fusee_cpp: implement all required key derivation

2025-05-30 06:25:20 -04:00 · 2021-08-28 01:15:15 -07:00 · 2021-08-28 01:15:15 -07:00 · 6c5f2804ab
commit 6c5f2804ab
parent 51cf28339b
5 changed files with 374 additions and 1 deletions
--- a/fusee_cpp/program/source/fusee_setup_horizon.cpp
+++ b/fusee_cpp/program/source/fusee_setup_horizon.cpp
@ -14,6 +14,7 @@
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 #include <exosphere.hpp>
+#include "fusee_key_derivation.hpp"
 #include "fusee_secondary_archive.hpp"
 #include "fusee_setup_horizon.hpp"
 #include "fusee_fatal.hpp"
@ -22,6 +23,24 @@ namespace ams::nxboot {

    namespace {

+        constexpr inline const uintptr_t CLKRST  = secmon::MemoryRegionPhysicalDeviceClkRst.GetAddress();
+        constexpr inline const uintptr_t MC      = secmon::MemoryRegionPhysicalDeviceMemoryController.GetAddress();
+
+        void DisableArc() {
+            /* Enable ARC_CLK_OVR_ON. */
+            reg::ReadWrite(CLKRST + CLK_RST_CONTROLLER_LVL2_CLK_GATE_OVRD, CLK_RST_REG_BITS_ENUM(LVL2_CLK_GATE_OVRD_ARC_CLK_OVR_ON, OFF));
+
+            /* Enable the ARC. */
+            reg::ReadWrite(MC + MC_IRAM_REG_CTRL, MC_REG_BITS_ENUM(IRAM_REG_CTRL_IRAM_CFG_WRITE_ACCESS, DISABLED));
+
+            /* Set IRAM BOM/TOP to open up access to all mmio. */
+            reg::Write(MC + MC_IRAM_BOM, 0xFFFFF000);
+            reg::Write(MC + MC_IRAM_TOM, 0x00000000);
+
+            /* Read to ensure our configuration takes. */
+            reg::Read(MC + MC_IRAM_REG_CTRL);
+        }
+
        void DeriveAllKeys(const fuse::SocType soc_type) {
            /* If on erista, run the TSEC keygen firmware. */
            if (soc_type == fuse::SocType_Erista) {
@ -34,7 +53,12 @@ namespace ams::nxboot {
                clkrst::SetBpmpClockRate(clkrst::BpmpClockRate_576MHz);
            }

-            ShowFatalError("DeriveAllKeys not fully implemented\n");
+            /* Derive master/device keys. */
+            if (soc_type == fuse::SocType_Erista) {
+                DeriveKeysErista();
+            } else /* if (soc_type == fuse::SocType_Mariko) */ {
+                DeriveKeysMariko();
+            }
        }

    }
@ -47,6 +71,10 @@ namespace ams::nxboot {
        /* Derive all keys. */
        DeriveAllKeys(soc_type);

+        /* Disable the ARC redirect. */
+        /* NOTE: Devices can no longer access IRAM from this point onwards. */
+        DisableArc();
+
        AMS_UNUSED(hw_type);
        ShowFatalError("SetupAndStartHorizon not fully implemented\n");
    }