From c129256dd0f4294dd60c15605884ce9fc48a6058 Mon Sep 17 00:00:00 2001
From: Michael Scire <SciresM@gmail.com>
Date: Fri, 12 Jun 2020 11:01:47 -0700
Subject: [PATCH] exo: amend pk21 restrictions

---
 .../program/source/boot/secmon_boot_functions.cpp      | 10 ++++------
 .../include/exosphere/pkg1/pkg1_boot_config.hpp        |  8 ++++++--
 2 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/exosphere/program/source/boot/secmon_boot_functions.cpp b/exosphere/program/source/boot/secmon_boot_functions.cpp
index 08e42c8cc..b8782605a 100644
--- a/exosphere/program/source/boot/secmon_boot_functions.cpp
+++ b/exosphere/program/source/boot/secmon_boot_functions.cpp
@@ -135,14 +135,12 @@ namespace ams::secmon::boot {
 
     void UpdateBootConfigForPackage2Header(const pkg2::Package2Header &header) {
         /* Check for all-zeroes signature. */
-        bool is_decrypted = header.signature[0] == 0;
-        is_decrypted &= crypto::IsSameBytes(header.signature, header.signature + 1, sizeof(header.signature) - 1);
+        const bool is_unsigned = header.signature[0] == 0 && crypto::IsSameBytes(header.signature, header.signature + 1, sizeof(header.signature) - 1);
+        secmon::impl::GetBootConfigStorage()->signed_data.SetPackage2SignatureVerificationDisabled(is_unsigned);
 
         /* Check for valid magic. */
-        is_decrypted &= crypto::IsSameBytes(header.meta.magic, pkg2::Package2Meta::Magic::String, sizeof(header.meta.magic));
-
-        /* Set the setting in boot config. */
-        secmon::impl::GetBootConfigStorage()->signed_data.SetPackage2Decrypted(is_decrypted);
+        const bool is_decrypted = crypto::IsSameBytes(header.meta.magic, pkg2::Package2Meta::Magic::String, sizeof(header.meta.magic));
+        secmon::impl::GetBootConfigStorage()->signed_data.SetPackage2EncryptionDisabled(is_decrypted);
     }
 
     void VerifyPackage2HeaderSignature(pkg2::Package2Header &header, bool verify) {
diff --git a/libraries/libexosphere/include/exosphere/pkg1/pkg1_boot_config.hpp b/libraries/libexosphere/include/exosphere/pkg1/pkg1_boot_config.hpp
index 5d37aa2cd..8f67ab2f4 100644
--- a/libraries/libexosphere/include/exosphere/pkg1/pkg1_boot_config.hpp
+++ b/libraries/libexosphere/include/exosphere/pkg1/pkg1_boot_config.hpp
@@ -123,8 +123,12 @@ namespace ams::pkg1 {
             return (this->flags1[0] & (1 << 0)) != 0;
         }
 
-        constexpr void SetPackage2Decrypted(bool decrypted) {
-            this->flags |= decrypted ? 0x3 : 0x0;
+        constexpr void SetPackage2SignatureVerificationDisabled(bool decrypted) {
+            this->flags |= decrypted ? (1 << 1) : (0 << 0);
+        }
+
+        constexpr void SetPackage2EncryptionDisabled(bool decrypted) {
+            this->flags |= decrypted ? (1 << 0) : (0 << 0);
         }
     };
     static_assert(util::is_pod<BootConfigSignedData>::value);