2,782
edits
Changes
Jump to navigation
Jump to search
Line 92:
Line 92: − + Line 126:
Line 126: − + Line 135:
Line 135: − + − + Line 172:
Line 172: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Line 187:
Line 224: − + Line 242:
Line 279: − + − + Line 276:
Line 313: − + − + Line 307:
Line 344: + + + + + + + + + + + + + + + + + + + + + Line 312:
Line 370: + Line 317:
Line 376: + Line 332:
Line 392: + Line 347:
Line 408: + Line 362:
Line 424: + Line 377:
Line 440: + − + Line 392:
Line 456: + Line 407:
Line 472: + Line 422:
Line 488: − + + Line 430:
Line 497: − + − + + Line 438:
Line 506: − + − + + Line 446:
Line 515: − + − + + Line 454:
Line 524: − + − + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Line 461:
Line 586: + + + + + + + + + + + − + Line 476:
Line 612: − + + + + + + − + + + + + − + + + + + + + + + + + + + Line 495:
Line 652: + + + + + + + + + + + + + + Line 516:
Line 687: + + Line 524:
Line 697: − + Line 534:
Line 707: − + Line 552:
Line 725: − + − + Line 564:
Line 737: − + Line 590:
Line 763: − + + + + + + + + + + + − +
→DramId
=== ComputeAes ===
=== ComputeAes ===
Encrypts/decrypts using Aes (CTR and CBC).
Encrypts/decrypts using AES (CTR and CBC). Takes an [[#enum_CipherMode]].
Key must be set prior using one of the [[#LoadAesKey]] or [[#GenerateSpecificAesKey]] commands.
Key must be set prior using one of the [[#LoadAesKey]] or [[#GenerateSpecificAesKey]] commands.
=== DecryptOrImportRsaPrivateKey ===
=== DecryptOrImportRsaPrivateKey ===
This function replaced [[#DecryptRsaPrivateKey]] in [[5.0.0]], adding an additional enum member argument.
This function replaced [[#DecryptRsaPrivateKey]] in [[5.0.0]], adding an additional [[#enum_DecryptOrImportMode]].
This SMC extends DecryptRsaPrivateKey's original functionality to enable importing private keys into the security engine instead of decrypting them, when certain enum members are passed.
This SMC extends DecryptRsaPrivateKey's original functionality to enable importing private keys into the security engine instead of decrypting them, when certain enum members are passed.
The session kek must have been created with [[#enum_CryptoUsecase|CryptoUsecase_RsaSecureExpMod]].
The session kek must have been created with [[#enum_CryptoUsecase|CryptoUsecase_RsaSecureExpMod]].
[5.0.0] This function was removed and replaced with [[#ReEncryptRsaPrivateKey]].
[5.0.0] This function was removed.
=== SecureExpMod ===
=== SecureExpMod ===
Performs an ExpMod operation using an exponent previously loaded with the [[#ImportLotusKey]] command.
Performs an ExpMod operation using an exponent previously loaded with the [[#ImportLotusKey]] command.
[5.0.0+] This now uses any exponent previously loaded with [[#DecryptOrImportRsaPrivateKey]].
[5.0.0+] This now uses any exponent previously loaded with [[#DecryptOrImportRsaPrivateKey]] and takes an [[#enum_SecureExpModMode]].
=== UnwrapTitleKey ===
=== UnwrapTitleKey ===
Note:
Note:
The [[#enum_CryptoUsecase|CryptoUsecase_TitleKey]] represents a RSA wrapped AES key.
The [[#enum_CryptoUsecase|CryptoUsecase_TitleKey]] represents a RSA wrapped AES key.
=== enum CipherMode ===
{| class=wikitable
! Value || Name
|-
| 0 || CipherMode_CbcEncrypt
|-
| 1 || CipherMode_CbcDecrypt
|-
| 2 || CipherMode_Ctr
|}
=== enum DecryptOrImportMode ===
{| class=wikitable
! Value || Name
|-
| 0 || DecryptOrImportMode_DecryptRsaPrivateKey
|-
| 1 || DecryptOrImportMode_ImportLotusKey
|-
| 2 || DecryptOrImportMode_ImportEsKey
|-
| 3 || DecryptOrImportMode_ImportSslKey
|-
| 4 || DecryptOrImportMode_ImportDrmKey
|}
=== enum SecureExpModMode ===
{| class=wikitable
! Value || Name
|-
| 0 || SecureExpModMode_Lotus
|-
| 1 || SecureExpModMode_Ssl
|-
| 2 || SecureExpModMode_Drm
|}
== ID 1 ==
== ID 1 ==
| 0xC3000004 || [[#GetConfig]] (Same as ID 0, Sub-ID 2) || W1=config_item, X2,X3,X4,X5,X6,X7=0 || X0=result, X1,X2,X3,X4=config_val
| 0xC3000004 || [[#GetConfig]] (Same as ID 0, Sub-ID 2) || W1=config_item, X2,X3,X4,X5,X6,X7=0 || X0=result, X1,X2,X3,X4=config_val
|-
|-
| 0xC3000005 || [[#GetRandomBytes]] (Same as ID 0, Sub-ID 6) || X1=size, X2,X3,X4,X5,X6,X7=0 || X0=result, X1,X2,X3,X4,X5,X6,X7=rand_bytes
| 0xC3000005 || [[#GenerateRandomBytes]] (Same as ID 0, Sub-ID 6) || X1=size, X2,X3,X4,X5,X6,X7=0 || X0=result, X1,X2,X3,X4,X5,X6,X7=rand_bytes
|-
|-
| 0xC3000006 || [[#Panic]] || W1=panic_color, X2,X3,X4,X5,X6,X7=0 || X0=result
| 0xC3000006 || [[#Panic]] || W1=panic_color, X2,X3,X4,X5,X6,X7=0 || X0=result
| 14 || [4.0.0+] [[#IsKiosk]]
| 14 || [4.0.0+] [[#IsKiosk]]
|-
|-
| 15 || [5.0.0+] [[#NewHardwareType]]
| 15 || [5.0.0+] [[#RegulatorType]]
|-
|-
| 16 || [5.0.0+] [[#NewKeyGeneration]]
| 16 || [5.0.0+] [[#KeyGeneration]]
|-
|-
| 17 || [5.0.0+] [[#Package2Hash]]
| 17 || [5.0.0+] [[#Package2Hash]]
|-
|-
| 5
| 5
| [4.0.0+] Reserved (DramId_EristaIcosaHynix6gb)
| [4.0.0+] Reserved
|-
|-
| 6
| 6
| [4.0.0+] Reserved (DramId_EristaIcosaMicron6gb)
| [4.0.0+] Reserved
|-
|-
| 7
| 7
| 15
| 15
| [7.0.0+] DramId_MarikoHoagMicron4gb ([5.0.0-6.2.0] Reserved)
| [7.0.0+] DramId_MarikoHoagMicron4gb ([5.0.0-6.2.0] Reserved)
|-
| 16
| [8.0.0+] DramId_MarikoIowaSamsung4gbY
|-
| 17
| [9.0.0+] DramId_MarikoIowaSamsung1y4gbX
|-
| 18
| [9.0.0+] DramId_MarikoIowaSamsung1y8gbX
|-
| 19
| [9.0.0+] DramId_MarikoHoagSamsung1y4gbX
|-
| 20
| [9.0.0+] DramId_MarikoIowaSamsung1y4gbY
|-
| 21
| [9.0.0+] DramId_MarikoIowaSamsung1y8gbY
|-
| 22
| [9.0.0+] DramId_MarikoIowaSamsung1y4gbA
|}
|}
{| class="wikitable" border="1"
{| class="wikitable" border="1"
|-
|-
! SoC
! Platform
! Platform
! DramId
! DramId
! DVFS version
! DVFS version
|-
|-
| T210
| jetson-tx1
| jetson-tx1
| N/A
| N/A
11_1600000_02_V9.8.3_V1.6
11_1600000_02_V9.8.3_V1.6
|-
|-
| T210
| nx-abcb
| nx-abcb
| EristaIcosaSamsung4gb
| EristaIcosaSamsung4gb
10_1600000_NoCfgVersion_V9.8.7_V1.6
10_1600000_NoCfgVersion_V9.8.7_V1.6
|-
|-
| T210
| nx-abcb
| nx-abcb
| EristaIcosaMicron4gb
| EristaIcosaMicron4gb
10_1600000_NoCfgVersion_V9.8.4_V1.6
10_1600000_NoCfgVersion_V9.8.4_V1.6
|-
|-
| T210
| nx-abcb
| nx-abcb
| EristaIcosaHynix4gb
| EristaIcosaHynix4gb
10_1600000_NoCfgVersion_V9.8.4_V1.6
10_1600000_NoCfgVersion_V9.8.4_V1.6
|-
|-
| T210
| nx-abca2
| nx-abca2
| EristaIcosaSamsung4gb or EristaIcosaMicron4gb
| EristaIcosaSamsung4gb, EristaIcosaMicron4gb
| 0x07
| 0x07
|
|
10_1600000_NoCfgVersion_V9.8.7_V1.6
10_1600000_NoCfgVersion_V9.8.7_V1.6
|-
|-
| T210
| nx-abca2
| nx-abca2
| EristaIcosaHynix4gb
| EristaIcosaHynix4gb
10_1600000_NoCfgVersion_V9.8.7_V1.6
10_1600000_NoCfgVersion_V9.8.7_V1.6
|-
|-
| T210
| nx-abca2
| nx-abca2
| EristaIcosaSamsung6gb
| EristaIcosaSamsung6gb
10_1600000_NoCfgVersion_V9.8.7_V1.6
10_1600000_NoCfgVersion_V9.8.7_V1.6
|-
|-
| nx-abca2
| T214
| nx-abca2, nx-abcb, nx-abcc
| MarikoIowax1x2Samsung4gb
| MarikoIowax1x2Samsung4gb
| 0x03
| 0x03
01_1600000_NoCfgVersion_V0.3.1_V2.0
01_1600000_NoCfgVersion_V0.3.1_V2.0
|-
|-
| nx-abca2
| T214
| MarikoIowaSamsung4gb or MarikoHoagSamsung4gb
| nx-abca2, nx-abcb, nx-abcc
| MarikoIowaSamsung4gb, MarikoHoagSamsung4gb
| 0x03
| 0x03
|
|
01_1600000_NoCfgVersion_V0.3.1_V2.0
01_1600000_NoCfgVersion_V0.3.1_V2.0
|-
|-
| nx-abca2
| T214
| MarikoIowaSamsung8gb or MarikoHoagSamsung8gb
| nx-abca2, nx-abcb, nx-abcc
| MarikoIowaSamsung8gb, MarikoHoagSamsung8gb
| 0x03
| 0x03
|
|
01_1600000_NoCfgVersion_V0.4.2_V2.0
01_1600000_NoCfgVersion_V0.4.2_V2.0
|-
|-
| nx-abca2
| T214
| MarikoIowaHynix4gb or MarikoHoagHynix4gb
| nx-abca2, nx-abcb, nx-abcc
| MarikoIowaHynix4gb, MarikoHoagHynix4gb
| 0x03
| 0x03
|
|
01_1600000_NoCfgVersion_V0.3.1_V2.0
01_1600000_NoCfgVersion_V0.3.1_V2.0
|-
|-
| nx-abca2
| T214
| MarikoIowaMicron4gb or MarikoHoagMicron4gb
| nx-abca2, nx-abcb, nx-abcc
| MarikoIowaMicron4gb, MarikoHoagMicron4gb
| 0x03
|
01_204000_NoCfgVersion_V0.4.2_V2.0
01_1331200.0_NoCfgVersion_V0.4.2_V2.0
01_1600000_NoCfgVersion_V0.4.2_V2.0
|-
| T214
| nx-abca2, nx-abcb, nx-abcc
| DramId_MarikoIowaSamsung4gbY
| 0x03
|
01_204000_NoCfgVersion_V0.4.2_V2.0
01_1331200.0_NoCfgVersion_V0.4.2_V2.0
01_1600000_NoCfgVersion_V0.4.2_V2.0
|-
| T214
| nx-abca2, nx-abcb, nx-abcc
| DramId_MarikoIowaSamsung1y4gbX
| 0x03
|
01_204000_NoCfgVersion_V0.4.2_V2.0
01_1331200.0_NoCfgVersion_V0.4.2_V2.0
01_1600000_NoCfgVersion_V0.4.2_V2.0
|-
| T214
| nx-abca2, nx-abcb, nx-abcc
| DramId_MarikoIowaSamsung1y8gbX
| 0x03
|
01_204000_NoCfgVersion_V0.4.2_V2.0
01_1331200.0_NoCfgVersion_V0.4.2_V2.0
01_1600000_NoCfgVersion_V0.4.2_V2.0
|-
| T214
| nx-abca2, nx-abcb, nx-abcc
| DramId_MarikoHoagSamsung1y4gbX
| 0x03
|
01_204000_NoCfgVersion_V0.4.2_V2.0
01_1331200.0_NoCfgVersion_V0.4.2_V2.0
01_1600000_NoCfgVersion_V0.4.2_V2.0
|-
| T214
| nx-abca2, nx-abcb, nx-abcc
| DramId_MarikoIowaSamsung1y4gbY
| 0x03
|
01_204000_NoCfgVersion_V0.4.2_V2.0
01_1331200.0_NoCfgVersion_V0.4.2_V2.0
01_1600000_NoCfgVersion_V0.4.2_V2.0
|-
| T214
| nx-abca2, nx-abcb, nx-abcc
| DramId_MarikoIowaSamsung1y8gbY
| 0x03
| 0x03
|
|
01_1331200.0_NoCfgVersion_V0.4.2_V2.0
01_1331200.0_NoCfgVersion_V0.4.2_V2.0
01_1600000_NoCfgVersion_V0.4.2_V2.0
01_1600000_NoCfgVersion_V0.4.2_V2.0
|-
| T214
| nx-abca2, nx-abcb, nx-abcc
| DramId_MarikoIowaSamsung1y4gbA
| 0x03
|
01_204000_NoCfgVersion_V0.4.5_V2.0
01_1331200.0_NoCfgVersion_V0.4.5_V2.0
01_1600000_NoCfgVersion_V0.4.5_V2.0
|}
|}
'''nx-abca2''' ('''Icosa''' in '''Erista''', '''Iowa''' in '''Mariko''') hardware types are variations of the retail and EDEV form factors.
'''nx-abcb''' ('''Copper''') is the SDEV unit. Among other differences, this has extra hardware to support HDMI output.
'''nx-abcb''' ('''Copper''') is the SDEV unit. Among other differences, this has extra hardware to support HDMI output.
'''nx-abca2''' ('''Icosa''' or '''Hoag''' in '''Erista''', '''Iowa''' or '''Hoag''' in '''Mariko''') hardware types are variations of the retail or EDEV form factors.
[8.0.0+] '''nx-abcc''' ('''Hoag''') was added for '''Mariko'''.
'''Erista''' memory is LPDDR4, while '''Mariko''' memory is LPDDR4X.
'''Erista''' memory is LPDDR4, while '''Mariko''' memory is LPDDR4X.
==== HardwareType ====
==== HardwareType ====
[1.0.0+] This item is obtained by checking bits 8 and 2 from [[Fuse_registers#FUSE_RESERVED_ODM4|FUSE_RESERVED_ODM4]]. It can be 0 (Icosa), 1 (Copper), 2 (Hoag) or 3 (Invalid).
[1.0.0+] This item is obtained by checking bits 8 and 2 from [[Fuse_registers#FUSE_RESERVED_ODM4|FUSE_RESERVED_ODM4]]. It can be:
* 0 ('''Icosa'''; Erista retail and EDEV), if development flag (bit 8) is '''Retail''' and production flag (bit 2) is '''Production'''.
* 1 ('''Copper'''; Erista SDEV), if development flag (bit 8) is '''Development''' and production flag (bit 2) is '''Prototype'''.
* 3 (Invalid).
Value 2 is reserved and considered invalid.
[4.0.0+] This item is obtained by checking bits 8, 2 and 16-19 from [[Fuse_registers#FUSE_RESERVED_ODM4|FUSE_RESERVED_ODM4]]. It can be 0 (Icosa), 1 (Copper), 2 (Hoag), 3 (Mariko) or 4 (Invalid).
[4.0.0+] This item is obtained by checking bits 8, 2 and 16-19 from [[Fuse_registers#FUSE_RESERVED_ODM4|FUSE_RESERVED_ODM4]]. It can be:
* 0 ('''Icosa'''; Erista retail and EDEV), if development flag (bit 8) is '''Retail''' and production flag (bit 2) is '''Production'''.
* 1 ('''Copper'''; Erista SDEV), if development flag (bit 8) is '''Development''' and production flag (bit 2) is '''Prototype'''.
* 3 ('''Iowa'''; Mariko retail and EDEV), if new hardware type (bits 16-19) is '''Iowa'''.
* 4 (Invalid).
[7.0.0+] This item no longer depends on fuses and can only be 0 (Icosa) or 0xF (Invalid) in retail units.
Value 2 is reserved and considered invalid.
[7.0.0+] This item can be obtained by checking bits 8, 2 and 16-19 from [[Fuse_registers#FUSE_RESERVED_ODM4|FUSE_RESERVED_ODM4]], but is now only 0 (Icosa) or 0xF (Invalid) in retail units.
[8.0.0+] This item can be obtained by checking bits 8, 2 and 16-19 from [[Fuse_registers#FUSE_RESERVED_ODM4|FUSE_RESERVED_ODM4]]. It can be:
* 0 ('''Icosa'''; Erista retail and EDEV), if development flag (bit 8) is '''Retail''' and production flag (bit 2) is '''Production'''.
* 1 ('''Copper'''; Erista SDEV), if development flag (bit 8) is '''Development''' and production flag (bit 2) is '''Prototype'''.
* 2 ('''Hoag'''; Mariko Lite retail and HDEV), if new hardware type (bits 16-19) is '''Hoag'''.
* 3 ('''Iowa'''; Mariko retail and EDEV), if new hardware type (bits 16-19) is '''Iowa'''.
* 4 ('''Calcio''').
* 5 (Invalid).
It is still only 0 (Icosa) or 0xF (Invalid) in retail units.
==== IsRetail ====
==== IsRetail ====
==== BootReason ====
==== BootReason ====
Used to determine how the system booted.
Used to determine how the system booted.
{| class=wikitable
! Value || Description
|-
| 0 || Invalid
|-
| 1 || AcOk
|-
| 2 || OnKey
|-
| 3 || RtcAlarm1
|-
| 4 || RtcAlarm2
|}
==== MemoryArrange ====
==== MemoryArrange ====
Bit 2 is a boolean determining whether kernel should enable usermode access to the Performance Monitors (whether PMUSERENR_EL0 should be 1 or 0).
Bit 2 is a boolean determining whether kernel should enable usermode access to the Performance Monitors (whether PMUSERENR_EL0 should be 1 or 0).
[8.0.0+] Bit 3 is a boolean determining whether the kernldr should allocate 0x68000 extra bytes before INI1 data
Bits 8-15 are a boolean determining whether kernel should call smcPanic on error instead of infinite-looping.
Bits 8-15 are a boolean determining whether kernel should call smcPanic on error instead of infinite-looping.
This tells if the TI Charger (bq24192) is active.
This tells if the TI Charger (bq24192) is active.
==== NewKeyGeneration ====
==== KeyGeneration ====
This item is obtained from [[Fuse_registers#FUSE_RESERVED_ODM2|FUSE_RESERVED_ODM2]] if bit 11 from [[Fuse_registers#FUSE_RESERVED_ODM4|FUSE_RESERVED_ODM4]] is set, [[Fuse_registers#FUSE_RESERVED_ODM0|FUSE_RESERVED_ODM0]] matches 0x8E61ECAE and [[Fuse_registers#FUSE_RESERVED_ODM1|FUSE_RESERVED_ODM1]] matches 0xF2BA3BB2.
This item is obtained from [[Fuse_registers#FUSE_RESERVED_ODM2|FUSE_RESERVED_ODM2]] if bit 11 from [[Fuse_registers#FUSE_RESERVED_ODM4|FUSE_RESERVED_ODM4]] is set, [[Fuse_registers#FUSE_RESERVED_ODM0|FUSE_RESERVED_ODM0]] matches 0x8E61ECAE and [[Fuse_registers#FUSE_RESERVED_ODM1|FUSE_RESERVED_ODM1]] matches 0xF2BA3BB2.
[4.0.0+] [[Settings_services|Settings]] uses this value to overwrite the quest flag from [[Settings_services#set:sys|GetQuestFlag]]. This is used to detect if a Switch is a kiosk unit for display at retail stores.
[4.0.0+] [[Settings_services|Settings]] uses this value to overwrite the quest flag from [[Settings_services#set:sys|GetQuestFlag]]. This is used to detect if a Switch is a kiosk unit for display at retail stores.
==== NewHardwareType ====
==== RegulatorType ====
This item is currently hardcoded to 0.
This item is currently hardcoded to 0.
| 1
| 1
| T214
| T214
| GM2?? (0x12E)
| GM20B_B (0x12E)
| max77620_sd0, max77812_cpu and max77812_gpu
| max77620_sd0, max77812_cpu and max77812_gpu
|-
|-
| 2
| 2
| T214
| T214
| GM2?? (0x12E)
| GM20B_B (0x12E)
| max77620_sd0, max77812_cpu and max77812_gpu
| max77620_sd0, max77812_cpu and max77812_gpu
|}
|}
This is a SHA-256 hash calculated over the [[Package2|package2]] image. Since the hash calculation is an optional step in pkg2ldr, this item is only valid in recovery mode. Otherwise, an error is returned instead.
This is a SHA-256 hash calculated over the [[Package2|package2]] image. Since the hash calculation is an optional step in pkg2ldr, this item is only valid in recovery mode. Otherwise, an error is returned instead.
=== GetRandomBytes ===
=== GenerateRandomBytes ===
Takes a '''size''' and returns '''rand_bytes'''.
Takes a '''size''' and returns '''rand_bytes'''.
! Value || Description
! Value || Description
|-
|-
| 2 || Invalid input
| 0 || Success
|-
| 1 || Not implemented
|-
| 2 || Invalid argument
|-
| 3 || In progress
|-
| 4 || No async operation
|-
| 5 || Invalid async operation
|-
|-
| 3 || Busy
| [8.0.0+] 6 || Blacklisted
|}
|}