Skip to content

Commit bafb48b

Browse files
sickcodessickcodes
committed
base-devel and add Dockerfile.ios14 for easy future diffs
1 parent ddaf1c6 commit bafb48b

File tree

2 files changed

+323
-1
lines changed

2 files changed

+323
-1
lines changed

Dockerfile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -63,7 +63,7 @@
6363
#
6464

6565

66-
FROM archlinux:latest
66+
FROM archlinux:base-devel
6767
MAINTAINER '@sickcodes' <https://twitter.com/sickcodes>
6868
LABEL maintainer "https://github.com/sickcodes"
6969

Dockerfile.ios14

Lines changed: 322 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,322 @@
1+
#!/usr/bin/docker
2+
# ________ ______ ____________________
3+
# ___ __ \______________ /________________(eye)___ \_ ___/
4+
# __ / / / __ \ ___/_ //_/ _ \_ ___/_ /_ / / /____ \
5+
# _ /_/ // /_/ / /__ _ ,< / __/ / _ / / /_/ /____/ /
6+
# /_____/ \____/\___/ /_/|_| \___//_/ /_/ \____/ /____/ XNU-QEMU-ARM64-IOS14
7+
#
8+
# Repo: https://github.com/sickcodes/Docker-eyeOS/
9+
# Title: iOS on Docker (Docker-eyeOS)
10+
# Twitter: @sickcodes https://github.com/sickcodes
11+
# GitHub: @sickcodes https://twitter.com/sickcodes
12+
# Author: Sick.Codes
13+
# Version: v1.0.14.0
14+
# License: GPLv3+
15+
16+
# Docker interpretation by @sickcodes: https://twitter.com/sickcodes
17+
#
18+
# https://twitter.com/sickcodes @sickcodes
19+
#
20+
# All credits for iOS magic to:
21+
# https://twitter.com/jonathanafek @jonathanafek
22+
# https://twitter.com/levaronsky @levaronsky
23+
# https://twitter.com/V3rochka @V3rochka
24+
# https://alephsecurity.com @AlephSecurity
25+
# https://twitter.com/alephsecurity
26+
27+
# Extra special hat tip to @MCApollo + @levaronsky for fixing the TCP tunnel for GNU/Linux!
28+
# https://github.com/MCApollo @MCApollo
29+
30+
# Follow for updates!
31+
# @sickcodes https://twitter.com/sickcodes
32+
33+
# This Dockerfile hereby automates the installation of:
34+
# aarch64-qemu-system for booting xnu-qemu-arm64/iOS
35+
36+
# Bells & Whistle
37+
# - gdb debugging with gdb-multiarch
38+
39+
# Run:
40+
#
41+
# docker run -it --privileged \
42+
# --device /dev/kvm \
43+
# -e RAM=6 \
44+
# -e HFS_MAIN=./images/hfs.main \
45+
# -e HFS_SEC=./images/hfs.sec \
46+
# -p 2222:2222 \
47+
# -v "$PWD:/home/arch/docker-eyeos/images" \
48+
# -e "DISPLAY=${DISPLAY:-:0.0}" \
49+
# -v /tmp/.X11-unix:/tmp/.X11-unix \
50+
# -p 1233:1234 \
51+
# -e GDB_ARGS='-S -s' \
52+
# sickcodes/docker-eyeos:latest
53+
#
54+
#
55+
# Or build:
56+
#
57+
# docker build -t docker-eyeos .
58+
#
59+
# docker build --build-arg GDB_MULTIARCH=false -t docker-eyeos .
60+
#
61+
62+
63+
FROM archlinux:base-devel
64+
MAINTAINER '@sickcodes' <https://twitter.com/sickcodes>
65+
LABEL maintainer "https://github.com/sickcodes"
66+
67+
USER root
68+
69+
#### IPSW SPECIFICS
70+
# build args to become more generic platform for debugging any iOS version
71+
72+
# IPSW url
73+
ARG IPSW=http://updates-http.cdn-apple.com/2018FallFCS/fullrestores/091-91479/964118EC-D4BE-11E8-BC75-A45C715A3354/iPhone_5.5_12.1_16B92_Restore.ipsw
74+
# find name after unzipping the IPSW above
75+
ARG KERNEL_CACHE_RAW=kernelcache.release.n66
76+
# located at "./Firmware/all_flash/" after unzipping the IPSW
77+
ARG DEVICE_TREE_IM4P=DeviceTree.n66ap.im4p
78+
# DEVICE MODEL
79+
ENV PHONE_MODEL=iPhone6splus-n66-s8000
80+
81+
82+
#### IOS_SDK FOR BUILDING TCP-TUNNEL (FUTURE)
83+
# choose SDK version from
84+
# https://github.com/theos/sdks
85+
ARG IOS_SDK=./sdks/iPhoneOS11.2.sdk
86+
# Or from
87+
# https://github.com/xybp888/iOS-SDKs.git
88+
# ARG IOS_SDK=./iOS-SDKs/iPhoneOS13.7.sdk
89+
90+
#### GDB INSTALLATION ON OR OFF
91+
# speed up build without gdb
92+
# docker build --build-arg GDB_MULTIARCH=false -t docker-eyeos .
93+
ARG GDB_MULTIARCH=true
94+
95+
96+
97+
# WORKING DIRECTORY INSIDE THE CONTAINER
98+
ENV WD=/home/arch/docker-eyeos
99+
100+
ENV XNU_SOURCES="${WD}/darwin-xnu"
101+
ENV KERNEL_SYMBOLS_FILE="${WD}/symbols.nm"
102+
ENV QEMU_DIR="${WD}/xnu-qemu-arm64"
103+
ENV IOS_DIR="${WD}"
104+
ENV NUM_BLOCK_DEVS=2
105+
ENV KERNEL_CACHE="${WD}/${KERNEL_CACHE_RAW}.out"
106+
ENV DTB_FIRMWARE="${WD}/Firmware/all_flash/${DEVICE_TREE_IM4P}.out"
107+
ENV DRIVER_FILENAME="${WD}/aleph_bdev_drv.bin"
108+
ENV HFS_MAIN="${WD}/hfs.main"
109+
ENV HFS_SEC="${WD}/hfs.sec"
110+
ENV SDK_DIR="${WD}/${IOS_SDK}"
111+
112+
ENV DISPLAY=:0.0
113+
ENV GDB_PORT=1234
114+
ENV GDB=false
115+
116+
WORKDIR /root
117+
118+
ARG RANKMIRRORS=no
119+
ARG MIRROR_COUNTRY=US
120+
ARG MIRROR_COUNT=10
121+
122+
# Arch Linux server mirrors for faster builds
123+
RUN if [[ "${RANKMIRRORS}" = yes ]]; then { pacman -Sy wget --noconfirm || pacman -Syu wget --noconfirm ; } \
124+
; wget -O ./rankmirrors "https://raw.githubusercontent.com/sickcodes/Docker-OSX/master/rankmirrors" \
125+
; wget -O- "https://www.archlinux.org/mirrorlist/?country=${MIRROR_COUNTRY:-US}&protocol=https&use_mirror_status=on" \
126+
| sed -e 's/^#Server/Server/' -e '/^#/d' \
127+
| head -n "$((${MIRROR_COUNT:-10}+1))" \
128+
| bash ./rankmirrors --verbose --max-time 5 - > /etc/pacman.d/mirrorlist \
129+
&& tee -a /etc/pacman.d/mirrorlist <<< 'Server = http://mirrors.evowise.com/archlinux/$repo/os/$arch' \
130+
&& tee -a /etc/pacman.d/mirrorlist <<< 'Server = http://mirror.rackspace.com/archlinux/$repo/os/$arch' \
131+
&& tee -a /etc/pacman.d/mirrorlist <<< 'Server = https://mirror.rackspace.com/archlinux/$repo/os/$arch' \
132+
&& cat /etc/pacman.d/mirrorlist; fi
133+
134+
RUN tee -a /etc/pacman.conf <<< '[community-testing]' \
135+
&& tee -a /etc/pacman.conf <<< 'Include = /etc/pacman.d/mirrorlist'
136+
# RUN tee -a /etc/pacman.conf <<< '[blackarch]' \
137+
# && tee -a /etc/pacman.conf <<< 'Include = /etc/pacman.d/mirrorlist'
138+
139+
RUN pacman -Syyuu --needed --noconfirm sudo git python3 llvm aarch64-linux-gnu-gcc python-pyasn1 unzip fakeroot \
140+
base-devel go wget make cmake clang flex bison icu fuse linux-headers gcc-multilib lib32-gcc-libs \
141+
pkg-config fontconfig cairo libtiff python2 mesa llvm lld libbsd libxkbfile libxcursor libxext \
142+
libxkbcommon libxrandr leatherman gcc fuse-overlayfs qemu qemu-arch-extra qemu-guest-agent libvirt \
143+
bsdiff openssh \
144+
&& useradd arch \
145+
&& echo 'arch ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers \
146+
&& mkdir -p /home/arch \
147+
chown arch:arch /home/arch
148+
149+
USER arch
150+
WORKDIR /home/arch
151+
RUN sudo chown -R arch:arch /home/arch
152+
RUN git clone https://aur.archlinux.org/yay.git
153+
WORKDIR /home/arch/yay
154+
RUN makepkg -si --noconfirm
155+
156+
WORKDIR /home/arch
157+
RUN yay --getpkgbuild hfsprogs
158+
WORKDIR /home/arch/hfsprogs
159+
RUN makepkg -si --noconfirm
160+
# RUN wget "https://src.fedoraproject.org/rpms/hfsplus-tools/raw/master/f/hfsplus-tools-sysctl.patch"
161+
# RUN sed -i -e 's/\ \ patch\ \-p0\ \-i\ /patch\ \-p1\ \-i\ \"\${srcdir}\/\.\.\/hfsplus\-tools\-sysctl\.patch\"\npatch\ \-p0\ \-i\ /' PKGBUILD \
162+
# ; makepkg -si --noconfirm \
163+
# && echo 'hfsprogs patch thanks @keithspg https://aur.archlinux.org/packages/hfsprogs/#comment-765637'
164+
165+
WORKDIR /home/arch
166+
RUN yay --getpkgbuild gdb-multiarch
167+
WORKDIR /home/arch/gdb-multiarch
168+
RUN if [[ "${GDB_MULTIARCH}" = true ]]; then makepkg --skipinteg --skippgpcheck --skipchecksums -si --noconfirm; else echo "Skipping GDB"; fi
169+
170+
# allow ssh to container
171+
USER root
172+
WORKDIR /root
173+
RUN mkdir .ssh \
174+
&& chmod 700 .ssh
175+
176+
WORKDIR /root/.ssh
177+
RUN touch authorized_keys \
178+
&& chmod 644 authorized_keys
179+
180+
RUN mkdir -p /etc/ssh
181+
WORKDIR /etc/ssh
182+
RUN tee -a sshd_config <<< 'AllowTcpForwarding yes' \
183+
&& tee -a sshd_config <<< 'PermitTunnel yes' \
184+
&& tee -a sshd_config <<< 'X11Forwarding yes' \
185+
&& tee -a sshd_config <<< 'PasswordAuthentication yes' \
186+
&& tee -a sshd_config <<< 'PermitRootLogin yes' \
187+
&& tee -a sshd_config <<< 'PubkeyAuthentication yes' \
188+
&& tee -a sshd_config <<< 'HostKey /etc/ssh/ssh_host_rsa_key' \
189+
&& tee -a sshd_config <<< 'HostKey /etc/ssh/ssh_host_ecdsa_key' \
190+
&& tee -a sshd_config <<< 'HostKey /etc/ssh/ssh_host_ed25519_key'
191+
192+
USER arch
193+
194+
RUN mkdir -p /home/arch/docker-eyeos \
195+
&& mkdir -p /home/arch/docker-eyeos/images
196+
197+
# start workin
198+
WORKDIR /home/arch/docker-eyeos
199+
RUN wget "${IPSW}"
200+
201+
RUN unzip "$(basename "${IPSW}")" \
202+
&& rm -f "${IPSW}"
203+
204+
WORKDIR /home/arch/docker-eyeos
205+
RUN git clone https://github.com/apple/darwin-xnu.git
206+
RUN git clone https://github.com/theos/sdks.git
207+
208+
# temporarily removed to reduce image size until full build on Linux is complete
209+
# RUN git clone https://github.com/xybp888/iOS-SDKs.git
210+
211+
WORKDIR /home/arch/docker-eyeos
212+
RUN git clone --recursive https://github.com/alephsecurity/xnu-qemu-arm64.git
213+
WORKDIR /home/arch/docker-eyeos/xnu-qemu-arm64
214+
RUN git reset --hard HEAD^1 \
215+
&& git checkout master \
216+
&& git remote add sickcodes https://github.com/sickcodes/xnu-qemu-arm64.git \
217+
&& git remote add mcapollo https://github.com/MCApollo/xnu-qemu-arm64.git \
218+
&& git fetch --all \
219+
&& git reset --hard HEAD^1 \
220+
&& git pull --all \
221+
&& git checkout bbd2d9955021d72d5dbfccc94a034cc671c41181 \
222+
&& echo 'Thank you MCApollo && Aleph Security (Lev Aronsky, Jonathan Afek, Vera Mens!)'
223+
224+
WORKDIR /home/arch/docker-eyeos
225+
RUN git clone https://github.com/alephsecurity/xnu-qemu-arm64-tools.git
226+
WORKDIR /home/arch/docker-eyeos/xnu-qemu-arm64-tools
227+
RUN git reset --hard HEAD^1 \
228+
&& git checkout master \
229+
&& git remote add sickcodes https://github.com/sickcodes/xnu-qemu-arm64-tools.git \
230+
&& git remote add mcapollo https://github.com/MCApollo/xnu-qemu-arm64-tools.git \
231+
&& git fetch --all \
232+
&& git reset --hard HEAD^1 \
233+
&& git pull --all \
234+
&& git checkout 10ce50869ce573725774cd0e9a2a431ff3beec5c \
235+
&& echo 'Thank you MCApollo && Aleph Security (Lev Aronsky, Jonathan Afek, Vera Mens!)'
236+
237+
WORKDIR /home/arch/docker-eyeos
238+
RUN python xnu-qemu-arm64-tools/bootstrap_scripts/asn1kerneldecode.py "${KERNEL_CACHE_RAW}" "${KERNEL_CACHE_RAW}.asn1decoded"
239+
RUN python xnu-qemu-arm64-tools/bootstrap_scripts/decompress_lzss.py "${KERNEL_CACHE_RAW}.asn1decoded" "${KERNEL_CACHE_RAW}.out"
240+
RUN python xnu-qemu-arm64-tools/bootstrap_scripts/asn1dtredecode.py "Firmware/all_flash/${DEVICE_TREE_IM4P}" "Firmware/all_flash/${DEVICE_TREE_IM4P}.out"
241+
242+
# extract symbols
243+
RUN llvm-nm "${KERNEL_CACHE_RAW}.out" > symbols.nm
244+
RUN cp symbols.nm ./xnu-qemu-arm64
245+
RUN cp symbols.nm ./images
246+
247+
WORKDIR /home/arch
248+
RUN yay --getpkgbuild aarch64-none-elf-gcc-bin
249+
WORKDIR /home/arch/aarch64-none-elf-gcc-bin
250+
RUN makepkg -si --noconfirm
251+
252+
WORKDIR /home/arch/docker-eyeos/
253+
RUN make -C xnu-qemu-arm64-tools/aleph_bdev_drv
254+
RUN cp ./xnu-qemu-arm64-tools/aleph_bdev_drv/bin/aleph_bdev_drv.bin .
255+
256+
USER arch
257+
258+
WORKDIR /home/arch/docker-eyeos
259+
260+
# redefine env for arch user
261+
ENV WD="/home/arch/docker-eyeos"
262+
263+
ENV XNU_SOURCES="${WD}/darwin-xnu"
264+
ENV KERNEL_SYMBOLS_FILE="${WD}/symbols.nm"
265+
ENV QEMU_DIR="${WD}/xnu-qemu-arm64"
266+
ENV IOS_DIR="${WD}"
267+
ENV NUM_BLOCK_DEVS=2
268+
ENV KERNEL_CACHE="${WD}/${KERNEL_CACHE_RAW}.out"
269+
ENV DTB_FIRMWARE="${WD}/Firmware/all_flash/${DEVICE_TREE_IM4P}.out"
270+
ENV DRIVER_FILENAME="${WD}/aleph_bdev_drv.bin"
271+
ENV HFS_MAIN="${WD}/hfs.main"
272+
ENV HFS_SEC="${WD}/hfs.sec"
273+
ENV SDK_DIR="${WD}/${IOS_SDK}"
274+
ENV PHONE_MODEL="${PHONE_MODEL}"
275+
276+
ENV DISPLAY=:0.0
277+
ENV GDB_PORT=1234
278+
ENV GDB=true
279+
280+
WORKDIR /home/arch/docker-eyeos/xnu-qemu-arm64
281+
282+
RUN echo "Switching to The Lost Commit by @MCApollo" \
283+
&& git checkout -f c84d3e3a71a9454a6222418fe726729ff2d0eae3
284+
285+
RUN sudo make distclean \
286+
&& sudo make clean \
287+
&& sudo ./configure --target-list=aarch64-softmmu \
288+
--disable-capstone \
289+
--disable-pie \
290+
--disable-slirp \
291+
--disable-werror
292+
293+
RUN sudo make --ignore-errors -j8
294+
295+
WORKDIR /home/arch/docker-eyeos
296+
297+
RUN touch enable-ssh.sh \
298+
&& chmod +x ./enable-ssh.sh \
299+
&& tee -a enable-ssh.sh <<< 'sudo /usr/bin/ssh-keygen -A' \
300+
&& tee -a enable-ssh.sh <<< 'nohup sudo /usr/bin/sshd -D &'
301+
302+
RUN touch ./Launch.sh \
303+
&& chmod +x Launch.sh \
304+
&& tee -a Launch.sh <<< 'until [[ $(sudo fsck.hfsplus -fp ${HFS_MAIN}) ]]; do' \
305+
&& tee -a Launch.sh <<< ' echo "Repairing hfs.sec..."' \
306+
&& tee -a Launch.sh <<< 'done' \
307+
&& tee -a Launch.sh <<< 'until [[ $(sudo fsck.hfsplus -fp ${HFS_SEC}) ]]; do' \
308+
&& tee -a Launch.sh <<< ' echo "Repairing hfs.main..."' \
309+
&& tee -a Launch.sh <<< 'done' \
310+
&& tee -a Launch.sh <<< 'sudo xnu-qemu-arm64/aarch64-softmmu/qemu-system-aarch64 ${GDB_ARGS} \' \
311+
&& tee -a Launch.sh <<< '-M ${PHONE_MODEL},kernel-filename=${KERNEL_CACHE},dtb-filename=${DTB_FIRMWARE},driver-filename=${DRIVER_FILENAME},qc-file-0-filename=${HFS_MAIN},qc-file-1-filename=${HFS_SEC},kern-cmd-args="debug=0x8 kextlog=0xfff cpus=1 rd=disk0 serial=2",xnu-ramfb=off \' \
312+
&& tee -a Launch.sh <<< ' -cpu max \' \
313+
&& tee -a Launch.sh <<< ' -m ${RAM:-6}G \' \
314+
&& tee -a Launch.sh <<< ' -serial mon:stdio \' \
315+
&& tee -a Launch.sh <<< ' -vga std \' \
316+
&& tee -a Launch.sh <<< ' ${EXTRA:-}'
317+
318+
VOLUME ["/tmp/.X11-unix"]
319+
320+
CMD ./enable-ssh.sh \
321+
&& envsubst < ./Launch.sh | sudo bash
322+

0 commit comments

Comments
 (0)