exo: implement start of mariko fatal handler

exosphere/program/source/boot/secmon_boot_functions.cpp

@@ -188,7 +188,7 @@ namespace ams::secmon::boot {
         const u8 key_generation = meta.GetKeyGeneration();
         /* Decrypt or load each payload in order. */
         for (int i = 0; i < pkg2::PayloadCount; ++i) {
-            AMS_SECMON_LOG("pkg2 payload[%d]: %09lx -> %09lx size=%08x\n", i, dst + meta.payload_offsets[i], src, meta.payload_sizes[i]);
+            AMS_SECMON_LOG("pkg2 payload[%d]: %09lx -> %09lx size=%08x\n", i, src, dst + meta.payload_offsets[i], meta.payload_sizes[i]);
 
             if (encrypted) {
                 DecryptPayload(dst + meta.payload_offsets[i], src, meta.payload_sizes[i], meta.payload_ivs[i], sizeof(meta.payload_ivs[i]), key_generation);

exosphere/program/source/secmon_exception_handler.cpp

@@ -0,0 +1,96 @@
+/*
+ * Copyright (c) 2018-2020 Atmosphère-NX
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms and conditions of the GNU General Public License,
+ * version 2, as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+#include <exosphere.hpp>
+#include "secmon_error.hpp"
+
+namespace ams::secmon {
+
+    namespace {
+
+        constexpr inline uintptr_t PMC = MemoryRegionVirtualDevicePmc.GetAddress();
+
+        constinit std::atomic_bool g_is_locked = false;
+
+    }
+
+    void ExceptionHandlerImpl(uintptr_t lr, uintptr_t sp) {
+        /* Ensure that previous logs have been flushed. */
+        AMS_LOG_FLUSH();
+
+        /* Get system registers. */
+        uintptr_t far_el1, far_el3, elr_el3;
+        util::BitPack32 esr_el3;
+
+        HW_CPU_GET_FAR_EL1(far_el1);
+        HW_CPU_GET_FAR_EL3(far_el3);
+        HW_CPU_GET_ELR_EL3(elr_el3);
+        HW_CPU_GET_ESR_EL3(esr_el3);
+
+        /* Print some whitespace before the exception handler. */
+        AMS_LOG("\n\n");
+        AMS_SECMON_LOG("ExceptionHandler\n");
+        AMS_SECMON_LOG("----------------\n");
+        AMS_SECMON_LOG("esr:     0x%08X\n", esr_el3.value);
+        AMS_SECMON_LOG("    Exception Class:               0x%02X\n", esr_el3.Get<hw::EsrEl3::Ec>());
+        AMS_SECMON_LOG("    Instruction Length:            %d\n", esr_el3.Get<hw::EsrEl3::Il>() ? 32 : 16);
+        AMS_SECMON_LOG("    Instruction Specific Syndrome: 0x%07X\n", esr_el3.Get<hw::EsrEl3::Iss>());
+
+        AMS_SECMON_LOG("far_el1: 0x%016lX\n", far_el1);
+        AMS_SECMON_LOG("far_el3: 0x%016lX\n", far_el3);
+        AMS_SECMON_LOG("elr_el3: 0x%016lX\n", elr_el3);
+
+        AMS_SECMON_LOG("lr:      0x%016lX\n", lr);
+        AMS_SECMON_LOG("sp:      0x%016lX\n", sp);
+
+        AMS_DUMP(reinterpret_cast<void *>(sp), util::AlignUp(sp, mmu::PageSize) - sp);
+
+        AMS_LOG_FLUSH();
+    }
+
+    NORETURN void ExceptionHandler() {
+        /* Get link register and stack pointer. */
+        u64 lr, sp;
+        {
+            __asm__ __volatile__("mov %0, lr" : "=r"(lr) :: "memory");
+            __asm__ __volatile__("mov %0, sp" : "=r"(sp) :: "memory");
+        }
+
+        /* Acquire exclusive access to exception handling logic. */
+        if (g_is_locked.exchange(true)) {
+            /* Invoke the exception handler impl. */
+            ExceptionHandlerImpl(lr, sp);
+
+            /* Lockout the security engine. */
+            se::Lockout();
+
+            /* Lockout fuses. */
+            fuse::Lockout();
+
+            /* Disable crypto operations after reboot. */
+            reg::Write(PMC + APBDEV_PMC_CRYPTO_OP, 0);
+
+            /* Perform an error reboot. */
+            secmon::SetError(pkg1::ErrorInfo_UnknownAbort);
+            secmon::ErrorReboot();
+        } else {
+            /* Wait forever while the first core prints the exception and reboots. */
+            while (true) {
+                util::WaitMicroSeconds(1000);
+            }
+        }
+    }
+
+}

exosphere/program/source/secmon_exception_vectors.s

@@ -76,6 +76,11 @@ vector_entry synch_sp0
     .endfunc
     .cfi_endproc
 _ZN3ams6secmon26UnexpectedExceptionHandlerEv:
+    #if defined(AMS_BUILD_FOR_DEBUGGING) || defined(AMS_BUILD_FOR_AUDITING)
+    /* Jump to the debug exception handler. */
+    ldr x16, =_ZN3ams6secmon16ExceptionHandlerEv
+    br  x16
+    #else
     /* Load the ErrorInfo scratch. */
     ldr x0, =0x1F004AC40
 
@@ -85,6 +90,7 @@ _ZN3ams6secmon26UnexpectedExceptionHandlerEv:
 
     /* Perform an error reboot. */
     b _ZN3ams6secmon11ErrorRebootEv
+    #endif
 
 vector_entry irq_sp0
     /* An unexpected exception was taken. */

exosphere/program/source/secmon_user_power_management.cpp

@@ -84,6 +84,26 @@ namespace ams::secmon {
         PerformPmcReboot();
     }
 
+    void PerformUserRebootToFatalError() {
+        if (fuse::GetSocType() == fuse::SocType_Erista) {
+            /* On Erista, we reboot to fatal error by jumping to fusee primary's handler. */
+            return PerformUserRebootToPayload();
+        } else /* if (fuse::GetSocType() == fuse::SocType_Mariko) */ {
+            /* TODO: Send a SGI FIQ to the other CPUs, so that user code stops executing. */
+
+            /* TODO: On cores other than 3, halt/wfi. */
+
+            AMS_SECMON_LOG("%s\n", "Jumping to Mariko Fatal.");
+            AMS_LOG_FLUSH();
+
+            /* Jump to the mariko fatal program. */
+            reinterpret_cast<void (*)()>(secmon::MemoryRegionVirtualTzramMarikoProgram.GetAddress())();
+
+            /* The mariko fatal program never returns. */
+            __builtin_unreachable();
+        }
+    }
+
     void PerformUserShutDown() {
         /* Load our reboot stub to iram. */
         LoadRebootStub(RebootStubAction_ShutDown);

exosphere/program/source/secmon_user_power_management.hpp

@@ -19,13 +19,15 @@
 namespace ams::secmon {
 
     enum UserRebootType {
-        UserRebootType_None      = 0,
-        UserRebootType_ToRcm     = 1,
-        UserRebootType_ToPayload = 2,
+        UserRebootType_None         = 0,
+        UserRebootType_ToRcm        = 1,
+        UserRebootType_ToPayload    = 2,
+        UserRebootType_ToFatalError = 3,
     };
 
     void PerformUserRebootToRcm();
     void PerformUserRebootToPayload();
+    void PerformUserRebootToFatalError();
     void PerformUserShutDown();
 
 }

exosphere/program/source/smc/secmon_smc_info.cpp

@@ -304,11 +304,20 @@ namespace ams::secmon::smc {
                             case UserRebootType_ToPayload:
                                 PerformUserRebootToPayload();
                                 break;
+                            case UserRebootType_ToFatalError:
+                                PerformUserRebootToFatalError();
+                                break;
                             default:
                                 return SmcResult::InvalidArgument;
                         }
                     } else /* if (soc_type == fuse::SocType_Mariko) */ {
-                        return SmcResult::NotImplemented;
+                        switch (static_cast<UserRebootType>(args.r[3])) {
+                            case UserRebootType_ToFatalError:
+                                PerformUserRebootToFatalError();
+                                break;
+                            default:
+                                return SmcResult::InvalidArgument;
+                        }
                     }
                     break;
                 case ConfigItem::ExosphereNeedsShutdown: