Talk:Non Volatile Storage: Difference between revisions
m (→bank 2) |
No edit summary |
||
| Line 79: | Line 79: | ||
whole nvs storage is accesible via /dev/sflash0s0x34 and size is 49152bytes probably | whole nvs storage is accesible via /dev/sflash0s0x34 and size is 49152bytes probably | ||
= From EMC = | |||
<pre> | |||
storage_part0_desc struc_142370 <0, 0, 0x1C4000, 0x1000, 1, 0, 0, 0> | |||
storage_part1_desc struc_142370 <1, 0x1000, 0x1C5000, 0x1000, 1, 1, 0x1CE000, 0x1CF000> | |||
storage_part2_desc struc_142370 <2, 0x2000, 0x1C6000, 0x1000, 1, 0, 0, 0> | |||
storage_part3_desc struc_142370 <3, 0x3000, 0x1C7000, 0x1000, 1, 0, 0, 0> | |||
storage_part4_desc struc_142370 <4, 0x4000, 0x1C8000, 0x800, 1, 0, 0, 0> | |||
storage_part5_desc struc_142370 <5, 0x4800, 0x1C8800, 0x800, 1, 0, 0, 0> | |||
storage_part6_desc struc_142370 <6, 0x5000, 0x1C9000, 0x3000, 1, 0, 0, 0> | |||
</pre> | |||
Revision as of 16:51, 5 October 2021
some findings i have found you can delete if want :) kernel 1.76 Non Volatile Storage
sceSblDevActVerifyCheckExpire: icc_nvs_read(0LL, 4uLL, 0x80LL, 0x68uLL, &data_ptr); icc_nvs_read(0LL, 4uLL, 0x900LL, 0x100uLL, &v12);
read_idstorage:??? icc_nvs_read(0LL, 4uLL, LOWORD(dword_FFFFFFFF82A484D4[v8]), v9, a2);
g_crypt_deferred_init: icc_nvs_read(0LL, 4uLL, 0x200LL, 0x40-0x60, &enc_eap_key_);
srtc_create_dev: icc_nvs_read(0LL, 4uLL, 0x2CC0LL(maybe0x2c00LL), 0x20uLL, &data_ptr[v18]);
wlan related TRSW wlan/bt power state/mode:??? icc_nvs_read(0LL, 4uLL, 0x30LL, 1uLL, &data_ptr)
sub_FFFFFFFF82751F70:wlan related TRSW??? icc_nvs_read(0LL, 1uLL, 0x40LL, 0x10uLL, (v2 + 1096))
regMgrNvsSpInit: icc_nvs_read(0LL, 4uLL, 0x1600LL, 0x20uLL, &qword_FFFFFFFF8346C520);
sub_FFFFFFFF826A9AC0: icc_nvs_read(0LL, 4uLL, 0x1000LL, 0x300uLL, PrivateStorageAddr1_ptr); icc_nvs_read(0LL, 4uLL, 0x1300LL, 0x300uLL, PrivateStorageAddr2_ptr);
get_extra_clock:aeolia_rtc_??? icc_nvs_read(0LL, 4uLL, 0x50LL, 1uLL, &off_FFFFFFFF83377C99)
iccnvs_kproc: icc_nvs_read(0LL, *(*(v6 + 2) + 0x20LL), *(v6 + 12), *(v6 + 16), *(v6 + 5))
sub_FFFFFFFF8262DC60:sysctl_machdep_cavern_dvt1_init_update: current_mode: ??? icc_nvs_read(0LL, 4uLL, 0x21LL, 1uLL, &data_ptr);
lvp_configure_tccds: icc_nvs_read(0LL, 4uLL, 0x322LL, 1uLL, &data_ptr);
manumode: icc_nvs_read(0LL, 4uLL, 0x2C00LL, 0x20uLL, &data_ptr);
init_safe_mode mode ??? icc_nvs_read(0LL, 4uLL, 0x20LL, 1uLL, &data_ptr)
sce_cam_error_log_read: icc_nvs_read(0LL, 4uLL, 0x100LL, 0x100uLL, &data_ptr);
sub_FFFFFFFF827D2F50:qafutkn ??? icc_nvs_read(1LL, 4uLL, 0x0a00LL, 0x190uLL, &data_ptr);
sub_FFFFFFFF827D8E30:??? icc_nvs_write(0LL, 4uLL, 0LL, 0x20uLL, &dipsw_FFFFFFFF836C0090);
About EAP Hdd Key
- sceSblGetEAPInternalPartitionKey((__int64)&unk_FFFFFFFF836C0000, &unk_FFFFFFFF836BC010, a2, a3, v7) )
- seems to contain 2 buffers
- unk_FFFFFFFF836C0000 (0x70) <- encrypted eap_hdd_key ?
- unk_FFFFFFFF836BC010 (0x70) <- decrypted eap_hdd_key ?
you have right
v7 = icc_nvs_read(0LL, 4uLL, 0x200LL, v2, &enc_eap_key_);
if ( v7 )
{
v12 = v7;
printf("icc_nvs_read failed: %d\n", v7, v8, v9, v10, v11, v19);
panic("eap key not available", v12, v13, v14, v15, v16, v20);
}
printf("g_crypt_deferred_init: calling CCP\n", 4LL, v8, v9, v10, v11, v19);
v12 = &eap_key_;
if ( sceSblGetEAPInternalPartitionKey(&enc_eap_key_, &eap_key_) )
bank 2
bank2 isnt probably backup bank its accessed by sub_FFFFFFFF827D2F50:qafutkn ??? icc_nvs_read(1LL, 4uLL, 0x0a00LL, 0x190uLL, &data_ptr);
whole nvs storage is accesible via /dev/sflash0s0x34 and size is 49152bytes probably
From EMC
storage_part0_desc struc_142370 <0, 0, 0x1C4000, 0x1000, 1, 0, 0, 0> storage_part1_desc struc_142370 <1, 0x1000, 0x1C5000, 0x1000, 1, 1, 0x1CE000, 0x1CF000> storage_part2_desc struc_142370 <2, 0x2000, 0x1C6000, 0x1000, 1, 0, 0, 0> storage_part3_desc struc_142370 <3, 0x3000, 0x1C7000, 0x1000, 1, 0, 0, 0> storage_part4_desc struc_142370 <4, 0x4000, 0x1C8000, 0x800, 1, 0, 0, 0> storage_part5_desc struc_142370 <5, 0x4800, 0x1C8800, 0x800, 1, 0, 0, 0> storage_part6_desc struc_142370 <6, 0x5000, 0x1C9000, 0x3000, 1, 0, 0, 0>