From 6a120799f1384e66bccb151a15b41c71fcca27da Mon Sep 17 00:00:00 2001 From: Patrik Jakobsson Date: Sun, 6 Dec 2015 15:20:42 +0100 Subject: [PATCH] facetimehd: Add new firmware extraction scripts And remove the broken ones. Signed-off-by: Patrik Jakobsson --- firmware/decompress.c | 102 ----------------------------------- firmware/extract.sh | 8 --- firmware/extract_from_osx.sh | 35 ++++++++++++ 3 files changed, 35 insertions(+), 110 deletions(-) delete mode 100644 firmware/decompress.c delete mode 100755 firmware/extract.sh create mode 100755 firmware/extract_from_osx.sh diff --git a/firmware/decompress.c b/firmware/decompress.c deleted file mode 100644 index 15d343c..0000000 --- a/firmware/decompress.c +++ /dev/null @@ -1,102 +0,0 @@ -#include -#include -#include - -#include "zlib.h" - -#define IN_BYTES 599113 -#define OUT_BYTES 1413124 - -/* - * Inflates firmware image extracted from S2ISPFIRMWARE segment of AppleCameraInterface - * Tested only with version 5.23.0 of com.apple.driver.AppleCameraInterface from OS X 10.10.1 - */ - -int main(int argc, char** argv) { - unsigned char *buf_in, *buf_out; - size_t buf_in_size; - FILE *ip, *op; - z_stream strm; - - int ret = 0; - - if (argc != 3) { - printf("Usage: decompress "); - ret = -1; - goto end; - } - - if (!(ip = fopen(argv[1], "rb"))) { - printf("Error: Cannot open %s!", argv[1]); - ret = -1; - goto end; - } - - fseek(ip, 0, SEEK_END); - buf_in_size = ftell(ip); - - if (!(buf_in = malloc(buf_in_size))) { - printf("Error: Cannot allocate input buffer of size %zu!", buf_in_size); - ret = -1; - goto end_in; - } - - rewind(ip); - if (fread(buf_in, sizeof(*buf_in), buf_in_size / sizeof(*buf_in), ip) != buf_in_size / sizeof(*buf_in)) { - perror(NULL); - printf("Error: Cannot read %zu bytes!", buf_in_size); - ret = -1; - goto end_in; - } - - memset(&strm, Z_NULL, sizeof(strm)); - strm.avail_in = IN_BYTES; - // zlib and gzip decoding with automatic header detection - if (inflateInit2_(&strm, 15 + 32, "1.2.3", 112) != Z_OK) { - printf("Error: Cannot initialize inflate!"); - ret = -1; - goto end_in; - } - - if (!(buf_out = malloc(OUT_BYTES))) { - printf("Error: Cannot allocate output buffer!"); - ret = -1; - goto end_out; - } - - strm.next_in = buf_in; - strm.avail_out = OUT_BYTES; - strm.next_out = buf_out; - - if (!strm.avail_in || inflate(&strm, Z_NO_FLUSH) != Z_STREAM_END || strm.avail_out) { - printf("Error: Deflate not successful!"); - ret = -1; - goto end_inflate; - } - - if (!(op = fopen(argv[2], "wb"))) { - printf("Error: Cannot open %s!", argv[2]); - ret = -1; - goto end_inflate; - } - - if (fwrite(buf_out, sizeof(*buf_out), OUT_BYTES / sizeof(*buf_out), op) != OUT_BYTES / sizeof(*buf_out)) { - printf("Error: Cannot write to output file!"); - ret = -1; - } - - fclose(op); - -end_inflate: - inflateEnd(&strm); - -end_out: - free(buf_out); - -end_in: - free(buf_in); - fclose(ip); - -end: - return ret; -} diff --git a/firmware/extract.sh b/firmware/extract.sh deleted file mode 100755 index cb66c6f..0000000 --- a/firmware/extract.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash -e - -IN=/System/Library/Extensions/AppleCameraInterface.kext/Contents/MacOS/AppleCameraInterface - -gcc decompress.c -o decompress -lz -Wall -segedit "$IN" -extract __DATA S2ISPFIRMWARE firmware.raw -#objcopy -O binary --only-section=__DATA.S2ISPFIRMWARE "$IN" firmware.raw -./decompress firmware.raw firmware.bin diff --git a/firmware/extract_from_osx.sh b/firmware/extract_from_osx.sh new file mode 100755 index 0000000..324e2a5 --- /dev/null +++ b/firmware/extract_from_osx.sh @@ -0,0 +1,35 @@ +#!/bin/bash +IN=AppleCameraInterface +OUT=firmware.bin + +OSX_HASH=d1db66d71475687a5873dab10a345e2d +FW_HASH=4e1d11e205e5c55d128efa0029b268fe +HASH=$(md5sum $IN | awk '{ print $1 }') + +OFFSET=81920 +SIZE=603715 + +if [ "$OSX_HASH" != "$HASH" ] +then + echo -e "Mismatching driver hash for $IN ($HASH)" + echo -e "No firmware extracted!" + exit 1 +fi + +echo -e "Found matching hash ($HASH)" + +dd bs=1 skip=$OFFSET count=$SIZE if=$IN of=$OUT.gz &> /dev/null +gunzip $OUT.gz + +RESULT=$(md5sum $OUT | awk '{ print $1 }') + +if [ "$RESULT" != "$FW_HASH" ] +then + echo -e "Firmware hash mismatch ($RESULT)" + echo -e "No firmware extracted!" + exit 1; +fi + +echo -e "Firmware successfully extracted ($RESULT)" + +exit 0