Cmep registers: Difference between revisions

From Vita Development Wiki
Jump to navigation Jump to search
(→‎Bigmac Crypto Controller: Move bulk of description to DMAC page)
 
(62 intermediate revisions by 4 users not shown)
Line 1: Line 1:
= 0xE0000000: Cmep/ARM =
= 0xE0000000: Mailbox =
 
The mailbox is used for communication between ARM [[TrustZone]] and [[Cmep]] ([[Second Loader]] and [[Secure Kernel]]), and with the debugger. Communication seems to go through some sort of FIFO register.
 
== Messages ==
 
Messages are sent by Cmep to ARM [[TrustZone]] using the lower 16-bits at 0xE0000000. When ARM [[TrustZone]] has read it, the register is set to 0.
 
ARM [[TrustZone]] can write a 32-bit response to 0xE0000010. For ARM to Cmep, bit0 is used to indicate that the message has been written by ARM [[TrustZone]].
 
<pre>
    1 = Request succeeded
    4 = Debug string
0x101 = Main init started
0x102 = Sm can be loaded/resumed
0x103 = Sm resumed successfully
0x104 = Sm was shut down
0x106 = Main shutting down
0x107 = Suspend beginning
0x108 = Ready for suspending, when using the async version.
0x8016 = Error: Invalid address range
0x802F = Error: Failed to init E003, E006.
</pre>


== 0xE0000000: MailboxCmepToArm ==
== 0xE0000000: MailboxCmepToArm ==


Response to ARM is written here.
Response to ARM is written here. To read, get a double word from physical address <code>0xE0000000</code>. If it returns 0, no data is available. Otherwise, acknowledge that the data has been read by ARM [[TrustZone]] by putting the same data into <code>0xE0000000</code>.
 
{| class="wikitable"
|-
! Address !! RW permissions !! Use !! Description
|-
| 0xE0000000 || RW || Status || Read for status.
|-
| 0xE0000004 || RW || Result || Cmep to ARM. 1: success. 3: command not found. 5: Invalid arguments. Used by SMC 0x12d, 0x136, 0x137, 0x13B, interrupt 0xC8.
|-
| 0xE0000008 || RW || ? || Used by SMC 0x12d, 0x136, 0x137, 0x13B, interrupt 0xC8.
|-
| 0xE000000C || RW || ? || Used by SMC 0x12d, 0x136, 0x137, 0x13B, interrupt 0xC8.
|}


== 0xE0000010: MailboxArmToCmep ==
== 0xE0000010: MailboxArmToCmep ==


Request from ARM is written here.
Request from ARM is written here. To write, put the double word into physical address <code>0xE0000010</code>. Next read <code>0xE0000010</code> until it returns 0, which indicates the data was read by Cmep.
 
{| class="wikitable"
|-
! Address !! RW permissions !! Use !! Description
|-
| 0xE0000010 || RW || Command || ARM to Cmep. Send a command to Cmep.
|-
| 0xE0000014 || RW || Arguments || ARM to Cmep. (PA & 1) == 1: valid arguments. See [[#Executing Secure Module functions|Executing Secure Module functions]].
|-
| 0xE0000018 || RW || ? || See [[#Executing Secure Module functions|Executing Secure Module functions]].
|-
| 0xE000001C || RW || ? || See [[#Executing Secure Module functions|Executing Secure Module functions]].
|}


== 0xE0000020: MailboxCmepToDebugger ==
== 0xE0000020: MailboxCmepToDebugger ==


Size: 2 * DOWORD.
Size: 2 * DWORD.


== 0xE0000028: MailboxDebuggerToCmep ==
== 0xE0000028: MailboxDebuggerToCmep ==


Size: 2 * DWORD.
Size: 2 * DWORD.
== 0xE0000054: unknown ==
{| class="wikitable"
|-
! Address !! RW permissions !! Use !! Description
|-
| 0xE0000054 || RW || ? || Used by SMC 0x12d, 0x135, 0x13B, interrupt 0xC8.
|-
| 0xE0000058 || RW || ? || Used by SMC 0x12d, 0x135, 0x13B, interrupt 0xC8.
|-
| 0xE000005C || RW || ? || Used by SMC 0x12d, 0x135, 0x13B, interrupt 0xC8.
|}


== 0xE0000060: MailboxDebuggerToCmep2 ==
== 0xE0000060: MailboxDebuggerToCmep2 ==


Size: 2 * DWORD.
Size: 2 * DWORD.
== 0xE0000080 ==
Unknown. Seen values: 0x1


= 0xE0010000: Cmep controller =
= 0xE0010000: Cmep controller =
Line 27: Line 92:
! Address !! Length !! Description
! Address !! Length !! Description
|-
|-
| 0xE0010000 || 4 || TZ sets it to 1 then 0 and it appears cmep resets.
| 0xE0010000 || 4 || CMeP reset register
|-
| 0xE0010004 || 4 || crySboot. Read by second_loader, checked against mask (& 5) and (& 8). Read by TZ after setting reset, checked if flag 0x80000000 is set. Ex: 0x80000005. Writing values to it from cmep does nothing.
|-
| 0xE0010008 || 4 || CMeP reset pulse register
|-
| 0xE001000C || 4 || Bignum/Bigmac reset register
|-
|-
| 0xE0010004 || 4 || Read by second_loader, checked against mask (& 5) and (& 8). Read by TZ after setting reset, checked if flag 0x80000000 is set. Ex: 0x80000005. Writing values to it from cmep does nothing.
| 0xE0010010 || 4 || ??? reset register
|}
|}


== 0xE0010000: CmepReset ==
== 0xE0010000: CmepReset ==


     Bit0: Hangs. ARM uses this to reset the cMeP subsystem.
     [31:01] Reserved (RAZ/WI)
    [00:00] CMeP reset gate
      0: CMeP is not placed under reset
      1: CMeP is placed under reset
 
ARM uses this register to reset CMeP. ?Used by Cmep command 0 to prepare Cmep to receive an address that contains the secure_kernel.enp.?
 
== 0xE0010004: crySboot ==
 
This register is read-only.


== 0xE0010004: CmepStatus ==
    [31:31] IsCmepAlive
      1: CMeP is running (what does this mean?)
    [30:04] Reserved (RAZ)
    [03:03] crySboot2
    [02:02] crySboot1<1>
    [01:01] Reserved (RAZ)
    [00:00] crySboot1<0>
        (i.e., crySboot1 = (bit 2 | bit 0) = (crySboot & 0x5))


    Bit31:  IsCmepAlive
Used by Cmep command 0 to check if the value written in <code>0xE0010000</code> is okay (it should return a value <= 0).
    Bit0-2: ?


    0xE0010000: 00 00 00 00 05 00 00 80 00 00 00 00 00 00 00 00
== 0xE0010008: CMeP reset pulse ==
    0xE0010010: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00


== 0xE0010010: Unknown ==
Reads as zero.


Reads back 0x7FF. Then hangs after delay.
Writing any value triggers a CMeP reset (as if 1 then 0 had been written to <code>0xE0010000</code>).


    Bit5: Disables Key* registers, and Cmep KeyRings.
== 0xE001000C: Bignum/Bigmac reset ==


No bit appears to disable Rsa* registers, or Bigmac*.
  [31:02] Reserved (RAZ/WI)
  [01:01] ? reset gate
      0: ? is not placed under reset
      1: ? is placed under reset
  [00:00] ? reset gate
      0: ? is not placed under reset
      1: ? is placed under reset


    0xE0020000: 0F 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00
== 0xE0010010: ??? reset ==
    0xE0020010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 
This register is only present Kermit1.0 ES3.2+ (and Kermit1.5).
 
Value seen after system is initialized: 0x00000001
 
  [31:11] Reserved (RAZ/WI)
  [10:10] ? reset gate
  [09:09] ? reset gate
  [08:08] ? reset gate
  [07:07] ? reset gate
  [06:06] ? reset gate
  [05:05] ? reset gate
  [04:04] ? reset gate
  [03:03] ? reset gate
  [02:02] ? reset gate
  [01:01] ? reset gate
  [00:00] ? reset gate
 
Each bit corresponds to a different secure device.


= 0xE0020000: Cmep 0xE0020000 =
= 0xE0020000: Cmep 0xE0020000 =
Line 63: Line 172:
| 0xE0020000 || 4 || second_loader sets it to 0x30003 after ?clearing keys?. secure_kernel sets it to 0x2000F.
| 0xE0020000 || 4 || second_loader sets it to 0x30003 after ?clearing keys?. secure_kernel sets it to 0x2000F.
|-
|-
| 0xE0020004 || 4 || ?Error code?/?Allowed DMAC5 keyring to Non-Secure?. Read by second_loader, checked against 0x8000001F. Also set to ?0? by second_loader when setting 0x30003 at 0xE0020000.
| 0xE0020004 || 4 || cryAio. Read-only/write-once? Read by second_loader, checked against 0x8000001F. Also set to ?0? by second_loader when setting 0x30003 at 0xE0020000.
|-
| 0xE0020008 || 4 || Bits 0x1F are RW. All others are RAZ/WI. Usually 0.
|-
| 0xE002000C || 0x14 || RAZ/WI
|-
| 0xE0020020 || 4 || RAZ/WI? Used in bignum powmod worker. Checked for 0 by second_loader. May be a kind of timer or working state.
|-
|-
| 0xE0020020 || 4 || Checked for 0 by second_loader. May be a kind of timer or working state.
| 0xE0020024 || 0x1C || RAZ/WI
|-
|-
| 0xE0020040 || 0x10 || [[ReadAs|Read As]]
| 0xE0020040 || 0x10 || [[ReadAs|Read As]]
|-
|-
| 0xE0020100 || 0x20 || Per-console 256-bit key from keyring 0x602 is copied here by second_loader. Maybe related to eMMC.
| 0xE0020060 || 0xA0 || RAZ/WI
|-
| 0xE0020100 || 0x20 || Write-once? Per-console 256-bit key from keyring 0x602 is copied here by second_loader.
|}
|}


Line 80: Line 197:
     Bit4: ?
     Bit4: ?
     Bit5: ?
     Bit5: ?
     Bit16: Allows ARM to reset cmep. No hang when cleared.
     Bit16: Allows ARM to reset Cmep. No hang when cleared.
     Bit17: ?
     Bit17: ?


Line 99: Line 216:
== 0xE0030000: KeyringNewValue ==
== 0xE0030000: KeyringNewValue ==


Size: 8 * DWORD.
Write-only. Reads as zero.


== 0xE0030020: KeyringSetValueTrigger ==
== 0xE0030020: KeyringSetValueTrigger ==


Write value to a keyring. Requires the keyring to be enabled and WriteByCmepAllowed flag to be set.
Write value currently held in <code>KeyringNewValue</code> to a keyslot.
Requires the keyslot to be enabled with WriteByCmepAllowed flag set.


Write a keyring to this address, and the Bigmac Keyring Controller will write value from physical address 0xE0030000 to the keyring.
Write target keyslot ID to this address, and the Bigmac Keyring Controller will write the key in <code>KeyringNewValue</code> to specified keyslot.
 
Write-only. Reads as zero.


== 0xE0030024: KeyringClearFlags ==
== 0xE0030024: KeyringClearFlags ==
Line 115: Line 235:
     Bit0-15:  KeyringId
     Bit0-15:  KeyringId
     Bit16-31: KeyringClearFlagsMask
     Bit16-31: KeyringClearFlagsMask
Write-only. Reads as zero.


== 0xE0030028: KeyringQueryFlags ==
== 0xE0030028: KeyringQueryFlags ==
Line 121: Line 243:


     Bit0-15: KeyringId
     Bit0-15: KeyringId
Write-only. Reads as zero.


== 0xE003002C: KeyringQueryFlagsResponse ==
== 0xE003002C: KeyringQueryFlagsResponse ==
This register is read-only.


     Bit Mask value    Clearable  Description
     Bit Mask value    Clearable  Description
Line 132: Line 258:
     18 (0x0004 0000): Clearable | ShaHmacAllowed (SHA1+SHA256)
     18 (0x0004 0000): Clearable | ShaHmacAllowed (SHA1+SHA256)
     19 (0x0008 0000): Clearable | AesCmacAllowed
     19 (0x0008 0000): Clearable | AesCmacAllowed
     20 (0x0010 0000): Clearable | ?EmmcCryptoAllowed (qualified guess!, maybe AES XTS)?. ?Master keyring can target memory?
     20 (0x0010 0000): Clearable | Master keyring can target memory.
     21 (0x0020 0000): Fixed    | IsMaster. Master keyring can target slave keyring (based on Mask Group below).
     21 (0x0020 0000): Fixed    | IsMaster. Master keyring can target slave keyring (based on Mask Group below).
     22 (0x0040 0000): Fixed    | MemberOfGroup0. Keyring Pairing Lock Mask Group 0 (master keyrings 0x204-0x205 and slave keyrings 0-7).
     22 (0x0040 0000): Fixed    | MemberOfGroup0. Keyring Pairing Lock Mask Group 0 (master keyrings 0x204-0x205 and slave keyrings 0-7).
Line 138: Line 264:
     24 (0x0100 0000): Fixed    | MemberOfGroup2. Keyring Pairing Lock Mask Group 2 (master keyrings 0x340-0x343 and slave keyrings 0x10-0x1F).
     24 (0x0100 0000): Fixed    | MemberOfGroup2. Keyring Pairing Lock Mask Group 2 (master keyrings 0x340-0x343 and slave keyrings 0x10-0x1F).
     25 (0x0200 0000): Fixed    | MemberOfGroup3. Keyring Pairing Lock Mask Group 3 (master keyrings 0x344-0x353 and slave keyrings 0x20-0x2F).
     25 (0x0200 0000): Fixed    | MemberOfGroup3. Keyring Pairing Lock Mask Group 3 (master keyrings 0x344-0x353 and slave keyrings 0x20-0x2F).
     26 (0x0400 0000): Clearable | ?WriteByBigmacAllowed?. ?Locked keyring can target cmep memory.?
     26 (0x0400 0000): Clearable | ?WriteByBigmacAllowed?. ?Locked keyring can target Cmep memory.?
     27 (0x0800 0000): Clearable | WriteByCmepAllowed. Can be written directly by cmep.
     27 (0x0800 0000): Clearable | WriteByCmepAllowed. Can be written directly by Cmep.
     28 (0x1000 0000): Clearable | ReadByCmepAllowed. Can be read directly by cmep.
     28 (0x1000 0000): Clearable | ReadByCmepAllowed. Can be read directly by Cmep.


A normal keyring is a keyring that do not belong to any group (bit21-25 are all zeroes). It can be written by slaves of groups, and also by normal non-keyring operations. They can write to ?a normal keyring or to external memory?.
A normal keyring is a keyring that do not belong to any group (bit21-25 are all zeroes). It can be written by slaves of groups, and also by normal non-keyring operations. They can write to ?a normal keyring or to external memory?.
Line 150: Line 276:
VULN!! If a keyring has AesDecryptAllowed flag, it is possible to encrypt arbitrary AES blocks without AesEncryptAllowed flag by using AES CTR mode.
VULN!! If a keyring has AesDecryptAllowed flag, it is possible to encrypt arbitrary AES blocks without AesEncryptAllowed flag by using AES CTR mode.


= SceBignum controller =
= 0xE0040000: SceBignum controller =


== 0xE0040108: RsaSignatureBuffer ==
NOTE: the Bignum registers are mirrored every 0x1000 bytes (e.g., register 0xE0040020 is also visible at 0xE0048020, 0xE004F020, ...)


Size: 0x100 bytes.
{| class="wikitable"
|-
! Address !! RW permissions !! Description
|-
| 0xE0040000 || RW || Bignum RAM (0x800 bytes)
|-
| 0xE0040800 || RO || Status register
|-
| 0xE0040804 || ? || ?
|-
| 0xE0040808 || ? || ?
|}


== 0xE0040400: RsaModulusBuffer ==
== 0xE0040800: BignumStatus ==


Size: 0x100 bytes.
<source>
0x02000000 : error
0x04000000 : busy for vEX (exponent)
0x08000000 : still need vEX (exponent)
0x80000000 : busy
</source>


== 0xE0040800: RsaControl ==
= 0xE0050000: Bigmac Crypto Controller =


In DWORDs.
See [[DMAC#Bigmac]].  


== 0xE0040800: RsaStatus ==
When Keyring is set to src, only slots with the 0x1000 flag can be targeted. Selecting a slot that does not have 0x1000 will only read zeros.


    Bit31: Busy
== 0xE005000C: Bigmac crypto controller function ==
 
== 0xE0040808: RsaExponent ==
 
= Bigmac Crypto Controller =


<source lang="C">
There is usage of higher bits in the commands that do not seem to have much affect. For the encryption examples, 0xC002000 is also set on the command upper bits.
// base: 0xE0050000 (channel0), 0xE0050080 (channel1)
typedef struct BigmacOp {
const void *src;
union {
void *dst;
SceUInt32 dst_keyring_id;
};
SceSize len;
int func; // operation


SceUInt32 work_keyring_id;
Also some bits seem to affect the ARM cache.
void *iv;
void *next;
int ready; // Writing 1 here starts the operation.
 
int status;
int res; // Set when invalid keyring (0xFFF). Bit18: Set when keyring is not allowed to perform operation.
} BigmacOp;
</source>
 
== 0xE005000C: Bigmac crypto controller function ==
 
Unlike for [[Dmac5]], DES is not supported for KR Controller, but most commands are the same.


   Bits    Mask Value  Description
   Bits    Mask Value  Description
  0~ 2 | 0x00000007 | The func index
    0~2 | 0x00000007 | Algorithm
  3~ 5 | 0x00000038 | The algo index
    3~5 | 0x00000038 | Mode
  6   | 0x00000040 | Probably use DES
      6 | 0x00000040 | DES
  7   | 0x00000080 | Using external key (not keyring)
      7 | 0x00000080 | Use external key (a key placed at 0xE0050200 is used instead of the key in the keyring)
  8~11 | 0x00000300 | Keysize. 0x000:64-bits 0x100:128-bits 0x200:192-bits 0x300:256-bits
    8~9 | 0x00000300 | Key size for AES and DES functions. 0x000: 64-bits, 0x100: 128-bits, 0x200: 192-bits, 0x300: 256-bits
   12~13 | 0x00000C00 | Hash transform flags. 0x400:hashUpdate 0x800:hashFinalize 0xC00:Probably a fusion of hashUpdate and hashFinalize?
   10~11 | 0x00000C00 | Hash transform flags. 0x400: hashUpdate, 0x800: hashFinalize
   14~27 | 0x0FFFF000 | Unknown
    12 | 0x00001000 | Unknown. Used by sceDmacMemcpy/sceDmacMemset.
  28   | 0x10000000 | Dst is keyring
    13 | 0x00002000 | Unknown. Some common option.
   14~23 | 0x00FFC000 | Unknown
  24~25 | 0x03000000 | Some address callback. Used by sceDmacMemcpy/sceDmacMemset. If set, need to call sceKernelSysrootDisableAutoClockDownForDriver. Setting this bit with an AES function triggers hang.
  26~27 | 0x0C000000 | Unknown
    28 | 0x10000000 | Is destination a keyring
   29~31 | 0xE0000000 | Unknown
   29~31 | 0xE0000000 | Unknown


Func list
Functions list:
    Index  Real Value  Description
* 0x00000000 Copy
        0 | 0x00000000 | Memcpy (DMAC only)
* 0x00000001 Encrypt. Default algorithm is AES. Default mode is ECB.
        1 | 0x00000001 | AesEcbEncrypt
* 0x00000002 Decrypt. Default algorithm is AES. Default mode is ECB.
        2 | 0x00000002 | AesEcbDecrypt
* 0x00000003 Hash. Default algorithm is SHA-1.
        3 | 0x00000003 | Secure Hash Algorithm (The default is SHA1)
* 0x00000004 RNG
        4 | 0x00000004 | RNG
* 0x00000008 CBC mode
        5 | 0x00000005 | Unknown
* 0x0000000B Sha224
        6 | 0x00000006 | Unknown
* 0x0000000C Memset
        7 | 0x00000007 | Unknown
* 0x00000010 CTR mode
* 0x00000013 Sha256
* 0x00000020 HMAC-Sha
* 0x0000003B CBC-MAC (The size written to dst is always 16-bytes)
* 0x00000040 DES


Algo list
Functions examples:
    Index  Func  Real Value  Description
* 0x00000001 AesEcbEncrypt
        0 |    X | 0x00000008 | The first algo
* 0x00000009 AesCbcEncrypt
        0 |    0 | 0x00000008 | Unknown
* 0x00000011 AesCtrEncrypt
        0 |    1 | 0x00000009 | AesCbcEncrypt
* 0x00000002 AesEcbDecrypt
        0 |    2 | 0x0000000A | AesCbcDecrypt
* 0x0000000A AesCbcDecrypt
        0 |    3 | 0x0000000B | SHA224
* 0x00000012 AesCtrDecrypt
        0 |    4 | 0x0000000C | Memset
* 0x00000041 DesEcbEncrypt
        0 |    5 | 0x0000000D | Unknown
* 0x00000042 DesEcbDecrypt
        0 |    6 | 0x0000000E | Unknown
* 0x00000049 DesCbcEncrypt
        0 |    7 | 0x0000000F | Unknown
* 0x0000004A DesCbcDecrypt
        1 |    X | 0x00000010 | The second algo
* 0x00000003 SHA1
        1 |    0 | 0x00000010 | AesCtr (?)
* 0x0000000B SHA224
        1 |    1 | 0x00000011 | AesCtrEncrypt
* 0x00000013 SHA256
        1 |    2 | 0x00000012 | AesCtrDecrypt
* 0x00000023 HmacSha1
        1 |    3 | 0x00000013 | SHA256
* 0x0000002B HmacSha224
        1 |    4 | 0x00000014 | Unknown
* 0x00000033 HmacSha256
        1 |    5 | 0x00000015 | Unknown
* 0x0000003B AesCmac/AES-CBC-MAC-64 (CMAC, OMAC1)
        1 |    6 | 0x00000016 | Unknown
* 0x00000004 RNG
        1 |    7 | 0x00000017 | Unknown
* 0x0000000C Memset (ch is written to MacDevice offset 0x104. On FW 3.600.011, the ch is at offset 0x34)
        2 |    X | 0x00000018 | The third algo
        2 |    0 | 0x00000018 | Unknown
        2 |    1 | 0x00000019 | Unknown
        2 |    2 | 0x0000001A | Unknown
        2 |    3 | 0x0000001B | !!! HANG !!!
        2 |    4 | 0x0000001C | Unknown
        2 |    5 | 0x0000001D | Unknown
        2 |    6 | 0x0000001E | Unknown
        2 |    7 | 0x0000001F | Unknown
        3 |    X | 0x00000020 | The 4th algo
        3 |    0 | 0x00000020 | AesCtr (?)
        3 |    1 | 0x00000021 | AesCtrEncrypt
        3 |    2 | 0x00000022 | AesCtrEdcrypt
        3 |    3 | 0x00000023 | HmacSha1
        3 |    4 | 0x00000024 | Unknown
        3 |    5 | 0x00000025 | Unknown
        3 |    6 | 0x00000026 | Unknown
        3 |    7 | 0x00000027 | Unknown
        4 |    X | 0x00000028 | The 5th algo
        4 |    0 | 0x00000028 | Unknown
        4 |    1 | 0x00000029 | Unknown
        4 |    2 | 0x0000002A | Unknown
        4 |    3 | 0x0000002B | HmacSha224. This is DMAC only. If running on Bigmac, it triggered hang up.
        4 |    4 | 0x0000002C | Unknown
        4 |    5 | 0x0000002D | Unknown
        4 |    6 | 0x0000002E | Unknown
        4 |    7 | 0x0000002F | Unknown
        5 |    X | 0x00000030 | The 6th algo
        5 |    0 | 0x00000030 | Unknown
        5 |    1 | 0x00000031 | Unknown
        5 |    2 | 0x00000032 | Unknown
        5 |    3 | 0x00000033 | HmacSha256
        5 |    4 | 0x00000034 | Unknown
        5 |    5 | 0x00000035 | Unknown
        5 |    6 | 0x00000036 | Unknown
        5 |    7 | 0x00000037 | Unknown
        6 |    X | 0x00000038 | The 7th algo
        6 |    0 | 0x00000038 | Unknown
        6 |    1 | 0x00000039 | Unknown
        6 |    2 | 0x0000003A | Unknown
        6 |    3 | 0x0000003B | AesCmac
        6 |    4 | 0x0000003C | Unknown
        6 |    5 | 0x0000003D | Unknown
        6 |    6 | 0x0000003E | Unknown
        6 |    7 | 0x0000003F | Unknown


  Bit0-6: Algorithm
Unlike for [[DMAC#DMAC5|Dmac5]], DES is not supported by Bigmac and it triggers hang up (to confirm). Note that if keysize is 128 or 192, DES is in fact 3DES. If both DES and SHA bits are set, DES bit is ignored and SHA command is executed.
  0x00 = Zeroes?
  0x01 = AesEcbEncrypt
  0x02 = AesEcbDecrypt
  0x03 = Sha1
  0x04 = Rng
  0x05 = Zeroes
  0x06 = Zeroes
  0x07 = Zeroes
  0x09 = AesCbcEncrypt
  0x0A = AesCbcDecrypt
  0x0B = Sha224
  0x0C = memset
  0x0D = Zeroes
  0x0E = Zeroes
  0x0F = Zeroes
  0x10 = AesCtr
  0x11 = AesCtrEncrypt
  0x12 = AesCtrDecrypt
  0x13 = Sha256
  0x1B = !!! HANG !!!
  0x23 = HmacSha1, keylength=32 bytes
  0x2B = !!! HANG !!!
  0x33 = HmacSha256, keylength=32 bytes
  0x3B = AesCmac
  0x41  = !!! HANG !!! (DES-64-ECB encrypt in DMAC5)
  0x43 = <0x03>
  0x4B = <0x0b>
  0x53 = <0x13>
  0x61  = !!! HANG !!!
  0x7B = <0x3b>


    Bit7:   UseExternalKey
Key sizes examples:
    Bit8-10: KeySize (0=64bit, 1=128bit, 2=192bit, 3=256bit)
* 0x00000101 Aes128EcbEncrypt
            (Applies only to AesEcb, AesCbc, AesCmac)
* 0x00000102 Aes128EcbDecrypt
    Bit11:  Nothing noticable for AesEcbEncrypt
* 0x00000201 Aes192EcbEncrypt
    Bit12:  Nothing noticable for AesEcbEncrypt
* 0x00000202 Aes192EcbDecrypt
    Bit24:  Causes hang
* 0x00000301 Aes256EcbEncrypt
    Bit25:  Causes hang
* 0x00000302 Aes256EcbDecrypt
    Bit28:  IsDstKeyring
* 0x00000109 Aes128CbcEncrypt
* 0x0000010A Aes128CbcDecrypt
* 0x00000209 Aes192CbcEncrypt
* 0x0000020A Aes192CbcDecrypt
* 0x00000309 Aes256CbcEncrypt
* 0x0000030A Aes256CbcDecrypt
* 0x0000013B Aes128Cmac/AES-CBC-MAC-128 (CMAC, OMAC1)
* 0x0000023B Aes192Cmac/AES-CBC-MAC-192 (CMAC, OMAC1)
* 0x0000033B Aes256Cmac/AES-CBC-MAC-256 (CMAC, OMAC1)


The following are known to be able to write keyrings:
The following commands are known to be able to write to keyrings:
   * AesEcbEncrypt/Decrypt:
   * AesEcbEncrypt/Decrypt:
       Size is rounded up to multiple of 4.
       Size is rounded up to multiple of 4.
       If size > 16, size = 16.
       If size > 16, size = 16.
 
     
       Read |size| bytes from |src| into HW state.
       Read |size| bytes from |src| into HW state.
       The remaining 16-|size| bytes of state *ARE KEPT FROM RESULT OF PREVIOUS AES OPERATION*.
       The remaining 16-|size| bytes of state *ARE KEPT FROM RESULT OF PREVIOUS AES OPERATION*.
       VULN! This allows key recovery of all slave keyrings during boot.
       VULN! This allows key recovery of all slave keyrings during boot.
 
     
       The key written to keyring is always 16 bytes long, padded with 00's.
       The key written to keyring is always 16 bytes long, padded with 00's.
 
     
   * AesCbcEncrypt/Decrypt: Size is rounded up to multiple of 4.  
   * AesCbcEncrypt/Decrypt: Size is rounded up to multiple of 4.  
   * AesCtrEncrypt/Decrypt: Size is rounded up to multiple of 4.
   * AesCtrEncrypt/Decrypt: Size is rounded up to multiple of 4.
Line 354: Line 412:
VULN! Any SHA with length==0 produces an output of all zeroes!
VULN! Any SHA with length==0 produces an output of all zeroes!


== 0xE005003C: Bigmac Rng ==
== 0xE0050104: Busy bigmac channels ==
RW Bitfield: bit0 - channel0 busy, bit1 - channel1 busy


Reads a random value.
== 0xE0050108: Disabled bigmac channels ==
RO Bitfield: bit0 - channel0 disabled, bit1 - channel1 disabled


== 0xE0050100: Bigmac unknown 0x100 data ==
== 0xE005011C: Bigmac exception status ==
* 0xE0050118: optional exception data such as illegal addr, RO
* 0xE005011C: exception bitfield (eg bit8 illegal read, bit9 illegal write, higher bits are OPids - interface, cmd, internal etc)
Once an exception occurs and the bitfield is set, you must ack by clearing it otherwise no further exceptions will be logged.


== 0xE0050200: Bigmac External Key ==
== 0xE0050200: Bigmac External Key ==
Line 368: Line 431:
= Bigmac Key Ring Base =
= Bigmac Key Ring Base =


See [[F00D Key Ring Base]].
See [[Cmep Key Ring Base]].
 
All keyrings flags are reset when Cmep is reset.
 
  Keyrings lock list
    Location        Keyring      Clear    When
    first_loader |        0xA | 0x1C1F | decrypt_enc_body
                          0x20 | 0x1C1F | update_slsk_metadata_keys
                          0x207 | 0x1C1F | remove_slsk_personalization
                    0x208~0x20D | 0x1C1F | update_slsk_metadata_keys
                          0x20F | 0x1C0F | set first eMMC key
                          0x501 | 0x0800 | update_bigmac_key_0x501
                    0x700~0x7FF | 0x1000 | slsk_header_rsa_check
                    Any keyring | 0x1C1F | disable_bigmac_keys_by_header
    second_loader |      0x20E | 0x1FEF | set second eMMC key
    secure_kernel |        0x8 | 0x1FFE | on TZS communication
                      0x2~  0x7 | 0x1FFF | on TZS communication
                      0x9~  0xF | 0x1FFF | on TZS communication
                    0x11~ 0x21 | 0x1FFF | on TZS communication
                    0x25~ 0x2F | 0x1FFF | on TZS communication
                    0x35~ 0x7F | 0x1FFF | on TZS communication
                    0x101~0x17F | 0x1FFF | on TZS communication
                    0x200~0x203 | 0x1FFF | on TZS communication
                    0x206~0x20D | 0x1FFF | on TZS communication
                    0x20E~0x20F | 0x1FEF | on TZS communication
                    0x210~0x211 | 0x1FFF | on TZS communication
                    0x214~0x215 | 0x1FFF | on TZS communication
                          0x217 | 0x1FFF | on TZS communication
                    0x300~0x33F | 0x1FFF | on TZS communication
                    0x341~0x344 | 0x1FFF | on TZS communication
                    0x349~0x3FF | 0x1FFF | on TZS communication
                    0x400~0x47F | 0x1FFF | on TZS communication
                          0x50E | 0x0800 | on TZS communication
                    0x51C~0x57F | 0x1FFF | on TZS communication
                    0x605~0x607 | 0x1FFF | on TZS communication
                    0x700~0x7FF | 0x1FFF | on TZS communication


== 0xE0058000: Bigmac KeyRings ==
== 0xE0058000: Bigmac KeyRings ==


Size: 0x10000 bytes.
Size: 0x10000 bytes.
0x000-0x07F:
    Initial state: Empty keyrings.
    0x000-0x007: Empty group0 slave keyrings, for AES decryption only.
    0x008-0x00F: Empty group1 slave keyrings, any algo.
    0x010-0x01F: Empty group2 slave keyrings, for AES decryption only.
    0x020-0x02F: Empty group3 slave keyrings, any algo.
    0x030-0x07F: Empty normal keyrings, any algo.
0x100-0x17F:
    Initial state: Empty keyrings.
    0x100-0x17F: Empty normal keyrings, any algo.
0x200-0x217:
    Initial state: Filled in, key material.
    0x200-0x203: AES decryption-only keys (for memory buffers).
    0x204-0x205: Master keys (for group0), any algo.
    0x206-0x20D: Master keys (for group1), any algo.
    0x20E-0x20F: Emmc keys, fully protected.
    0x210-0x217: General purpose keys (for memory buffers).
0x300-0x3FF:
    Initial state: Filled in, key material.
    0x300-0x33F: AES decryption-only keys (for memory buffers).
    0x340-0x343: Master keys (for group2), any algo.
    0x344-0x353: Master keys (for group3), any algo.
    0x354-0x3FF: General purpose keys (for memory buffers).
0x400-0x47F:
    Initial state: Empty data storage, read-write from keyring.
0x500-0x57F:
    Initial state: Empty data storage, read-write from keyring.
0x600-0x607:
    Initial state: Filled in data, read-only. Keyring only.
    0x603: DWORD BootromFlags.
      Bit0-15: HasRsaRevocationKey. This is set to 0xFFFF.
      Bit16:  UseAlternativeEmmcClock
0x700-0x77F:
    Initial state: Filled in data, read-only. Keyring only.
    0x700-0x708: RsaRevocationKey0
    0x708-0x710: RsaRevocationKey1
    0x710-0x718: RsaRevocationKey2
    0x718-0x720: RsaRevocationKey3
    0x720-0x728: RsaRevocationKey4
    0x728-0x730: RsaRevocationKey5
    ...
    0x778-0x780: RsaRevocationKey15


= 0xE0070000: SceEmmcController =
= 0xE0070000: SceEmmcController =
Line 432: Line 480:
| 0xE0070000 || 4 || Ex: 1. Set to 0, then 1 after writing to 0xE0070008.
| 0xE0070000 || 4 || Ex: 1. Set to 0, then 1 after writing to 0xE0070008.
|-
|-
| 0xE0070008 || 4 || Set to 0x020E020F in second_loader. ?eMMC related?
| 0xE0070008 || 4 || Set to 0x020E020F in second_loader. Probably also set to 0x020E020F in first_loader.
|-
|-
| 0xE007000C || 4 || Ex: 2.
| 0xE007000C || 4 || Ex: 2.
Line 439: Line 487:
|}
|}


== 0xE0070000: EmmcCrypto Toggle/Status? ==
== 0xE0070000: EmmcCrypto Toggle ==


Toggle: Set to 1.
Toggle: Set to 1 to enable eMMC crypto, 0 to disable.


Status: enabled emmc enc/dec?
== 0xE0070004: EmmcCrypto availability status ==


== 0xE0070004: EmmcCrypto avalaible status ==
bit0 (& 1): <code>boot device status</code> - if set, [[Second Loader]] aborts.


bit0(& 1): Not available -> second_loader throws error.
== 0xE0070008: EmmcCrypto keyrings indexes ==


== 0xE0070008: EmmcCrypto keyset ==
There are two 16-bit keyrings indexes.


Read value example: 0x20E and 0x20F (FW 1.69-3.73).
Ex: 0x020E020F (set in 1.69-3.740.011 second_loader): keyrings 0x20E and 0x20F.


write only.
Only writeable.
 
If set to an invalid keyring, eMMC crypto is disabled.


== 0xE007000C: Unknown ==
== 0xE007000C: Unknown ==
Line 459: Line 509:
Read value example: 2
Read value example: 2


= 0xE00C0000 =
= 0xE00C0000 - Cmep XBar =
 
== 0xE00CC000: Unknown ==
 
Unknown. Read value example: 0x10006331
 
== 0xE00CC014: Unknown ==
 
Unknown. Read value example: 0x300000
 
== 0xE00CC070: Unknown ==
 
Unknown. Read value example: 1
 
== 0xE00CC078: Unknown ==
 
Unknown. Read value example: 0x300
 


[[Category:Keyring]]
[[Category:Cmep]]
[[Category:ARM]]
[[Category:MMIO]]

Latest revision as of 19:35, 9 October 2024

0xE0000000: Mailbox

The mailbox is used for communication between ARM TrustZone and Cmep (Second Loader and Secure Kernel), and with the debugger. Communication seems to go through some sort of FIFO register.

Messages

Messages are sent by Cmep to ARM TrustZone using the lower 16-bits at 0xE0000000. When ARM TrustZone has read it, the register is set to 0.

ARM TrustZone can write a 32-bit response to 0xE0000010. For ARM to Cmep, bit0 is used to indicate that the message has been written by ARM TrustZone.

     1 = Request succeeded
     4 = Debug string
 0x101 = Main init started
 0x102 = Sm can be loaded/resumed
 0x103 = Sm resumed successfully
 0x104 = Sm was shut down
 0x106 = Main shutting down
 0x107 = Suspend beginning
 0x108 = Ready for suspending, when using the async version.
0x8016 = Error: Invalid address range
0x802F = Error: Failed to init E003, E006.

0xE0000000: MailboxCmepToArm

Response to ARM is written here. To read, get a double word from physical address 0xE0000000. If it returns 0, no data is available. Otherwise, acknowledge that the data has been read by ARM TrustZone by putting the same data into 0xE0000000.

Address RW permissions Use Description
0xE0000000 RW Status Read for status.
0xE0000004 RW Result Cmep to ARM. 1: success. 3: command not found. 5: Invalid arguments. Used by SMC 0x12d, 0x136, 0x137, 0x13B, interrupt 0xC8.
0xE0000008 RW ? Used by SMC 0x12d, 0x136, 0x137, 0x13B, interrupt 0xC8.
0xE000000C RW ? Used by SMC 0x12d, 0x136, 0x137, 0x13B, interrupt 0xC8.

0xE0000010: MailboxArmToCmep

Request from ARM is written here. To write, put the double word into physical address 0xE0000010. Next read 0xE0000010 until it returns 0, which indicates the data was read by Cmep.

Address RW permissions Use Description
0xE0000010 RW Command ARM to Cmep. Send a command to Cmep.
0xE0000014 RW Arguments ARM to Cmep. (PA & 1) == 1: valid arguments. See Executing Secure Module functions.
0xE0000018 RW ? See Executing Secure Module functions.
0xE000001C RW ? See Executing Secure Module functions.

0xE0000020: MailboxCmepToDebugger

Size: 2 * DWORD.

0xE0000028: MailboxDebuggerToCmep

Size: 2 * DWORD.

0xE0000054: unknown

Address RW permissions Use Description
0xE0000054 RW ? Used by SMC 0x12d, 0x135, 0x13B, interrupt 0xC8.
0xE0000058 RW ? Used by SMC 0x12d, 0x135, 0x13B, interrupt 0xC8.
0xE000005C RW ? Used by SMC 0x12d, 0x135, 0x13B, interrupt 0xC8.

0xE0000060: MailboxDebuggerToCmep2

Size: 2 * DWORD.

0xE0000080

Unknown. Seen values: 0x1

0xE0010000: Cmep controller

Address Length Description
0xE0010000 4 CMeP reset register
0xE0010004 4 crySboot. Read by second_loader, checked against mask (& 5) and (& 8). Read by TZ after setting reset, checked if flag 0x80000000 is set. Ex: 0x80000005. Writing values to it from cmep does nothing.
0xE0010008 4 CMeP reset pulse register
0xE001000C 4 Bignum/Bigmac reset register
0xE0010010 4 ??? reset register

0xE0010000: CmepReset

   [31:01] Reserved (RAZ/WI)
   [00:00] CMeP reset gate
      0: CMeP is not placed under reset
      1: CMeP is placed under reset

ARM uses this register to reset CMeP. ?Used by Cmep command 0 to prepare Cmep to receive an address that contains the secure_kernel.enp.?

0xE0010004: crySboot

This register is read-only.

   [31:31] IsCmepAlive
      1: CMeP is running (what does this mean?)
   [30:04] Reserved (RAZ)
   [03:03] crySboot2
   [02:02] crySboot1<1>
   [01:01] Reserved (RAZ)
   [00:00] crySboot1<0>
       (i.e., crySboot1 = (bit 2 | bit 0) = (crySboot & 0x5))

Used by Cmep command 0 to check if the value written in 0xE0010000 is okay (it should return a value <= 0).

0xE0010008: CMeP reset pulse

Reads as zero.

Writing any value triggers a CMeP reset (as if 1 then 0 had been written to 0xE0010000).

0xE001000C: Bignum/Bigmac reset

  [31:02] Reserved (RAZ/WI)
  [01:01] ? reset gate
     0: ? is not placed under reset
     1: ? is placed under reset
  [00:00] ? reset gate
     0: ? is not placed under reset
     1: ? is placed under reset

0xE0010010: ??? reset

This register is only present Kermit1.0 ES3.2+ (and Kermit1.5).

Value seen after system is initialized: 0x00000001

 [31:11] Reserved (RAZ/WI)
 [10:10] ? reset gate
 [09:09] ? reset gate
 [08:08] ? reset gate
 [07:07] ? reset gate
 [06:06] ? reset gate
 [05:05] ? reset gate
 [04:04] ? reset gate
 [03:03] ? reset gate
 [02:02] ? reset gate
 [01:01] ? reset gate
 [00:00] ? reset gate

Each bit corresponds to a different secure device.

0xE0020000: Cmep 0xE0020000

Address Length Description
0xE0020000 4 second_loader sets it to 0x30003 after ?clearing keys?. secure_kernel sets it to 0x2000F.
0xE0020004 4 cryAio. Read-only/write-once? Read by second_loader, checked against 0x8000001F. Also set to ?0? by second_loader when setting 0x30003 at 0xE0020000.
0xE0020008 4 Bits 0x1F are RW. All others are RAZ/WI. Usually 0.
0xE002000C 0x14 RAZ/WI
0xE0020020 4 RAZ/WI? Used in bignum powmod worker. Checked for 0 by second_loader. May be a kind of timer or working state.
0xE0020024 0x1C RAZ/WI
0xE0020040 0x10 Read As
0xE0020060 0xA0 RAZ/WI
0xE0020100 0x20 Write-once? Per-console 256-bit key from keyring 0x602 is copied here by second_loader.

0xE0020000 flags

   Bit0: Reboot when cleared.
   Bit1: Makes first_loader load secure_kernel. Hang when cleared and unrecoverable.
   Bit2: No hang when cleared.
   Bit3: No hang when cleared.
   Bit4: ?
   Bit5: ?
   Bit16: Allows ARM to reset Cmep. No hang when cleared.
   Bit17: ?

0xE0030000: Bigmac Keyring controller

This device is mapped to ScePervasiveResetReg at offset 0x190 for controlling reset and enabling mask writing.

typedef struct BigmacKeyringControllerRegs { // physical address 0xE0030000
	SceUInt32 keyring_new_value[8];
	SceUInt32 keyring_set_value_trigger;
	SceUInt32 keyring_clear_flags;
	SceUInt32 keyring_query_flags_request;
	SceUInt32 keyring_query_flags_response;
} BigmacKeyringControllerRegs;

0xE0030000: KeyringNewValue

Write-only. Reads as zero.

0xE0030020: KeyringSetValueTrigger

Write value currently held in KeyringNewValue to a keyslot. Requires the keyslot to be enabled with WriteByCmepAllowed flag set.

Write target keyslot ID to this address, and the Bigmac Keyring Controller will write the key in KeyringNewValue to specified keyslot.

Write-only. Reads as zero.

0xE0030024: KeyringClearFlags

Note that there is no known way to set some keyrings flags in any way (doing keyring_flags |= or_flags), even though the opposite (clearing flags) is doable for some flags.

Writing ((flags_mask<<16)|keyring_id) to keyring_clear_flags clear flags for this keyring.

   Bit0-15:  KeyringId
   Bit16-31: KeyringClearFlagsMask

Write-only. Reads as zero.

0xE0030028: KeyringQueryFlags

Writing keyring_id to keyring_query_flags_request returns current flags in keyring_query_flags_response.

   Bit0-15: KeyringId

Write-only. Reads as zero.

0xE003002C: KeyringQueryFlagsResponse

This register is read-only.

   Bit Mask value    Clearable   Description
   0  (0x0000 0001): N/A       | KeyringExists
   1  (0x0000 0002): N/A       | KeyringEnabled. You cannot use the keyring if this is not set.
   2  (0x0000 0004): N/A       | Unknown
   16 (0x0001 0000): Clearable | AesEncryptAllowed (CTR+CBC+ECB, any key size)
   17 (0x0002 0000): Clearable | AesDecryptAllowed (CTR+CBC+ECB, any key size)
   18 (0x0004 0000): Clearable | ShaHmacAllowed (SHA1+SHA256)
   19 (0x0008 0000): Clearable | AesCmacAllowed
   20 (0x0010 0000): Clearable | Master keyring can target memory.
   21 (0x0020 0000): Fixed     | IsMaster. Master keyring can target slave keyring (based on Mask Group below).
   22 (0x0040 0000): Fixed     | MemberOfGroup0. Keyring Pairing Lock Mask Group 0 (master keyrings 0x204-0x205 and slave keyrings 0-7).
   23 (0x0080 0000): Fixed     | MemberOfGroup1. Keyring Pairing Lock Mask Group 1 (master keyrings 0x206-0x20D and slave keyrings 8-0xF).
   24 (0x0100 0000): Fixed     | MemberOfGroup2. Keyring Pairing Lock Mask Group 2 (master keyrings 0x340-0x343 and slave keyrings 0x10-0x1F).
   25 (0x0200 0000): Fixed     | MemberOfGroup3. Keyring Pairing Lock Mask Group 3 (master keyrings 0x344-0x353 and slave keyrings 0x20-0x2F).
   26 (0x0400 0000): Clearable | ?WriteByBigmacAllowed?. ?Locked keyring can target Cmep memory.?
   27 (0x0800 0000): Clearable | WriteByCmepAllowed. Can be written directly by Cmep.
   28 (0x1000 0000): Clearable | ReadByCmepAllowed. Can be read directly by Cmep.

A normal keyring is a keyring that do not belong to any group (bit21-25 are all zeroes). It can be written by slaves of groups, and also by normal non-keyring operations. They can write to ?a normal keyring or to external memory?.

A master keyring can only write into a slave keyring belonging to the same group(s) as itself. A master keyring cannot write into a non-slave keyring or external memory.

A slave keyring can write to a normal keyring or to external memory, but not to a master keyring.

VULN!! If a keyring has AesDecryptAllowed flag, it is possible to encrypt arbitrary AES blocks without AesEncryptAllowed flag by using AES CTR mode.

0xE0040000: SceBignum controller

NOTE: the Bignum registers are mirrored every 0x1000 bytes (e.g., register 0xE0040020 is also visible at 0xE0048020, 0xE004F020, ...)

Address RW permissions Description
0xE0040000 RW Bignum RAM (0x800 bytes)
0xE0040800 RO Status register
0xE0040804 ? ?
0xE0040808 ? ?

0xE0040800: BignumStatus

0x02000000 : error
0x04000000 : busy for vEX (exponent)
0x08000000 : still need vEX (exponent)
0x80000000 : busy

0xE0050000: Bigmac Crypto Controller

See DMAC#Bigmac.

When Keyring is set to src, only slots with the 0x1000 flag can be targeted. Selecting a slot that does not have 0x1000 will only read zeros.

0xE005000C: Bigmac crypto controller function

There is usage of higher bits in the commands that do not seem to have much affect. For the encryption examples, 0xC002000 is also set on the command upper bits.

Also some bits seem to affect the ARM cache.

 Bits    Mask Value   Description
   0~2 | 0x00000007 | Algorithm
   3~5 | 0x00000038 | Mode
     6 | 0x00000040 | DES
     7 | 0x00000080 | Use external key (a key placed at 0xE0050200 is used instead of the key in the keyring)
   8~9 | 0x00000300 | Key size for AES and DES functions. 0x000: 64-bits, 0x100: 128-bits, 0x200: 192-bits, 0x300: 256-bits
 10~11 | 0x00000C00 | Hash transform flags. 0x400: hashUpdate, 0x800: hashFinalize
    12 | 0x00001000 | Unknown. Used by sceDmacMemcpy/sceDmacMemset.
    13 | 0x00002000 | Unknown. Some common option.
 14~23 | 0x00FFC000 | Unknown
 24~25 | 0x03000000 | Some address callback. Used by sceDmacMemcpy/sceDmacMemset. If set, need to call sceKernelSysrootDisableAutoClockDownForDriver. Setting this bit with an AES function triggers hang.
 26~27 | 0x0C000000 | Unknown
    28 | 0x10000000 | Is destination a keyring
 29~31 | 0xE0000000 | Unknown

Functions list:

  • 0x00000000 Copy
  • 0x00000001 Encrypt. Default algorithm is AES. Default mode is ECB.
  • 0x00000002 Decrypt. Default algorithm is AES. Default mode is ECB.
  • 0x00000003 Hash. Default algorithm is SHA-1.
  • 0x00000004 RNG
  • 0x00000008 CBC mode
  • 0x0000000B Sha224
  • 0x0000000C Memset
  • 0x00000010 CTR mode
  • 0x00000013 Sha256
  • 0x00000020 HMAC-Sha
  • 0x0000003B CBC-MAC (The size written to dst is always 16-bytes)
  • 0x00000040 DES

Functions examples:

  • 0x00000001 AesEcbEncrypt
  • 0x00000009 AesCbcEncrypt
  • 0x00000011 AesCtrEncrypt
  • 0x00000002 AesEcbDecrypt
  • 0x0000000A AesCbcDecrypt
  • 0x00000012 AesCtrDecrypt
  • 0x00000041 DesEcbEncrypt
  • 0x00000042 DesEcbDecrypt
  • 0x00000049 DesCbcEncrypt
  • 0x0000004A DesCbcDecrypt
  • 0x00000003 SHA1
  • 0x0000000B SHA224
  • 0x00000013 SHA256
  • 0x00000023 HmacSha1
  • 0x0000002B HmacSha224
  • 0x00000033 HmacSha256
  • 0x0000003B AesCmac/AES-CBC-MAC-64 (CMAC, OMAC1)
  • 0x00000004 RNG
  • 0x0000000C Memset (ch is written to MacDevice offset 0x104. On FW 3.600.011, the ch is at offset 0x34)

Unlike for Dmac5, DES is not supported by Bigmac and it triggers hang up (to confirm). Note that if keysize is 128 or 192, DES is in fact 3DES. If both DES and SHA bits are set, DES bit is ignored and SHA command is executed.

Key sizes examples:

  • 0x00000101 Aes128EcbEncrypt
  • 0x00000102 Aes128EcbDecrypt
  • 0x00000201 Aes192EcbEncrypt
  • 0x00000202 Aes192EcbDecrypt
  • 0x00000301 Aes256EcbEncrypt
  • 0x00000302 Aes256EcbDecrypt
  • 0x00000109 Aes128CbcEncrypt
  • 0x0000010A Aes128CbcDecrypt
  • 0x00000209 Aes192CbcEncrypt
  • 0x0000020A Aes192CbcDecrypt
  • 0x00000309 Aes256CbcEncrypt
  • 0x0000030A Aes256CbcDecrypt
  • 0x0000013B Aes128Cmac/AES-CBC-MAC-128 (CMAC, OMAC1)
  • 0x0000023B Aes192Cmac/AES-CBC-MAC-192 (CMAC, OMAC1)
  • 0x0000033B Aes256Cmac/AES-CBC-MAC-256 (CMAC, OMAC1)

The following commands are known to be able to write to keyrings:

 * AesEcbEncrypt/Decrypt:
     Size is rounded up to multiple of 4.
     If size > 16, size = 16.
     
     Read |size| bytes from |src| into HW state.
     The remaining 16-|size| bytes of state *ARE KEPT FROM RESULT OF PREVIOUS AES OPERATION*.
     VULN! This allows key recovery of all slave keyrings during boot.
     
     The key written to keyring is always 16 bytes long, padded with 00's.
     
 * AesCbcEncrypt/Decrypt: Size is rounded up to multiple of 4. 
 * AesCtrEncrypt/Decrypt: Size is rounded up to multiple of 4.
 * AesCmac                Puts the 16 byte hash into keyring.
                          Bytes 16-31 are *FORCED* 0.
 * Sha1:                  Puts the 20 byte hash into keyring.
                          Bytes 20-31 are *FORCED* 0.
 * Sha224:                Puts the 28 byte hash into keyring.
                          Bytes 28-31 are *FORCED* 0.
 * Sha256:                Puts the 32 byte hash into keyring.
 * HmacSha1               Probably same as Sha1.
 * HmacSha256             Probably same as Sha256.
 * Rng

AesCtrEncrypt when having a keyring dst, still reads from src.

VULN! Any SHA with length==0 produces an output of all zeroes!

0xE0050104: Busy bigmac channels

RW Bitfield: bit0 - channel0 busy, bit1 - channel1 busy

0xE0050108: Disabled bigmac channels

RO Bitfield: bit0 - channel0 disabled, bit1 - channel1 disabled

0xE005011C: Bigmac exception status

* 0xE0050118: optional exception data such as illegal addr, RO
* 0xE005011C: exception bitfield (eg bit8 illegal read, bit9 illegal write, higher bits are OPids - interface, cmd, internal etc)

Once an exception occurs and the bitfield is set, you must ack by clearing it otherwise no further exceptions will be logged.

0xE0050200: Bigmac External Key

Size: 0x20 bytes

VULN! Allows partial overwrite. However when using keyring crypto, this key remains unaffected thus it cannot be used to recover keyring keys.

Bigmac Key Ring Base

See Cmep Key Ring Base.

All keyrings flags are reset when Cmep is reset.

 Keyrings lock list
   Location        Keyring       Clear    When
    first_loader |         0xA | 0x1C1F | decrypt_enc_body
                          0x20 | 0x1C1F | update_slsk_metadata_keys
                         0x207 | 0x1C1F | remove_slsk_personalization
                   0x208~0x20D | 0x1C1F | update_slsk_metadata_keys
                         0x20F | 0x1C0F | set first eMMC key
                         0x501 | 0x0800 | update_bigmac_key_0x501
                   0x700~0x7FF | 0x1000 | slsk_header_rsa_check
                   Any keyring | 0x1C1F | disable_bigmac_keys_by_header
   second_loader |       0x20E | 0x1FEF | set second eMMC key
   secure_kernel |         0x8 | 0x1FFE | on TZS communication
                     0x2~  0x7 | 0x1FFF | on TZS communication
                     0x9~  0xF | 0x1FFF | on TZS communication
                    0x11~ 0x21 | 0x1FFF | on TZS communication
                    0x25~ 0x2F | 0x1FFF | on TZS communication
                    0x35~ 0x7F | 0x1FFF | on TZS communication
                   0x101~0x17F | 0x1FFF | on TZS communication
                   0x200~0x203 | 0x1FFF | on TZS communication
                   0x206~0x20D | 0x1FFF | on TZS communication
                   0x20E~0x20F | 0x1FEF | on TZS communication
                   0x210~0x211 | 0x1FFF | on TZS communication
                   0x214~0x215 | 0x1FFF | on TZS communication
                         0x217 | 0x1FFF | on TZS communication
                   0x300~0x33F | 0x1FFF | on TZS communication
                   0x341~0x344 | 0x1FFF | on TZS communication
                   0x349~0x3FF | 0x1FFF | on TZS communication
                   0x400~0x47F | 0x1FFF | on TZS communication
                         0x50E | 0x0800 | on TZS communication
                   0x51C~0x57F | 0x1FFF | on TZS communication
                   0x605~0x607 | 0x1FFF | on TZS communication
                   0x700~0x7FF | 0x1FFF | on TZS communication

0xE0058000: Bigmac KeyRings

Size: 0x10000 bytes.

0xE0070000: SceEmmcController

Address Length Description
0xE0070000 4 Ex: 1. Set to 0, then 1 after writing to 0xE0070008.
0xE0070008 4 Set to 0x020E020F in second_loader. Probably also set to 0x020E020F in first_loader.
0xE007000C 4 Ex: 2.
0xE0070014 4 Set to 6 under some condition in second_loader.

0xE0070000: EmmcCrypto Toggle

Toggle: Set to 1 to enable eMMC crypto, 0 to disable.

0xE0070004: EmmcCrypto availability status

bit0 (& 1): boot device status - if set, Second Loader aborts.

0xE0070008: EmmcCrypto keyrings indexes

There are two 16-bit keyrings indexes.

Ex: 0x020E020F (set in 1.69-3.740.011 second_loader): keyrings 0x20E and 0x20F.

Only writeable.

If set to an invalid keyring, eMMC crypto is disabled.

0xE007000C: Unknown

Read value example: 2

0xE00C0000 - Cmep XBar