Secure Kernel
Jump to navigation
Jump to search
Debug prints
secure_kernel supports tracing to a buffer.
Enabled by -7FF8h($gp) being non-zero. Out-buf address is stored in -7FF4($gp). It writes in a loop, 16 bytes at a time, inserting a null-terminator at buf[15] each "line".
After out-buf is written, writes 0x20000 to 0xE0000000. This will either signal ARM or disable ARM communications. Then inf-loop, this is a panic function.
Print types
Addresses are xored with a stack cookie that's fixed for all functions.
SuspendEncrypt BadAddr: 00000003 SWI 1 BadAddr: 00000004 SWI 1 UnreachableCode: 00000006 SWI 7 UnreachableCode: 00000007 Addrcheck IntegerOverflow Food: 0000000B Addrcheck IntegerOverflow Kernel: 0000000B Addrcheck IntegerOverflow Module: 0000000C IRQ register func w irq enabled: 0000000E Force exit dmac w irq enabled: 0000000F Crypto irq enabled: 00000010 Resuming suspendbuf w irq enabled: 00000012 Creating suspendbuf w irq enabled: 00000013 Reset: 00000014 <xored-exception-lr> <xored-exception-pc> <exception-lr> RI: 00000015 <xored-exception-pc> ZDIV: 00000016 <xored-exception-pc> Trace: 00000017 <func-addr> SWI 7: 00000018 <xored-r1> DMAC when updating suspendbuf key: 00000019 <ret-val> DMAC cmac bad enum: 0000001A <enum-value> Bad enum to suspend AES-CBC function: 0000001B <enum-value> Generating new suspendbuf key failed: 0000001C Creating suspendbuf w irq8 module-registered: 0000001D Addrcheck IntegerOverflow Tz: 0000001E Addrcheck IntegerOverflow Tz2: 0000001F Bad ptr to suspend AES-CBC function: 00000020 IRQ register func w bad irq number: 00000022 Recieved unknown IRQ: 00000023