Difference between revisions of "8.1.0"

From Nintendo Switch Brew
Jump to navigation Jump to search
(Created page with "The Switch 8.1.0 system update was released on June 17, 2019. This Switch update was released for the following regions: ALL. Security flaws fixed: <fill this in manually lat...")
 
 
(14 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 
The Switch 8.1.0 system update was released on June 17, 2019. This Switch update was released for the following regions: ALL.
 
The Switch 8.1.0 system update was released on June 17, 2019. This Switch update was released for the following regions: ALL.
  
Security flaws fixed: <fill this in manually later, see the updatedetails page from the ninupdates-report page(s) once available for now>.
+
Security flaws fixed: yes.
  
 
==Change-log==
 
==Change-log==
Line 7: Line 7:
 
* General system stability improvements to enhance the user's experience.
 
* General system stability improvements to enhance the user's experience.
 
*     
 
*     
 +
 +
==FIRM==
 +
All files in RomFS were updated.
 +
 +
====Package1ldr====
 +
package1ldr was updated. The TSEC secureboot firmware was updated.
 +
 +
====NX_BOOTLOADER====
 +
NX bootloader was updated.
 +
 +
<check back later for diff>
 +
 +
====Secure Monitor====
 +
The Secure Monitor was updated.
 +
 +
* The SE key read disable function no longer writes zero to AES_KEY_READ_DISABLE/RSA_KEY_READ_DISABLE.
 +
* Functions for locking/checking PMC secure scratch now have additional bitmasks 0x40/0x80 for locking more secure scratch registers.
 +
* NVDEC/TSECB access to the kernel carveout was removed.
 +
* On suspend (SC7 Entry), SWR_USBD_RST is now checked, and AHB arbitration disable is now checked to be COP, ARC, USB, USB2.
 +
** This further mitigates against Deja Vu.
 +
* TZ/SE context save logic has been changed.
 +
** The context save function now first generates 16 random bytes, and securely saves them to scratch (using the usual write-writelock-check-readlock-checklocked pattern).
 +
** It then generates a random aes-256 key, and derives an actual encryption/MAC key by decrypting the random data with that key.
 +
*** Previously, it generated a random aes-256 key and used it directly.
 +
*** This prevents attacks that might coerce the usage of a specific aes-256 key instead of a random one.
 +
** Calls into the check scratch locked/lock scratch function which previously passed one bitmask at a time now pass multiple
 +
*** Accordingly, the lock/check locked functions now support multiple bitmasks instead of single bitmasks at a time.
 +
* The function that initializes the SE/derives keys now sets flag 0x100 on AES keyslots 8-15, and RSA keyslots 0-1.
 +
 +
====Kernel====
 +
Kernel was not changed.
 +
 +
====Warmboot====
 +
* The firmware revision magic was changed from 0x129 to 0x14A.
 +
* Security Engine state validation was changed (first six keyslots now expected to read zeroes instead of FFs).
 +
* <check back for more diffs later>
 +
 +
====FIRM Sysmodules====
 +
FIRM sysmodules were updated. Specific diffs available below:
 +
 +
=====[[Boot]]=====
 +
Only GNU build hash was updated.
 +
 +
=====[[Filesystem services|FS]]=====
 +
Only GNU build hash was updated.
 +
 +
=====[[Loader services|Loader]]=====
 +
*ldr:pm->CreateProcess() now performs additional validation on the NPDM header.
 +
** When the title id is one of certain hardcoded titles, Loader now validates that the version field at NPDM header is non-zero. This prevents selectively downgrading those titles to versions vulnerable to known exploits.
 +
** The titles checked are:
 +
*** settings
 +
*** bus
 +
*** audio
 +
*** nvservices
 +
*** ns
 +
*** ssl
 +
*** es
 +
*** creport
 +
*** ro
 +
 +
=====[[NCM services|NCM]]=====
 +
Only GNU build hash was updated.
 +
 +
=====[[Process Manager services|PM]]=====
 +
Only GNU build hash was updated.
 +
 +
=====[[Services_API|SM]]=====
 +
SM was not updated.
 +
 +
=====[[SPL services|SPL]]=====
 +
SPL was not updated.
  
 
==System Titles==
 
==System Titles==
<fill this in (manually) later>
+
Updated titles:
 +
* Sysmodules:
 +
** settings Rebuilt.
 +
** bus Identical codebin.
 +
** bcat .text updated.
 +
** hid .text updated.
 +
** audio Identical codebin.
 +
** wlan .text updated.
 +
** nvservices Only GNU build hash was updated.
 +
** nvnflinger .text updated.
 +
** account .text updated.
 +
** ns .text updated.
 +
** am .text updated.
 +
** ssl Rebuilt.
 +
** vi .text updated.
 +
** es .text updated.
 +
** fatal .text updated.
 +
** creport Identical codebin.
 +
** ro Identical codebin.
 +
** grc .text updated.
 +
* ErrorMessage, BrowserDll, [[System_Version_Title]], FIRM, qlaunch, web-applets (main codebin rebuilt), and RebootlessSystemUpdateVersion.
 +
 
 +
No changes with IPC service commands.
 +
 
 +
Titles' RomFS changes, besides [[System_Version_Title]]:
 +
* ErrorMessage: Error 2124-4517 was updated with actual strings etc. "/2181/4017/common" and "/DatabaseInfo" were updated.
 +
* BrowserDll: the NROs and buildinfo were updated.
 +
* RebootlessSystemUpdateVersion: The "/version" file was updated.
 +
* qlaunch: "/lyt/Notification.szs" was updated.
 +
* Web-applets: "/buildinfo/buildinfo.dat" and "/.nrr/netfront.nrr" were updated.
 +
 
 +
==Keys==
 +
Keys were updated.
  
 
==See Also==
 
==See Also==
 
System update report(s):
 
System update report(s):
 
* [https://yls8.mtheall.com/ninupdates/reports.php?date=06-17-19_08-05-09&sys=hac]
 
* [https://yls8.mtheall.com/ninupdates/reports.php?date=06-17-19_08-05-09&sys=hac]
 +
 +
{{NavboxVersions}}
 +
 +
[[Category:System versions]]

Latest revision as of 11:52, 6 August 2019

The Switch 8.1.0 system update was released on June 17, 2019. This Switch update was released for the following regions: ALL.

Security flaws fixed: yes.

Change-log

Official ALL change-log:

  • General system stability improvements to enhance the user's experience.

FIRM

All files in RomFS were updated.

Package1ldr

package1ldr was updated. The TSEC secureboot firmware was updated.

NX_BOOTLOADER

NX bootloader was updated.

<check back later for diff>

Secure Monitor

The Secure Monitor was updated.

  • The SE key read disable function no longer writes zero to AES_KEY_READ_DISABLE/RSA_KEY_READ_DISABLE.
  • Functions for locking/checking PMC secure scratch now have additional bitmasks 0x40/0x80 for locking more secure scratch registers.
  • NVDEC/TSECB access to the kernel carveout was removed.
  • On suspend (SC7 Entry), SWR_USBD_RST is now checked, and AHB arbitration disable is now checked to be COP, ARC, USB, USB2.
    • This further mitigates against Deja Vu.
  • TZ/SE context save logic has been changed.
    • The context save function now first generates 16 random bytes, and securely saves them to scratch (using the usual write-writelock-check-readlock-checklocked pattern).
    • It then generates a random aes-256 key, and derives an actual encryption/MAC key by decrypting the random data with that key.
      • Previously, it generated a random aes-256 key and used it directly.
      • This prevents attacks that might coerce the usage of a specific aes-256 key instead of a random one.
    • Calls into the check scratch locked/lock scratch function which previously passed one bitmask at a time now pass multiple
      • Accordingly, the lock/check locked functions now support multiple bitmasks instead of single bitmasks at a time.
  • The function that initializes the SE/derives keys now sets flag 0x100 on AES keyslots 8-15, and RSA keyslots 0-1.

Kernel

Kernel was not changed.

Warmboot

  • The firmware revision magic was changed from 0x129 to 0x14A.
  • Security Engine state validation was changed (first six keyslots now expected to read zeroes instead of FFs).
  • <check back for more diffs later>

FIRM Sysmodules

FIRM sysmodules were updated. Specific diffs available below:

Boot

Only GNU build hash was updated.

FS

Only GNU build hash was updated.

Loader
  • ldr:pm->CreateProcess() now performs additional validation on the NPDM header.
    • When the title id is one of certain hardcoded titles, Loader now validates that the version field at NPDM header is non-zero. This prevents selectively downgrading those titles to versions vulnerable to known exploits.
    • The titles checked are:
      • settings
      • bus
      • audio
      • nvservices
      • ns
      • ssl
      • es
      • creport
      • ro
NCM

Only GNU build hash was updated.

PM

Only GNU build hash was updated.

SM

SM was not updated.

SPL

SPL was not updated.

System Titles

Updated titles:

  • Sysmodules:
    • settings Rebuilt.
    • bus Identical codebin.
    • bcat .text updated.
    • hid .text updated.
    • audio Identical codebin.
    • wlan .text updated.
    • nvservices Only GNU build hash was updated.
    • nvnflinger .text updated.
    • account .text updated.
    • ns .text updated.
    • am .text updated.
    • ssl Rebuilt.
    • vi .text updated.
    • es .text updated.
    • fatal .text updated.
    • creport Identical codebin.
    • ro Identical codebin.
    • grc .text updated.
  • ErrorMessage, BrowserDll, System_Version_Title, FIRM, qlaunch, web-applets (main codebin rebuilt), and RebootlessSystemUpdateVersion.

No changes with IPC service commands.

Titles' RomFS changes, besides System_Version_Title:

  • ErrorMessage: Error 2124-4517 was updated with actual strings etc. "/2181/4017/common" and "/DatabaseInfo" were updated.
  • BrowserDll: the NROs and buildinfo were updated.
  • RebootlessSystemUpdateVersion: The "/version" file was updated.
  • qlaunch: "/lyt/Notification.szs" was updated.
  • Web-applets: "/buildinfo/buildinfo.dat" and "/.nrr/netfront.nrr" were updated.

Keys

Keys were updated.

See Also

System update report(s):

Nintendo Switch System Versions
1.0.0
2.0.02.1.02.2.02.3.0
3.0.03.0.13.0.2
4.0.04.0.14.1.0
5.0.05.0.15.0.25.1.0
6.0.06.0.16.1.06.2.0
7.0.07.0.1
8.0.08.0.18.1.08.1.1
9.0.09.0.19.1.09.2.0
10.0.010.0.110.0.210.0.310.0.4