apianti Posted January 8, 2018 Share Posted January 8, 2018 No, it worked fine with the old aptiofix2 and older clover and disabled HD4600 graphics in the bios. It beeps just before restart. It is like a protection beep against memory corruption? Sounds nasty, lot of beeps. Yes injection is done properly. I now enabled hd4600 again (primary gfx is nvidia PCIe), and then set the hd4600 to a connector-less ig-platform-id. So it does not appear as opencl render anymore. Now the restarting works normally again. Let me know if I can do some tests. BTW: I re-tried with emuvariable.efi, no change, still beeping (hd4600 disabled). Also re-tried aptiofix1-WTH, no change. one question: if I have a IGPU device and ig-platform-id set in my ACPI, can I drop that whole device and its references only using clover, so I can then inject another ig-platform-id using clover? Since clover won't overwrite the existing ig-platform-id... Or do I have to make an acpi patch in clover then? IDK is your integrated still be recognized by macOS? Are you disabling the HD4600 or changing from integrated default to PCIe default? Why won't clover override the existing ig-platform-id? It will inject whatever you put in the key's value, or it should. EDIT: Those drivers are in r4369, there's no need to go trying other drivers, the AptioFix2 in r4369 is the ONLY fix anyone should be trying to use at this point. Link to comment Share on other sites More sharing options...
Funky frank Posted January 8, 2018 Share Posted January 8, 2018 IDK is your integrated still be recognized by macOS? Are you disabling the HD4600 or changing from integrated default to PCIe default? Why won't clover override the existing ig-platform-id? It will inject whatever you put in the key's value, or it should. EDIT: Those drivers are in r4369, there's no need to go trying other drivers, the AptioFix2 in r4369 is the ONLY fix anyone should be trying to use at this point. Is it the same like you linked here before? Link to comment Share on other sites More sharing options...
apianti Posted January 8, 2018 Share Posted January 8, 2018 Is it the same like you linked here before? Bro, the r4369 installer is officially released on sourceforge. Link to comment Share on other sites More sharing options...
apianti Posted January 8, 2018 Share Posted January 8, 2018 @DF, I changed the windows build because it was broken, it wasn't actually building some stuff or the firmware, lol. I also tried to set optimization for size..... It did not change the size of one file even though it clearly was used during the build. Apparently VS sucks at optimizing for size, or not all sources are being optimized (maybe assembly)? Link to comment Share on other sites More sharing options...
Balamut Posted January 8, 2018 Share Posted January 8, 2018 Guys, an update. With the latest AptioFix, I get a freeze regardless of slide value. Link to comment Share on other sites More sharing options...
xtddd Posted January 8, 2018 Share Posted January 8, 2018 r4369 works fine with no problems 1 Link to comment Share on other sites More sharing options...
Guest Posted January 8, 2018 Share Posted January 8, 2018 @apianti I have done a minimal sort of empiric debug on my system With latest aptiofix2 and emuvariable64uefi driver installed I can boot with or without any slide parameters deleting emuvariable64uefi I can boot only with slida=128 or greater without it compares error "does printf work?" for the sake of test I have also used a old aptiofix2 and it has same beahviour I have no installed RCscript on any volume obviously Nvram does not work after resetting my system Link to comment Share on other sites More sharing options...
apianti Posted January 8, 2018 Share Posted January 8, 2018 Guys, an update. With the latest AptioFix, I get a freeze regardless of slide value. Give me your memmap from shell after clover GUI. @apianti I have done a minimal sort of empiric debug on my system With latest aptiofix2 and emuvariable64uefi driver installed I can boot with or without any slide parameters deleting emuvariable64uefi I can boot only with slida=128 or greater without it compares error "does printf work?" for the sake of test I have also used a old aptiofix2 and it has same beahviour I have no installed RCscript on any volume obviously Nvram does not work after resetting my system My method for determining the slide is flawed. It is not calculated that way, please give me your memmap after clover GUI and I will calculate it for you. 1 Link to comment Share on other sites More sharing options...
Cyberdevs Posted January 8, 2018 Share Posted January 8, 2018 Use it? Also, AptioFix2. If I use CsrConfig 0x0 I get the black screen on my 1070 GPU. System only boots if I disable SIP partially or completely. I guess it has to do something with the NVWebDriverLibValFix.kext not being loaded with SIP being enabled but I also had no luck using NVidiaGraphicsFixUp.kext either. With previous AptioDrvFix2 driver I was able to boot into macOS with CsrConfig set to 0x0. Link to comment Share on other sites More sharing options...
apianti Posted January 8, 2018 Share Posted January 8, 2018 If I use CsrConfig 0x0 I get the black screen on my 1070 GPU. System only boots if I disable SIP partially or completely. I guess it has to do something with the NVWebDriverLibValFix.kext not being loaded with SIP being enabled but I also had no luck using NVidiaGraphicsFixUp.kext either. With previous AptioDrvFix2 driver I was able to boot into macOS with CsrConfig set to 0x0. Yeah that makes sense that it's preventing a non-signed kext from loading when sip is enabled. That's what it's supposed to do. It was not working correctly before as I had speculated. Inject the kext or allow unsigned kexts (0x1). 2 Link to comment Share on other sites More sharing options...
mhaeuser Posted January 8, 2018 Share Posted January 8, 2018 Yeah that makes sense that it's preventing a non-signed kext from loading when sip is enabled. That's what it's supposed to do. It was not working correctly before as I had speculated. Inject the kext or allow unsigned kexts (0x1).Injected kexts and kexts in cache are not affected by the signature verification.Might be RTShims lands somewhere in the way, maybe change it to All9catePagesFromTop? 1 Link to comment Share on other sites More sharing options...
apianti Posted January 8, 2018 Share Posted January 8, 2018 Injected kexts and kexts in cache are not affected by the signature verification. Might be RTShims lands somewhere in the way, maybe change it to All9catePagesFromTop? Why I suggested he injected the kext instead. Otherwise it has to be added to the cache though. Also pretty sure if you change SIP it tries to rebuild the cache during boot. He also said that it works if he partially or fully disables sip, which means that it's probably just sip preventing the kext from loading.... Just going with easiest cause for now. Then we'll move on to code fixes. EDIT: Though maybe we probably do want to allocate those shims as high as possible regardless.... Link to comment Share on other sites More sharing options...
mhaeuser Posted January 8, 2018 Share Posted January 8, 2018 Why I suggested he injected the kext instead. Otherwise it has to be added to the cache though. Also pretty sure if you change SIP it tries to rebuild the cache during boot. He also said that it works if he partially or fully disables sip, which means that it's probably just sip preventing the kext from loading.... Just going with easiest cause for now. Then we'll move on to code fixes.Hmm, indeed I never checked if changing SIP flushes the cache, good point. Link to comment Share on other sites More sharing options...
Balamut Posted January 8, 2018 Share Posted January 8, 2018 Give me your memmap from shell after clover GUI. My method for determining the slide is flawed. It is not calculated that way, please give me your memmap after clover GUI and I will calculate it for you. Here you go.memmap.txt Link to comment Share on other sites More sharing options...
apianti Posted January 8, 2018 Share Posted January 8, 2018 Here you go. Available 0000000000100000-00000000657F9FFF 00000000000656FA 000000000000000F Oh, come on, man! You can literally pick any slide, that is not encouraging. Did you try not setting it at all or slide=0? What slide values did you use? What other stuff are you using drivers/injection/etc? What is your board and CPU? Link to comment Share on other sites More sharing options...
Cyberdevs Posted January 8, 2018 Share Posted January 8, 2018 Yeah that makes sense that it's preventing a non-signed kext from loading when sip is enabled. That's what it's supposed to do. It was not working correctly before as I had speculated. Inject the kext or allow unsigned kexts (0x1). The wired thing is when I fully enable SIP all other kexts can load with clover but it only prevents the NVWebDriverLibValFix.kext or nVidiaGraphicsFixUp. I'll check the same CsrConfig 0x0 on my other Hack with an AMD GPU and see I can get it to work with the new AptioDrvFix or not. In the meanwhile just to let you know I also tried to clean the NVRAM, Kext Cache and the prelinkedKernel before changing the AptioDrvFix but no luck either. Link to comment Share on other sites More sharing options...
apianti Posted January 8, 2018 Share Posted January 8, 2018 The wired thing is when I fully enable SIP all other kexts can load with clover but it only prevents the NVWebDriverLibValFix.kext or nVidiaGraphicsFixUp. I'll check the same CsrConfig 0x0 on my other Hack with an AMD GPU and see I can get it to work with the new AptioDrvFix or not. In the meanwhile just to let you know I also tried to clean the NVRAM, Kext Cache and the prelinkedKernel before changing the AptioDrvFix but no luck either. You got what I said right? Those kexts aren't signed so they won't be allowed to be loaded into the cache without at least allowing unsigned kexts, CsrConfig=0x1. If you want to enable SIP fully then inject the kexts instead. And you are using AptioFix2 right? AptioFix probably won't give good results anymore. Link to comment Share on other sites More sharing options...
Cyberdevs Posted January 8, 2018 Share Posted January 8, 2018 You got what I said right? Those kexts aren't signed so they won't be allowed to be loaded into the cache without at least allowing unsigned kexts, CsrConfig=0x1. If you want to enable SIP fully then inject the kexts instead. And you are using AptioFix2 right? AptioFix probably won't give good results anymore. Yes I get it, I'm using the new AptioFix2 from the Clover r4396 and I know that if the SIP is fully disabled it won't let any unsigned kexts to be loaded. Here's what I don't get. Are AppleALC, FakeSMC, and Lilu properly signed? If not how come they get loaded while nVidiaGraphicsFixup or NVWebDriverLibValFix.kext can't get loaded by macOS? I inject the kexts via Clover and they are all in the "Other" folder and InjectKexts are Set to yes on SystemParametes. 1 Link to comment Share on other sites More sharing options...
apianti Posted January 8, 2018 Share Posted January 8, 2018 Yes I get it, I'm using the new AptioFix2 from the Clover r4396 and I know that if the SIP is fully disabled it won't let any unsigned kexts to be loaded. Here's what I don't get. Are AppleALC, FakeSMC, and Lilu properly signed? If not how come they get loaded while nVidiaGraphicsFixup or NVWebDriverLibValFix.kext can't get loaded by macOS? I inject the kexts via Clover and they are all in the "Other" folder and InjectKexts are Set to yes on SystemParametes. No those aren't signed, I don't think.... Wait so it's already being injected and not being loaded? Are you sure? You did a kextstat and it was not loaded? Or you just having issues that those kexts were previously fixing? Your log say they are being injected properly? Also try turning on KernelAndKextPatches/Debug=true, to make sure there is nothing happening when it's being injected. EDIT: I think you mean enabled. CsrConfig=0x0 is enabled. CsrConfig=0x67 is disabled. Other values partially disable something. Link to comment Share on other sites More sharing options...
Cyberdevs Posted January 8, 2018 Share Posted January 8, 2018 No those aren't signed, I don't think.... Wait so it's already being injected and not being loaded? Are you sure? You did a kextstat and it was not loaded? Or you just having issues that those kexts were previously fixing? Your log say they are being injected properly? Also try turning on KernelAndKextPatches/Debug=true, to make sure there is nothing happening when it's being injected. EDIT: I think you mean enabled. CsrConfig=0x0 is enabled. CsrConfig=0x67 is disabled. Other values partially disable something. That's what I thought also, all other kexts aren't signed either, the problem is that I can't run kextstat because I'm dealing with the black screen issue, but I can do some more test with my other rig which has an AMD GPU and it's not affected with the black screen issue and make sure that they get injected properly if I fully enable SIP with the CsrConfig=0x0 and report back. I'll let you know how it worked out when I get back home. Thanks a lot for your time and efforts and your precious input. Link to comment Share on other sites More sharing options...
apianti Posted January 8, 2018 Share Posted January 8, 2018 That's what I thought also, all other kexts aren't signed either, the problem is that I can't run kextstat because I'm dealing with the black screen issue, but I can do some more test with my other rig which has an AMD GPU and it's not affected with the black screen issue and make sure that they get injected properly if I fully enable SIP with the CsrConfig=0x0 and report back. I'll let you know how it worked out when I get back home. Thanks a lot for your time and efforts and your precious input. I imagine you'll be able to boot even if it's not injected, since it shouldn't affect your AMD GPU. But kind of leads me to think that maybe the driver itself is causing a problem. Have you tried not using it? Do you also get black screen?? 1 Link to comment Share on other sites More sharing options...
Cyberdevs Posted January 8, 2018 Share Posted January 8, 2018 I imagine you'll be able to boot even if it's not injected. But kind of leads me to think that the driver itself is causing a problem. Have you tried not using it? Do you also get black screen?? The problem starts right after I install the nVidia WebDrivers I'm not sure if I enable SIP I'll be able able to boot into macOS or not I'll do another clean install before installing the web drivers and see if I can boot into macOS with CsrConfig=0x0 and let you know how it goes. 1 Link to comment Share on other sites More sharing options...
apianti Posted January 8, 2018 Share Posted January 8, 2018 Man, I just realized that we could seriously devastate a whole fleet of macs with a USB drive and physical access...................................... I mean so that no one would notice but we could have total access to everything that's done on the machine. I actually got that weird feeling in my stomach, because I was about to write a kernel attack in the other thread, and was like WTF am I doing. 1 Link to comment Share on other sites More sharing options...
Cyberdevs Posted January 8, 2018 Share Posted January 8, 2018 Man, I just realized that we could seriously devastate a whole fleet of macs with a USB drive and physical access...................................... I mean so that no one would notice but we could have total access to everything that's done on the machine. I actually got that weird feeling in my stomach, because I was about to write a kernel attack in the other thread, and was like WTF am I doing. What do you mean? How we can do that? Care to explain? Link to comment Share on other sites More sharing options...
apianti Posted January 8, 2018 Share Posted January 8, 2018 What do you mean? How we can do that? Care to explain? First, no, lol. Second, macs don't have secure boot so you can run any EFI application, either through bootcamp or by making it think it's an installer with boot.efi... Once you are there you can pretty much carry out a ton of attacks on the OS. And I almost wrote it out anyway.... JEEEEEEEEEEEEEEZZZZZZZZZZZZ. EDIT: Trying to trick me into giving you the goods to put porn on your boss' computer. EDIT2: I guess technically any firmware not using secure boot can be attacked like this but only macOS doesn't support using it, and it doesn't exist in macs firmware at all. Making it more vulnerable. I guess hacks are too since we have to boot without secure boot, although we tried to get secure boot working. It might, I haven't tried in years lol. But it involves signing a bunch of EFI modules.... EDIT3: Meant secure not safe, added some more info to previous edit. EDIT4: It autocorrect secure to safe in my addition. Screw my phone. EDIT5: "It autocorrect" Man it is amazing at just changing words I already typed and moved onto the next into nonsense, and it's not even enabled. My phone is such a POS that it does not allow disabling autocorrect even if you disable it.... 1 Link to comment Share on other sites More sharing options...
Recommended Posts