Where is the code to execute in user mode after boot? #36
Comments
|
The ramdisk and binpack aren't part of Pongo. The ramdisk is currently uploaded over LLB at the same time as Pongo, and KPF merely makes the kernel boot it. That takes care of all the early boot stuff, then waits for the binpack upload over USB. I don't understand your second question. Do you want to explicitly not launch dropbear? Because we currently launch it on port 44, regardless of whether you touch loader.app... |
|
Thanks! Sorry my bad questions, actually what I want to ask is that it can just use checkra1n-kpf-pongo to patch the kernel instead of automatically doing kind of thing like installing binpack after boot kernel. Or can I do it manually? That mean I can run my code like upload binpack and launch dropbear. btw, I build the project and I can load kext module, build/checkra1n-kpf-pongo, to patch kernel in pangos shell and send kpf and bootux commands to boot. But I don't know how to use build/Pongo(Mach-O 64-bit preload executable arm64) and build/Pongo.bin(maybe upload to device). Thanks again! |
|
We currently have no "nice" infrastructure in place for a custom ramdisk, but I guess you could set one with your own Pongo module... And the way you use Pongo.bin is by passing it to |
Here are two confused questions about post kernel patch.
1, I didn't found the code that setup binpack, dropbear , mount checkra1n.dmg and so on.
how launchd process run processes like dropbear? by inject dyld?
2, any boot option/gBootFlag can skip setup loader.app or launch dropbear process after boot patched kernel?
I think the two questions maybe the same problem. Thank you so much for your response!
The text was updated successfully, but these errors were encountered: