Merge hekate 5.1.0 changes

2019-12-08 19:17:46 -07:00 · 2019-12-08 19:17:46 -07:00 · b3a739592e
commit b3a739592e
parent cdb29719e4
46 changed files with 1525 additions and 224 deletions
--- a/source/sec/se.c
+++ b/source/sec/se.c
@ -86,8 +86,8 @@ static int _se_wait()
 	while (!(SE(SE_INT_STATUS_REG_OFFSET) & SE_INT_OP_DONE(INT_SET)))
 		;
 	if (SE(SE_INT_STATUS_REG_OFFSET) & SE_INT_ERROR(INT_SET) ||
-		SE(SE_STATUS_0) & 3 ||
-		SE(SE_ERR_STATUS_0) != 0)
+		SE(SE_STATUS_0) & SE_STATUS_0_STATE_WAIT_IN ||
+		SE(SE_ERR_STATUS_0) != SE_ERR_STATUS_0_SE_NS_ACCESS_CLEAR)
 		return 0;
 	return 1;
 }
@ -111,12 +111,12 @@ static int _se_execute(u32 op, void *dst, u32 dst_size, const void *src, u32 src
 	SE(SE_ERR_STATUS_0) = SE(SE_ERR_STATUS_0);
 	SE(SE_INT_STATUS_REG_OFFSET) = SE(SE_INT_STATUS_REG_OFFSET);

-	bpmp_mmu_maintenance(BPMP_MMU_MAINT_CLN_INV_WAY);
+	bpmp_mmu_maintenance(BPMP_MMU_MAINT_CLN_INV_WAY, false);

 	SE(SE_OPERATION_REG_OFFSET) = SE_OPERATION(op);
 	int res = _se_wait();

-	bpmp_mmu_maintenance(BPMP_MMU_MAINT_CLN_INV_WAY);
+	bpmp_mmu_maintenance(BPMP_MMU_MAINT_CLN_INV_WAY, false);

 	return res;
 }
@ -148,9 +148,11 @@ static void _se_aes_ctr_set(void *ctr)

 void se_rsa_acc_ctrl(u32 rs, u32 flags)
 {
-	if (flags & 0x7F)
-		SE(SE_RSA_KEYTABLE_ACCESS_REG_OFFSET + 4 * rs) = (((flags >> 4) & 4) | (flags & 3)) ^ 7;
-	if (flags & 0x80)
+	if (flags & SE_RSA_KEY_TBL_DIS_KEY_ALL_FLAG)
+		SE(SE_RSA_KEYTABLE_ACCESS_REG_OFFSET + 4 * rs) =
+			((flags >> SE_RSA_KEY_TBL_DIS_KEYUSE_FLAG_SHIFT) & SE_RSA_KEY_TBL_DIS_KEYUSE_FLAG) |
+			((flags & SE_RSA_KEY_TBL_DIS_KEY_READ_UPDATE_FLAG) ^ SE_RSA_KEY_TBL_DIS_KEY_ALL_COMMON_FLAG);
+	if (flags & SE_RSA_KEY_TBL_DIS_KEY_LOCK_FLAG)
 		SE(SE_RSA_KEYTABLE_ACCESS_LOCK_OFFSET) &= ~(1 << rs);
 }

@ -216,9 +218,9 @@ int se_rsa_exp_mod(u32 ks, void *dst, u32 dst_size, const void *src, u32 src_siz

 void se_key_acc_ctrl(u32 ks, u32 flags)
 {
-	if (flags & 0x7F)
+	if (flags & SE_KEY_TBL_DIS_KEY_ACCESS_FLAG)
 		SE(SE_KEY_TABLE_ACCESS_REG_OFFSET + 4 * ks) = ~flags;
-	if (flags & 0x80)
+	if (flags & SE_KEY_TBL_DIS_KEY_LOCK_FLAG)
 		SE(SE_KEY_TABLE_ACCESS_LOCK_OFFSET) &= ~(1 << ks);
 }

@ -424,15 +426,15 @@ int se_calc_sha256(void *dst, const void *src, u32 src_size)
 	int res;
 	// Setup config for SHA256, size = BITS(src_size).
 	SE(SE_CONFIG_REG_OFFSET) = SE_CONFIG_ENC_MODE(MODE_SHA256) | SE_CONFIG_ENC_ALG(ALG_SHA) | SE_CONFIG_DST(DST_HASHREG);
-	SE(SE_SHA_CONFIG_REG_OFFSET) = SHA_INIT_ENABLE;
-	SE(SE_SHA_MSG_LENGTH_REG_OFFSET) = (u32)(src_size << 3);
-	SE(SE_SHA_MSG_LENGTH_REG_OFFSET + 4 * 1) = 0;
-	SE(SE_SHA_MSG_LENGTH_REG_OFFSET + 4 * 2) = 0;
-	SE(SE_SHA_MSG_LENGTH_REG_OFFSET + 4 * 3) = 0;
-	SE(SE_SHA_MSG_LEFT_REG_OFFSET) = (u32)(src_size << 3);
-	SE(SE_SHA_MSG_LEFT_REG_OFFSET + 4 * 1) = 0;
-	SE(SE_SHA_MSG_LEFT_REG_OFFSET + 4 * 2) = 0;
-	SE(SE_SHA_MSG_LEFT_REG_OFFSET + 4 * 3) = 0;
+	SE(SE_SHA_CONFIG_REG_OFFSET) = SHA_INIT_HASH;
+	SE(SE_SHA_MSG_LENGTH_0_REG_OFFSET) = (u32)(src_size << 3);
+	SE(SE_SHA_MSG_LENGTH_1_REG_OFFSET) = 0;
+	SE(SE_SHA_MSG_LENGTH_2_REG_OFFSET) = 0;
+	SE(SE_SHA_MSG_LENGTH_3_REG_OFFSET) = 0;
+	SE(SE_SHA_MSG_LEFT_0_REG_OFFSET) = (u32)(src_size << 3);
+	SE(SE_SHA_MSG_LEFT_1_REG_OFFSET) = 0;
+	SE(SE_SHA_MSG_LEFT_2_REG_OFFSET) = 0;
+	SE(SE_SHA_MSG_LEFT_3_REG_OFFSET) = 0;

 	// Trigger the operation.
 	res = _se_execute(OP_START, NULL, 0, src, src_size);
--- a/source/sec/se_t210.h
+++ b/source/sec/se_t210.h
@ -36,6 +36,8 @@
 #define SE_SECURITY_0 0x000
 #define SE_KEY_SCHED_READ_SHIFT 3

+#define SE_TZRAM_SECURITY_0 0x004
+
 #define SE_CONFIG_REG_OFFSET		0x014
 #define SE_CONFIG_ENC_ALG_SHIFT		12
 #define SE_CONFIG_DEC_ALG_SHIFT		8
@ -209,8 +211,12 @@
 #define SE_INT_OP_DONE(x)			(x << SE_INT_OP_DONE_SHIFT)
 #define SE_INT_ERROR_SHIFT		16
 #define SE_INT_ERROR(x)			(x << SE_INT_ERROR_SHIFT)
+
 #define SE_STATUS_0 0x800
+#define SE_STATUS_0_STATE_WAIT_IN 3
+
 #define SE_ERR_STATUS_0			0x804
+#define SE_ERR_STATUS_0_SE_NS_ACCESS_CLEAR 0

 #define SE_CRYPTO_KEYTABLE_DST_REG_OFFSET	0X330
 #define SE_CRYPTO_KEYTABLE_DST_WORD_QUAD_SHIFT		0
@ -231,11 +237,17 @@
 #define SE_SPARE_0_REG_OFFSET		0x80c

 #define SE_SHA_CONFIG_REG_OFFSET	0x200
-#define SHA_INIT_DISABLE	0
-#define SHA_INIT_ENABLE		1
+#define  SHA_CONTINUE  0
+#define  SHA_INIT_HASH 1

-#define SE_SHA_MSG_LENGTH_REG_OFFSET	0x204
-#define SE_SHA_MSG_LEFT_REG_OFFSET		0x214
+#define SE_SHA_MSG_LENGTH_0_REG_OFFSET	0x204
+#define SE_SHA_MSG_LENGTH_1_REG_OFFSET	0x208
+#define SE_SHA_MSG_LENGTH_2_REG_OFFSET	0x20C
+#define SE_SHA_MSG_LENGTH_3_REG_OFFSET	0x210
+#define SE_SHA_MSG_LEFT_0_REG_OFFSET	0x214
+#define SE_SHA_MSG_LEFT_1_REG_OFFSET	0x218
+#define SE_SHA_MSG_LEFT_2_REG_OFFSET	0x21C
+#define SE_SHA_MSG_LEFT_3_REG_OFFSET	0x220

 #define SE_HASH_RESULT_REG_COUNT	16
 #define SE_HASH_RESULT_REG_OFFSET	0x030
@ -254,13 +266,24 @@
 						TEGRA_SE_RNG_DT_SIZE)

 #define TEGRA_SE_AES_CMAC_DIGEST_SIZE	16
-#define TEGRA_SE_RSA512_DIGEST_SIZE	64
+#define TEGRA_SE_RSA512_DIGEST_SIZE	    64
 #define TEGRA_SE_RSA1024_DIGEST_SIZE	128
 #define TEGRA_SE_RSA1536_DIGEST_SIZE	192
 #define TEGRA_SE_RSA2048_DIGEST_SIZE	256

 #define SE_KEY_TABLE_ACCESS_LOCK_OFFSET	0x280
+#define SE_KEY_TBL_DIS_KEY_LOCK_FLAG 0x80
+
 #define SE_KEY_TABLE_ACCESS_REG_OFFSET	0x284
+#define SE_KEY_TBL_DIS_KEYREAD_FLAG    (1 << 0)
+#define SE_KEY_TBL_DIS_KEYUPDATE_FLAG  (1 << 1)
+#define SE_KEY_TBL_DIS_OIVREAD_FLAG    (1 << 2)
+#define SE_KEY_TBL_DIS_OIVUPDATE_FLAG  (1 << 3)
+#define SE_KEY_TBL_DIS_UIVREAD_FLAG    (1 << 4)
+#define SE_KEY_TBL_DIS_UIVUPDATE_FLAG  (1 << 5)
+#define SE_KEY_TBL_DIS_KEYUSE_FLAG     (1 << 6)
+#define SE_KEY_TBL_DIS_KEY_ACCESS_FLAG 0x7F
+
 #define SE_KEY_READ_DISABLE_SHIFT		0
 #define SE_KEY_UPDATE_DISABLE_SHIFT		1

@ -312,7 +335,16 @@
 #define TEGRA_SE_RSA_KEYSLOT_COUNT		2

 #define SE_RSA_KEYTABLE_ACCESS_LOCK_OFFSET	0x40C
+#define SE_RSA_KEY_TBL_DIS_KEY_LOCK_FLAG    0x80
+
 #define SE_RSA_KEYTABLE_ACCESS_REG_OFFSET	0x410
+#define SE_RSA_KEY_TBL_DIS_KEYREAD_FLAG         (1 << 0)
+#define SE_RSA_KEY_TBL_DIS_KEYUPDATE_FLAG       (1 << 1)
+#define SE_RSA_KEY_TBL_DIS_KEY_READ_UPDATE_FLAG (SE_RSA_KEY_TBL_DIS_KEYREAD_FLAG | SE_RSA_KEY_TBL_DIS_KEYUPDATE_FLAG)
+#define SE_RSA_KEY_TBL_DIS_KEYUSE_FLAG          (1 << 2)
+#define SE_RSA_KEY_TBL_DIS_KEYUSE_FLAG_SHIFT    (1 << 2)
+#define SE_RSA_KEY_TBL_DIS_KEY_ALL_COMMON_FLAG  7
+#define SE_RSA_KEY_TBL_DIS_KEY_ALL_FLAG        0x7F

 #define SE_RSA_KEYTABLE_ADDR	0x420
 #define SE_RSA_KEYTABLE_DATA	0x424
--- a/source/sec/tsec.c
+++ b/source/sec/tsec.c
@ -23,6 +23,7 @@
 #include "../sec/se_t210.h"
 #include "../soc/bpmp.h"
 #include "../soc/clock.h"
+#include "../soc/kfuse.h"
 #include "../soc/smmu.h"
 #include "../soc/t210.h"
 #include "../mem/heap.h"
@ -77,6 +78,8 @@ int tsec_query(u8 *tsec_keys, u8 kb, tsec_ctxt_t *tsec_ctxt)
 	clock_enable_sor1();
 	clock_enable_kfuse();

+	kfuse_wait_ready();
+
 	//Configure Falcon.
 	TSEC(TSEC_DMACTL) = 0;
 	TSEC(TSEC_IRQMSET) =
@ -208,7 +211,7 @@ int tsec_query(u8 *tsec_keys, u8 kb, tsec_ctxt_t *tsec_ctxt)
 			res = -6;
 			smmu_deinit_for_tsec();

-			goto out;
+			goto out_free;
 		}

 		// Give some extra time to make sure PKG1.1 is decrypted.
@ -278,7 +281,7 @@ out:;
 	clock_disable_sor_safe();
 	clock_disable_tsec();
 	bpmp_mmu_enable();
-	bpmp_clk_rate_set(BPMP_CLK_SUPER_BOOST);
+	bpmp_clk_rate_set(BPMP_CLK_DEFAULT_BOOST);

 	return res;
 }