11.0.0-33: Difference between revisions
No edit summary |
|||
| Line 32: | Line 32: | ||
57 functions were updated, at least 48 of these are the actual functions used for handling SVCs. The lone function updated with v10.4 was updated with this version again. | 57 functions were updated, at least 48 of these are the actual functions used for handling SVCs. The lone function updated with v10.4 was updated with this version again. | ||
3 new functions used for validation with memory management were added (kernelpanic() on failure). This is a new security feature for the kernel heaps. By adding a MAC to the kernel heap [[Memory_Management#MemoryBlockHeader|memchunkhdr]] they can detect when it is modified by an outside DMA device. | 3 new functions used for validation with memory management were added (kernelpanic() on failure). This is a new security feature for the kernel heaps. By adding a MAC to the kernel heap [[Memory_Management#MemoryBlockHeader|memchunkhdr]] they can detect when it is modified by an outside DMA device ([[3DS_System_Flaws|gspwn]]). | ||
The function which initializes a memalloc heap had a major update (used for FCRAM memregions and the SlabHeap container). It is unknown precisely what this does, but presumably it generates a random MAC key based on svcGetSystemTick. | The function which initializes a memalloc heap had a major update (used for FCRAM memregions and the SlabHeap container). It is unknown precisely what this does, but presumably it generates a random MAC key based on svcGetSystemTick. | ||
| Line 40: | Line 40: | ||
u32* crypto_state = (u32*) r4; // Safe kernel memory. | u32* crypto_state = (u32*) r4; // Safe kernel memory. | ||
u32* data_ptr = (u32*) lr; // Unsafe FCRAM pointer. | u32* data_ptr = (u32*) lr; // Unsafe FCRAM pointer. | ||
r0 = crypto_state[16/4] // Load "key". | r0 = crypto_state[16/4] // Load "key". | ||
r1 = crypto_state[20/4] | r1 = crypto_state[20/4] | ||