E.g., with img4tool, we can do something like img4 -image 4p devicetree-d211ap.bin to get device tree into devicetree-d211ap.bin. After iOS 10, almost all the img4 images for 64-bit devices are not encrypted, so it's possible to extract device trees from im4p files and dump them. They are the same for every firmware for the device they are for, however, the keys are different every build. The device tree is packaged as an IMG3 or IM4P file and is located in the IPSW at /Firmware/all_flash/all_3/im4p on development devices. XNU's platform expert then maps these addresses and uses them to communicate with the I/O buses and other low level hardware. It is used extensively by the boot loader, as it populates the various entries of the tree, and then passes it to XNU (the kernel). The tree is a hierarchical representation of devices by connection, somewhat similar to Solaris's device tree ( /devices), and Linux's /sys/devices (see device tree on Wikipedia for more context). The device tree is a representation of hardware used by the boot loaders (iOS's iBoot and OS X's boot.efi) to provide the kernel with a mapping of hardware.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |