Difference between revisions of "AMFI Binary Trust Cache Patch"

From The iPhone Wiki
Jump to: navigation, search
(another public patch from Stefan Esser's slides)
 
m (switch to subcategories)
Line 25: Line 25:
 
__text:803E802E LDR R3, =loc_803FB5FC
 
__text:803E802E LDR R3, =loc_803FB5FC
 
__text:803E8030 LDRB R3, [R3,R1]
 
__text:803E8030 LDRB R3, [R3,R1]
[[Category:Patches]]
+
[[Category:Kernel Patches]]

Revision as of 07:16, 3 October 2011

  • disables the AMFI binary trust cache
  • replacing the function with a return(1);
__text:803E8000 sub_803E8000                            ; CODE XREF: sub_803E87E4+19E↓p
__text:803E8000                                         ; sub_803E8E74+1A↓p
__text:803E8000                                         ; DATA XREF: ...
__text:803E8000                 PUSH            {R4,R7,LR} <== replaced with: MOV R0, 1
__text:803E8002                 ADD             R7, SP, #4              and   BX LR
__text:803E8004                 CMP             R1, #0x14
__text:803E8006                 BNE             loc_803E804E
__text:803E8008                 LDR             R2, =loc_803FCBFC
__text:803E800A                 LDRB.W          R12, [R0]
__text:803E800E                 LDRH.W          R3, [R2,R12,LSL#1]
__text:803E8012                 ADD.W           R1, R3, #0x14
__text:803E8016                 LDRB            R3, [R0,#7]
__text:803E8018                 LDRH.W          R3, [R2,R3,LSL#1]
__text:803E801C                 ADDS            R1, R1, R3
__text:803E801E                 LDRB            R3, [R0,#2]
__text:803E8020                 LDRH.W          R3, [R2,R3,LSL#1]
__text:803E8024                 ADDS            R1, R1, R3
__text:803E8026                 MOVW            R3, #0x15FE
__text:803E802A                 CMP             R1, R3
__text:803E802C                 BHI             loc_803E804E
__text:803E802E                 LDR             R3, =loc_803FB5FC
__text:803E8030                 LDRB            R3, [R3,R1]