qemu-ios-generate-nand icon indicating copy to clipboard operation
qemu-ios-generate-nand copied to clipboard

Published 20 hours ago verified publisher icon devos50

Usage documentation

Open ivoszbg opened this issue 3 years ago • 9 comments
trafficstars

I don't really get how I'm supposed to use this tool in order to generate the nand image. Some general info would be nice.

ivoszbg avatar Oct 31 '22 21:10 ivoszbg

Thank you for your interest in the project! I'm a bit occupied with other things right now but I will work on some general information as soon as I can 👍

devos50 avatar Nov 01 '22 08:11 devos50

Alright, thanks! Also, your qemu fork for iPod is kind of filled with little issues here and there that make GCC scream when compiling on a Linux distro (my git diff for fixing them is around 550 lines, can submit a cleanup pr at some point). The only thing that I haven't figured out yet is this nand script (the nor one is easy to use, no arguments are needed since paths are hardcoded). Anyways, thanks for the great work, and take care :D

ivoszbg avatar Nov 01 '22 11:11 ivoszbg

@ivoszbg wow, very impressive that you managed to get this up and running! Any contribution is greatly welcomed 👍

devos50 avatar Nov 01 '22 12:11 devos50

@ivoszbg I just looked at the steps required to set up everything. What complicates matters is that I made specific changes to the files in the filesystem to bypass various security aspects, such as device activation. For now, it might be easiest to download my modified DMG file from here. You can then use the dmg2img tool to extract the raw HFS file system from the dmg file:

./dmg2img filesystem-readonly.dmg  -p 3 filesystem-readonly.img

Compiling the tool in this repository should be as simple as:

gcc generate_nand.c -o generate_nand

You should then move the filesystem-readonly.img file to the root source directory of this tool and convert it to a NAND storage layout by executing:

./generate_nand.c

This should generate a nand directory that can be used by the emulation 👍

devos50 avatar Nov 01 '22 17:11 devos50

Thanks a lot, that worked! Last question, what's the exact command that you use for firing up qemu?

ivoszbg avatar Nov 01 '22 20:11 ivoszbg

@ivoszbg that should be:

./arm-softmmu/qemu-system-arm -M iPod-Touch -serial mon:stdio -cpu max -m 3G -d unimp -pflash <path to your nor.bin here>

Note that you'll probably have to change this line too to point to your nand directory.

devos50 avatar Nov 01 '22 20:11 devos50

Hmm, with the required change in the hardcoded dir and your command line it still doesn't work. I get no UART logs or anything on fb. I'll try to figure it out tomorrow, it's getting a bit late. Anyways, thanks for the help, I appreciate it. If I have any more questions in the future, I'll make another comment in this issue.

ivoszbg avatar Nov 01 '22 21:11 ivoszbg

@ivoszbg The emulator initially starts executing the iBoot binary. You're probably missing that binary, also see this line. You can download it from here.

devos50 avatar Nov 02 '22 08:11 devos50

Alright, now I got it running. Could you also send the file with the decryption logic? Here are my current logs incase you're curious https://pastebin.com/fWXEg1i3

ivoszbg avatar Nov 02 '22 14:11 ivoszbg

Very late post but I wrote some documentation on how to generate the NAND folder in a PR that got merged. I'm not sure if this issue needs to be closed since this is more documented. https://github.com/devos50/qemu-ios-generate-nand/pull/11

UrkiMimi avatar Jul 31 '24 22:07 UrkiMimi

Yes, this should have been addressed!

devos50 avatar Aug 01 '24 07:08 devos50