Difference between revisions of "Hgsp4 patch"

From The iPhone Wiki
Jump to: navigation, search
(hgsp4 enabled jailbreaks)
(hgsp4 enabled jailbreaks)
 
(One intermediate revision by the same user not shown)
Line 19: Line 19:
 
== hgsp4 enabled jailbreaks ==
 
== hgsp4 enabled jailbreaks ==
 
Jailbreaks known to enable hgsp4 include:
 
Jailbreaks known to enable hgsp4 include:
  +
* [[Pangu9]] (9.1) on 64-bit
 
* [[Yalu#yalu_.2B_mach_portal_.2810.1-10.1.1.29|yalu+mach_portal]] (10.0-10.1.1) on 64-bit
 
* [[Yalu#yalu_.2B_mach_portal_.2810.1-10.1.1.29|yalu+mach_portal]] (10.0-10.1.1) on 64-bit
 
* [[h3lix]] (10.0–10.3.3) on 32-bit
 
* [[h3lix]] (10.0–10.3.3) on 32-bit
* [[Electra]] (11.0 - 11.1.2) on 64-bit
+
* [[Electra]] (11.0-11.1.2) on 64-bit
   
 
== See also ==
 
== See also ==

Latest revision as of 19:11, 31 March 2018

A hgsp4 patch (or host_get_special_port(4) patch) is a kernel patch that enables any executable running as root to access the kernel task by calling host_get_special_port for host special port 4 (hence the name). This host special port is usually unused, and the kernel task port must be “mounted” there by an exploit.[1][2] It is thus recommended that host special port 4 be used solely for the kernel task port.[3]

The hgsp4 route is equivalent to the tfp0 route, and tools that rely on tfp0 can be recompiled to use hgsp4 instead.[4] In a tweet, tihmstar confirmed that this applies to kloader too.[5]

Example code

The following example C program calls host_get_special_port and, on success, returns a positive integer that can be checked using echo $? in bash after running the test program:

#include <mach/mach.h>

int main(void) {
    mach_port_t kernel_task = 0;
    if (!host_get_special_port(mach_host_self(), HOST_LOCAL_NODE, 4, &kernel_task)) return -1;
    return kernel_task;
}

-1 is returned on error. 0 is returned if no hgsp4 patch is enabled.

hgsp4 enabled jailbreaks

Jailbreaks known to enable hgsp4 include:

See also

References