Upstream/CloverBootloader
1
0
Fork 0
mirror of https://github.com/CloverHackyColor/CloverBootloader.git synced 2024-11-10 09:40:53 +01:00
Code Issues Packages Projects Releases Wiki Activity

repaired symbolic patching for bigsur

Browse Source 
Signed-off-by: SergeySlice <sergey.slice@gmail.com>
This commit is contained in:
SergeySlice 2020-07-20 11:52:36 +03:00
parent b544e86e4b
commit 7188cde799
6 changed files with 73 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
MemoryFix/OsxAptioFixDrv/DecodedKernelCheck.c
View File

@ -108,7 +108,7 @@ unsigned long OSSwapHostToBigInt32(unsigned long int32) {
#define DO4(buf,i) DO2(buf,i); DO2(buf,i+2);
#define DO8(buf,i) DO4(buf,i); DO4(buf,i+4);
#define DO16(buf) DO8(buf,0); DO8(buf,8);
#if 0
unsigned long Adler32(unsigned char *buf, long len)
{
unsigned long s1 = 1; // adler & 0xffff;
@ -135,7 +135,7 @@ unsigned long Adler32(unsigned char *buf, long len)
// result is in big endian
return OSSwapHostToBigInt32(result);
}
#endif

72
rEFIt_UEFI/Platform/kernel_patcher.cpp
View File

@ -18,7 +18,7 @@
//#include "sse3_5_patcher.h"
#ifndef DEBUG_ALL
#define KERNEL_DEBUG 0
#define KERNEL_DEBUG 1
#else
#define KERNEL_DEBUG DEBUG_ALL
#endif
@ -86,6 +86,7 @@ EFI_STATUS LOADER_ENTRY::getVTable()
// INT32 Tabble = FindBin(KernelData, 0x5000000, vtableSur, 8);
INT32 NTabble = FindBin(KernelData, KERNEL_MAX_SIZE, (const UINT8 *)ctor_used, (UINT32)strlen(ctor_used));
DBG("ctor_used found at 0x%x\n", NTabble);
if (NTabble < 0) {
return EFI_NOT_FOUND;
}
@ -99,10 +100,10 @@ EFI_STATUS LOADER_ENTRY::getVTable()
// SizeVtable = LinkSeg->SizeVtable;
// NamesTable = LinkSeg->AddrNames;
//TODO find an origin of the shift
shift = NTabble - NamesTable;
shift = NamesTable - NTabble;
// DBG_RT("AddrVtable=%x Size=%x AddrNames=%x shift=%x\n", AddrVtable, SizeVtable, NamesTable, shift);
NamesTable = NTabble;
AddrVtable += shift;
AddrVtable -= shift;
// AddrVtable = Tabble;
DBG("AddrVtable=%x Size=%x AddrNames=%x shift=%x\n", AddrVtable, SizeVtable, NamesTable, shift);
SegVAddr = FindBin(KernelData+KernelOffset, 0x600, (const UINT8 *)kTextSegment, (UINT32)strlen(kTextSegment));
@ -172,6 +173,9 @@ UINTN LOADER_ENTRY::searchProcInDriver(UINT8 * driver, UINT32 driverLen, const c
case ID_SEG_TEXT:
lSegVAddr = FindSection(driver, 0x600, (const UINT8 *)kTextSegment, (const UINT8 *)kPrelinkTextSection);
break;
case ID_SEG_HIB:
lSegVAddr = FindBin(driver, 0x2000, (const UINT8 *)kHibSegment, (UINT32)strlen(kHibSegment));
break;
// lSegVAddr = FindBin(driver, 0x600, (const UINT8 *)kTextSegment, (UINT32)strlen(kTextSegment));
// break;
@ -190,7 +194,7 @@ UINTN LOADER_ENTRY::searchProcInDriver(UINT8 * driver, UINT32 driverLen, const c
return procAddr;
}
static int N = 0;
//static int N = 0;
//search a procedure by Name and return its offset in the kernel
UINTN LOADER_ENTRY::searchProc(const char *procedure)
{
@ -207,11 +211,11 @@ UINTN LOADER_ENTRY::searchProc(const char *procedure)
for (i=0; i<SizeVtable; ++i) {
size_t Offset = vArray[i].NameOffset;
if (Offset == 0) break;
if (N < 10) {
DBG("Offset %lx Seg=%x\n", Offset, vArray[i].Seg);
DBG("Name to compare %s\n", &Names[Offset]);
N++;
}
// if (N < 10) {
// DBG("Offset %lx Seg=%x\n", Offset, vArray[i].Seg);
// DBG("Name to compare %s\n", &Names[Offset]);
// N++;
// }
// DBG_RT("Offset %lx Seg=%x\n", Offset, vArray[i].Seg);
// DBG_RT("Name to compare %s\n", &Names[Offset]);
// Stall(3000000);
@ -2340,8 +2344,16 @@ LOADER_ENTRY::KernelAndKextPatcherInit()
// DBG_RT("text section is: %s\n", (const char*)&KernelData[0x28]);
KernelOffset = 0;
while (KernelOffset < KERNEL_MAX_SIZE) {
if ((KernelData[KernelOffset + 0x0C] == MH_EXECUTE) && (MACH_GET_MAGIC(KernelData) == MH_MAGIC_64 )) {
break;
if ((MACH_GET_MAGIC(KernelData+KernelOffset) == MH_MAGIC_64 ) || (MACH_GET_MAGIC(KernelData+KernelOffset) == MH_CIGAM_64)) {
DBG("dump at offset 0x%x\n", KernelOffset);
for (int j = 0; j<20; ++j) {
DBG("%02x ", KernelData[KernelOffset+j]);
}
DBG("\n");
if ((((struct mach_header_64*)(KernelData+KernelOffset))->filetype) == MH_EXECUTE) {
DBG("execute found\n");
break;
}
}
KernelOffset += 4;
}
@ -2352,7 +2364,7 @@ LOADER_ENTRY::KernelAndKextPatcherInit()
KernelData = NULL;
return;
}
DBG( " kernel offset at 0x%x\n", KernelOffset);
// find __PRELINK_TEXT and __PRELINK_INFO
Get_PreLink();
/*
@ -2386,8 +2398,8 @@ LOADER_ENTRY::KernelAndKextsPatcherStart()
KernelAndKextPatches = (KERNEL_AND_KEXT_PATCHES *)(((UINTN)&gSettings) + OFFSET_OF(SETTINGS_DATA, KernelAndKextPatches));
PatcherInited = false;
// we will call KernelAndKextPatcherInit() only if needed
if (KernelAndKextPatches == NULL) return; //entry is not null as double check
KernelAndKextPatcherInit();
KextPatchesNeeded = (
KernelAndKextPatches->KPAppleIntelCPUPM ||
@ -2403,8 +2415,8 @@ LOADER_ENTRY::KernelAndKextsPatcherStart()
if (gSettings.KernelPatchesAllowed && (KernelAndKextPatches->KernelPatches != NULL) && KernelAndKextPatches->NrKernels) {
DBG_RT("Enabled: \n");
DBG("Kernels patches: enabled \n");
KernelAndKextPatcherInit();
if (KernelData == NULL) goto NoKernelData;
// KernelAndKextPatcherInit();
// if (KernelData == NULL) goto NoKernelData;
if (EFI_ERROR(getVTable())) {
// DBG_RT("error getting vtable: \n");
goto NoKernelData;
@ -2440,8 +2452,8 @@ LOADER_ENTRY::KernelAndKextsPatcherStart()
DBG_RT( "\nFakeCPUID patch: ");
if (KernelAndKextPatches->FakeCPUID) {
DBG_RT( "Enabled: 0x%06x\n", KernelAndKextPatches->FakeCPUID);
KernelAndKextPatcherInit();
if (KernelData == NULL) goto NoKernelData;
// KernelAndKextPatcherInit();
// if (KernelData == NULL) goto NoKernelData;
KernelCPUIDPatch();
} else {
DBG_RT( "Disabled\n");
@ -2452,8 +2464,8 @@ LOADER_ENTRY::KernelAndKextsPatcherStart()
if (KernelAndKextPatches->KPKernelPm || KernelAndKextPatches->KPKernelXCPM) {
DBG_RT( "Enabled: \n");
DBG( "KernelPm patch: Enabled\n");
KernelAndKextPatcherInit();
if (KernelData == NULL) goto NoKernelData;
// KernelAndKextPatcherInit();
// if (KernelData == NULL) goto NoKernelData;
patchedOk = FALSE;
if (is64BitKernel) {
patchedOk = KernelPatchPm();
@ -2467,8 +2479,8 @@ LOADER_ENTRY::KernelAndKextsPatcherStart()
DBG_RT( "\nPanicNoKextDump patch: ");
if (KernelAndKextPatches->KPPanicNoKextDump) {
DBG_RT( "Enabled: \n");
KernelAndKextPatcherInit();
if (KernelData == NULL) goto NoKernelData;
// KernelAndKextPatcherInit();
// if (KernelData == NULL) goto NoKernelData;
patchedOk = KernelPanicNoKextDump();
DBG_RT( patchedOk ? " OK\n" : " FAILED!\n");
} else {
@ -2480,8 +2492,8 @@ LOADER_ENTRY::KernelAndKextsPatcherStart()
DBG_RT( "\nKernelLapic patch: ");
if (KernelAndKextPatches->KPKernelLapic) {
DBG_RT( "Enabled: \n");
KernelAndKextPatcherInit();
if (KernelData == NULL) goto NoKernelData;
// KernelAndKextPatcherInit();
// if (KernelData == NULL) goto NoKernelData;
if(is64BitKernel) {
DBG_RT( "64-bit patch ...\n");
patchedOk = KernelLapicPatch_64();
@ -2501,8 +2513,8 @@ LOADER_ENTRY::KernelAndKextsPatcherStart()
// EnableExtCpuXCPM = NULL;
patchedOk = FALSE;
// BOOLEAN apply_idle_patch = (gCPUStructure.Model >= CPU_MODEL_SKYLAKE_U) && gSettings.HWP;
KernelAndKextPatcherInit();
if (KernelData == NULL) goto NoKernelData;
// KernelAndKextPatcherInit();
// if (KernelData == NULL) goto NoKernelData;
// syscl - now enable extra Cpu's PowerManagement
// only Intel support this feature till now
@ -2571,9 +2583,9 @@ LOADER_ENTRY::KernelAndKextsPatcherStart()
);
if (KextPatchesNeeded && gSettings.KextPatchesAllowed) {
DBG_RT( "\nKext patching INIT\n");
KernelAndKextPatcherInit();
if (KernelData == NULL) goto NoKernelData;
// DBG_RT( "\nKext patching INIT\n");
// KernelAndKextPatcherInit();
// if (KernelData == NULL) goto NoKernelData;
DBG_RT( "\nKext patching STARTED\n");
KextPatcherStart(); //is FakeSMC found in cache then inject will be disabled
DBG_RT( "\nKext patching ENDED\n");
@ -2614,8 +2626,8 @@ LOADER_ENTRY::KernelAndKextsPatcherStart()
return;
}
KernelAndKextPatcherInit();
if (KernelData == NULL) goto NoKernelData;
// KernelAndKextPatcherInit();
// if (KernelData == NULL) goto NoKernelData;
if (bootArgs1 != NULL) {
deviceTreeP = bootArgs1->deviceTreeP;
deviceTreeLength = &bootArgs1->deviceTreeLength;

2
rEFIt_UEFI/Platform/kernel_patcher.h
View File

@ -39,6 +39,7 @@ const char kTextSegment[] = "__TEXT";
const char kDataSegment[] = "__DATA";
const char kDataConstSegment[] = "__DATA_CONST";
const char kKldSegment[] = "__KLD";
const char kHibSegment[] = "__HIB";
const char kConstSection[] = "__const";
const char kBssSection[] = "__bss";
const char kCommonSection[] = "__common";
@ -55,6 +56,7 @@ const char kDataSection[] = "__data";
#define ID_SEG_DATA_COMMON 0x090f
#define ID_SEG_DATA 0x0f0f
#define ID_SEG_DATA_CONST 0x110f
#define ID_SEG_HIB 0x170f
#define ID_SEG_KLD 0x180f
#define ID_SEG_KLD2 0x1a0f
#define ID_SEG_KLD3 0x210f

44
rEFIt_UEFI/Platform/kext_inject.cpp
View File

@ -3,16 +3,15 @@
#include "DataHubCpu.h"
#ifndef DEBUG_ALL
#define KEXT_INJECT_DEBUG 00
#define KEXT_INJECT_DEBUG 1
#else
#define KEXT_INJECT_DEBUG DEBUG_ALL
#endif
#if KEXT_INJECT_DEBUG == 2
#define DBG(...) MsgLog(__VA_ARGS__)
#define DBG(...) printf(__VA_ARGS__);
#elif KEXT_INJECT_DEBUG == 1
#define DBG(...) printf(__VA_ARGS__);
#define DBG(...) DebugLog(KEXT_INJECT_DEBUG, __VA_ARGS__)
#else
#define DBG(...)
#endif
@ -581,7 +580,7 @@ EFI_STATUS LOADER_ENTRY::LoadKexts()
/*
* Adler32 from Chameleon
* Adler32 from Chameleon, not used
*/
#define BASE 65521L /* largest prime smaller than 65536 */
#define NMAX 5000
@ -592,7 +591,7 @@ EFI_STATUS LOADER_ENTRY::LoadKexts()
#define DO4(buf,i) DO2(buf,i); DO2(buf,i+2);
#define DO8(buf,i) DO4(buf,i); DO4(buf,i+4);
#define DO16(buf) DO8(buf,0); DO8(buf,8);
#if 0
static UINT32 Adler32(unsigned char *buf, long len)
{
unsigned long s1 = 1; // adler & 0xffff;
@ -721,7 +720,7 @@ void LOADER_ENTRY::patch_mkext_v1(UINT8 *drvPtr)
}
}
}
#endif
////////////////////
// OnExitBootServices
@ -754,6 +753,7 @@ EFI_STATUS LOADER_ENTRY::InjectKexts(IN UINT32 deviceTreeP, IN UINT32* deviceTre
DBG_RT("\nInjectKexts: ");
DBG("\nInjectKexts: ");
KextCount = GetKextCount();
if (KextCount == 0) {
DBG_RT("no kexts to inject.\nPausing 5 secs ...\n");
@ -841,14 +841,15 @@ EFI_STATUS LOADER_ENTRY::InjectKexts(IN UINT32 deviceTreeP, IN UINT32* deviceTre
drvPtr += sizeof(DeviceTreeNodeProperty) + sizeof(_DeviceTreeBuffer);
KextBase = RoundPage(KextBase + KextEntry->kext.length);
DBG_RT(" %llu - %s\n", Index, (CHAR8 *)(UINTN)drvinfo->bundlePathPhysAddr);
DBG_RT(" %llu - %s\n", Index, (CHAR8 *)(UINTN)drvinfo->bundlePathPhysAddr);
DBG(" %llu - %s\n", Index, (CHAR8 *)(UINTN)drvinfo->bundlePathPhysAddr);
if (gSettings.KextPatchesAllowed) {
INT32 i;
CHAR8 SavedValue;
CHAR8 *InfoPlist = (CHAR8*)(UINTN)drvinfo->infoDictPhysAddr;
SavedValue = InfoPlist[drvinfo->infoDictLength];
InfoPlist[drvinfo->infoDictLength] = '\0';
KernelAndKextPatcherInit();
// KernelAndKextPatcherInit();
for (i = 0; i < KernelAndKextPatches->NrKexts; i++) {
if ((KernelAndKextPatches->KextPatches[i].DataLen > 0) &&
(AsciiStrStr(InfoPlist, KernelAndKextPatches->KextPatches[i].Name) != NULL)) {
@ -1005,15 +1006,15 @@ VOID EFIAPI LOADER_ENTRY::KernelBooterExtensionsPatch()
DBG("\n");
// Stall(10000000);
//second attempt brute force for 10.16
const UINT8 findJmp2[] = {0xEB, 0x05, 0xE8, 0x7D, 0x03};
const UINT8 patchJmp2[] = {0x90, 0x90, 0xE8, 0x7D, 0x03};
if (!SearchAndReplace(&KernelData[0], KERNEL_MAX_SIZE, findJmp2, 5, patchJmp2, 1)) {
DBG("load kexts 2 not patched\n");
} else {
DBG("load kexts 2 patched !!!\n");
}
// const UINT8 findJmp2[] = {0xEB, 0x05, 0xE8, 0x7D, 0x03};
// const UINT8 patchJmp2[] = {0x90, 0x90, 0xE8, 0x7D, 0x03};
// if (!SearchAndReplace(&KernelData[0], KERNEL_MAX_SIZE, findJmp2, 5, patchJmp2, 1)) {
// DBG("load kexts 2 not patched\n");
// } else {
// DBG("load kexts 2 patched !!!\n");
// }
} else {
DBG("load kexts patched\n");
DBG("load kexts patched \n");
// for (UINTN j=procLocation+0x3b; j<procLocation+0x5b; ++j) {
// DBG_RT("%02x", Kernel[j]);
// }
@ -1168,7 +1169,7 @@ VOID EFIAPI LOADER_ENTRY::KernelBooterExtensionsPatch()
procLocation = searchProc("removeKextBootstrap");
const UINT8 find5[] = {0x00, 0x0F, 0x85, 00, 00, 0x00, 0x00, 0x48 };
const UINT8 mask5[] = {0xFF, 0xFF, 0xFF, 00, 00, 0xFF, 0xFF, 0xFF };
patchLocation3 = FindMemMask(&KernelData[procLocation], 0x1000, find5, sizeof(find5), mask5, sizeof(mask5));
patchLocation3 = FindMemMask(&KernelData[procLocation], 0x300, find5, sizeof(find5), mask5, sizeof(mask5));
DBG("removeKextBootstrap at 0x%llx\n", patchLocation3);
/*
@ -1203,7 +1204,7 @@ VOID EFIAPI LOADER_ENTRY::KernelBooterExtensionsPatch()
//BS
//FF 80 3D ?? ?? ?? 00 00 0F 85 ?? 01 00 00 41 -->
//FF 80 3D ?? ?? ?? 00 00 90 E9 ?? 01 00 00 41.
/*
if (patchLocation3 == KERNEL_MAX_SIZE) {
DBG_RT("==> can't find KxldUnmap (10.14 - 10.15)\n");
Stall(3000000);
@ -1216,7 +1217,10 @@ VOID EFIAPI LOADER_ENTRY::KernelBooterExtensionsPatch()
KernelData[0 + patchLocation3 + 9] = 0xE9;
}
} else {
DBG("==> patched KxldUnmap (10.14 - recent macOS)\n");
*/
//The patch is not needed for bigsur
if (patchLocation3 != KERNEL_MAX_SIZE) {
DBG("==> patched KxldUnmap (10.14 - 10.15)\n");
// 00 0F 85 XX XX 00 00 48
// 00 90 E9 XX XX 00 00 48
KernelData[procLocation + patchLocation3 + 1] = 0x90;

4
rEFIt_UEFI/gui/menu_items/menu_items.h
View File

@ -433,8 +433,8 @@ class REFIT_ABSTRACT_MENU_ENTRY
EFI_STATUS SetFSInjection();
EFI_STATUS InjectKexts(IN UINT32 deviceTreeP, IN UINT32 *deviceTreeLength);
EFI_STATUS LoadKexts();
int is_mkext_v1(UINT8* drvPtr);
void patch_mkext_v1(UINT8 *drvPtr);
// int is_mkext_v1(UINT8* drvPtr);
// void patch_mkext_v1(UINT8 *drvPtr); //not used
EFI_STATUS LoadKext(IN EFI_FILE *RootDir, IN CHAR16 *FileName, IN cpu_type_t archCpuType, IN OUT void *kext);
EFI_STATUS AddKext(IN EFI_FILE *RootDir, IN CHAR16 *FileName, IN cpu_type_t archCpuType);

2
rEFIt_UEFI/refit/lib.h
View File

@ -497,7 +497,7 @@ extern BOOLEAN DumpVariable(CHAR16* Name, EFI_GUID* Guid, INTN DevicePathAt);
//VOID FilterKextPatches(IN LOADER_ENTRY *Entry);
#define KERNEL_MAX_SIZE 40000000
#define KERNEL_MAX_SIZE 80000000