Changes

Secure Monitor (view source)

Revision as of 18:37, 11 July 2019

6,233 bytes added , 18:37, 11 July 2019

no edit summary

Line 25: Line 25:

== ID 0 ==

−

Functions exposed to user-mode processes using [[SVC|svcCallSecureMonitor]].

+

Functions exposed to user-mode processes using [[SVC|svcCallSecureMonitor]]. SMCs should be called from CPUID 3 (where SPL runs).

{| class=wikitable

Line 34: Line 34:

| 0xC3000002 || GetConfig (Same as ID 1, Sub-ID 4) || ||

|-

−

| 0xC3000003 || ~~CheckStatus~~ || ||

+

| 0xC3000003 || GetResult || ||

|-

−

| 0xC3000404 || ~~GetResult~~ || ||

+

| 0xC3000404 || GetResultData || ||

|-

| 0xC3000E05 || ExpMod || ||

|-

−

| 0xC3000006 || ~~GetRandomBytes~~ (Same as ID 1, Sub-ID 5) || ||

+

| 0xC3000006 || GenerateRandomBytes (Same as ID 1, Sub-ID 5) || ||

|-

| 0xC3000007 || [[#GenerateAesKek]] || ||

Line 46: Line 46:

| 0xC3000008 || [[#LoadAesKey]] || ||

|-

−

| 0xC3000009 || [[#~~CryptAes~~]] || ||

+

| 0xC3000009 || [[#ComputeAes]] || ||

|-

| 0xC300000A || [[#GenerateSpecificAesKey]] || ||

Line 52: Line 52:

| 0xC300040B || [[#ComputeCmac]] || ||

|-

−

| [1.0.0-4.1.0] 0xC300100C || [[#~~LoadRsaOaepKey~~]] || ||

+

| [1.0.0-4.1.0] 0xC300100C || [[#ImportEsKey]] || ||

|-

−

| [5.0.0+] 0xC300D60C || [[#~~EncryptRsaKeyForImport~~]] || ||

+

| [5.0.0+] 0xC300D60C || [[#ReEncryptRsaPrivateKey]] || ||

|-

| [1.0.0-4.1.0] 0xC300100D || [[#DecryptRsaPrivateKey]] || ||

|-

−

| [5.0.0] 0xC300100D || [[#~~DecryptOrImportRsaKey~~]] || ||

+

| [5.0.0+] 0xC300100D || [[#DecryptOrImportRsaPrivateKey]] || ||

|-

−

| [1.0.0-4.1.0] 0xC300100E || [[#~~LoadSecureExpModKey~~]] || ||

+

| [1.0.0-4.1.0] 0xC300100E || [[#ImportLotusKey]] || ||

|-

−

| 0xC300060F || [[#~~SecureExpMod~~]] || ||

+

| 0xC300060F || [[#StorageExpMod]] || ||

|-

−

| 0xC3000610 || [[#~~UnwrapRsaOaepWrappedTitleKey~~]] || ||

+

| 0xC3000610 || [[#UnwrapTitleKey]] || ||

|-

| 0xC3000011 || [[#LoadTitleKey]] || ||

|-

−

| 0xC3000012 || [2.0.0+] ~~UnwrapAesWrappedTitleKey~~ || ||

+

| 0xC3000012 || [2.0.0+] [[#UnwrapCommonTitleKey]] || ||

|}

Line 80: Line 80:

** This means: Plaintext kek keys never leave TrustZone.

** Further, this means: Actual AES/RSA keys never leave TrustZone.

−

~~Note:~~

−

~~The [[#enum_CryptoUsecase|CryptoUsecase_TitleKey]] represents a RSA wrapped AES key.~~

=== GenerateAesKek ===

Line 94: Line 91:

The session kek must have been created with [[#enum_CryptoUsecase|CryptoUsecase_Aes]].

−

=== ~~CryptAes~~ ===

+

=== ComputeAes ===

−

Encrypts/decrypts using ~~Aes~~ (CTR and CBC).

+

Encrypts/decrypts using AES (CTR and CBC). Takes an [[#enum_CipherMode]].

−

Key must be set prior using one of the [[#LoadAesKey]], [[#GenerateSpecificAesKey~~]] or [[#LoadRsaWrappedAesKey~~]] commands.

+

Key must be set prior using one of the [[#LoadAesKey]] or [[#GenerateSpecificAesKey]] commands.

=== GenerateSpecificAesKey ===

−

~~Todo: This one seems unrelated to [[#enum_CryptoUsecase]]~~.

+

Takes a wrapped AES key and decrypts it using static data.

−

=== ~~LoadRsaOaepKey~~ ===

+

=== ComputeCmac ===

+

Calculates CMAC over input data.

+

=== ImportEsKey ===

Takes a session kek created with [[#GenerateAesKek]], a wrapped AES key, and a wrapped RSA private key.

−

The session kek must have been created with [[#enum_CryptoUsecase|~~CryptoUsecase_RsaOaep~~]].

+

The session kek must have been created with [[#enum_CryptoUsecase|CryptoUsecase_TitleKey]].

−

~~This function was removed in [~~[5.0.0]], and replaced with [[#~~EncryptRsaKeyForImport~~]].

+

[5.0.0] This function was removed and replaced with [[#ReEncryptRsaPrivateKey]].

−

=== ~~EncryptRsaKeyForImport~~ ===

+

=== ReEncryptRsaPrivateKey ===

Takes in two session keks created with [[#GenerateAesKek]], two wrapped AES keys, an enum member, and a wrapped RSA private key.

Decrypts and validates the wrapped RSA private key with the first kek/wrapped key, and re-encrypts it with the second if valid.

−

The re-encrypted key is then passed to the user, for use with [[#~~DecryptOrImportRsaKey~~]].

+

The re-encrypted key is then passed to the user, for use with [[#DecryptOrImportRsaPrivateKey]].

=== DecryptRsaPrivateKey ===

Line 123: Line 123:

[4.0.0+] The SMC handler when certain conditions pass and SMC_ID==0xC300100D now returns error 0x6 instead of calling the handler funcptr.

−

~~=== DecryptOrImportRsaKey ===~~

+

[5.0.0+] This function was replaced by [[#DecryptOrImportRsaPrivateKey]].

−

This function replaced [[#DecryptRsaPrivateKey]] in [[5.0.0]], adding an additional ~~enum member argument~~.

+

=== DecryptOrImportRsaPrivateKey ===

+

This function replaced [[#DecryptRsaPrivateKey]] in [[5.0.0]], adding an additional [[#enum_DecryptOrImportMode]].

This SMC extends DecryptRsaPrivateKey's original functionality to enable importing private keys into the security engine instead of decrypting them, when certain enum members are passed.

−

=== ~~LoadSecureExpModKey~~ ===

+

=== ImportLotusKey ===

Takes a session kek created with [[#GenerateAesKek]], and a wrapped RSA key.

The session kek must have been created with [[#enum_CryptoUsecase|CryptoUsecase_RsaSecureExpMod]].

−

~~This function was removed in [~~[5.0.0]~~], and replaced with [[#EncryptRsaKeyForImport]]~~.

+

[5.0.0] This function was removed.

=== SecureExpMod ===

−

Performs an ~~Exp Mod~~ operation using an exponent previously loaded with the [[#~~LoadSecureExpModKey~~]] command.

+

Performs an ExpMod operation using an exponent previously loaded with the [[#ImportLotusKey]] command.

−

=== ~~UnwrapRsaOaepWrappedTitleKey~~ ===

+

[5.0.0+] This now uses any exponent previously loaded with [[#DecryptOrImportRsaPrivateKey]] and takes an [[#enum_SecureExpModMode]].

+

=== UnwrapTitleKey ===

Takes an Rsa-Oaep-wrapped TitleKey, an RSA Public Key, and a label hash.

−

Performs an ~~Exp Mod~~ operation using an exponent previously loaded with the [[#~~LoadRsaOaepKey~~]] command, and then validates/extracts a Titlekey from the resulting message.

+

Performs an ExpMod operation using an exponent previously loaded with the [[#ImportEsKey]] command, and then validates/extracts a Titlekey from the resulting message.

Returns a session-unique AES key especially for use in [[#LoadTitleKey]].

+

[5.0.0+] This now uses any exponent previously loaded with [[#DecryptOrImportRsaPrivateKey]].

=== LoadTitleKey ===

−

Takes a session-unique AES key from [[#~~UnwrapAesWrappedTitleKey~~]] or [[#~~UnwrapRsaOaepWrappedTitleKey~~]].

+

Takes a session-unique AES key from [[#UnwrapCommonTitleKey]] or [[#UnwrapTitleKey]].

+

=== UnwrapCommonTitleKey ===

+

Takes an AES-wrapped TitleKey and returns a sealed AES key.

=== enum CryptoUsecase ===

Line 159: Line 167:

| 2 || CryptoUsecase_RsaSecureExpMod

|-

−

| 3 || ~~CryptoUsecase_RsaOaep~~

+

| 3 || CryptoUsecase_TitleKey

+

|}

+

Note:

+

The [[#enum_CryptoUsecase|CryptoUsecase_TitleKey]] represents a RSA wrapped AES key.

+

=== enum CipherMode ===

+

{| class=wikitable

+

! Value || Name

+

|-

+

| 0 || CipherMode_CbcEncrypt

+

|-

+

| 1 || CipherMode_CbcDecrypt

+

|-

+

| 2 || CipherMode_Ctr

+

|}

+

=== enum DecryptOrImportMode ===

+

{| class=wikitable

+

! Value || Name

+

|-

+

| 0 || DecryptOrImportMode_DecryptRsaPrivateKey

+

|-

+

| 1 || DecryptOrImportMode_ImportLotusKey

+

|-

+

| 2 || DecryptOrImportMode_ImportEsKey

+

|-

+

| 3 || DecryptOrImportMode_ImportSslKey

+

|-

+

| 4 || DecryptOrImportMode_ImportDrmKey

+

|}

+

=== enum SecureExpModMode ===

+

{| class=wikitable

+

! Value || Name

+

|-

+

| 0 || SecureExpModMode_Lotus

+

|-

+

| 1 || SecureExpModMode_Ssl

+

|-

+

| 2 || SecureExpModMode_Drm

|}

Line 176: Line 224:

| 0xC3000004 || [[#GetConfig]] (Same as ID 0, Sub-ID 2) || W1=config_item, X2,X3,X4,X5,X6,X7=0 || X0=result, X1,X2,X3,X4=config_val

|-

−

| 0xC3000005 || [[#~~GetRandomBytes~~]] (Same as ID 0, Sub-ID 6) || X1=size, X2,X3,X4,X5,X6,X7=0 || X0=result, X1,X2,X3,X4,X5,X6,X7=rand_bytes

+

| 0xC3000005 || [[#GenerateRandomBytes]] (Same as ID 0, Sub-ID 6) || X1=size, X2,X3,X4,X5,X6,X7=0 || X0=result, X1,X2,X3,X4,X5,X6,X7=rand_bytes

|-

| 0xC3000006 || [[#Panic]] || W1=panic_color, X2,X3,X4,X5,X6,X7=0 || X0=result

Line 225: Line 273:

| 11 || [[#IsDebugMode]]

|-

−

| 12 || [[#~~UnitConfiguration~~]]

+

| 12 || [[#KernelConfiguration]]

|-

| 13 || [[#IsChargerHiZModeEnabled]]

Line 231: Line 279:

| 14 || [4.0.0+] [[#IsKiosk]]

|-

−

| 15 || [5.0.0+] [[#~~NewHardwareType~~]]

+

| 15 || [5.0.0+] [[#RegulatorType]]

|-

−

| 16 || [5.0.0+] [[#~~NewKeyGeneration~~]]

+

| 16 || [5.0.0+] [[#KeyGeneration]]

|-

| 17 || [5.0.0+] [[#Package2Hash]]

Line 265: Line 313:

|-

| 5

−

| [5.0.0+] Reserved

+

| [4.0.0+] Reserved

|-

| 6

−

| [5.0.0+] Reserved

+

| [4.0.0+] Reserved

|-

| 7

−

| [5.0.0+] DramId_MarikoIowax1x2Samsung4gb

+

| [5.0.0+] DramId_MarikoIowax1x2Samsung4gb ([4.0.0-4.1.0] Reserved)

|-

| 8

Line 280: Line 328:

|-

| 10

−

| [5.0.0+] Reserved

+

| [6.0.0+] DramId_MarikoIowaHynix4gb ([5.0.0-5.1.0] Reserved)

|-

| 11

−

| [5.0.0+] Reserved

+

| [7.0.0+] DramId_MarikoIowaMicron4gb ([5.0.0-6.2.0] Reserved)

|-

| 12

Line 290: Line 338:

| 13

| [5.0.0+] DramId_MarikoHoagSamsung8gb

+

|-

+

| 14

+

| [7.0.0+] DramId_MarikoHoagHynix4gb ([5.0.0-6.2.0] Reserved)

+

|-

+

| 15

+

| [7.0.0+] DramId_MarikoHoagMicron4gb ([5.0.0-6.2.0] Reserved)

+

|-

+

| 16

+

| [8.0.0+] DramId_MarikoUnkSamsung4gb

|}

−

[[PCV_services|PCV]] ~~configures~~ memory ~~profiles~~ based on DramId.

+

[[PCV_services|PCV]] selects memory training tables based on DramId.

{| class="wikitable" border="1"

|-

+

! SoC

! Platform

! DramId

−

! ~~Version~~

+

! Revision

+

! DVFS version

|-

+

| T210

| jetson-tx1

| N/A

−

| 11_40800_01_V9.8.3_V1.6

+

| 0x07

+

|

+

11_40800_01_V9.8.3_V1.6

+

11_68000_01_V9.8.3_V1.6

+

11_102000_01_V9.8.3_V1.6

+

11_204000_05_V9.8.3_V1.6

+

11_408000_02_V9.8.3_V1.6

+

11_665600_03_V9.8.3_V1.6

+

11_800000_01_V9.8.3_V1.6

+

11_1065600_01_V9.8.3_V1.6

+

11_1331200_01_V9.8.3_V1.6

+

11_1600000_02_V9.8.3_V1.6

|-

+

| T210

| nx-abcb

| EristaIcosaSamsung4gb

−

| 10_40800_NoCfgVersion_V9.8.7_V1.6

+

| 0x07

+

|

+

10_40800_NoCfgVersion_V9.8.7_V1.6

+

10_68000_NoCfgVersion_V9.8.7_V1.6

+

10_102000_NoCfgVersion_V9.8.7_V1.6

+

10_204000_NoCfgVersion_V9.8.7_V1.6

+

10_408000_NoCfgVersion_V9.8.7_V1.6

+

10_665600_NoCfgVersion_V9.8.7_V1.6

+

10_800000_NoCfgVersion_V9.8.7_V1.6

+

10_1065600_NoCfgVersion_V9.8.7_V1.6

+

10_1331200_NoCfgVersion_V9.8.7_V1.6

+

10_1600000_NoCfgVersion_V9.8.7_V1.6

|-

+

| T210

| nx-abcb

| EristaIcosaMicron4gb

−

| 10_40800_NoCfgVersion_V9.8.4_V1.6

+

| 0x07

+

|

+

10_40800_NoCfgVersion_V9.8.4_V1.6

+

10_68000_NoCfgVersion_V9.8.4_V1.6

+

10_102000_NoCfgVersion_V9.8.4_V1.6

+

10_204000_NoCfgVersion_V9.8.4_V1.6

+

10_408000_NoCfgVersion_V9.8.4_V1.6

+

10_665600_NoCfgVersion_V9.8.4_V1.6

+

10_800000_NoCfgVersion_V9.8.4_V1.6

+

10_1065600_NoCfgVersion_V9.8.4_V1.6

+

10_1331200_NoCfgVersion_V9.8.4_V1.6

+

10_1600000_NoCfgVersion_V9.8.4_V1.6

|-

+

| T210

| nx-abcb

| EristaIcosaHynix4gb

−

| 10_40800_NoCfgVersion_V9.8.4_V1.6

+

| 0x07

+

|

+

10_40800_NoCfgVersion_V9.8.4_V1.6

+

10_68000_NoCfgVersion_V9.8.4_V1.6

+

10_102000_NoCfgVersion_V9.8.4_V1.6

+

10_204000_NoCfgVersion_V9.8.4_V1.6

+

10_408000_NoCfgVersion_V9.8.4_V1.6

+

10_665600_NoCfgVersion_V9.8.4_V1.6

+

10_800000_NoCfgVersion_V9.8.4_V1.6

+

10_1065600_NoCfgVersion_V9.8.4_V1.6

+

10_1331200_NoCfgVersion_V9.8.4_V1.6

+

10_1600000_NoCfgVersion_V9.8.4_V1.6

|-

+

| T210

| nx-abca2

−

| EristaIcosaSamsung4gb or EristaIcosaMicron4gb

+

| EristaIcosaSamsung4gb, EristaIcosaMicron4gb

−

| 10_40800_NoCfgVersion_V9.8.7_V1.6

+

| 0x07

+

|

+

10_40800_NoCfgVersion_V9.8.7_V1.6

+

10_68000_NoCfgVersion_V9.8.7_V1.6

+

10_102000_NoCfgVersion_V9.8.7_V1.6

+

10_204000_NoCfgVersion_V9.8.7_V1.6

+

10_408000_NoCfgVersion_V9.8.7_V1.6

+

10_665600_NoCfgVersion_V9.8.7_V1.6

+

10_800000_NoCfgVersion_V9.8.7_V1.6

+

10_1065600_NoCfgVersion_V9.8.7_V1.6

+

10_1331200_NoCfgVersion_V9.8.7_V1.6

+

10_1600000_NoCfgVersion_V9.8.7_V1.6

|-

+

| T210

| nx-abca2

| EristaIcosaHynix4gb

−

| 10_40800_NoCfgVersion_V9.8.7_V1.6

+

| 0x07

+

|

+

10_40800_NoCfgVersion_V9.8.7_V1.6

+

10_68000_NoCfgVersion_V9.8.7_V1.6

+

10_102000_NoCfgVersion_V9.8.7_V1.6

+

10_204000_NoCfgVersion_V9.8.7_V1.6

+

10_408000_NoCfgVersion_V9.8.7_V1.6

+

10_665600_NoCfgVersion_V9.8.7_V1.6

+

10_800000_NoCfgVersion_V9.8.7_V1.6

+

10_1065600_NoCfgVersion_V9.8.7_V1.6

+

10_1331200_NoCfgVersion_V9.8.7_V1.6

+

10_1600000_NoCfgVersion_V9.8.7_V1.6

|-

+

| T210

| nx-abca2

| EristaIcosaSamsung6gb

−

| 10_40800_NoCfgVersion_V9.8.7_V1.6

+

| 0x07

+

|

+

10_40800_NoCfgVersion_V9.8.7_V1.6

+

10_68000_NoCfgVersion_V9.8.7_V1.6

+

10_102000_NoCfgVersion_V9.8.7_V1.6

+

10_204000_NoCfgVersion_V9.8.7_V1.6

+

10_408000_NoCfgVersion_V9.8.7_V1.6

+

10_665600_NoCfgVersion_V9.8.7_V1.6

+

10_800000_NoCfgVersion_V9.8.7_V1.6

+

10_1065600_NoCfgVersion_V9.8.7_V1.6

+

10_1331200_NoCfgVersion_V9.8.7_V1.6

+

10_1600000_NoCfgVersion_V9.8.7_V1.6

|-

−

| nx-abca2

+

| T214

+

| nx-abca2, nx-abcb, nx-abcc

| MarikoIowax1x2Samsung4gb

−

| 01_204000_NoCfgVersion_V0.3.1_V2.0

+

| 0x03

+

|

+

01_204000_NoCfgVersion_V0.3.1_V2.0

+

01_1331200.0_NoCfgVersion_V0.3.1_V2.0

+

01_1600000_NoCfgVersion_V0.3.1_V2.0

+

|-

+

| T214

+

| nx-abca2, nx-abcb, nx-abcc

+

| MarikoIowaSamsung4gb, MarikoHoagSamsung4gb

+

| 0x03

+

|

+

01_204000_NoCfgVersion_V0.3.1_V2.0

+

01_1331200.0_NoCfgVersion_V0.3.1_V2.0

+

01_1600000_NoCfgVersion_V0.3.1_V2.0

+

|-

+

| T214

+

| nx-abca2, nx-abcb, nx-abcc

+

| MarikoIowaSamsung8gb, MarikoHoagSamsung8gb

+

| 0x03

+

|

+

01_204000_NoCfgVersion_V0.4.2_V2.0

+

01_1331200.0_NoCfgVersion_V0.4.2_V2.0

+

01_1600000_NoCfgVersion_V0.4.2_V2.0

+

|-

+

| T214

+

| nx-abca2, nx-abcb, nx-abcc

+

| MarikoIowaHynix4gb, MarikoHoagHynix4gb

+

| 0x03

+

|

+

01_204000_NoCfgVersion_V0.3.1_V2.0

+

01_1331200.0_NoCfgVersion_V0.3.1_V2.0

+

01_1600000_NoCfgVersion_V0.3.1_V2.0

|-

−

| nx-abca2

+

| T214

−

| ~~MarikoIowaSamsung4gb or MarikoHoagSamsung4gb~~

+

| nx-abca2, nx-abcb, nx-abcc

−

| 01_204000_NoCfgVersion_V0.3.~~1_V2~~.0

+

| MarikoIowaMicron4gb, MarikoHoagMicron4gb

+

| 0x03

+

|

+

01_204000_NoCfgVersion_V0.4.2_V2.0

+

01_1331200.0_NoCfgVersion_V0.4.2_V2.0

+

01_1600000_NoCfgVersion_V0.4.2_V2.0

|-

−

| nx-abca2

+

| T214

−

| ~~MarikoIowaSamsung8gb or MarikoHoagSamsung8gb~~

+

| nx-abca2, nx-abcb, nx-abcc

−

| 01_204000_NoCfgVersion_V0.4.2_V2.0

+

| MarikoUnkSamsung4gb

+

| 0x03

+

|

+

01_204000_NoCfgVersion_V0.4.2_V2.0

+

01_1331200.0_NoCfgVersion_V0.4.2_V2.0

+

01_1600000_NoCfgVersion_V0.4.2_V2.0

|}

−

nx-abcb (Copper) is the SDEV unit. Among other differences, this has extra hardware to support HDMI output.

+

'''nx-abca2''' ('''Icosa''' or '''Hoag''' in '''Erista''', '''Iowa''' or '''Hoag''' in '''Mariko''') hardware types are variations of the retail and EDEV form factors.

+

'''nx-abcb''' ('''Copper''') is the SDEV unit. Among other differences, this has extra hardware to support HDMI output.

+

[8.0.0+] '''nx-abcc''' was added for '''Mariko'''.

−

~~nx-abca2 (Icosa) hardware types are variations of the retail form factor~~.

+

'''Erista''' memory is LPDDR4, while '''Mariko''' memory is LPDDR4X.

==== SecurityEngineIrqNumber ====

Line 351: Line 540:

==== HardwareType ====

−

[1.0.0+] This item is obtained by checking bits 8 and 2 from [[Fuse_registers#FUSE_RESERVED_ODM4|FUSE_RESERVED_ODM4]]. It can be 0 (Icosa), 1 (Copper) or 3 (Invalid).

+

[1.0.0+] This item is obtained by checking bits 8 and 2 from [[Fuse_registers#FUSE_RESERVED_ODM4|FUSE_RESERVED_ODM4]]. It can be 0 (Icosa), 1 (Copper), 2 (Hoag) or 3 (Invalid).

+

[4.0.0+] This item is obtained by checking bits 8, 2 and 16-19 from [[Fuse_registers#FUSE_RESERVED_ODM4|FUSE_RESERVED_ODM4]]. It can be 0 (Icosa), 1 (Copper), 2 (Hoag), 3 (Iowa) or 4 (Invalid).

−

[4.0.0+] This item ~~is obtained by checking bits 8, 2~~ and ~~16-19 from [[Fuse_registers#FUSE_RESERVED_ODM4|FUSE_RESERVED_ODM4]]. It~~ can be 0 (Icosa~~), 1 (Copper), 3 (Mariko~~) or 4 (Invalid).

+

[7.0.0+] This item no longer depends on fuses and can only be 0 (Icosa) or 0xF (Invalid) in retail units.

−

~~A value of~~ 2 (Hoag?) ~~is always mapped to~~ 4 (Invalid).

+

[8.0.0+] This item can be 0 (Icosa), 1 (Copper), 2 (Hoag), 3 (Iowa), 4 (Calcio) or 5 (Invalid). It still can only be 0 (Icosa) or 0xF (Invalid) in retail units.

==== IsRetail ====

Line 362: Line 553:

==== IsRecoveryBoot ====

Used to determine if the system is booting from SafeMode firmware.

+

Under normal circumstances, this just returns bit 0 of the active [[BCT#bootloader0_info|bootloader info]]'s attribute field.

==== DeviceId ====

Line 368: Line 561:

==== BootReason ====

Used to determine how the system booted.

+

{| class=wikitable

+

! Value || Description

+

|-

+

| 0 || Invalid

+

|-

+

| 1 || AcOk

+

|-

+

| 2 || OnKey

+

|-

+

| 3 || RtcAlarm1

+

|-

+

| 4 || RtcAlarm2

+

|}

==== MemoryArrange ====

Line 381: Line 588:

The value of this field is loaded from [[BootConfig]] unsigned-config+0x10 u8 bit1.

−

==== ~~UnitConfiguration~~ ====

+

==== KernelConfiguration ====

−

Kernel reads this when setting up memory-related code. ~~If bit0~~ is ~~set,~~ it will memset various allocated memory-regions with 0x58, 0x59, 0x5A ('X', 'Y', 'Z') instead of zero. This allows Nintendo devs to find uninitialized memory bugs. ~~If bit17-16~~ is ~~0b01~~, the kernel ~~assumes 6GB of DRAM~~ instead of ~~4GB~~.

+

Kernel reads this when setting up memory-related code.

+

Bit 0 is a boolean determining whether kernel should it will memset various allocated memory-regions with 0x58, 0x59, 0x5A ('X', 'Y', 'Z') instead of zero. This allows Nintendo devs to find uninitialized memory bugs.

+

Bit 1 is a boolean determining whether kernel should forcefully enable usermode exception handlers (when false, only certain aborts (((1LL << (esr >> 26)) & 0x1115804400224001) == 0, typically data/prefetch aborts) that occur when the faulting address is in a readable region with MemoryType_CodeStatic will trigger usermode exception handlers).

+

Bit 2 is a boolean determining whether kernel should enable usermode access to the Performance Monitors (whether PMUSERENR_EL0 should be 1 or 0).

+

[8.0.0+] Bit 3 is a boolean determining whether the kernldr should allocate 0x68000 extra bytes before INI1 data

+

Bits 8-15 are a boolean determining whether kernel should call smcPanic on error instead of infinite-looping.

−

~~bit1 and bit2 are boolean values.~~

+

Bits 16-17 determine how much memory is available. 00/03 = 4 GB, 01 = 6 GB, 02 = 8 GB.

−

~~If bit15~~-8 is ~~zero~~, ~~kernel will loop forever without calling smcPanic~~, ~~nonzero smcPanics with 0xf00 and then loops~~.

==== IsChargerHiZModeEnabled ====

This tells if the TI Charger (bq24192) is active.

−

==== ~~NewKeyGeneration~~ ====

+

==== KeyGeneration ====

This item is obtained from [[Fuse_registers#FUSE_RESERVED_ODM2|FUSE_RESERVED_ODM2]] if bit 11 from [[Fuse_registers#FUSE_RESERVED_ODM4|FUSE_RESERVED_ODM4]] is set, [[Fuse_registers#FUSE_RESERVED_ODM0|FUSE_RESERVED_ODM0]] matches 0x8E61ECAE and [[Fuse_registers#FUSE_RESERVED_ODM1|FUSE_RESERVED_ODM1]] matches 0xF2BA3BB2.

Line 400: Line 616:

[4.0.0+] [[Settings_services|Settings]] uses this value to overwrite the quest flag from [[Settings_services#set:sys|GetQuestFlag]]. This is used to detect if a Switch is a kiosk unit for display at retail stores.

−

==== ~~NewHardwareType~~ ====

+

==== RegulatorType ====

This item is currently hardcoded to 0.

−

[5.0.0+] [[PCV_services|PCV]] ~~overrides the~~ value ~~from~~ [[#HardwareType|HardwareType]] and ~~configures PMIC devices with this item~~.

+

[5.0.0+] [[PCV_services|PCV]] uses this value in combination with [[#HardwareType|HardwareType]] to configure power blocks and memory tables for different hardware.

{| class="wikitable" border="1"

|-

! Value

−

! ~~Devices~~

+

! SoC

+

! GPU

+

! Power Blocks

|-

| 0

+

| T210

+

| GM20B (0x12B)

| max77620_sd0, max77621_cpu and max77621_gpu

|-

| 1

+

| T214

+

| GM20B_B (0x12E)

| max77620_sd0, max77812_cpu and max77812_gpu

|-

| 2

+

| T214

+

| GM20B_B (0x12E)

| max77620_sd0, max77812_cpu and max77812_gpu

|}

Line 422: Line 646:

This is a SHA-256 hash calculated over the [[Package2|package2]] image. Since the hash calculation is an optional step in pkg2ldr, this item is only valid in recovery mode. Otherwise, an error is returned instead.

−

=== ~~GetRandomBytes~~ ===

+

=== GenerateRandomBytes ===

Takes a '''size''' and returns '''rand_bytes'''.

Line 448: Line 672:

! Value || Description

|-

−

| 2 || Invalid ~~input~~

+

| 0 || Success

+

|-

+

| 1 || Not implemented

+

|-

+

| 2 || Invalid argument

+

|-

+

| 3 || In progress

+

|-

+

| 4 || No async operation

+

|-

+

| 5 || Invalid async operation

|-

−

| 3 || ~~Busy~~

+

| [8.0.0+] 6 || Blacklisted

|}

Hexkyz

Bureaucrats, Administrators

2,783

edits

Changes

Secure Monitor (view source)

Revision as of 18:37, 11 July 2019

Navigation menu

Search