S-boot exploitation

Added by Jack K 11 months ago

Hi all,

I read an interesting blog post about an approach that could be useful for booting Samsung devices without the TrustZone bits. I was wondering if anyone else might enjoy reading it, and might consider taking their approach to attempt liberating the bootloaders in the Samsung devices supported in Replicant? Just a thought. Anyway, link below. Do share your thoughts, people.

All the best,


Replies (7)

RE: S-boot exploitation - Added by Kurtis Hanna 6 months ago

Thanks for the post!

I should mention that has replaced all or some of s-boot with u-boot mainline on the i9300.

He posted 'U-Boot 2018.03-i9300-00017-gae73efb436-dirty (Apr 27 2018 - 16:12:54 +1000)' in the Replicant IRC and said he likely will do a blog post about this once he gets it fully working.

RE: S-boot exploitation - Added by Jack K 5 months ago

Exciting stuff! Can't wait for the blog post.


RE: S-boot exploitation - Added by Daniel Kulesz about 1 month ago

Simon recently posted an update, sounds really promising:

RE: S-boot exploitation - Added by Kurtis Hanna about 1 month ago

Thanks for posting that Daniel! Super exciting! I wonder what this means, "It's also worth mentioning that LineageOS/Replicant will boot under u-boot with a kernel compiled without CONFIG_ARM_TRUSTZONE set, but the display will not work (probably because u-boot does not initialise the display)."

I asked Simon on IRC, "Do you think that u-boot can initialize the display if someone works on it, or do you think it is more likely that we won't be able to get LineageOS/Replicant to work with u-boot on the i9300?". I'll post his response here.

RE: S-boot exploitation - Added by shuckle fisher about 1 month ago

This is great stuff!

RE: S-boot exploitation - Added by Daniel Kulesz 10 days ago

@Kurtis Hanna: Any news regarding the display issue?

And if I understand this correctly - if we were able to boot using u-boot, we could finally disable the Heimdall security hole? Or is heimdall mode independent from the boot loader?