mirrors/Atmosphere
1
0
Fork 0
mirror of https://github.com/Atmosphere-NX/Atmosphere.git synced 2024-09-19 23:38:52 -04:00
Code Issues Projects Releases Packages Wiki Activity

spl: Loosen keyslot restrictions on 1.0.0

Browse source
This commit is contained in:
Michael Scire 2019-04-25 11:36:23 -07:00
parent 51858e732a
commit 0d4a0348b5
1 changed files with 12 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
stratosphere/spl/source/spl_secmon_wrapper.cpp
View file

@ -560,6 +560,12 @@ Result SecureMonitorWrapper::ComputeCmac(Cmac *out_cmac, u32 keyslot, const void
} }
Result SecureMonitorWrapper::AllocateAesKeyslot(u32 *out_keyslot, const void *owner) { Result SecureMonitorWrapper::AllocateAesKeyslot(u32 *out_keyslot, const void *owner) {
if (GetRuntimeFirmwareVersion() <= FirmwareVersion_100) {
/* On 1.0.0, keyslots were kind of a wild west. */
*out_keyslot = 0;
return ResultSuccess;
}
for (size_t i = 0; i < GetMaxKeyslots(); i++) { for (size_t i = 0; i < GetMaxKeyslots(); i++) {
if (this->keyslot_owners[i] == 0) { if (this->keyslot_owners[i] == 0) {
this->keyslot_owners[i] = owner; this->keyslot_owners[i] = owner;
@ -576,13 +582,18 @@ Result SecureMonitorWrapper::ValidateAesKeyslot(u32 keyslot, const void *owner)
if (keyslot >= GetMaxKeyslots()) { if (keyslot >= GetMaxKeyslots()) {
return ResultSplInvalidKeyslot; return ResultSplInvalidKeyslot;
} }
if (this->keyslot_owners[keyslot] != owner) { if (this->keyslot_owners[keyslot] != owner && GetRuntimeFirmwareVersion() > FirmwareVersion_100) {
return ResultSplInvalidKeyslot; return ResultSplInvalidKeyslot;
} }
return ResultSuccess; return ResultSuccess;
} }
Result SecureMonitorWrapper::FreeAesKeyslot(u32 keyslot, const void *owner) { Result SecureMonitorWrapper::FreeAesKeyslot(u32 keyslot, const void *owner) {
if (GetRuntimeFirmwareVersion() <= FirmwareVersion_100) {
/* On 1.0.0, keyslots were kind of a wild west. */
return ResultSuccess;
}
Result rc = ValidateAesKeyslot(keyslot, owner); Result rc = ValidateAesKeyslot(keyslot, owner);
if (R_FAILED(rc)) { if (R_FAILED(rc)) {
return rc; return rc;