Editing Boot Order
Jump to navigation
Jump to search
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 1: | Line 1: | ||
[[Category:Software]] | |||
== Boot Sequence == | == Boot Sequence == | ||
Power on: syscon boots from | Power on : syscon boots from it's internal (non-encrypted / dual banked) ROM *1 *2 | ||
+ syscon powers up various power subsystems | + syscon powers up various power subsystems | ||
+ syscon powers up cell and checks status | + syscon powers up cell and checks status | ||
+ syscon sends Cell configuration ring to Cell | + syscon sends Cell configuration ring to Cell | ||
+ syscon pulls the reset of Cell high -> Cell INIT | + syscon pulls the reset of Cell high -> Cell INIT | ||
Cell INIT: CELL boots from | Cell INIT: CELL boots from it's internal ROM *2 | ||
+ fetches encrypted bootldr off NAND (at address 0x000000) /NOR flash (at address 0xFC0000) | + Initialises I/O | ||
+ fetches encrypted bootldr off NAND (at address 0x000000) /NOR flash (at address 0xFC0000) | |||
+ | + Initialises RAM | ||
+ | + loads bootldr into Isolated SPU (SPE0) | ||
+ Runtime Secure Boot decrypts and verifies bootldr and executes | |||
+ bootldr decrypts lv0 which runs on PPU -> loaders INIT | + bootldr decrypts lv0 which runs on PPU -> loaders INIT | ||
loaders INIT: lv0 loads metldr (SPE2) | loaders INIT: lv0 loads metldr (SPE2) | ||
+ passes lv1ldr (which loads lv1) to metldr | + passes lv1ldr (which loads lv1) to metldr | ||
Line 22: | Line 21: | ||
*1) Read/Writeable with undocumented / should also be read/writeable through serial port and possible to switch it to the backup bank1 with backup_mode pulled high | *1) Read/Writeable with undocumented / should also be read/writeable through serial port and possible to switch it to the backup bank1 with backup_mode pulled high | ||
*2) | *2) CEX/Retail consoles go to standby with red light. SEX/SHOP/SECH will not standby, but instead boot through without waiting for powerbutton. Also check is done on all models if update is flagged to set it into firmware updating procedure | ||
*3) Partialy Read/Writeable | *3) Partialy Read/Writeable | ||
about the disabled SPE: syscon reads it’s internal (non-encrypted) eeprom @ 0x48C30 which is value 0×06 on all | about the disabled SPE: syscon reads it’s internal (non-encrypted) eeprom @ 0x48C30 which is value 0×06 on all CEX/Retail consoles and will set the cell config ring accordingly for 7 SPE’s. SPE0 and SPE2 are reserved for bootldr and metldr for isolation respectively. Setting the value to a nonworking state (e.g. 0×00, 0xFF, enabling a defective SPE or disabling a needed SPE for proper boot) might brick the console, locking you out from restoring the correct value to the syscon eeprom. | ||
=== References === | === References === | ||
* [http://www.multiupload.com/7STWIQ8PBF CellBEBootprocess.pdf (177.69 KB)]) | |||
* [http://www.multiupload.com/KZPVRP2JP8 CBE_Secure_SDK_Guide_v3.0.pdf (182.63 KB)]) | |||
* [http://www.multiupload.com/9L0M97K4CH CellBE_HIG_65nm_v1.01_8Jun2007.pdf (2.38 MB)]) | |||
* [http://www.multiupload.com/KERLEWC2PW CellBE_HIG_90nm_v1.5_30Nov2007_pub.pdf (2.38 MB)]) | |||
* [http://www.multiupload.com/7STWIQ8PBF CellBEBootprocess.pdf (177.69 KB)]) | |||
* [ | |||
* [ | |||
* [ | |||
== Chain of Trust == | == Chain of Trust == | ||
Line 63: | Line 56: | ||
| SPE(0) | | SPE(0) | ||
| Per Console Encrypted at factory | | Per Console Encrypted at factory | ||
| No <span style="color:red | | No <span style="color:red;">*</span> | ||
| No | |||
| Setup Primairy Hardware + load lv0 | |||
| No | | No | ||
|- | |- | ||
| lv0 (Level 0) | | lv0 (Level 0) | ||
Line 75: | Line 68: | ||
| No | | No | ||
| Setup Hardware | | Setup Hardware | ||
| | | No | ||
|- | |- | ||
| metldr (asecure_loader) | | metldr (asecure_loader) | ||
Line 81: | Line 74: | ||
| SPE(2) | | SPE(2) | ||
| Per Console Encrypted at factory | | Per Console Encrypted at factory | ||
| No <span style="color:red | | No <span style="color:red;">*</span> | ||
| No | | No | ||
| | | load loaders (Meta Loader) | ||
| Yes | | Yes | ||
|- | |- | ||
Line 92: | Line 85: | ||
| Yes | | Yes | ||
| No | | No | ||
| Decrypt lv1 (Hypervisor) | | Decrypt lv1 (Hypervisor) | ||
| Yes | | Yes | ||
|- | |- | ||
Line 131: | Line 124: | ||
| Yes | | Yes | ||
|} | |} | ||
<span style="color:red | <span style="color:red;">*</span> : ofcourse with new hardware revisions, it is updated in factory. See [[Flash#new_metldr.2]] | ||
== Chain of trust Diagram == | == Chain of trust Diagram == | ||
Line 140: | Line 133: | ||
* http://www.ibm.com/developerworks/power/library/pa-cellsecurity/ | * http://www.ibm.com/developerworks/power/library/pa-cellsecurity/ | ||
== Changes in firmware 3.60 == | == Changes in firmware 3.60 == | ||
Lv0 has now been changed, LV0 now appears to encapsulate all of the | Lv0 has now been changed, LV0 now appears to encapsulate all of the loaders (appldr, isoldr, lv1ldr, lv2ldr). Now in order to break the chain of trust we need to be able to decrypt/exploit LV0 (or bootldr which loads LV0). | ||
=== Chain of trust Diagram 3.60++ === | === Chain of trust Diagram 3.60++ === | ||
<table width="100%" align="left"><tr><td align="left">[[File:Ps3-cryptochain-360.png|800px|thumb|left|LV0 with encapsulated loaders (appldr, isoldr, lv1ldr, lv2ldr).)]]</tr></table> | <table width="100%" align="left"><tr><td align="left">[[File:Ps3-cryptochain-360.png|800px|thumb|left|LV0 with encapsulated loaders (appldr, isoldr, lv1ldr, lv2ldr).)]]</tr></tr></table><br /> | ||
== | === CoreOS PKG Filelisting === | ||
{| border="1" cellspacing="0" cellpadding="5" border="#999" class="wikitable" style="border:1px solid #999; border-collapse: collapse;" | |||
lv0 -> | |- bgcolor="#cccccc" | ||
! File !! 1.00-1.94 !! 2.00-2.36 !! 2.40-3.01 !! 3.10-3.42 !! 3.50-3.55 !! 3.56 !! 3.60-4.00 !! Loaded by<br />(upper chain of trust) !! Loads<br />(lower chain of trust) !! notes | |||
{{ | |- | ||
| aim_spu_module.self || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || || || | |||
|- | |||
| appldr || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{No}} || metldr/lv0 || vsh.self || Application Loader (userlevel) | |||
|- | |||
| creserved_0 || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || || || FF-filled file | |||
|- | |||
| default.spp || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || spp_verifier.self || || profiles for LPARs | |||
|- | |||
| emer_init.self || {{No}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || lv2.self ? || || recovery menu | |||
|- | |||
| eurus_fw.bin || {{No}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || || || | |||
|- | |||
| hdd_copy.self || {{No}} || {{No}} || {{No}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || || || | |||
|- | |||
| isoldr || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{No}} || metldr/lv0 || manu_info_spu_module.self, mc_iso_spu_module.self, me_iso_for_ps2emu.self, me_iso_spu_module.self, sb_iso_spu_module.self, sc_iso.self, sv_iso_for_ps2emu.self. sv_iso_spu_module.self || Isolation Loader (securelevel) | |||
|- | |||
| lv0 || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || bootldr || {appldr, isoldr, lv1ldr, lv2ldr} (parsed through metldr?)|| | |||
|- | |||
| lv0.2 || {{No}} || {{No}} || {{No}} || {{No}} || {{No}} || {{No}} || {{Yes}} || lv0 || || | |||
|- | |||
| lv1.self || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || lv1ldr || || Hypervisor | |||
|- | |||
| lv1ldr || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{No}} || metldr/lv0 || lv1.self || Hypervisor Loader | |||
|- | |||
| lv2_kernel.self || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || lv2ldr || || Supervisor Kernel | |||
|- | |||
| lv2ldr || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{No}} || metldr/lv0 || lv2_kernel.self || Supervisor Loader (kernellevel) | |||
|- | |||
| manu_info_spu_module.self || {{No}} || {{No}} || {{No}} || {{No}} || {{Yes}} || {{Yes}} || {{Yes}} || || || | |||
|- | |||
| mc_iso_spu_module.self || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || isoldr || || ss_iso_dma_data, spulib_spu <!--//ps2 disc encryption, auth//--> | |||
|- | |||
| me_iso_for_ps2emu.self || {{No}} || {{No}} || {{No}} || {{No}} || {{No}} || {{No}} || {{Yes}} || isoldr || ps2_emu.self, ps2_gxemu.self, ps2_softemu.self || ss_iso_dma_data, spulib_spu <!--//ps2 disc encryption, auth//--> | |||
|- | |||
| me_iso_spu_module.self || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || isoldr || || ss_iso_dma_data, spulib_spu <!--//ps2 disc encryption, auth//--> | |||
|- | |||
| pkg.srvk || {{No}} || {{No}} || {{No}} || {{No}} || {{No}} || {{Yes}} || {{Yes}} || spu_pkg_rvk_verifier.self ? || || signed revokelist | |||
|- | |||
| prog.srvk || {{No}} || {{No}} || {{No}} || {{No}} || {{No}} || {{Yes}} || {{Yes}} || spu_pkg_rvk_verifier.self ? || || signed revokelist | |||
|- | |||
| sb_iso_spu_module.self || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || isoldr || || ss_iso_dma_data, spulib_spu <!--//ps3 bluray auth, crypto//--> | |||
|- | |||
| sc_iso.self || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || isoldr ? || || | |||
|- | |||
| sdk_version || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || - || - || textfile noting version | |||
|- | |||
| spp_verifier.self || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || isoldr || default.spp || | |||
|- | |||
| spu_pkg_rvk_verifier.self || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || || || | |||
|- | |||
| spu_token_processor.self || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || || || | |||
|- | |||
| spu_utoken_processor.self || {{No}} || {{No}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || || || | |||
|- | |||
| sv_iso_for_ps2emu.self || {{No}} || {{No}} || {{No}} || {{No}} || {{No}} || {{No}} || {{Yes}} || isoldr || ps2_emu.self, ps2_gxemu.self, ps2_softemu.self || ss_iso_dma_data, spulib_spu <!--//ps2 disc encryption, auth//--> | |||
|- | |||
| sv_iso_spu_module.self || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || {{Yes}} || isoldr || || ss_iso_dma_data, spulib_spu <!--//ps3 bluray auth, crypto, 'PS3_L_DEBUG_DISC' //--> | |||
|- | |||
|} |