From 10c15d596eb54c9b97cd7e6323ac8416349ca225 Mon Sep 17 00:00:00 2001 From: Nikias Bassen Date: Thu, 9 Nov 2023 20:25:38 +0100 Subject: [PATCH] Fix update restore by making sure the premanifest is properly generated --- src/idevicerestore.c | 4 ++-- src/img4.c | 11 +++++------ src/tss.c | 31 +++++++++++++++++++++++++------ 3 files changed, 32 insertions(+), 14 deletions(-) diff --git a/src/idevicerestore.c b/src/idevicerestore.c index b2185103..9bc9f8b4 100644 --- a/src/idevicerestore.c +++ b/src/idevicerestore.c @@ -1981,7 +1981,7 @@ int get_preboard_manifest(struct idevicerestore_client_t* client, plist_t build_ plist_t overrides = plist_new_dict(); plist_dict_set_item(overrides, "@APTicket", plist_new_bool(1)); plist_dict_set_item(overrides, "ApProductionMode", plist_new_uint(0)); - plist_dict_set_item(overrides, "ApSecurityDomain", plist_new_uint(0)); + plist_dict_set_item(overrides, "ApSecurityDomain", plist_new_uint(1)); plist_dict_set_item(parameters, "ApProductionMode", plist_new_bool(0)); plist_dict_set_item(parameters, "ApSecurityMode", plist_new_bool(0)); @@ -2005,7 +2005,7 @@ int get_preboard_manifest(struct idevicerestore_client_t* client, plist_t build_ return -1; } - plist_dict_set_item(parameters, "_OnlyFWComponents", plist_new_bool(1)); + plist_dict_set_item(parameters, "_OnlyFWOrTrustedComponents", plist_new_bool(1)); /* add tags from manifest */ if (tss_request_add_ap_tags(request, parameters, NULL) < 0) { diff --git a/src/img4.c b/src/img4.c index c21a0753..56b04964 100644 --- a/src/img4.c +++ b/src/img4.c @@ -844,13 +844,12 @@ int img4_create_local_manifest(plist_t request, plist_t build_identity, plist_t* comp = _img4_get_component_tag(key); } if (!comp) { - error("ERROR: %s: Unhandled component '%s' - can't create manifest\n", __func__, key); - free(iter); - free(buf); - return -1; + debug("DEBUG: %s: Unhandled component '%s'\n", __func__, key); + _manifest_write_component(&p, &length, key, val); + } else { + debug("DEBUG: found component %s (%s)\n", comp, key); + _manifest_write_component(&p, &length, comp, val); } - debug("DEBUG: found component %s (%s)\n", comp, key); - _manifest_write_component(&p, &length, comp, val); } free(key); } while (val); diff --git a/src/tss.c b/src/tss.c index 5e676f4b..e9d68f39 100644 --- a/src/tss.c +++ b/src/tss.c @@ -582,8 +582,15 @@ int tss_request_add_ap_recovery_tags(plist_t request, plist_t parameters, plist_ continue; } - if (!_plist_dict_get_bool(info_dict, "IsFirmwarePayload") && !_plist_dict_get_bool(info_dict, "IsSecondaryFirmwarePayload") && !_plist_dict_get_bool(info_dict, "IsFUDFirmware")) { - debug("DEBUG: %s: Skipping '%s' as it is neither firmware nor secondary nor FUD firmware payload\n", __func__, key); + if (!_plist_dict_get_bool(info_dict, "IsFirmwarePayload") + && !_plist_dict_get_bool(info_dict, "IsSecondaryFirmwarePayload") + && !_plist_dict_get_bool(info_dict, "IsFUDFirmware") + && !_plist_dict_get_bool(info_dict, "IsLoadedByiBoot") + && !_plist_dict_get_bool(info_dict, "IsEarlyAccessFirmware") + && !_plist_dict_get_bool(info_dict, "IsiBootEANFirmware") + && !_plist_dict_get_bool(info_dict, "IsiBootNonEssentialFirmware")) + { + debug("DEBUG: %s: Skipping '%s' as it is not a firmware payload\n", __func__, key); continue; } } @@ -679,14 +686,26 @@ int tss_request_add_ap_tags(plist_t request, plist_t parameters, plist_t overrid } } - if (_plist_dict_get_bool(parameters, "_OnlyFWComponents")) { + int is_fw_payload = _plist_dict_get_bool(info_dict, "IsFirmwarePayload") + || _plist_dict_get_bool(info_dict, "IsSecondaryFirmwarePayload") + || _plist_dict_get_bool(info_dict, "IsFUDFirmware") + || _plist_dict_get_bool(info_dict, "IsLoadedByiBoot") + || _plist_dict_get_bool(info_dict, "IsEarlyAccessFirmware") + || _plist_dict_get_bool(info_dict, "IsiBootEANFirmware") + || _plist_dict_get_bool(info_dict, "IsiBootNonEssentialFirmware"); + + if (_plist_dict_get_bool(parameters, "_OnlyFWOrTrustedComponents")) { + if (!_plist_dict_get_bool(manifest_entry, "Trusted") && !is_fw_payload) { + debug("DEBUG: %s: Skipping '%s' as it is neither firmware payload nor trusted\n", __func__, key); + continue; + } + } else if (_plist_dict_get_bool(parameters, "_OnlyFWComponents")) { if (!_plist_dict_get_bool(manifest_entry, "Trusted")) { debug("DEBUG: %s: Skipping '%s' as it is not trusted\n", __func__, key); continue; } - - if (!_plist_dict_get_bool(info_dict, "IsFirmwarePayload") && !_plist_dict_get_bool(info_dict, "IsSecondaryFirmwarePayload") && !_plist_dict_get_bool(info_dict, "IsFUDFirmware")) { - debug("DEBUG: %s: Skipping '%s' as it is neither firmware nor secondary nor FUD firmware payload\n", __func__, key); + if (!is_fw_payload) { + debug("DEBUG: %s: Skipping '%s' as it is not a firmware payload\n", __func__, key); continue; } }