kpf: Fix vm_fault_enter patch for iOS 18

palera1n · Jul 4, 2024 · f5dd72d · f5dd72d
1 parent 50ecf34
commit f5dd72d
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/checkra1n/kpf/main.c b/checkra1n/kpf/main.c
@@ -643,7 +643,7 @@ bool vm_fault_enter_callback14(struct xnu_pf_patch* patch, uint32_t* opcode_stre
     DEVLOG("Trying vm_fault_enter at 0x%" PRIx64 "", xnu_ptr_to_va(opcode_stream));
     // r2 /x
     // Make sure this was preceded by a "tbz w[16-31], 2, ..." that jumps to the code we're currently looking at
-    uint32_t *tbz = find_prev_insn(opcode_stream, 0x18, 0x36100010, 0xfff80010);
+    uint32_t *tbz = find_prev_insn(opcode_stream, 0x20, 0x36100010, 0xfff80010);
     if(!tbz)
     {
         // This isn't our TBZ