The word "patched" gets thrown around a lot.
My understanding is that the "patched" loaders were not actually patched but simply that they were built that way with more features enabled.
So the levels of security go like this:
- All modules loaded by the ROM bootloader must have valid hashes on all program segments (even if SecureBoot is off)
- If SecureBoot is on, the hashes above must be signed by the certificate chain which must be verified with the hash burned into the processor.
- The OEM can add additional security to the Firehose loader like "VIP" or "getsigndata" requiring remote authorization.
The word "secure" gets thrown around a lot.
There are many contexts for "secure" (ro.secure, ro.adb.secure, fastboot secure) but only one SecureBoot.
If you have a hardware root console connected (UART) it may type out the status of SecureBoot when booting.
Format: Log Type - Time(microsec) - Message - Optional Info
Log Type: B - Since Boot(Power On Reset), D - Delta, S - Statistic
S - QC_IMAGE_VERSION_STRING=BOOT.XF.1.4-00246-S660LZB-1
S - IMAGE_VARIANT_STRING=Sdm660LA
S - OEM_IMAGE_VERSION_STRING=cibuild
S - Boot Interface: Unknown
S - Secure Boot: Off
S - Boot Config @ 0x00786070 = 0x000001c1
S - JTAG ID @ 0x00786130 = 0x000cc0e1
S - OEM ID @ 0x00786138 = 0x00000000
S - Serial Number @ 0x00784138 = 0x12345678
S - OEM Config Row 0 @ 0x00784188 = 0x0000000000000000
S - OEM Config Row 1 @ 0x00784190 = 0x0000000000000000
S - Feature Config Row 0 @ 0x007841a0 = 0x007030000b580100
S - Feature Config Row 1 @ 0x007841a8 = 0x00000000000000c0
S - Core 0 Frequency, 3715 MHz
S - PBL Patch Ver: 5
S - I-cache: On
S - D-cache: On
Another way to find out if SecureBoot is actually on your device is to take a Firehose loader that works.
Find some innocuous thing to modify (better if it's something that you will later notice).
I change the spelling of some message that the loader will print out.
This will break the hashing, so you check it with QcomView
and hex edit the hashes until they are correct.
C:\>qcomview /h loader.bin
64 bit ELF, SHA256
0 00000000 00000318 a117dbc5 e643e404 361bfe30 45fbda01 4c153842 59a4cbe8 09b7da55 a2dd413e OK
1 00001000 00001ac8
2 00003000 0005709c 7b833734 f2763b9e 35f3310c f6fb22a9 a514eac0 3eddbe46 b5ff339b 3c7b045c OK
3 0005a0a0 00000000
4 0005a0a0 00009f00 6296c006 31852f79 b99691c3 e8d598f2 9d323e9a ba0358aa b742901f 506709d5 OK
5 00063fa0 00009908 41176495 3e07ad84 8923398e ce854131 91066dca 43f253fa c027c4f4 a3c21483 OK
6 0006d8b0 00000000
7 0006d8b0 00001e7c fe77c473 b02e4a71 d3f287e4 cf85ccbe b5a43326 53930bd8 d68e4e40 6e71a0b8 OK
8 0006f730 00000000
9 0006f730 000188d8 1bfef74c ed467a22 8616419d e71ab1ea 22a717e5 4874c704 541793ed f5d5c5e5 OK
10 00088010 00000000
11 00088010 00000000
12 00088010 00012dc0 b72cb77e 81026632 446c3462 cc6c83fc d7904333 cb8807cc 27d6e4c9 189c7ca4 OK
This will still leave the signing of the hashes all broken and you can't sign it because you don't have the private key.
If your modded Firehose loader loads and works, congratulations, your device has SecureBoot off.
This is probably not true of any mainstream device.