Changes

762 bytes added ,  20:41, 12 December 2018
new stuff
Line 1,444: Line 1,444:  
  0x0020: xdst (with cxset) or cxsin (fuc5 opcode 0x88)
 
  0x0020: xdst (with cxset) or cxsin (fuc5 opcode 0x88)
 
  0x0030: xdld (with cxset) or cxsout (fuc5 opcode 0x8C)
 
  0x0030: xdld (with cxset) or cxsout (fuc5 opcode 0x8C)
  0x0040: csrng (fuc5 opcode 0x90)
+
  0x0040: crng (fuc5 opcode 0x90)
 
  0x0050: cs0begin (fuc5 opcode 0x94)
 
  0x0050: cs0begin (fuc5 opcode 0x94)
 
  0x0060: cs0exec (fuc5 opcode 0x98)
 
  0x0060: cs0exec (fuc5 opcode 0x98)
Line 1,450: Line 1,450:  
  0x0080: cs1exec (fuc5 opcode 0xA0)
 
  0x0080: cs1exec (fuc5 opcode 0xA0)
 
  0x0090: (fuc5 opcode 0xA4)
 
  0x0090: (fuc5 opcode 0xA4)
  0x00A0: (fuc5 opcode 0xA8)
+
  0x00A0: cchmod (fuc5 opcode 0xA8)
 
  0x00B0: cxor (fuc5 opcode 0xAC)
 
  0x00B0: cxor (fuc5 opcode 0xAC)
 
  0x00C0: cadd (fuc5 opcode 0xB0)
 
  0x00C0: cadd (fuc5 opcode 0xB0)
Line 1,464: Line 1,464:  
  0x0160: (fuc5 opcode 0xD8)
 
  0x0160: (fuc5 opcode 0xD8)
 
  0x0170: csigenc (fuc5 opcode 0xDC)
 
  0x0170: csigenc (fuc5 opcode 0xDC)
  0x0180: cchmod (fuc5 opcode 0xE0)
+
  0x0180: csigclr (fuc5 opcode 0xE0)
 
|-
 
|-
 
| 31
 
| 31
Line 2,173: Line 2,173:  
  load_keygen(key_buf, key_version, is_blob_dec);
 
  load_keygen(key_buf, key_version, is_blob_dec);
 
   
 
   
  // fuc5 crypt cchmod instruction
+
  // fuc5 crypt csigclr instruction
  // Resets the ACL bits
+
  // Clears the cauth signature
  cchmod();
+
  csigclr();
 
   
 
   
 
  // Clear all crypto registers
 
  // Clear all crypto registers
Line 2,736: Line 2,736:  
  cxor(c7, c7);
 
  cxor(c7, c7);
 
   
 
   
  // fuc5 crypt cchmod instruction
+
  // fuc5 crypt csigclr instruction
  // Resets the ACL bits
+
  // Clears the cauth signature
  cchmod();
+
  csigclr();
 
   
 
   
 
  // Jump to Payload
 
  // Jump to Payload
Line 2,870: Line 2,870:     
== Notes ==
 
== Notes ==
[https://wiki.0x04.net/wiki/Marcin_Ko%C5%9Bcielnicki mwk] shared additional info learned from RE of falcon processors over the years, which hasn't made it into envytools documentation yet:
+
Part of the information here (which hasn't made it into envytools documentation yet) was shared by [https://wiki.0x04.net/wiki/Marcin_Ko%C5%9Bcielnicki mwk] from reverse engineering falcon processors over the years.
 +
 
 +
=== Register ACLs ===
 +
Falcon tracks permission metadata about each crypto reg. Permissions include read/write ability per execution mode, as well as ability to use the reg for encrypt/decrypt, among other permissions. Permissions are propagated when registers are referenced by instructions (e.g. moving a value from read-protected $cX to $cY will result in $cY also being read-protected).
 +
 
 +
=== Authenticated Mode Entry/Exit ===
 +
Entry to Authenticated Mode always sets $pc to the address supplied in $cauth (ie the base of the signature-checked region). This takes effect when trying to branch to any address within the range covered by $cauth. Entry to Authenticated Mode (also called "Secure Mode") computes a MAC over the $cauth region and compares it to $c6 in order to perform the signature check.
 +
 
 +
Exit from Authenticated Mode must poke a special register before leaving authenticated code pages and a failure to do this would result in the Falcon core halting. Every Falcon based unit (TSEC, NVDEC, VIC) must map this register in their engine-specific subset of registers. In TSEC's case, the register is [[#TSEC_SCP_CTL_MODE|TSEC_SCP_CTL_MODE]].
 +
 
 +
=== csigclr ===
 +
<code>00000000: f5 3c 00 e0    csigclr</code>
 +
 
 +
This instruction takes no operands and appears to clear the saved cauth signature used by the csigenc instruction.
 +
 
 +
=== cchmod ===
 +
<code>00000000: f5 3c XY a8    cchmod $cY 0X</code> or <code>00000000: f5 3c XY a9    cchmod $cY 1X</code>
 +
 
 +
This instruction takes a crypto register and a 5 bit immediate value. It appears to set the [[#Register ACLs|crypto registers' ACL]] bits as follows:
 +
{| class="wikitable" border="1"
 +
!  Bits
 +
!  Description
 +
|-
 +
| 0
 +
| Allow register to be used as key in NS or LS mode
 +
|-
 +
| 1
 +
| Allow register to be used as key in HS mode
 +
|-
 +
| 2
 +
| Set register as readable in NS or LS mode
 +
|-
 +
| 3
 +
| Set register as readable in HS mode
 +
|-
 +
| 4
 +
| Set register as writable in NS or LS mode
 +
|}
 +
 
 +
=== crng ===
 +
<code>00000000: f5 3c 0X 90    crng $cX</code>
 +
 
 +
This instruction takes no operands and appears to initialize a crypto register with random data.
    
=== cxset ===
 
=== cxset ===
Line 2,900: Line 2,942:     
For example, if override type=0b000, then the "length" argument to <code>xdst</code> is instead treated as the index of the target $cX register.
 
For example, if override type=0b000, then the "length" argument to <code>xdst</code> is instead treated as the index of the target $cX register.
  −
=== Register ACLs ===
  −
Falcon tracks permission metadata about each crypto reg. Permissions include read/write ability per execution mode, as well as ability to use the reg for encrypt/decrypt, among other permissions. Permissions are propagated when registers are referenced by instructions (e.g. moving a value from read-protected $cX to $cY will result in $cY also being read-protected).
  −
  −
=== Authenticated Mode Entry/Exit ===
  −
Entry to Authenticated Mode always sets $pc to the address supplied in $cauth (ie the base of the signature-checked region). This takes effect when trying to branch to any address within the range covered by $cauth. Entry to Authenticated Mode (also called "Secure Mode") computes a MAC over the $cauth region and compares it to $c6 in order to perform the signature check.
  −
  −
Exit from Authenticated Mode must poke a special register before leaving authenticated code pages and a failure to do this would result in the Falcon core halting. Every Falcon based unit (TSEC, NVDEC, VIC) must map this register in their engine-specific subset of registers. In TSEC's case, the register is [[#TSEC_SCP_CTL_MODE|TSEC_SCP_CTL_MODE]].
  −
  −
=== Unknown Instructions ===
  −
<code>00000000: f5 3c 00 e0    cchmod</code> - resets all crypto register's permissions.
  −
  −
<code>00000000: f5 3c XY a8    c_unk $cY X</code> - unknown crypto operation.
  −
  −
<code>00000000: f5 3c 0X 90    crng $cX</code> - seems to initialize a crypto register with random data.
      
=== Secrets ===
 
=== Secrets ===
Line 2,932: Line 2,959:  
| 0x05 || Used by nvhost_tsec, nvhost_nvdec_bl020_prod, nvhost_nvdec020_prod, nvhost_nvdec020_ns and acr_ucode firmwares.
 
| 0x05 || Used by nvhost_tsec, nvhost_nvdec_bl020_prod, nvhost_nvdec020_prod, nvhost_nvdec020_ns and acr_ucode firmwares.
 
|-
 
|-
| 0x07 || Used by nvhost_tsec firmware.
+
| 0x07 || Used by [6.0.0+] nvhost_tsec firmware.
 
|-
 
|-
 
| 0x09 || Used by nvhost_tsec firmware.
 
| 0x09 || Used by nvhost_tsec firmware.
Line 2,940: Line 2,967:  
| 0x0F || Used by nvhost_tsec firmware.
 
| 0x0F || Used by nvhost_tsec firmware.
 
|-
 
|-
| 0x15 || Used by nvhost_tsec, nvhost_nvdec_bl020_prod, [5.0.0+] nvhost_nvdec020_prod and nvhost_nvdec020_ns firmwares.
+
| 0x10 || Used by [1.0.0-5.1.0] nvhost_tsec firmware.
 +
|-
 +
| 0x15 || Used by nvhost_nvdec_bl020_prod, [5.0.0+] nvhost_nvdec020_prod, [5.0.0+] nvhost_nvdec020_ns and [6.0.0+] nvhost_tsec firmwares.
 
|-
 
|-
 
| 0x26 || Used by [[#KeygenLdr|KeygenLdr]].
 
| 0x26 || Used by [[#KeygenLdr|KeygenLdr]].