-
Notifications
You must be signed in to change notification settings - Fork 77
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
MTK: CCCI FS NVD_IMEI read fails, causing restore, leading to NVRAM_LOC_BIN_REGION_RESTORE_FAIL assert #12
Comments
Thanks for opening this issue. It looks like in your NV data the IMEI file may be missing or corrupt!
As a result the modem tried to restore it from backup, but the restore command for the CCCI FS interface is not currently implemented:
Finally it throws a fatal assert for What I think might be happening is that the IMEI may be encrypted or authenticated against the chip-unique key (to protect it against tampering). This could be causing the IMEI read to fail security checks, leading to the restoration. FirmWire does not currently emulate the chip-unique key. This makes me wonder why previous NV data we used did not experience this problem. Maybe the IMEI was not protected? |
Otherwise some firmware will loop forever trying to restore /mnt/vendor/nvdata/md/NVRAM/NVD_IMEI data. In lieu of a proper restore handler, return error. For some basebands, they will happily continue. Others will assert. Related to issue #12
@grant-h can you provide some nv data for any mediatek phone? We would like to try a few samples, but it's difficult to find an image online which has nvdata partition included. |
Unfortunately any NV data I provide would have personal information since it's unique per device. My best recommendation is to purchase a mediatek device, root it (or use MTKClient), and extract the NV partition |
I have been experimenting with a known good Mediatek firmware image and nvdata pulled from the compatible phone. At a certain stage in the execution there are a number of
NVRAM ASSERT ERROR NVRAM_LOC_BIN_REGION_RESTORE_FAIL
warnings, followed by Panda being called to dump the CPU state to screen.hw_write()
is then called which asserts false as the value passed to it is equal to the number of offsets in the ring buffer.Example log lines for NVRAM ASSERT ERROR:
After the CPU state dump, the following log lines are printed before the exception in hw_write() is thrown:
I am testing this with the Samsung A41, and I have tested it with a number of the example firmware images you have provided.
I have attached the output log with debug information for PCCIF0_MD. Any hints at what is causing this exception to be thrown?
Crash_Log_FirmWire_PCCIF0_MD.txt.txt
The text was updated successfully, but these errors were encountered: