Secure Monitor: Difference between revisions
as seen on 5.0.1 kernel |
No edit summary |
||
(20 intermediate revisions by 4 users not shown) | |||
Line 25: | Line 25: | ||
== ID 0 == | == ID 0 == | ||
Functions exposed to user-mode processes using [[SVC|svcCallSecureMonitor]]. | Functions exposed to user-mode processes using [[SVC|svcCallSecureMonitor]]. SMCs should be called from CPUID 3 (where SPL runs). | ||
{| class=wikitable | {| class=wikitable | ||
Line 34: | Line 34: | ||
| 0xC3000002 || GetConfig (Same as ID 1, Sub-ID 4) || || | | 0xC3000002 || GetConfig (Same as ID 1, Sub-ID 4) || || | ||
|- | |- | ||
| 0xC3000003 || | | 0xC3000003 || GetResult || || | ||
|- | |- | ||
| 0xC3000404 || | | 0xC3000404 || GetResultData || || | ||
|- | |- | ||
| 0xC3000E05 || ExpMod || || | | 0xC3000E05 || ExpMod || || | ||
|- | |- | ||
| 0xC3000006 || | | 0xC3000006 || GenerateRandomBytes (Same as ID 1, Sub-ID 5) || || | ||
|- | |- | ||
| 0xC3000007 || [[#GenerateAesKek]] || || | | 0xC3000007 || [[#GenerateAesKek]] || || | ||
Line 46: | Line 46: | ||
| 0xC3000008 || [[#LoadAesKey]] || || | | 0xC3000008 || [[#LoadAesKey]] || || | ||
|- | |- | ||
| 0xC3000009 || [[# | | 0xC3000009 || [[#ComputeAes]] || || | ||
|- | |- | ||
| 0xC300000A || [[#GenerateSpecificAesKey]] || || | | 0xC300000A || [[#GenerateSpecificAesKey]] || || | ||
Line 52: | Line 52: | ||
| 0xC300040B || [[#ComputeCmac]] || || | | 0xC300040B || [[#ComputeCmac]] || || | ||
|- | |- | ||
| [1.0.0-4.1.0] 0xC300100C || [[# | | [1.0.0-4.1.0] 0xC300100C || [[#ImportEsKey]] || || | ||
|- | |- | ||
| [5.0.0+] 0xC300D60C || [[# | | [5.0.0+] 0xC300D60C || [[#ReEncryptRsaPrivateKey]] || || | ||
|- | |- | ||
| [1.0.0-4.1.0] 0xC300100D || [[#DecryptRsaPrivateKey]] || || | | [1.0.0-4.1.0] 0xC300100D || [[#DecryptRsaPrivateKey]] || || | ||
|- | |- | ||
| [5.0.0] 0xC300100D || [[# | | [5.0.0+] 0xC300100D || [[#DecryptOrImportRsaPrivateKey]] || || | ||
|- | |- | ||
| [1.0.0-4.1.0] 0xC300100E || [[# | | [1.0.0-4.1.0] 0xC300100E || [[#ImportLotusKey]] || || | ||
|- | |- | ||
| 0xC300060F || [[# | | 0xC300060F || [[#StorageExpMod]] || || | ||
|- | |- | ||
| 0xC3000610 || [[# | | 0xC3000610 || [[#UnwrapTitleKey]] || || | ||
|- | |- | ||
| 0xC3000011 || [[#LoadTitleKey]] || || | | 0xC3000011 || [[#LoadTitleKey]] || || | ||
|- | |- | ||
| 0xC3000012 || [2.0.0+] | | 0xC3000012 || [2.0.0+] [[#UnwrapCommonTitleKey]] || || | ||
|} | |} | ||
Line 80: | Line 80: | ||
** This means: Plaintext kek keys never leave TrustZone. | ** This means: Plaintext kek keys never leave TrustZone. | ||
** Further, this means: Actual AES/RSA keys never leave TrustZone. | ** Further, this means: Actual AES/RSA keys never leave TrustZone. | ||
=== GenerateAesKek === | === GenerateAesKek === | ||
Line 94: | Line 91: | ||
The session kek must have been created with [[#enum_CryptoUsecase|CryptoUsecase_Aes]]. | The session kek must have been created with [[#enum_CryptoUsecase|CryptoUsecase_Aes]]. | ||
=== | === ComputeAes === | ||
Encrypts/decrypts using | Encrypts/decrypts using AES (CTR and CBC). Takes an [[#enum_CipherMode]]. | ||
Key must be set prior using one of the [[#LoadAesKey]] | Key must be set prior using one of the [[#LoadAesKey]] or [[#GenerateSpecificAesKey]] commands. | ||
=== GenerateSpecificAesKey === | === GenerateSpecificAesKey === | ||
Takes a wrapped AES key and decrypts it using static data. | |||
=== | === ComputeCmac === | ||
Calculates CMAC over input data. | |||
=== ImportEsKey === | |||
Takes a session kek created with [[#GenerateAesKek]], a wrapped AES key, and a wrapped RSA private key. | Takes a session kek created with [[#GenerateAesKek]], a wrapped AES key, and a wrapped RSA private key. | ||
The session kek must have been created with [[#enum_CryptoUsecase| | The session kek must have been created with [[#enum_CryptoUsecase|CryptoUsecase_TitleKey]]. | ||
[5.0.0] This function was removed and replaced with [[#ReEncryptRsaPrivateKey]]. | |||
=== | === ReEncryptRsaPrivateKey === | ||
Takes in two session keks created with [[#GenerateAesKek]], two wrapped AES keys, an enum member, and a wrapped RSA private key. | Takes in two session keks created with [[#GenerateAesKek]], two wrapped AES keys, an enum member, and a wrapped RSA private key. | ||
Decrypts and validates the wrapped RSA private key with the first kek/wrapped key, and re-encrypts it with the second if valid. | Decrypts and validates the wrapped RSA private key with the first kek/wrapped key, and re-encrypts it with the second if valid. | ||
The re-encrypted key is then passed to the user, for use with [[# | The re-encrypted key is then passed to the user, for use with [[#DecryptOrImportRsaPrivateKey]]. | ||
=== DecryptRsaPrivateKey === | === DecryptRsaPrivateKey === | ||
Line 123: | Line 123: | ||
[4.0.0+] The SMC handler when certain conditions pass and SMC_ID==0xC300100D now returns error 0x6 instead of calling the handler funcptr. | [4.0.0+] The SMC handler when certain conditions pass and SMC_ID==0xC300100D now returns error 0x6 instead of calling the handler funcptr. | ||
[5.0.0+] This function was replaced by [[#DecryptOrImportRsaPrivateKey]]. | |||
This function replaced [[#DecryptRsaPrivateKey]] in [[5.0.0]], adding an additional | === DecryptOrImportRsaPrivateKey === | ||
This function replaced [[#DecryptRsaPrivateKey]] in [[5.0.0]], adding an additional [[#enum_DecryptOrImportMode]]. | |||
This SMC extends DecryptRsaPrivateKey's original functionality to enable importing private keys into the security engine instead of decrypting them, when certain enum members are passed. | This SMC extends DecryptRsaPrivateKey's original functionality to enable importing private keys into the security engine instead of decrypting them, when certain enum members are passed. | ||
=== | === ImportLotusKey === | ||
Takes a session kek created with [[#GenerateAesKek]], and a wrapped RSA key. | Takes a session kek created with [[#GenerateAesKek]], and a wrapped RSA key. | ||
The session kek must have been created with [[#enum_CryptoUsecase|CryptoUsecase_RsaSecureExpMod]]. | The session kek must have been created with [[#enum_CryptoUsecase|CryptoUsecase_RsaSecureExpMod]]. | ||
[5.0.0] This function was removed. | |||
=== SecureExpMod === | === SecureExpMod === | ||
Performs an | Performs an ExpMod operation using an exponent previously loaded with the [[#ImportLotusKey]] command. | ||
=== | [5.0.0+] This now uses any exponent previously loaded with [[#DecryptOrImportRsaPrivateKey]] and takes an [[#enum_SecureExpModMode]]. | ||
=== UnwrapTitleKey === | |||
Takes an Rsa-Oaep-wrapped TitleKey, an RSA Public Key, and a label hash. | Takes an Rsa-Oaep-wrapped TitleKey, an RSA Public Key, and a label hash. | ||
Performs an | Performs an ExpMod operation using an exponent previously loaded with the [[#ImportEsKey]] command, and then validates/extracts a Titlekey from the resulting message. | ||
Returns a session-unique AES key especially for use in [[#LoadTitleKey]]. | Returns a session-unique AES key especially for use in [[#LoadTitleKey]]. | ||
[5.0.0+] This now uses any exponent previously loaded with [[#DecryptOrImportRsaPrivateKey]]. | |||
=== LoadTitleKey === | === LoadTitleKey === | ||
Takes a session-unique AES key from [[# | Takes a session-unique AES key from [[#UnwrapCommonTitleKey]] or [[#UnwrapTitleKey]]. | ||
=== UnwrapCommonTitleKey === | |||
Takes an AES-wrapped TitleKey and returns a sealed AES key. | |||
=== enum CryptoUsecase === | === enum CryptoUsecase === | ||
Line 159: | Line 167: | ||
| 2 || CryptoUsecase_RsaSecureExpMod | | 2 || CryptoUsecase_RsaSecureExpMod | ||
|- | |- | ||
| 3 || | | 3 || CryptoUsecase_TitleKey | ||
|} | |||
Note: | |||
The [[#enum_CryptoUsecase|CryptoUsecase_TitleKey]] represents a RSA wrapped AES key. | |||
=== enum CipherMode === | |||
{| class=wikitable | |||
! Value || Name | |||
|- | |||
| 0 || CipherMode_CbcEncrypt | |||
|- | |||
| 1 || CipherMode_CbcDecrypt | |||
|- | |||
| 2 || CipherMode_Ctr | |||
|} | |||
=== enum DecryptOrImportMode === | |||
{| class=wikitable | |||
! Value || Name | |||
|- | |||
| 0 || DecryptOrImportMode_DecryptRsaPrivateKey | |||
|- | |||
| 1 || DecryptOrImportMode_ImportLotusKey | |||
|- | |||
| 2 || DecryptOrImportMode_ImportEsKey | |||
|- | |||
| 3 || DecryptOrImportMode_ImportSslKey | |||
|- | |||
| 4 || DecryptOrImportMode_ImportDrmKey | |||
|} | |||
=== enum SecureExpModMode === | |||
{| class=wikitable | |||
! Value || Name | |||
|- | |||
| 0 || SecureExpModMode_Lotus | |||
|- | |||
| 1 || SecureExpModMode_Ssl | |||
|- | |||
| 2 || SecureExpModMode_Drm | |||
|} | |} | ||
Line 176: | Line 224: | ||
| 0xC3000004 || [[#GetConfig]] (Same as ID 0, Sub-ID 2) || W1=config_item, X2,X3,X4,X5,X6,X7=0 || X0=result, X1,X2,X3,X4=config_val | | 0xC3000004 || [[#GetConfig]] (Same as ID 0, Sub-ID 2) || W1=config_item, X2,X3,X4,X5,X6,X7=0 || X0=result, X1,X2,X3,X4=config_val | ||
|- | |- | ||
| 0xC3000005 || [[# | | 0xC3000005 || [[#GenerateRandomBytes]] (Same as ID 0, Sub-ID 6) || X1=size, X2,X3,X4,X5,X6,X7=0 || X0=result, X1,X2,X3,X4,X5,X6,X7=rand_bytes | ||
|- | |- | ||
| 0xC3000006 || [[#Panic]] || W1=panic_color, X2,X3,X4,X5,X6,X7=0 || X0=result | | 0xC3000006 || [[#Panic]] || W1=panic_color, X2,X3,X4,X5,X6,X7=0 || X0=result | ||
Line 225: | Line 273: | ||
| 11 || [[#IsDebugMode]] | | 11 || [[#IsDebugMode]] | ||
|- | |- | ||
| 12 || [[# | | 12 || [[#KernelConfiguration]] | ||
|- | |- | ||
| 13 || [[#IsChargerHiZModeEnabled]] | | 13 || [[#IsChargerHiZModeEnabled]] | ||
Line 231: | Line 279: | ||
| 14 || [4.0.0+] [[#IsKiosk]] | | 14 || [4.0.0+] [[#IsKiosk]] | ||
|- | |- | ||
| 15 || [5.0.0+] [[# | | 15 || [5.0.0+] [[#RegulatorType]] | ||
|- | |- | ||
| 16 || [5.0.0+] [[# | | 16 || [5.0.0+] [[#KeyGeneration]] | ||
|- | |- | ||
| 17 || [5.0.0+] [[#Package2Hash]] | | 17 || [5.0.0+] [[#Package2Hash]] | ||
Line 265: | Line 313: | ||
|- | |- | ||
| 5 | | 5 | ||
| [ | | [4.0.0+] Reserved | ||
|- | |- | ||
| 6 | | 6 | ||
| [ | | [4.0.0+] Reserved | ||
|- | |- | ||
| 7 | | 7 | ||
| [5.0.0+] DramId_MarikoIowax1x2Samsung4gb | | [5.0.0+] DramId_MarikoIowax1x2Samsung4gb ([4.0.0-4.1.0] Reserved) | ||
|- | |- | ||
| 8 | | 8 | ||
Line 280: | Line 328: | ||
|- | |- | ||
| 10 | | 10 | ||
| [5.0.0 | | [6.0.0+] DramId_MarikoIowaHynix4gb ([5.0.0-5.1.0] Reserved) | ||
|- | |- | ||
| 11 | | 11 | ||
| [5.0.0 | | [7.0.0+] DramId_MarikoIowaMicron4gb ([5.0.0-6.2.0] Reserved) | ||
|- | |- | ||
| 12 | | 12 | ||
Line 290: | Line 338: | ||
| 13 | | 13 | ||
| [5.0.0+] DramId_MarikoHoagSamsung8gb | | [5.0.0+] DramId_MarikoHoagSamsung8gb | ||
|- | |||
| 14 | |||
| [7.0.0+] DramId_MarikoHoagHynix4gb ([5.0.0-6.2.0] Reserved) | |||
|- | |||
| 15 | |||
| [7.0.0+] DramId_MarikoHoagMicron4gb ([5.0.0-6.2.0] Reserved) | |||
|- | |||
| 16 | |||
| [8.0.0+] DramId_MarikoUnkSamsung4gb | |||
|} | |} | ||
[[PCV_services|PCV]] | [[PCV_services|PCV]] selects memory training tables based on DramId. | ||
{| class="wikitable" border="1" | {| class="wikitable" border="1" | ||
|- | |- | ||
! SoC | |||
! Platform | ! Platform | ||
! DramId | ! DramId | ||
! | ! Revision | ||
! DVFS version | |||
|- | |- | ||
| T210 | |||
| jetson-tx1 | | jetson-tx1 | ||
| N/A | | N/A | ||
| 11_40800_01_V9.8.3_V1.6 | | 0x07 | ||
| | |||
11_40800_01_V9.8.3_V1.6 | |||
11_68000_01_V9.8.3_V1.6 | |||
11_102000_01_V9.8.3_V1.6 | |||
11_204000_05_V9.8.3_V1.6 | |||
11_408000_02_V9.8.3_V1.6 | |||
11_665600_03_V9.8.3_V1.6 | |||
11_800000_01_V9.8.3_V1.6 | |||
11_1065600_01_V9.8.3_V1.6 | |||
11_1331200_01_V9.8.3_V1.6 | |||
11_1600000_02_V9.8.3_V1.6 | |||
|- | |- | ||
| T210 | |||
| nx-abcb | | nx-abcb | ||
| EristaIcosaSamsung4gb | | EristaIcosaSamsung4gb | ||
| 10_40800_NoCfgVersion_V9.8.7_V1.6 | | 0x07 | ||
| | |||
10_40800_NoCfgVersion_V9.8.7_V1.6 | |||
10_68000_NoCfgVersion_V9.8.7_V1.6 | |||
10_102000_NoCfgVersion_V9.8.7_V1.6 | |||
10_204000_NoCfgVersion_V9.8.7_V1.6 | |||
10_408000_NoCfgVersion_V9.8.7_V1.6 | |||
10_665600_NoCfgVersion_V9.8.7_V1.6 | |||
10_800000_NoCfgVersion_V9.8.7_V1.6 | |||
10_1065600_NoCfgVersion_V9.8.7_V1.6 | |||
10_1331200_NoCfgVersion_V9.8.7_V1.6 | |||
10_1600000_NoCfgVersion_V9.8.7_V1.6 | |||
|- | |- | ||
| T210 | |||
| nx-abcb | | nx-abcb | ||
| EristaIcosaMicron4gb | | EristaIcosaMicron4gb | ||
| 10_40800_NoCfgVersion_V9.8.4_V1.6 | | 0x07 | ||
| | |||
10_40800_NoCfgVersion_V9.8.4_V1.6 | |||
10_68000_NoCfgVersion_V9.8.4_V1.6 | |||
10_102000_NoCfgVersion_V9.8.4_V1.6 | |||
10_204000_NoCfgVersion_V9.8.4_V1.6 | |||
10_408000_NoCfgVersion_V9.8.4_V1.6 | |||
10_665600_NoCfgVersion_V9.8.4_V1.6 | |||
10_800000_NoCfgVersion_V9.8.4_V1.6 | |||
10_1065600_NoCfgVersion_V9.8.4_V1.6 | |||
10_1331200_NoCfgVersion_V9.8.4_V1.6 | |||
10_1600000_NoCfgVersion_V9.8.4_V1.6 | |||
|- | |- | ||
| T210 | |||
| nx-abcb | | nx-abcb | ||
| EristaIcosaHynix4gb | | EristaIcosaHynix4gb | ||
| 10_40800_NoCfgVersion_V9.8.4_V1.6 | | 0x07 | ||
| | |||
10_40800_NoCfgVersion_V9.8.4_V1.6 | |||
10_68000_NoCfgVersion_V9.8.4_V1.6 | |||
10_102000_NoCfgVersion_V9.8.4_V1.6 | |||
10_204000_NoCfgVersion_V9.8.4_V1.6 | |||
10_408000_NoCfgVersion_V9.8.4_V1.6 | |||
10_665600_NoCfgVersion_V9.8.4_V1.6 | |||
10_800000_NoCfgVersion_V9.8.4_V1.6 | |||
10_1065600_NoCfgVersion_V9.8.4_V1.6 | |||
10_1331200_NoCfgVersion_V9.8.4_V1.6 | |||
10_1600000_NoCfgVersion_V9.8.4_V1.6 | |||
|- | |- | ||
| T210 | |||
| nx-abca2 | | nx-abca2 | ||
| EristaIcosaSamsung4gb | | EristaIcosaSamsung4gb, EristaIcosaMicron4gb | ||
| 10_40800_NoCfgVersion_V9.8.7_V1.6 | | 0x07 | ||
| | |||
10_40800_NoCfgVersion_V9.8.7_V1.6 | |||
10_68000_NoCfgVersion_V9.8.7_V1.6 | |||
10_102000_NoCfgVersion_V9.8.7_V1.6 | |||
10_204000_NoCfgVersion_V9.8.7_V1.6 | |||
10_408000_NoCfgVersion_V9.8.7_V1.6 | |||
10_665600_NoCfgVersion_V9.8.7_V1.6 | |||
10_800000_NoCfgVersion_V9.8.7_V1.6 | |||
10_1065600_NoCfgVersion_V9.8.7_V1.6 | |||
10_1331200_NoCfgVersion_V9.8.7_V1.6 | |||
10_1600000_NoCfgVersion_V9.8.7_V1.6 | |||
|- | |- | ||
| T210 | |||
| nx-abca2 | | nx-abca2 | ||
| EristaIcosaHynix4gb | | EristaIcosaHynix4gb | ||
| 10_40800_NoCfgVersion_V9.8.7_V1.6 | | 0x07 | ||
| | |||
10_40800_NoCfgVersion_V9.8.7_V1.6 | |||
10_68000_NoCfgVersion_V9.8.7_V1.6 | |||
10_102000_NoCfgVersion_V9.8.7_V1.6 | |||
10_204000_NoCfgVersion_V9.8.7_V1.6 | |||
10_408000_NoCfgVersion_V9.8.7_V1.6 | |||
10_665600_NoCfgVersion_V9.8.7_V1.6 | |||
10_800000_NoCfgVersion_V9.8.7_V1.6 | |||
10_1065600_NoCfgVersion_V9.8.7_V1.6 | |||
10_1331200_NoCfgVersion_V9.8.7_V1.6 | |||
10_1600000_NoCfgVersion_V9.8.7_V1.6 | |||
|- | |- | ||
| T210 | |||
| nx-abca2 | | nx-abca2 | ||
| EristaIcosaSamsung6gb | | EristaIcosaSamsung6gb | ||
| 10_40800_NoCfgVersion_V9.8.7_V1.6 | | 0x07 | ||
| | |||
10_40800_NoCfgVersion_V9.8.7_V1.6 | |||
10_68000_NoCfgVersion_V9.8.7_V1.6 | |||
10_102000_NoCfgVersion_V9.8.7_V1.6 | |||
10_204000_NoCfgVersion_V9.8.7_V1.6 | |||
10_408000_NoCfgVersion_V9.8.7_V1.6 | |||
10_665600_NoCfgVersion_V9.8.7_V1.6 | |||
10_800000_NoCfgVersion_V9.8.7_V1.6 | |||
10_1065600_NoCfgVersion_V9.8.7_V1.6 | |||
10_1331200_NoCfgVersion_V9.8.7_V1.6 | |||
10_1600000_NoCfgVersion_V9.8.7_V1.6 | |||
|- | |- | ||
| nx-abca2 | | T214 | ||
| nx-abca2, nx-abcb, nx-abcc | |||
| MarikoIowax1x2Samsung4gb | | MarikoIowax1x2Samsung4gb | ||
| 01_204000_NoCfgVersion_V0.3.1_V2.0 | | 0x03 | ||
| | |||
01_204000_NoCfgVersion_V0.3.1_V2.0 | |||
01_1331200.0_NoCfgVersion_V0.3.1_V2.0 | |||
01_1600000_NoCfgVersion_V0.3.1_V2.0 | |||
|- | |||
| T214 | |||
| nx-abca2, nx-abcb, nx-abcc | |||
| MarikoIowaSamsung4gb, MarikoHoagSamsung4gb | |||
| 0x03 | |||
| | |||
01_204000_NoCfgVersion_V0.3.1_V2.0 | |||
01_1331200.0_NoCfgVersion_V0.3.1_V2.0 | |||
01_1600000_NoCfgVersion_V0.3.1_V2.0 | |||
|- | |||
| T214 | |||
| nx-abca2, nx-abcb, nx-abcc | |||
| MarikoIowaSamsung8gb, MarikoHoagSamsung8gb | |||
| 0x03 | |||
| | |||
01_204000_NoCfgVersion_V0.4.2_V2.0 | |||
01_1331200.0_NoCfgVersion_V0.4.2_V2.0 | |||
01_1600000_NoCfgVersion_V0.4.2_V2.0 | |||
|- | |||
| T214 | |||
| nx-abca2, nx-abcb, nx-abcc | |||
| MarikoIowaHynix4gb, MarikoHoagHynix4gb | |||
| 0x03 | |||
| | |||
01_204000_NoCfgVersion_V0.3.1_V2.0 | |||
01_1331200.0_NoCfgVersion_V0.3.1_V2.0 | |||
01_1600000_NoCfgVersion_V0.3.1_V2.0 | |||
|- | |- | ||
| nx-abca2 | | T214 | ||
| | | nx-abca2, nx-abcb, nx-abcc | ||
| 01_204000_NoCfgVersion_V0. | | MarikoIowaMicron4gb, MarikoHoagMicron4gb | ||
| 0x03 | |||
| | |||
01_204000_NoCfgVersion_V0.4.2_V2.0 | |||
01_1331200.0_NoCfgVersion_V0.4.2_V2.0 | |||
01_1600000_NoCfgVersion_V0.4.2_V2.0 | |||
|- | |- | ||
| nx-abca2 | | T214 | ||
| | | nx-abca2, nx-abcb, nx-abcc | ||
| 01_204000_NoCfgVersion_V0.4.2_V2.0 | | MarikoUnkSamsung4gb | ||
| 0x03 | |||
| | |||
01_204000_NoCfgVersion_V0.4.2_V2.0 | |||
01_1331200.0_NoCfgVersion_V0.4.2_V2.0 | |||
01_1600000_NoCfgVersion_V0.4.2_V2.0 | |||
|} | |} | ||
nx-abcb (Copper) is the SDEV unit. Among other differences, this has extra hardware to support HDMI output. | '''nx-abca2''' ('''Icosa''' or '''Hoag''' in '''Erista''', '''Iowa''' or '''Hoag''' in '''Mariko''') hardware types are variations of the retail and EDEV form factors. | ||
'''nx-abcb''' ('''Copper''') is the SDEV unit. Among other differences, this has extra hardware to support HDMI output. | |||
[8.0.0+] '''nx-abcc''' was added for '''Mariko'''. | |||
'''Erista''' memory is LPDDR4, while '''Mariko''' memory is LPDDR4X. | |||
==== SecurityEngineIrqNumber ==== | ==== SecurityEngineIrqNumber ==== | ||
Line 351: | Line 540: | ||
==== HardwareType ==== | ==== HardwareType ==== | ||
[1.0.0+] This item is obtained by checking bits 8 and 2 from [[Fuse_registers#FUSE_RESERVED_ODM4|FUSE_RESERVED_ODM4]]. It can be 0 (Icosa), 1 (Copper) or 3 (Invalid). | [1.0.0+] This item is obtained by checking bits 8 and 2 from [[Fuse_registers#FUSE_RESERVED_ODM4|FUSE_RESERVED_ODM4]]. It can be 0 (Icosa), 1 (Copper), 2 (Hoag) or 3 (Invalid). | ||
[4.0.0+] This item is obtained by checking bits 8, 2 and 16-19 from [[Fuse_registers#FUSE_RESERVED_ODM4|FUSE_RESERVED_ODM4]]. It can be 0 (Icosa), 1 (Copper), 2 (Hoag), 3 (Iowa) or 4 (Invalid). | |||
[ | [7.0.0+] This item no longer depends on fuses and can only be 0 (Icosa) or 0xF (Invalid) in retail units. | ||
[8.0.0+] This item can be 0 (Icosa), 1 (Copper), 2 (Hoag), 3 (Iowa), 4 (Calcio) or 5 (Invalid). It still can only be 0 (Icosa) or 0xF (Invalid) in retail units. | |||
==== IsRetail ==== | ==== IsRetail ==== | ||
Line 362: | Line 553: | ||
==== IsRecoveryBoot ==== | ==== IsRecoveryBoot ==== | ||
Used to determine if the system is booting from SafeMode firmware. | Used to determine if the system is booting from SafeMode firmware. | ||
Under normal circumstances, this just returns bit 0 of the active [[BCT#bootloader0_info|bootloader info]]'s attribute field. | |||
==== DeviceId ==== | ==== DeviceId ==== | ||
Line 368: | Line 561: | ||
==== BootReason ==== | ==== BootReason ==== | ||
Used to determine how the system booted. | Used to determine how the system booted. | ||
{| class=wikitable | |||
! Value || Description | |||
|- | |||
| 0 || Invalid | |||
|- | |||
| 1 || AcOk | |||
|- | |||
| 2 || OnKey | |||
|- | |||
| 3 || RtcAlarm1 | |||
|- | |||
| 4 || RtcAlarm2 | |||
|} | |||
==== MemoryArrange ==== | ==== MemoryArrange ==== | ||
Line 381: | Line 588: | ||
The value of this field is loaded from [[BootConfig]] unsigned-config+0x10 u8 bit1. | The value of this field is loaded from [[BootConfig]] unsigned-config+0x10 u8 bit1. | ||
==== | ==== KernelConfiguration ==== | ||
Kernel reads this when setting up memory-related code. | Kernel reads this when setting up memory-related code. | ||
Bit 0 is a boolean determining whether kernel should it will memset various allocated memory-regions with 0x58, 0x59, 0x5A ('X', 'Y', 'Z') instead of zero. This allows Nintendo devs to find uninitialized memory bugs. | |||
Bit 1 is a boolean determining whether kernel should forcefully enable usermode exception handlers (when false, only certain aborts (((1LL << (esr >> 26)) & 0x1115804400224001) == 0, typically data/prefetch aborts) that occur when the faulting address is in a readable region with MemoryType_CodeStatic will trigger usermode exception handlers). | |||
Bit 2 is a boolean determining whether kernel should enable usermode access to the Performance Monitors (whether PMUSERENR_EL0 should be 1 or 0). | |||
[8.0.0+] Bit 3 is a boolean determining whether the kernldr should allocate 0x68000 extra bytes before INI1 data | |||
Bits 8-15 are a boolean determining whether kernel should call smcPanic on error instead of infinite-looping. | |||
Bits 16-17 determine how much memory is available. 00/03 = 4 GB, 01 = 6 GB, 02 = 8 GB. | |||
==== IsChargerHiZModeEnabled ==== | ==== IsChargerHiZModeEnabled ==== | ||
This tells if the TI Charger (bq24192) is active. | This tells if the TI Charger (bq24192) is active. | ||
==== | ==== KeyGeneration ==== | ||
This item is obtained from [[Fuse_registers#FUSE_RESERVED_ODM2|FUSE_RESERVED_ODM2]] if bit 11 from [[Fuse_registers#FUSE_RESERVED_ODM4|FUSE_RESERVED_ODM4]] is set, [[Fuse_registers#FUSE_RESERVED_ODM0|FUSE_RESERVED_ODM0]] matches 0x8E61ECAE and [[Fuse_registers#FUSE_RESERVED_ODM1|FUSE_RESERVED_ODM1]] matches 0xF2BA3BB2. | This item is obtained from [[Fuse_registers#FUSE_RESERVED_ODM2|FUSE_RESERVED_ODM2]] if bit 11 from [[Fuse_registers#FUSE_RESERVED_ODM4|FUSE_RESERVED_ODM4]] is set, [[Fuse_registers#FUSE_RESERVED_ODM0|FUSE_RESERVED_ODM0]] matches 0x8E61ECAE and [[Fuse_registers#FUSE_RESERVED_ODM1|FUSE_RESERVED_ODM1]] matches 0xF2BA3BB2. | ||
Line 400: | Line 616: | ||
[4.0.0+] [[Settings_services|Settings]] uses this value to overwrite the quest flag from [[Settings_services#set:sys|GetQuestFlag]]. This is used to detect if a Switch is a kiosk unit for display at retail stores. | [4.0.0+] [[Settings_services|Settings]] uses this value to overwrite the quest flag from [[Settings_services#set:sys|GetQuestFlag]]. This is used to detect if a Switch is a kiosk unit for display at retail stores. | ||
==== | ==== RegulatorType ==== | ||
This item is currently hardcoded to 0. | This item is currently hardcoded to 0. | ||
[5.0.0+] [[PCV_services|PCV]] | [5.0.0+] [[PCV_services|PCV]] uses this value in combination with [[#HardwareType|HardwareType]] to configure power blocks and memory tables for different hardware. | ||
{| class="wikitable" border="1" | {| class="wikitable" border="1" | ||
|- | |- | ||
! Value | ! Value | ||
! | ! SoC | ||
! GPU | |||
! Power Blocks | |||
|- | |- | ||
| 0 | | 0 | ||
| T210 | |||
| GM20B (0x12B) | |||
| max77620_sd0, max77621_cpu and max77621_gpu | | max77620_sd0, max77621_cpu and max77621_gpu | ||
|- | |- | ||
| 1 | | 1 | ||
| T214 | |||
| GM20B_B (0x12E) | |||
| max77620_sd0, max77812_cpu and max77812_gpu | | max77620_sd0, max77812_cpu and max77812_gpu | ||
|- | |- | ||
| 2 | | 2 | ||
| T214 | |||
| GM20B_B (0x12E) | |||
| max77620_sd0, max77812_cpu and max77812_gpu | | max77620_sd0, max77812_cpu and max77812_gpu | ||
|} | |} | ||
Line 422: | Line 646: | ||
This is a SHA-256 hash calculated over the [[Package2|package2]] image. Since the hash calculation is an optional step in pkg2ldr, this item is only valid in recovery mode. Otherwise, an error is returned instead. | This is a SHA-256 hash calculated over the [[Package2|package2]] image. Since the hash calculation is an optional step in pkg2ldr, this item is only valid in recovery mode. Otherwise, an error is returned instead. | ||
=== | === GenerateRandomBytes === | ||
Takes a '''size''' and returns '''rand_bytes'''. | Takes a '''size''' and returns '''rand_bytes'''. | ||
Line 448: | Line 672: | ||
! Value || Description | ! Value || Description | ||
|- | |- | ||
| 2 || Invalid | | 0 || Success | ||
|- | |||
| 1 || Not implemented | |||
|- | |||
| 2 || Invalid argument | |||
|- | |||
| 3 || In progress | |||
|- | |||
| 4 || No async operation | |||
|- | |||
| 5 || Invalid async operation | |||
|- | |- | ||
| | | [8.0.0+] 6 || Blacklisted | ||
|} | |} |