Reboot patch for 10.5.2 vanilla mach_kernel 9.2.2

[byuu]

After installing with the vanilla mach_kernel (version 9.2.2) on a GA-945GCM-S2C mainboard, I found that restart did not work. The system would hang forever after printing "MACH Reboot" to the console. I see that a lot of other people have this problem, so I figured I would post my solution.

 

I was able to find a very old patch for the 10.4.4 kernel, which didn't help me much. I also didn't want to use the AMD/SSE2/sleepkernel, when I could otherwise run a vanilla kernel. Too modified for my tastes.

 

So long story short, I disassembled the 10.5.2 kernel and created my own binary reboot patch for it.

 

It's unfortunately quite a bit larger than the old 4-byte 10.4.4 patch, for two reasons. One, Apple removed the function alignment that gave needed padding for new code. Two, the old patch wasn't complete -- it would break shutdown, causing it to restart the machine instead of powering it off. My patch allows both restart and shutdown to work normally.

 

And here is the patch itself:

 

;restart patch for Mac OS X 10.5.2 (vanilla mach_kernel 9.2.2)
;author: byuu
;license: public domain
;date: 2008-04-28
;assemble with "yasm -f bin restart.asm -o restart.bin"

bits 32

%define base 0x09d80e
%define relative(n) n - (base + $ - zero)

zero:
 push ebp
 mov  ebp,esp
 sub  esp,24

 mov  eax,[ebp+8]
 test eax,eax
 je  .shutdown

.restart
 mov  dword[esp],0x4621f4
 call relative(0x0232f8)
; mov  dword[esp],1
 xor  eax,eax
 inc  eax
 mov  [esp],eax
 call relative(0x32066a)
; jmp .hang
 mov  al,0xfe
 out  0x64,al
 hlt

.shutdown
 mov  dword[esp],0x462204
 call relative(0x0232f8)
; mov  dword[esp],0
 xor  eax,eax
 mov  [esp],eax
 call relative(0x32066a)

.hang
 jmp .hang

;original:
;offset  hex
;09d80e  55 89 e5 83 ec 18 8b 45 08 85 c0 74 1a c7 04 24
;09d81e  f4 21 46 00 e8 d1 5a f8 ff c7 04 24 01 00 00 00
;09d82e  e8 37 2e 28 00 eb 18 c7 04 24 04 22 46 00 e8 b7
;09d83e  5a f8 ff c7 04 24 00 00 00 00 e8 1d 2e 28 00 eb
;09d84e  fe

;modified:
;offset  hex
;09d80e  55 89 e5 83 ec 18 8b 45 08 85 c0 74 1c c7 04 24
;09d81e  f4 21 46 00 e8 d1 5a f8 ff 31 c0 40 89 04 24 e8
;09d82e  38 2e 28 00 b0 fe e6 64 f4 c7 04 24 04 22 46 00
;09d83e  e8 b5 5a f8 ff 31 c0 89 04 24 e8 1d 2e 28 00 eb
;09d84e  fe

 

(EDIT: corrected small typo.)

 

If you're having this problem and want to give it a try, please be very careful. If you mistype even a single character, it will fail. I recommend triple checking your work. Basically, you should really only attempt this if you know what you're doing.

 

I'm not going to upload a patched kernel myself, but if someone else wants to, feel free.

 

Instructions:

1) Download 0xed (Google search)

2) Open a terminal and run:

3) cd /

4) cp mach_kernel ~/Desktop/acpikernel

5) Open acpikernel in 0xed, go to offset 09d80e and set overwrite mode at the bottom

6) Verify that the original hex code above matches what your kernel has. If it does not, stop here. You don't have vanilla mach_kernel 9.2.2, and this patch will most certainly not work at all for you. You might try looking for vanillakernel instead of mach_kernel

7) Type the modified code above into the window, and then check to make sure you typed it all correctly

8) Check again

9) Check one more time, better safe than sorry; and then save the file

10) Go back to the terminal and run:

11) sudo cp ~/Desktop/acpikernel /acpikernel

12) sudo nano /Library/Preferences/SystemConfiguration/com.apple.Boot.plist

13) change mach_kernel to acpikernel, press ^x and save the file

14) Restart the PC, and try out both shutdown and reboot to ensure they're working

 

If anything fails, press a key at the boot prompt, and type mach_kernel. This will boot you back with the original kernel, and you can change com.apple.Boot.plist back to mach_kernel.

 

If you do try this, I'd be interested in hearing your results.

[Lenka-Penka]

Hi byuu,I'm trying your mod now and have one question:in my code of mach_kernel this place ;09d81e f4 12 reads as;09d81e f4 21 Do we have to replace 12 for 21, or leave 21 as is?Thanks!

 

Added later:

It didn't work for me - I tried both variants (;09d81e f4 12 and ;09d81e f4 21).Still no difference between the ordinary vanilla kernel.

[iSkylla]

Nice job, I don't have a problem with reboot with vanilla kernel but many people do so this is a nice fix. It's nice to see someone with 1 post actually post something useful. Kudos.

[byuu]

All, I'm very sorry about that. My eyes must have been playing tricks on me. I had to type that code into the text editor by hand, since ghex2 doesn't have a copy as text method. Still, no excuse.

 

It is most certainly "f4 21", and I have updated my original post (and source file date) to reflect this. I took the time to re-verify it was all typed perfectly this time.

 

Lenka-Penka, hmm ... did you try booting with -v? When you choose restart, you should see "MACH Reboot" printed to the console. If you don't get this far, you have a different issue. If you do, it should restart soon after. If it continues to hang, then my patch is most certainly not working for you. If that is the case, I would be interested if the sleepkernel works for you, as it uses the same KBC reset port trick to restart the machine.

 

A few quick troubleshooting steps, run diff mach_kernel acpikernel, make sure it prints that they are different. On the boot line, try "acpikernel -v" to make sure it's being loaded. Etc etc.

 

At any rate, thank you for trying. I'm sorry it did not work for you.

[enyceexdanny]

I'm about to try it, but i'm wondering - exactly what do I know with the patch above the hex codes?

Also, how do I back up the original mach_kernel?

I can overwrite the mach_kernel with this command, correct?

 

sudo cp ~/Desktop/acpikernel /mach_kernel

 

Will it cause any problems?

 

 

 

thanks

[byuu]

The top part is the assembler code that generates the bottom part's hex codes. Just ignore the top part. I only included it to show what the patch did. It's admittedly not very useful, I suppose.

 

Also, I recommend using "sudo cp ~/Desktop/acpikernel /acpikernel". You won't have to back up the original kernel this way. I strongly discourage overwriting your official mach_kernel. Best to update com.apple.Boot.plist instead. At the very least, please verify the patch works for you before doing so.

 

Please make sure that booting the vanilla kernel with -v and then restarting causes your system to hang immediately after printing "MACH Reboot". Otherwise, this patch won't help.

[Lenka-Penka]

Hi byuu,

 

you are right - this patch won't work for me since I don't have this "MACH Reboot". The system shuts everything down and halts with screen off, so it should be another issue.

[enyceexdanny]

Another question.

Would doing this still keep the kernel as vanilla? As in being able to update?

 

Thanks

 

(will try this tonight and will post the results)

[byuu]

enyceexdanny, if you modify the kernel, it will no longer be a vanilla kernel. However, since you can run the vanilla kernel already, you should be able to upgrade it to a newer kernel with no problems. The only thing would be that reset would break again.

 

I'm not sure how safe it would be to use the Apple updater to do this, though. That may interfere with the EFI emulator.

 

Lenka-Penka, I see. Sorry I couldn't be of assistance.

[enyceexdanny]

Tried it, and it works like a charm!. thanks =)

 

2 questions though.

 

What exactly does this modification do?

 

Secondly, since just modifying the hex of the kernel caused it to be non-vanilla - I wouldn't be able to get "any" updates via macupdate? So the best way would be to edit the boot.plist file back to mach_kernel then updates, correct?

 

Thanks. =)

[00diabolic]

I was able to use every vanilla kernel upto 9.2.2 with CPUS=1. Now with 9.2.2 I get an instant reboot every time and none of the flags help with it.

 

Any hope for me with this patch if I gave it a shot?

 

I highly doubt it but I figured I'd ask. I am using netkas 9.2 SS kernel now. which works fine.

[byuu]

Thanks for letting me know it worked! If I can help out just one person, then I'm happy

 

What exactly does this modification do?

 

The vanilla kernel relies upon ACPI to restart the system. But for whatever reason, that doesn't work. Probably just differences in the ACPI setup of generic mainboards vs Apple's.

 

This patch basically strobes the keyboard controller, which is connected to the reset pin on the PC. Doing so forces a reboot.

 

Secondly, since just modifying the hex of the kernel caused it to be non-vanilla - I wouldn't be able to get "any" updates via macupdate? So the best way would be to edit the boot.plist file back to mach_kernel then updates, correct?

 

I've never tried updating, so I'm not sure what'll happen. In theory, *if* it works with the vanilla kernel, it'll work with this one. The only problem that you'll have is that restart will stop working again.

 

Any hope for me with this patch if I gave it a shot?

 

For the bug you're experiencing, unfortunately not, sorry. This will only have an effect if you can already boot into your desktop, and the system hangs after manually choosing to restart.

[the720k]

Byuu, Thanks for the great information. I just printed this thread, and I actually am waiting for the exact same motherboard as you have to arrive in the mail. I'm looking forward to applying the patch when I get Tiger installed on my new machine.

 

Just out of curiosity, did you run into other OS X problems specific to the Gigabyte GA-945GCM-S2C? I'd just like to know what to look forward to when it arrives.

 

Thanks again, man. Nice patch!

[enyceexdanny]

Any chance to fix the shutdown also?

Reboot is fine with patch, but shutdown still hangs when I remove this other shutdownfix patch.

[byuu]

Just out of curiosity, did you run into other OS X problems specific to the Gigabyte GA-945GCM-S2C?

 

I used Kalyway 10.5.2, and in the end I got everything working.

 

First problem was restart not working, hence I made this patch.

 

Second problem was that I read a tutorial for the GA-945GCM-S2L that advised using Taruga's AppleHDAPatcher (eg ALCinject) for ALC662 sound support. This turned out to be a serious mistake. Taruga's patch causes a kernel panic whenever you shutdown the system after having put it to sleep previously. Worse yet, it's not even necessary unless you use a microphone. Just use Kalyway's two HDA options, and you'll have sound output working right away, without broken shutdown. If you need a microphone, I suggest buying a USB sound card.

 

Third problem, ethernet stopped working after sleep. Simple solution if you have a router: just set the connection type to manual, copying the DHCP info already there. Not quite so easy if you don't have a router / static IP.

 

Fourth problem, onboard GMA950. You have three options: 1) use the Kalyway driver, and get mouse artifacts. It mostly happens in third-party apps (Firefox 2, BBEdit, MS Office, etc) but also happens when renaming files in Finder, 2) use Apple Leopard Graphics Update and lose the ability to change your desktop resolution (stuck at 1024x768, or 1280x1024 with a boot parameter), 3) get another video card. There's lots of people trying to fix the desktop GMA950 -- I've searched for a week and found nothing. I just bought an XFX Geforce 8400GS low profile card. Used NVinject 0.2.1 and that took care of that problem. Full QE/CI, and the card is several times faster.

 

Finally, I used the "About This Mac" graphic from here: http://forum.insanelymac.com/index.php?showtopic=77453 -- to fix the customized logo placed on the Kalyway DVD. That's purely for aesthetic reasons.

 

Good luck with your setup!

 

Any chance to fix the shutdown also?

Reboot is fine with patch, but shutdown still hangs when I remove this other shutdownfix patch.

 

Unforunately not. I tried to do this to work around the Taruga kernel panic issue mentioned previously (back when I thought AppleHDAPatcher was necessary), but had no luck. There's basically two ways to shut down a computer: APM and ACPI.

 

ACPI is out, that's what it's using already and not working. It also requires a driver interface that I have no idea how to access from a patch.

 

APM requires the PC to be in 16-bit real mode to execute. I had no luck switching from 32-bit mode to 16-bit mode within a running kernel to call the APM functions. It's a very tricky and dangerous thing to do, and I had very little code space to work with.

 

You may wish to look into why the PC is crashing with shutdown. Usually it's injectors that cause it. You can sometimes replace those with EFI strings in com.apple.Boot.plist, more on netkas' forum. Failing that ... the best I could do is modify the reboot patch to always force a reboot. You'll have to then manually power your PC off at the BIOS boot screen, but it might be better than having your PC crash on you if you accidentally choose shutdown :/

[Gidi]

I patched a clean vanilla kernel, and it worked.

I can fast reboot now, all my USB thing seems to work.

 

Really need my soundcard inputs so I need HDAPatcher too. Not big issue for me to reboot before shutdown, but...I experienced a BIG problem, at least in my setup.

 

When I wake up from sleep, there is no LoginWindow.app there, so security after sleep is a bit tricky.

 

Can you please try if this happens In your case too?

 

Cheers.

 

 

--> I've uploaded patched kernel, so no need to do it manually again.

 

vanillapatched - 9.80MB

[enyceexdanny]

thanks for the response byuu.

 

Currently, I "can" shutdown - with some shutdownfix patch i found in the forums.

What it does is, it kills all the cores except 1 when you initiate the shutdown command. and that does seem to do the trick.

Just would've been nice to have both the fixes in 1 patch. =)

 

Anyways, thanks for your efforts! ^^

[byuu]

When I wake up from sleep, there is no LoginWindow.app there, so security after sleep is a bit tricky. Can you please try if this happens In your case too?

 

I'm sure you've tried this, but just in case ... I had to set the two options under the security preferences tab (regarding the screensaver), and it now requires a password when I wake the computer up from sleep.

 

Must be some other issue for you, unless of course sleep works with the vanilla kernel. That'd be very weird as sleep doesn't even use the function I've patched.

 

What it does is, it kills all the cores except 1 when you initiate the shutdown command. and that does seem to do the trick.

 

Ah, interesting. I have a dual core and shutdown still seems to work. It's a shame there's so much variance between all of our computers with this stuff ...

[Gidi]

Thanks for your reply, byuu.

 

I've managed to get the Login Window back in vanilla kernel, so switching to patched one made no difference, sorry for thinking it had something to do with this patch!

 

Everything working right now, except Shutdown, wich isnt important in my case.

 

Thanks for posting this workaround.

 

Cheers

[personguy]

;original:
;offset  hex
;09d80e  55 89 e5 83 ec 18 8b 45 08 85 c0 74 1a c7 04 24
;09d81e  f4 21 46 00 e8 d1 5a f8 ff c7 04 24 01 00 00 00
;09d82e  e8 37 2e 28 00 eb 18 c7 04 24 04 22 46 00 e8 b7
;09d83e  5a f8 ff c7 04 24 00 00 00 00 e8 1d 2e 28 00 eb
;09d84e  fe

;modified:
;offset  hex
;09d80e  55 89 e5 83 ec 18 8b 45 08 85 c0 74 1c c7 04 24
;09d81e  f4 21 46 00 e8 d1 5a f8 ff 31 c0 40 89 04 24 e8
;09d82e  38 2e 28 00 b0 fe e6 64 f4 c7 04 24 04 22 46 00
;09d83e  e8 b5 5a f8 ff 31 c0 89 04 24 e8 1d 2e 28 00 eb
;09d84e  fe

 

Instructions:

1) Download 0xed (Google search)

2) Open a terminal and run:

3) cd /

4) cp mach_kernel ~/Desktop/acpikernel

5) Open acpikernel in 0xed, go to offset 09d80e and set overwrite mode at the bottom

6) Verify that the original hex code above matches what your kernel has. If it does not, stop here. You don't have vanilla mach_kernel 9.2.2, and this patch will most certainly not work at all for you. You might try looking for vanillakernel instead of mach_kernel

7) Type the modified code above into the window, and then check to make sure you typed it all correctly

8) Check again

9) Check one more time, better safe than sorry; and then save the file

10) Go back to the terminal and run:

11) sudo cp ~/Desktop/acpikernel /acpikernel

12) sudo nano /Library/Preferences/SystemConfiguration/com.apple.Boot.plist

13) change mach_kernel to acpikernel, press ^x and save the file

14) Restart the PC, and try out both shutdown and reboot to ensure they're working

 

If anything fails, press a key at the boot prompt, and type mach_kernel. This will boot you back with the original kernel, and you can change com.apple.Boot.plist back to mach_kernel.

 

If you do try this, I'd be interested in hearing your results.

 

works an absolute treat! thank you so much for this!

and yes, one wonders how you knew what to add where... at least i'd be curious to know. at any rate: thanks a bil'!

 

btw, in case anyone else is a relative nub like me, be aware that the mach_kernel file is invisible, so when you copy it to the desktop, you won't actually be able to 'see' it. but you can open your hex editor and navigate to the file through Open. also: it's probably worth it to reiterate byuu's instruction regarding one crucial element of the hex editing process: make sure the editor is set to Overwrite, not Insert! .. seems a no-brainer, but it's something i nearly missed when editing a different file, so i thought it'd be worth re-mentioning.

 

then, instead of modifying my apple.Boot.plist as per your instructions above, i just saved my new file with a different name in the / directory (where the original mach_kernel is), then just chose that kernel at the boot to test it. in other words, i just saved my modded mach_kernel as acpikern in the same directory as the former, then, at the 'boot:' prompt, just entered acpikern. voila. i'm on a dell vostro 200 using iATKOS 2.0i.

 

hope that can help someone who's attempting this.

 

lovely fix

[hayduke]

I'm revealing my noobiness here, but is there any way you could upload the modified kernel for those of us who don't know how to do it ourselves? I can't upgrade without a proper restart.

 

Thanks.