1 | /*␊ |
2 | * Copyright (c) 2009-2012 Evan Lojewski. All rights reserved.␊ |
3 | * Copyright (c) 2013-2015 xZenue LLC. All rights reserved.␊ |
4 | *␊ |
5 | *␊ |
6 | * This work is licensed under the␊ |
7 | * Creative Commons Attribution-NonCommercial 3.0 Unported License.␊ |
8 | * To view a copy of this license, visit http://creativecommons.org/licenses/by-nc/3.0/.␊ |
9 | */␊ |
10 | ␊ |
11 | #ifndef __BOOT2_KERNEL_PATCHER_H␊ |
12 | #define __BOOT2_KERNEL_PATCHER_H␊ |
13 | ␊ |
14 | #include <libkern/OSTypes.h>␊ |
15 | #include <mach-o/loader.h>␊ |
16 | #include <mach-o/nlist.h>␊ |
17 | #include <mach-o/reloc.h>␊ |
18 | ␊ |
19 | #include "modules.h" ␊ |
20 | #include "cpu.h"␊ |
21 | #include "binaryPatcher.h"␊ |
22 | ␊ |
23 | #define CPU_MODEL_ANY 0x00␊ |
24 | #define CPU_MODEL_UNKNOWN 0x01␊ |
25 | ␊ |
26 | #define KERNEL_ANY 0x00␊ |
27 | #define KERNEL_64 0x01␊ |
28 | #define KERNEL_32 0x02␊ |
29 | #define KERNEL_ERR 0xFF␊ |
30 | ␊ |
31 | #define CPUIDFAMILY_DEFAULT 6␊ |
32 | ␊ |
33 | ␊ |
34 | // kernel patches␊ |
35 | void patch_kernel_internal(void *kernelData, u_int32_t uncompressed_size);␊ |
36 | ␊ |
37 | // Power management patch for kernel 13.0␊ |
38 | static UInt8 KernelPatchPmSrc[] = {␊ |
39 | 0x55, 0x48, 0x89, 0xe5, 0x41, 0x89, 0xd0, 0x85,␊ |
40 | 0xf6, 0x74, 0x6c, 0x48, 0x83, 0xc7, 0x28, 0x90,␊ |
41 | 0x8b, 0x05, 0x5e, 0x30, 0x5e, 0x00, 0x85, 0x47,␊ |
42 | 0xdc, 0x74, 0x54, 0x8b, 0x4f, 0xd8, 0x45, 0x85,␊ |
43 | 0xc0, 0x74, 0x08, 0x44, 0x39, 0xc1, 0x44, 0x89,␊ |
44 | 0xc1, 0x75, 0x44, 0x0f, 0x32, 0x89, 0xc0, 0x48,␊ |
45 | 0xc1, 0xe2, 0x20, 0x48, 0x09, 0xc2, 0x48, 0x89,␊ |
46 | 0x57, 0xf8, 0x48, 0x8b, 0x47, 0xe8, 0x48, 0x85,␊ |
47 | 0xc0, 0x74, 0x06, 0x48, 0xf7, 0xd0, 0x48, 0x21,␊ |
48 | 0xc2, 0x48, 0x0b, 0x57, 0xf0, 0x49, 0x89, 0xd1,␊ |
49 | 0x49, 0xc1, 0xe9, 0x20, 0x89, 0xd0, 0x8b, 0x4f,␊ |
50 | 0xd8, 0x4c, 0x89, 0xca, 0x0f, 0x30, 0x8b, 0x4f,␊ |
51 | 0xd8, 0x0f, 0x32, 0x89, 0xc0, 0x48, 0xc1, 0xe2,␊ |
52 | 0x20, 0x48, 0x09, 0xc2, 0x48, 0x89, 0x17, 0x48,␊ |
53 | 0x83, 0xc7, 0x30, 0xff, 0xce, 0x75, 0x99, 0x5d,␊ |
54 | 0xc3, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90␊ |
55 | };␊ |
56 | static UInt8 KernelPatchPmRepl[] = {␊ |
57 | 0x55, 0x48, 0x89, 0xe5, 0x41, 0x89, 0xd0, 0x85,␊ |
58 | 0xf6, 0x74, 0x73, 0x48, 0x83, 0xc7, 0x28, 0x90,␊ |
59 | 0x8b, 0x05, 0x5e, 0x30, 0x5e, 0x00, 0x85, 0x47,␊ |
60 | 0xdc, 0x74, 0x5b, 0x8b, 0x4f, 0xd8, 0x45, 0x85,␊ |
61 | 0xc0, 0x74, 0x08, 0x44, 0x39, 0xc1, 0x44, 0x89,␊ |
62 | 0xc1, 0x75, 0x4b, 0x0f, 0x32, 0x89, 0xc0, 0x48,␊ |
63 | 0xc1, 0xe2, 0x20, 0x48, 0x09, 0xc2, 0x48, 0x89,␊ |
64 | 0x57, 0xf8, 0x48, 0x8b, 0x47, 0xe8, 0x48, 0x85,␊ |
65 | 0xc0, 0x74, 0x06, 0x48, 0xf7, 0xd0, 0x48, 0x21,␊ |
66 | 0xc2, 0x48, 0x0b, 0x57, 0xf0, 0x49, 0x89, 0xd1,␊ |
67 | 0x49, 0xc1, 0xe9, 0x20, 0x89, 0xd0, 0x8b, 0x4f,␊ |
68 | 0xd8, 0x4c, 0x89, 0xca, 0x66, 0x81, 0xf9, 0xe2,␊ |
69 | 0x00, 0x74, 0x02, 0x0f, 0x30, 0x8b, 0x4f, 0xd8,␊ |
70 | 0x0f, 0x32, 0x89, 0xc0, 0x48, 0xc1, 0xe2, 0x20,␊ |
71 | 0x48, 0x09, 0xc2, 0x48, 0x89, 0x17, 0x48, 0x83,␊ |
72 | 0xc7, 0x30, 0xff, 0xce, 0x75, 0x92, 0x5d, 0xc3␊ |
73 | };␊ |
74 | // Power management patch for kernel 12.5␊ |
75 | static UInt8 KernelPatchPmSrc2[] = {␊ |
76 | 0x55, 0x48, 0x89, 0xe5, 0x41, 0x89, 0xd0, 0x85,␊ |
77 | 0xf6, 0x74, 0x69, 0x48, 0x83, 0xc7, 0x28, 0x90,␊ |
78 | 0x8b, 0x05, 0xfe, 0xce, 0x5f, 0x00, 0x85, 0x47,␊ |
79 | 0xdc, 0x74, 0x51, 0x8b, 0x4f, 0xd8, 0x45, 0x85,␊ |
80 | 0xc0, 0x74, 0x05, 0x44, 0x39, 0xc1, 0x75, 0x44,␊ |
81 | 0x0f, 0x32, 0x89, 0xc0, 0x48, 0xc1, 0xe2, 0x20,␊ |
82 | 0x48, 0x09, 0xc2, 0x48, 0x89, 0x57, 0xf8, 0x48,␊ |
83 | 0x8b, 0x47, 0xe8, 0x48, 0x85, 0xc0, 0x74, 0x06,␊ |
84 | 0x48, 0xf7, 0xd0, 0x48, 0x21, 0xc2, 0x48, 0x0b,␊ |
85 | 0x57, 0xf0, 0x49, 0x89, 0xd1, 0x49, 0xc1, 0xe9,␊ |
86 | 0x20, 0x89, 0xd0, 0x8b, 0x4f, 0xd8, 0x4c, 0x89,␊ |
87 | 0xca, 0x0f, 0x30, 0x8b, 0x4f, 0xd8, 0x0f, 0x32,␊ |
88 | 0x89, 0xc0, 0x48, 0xc1, 0xe2, 0x20, 0x48, 0x09,␊ |
89 | 0xc2, 0x48, 0x89, 0x17, 0x48, 0x83, 0xc7, 0x30,␊ |
90 | 0xff, 0xce, 0x75, 0x9c, 0x5d, 0xc3, 0x90, 0x90,␊ |
91 | 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90␊ |
92 | };␊ |
93 | ␊ |
94 | static UInt8 KernelPatchPmRepl2[] = {␊ |
95 | 0x55, 0x48, 0x89, 0xe5, 0x41, 0x89, 0xd0, 0x85,␊ |
96 | 0xf6, 0x74, 0x70, 0x48, 0x83, 0xc7, 0x28, 0x90,␊ |
97 | 0x8b, 0x05, 0xfe, 0xce, 0x5f, 0x00, 0x85, 0x47,␊ |
98 | 0xdc, 0x74, 0x58, 0x8b, 0x4f, 0xd8, 0x45, 0x85,␊ |
99 | 0xc0, 0x74, 0x05, 0x44, 0x39, 0xc1, 0x75, 0x4b,␊ |
100 | 0x0f, 0x32, 0x89, 0xc0, 0x48, 0xc1, 0xe2, 0x20,␊ |
101 | 0x48, 0x09, 0xc2, 0x48, 0x89, 0x57, 0xf8, 0x48,␊ |
102 | 0x8b, 0x47, 0xe8, 0x48, 0x85, 0xc0, 0x74, 0x06,␊ |
103 | 0x48, 0xf7, 0xd0, 0x48, 0x21, 0xc2, 0x48, 0x0b,␊ |
104 | 0x57, 0xf0, 0x49, 0x89, 0xd1, 0x49, 0xc1, 0xe9,␊ |
105 | 0x20, 0x89, 0xd0, 0x8b, 0x4f, 0xd8, 0x4c, 0x89,␊ |
106 | 0xca, 0x66, 0x81, 0xf9, 0xe2, 0x00, 0x74, 0x02,␊ |
107 | 0x0f, 0x30, 0x8b, 0x4f, 0xd8, 0x0f, 0x32, 0x89,␊ |
108 | 0xc0, 0x48, 0xc1, 0xe2, 0x20, 0x48, 0x09, 0xc2,␊ |
109 | 0x48, 0x89, 0x17, 0x48, 0x83, 0xc7, 0x30, 0xff,␊ |
110 | 0xce, 0x75, 0x95, 0x5d, 0xc3, 0x90, 0x90, 0x90␊ |
111 | };␊ |
112 | ␊ |
113 | #define KERNEL_PATCH_SIGNATURE 0x85d08941e5894855ULL␊ |
114 | ␊ |
115 | void patch_kernel_32(void *kernelData, u_int32_t uncompressed_size);␊ |
116 | void patch_kernel_64(void *kernelData, u_int32_t uncompressed_size);␊ |
117 | ␊ |
118 | void patch_BooterExtensions_32(void *kernelData); ␊ |
119 | void patch_BooterExtensions_64(void *kernelData);␊ |
120 | ␊ |
121 | bool patch_pm_init(void *kernelData);␊ |
122 | bool patch_lapic_version_init_32(void *kernelData);␊ |
123 | bool patch_lapic_version_init_64(void *kernelData);␊ |
124 | bool patch_lapic_init_32(void *kernelData);␊ |
125 | bool patch_lapic_init_64(void *kernelData);␊ |
126 | bool patch_haswell_E_init(void *kernelData);␊ |
127 | bool patch_haswell_ULT_init(void *kernelData);␊ |
128 | ␊ |
129 | void patch_SSE3_6(void *kernelData);␊ |
130 | void patch_SSE3_5(void *kernelData);␊ |
131 | void patch_SSE3_7(void *kernelData);␊ |
132 | ␊ |
133 | bool patch_string_XNU_init(void *kernelData);␊ |
134 | ␊ |
135 | // kexts pathes␊ |
136 | unsigned int AppleRTC_Patch(void *data, UInt32 DriverSize, UInt32 StartLocation);␊ |
137 | unsigned int AsusAICPUPMPatch(void *data, UInt32 DriverSize, UInt32 StartLocation);␊ |
138 | unsigned int patch_NVDAStartupWeb(void *kernelData, UInt32 DriverSize, UInt32 StartLocation);␊ |
139 | unsigned int trimEnablerSata(void *data, UInt32 DriverSize, UInt32 StartLocation);␊ |
140 | unsigned int patch_AppleAHCIPort_OrangeFix(void *data, UInt32 DriverSize, UInt32 StartLocation);␊ |
141 | ␊ |
142 | void patch_prelinked_kexts(void *kernelData,␊ |
143 | u_int32_t uncompressed_size,␊ |
144 | unsigned prelinkTextVmaddr,␊ |
145 | unsigned prelinkTextFileOff);␊ |
146 | ␊ |
147 | void patchBooterDefinedKext(const char *kext, void *driverAddr, UInt32 DriverSize, UInt32 StartLocation);␊ |
148 | ␊ |
149 | // os version␊ |
150 | bool checkFullOSVer(const char *version);␊ |
151 | ␊ |
152 | #endif /* !__BOOT2_KERNEL_PATCHER_H */␊ |
153 | |