Simonej Posted July 31, 2015 Share Posted July 31, 2015 Slice, could you explain... + <string>bootmgfw.efi</string> ...related to? Link to comment Share on other sites More sharing options...
Slice Posted July 31, 2015 Share Posted July 31, 2015 Is there such rootless=0 flag in yosemite? Afaik, there is only kext-dev-mode. Correct me if im wrong. Maybe im missing out something in here. Thanks Yes, it present in XNU sources as I paste. http://opensource.apple.com/release/os-x-10101/ Slice, could you explain... + <string>bootmgfw.efi</string> ...related to? Hide extra icon to boot Windows from Clover GUI. 1 Link to comment Share on other sites More sharing options...
magnifico Posted July 31, 2015 Share Posted July 31, 2015 Hi Sergey please explain me why this string It is also necessary to yose? <key>RtVariables</key> <dict> <key>CsrActiveConfig</key> <string>0x67</string> <key>BooterConfig</key> <string>0x28</string> </dict> Link to comment Share on other sites More sharing options...
mendietinha Posted July 31, 2015 Share Posted July 31, 2015 Hi Sergey please explain me why this string It is also necessary to yose? <key>RtVariables</key> <dict> <key>CsrActiveConfig</key> <string>0x67</string> <key>BooterConfig</key> <string>0x28</string> </dict> it is?? i dont think so. 1 Link to comment Share on other sites More sharing options...
Slice Posted July 31, 2015 Share Posted July 31, 2015 Hi Sergey please explain me why this string It is also necessary to yose? <key>RtVariables</key> <dict> <key>CsrActiveConfig</key> <string>0x67</string> <key>BooterConfig</key> <string>0x28</string> </dict> I think Yose is not necessary itself. 2 Link to comment Share on other sites More sharing options...
magnifico Posted July 31, 2015 Share Posted July 31, 2015 I think Yose is not necessary itself. Ok Sergey thz... you think you fix it with EL capitain, about the injection of unsigned kext? Link to comment Share on other sites More sharing options...
mhaeuser Posted July 31, 2015 Share Posted July 31, 2015 I doubt that I will be able to write that code due to real life things atm, but if anyone is interested: From what I can see you would need to iterate through the plist at __PRELINK_INFO:__info and search for the highest memory address used by a kext, append its size and align it to the usual page align. At the resulting address, the kext binary would need to be appended. Then some properties of Info.plist (check which are already present for other kexts) are to be added to the prelink plist, in addition to the _Prelink information such as the load address and more. Now I don't know where kext personality data are stored in the prelinkedkernel, they don't seem to be in the plist. Is there maybe a bplist section around? 3 Link to comment Share on other sites More sharing options...
Slice Posted July 31, 2015 Share Posted July 31, 2015 Rev 3253 released. 5 Link to comment Share on other sites More sharing options...
Fabio1971 Posted July 31, 2015 Share Posted July 31, 2015 @ slice post 7244 how can I fix thanks Fabio Link to comment Share on other sites More sharing options...
copil Posted July 31, 2015 Share Posted July 31, 2015 enjoy the clover ^^^^^^^^^ slice thanks all contributors 2 Link to comment Share on other sites More sharing options...
blackosx Posted July 31, 2015 Share Posted July 31, 2015 @ slice post 7244 how can I fix thanks Fabio post #7243 now The error ‘Couldn’t get file info’ comes from boot.efi not from Clover or dmazar’s OSXAptioFixDrv $ grep -r "Couldn't get file info" /System/Library/CoreServices/boot.efi Binary file /System/Library/CoreServices/boot.efi matches Maybe a problem with the kernel? or prelinkedkernel? not sure. What happens when booting without OSXAptiofixDrv? Do you get the same error? 1 Link to comment Share on other sites More sharing options...
Slice Posted July 31, 2015 Share Posted July 31, 2015 "Couldn’t get file info" usually means "file is absent": kernel or prelinked kernel. I don't know what is the situation. Link to comment Share on other sites More sharing options...
pokenguyen Posted August 1, 2015 Share Posted August 1, 2015 I saw this in source: // CsrActiveConfig Prop = GetProperty (DictPointer, "CsrActiveConfig"); gSettings.CsrActiveConfig = (UINT32)GetPropertyInteger (Prop, 0x67); //the value 0xFFFF means not set //BooterConfig Prop = GetProperty (DictPointer, "BooterConfig"); gSettings.BooterConfig = (UINT16)GetPropertyInteger (Prop, 0xFFFF); //the value 0xFFFF means not set So without manual CsrActiveConfig, Clover will set it to 0x67 and allow kexts to be put in /S/L/E? I just test with DP5. After install the latest Clover and remove rootless=0, I can still install/remove kexts in /S/L/E, and those kexts are still loaded. What is the point of putting kexts in /L/E Link to comment Share on other sites More sharing options...
Fabio1971 Posted August 1, 2015 Share Posted August 1, 2015 post #7243 now The error ‘Couldn’t get file info’ comes from boot.efi not from Clover or dmazar’s OSXAptioFixDrv $ grep -r "Couldn't get file info" /System/Library/CoreServices/boot.efi Binary file /System/Library/CoreServices/boot.efi matches Maybe a problem with the kernel? or prelinkedkernel? not sure. What happens when booting without OSXAptiofixDrv? Do you get the same error? It only happens when I use DumpUefiCalls.efi, eliminating DumpUefiCalls.efi to boot no problem Fabio Link to comment Share on other sites More sharing options...
wegface Posted August 1, 2015 Share Posted August 1, 2015 What is the point of putting kexts in /L/E Its where apple wants you to put 3rd party kexts. Stay out of SLE! Link to comment Share on other sites More sharing options...
D-an-W Posted August 1, 2015 Share Posted August 1, 2015 Whilst on the subject can I just confirm that /L/E is /Library/Extensions and not /Library/Extras ? Link to comment Share on other sites More sharing options...
Pike R. Alpha Posted August 1, 2015 Share Posted August 1, 2015 I saw this in source: // CsrActiveConfig Prop = GetProperty (DictPointer, "CsrActiveConfig"); gSettings.CsrActiveConfig = (UINT32)GetPropertyInteger (Prop, 0x67); //the value 0xFFFF means not set //BooterConfig Prop = GetProperty (DictPointer, "BooterConfig"); gSettings.BooterConfig = (UINT16)GetPropertyInteger (Prop, 0xFFFF); //the value 0xFFFF means not setSo without manual CsrActiveConfig, Clover will set it to 0x67 and allow kexts to be put in /S/L/E? That is wrong, IMHO, because that makes Clover less secure. Default should be 0 or perhaps only allow unsigned kexts. 3 Link to comment Share on other sites More sharing options...
mendietinha Posted August 1, 2015 Share Posted August 1, 2015 Whilst on the subject can I just confirm that /L/E is /Library/Extensions and not /Library/Extras ? yes 1 Link to comment Share on other sites More sharing options...
pokenguyen Posted August 1, 2015 Share Posted August 1, 2015 Its where apple wants you to put 3rd party kexts. Stay out of SLE! Can we access /L/E/ with CsrActiveConfig=0x65? Also, /L/E is meant to store 3rd party kexts since a long time ago and people still install kexts to /S/L/E, so why we have to move back now? Because we should use CsrActiveConfig=0x65 instead of 0x67 now? Link to comment Share on other sites More sharing options...
Slice Posted August 1, 2015 Share Posted August 1, 2015 That is wrong, IMHO, because that makes Clover less secure. 1 Link to comment Share on other sites More sharing options...
Pike R. Alpha Posted August 1, 2015 Share Posted August 1, 2015 You may find it hysterical, but it is a fact... 1 Link to comment Share on other sites More sharing options...
wegface Posted August 1, 2015 Share Posted August 1, 2015 Could battle egos all day/week/year , a novel idea would be- work on the injection problem instead. I know, im a revoultionary thinker. 1 Link to comment Share on other sites More sharing options...
Pike R. Alpha Posted August 1, 2015 Share Posted August 1, 2015 Could battle egos all day/week/year , a novel idea would be- work on the injection problem instead. I know, im a revoultionary thinker. It has nothing to do with ego's. Really. Thing is. Apple's boot.efi boots up by default with 0x0 (more secure) and Clover with 0x67 (less secure) and that makes it less secure. 1 Link to comment Share on other sites More sharing options...
tachikaze Posted August 1, 2015 Share Posted August 1, 2015 I think the laughter comes from the primary real-world effect of CSR being to lock out FakeSMC unless you can get a kext signing certificate (Good luck, now!). 0x00 is mostly just CYA from Apple, to remove a potential attack vector that could hit millions of Macs. Hopefully they'll continue to keep OS X open enough for us few hackers and our cheep x86 hardware . . . Link to comment Share on other sites More sharing options...
joe75 Posted August 1, 2015 Share Posted August 1, 2015 Personally, I've never had a problem with security in OS X over the last ten years and even if we exclude this new SIP Mac OS is the most secure its ever been. 6 Link to comment Share on other sites More sharing options...
Recommended Posts