Mavericks kernel testing on AMD (formerly Mountain Lion kernel testing on AMD)

[zchef2k]

No need to remove them as Andy added them to the blacklister in the kernel.

 

What if we're actually EFI booting?

[Mohamed Khairy]

Also in your case it panics on AppleEFI kexts. Untill I get the blacklister fixed you need to remove AppleEFIRuntime.kext and AppleIntelCPUPowerManagement kexts. After that it should get further... Also I have some ideas about fixing the ssse3emu in 64bit mode. Will keep you posted... the trick will be pushing the rax register. Putting the pointer there. Placing the pointer into 16(%%ebp). Popping back into rax and last popa (.byte 0x61)

remove from S / L / E AppleIntelCPUPowerManagement.kext and AppleEFIRuntime.kext and try to boot again.That's how I understood Andy.

this is fixed on last compiled kernel

[spakk]

No need to remove them as Andy added them to the blacklister in the kernel.

Thanks for the information, I've misinterpreted for me.I change to my system.

[Sinetek]

Hi! I'm reading what I missed in this thread currently. Thanks AnV for looking into 64 bits. Does the SSSE3emu work under it currently?

If not, I'll look into it. It's gonna be a bit complex because we have to check whether the returning process is 32b or 64b...

Also, I was planning on trying to emulate sysenter inside of the same emu, that would be useful even for bulldozer.

[wastez]

My System Panics every time directly after loading the ssse3 emulator like theconnactic's system does.

[mac_carol]

The latest patched corecrypto.kext seems to work perfectly, WITHOUT: fips_mode=0

 

 

 

 

 

 

Running ML 10.8.2 with the latest AnV kernel v12.2.0

 

 

WITHOUT: -enable_ssse3emu

 

 

 

 

 

 

 

WITH: -enable_ssse3emu

 

 

 

 

 

I got 2 different results:

 

 

1. mostly, I got stuck at "Kernel is LP64" which was similar to booting the osx WITHOUT: -enable_ssse3emu

 

 

 

 

 

2. but occasionally, I also got the SSSE3 emulator KP (rarely!)

 

 

 

 

 

 

EDIT:

 

 

It seems that the FSB frequency detection has not been corrected yet

 

 

 

 

It reported the FSB freq. = 420MHz instead of 200MHz (even if I used: busratio=17 fsb=200000000 )

[zchef2k]

The latest patched corecrypto.kext seems to work perfectly, WITHOUT: fips_mode=0

 

It reported the FSB freq. = 420MHz instead of 200MHz (even if I used: busratio=17 fsb=200000000 )

 

What base OS are you using? 10.8.0, .1, or .2?

[mac_carol]

What base OS are you using? 10.8.0, .1, or .2?

 

 

[instant idiot]

AMD Athlon II x4 640

OS X Mountain Lion 10.8.2 with AnV's modified corecrypto.kext

Kernel flags: AnV_kernel -v -f -enable_ssse3emu npci=0x3000

 

It just hangs there.

[instant idiot]

I just tried booting the same installation (as mentioned in my previous post) on my ProBook 4530s with Intel Core i3-2350m (runs vanilla kernel). It booted all the way to the desktop without issuses, but it took MUCH longer than with the vanilla kernel.

[Andy Vandijck]

@sinetek: the ssse3emu probably can use some more work. Also more work to OSKext and IOCatalogue .cpp and .h are needed

[Sinetek]

@anv: still trying to port it. big changes were required. pusha isn't available in x64 btw.

in ML the commpage has shrunk, so i enlarged it back to something we can use. there seems to be a permission problem, i can't access memory higher than 4K on the commpage :@

[Andy Vandijck]

Maybe we could just fix those permissions (it's probably sonewhere inside commpage.c).

Gonna look into it later today.

[Sinetek]

yeah it seems to be a VM_PROT_EXECUTE issue or something. it's weird, i added those to the permissions, still no dice

[pauℓzurrr.]

Happy to see the amd osx scene is still alive

[Deltac0]

This is so awesome...

I was unable to access InsanelyMac for like 5 days, and when I come back I see that you're all almost booting ML!

 

Good luck AnV, Sinetek, Spakk, Gils & others!

[wastez]

My system now stocks on Kernel is LP64 too.

[Andy Vandijck]

Here's the work for today...

I fixed the work on IOCatalogue.cpp and IOCatalogue.h

It now loads up in the Bronzovka way (directly loading drivers...)

The only thing I had to use stock is the OSKext::uniquePersonalityProperties functions as the UniqueProperties as used in Lion didn't work...

the new kernel should boot (I think)

You will not see resetting IOCatalogue and it still works

Here are the patches and the kernel and below my ioreg:

rtclock_init: Taking bus ratio path 4 (Intel / Apple)
TSC: Verification of clock speed not available in x86_64.
TSC: Frequency =   2394.934497MHz, FSB frequency =  266.103833MHz, bus ratio = 9
Darwin Kernel Version 12.2.0: wo 12 dec 2012 20:54:05 CET; bronzovkAnVoodoo v0.9.30:xnu-2050.18.24/BUILD/obj/RELEASE_X86_64
vm_page_bootstrap: 503347 free pages and 20941 wired pages
kext submap [0xffffff7f80817000 - 0xffffff8000000000], kernel text [0xffffff8000200000 - 0xffffff8000817000]
zone leak detection enabled
standard timeslicing quantum is 10000 us
standard background quantum is 2500 us
mig_table_max_displ = 74
corecrypto kext started!
Running kernel space in FIPS MODE
Plist hmac value is    735d392b68241ef173d81097b1c8ce9ba283521626d1c973ac376838c466757d
Computed hmac value is 735d392b68241ef173d81097b1c8ce9ba283521626d1c973ac376838c466757d
corecrypto.kext FIPS integrity POST test passed!
corecrypto.kext FIPS AES CBC POST test passed!
corecrypto.kext FIPS TDES CBC POST test passed!
corecrypto.kext FIPS SHA POST test passed!
corecrypto.kext FIPS HMAC POST test passed!
corecrypto.kext FIPS ECDSA POST test passed!
corecrypto.kext FIPS DRBG POST test passed!
corecrypto.kext FIPS POST passed!
warning: skipping personalities in blacklisted kext com.apple.driver.AppleEFIRuntime
warning: skipping personalities in blacklisted kext com.apple.driver.AppleIntelCPUPowerManagement
AppleACPICPU: ProcessorId=0 LocalApicId=0 Enabled
AppleACPICPU: ProcessorId=1 LocalApicId=1 Enabled
AppleACPICPU: ProcessorId=2 LocalApicId=2 Enabled
AppleACPICPU: ProcessorId=3 LocalApicId=3 Enabled
calling mpo_policy_init for Sandbox
Security policy loaded: Seatbelt sandbox policy (Sandbox)
calling mpo_policy_init for Quarantine
Security policy loaded: Quarantine policy (Quarantine)
calling mpo_policy_init for TMSafetyNet
Security policy loaded: Safety net for Time Machine (TMSafetyNet)
Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California. All rights reserved.
MAC Framework successfully initialized
using 10485 buffer headers and 7290 cluster IO buffer headers
IOAPIC: Version 0x03 Vectors 64:87
IOAPIC: Version 0x03 Vectors 88:111
ACPI: System State [s0 S3 S4 S5]
PFM64 (36 cpu) 0xf80000000, 0x80000000
[ PCI configuration begin ]
PCI configuration changed (bridge=4 device=0 cardbus=0)
[ PCI configuration end, bridges 5 devices 21 ]
SuperVIAATA for Snow Leopard by c0rk007hck
SuperVIAATA for Snow Leopard by c0rk007hck
SuperVIAATA for Snow Leopard by c0rk007hck
SuperVIAATA for Snow Leopard by c0rk007hck
[ PCI configuration begin ]
PCI configuration changed (bridge=4 device=0 cardbus=0)
RTC: Only single RAM bank (128 bytes)
FakeSMC: opensource SMC device emulator by netkas (C) 2009
[ PCI configuration end, bridges 6 devices 22 ]
FireWire runtime power conservation disabled. (2)
FakeSMC: plugins & plugins support modifications by mozodojo, usr-sse2, slice (C) 2010
FakeSMCDevice: 17 preconfigured keys added:
FakeSMCDevice: successfully initialized
SuperVIAATADriver: VIAx64 UNKNOWN UNKNOWN (CMD 0x170, CTR 0x374, IRQ 15, BM 0xe408)
FireWire (OHCI) VendorID 1106 ID 3044 PCI now active, GUID 00016c20003c58d9; max speed s400.
SuperVIAATADriver: VIAx64 8237 SATA UNKNOWN (CMD 0xfc00, CTR 0xf800, IRQ 21, BM 0xec00)
ERROR: FireWire unable to determine security-mode; defaulting to full-secure.
mbinit: done [64 MB total pool size, (42/21) split]
Pthread support ABORTS when sync kernel primitives misused
rooting via boot-uuid from /chosen: D3F04E02-F500-372D-A125-A6950FF375A9
Waiting on <dict ID="0"><key>IOProviderClass</key><string ID="1">IOResources</string><key>IOResourceMatch</key><string ID="2">boot-uuid-media</string></dict>
com.apple.AppleFSCompressionTypeDataless kmod start
com.apple.AppleFSCompressionTypeZlib kmod start
com.apple.AppleFSCompressionTypeDataless load succeeded
com.apple.AppleFSCompressionTypeZlib load succeeded
PCGenRTL8139: vendorID = 0x10ec deviceID = 0x8139 revisionID = 0x0010
PCGenRTL8139: found PIO accessor at 9c01
PCGenRTL8139: found MMIO accessor at DFAFF000
Got boot device = IOService:/AppleACPIPlatformExpert/PCI0@0/AppleACPIPCI/SATA@F/SuperVIAATARoot/CHN0@0/SuperVIAATADriver/ATADeviceNub@0/AppleATADiskDriver/IOATABlockStorageDevice/IOBlockStorageDriver/ST3500830AS ST3500830AS/IOGUIDPartitionScheme/Mac_HD@2
BSD root: disk0s2, major 1, minor 2
PCGenRTL8139: using PIO access mode...
Kernel is LP64
PCGenRTL8139::fixEnetFlowControl - Flow Control is disabled
PCGenRTL8139: Ethernet address 00:1c:25:28:bb:ef
Waiting for DSMOS...
macx_swapon SUCCESS
Previous Shutdown Cause: 3
NVDANV50HAL loaded and registered.
VoodooPS2SynapticsTouchPad loaded
No interval found for . Using 8000000
ApplePS2Trackpad: ALPS GlidePoint v0.0
ACPI_SMC_PlatformPlugin::start - waitForService(resourceMatching(AppleIntelCPUPowerManagement) timed out
Controller: VIA VT8251/8237A (vendor ID: 1106, device ID: 3288)
DSMOS has arrived
[iOBluetoothHCIController][start] -- completed

As you may see it loads the drivers without kextd

It should work for AMD too thus.

At least it is a step forward

Please test and post your results asap.

This will be my last work for today... not looking forward to tomorrow as I have to go to the hospital for a liver biopsy... (damn Heppatitis C )

xnu-2050.18.24-test6.diff.zip

AnV_kernel.zip

[instant idiot]

Still stuck at "Kernel is LP64" here.

[SS01]

Thanks AnV, will test soon. Liver biopsy.. hope you're okay D:

[Mohamed Khairy]

thanks andy

the kernel has the same stop point as yesterday

------------------

hope the virus get reradiated from your body and to be cured 100 %

[Sinetek]

@anv, found it, vm_shared_region.c map permissions. still more debugging ahead, the trap isn't working right, but i can execute the commpage at least

 

AnV i hope you get well.

[spakk]

I wish you all the very best! Andy

I test later

[AkimoA]

all the best ! get well soon

[Andy Vandijck]

@sinetek: take a peak... the explanation of the pusha / popa instructions in Intel dev manual (instruction set reference, latest)

Pusha:
Pushes the contents of the general-purpose registers onto the stack. The registers are stored on the stack in the following order: EAX, ECX, EDX, EBX, ESP (original value), EBP, ESI, and EDI (if the current operand-size attribute is 32) and AX, CX, DX, BX, SP (original value), BP, SI, and DI (if the operand-size attribute is 16). These instructions perform the reverse operation of the POPA/POPAD instructions. The value pushed for the ESP or SP register is its value before prior to pushing the first register (see the “Operation” section below).
Temp ← (ESP);
Push(EAX);
Push(ECX);
Push(EDX);
Push(EBX);
Push(Temp);
Push(EBP);
Push(ESI);
Push(EDI);
Popa:
Pops doublewords (POPAD) or words (POPA) from the stack into the general-purpose registers. The registers are loaded in the following order: EDI, ESI, EBP, EBX, EDX, ECX, and EAX (if the operand-size attribute is 32) and DI, SI, BP, BX, DX, CX, and AX (if the operand-size attribute is 16). (These instructions reverse the operation of the PUSHA/PUSHAD instructions.) The value on the stack for the ESP or SP register is ignored. Instead, the ESP or SP register is incremented after each register is loaded.
EDI ← Pop();
ESI ← Pop();
EBP ← Pop();
Increment ESP by 4; (* Skip next 4 bytes of stack *)
EBX ← Pop();
EDX ← Pop();
ECX ← Pop();
EAX ← Pop();

 

We could use pushq instructions and popq to do the same thing...

Also instead of incrementing with 4 for 64bit it's obviously 8...

Great to see you're making progress on the emulator...

Hope these instructions help you...

The name of the document: 64-ia-32-architectures-software-developer-instruction-set-reference-manual-325383.pdf

Keep me posted and keep up the good work