CoCalc -- hos.c

GitHub Repository: CTCaer/hekate
Path: blob/master/bootloader/hos/hos.c
³⁶⁹³ views
1
/*
2
 * Copyright (c) 2018 naehrwert
3
 * Copyright (c) 2018 st4rk
4
 * Copyright (c) 2018 Ced2911
5
 * Copyright (c) 2018-2026 CTCaer
6
 * Copyright (c) 2018 balika011
7
 *
8
 * This program is free software; you can redistribute it and/or modify it
9
 * under the terms and conditions of the GNU General Public License,
10
 * version 2, as published by the Free Software Foundation.
11
 *
12
 * This program is distributed in the hope it will be useful, but WITHOUT
13
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
14
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
15
 * more details.
16
 *
17
 * You should have received a copy of the GNU General Public License
18
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
19
 */
20

21
#include <string.h>
22

23
#include <bdk.h>
24

25
#include "hos.h"
26
#include "hos_config.h"
27
#include "secmon_exo.h"
28
#include "../frontend/fe_tools.h"
29
#include "../config.h"
30
#include "../storage/emummc.h"
31

32
//#define DPRINTF(...) gfx_printf(__VA_ARGS__)
33
#define DPRINTF(...)
34

35
#define EHPRINTFARGS(text, args...) \
36
	({  gfx_con.mute = false; \
37
		gfx_printf("%k"text"%k\n", TXT_CLR_ERROR, args, TXT_CLR_DEFAULT); })
38

39
static const u8 eks_keyseeds[HOS_MKEY_VER_600 - HOS_MKEY_VER_100 + 1][SE_KEY_128_SIZE] = {
40
	{ 0xDF, 0x20, 0x6F, 0x59, 0x44, 0x54, 0xEF, 0xDC, 0x70, 0x74, 0x48, 0x3B, 0x0D, 0xED, 0x9F, 0xD3 }, // 1.0.0.
41
	{ 0x0C, 0x25, 0x61, 0x5D, 0x68, 0x4C, 0xEB, 0x42, 0x1C, 0x23, 0x79, 0xEA, 0x82, 0x25, 0x12, 0xAC }, // 3.0.0.
42
	{ 0x33, 0x76, 0x85, 0xEE, 0x88, 0x4A, 0xAE, 0x0A, 0xC2, 0x8A, 0xFD, 0x7D, 0x63, 0xC0, 0x43, 0x3B }, // 3.0.1.
43
	{ 0x2D, 0x1F, 0x48, 0x80, 0xED, 0xEC, 0xED, 0x3E, 0x3C, 0xF2, 0x48, 0xB5, 0x65, 0x7D, 0xF7, 0xBE }, // 4.0.0.
44
	{ 0xBB, 0x5A, 0x01, 0xF9, 0x88, 0xAF, 0xF5, 0xFC, 0x6C, 0xFF, 0x07, 0x9E, 0x13, 0x3C, 0x39, 0x80 }, // 5.0.0.
45
	{ 0xD8, 0xCC, 0xE1, 0x26, 0x6A, 0x35, 0x3F, 0xCC, 0x20, 0xF3, 0x2D, 0x3B, 0x51, 0x7D, 0xE9, 0xC0 }  // 6.0.0.
46
};
47

48
static const u8 cmac_keyseed[SE_KEY_128_SIZE] =
49
	{ 0x59, 0xC7, 0xFB, 0x6F, 0xBE, 0x9B, 0xBE, 0x87, 0x65, 0x6B, 0x15, 0xC0, 0x53, 0x73, 0x36, 0xA5 };
50

51
static const u8 master_keyseed_retail[SE_KEY_128_SIZE] =
52
	{ 0xD8, 0xA2, 0x41, 0x0A, 0xC6, 0xC5, 0x90, 0x01, 0xC6, 0x1D, 0x6A, 0x26, 0x7C, 0x51, 0x3F, 0x3C };
53

54
static const u8 master_keyseed_4xx[SE_KEY_128_SIZE] =
55
	{ 0x2D, 0xC1, 0xF4, 0x8D, 0xF3, 0x5B, 0x69, 0x33, 0x42, 0x10, 0xAC, 0x65, 0xDA, 0x90, 0x46, 0x66 };
56

57
static const u8 master_kekseed_620[SE_KEY_128_SIZE] =
58
	{ 0x37, 0x4B, 0x77, 0x29, 0x59, 0xB4, 0x04, 0x30, 0x81, 0xF6, 0xE5, 0x8C, 0x6D, 0x36, 0x17, 0x9A };
59

60
//!TODO: Update on tsec/mkey changes.
61
static const u8 master_kekseed_t210_tsec_v4[HOS_MKEY_VER_MAX - HOS_MKEY_VER_810 + 1][SE_KEY_128_SIZE] = {
62
	{ 0xDE, 0xDC, 0xE3, 0x39, 0x30, 0x88, 0x16, 0xF8, 0xAE, 0x97, 0xAD, 0xEC, 0x64, 0x2D, 0x41, 0x41 }, // 8.1.0.
63
	{ 0x1A, 0xEC, 0x11, 0x82, 0x2B, 0x32, 0x38, 0x7A, 0x2B, 0xED, 0xBA, 0x01, 0x47, 0x7E, 0x3B, 0x67 }, // 9.0.0.
64
	{ 0x30, 0x3F, 0x02, 0x7E, 0xD8, 0x38, 0xEC, 0xD7, 0x93, 0x25, 0x34, 0xB5, 0x30, 0xEB, 0xCA, 0x7A }, // 9.1.0.
65
	{ 0x84, 0x67, 0xB6, 0x7F, 0x13, 0x11, 0xAE, 0xE6, 0x58, 0x9B, 0x19, 0xAF, 0x13, 0x6C, 0x80, 0x7A }, // 12.1.0.
66
	{ 0x68, 0x3B, 0xCA, 0x54, 0xB8, 0x6F, 0x92, 0x48, 0xC3, 0x05, 0x76, 0x87, 0x88, 0x70, 0x79, 0x23 }, // 13.0.0.
67
	{ 0xF0, 0x13, 0x37, 0x9A, 0xD5, 0x63, 0x51, 0xC3, 0xB4, 0x96, 0x35, 0xBC, 0x9C, 0xE8, 0x76, 0x81 }, // 14.0.0.
68
	{ 0x6E, 0x77, 0x86, 0xAC, 0x83, 0x0A, 0x8D, 0x3E, 0x7D, 0xB7, 0x66, 0xA0, 0x22, 0xB7, 0x6E, 0x67 }, // 15.0.0.
69
	{ 0x99, 0x22, 0x09, 0x57, 0xA7, 0xF9, 0x5E, 0x94, 0xFE, 0x78, 0x7F, 0x41, 0xD6, 0xE7, 0x56, 0xE6 }, // 16.0.0.
70
	{ 0x71, 0xB9, 0xA6, 0xC0, 0xFF, 0x97, 0x6B, 0x0C, 0xB4, 0x40, 0xB9, 0xD5, 0x81, 0x5D, 0x81, 0x90 }, // 17.0.0.
71
	{ 0x00, 0x04, 0x5D, 0xF0, 0x4D, 0xCD, 0x14, 0xA3, 0x1C, 0xBF, 0xDE, 0x48, 0x55, 0xBA, 0x35, 0xC1 }, // 18.0.0.
72
	{ 0xD7, 0x63, 0x74, 0x46, 0x4E, 0xBA, 0x78, 0x0A, 0x7C, 0x9D, 0xB3, 0xE8, 0x7A, 0x3D, 0x71, 0xE3 }, // 19.0.0.
73
	{ 0xA1, 0x7D, 0x34, 0xDB, 0x2D, 0x9D, 0xDA, 0xE5, 0xF8, 0x15, 0x63, 0x4C, 0x8F, 0xE7, 0x6C, 0xD8 }, // 20.0.0.
74
	{ 0x66, 0xC8, 0xCB, 0x3D, 0xEC, 0xF4, 0x59, 0x73, 0x54, 0x88, 0xE1, 0x2E, 0xE6, 0x3D, 0x68, 0x46 }, // 21.0.0.
75
	{ 0x15, 0xAC, 0x96, 0x34, 0xF5, 0x32, 0x56, 0x68, 0xFE, 0x5B, 0x9D, 0xD7, 0xED, 0x19, 0xB7, 0x8E }, // 22.0.0.
76
};
77

78
//!TODO: Update on mkey changes.
79
static const u8 master_kekseed_t210b01[HOS_MKEY_VER_MAX - HOS_MKEY_VER_600 + 1][SE_KEY_128_SIZE] = {
80
	{ 0x77, 0x60, 0x5A, 0xD2, 0xEE, 0x6E, 0xF8, 0x3C, 0x3F, 0x72, 0xE2, 0x59, 0x9D, 0xAC, 0x5E, 0x56 }, // 6.0.0.
81
	{ 0x1E, 0x80, 0xB8, 0x17, 0x3E, 0xC0, 0x60, 0xAA, 0x11, 0xBE, 0x1A, 0x4A, 0xA6, 0x6F, 0xE4, 0xAE }, // 6.2.0.
82
	{ 0x94, 0x08, 0x67, 0xBD, 0x0A, 0x00, 0x38, 0x84, 0x11, 0xD3, 0x1A, 0xDB, 0xDD, 0x8D, 0xF1, 0x8A }, // 7.0.0.
83
	{ 0x5C, 0x24, 0xE3, 0xB8, 0xB4, 0xF7, 0x00, 0xC2, 0x3C, 0xFD, 0x0A, 0xCE, 0x13, 0xC3, 0xDC, 0x23 }, // 8.1.0.
84
	{ 0x86, 0x69, 0xF0, 0x09, 0x87, 0xC8, 0x05, 0xAE, 0xB5, 0x7B, 0x48, 0x74, 0xDE, 0x62, 0xA6, 0x13 }, // 9.0.0.
85
	{ 0x0E, 0x44, 0x0C, 0xED, 0xB4, 0x36, 0xC0, 0x3F, 0xAA, 0x1D, 0xAE, 0xBF, 0x62, 0xB1, 0x09, 0x82 }, // 9.1.0.
86
	{ 0xE5, 0x41, 0xAC, 0xEC, 0xD1, 0xA7, 0xD1, 0xAB, 0xED, 0x03, 0x77, 0xF1, 0x27, 0xCA, 0xF8, 0xF1 }, // 12.1.0.
87
	{ 0x52, 0x71, 0x9B, 0xDF, 0xA7, 0x8B, 0x61, 0xD8, 0xD5, 0x85, 0x11, 0xE4, 0x8E, 0x4F, 0x74, 0xC6 }, // 13.0.0.
88
	{ 0xD2, 0x68, 0xC6, 0x53, 0x9D, 0x94, 0xF9, 0xA8, 0xA5, 0xA8, 0xA7, 0xC8, 0x8F, 0x53, 0x4B, 0x7A }, // 14.0.0.
89
	{ 0xEC, 0x61, 0xBC, 0x82, 0x1E, 0x0F, 0x5A, 0xC3, 0x2B, 0x64, 0x3F, 0x9D, 0xD6, 0x19, 0x22, 0x2D }, // 15.0.0.
90
	{ 0xA5, 0xEC, 0x16, 0x39, 0x1A, 0x30, 0x16, 0x08, 0x2E, 0xCF, 0x09, 0x6F, 0x5E, 0x7C, 0xEE, 0xA9 }, // 16.0.0.
91
	{ 0x8D, 0xEE, 0x9E, 0x11, 0x36, 0x3A, 0x9B, 0x0A, 0x6A, 0xC7, 0xBB, 0xE9, 0xD1, 0x03, 0xF7, 0x80 }, // 17.0.0.
92
	{ 0x4F, 0x41, 0x3C, 0x3B, 0xFB, 0x6A, 0x01, 0x2A, 0x68, 0x9F, 0x83, 0xE9, 0x53, 0xBD, 0x16, 0xD2 }, // 18.0.0.
93
	{ 0x31, 0xBE, 0x25, 0xFB, 0xDB, 0xB4, 0xEE, 0x49, 0x5C, 0x77, 0x05, 0xC2, 0x36, 0x9F, 0x34, 0x80 }, // 19.0.0.
94
	{ 0x1A, 0x31, 0x62, 0x87, 0xA8, 0x09, 0xCA, 0xF8, 0x69, 0x15, 0x45, 0xC2, 0x6B, 0xAA, 0x5A, 0x8A }, // 20.0.0.
95
	{ 0xEB, 0xF3, 0x5B, 0x2D, 0x4A, 0x2D, 0xCE, 0x45, 0x3A, 0x6F, 0x61, 0x38, 0x0B, 0x00, 0x3B, 0x46 }, // 21.0.0.
96
	{ 0x82, 0xE2, 0x0A, 0x59, 0x67, 0xDF, 0xBF, 0x51, 0x47, 0x62, 0x11, 0xF2, 0x41, 0xD3, 0xEE, 0x13 }, // 22.0.0.
97
};
98

99
static const u8 console_keyseed[SE_KEY_128_SIZE] =
100
	{ 0x4F, 0x02, 0x5F, 0x0E, 0xB6, 0x6D, 0x11, 0x0E, 0xDC, 0x32, 0x7D, 0x41, 0x86, 0xC2, 0xF4, 0x78 };
101

102
static const u8 console_keyseed_4xx[SE_KEY_128_SIZE] =
103
	{ 0x0C, 0x91, 0x09, 0xDB, 0x93, 0x93, 0x07, 0x81, 0x07, 0x3C, 0xC4, 0x16, 0x22, 0x7C, 0x6C, 0x28 };
104

105
const u8 package2_keyseed[SE_KEY_128_SIZE] =
106
	{ 0xFB, 0x8B, 0x6A, 0x9C, 0x79, 0x00, 0xC8, 0x49, 0xEF, 0xD2, 0x4D, 0x85, 0x4D, 0x30, 0xA0, 0xC7 };
107

108
static void _hos_crit_error(const char *text)
109
{
110
	gfx_con.mute = false;
111
	gfx_printf("%k%s%k\n", TXT_CLR_ERROR, text, TXT_CLR_DEFAULT);
112
}
113

114
static void _se_lock(bool lock_se)
115
{
116
	if (lock_se)
117
	{
118
		// Disable aes key read.
119
		for (u32 i = 0; i < 16; i++)
120
			se_key_acc_ctrl(i, SE_KEY_TBL_DIS_KEYREAD_FLAG | SE_KEY_TBL_DIS_OIVREAD_FLAG | SE_KEY_TBL_DIS_UIVREAD_FLAG);
121

122
		// Disable RSA key read.
123
		for (u32 i = 0; i < 2; i++)
124
			se_rsa_acc_ctrl(i, SE_RSA_KEY_TBL_DIS_KEYREAD_FLAG);
125

126
		SE(SE_TZRAM_SECURITY_REG) = 0;                // Make SE TZRAM secure only.
127
		SE(SE_CRYPTO_SECURITY_PERKEY_REG) = 0;        // Make all AES keys access secure only.
128
		SE(SE_RSA_SECURITY_PERKEY_REG) = 0;           // Make all RSA keys access secure only.
129
		SE(SE_SE_SECURITY_REG) &= ~SE_PERKEY_SETTING; // Make access lock regs secure only.
130
	}
131

132
	memset((void *)IPATCH_BASE, 0, (IPATCH_CAM_ENTRIES + 1) * sizeof(u32));
133
	SB(SB_CSR) = SB_CSR_PIROM_DISABLE;
134
}
135

136
static int _hos_eks_rw_try(u8 *buf, bool write)
137
{
138
	for (u32 i = 0; i < 3; i++)
139
	{
140
		if (!write)
141
		{
142
			if (!sdmmc_storage_read(&sd_storage, 0, 1, buf))
143
				return 0;
144
		}
145
		else
146
		{
147
			if (!sdmmc_storage_write(&sd_storage, 0, 1, buf))
148
				return 0;
149
		}
150
	}
151

152
	return 1;
153
}
154

155
static void _hos_eks_get()
156
{
157
	// Check if Erista based unit.
158
	if (h_cfg.t210b01)
159
		return;
160

161
	// Check if EKS already found and parsed.
162
	if (!h_cfg.eks)
163
	{
164
		// Read EKS blob.
165
		u8 *mbr = malloc(SD_BLOCKSIZE);
166
		if (_hos_eks_rw_try(mbr, false))
167
			goto out;
168

169
		// Decrypt EKS blob.
170
		hos_eks_mbr_t *eks = (hos_eks_mbr_t *)(mbr + 0x80);
171
		se_aes_crypt_ecb(14, DECRYPT, eks, eks, sizeof(hos_eks_mbr_t));
172

173
		// Check if valid and for this unit.
174
		if (eks->magic == HOS_EKS_MAGIC && eks->lot0 == FUSE(FUSE_OPT_LOT_CODE_0))
175
		{
176
			h_cfg.eks = eks;
177
			return;
178
		}
179

180
out:
181
		free(mbr);
182
	}
183
}
184

185
static void _hos_eks_save()
186
{
187
	// Check if Erista based unit.
188
	if (h_cfg.t210b01)
189
		return;
190

191
	// EKS save. Only for 7.0.0 and up.
192
	bool new_eks = false;
193
	if (!h_cfg.eks)
194
	{
195
		h_cfg.eks = zalloc(sizeof(hos_eks_mbr_t));
196
		new_eks = true;
197
	}
198

199
	// If matching blob doesn't exist, create it.
200
	if (h_cfg.eks->enabled != HOS_EKS_TSEC_VER)
201
	{
202
		// Read EKS blob.
203
		u8 *mbr = malloc(SD_BLOCKSIZE);
204
		if (_hos_eks_rw_try(mbr, false))
205
		{
206
			if (new_eks)
207
			{
208
				free(h_cfg.eks);
209
				h_cfg.eks = NULL;
210
			}
211

212
			goto out;
213
		}
214

215
		// Get keys.
216
		u8 *keys = (u8 *)zalloc(SZ_8K);
217
		se_aes_ctx_get_keys(keys + SZ_4K, keys, SE_KEY_128_SIZE);
218

219
		// Set magic and personalized info.
220
		h_cfg.eks->magic   = HOS_EKS_MAGIC;
221
		h_cfg.eks->enabled = HOS_EKS_TSEC_VER;
222
		h_cfg.eks->lot0    = FUSE(FUSE_OPT_LOT_CODE_0);
223

224
		// Copy new keys.
225
		memcpy(h_cfg.eks->tsec,      keys + 12 * SE_KEY_128_SIZE, SE_KEY_128_SIZE);
226
		memcpy(h_cfg.eks->troot,     keys + 13 * SE_KEY_128_SIZE, SE_KEY_128_SIZE);
227
		memcpy(h_cfg.eks->troot_dev, keys + 11 * SE_KEY_128_SIZE, SE_KEY_128_SIZE);
228

229
		// Encrypt EKS blob.
230
		u8 *eks = malloc(sizeof(hos_eks_mbr_t));
231
		memcpy(eks, h_cfg.eks, sizeof(hos_eks_mbr_t));
232
		se_aes_crypt_ecb(14, ENCRYPT, eks, eks, sizeof(hos_eks_mbr_t));
233

234
		// Write EKS blob to SD.
235
		memcpy(mbr + 0x80, eks, sizeof(hos_eks_mbr_t));
236
		_hos_eks_rw_try(mbr, true);
237

238
		free(eks);
239
		free(keys);
240
out:
241
		free(mbr);
242
	}
243
}
244

245
static void _hos_eks_clear(u32 mkey)
246
{
247
	// Check if Erista based unit.
248
	if (h_cfg.t210b01)
249
		return;
250

251
	if (h_cfg.eks && mkey >= HOS_MKEY_VER_700)
252
	{
253
		// Check if current Master key is enabled.
254
		if (h_cfg.eks->enabled)
255
		{
256
			// Read EKS blob.
257
			u8 *mbr = malloc(SD_BLOCKSIZE);
258
			if (_hos_eks_rw_try(mbr, false))
259
				goto out;
260

261
			// Disable current Master key version.
262
			h_cfg.eks->enabled = 0;
263

264
			// Encrypt EKS blob.
265
			u8 *eks = malloc(sizeof(hos_eks_mbr_t));
266
			memcpy(eks, h_cfg.eks, sizeof(hos_eks_mbr_t));
267
			se_aes_crypt_ecb(14, ENCRYPT, eks, eks, sizeof(hos_eks_mbr_t));
268

269
			// Write EKS blob to SD.
270
			memcpy(mbr + 0x80, eks, sizeof(hos_eks_mbr_t));
271
			_hos_eks_rw_try(mbr, true);
272

273
			free(eks);
274
out:
275
			free(mbr);
276
		}
277
	}
278
}
279

280
typedef struct _tsec_keys_t
281
{
282
	u8 tsec[SE_KEY_128_SIZE];
283
	u8 tsec_root[SE_KEY_128_SIZE];
284
	u8 tmp[SE_KEY_128_SIZE];
285
} tsec_keys_t;
286

287
static int _hos_keygen(pkg1_eks_t *eks, u32 mkey, tsec_ctxt_t *tsec_ctxt, bool stock, bool is_exo)
288
{
289
	static bool sbk_is_set = true;
290

291
	u32 retries = 0;
292
	bool use_tsec = false;
293
	tsec_keys_t tsec_keys;
294

295
	if (mkey > HOS_MKEY_VER_MAX)
296
		return 1;
297

298
	// Do Mariko keygen.
299
	if (h_cfg.t210b01)
300
	{
301
		// Use SBK as Device key 4x unsealer and KEK for mkey in T210B01 units.
302
		se_aes_unwrap_key(10, 14, console_keyseed_4xx);
303

304
		// Derive master key.
305
		se_aes_unwrap_key(7, 12, master_kekseed_t210b01[mkey - HOS_MKEY_VER_600]);
306
		se_aes_unwrap_key(7, 7,  master_keyseed_retail);
307

308
		// Derive latest pkg2 key.
309
		se_aes_unwrap_key(8, 7, package2_keyseed);
310

311
		return 0;
312
	}
313

314
	// Do Erista keygen.
315

316
	// Check if SBK is wiped and try to restore it from fuses.
317
	if (!sbk_is_set)
318
	{
319
		if (fuse_set_sbk())
320
			sbk_is_set = true;
321
		else
322
			return 0; // Continue with current SE keys.
323
	}
324

325
	// Use HOS EKS if it exists.
326
	_hos_eks_get();
327

328
	// Use tsec keygen for old firmware or if EKS keys does not exist for newer.
329
	if (mkey <= HOS_MKEY_VER_620 || !h_cfg.eks || (h_cfg.eks->enabled != HOS_EKS_TSEC_VER))
330
		use_tsec = true;
331

332
	if (mkey <= HOS_MKEY_VER_600)
333
	{
334
		tsec_ctxt->size = 0xF00;
335
		tsec_ctxt->type = TSEC_FW_TYPE_OLD;
336
	}
337
	else if (mkey == HOS_MKEY_VER_620)
338
	{
339
		tsec_ctxt->size = 0x2900;
340
		tsec_ctxt->type = TSEC_FW_TYPE_EMU;
341

342
		// Prepare smmu tsec page for 6.2.0.
343
		u8 *tsec_paged = (u8 *)smmu_page_zalloc(3);
344
		memcpy(tsec_paged, (void *)tsec_ctxt->fw, tsec_ctxt->size);
345
		tsec_ctxt->fw = tsec_paged;
346
	}
347
	else if (use_tsec) // 7.0.0+
348
	{
349
		/*
350
		 * 7.0.0/8.1.0 tsec fw are 0x3000/0x3300.
351
		 * Unused here because of THK.
352
		 */
353

354
		// Use custom TSEC Hovi Keygen firmware.
355
		tsec_ctxt->fw = sd_file_read("bootloader/sys/thk.bin", NULL);
356
		if (!tsec_ctxt->fw)
357
		{
358
			_hos_crit_error("Failed to load thk.bin");
359
			return 1;
360
		}
361

362
		tsec_ctxt->size = 0x1F00;
363
		tsec_ctxt->type = TSEC_FW_TYPE_NEW;
364
	}
365
	else if (h_cfg.eks)
366
	{
367
		// EKS found. Set TSEC keys.
368
		se_aes_key_set(12, h_cfg.eks->tsec, SE_KEY_128_SIZE);
369
		se_aes_key_set(13, h_cfg.eks->troot, SE_KEY_128_SIZE);
370
		se_aes_key_set(11, h_cfg.eks->troot_dev, SE_KEY_128_SIZE);
371
	}
372

373
	// Get TSEC key.
374
	while (use_tsec && tsec_query(&tsec_keys, tsec_ctxt) < 0)
375
	{
376
		memset(&tsec_keys, 0x00, 0x20);
377
		retries++;
378

379
		// We rely on racing conditions, make sure we cover even the unluckiest cases.
380
		if (retries > 15)
381
		{
382
			_hos_crit_error("Failed to get TSEC keys.");
383
			return 1;
384
		}
385
	}
386

387
	if (mkey >= HOS_MKEY_VER_700)
388
	{
389
		// For 7.0.0 and up, save EKS slot if it doesn't exist.
390
		if (use_tsec)
391
		{
392
			_hos_eks_save();
393
			free(tsec_ctxt->fw);
394
		}
395

396
		// Use 8.1.0 for 7.0.0 otherwise the proper one.
397
		u32 mkey_idx = 0;
398
		if (mkey >= HOS_MKEY_VER_810)
399
			mkey_idx = mkey - HOS_MKEY_VER_810;
400

401
		if (!is_exo)
402
		{
403
			// Derive Package2 key in secmon compatible way.
404
			se_aes_unwrap_key(7, 13, master_kekseed_t210_tsec_v4[mkey_idx]);
405
			se_aes_unwrap_key(7, 7, master_keyseed_retail);
406
			se_aes_unwrap_key(8, 7, package2_keyseed);
407
		}
408
		else
409
		{
410
			// Decrypt eks and set keyslots.
411
			se_aes_crypt_ecb(12, DECRYPT, tsec_keys.tmp, eks_keyseeds[0], SE_KEY_128_SIZE);
412
			se_aes_unwrap_key(15, 14, tsec_keys.tmp);
413

414
			// Derive device keys.
415
			se_aes_unwrap_key(10, 15, console_keyseed_4xx);
416
			se_aes_unwrap_key(15, 15, console_keyseed);
417

418
			// Derive master kek.
419
			se_aes_unwrap_key(13, 13, master_kekseed_t210_tsec_v4[mkey_idx]);
420

421
			// Derive device master key and master key.
422
			se_aes_unwrap_key(12, 13, master_keyseed_4xx);
423
			se_aes_unwrap_key(13, 13, master_keyseed_retail);
424

425
			// Package2 key.
426
			se_aes_unwrap_key(8, 13, package2_keyseed);
427
		}
428
	}
429
	else if (mkey == HOS_MKEY_VER_620)
430
	{
431
		// Set TSEC key.
432
		se_aes_key_set(12, tsec_keys.tsec, SE_KEY_128_SIZE);
433
		// Set TSEC root key.
434
		se_aes_key_set(13, tsec_keys.tsec_root, SE_KEY_128_SIZE);
435

436
		if (!is_exo)
437
		{
438
			// Derive Package2 key in secmon compatible way.
439
			se_aes_key_set(8, tsec_keys.tsec_root, SE_KEY_128_SIZE);
440
			se_aes_unwrap_key(8, 8, master_kekseed_620);
441
			se_aes_unwrap_key(8, 8, master_keyseed_retail);
442
			se_aes_unwrap_key(8, 8, package2_keyseed);
443
		}
444
		else
445
		{
446
			// Decrypt eks and set keyslots for Exosphere 2.
447
			se_aes_crypt_ecb(12, DECRYPT, tsec_keys.tmp, eks_keyseeds[0], SE_KEY_128_SIZE);
448
			se_aes_unwrap_key(15, 14, tsec_keys.tmp);
449

450
			// Derive device keys.
451
			se_aes_unwrap_key(10, 15, console_keyseed_4xx);
452
			se_aes_unwrap_key(15, 15, console_keyseed);
453

454
			// Derive master kek.
455
			se_aes_unwrap_key(13, 13, master_kekseed_620);
456

457
			// Derive device master key and master key.
458
			se_aes_unwrap_key(12, 13, master_keyseed_4xx);
459
			se_aes_unwrap_key(13, 13, master_keyseed_retail);
460

461
			// Package2 key.
462
			se_aes_unwrap_key(8, 13, package2_keyseed);
463
		}
464
	}
465
	else
466
	{
467
		se_key_acc_ctrl(13, SE_KEY_TBL_DIS_KEYREAD_FLAG | SE_KEY_TBL_DIS_OIVREAD_FLAG | SE_KEY_TBL_DIS_UIVREAD_FLAG);
468
		se_key_acc_ctrl(14, SE_KEY_TBL_DIS_KEYREAD_FLAG | SE_KEY_TBL_DIS_OIVREAD_FLAG | SE_KEY_TBL_DIS_UIVREAD_FLAG);
469

470
		// Set TSEC key.
471
		se_aes_key_set(13, tsec_keys.tsec, SE_KEY_128_SIZE);
472

473
		// Derive eks keys from TSEC+SBK.
474
		se_aes_crypt_ecb(13, DECRYPT, tsec_keys.tsec, eks_keyseeds[0], SE_KEY_128_SIZE);
475
		se_aes_unwrap_key(15, 14, tsec_keys.tsec);
476
		se_aes_crypt_ecb(13, DECRYPT, tsec_keys.tsec, eks_keyseeds[mkey], SE_KEY_128_SIZE);
477
		se_aes_unwrap_key(13, 14, tsec_keys.tsec);
478

479
		// Clear SBK.
480
		//se_aes_key_clear(14);
481

482
/*
483
		// Verify eks CMAC.
484
		u8 cmac[SE_KEY_128_SIZE];
485
		se_aes_unwrap_key(11, 13, cmac_keyseed);
486
		se_aes_hash_cmac(cmac, SE_KEY_128_SIZE, 11, (void *)eks->ctr, sizeof(eks->ctr) + sizeof(eks->keys));
487
		if (!memcmp(eks->cmac, cmac, SE_KEY_128_SIZE))
488
			return 1;
489
*/
490

491
		se_aes_crypt_ecb(13, DECRYPT, tsec_keys.tsec, cmac_keyseed, SE_KEY_128_SIZE);
492
		se_aes_unwrap_key(11, 13, cmac_keyseed);
493

494
		// Decrypt eks and set keyslots.
495
		se_aes_crypt_ctr(13, &eks->keys, &eks->keys, sizeof(eks_keys_t), eks->ctr);
496
		se_aes_key_set(11, eks->keys.package1_key,   SE_KEY_128_SIZE);
497
		se_aes_key_set(12, eks->keys.master_kekseed, SE_KEY_128_SIZE);
498
		se_aes_key_set(13, eks->keys.master_kekseed, SE_KEY_128_SIZE);
499

500
		se_aes_crypt_ecb(12, DECRYPT, tsec_keys.tsec, master_keyseed_retail, SE_KEY_128_SIZE);
501

502
		if (!is_exo)
503
		{
504
			switch (mkey)
505
			{
506
			case HOS_MKEY_VER_100:
507
			case HOS_MKEY_VER_300:
508
			case HOS_MKEY_VER_301:
509
				se_aes_unwrap_key(13, 15, console_keyseed);
510
				se_aes_unwrap_key(12, 12, master_keyseed_retail);
511
				break;
512
			case HOS_MKEY_VER_400:
513
				se_aes_unwrap_key(13, 15, console_keyseed_4xx);
514
				se_aes_unwrap_key(15, 15, console_keyseed);
515
				se_aes_unwrap_key(14, 12, master_keyseed_4xx);
516
				se_aes_unwrap_key(12, 12, master_keyseed_retail);
517
				sbk_is_set = false;
518
				break;
519
			case HOS_MKEY_VER_500:
520
			case HOS_MKEY_VER_600:
521
				se_aes_unwrap_key(10, 15, console_keyseed_4xx);
522
				se_aes_unwrap_key(15, 15, console_keyseed);
523
				se_aes_unwrap_key(14, 12, master_keyseed_4xx);
524
				se_aes_unwrap_key(12, 12, master_keyseed_retail);
525
				sbk_is_set = false;
526
				break;
527
			}
528
		}
529
		else // Exosphere 2.
530
		{
531
			se_aes_unwrap_key(10, 15, console_keyseed_4xx);
532
			se_aes_unwrap_key(15, 15, console_keyseed);
533
			se_aes_unwrap_key(13, 12, master_keyseed_retail);
534
			se_aes_unwrap_key(12, 12, master_keyseed_4xx);
535
		}
536

537
		// Package2 key.
538
		se_key_acc_ctrl(8, SE_KEY_TBL_DIS_KEYREAD_FLAG | SE_KEY_TBL_DIS_OIVREAD_FLAG | SE_KEY_TBL_DIS_UIVREAD_FLAG);
539
		se_aes_unwrap_key(8, !is_exo ? 12 : 13, package2_keyseed);
540
	}
541

542
	return 0;
543
}
544

545
static int _read_emmc_pkg1(launch_ctxt_t *ctxt)
546
{
547
	const u32 pk1_offset = h_cfg.t210b01 ? sizeof(bl_hdr_t210b01_t) : 0; // Skip T210B01 OEM header.
548
	u32 bootloader_offset = PKG1_BOOTLOADER_MAIN_OFFSET;
549
	ctxt->pkg1 = (void *)malloc(PKG1_BOOTLOADER_SIZE);
550

551
try_load:
552
	// Read package1.
553
	emummc_storage_set_mmc_partition(EMMC_BOOT0);
554
	emummc_storage_read(bootloader_offset, PKG1_BOOTLOADER_SIZE / EMMC_BLOCKSIZE, ctxt->pkg1);
555

556
	ctxt->pkg1_id = pkg1_identify(ctxt->pkg1 + pk1_offset);
557
	if (!ctxt->pkg1_id)
558
	{
559
		// Check if wrong pkg1 was flashed.
560
		bool wrong_pkg1;
561

562
		const u32 pkg1_erista_check = ((bl_hdr_t210b01_t *)ctxt->pkg1)->entrypoint;
563
		const u32 pkg1_mariko_check = *(u32 *)(ctxt->pkg1 + sizeof(pk1_hdr_t) * 2);
564

565
		if (!h_cfg.t210b01) // For Erista check if start is 0 and entrypoint matches Mariko.
566
			wrong_pkg1 = *(u32 *)ctxt->pkg1 == 0 && pkg1_erista_check == PKG1_MARIKO_ON_ERISTA_MAGIC;
567
		else                // For Mariko check if start is not 0 and build id. It works for 8.0.0 Erista pkg1 and up.
568
			wrong_pkg1 = *(u32 *)ctxt->pkg1 != 0 && pkg1_mariko_check == PKG1_ERISTA_ON_MARIKO_MAGIC;
569

570
		if (wrong_pkg1)
571
		{
572
			_hos_crit_error("Wrong pkg1 flashed:");
573
			EPRINTFARGS("%s pkg1 on %s!",
574
				!h_cfg.t210b01 ? "Mariko" : "Erista", !h_cfg.t210b01 ? "Erista" : "Mariko");
575
		}
576
		else
577
		{
578
			_hos_crit_error("Unknown pkg1 version.");
579
			EPRINTFARGS("HOS version not supported!%s",
580
				(emu_cfg.enabled && !h_cfg.emummc_force_disable) ? "\nOr emuMMC corrupt!" : "");
581
		}
582

583
		// Try backup bootloader.
584
		if (bootloader_offset != PKG1_BOOTLOADER_BACKUP_OFFSET)
585
		{
586
			EPRINTF("\nTrying backup bootloader...");
587
			bootloader_offset = PKG1_BOOTLOADER_BACKUP_OFFSET;
588
			goto try_load;
589
		}
590

591
		return 1;
592
	}
593
	gfx_printf("Identified pkg1 and mkey %d\n\n", ctxt->pkg1_id->mkey);
594

595
	// Read the correct eks for older HOS versions.
596
	if (ctxt->pkg1_id->mkey <= HOS_MKEY_VER_600)
597
	{
598
		const u32 eks_size = sizeof(pkg1_eks_t);
599
		ctxt->eks = (pkg1_eks_t *)malloc(eks_size);
600
		emummc_storage_read(PKG1_HOS_EKS_OFFSET + (ctxt->pkg1_id->mkey * eks_size) / EMMC_BLOCKSIZE,
601
							eks_size / EMMC_BLOCKSIZE, ctxt->eks);
602
	}
603

604
	return 0;
605
}
606

607
static u8 *_read_emmc_pkg2(launch_ctxt_t *ctxt)
608
{
609
	u8 *nx_bc = NULL;
610

611
	emummc_storage_set_mmc_partition(EMMC_GPP);
612

613
	// Parse eMMC GPT.
614
	LIST_INIT(gpt);
615
	emmc_gpt_parse(&gpt);
616
DPRINTF("Parsed GPT\n");
617
	// Find package2 partition.
618
	emmc_part_t *pkg2_part = emmc_part_find(&gpt, "BCPKG2-1-Normal-Main");
619
	if (!pkg2_part)
620
		goto out;
621

622
	// Read in package2 header and get package2 real size.
623
	static const u32 PKG2_OFFSET = SZ_16K;
624
	nx_bc = (u8 *)malloc(sizeof(nx_bc_t));
625
	emmc_part_read(pkg2_part, PKG2_OFFSET / EMMC_BLOCKSIZE, 1, nx_bc);
626
	u32 *hdr = (u32 *)(nx_bc + 0x100);
627
	u32 pkg2_size = hdr[0] ^ hdr[2] ^ hdr[3];
628
DPRINTF("pkg2 size on emmc is %08X\n", pkg2_size);
629

630
	// Check that size is valid.
631
	if (!pkg2_size || pkg2_size > SZ_8M)
632
		goto out;
633

634
	// Read in NX Boot Config.
635
	emmc_part_read(pkg2_part, 0, sizeof(nx_bc_t) / EMMC_BLOCKSIZE, nx_bc);
636

637
	// Read in package2.
638
	u32 pkg2_size_aligned = ALIGN(pkg2_size, EMMC_BLOCKSIZE);
639
DPRINTF("pkg2 size aligned is %08X\n", pkg2_size_aligned);
640
	ctxt->pkg2 = malloc(pkg2_size_aligned);
641
	ctxt->pkg2_size = pkg2_size;
642
	emmc_part_read(pkg2_part, PKG2_OFFSET / EMMC_BLOCKSIZE, pkg2_size_aligned / EMMC_BLOCKSIZE, ctxt->pkg2);
643
out:
644
	emmc_gpt_free(&gpt);
645

646
	return nx_bc;
647
}
648

649
static void _free_launch_components(launch_ctxt_t *ctxt)
650
{
651
	// Free the malloc'ed guaranteed addresses.
652
	free(ctxt->pkg3);
653
	free(ctxt->eks);
654
	free(ctxt->pkg1);
655
	free(ctxt->pkg2);
656
	free(ctxt->warmboot);
657
	free(ctxt->kip1_patches);
658
}
659

660
static bool _get_fs_exfat_compatible(link_t *info, u32 *hos_revision)
661
{
662
	u32 fs_ids_cnt;
663
	u32 sha_buf[32 / sizeof(u32)];
664
	kip1_id_t *kip_ids;
665

666
	LIST_FOREACH_ENTRY(pkg2_kip1_info_t, ki, info, link)
667
	{
668
		if (strcmp((char *)ki->kip1->name, "FS"))
669
			continue;
670

671
		if (se_sha_hash_256_oneshot(sha_buf, ki->kip1, ki->size))
672
			break;
673

674
		pkg2_get_ids(&kip_ids, &fs_ids_cnt);
675

676
		for (int fs_idx = fs_ids_cnt - 1; fs_idx >= 0; fs_idx--)
677
		{
678
			if (!memcmp(sha_buf, kip_ids[fs_idx].hash, 8))
679
			{
680
				// HOS Api special handling.
681
				if ((fs_idx & ~1) == 16)      // Check if it's 5.1.0.
682
					*hos_revision = 1;
683
				else if ((fs_idx & ~1) == 34) // Check if it's 10.2.0.
684
					*hos_revision = 2;
685

686
				// Check if FAT32-only.
687
				if (!(fs_idx & 1))
688
					return false;
689

690
				// FS is FAT32 + exFAT.
691
				break;
692
			}
693
		}
694

695
		break;
696
	}
697

698
	// FAT32 + exFAT or unknown FS version.
699
	return true;
700
}
701

702
void hos_launch(ini_sec_t *cfg)
703
{
704
	u8 mkey;
705
	u32 secmon_base;
706
	u32 warmboot_base;
707
	bool is_exo = false;
708
	launch_ctxt_t ctxt = {0};
709
	tsec_ctxt_t tsec_ctxt = {0};
710

711
	minerva_change_freq(FREQ_1600);
712
	list_init(&ctxt.kip1_list);
713

714
	ctxt.cfg = cfg;
715

716
	if (!gfx_con.mute)
717
		gfx_clear_grey(0x1B);
718
	gfx_con_setpos(0, 0);
719

720
	gfx_puts("Initializing...\n\n");
721

722
	// Initialize eMMC/emuMMC.
723
	int res = emummc_storage_init_mmc();
724
	if (res)
725
	{
726
		_hos_crit_error(res == 2 ? "Failed to init eMMC." : "Failed to init emuMMC.");
727

728
		goto error;
729
	}
730

731
	// Check if SD Card is GPT.
732
	if (sd_is_gpt())
733
	{
734
		_hos_crit_error("SD has GPT only! Run Fix Hybrid MBR!");
735
		goto error;
736
	}
737

738
	// Try to parse config if present.
739
	if (hos_parse_boot_config(&ctxt))
740
	{
741
		_hos_crit_error("Wrong ini cfg or missing/corrupt files!");
742
		goto error;
743
	}
744

745
	// Read package1 and the correct eks.
746
	if (_read_emmc_pkg1(&ctxt))
747
	{
748
		// Check if stock is enabled and device can boot in OFW.
749
		if (ctxt.stock && (h_cfg.t210b01 || !tools_autorcm_enabled()))
750
		{
751
			emmc_end();
752

753
			WPRINTF("\nRebooting to OFW in 5s...");
754
			msleep(5000);
755

756
			power_set_state(REBOOT_BYPASS_FUSES);
757
		}
758
		goto error;
759
	}
760

761
	mkey = ctxt.pkg1_id->mkey;
762

763
	bool emummc_enabled = emu_cfg.enabled && !h_cfg.emummc_force_disable;
764

765
	// Enable emummc patching.
766
	if (emummc_enabled)
767
	{
768
		if (ctxt.stock)
769
		{
770
			_hos_crit_error("Stock emuMMC is not supported yet!");
771
			goto error;
772
		}
773

774
		ctxt.patch_krn_proc_id = true; // Set kernel process id patching in case of no pkg3.
775
		hos_config_kip1patch(&ctxt, "emummc");
776
	}
777
	else if (!emu_cfg.enabled && ctxt.emummc_forced)
778
	{
779
		_hos_crit_error("emuMMC is forced but not enabled!");
780
		goto error;
781
	}
782

783
	// If Auto NOGC is enabled, check if burnt fuses lower than installed HOS fuses and apply NOGC patch.
784
	// For emuMMC, unconditionally enable NOGC when burnt fuses are higher than installed HOS fuses.
785
	// Disable Auto NOGC in stock to prevent black screen (fatal error). Use kip1patch=nogc to force it.
786
	if (!ctxt.stock)
787
	{
788
		u32 fuses = fuse_read_odm(7);
789
		if ((h_cfg.autonogc && // Prevent GC fuse burning (sysMMC and emuMMC).
790
			  (
791
				(!(fuses &    ~0xF) && (ctxt.pkg1_id->fuses >=  5)) || // LAFW v2,  4.0.0+
792
				(!(fuses &  ~0x3FF) && (ctxt.pkg1_id->fuses >= 11)) || // LAFW v3,  9.0.0+
793
				(!(fuses & ~0x1FFF) && (ctxt.pkg1_id->fuses >= 14)) || // LAFW v4, 11.0.0+
794
				// Detection broken! Use kip1patch=nogc                // LAFW v5, 12.0.0+
795
				(!(fuses & ~0x3FFF) && (ctxt.pkg1_id->fuses >= 15))    // LAFW v5, 12.0.2+
796
			  )
797
			)
798
		|| ((emummc_enabled) && // Force NOGC if already burnt (only emuMMC).
799
			  (
800
				((fuses & BIT(10)) && (ctxt.pkg1_id->fuses <= 10)) || // HOS  9.0.0+ fuses burnt.
801
				((fuses & BIT(13)) && (ctxt.pkg1_id->fuses <= 13)) || // HOS 11.0.0+ fuses burnt.
802
				// Detection broken! Use kip1patch=nogc               // HOS 12.0.0+
803
				((fuses & BIT(14)) && (ctxt.pkg1_id->fuses <= 14))    // HOS 12.0.2+ fuses burnt.
804
			  )
805
			))
806
			hos_config_kip1patch(&ctxt, "nogc");
807
	}
808

809
	gfx_printf("Loaded config and pkg1\n%s mode\n", ctxt.stock ? "Stock" : "CFW");
810

811
	// Check if secmon is exosphere.
812
	if (ctxt.secmon)
813
		is_exo = !memcmp((void *)((u8 *)ctxt.secmon + ctxt.secmon_size - 4), "LENY", 4);
814

815
	// Get secmon and warmboot bases.
816
	const pkg1_id_t *pk1_latest = pkg1_get_latest();
817
	secmon_base   = is_exo ? pk1_latest->secmon_base   : ctxt.pkg1_id->secmon_base;
818
	warmboot_base = is_exo ? pk1_latest->warmboot_base : ctxt.pkg1_id->warmboot_base;
819

820
	// Set package1 and tsec fw offsets.
821
	tsec_ctxt.fw        = (u8 *)ctxt.pkg1 + ctxt.pkg1_id->tsec_off;
822
	tsec_ctxt.pkg1      = ctxt.pkg1;
823
	tsec_ctxt.pkg11_off = ctxt.pkg1_id->pkg11_off;
824

825
	// Generate keys.
826
	if (_hos_keygen(ctxt.eks, mkey, &tsec_ctxt, ctxt.stock, is_exo))
827
		goto error;
828
	gfx_puts("Generated keys\n");
829

830
	// Decrypt and unpack package1 if we require parts of it.
831
	if (!ctxt.warmboot || !ctxt.secmon)
832
	{
833
		// Decrypt PK1 or PK11.
834
		if (mkey <= HOS_MKEY_VER_600 || h_cfg.t210b01)
835
		{
836
			if (!pkg1_decrypt(ctxt.pkg1_id, ctxt.pkg1))
837
			{
838
				_hos_crit_error("Pkg1 decryption failed!");
839

840
				// Check if T210B01 BEK is missing or wrong.
841
				if (h_cfg.t210b01)
842
				{
843
					u32 bek_vector[4] = {0};
844
					se_aes_crypt_ecb(13, ENCRYPT, bek_vector, bek_vector, SE_KEY_128_SIZE);
845
					if (bek_vector[0] == 0x59C14895) // Encrypted zeroes first 32bits.
846
						EPRINTF("Pkg1 corrupt?");
847
					else
848
						EPRINTF("BEK is missing!");
849
				}
850
				goto error;
851
			}
852
		}
853

854
		// Unpack PK11.
855
		if (h_cfg.t210b01 || (mkey <= HOS_MKEY_VER_620 && !emummc_enabled))
856
		{
857
			// Skip T210B01 OEM header.
858
			u32 pk1_offset = 0;
859
			if (h_cfg.t210b01)
860
				pk1_offset = sizeof(bl_hdr_t210b01_t);
861

862
			pkg1_unpack((void *)warmboot_base, &ctxt.warmboot_size,
863
				!is_exo ? (void *)ctxt.pkg1_id->secmon_base : NULL, NULL,
864
				ctxt.pkg1_id, ctxt.pkg1 + pk1_offset);
865

866
			gfx_puts("Decrypted & unpacked pkg1\n");
867
		}
868
		else
869
		{
870
			_hos_crit_error("No mandatory pkg1 files provided!");
871
			goto error;
872
		}
873
	}
874

875
	// Configure and manage Warmboot binary.
876
	if (pkg1_warmboot_config(&ctxt, warmboot_base, ctxt.pkg1_id->fuses, mkey))
877
	{
878
		// Can only happen on T210B01.
879
		_hos_crit_error("\nFailed to match warmboot with fuses!\nIf you continue, sleep wont work!");
880

881
		gfx_puts("\nPress POWER to continue.\nPress VOL to go to the menu.\n");
882
		display_backlight_brightness(h_cfg.backlight, 1000);
883

884
		if (!(btn_wait() & BTN_POWER))
885
			goto error;
886
	}
887

888
	// Replace 'warmboot.bin' if requested.
889
	if (ctxt.warmboot)
890
		memcpy((void *)warmboot_base, ctxt.warmboot, ctxt.warmboot_size);
891
	else if (!h_cfg.t210b01)
892
	{
893
		// Patch warmboot on T210 to allow downgrading.
894
		if (mkey >= HOS_MKEY_VER_700)
895
		{
896
			_hos_crit_error("No warmboot provided!");
897
			goto error;
898
		}
899

900
		pkg1_warmboot_patch((void *)&ctxt);
901
	}
902

903
	// Replace 'SecureMonitor' if requested or patch Pkg2 checks if needed.
904
	if (ctxt.secmon)
905
		memcpy((void *)secmon_base, ctxt.secmon, ctxt.secmon_size);
906
	else
907
		pkg1_secmon_patch((void *)&ctxt, secmon_base, h_cfg.t210b01);
908

909
	gfx_puts("Loaded warmboot and secmon\n");
910

911
	// Read package2.
912
	u8 *pkg2_nx_bc = _read_emmc_pkg2(&ctxt);
913
	if (!pkg2_nx_bc)
914
	{
915
		_hos_crit_error("Pkg2 read failed!");
916
		goto error;
917
	}
918

919
	gfx_puts("Read pkg2\n");
920

921
	// Decrypt package2 and parse KIP1 blobs in INI1 section.
922
	pkg2_hdr_t *pkg2_hdr = pkg2_decrypt(ctxt.pkg2, mkey, is_exo);
923
	if (!pkg2_hdr)
924
	{
925
		_hos_crit_error("Pkg2 decryption failed!\npkg1/pkg2 mismatch or old hekate!");
926

927
		// Clear EKS slot, in case something went wrong with tsec keygen.
928
		_hos_eks_clear(mkey);
929
		goto error;
930
	}
931

932
	LIST_INIT(kip1_info);
933
	if (pkg2_parse_kips(&kip1_info, pkg2_hdr, &ctxt.new_pkg2))
934
	{
935
		_hos_crit_error("INI1 parsing failed!");
936
		goto error;
937
	}
938

939
	gfx_puts("Parsed ini1\n");
940

941
	// Use the kernel included in package2 in case we didn't load one already.
942
	if (!ctxt.kernel)
943
	{
944
		ctxt.kernel = pkg2_hdr->data;
945
		ctxt.kernel_size = pkg2_hdr->sec_size[PKG2_SEC_KERNEL];
946

947
		if (!ctxt.stock && (ctxt.svcperm || ctxt.debugmode || ctxt.patch_krn_proc_id))
948
		{
949
			// Hash only Kernel when it embeds INI1.
950
			u8 kernel_hash[0x20];
951
			if (!ctxt.new_pkg2)
952
				se_sha_hash_256_oneshot(kernel_hash, ctxt.kernel, ctxt.kernel_size);
953
			else
954
				se_sha_hash_256_oneshot(kernel_hash, ctxt.kernel + PKG2_NEWKERN_START,
955
					pkg2_newkern_ini1_start - PKG2_NEWKERN_START);
956

957
			ctxt.pkg2_kernel_id = pkg2_identify(kernel_hash);
958
			if (!ctxt.pkg2_kernel_id)
959
			{
960
				_hos_crit_error("Failed to identify kernel!");
961

962
				goto error;
963
			}
964

965
			// In case a kernel patch option is set; allows to disable SVC verification or/and enable debug mode.
966
			const kernel_patch_t *kernel_patchset = ctxt.pkg2_kernel_id->kernel_patchset;
967
			if (kernel_patchset != NULL)
968
			{
969
				gfx_printf("%kPatching kernel%k\n", TXT_CLR_ORANGE, TXT_CLR_DEFAULT);
970
				u32 *temp;
971
				for (u32 i = 0; kernel_patchset[i].id != 0xFFFFFFFF; i++)
972
				{
973
					if ((ctxt.svcperm && kernel_patchset[i].id == SVC_VERIFY_DS)
974
					|| (ctxt.debugmode && kernel_patchset[i].id == DEBUG_MODE_EN && !(ctxt.patch_krn_proc_id && ctxt.secmon))
975
					|| (ctxt.patch_krn_proc_id && kernel_patchset[i].id == ATM_GEN_PATCH))
976
						*(vu32 *)(ctxt.kernel + kernel_patchset[i].off) = kernel_patchset[i].val;
977
					else if (ctxt.patch_krn_proc_id && kernel_patchset[i].id == ATM_ARR_PATCH)
978
					{
979
						temp = (u32 *)kernel_patchset[i].ptr;
980
						for (u32 j = 0; j < kernel_patchset[i].val; j++)
981
							*(vu32 *)(ctxt.kernel + kernel_patchset[i].off + (j << 2)) = temp[j];
982
					}
983
					else if (kernel_patchset[i].id < SVC_VERIFY_DS)
984
						*(vu32 *)(ctxt.kernel + kernel_patchset[i].off) = kernel_patchset[i].val;
985
				}
986
			}
987
		}
988
	}
989

990
	// Merge extra KIP1s into loaded ones.
991
	LIST_FOREACH_ENTRY(merge_kip_t, mki, &ctxt.kip1_list, link)
992
		pkg2_merge_kip(&kip1_info, (pkg2_kip1_t *)mki->kip1);
993

994
	// Check if FS is compatible with exFAT and if 5.1.0 or 10.2.0.
995
	if (!ctxt.stock && (sd_fs.fs_type == FS_EXFAT || mkey == HOS_MKEY_VER_500 || ctxt.pkg1_id->fuses == 13))
996
	{
997
		bool exfat_compat = _get_fs_exfat_compatible(&kip1_info, &ctxt.exo_ctx.hos_revision);
998

999
		if (sd_fs.fs_type == FS_EXFAT && !exfat_compat)
1000
		{
1001
			_hos_crit_error("SD Card is exFAT but installed HOS driver\nonly supports FAT32!");
1002

1003
			goto error;
1004
		}
1005
	}
1006

1007
	// Patch kip1s in memory if needed.
1008
	const char *failed_patch = pkg2_patch_kips(&kip1_info, ctxt.kip1_patches);
1009
	if (failed_patch != NULL)
1010
	{
1011
		EHPRINTFARGS("Failed to apply '%s'!", failed_patch);
1012

1013
		bool emu_patch_failed = !strcmp(failed_patch, "emummc");
1014
		if (!emu_patch_failed)
1015
		{
1016
			gfx_puts("\nPress POWER to continue.\nPress VOL to go to the menu.\n");
1017
			display_backlight_brightness(h_cfg.backlight, 1000);
1018
		}
1019

1020
		if (emu_patch_failed || !(btn_wait() & BTN_POWER))
1021
			goto error; // MUST stop here, because if user requests 'nogc' but it's not applied, their GC controller gets updated!
1022
	}
1023

1024
	// Rebuild and encrypt package2.
1025
	pkg2_build_encrypt((void *)PKG2_LOAD_ADDR, &ctxt, &kip1_info, is_exo);
1026

1027
	// Configure Exosphere if secmon is replaced.
1028
	if (is_exo)
1029
		config_exosphere(&ctxt, warmboot_base);
1030

1031
	// Unmount SD card and eMMC.
1032
	sd_end();
1033
	emmc_end();
1034

1035
	// Close AHB aperture. Important when stock old secmon is used.
1036
	mc_disable_ahb_redirect();
1037

1038
	gfx_printf("Rebuilt & loaded pkg2\n\n%kBooting...%k\n", TXT_CLR_GREENISH, TXT_CLR_DEFAULT);
1039

1040
	// Clear pkg1/pkg2 keys.
1041
	se_aes_key_clear(8);
1042
	se_aes_key_clear(11);
1043

1044
	// Clear derived master key in case of Erista and 7.0.0+
1045
	se_aes_key_clear(9);
1046

1047
	// Set secmon mailbox pkg2 ready state.
1048
	u32 pkg1_state_pkg2_ready = PKG1_STATE_PKG2_READY;
1049

1050
	// Finalize per firmware key access. Skip access control if Exosphere 2.
1051
	switch (mkey | (is_exo << 7))
1052
	{
1053
	case HOS_MKEY_VER_100:
1054
	case HOS_MKEY_VER_300:
1055
	case HOS_MKEY_VER_301:
1056
		se_key_acc_ctrl(12, SE_KEY_TBL_DIS_KEY_ACCESS_FLAG | SE_KEY_LOCK_FLAG);
1057
		se_key_acc_ctrl(13, SE_KEY_TBL_DIS_KEY_ACCESS_FLAG | SE_KEY_LOCK_FLAG);
1058
		pkg1_state_pkg2_ready = PKG1_STATE_PKG2_READY_OLD;
1059
		break;
1060
	case HOS_MKEY_VER_400:
1061
	case HOS_MKEY_VER_500:
1062
	case HOS_MKEY_VER_600:
1063
		se_key_acc_ctrl(12, SE_KEY_TBL_DIS_KEY_ACCESS_FLAG | SE_KEY_LOCK_FLAG);
1064
		se_key_acc_ctrl(15, SE_KEY_TBL_DIS_KEY_ACCESS_FLAG | SE_KEY_LOCK_FLAG);
1065
		break;
1066
	}
1067

1068
	// Finalize MC carveout.
1069
	if (mkey <= HOS_MKEY_VER_301 && !is_exo)
1070
		mc_config_carveout_hos();
1071

1072
	// Lock SE before starting secmon if < 6.2.0, otherwise lock bootrom and ipatches.
1073
	_se_lock(mkey <= HOS_MKEY_VER_600 && !is_exo);
1074

1075
	// Reset sysctr0 counters. Mandatory for 6.2.0 and up.
1076
	for (u32 i = 0; i < SYSCTR0_COUNTERS; i++)
1077
		SYSCTR0(SYSCTR0_COUNTERS_BASE + i * sizeof(u32)) = 0;
1078

1079
	// NX Bootloader locks LP0 Carveout secure scratch registers.
1080
	//pmc_scratch_lock(PMC_SEC_LOCK_LP0_PARAMS);
1081

1082
	// Copy the read NX BC to the correct address.
1083
	nx_bc_t *nxbc = (mkey >= HOS_MKEY_VER_600 || is_exo) ?
1084
					(nx_bc_t *)NX_BC6_ADDR :
1085
					(nx_bc_t *)NX_BC1_ADDR;
1086
	memcpy(nxbc, pkg2_nx_bc, sizeof(nx_bc_t)); // NX bootloader copies 4KB.
1087

1088
	// Set NX BIT mailbox address and clear it.
1089
	nx_bit_t *nxbit = (mkey >= HOS_MKEY_VER_700 || is_exo) ?
1090
					  (nx_bit_t *)NX_BIT7_MAILBOX_ADDR :
1091
					  (nx_bit_t *)NX_BIT1_MAILBOX_ADDR;
1092
	memset(nxbit, 0, sizeof(nx_bit_t));
1093

1094
	// Set used NX BIT parameters.
1095
	nxbit->bl_attribute = 0;
1096
	nxbit->boot_type    = BIT_BOOT_TYPE_COLD;
1097

1098
	// Start directly from PKG2 ready signal and reset secmon state.
1099
	nxbit->secldr_state = pkg1_state_pkg2_ready;
1100
	nxbit->secmon_state = SECMON_STATE_NOT_READY;
1101

1102
	// Disable display.
1103
	display_end();
1104
	clock_disable_host1x();
1105

1106
	// Override uCID if set.
1107
	EMC(EMC_SCRATCH0) = ctxt.ucid;
1108

1109
	// Hold USBD, USB2, AHBDMA and APBDMA in reset for SoC state validation on sleep.
1110
	CLOCK(CLK_RST_CONTROLLER_RST_DEV_L_SET) = BIT(CLK_L_USBD);
1111
	CLOCK(CLK_RST_CONTROLLER_RST_DEV_H_SET) = BIT(CLK_H_AHBDMA) | BIT(CLK_H_APBDMA) | BIT(CLK_H_USB2);
1112

1113
	// Reset arbiter.
1114
	hw_config_arbiter(true);
1115

1116
	// Scale down RAM OC if enabled.
1117
	minerva_prep_boot_hos();
1118

1119
	// Flush cache and disable MMU.
1120
	bpmp_mmu_disable();
1121
	bpmp_clk_rate_set(BPMP_CLK_NORMAL);
1122

1123
	// Launch secmon.
1124
	ccplex_boot_cpu0(secmon_base, true);
1125

1126
	// Halt ourselves in wait-event state.
1127
	while (true)
1128
		bpmp_halt();
1129

1130
error:
1131
	_free_launch_components(&ctxt);
1132
	emmc_end();
1133

1134
	EPRINTF("\nFailed to launch HOS!");
1135
}
1136

1137
Product

Resources

Company
