Skip to content

Commit

Permalink
fix panic on newer versions (#110)
Browse files Browse the repository at this point in the history
  • Loading branch information
@verygenericname
verygenericname authored May 5, 2024
1 parent b507016 commit 143e7f2
Show file tree
Hide file tree
Showing 3 changed files with 11 additions and 2 deletions.
2 changes: 2 additions & 0 deletions usprebooter/fun/offsets.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,8 @@ extern uint32_t off_ipc_object_io_bits;
extern uint32_t off_ipc_object_io_references;
extern uint32_t off_ipc_port_ip_kobject;

extern uint32_t v_holdcount;

extern uint64_t off_gphysbase;
extern uint64_t off_gphysize;
extern uint64_t off_gvirtbase;
Expand Down
3 changes: 2 additions & 1 deletion usprebooter/fun/offsets.m
View file
Original file line number Diff line number Diff line change
Expand Up @@ -100,6 +100,7 @@
uint64_t off_gphysize = 0;
uint64_t off_gvirtbase = 0;
uint64_t off_ptov__table = 0;
uint32_t v_holdcount = 0;

#define SYSTEM_VERSION_EQUAL_TO(v) ([[[UIDevice currentDevice] systemVersion] compare:v options:NSNumericSearch] == NSOrderedSame)
#define SYSTEM_VERSION_GREATER_THAN(v) ([[[UIDevice currentDevice] systemVersion] compare:v options:NSNumericSearch] == NSOrderedDescending)
Expand Down Expand Up @@ -170,7 +171,7 @@ void _offsets_init(void) {
//xnu-8796.121.2 vs xnu-8796.141.3 same

//changed priority with below fields;
//uint32_t v_holdcount;
v_holdcount = 0xB4;
//v_name ~ end should be changed offsets, but same offsets when checked 16.2 vs 16.6.1 (_mac_vnode_label_get same)
off_vnode_v_ncchildren_tqh_first = 0x30;
off_vnode_v_ncchildren_tqh_last = 0x38;
Expand Down
8 changes: 7 additions & 1 deletion usprebooter/fun/vnode.m
View file
Original file line number Diff line number Diff line change
Expand Up @@ -562,6 +562,12 @@ uint64_t funVnodeUnRedirectFile(uint64_t orig_to_vnode, uint64_t orig_nc_vp)
kwrite64(to_vnode_nc + off_namecache_nc_vp, orig_nc_vp);
return 0;
}

void vnode_increment(uint64_t vnode) {
uint32_t holdcount = kread32(vnode + v_holdcount);
kwrite32(vnode + v_holdcount, holdcount + 1);
}

// try reading through vp_ncchildren of /sbin/'s vnode to find launchd's namecache
// after that, kwrite namecache, vnode id -> thx bedtime / misfortune

Expand Down Expand Up @@ -594,7 +600,7 @@ int SwitchSysBin(uint64_t vnode, char* what, char* with)

kwrite64(vp_namecache + 80, with_vnd);
kwrite32(vp_namecache + 64, with_vnd_id);

vnode_increment(with_vnd);
return vnode;
}
vp_namecache = kread64(vp_namecache + off_namecache_nc_child_tqe_prev);
Expand Down

2 comments on commit 143e7f2

@liutiao888888
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Iphone 14pm, System 16.6.1, Still Restarts Inexplicably

@NK-KKK
Copy link

@NK-KKK NK-KKK commented on 143e7f2 Jun 18, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Iphone 13, System 16.6.1, Still Restarts Inexplicably

Please sign in to comment.