mirrors/Atmosphere
1
0
Fork 0
mirror of https://github.com/Atmosphere-NX/Atmosphere.git synced 2025-05-14 07:04:24 -04:00
Code Issues Projects Releases Packages Wiki Activity

exo2: rename exosphere2 -> exosphere

Browse source
This commit is contained in:
Michael Scire 2020-06-11 01:53:10 -07:00 committed by SciresM
parent 282f8f6612
commit 42f1a3bf60
136 changed files with 15 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

185
exosphere2/program/source/boot/secmon_main.cpp
View file

@ -1,185 +0,0 @@
/*
* Copyright (c) 2018-2020 Atmosphère-NX
*
* This program is free software; you can redistribute it and/or modify it
* under the terms and conditions of the GNU General Public License,
* version 2, as published by the Free Software Foundation.
*
* This program is distributed in the hope it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
* more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include <exosphere.hpp>
#include "secmon_boot.hpp"
#include "secmon_boot_functions.hpp"
#include "../smc/secmon_random_cache.hpp"
#include "../secmon_cache.hpp"
#include "../secmon_cpu_context.hpp"
#include "../secmon_misc.hpp"
#include "../secmon_setup.hpp"
namespace ams::secmon {
namespace {
constexpr inline const uintptr_t Package2LoadAddress = MemoryRegionDramPackage2Payloads.GetAddress();
}
void Main() {
/* Set library register addresses. */
actmon::SetRegisterAddress(MemoryRegionVirtualDeviceActivityMonitor.GetAddress());
clkrst::SetRegisterAddress(MemoryRegionVirtualDeviceClkRst.GetAddress());
flow::SetRegisterAddress(MemoryRegionVirtualDeviceFlowController.GetAddress());
fuse::SetRegisterAddress(MemoryRegionVirtualDeviceFuses.GetAddress());
gic::SetRegisterAddress(MemoryRegionVirtualDeviceGicDistributor.GetAddress(), MemoryRegionVirtualDeviceGicCpuInterface.GetAddress());
i2c::SetRegisterAddress(i2c::Port_1, MemoryRegionVirtualDeviceI2c1.GetAddress());
i2c::SetRegisterAddress(i2c::Port_5, MemoryRegionVirtualDeviceI2c5.GetAddress());
pinmux::SetRegisterAddress(MemoryRegionVirtualDeviceApbMisc.GetAddress(), MemoryRegionVirtualDeviceGpio.GetAddress());
pmc::SetRegisterAddress(MemoryRegionVirtualDevicePmc.GetAddress());
se::SetRegisterAddress(MemoryRegionVirtualDeviceSecurityEngine.GetAddress());
uart::SetRegisterAddress(MemoryRegionVirtualDeviceUart.GetAddress());
wdt::SetRegisterAddress(MemoryRegionVirtualDeviceTimer.GetAddress());
util::SetRegisterAddress(MemoryRegionVirtualDeviceTimer.GetAddress());
/* Get the secure monitor parameters. */
auto &secmon_params = *reinterpret_cast<pkg1::SecureMonitorParameters *>(MemoryRegionVirtualDeviceBootloaderParams.GetAddress());
/* Perform initialization. */
{
/* Perform initial setup. */
/* This checks the security engine's validity, and configures common interrupts in the GIC. */
/* This also initializes the global configuration context. */
secmon::Setup1();
/* Save the boot info. */
secmon::SaveBootInfo(secmon_params);
/* Perform cold-boot specific init. */
secmon::boot::InitializeColdBoot();
/* Setup the SoC security measures. */
secmon::SetupSocSecurity();
/* Setup the Cpu core context. */
secmon::SetupCpuCoreContext();
/* Clear the crt0 code that was present in iram. */
secmon::boot::ClearIram();
/* Alert the bootloader that we're initialized. */
secmon_params.secmon_state = pkg1::SecureMonitorState_Initialized;
}
/* Wait for NX Bootloader to finish loading the BootConfig. */
secmon::boot::WaitForNxBootloader(secmon_params, pkg1::BootloaderState_LoadedBootConfig);
hw::DataSynchronizationBarrierInnerShareable();
/* Load the bootconfig. */
secmon::boot::LoadBootConfig(MemoryRegionPhysicalIramBootConfig.GetPointer());
/* Verify or clear the boot config. */
secmon::boot::VerifyOrClearBootConfig();
/* Get the boot config. */
const auto &bc = secmon::GetBootConfig();
/* Set the tsc value by the boot config. */
{
constexpr u64 TscMask = (static_cast<u64>(1) << 55) - 1;
secmon::boot::EnableTsc(bc.data.GetInitialTscValue() & TscMask);
}
/* Wait for NX Bootloader to initialize DRAM. */
secmon::boot::WaitForNxBootloader(secmon_params, pkg1::BootloaderState_InitializedDram);
/* Secure the PMC and MC. */
secmon::SetupPmcAndMcSecure();
/* Copy warmboot to dram. */
{
/* Define warmboot extents. */
const void * const src = MemoryRegionPhysicalIramWarmbootBin.GetPointer();
void * const dst = MemoryRegionVirtualDramSecureDataStoreWarmbootFirmware.GetPointer();
const size_t size = MemoryRegionPhysicalIramWarmbootBin.GetSize();
/* Ensure we copy the correct data. */
hw::FlushDataCache(src, size);
hw::DataSynchronizationBarrierInnerShareable();
/* Copy warmboot.bin to its secure dram location. */
std::memcpy(dst, src, size);
}
/* Unmap the identity mapping. */
secmon::boot::UnmapPhysicalIdentityMapping();
/* Setup the GPU carveout's magic numbers. */
secmon::boot::WriteGpuCarveoutMagicNumbers();
/* Wait for NX bootloader to load Package2. */
secmon::boot::WaitForNxBootloader(secmon_params, pkg1::BootloaderState_LoadedPackage2);
/* Parse and decrypt the package2 header. */
pkg2::Package2Meta &pkg2_meta = secmon::boot::GetEphemeralPackage2Meta();
const uintptr_t pkg2_payloads_start = MemoryRegionDramPackage2.GetAddress() + sizeof(pkg2::Package2Header);
{
/* Read the encrypred header. */
pkg2::Package2Header encrypted_header;
const auto *dram_header = MemoryRegionDramPackage2.GetPointer<pkg2::Package2Header>();
hw::FlushDataCache(dram_header, sizeof(*dram_header));
hw::DataSynchronizationBarrierInnerShareable();
std::memcpy(std::addressof(encrypted_header), dram_header, sizeof(encrypted_header));
/* Atmosphere extension: support plaintext package2, identified by all-zeroes signature and decrypted header. */
secmon::boot::UpdateBootConfigForPackage2Header(encrypted_header);
/* Verify the package2 header's signature. */
secmon::boot::VerifyPackage2HeaderSignature(encrypted_header, !bc.signed_data.IsPackage2SignatureVerificationDisabled());
/* Decrypt the package2 header. */
secmon::boot::DecryptPackage2Header(std::addressof(pkg2_meta), encrypted_header.meta, !bc.signed_data.IsPackage2EncryptionDisabled());
}
/* Verify the package2 header. */
secmon::boot::VerifyPackage2Header(pkg2_meta);
/* Save the package2 hash if in recovery boot. */
if (secmon::IsRecoveryBoot()) {
se::Sha256Hash hash;
secmon::boot::CalculatePackage2Hash(std::addressof(hash), pkg2_meta, MemoryRegionDramPackage2.GetAddress());
secmon::SetPackage2Hash(hash);
}
/* Verify the package2 payloads. */
secmon::boot::CheckVerifyResult(secmon::boot::VerifyPackage2Payloads(pkg2_meta, pkg2_payloads_start), pkg1::ErrorInfo_InvalidPackage2Payload, "package2 payload verification failed");
/* Decrypt/Move the package2 payloads to the right places. */
secmon::boot::DecryptAndLoadPackage2Payloads(Package2LoadAddress, pkg2_meta, pkg2_payloads_start, !bc.signed_data.IsPackage2EncryptionDisabled());
/* Ensure that the CPU sees correct package2 data. */
secmon::FlushEntireDataCache();
secmon::EnsureInstructionConsistency();
/* Set the core's entrypoint and argument. */
secmon::SetEntryContext(0, Package2LoadAddress + pkg2_meta.entrypoint, 0);
/* Unmap DRAM. */
secmon::boot::UnmapDram();
/* Wait for NX bootloader to be done. */
secmon::boot::WaitForNxBootloader(secmon_params, pkg1::BootloaderState_Done);
/* Perform final initialization. */
secmon::SetupSocProtections();
secmon::SetupCpuSErrorDebug();
}
}