UPDATE:
Now time to play with bootloaders and try to get this to work for everyone!
Hi,
Ok, after talking about the weater and my underwear, i can post here.
First, great work and great find !
I read the whole thread and it seems the first loader at 0x04500000 is not
checked runtime for a correct signature. This can only explain being stored in
the second partition without matching certificate.
I know it is risky, but can you maybe modify a string inside, to see if the phone
will boot ? There is a recovery procedure in the Nokia bootloader, to restore
via command from some backup location if there is a problem, not sure if the
Qcom loader has this.
Also can you dump the actual bootrom of the chip (the one that calls the osbl
loader) ? Via custom app, or modding a dll, etc ?
BR