Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

iPhone 3GS w/ iOS 6.0 kernel patch fails #142

Open
GoogleCodeExporter opened this issue Feb 16, 2016 · 1 comment
Open

iPhone 3GS w/ iOS 6.0 kernel patch fails #142

GoogleCodeExporter opened this issue Feb 16, 2016 · 1 comment

Comments

@GoogleCodeExporter
Copy link

What steps will reproduce the problem?
1. uncomment iPhone 3GS iOS6 version in build.py and comment iPhone 3GS iOS 5 
version
2. run build.py
3. kernel patching fails on PE_i_can_has_debugger

The patch is as follows (from kernel_patcher.py):

"_PE_i_can_has_debugger" : (h("80 B1 43 F2 BE 01 C0 F2"), h("01 20 70 47 BE 01 
C0 F2")),

This patch looks for (manual disassembly, might be wrong):

B180 CBZ R0,<offset 16>
F243BEF2 MOV R1,<offset 0x18BE>
F2C0???? <32-bit Thumb-2 instruction>

On iPhone 3GS, the offset is incorrect; the sequence is not found, so kernel 
patching fails.

However, since the first four bytes only are patched, we can try this:

"_PE_i_can_has_debugger" : (h("80 B1 43 F2"), h("BE 01 C0 F2")),

This only has one occurrence in the iPhone 3GS iOS6 kernel.  Patching succeeds, 
and I was able to boot the device with the ramdisk and extract the disk image 
and everything else.

However, on the iPhone 4 iOS6 kernel, there are 2 occurrences of this sequence, 
so some mechanism is needed to handle both cases in the Python code.  A 
workaround is to patch the script manually when using this phone.

Original issue reported on code.google.com by [email protected] on 11 Jun 2014 at 11:30

@GoogleCodeExporter
Copy link
Author

Sorry, it should be this to patch iPhone 3GS:

"_PE_i_can_has_debugger" : (h("80 B1 43 F2"), h("01 20 70 47")),

Original comment by [email protected] on 11 Jun 2014 at 11:31

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

1 participant