ioskerneljailbreak
What binary in the Update Ramdisk loads the Kernel during an iOS update?
Above image indicates that the Update Ramdisk loads the kernel during an iOS update. If so which binary (ASR, etc.) in the iOS 10.3.1 Update Ramdisk loads the Kernel?
Solution
None of them, that's not how ramdisks work.
For starters, the kernel operates on and with the ramdisk, not the other way round. This is true for any kernel-ramdisk pair I've seen on any platform so far.
Furthermore, binaries from the iOS ramdisks are all userland binaries, which means:
- They rely on the dynamic linker (
/usr/lib/dyld) and system libraries. - They rely on system calls.
- They rely on the availability of a file system.
- They run in EL0 ("userland"), the least privileged processor mode.
If any of those wanted to load the kernel, there would be a number of problems with that:
- The kernel runs in EL1. If you run in EL0, then you are not privileged to access anything in EL1 and thus cannot put any kernel there.
- Linking, libraries and system calls work very differently in EL1:
- System libraries are not available in EL1. I suppose they could be made available, but since there can only be one binary executing in EL1 at any given time, that sounds like a huge overkill.
- There exists a linker for EL1 in iOS (KXLD), but it is part of the iOS kernel and its designed to link kernel extensions to the kernel. It doesn't operate on userland binaries.
- While technically you can generate an exception from EL1 targeting EL1 with the
svcinstruction, you yourself will be invoked to handle it, which means that until you load the kernel, you are the kernel. Userland binaries are not prepared for that.
That said, I'm not sure what your image is trying to express. My best guess would be that it means that the denoted ramdisk is passed to the kernel. In any case though, iBoot is the one loading and setting up the kernel.
- Format UILabel with bullet points?
- Swift image does not fit in the scrollview
- How to stop showing AdMob banner ad correctly?
- Crop a Portion of UIImage from Larger UIImage, and include non-image parts
- There are still screenshot uploads in progress. Apple App Submission
- iOS built in solution for managing keyboard pushes or overlaps to UI elements
- SwiftUI List seems to add padding to internal elements
- How to eliminate the space above Section in SwiftUI Form?
- @StateObject vs @ObservedObject when passed externally but owned by the view
- Is there a more elegant way to pull off a regular to bold text animation in SwiftUI
- Effect of change of frame of View on Subviews
- IOS Safari: unwanted scroll when keyboard is opened and body scroll is disabled
- AVCapturePhotoOutput - settings may not be reused
- How can I change the app display name build with Flutter?
- FireBase notification not working on new installs
- Unable to link statically a specific Pod
- React Native Change Default iOS Simulator Device
- ILLINK error MT2301: The linker step 'Setup' failed when compiling a MAUI app for iOS
- 'RCTAppDelegate.h' file not found
- iOS 15: Remove empty space before cells in UITableView
- How to group a set of pictures in a specific way using the current view size in SwiftUI
- Flutter Run Error: SocketException - No Route to Host (errno = 65) on iOS Device
- How come I can cast to NSManagedObject but not to my entity's type?
- How to add a Sandbox account along with a regular AppleId?
- UICollectionView current visible cell index
- Multiple freezes in collection view
- Getting an error when I try to set up my Advanced AppClip experience
- Why is signInWithPhoneNumber from @capacitor-firebase/authentication doesn't works Ionic app for iOS?
- Launch iOS simulator from Xcode and getting a black screen, followed by Xcode hanging and unable to stop tasks
- WatchKit apps must have a deployment target equal to iOS 8.2 (was 8.3)?