Jump to content

[Acer PT14-51 Laptop] HowTo


Stezza88
 Share

412 posts in this topic

Recommended Posts

u miss the parameter (sys.kc or boot.kc)

 

image.png.20fe0a754e4b29c24b2a28569cc1b269.png

 

btw i use this to debug decompkernelcache. guess pass the parameter should work

anyway to step debug comment fopen and choose sys or kc fopen

 

don't hack my hack

Edited by jalavoui
  • Like 1
Link to comment
Share on other sites

you dont patch the binary directly use wg or nblue todo it.

 

did u make ghidra analyse the binary 1st?

 

just testing for this

 

Capturadeecra2024-11-02as16_05_46.png.8245ec54fbd6aeb4b752673581ccc280.png

 

if i try this in the ventura binary from decompkernelcachede

 

Capturadeecra2024-11-02as16_02_38.png.cff587406ccc8482a78ec5670cbf5de2.png

 

ghidra failed to decompile the code and i get this

Capturadeecra2024-11-02as16_08_18.thumb.png.bc7c6459e72973505a4663641c40d80d.png

 

 

 

this is bad luck but you can load on ida pro

 

Capturadeecra2024-11-02as16_13_36.png.c246096cd7d23b5e99c67e1b7212fc59.pngCapturadeecra2024-11-02as16_12_02.png.8abf5dcfc2da7fc313895ad86182df47.png

  • Like 1
Link to comment
Share on other sites

Capturadeecra2024-11-02as16_18_23.png.467a5838d596db1a2a8c602635d2690d.pngCapturadeecra2024-11-02as16_18_09.thumb.png.e438f80b38d1a472fedcff50a2c45cad.pngCapturadeecra2024-11-02as16_17_53.png.c17151a4bf15a14d3a14f7081b950d0b.png

when you create the patch (new bytes) add to nblue or wg like this

f2 are original bytes

r2 is the patch (new hex bytes copyed from ghidra or ida pro)

 

Capturadeecra2024-11-02as16_19_38.png.2d4f7c3e7abac602d4d41faa0f44d6eb.png

so you don't mess with the binary files. you just create patches to use on nblue or wg

  • Like 1
Link to comment
Share on other sites

i did test last night the config and acpi you did for me jala, it tries to boot (im using sonoma 14.7 from a usb) without nblue or weg fork it goes to a blank screen only. should i add reset nvram driver?

Link to comment
Share on other sites

the config i did was based on my oc old 9.6 version. try to change it for the version you have

 

this is my oc confg

image.png.8b8cb8449e8c019cfcbe67baea51b0a7.png

 

it's old just get OC + OC confgurator that can let you do proper configs

 

if you read this thread you will see everyone does mistakes. so we talk about it here and try to find a solution

 

asus for instance took 5 pages to figure out his nvram delete mistake

 

so ben i think if you can fix the new config your system will work just fine

Edited by jalavoui
  • Like 1
Link to comment
Share on other sites

1 minute ago, jalavoui said:

the config i did was based on my oc old 9.6 version. try to change it for the version you have

ok ill do that now.

Link to comment
Share on other sites

1 hour ago, jalavoui said:

you dont patch the binary directly use wg or nblue todo it.

 

did u make ghidra analyse the binary 1st?

 

just testing for this

 

Capturadeecra2024-11-02as16_05_46.png.8245ec54fbd6aeb4b752673581ccc280.png

 

if i try this in the ventura binary from decompkernelcachede

 

Capturadeecra2024-11-02as16_02_38.png.cff587406ccc8482a78ec5670cbf5de2.png

 

ghidra failed to decompile the code and i get this

Capturadeecra2024-11-02as16_08_18.thumb.png.bc7c6459e72973505a4663641c40d80d.png

 

 

 

this is bad luck but you can load on ida pro

 

Capturadeecra2024-11-02as16_13_36.png.c246096cd7d23b5e99c67e1b7212fc59.pngCapturadeecra2024-11-02as16_12_02.png.8abf5dcfc2da7fc313895ad86182df47.png

 

Hope IDA 7.7 could do its dirty job too.. now i'm setupping some things..

Edited by ASUS Vivobook
Link to comment
Share on other sites

I have found this... it was "com.apple.driver.AppleIntelICLGraphics : __ZN16IntelAccelerator10getGPUInfoEv + 0x3ed"

And maybe i thought that 0x3ed is the offset inside this function..

 

ghidrasku.jpg

Edited by ASUS Vivobook
Link to comment
Share on other sites

In my code for example, i don't have this sequence of byte so the lshbluesky patch won't apply

// Sku Bypass IntelAccelerator::getGPUInfo
static const uint8_t f2[] = {
	0x0F, 0x87, 0x17, 0x01, 0x00, 0x00, 0x48, 0x8D, 0x0D, 0x96, 0x02, 0x00, 0x00
};

when i find, it's empty the search

 

lshblueskySKU.jpg

Edited by ASUS Vivobook
Link to comment
Share on other sites

I did my patch, and it worked!! I've followed lshbluesky methodology (pointing to a safe location) in the other post to do it..

// Sku Bypass IntelAccelerator::getGPUInfo
static const uint8_t f2[] = {
	0xE8, 0x38, 0x0C, 0x06, 0x00, 0xE9, 0x2D, 0x01, 0x00, 0x00
};
static const uint8_t r2[] = {
	0xC7, 0x83, 0x98, 0x11, 0x00, 0x00, 0x08, 0x00, 0x00, 0x00
};

Noi i have got a new kp... "Graphics Firmware Load failed boot hash check!\"

Kernel-2024-11-03-115328.panic

 

But this has no instructions associated... it could be a problem..

 

graphicsfailedhashcheck.png

Edited by ASUS Vivobook
Link to comment
Share on other sites

that's interesting you're using scheduler for apple firmware and icl is trying to load it. kinda like linux

are you using wg from other thread?

image.png.46946b6fc91c973be7172eb4218837e9.png

i hacked it long ago to load tgl guc but it sure miss lots of work cause this wg patches are for old os x version. try scheduler 4 also it's non apple firmware. 5 is nblue tgl default

 

image.png.e5e1b90107fd84d222087c06e321ef97.png

 

it's interesting your card is trying todo same as linux (firmware loading)

did you try with AppleIntelTGLGraphics also ?

 

igpu hang also happens on wg for framebuffer only? fix this first

you can also try to load icl or AppleIntelTGLGraphics without the framebuffer driver for testing (will produce some logs)

 

hope you can make nblue to work - much easier way to patch kexts

 

this is the correct. the offset of panic is always printed in kp msg - i think i posted something about this with a calculator print

image.png.a8140fe2718eedf72cf8090c1df39f64.png

 

make sure you check for the bytes in the binary for repeating. if f2 repeats in binary on some other function the patch will probably fail

sometimes is better to use bigger pattern to avoid that

image.png.a1a45c459dc5de2d14960fd397c41e42.png

Edited by jalavoui
  • Like 1
Link to comment
Share on other sites

1 hour ago, jalavoui said:

that's interesting you're using scheduler for apple firmware and icl is trying to load it. kinda like linux

are you using wg from other thread?

image.png.46946b6fc91c973be7172eb4218837e9.png

i hacked it long ago to load tgl guc but it sure miss lots of work cause this wg patches are for old os x version. try scheduler 4 also it's non apple firmware. 5 is nblue tgl default

 

image.png.e5e1b90107fd84d222087c06e321ef97.png

 

it's interesting your card is trying todo same as linux (firmware loading)

did you try with AppleIntelTGLGraphics also ?

 

igpu hang also happens on wg for framebuffer only? fix this first

you can also try to load icl or AppleIntelTGLGraphics without the framebuffer driver for testing (will produce some logs)

 

hope you can make nblue to work - much easier way to patch kexts

 

[WEG] I've forked the forked weg source code to work for Raptor Lake too..

kern_igfx.cpp

kern_model.cpp

Edited by ASUS Vivobook
Link to comment
Share on other sites

1 hour ago, jalavoui said:

that's interesting you're using scheduler for apple firmware and icl is trying to load it. kinda like linux

are you using wg from other thread?

image.png.46946b6fc91c973be7172eb4218837e9.png

i hacked it long ago to load tgl guc but it sure miss lots of work cause this wg patches are for old os x version. try scheduler 4 also it's non apple firmware. 5 is nblue tgl default

 

image.png.e5e1b90107fd84d222087c06e321ef97.png

 

it's interesting your card is trying todo same as linux (firmware loading)

did you try with AppleIntelTGLGraphics also ?

 

igpu hang also happens on wg for framebuffer only? fix this first

you can also try to load icl or AppleIntelTGLGraphics without the framebuffer driver for testing (will produce some logs)

 

hope you can make nblue to work - much easier way to patch kexts

 

this is the correct. the offset of panic is always printed in kp msg - i think i posted something about this with a calculator print

image.png.a8140fe2718eedf72cf8090c1df39f64.png

 

[NBlue] But the .bundle files must be loaded too? In folder GPUBundle? How can I copy the AppleIntelTGLGraphics into S L E ?

 

[EDIT] With nblue (this is proof with com.apple.driver.AppleIntelICLLPGraphicsFramebuffer from S/L/E) is more complicated to me because i get no kp (= can't patch) .. i hang on this (same with *LE drivers)

 

IMG_20241103_150143929_HDR.jpg

Edited by ASUS Vivobook
Link to comment
Share on other sites

you gotta break os x seal to install to /S/L/E. bad idea for now as you can't load any framebuffer

you can try /sle/AppleIntelTGLGraphics.kext + bundles +hookcase into /L/E just for testing. patches are in nblue

 

idk if putting bundles in /Library/GPUBundles would to anything put in /L/E 1st

 

hope you can solve that igpu hang issue either with wg or nblue

 

found a link error with nblue. gonna apply as nred - read other thread

Edited by jalavoui
  • Like 1
Link to comment
Share on other sites

What i obtain if i do this boot arg? Could be important?

  1. Use the -igfxfbdump boot flag to dump native and patched framebuffer table to ioreg and then File->Import->IOReg Dump menu
Link to comment
Share on other sites

 Share

×
×
  • Create New...