/A || <code><nowiki>ACL($cX) = (ACL(active_key_idx) & ACL($cY));</nowiki></code>

|-

| 0x16 || [[#sigcmp|sigcmp]] || $cX || $cY || <code>~~if (hash_verify~~($cX, $cY)~~) {~~ has_sig = true; ~~current_sig~~ = ~~$cX~~; }</code> ~~|| ?~~

| 0x16 || [[#sigcmp|sigcmp]] || $cX || $cY || <code><nowiki>memcmp($cX, $cY);</nowiki></code> || <code><nowiki>is_secure_bootrom</nowiki></code> || <code><nowiki>current_sig = $cX; has_sig = true; is_mode_hs = true;</nowiki></code>

|-

| 0x17 || sigenc || $cX || $cY || <code>~~if (has_sig) {~~ $cX = aes_enc($cY, current_sig); ACL(X) = ~~0x13~~; }</code> ||

| 0x17 || sigenc || $cX || $cY || <code><nowiki>$cX = aes_enc($cY, current_sig);</nowiki></code> || <code><nowiki>has_sig</nowiki></code> || <code><nowiki>ACL($cX) = 0x3;</nowiki></code>

|-

| 0x18 || [[#sigclr|sigclr]] || N/A || N/A || <code>has_sig = false;</code> ||

| 0x18 || [[#sigclr|sigclr]] || N/A || N/A || <code><nowiki>has_sig = false;</nowiki></code> || <code><nowiki>has_sig</nowiki></code> || N/A

|}

@@ Line 3,804: / Line 3,804: @@
 | [[#SEQ|SEQ]]'s state
 : Idle
-: Recording is active (cs0begin/cs1begin)
+: Recording (cs0begin/cs1begin)
+: Executing (cs0exec/cs1exec)
 |-
 | 4-7
-| Number of instructions left in [[#SEQ|SEQ]]
+| Number of cycles left for [[#SEQ|SEQ]]'s current sequence
 |-
 | 12-15
@@ Line 4,083: / Line 4,084: @@
 |-
 | 0
-| Unknown
+| Security mode changed during sequence execution (cs0exec/cs1exec)
 |-
 | 1-2
-| Unknown
+| Security mode at the beginning of sequence execution
+: Non-secure
+: Heavy Secure
 |-
 | 4
-| Unknown
+| Security mode changed during sequence recording (cs0begin/cs1begin)
 |-
 | 5-6
-| Unknown
+| Security mode at the beginning of sequence recording
+: Non-secure
+: Heavy Secure
 |-
 | 16
-| Unknown
+| Security mode changed while reading from crypto register/stream (cxsout or xdld)
 |-
 | 17-18
-| Unknown
+| Security mode at the beginning of reading from crypto register/stream
+: Non-secure
+: Heavy Secure
 |-
 | 20
-| Unknown
+| Security mode and memory source changed while writing to crypto register/stream (cxsin or xdst)
 |-
 | 21-22
-| Unknown
+| Security mode when memory source changed while writing to crypto register/stream
+: Non-secure
+: Heavy Secure
 |-
 | 24
-| Unknown
+| Security mode changed while writing to crypto register/stream (cxsin or xdst)
 |-
 | 25-26
-| Unknown
+| Security mode at the beginning of writing to crypto register/stream
+: Non-secure
+: Heavy Secure
 |-
 | 31
@@ Line 4,845: / Line 4,856: @@
 | 16-17
 | TSEC_BAR0_CTL_SEC_MODE
-: None
+: Non-secure
 : Invalid
 : Light Secure
@@ Line 5,189: / Line 5,200: @@
 !  Operand1
 !  Operation
-!  Condition
+!  Precondition
+!  Postcondition
 |-
-| 0 || nop || N/A || N/A || ||
+| 0 || nop || N/A || N/A || N/A || N/A || N/A
 |-
-| 1 || mov || $cX || $cY || <code>$cX = $cY; ACL(X) = ACL(Y);</code> ||
+| 1 || mov || $cX || $cY || <code><nowiki>$cX = $cY;</nowiki></code> || N/A || <code><nowiki>ACL($cX) = ACL($cY);</nowiki></code>
 |-
-| 2 || sin || $cX || N/A || <code>$cX = read_stream(); ACL(X) = ???;</code> ||
+| 2 || xsin || $cX || N/A || <code><nowiki>$cX = read_from_stream();</nowiki></code> || N/A || <code><nowiki>ACL($cX) = is_mode_hs ? 0x3 : 0x1F;</nowiki></code>
 |-
-| 3 || sout || $cX || N/A || <code>write_stream($cX);</code> || ?
+| 3 || xsout || $cX || N/A || <code><nowiki>write_to_stream($cX);</nowiki></code> || <code><nowiki>(is_mode_hs && (ACL($cX) & 0x2)) || (!is_mode_hs && (ACL($cX) & 0xA))</nowiki></code> || N/A
 |-
-| 4 || [[#rnd|rnd]] || $cX || N/A || <code>$cX = read_rnd(); ACL(X) = ???;</code> ||
+| 4 || [[#rnd|rnd]] || $cX || N/A || <code><nowiki>$cX = read_from_rnd();</nowiki></code> || N/A || <code><nowiki>ACL($cX) = is_mode_hs ? 0x3 : 0x1F;</nowiki></code>
 |-
-| 5 || s0begin || immX || N/A || <code>record_macro_for_N_instructions(0, immX);</code> ||
+| 5 || s0begin || immX || N/A || <code><nowiki>record_macro_for_N_instructions(0, immX);</nowiki></code>|| N/A || N/A
 |-
-| 6 || s0exec || immX || N/A || <code>execute_macro_N_times(0, immX);</code> ||
+| 6 || s0exec || immX || N/A || <code><nowiki>execute_macro_N_times(0, immX);</nowiki></code> || N/A || N/A
 |-
-| 7 || s1begin || immX || N/A || <code>record_macro_for_N_instructions(1, immX);</code> ||
+| 7 || s1begin || immX || N/A || <code><nowiki>record_macro_for_N_instructions(1, immX);</nowiki></code> || N/A || N/A
 |-
-| 8 || s1exec || immX || N/A || <code>execute_macro_N_times(1, immX);</code> ||
+| 8 || s1exec || immX || N/A || <code><nowiki>execute_macro_N_times(1, immX);</nowiki></code> || N/A || N/A
 |-
-| 9 || <invalid> || || || ||
+| 9 || <invalid> || N/A || N/A || N/A || N/A ||
 |-
-| 0xA || [[#chmod|chmod]] || $cX || immY || Complicated, see [[#ACL|ACL]]. ||
+| 0xA || [[#chmod|chmod]] || $cX || immY || <code><nowiki>ACL($cX) = immY;</nowiki></code> || See [[#ACLs|ACLs]] || N/A
 |-
-| 0xB || xor || $cX || $cY || <code>$cX ^= $cY;</code> || <code>(ACL(X) & 2) && (ACL(Y) & 2)</code>
+| 0xB || xor || $cX || $cY || <code><nowiki>$cX ^= $cY;</nowiki></code> || <code><nowiki>(is_mode_hs && (ACL($cX) & 0x2) && (ACL($cY) & 0x2)) || (!is_mode_hs && (ACL($cX) & 0x1A) && (ACL($cY) & 0xA))</nowiki></code> || <code><nowiki>ACL($cX) = ACL($cY);</nowiki></code>
 |-
-| 0xC || add || $cX || immY || <code>$cX += immY;</code> || <code>(ACL(X) & 2)</code>
+| 0xC || add || $cX || immY || <code><nowiki>$cX += immY;</nowiki></code> || <code><nowiki>(is_mode_hs && (ACL($cX) & 0x2)) || (!is_mode_hs && (ACL($cX) & 0x1A))</nowiki></code> || N/A
 |-
-| 0xD || and || $cX || $cY || <code>$cX &= $cY;</code> || <code>(ACL(X) & 2) && (ACL(Y) & 2)</code>
+| 0xD || and || $cX || $cY || <code><nowiki>$cX &= $cY;</nowiki></code> || <code><nowiki>(is_mode_hs && (ACL($cX) & 0x2) && (ACL($cY) & 0x2)) || (!is_mode_hs && (ACL($cX) & 0x1A) && (ACL($cY) & 0xA))</nowiki></code> || <code><nowiki>ACL($cX) = ACL($cY);</nowiki></code>
 |-
-| 0xE || rev || $cX || $cY || <code>$cX = endian_swap128($cY); ACL(X) = ACL(Y);</code> ||
+| 0xE || rev || $cX || $cY || <code><nowiki>$cX = endian_swap128($cY);</nowiki></code> || <code><nowiki>(!is_mode_hs && (ACL($cX) & 0x10))</nowiki></code> || <code><nowiki>ACL($cX) = ACL($cY);</nowiki></code>
 |-
-| 0xF || gfmul || $cX || $cY || <code>$cX = gfmul($cY); ACL(X) = ACL(Y);</code> || <code>(ACL(Y) & 2)</code>
+| 0xF || gfmul || $cX || $cY || <code><nowiki>$cX = gfmul($cY);</nowiki></code>|| <code><nowiki>(is_mode_hs && (ACL($cX) & 0x2) && (ACL($cY) & 0x2)) || (!is_mode_hs && (ACL($cX) & 0x1A) && (ACL($cY) & 0xA))</nowiki></code> || <code><nowiki>ACL($cX) = ACL($cY);</nowiki></code>
 |-
-| 0x10 || secret || $cX || immY || <code>$cX = load_secret(immY); ACL(X) = load_secret_acl(immY);</code> ||
+| 0x10 || secret || $cX || immY || <code><nowiki>$cX = load_secret(immY);</nowiki></code> || N/A || <code><nowiki>ACL($cX) = load_secret_acl(immY);</nowiki></code>
 |-
-| 0x11 || keyreg || $cX || N/A || <code>active_key_idx = $cX;</code> ||
+| 0x11 || keyreg || $cX || N/A || <code><nowiki>active_key_idx = $cX;</nowiki></code> || N/A || N/A
 |-
-| 0x12 || kexp || $cX || $cY || <code>$cX = aes_kexp($cY); ACL(X) = ACL(Y);</code> ||
+| 0x12 || kexp || $cX || $cY || <code><nowiki>$cX = aes_key_expand($cY);</nowiki></code> || <code><nowiki>(!is_mode_hs && (ACL($cX) & 0x10))</nowiki></code> || <code><nowiki>ACL($cX) = ACL($cY);</nowiki></code>
 |-
-| 0x13 || krexp || $cX || $cY || <code>$cX = aes_kexp_reverse($cY); ACL(X) = ACL(Y);</code> ||
+| 0x13 || krexp || $cX || $cY || <code><nowiki>$cX = aes_key_reverse_expand($cY);</nowiki></code> || <code><nowiki>(!is_mode_hs && (ACL($cX) & 0x10))</nowiki></code> || <code><nowiki>ACL($cX) = ACL($cY);</nowiki></code>
 |-
-| 0x14 || enc || $cX || $cY || <code>$cX = aes_enc(active_key_idx, $cY); ACL(X) = ACL(active_key_idx) & ACL(Y);</code> ||
+| 0x14 || enc || $cX || $cY || <code><nowiki>$cX = aes_enc(active_key_idx, $cY);</nowiki></code> || N/A || <code><nowiki>ACL($cX) = (ACL(active_key_idx) & ACL($cY));</nowiki></code>
 |-
-| 0x15 || dec || $cX || $cY || <code>$cX = aes_dec(active_key_idx, $cY); ACL(X) = ACL(active_key_idx) & ACL(Y);</code> ||
+| 0x15 || dec || $cX || $cY || <code><nowiki>$cX = aes_dec(active_key_idx, $cY);</nowiki></code> || N/A || <code><nowiki>ACL($cX) = (ACL(active_key_idx) & ACL($cY));</nowiki></code>
 |-
-| 0x16 || [[#sigcmp|sigcmp]] || $cX || $cY || <code>if (hash_verify($cX, $cY)) { has_sig = true; current_sig = $cX; }</code> || ?
+| 0x16 || [[#sigcmp|sigcmp]] || $cX || $cY || <code><nowiki>memcmp($cX, $cY);</nowiki></code> || <code><nowiki>is_secure_bootrom</nowiki></code> || <code><nowiki>current_sig = $cX; has_sig = true; is_mode_hs = true;</nowiki></code>
 |-
-| 0x17 || sigenc || $cX || $cY || <code>if (has_sig) { $cX = aes_enc($cY, current_sig); ACL(X) = 0x13; }</code> ||
+| 0x17 || sigenc || $cX || $cY || <code><nowiki>$cX = aes_enc($cY, current_sig);</nowiki></code> || <code><nowiki>has_sig</nowiki></code> || <code><nowiki>ACL($cX) = 0x3;</nowiki></code>
 |-
-| 0x18 || [[#sigclr|sigclr]] || N/A || N/A || <code>has_sig = false;</code> ||
+| 0x18 || [[#sigclr|sigclr]] || N/A || N/A || <code><nowiki>has_sig = false;</nowiki></code> || <code><nowiki>has_sig</nowiki></code> || N/A
 |}