Hi
[Apologies if this is a little off topic, there’s no
other appropriate mailing list that I can see (an iPhone mailing list would be
about application matters not kernel matters). ]
I’m trying to find out if it’s at all possible
to run a .kext (specifically an NKE) on an iPhone/iPad - yes I know even
if it is then it’s not going to be possible to distribute it without some
sort of apple endorsement or involvement.
That’s not important, what I was hoping is if its
possible to run a .kext one just one specific identified device.
From googling around, it seems that .kexts are
architecturally possible on iPhone OS, which makes sense if its core
functionality is Darwin/OS X. And that indeed there are a couple of Apple .kexts
in the iPhone, though the number is greatly reduced from in OS X.
Also it seems some people may have managed to succeed in installing
and running a .kext on a jailbroken phone, however I want to run one on an
unjailbroken phone.
So architecturally running a .kext on iPhone OS is possible,
where the problems come in is with it being a closed secure system.
From what I can gather, when the device boots, the Low Level
Bootloader loads the main bootloader, iBoot, which starts the kernel. Before
starting it signature checks are performed.
I was wondering if it is
a)
the entire kernel image that is signed and checked as a
whole upon boot up time, and that any extensions must be within that image –
thus meaning there is no concept of dynamic “extensions” to the
kernel whatsoever.
b)
or if extensions are still possible, and when they are
loaded, their individual signatures is checked.
c)
something else
If the situation is a) then in order to run a .kext on
iPhone OS it would be necessary to x) build a new kernel image containing my
.kext and then y) sign it with a valid certificate
If the situation is b) then it would be necessary to be able
to z) install it, and and y) sign it with a valid certificate
For y) it would not be possible for me to obtain a valid
certificate that would enable my image/kext to be distributed and installed on
any device. However I was wondering if there is a small chance it is possible
to sign it with a certificate which is valid for one specific device (i.e. the
certificate includes a unique device identifier. If I could run the .kext on
just one designated phone it would meet my needs (Symbian/Nokia have such a
scheme, where you can sign you can apply for a certificate based on IMEI or
similar, which allows you to test your application on designated hardware).
Does anybody know the actual situation and if a, b, x, y, z
are or might be possible?
If none of the above is possible, can anything be done with
the iphone emulator?
Thanks if anybody knows or has any educated speculation or
can recommend a forum/mailing list where I can try to find out (been googling
for weeks and have not found any sources of information or forums regarding the
relevant kernel aspects of iPhone OS).