IOS Emulation: Difference between revisions

Line 36:

==== Starting restore ====

~~Before iOS can be used~~, ~~it has to be~~ "~~installed~~" ~~via restore process~~. ~~First~~, run the iOS emulator on your host.<syntaxhighlight lang="bash">

Prepare and run the companion VM, required for the restore process<syntaxhighlight lang="bash">

qemu-system-x86_64 -m 2024 -nic user -hda alpine.qcow2 -nographic -usb -device usb-ehci,id=ehci -device usb-tcp-remote,conn-type=ipv4,conn-addr=127.0.0.1,conn-port=8030,bus=ehci.0 -nic user,model=virtio-net-pci,hostfwd=tcp::32222-:22

</syntaxhighlight>

The companion VM must always be started before the emulated iPhone otherwise no USB connection is established.

Now run the iOS emulator on your host<syntaxhighlight lang="bash">

qemu-system-aarch64 -M t8030,trustcache=iPhone11_8_iPhone12_1_14.0_18A5351d_Restore/Firmware/038-44135-124.dmg.trustcache,ticket=root_ticket.der,sep-fw=sep-firmware.n104.RELEASE.new.img4,sep-rom=AppleSEPROM-Cebu-B1,kaslr-off=true \

-kernel iPhone11_8_iPhone12_1_14.0_18A5351d_Restore/kernelcache.research.iphone12b -dtb iPhone11_8_iPhone12_1_14.0_18A5351d_Restore/Firmware/all_flash/DeviceTree.n104ap.im4p \

Line 51:

Line 56:

-drive file=panic_log,format=raw,if=none,id=panic_log -device nvme-ns,drive=panic_log,bus=nvme-bus.0,nsid=7,nstype=8,logical_block_size=4096,physical_block_size=4096 \

-initrd iPhone11_8_iPhone12_1_14.0_18A5351d_Restore/038-44135-124.dmg \

-M t8030,usb-conn-type=ipv4,usb-conn-addr=127.0.0.1,usb-conn-port=8030 \

-display gtk,zoom-to-fit=on,show-cursor=on

</syntaxhighlight>On the companion VM, start recovery with following command as soon the iOS device is ready to receive images<syntaxhighlight lang="bash">

@@ Line 36: / Line 36: @@
 ==== Starting restore ====
-Before iOS can be used, it has to be "installed" via restore process. First, run the iOS emulator on your host.<syntaxhighlight lang="bash">
+Prepare and run the companion VM, required for the restore process<syntaxhighlight lang="bash">
+qemu-system-x86_64 -m 2024 -nic user -hda alpine.qcow2 -nographic -usb -device usb-ehci,id=ehci -device usb-tcp-remote,conn-type=ipv4,conn-addr=127.0.0.1,conn-port=8030,bus=ehci.0 -nic user,model=virtio-net-pci,hostfwd=tcp::32222-:22
+</syntaxhighlight>
+The companion VM must always be started before the emulated iPhone otherwise no USB connection is established.
+Now run the iOS emulator on your host<syntaxhighlight lang="bash">
 qemu-system-aarch64 -M t8030,trustcache=iPhone11_8_iPhone12_1_14.0_18A5351d_Restore/Firmware/038-44135-124.dmg.trustcache,ticket=root_ticket.der,sep-fw=sep-firmware.n104.RELEASE.new.img4,sep-rom=AppleSEPROM-Cebu-B1,kaslr-off=true \
 -kernel iPhone11_8_iPhone12_1_14.0_18A5351d_Restore/kernelcache.research.iphone12b -dtb iPhone11_8_iPhone12_1_14.0_18A5351d_Restore/Firmware/all_flash/DeviceTree.n104ap.im4p \
@@ Line 51: / Line 56: @@
 -drive file=panic_log,format=raw,if=none,id=panic_log -device nvme-ns,drive=panic_log,bus=nvme-bus.0,nsid=7,nstype=8,logical_block_size=4096,physical_block_size=4096 \
 -initrd iPhone11_8_iPhone12_1_14.0_18A5351d_Restore/038-44135-124.dmg \
+-M t8030,usb-conn-type=ipv4,usb-conn-addr=127.0.0.1,usb-conn-port=8030 \
 -display gtk,zoom-to-fit=on,show-cursor=on
 </syntaxhighlight>On the companion VM, start recovery with following command as soon the iOS device is ready to receive images<syntaxhighlight lang="bash">