[+] Qemu user-mode emulation
[*] Using jchroot for building more secure chroot environments
[*] This module creates a working copy of the firmware filesystem in the log directory /logs.
[*] Create a firmware backup for emulation ...
[*] Firmware backup for emulation created in /logs/s115_usermode_emulator/firmware
[*] Root directory auto detection for /logs/s115_usermode_emulator/firmware (could take some time)
[*] Found 2 different root directories:
[+] Found the following root directory: /logs/s115_usermode_emulator/firmware/unblob_extracted/firmware_extract/11108416-13869836.lzma_extract/lzma.uncompressed_extract/3761304-11775640.cpio_portable_ascii_extract via binary interpreter / dir names / busybox.
[+] Found the following root directory: /logs/s115_usermode_emulator/firmware/unblob_extracted/firmware_extract/11108416-13869836.lzma_extract/lzma.uncompressed_extract/3761304-11775640.cpio_portable_ascii_extract/lib/ via binary interpreter / dir names / busybox.
[*] Detected 2 root directories:
[*] Detected root path: /logs/s115_usermode_emulator/firmware/unblob_extracted/firmware_extract/11108416-13869836.lzma_extract/lzma.uncompressed_extract/3761304-11775640.cpio_portable_ascii_extract
[*] No symlinks found in firmware ... Starting link fixing helper ...
[*] Running emulation processes in /logs/s115_usermode_emulator/firmware/unblob_extracted/firmware_extract/11108416-13869836.lzma_extract/lzma.uncompressed_extract/3761304-11775640.cpio_portable_ascii_extract root path (1/2).
[*] Create unique binary array for /logs/s115_usermode_emulator/firmware/unblob_extracted/firmware_extract/11108416-13869836.lzma_extract/lzma.uncompressed_extract/3761304-11775640.cpio_portable_ascii_extract root path (1/2).
[*] Testing 18 unique executables in root dirctory: /logs/s115_usermode_emulator/firmware/unblob_extracted/firmware_extract/11108416-13869836.lzma_extract/lzma.uncompressed_extract/3761304-11775640.cpio_portable_ascii_extract (1/2).
==> Preparation phase
[*] Preparing the environment for usermode emulation
[*] Creating dev area for user mode emulation
[*] Creating /dev/zero
[*] Creating /dev/ptmx
[*] Creating /dev/tty
[*] Creating /dev/random
[*] Creating /dev/urandom
[*] Creating /dev/mem
[*] Creating /dev/kmem
[*] Creating /dev/armem
[*] Creating /dev/tty0
[*] Creating /dev/ttyS0 - ttyS3
[*] Creating /dev/adsl0
[*] Creating /dev/ppp
[*] Creating /dev/hidraw0
[*] Creating and populating /dev/mtd
[*] Creating and populating /dev/mtdblock
[*] Creating and populating /dev/tts
[*] Currently mounted areas:
proc on /logs/s115_usermode_emulator/firmware/unblob_extracted/firmware_extract/11108416-13869836.lzma_extract/lzma.uncompressed_extract/3761304-11775640.cpio_portable_ascii_extract/proc type proc (rw,relatime)
tmpfs on /logs/s115_usermode_emulator/firmware/unblob_extracted/firmware_extract/11108416-13869836.lzma_extract/lzma.uncompressed_extract/3761304-11775640.cpio_portable_ascii_extract/run type tmpfs (rw,nosuid,nodev,noexec,relatime,inode64)
sysfs on /logs/s115_usermode_emulator/firmware/unblob_extracted/firmware_extract/11108416-13869836.lzma_extract/lzma.uncompressed_extract/3761304-11775640.cpio_portable_ascii_extract/sys type sysfs (rw,nosuid,nodev,noexec,relatime)
[*] Final fixes of the root filesytem in a chroot environment
[*] Initial CPU detection process of binary libmbedtls.so.12 with CPU configuration .
[*] Initial CPU detection process of binary libmbedcrypto.so.3 with CPU configuration .
[*] Initial CPU detection process of binary libcurl.so.4 with CPU configuration .
[*] Initial CPU detection process of binary libmbedx509.so.0 with CPU configuration .
[*] Initial CPU detection process of binary get_fwinfo with CPU configuration .
[*] Initial CPU detection process of binary apmode with CPU configuration .
[*] Initial CPU detection process of binary sfc_ioctl_test with CPU configuration .
[*] Initial CPU detection process of binary recovery with CPU configuration .
[*] Initial CPU detection process of binary disable_mcu_wdt_t31zx with CPU configuration NONE.
[*] Initial CPU detection process of binary tag_generator with CPU configuration NONE.
[*] Initial strace run with jchroot on the command ./usr/bin/get_fwinfo to identify missing areas
[*] Initial CPU detection process of binary gpioset with CPU configuration NONE.
[*] Initial strace run with jchroot on the command ./usr/bin/apmode to identify missing areas
[*] Initial CPU detection process of binary log_tool with CPU configuration NONE.
[*] Initial CPU detection process of binary zrt_cam_daemon with CPU configuration NONE.
[*] Initial strace run with jchroot on the command ./usr/bin/recovery to identify missing areas
[*] Initial CPU detection process of binary cam_update with CPU configuration NONE.
[*] Initial strace run with jchroot on the command ./usr/bin/disable_mcu_wdt_t31zx to identify missing areas
[*] Initial strace run with jchroot on the command ./usr/bin/tag_generator to identify missing areas
[*] Initial CPU detection process of binary mcuisp with CPU configuration NONE.
[*] Initial strace run with jchroot on the command ./usr/bin/sfc_ioctl_test to identify missing areas
[*] Initial strace run with jchroot on the command ./usr/bin/gpioset to identify missing areas
[*] Initial CPU detection process of binary read_mcu_ver with CPU configuration NONE.
[*] Initial strace run with jchroot on the command ./usr/bin/log_tool to identify missing areas
[*] Initial CPU detection process of binary libgcc_s.so.1 with CPU configuration NONE.
[*] Initial CPU detection process of binary busybox with CPU configuration NONE.
[*] Detected root path: /logs/s115_usermode_emulator/firmware/unblob_extracted/firmware_extract/11108416-13869836.lzma_extract/lzma.uncompressed_extract/3761304-11775640.cpio_portable_ascii_extract/lib/
[*] No symlinks found in firmware ... Starting link fixing helper ...
[*] Initial strace run with jchroot on the command ./usr/bin/mcuisp to identify missing areas
[*] Running emulation processes in /logs/s115_usermode_emulator/firmware/unblob_extracted/firmware_extract/11108416-13869836.lzma_extract/lzma.uncompressed_extract/3761304-11775640.cpio_portable_ascii_extract/lib/ root path (2/2).
[*] Initial strace run with jchroot on the command ./usr/bin/zrt_cam_daemon to identify missing areas
[*] Create unique binary array for /logs/s115_usermode_emulator/firmware/unblob_extracted/firmware_extract/11108416-13869836.lzma_extract/lzma.uncompressed_extract/3761304-11775640.cpio_portable_ascii_extract/lib/ root path (2/2).
[*] Testing 1 unique executables in root dirctory: /logs/s115_usermode_emulator/firmware/unblob_extracted/firmware_extract/11108416-13869836.lzma_extract/lzma.uncompressed_extract/3761304-11775640.cpio_portable_ascii_extract/lib/ (2/2).
[*] Initial strace run with jchroot on the command ./usr/bin/read_mcu_ver to identify missing areas
[*] Initial strace run with jchroot on the command ./usr/bin/cam_update to identify missing areas
==> Preparation phase
[*] Preparing the environment for usermode emulation
[*] Creating dev area for user mode emulation
[*] Creating /dev/console
[*] Initial strace run with jchroot on the command ./bin/busybox to identify missing areas
[*] Creating /dev/null
[*] Creating /dev/zero
[*] Creating /dev/ptmx
[*] Creating /dev/tty
[*] Creating /dev/random
[*] Creating /dev/urandom
[*] Creating /dev/mem
[*] Creating /dev/kmem
[*] Creating /dev/armem
[*] Creating /dev/tty0
[*] Creating /dev/ttyS0 - ttyS3
[*] Creating /dev/adsl0
[*] Creating /dev/ppp
[*] Creating /dev/hidraw0
[*] Creating and populating /dev/mtd
[*] Creating and populating /dev/mtdblock
[*] Creating and populating /dev/tts
[*] Currently mounted areas:
proc on /logs/s115_usermode_emulator/firmware/unblob_extracted/firmware_extract/11108416-13869836.lzma_extract/lzma.uncompressed_extract/3761304-11775640.cpio_portable_ascii_extract/lib/proc type proc (rw,relatime)
tmpfs on /logs/s115_usermode_emulator/firmware/unblob_extracted/firmware_extract/11108416-13869836.lzma_extract/lzma.uncompressed_extract/3761304-11775640.cpio_portable_ascii_extract/lib/run type tmpfs (rw,nosuid,nodev,noexec,relatime,inode64)
sysfs on /logs/s115_usermode_emulator/firmware/unblob_extracted/firmware_extract/11108416-13869836.lzma_extract/lzma.uncompressed_extract/3761304-11775640.cpio_portable_ascii_extract/lib/sys type sysfs (rw,nosuid,nodev,noexec,relatime)
[*] Final fixes of the root filesytem in a chroot environment
[*] Initial CPU detection process of binary libgcc_s.so.1 with CPU configuration NONE.
[*] Initial strace run with jchroot on the command ./usr/lib/libmbedtls.so.12 to identify missing areas
[*] Initial strace run with jchroot on the command ./usr/lib/libmbedcrypto.so.3 to identify missing areas
[*] Initial strace run with jchroot on the command ./usr/lib/libcurl.so.4 to identify missing areas
[*] Initial strace run with jchroot on the command ./usr/lib/libmbedx509.so.0 to identify missing areas
[*] Initial strace run with jchroot on the command ./lib/libgcc_s.so.1 to identify missing areas
[*] Initial strace run with jchroot on the command ./libgcc_s.so.1 to identify missing areas
==> Cleanup phase
[*] Terminating qemu processes - check it with ps
[*] Cleaning the emulation environment
[*] Umounting proc, sys and run
[*] Unmounting proc on /logs/s115_usermode_emulator/firmware/unblob_extracted/firmware_extract/11108416-13869836.lzma_extract/lzma.uncompressed_extract/3761304-11775640.cpio_portable_ascii_extract/proc type proc (rw,relatime)
[*] Unmounting tmpfs on /logs/s115_usermode_emulator/firmware/unblob_extracted/firmware_extract/11108416-13869836.lzma_extract/lzma.uncompressed_extract/3761304-11775640.cpio_portable_ascii_extract/run type tmpfs (rw,nosuid,nodev,noexec,relatime,inode64)
[*] Unmounting sysfs on /logs/s115_usermode_emulator/firmware/unblob_extracted/firmware_extract/11108416-13869836.lzma_extract/lzma.uncompressed_extract/3761304-11775640.cpio_portable_ascii_extract/sys type sysfs (rw,nosuid,nodev,noexec,relatime)
[*] Unmounting proc on /logs/s115_usermode_emulator/firmware/unblob_extracted/firmware_extract/11108416-13869836.lzma_extract/lzma.uncompressed_extract/3761304-11775640.cpio_portable_ascii_extract/lib/proc type proc (rw,relatime)
[*] Unmounting tmpfs on /logs/s115_usermode_emulator/firmware/unblob_extracted/firmware_extract/11108416-13869836.lzma_extract/lzma.uncompressed_extract/3761304-11775640.cpio_portable_ascii_extract/lib/run type tmpfs (rw,nosuid,nodev,noexec,relatime,inode64)
[*] Unmounting sysfs on /logs/s115_usermode_emulator/firmware/unblob_extracted/firmware_extract/11108416-13869836.lzma_extract/lzma.uncompressed_extract/3761304-11775640.cpio_portable_ascii_extract/lib/sys type sysfs (rw,nosuid,nodev,noexec,relatime)
==> Reporting phase
[+] Emulated binary zrt generated output in /logs/s115_usermode_emulator/qemu_tmp_zrt_cam_daemon.txt.
[+] Emulated binary apmode generated output in /logs/s115_usermode_emulator/qemu_tmp_apmode.txt.
[+] Emulated binary tag generated output in /logs/s115_usermode_emulator/qemu_tmp_tag_generator.txt.
[+] Emulated binary mcuisp generated output in /logs/s115_usermode_emulator/qemu_tmp_mcuisp.txt.
[+] Emulated binary recovery generated output in /logs/s115_usermode_emulator/qemu_tmp_recovery.txt.
[+] Emulated binary busybox generated output in /logs/s115_usermode_emulator/qemu_tmp_busybox.txt.
[+] Emulated binary read generated output in /logs/s115_usermode_emulator/qemu_tmp_read_mcu_ver.txt.
[+] Emulated binary disable generated output in /logs/s115_usermode_emulator/qemu_tmp_disable_mcu_wdt_t31zx.txt.
[+] Emulated binary get generated output in /logs/s115_usermode_emulator/qemu_tmp_get_fwinfo.txt.
[+] Emulated binary gpioset generated output in /logs/s115_usermode_emulator/qemu_tmp_gpioset.txt.
[+] Emulated binary log generated output in /logs/s115_usermode_emulator/qemu_tmp_log_tool.txt.
[*] Remove firmware copy from emulation directory.
