Bootloader Chameleon 2.4svn Official PKG Installer

[Micky1979]

Sorry maybe I can help nothing... Would @crazybirdy @Micky1979 mind sharing a vanilla kernel? Thanks a lot!

IMHO we have to look at a prelinkedkernel already decompressed (is compressed in lzvn), like will be in memory.

[crazybirdy]

nothing. What's your Hex editor?

FYI.

HexEdit.zip

kernel_10.10.1.14B25.zip

[PMheart]

IMHO we have to look at a prelinkedkernel already decompressed (is compressed in lzvn), like will be in memory.

IMHO. The decompressed PK is the same as the raw kernel if we just talk about the kernel?

[Micky1979]

IMHO. The decompressed PK is the same as the raw kernel if we just talk about the kernel?

is compressed as well in lzvn

[crazybirdy]

is compressed as well in lzvn

so, if your orig kernel has this code?

[PMheart]

is compressed as well in lzvn

I see.

Anyway I'd like to know you hex code is from readStartupExtensions() right?

[Micky1979]

so, if your orig kernel has this code?

yes

 

I see.

Anyway I'd like to know you hex code is from readStartupExtensions() right?

should.

 

 

 

EDIT

apparently there are both of it  and Hex Fiend did not show me, while HexEdit from crazybirdy does.

prelinkedkernelDec.zip

[crazybirdy]

is compressed as well in lzvn

ok, we need to confirm which patch code works right, will test it with the patched kernels if i have free time.

Will let you know the results if done.

 

[edit]

cannot download your attached file.

Sorry, you don't have permission for that!

[PMheart]

yes

 

should.

 

found.png

 

uploading prelinkedkernel decompressed here... some seconds please..

According to the assembly spec. The eb 08 seems to bypass a new call, and nop out it will call that func. And have no bin... Will find out why the old patch has been deprecated.

[Micky1979]

ok, we need to confirm which patch code works right, will test it with the patched kernels if i have free time.

Will let you know the results if done.

Well, I can test it by booting 10.10.1!

According to the assembly spec. The eb 08 seems to bypass a new call, and nop out it will call that func. And have no bin... Will find out why the old patch has been deprecated.

Yea, we need a call to readBooterExtensions(); and off course mantains readPrelinkedExtensions

void
KLDBootstrap::readStartupExtensions(void)
{
    kernel_section_t * prelinkInfoSect = NULL;  // do not free

    OSKextLog(/* kext */ NULL,
        kOSKextLogProgressLevel |
        kOSKextLogGeneralFlag | kOSKextLogDirectoryScanFlag |
        kOSKextLogKextBookkeepingFlag,
        "Reading startup extensions.");
    
   /* If the prelink info segment has a nonzero size, we are prelinked
    * and won't have any individual kexts or mkexts to read.
    * Otherwise, we need to read kexts or the mkext from what the booter
    * has handed us.
    */
    prelinkInfoSect = getsectbyname(kPrelinkInfoSegment, kPrelinkInfoSection);
    if (prelinkInfoSect->size) {
        readPrelinkedExtensions(prelinkInfoSect);
    } else {
        readBooterExtensions();
    }

    loadKernelComponentKexts();
    readBuiltinPersonalities();
    OSKext::sendAllKextPersonalitiesToCatalog();

    return;
}

[PMheart]

yes

 

should.

 

found.png

 

 

EDIT

apparently there are both of it  and Hex Fiend did not show me, while HexEdit from crazybirdy does.

What about checking the hex via a perl script? See this FYI: https://github.com/PMheart/macOS-SIP-Opengated/blob/master/openGate.sh#L91

e.g. `perl -le "print scalar grep /\x00\x00\x00\x00/, <>;" $certainBin`

And the output will be how many the data we searched for in $certainBin.

[Micky1979]

cannot download your attached file.

Sorry, you don't have permission for that!

retry, here works

[PMheart]

@crazybirdy try this one. 

 

[DEPRECATED]

Edited February 15, 2017 by PMheart

[Micky1979]

What about checking the hex via a perl script? See this FYI: https://github.com/PMheart/macOS-SIP-Opengated/blob/master/openGate.sh#L91

e.g. `perl -le "print scalar grep /\x00\x00\x00\x00/, <>;" $certainBin`

And the output will be how many the data we searched for in $certainBin.

cool

[crazybirdy]

 

Well, I can test it by booting 10.10.1!

 

size is not the same, lost for almost 5mb after decompressed, and E8 25 00 00 00 EB 05 E8 is in the lost section around address 8A0980.

.

[PMheart]

Whoops?! 

Neither E8 25 00 00 00 EB 05 E8 nor0xE8, 0x27, 0x00, 0x00, 0x00, 0xEB, 0x08, 0x48, 0x89, 0xDF I can got... From micky's dec PK!

There must be something went wrong

[Micky1979]

here there is. 

[PMheart]

BTW 0xE8, 0x27, 0x00, 0x00, 0x00, 0xEB, 0x08, 0x48, 0x89, 0xDF has been commented out/deprecated since clover 2695

https://sourceforge.net/p/cloverefiboot/code/2695

 

and e827* was introduced in 2693 https://sourceforge.net/p/cloverefiboot/code/2693/

 

=======================================

 

I have a somewhat stupid guessing...

If we use kernelcache in Yos and then we should run micky's patch, that is what slice commented out.

If we use -f or boot with kernel + kexts then we should patch the kernel just like nowadays clover did?

Edited January 28, 2017 by PMheart

[Micky1979]

I'm compiling Enoch with or without "0xE8, 0x27, 0x00, 0x00, 0x00, 0xEB, 0x08, 0x48, 0x89, 0xDF":

 

with:

 

 

should print 'Found Yosemite (<= 10.10.4) EXT pattern: patched!'

 

 

without:

 

Edited January 30, 2017 by Micky1979
test files removed

[PMheart]

I'm compiling Enoch with or without "0xE8, 0x27, 0x00, 0x00, 0x00, 0xEB, 0x08, 0x48, 0x89, 0xDF":

 

with:

boot_MickyTest1.zip

 

should print 'Found Yosemite (<= 10.10.4) EXT pattern: patched!'

 

 

without:

boot_MickyTest2.zip

Feel quite sorry that in Singapore ATM and using a real Mac and thus have no ability to test...

[Micky1979]

NP, maybe crazybirdy can

[crazybirdy]

I'm compiling Enoch with or without "0xE8, 0x27, 0x00, 0x00, 0x00, 0xEB, 0x08, 0x48, 0x89, 0xDF":

 

with:

boot_MickyTest1.zip

 

should print 'Found Yosemite (<= 10.10.4) EXT pattern: patched!'

 

 

without:

boot_MickyTest2.zip

 

Both boot files work fine with 10105, 10116, boot without -f, load EE fine.

Both did not work with 10123 without -f, not load EE, find only SIP pattern.

bdmesg.zip

 

I don't have 10.10.0~10.10.4 now.

[mitch_de]

Both boot files work fine with 10105, 10116, boot without -f, load EE fine.

Both did not work with 10123 without -f, not load EE, find only SIP pattern.

..

I'm compiling Enoch with or without "0xE8, 0x27, 0x00, 0x00, 0x00, 0xEB, 0x08, 0x48, 0x89, 0xDF":

 

with:

boot_MickyTest1.zip

 

should print 'Found Yosemite (<= 10.10.4) EXT pattern: patched!'

 

 

without:

boot_MickyTest2.zip

 

Hi, i follow the dev with interest!

For better understanding and to know more  before i try those two with/without boot_MickyTest...  i have an question.

Has the patch parts  shown in the past postings like

// Yosemite, Need for 10.11.x

UINT8 KBEYosSearchEXT[] = { 0xE8, 0x25, 0x00, 0x00, 0x00, 0xEB, 0x05, 0xE8, 0xCE, 0x02, 0x00, 0x00 };

UINT8 KBEYosReplaceEXT[] = { 0xE8, 0x25, 0x00, 0x00, 0x00, 0x90, 0x90, 0xE8, 0xCE, 0x02, 0x00, 0x00 };

to do with problems loading kext from /E/E or have those patches the target to implement clovers  NVRAM/NvidiaWeb  feature in chameleon?

Thanks!

 

[Micky1979]

Hi, I've implemented the patch to load NVDAStartupWeb before go out of home. I'm at my fried son's 'battesimo' (don't know the term in English). Later in the night we can test it.

See you later

[PMheart]

 

Hi, i follow the dev with interest!

For better understanding and to know more  before i try those two with/without boot_MickyTest...  i have an question.

Has the patch parts  shown in the past postings like

// Yosemite, Need for 10.11.x

UINT8 KBEYosSearchEXT[] = { 0xE8, 0x25, 0x00, 0x00, 0x00, 0xEB, 0x05, 0xE8, 0xCE, 0x02, 0x00, 0x00 };

UINT8 KBEYosReplaceEXT[] = { 0xE8, 0x25, 0x00, 0x00, 0x00, 0x90, 0x90, 0xE8, 0xCE, 0x02, 0x00, 0x00 };

to do with problems loading kext from /E/E or have those patches the target to implement clovers  NVRAM/NvidiaWeb  feature in chameleon?

Thanks!

 

 

No... The patch are for loading extra kexts besides kernelcache.