|
The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "Restore Process"
ChronicDev (talk | contribs) (New page: == 1.1.4 > 2.0 Restore == This restore was performed, logged and dumped by scotty2 # iTunes maps iBEC (WTF.m68ap.RELEASE.dfu) at 0x90000000. # iBoot decrypts it, as it is an Img2 file, th...) |
ChronicDev (talk | contribs) (→1.1.4 > 2.0 Restore) |
||
| Line 2: | Line 2: | ||
This restore was performed, logged and dumped by scotty2 |
This restore was performed, logged and dumped by scotty2 |
||
| + | === The Process === |
||
# iTunes maps iBEC (WTF.m68ap.RELEASE.dfu) at 0x90000000. |
# iTunes maps iBEC (WTF.m68ap.RELEASE.dfu) at 0x90000000. |
||
# iBoot decrypts it, as it is an Img2 file, then runs it. |
# iBoot decrypts it, as it is an Img2 file, then runs it. |
||
Revision as of 18:16, 28 July 2008
1.1.4 > 2.0 Restore
This restore was performed, logged and dumped by scotty2
The Process
- iTunes maps iBEC (WTF.m68ap.RELEASE.dfu) at 0x90000000.
- iBoot decrypts it, as it is an Img2 file, then runs it.
- iBEC does a check to see if it is mapped at 0x18000000, and if it is not, it remaps itself there.
- Sometime at the beginning of the iBEC's routine, it gives the iPhone whatever it needs to decrypt Img3 files, as you will obviously guess by reading the rest of these
- iTunes sends iBEC the kernelcache and the ramdisk. Both in Img3 format.
- iBEC decrypts ramdisk and kernelcache then boots kernelcache.
- The ramdisk/kernel then copy the rootfs over, then flash the new devicetree, iBEC, iBSS, and iBoot.
- After the rootfs and the img3 files, it will flash over the baseband and friends.
