Difference between revisions of "Baseband Device"

From The iPhone Wiki
Jump to: navigation, search
m (copy/pasta bug (preview was ok))
m (added ipad2)
Line 1: Line 1:
 
This is the device in the iPhone that manages all the functions which require an antenna. The baseband processor has its own RAM and firmware in NOR flash, separate from the [[ARM]] core resources. The baseband is a resource to the OS. The Wi-Fi and Bluetooth are managed by the main CPU, although the baseband stores their MAC addresses in its NVRAM.
 
This is the device in the iPhone that manages all the functions which require an antenna. The baseband processor has its own RAM and firmware in NOR flash, separate from the [[ARM]] core resources. The baseband is a resource to the OS. The Wi-Fi and Bluetooth are managed by the main CPU, although the baseband stores their MAC addresses in its NVRAM.
   
The [[M68ap|iPhone]]'s baseband processor is the [[S-Gold 2]]. The [[N82ap|iPhone 3G]], the [[N88ap|iPhone 3GS]] and the [[K48ap|iPad]] make use of the [[X-Gold 608]] chip for this purpose. The [[N90ap|iPhone 4 (GSM)]] uses the [[XMM 6180]], the [[N92ap|iPhone 4 (CDMA)]] uses the [[MDM6600]].
+
The [[M68ap|iPhone]]'s baseband processor is the [[S-Gold 2]]. The [[N82ap|iPhone 3G]], the [[N88ap|iPhone 3GS]] and the [[K48ap|iPad]] make use of the [[X-Gold 608]] chip for this purpose. The [[N90ap|iPhone 4 (GSM)]] and [[K94ap|iPad 2]] uses the [[XMM 6180]], the [[N92ap|iPhone 4 (CDMA)]] uses the [[MDM6600]].
   
 
You can check some [[Baseband Commands]].
 
You can check some [[Baseband Commands]].

Revision as of 11:52, 9 June 2011

This is the device in the iPhone that manages all the functions which require an antenna. The baseband processor has its own RAM and firmware in NOR flash, separate from the ARM core resources. The baseband is a resource to the OS. The Wi-Fi and Bluetooth are managed by the main CPU, although the baseband stores their MAC addresses in its NVRAM.

The iPhone's baseband processor is the S-Gold 2. The iPhone 3G, the iPhone 3GS and the iPad make use of the X-Gold 608 chip for this purpose. The iPhone 4 (GSM) and iPad 2 uses the XMM 6180, the iPhone 4 (CDMA) uses the MDM6600.

You can check some Baseband Commands.

Seczone

This is the area in the baseband where the lock state is stored.

Layout

0x400--NCK token
0xA00--IMEI signature
0xB00--IMEI
0xC00--Locks table

Encryption

Many of the sections are encrypted using TEA based off the CHIPID and NORID. See NCK Brute Force for more info.

Exploits

S-Gold 2

X-Gold 608

XMM 6180

Theoretical Attacks

Boot Chain

bootrom->bootloader->firmware