Start rewrite

- Rewrite everything - Starting with up-to-date lockpickrcm
2019-11-21 16:02:45 +01:00
parent e8ddc9cf2f
commit ff062a232b
95 changed files with 7043 additions and 1844 deletions
--- a/source/hos/pkg1.c
+++ b/source/hos/pkg1.c
@@ -22,20 +22,25 @@
 #include "pkg1.h"
 #include "../sec/se.h"

+#define HASH_ORDER_100_100 {2, 3, 4, 0, 5, 6, 1}
+#define HASH_ORDER_200_510 {2, 3, 4, 0, 5, 7, 10, 12, 11, 6, 8, 1}
+#define HASH_ORDER_600_620 {6, 5, 10, 7, 8, 2, 3, 4, 0, 12, 11, 1}
+#define HASH_ORDER_700_9xx {6, 5, 10, 7, 8, 2, 3, 4, 0, 12, 11, 9, 1}
+
 static const pkg1_id_t _pkg1_ids[] = {
-	{ "20161121183008", 0 }, //1.0.0
-	{ "20170210155124", 0 }, //2.0.0 - 2.3.0
-	{ "20170519101410", 1 }, //3.0.0
-	{ "20170710161758", 2 }, //3.0.1 - 3.0.2
-	{ "20170921172629", 3 }, //4.0.0 - 4.1.0
-	{ "20180220163747", 4 }, //5.0.0 - 5.1.0
-	{ "20180802162753", 5 }, //6.0.0 - 6.1.0
-	{ "20181107105733", 6 }, //6.2.0
-	{ "20181218175730", 7 }, //7.0.0
-	{ "20190208150037", 7 }, //7.0.1
-	{ "20190314172056", 7 }, //8.0.0
-	{ "20190531152432", 8 }, //8.1.0
-	{ "20190809135709", 9 }, //9.0.0
+	{ "20161121183008", 0, {0x1b517, 0x125bc2, 1, 16,  6, HASH_ORDER_100_100,      0, 0x449dc} }, //1.0.0
+	{ "20170210155124", 0, {0x1d226,   0x26fe, 0, 16, 11, HASH_ORDER_200_510, 0x557b, 0x3d41a} }, //2.0.0 - 2.3.0
+	{ "20170519101410", 1, {0x1ffa6,   0x298b, 0, 16, 11, HASH_ORDER_200_510, 0x552d, 0x3cb81} }, //3.0.0
+	{ "20170710161758", 2, {0x20026,   0x29ab, 0, 16, 11, HASH_ORDER_200_510, 0x552d, 0x3cb81} }, //3.0.1 - 3.0.2
+	{ "20170921172629", 3, {0x1c64c,   0x37eb, 0, 16, 11, HASH_ORDER_200_510, 0x5382, 0x3711c} }, //4.0.0 - 4.1.0
+	{ "20180220163747", 4, {0x1f3b4,   0x465b, 0, 16, 11, HASH_ORDER_200_510, 0x5a63, 0x37901} }, //5.0.0 - 5.1.0
+	{ "20180802162753", 5, {0x27350,  0x17ff5, 1,  8, 11, HASH_ORDER_600_620, 0x5674, 0x1d5be} }, //6.0.0 - 6.1.0
+	{ "20181107105733", 6, {0x27350,  0x17ff5, 1,  8, 11, HASH_ORDER_600_620, 0x5674, 0x1d5be} }, //6.2.0
+	{ "20181218175730", 7, {0x29c50,   0x6a73, 0,  8, 12, HASH_ORDER_700_9xx, 0x5563, 0x1d437} }, //7.0.0
+	{ "20190208150037", 7, {0x29c50,   0x6a73, 0,  8, 12, HASH_ORDER_700_9xx, 0x5563, 0x1d437} }, //7.0.1
+	{ "20190314172056", 7, {0x29c50,   0x6a73, 0,  8, 12, HASH_ORDER_700_9xx, 0x5563, 0x1d437} }, //8.0.0 - 8.0.1
+	{ "20190531152432", 8, {0x29c50,   0x6a73, 0,  8, 12, HASH_ORDER_700_9xx, 0x5563, 0x1d437} }, //8.1.0
+	{ "20190809135709", 9, {0x2ec10,   0x5573, 0,  1, 12, HASH_ORDER_700_9xx, 0x6495, 0x1d807} }, //9.0.0 - 9.0.1
 	{ NULL } //End.
 };

--- a/source/hos/pkg1.h
+++ b/source/hos/pkg1.h
@@ -19,10 +19,23 @@

 #include "../utils/types.h"

+typedef struct _key_info_t
+{
+	u32 start_offset;
+	u32 hks_offset;
+	bool hks_offset_is_from_end;
+	u32 alignment;
+	u32 hash_max;
+	u8 hash_order[13];
+	u32 es_offset;
+	u32 ssl_offset;
+} key_info_t;
+
 typedef struct _pkg1_id_t
 {
 	const char *id;
 	u32 kb;
+	key_info_t key_info;
 } pkg1_id_t;

 const pkg1_id_t *pkg1_identify(u8 *pkg1);
--- a/source/hos/pkg2.c
+++ b/source/hos/pkg2.c
@@ -39,14 +39,25 @@ static u32 _pkg2_calc_kip1_size(pkg2_kip1_t *kip1)
 	return size;
 }

-void pkg2_parse_kips(link_t *info, pkg2_hdr_t *pkg2)
+void pkg2_get_newkern_info(u8 *kern_data)
+{
+	u32 info_op = *(u32 *)(kern_data + PKG2_NEWKERN_GET_INI1);
+	pkg2_newkern_ini1_val = ((info_op & 0xFFFF) >> 3) + PKG2_NEWKERN_GET_INI1; // Parse ADR and PC.
+
+	pkg2_newkern_ini1_start = *(u32 *)(kern_data + pkg2_newkern_ini1_val);
+	pkg2_newkern_ini1_end   = *(u32 *)(kern_data + pkg2_newkern_ini1_val + 0x8);
+}
+
+void pkg2_parse_kips(link_t *info, pkg2_hdr_t *pkg2, bool *new_pkg2)
 {
 	u8 *ptr;
 	// Check for new pkg2 type.
 	if (!pkg2->sec_size[PKG2_SEC_INI1])
 	{
-		u32 kernel_ini1_off = *(u32 *)(pkg2->data + PKG2_NEWKERN_INI1_START);
-		ptr = pkg2->data + kernel_ini1_off;
+		pkg2_get_newkern_info(pkg2->data);
+
+		ptr = pkg2->data + pkg2_newkern_ini1_start;
+		*new_pkg2 = true;
 	}
 	else
 		ptr = pkg2->data + pkg2->sec_size[PKG2_SEC_KERNEL];
@@ -74,19 +85,19 @@ int pkg2_decompress_kip(pkg2_kip1_info_t* ki, u32 sectsToDecomp)

 	pkg2_kip1_t hdr;
 	memcpy(&hdr, ki->kip1, sizeof(hdr));
-	
+
 	unsigned int newKipSize = sizeof(hdr);
 	for (u32 sectIdx = 0; sectIdx < KIP1_NUM_SECTIONS; sectIdx++)
 	{
 		u32 sectCompBit = 1u << sectIdx;
 		// For compressed, cant get actual decompressed size without doing it, so use safe "output size".
-		if (sectIdx < 3 && (sectsToDecomp & sectCompBit) && (hdr.flags & sectCompBit)) 
+		if (sectIdx < 3 && (sectsToDecomp & sectCompBit) && (hdr.flags & sectCompBit))
 			newKipSize += hdr.sections[sectIdx].size_decomp;
 		else
 			newKipSize += hdr.sections[sectIdx].size_comp;
 	}

-	pkg2_kip1_t* newKip = malloc(newKipSize);	
+	pkg2_kip1_t* newKip = malloc(newKipSize);
 	unsigned char* dstDataPtr = newKip->data;
 	const unsigned char* srcDataPtr = ki->kip1->data;
 	for (u32 sectIdx = 0; sectIdx < KIP1_NUM_SECTIONS; sectIdx++)
@@ -110,7 +121,7 @@ int pkg2_decompress_kip(pkg2_kip1_info_t* ki, u32 sectsToDecomp)
 		//gfx_printf("Decomping %s KIP1 sect %d of size %d...\n", (const char*)hdr.name, sectIdx, compSize);
 		if (blz_uncompress_srcdest(srcDataPtr, compSize, dstDataPtr, outputSize) == 0)
 		{
-			gfx_printf("%kERROR decomping sect %d of %s KIP!%k\n", 0xFFFF0000, sectIdx, (char*)hdr.name, 0xFFCCCCCC);			
+			gfx_printf("%kERROR decomping sect %d of %s KIP!%k\n", 0xFFFF0000, sectIdx, (char*)hdr.name, 0xFFCCCCCC);
 			free(newKip);

 			return 1;
@@ -128,7 +139,6 @@ int pkg2_decompress_kip(pkg2_kip1_info_t* ki, u32 sectsToDecomp)
 	memcpy(newKip, &hdr, sizeof(hdr));
 	newKipSize = dstDataPtr-(unsigned char*)(newKip);

-	free(ki->kip1);
 	ki->kip1 = newKip;
 	ki->size = newKipSize;

@@ -138,7 +148,7 @@ int pkg2_decompress_kip(pkg2_kip1_info_t* ki, u32 sectsToDecomp)
 pkg2_hdr_t *pkg2_decrypt(void *data)
 {
 	u8 *pdata = (u8 *)data;
-	
+
 	// Skip signature.
 	pdata += 0x100;

--- a/source/hos/pkg2.h
+++ b/source/hos/pkg2.h
@@ -26,7 +26,11 @@
 #define PKG2_SEC_KERNEL 0
 #define PKG2_SEC_INI1 1

-#define PKG2_NEWKERN_INI1_START 0x168
+#define PKG2_NEWKERN_GET_INI1 0x44
+
+u32 pkg2_newkern_ini1_val;
+u32 pkg2_newkern_ini1_start;
+u32 pkg2_newkern_ini1_end;

 typedef struct _pkg2_hdr_t
 {
@@ -83,7 +87,7 @@ typedef struct _pkg2_kip1_info_t
 	link_t link;
 } pkg2_kip1_info_t;

-void pkg2_parse_kips(link_t *info, pkg2_hdr_t *pkg2);
+void pkg2_parse_kips(link_t *info, pkg2_hdr_t *pkg2, bool *new_pkg2);
 int pkg2_decompress_kip(pkg2_kip1_info_t* ki, u32 sectsToDecomp);
 pkg2_hdr_t *pkg2_decrypt(void *data);

--- a/source/hos/sept.c
+++ b/source/hos/sept.c
@@ -20,6 +20,7 @@
 #include "../gfx/di.h"
 #include "../libs/fatfs/ff.h"
 #include "../mem/heap.h"
+#include "../soc/hw_init.h"
 #include "../soc/pmc.h"
 #include "../soc/t210.h"
 #include "../storage/nx_emmc.h"
@@ -38,7 +39,7 @@ u8 warmboot_reboot[] = {
 	0x14, 0x00, 0x9F, 0xE5, // LDR R0, =0x7000E450
 	0x01, 0x10, 0xB0, 0xE3, // MOVS R1, #1
 	0x00, 0x10, 0x80, 0xE5, // STR R1, [R0]
-	0x0C, 0x00, 0x9F, 0xE5, // LDR R0, =0x7000E400 
+	0x0C, 0x00, 0x9F, 0xE5, // LDR R0, =0x7000E400
 	0x10, 0x10, 0xB0, 0xE3, // MOVS R1, #0x10
 	0x00, 0x10, 0x80, 0xE5, // STR R1, [R0]
 	0xFE, 0xFF, 0xFF, 0xEA, // LOOP
@@ -55,6 +56,7 @@ u8 warmboot_reboot[] = {
 #define SEPT_STG2_ADDR  (SEPT_PK1T_ADDR + 0x60E0)
 #define SEPT_PKG_SZ     (0x2F100 + WB_RST_SIZE)

+extern u32 color_idx;
 extern boot_cfg_t b_cfg;
 extern void sd_unmount();
 extern void reloc_patcher(u32 payload_dst, u32 payload_src, u32 payload_size);
@@ -80,10 +82,17 @@ int reboot_to_sept(const u8 *tsec_fw, const u32 tsec_size, const u32 kb)
 	f_close(&fp);

 	// Copy sept-secondary.
-	if ((kb == 7) && f_open(&fp, "sd:/sept/sept-secondary.enc", FA_READ) && f_open(&fp, "sd:/sept/sept-secondary_00.enc", FA_READ))
-		goto error;
-	else if ((kb == 8) && f_open(&fp, "sd:/sept/sept-secondary_01.enc", FA_READ))
-		goto error;
+	if (kb < KB_FIRMWARE_VERSION_810)
+	{
+		if (f_open(&fp, "sd:/sept/sept-secondary_00.enc", FA_READ))
+			if (f_open(&fp, "sd:/sept/sept-secondary.enc", FA_READ)) // Try the deprecated version.
+				goto error;
+	}
+	else
+	{
+		if (f_open(&fp, "sd:/sept/sept-secondary_01.enc", FA_READ))
+			goto error;
+	}

 	if (f_read(&fp, (u8 *)SEPT_STG2_ADDR, f_size(&fp), NULL))
 	{
@@ -98,8 +107,10 @@ int reboot_to_sept(const u8 *tsec_fw, const u32 tsec_size, const u32 kb)

 	tmp_cfg->boot_cfg |= BOOT_CFG_SEPT_RUN;

-	if (f_open(&fp, "sd:/sept/payload.bin", FA_READ | FA_WRITE))
+	if (f_open(&fp, "sd:/sept/payload.bin", FA_READ | FA_WRITE)) {
+		free(tmp_cfg);
 		goto error;
+	}

 	f_lseek(&fp, PATCHED_RELOC_SZ);
 	f_write(&fp, tmp_cfg, sizeof(boot_cfg_t), NULL);
@@ -107,8 +118,7 @@ int reboot_to_sept(const u8 *tsec_fw, const u32 tsec_size, const u32 kb)
 	f_close(&fp);

 	sd_unmount();
-	gfx_printf("\n%kPress Power or Vol +/-\n%k   to Reboot to Sept...", COLOR_BLUE, COLOR_VIOLET);
-	btn_wait();
+	gfx_printf("\n%kPress Power or Vol +/-\n   to Reboot to Sept...", colors[(color_idx++) % 6]);

 	u32 pk1t_sept = SEPT_PK1T_ADDR - (ALIGN(PATCHED_RELOC_SZ, 0x10) + WB_RST_SIZE);

@@ -123,12 +133,12 @@ int reboot_to_sept(const u8 *tsec_fw, const u32 tsec_size, const u32 kb)
 	PMC(APBDEV_PMC_SCRATCH33) = SEPT_PRI_ADDR;
 	PMC(APBDEV_PMC_SCRATCH40) = 0x6000F208;

-	display_end();
+	reconfig_hw_workaround(false, 0);

 	(*sept)();

 error:
-	EPRINTF("Sept files not found in sd:/sept!\nPlace appropriate files and try again.");
+	EPRINTF("\nSept files not found in sd:/sept!\nPlace appropriate files and try again.");
 	display_backlight_brightness(100, 1000);

 	btn_wait();