Difference between revisions of "18.0.0"

From Nintendo Switch Brew
Jump to navigation Jump to search
(→‎BootImagePackages: Kernel diff)
Line 515: Line 515:
  
 
Using updated master-key: master_key_11 (previously master_key_10). See [[NCA]] for the KeyGeneration listing.
 
Using updated master-key: master_key_11 (previously master_key_10). See [[NCA]] for the KeyGeneration listing.
 +
 +
==== Kernel ====
 +
* Compiler/libc was upgraded, this results in various minor optimizations throughout the whole kernel.
 +
** Many, many minor changes that this is almost certainly the cause for, e.g. KThread::SuspendRequest now calculates requested value as (0x10 << suspend_type) instead of (1 << (suspend_type + 4)).
 +
** Biggest one is that sp/lr are now much more commonly not saved to stack until actually needed, if a function has a return path which does not make calls/does not need lr/sp saved.
 +
* Initialize0 changes:
 +
** The physical base address of the kernel is now passed by KernelLdr for use during KernelSlab virtual memory region setup.
 +
*** This replaces the previous call to KInitialPageTable::GetPhysicalAddress.
 +
* SVC-handler accesses to the thread local region's disable count now use userspace access instructions.
 +
* SvcSetHeapSize now only sets the output address on success.
 +
** This wasn't a vulnerability before, because prior to this the ABI meant userland would receive whatever was in the userland register at call time.
 +
* CreateProcessParameter now zeroes many fields before performing initialization.
 +
* New CreateProcessFlag 0x2000 is "EnableReservedRegionExtraSize", when set the reserved region size is increased by (AddressSpaceSize / 8).
 +
** Currently, CreateProcess will return svc::ResultInvalidState() unless all the following conditions are met:
 +
*** Address space type must be 39-bit
 +
*** System resource size must be > 0
 +
*** KTargetSystem::IsDebugMode() must be true.
 +
** New InfoType (0x1C) "InfoType_ReservedRegionExtraSize" retrieves the extra size, which is a member of KPageTableBase.
 +
** Loader does not currently support passing this flag in any capacity yet.
 +
** nn::os::VammManager currently calculates the reserved region as [start, end - extra size], and will not map to the extra part of the region.
 +
* Various KPageTable(Base/Impl) changes:
 +
** InitializeForProcess now takes in the create process flags directly instead of parsing as a bunch of bools.
 +
** InitializeForProcess now performs much more complicated initialization/randomization of the four aslr'd regions, dividing them up before/after the process code using largest-region first selection for randomization order.
 +
** KPageTableImpl's traversal functions now take an additional output byte (which is also a new member at +0x11 in the traversal block and in KMemoryRange), this is always set to zero.
 +
*** This byte is checked when traversing by ::Finalize and ::GetContiguousRangeWithMemoryState, but not other page table functions.
 +
*** This byte is also stored as a new member of the memory range struct returned by GetContiguousRangeWithMemoryState
 +
** AllocateAndMapPagesImpl now takes in the page properties by reference instead of by value.
 +
** Read/WriteReadDebugIoMemory now use simpler logic for determining the current readable size.
 +
* The KMemoryBlock helper "ConvertToKMemoryPermission" was changed to only copy the user-write bit to KernelWrite.
 +
** This fixes a longstanding bug where the input was AND'd with KMemoryPermission_UserReadWrite, and these bits were then ORR'd into the final permission <<='d with KernelShift.
 +
** The intent here was to copy the user read/write permissions into the kernel read/write permissions, but KMemoryPermission_UserReadWrite is not bitmask 0x3, it's bitmask 0x1B (including the KernelRead/Write bits).
 +
** Thus, previously this would allow an input with KernelRead bit to spuriously set the NotMapped bit, and an input with KernelWrite bit to spuriously set the unused top bit.
 +
** This was unexploitable, except maybe for causing a kernel-mode access exception.
 +
* HandleException now handles EsrEc_DataAbortEl0 specially when determining the debug exception type.
 +
** When ESR_EL1.IFSC is 0b100001 ("Alignment Fault"), ExceptionType_UnalignedData is selected instead of ExceptionType_DataAbort.
 +
* KMemoryManager(Impl)/KPageHeap changes:
 +
** KPageHeap's heap_virtual_address member is now removed and is a part of KMemoryManagerImpl now (this is still unused in non-debug kernel).
 +
** KMemoryManager::AllocatePageGroup now takes a parameter for the required minimum alignment for the page group.
 +
*** This is currently passed as 1 page (minimum alignment) at all callsites.
 +
* SecureMonitor access was refactored, actual smc invocation is now in its own helper separate from interrupt disable/enable (and helpers which invoke without interrupt disable now exist).
  
 
=== [[Audio_services|audio]] ===
 
=== [[Audio_services|audio]] ===

Revision as of 23:38, 27 March 2024

The Switch 18.0.0 system update was released on March 26, 2024 (UTC). This Switch update was released for the following regions: CHN, and ALL.

Security flaws fixed: <fill this in manually later, see the updatedetails page from the ninupdates-report page(s) once available for now>.

Change-log

Official ALL change-log:

  • Added “15 Minutes” as an option for “Auto-sleep when playing on TV” in Sleep Mode Settings.
  • Added Korean as a supported language for “Nintendo Switch Parental Controls” introductory video.
  • When the console language is set to Korean, the video can be accessed from Settings > Parental Controls.
  • General system stability improvements to enhance the user's experience.

System Titles

  • The following titles were updated:
    • Sysmodules: usb, htc.stub, boot2.ProdBoot, settings, Bus, bluetooth, bcat, friends, nifm, ptm, bsdsocket, hid, audio, LogManager.Prod, wlan, ldn, nvservices, pcv, capmtp, nvnflinger, pcie, account, ns, nfc, psc, capsrv, am, ssl, nim, btm, erpt, vi, pctl, npns, eupld, glue, eclct, es, fatal, creport, ro, sdb, grc, migration, jpegdec, safemode, olsc, ngct, jit, pgl, omm, eth, ngc.
    • SystemData (non-sysver): CertStore, ErrorMessage, MiiModel, Help, NgWord, SsidList, LocalNews, TimeZoneBinary, FontNintendoExtension, FontStandard, FontKorean, FontChineseTraditional, FontChineseSimple, FirmwareDebugSettings, BootImagePackage, BootImagePackageSafe, BootImagePackageExFat, FatalMessage, PlatformConfigIcosa, PlatformConfigCopper, PlatformConfigHoag, ControllerFirmware, NgWord2, BootImagePackageExFatSafe, PlatformConfigIcosaMariko, ContentActionTable, NgWordT, PlatformConfigAula, AulaDockFirmware.
    • Applets: qlaunch, auth, cabinet, error, netConnect, playerSelect, overlayDisp, "starter" application.

NPDM changes (besides usual version-bump):

  • ptm: Service access: removed ovln:snd.
  • bsdsocket: Service server access: added bsd:a, dns:priv.
  • ldn: Service access: added lm.
  • ns: Service access: added ldn:s.
  • psc: Service access: added ovln:snd, psc:m.
  • ssl: Service access: added srepo:u, arp:r.
  • es: Service access: added ssl:s.
  • qlaunch: Service access: removed htcs.
  • auth: Service access: added htcs:sys, removed htcs.
  • cabinet: Service access: added htcs:sys, ngc:u, removed htcs.
  • error: Service access: removed htcs.
  • netConnect: Service access: added htcs:sys, removed htcs.
  • playerSelect: Service access: removed htcs.
  • overlayDisp: Service access: added htcs:sys, removed htcs.

RomFs changes:

  • ErrorMessage: updated
  • Help: "/legallines.htdocs/index.html" updated
  • NgWord: "/0.txt" updated, "/common.txt" updated, "/version.dat" updated
  • SystemVersion: All files updated.
  • LocalNews: "/message/KRko/localNews.msbt.szs" updated, "/message/revision.txt" updated
  • FirmwareDebugSettings: All files updated.
  • NgWord2: "/ac_0_not_b_nx" updated, "/ac_common_b2_nx" updated, "/ac_common_not_b_nx" updated, "/version.dat" updated
  • RebootlessSystemUpdateVersion: All files updated.
  • NgWordT: All files updated.
  • qlaunch applet:
    • "/lyt/": Various data updated.
    • "/message/": Various data updated.
    • "/sound/qlaunch_action.bksnd" updated
  • auth applet: "/lyt/Auth.szs" updated, "/lyt/common.szs" updated, "/message/KRko/auth.msbt.szs" updated, "/message/KRko/common.msbt.szs" updated, "/message/Ocean.msbp.szs" updated, "/sound/auth_action.bksnd" updated
  • cabinet applet:
    • "/common/shader/VarietyOceanShader_Nx.arc.szs" updated
    • "/lyt/": Various data updated.
    • "/message/": Various data updated.
    • "/sound/cabinet_action.bksnd" updated
  • error applet: "/lyt/common.szs" updated, "/lyt/Error.szs" updated, "/message/KRko/common.msbt.szs" updated, "/message/Ocean.msbp.szs" updated, "/sound/error_action.bksnd" updated
  • netConnect applet: "/lyt/common.szs" updated, "/lyt/NetConnect.szs" updated, "/message/KRko/common.msbt.szs" updated, "/message/KRko/netConnect.msbt.szs" updated, "/message/Ocean.msbp.szs" updated, "/sound/netConnect_action.bksnd" updated
  • playerSelect applet: "/lyt/common.szs" updated, "/message/KRko/common.msbt.szs" updated, "/message/Ocean.msbp.szs" updated, "/sound/playerSelect_action.bksnd" updated
  • overlayDisp applet:
    • "/lyt/": Various data updated.
    • "/message/": Various data updated.
    • "/sound/overlayDisp_action.bksnd" updated
  • "starter" application:
    • "/common/shader/VarietyOceanShader_Nx.arc.szs" updated
    • "/lyt/": Various data updated.
    • "/message/": Various data updated.
    • "/sound/starter_action.bksnd" updated

IPC Interface Changes

  • Interface Changed: nn::settings::ISettingsServer
    • Added: 12 - buffer_entry_sizes: [0x1000], buffers: [0x16], inbytes: 0x4, outbytes: 0x0
  • Interface Changed: nn::settings::ISystemSettingsServer
    • Added: 251 - buffer_entry_sizes: [0x18], buffers: [0x6], inbytes: 0x0, outbytes: 0x4
    • Added: 252 - buffer_entry_sizes: [0x18], buffers: [0x5], inbytes: 0x0, outbytes: 0x0
  • Unknown Interface prev-version: 0x710007AF24
  • Unknown Interface cur-version: 0x710007CD3C
  • Interface Changed: nn::friends::detail::ipc::IFriendService
    • Added: 10111 - buffers: [0x6], inbytes: 0x20, outbytes: 0x4
    • Added: 10501 - buffer_entry_sizes: [0x100, 0x8], buffers: [0x6, 0x9], inbytes: 0x10, outbytes: 0x0
    • Added: 11001 - inbytes: 0xA4, outbytes: 0xA0
  • Interface Changed: nn::friends::detail::ipc::IServiceCreator
    • Changed: 2 - outinterfaces: ['0x710007AF24'] -> ['0x710007CD3C'] (final state: inbytes: 0x0, outbytes: 0x0, outinterfaces: ['0x710007CD3C'])
  • Interface Changed: nn::nifm::detail::IGeneralService
    • Added: 44 - inbytes: 0x0, outbytes: 0x1
    • Added: 45 - inbytes: 0x0, outbytes: 0x1
    • Added: 46 - inbytes: 0x4, outbytes: 0x0
    • Added: 49 - inbytes: 0x0, outbytes: 0x4
    • Added: 50 - inbytes: 0x0, outbytes: 0x1
    • Added: 51 - buffer_entry_sizes: [0x410], buffers: [0x15], inbytes: 0x1, outbytes: 0x8
    • Added: 52 - inbytes: 0x8, outbytes: 0x0
  • Interface Removed: nn::ts::server::IMeasurementServer
  • Unknown Interface cur-version: 0x710006930C [ID = 0x26f251af]
  • Interface Changed: nn::psm::IPsmServer
    • Added: 19 - inbytes: 0x0, outbytes: 0x0
    • Added: 20 - inbytes: 0x0, outbytes: 0x0
  • Interface Removed: nn::socket::sf::IClient_MC
  • Interface Added: nn::socket::sf::IClient
  • Unknown Interface cur-version: 0x71000D00F0 [ID = 0xb117a63f]
  • Interface Changed: nn::hid::IHidDebugServer
    • Added: 18 - buffer_entry_sizes: [0x28], buffers: [0x5], inbytes: 0x8, outbytes: 0x0, pid: True
    • Changed: 225 - outbytes: 0x18 -> 0x20 (final state: inbytes: 0x8, outbytes: 0x20)
    • Added: 601 - inbytes: 0x6, outbytes: 0x1
    • Added: 602 - inbytes: 0x0, outbytes: 0x1
    • Added: 603 - inbytes: 0x6, outbytes: 0x0
    • Added: 604 - inbytes: 0x0, outbytes: 0x0
    • Added: 605 - inbytes: 0x7, outbytes: 0x0
    • Added: 606 - inbytes: 0x1, outbytes: 0x0
    • Added: 607 - inbytes: 0x6, outbytes: 0x1
    • Added: 608 - inbytes: 0x0, outbytes: 0x1
    • Added: 609 - buffer_entry_sizes: [0x2C8], buffers: [0x15], inbytes: 0x0, outbytes: 0x0
    • Added: 610 - buffer_entry_sizes: [0x2C8], buffers: [0x15], inbytes: 0x6, outbytes: 0x0
    • Added: 611 - buffer_entry_sizes: [0x1C8], buffers: [0x15], inbytes: 0x6, outbytes: 0x0
    • Added: 612 - buffer_entry_sizes: [0x1A0], buffers: [0x15], inbytes: 0x6, outbytes: 0x0
    • Added: 613 - buffer_entry_sizes: [0x2C8], buffers: [0x16], inbytes: 0x0, outbytes: 0x0
    • Added: 614 - buffer_entry_sizes: [0x2C8], buffers: [0x16], inbytes: 0x6, outbytes: 0x0
    • Added: 615 - buffer_entry_sizes: [0x1C8], buffers: [0x16], inbytes: 0x6, outbytes: 0x0
    • Added: 616 - buffer_entry_sizes: [0x1A0], buffers: [0x16], inbytes: 0x6, outbytes: 0x0
  • Interface Changed: nn::hid::IHidServer
    • Added: 92 - inbytes: 0x10, outbytes: 0x0, pid: True
  • Interface Changed: nn::hid::IHidSystemServer
    • Added: 813 - inbytes: 0x8, outbytes: 0x4
    • Removed: 1200 - inbytes: 0x6, outbytes: 0x1
    • Removed: 1201 - inbytes: 0x0, outbytes: 0x1
    • Removed: 1202 - inbytes: 0x6, outbytes: 0x0
    • Removed: 1203 - inbytes: 0x0, outbytes: 0x0
    • Removed: 1204 - inbytes: 0x7, outbytes: 0x0
    • Removed: 1205 - inbytes: 0x1, outbytes: 0x0
    • Removed: 1206 - inbytes: 0x6, outbytes: 0x1
    • Removed: 1207 - inbytes: 0x0, outbytes: 0x1
    • Removed: 1208 - buffer_entry_sizes: [0x2C8], buffers: [0x15], inbytes: 0x0, outbytes: 0x0
    • Removed: 1209 - buffer_entry_sizes: [0x2C8], buffers: [0x15], inbytes: 0x6, outbytes: 0x0
    • Removed: 1211 - buffer_entry_sizes: [0x1A0], buffers: [0x15], inbytes: 0x6, outbytes: 0x0
    • Removed: 1212 - buffer_entry_sizes: [0x2C8], buffers: [0x16], inbytes: 0x0, outbytes: 0x0
    • Removed: 1213 - buffer_entry_sizes: [0x2C8], buffers: [0x16], inbytes: 0x6, outbytes: 0x0
    • Removed: 1214 - buffer_entry_sizes: [0x1C8], buffers: [0x16], inbytes: 0x6, outbytes: 0x0
    • Removed: 1215 - buffer_entry_sizes: [0x1A0], buffers: [0x16], inbytes: 0x6, outbytes: 0x0
    • Added: 1308 - inbytes: 0x10, outbytes: 0x0
    • Added: 1309 - inbytes: 0x8, outbytes: 0x1
    • Removed: 12010 - buffer_entry_sizes: [0x1C8], buffers: [0x15], inbytes: 0x6, outbytes: 0x0
  • Interface Changed: nn::audio::detail::IAudioDevice
    • Added: 19 - inbytes: 0x1, outbytes: 0x0
    • Added: 20 - inbytes: 0x0, outbytes: 0x1
  • Interface Changed: nn::audio::detail::IAudioSystemManagerForApplet
    • Added: 10 - buffers: [0x6], inbytes: 0x0, outbytes: 0x4
  • Interface Changed: nn::audioctrl::detail::IAudioController
    • Removed: 6 - inbytes: 0x4, outbytes: 0x1
  • Unknown Interface cur-version: 0x710002D294 [ID = 0xf8ed3aad]
  • Interface Changed: nn::ldn::detail::ISystemLocalCommunicationService
    • Added: 106 - inbytes: 0x4, outbytes: 0x0
    • Added: 500 - inbytes: 0x80, outbytes: 0x0
    • Added: 501 - inbytes: 0x0, outbytes: 0x0
    • Added: 502 - buffers: [0x21], inbytes: 0x14, outbytes: 0x0
    • Added: 503 - buffers: [0x22], inbytes: 0x4, outbytes: 0x18
    • Added: 505 - inbytes: 0x4, outbytes: 0x0
    • Added: 600 - inbytes: 0x2, outbytes: 0x0
    • Added: 601 - inbytes: 0x0, outbytes: 0x0
  • Interface Changed: nn::ldn::detail::ISystemServiceCreator
    • Added: 1 - inbytes: 0x0, outbytes: 0x0, outinterfaces: ['0x710002D294 [ID = 0xf8ed3aad]']
  • Interface Changed: nn::ldn::detail::IUserLocalCommunicationService
    • Added: 106 - inbytes: 0x4, outbytes: 0x0
    • Added: 500 - inbytes: 0x80, outbytes: 0x0
    • Added: 501 - inbytes: 0x0, outbytes: 0x0
    • Added: 502 - buffers: [0x21], inbytes: 0x14, outbytes: 0x0
    • Added: 503 - buffers: [0x22], inbytes: 0x4, outbytes: 0x18
    • Added: 505 - inbytes: 0x4, outbytes: 0x0
    • Added: 600 - inbytes: 0x2, outbytes: 0x0
    • Added: 601 - inbytes: 0x0, outbytes: 0x0
  • Interface Changed: nn::ldn::detail::IUserServiceCreator
    • Added: 1 - inbytes: 0x0, outbytes: 0x0, outinterfaces: ['0x710002D294 [ID = 0xf8ed3aad]']
  • Unknown Interface prev-version: 0x7100005828
  • Unknown Interface cur-version: 0x7100005438
  • Interface Changed: nn::clkrst::IClkrstSession
    • Added: 14 - inbytes: 0x0, outbytes: 0x0
    • Added: 15 - inbytes: 0x0, outbytes: 0x0
  • Interface Changed: nn::rtc::IRtcManager
    • Added: 12 - inbytes: 0x8, outbytes: 0x0
    • Added: 13 - inbytes: 0x8, outbytes: 0x0
  • Unknown Interface prev-version: 0x71000791B8 [ID = 0xf350e826]
  • Unknown Interface cur-version: 0x710007E200 [ID = 0xf350e826]
  • Interface Changed: nn::account::IAccountEntityServiceForAccountPolicy
    • Added: 400 - buffers: [0x5], inbytes: 0x10, outbytes: 0x0
    • Added: 401 - inbytes: 0x10, outbytes: 0x4
    • Added: 402 - buffers: [0x6], inbytes: 0x10, outbytes: 0x4
    • Added: 410 - inbytes: 0x10, outbytes: 0x8
    • Added: 411 - inbytes: 0x10, outbytes: 0x0
    • Added: 412 - inbytes: 0x10, outbytes: 0x0
  • Interface Changed: nn::account::IAccountServiceForAdministrator
    • Added: 400 - buffers: [0x5], inbytes: 0x10, outbytes: 0x0
    • Added: 401 - inbytes: 0x10, outbytes: 0x4
    • Added: 402 - buffers: [0x6], inbytes: 0x10, outbytes: 0x4
    • Added: 410 - inbytes: 0x10, outbytes: 0x8
    • Added: 411 - inbytes: 0x10, outbytes: 0x0
    • Added: 412 - inbytes: 0x10, outbytes: 0x0
  • Interface Changed: nn::account::IAccountServiceForSystemService
    • Added: 401 - inbytes: 0x10, outbytes: 0x4
    • Added: 402 - buffers: [0x6], inbytes: 0x10, outbytes: 0x4
  • Interface Changed: nn::account::IAccountServiceForSystemServiceWithProfileEditor
    • Added: 401 - inbytes: 0x10, outbytes: 0x4
    • Added: 402 - buffers: [0x6], inbytes: 0x10, outbytes: 0x4
  • Interface Changed: nn::account::baas::IAdministrator
    • Changed: 170 - outinterfaces: ['0x71000791B8 [ID = 0xf350e826]'] -> ['0x710007E200 [ID = 0xf350e826]'] (final state: inbytes: 0x8, inhandles: [1], outbytes: 0x0, outinterfaces: ['0x710007E200 [ID = 0xf350e826]'])
    • Added: 180 - buffer_entry_sizes: [0x1000, 0x100], buffers: [0x1A, 0x1A], inbytes: 0x4, outbytes: 0x0
  • Interface Changed: nn::account::baas::IFloatingRegistrationRequest
    • Added: 16 - buffers: [0x6], inbytes: 0x0, outbytes: 0x4
  • Interface Changed: nn::account::baas::IGuestLoginRequest
    • Added: 16 - buffers: [0x6], inbytes: 0x0, outbytes: 0x4
  • Interface Changed: nn::account::baas::IManagerForSystemService
    • Changed: 170 - outinterfaces: ['0x71000791B8 [ID = 0xf350e826]'] -> ['0x710007E200 [ID = 0xf350e826]'] (final state: inbytes: 0x8, inhandles: [1], outbytes: 0x0, outinterfaces: ['0x710007E200 [ID = 0xf350e826]'])
    • Added: 180 - buffer_entry_sizes: [0x1000, 0x100], buffers: [0x1A, 0x1A], inbytes: 0x4, outbytes: 0x0
  • Interface Changed: nn::account::nas::IOAuthProcedureForExternalNsa
    • Added: 104 - buffers: [0x6], inbytes: 0x0, outbytes: 0x4
  • Interface Changed: nn::account::nas::IOAuthProcedureForUserRegistration
    • Added: 104 - buffers: [0x6], inbytes: 0x0, outbytes: 0x4
    • Added: 230 - buffers: [0x5], inbytes: 0x21, outbytes: 0x0, outinterfaces: ['nn::account::detail::IAsyncContext']
  • Interface Changed: nn::account::profile::IProfile
    • Added: 20 - inbytes: 0x0, outbytes: 0x4
    • Added: 21 - buffers: [0x6], inbytes: 0x0, outbytes: 0x4
    • Added: 30 - inbytes: 0x0, outbytes: 0x10
  • Interface Changed: nn::account::profile::IProfileEditor
    • Added: 20 - inbytes: 0x0, outbytes: 0x4
    • Added: 21 - buffers: [0x6], inbytes: 0x0, outbytes: 0x4
    • Added: 30 - inbytes: 0x0, outbytes: 0x10
    • Added: 110 - buffer_entry_sizes: [0x80, 0x0], buffers: [0x19, 0x5], inbytes: 0x38, outbytes: 0x0
  • Unknown Interface prev-version: 0x71001BCD60 [ID = 0xf350e826]
  • Unknown Interface cur-version: 0x71001B0378 [ID = 0xf350e826]
  • Interface Changed: nn::account::IAccountServiceForAdministrator
    • Added: 400 - buffers: [0x5], inbytes: 0x10, outbytes: 0x0
    • Added: 401 - inbytes: 0x10, outbytes: 0x4
    • Added: 402 - buffers: [0x6], inbytes: 0x10, outbytes: 0x4
    • Added: 410 - inbytes: 0x10, outbytes: 0x8
    • Added: 411 - inbytes: 0x10, outbytes: 0x0
    • Added: 412 - inbytes: 0x10, outbytes: 0x0
  • Interface Changed: nn::account::IAccountServiceForSystemService
    • Added: 401 - inbytes: 0x10, outbytes: 0x4
    • Added: 402 - buffers: [0x6], inbytes: 0x10, outbytes: 0x4
  • Interface Changed: nn::account::baas::IAdministrator
    • Changed: 170 - outinterfaces: ['0x71001BCD60 [ID = 0xf350e826]'] -> ['0x71001B0378 [ID = 0xf350e826]'] (final state: inbytes: 0x8, inhandles: [1], outbytes: 0x0, outinterfaces: ['0x71001B0378 [ID = 0xf350e826]'])
    • Added: 180 - buffer_entry_sizes: [0x1000, 0x100], buffers: [0x1A, 0x1A], inbytes: 0x4, outbytes: 0x0
  • Interface Changed: nn::account::baas::IFloatingRegistrationRequest
    • Added: 16 - buffers: [0x6], inbytes: 0x0, outbytes: 0x4
  • Interface Changed: nn::account::baas::IGuestLoginRequest
    • Added: 16 - buffers: [0x6], inbytes: 0x0, outbytes: 0x4
  • Interface Changed: nn::account::baas::IManagerForSystemService
    • Changed: 170 - outinterfaces: ['0x71001BCD60 [ID = 0xf350e826]'] -> ['0x71001B0378 [ID = 0xf350e826]'] (final state: inbytes: 0x8, inhandles: [1], outbytes: 0x0, outinterfaces: ['0x71001B0378 [ID = 0xf350e826]'])
    • Added: 180 - buffer_entry_sizes: [0x1000, 0x100], buffers: [0x1A, 0x1A], inbytes: 0x4, outbytes: 0x0
  • Interface Changed: nn::account::nas::IOAuthProcedureForExternalNsa
    • Added: 104 - buffers: [0x6], inbytes: 0x0, outbytes: 0x4
  • Interface Changed: nn::account::nas::IOAuthProcedureForUserRegistration
    • Added: 104 - buffers: [0x6], inbytes: 0x0, outbytes: 0x4
    • Added: 230 - buffers: [0x5], inbytes: 0x21, outbytes: 0x0, outinterfaces: ['nn::account::detail::IAsyncContext']
  • Interface Changed: nn::account::profile::IProfile
    • Added: 20 - inbytes: 0x0, outbytes: 0x4
    • Added: 21 - buffers: [0x6], inbytes: 0x0, outbytes: 0x4
    • Added: 30 - inbytes: 0x0, outbytes: 0x10
  • Interface Changed: nn::account::profile::IProfileEditor
    • Added: 20 - inbytes: 0x0, outbytes: 0x4
    • Added: 21 - buffers: [0x6], inbytes: 0x0, outbytes: 0x4
    • Added: 30 - inbytes: 0x0, outbytes: 0x10
    • Added: 110 - buffer_entry_sizes: [0x80, 0x0], buffers: [0x19, 0x5], inbytes: 0x38, outbytes: 0x0
  • Interface Changed: nn::ns::detail::IApplicationManagerInterface
    • Changed: 94 - inbytes: 0x48 -> 0x58 (final state: inbytes: 0x58, outbytes: 0x8)
    • Changed: 95 - outbytes: 0x40 -> 0x50 (final state: inbytes: 0x8, outbytes: 0x50)
    • Changed: 96 - outbytes: 0x40 -> 0x50 (final state: inbytes: 0x8, outbytes: 0x50)
    • Changed: 97 - inbytes: 0x40 -> 0x50 (final state: inbytes: 0x50, outbytes: 0x1)
    • Changed: 406 - inbytes: 0x48 -> 0x58 (final state: buffer_entry_sizes: [0x4000], buffers: [0x16], inbytes: 0x58, outbytes: 0x0)
    • Changed: 2513 - inbytes: 0x40 -> 0x50 (final state: inbytes: 0x50, outbytes: 0x8)
    • Changed: 2517 - inbytes: 0x40 -> 0x50 (final state: inbytes: 0x50, outbytes: 0x8)
    • Added: 3015 - inbytes: 0x0, outbytes: 0x0, outhandles: [1]
    • Added: 3104 - buffers: [0x6], inbytes: 0x8, outbytes: 0x8
    • Added: 3105 - buffers: [0x6], inbytes: 0x8, outbytes: 0x8
    • Added: 5000 - inbytes: 0x10, outbytes: 0x0, outhandles: [1], outinterfaces: ['nn::ns::detail::IAsyncData']
    • Added: 5001 - inbytes: 0x8, outbytes: 0x0, outhandles: [1], outinterfaces: ['nn::ns::detail::IAsyncData']
  • Interface Changed: nn::ns::detail::IDevelopInterface
    • Removed: 8 - buffers: [0x5], inbytes: 0x4, outbytes: 0x8
    • Removed: 9 - inbytes: 0x10, outbytes: 0x8
    • Removed: 15 - buffers: [0x5], inbytes: 0x0, outbytes: 0x8
    • Changed: 17 - outbytes: 0x40 -> 0x50 (final state: buffers: [0x5], inbytes: 0x4, outbytes: 0x50)
    • Changed: 18 - inbytes: 0x40 -> 0x50 (final state: inbytes: 0x50, outbytes: 0x0, outhandles: [1])
    • Changed: 19 - inbytes: 0x40 -> 0x50 (final state: inbytes: 0x50, outbytes: 0x0)
    • Added: 21 - inbytes: 0x10, outbytes: 0x50
    • Added: 22 - inbytes: 0x50, outbytes: 0x8
    • Added: 23 - inbytes: 0x50, outbytes: 0x8
    • Added: 24 - inbytes: 0x0, outbytes: 0x0
  • Interface Changed: nn::ns::detail::IDynamicRightsInterface
    • Added: 26 - inbytes: 0x0, outbytes: 0x1
  • Interface Changed: nn::ns::detail::IVulnerabilityManagerInterface
    • Added: 3100 - inbytes: 0x0, outbytes: 0x10
    • Added: 3101 - inbytes: 0x0, outbytes: 0x0, outhandles: [1], outinterfaces: ['nn::ns::detail::IAsyncResult']
    • Added: 3102 - inbytes: 0x0, outbytes: 0x0
  • Unknown Interface prev-version: 0x71000182AC [ID = 0x5a340f8a]
  • Unknown Interface cur-version: 0x710001CE6C [ID = 0x5a340f8a]
  • Unknown Interface cur-version: 0x710001D12C [ID = 0x07b4542c]
  • Interface Changed: nn::hshl::IChargeSetterSession
    • Added: 4 - inbytes: 0x1, outbytes: 0x0
  • Interface Changed: nn::hshl::IManager
    • Changed: 9 - outinterfaces: ['0x71000182AC [ID = 0x5a340f8a]'] -> ['0x710001CE6C [ID = 0x5a340f8a]'] (final state: inbytes: 0x0, outbytes: 0x0, outinterfaces: ['0x710001CE6C [ID = 0x5a340f8a]'])
    • Added: 11 - inbytes: 0x0, outbytes: 0x0, outinterfaces: ['0x710001D12C [ID = 0x07b4542c]']
    • Added: 12 - inbytes: 0x0, outbytes: 0x1
  • Interface Changed: nn::hshl::ISetterManager
    • Added: 4 - inbytes: 0x0, outbytes: 0x0
    • Added: 5 - inbytes: 0x0, outbytes: 0x0
  • Interface Changed: nn::capsrv::sf::IAlbumAccessorService
    • Added: 141 - buffers: [0x6], inbytes: 0x0, outbytes: 0x4
    • Added: 151 - buffer_entry_sizes: [0x400], buffers: [0x16], inbytes: 0x18, outbytes: 0x40
    • Added: 160 - buffers: [0x6], inbytes: 0x20, outbytes: 0x8
  • Interface Changed: nn::capsrv::sf::IAlbumAccessorSession
    • Added: 5000 - inbytes: 0x8, outbytes: 0x8
  • Interface Changed: nn::capsrv::sf::IAlbumApplicationService
    • Added: 148 - buffer_entry_sizes: [0x20], buffers: [0x6], inbytes: 0x20, outbytes: 0x8, pid: True
  • Interface Changed: nn::capsrv::sf::IAlbumControlSession
    • Added: 2435 - inbytes: 0x10, outbytes: 0x0
    • Added: 5000 - inbytes: 0x8, outbytes: 0x8
  • Unknown Interface cur-version: 0x71000B9398 [ID = 0xb8f77e09]
  • Unknown Interface cur-version: 0x71000B9D70 [ID = 0x43c5fa77]
  • Unknown Interface cur-version: 0x71000B9A78 [ID = 0xb0c7a8a3]
  • Unknown Interface cur-version: 0x71000B90A8 [ID = 0x8db727a9]
  • Interface Changed: nn::am::service::IAppletCommonFunctions
    • Added: 82 - inbytes: 0x1, outbytes: 0x0
    • Added: 160 - inbytes: 0x0, outbytes: 0x0, outinterfaces: ['0x71000B90A8 [ID = 0x8db727a9]']
    • Added: 161 - inbytes: 0x0, outbytes: 0x0, outinterfaces: ['0x71000B9A78 [ID = 0xb0c7a8a3]']
  • Interface Changed: nn::am::service::IDebugFunctions
    • Added: 53 - inbytes: 0x8, outbytes: 0x8
    • Added: 410 - inbytes: 0x10, outbytes: 0x0
    • Added: 411 - buffers: [0x22], inbytes: 0x10, outbytes: 0x8
    • Added: 412 - buffers: [0x21], inbytes: 0x10, outbytes: 0x0
  • Interface Changed: nn::am::service::IOverlayFunctions
    • Added: 40 - buffers: [0x6], inbytes: 0x0, outbytes: 0x8
    • Added: 41 - buffers: [0x6], inbytes: 0x0, outbytes: 0x8
  • Interface Changed: nn::ssl::sf::ISslServiceForSystem
    • Added: 103 - buffers: [0x5, 0x5, 0x5], inbytes: 0x0, outbytes: 0x0
  • Interface Changed: nn::nim::detail::INetworkInstallManager
    • Added: 147 - buffer_entry_sizes: [0x8], buffers: [0x5], inbytes: 0x0, outbytes: 0x0, outhandles: [1], outinterfaces: ['nn::nim::detail::IAsyncResult']
    • Added: 148 - buffer_entry_sizes: [0x10], buffers: [0x5], inbytes: 0x0, outbytes: 0x0, outhandles: [1], outinterfaces: ['nn::nim::detail::IAsyncResult']
  • Interface Changed: nn::capsrv::sf::IScreenShotControlService
    • Added: 1100 - buffers: [0x45], inbytes: 0x28, outbytes: 0x0
    • Changed: 1106 - buffer_entry_sizes: [0x400, 0x404, 0x0, 0x0, 0x0] -> [0x400, 0x404, 0x88, 0x0, 0x0, 0x0], buffers: [0x15, 0x15, 0x6, 0x46, 0x46] -> [0x15, 0x15, 0x15, 0x6, 0x46, 0x46] (final state: buffer_entry_sizes: [0x400, 0x404, 0x88, 0x0, 0x0, 0x0], buffers: [0x15, 0x15, 0x15, 0x6, 0x46, 0x46], inbytes: 0x68, outbytes: 0x18)
    • Changed: 1107 - buffer_entry_sizes: [0x400, 0x404, 0x0, 0x0] -> [0x400, 0x404, 0x88, 0x0, 0x0], buffers: [0x15, 0x15, 0x6, 0x45] -> [0x15, 0x15, 0x15, 0x6, 0x45] (final state: buffer_entry_sizes: [0x400, 0x404, 0x88, 0x0, 0x0], buffers: [0x15, 0x15, 0x15, 0x6, 0x45], inbytes: 0x68, outbytes: 0x18)
    • Added: 1108 - buffer_entry_sizes: [0x400, 0x404, 0x88, 0x0], buffers: [0x15, 0x15, 0x15, 0x6], inbytes: 0x70, outbytes: 0x18
  • Interface Changed: nn::pctl::detail::ipc::IParentalControlService
    • Added: 1475 - inbytes: 0x0, outbytes: 0x0, outhandles: [1]
    • Added: 1954 - inbytes: 0x0, outbytes: 0x1
    • Added: 1955 - inbytes: 0x0, outbytes: 0x8
    • Added: 1956 - inbytes: 0x0, outbytes: 0x1
    • Added: 1957 - inbytes: 0x0, outbytes: 0x1
    • Added: 145601 - inbytes: 0x0, outbytes: 0x36
    • Added: 195101 - inbytes: 0x36, outbytes: 0x0
  • Unknown Interface cur-version: 0x71000913E4 [ID = 0x10763728]
  • Interface Changed: nn::npns::INotificationReceiver
    • Added: 5 - buffers: [0x9], inbytes: 0x0, outbytes: 0x0
  • Interface Changed: nn::npns::INpnsSystem
    • Added: 8 - buffers: [0x9], inbytes: 0x0, outbytes: 0x0
    • Removed: 13 - buffers: [0x9], inbytes: 0x0, outbytes: 0x1
    • Added: 14 - buffers: [0x9], inbytes: 0x8, outbytes: 0x0
    • Added: 15 - buffers: [0x9], inbytes: 0x8, outbytes: 0x0
    • Added: 16 - buffer_entry_sizes: [0x28], buffers: [0x6], inbytes: 0x8, outbytes: 0x4
    • Added: 28 - buffers: [0x9], inbytes: 0x10, outbytes: 0x28
    • Added: 29 - buffers: [0x9], inbytes: 0x10, outbytes: 0x0
    • Added: 37 - buffers: [0x5], inbytes: 0x10, outbytes: 0x0
    • Added: 51 - buffers: [0x9], inbytes: 0x0, outbytes: 0x0
    • Added: 106 - inbytes: 0x0, outbytes: 0x8
    • Added: 107 - inbytes: 0x8, outbytes: 0x0
    • Added: 156 - buffers: [0x9], inbytes: 0x10, outbytes: 0x0, outinterfaces: [None]
    • Added: 301 - buffers: [0xA], inbytes: 0x0, outbytes: 0x0
    • Added: 302 - buffer_entry_sizes: [0x10, 0x0], buffers: [0xA, 0xA], inbytes: 0x0, outbytes: 0x8
    • Added: 303 - buffer_entry_sizes: [0x138, 0x138], buffers: [0x6, 0x6], inbytes: 0x0, outbytes: 0x8
    • Added: 304 - inbytes: 0x0, outbytes: 0x50
    • Added: 305 - buffer_entry_sizes: [0x48], buffers: [0x6], inbytes: 0x4, outbytes: 0x8
    • Added: 306 - buffers: [0x6, 0x9], inbytes: 0x0, outbytes: 0x8
  • Interface Changed: nn::npns::INpnsUser
    • Added: 8 - buffers: [0x9], inbytes: 0x0, outbytes: 0x0
  • Interface Changed: nn::es::IActiveRightsContext
    • Changed: 901 - buffer_entry_sizes: [0x24] -> [0x2C] (final state: buffer_entry_sizes: [0x2C], buffers: [0x16], inbytes: 0x0, outbytes: 0x0)
  • Interface Changed: nn::es::IETicketService
    • Added: 101 - buffers: [0x5, 0x5], inbytes: 0x0, outbytes: 0x0
    • Added: 102 - inbytes: 0x0, outbytes: 0x0
    • Added: 103 - inbytes: 0x0, outbytes: 0x4
    • Added: 104 - buffer_entry_sizes: [0x10], buffers: [0x6], inbytes: 0x0, outbytes: 0x4
    • Added: 201 - buffers: [0x5, 0x5], inbytes: 0x0, outbytes: 0x0
    • Added: 202 - inbytes: 0x0, outbytes: 0x0
    • Added: 203 - inbytes: 0x0, outbytes: 0x4
    • Added: 204 - buffer_entry_sizes: [0x10], buffers: [0x6], inbytes: 0x0, outbytes: 0x4
    • Added: 1028 - buffers: [0x5], inbytes: 0x10, outbytes: 0x0
  • Interface Changed: nn::ndrm::low::detail::INdrmLowAdminInterface
    • Added: 46 - inbytes: 0x8, outbytes: 0x1
  • Interface Changed: nn::grcsrv::IGrcService
    • Changed: 1 - inbytes: 0x20 -> 0x28 (final state: inbytes: 0x28, inhandles: [1], outbytes: 0x0, outinterfaces: ['nn::grcsrv::IContinuousRecorder'])
    • Added: 10 - inbytes: 0x20, outbytes: 0x0, outinterfaces: ['nn::grcsrv::IContinuousRecorder']
  • Interface Removed: nn::jitsrv::IJitEnvironment
  • Interface Removed: nn::jitsrv::IJitService
  • Interface Added: nn::sf::hipc::detail::IHipcManager
  • Unknown Interface cur-version: 0x7100000680 [ID = 0x3d92e8a4]
  • Unknown Interface cur-version: 0x71000009C4 [ID = 0x2a4c2069]
  • Interface Changed: nn::capsrv::sf::IDecoderControlService
    • Added: 4002 - buffers: [0x46, 0x5], inbytes: 0x30, outbytes: 0x8
  • Unknown Interface cur-version: 0x710011CA80 [ID = 0x7e450fad]
  • Interface Changed: nn::spsm::detail::IPowerStateInterface
    • Added: 15 - inbytes: 0x4, outbytes: 0x0
    • Added: 16 - inbytes: 0x8, outbytes: 0x0
  • Unknown Interface cur-version: 0x7100021640 [ID = 0xd3808bc8]
  • Interface Changed: nn::fssrv::sf::IDeviceOperator
    • Added: 222 - buffers: [0x6], inbytes: 0x10, outbytes: 0x0
    • Added: 302 - inbytes: 0x4, outbytes: 0x0
  • Interface Changed: nn::fssrv::sf::IFileSystemProxy
    • Added: 1020 - inbytes: 0x0, outbytes: 0x0, outinterfaces: ['0x7100021640 [ID = 0xd3808bc8]']
    • Removed: 1100 - buffers: [0x5], inbytes: 0x0, outbytes: 0x0
    • Added: 1101 - buffers: [0x5], inbytes: 0x4, outbytes: 0x0
  • Interface Changed: nn::fssrv::sf::ISaveDataDivisionExporter
    • Removed: 70 - inbytes: 0x0, outbytes: 0x10
    • Added: 74 - buffers: [0x6], inbytes: 0x0, outbytes: 0x4
  • Interface Changed: nn::fssrv::sf::ISaveDataTransferManagerWithDivision
    • Added: 8 - inbytes: 0x4, outbytes: 0x0
    • Added: 9 - inbytes: 0x4, outbytes: 0x0
    • Removed: 64 - buffers: [0x5], inbytes: 0x18, outbytes: 0x0, outinterfaces: ['nn::fssrv::sf::ISaveDataDivisionImporter']
    • Removed: 65 - buffers: [0x5], inbytes: 0x10, outbytes: 0x0, outinterfaces: ['nn::fssrv::sf::ISaveDataDivisionImporter']
    • Removed: 66 - buffers: [0x5], inbytes: 0x10, outbytes: 0x0, outinterfaces: ['nn::fssrv::sf::ISaveDataDivisionImporter']
  • Interface Changed: nn::spl::detail::IEsInterface
    • Added: 33 - buffers: [0x9, 0x9, 0x9], inbytes: 0x4, outbytes: 0x10
  • Unknown Interface cur-version: 0x7100021290 [ID = 0xd3808bc8]
  • Interface Changed: nn::fssrv::sf::IDeviceOperator
    • Added: 222 - buffers: [0x6], inbytes: 0x10, outbytes: 0x0
    • Added: 302 - inbytes: 0x4, outbytes: 0x0
  • Interface Changed: nn::fssrv::sf::IFileSystemProxy
    • Added: 1020 - inbytes: 0x0, outbytes: 0x0, outinterfaces: ['0x7100021290 [ID = 0xd3808bc8]']
    • Removed: 1100 - buffers: [0x5], inbytes: 0x0, outbytes: 0x0
    • Added: 1101 - buffers: [0x5], inbytes: 0x4, outbytes: 0x0
  • Interface Changed: nn::fssrv::sf::ISaveDataDivisionExporter
    • Removed: 70 - inbytes: 0x0, outbytes: 0x10
    • Added: 74 - buffers: [0x6], inbytes: 0x0, outbytes: 0x4
  • Interface Changed: nn::fssrv::sf::ISaveDataTransferManagerWithDivision
    • Added: 8 - inbytes: 0x4, outbytes: 0x0
    • Added: 9 - inbytes: 0x4, outbytes: 0x0
    • Removed: 64 - buffers: [0x5], inbytes: 0x18, outbytes: 0x0, outinterfaces: ['nn::fssrv::sf::ISaveDataDivisionImporter']
    • Removed: 65 - buffers: [0x5], inbytes: 0x10, outbytes: 0x0, outinterfaces: ['nn::fssrv::sf::ISaveDataDivisionImporter']
    • Removed: 66 - buffers: [0x5], inbytes: 0x10, outbytes: 0x0, outinterfaces: ['nn::fssrv::sf::ISaveDataDivisionImporter']
  • Interface Changed: nn::clkrst::IClkrstSession
    • Added: 14 - inbytes: 0x0, outbytes: 0x0
    • Added: 15 - inbytes: 0x0, outbytes: 0x0
  • Interface Changed: nn::rtc::IRtcManager
    • Added: 12 - inbytes: 0x8, outbytes: 0x0
    • Added: 13 - inbytes: 0x8, outbytes: 0x0
  • Unknown Interface prev-version: 0x710001829C [ID = 0x5a340f8a]
  • Unknown Interface cur-version: 0x710001CE6C [ID = 0x5a340f8a]
  • Unknown Interface cur-version: 0x710001D12C [ID = 0x07b4542c]
  • Interface Changed: nn::hshl::IChargeSetterSession
    • Added: 4 - inbytes: 0x1, outbytes: 0x0
  • Interface Changed: nn::hshl::IManager
    • Changed: 9 - outinterfaces: ['0x710001829C [ID = 0x5a340f8a]'] -> ['0x710001CE6C [ID = 0x5a340f8a]'] (final state: inbytes: 0x0, outbytes: 0x0, outinterfaces: ['0x710001CE6C [ID = 0x5a340f8a]'])
    • Added: 11 - inbytes: 0x0, outbytes: 0x0, outinterfaces: ['0x710001D12C [ID = 0x07b4542c]']
    • Added: 12 - inbytes: 0x0, outbytes: 0x1
  • Interface Changed: nn::hshl::ISetterManager
    • Added: 4 - inbytes: 0x0, outbytes: 0x0
    • Added: 5 - inbytes: 0x0, outbytes: 0x0
  • Interface Changed: nn::spl::detail::IEsInterface
    • Added: 33 - buffers: [0x9, 0x9, 0x9], inbytes: 0x4, outbytes: 0x10
  • Unknown Interface cur-version: 0x7100021640 [ID = 0xd3808bc8]
  • Interface Changed: nn::fssrv::sf::IDeviceOperator
    • Added: 222 - buffers: [0x6], inbytes: 0x10, outbytes: 0x0
    • Added: 302 - inbytes: 0x4, outbytes: 0x0
  • Interface Changed: nn::fssrv::sf::IFileSystemProxy
    • Added: 1020 - inbytes: 0x0, outbytes: 0x0, outinterfaces: ['0x7100021640 [ID = 0xd3808bc8]']
    • Removed: 1100 - buffers: [0x5], inbytes: 0x0, outbytes: 0x0
    • Added: 1101 - buffers: [0x5], inbytes: 0x4, outbytes: 0x0
  • Interface Changed: nn::fssrv::sf::ISaveDataDivisionExporter
    • Removed: 70 - inbytes: 0x0, outbytes: 0x10
    • Added: 74 - buffers: [0x6], inbytes: 0x0, outbytes: 0x4
  • Interface Changed: nn::fssrv::sf::ISaveDataTransferManagerWithDivision
    • Added: 8 - inbytes: 0x4, outbytes: 0x0
    • Added: 9 - inbytes: 0x4, outbytes: 0x0
    • Removed: 64 - buffers: [0x5], inbytes: 0x18, outbytes: 0x0, outinterfaces: ['nn::fssrv::sf::ISaveDataDivisionImporter']
    • Removed: 65 - buffers: [0x5], inbytes: 0x10, outbytes: 0x0, outinterfaces: ['nn::fssrv::sf::ISaveDataDivisionImporter']
    • Removed: 66 - buffers: [0x5], inbytes: 0x10, outbytes: 0x0, outinterfaces: ['nn::fssrv::sf::ISaveDataDivisionImporter']
  • Interface Changed: nn::spl::detail::IEsInterface
    • Added: 33 - buffers: [0x9, 0x9, 0x9], inbytes: 0x4, outbytes: 0x10
  • Unknown Interface cur-version: 0x7100021290 [ID = 0xd3808bc8]
  • Interface Changed: nn::fssrv::sf::IDeviceOperator
    • Added: 222 - buffers: [0x6], inbytes: 0x10, outbytes: 0x0
    • Added: 302 - inbytes: 0x4, outbytes: 0x0
  • Interface Changed: nn::fssrv::sf::IFileSystemProxy
    • Added: 1020 - inbytes: 0x0, outbytes: 0x0, outinterfaces: ['0x7100021290 [ID = 0xd3808bc8]']
    • Removed: 1100 - buffers: [0x5], inbytes: 0x0, outbytes: 0x0
    • Added: 1101 - buffers: [0x5], inbytes: 0x4, outbytes: 0x0
  • Interface Changed: nn::fssrv::sf::ISaveDataDivisionExporter
    • Removed: 70 - inbytes: 0x0, outbytes: 0x10
    • Added: 74 - buffers: [0x6], inbytes: 0x0, outbytes: 0x4
  • Interface Changed: nn::fssrv::sf::ISaveDataTransferManagerWithDivision
    • Added: 8 - inbytes: 0x4, outbytes: 0x0
    • Added: 9 - inbytes: 0x4, outbytes: 0x0
    • Removed: 64 - buffers: [0x5], inbytes: 0x18, outbytes: 0x0, outinterfaces: ['nn::fssrv::sf::ISaveDataDivisionImporter']
    • Removed: 65 - buffers: [0x5], inbytes: 0x10, outbytes: 0x0, outinterfaces: ['nn::fssrv::sf::ISaveDataDivisionImporter']
    • Removed: 66 - buffers: [0x5], inbytes: 0x10, outbytes: 0x0, outinterfaces: ['nn::fssrv::sf::ISaveDataDivisionImporter']
  • Interface Changed: nn::clkrst::IClkrstSession
    • Added: 14 - inbytes: 0x0, outbytes: 0x0
    • Added: 15 - inbytes: 0x0, outbytes: 0x0
  • Interface Changed: nn::rtc::IRtcManager
    • Added: 12 - inbytes: 0x8, outbytes: 0x0
    • Added: 13 - inbytes: 0x8, outbytes: 0x0
  • Unknown Interface prev-version: 0x710001829C [ID = 0x5a340f8a]
  • Unknown Interface cur-version: 0x710001CE6C [ID = 0x5a340f8a]
  • Unknown Interface cur-version: 0x710001D12C [ID = 0x07b4542c]
  • Interface Changed: nn::hshl::IChargeSetterSession
    • Added: 4 - inbytes: 0x1, outbytes: 0x0
  • Interface Changed: nn::hshl::IManager
    • Changed: 9 - outinterfaces: ['0x710001829C [ID = 0x5a340f8a]'] -> ['0x710001CE6C [ID = 0x5a340f8a]'] (final state: inbytes: 0x0, outbytes: 0x0, outinterfaces: ['0x710001CE6C [ID = 0x5a340f8a]'])
    • Added: 11 - inbytes: 0x0, outbytes: 0x0, outinterfaces: ['0x710001D12C [ID = 0x07b4542c]']
    • Added: 12 - inbytes: 0x0, outbytes: 0x1
  • Interface Changed: nn::hshl::ISetterManager
    • Added: 4 - inbytes: 0x0, outbytes: 0x0
    • Added: 5 - inbytes: 0x0, outbytes: 0x0
  • Interface Changed: nn::spl::detail::IEsInterface
    • Added: 33 - buffers: [0x9, 0x9, 0x9], inbytes: 0x4, outbytes: 0x10

BootImagePackages

RomFs changes: all files updated.

Using updated master-key: master_key_11 (previously master_key_10). See NCA for the KeyGeneration listing.

Kernel

  • Compiler/libc was upgraded, this results in various minor optimizations throughout the whole kernel.
    • Many, many minor changes that this is almost certainly the cause for, e.g. KThread::SuspendRequest now calculates requested value as (0x10 << suspend_type) instead of (1 << (suspend_type + 4)).
    • Biggest one is that sp/lr are now much more commonly not saved to stack until actually needed, if a function has a return path which does not make calls/does not need lr/sp saved.
  • Initialize0 changes:
    • The physical base address of the kernel is now passed by KernelLdr for use during KernelSlab virtual memory region setup.
      • This replaces the previous call to KInitialPageTable::GetPhysicalAddress.
  • SVC-handler accesses to the thread local region's disable count now use userspace access instructions.
  • SvcSetHeapSize now only sets the output address on success.
    • This wasn't a vulnerability before, because prior to this the ABI meant userland would receive whatever was in the userland register at call time.
  • CreateProcessParameter now zeroes many fields before performing initialization.
  • New CreateProcessFlag 0x2000 is "EnableReservedRegionExtraSize", when set the reserved region size is increased by (AddressSpaceSize / 8).
    • Currently, CreateProcess will return svc::ResultInvalidState() unless all the following conditions are met:
      • Address space type must be 39-bit
      • System resource size must be > 0
      • KTargetSystem::IsDebugMode() must be true.
    • New InfoType (0x1C) "InfoType_ReservedRegionExtraSize" retrieves the extra size, which is a member of KPageTableBase.
    • Loader does not currently support passing this flag in any capacity yet.
    • nn::os::VammManager currently calculates the reserved region as [start, end - extra size], and will not map to the extra part of the region.
  • Various KPageTable(Base/Impl) changes:
    • InitializeForProcess now takes in the create process flags directly instead of parsing as a bunch of bools.
    • InitializeForProcess now performs much more complicated initialization/randomization of the four aslr'd regions, dividing them up before/after the process code using largest-region first selection for randomization order.
    • KPageTableImpl's traversal functions now take an additional output byte (which is also a new member at +0x11 in the traversal block and in KMemoryRange), this is always set to zero.
      • This byte is checked when traversing by ::Finalize and ::GetContiguousRangeWithMemoryState, but not other page table functions.
      • This byte is also stored as a new member of the memory range struct returned by GetContiguousRangeWithMemoryState
    • AllocateAndMapPagesImpl now takes in the page properties by reference instead of by value.
    • Read/WriteReadDebugIoMemory now use simpler logic for determining the current readable size.
  • The KMemoryBlock helper "ConvertToKMemoryPermission" was changed to only copy the user-write bit to KernelWrite.
    • This fixes a longstanding bug where the input was AND'd with KMemoryPermission_UserReadWrite, and these bits were then ORR'd into the final permission <<='d with KernelShift.
    • The intent here was to copy the user read/write permissions into the kernel read/write permissions, but KMemoryPermission_UserReadWrite is not bitmask 0x3, it's bitmask 0x1B (including the KernelRead/Write bits).
    • Thus, previously this would allow an input with KernelRead bit to spuriously set the NotMapped bit, and an input with KernelWrite bit to spuriously set the unused top bit.
    • This was unexploitable, except maybe for causing a kernel-mode access exception.
  • HandleException now handles EsrEc_DataAbortEl0 specially when determining the debug exception type.
    • When ESR_EL1.IFSC is 0b100001 ("Alignment Fault"), ExceptionType_UnalignedData is selected instead of ExceptionType_DataAbort.
  • KMemoryManager(Impl)/KPageHeap changes:
    • KPageHeap's heap_virtual_address member is now removed and is a part of KMemoryManagerImpl now (this is still unused in non-debug kernel).
    • KMemoryManager::AllocatePageGroup now takes a parameter for the required minimum alignment for the page group.
      • This is currently passed as 1 page (minimum alignment) at all callsites.
  • SecureMonitor access was refactored, actual smc invocation is now in its own helper separate from interrupt disable/enable (and helpers which invoke without interrupt disable now exist).

audio

Besides IPC changes, vulns were fixed.

jit

Symbols were stripped from the main-codebin.

See Also

System update report(s):


Nintendo Switch System Versions
1.0.0
2.0.02.1.02.2.02.3.0
3.0.03.0.13.0.2
4.0.04.0.14.1.0
5.0.05.0.15.0.25.1.0
6.0.06.0.16.1.06.2.0
7.0.07.0.1
8.0.08.0.18.1.08.1.1
9.0.09.0.19.1.09.2.0
10.0.010.0.110.0.210.0.310.0.410.1.010.1.110.2.0
11.0.011.0.1
12.0.012.0.112.0.212.0.312.1.0
13.0.013.1.013.2.013.2.1
14.0.014.1.014.1.114.1.2
15.0.015.0.1
16.0.016.0.116.0.216.0.316.1.0
17.0.017.0.1
18.0.018.0.1
Retrieved from "https://switchbrew.org/w/index.php?title=18.0.0&oldid=12726"