if you have more and better info please post it here.
and NO offtopic posts please.
WP8* phones MUST be Q-fuse protected by MS (retail), this means that potential holes must go through a road that isn't there anymore.
then IF you found a way to get in the phone the chain of trust starts.
PBL • RPM processor starts executing PBL in boot ROM • PBL determines cold boot or warm boot • PBL increases RPM clock speed from XO to 60 MHz • RPM processor start address is 0x0 • For cold boot, next step is to detect Flash device that chip will boot from, based on the boot options • When detected, PBL downloads SBL1 (RPMSBL) from Flash to System IMEM • SBL1 authenticates SBL2 (Krait PBL) • RPM uses Crypto Engine 4.0 to authenticate images • SBL1 jumps to start of SBL2 (Krait PBL) SBL1 • SBL1 configures MIMEM and GMEM, then loads and authenticates the SBL2 there; MIMEM is 192 KB, so when SBL2 grows, it will spill to GMEM • SBL1 takes Krait out of reset • SBL1 waits for signal from Krait SBL • When desired signal is received, SBL1 executes RPM firmware, which is downloaded by SBL2 • If RPM firmware image authentication/download fails, Krait SBL2 resets MSM and enters into Boot ROM Emergency Download mode SBL2 • After being taken out of reset, Krait jumps to start of SBL2 - Krait boot address is software-configurable via register APCS_START_ADDR • SBL2 increases Krait clock speed • SBL2 downloads TZ image to TZ-dedicated system IMEM - TZ image occupies at least 188 KB in system IMEM - TZ image sets up security environment (configures xPU, etc.) • SBL2 authenticates TZ image - SBL2 uses CE-4.0 to perform authentication • SBL2 downloads RPM firmware to Code RAM and authenticates it • SBL2 configures DDR • SBL2 sends RPM firmware-ready signal to RPM and lets RPM continue to execute RPM firmware • SBL2 jumps to SBL3 SBL3 • SBL3 bumps the system clock • SBL3 loads and authenticates APPSBL • SBL3 waits for the RPM process ready interrupt • Once the interrupt is coming, SBL3 jumps to APPSBL
the primary processor boots first, executing the Primary Boot Loader (PBL) from on-board ROM.
The MSM platform has the facility to force Secure Boot using the status of the FORCE_TRUSTED_BOOT Qfuse on-chip or a high-state BOOT_SCUR pin connected to GPIO95. In this mode the PBL verifies the signature of the SBL/OSBL before executing it,which verifies the REX/AMMS signature in the same way.
(AMSS is the Qualcomm radio software (radio/baseband).
(AMSS is the Advanced Mobile Subscriber Software that runs on the ARM9 CPU in our phones, it is a complete embedded OS using the L4 microkernel and controls the RF interface, power management and some other things)
PBL reads the Device Boot Loader (DBL) from the first partition of the flash memory device.
DBL is part of Qualcomm's SecureBoot, which uses cryptography to guarantee that the boot-loader images haven't been tampered with. DBL configures the Cryptographic Look-aside Processor (CLP), a dedicated cryptographic co-processor, and other hardware sufficient to load and execute the Secondary Boot Loader (SBL)
The SBL, also known as the Operating System Boot Loader (OSBL), is loaded.
It provides an Extensible Firmware Interface (EFI) -like environment for controlling the boot process.
After doing more hardware configuration including UARTs and USB (for potential remote console connections to the monitor) it loads the Applications processor Secondary Boot Loader (APPSBL) on the ARM11 applications processor
It then loads and executes the combined REX/AMSS
Finally on the ARM9 REX executes the Advanced Mobile Subscriber Software (AMSS).
After the SoC Vendor part is done the second part starts:
Now the OS gets loaded, and the real fun starts
Nothing is unbreakable, but MS has 20 years NT kernel dev time in it (wp8* uses the same kernel as win) and made it damn bulletproof.
the thing is that we are not even in the phone jet , No bootloader hack.
JTAG is nice but only a few will ever do that , and nobody will hack the whole OS just for JTAG that actually no one will use.
Some background information and data sheets:
Lots of useful documents and manuals
MSM8960 Info, Architecture and Bootloader(s)
The Secure Boot Loaders
How to temporarily turn on/off Secure Boot Authentication using JTAG
On the HTC 8x xboxmod found a hole, by flashing a "bad" uefi.
the phone boots into Emergency Download mode ( because its a soft brick)
This (only found on htc because it lets you flash unsigned files) "COULD" be a potential thing to explore !!!
But as you can see this is pretty dangerous to do because you actually NEED to brick your phone to get there.
next to know is that xboxmod needed to sent his phone to the repair center to repair it again !!!
• If RPM firmware image authentication/download fails, Krait SBL2 resets MSM and enters into Boot ROM Emergency Download mode
WE HAVE A LONG LONG WAY TO GO