From b9b22a6797353a77c6daf8ed56d684fb84fdfa80 Mon Sep 17 00:00:00 2001
From: moebius2033 <moebius_2033@yahoo.com>
Date: Fri, 28 Jun 2019 20:07:49 -0400
Subject: [PATCH] OFW 8.1.0 support

Added OFW 8.1.0 support, bump hekate version to 4.10.2
---
 bootloader/frontend/fe_info.c  |  6 +++++
 bootloader/frontend/fe_tools.c |  2 +-
 bootloader/hos/hos.c           |  2 ++
 bootloader/hos/hos.h           |  3 ++-
 bootloader/hos/pkg1.c          |  1 +
 bootloader/hos/pkg2.c          | 47 +++++++++++++++++++++++++++++++++-
 bootloader/hos/secmon_exo.c    |  4 +--
 bootloader/hos/sept.c          | 12 +++++----
 bootloader/hos/sept.h          |  2 +-
 bootloader/main.c              |  2 +-
 bootloader/sec/se.c            |  1 +
 11 files changed, 70 insertions(+), 12 deletions(-)

diff --git a/bootloader/frontend/fe_info.c b/bootloader/frontend/fe_info.c
index 24d776d..3a9581b 100644
--- a/bootloader/frontend/fe_info.c
+++ b/bootloader/frontend/fe_info.c
@@ -372,6 +372,12 @@ void print_tsec_key()
 		tsec_ctxt.size = 0xF00;
 	else if (pkg1_id->kb == KB_FIRMWARE_VERSION_620)
 		tsec_ctxt.size = 0x2900;
+	else if (pkg1_id->kb == KB_FIRMWARE_VERSION_810)
+	{
+		tsec_ctxt.size = 0x3300;
+		// Exit after TSEC key generation.
+		*((vu16 *)((u32)tsec_ctxt.fw + 0x2DB5)) = 0x02F8;
+	}
 	else
 	{
 		tsec_ctxt.size = 0x3000;
diff --git a/bootloader/frontend/fe_tools.c b/bootloader/frontend/fe_tools.c
index e3fcf2c..3fa3e1b 100644
--- a/bootloader/frontend/fe_tools.c
+++ b/bootloader/frontend/fe_tools.c
@@ -106,7 +106,7 @@ void dump_packages12()
 			gfx_printf("sept will run to get the keys.\nThen rerun this option.");
 			btn_wait();
 
-			if (!reboot_to_sept((u8 *)tsec_ctxt.fw))
+			if (!reboot_to_sept((u8 *)tsec_ctxt.fw, pkg1_id->kb))
 			{
 				gfx_printf("Failed to run sept\n");
 				goto out_free;
diff --git a/bootloader/hos/hos.c b/bootloader/hos/hos.c
index 0fcecf5..dcfd8ed 100644
--- a/bootloader/hos/hos.c
+++ b/bootloader/hos/hos.c
@@ -182,6 +182,8 @@ int keygen(u8 *keyblob, u32 kb, tsec_ctxt_t *tsec_ctxt)
 		tsec_ctxt->size = 0xF00;
 	else if (kb == KB_FIRMWARE_VERSION_620)
 		tsec_ctxt->size = 0x2900;
+	else if (kb == KB_FIRMWARE_VERSION_810)
+		tsec_ctxt->size = 0x3300;
 	else
 		tsec_ctxt->size = 0x3000;
 
diff --git a/bootloader/hos/hos.h b/bootloader/hos/hos.h
index 0a78232..34b1fb3 100644
--- a/bootloader/hos/hos.h
+++ b/bootloader/hos/hos.h
@@ -31,7 +31,8 @@
 #define KB_FIRMWARE_VERSION_600 5
 #define KB_FIRMWARE_VERSION_620 6
 #define KB_FIRMWARE_VERSION_700 7
-#define KB_FIRMWARE_VERSION_MAX KB_FIRMWARE_VERSION_700
+#define KB_FIRMWARE_VERSION_810 8
+#define KB_FIRMWARE_VERSION_MAX KB_FIRMWARE_VERSION_810
 
 #define HOS_PKG11_MAGIC 0x31314B50
 
diff --git a/bootloader/hos/pkg1.c b/bootloader/hos/pkg1.c
index 7337107..fc740ed 100644
--- a/bootloader/hos/pkg1.c
+++ b/bootloader/hos/pkg1.c
@@ -144,6 +144,7 @@ static const pkg1_id_t _pkg1_ids[] = {
 	{ "20181218175730", 7, 0x0F00, 0x6FE0, { 1, 2, 0 }, 0x40030000, 0x4003E000, false, NULL, _warmboot_4_patchset },                 //7.0.0
 	{ "20190208150037", 7, 0x0F00, 0x6FE0, { 1, 2, 0 }, 0x40030000, 0x4003E000, false, NULL, _warmboot_4_patchset },                 //7.0.1
 	{ "20190314172056", 7, 0x0E00, 0x6FE0, { 1, 2, 0 }, 0x40030000, 0x4003E000, false, NULL, _warmboot_4_patchset },                 //8.0.0
+	{ "20190531152432", 8, 0x0E00, 0x6FE0, { 1, 2, 0 }, 0x4002B000, 0x4003E000, false, NULL, _warmboot_4_patchset },                 //8.1.0
 	{ NULL } //End.
 };
 
diff --git a/bootloader/hos/pkg2.c b/bootloader/hos/pkg2.c
index b01c85c..17b73d4 100644
--- a/bootloader/hos/pkg2.c
+++ b/bootloader/hos/pkg2.c
@@ -592,6 +592,49 @@ static kip1_patchset_t _fs_patches_800_exfat[] =
 	{ NULL, NULL }
 };
 
+static kip1_patch_t _fs_nosigchk_810[] =
+{
+	{ KPS(KIP_TEXT) | 0x7630C, 4, "\x51\x44\x00\x94", "\xE0\x03\x1F\x2A" },
+	{ KPS(KIP_TEXT) | 0xF49A4, 4, "\xC0\x03\x00\x36", "\x1F\x20\x03\xD5" },
+	{ 0, 0, NULL, NULL }
+};
+
+static kip1_patch_t _fs_nosigchk_810_exfat[] =
+{
+	{ KPS(KIP_TEXT) | 0x818BC, 4, "\x51\x44\x00\x94", "\xE0\x03\x1F\x2A" },
+	{ KPS(KIP_TEXT) | 0xFFF54, 4, "\xC0\x03\x00\x36", "\x1F\x20\x03\xD5" },
+	{ 0, 0, NULL, NULL }
+};
+
+static kip1_patch_t _fs_nogc_810[] =
+{
+	{ KPS(KIP_TEXT) | 0x136800, 8, "\xF4\x4F\xBE\xA9\xFD\x7B\x01\xA9", "\xE0\x03\x1F\x2A\xC0\x03\x5F\xD6" },
+	{ KPS(KIP_TEXT) | 0x15EB94, 4, "\x14\x40\x80\x52", "\x14\x80\x80\x52" },
+	{ 0, 0, NULL, NULL }
+};
+
+static kip1_patch_t _fs_nogc_810_exfat[] =
+{
+	{ KPS(KIP_TEXT) | 0x141DB0, 8, "\xF4\x4F\xBE\xA9\xFD\x7B\x01\xA9", "\xE0\x03\x1F\x2A\xC0\x03\x5F\xD6" },
+	{ KPS(KIP_TEXT) | 0x16A144, 4, "\x14\x40\x80\x52", "\x14\x80\x80\x52" },
+	{ 0, 0, NULL, NULL }
+};
+
+static kip1_patchset_t _fs_patches_810[] =
+{
+	{ "nosigchk", _fs_nosigchk_810 },
+	{ "nogc",     _fs_nogc_810 },
+	{ NULL, NULL }
+};
+
+static kip1_patchset_t _fs_patches_810_exfat[] =
+{
+	{ "nosigchk", _fs_nosigchk_810_exfat },
+	{ "nogc",     _fs_nogc_810_exfat },
+	{ NULL, NULL }
+};
+
+
 // SHA256 hashes.
 static kip1_id_t _kip_ids[] = 
 {
@@ -620,7 +663,9 @@ static kip1_id_t _kip_ids[] =
 	{ "FS", "\x2A\xDB\xE9\x7E\x9B\x5F\x41\x77", _fs_patches_700 }, 		 // FS 7.0.0
 	{ "FS", "\x2C\xCE\x65\x9C\xEC\x53\x6A\x8E", _fs_patches_700_exfat }, // FS 7.0.0 exfat
 	{ "FS", "\xB2\xF5\x17\x6B\x35\x48\x36\x4D", _fs_patches_800 }, 		 // FS 8.0.0
-	{ "FS", "\xDB\xD9\x41\xC0\xC5\x3C\x52\xCC", _fs_patches_800_exfat }  // FS 8.0.0 exfat
+	{ "FS", "\xDB\xD9\x41\xC0\xC5\x3C\x52\xCC", _fs_patches_800_exfat }, // FS 8.0.0 exfat
+	{ "FS", "\x6B\x09\xB6\x7B\x29\xC0\x20\x24", _fs_patches_810 },       // FS 8.1.0
+    { "FS", "\xB4\xCA\xE1\xF2\x49\x65\xD9\x2E", _fs_patches_810_exfat }  // FS 8.1.0 exfat
 };
 
 const pkg2_kernel_id_t *pkg2_identify(u8 *hash)
diff --git a/bootloader/hos/secmon_exo.c b/bootloader/hos/secmon_exo.c
index c7b8067..1cc8c4e 100644
--- a/bootloader/hos/secmon_exo.c
+++ b/bootloader/hos/secmon_exo.c
@@ -109,8 +109,8 @@ void config_exosphere(const char *id, u32 kb, void *warmboot, bool stock)
 		break;
 	default:
 		exoFwNo = kb + 1;
-		if (!strcmp(id, "20190314172056"))
-			exoFwNo++; // ATM_TARGET_FW_800.
+		if (!strcmp(id, "20190531152432"))
+			exoFwNo++; // ATM_TARGET_FW_810.
 		break;
 	}
 
diff --git a/bootloader/hos/sept.c b/bootloader/hos/sept.c
index 6878c17..510e8ef 100644
--- a/bootloader/hos/sept.c
+++ b/bootloader/hos/sept.c
@@ -102,7 +102,7 @@ void check_sept()
 	if (pkg1_id->kb >= KB_FIRMWARE_VERSION_700 && !h_cfg.sept_run)
 	{
 		sdmmc_storage_end(&storage);
-		reboot_to_sept((u8 *)pkg1 + pkg1_id->tsec_off);
+		reboot_to_sept((u8 *)pkg1 + pkg1_id->tsec_off, pkg1_id->kb);
 	}
 
 out_free:
@@ -110,14 +110,14 @@ out_free:
 	sdmmc_storage_end(&storage);
 }
 
-int reboot_to_sept(const u8 *tsec_fw)
+int reboot_to_sept(const u8 *tsec_fw, const u32 kb)
 {
 	FIL fp;
 
 	// Copy warmboot reboot code and TSEC fw.
 	memcpy((u8 *)(SEPT_PK1T_ADDR - WB_RST_SIZE), (u8 *)warmboot_reboot, sizeof(warmboot_reboot));
-	memcpy((void *)SEPT_PK1T_ADDR, tsec_fw, 0x3000);
-	*(vu32 *)SEPT_TCSZ_ADDR = 0x3000;
+	memcpy((void *)SEPT_PK1T_ADDR, tsec_fw, kb == KB_FIRMWARE_VERSION_700 ? 0x3000 : 0x3300);
+	*(vu32 *)SEPT_TCSZ_ADDR = kb == KB_FIRMWARE_VERSION_700 ? 0x3000 : 0x3300;
 	
 	// Copy sept-primary.
 	if (f_open(&fp, "sept/sept-primary.bin", FA_READ))
@@ -131,7 +131,9 @@ int reboot_to_sept(const u8 *tsec_fw)
 	f_close(&fp);
 
 	// Copy sept-secondary.
-	if (f_open(&fp, "sept/sept-secondary.enc", FA_READ))
+	if ((kb == 7) && f_open(&fp, "sept/sept-secondary_00.enc", FA_READ))
+		goto error;
+	else if ((kb == 8) && f_open(&fp, "sept/sept-secondary_01.enc", FA_READ))
 		goto error;
 
 	if (f_read(&fp, (u8 *)SEPT_STG2_ADDR, f_size(&fp), NULL))
diff --git a/bootloader/hos/sept.h b/bootloader/hos/sept.h
index 5b0ecb4..1d64529 100644
--- a/bootloader/hos/sept.h
+++ b/bootloader/hos/sept.h
@@ -20,6 +20,6 @@
 #include "../utils/types.h"
 
 void check_sept();
-int reboot_to_sept(const u8 *tsec_fw);
+int reboot_to_sept(const u8 *tsec_fw, const u32 kb);
 
 #endif
diff --git a/bootloader/main.c b/bootloader/main.c
index 0798ebb..b628eea 100644
--- a/bootloader/main.c
+++ b/bootloader/main.c
@@ -1157,7 +1157,7 @@ ment_t ment_top[] = {
 };
 menu_t menu_top = {
 	ment_top,
-	"hekate - CTCaer mod v4.10.1", 0, 0
+	"hekate - CTCaer mod v4.10.2", 0, 0
 };
 
 #define IPL_STACK_TOP  0x90010000
diff --git a/bootloader/sec/se.c b/bootloader/sec/se.c
index 0b3c707..aeda2ca 100644
--- a/bootloader/sec/se.c
+++ b/bootloader/sec/se.c
@@ -167,6 +167,7 @@ int se_aes_unwrap_key(u32 ks_dst, u32 ks_src, const void *input)
 {
 	SE(SE_CONFIG_REG_OFFSET) = SE_CONFIG_DEC_ALG(ALG_AES_DEC) | SE_CONFIG_DST(DST_KEYTAB);
 	SE(SE_CRYPTO_REG_OFFSET) = SE_CRYPTO_KEY_INDEX(ks_src) | SE_CRYPTO_CORE_SEL(CORE_DECRYPT);
+	SE(0x318) = 0;
 	SE(SE_BLOCK_COUNT_REG_OFFSET) = 0;
 	SE(SE_CRYPTO_KEYTABLE_DST_REG_OFFSET) = SE_CRYPTO_KEYTABLE_DST_KEY_INDEX(ks_dst);