Jump to content
Welcome to InsanelyMac Forum

Register now to gain access to all of our features. Once registered and logged in, you will be able to contribute to this site by submitting your own content or replying to existing content. You'll be able to customize your profile, receive reputation points as a reward for submitting content, while also communicating with other members via your own private inbox, plus much more! This message will be removed once you have signed in.


  • Content count

  • Joined

  • Last visited

About oz_paulb

  • Rank
    InsanelyMac Protégé
  1. Announcement: kernel patcher utility (enable USB)

    Hi - I just noticed some problems with downloading the ".tgz" file, so in case others have seen the same, here's a ".zip" file that contains the same: http://www.paulbart.net/AppleTV/prelink_tool.070330a.zip Also, here's the contents of the "readme.txt" file inside the archive: ================================================================================ == README for 'prelink_tool' (includes USB whitelist patcher to enable USB on AppleTV) ================================================================================ == 'prelink_tool' written by Paul Bartholomew ([email="oz_paulb@hotmail.com"]oz_paulb@hotmail.com[/email]) USB whitelist patch by Turbo ([url="http://0xfeedbeef.com/appletv/"]http://0xfeedbeef.com/appletv/[/url]) 'prelink_tool' is a simple utility to decompress/recompress the "mach_kernel.prelink" file which contains the AppleTV kernel + several other modules (kext's). Using this utility, you can decompress the file, 'patch' the resulting binary output, then recompress to a new "mach_kernel.prelink" file to load onto your AppleTV. 'patching' of the decompressed binary can be done multiple ways. I've included a simple app that will 'poke' bytes into specific offsets in the file. I've also included a ".bat" (for DOS prompt in Windows) and ".sh" (for Unix/Linux) that will make use of these tools to apply Turbo's "enable USB devices" patch as described on his webpage (referenced above). ================================================================================ NOTE: I am *NOT* including a copy of Apple's (copyrighted) "mach_kernel.prelink" file, nor am I including a copy of the patched file. Using my utilities, and your own "mach_kernel.prelink" file (presumably taken from your own AppleTV's hard drive), you can generate your own modified kernel. This should avoid any legal issues related to distributing patched (but copyrighted) binaries. ================================================================================ Source code to the utilities is included in the archive, along with Windows (DOS command problem) ".exe" files (built from the included source using "MinGW"). If you are not running in Windows, you'll need to build the utilities on your system from the included source (Makefile is included) As mentioned above, a ".bat" (Windows) and ".sh" (Unix/Linux) are included which make use of these utilities to apply Turbo's USB patch. The scripts are called "do_usb_patch.bat" (Windows) and "do_usb_patch.sh" (Unix/Linux). Here's how to run the USB patch script: --------------------------------------- - Extract all files from this archive into a work directory. - From a command prompt, "cd" into the directory containing the extracted files - If you're not running Windows, you'll need to build the utilities (type "make" from command prompt) - Copy your own 'original/unpatched' "mach_kernel.prelink" into the same directory where all of the extracted files are - If running Windows, type: "do_usb_patch.bat" (without quotes). Or, if running Unix/Linux, type "do_usb_patch.sh" (without quotes) The script will use 'prelink_tool' to decompress your "mach_kernel.prelink" into a temp file (called "mach_kernel_patched.bin"). It will then apply the patches to the temp file (using the 'poke' utility). It will then re-compress the patched file to a new file called "mach_kernel_patched.prelink". You'll need to figure out how to get "mach_kernel.prelink" from your own AppleTV, and how to replace it with "mach_kernel_patched.prelink". I'm not an Apple/OS X expert, and wouldn't want to confuse anyone with my descriptions. Hopefully, someone else can document this process step-by-step. I have tested this script from both Windows and a PowerPC Mac Mini using my original AppleTV "mach_kernel.prelink" (md5sum: a195f9e6b0b4899a2917e5c20602ca1e). The new "mach_kernel_patched.prelink" (with USB patch applied) has an this md5sum: c71420b6a021e15e0b6beadf9eab2ba8. As you can see, this is the same result as Turbo's patched kernel. I hope that as more 'hacks' need to be applied to "mach_kernel.prelink", we can make use of these utilities to make easy-to-distribute (legal) mods. Using the individual ('prelink_tool' and 'poke') utilities ---------------------------------------------------------- The above description is helpful if you just want to apply the USB patch and move forward (without caring about the details). If you want to make use of the utilities, here's a quick description of how they are used: prelink_tool: ------------- Usage: prelink_tool [-d|-e] input_file.bin output_file.bin Use "-d" to decompress an input file ("mach_kernel.prelink") to a decompressed binary. Use "-e" to recompress an input file into a new ".prelink" file The utility takes care of parsing/removing the 'header' before decompression, and will generate a new header when compressing a file. poke: ----- Usage: poke filename.bin starting_file_offset val1 [val2...valN] 'starting_file_offset' is the byte offset into the file where patching should start. All subsequent 'values' will be written starting at this offset. 'val' is either a simple byte value (decimal or "0x??" hex value), or a 'pair' specified as "old:new" (example: 0x34:0x30). When a 'pair' is specified, "old" is the value that you expect to already be at that location, and "new" is the value it should be replaced with. The 'poke' utility will ensure that all expected "old" values are already in the file at those locations before overwriting (can/should be used as a sanity check to make sure you are patching the correct file/version of file). If any of the "old" values don't match, 'poke' will exit with an error status of "1". Otherwise, it will apply the patch(es), then exit with "0". See "do_usb_patch.bat/do_usb_patch.sh" for examples of using these utilities. Have fun hacking! - Paul Bartholomew ([email="oz_paulb@hotmail.com"]oz_paulb@hotmail.com[/email])
  2. Hello - I've written a utility to let you patch your own "mach_kernel.prelink" file (from your AppleTV) (it decompresses it, patches it, then recompresses it). This should allow for legal distribution of 'patches' (without distributing the actual copyrighted binaries). The utilities I've written are generic 'decompress/patch/compress' tools, but I've included a script/.bat file to apply Turbo's "enable USB port" patch (as described on his web page: http://0xfeedbeef.com/appletv/ I've put the utility on my website - I'd appreciate it if AwkwardTV could host the file (so my website isn't hammered). I'll leave it on my website until either someone else hosts it, or a few days has passed - whichever comes first. (actually, the file is quite small (about 30kbytes)). Here's a link to the archive containing the utilities (and full source code): prelink_tool.070330a.tgz (I'm assuming everyone knows how to extract from a gzip-compressed 'tar' file (".tgz" file)) There's a readme.txt inside the archive with more info. Of course, I take no responsibility if you 'brick' your AppleTV - I assume you know what you're doing if you are patching/replacing kernel files. Thanks to Turbo for his work in getting the USB port enabled, and for a pointer to the "lzss" compress/decompress source code (which I include in my utility) Have fun hacking! - Paul Bartholomew (oz_paulb@hotmail.com) BTW: the above archive contains Windows (DOS command prompt) ".exe" files. For Unix/Linux, you'll need to build from the included source code. See readme.txt for more info.
  3. Clue to enabling USB in mach_kernel.prelink?

    I'm not an apple OS X expert, but I think that at least some of the 'modules' have names embedded, so it could be possible to work out 'filenames'. For example, I see names like "com.apple.iokit.IOUSBFamily", "com.apple.driver.AppleUSBHub", etc. - Paulb
  4. Clue to enabling USB in mach_kernel.prelink?

    OK, thanks. Some further searching has found this page where someone has had some success with a USB keyboard (after patching the "mach_kernel.prelink" file to allow his USB keyboard's device ID): Link Yes, that's me.
  5. Hello - I've just started messing with my AppleTV. I'm new to the Mac, so my questions/comments may sound like I'm a newbie. Sorry. I've decompressed the "mach_kernel.prelink", and see what appear to be USB driver files. Something that looks promising are the strings "IsIOUSBDeviceAllowed" and "IsIOUSBInterfaceAllowed" referenced several times. From what I understand, the USB port isn't enabled by default. Could this be a clue to enabling it? Is there some sort of master 'database/registry' on the MAC where 'variables' such as "IsIOUSBDeviceAllowed" would be stored (and drivers could refer to the vars to make decisions)? If not, maybe the AppleTV EEPROM (which is partially dumped in the "dmesg" output) contains 'variables' that the drivers can refer to? If anything, someone with Intel disassembly/reverse-engineering experience may be able to find the code that actually refers to these strings/'variables', and force the code to always treat them as 'TRUE'. (assuming that's what these strings are - boolean 'variables') Just a thought - sorry if this is obvious. Edit: Maybe these aren't "boolean" symbols (yes/no for all USB devices) - maybe they are function names (that get passed device IDs to see if the given device is 'allowed'). Maybe they are exported somewhere in one of the modules inside "mach_kernel.prelink", or somewhere outside. Same idea should be possible: stub-out these functions to always return 'true'. - Paulb