From 18ba27c74305100146dd9599336dbdcd5e794ad1 Mon Sep 17 00:00:00 2001 From: Nikias Bassen Date: Mon, 12 Oct 2020 17:56:20 +0200 Subject: restore: Fix NORData request by sending new components (fixes wireless charging on newer devices) The NorImageData response didn't include the WCHFirmwareUpdater for newer devices, resulting in wireless charging capability to be broken on iPhone XS, iPhone XR, and newer. Upon further inspection it turned out that the selection for the images to send was only based on `IsFirmwarePayload` property. However, there are additional components with other properties, as the WCHFirmwareUpdater one, that don't have the `IsFirmwarePayload` property but instead `IsSecondaryFirmwarePayload` and `IsLoadedByiBoot` which seem to be the rule for including these images. --- src/restore.c | 23 +++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) diff --git a/src/restore.c b/src/restore.c index 3e84689..e35047a 100644 --- a/src/restore.c +++ b/src/restore.c @@ -1059,11 +1059,26 @@ int restore_send_nor(restored_client_t restore, struct idevicerestore_client_t* plist_dict_next_item(build_id_manifest, iter, &component, &manifest_entry); if (component && manifest_entry && plist_get_node_type(manifest_entry) == PLIST_DICT) { uint8_t is_fw = 0; - plist_t is_fw_node = plist_access_path(manifest_entry, 2, "Info", "IsFirmwarePayload"); - if (is_fw_node && plist_get_node_type(is_fw_node) == PLIST_BOOLEAN) { - plist_get_bool_val(is_fw_node, &is_fw); + uint8_t is_secondary_fw = 0; + uint8_t loaded_by_iboot = 0; + plist_t fw_node; + + fw_node = plist_access_path(manifest_entry, 2, "Info", "IsFirmwarePayload"); + if (fw_node && plist_get_node_type(fw_node) == PLIST_BOOLEAN) { + plist_get_bool_val(fw_node, &is_fw); + } + + fw_node = plist_access_path(manifest_entry, 2, "Info", "IsLoadedByiBoot"); + if (fw_node && plist_get_node_type(fw_node) == PLIST_BOOLEAN) { + plist_get_bool_val(fw_node, &loaded_by_iboot); } - if (is_fw) { + + fw_node = plist_access_path(manifest_entry, 2, "Info", "IsSecondaryFirmwarePayload"); + if (fw_node && plist_get_node_type(fw_node) == PLIST_BOOLEAN) { + plist_get_bool_val(fw_node, &is_secondary_fw); + } + + if (is_fw || (is_secondary_fw && loaded_by_iboot)) { plist_t comp_path = plist_access_path(manifest_entry, 2, "Info", "Path"); if (comp_path) { plist_dict_set_item(firmware_files, component, plist_copy(comp_path)); -- cgit v1.1-32-gdbae