5,579
edits
Changes
Jump to navigation
Jump to search
Line 20:
Line 20: +
no edit summary
::::::2) when shutting down it does boot (as seen by bootmii booting up) and that somehow kills some kind of flag MIOS sets up. i always thought the bootstate told SM that it was shutting down, but something else is also going on. does BC boot mios directly? --[[User:DacoTaco|DacoTaco]] ([[User talk:DacoTaco|talk]]) 09:26, 2 May 2021 (CEST)
::::::2) when shutting down it does boot (as seen by bootmii booting up) and that somehow kills some kind of flag MIOS sets up. i always thought the bootstate told SM that it was shutting down, but something else is also going on. does BC boot mios directly? --[[User:DacoTaco|DacoTaco]] ([[User talk:DacoTaco|talk]]) 09:26, 2 May 2021 (CEST)
:::::::I can now confirm that BC did have the signing bug and it was fixed in v4; the function that checks the signature can be found by looking for the hex constant 0x000ac004 in memory, and then looking at either of the two function calls with that value as a parameter (both of which just call another function that does the actual check). In v2, there's a call to strncmp at ffff2236. In later versions, they do the comparison directly (at around ffff0fd2 (v4) or ffff0fca (v5, v6)). I'm still not sure what it's actually checking the signature ''of''; figuring that out would require a deeper understanding of the way NAND is laid out I think. --[[User:Pokechu22|Pokechu22]] ([[User talk:Pokechu22|talk]]) 22:26, 2 May 2021 (CEST)
:::::::I can now confirm that BC did have the signing bug and it was fixed in v4; the function that checks the signature can be found by looking for the hex constant 0x000ac004 in memory, and then looking at either of the two function calls with that value as a parameter (both of which just call another function that does the actual check). In v2, there's a call to strncmp at ffff2236. In later versions, they do the comparison directly (at around ffff0fd2 (v4) or ffff0fca (v5, v6)). I'm still not sure what it's actually checking the signature ''of''; figuring that out would require a deeper understanding of the way NAND is laid out I think. --[[User:Pokechu22|Pokechu22]] ([[User talk:Pokechu22|talk]]) 22:26, 2 May 2021 (CEST)
::::::::Does the signature code actually get called though? I know boot2v3 fixed the signing bug in boot2, even though boot2 never called the signature verification code. [[User:Hallowizer|Hallowizer]] ([[User talk:Hallowizer|talk]]) 23:09, 2 May 2021 (CEST)