http://goo.gl/C1NjP
來看看graf_chokolo放出的技術資料
HDD
* ENCDEC peripheral device is used for HDD encryption/decryption
主機上有一顆ENCDEC晶片作為加解密引擎,即時對硬碟的資料進行加解密動作
* Write request is first passed to ENCDEC device for encryption.
When ENCDEC device is done, it calls a callback and passes the
encrypted data to the callback. The callback writes the encrypted
data with ATA WriteDMAExt command to HDD.
當系統發出寫入要求時,ENCDEC會將資料加密,然後回傳給系統讓系統透過寫
入ATA WriteDMAExt 指令寫入硬碟。
* When a storage device request is processed by HV, Storage
Subsystem checks if cryptography is enabled for the storage device.
當存取儲存裝置的請求由HV發出時,控制儲存裝置的子系統會檢查加密機制是
否啟動。
* HV checks 1 byte of data owned by the storage device and when
the value of this flag is not 0 then it uses encryption/decryption.
HV只檢查 1個位元,該位元是加密開啟與否的旗標,如果是 0的話就關閉加密
機制。
* By setting this flag to 0 at runtime, encryption/decryption of
storage devices can be disabled at runtime.
因此,將該旗標設成 0,就可以將硬碟加密關閉。
* We could patch lv1.self so that encryption/decryption of
storage devices is disabled permanently.
同時,我們可以透過修改lv1.self檔案,永遠關閉加密機制(而不需要每次開
機都操作關閉的程序)。
* HDD sectors can be both decrypted and encrypted with HV calls
透過HV呼叫,也可以將硬碟的某個特定磁區加密或是解密。
UFS2
* Superblock starts at sector 0x80.
UFS2檔案系統的超級區塊(不知道是不是這樣翻)從0x80磁區開始
* At the end of the superblock structure you will find UFS2
signature 0x19540119.
超級區塊末端會有UFS2檔案系統的指紋0x19540119
--
○ ____ _ _ _ _ ____ _ _ ____ _____ ____
。 ★(_ _)( \( )( \/ )( ___)( \( )(_ _)( _ )( _ \
o _)(_ ) ( \ / )__) ) ( )( )(_)( ) / ● ‧
(____)(_)\_) \/ (____)(_)\_) (__) (_____)(_)\_) ★
o
--
來看看graf_chokolo放出的技術資料
HDD
* ENCDEC peripheral device is used for HDD encryption/decryption
主機上有一顆ENCDEC晶片作為加解密引擎,即時對硬碟的資料進行加解密動作
* Write request is first passed to ENCDEC device for encryption.
When ENCDEC device is done, it calls a callback and passes the
encrypted data to the callback. The callback writes the encrypted
data with ATA WriteDMAExt command to HDD.
當系統發出寫入要求時,ENCDEC會將資料加密,然後回傳給系統讓系統透過寫
入ATA WriteDMAExt 指令寫入硬碟。
* When a storage device request is processed by HV, Storage
Subsystem checks if cryptography is enabled for the storage device.
當存取儲存裝置的請求由HV發出時,控制儲存裝置的子系統會檢查加密機制是
否啟動。
* HV checks 1 byte of data owned by the storage device and when
the value of this flag is not 0 then it uses encryption/decryption.
HV只檢查 1個位元,該位元是加密開啟與否的旗標,如果是 0的話就關閉加密
機制。
* By setting this flag to 0 at runtime, encryption/decryption of
storage devices can be disabled at runtime.
因此,將該旗標設成 0,就可以將硬碟加密關閉。
* We could patch lv1.self so that encryption/decryption of
storage devices is disabled permanently.
同時,我們可以透過修改lv1.self檔案,永遠關閉加密機制(而不需要每次開
機都操作關閉的程序)。
* HDD sectors can be both decrypted and encrypted with HV calls
透過HV呼叫,也可以將硬碟的某個特定磁區加密或是解密。
UFS2
* Superblock starts at sector 0x80.
UFS2檔案系統的超級區塊(不知道是不是這樣翻)從0x80磁區開始
* At the end of the superblock structure you will find UFS2
signature 0x19540119.
超級區塊末端會有UFS2檔案系統的指紋0x19540119
--
○ ____ _ _ _ _ ____ _ _ ____ _____ ____
。 ★(_ _)( \( )( \/ )( ___)( \( )(_ _)( _ )( _ \
o _)(_ ) ( \ / )__) ) ( )( )(_)( ) / ● ‧
(____)(_)\_) \/ (____)(_)\_) (__) (_____)(_)\_) ★
o
--
All Comments