Chameleon

Chameleon Commit Details

Date:2010-08-15 03:35:06 (13 years 8 months ago)
Author:Evan Lojewski
Commit:364
Parents: 363
Message:Updated rock paper scissors implimentation /com.apple.Boot.RPS/ to work correctly
Changes:
M/branches/meklort/i386/modules/KernelPatcher/kernel_patcher.c
M/branches/meklort/i386/boot2/boot.c
M/branches/meklort/i386/modules/KernelPatcher/kernel_patcher.h
M/branches/meklort/i386/libsaio/stringTable.c

File differences

branches/meklort/i386/libsaio/stringTable.c
610610
611611
612612
613
614
615
616613
617614
618615
......
636633
637634
638635
636
637
638
639
640
639641
640642
641643
......
650652
651653
652654
653
654
655
656655
657656
658657
......
672671
673672
674673
674
675
676
677
678
675679
676680
677681
......
682686
683687
684688
689
690
685691
686692
687693
688694
689695
690
691
692
693
696
697
698
699
700
701
694702
695
703
704
696705
697
698
699
706
707
708
709
700710
701711
702712
703713
704714
705
715
706716
717
718
719
720
721
722
723
724
725
726
727
728
707729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
708782
709783
710784
"/Extra/com.apple.Boot.plist",
"bt(0,0)/Extra/com.apple.Boot.plist",
"/Library/Preferences/SystemConfiguration/com.apple.Boot.plist",
"/com.apple.boot.P/Library/Preferences/SystemConfiguration/com.apple.Boot.plist",
"/com.apple.boot.R/Library/Preferences/SystemConfiguration/com.apple.Boot.plist",
"/com.apple.boot.S/Library/Preferences/SystemConfiguration/com.apple.Boot.plist"
};
int i, fd, count, ret=-1;
break;
}
}
if(ret == -1)
{
ret = loadHelperConfig(config);
}
return ret;
}
"rd(0,0)/Extra/com.apple.Boot.plist",
"/Extra/com.apple.Boot.plist",
"/Library/Preferences/SystemConfiguration/com.apple.Boot.plist",
"/com.apple.boot.P/Library/Preferences/SystemConfiguration/com.apple.Boot.plist",
"/com.apple.boot.R/Library/Preferences/SystemConfiguration/com.apple.Boot.plist",
"/com.apple.boot.S/Library/Preferences/SystemConfiguration/com.apple.Boot.plist"
};
int i, fd, count, ret=-1;
break;
}
}
if(ret == -1)
{
ret = loadHelperConfig(config);
}
return ret;
}
*/
int loadHelperConfig(config_file_t *config)
{
int rfd, pfd, sfd, count, ret=-1;
char *dirspec[] = {
"/com.apple.boot.P/Library/Preferences/SystemConfiguration/com.apple.Boot.plist",
"/com.apple.boot.R/Library/Preferences/SystemConfiguration/com.apple.Boot.plist",
"/com.apple.boot.S/Library/Preferences/SystemConfiguration/com.apple.Boot.plist"
};
int i, fd, count, ret=-1;
for(i = 0; i< sizeof(dirspec)/sizeof(dirspec[0]); i++)
// This is a simple rock - paper scissors algo. R beats S, P beats R, S beats P
// If all three, S is used for now. This should be change dto something else (say, timestamp?)
pfd = open(dirspec[0], 0);
if(pfd >= 0)// com.apple.boot.P exists
{
if ((fd = open(dirspec[i], 0)) >= 0)
sfd = open(dirspec[2], 0); // com.apple.boot.S takes precidence if it also exists
if(sfd >= 0)
{
// read file
count = read(fd, config->plist, IO_CONFIG_DATA_SIZE);
close(fd);
// Use sfd
count = read(sfd, config->plist, IO_CONFIG_DATA_SIZE);
close(sfd);
close(pfd);
// build xml dictionary
ParseXMLFile(config->plist, &config->dictionary);
sysConfigValid = true;
ret=0;
break;
}
else
{
// used pfd
count = read(pfd, config->plist, IO_CONFIG_DATA_SIZE);
close(pfd);
// build xml dictionary
ParseXMLFile(config->plist, &config->dictionary);
sysConfigValid = true;
ret=0;
}
}
else
{
rfd = open(dirspec[1], 0); // com.apple.boot.R exists
if(rfd >= 0)
{
pfd = open(dirspec[2], 0); // com.apple.boot.P takes recidence if it exists
if(pfd >= 0)
{
// use sfd
count = read(pfd, config->plist, IO_CONFIG_DATA_SIZE);
close(pfd);
close(rfd);
// build xml dictionary
ParseXMLFile(config->plist, &config->dictionary);
sysConfigValid = true;
ret=0;
}
else
{
// use rfd
count = read(rfd, config->plist, IO_CONFIG_DATA_SIZE);
close(rfd);
// build xml dictionary
ParseXMLFile(config->plist, &config->dictionary);
sysConfigValid = true;
ret=0;
}
}
else
{
sfd = open(dirspec[2], 0); // com.apple.boot.S exists, but nothing else does
if(sfd >= 0)
{
// use sfd
count = read(sfd, config->plist, IO_CONFIG_DATA_SIZE);
close(sfd);
// build xml dictionary
ParseXMLFile(config->plist, &config->dictionary);
sysConfigValid = true;
ret=0;
}
}
}
return ret;
}
branches/meklort/i386/boot2/boot.c
286286
287287
288288
289
290
291
292
293
294
289
290
291
292
293
295294
296295
297296
loadPrebootRAMDisk();
// Intialize module system
load_module(SYMBOLS_MODULE);
lookup_symbol = (void*)lookup_all_symbols("_lookup_symbol");
// Load a module
load_module("KernelPatcher");
if(init_module_system())
{
load_all_modules();
}
// Disable rescan option by default
gEnableCDROMRescan = false;
branches/meklort/i386/modules/KernelPatcher/kernel_patcher.c
1
1
22
33
44
......
66
77
88
9
109
1110
11
12
1213
13
14
15
16
17
18
1914
20
21
22
23
24
2515
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
4316
4417
4518
4619
47
48
4920
5021
51
52
53
22
23
5424
25
26
27
28
29
30
31
32
5533
5634
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
5763
64
65
66
67
68
69
70
71
72
73
74
5875
76
77
78
79
80
5981
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
60110
61111
62112
63113
64114
65115
66
67
68
69
70
71116
72117
73118
74
75
76
77
78
79
80
81
82
83
84119
85120
86121
......
135170
136171
137172
138
139173
140174
141175
142
176
143177
144178
145179
......
179213
180214
181215
182
183
216
217
184218
185
219
186220
187221
188222
......
220254
221255
222256
223
257
258
224259
225260
226261
......
274309
275310
276311
277
312
313
314
278315
279
280
316
317
318
281319
282320
283321
284322
285323
286
324
287325
288326
289327
......
445483
446484
447485
448
486
449487
450
488
489
490
451491
452492
453493
......
469509
470510
471511
472
473
512
513
474514
475
515
476516
477
517
478518
479519
480520
481
521
482522
483
523
484524
485525
486526
......
517557
518558
519559
520
521
560
561
522562
523
563
524564
525
565
526566
527567
528568
529
569
530570
531
571
532572
533573
534574
/*
/*
* Copyright (c) 2009 Evan Lojewski. All rights reserved.
*
*/
#include "libsaio.h"
#include "kernel_patcher.h"
#include "platform.h"
extern PlatformInfo_t Platform;
patchRoutine_t* patches = NULL;
kernSymbols_t* kernelSymbols = NULL;
#define SYMBOL_CPUID_SET_INFO0
#define SYMBOL_PANIC1
#define SYMBOL_PMCPUEXITHALTTOOFF2
#define SYMBOL_LAPIC_INIT3
#define SYMBOL_COMMPAGE_STUFF_ROUTINE4
#define NUM_SYMBOLS5
#define SYMBOL_CPUID_SET_INFO_STRING"_cpuid_set_info"
#define SYMBOL_PANIC_STRING"_panic"
#define SYMBOL_PMCPUEXITHALTTOOFF_STRING"_pmCPUExitHaltToOff"
#define SYMBOL_LAPIC_INIT_STRING"_lapic_init"
#define SYMBOL_COMMPAGE_STUFF_ROUTINE_STRING"_commpage_stuff_routine"
char* kernelSymbols[NUM_SYMBOLS] = {
SYMBOL_CPUID_SET_INFO_STRING,
SYMBOL_PANIC_STRING,
SYMBOL_PMCPUEXITHALTTOOFF_STRING,
SYMBOL_LAPIC_INIT_STRING,
SYMBOL_COMMPAGE_STUFF_ROUTINE_STRING
};
UInt32 kernelSymbolAddresses[NUM_SYMBOLS] = {
0,
0,
0,
0,
0
};
UInt32 textSection = 0;
UInt32 textAddress = 0;
void HelloWorld_start();
void KernelPatcher_start()
{
printf("KernelPatcher(), about to call HelloWorld_start()\n");
getc();
HelloWorld_start();
register_kernel_patch(patch_cpuid_set_info, KERNEL_32, CPUID_MODEL_ATOM);
register_kernel_patch(patch_cpuid_set_info, KERNEL_32, CPUID_MODEL_UNKNOWN);
register_kernel_patch(patch_commpage_stuff_routine, KERNEL_32, CPUID_MODEL_ANY);
register_kernel_patch(patch_lapic_init, KERNEL_32, CPUID_MODEL_ANY);
// TODO: register needed symbols
// TODO: Hook main kernel patcher loop into chameleon
}
/*
* Register a kerenl patch
* TODO: chang efunction prototype to include patch argument
*/
void register_kernel_patch(void* patch, int arch, int cpus)
{
// TODO: only insert valid patches based on current cpuid and architecture
// AKA, don't at 64bit patches if it's a 32bit only machine
patchRoutine_t* entry;
// TODO: verify Platform.CPU.Model is populated this early in bootup
if(cpus != Platform.CPU.Model)
{
if(cpus != CPUID_MODEL_ANY)
{
if(cpus == CPUID_MODEL_UNKNOWN)
{
switch(Platform.CPU.Model)
{
case 13:
case CPUID_MODEL_YONAH:
case CPUID_MODEL_MEROM:
case CPUID_MODEL_PENRYN:
case CPUID_MODEL_NEHALEM:
case CPUID_MODEL_FIELDS:
case CPUID_MODEL_DALES:
case CPUID_MODEL_NEHALEM_EX:
break;
default:
// CPU not in supported list.s
return;
}
}
else
{
// Incalid cpuid for current cpu. Ignoring patch
return;
}
}
}
// Check arch
if(patches == NULL)
{
patches = entry = malloc(sizeof(patchRoutine_t));
}
else
{
entry = patches;
while(entry->next)
{
entry = entry->next;
}
entry->next = malloc(sizeof(patchRoutine_t));
entry = entry->next;
}
entry->next = NULL;
entry->patchRoutine = patch;
entry->validArchs = arch;
entry->validCpu = cpus;
}
void* lookup_kernel_symbol(const char* name)
{
return NULL;
}
void patch_kernel(void* kernelData)
{
switch (locate_symbols((void*)kernelData)) {
case KERNEL_32:
patch_kernel_32((void*)kernelData);
break;
case KERNEL_64:
default:
patch_kernel_64((void*)kernelData);
break;
}
}
// patches a 64bit kernel.
void patch_kernel_64(void* kernelData)
{
// At the moment, the kernel patching code fails when used
// in 64bit mode, so we don't patch it. This is due to 32bit vs 64bit
// pointers as well as changes in structure sizes
printf("Unable to patch 64bit kernel. Please use arch=i386.\n");
}
/**
** patch_kernel_32
**patches kernel based on cpu info determined earlier in the boot process.
**/
int locate_symbols(void* kernelData)
{
UInt16 symbolIndexes[NUM_SYMBOLS];
struct load_command *loadCommand;
struct symtab_command *symtableData;
struct nlist *symbolEntry;
//struct nlist *symbolEntry;
char* symbolString;
symbolString = kernelData + symtableData->stroff;
UInt16 symbolIndex = 0;
UInt8 numSymbolsFound = 0;
//UInt16 symbolIndex = 0;
//UInt8 numSymbolsFound = 0;
while(symbolIndex < symtableData->nsyms && numSymbolsFound < NUM_SYMBOLS)// TODO: for loop
/*while(symbolIndex < symtableData->nsyms && numSymbolsFound < NUM_SYMBOLS)// TODO: for loop
{
int i = 0;
while(i < NUM_SYMBOLS)
}
symbolIndex ++;
}
}
*/
// Load commands should be anded with 0x7FFFFFFF to ignore theLC_REQ_DYLD flag
} else if((loadCommand->cmd & 0x7FFFFFFF) == LC_SEGMENT)// We only care about the __TEXT segment, any other load command can be ignored
{
void patch_cpuid_set_info(void* kernelData, UInt32 impersonateFamily, UInt8 impersonateModel)
{
UInt8* bytes = (UInt8*)kernelData;
UInt32 patchLocation = (kernelSymbolAddresses[SYMBOL_CPUID_SET_INFO] - textAddress + textSection);
UInt32 patchLocation = (UInt32)lookup_kernel_symbol("_cpuid_set_info");
//(kernelSymbolAddresses[SYMBOL_CPUID_SET_INFO] - textAddress + textSection);
UInt32 jumpLocation = 0;
UInt32 panicAddr = kernelSymbolAddresses[SYMBOL_PANIC] - textAddress;
if(kernelSymbolAddresses[SYMBOL_CPUID_SET_INFO] == 0)
UInt32 panicAddr = (UInt32)lookup_kernel_symbol("_panic");
//kernelSymbolAddresses[SYMBOL_PANIC] - textAddress;
if(patchLocation == 0)
{
printf("Unable to locate _cpuid_set_info\n");
return;
}
if(kernelSymbolAddresses[SYMBOL_PANIC] == 0)
if(panicAddr == 0)
{
printf("Unable to locate _panic\n");
return;
void patch_pmCPUExitHaltToOff(void* kernelData)
{
UInt8* bytes = (UInt8*)kernelData;
UInt32 patchLocation = (kernelSymbolAddresses[SYMBOL_PMCPUEXITHALTTOOFF] - textAddress + textSection);
UInt32 patchLocation = lookup_kernel_symbol("_PmCpuExitHaltToOff"); // verify
if(kernelSymbolAddresses[SYMBOL_PMCPUEXITHALTTOOFF] == 0)
//(kernelSymbolAddresses[SYMBOL_PMCPUEXITHALTTOOFF] - textAddress + textSection);
if(patchLocation == 0)
{
printf("Unable to locate _pmCPUExitHaltToOff\n");
return;
{
UInt8 panicIndex = 0;
UInt8* bytes = (UInt8*)kernelData;
UInt32 patchLocation = (kernelSymbolAddresses[SYMBOL_LAPIC_INIT] - textAddress + textSection);
UInt32 panicAddr = kernelSymbolAddresses[SYMBOL_PANIC] - textAddress;
UInt32 patchLocation = 0x00; // (kernelSymbolAddresses[SYMBOL_LAPIC_INIT] - textAddress + textSection);
UInt32 panicAddr = 0x00; //kernelSymbolAddresses[SYMBOL_PANIC] - textAddress;
if(kernelSymbolAddresses[SYMBOL_LAPIC_INIT] == 0)
//if(kernelSymbolAddresses[SYMBOL_LAPIC_INIT] == 0)
{
printf("Unable to locate %s\n", SYMBOL_LAPIC_INIT_STRING);
//printf("Unable to locate %s\n", SYMBOL_LAPIC_INIT_STRING);
return;
}
if(kernelSymbolAddresses[SYMBOL_PANIC] == 0)
//if(kernelSymbolAddresses[SYMBOL_PANIC] == 0)
{
printf("Unable to locate %s\n", SYMBOL_PANIC_STRING);
//printf("Unable to locate %s\n", SYMBOL_PANIC_STRING);
return;
}
void patch_commpage_stuff_routine(void* kernelData)
{
UInt8* bytes = (UInt8*)kernelData;
UInt32 patchLocation = (kernelSymbolAddresses[SYMBOL_COMMPAGE_STUFF_ROUTINE] - textAddress + textSection);
UInt32 panicAddr = kernelSymbolAddresses[SYMBOL_PANIC] - textAddress;
UInt32 patchLocation = 0x00; // (kernelSymbolAddresses[SYMBOL_COMMPAGE_STUFF_ROUTINE] - textAddress + textSection);
UInt32 panicAddr = 0x00;// kernelSymbolAddresses[SYMBOL_PANIC] - textAddress;
if(kernelSymbolAddresses[SYMBOL_COMMPAGE_STUFF_ROUTINE] == 0)
//if(kernelSymbolAddresses[SYMBOL_COMMPAGE_STUFF_ROUTINE] == 0)
{
printf("Unable to locate %s\n", SYMBOL_COMMPAGE_STUFF_ROUTINE_STRING);
//printf("Unable to locate %s\n", SYMBOL_COMMPAGE_STUFF_ROUTINE_STRING);
return;
}
if(kernelSymbolAddresses[SYMBOL_PANIC] == 0)
//if(kernelSymbolAddresses[SYMBOL_PANIC] == 0)
{
printf("Unable to locate %s\n", SYMBOL_PANIC_STRING);
//printf("Unable to locate %s\n", SYMBOL_PANIC_STRING);
return;
}
branches/meklort/i386/modules/KernelPatcher/kernel_patcher.h
99
1010
1111
12
13
1214
1315
1416
......
1921
2022
2123
24
25
26
2227
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
2347
48
2449
25
26
27
2850
2951
3052
31
3253
3354
3455
#ifndef __BOOT2_KERNEL_PATCHER_H
#define __BOOT2_KERNEL_PATCHER_H
#define CPUID_MODEL_ANY0x00
#define CPUID_MODEL_UNKNOWN0x01
#define CPUID_MODEL_YONAH14
#define CPUID_MODEL_MEROM15
#define CPUID_MODEL_DALES31/* Havendale, Auburndale */
#define CPUID_MODEL_NEHALEM_EX46
#define KERNEL_ANY0x00
#define KERNEL_640x01
#define KERNEL_320x02
typedef struct patchRoutine_t
{
void* patchRoutine;
int validArchs;
int validCpu;
struct patchRoutine_t* next;
} patchRoutine_t;
typedef struct kernSymbols_t
{
char* symbol;
void* symbolAddress;
struct kernSymbols_t* next;
} kernSymbols_t;
void* lookup_kernel_symbol(const char* name);
void patch_kernel(void* kernelData);
void register_kernel_patch(void* patch, int arch, int cpus);
#define KERNEL_641
#define KERNEL_322
int locate_symbols(void* kernelData);
void patch_kernel_32(void* kernelData);
void patch_kernel_64(void* kernelData);

Archive Download the corresponding diff file

Revision: 364