Index: branches/meklort/i386/boot2/drivers.c =================================================================== --- branches/meklort/i386/boot2/drivers.c (revision 340) +++ branches/meklort/i386/boot2/drivers.c (revision 341) @@ -38,7 +38,6 @@ #include "bootstruct.h" #include "xml.h" #include "ramdisk.h" -#include "kernel_patcher.h" extern char gMacOSVersion; extern int recoveryMode; @@ -832,7 +831,7 @@ ret = ThinFatFile(&binary, &len); } - patch_kernel(binary); + //patch_kernel(binary); ret = DecodeMachO(binary, rentry, raddr, rsize); Index: branches/meklort/i386/boot2/Makefile =================================================================== --- branches/meklort/i386/boot2/Makefile (revision 340) +++ branches/meklort/i386/boot2/Makefile (revision 341) @@ -42,7 +42,7 @@ # The ordering is important; # boot2.o must be first. OBJS = boot2.o boot.o graphics.o drivers.o prompt.o options.o lzss.o mboot.o \ - ramdisk.o picopng.o resume.o bmdecompress.o graphic_utils.o gui.o modules.o kernel_patcher.o + ramdisk.o picopng.o resume.o bmdecompress.o graphic_utils.o gui.o modules.o # button.o browser.o scrollbar.o == NOTYET UTILDIR = ../util Index: branches/meklort/i386/boot2/boot.c =================================================================== --- branches/meklort/i386/boot2/boot.c (revision 340) +++ branches/meklort/i386/boot2/boot.c (revision 341) @@ -287,8 +287,11 @@ // Intialize module system load_module(SYMBOLS_MODULE); - load_module("HelloWorld"); + lookup_symbol = (void*)lookup_all_symbols("_lookup_symbol"); + // Load a module + load_module("KernelPatcher"); + // Disable rescan option by default gEnableCDROMRescan = false; Index: branches/meklort/i386/boot2/modules.c =================================================================== --- branches/meklort/i386/boot2/modules.c (revision 340) +++ branches/meklort/i386/boot2/modules.c (revision 341) @@ -17,12 +17,15 @@ void rebase_macho(void* base, char* rebase_stream, UInt32 size); void bind_macho(void* base, char* bind_stream, UInt32 size); +/* + * Load a module file in /Extra/modules + * TODO: verify version number of module + */ int load_module(const char* module) { // Check to see if the module has already been loaded if(is_module_laoded(module)) { - printf("Module %s already loaded\n"); return 1; } @@ -177,12 +180,13 @@ break; case LC_LOAD_DYLIB: - case LC_LOAD_WEAK_DYLIB: - { - // TODO: do this before - struct dylib_command* weakLoad = binary + binaryIndex; - load_module((char*)((UInt32)*((UInt32*)&weakLoad->dylib.name))); - } + case LC_LOAD_WEAK_DYLIB ^ LC_REQ_DYLD: + dylibCommand = binary + binaryIndex; + char* module = binary + binaryIndex + ((UInt32)*((UInt32*)&dylibCommand->dylib.name)); + // = dylibCommand->dylib.current_version; + // = dylibCommand->dylib.compatibility_version; + + load_module(module); break; case LC_ID_DYLIB: @@ -243,7 +247,6 @@ // To satisfy cicular deps, the module_loaded command shoudl be run before the module init(); module_loaded(moduleName, moduleVersion, moduleCompat); - getc(); return module_start; @@ -728,14 +731,8 @@ { //printf("Adding symbol %s at 0x%X\n", symbol, addr); - //hack - if(strcmp(symbol, "_lookup_symbol") == 0) + if(!moduleSymbols) { - //printf("Initializing lookup symbol function\n"); - lookup_symbol = addr; - } - else if(!moduleSymbols) - { moduleSymbols = malloc(sizeof(symbolList_t)); moduleSymbols->next = NULL; moduleSymbols->addr = (unsigned int)addr; @@ -838,11 +835,11 @@ return addr; } } - else + /*else { printf("Symbol.dylib not loaded. Module loader not setup.\n"); return 0xFFFFFFFF; - } + }*/ Index: branches/meklort/i386/boot2/modules.h =================================================================== --- branches/meklort/i386/boot2/modules.h (revision 340) +++ branches/meklort/i386/boot2/modules.h (revision 341) @@ -7,7 +7,10 @@ #include #include +#ifndef __BOOT_MODULES_H +#define __BOOT_MODULES_H + typedef struct symbolList_t{ char* symbol; unsigned int addr; @@ -21,8 +24,6 @@ struct moduleList_t* next; } moduleList_t; -#ifndef __BOOT_MODULES_H -#define __BOOT_MODULES_H #define SYMBOLS_MODULE "Symbols" @@ -46,4 +47,6 @@ unsigned int lookup_all_symbols(const char* name); +extern unsigned int (*lookup_symbol)(const char*); + #endif /* __BOOT_MODULES_H */ \ No newline at end of file Index: branches/meklort/i386/modules/KernelPatcher/kernel_patcher.c =================================================================== --- branches/meklort/i386/modules/KernelPatcher/kernel_patcher.c (revision 0) +++ branches/meklort/i386/modules/KernelPatcher/kernel_patcher.c (revision 341) @@ -0,0 +1,557 @@ +/* + * Copyright (c) 2009 Evan Lojewski. All rights reserved. + * + */ + +#include "libsaio.h" +#include "kernel_patcher.h" +#include "platform.h" + +//extern PlatformInfo_t Platform; + + +#define SYMBOL_CPUID_SET_INFO 0 +#define SYMBOL_PANIC 1 +#define SYMBOL_PMCPUEXITHALTTOOFF 2 +#define SYMBOL_LAPIC_INIT 3 +#define SYMBOL_COMMPAGE_STUFF_ROUTINE 4 +#define NUM_SYMBOLS 5 + +#define SYMBOL_CPUID_SET_INFO_STRING "_cpuid_set_info" +#define SYMBOL_PANIC_STRING "_panic" +#define SYMBOL_PMCPUEXITHALTTOOFF_STRING "_pmCPUExitHaltToOff" +#define SYMBOL_LAPIC_INIT_STRING "_lapic_init" +#define SYMBOL_COMMPAGE_STUFF_ROUTINE_STRING "_commpage_stuff_routine" + +char* kernelSymbols[NUM_SYMBOLS] = { + SYMBOL_CPUID_SET_INFO_STRING, + SYMBOL_PANIC_STRING, + SYMBOL_PMCPUEXITHALTTOOFF_STRING, + SYMBOL_LAPIC_INIT_STRING, + SYMBOL_COMMPAGE_STUFF_ROUTINE_STRING +}; + +UInt32 kernelSymbolAddresses[NUM_SYMBOLS] = { + 0, + 0, + 0, + 0, + 0 +}; + + +UInt32 textSection = 0; +UInt32 textAddress = 0; + + +void HelloWorld_start(); + +void KernelPatcher_start() +{ + printf("KernelPatcher(), about to call HelloWorld_start()\n"); + //getc(); + //HelloWorld_start(); + +} + + + + +void patch_kernel(void* kernelData) +{ + switch (locate_symbols((void*)kernelData)) { + case KERNEL_32: + patch_kernel_32((void*)kernelData); + break; + + case KERNEL_64: + default: + patch_kernel_64((void*)kernelData); + break; + } +} + +// patches a 64bit kernel. +void patch_kernel_64(void* kernelData) +{ + // At the moment, the kernel patching code fails when used + // in 64bit mode, so we don't patch it. This is due to 32bit vs 64bit + // pointers as well as changes in structure sizes + printf("Unable to patch 64bit kernel. Please use arch=i386.\n"); +} + + +/** + ** patch_kernel_32 + ** patches kernel based on cpu info determined earlier in the boot process. + ** It the machine is vmware, remove the artificial lapic panic + ** If the CPU is not supported, remove the cpuid_set_info panic + ** If the CPU is and Intel Atom, inject the penryn cpuid info. + **/ +void patch_kernel_32(void* kernelData) +{ + // Remove panic in commpage + patch_commpage_stuff_routine(kernelData); + + //patch_pmCPUExitHaltToOff(kernelData); // Not working as intended, disabled for now + + // if(vmware_detected) + { + patch_lapic_init(kernelData); + } + + switch(13)//Platform.CPU.Model) + { + // Known good CPU's, no reason to patch kernel + case 13: + case CPUID_MODEL_YONAH: + case CPUID_MODEL_MEROM: + case CPUID_MODEL_PENRYN: + case CPUID_MODEL_NEHALEM: + case CPUID_MODEL_FIELDS: + case CPUID_MODEL_DALES: + case CPUID_MODEL_NEHALEM_EX: + break; + + // Known unsuported CPU's + case CPUID_MODEL_ATOM: + // TODO: Impersonate CPU based on user selection + patch_cpuid_set_info(kernelData, CPUFAMILY_INTEL_PENRYN, CPUID_MODEL_PENRYN); // Impersonate Penryn CPU + break; + + // Unknown CPU's + default: + // TODO: Impersonate CPU based on user selection + patch_cpuid_set_info(kernelData, 0, 0); // Remove Panic Call + + break; + } +} + + +/** + ** This functions located the kernelSymbols[i] symbols in the mach-o header. + ** as well as determines the start of the __TEXT segment and __TEXT,__text sections + **/ +int locate_symbols(void* kernelData) +{ + UInt16 symbolIndexes[NUM_SYMBOLS]; + + struct load_command *loadCommand; + struct symtab_command *symtableData; + struct nlist *symbolEntry; + + char* symbolString; + + UInt32 kernelIndex = 0; + kernelIndex += sizeof(struct mach_header); + + if(((struct mach_header*)kernelData)->magic != MH_MAGIC) return KERNEL_64; + + + //printf("%d load commands beginning at 0x%X\n", (unsigned int)header->ncmds, (unsigned int)kernelIndex); + //printf("Commands take up %d bytes\n", header->sizeofcmds); + + + int cmd = 0; + while(cmd < ((struct mach_header*)kernelData)->ncmds) // TODO: for loop instead + { + cmd++; + + loadCommand = kernelData + kernelIndex; + + UInt cmdSize = loadCommand->cmdsize; + + + // Locate start of _panic and _cpuid_set_info in the symbol tabe. + // Load commands should be anded with 0x7FFFFFFF to ignore the LC_REQ_DYLD flag + if((loadCommand->cmd & 0x7FFFFFFF) == LC_SYMTAB) // We only care about the symtab segment + { + //printf("Located symtable, length is 0x%X, 0x%X\n", (unsigned int)loadCommand->cmdsize, (unsigned int)sizeof(symtableData)); + + symtableData = kernelData + kernelIndex; + kernelIndex += sizeof(struct symtab_command); + + cmdSize -= sizeof(struct symtab_command); + + // Loop through symbol table untill all of the symbols have been found + + symbolString = kernelData + symtableData->stroff; + + + UInt16 symbolIndex = 0; + UInt8 numSymbolsFound = 0; + + while(symbolIndex < symtableData->nsyms && numSymbolsFound < NUM_SYMBOLS) // TODO: for loop + { + int i = 0; + while(i < NUM_SYMBOLS) + { + if(strcmp(symbolString, kernelSymbols[i]) == 0) + { + symbolIndexes[i] = symbolIndex; + numSymbolsFound++; + } + i++; + + } + symbolString += strlen(symbolString) + 1; + symbolIndex++; + } + + // loop again + symbolIndex = 0; + numSymbolsFound = 0; + while(symbolIndex < symtableData->nsyms && numSymbolsFound < NUM_SYMBOLS) // TODO: for loop + { + + symbolEntry = kernelData + symtableData->symoff + (symbolIndex * sizeof(struct nlist)); + + int i = 0; + while(i < NUM_SYMBOLS) + { + if(symbolIndex == (symbolIndexes[i] - 4)) + { + kernelSymbolAddresses[i] = (UInt32)symbolEntry->n_value; + numSymbolsFound++; + } + i++; + + } + + symbolIndex ++; + } + // Load commands should be anded with 0x7FFFFFFF to ignore the LC_REQ_DYLD flag + } else if((loadCommand->cmd & 0x7FFFFFFF) == LC_SEGMENT) // We only care about the __TEXT segment, any other load command can be ignored + { + + struct segment_command *segCommand; + + segCommand = kernelData + kernelIndex; + + //printf("Segment name is %s\n", segCommand->segname); + + if(strcmp("__TEXT", segCommand->segname) == 0) + { + UInt32 sectionIndex; + + sectionIndex = sizeof(struct segment_command); + + struct section *sect; + + while(sectionIndex < segCommand->cmdsize) + { + sect = kernelData + kernelIndex + sectionIndex; + + sectionIndex += sizeof(struct section); + + + if(strcmp("__text", sect->sectname) == 0) + { + // __TEXT,__text found, save the offset and address for when looking for the calls. + textSection = sect->offset; + textAddress = sect->addr; + break; + } + } + } + + + kernelIndex += cmdSize; + } else { + kernelIndex += cmdSize; + } + } + + return KERNEL_32; +} + + +/** + ** Locate the fisrt instance of _panic inside of _cpuid_set_info, and either remove it + ** Or replace it so that the cpuid is set to a valid value. + **/ +void patch_cpuid_set_info(void* kernelData, UInt32 impersonateFamily, UInt8 impersonateModel) +{ + UInt8* bytes = (UInt8*)kernelData; + UInt32 patchLocation = (kernelSymbolAddresses[SYMBOL_CPUID_SET_INFO] - textAddress + textSection); + UInt32 jumpLocation = 0; + UInt32 panicAddr = kernelSymbolAddresses[SYMBOL_PANIC] - textAddress; + if(kernelSymbolAddresses[SYMBOL_CPUID_SET_INFO] == 0) + { + printf("Unable to locate _cpuid_set_info\n"); + return; + + } + if(kernelSymbolAddresses[SYMBOL_PANIC] == 0) + { + printf("Unable to locate _panic\n"); + return; + } + + //TODO: don't assume it'll always work (Look for *next* function address in symtab and fail once it's been reached) + while( + (bytes[patchLocation -1] != 0xE8) || + ( ( (UInt32)(panicAddr - patchLocation - 4) + textSection ) != (UInt32)((bytes[patchLocation + 0] << 0 | + bytes[patchLocation + 1] << 8 | + bytes[patchLocation + 2] << 16 | + bytes[patchLocation + 3] << 24))) + ) + { + patchLocation++; + } + patchLocation--; + + + // Remove panic call, just in case the following patch routines fail + bytes[patchLocation + 0] = 0x90; + bytes[patchLocation + 1] = 0x90; + bytes[patchLocation + 2] = 0x90; + bytes[patchLocation + 3] = 0x90; + bytes[patchLocation + 4] = 0x90; + + + // Locate the jump call, so that 10 bytes can be reclamed. + // NOTE: This will *NOT* be located on pre 10.6.2 kernels + jumpLocation = patchLocation - 15; + while((bytes[jumpLocation - 1] != 0x77 || + bytes[jumpLocation] != (patchLocation - jumpLocation - -8)) && + (patchLocation - jumpLocation) < 0xF0) + { + jumpLocation--; + } + + // If found... AND we want to impersonate a specific cpumodel / family... + if(impersonateFamily && + impersonateModel && + ((patchLocation - jumpLocation) < 0xF0)) + { + + bytes[jumpLocation] -= 10; // sizeof(movl $0x6b5a4cd2,0x00872eb4) = 10bytes + + /* + * Inpersonate the specified CPU FAMILY and CPU Model + */ + + // bytes[patchLocation - 17] = 0xC7; // already here... not needed to be done + // bytes[patchLocation - 16] = 0x05; // see above + UInt32 cpuid_cpufamily_addr = bytes[patchLocation - 15] << 0 | + bytes[patchLocation - 14] << 8 | + bytes[patchLocation - 13] << 16 | + bytes[patchLocation - 12] << 24; + + // NOTE: may change, determined based on cpuid_info struct + UInt32 cpuid_model_addr = cpuid_cpufamily_addr - 299; + + + // cpufamily = CPUFAMILY_INTEL_PENRYN + bytes[patchLocation - 11] = (impersonateFamily & 0x000000FF) >> 0; + bytes[patchLocation - 10] = (impersonateFamily & 0x0000FF00) >> 8; + bytes[patchLocation - 9] = (impersonateFamily & 0x00FF0000) >> 16; + bytes[patchLocation - 8] = (impersonateFamily & 0xFF000000) >> 24; + + // NOPS, just in case if the jmp call wasn't patched, we'll jump to a + // nop and continue with the rest of the patch + // Yay two free bytes :), 10 more can be reclamed if needed, as well as a few + // from the above code (only cpuid_model needs to be set. + bytes[patchLocation - 7] = 0x90; + bytes[patchLocation - 6] = 0x90; + + bytes[patchLocation - 5] = 0xC7; + bytes[patchLocation - 4] = 0x05; + bytes[patchLocation - 3] = (cpuid_model_addr & 0x000000FF) >> 0; + bytes[patchLocation - 2] = (cpuid_model_addr & 0x0000FF00) >> 8; + bytes[patchLocation - 1] = (cpuid_model_addr & 0x00FF0000) >> 16; + bytes[patchLocation - 0] = (cpuid_model_addr & 0xFF000000) >> 24; + + // Note: I could have just copied the 8bit cpuid_model in and saved about 4 bytes + // so if this function need a different patch it's still possible. Also, about ten bytes previous can be freed. + bytes[patchLocation + 1] = impersonateModel; // cpuid_model + bytes[patchLocation + 2] = 0x01; // cpuid_extmodel + bytes[patchLocation + 3] = 0x00; // cpuid_extfamily + bytes[patchLocation + 4] = 0x02; // cpuid_stepping + + } + else if(impersonateFamily && impersonateModel) + { + // pre 10.6.2 kernel + // Locate the jump to directly *after* the panic call, + jumpLocation = patchLocation - 4; + while((bytes[jumpLocation - 1] != 0x77 || + bytes[jumpLocation] != (patchLocation - jumpLocation + 4)) && + (patchLocation - jumpLocation) < 0x20) + { + jumpLocation--; + } + // NOTE above isn't needed (I was going to use it, but I'm not, so instead, + // I'll just leave it to verify the binary stucture. + + // NOTE: the cpumodel_familt data is not set in _cpuid_set_info + // so we don't need to set it here, I'll get set later based on the model + // we set now. + + if((patchLocation - jumpLocation) < 0x20) + { + UInt32 cpuid_model_addr = (bytes[patchLocation - 14] << 0 | + bytes[patchLocation - 13] << 8 | + bytes[patchLocation - 12] << 16 | + bytes[patchLocation - 11] << 24); + // Remove jump + bytes[patchLocation - 9] = 0x90; /// Was a jump if supported cpu + bytes[patchLocation - 8] = 0x90; // jumped past the panic call, we want to override the panic + + bytes[patchLocation - 7] = 0x90; + bytes[patchLocation - 6] = 0x90; + + bytes[patchLocation - 5] = 0xC7; + bytes[patchLocation - 4] = 0x05; + bytes[patchLocation - 3] = (cpuid_model_addr & 0x000000FF) >> 0; + bytes[patchLocation - 2] = (cpuid_model_addr & 0x0000FF00) >> 8; + bytes[patchLocation - 1] = (cpuid_model_addr & 0x00FF0000) >> 16; + bytes[patchLocation - 0] = (cpuid_model_addr & 0xFF000000) >> 24; + + // Note: I could have just copied the 8bit cpuid_model in and saved about 4 bytes + // so if this function need a different patch it's still possible. Also, about ten bytes previous can be freed. + bytes[patchLocation + 1] = impersonateModel; // cpuid_model + bytes[patchLocation + 2] = 0x01; // cpuid_extmodel + bytes[patchLocation + 3] = 0x00; // cpuid_extfamily + bytes[patchLocation + 4] = 0x02; // cpuid_stepping + + + + patchLocation = jumpLocation; + // We now have 14 bytes available for a patch + + } + else + { + // Patching failed, using NOP replacement done initialy + } + } + else + { + // Either We were unable to change the jump call due to the function's sctructure + // changing, or the user did not request a patch. As such, resort to just + // removing the panic call (using NOP replacement above). Note that the + // IntelCPUPM kext may still panic due to the cpu's Model ID not being patched + } +} + + +/** + ** SleepEnabler.kext replacement (for those that need it) + ** Located the KERN_INVALID_ARGUMENT return and replace it with KERN_SUCCESS + **/ +void patch_pmCPUExitHaltToOff(void* kernelData) +{ + UInt8* bytes = (UInt8*)kernelData; + UInt32 patchLocation = (kernelSymbolAddresses[SYMBOL_PMCPUEXITHALTTOOFF] - textAddress + textSection); + + if(kernelSymbolAddresses[SYMBOL_PMCPUEXITHALTTOOFF] == 0) + { + printf("Unable to locate _pmCPUExitHaltToOff\n"); + return; + } + + while(bytes[patchLocation - 1] != 0xB8 || + bytes[patchLocation] != 0x04 || // KERN_INVALID_ARGUMENT (0x00000004) + bytes[patchLocation + 1] != 0x00 || // KERN_INVALID_ARGUMENT + bytes[patchLocation + 2] != 0x00 || // KERN_INVALID_ARGUMENT + bytes[patchLocation + 3] != 0x00) // KERN_INVALID_ARGUMENT + + { + patchLocation++; + } + bytes[patchLocation] = 0x00; // KERN_SUCCESS; +} + +void patch_lapic_init(void* kernelData) +{ + UInt8 panicIndex = 0; + UInt8* bytes = (UInt8*)kernelData; + UInt32 patchLocation = (kernelSymbolAddresses[SYMBOL_LAPIC_INIT] - textAddress + textSection); + UInt32 panicAddr = kernelSymbolAddresses[SYMBOL_PANIC] - textAddress; + + if(kernelSymbolAddresses[SYMBOL_LAPIC_INIT] == 0) + { + printf("Unable to locate %s\n", SYMBOL_LAPIC_INIT_STRING); + return; + + } + if(kernelSymbolAddresses[SYMBOL_PANIC] == 0) + { + printf("Unable to locate %s\n", SYMBOL_PANIC_STRING); + return; + } + + + + // Locate the (panicIndex + 1) panic call + while(panicIndex < 3) // Find the third panic call + { + while( + (bytes[patchLocation -1] != 0xE8) || + ( ( (UInt32)(panicAddr - patchLocation - 4) + textSection ) != (UInt32)((bytes[patchLocation + 0] << 0 | + bytes[patchLocation + 1] << 8 | + bytes[patchLocation + 2] << 16 | + bytes[patchLocation + 3] << 24))) + ) + { + patchLocation++; + } + patchLocation++; + panicIndex++; + } + patchLocation--; // Remove extra increment from the < 3 while loop + + bytes[--patchLocation] = 0x90; + bytes[++patchLocation] = 0x90; + bytes[++patchLocation] = 0x90; + bytes[++patchLocation] = 0x90; + bytes[++patchLocation] = 0x90; + + +} + + +void patch_commpage_stuff_routine(void* kernelData) +{ + UInt8* bytes = (UInt8*)kernelData; + UInt32 patchLocation = (kernelSymbolAddresses[SYMBOL_COMMPAGE_STUFF_ROUTINE] - textAddress + textSection); + UInt32 panicAddr = kernelSymbolAddresses[SYMBOL_PANIC] - textAddress; + + if(kernelSymbolAddresses[SYMBOL_COMMPAGE_STUFF_ROUTINE] == 0) + { + printf("Unable to locate %s\n", SYMBOL_COMMPAGE_STUFF_ROUTINE_STRING); + return; + + } + if(kernelSymbolAddresses[SYMBOL_PANIC] == 0) + { + printf("Unable to locate %s\n", SYMBOL_PANIC_STRING); + return; + } + + + while( + (bytes[patchLocation -1] != 0xE8) || + ( ( (UInt32)(panicAddr - patchLocation - 4) + textSection ) != (UInt32)((bytes[patchLocation + 0] << 0 | + bytes[patchLocation + 1] << 8 | + bytes[patchLocation + 2] << 16 | + bytes[patchLocation + 3] << 24))) + ) + { + patchLocation++; + } + patchLocation--; + + + // Remove panic call, just in case the following patch routines fail + bytes[patchLocation + 0] = 0x90; + bytes[patchLocation + 1] = 0x90; + bytes[patchLocation + 2] = 0x90; + bytes[patchLocation + 3] = 0x90; + bytes[patchLocation + 4] = 0x90; + + +} Index: branches/meklort/i386/modules/KernelPatcher/kernel_patcher.h =================================================================== --- branches/meklort/i386/modules/KernelPatcher/kernel_patcher.h (revision 0) +++ branches/meklort/i386/modules/KernelPatcher/kernel_patcher.h (revision 341) @@ -0,0 +1,39 @@ +/* + * Copyright (c) 2009 Evan Lojewski. All rights reserved. + * + */ + +#include +#include + +#ifndef __BOOT2_KERNEL_PATCHER_H +#define __BOOT2_KERNEL_PATCHER_H + + +#define CPUID_MODEL_YONAH 14 +#define CPUID_MODEL_MEROM 15 +#define CPUID_MODEL_PENRYN 23 +#define CPUID_MODEL_NEHALEM 26 +#define CPUID_MODEL_ATOM 28 +#define CPUID_MODEL_FIELDS 30 /* Lynnfield, Clarksfield, Jasper */ +#define CPUID_MODEL_DALES 31 /* Havendale, Auburndale */ +#define CPUID_MODEL_NEHALEM_EX 46 + + +void patch_kernel(void* kernelData); + +#define KERNEL_64 1 +#define KERNEL_32 2 + +int locate_symbols(void* kernelData); + +void patch_kernel_32(void* kernelData); +void patch_kernel_64(void* kernelData); + + + +void patch_cpuid_set_info(void* kernelData, UInt32 impersonateFamily, UInt8 inpersonateModel); +void patch_pmCPUExitHaltToOff(void* kernelData); +void patch_lapic_init(void* kernelData); +void patch_commpage_stuff_routine(void* kernelData); +#endif /* !__BOOT2_KERNEL_PATCHER_H */ Index: branches/meklort/i386/modules/KernelPatcher/Makefile =================================================================== --- branches/meklort/i386/modules/KernelPatcher/Makefile (revision 0) +++ branches/meklort/i386/modules/KernelPatcher/Makefile (revision 341) @@ -0,0 +1,86 @@ + +MODULE_NAME = KernelPatcher +MODULE_VERSION = "1.0.0" +MODULE_COMPAT_VERSION = "1.0.0" +MODULE_START = _$(MODULE_NAME)_start +MODULE_DEPENDENCIES = + +DIR = HelloWorld + +include ../../MakePaths.dir + +OBJROOT=../../../obj/i386/modules/$(DIR) +SYMROOT=../../../sym/i386/modules/ +DSTROOT=../../../dst/i386/modules/ + + +UTILDIR = ../../util +LIBSADIR = ../../libsa +LIBSAIODIR = ../../libsaio +BOOT2DIR = ../../boot2 + +INSTALLDIR = $(DSTROOT)/System/Library/Frameworks/System.framework/Versions/B/PrivateHeaders/standalone + +OPTIM = -Os -Oz +DEBUG = -DNOTHING +#DEBUG = -DDEBUG_HELLO_WORLD=1 +CFLAGS = $(RC_CFLAGS) $(OPTIM) $(MORECPP) -arch i386 -g -Wmost \ + -D__ARCHITECTURE__=\"i386\" -DSAIO_INTERNAL_USER \ + -DRCZ_COMPRESSED_FILE_SUPPORT $(DEBUG) \ + -fno-builtin $(OMIT_FRAME_POINTER_CFLAG) \ + -mpreferred-stack-boundary=2 -fno-align-functions -fno-stack-protector \ + -march=pentium4 -msse2 -mfpmath=sse -msoft-float -fno-common + +DEFINES= +CONFIG = hd +INC = -I. -I.. -I$(SYMROOT) -I$(UTILDIR) -I$(LIBSADIR) -I$(LIBSAIODIR) -I$(BOOT2DIR) +ifneq "" "$(wildcard /bin/mkdirs)" + MKDIRS = /bin/mkdirs +else + MKDIRS = /bin/mkdir -p +endif +AS = as +LD = ld +# LIBS= -lc_static +LIBS= + +VPATH = $(OBJROOT):$(SYMROOT) + +OBJS = kernel_patcher.o + + +SFILES = +CFILES = +HFILES = +EXPORTED_HFILES = +INSTALLED_HFILES = +OTHERFILES = Makefile +ALLSRC = $(SFILES) $(CFILES) \ + $(HFILES) $(OTHERFILES) +DIRS_NEEDED = $(OBJROOT) $(SYMROOT) + +all embedtheme: ${OBJS} dylib + + +dylib: ${OBJS} + ld -flat_namespace -arch i386 \ + -undefined suppress \ + -alias $(MODULE_START) start \ + -dylib -read_only_relocs suppress \ + -S -x -dead_strip_dylibs \ + -no_uuid \ + -bind_at_load \ + -current_version $(MODULE_VERSION) -compatibility_version $(MODULE_COMPAT_VERSION) \ + -final_output $(MODULE_NAME) \ + -weak_library $(SYMROOT)/Symbols.dylib \ + -weak_library $(SYMROOT)/HelloWorld.dylib \ + $(OBJROOT)/kernel_patcher.o -o $(SYMROOT)/$(MODULE_NAME).dylib + + +kernel_patcher.o: + $(CC) $(CPPFLAGS) $(CFLAGS) $(DEFINES) -c "kernel_patcher.c" $(INC) -o "$(OBJROOT)/kernel_patcher.o" + +include ../../MakeInc.dir + +# dependencies +-include $(OBJROOT)/Makedep Index: branches/meklort/i386/modules/HelloWorld/HelloWorld.c =================================================================== --- branches/meklort/i386/modules/HelloWorld/HelloWorld.c (revision 340) +++ branches/meklort/i386/modules/HelloWorld/HelloWorld.c (revision 341) @@ -5,10 +5,7 @@ #include "libsaio.h" -void Symbols_start(); - void HelloWorld_start() { - Symbols_start(); printf("Hello World from a module\n"); }