Jump to content

SMC Emulation in DSDT


  • Please log in to reply
44 replies to this topic

#1
EncryptedSoul

EncryptedSoul

    InsanelyMac Protégé

  • Members
  • Pip
  • 34 posts
  • Gender:Male
I have the SMC emulation code, just need return keys for page decryption....


Device (SMC)
{
Name (_HID, EisaId ("APP0001"))
Name (_CID, "smc-napa")
Name (_STA, 0x0B)
Name (_CRS, ResourceTemplate ()
{
IO (Decode16,
0x0300, // Range Minimum
0x0300, // Range Maximum
0x01, // Alignment
0x20, // Length
)
})
Method (OSK0, 0, NotSerialized)
{
Return (need key)
}

Method (OSK1, 0, NotSerialized)
{
Return (need key)
}
}


When booting in verbose SMC Emulation is working but the Host errors out with fsInterrupt error, and the guest side errors out with SMC:Start Failure

But for now, everyone can have an emulated SMC chip!

Confirm by kextstat to see the presence of AppleSMC, and check for it in ioreg too.

~ES

#2
coconup

coconup

    InsanelyMac Geek

  • Members
  • PipPipPipPip
  • 190 posts
so I googled for those two keys, copied and pasted but it didn't work.. what am I missing?

#3
EncryptedSoul

EncryptedSoul

    InsanelyMac Protégé

  • Members
  • Pip
  • 34 posts
  • Gender:Male

so I googled for those two keys, copied and pasted but it didn't work.. what am I missing?

SMC Emulation is working fine, but the injection of keys is still being worked on ATM.

There is talk about not even needing the key data value's, instead only needing the bit key values injected when they are called for from the OS.

Perfect example of this was the Alexander Graf patch for QEMU.

There isn't a doubt in my mind this will be working very soon.

#4
Dr. Hurt

Dr. Hurt

    InsanelyMac Legend

  • Members
  • PipPipPipPipPipPipPipPipPip
  • 1,473 posts
  • Gender:Male
  • Location:Cairo, Egypt and NYC, USA
  • Interests:Wandering around on the internet!! Politics, Sci/Tech, Medicine.
Sounds Interesting.

#5
coconup

coconup

    InsanelyMac Geek

  • Members
  • PipPipPipPip
  • 190 posts
so there's no solution yet? 'cos I was already emulating smc by a while..

#6
EncryptedSoul

EncryptedSoul

    InsanelyMac Protégé

  • Members
  • Pip
  • 34 posts
  • Gender:Male

so there's no solution yet? 'cos I was already emulating smc by a while..

Roisoft, as well as myself have been working together on different scenarios on key calls and bit returns.

We have all the data at hand, it's the emulation for decryption calls we are trying to iron out.

BTY, it's good to see you Dr.Hurt.

~ES

#7
BlackCH

BlackCH

    InsanelyMac Deity

  • Members
  • PipPipPipPipPipPipPipPipPipPip
  • 1,615 posts
  • Gender:Male
  • Location:BCN
Good stuff!

#8
EncryptedSoul

EncryptedSoul

    InsanelyMac Protégé

  • Members
  • Pip
  • 34 posts
  • Gender:Male
Update: As of right now, SMC loads with interrupt resource error in verbose.

I also have a CPU_CST_Evaluation error that wasn't present before. Not sure if it's a smc_plugin error or an smc initializing error. Can someone try to confirm if this error is present without smc emulation.

Thanks in advance!

#9
EncryptedSoul

EncryptedSoul

    InsanelyMac Protégé

  • Members
  • Pip
  • 34 posts
  • Gender:Male
Code we are corrently working on, needs memory addressing think?

Device (SMC)
{
Name (_HID, EisaId ("APP0001"))
Name (_CID, "smc-napa")
Name (_STA, 0x0B)
Name (_CRS, ResourceTemplate ()
{
IO (Decode16,
0x0300, // Range Minimum
0x0300, // Range Maximum
0x01, // Alignment
0x20, // Length
)
})
Name (OSK0, Buffer (0x20)
{
/* 0000 */ 0x6F, 0x75, 0x72, 0x68, 0x61, 0x72, 0x64, 0x77,
/* 0008 */ 0x6F, 0x72, 0x6B, 0x62, 0x79, 0x74, 0x68, 0x65,
/* 0010 */ 0x73, 0x65, 0x77, 0x6F, 0x72, 0x64, 0x73, 0x67,
/* 0018 */ 0x75, 0x61, 0x72, 0x64, 0x65, 0x64, 0x70, 0x6C
})
Method (KEY0, 0, NotSerialized)
{
Return (Package (0x0110)
{
0x59,
0x6F,
0x75,
0x72,
0x20,
0x6B,
0x61,
0x72,
0x6D,
0x61,
0x20,
0x63,
0x68,
0x65,
0x63,
0x6B,
0x20,
0x66,
0x6F,
0x72,
0x20,
0x74,
0x6F,
0x64,
0x61,
0x79,
0x3A,
0x0A,
0x54,
0x68,
0x65,
0x72,
0x65,
0x20,
0x6F,
0x6E,
0x63,
0x65,
0x20,
0x77,
0x61,
0x73,
0x20,
0x77,
0x61,
0x73,
0x20,
0x61,
0x20,
0x75,
0x73,
0x65,
0x72,
0x20,
0x74,
0x68,
0x61,
0x74,
0x20,
0x77,
0x68,
0x69,
0x6E,
0x65,
0x64,
0x0A,
0x68,
0x69,
0x73,
0x20,
0x65,
0x78,
0x69,
0x73,
0x74,
0x69,
0x6E,
0x67,
0x20,
0x4F,
0x53,
0x20,
0x77,
0x61,
0x73,
0x20,
0x73,
0x6F,
0x20,
0x62,
0x6C,
0x69,
0x6E,
0x64,
0x2C,
0x0A,
0x68,
0x65,
0x27,
0x64,
0x20,
0x64,
0x6F,
0x20,
0x62,
0x65,
0x74,
0x74,
0x65,
0x72,
0x20,
0x74,
0x6F,
0x20,
0x70,
0x69,
0x72,
0x61,
0x74,
0x65,
0x0A,
0x61,
0x6E,
0x20,
0x4F,
0x53,
0x20,
0x74,
0x68,
0x61,
0x74,
0x20,
0x72,
0x61,
0x6E,
0x20,
0x67,
0x72,
0x65,
0x61,
0x74,
0x0A,
0x62,
0x75,
0x74,
0x20,
0x66,
0x6F,
0x75,
0x6E,
0x64,
0x20,
0x68,
0x69,
0x73,
0x20,
0x68,
0x61,
0x72,
0x64,
0x77,
0x61,
0x72,
0x65,
0x20,
0x64,
0x65,
0x63,
0x6C,
0x69,
0x6E,
0x65,
0x64,
0x2E,
0x0A,
0x50,
0x6C,
0x65,
0x61,
0x73,
0x65,
0x20,
0x64,
0x6F,
0x6E,
0x27,
0x74,
0x20,
0x73,
0x74,
0x65,
0x61,
0x6C,
0x20,
0x4D,
0x61,
0x63,
0x20,
0x4F,
0x53,
0x21,
0x0A,
0x52,
0x65,
0x61,
0x6C,
0x6C,
0x79,
0x2C,
0x20,
0x74,
0x68,
0x61,
0x74,
0x27,
0x73,
0x20,
0x77,
0x61,
0x79,
0x20,
0x75,
0x6E,
0x63,
0x6F,
0x6F,
0x6C,
0x2E,
0x0A,
0x20,
0x20,
0x20,
0x28,
0x43,
0x29,
0x20,
0x41,
0x70,
0x70,
0x6C,
0x65,
0x20,
0x43,
0x6F,
0x6D,
0x70,
0x75,
0x74,
0x65,
0x72,
0x2C,
0x20,
0x49,
0x6E,
0x63,
0x2E,
0x90,
0xFC,
0x19,
Zero,
0x7F,
0xFC,
0x19,
Zero,
0x6C,
0xFC,
0x19,
Zero,
0x9E
})
}

Name (OSK1, Buffer (0x20)
{
/* 0000 */ 0x65, 0x61, 0x73, 0x65, 0x64, 0x6F, 0x6E, 0x74,
/* 0008 */ 0x73, 0x74, 0x65, 0x61, 0x6C, 0x28, 0x63, 0x29,
/* 0010 */ 0x41, 0x70, 0x70, 0x6C, 0x65, 0x43, 0x6F, 0x6D,
/* 0018 */ 0x70, 0x75, 0x74, 0x65, 0x72, 0x49, 0x6E, 0x63
})
Method (KEY1, 0, NotSerialized)
{
Return (Package (0x40)
{
0x6F,
0x75,
0x72,
0x68,
0x61,
0x72,
0x64,
0x77,
0x6F,
0x72,
0x6B,
0x62,
0x79,
0x74,
0x68,
0x65,
0x73,
0x65,
0x77,
0x6F,
0x72,
0x64,
0x73,
0x67,
0x75,
0x61,
0x72,
0x64,
0x65,
0x64,
0x70,
0x6C,
0x65,
0x61,
0x73,
0x65,
0x64,
0x6F,
0x6E,
0x74,
0x73,
0x74,
0x65,
0x61,
0x6C,
0x28,
0x63,
0x29,
0x41,
0x70,
0x70,
0x6C,
0x65,
0x43,
0x6F,
0x6D,
0x70,
0x75,
0x74,
0x65,
0x72,
0x49,
0x6E,
0x63
})
}
}

#10
BlackCH

BlackCH

    InsanelyMac Deity

  • Members
  • PipPipPipPipPipPipPipPipPipPip
  • 1,615 posts
  • Gender:Male
  • Location:BCN
with SMC emulation:

6/12/09 11:50:34 PM kernel ACPI_SMC_PlatformPlugin::pushCPU_CSTData - _CST evaluation failed 
6/12/09 11:50:34 PM kernel SMC::smcInitEventSources ERROR: failed to create fInterruptSource 
6/12/09 11:50:34 PM kernel SMC::smcInitHelper ERROR: smcInitEventSources failed (kIOReturnError) 
6/12/09 11:50:34 PM kernel SMC::start ERROR: smcInitHelper failed (kIOReturnError)

without:

6/12/09 11:59:49 PM kernel ACPI_SMC_PlatformPlugin::pushCPU_CSTData - _CST evaluation failed

In both cases AppleSMC is present in the kextstat.
Still booting with decrypt kext for now.

#11
EncryptedSoul

EncryptedSoul

    InsanelyMac Protégé

  • Members
  • Pip
  • 34 posts
  • Gender:Male

with SMC emulation:

6/12/09 11:50:34 PM kernel ACPI_SMC_PlatformPlugin::pushCPU_CSTData - _CST evaluation failed 
 6/12/09 11:50:34 PM kernel SMC::smcInitEventSources ERROR: failed to create fInterruptSource 
 6/12/09 11:50:34 PM kernel SMC::smcInitHelper ERROR: smcInitEventSources failed (kIOReturnError) 
 6/12/09 11:50:34 PM kernel SMC::start ERROR: smcInitHelper failed (kIOReturnError)

without:

6/12/09 11:59:49 PM kernel ACPI_SMC_PlatformPlugin::pushCPU_CSTData - _CST evaluation failed

In both cases AppleSMC is present in the kextstat.
Still booting with decrypt kext for now.

Yeah, emulation of the smc chip is working, however we need to figure out a way to have the data keys and bit keys injected into memory where they need to be.

As a side note, Device (SMC) should be inserted into the dsdt table before Device (DMAC) and after Device (LNKH).

It is a possible task, we just need to figure out how it needs to be implemented in DSDT.

#12
coconup

coconup

    InsanelyMac Geek

  • Members
  • PipPipPipPip
  • 190 posts

Update: As of right now, SMC loads with interrupt resource error in verbose.

I also have a CPU_CST_Evaluation error that wasn't present before. Not sure if it's a smc_plugin error or an smc initializing error. Can someone try to confirm if this error is present without smc emulation.

Thanks in advance!


that error is related to cstates, in my laptop they were completely messed up so I had to extract them from linux and put them in my dsdt (booting with dropssdt now), see the 'chameleon with dsdt and ssdt override' topic :(

btw I don't know if that error is related to smc emulation or not but injecting your cstates and pstates enables vanilla throttling with the original applecpupm and smcplatformplugin and solves it. I still have the other init errors however

#13
mitch_de

mitch_de

    InsanelyMacaholic

  • Local Moderators
  • 2,880 posts
  • Gender:Male
  • Location:Stuttgart / Germany
Can someome tell us what SMC is and in which way there is an difference/advantadge for an enduser when using it on hackintosh ?
Well known (and used by me) are HDEF / LAN and GPU dsdt fixes - all with big advantages compared to EFI/natit injection.

THANKS!

#14
iTarzan

iTarzan

    InsanelyMac Protégé

  • Members
  • Pip
  • 9 posts
From Apple (Oh my Google...)

SMC:
The System Management Controller is an integrated circuit (computer chip) that is on the logic board of the computer. As the name implies, it is responsible for power management of the computer. It controls backlighting, hard disk spin down, sleep and wake, some charging aspects, trackpad control, and some input/output as it relates to the computer sleeping. ...

The lack of this chip on standard x86 motherboards means no direct support by the OS of the above mentioned functions, obliging us to use handmade kexts like voodoopower, ps2, openhaltrestart....

The possibility of emulating the chip (fooling the OS) through DSDT patching (like GPU, Ethernet, Sound...) would solve some (if not all) of the problems, and bringing us closer to the 101% Mac Os X experience.

Correct me if I'm wrong.

EDIT: Partially incorrect information, thanks EncryptedSoul
Further, SMC provides the key for the decryption of the binaries. Emulating it would mean:

...
Once this is done we will no longer need dsmos or decrypt kext.


For more insight read here and here

#15
EncryptedSoul

EncryptedSoul

    InsanelyMac Protégé

  • Members
  • Pip
  • 34 posts
  • Gender:Male

From Apple (Oh my Google...)

SMC:
The System Management Controller is an integrated circuit (computer chip) that is on the logic board of the computer. As the name implies, it is responsible for power management of the computer. It controls backlighting, hard disk spin down, sleep and wake, some charging aspects, trackpad control, and some input/output as it relates to the computer sleeping. ...

The lack of this chip on standard x86 motherboards means no direct support by the OS of the above mentioned functions, obliging us to use handmade kexts like voodoopower, ps2, openhaltrestart....

The possibility of emulating the chip (fooling the OS) through DSDT patching (like GPU, Ethernet, Sound...) would solve some (if not all) of the problems, and bringing us closer to the 101% Mac Os X experience.

Correct me if I'm wrong.

Actually the only emulation we are trying to achieve would be the decryption of SMC.

Once this is done we will no longer need dsmos or decrypt kext.

#16
iTarzan

iTarzan

    InsanelyMac Protégé

  • Members
  • Pip
  • 9 posts

Actually the only emulation we are trying to achieve would be the decryption of SMC.

Once this is done we will no longer need dsmos or decrypt kext.


Thanks for the clarification. I din't noticed your nick ;)
Seems promising.

#17
fassl

fassl

    InsanelyMac Legend

  • Retired
  • 623 posts
There is no need to mess further with that, it won't work that way, since values from the smc are read in a completely different way.

#18
EncryptedSoul

EncryptedSoul

    InsanelyMac Protégé

  • Members
  • Pip
  • 34 posts
  • Gender:Male

There is no need to mess further with that, it won't work that way, since values from the smc are read in a completely different way.

Hi fassl

So there isn't a way to emulate the smc in this manner?

What other options do we have aside from using kexts?

As per David Elliott OSK0 & OSK1 keys can be emulated via emulating the smc.

I'm confused....

#19
fassl

fassl

    InsanelyMac Legend

  • Retired
  • 623 posts
Yes, but you don't emulate it, you just let OSX think you have a SMC device by putting it into the DSDT, you don't emulate anything, so it won't work that way.

#20
EncryptedSoul

EncryptedSoul

    InsanelyMac Protégé

  • Members
  • Pip
  • 34 posts
  • Gender:Male

Yes, but you don't emulate it, you just let OSX think you have a SMC device by putting it into the DSDT, you don't emulate anything, so it won't work that way.

Is there a way to copy the bit keys into a specified memory address using dsdt? We buffer info for gma950, why not buffer bit keys so when osk0 & osk1 ask for the values, they are already there.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

© 2014 InsanelyMac  |   News  |   Forum  |   Downloads  |   OSx86 Wiki  |   Mac Netbook  |   PHP hosting by CatN  |   Designed by Ed Gain  |   Logo by irfan  |   Privacy Policy