Difference between revisions of "BootConfig"
Jump to navigation
Jump to search
(Detail some config) |
|||
| Line 30: | Line 30: | ||
= Signed Config = | = Signed Config = | ||
| − | |||
| − | |||
| − | |||
{| class="wikitable" border="1" | {| class="wikitable" border="1" | ||
|- | |- | ||
| Line 39: | Line 36: | ||
! Description | ! Description | ||
|- | |- | ||
| + | | 0x0 | ||
| 0x8 | | 0x8 | ||
| − | | 0x1 | + | | |
| + | |- | ||
| + | | 0x8 | ||
| + | | 0x1 | ||
| Package2 Configuration. Bit 0 set means Package2 is stored unencrypted. Bit 1 set means Package2 is unsigned. | | Package2 Configuration. Bit 0 set means Package2 is stored unencrypted. Bit 1 set means Package2 is unsigned. | ||
| + | |- | ||
| + | | 0x9 | ||
| + | | 0x7 | ||
| + | | | ||
|- | |- | ||
| 0x10 | | 0x10 | ||
| Line 48: | Line 53: | ||
|- | |- | ||
| 0x20 | | 0x20 | ||
| − | | 0x1 | + | | 0x1 |
| [[Filesystem_services#SetEnabledProgramVerification|DisableProgramVerification]]. Controls the default value for how to check NCA signatures. | | [[Filesystem_services#SetEnabledProgramVerification|DisableProgramVerification]]. Controls the default value for how to check NCA signatures. | ||
| + | |- | ||
| + | | 0x21 | ||
| + | | 0xDF | ||
| + | | | ||
|} | |} | ||
= Unsigned Config = | = Unsigned Config = | ||
Revision as of 18:17, 16 February 2020
Installed into the first 0x4000 sector of the eMMC storage's BCPKG2 partitions, "BootConfig" contains data used to configure TrustZone/OS behaviors.
BootConfig is normally all-zero for retail units, however TrustZone additionally sets the loaded configuration to all-zero when running on a retail unit anyway.
Format
Despite having 0x4000 for storage, the actual loaded BootConfig is only 0x640 bytes, with the following format:
| Offset | Size | Description |
|---|---|---|
| 0x0 | 0x200 | Unsigned Configuration |
| 0x200 | 0x100 | RSA-PSS Signature |
| 0x300 | 0x100 | Signed Configuration |
| 0x400 | 0x240 | Reserved |
Signed Config
| Offset | Size | Description |
|---|---|---|
| 0x0 | 0x8 | |
| 0x8 | 0x1 | Package2 Configuration. Bit 0 set means Package2 is stored unencrypted. Bit 1 set means Package2 is unsigned. |
| 0x9 | 0x7 | |
| 0x10 | 0x10 | Hardware Info. Must match the Hardware Info read from fuses, or else the loaded Signed Config will be memset to 0 even if signed. This allows Nintendo to set signed configuration on a per-unit basis. |
| 0x20 | 0x1 | DisableProgramVerification. Controls the default value for how to check NCA signatures. |
| 0x21 | 0xDF |