ams: replace sept with tsec firmware (#1594)

* ams: replace sept with tsec firmware

This replaces sept with a custom tsec key derivation firmware.

NOTE: This does not use any TSEC exploits whatsoever; it is a well-signed
TSEC binary assembled with envyas and signed with the real cauth key.

For more details, contact SciresM#0524.

* fusee: only set SBK if it's readable

exosphere/loader_stub/source/start.s

@@ -98,8 +98,8 @@ _start:
     ldr x20, =0x7C020000
     mov sp, x20
 
-    /* Call our init array functions. */
-    bl __libc_init_array
+    adr x0, program_lz4
+    adr x1, boot_code_lz4
 
     /* Uncompress the program and iram boot code images. */
-    b _ZN3ams6secmon6loader20UncompressAndExecuteEv
+    b _ZN3ams6secmon6loader20UncompressAndExecuteEPKvS3_