From 06a7cc2f23c25034183eec0cc9596f4284a4c3c9 Mon Sep 17 00:00:00 2001 From: Nikias Bassen Date: Thu, 24 Jan 2019 20:19:13 +0100 Subject: restore: Fix Savage firmware handling for iPhone XR/XS/XS max --- src/restore.c | 60 +++++++++++++++++++++++++++++------------------------------ src/tss.c | 36 +++++++++++++++++++++++++---------- src/tss.h | 2 +- 3 files changed, 57 insertions(+), 41 deletions(-) diff --git a/src/restore.c b/src/restore.c index cdab845..c43b7d6 100644 --- a/src/restore.c +++ b/src/restore.c @@ -1885,7 +1885,7 @@ plist_t restore_get_se_firmware_data(restored_client_t restore, struct idevicere plist_t restore_get_savage_firmware_data(restored_client_t restore, struct idevicerestore_client_t* client, plist_t build_identity, plist_t p_info) { - const char *comp_name = NULL; + char *comp_name = NULL; char *comp_path = NULL; unsigned char* component_data = NULL; unsigned int component_size = 0; @@ -1894,38 +1894,12 @@ plist_t restore_get_savage_firmware_data(restored_client_t restore, struct idevi plist_t request = NULL; plist_t response = NULL; plist_t node = NULL; - uint8_t isprod = 0; int ret; - node = plist_dict_get_item(p_info, "Savage,ProductionMode"); - if (node && (plist_get_node_type(node) == PLIST_BOOLEAN)) { - plist_get_bool_val(node, &isprod); - } - node = NULL; - if (isprod) { - comp_name = "Savage,B2-Prod-Patch"; - } else { - comp_name = "Savage,B2-Dev-Patch"; - } - - if (build_identity_get_component_path(build_identity, comp_name, &comp_path) < 0) { - error("ERROR: Unable get path for '%s' component\n", comp_name); - return NULL; - } - - ret = extract_component(client->ipsw, comp_path, &component_data, &component_size); - free(comp_path); - comp_path = NULL; - if (ret < 0) { - error("ERROR: Unable to extract '%s' component\n", comp_name); - return NULL; - } - /* create Savage request */ request = tss_request_new(NULL); if (request == NULL) { error("ERROR: Unable to create Savage TSS request\n"); - free(component_data); return NULL; } @@ -1938,16 +1912,22 @@ plist_t restore_get_savage_firmware_data(restored_client_t restore, struct idevi plist_dict_merge(¶meters, p_info); /* add required tags for Savage TSS request */ - tss_request_add_savage_tags(request, parameters, NULL); + tss_request_add_savage_tags(request, parameters, NULL, &comp_name); plist_free(parameters); + if (!comp_name) { + error("ERROR: Could not determine Savage firmware component\n"); + plist_free(request); + return NULL; + } + info("Sending Savage TSS request...\n"); response = tss_request_send(request, client->tss_url); plist_free(request); if (response == NULL) { error("ERROR: Unable to fetch Savage ticket\n"); - free(component_data); + free(comp_name); return NULL; } @@ -1957,6 +1937,24 @@ plist_t restore_get_savage_firmware_data(restored_client_t restore, struct idevi error("ERROR: No 'Savage,Ticket' in TSS response, this might not work\n"); } + /* now get actual component data */ + if (build_identity_get_component_path(build_identity, comp_name, &comp_path) < 0) { + error("ERROR: Unable get path for '%s' component\n", comp_name); + free(comp_name); + return NULL; + } + + ret = extract_component(client->ipsw, comp_path, &component_data, &component_size); + free(comp_path); + comp_path = NULL; + if (ret < 0) { + error("ERROR: Unable to extract '%s' component\n", comp_name); + free(comp_name); + return NULL; + } + free(comp_name); + comp_name = NULL; + component_data_tmp = realloc(component_data, (size_t)component_size+16); if (!component_data_tmp) { free(component_data); @@ -2179,14 +2177,16 @@ int restore_send_firmware_updater_data(restored_client_t restore, struct idevice goto error_out; } } else if (strcmp(s_updater_name, "Savage") == 0) { + const char *fwtype = "Savage"; plist_t p_info2 = plist_dict_get_item(p_info, "YonkersDeviceInfo"); if (p_info2 && plist_get_node_type(p_info2) == PLIST_DICT) { + fwtype = "Yonkers"; fwdict = restore_get_yonkers_firmware_data(restore, client, build_identity, p_info2); } else { fwdict = restore_get_savage_firmware_data(restore, client, build_identity, p_info); } if (fwdict == NULL) { - error("ERROR: %s: Couldn't get Savage firmware data\n", __func__); + error("ERROR: %s: Couldn't get %s firmware data\n", __func__, fwtype); goto error_out; } } else { diff --git a/src/tss.c b/src/tss.c index dd3cf37..80d2935 100644 --- a/src/tss.c +++ b/src/tss.c @@ -831,7 +831,7 @@ int tss_request_add_se_tags(plist_t request, plist_t parameters, plist_t overrid return 0; } -int tss_request_add_savage_tags(plist_t request, plist_t parameters, plist_t overrides) +int tss_request_add_savage_tags(plist_t request, plist_t parameters, plist_t overrides, char **component_name) { plist_t node = NULL; @@ -912,21 +912,37 @@ int tss_request_add_savage_tags(plist_t request, plist_t parameters, plist_t ove plist_get_bool_val(node, &isprod); node = NULL; - /* add Savage,B2-*-Patch */ - if (isprod) { - comp_name = "Savage,B2-Prod-Patch"; - } else { - comp_name = "Savage,B2-Dev-Patch"; + /* get the right component name */ + comp_name = (isprod) ? "Savage,B0-Prod-Patch" : "Savage,B0-Dev-Patch"; + node = plist_dict_get_item(parameters, "Savage,Revision"); + if (node && (plist_get_node_type(node) == PLIST_DATA)) { + unsigned char *savage_rev = NULL; + uint64_t savage_rev_len = 0; + plist_get_data_val(node, (char**)&savage_rev, &savage_rev_len); + if (savage_rev_len > 0) { + if (((savage_rev[0] | 0x10) & 0xF0) == 0x30) { + comp_name = (isprod) ? "Savage,B2-Prod-Patch" : "Savage,B2-Dev-Patch"; + } else if ((savage_rev[0] & 0xF0) == 0xA0) { + comp_name = (isprod) ? "Savage,BA-Prod-Patch" : "Savage,BA-Dev-Patch"; + } + } + free(savage_rev); } - node = plist_access_path(manifest_node, 2, comp_name, "Digest"); + + /* add Savage,B?-*-Patch */ + node = plist_dict_get_item(manifest_node, comp_name); if (!node) { - error("ERROR: Unable to get %s digest from manifest\n", comp_name); + error("ERROR: Unable to get %s entry from manifest\n", comp_name); return -1; } - dict = plist_new_dict(); - plist_dict_set_item(dict, "Digest", plist_copy(node)); + dict = plist_copy(node); + plist_dict_remove_item(dict, "Info"); plist_dict_set_item(request, comp_name, dict); + if (component_name) { + *component_name = strdup(comp_name); + } + /* add Savage,Nonce */ node = plist_dict_get_item(parameters, "Savage,Nonce"); if (!node) { diff --git a/src/tss.h b/src/tss.h index 465e9dc..7911283 100644 --- a/src/tss.h +++ b/src/tss.h @@ -40,7 +40,7 @@ int tss_request_add_common_tags(plist_t request, plist_t parameters, plist_t ove int tss_request_add_ap_tags(plist_t request, plist_t parameters, plist_t overrides); int tss_request_add_baseband_tags(plist_t request, plist_t parameters, plist_t overrides); int tss_request_add_se_tags(plist_t request, plist_t parameters, plist_t overrides); -int tss_request_add_savage_tags(plist_t request, plist_t parameters, plist_t overrides); +int tss_request_add_savage_tags(plist_t request, plist_t parameters, plist_t overrides, char **component_name); int tss_request_add_yonkers_tags(plist_t request, plist_t parameters, plist_t overrides); int tss_request_add_ap_img4_tags(plist_t request, plist_t parameters); -- cgit v1.1-32-gdbae