Jump to content
519 posts in this topic

Recommended Posts

  • 2 weeks later...
  • 1 month later...

I’m currently updating DarwinDumper for El Capitan.

 

One problem I have noticed is the FirmwareMemoryMap dtrace script no longer provides the memory map. Looking further in to El Capitan’s dtrace it seems the fbt (Function Boundary Tracing) probes no longer allow reading kernel internal functions.

$ sudo dtrace -l | grep fbt
I wonder if there’s another method for getting a memory map from inside the OS? Anyone got any ideas?
Link to comment
Share on other sites

Hi blackosx :)

 

I am vaguely convinced that is the same reason why Chameleon not currently working (zalloc.c inside kernel source)

 

EDIT

not sure if "sysctl -a some option" can help you.

I’m currently updating DarwinDumper for El Capitan.

One problem I have noticed is the FirmwareMemoryMap dtrace script no longer provides the memory map. Looking further in to El Capitan’s dtrace it seems the fbt (Function Boundary Tracing) probes no longer allow reading kernel internal functions.

$ sudo dtrace -l | grep fbt
I wonder if there’s another method for getting a memory map from inside the OS? Anyone got any ideas?

 

Link to comment
Share on other sites

Hey Mickey. Thanks for your input.

 
There could well be a connection with the kernel changes but I’m not knowledgable enough at that level to know without doing a lot of reading.
 
I think sysctl does not provide details for memory layout info.
  • Like 1
Link to comment
Share on other sites

Here's a preliminary beta update with bug fixes and detection for El Capitan.

 

v2.9.8 -> 2.9.9b1

 
- Update ioregwv to latest version to correctly escape backslashes. This fixes an issue where the I/O Kit Registry web viewer would fail to load the DeviceTree->Chosen data set.
- Add recognition for El Capitan.
- Fix Browse button and save path text box in Custom Path page.
 
Note: Under El Capitan, the Firmware Memory Map does not function (without rootless=0 boot-arg).
 
EDIT: Attachment removed as newer version is posted later in the thread
Link to comment
Share on other sites

Hi blackosx, I have not yet installed 10.11, when I have a new disc (no other space available) I will test the new release. :)

Hey Mickey. No rush.

hey, blackosx   :D

 

Just tried b1 and the dump was saved to 2.9.8 Reports folder.  

 

*Found save path /Users/OSX/Desktop/DarwinDumper_v2.9.8/DarwinDumperReports

 

I never had any save to an older builds folder before so thought I would mention it..

Hi joe75 :)
 
Thanks for the log from v2.9.9b1 but I don't see anything wrong.
 
I see it finds a previously used ~/Desktop/DarwinDumper_v2.9.8/DarwinDumperReports directory to save the dump.
*Found save path /Users/OSX/Desktop/DarwinDumper_v2.9.8/DarwinDumperReports
...
*Save path verify: Path exists.
This directory still existed so the save path was used this time.
 
To change this you can either:
- delete/move/rename ~/Desktop/DarwinDumper_v2.9.8/DarwinDumperReports and the app will ask you to set a new path.
- load DarwinDumper and click the 'Custom Path' link from from the options on the left side of the UI.
  • Like 1
Link to comment
Share on other sites

  • 3 weeks later...

v2.9.9b1 -> 2.9.9b2

 
- Add notification of El Capitan's SIC (Security Integrity Configuration) status to log file and html report.
 
EDIT: Attachment removed as newer version is posted later in the thread
  • Like 2
Link to comment
Share on other sites

  • 2 weeks later...

v2.9.9b2 -> 2.9.9b7

 

- Removed rogue a.txt from previous beta.

- Added privacy mask for Clover config.plist MLB, ROM and SmUUID.
- Added privacy mask for DMI table type 2 base board serial.
- UI save path is now only written to user prefs is the user changes it.
- UI save path menu option now shows either default or custom path.
- UI save path menu option now flashes at launch to indicate a custom path is set.
- Tried to improve on detection of SIP but not there yet as still verifying settings from different loaders.
- Tweaked bdisk script to make standalone run easier.
- Detect SIP and dtrace stae before attempting to run memory map dump.
- Add extra feedback to stdout for disk reading when running from command line.
- Add detection for Clover legacy boot nvram.plist to Bootloader Config File dump.
 
EDIT: Attachment removed as newer version is posted later in the thread
 
* Credit to arsradu for some ideas, testing and feedback.
  • Like 4
Link to comment
Share on other sites

I haven't tried 10.11 yet and was hesitant but used it on 10.10.5 beta with terrific results. Thanks for the great tool!

  • Like 1
Link to comment
Share on other sites

2.9.9b7 -> 2.9.9b9

 

- Update jQuery and jQueryUI libraries.

- Update pci.ids.
- Update getcodecid binary with FAT version of recent changes (thanks to InsanelyDeepak, ErmaC and Micky1979 for recent development).
- Update credits.
 
EDIT: Attachment removed as newer version is posted later in the thread
 
Visual changes:
post-331032-0-89439900-1439446885_thumb.jpg
  • Like 3
Link to comment
Share on other sites

 Share

×
×
  • Create New...