userlandkernel

afDIGHr84A84jh19Kphgp428DNPdnapq



20:29:15.2763|l

20:29:16.4317|ls

20:29:17.6629|s000151.119712 wlan0.A[124] setStatsTimerIntervalMS@3046: Configured delta_stats_interval(secs): 1
20:29:21.6546|000151.129102 wlan0.A[125] setLQM_CONFIG@21420:Setting ECounter update interval to: 1

NyanSatan

#define TRISTAR_IIC_BUS 0
#define CBTL1610_R 0x35
#define CBTL1610_W 0x34

void (*task_sleep)(uint64_t delay) = TARGET_BASEADDR + 0x1FFDC;
int (*iic_read)(int iic, uint8_t address, const void *send_data, size_t send_len, void *data, size_t len, uint8_t fmt) = TARGET_BASEADDR + 0xA008;
int (*iic_write)(int iic, uint8_t address, const void *data, size_t len) = TARGET_BASEADDR + 0xA168;
int (*tristar_write)(uint8_t reg, uint8_t value) = TARGET_BASEADDR + 0xD644;
int (*tristar_read)(uint8_t reg, uint8_t *data) = TARGET_BASEADDR + 0xD604;

bazad

#
# arm64_sysregs_ios.py
# Brandon Azad
#
# Based on https://github.com/gdelugre/ida-arm-system-highlight by Guillaume Delugre.
#

import idautils
import idc

littlelailo

There is a bug in SEPROM, at least up to A10 (the one I reversed), in the trustzone bounds checks.
The trustzone is setup by the main AP in an early boot stage and because of that SEPROM has to verify that it's setup correctly before continuing to boot SEPOS. 
Otherwise the AP could write to SEPOS RAM and with that it might be able to get code execution on the SEP.
The verification is done by first checking if the trustzone values are locked and then if they are correct.
Those values are stored in hardware registers that both processors share.
The registers are 32 bit tho and because of that apple decided to shift the address down by 12 bits before putting it into the registers.
This means that if you want to lock down 0x1000000 to 0x2000000 you will actually write 0x1000 and 0x2000 to the registers.
On the other side SEPROM loads these values from the hardware registers again.
But instead of just comparing them against some constant it shifts up all of those values by 12 bits again before doing any check on 

tbodt

======================================================================================
======================================================================================
== Tweedle D & Tweedle dum! ==========================================================
======================================================================================
======================================================================================
Sun, 25 Oct 2020 4:44PM PST.... ======================================================
Author: NOBODY (et-al) ===============================================================
======================================================================================
= OR 'hello world of TMM & PKA' ======================================================

kasiimh1

 - [05/04/21 15:20:57] <Info>: Waiting for DFU devices
 - [05/04/21 15:21:20] <Verbose>: DFU mode device found
 - [05/04/21 15:21:20] <Info>: Exploiting
 - [05/04/21 15:21:20] <Verbose>: Attempting to perform checkm8 on 8011 10...
 - [05/04/21 15:21:20] <Info>: Checking if device is ready
 - [05/04/21 15:21:20] <Verbose>: == Checkm8 Preparation stage ==
 - [05/04/21 15:21:20] <Verbose>: Stalled input endpoint
 - [05/04/21 15:21:20] <Verbose>: DFU device disconnected
 - [05/04/21 15:21:20] <Verbose>: DFU mode device found
 - [05/04/21 15:21:20] <Info>: Setting up the exploit (this is the heap spray)

NyanSatan

arm_clean_dcache_line() weirdness
27 Dec 2020 12:12 MSK

At some point of my iPhone 5 SecureROM research, I've *decided* to REDACTED. After the process I was quite tired, so I was just looking at different functions in the ROM for no particular reason. One of the functions was platform_get_boot_trampoline():


void *platform_get_boot_trampoline()
{
#define TRAMPOLINE_SIZE 0x40

networkextension

[0012609A:36DA001E] :-) soc -p
	vendor: Apple
	model: 8103
	primary-cpu: Tempest
	fuse-rev: 11
	security-epoch: 1
	security-domain0: 1
	security-domain1: 0
	production-mode: 1
	board-id: 0

networkextension

      Type       |        Subtype        |  Offset  |   Size   |  CRC32   |   Name 
 Image           | UEFI                  | 00000000 | 0299AA15 | F1D51BF8 |  UEFI image
 Padding         | Non-empty             | 00000000 | 000E0027 | D0F8A5FF | - Padding
 Volume          | FFSv2                 | 000E0027 | 00008000 | A28B90B1 | - 8C8CE578-8A3D-4F1C-9935-896185C32DD3
 Free space      |                       | 000E006F | 00007FB8 | 425AB2D9 | -- Volume free space
 Volume          | FFSv2                 | 000E8027 | 028B0000 | 25F96F5F | - 8C8CE578-8A3D-4F1C-9935-896185C32DD3
 File            | Freeform              | 000E806F | 0000013C | C3B1AD8F | -- FC510EE7-FFDC-11D4-BD41-0080C73C8881 | DXE apriori file
 Section         | Raw                   | 000E8087 | 00000124 | 103B4756 | --- Raw section
 File            | Pad                   | 000E81AF | 00007E60 | D21642FD | -- Pad-file

networkextension

] printenv
       boot-partition = ""
       boot-path = "/System/Library/Caches/com.apple.kernelcaches/kernelcach"
       dt-path = "/usr/standalone/firmware/devicetree.img"
       roothash-path = "/usr/standalone/firmware/root_hash.img"
       ibd-path = "/usr/standalone/firmware/FUD/iBootData.img"
       sepfw-path = "/usr/standalone/firmware/sep-firmware.img"
       tc-path = "/usr/standalone/firmware/FUD/StaticTrustCache.img"
       tc-eng-dir = "/usr/standalone/firmware/trustcache"
       build-style = "DEVELOPMEN"