correct commit c4357fd

Signed-off-by: Sergey Isakov <isakov-sl@bk.ru>
This commit is contained in:
Sergey Isakov 2020-04-29 18:07:10 +03:00
parent 75ffe238ca
commit 6b610f5b24
4 changed files with 22 additions and 21 deletions

View File

@ -80,7 +80,7 @@ VOID SetKernelRelocBase()
}
//search a procedure by Name and return its offset in the kernel
UINTN searchProc(unsigned char * kernel, UINTN kernelSize, const char *procedure, UINTN *procLen)
UINTN searchProc(unsigned char * kernel, const char *procedure, UINTN *procLen)
{
if (!procedure) {
return 0;
@ -110,17 +110,17 @@ UINTN searchProc(unsigned char * kernel, UINTN kernelSize, const char *procedure
}
INT32 SegVAddr;
switch (vArray[i].Seg) {
case SEG_TEXT:
case ID_SEG_TEXT:
SegVAddr = FindBin(kernel, 0x60, (const UINT8 *)kTextSegment, (UINT32)strlen(kTextSegment));
break;
case SEG_DATA:
case ID_SEG_DATA:
SegVAddr = FindBin(kernel, 0x600, (const UINT8 *)kDataSegment, (UINT32)strlen(kDataSegment));
break;
case SEG_DATA_CONST:
case ID_SEG_DATA_CONST:
SegVAddr = FindBin(kernel, 0x1000, (const UINT8 *)kDataConstSegment, (UINT32)strlen(kDataConstSegment));
break;
case SEG_KLD:
case SEG_KLD2:
case ID_SEG_KLD:
case ID_SEG_KLD2:
SegVAddr = FindBin(kernel, 0x1000, (const UINT8 *)kKldSegment, (UINT32)strlen(kKldSegment));
break;
default:
@ -1866,8 +1866,7 @@ KernelUserPatch(IN UINT8 *UKernelData, LOADER_ENTRY *Entry)
}
bool once = false;
UINTN procLen = 0;
UINTN procAddr = searchProc(UKernelData, KERNEL_MAX_SIZE,
Entry->KernelAndKextPatches->KernelPatches[i].ProcedureName, &procLen);
UINTN procAddr = searchProc(UKernelData, Entry->KernelAndKextPatches->KernelPatches[i].ProcedureName, &procLen);
if (Entry->KernelAndKextPatches->KernelPatches[i].SearchLen == 0) {
Entry->KernelAndKextPatches->KernelPatches[i].SearchLen = KERNEL_MAX_SIZE;

View File

@ -41,14 +41,14 @@
#define kLinkEditSegment "__LINKEDIT"
#define kTextSegment "__TEXT"
#define SEG_TEXT 0x010f
#define ID_SEG_TEXT 0x010f
#define kDataSegment "__DATA"
#define SEG_DATA 0x0f0f
#define ID_SEG_DATA 0x0f0f
#define kDataConstSegment "__DATA_CONST"
#define SEG_DATA_CONST 0x110f
#define ID_SEG_DATA_CONST 0x110f
#define kKldSegment "__KLD"
#define SEG_KLD 0x180f
#define SEG_KLD2 0x1a0f
#define ID_SEG_KLD 0x180f
#define ID_SEG_KLD2 0x1a0f
#define kPrelinkBundlePathKey "_PrelinkBundlePath"
#define kPrelinkExecutableRelativePathKey "_PrelinkExecutableRelativePath"
@ -191,6 +191,6 @@ UINTN SearchAndReplace(UINT8 *Source, UINT64 SourceSize, UINT8 *Search, UINTN Se
UINTN SearchAndReplaceMask(UINT8 *Source, UINT64 SourceSize, UINT8 *Search, UINT8 *MaskSearch, UINTN SearchSize, UINT8 *Replace, UINT8 *MaskReplace, INTN MaxReplaces);
UINTN searchProc(unsigned char * kernel, UINTN kernelSize, const char *procedure, UINTN *procLen);
UINTN searchProc(unsigned char * kernel, const char *procedure, UINTN *procLen);
#endif /* !__LIBSAIO_KERNEL_PATCHER_H */

View File

@ -923,7 +923,7 @@ VOID EFIAPI KernelBooterExtensionsPatch(IN UINT8 *Kernel, LOADER_ENTRY *Entry)
UINTN NumSnow_X64_EXT = 0;
UINTN NumLion_i386_EXT = 0;
UINTN NumLion_X64_EXT = 0;
UINT32 patchLocation1 = 0, patchLocation2 = 0, patchLocation3 = 0;
UINT32 /* patchLocation1 = 0,*/ patchLocation2 = 0, patchLocation3 = 0;
UINT32 i, y;
DBG_RT(Entry, "\nPatching kernel for injected kexts...\n");
@ -989,10 +989,13 @@ VOID EFIAPI KernelBooterExtensionsPatch(IN UINT8 *Kernel, LOADER_ENTRY *Entry)
}
}
#else
UNITN procLocation = searchProc(Kernel, 0x1000000, "readStartupExtensions", 0x100);
const UINT8 * findJmp = {0xEB, 0x05};
const UINT8 * patchJmp = {0x90, 0x90};
applyKernPatch(Kernel+procLocation, findJmp, 2, patchJmp, "load kexts");
UINTN procLen = 0x100;
UINTN procLocation = searchProc(Kernel, "readStartupExtensions", &procLen);
UINT8 findJmp[] = {0xEB, 0x05};
UINT8 patchJmp[] = {0x90, 0x90};
if (!SearchAndReplace(Kernel + procLocation, KERNEL_MAX_SIZE, findJmp, 2, patchJmp, 1)) {
DBG_RT(Entry, "load kexts not patched\n");
}
#endif
// SIP - bypass kext check by System Integrity Protection.
for (i = 0; i < 0x1000000; i++) {

View File

@ -989,8 +989,7 @@ VOID AnyKextPatch(UINT8 *Driver, UINT32 DriverSize, CHAR8 *InfoPlist, UINT32 Inf
DBG_RT(Entry, "Binary patch\n");
bool once = false;
UINTN procLen = 0;
UINTN procAddr = searchProc(Driver, DriverSize,
Entry->KernelAndKextPatches->KextPatches[N].ProcedureName, &procLen);
UINTN procAddr = searchProc(Driver, Entry->KernelAndKextPatches->KextPatches[N].ProcedureName, &procLen);
if (Entry->KernelAndKextPatches->KextPatches[N].SearchLen == 0) {
Entry->KernelAndKextPatches->KextPatches[N].SearchLen = DriverSize;