Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
CTCaer
GitHub Repository: CTCaer/hekate
 Path: blob/master/bdk/storage/nx_emmc_bis.c
1476 views
1
/*

2
 * eMMC BIS driver for Nintendo Switch

3
 *

4
 * Copyright (c) 2019-2020 shchmue

5
 * Copyright (c) 2019-2022 CTCaer

6
 *

7
 * This program is free software; you can redistribute it and/or modify it

8
 * under the terms and conditions of the GNU General Public License,

9
 * version 2, as published by the Free Software Foundation.

10
 *

11
 * This program is distributed in the hope it will be useful, but WITHOUT

12
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

13
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for

14
 * more details.

15
 *

16
 * You should have received a copy of the GNU General Public License

17
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.

18
 */

19


20
#include <string.h>

21


22
#include <memory_map.h>

23


24
#include <mem/heap.h>

25
#include <sec/se.h>

26
#include <storage/emmc.h>

27
#include <storage/sd.h>

28
#include <storage/sdmmc.h>

29
#include <utils/types.h>

30


31
#define BIS_CLUSTER_SECTORS   32

32
#define BIS_CLUSTER_SIZE      16384

33
#define BIS_CACHE_MAX_ENTRIES 16384

34
#define BIS_CACHE_LOOKUP_TBL_EMPTY_ENTRY -1

35


36
typedef struct _cluster_cache_t

37
{

38
	u32  cluster_idx;            // Index of the cluster in the partition.

39
	bool dirty;                  // Has been modified without write-back flag.

40
	u8   data[BIS_CLUSTER_SIZE]; // The cached cluster itself. Aligned to 8 bytes for DMA engine.

41
} cluster_cache_t;

42


43
typedef struct _bis_cache_t

44
{

45
	bool full;

46
	bool enabled;

47
	u32  dirty_cnt;

48
	u32  top_idx;

49
	u8   dma_buff[BIS_CLUSTER_SIZE]; // Aligned to 8 bytes for DMA engine.

50
	cluster_cache_t clusters[];

51
} bis_cache_t;

52


53
static u8  ks_crypt = 0;

54
static u8  ks_tweak = 0;

55
static u32 emu_offset = 0;

56
static emmc_part_t *system_part = NULL;

57
static u32 *cache_lookup_tbl = (u32 *)NX_BIS_LOOKUP_ADDR;

58
static bis_cache_t *bis_cache = (bis_cache_t *)NX_BIS_CACHE_ADDR;

59


60
static int nx_emmc_bis_write_block(u32 sector, u32 count, void *buff, bool flush)

61
{

62
	if (!system_part)

63
		return 3; // Not ready.

64


65
	int res;

66
	u8   tweak[SE_KEY_128_SIZE] __attribute__((aligned(4)));

67
	u32  cluster = sector / BIS_CLUSTER_SECTORS;

68
	u32  aligned_sector = cluster * BIS_CLUSTER_SECTORS;

69
	u32  sector_in_cluster = sector % BIS_CLUSTER_SECTORS;

70
	u32  lookup_idx = cache_lookup_tbl[cluster];

71
	bool is_cached = lookup_idx != (u32)BIS_CACHE_LOOKUP_TBL_EMPTY_ENTRY;

72


73
	// Write to cached cluster.

74
	if (is_cached)

75
	{

76
		if (buff)

77
			memcpy(bis_cache->clusters[lookup_idx].data + sector_in_cluster * EMMC_BLOCKSIZE, buff, count * EMMC_BLOCKSIZE);

78
		else

79
			buff = bis_cache->clusters[lookup_idx].data;

80
		if (!bis_cache->clusters[lookup_idx].dirty)

81
			bis_cache->dirty_cnt++;

82
		bis_cache->clusters[lookup_idx].dirty = true;

83


84
		if (!flush)

85
			return 0; // Success.

86


87
		// Reset args to trigger a full cluster flush to emmc.

88
		sector_in_cluster = 0;

89
		sector = aligned_sector;

90
		count = BIS_CLUSTER_SECTORS;

91
	}

92


93
	// Encrypt cluster.

94
	if (!se_aes_xts_crypt_sec_nx(ks_tweak, ks_crypt, ENCRYPT, cluster, tweak, true, sector_in_cluster, bis_cache->dma_buff, buff, count * EMMC_BLOCKSIZE))

95
		return 1; // Encryption error.

96


97
	// If not reading from cache, do a regular read and decrypt.

98
	if (!emu_offset)

99
		res = emmc_part_write(system_part, sector, count, bis_cache->dma_buff);

100
	else

101
		res = sdmmc_storage_write(&sd_storage, emu_offset + system_part->lba_start + sector, count, bis_cache->dma_buff);

102
	if (!res)

103
		return 1; // R/W error.

104


105
	// Mark cache entry not dirty if write succeeds.

106
	if (is_cached)

107
	{

108
		bis_cache->clusters[lookup_idx].dirty = false;

109
		bis_cache->dirty_cnt--;

110
	}

111


112
	return 0; // Success.

113
}

114


115
static void _nx_emmc_bis_cluster_cache_init(bool enable_cache)

116
{

117
	u32 cache_lookup_tbl_size = (system_part->lba_end - system_part->lba_start + 1) / BIS_CLUSTER_SECTORS * sizeof(*cache_lookup_tbl);

118


119
	// Clear cache header.

120
	memset(bis_cache, 0, sizeof(bis_cache_t));

121


122
	// Clear cluster lookup table.

123
	memset(cache_lookup_tbl, BIS_CACHE_LOOKUP_TBL_EMPTY_ENTRY, cache_lookup_tbl_size);

124


125
	// Enable cache.

126
	bis_cache->enabled = enable_cache;

127
}

128


129
static void _nx_emmc_bis_flush_cache()

130
{

131
	if (!bis_cache->enabled || !bis_cache->dirty_cnt)

132
		return;

133


134
	for (u32 i = 0; i < bis_cache->top_idx && bis_cache->dirty_cnt; i++)

135
	{

136
		if (bis_cache->clusters[i].dirty) {

137
			nx_emmc_bis_write_block(bis_cache->clusters[i].cluster_idx * BIS_CLUSTER_SECTORS, BIS_CLUSTER_SECTORS, NULL, true);

138
			bis_cache->dirty_cnt--;

139
		}

140
	}

141


142
	_nx_emmc_bis_cluster_cache_init(true);

143
}

144


145
static int nx_emmc_bis_read_block_normal(u32 sector, u32 count, void *buff)

146
{

147
	static u32 prev_cluster = -1;

148
	static u32 prev_sector = 0;

149
	static u8  tweak[SE_KEY_128_SIZE] __attribute__((aligned(4)));

150


151
	int  res;

152
	bool regen_tweak = true;

153
	u32  tweak_exp = 0;

154
	u32  cluster = sector / BIS_CLUSTER_SECTORS;

155
	u32  sector_in_cluster = sector % BIS_CLUSTER_SECTORS;

156


157
	// If not reading from cache, do a regular read and decrypt.

158
	if (!emu_offset)

159
		res = emmc_part_read(system_part, sector, count, bis_cache->dma_buff);

160
	else

161
		res = sdmmc_storage_read(&sd_storage, emu_offset + system_part->lba_start + sector, count, bis_cache->dma_buff);

162
	if (!res)

163
		return 1; // R/W error.

164


165
	if (prev_cluster != cluster) // Sector in different cluster than last read.

166
	{

167
		prev_cluster = cluster;

168
		tweak_exp = sector_in_cluster;

169
	}

170
	else if (sector > prev_sector) // Sector in same cluster and past last sector.

171
	{

172
		// Calculates the new tweak using the saved one, reducing expensive _gf256_mul_x_le calls.

173
		tweak_exp = sector - prev_sector - 1;

174
		regen_tweak = false;

175
	}

176
	else // Sector in same cluster and before or same as last sector.

177
		tweak_exp = sector_in_cluster;

178


179
	// Maximum one cluster (1 XTS crypto block 16KB).

180
	if (!se_aes_xts_crypt_sec_nx(ks_tweak, ks_crypt, DECRYPT, prev_cluster, tweak, regen_tweak, tweak_exp, buff, bis_cache->dma_buff, count * EMMC_BLOCKSIZE))

181
		return 1; // R/W error.

182


183
	prev_sector = sector + count - 1;

184


185
	return 0; // Success.

186
}

187


188
static int nx_emmc_bis_read_block_cached(u32 sector, u32 count, void *buff)

189
{

190
	int res;

191
	u8  cache_tweak[SE_KEY_128_SIZE] __attribute__((aligned(4)));

192
	u32 cluster = sector / BIS_CLUSTER_SECTORS;

193
	u32 cluster_sector = cluster * BIS_CLUSTER_SECTORS;

194
	u32 sector_in_cluster = sector % BIS_CLUSTER_SECTORS;

195
	u32 lookup_idx = cache_lookup_tbl[cluster];

196


197
	// Read from cached cluster.

198
	if (lookup_idx != (u32)BIS_CACHE_LOOKUP_TBL_EMPTY_ENTRY)

199
	{

200
		memcpy(buff, bis_cache->clusters[lookup_idx].data + sector_in_cluster * EMMC_BLOCKSIZE, count * EMMC_BLOCKSIZE);

201


202
		return 0; // Success.

203
	}

204


205
	// Flush cache if full.

206
	if (bis_cache->top_idx >= BIS_CACHE_MAX_ENTRIES)

207
		_nx_emmc_bis_flush_cache();

208


209
	// Set new cached cluster parameters.

210
	bis_cache->clusters[bis_cache->top_idx].cluster_idx = cluster;

211
	bis_cache->clusters[bis_cache->top_idx].dirty = false;

212
	cache_lookup_tbl[cluster] = bis_cache->top_idx;

213


214
	// Read the whole cluster the sector resides in.

215
	if (!emu_offset)

216
		res = emmc_part_read(system_part, cluster_sector, BIS_CLUSTER_SECTORS, bis_cache->dma_buff);

217
	else

218
		res = sdmmc_storage_read(&sd_storage, emu_offset + system_part->lba_start + cluster_sector, BIS_CLUSTER_SECTORS, bis_cache->dma_buff);

219
	if (!res)

220
		return 1; // R/W error.

221


222
	// Decrypt cluster.

223
	if (!se_aes_xts_crypt_sec_nx(ks_tweak, ks_crypt, DECRYPT, cluster, cache_tweak, true, 0, bis_cache->dma_buff, bis_cache->dma_buff, BIS_CLUSTER_SIZE))

224
		return 1; // Decryption error.

225


226
	// Copy to cluster cache.

227
	memcpy(bis_cache->clusters[bis_cache->top_idx].data, bis_cache->dma_buff, BIS_CLUSTER_SIZE);

228
	memcpy(buff, bis_cache->dma_buff + sector_in_cluster * EMMC_BLOCKSIZE, count * EMMC_BLOCKSIZE);

229


230
	// Increment cache count.

231
	bis_cache->top_idx++;

232


233
	return 0; // Success.

234
}

235


236
static int nx_emmc_bis_read_block(u32 sector, u32 count, void *buff)

237
{

238
	if (!system_part)

239
		return 3; // Not ready.

240


241
	if (bis_cache->enabled)

242
		return nx_emmc_bis_read_block_cached(sector, count, buff);

243
	else

244
		return nx_emmc_bis_read_block_normal(sector, count, buff);

245
}

246


247
int nx_emmc_bis_read(u32 sector, u32 count, void *buff)

248
{

249
	u8 *buf = (u8 *)buff;

250
	u32 curr_sct = sector;

251


252
	while (count)

253
	{

254
		// Get sector index in cluster and use it as boundary check.

255
		u32 cnt_max = (curr_sct % BIS_CLUSTER_SECTORS);

256
		cnt_max = BIS_CLUSTER_SECTORS - cnt_max;

257


258
		u32 sct_cnt = MIN(count, cnt_max); // Only allow cluster sized access.

259


260
		if (nx_emmc_bis_read_block(curr_sct, sct_cnt, buf))

261
			return 0;

262


263
		count    -= sct_cnt;

264
		curr_sct += sct_cnt;

265
		buf      += sct_cnt * EMMC_BLOCKSIZE;

266
	}

267


268
	return 1;

269
}

270


271
int nx_emmc_bis_write(u32 sector, u32 count, void *buff)

272
{

273
	u8 *buf = (u8 *)buff;

274
	u32 curr_sct = sector;

275


276
	while (count)

277
	{

278
		// Get sector index in cluster and use it as boundary check.

279
		u32 cnt_max = (curr_sct % BIS_CLUSTER_SECTORS);

280
		cnt_max = BIS_CLUSTER_SECTORS - cnt_max;

281


282
		u32 sct_cnt = MIN(count, cnt_max); // Only allow cluster sized access.

283


284
		if (nx_emmc_bis_write_block(curr_sct, sct_cnt, buf, false))

285
			return 0;

286


287
		count    -= sct_cnt;

288
		curr_sct += sct_cnt;

289
		buf      += sct_cnt * EMMC_BLOCKSIZE;

290
	}

291


292
	return 1;

293
}

294


295
void nx_emmc_bis_init(emmc_part_t *part, bool enable_cache, u32 emummc_offset)

296
{

297
	system_part = part;

298
	emu_offset = emummc_offset;

299


300
	_nx_emmc_bis_cluster_cache_init(enable_cache);

301


302
	if (!strcmp(part->name, "PRODINFO") || !strcmp(part->name, "PRODINFOF"))

303
	{

304
		ks_crypt = 0;

305
		ks_tweak = 1;

306
	}

307
	else if (!strcmp(part->name, "SAFE"))

308
	{

309
		ks_crypt = 2;

310
		ks_tweak = 3;

311
	}

312
	else if (!strcmp(part->name, "SYSTEM") || !strcmp(part->name, "USER"))

313
	{

314
		ks_crypt = 4;

315
		ks_tweak = 5;

316
	}

317
	else

318
		system_part = NULL;

319
}

320


321
void nx_emmc_bis_end()

322
{

323
	_nx_emmc_bis_flush_cache();

324
	system_part = NULL;

325
}

326


327