mirror of
https://github.com/CloverHackyColor/CloverBootloader.git
synced 2024-11-23 11:35:19 +01:00
advance KernelPM for Catalina
Signed-off-by: SergeySlice <sergey.slice@gmail.com>
This commit is contained in:
parent
533136a0ad
commit
4ed54a19cd
@ -658,6 +658,7 @@ const UINT8 CataSearchModel[] = {0x44, 0x89, 0xE0, 0xC0, 0xE8, 0x04};
|
||||
const UINT8 CataSearchExt[] = {0x44, 0x89, 0xE0, 0xC1, 0xE8, 0x10};
|
||||
const UINT8 CataReplaceMovEax[] = {0xB8, 0x00, 0x00, 0x00, 0x00, 0x90}; // mov eax, val || nop
|
||||
|
||||
|
||||
BOOLEAN LOADER_ENTRY::PatchCPUID(UINT8* bytes, const UINT8* Location, INT32 LenLoc,
|
||||
const UINT8* Search4, const UINT8* Search10, const UINT8* ReplaceModel,
|
||||
const UINT8* ReplaceExt, INT32 Len)
|
||||
@ -773,7 +774,7 @@ BOOLEAN LOADER_ENTRY::KernelPatchPm(VOID *kernelData)
|
||||
INTN Num = SearchAndReplace(&Kernel[procLocation], 0x400, findJmp, sizeof(findJmp), patchJmp, 0);
|
||||
DBG_RT("==> found %lld patterns\n", Num);
|
||||
//2. procedure xcpm_init
|
||||
// indirect call to _xcpm_core_scope_msrs
|
||||
// indirect call to _xcpm_core_scope_msrs and to _xcpm_SMT_scope_msrs
|
||||
// 488D3DDA317600 lea rdi, qword [ds:_xcpm_core_scope_msrs]
|
||||
// BE0B000000 mov esi, 0xb => replace to eb0a
|
||||
// 31D2 xor edx, edx
|
||||
@ -787,18 +788,30 @@ BOOLEAN LOADER_ENTRY::KernelPatchPm(VOID *kernelData)
|
||||
DBG_RT("=> xcpm_core_scope_msrs found at %llx\n", patchLocation1);
|
||||
if (Kernel[patchLocation1 + 7] == 0xE8) {
|
||||
DBG_RT("=> patch applied\n");
|
||||
for (int i=0; i < 0x10; ++i) {
|
||||
DBG_RT("%02x", Kernel[patchLocation1 + i]);
|
||||
}
|
||||
DBG_RT("\n");
|
||||
// for (int i=0; i < 0x10; ++i) {
|
||||
// DBG_RT("%02x", Kernel[patchLocation1 + i]);
|
||||
// }
|
||||
// DBG_RT("\n");
|
||||
Kernel[patchLocation1] = 0xEB;
|
||||
Kernel[patchLocation1 + 1] = 0x0A;
|
||||
} else {
|
||||
DBG_RT("=> pattern not good\n");
|
||||
// for (int i=0; i < 0x10; ++i) {
|
||||
// DBG_RT("%02x", Kernel[patchLocation1 + i]);
|
||||
// }
|
||||
// DBG_RT("\n");
|
||||
}
|
||||
}
|
||||
UINTN symbol2 = searchProc(Kernel, "xcpm_SMT_scope_msrs");
|
||||
patchLocation1 = FindRelative32(Kernel, procLocation, 0x200, symbol2);
|
||||
if (patchLocation1 != 0) {
|
||||
DBG_RT("=> xcpm_SMT_scope_msrs found at %llx\n", patchLocation1);
|
||||
if (Kernel[patchLocation1 + 7] == 0xE8) {
|
||||
DBG_RT("=> SMT patch applied\n");
|
||||
Kernel[patchLocation1] = 0xEB;
|
||||
Kernel[patchLocation1 + 1] = 0x0A;
|
||||
} else {
|
||||
DBG_RT("=> pattern not good\n");
|
||||
for (int i=0; i < 0x10; ++i) {
|
||||
DBG_RT("%02x", Kernel[patchLocation1 + i]);
|
||||
}
|
||||
DBG_RT("\n");
|
||||
}
|
||||
}
|
||||
|
||||
@ -1293,6 +1306,11 @@ BOOLEAN LOADER_ENTRY::BroadwellEPM(VOID *kernelData, BOOLEAN use_xcpm_idle)
|
||||
KernelCPUIDPatch(kern);
|
||||
|
||||
DBG("Searching _xcpm_pkg_scope_msr ...\n");
|
||||
// proc: _xcpm_init
|
||||
// ffffff8000468825 488D3D54527F00 lea rdi, qword [ds:_xcpm_pkg_scope_msrs]
|
||||
// ffffff800046882c BE07000000 mov esi, 0x7
|
||||
// ffffff8000468831 31D2 xor edx, edx
|
||||
// ffffff8000468833 E838FDFFFF call sub_ffffff8000468570
|
||||
if (os_version >= AsciiOSVersionToUint64("10.12")) {
|
||||
// 10.12+
|
||||
patchLocation = 0; // clean out the value just in case
|
||||
@ -1349,15 +1367,15 @@ BOOLEAN LOADER_ENTRY::HaswellLowEndXCPM(VOID *kernelData, BOOLEAN use_xcpm_idle)
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
// _xcpm_idle
|
||||
if (use_xcpm_idle) {
|
||||
// _xcpm_idle //this is a part of KernelPM
|
||||
/* if (use_xcpm_idle) {
|
||||
DBG("HWPEnable - ON.\n");
|
||||
comment = "_xcpm_idle";
|
||||
const UINT8 find[] = { 0xB9, 0xE2, 0x00, 0x00, 0x00, 0x0F, 0x30 };
|
||||
const UINT8 repl[] = { 0xB9, 0xE2, 0x00, 0x00, 0x00, 0x90, 0x90 };
|
||||
applyKernPatch(kern, find, sizeof(find), repl, comment);
|
||||
}
|
||||
|
||||
*/
|
||||
comment = "_xcpm_bootstrap";
|
||||
if (os_version <= AsciiOSVersionToUint64("10.12.5")) {
|
||||
// 10.12 - 10.12.5
|
||||
|
Loading…
Reference in New Issue
Block a user