-Archive- Macefix86 2006 -Archive-

[joe75]

This has almost nothing to do with the Microsoft Vista EFI bootloader.

 

I know what your trying to do, thats why I said don't think I'm retarded

 

I meant would we be able to see what that file dose and see if it could help you guys figure out what you need to do, use it just for example, to see how its written

 

If I'm talking out my ass, say so

 

It was just a thought

[mifki]

your talking your ass out, we have the apple bootloader instead

 

 

Oh btw, thats a joke lol

[joe75]

your talking your ass out, we have the apple bootloader instead

 

Thanks

[Mrcollins]

Honestly, searching for the Signatures in RAM will probably be your best bet. Kiko and I had discussed this in a bit of detail, but as I don't have an EFI board im kinda stuck. If you can get to the RAM before it is over written, the signature should still be there even after an os is loaded. (most OSes will not write 0s to ram on bootup.)

 

the EFI_SYSTEM_TABLE_POINTER is a struckt made up of two uint64 and a uint32 the struct sits on a 4M boundary basically multiples of 0x400000 acording to the EFI spec section 16.4.2 or 3 you should do a search for the EFI_SYSTEM_TABLE_SIGNATURE to find it the signature is 0x5453595320494249 it is followed by the table pointer and then by a crc32 of the first two structures

 

With this info we know the boundarys we need to look at and its should start at the 4gig limit, 0xFFFFFFFF, for 32-bit systems and work backwards.

 

Like I said, don't have an EFI board otherwise I would try to find the address of this myself. Once we have the address of the Table we should be able to find the addresses needed to call the EFI shell and make it happy. Once the addresses are found a simple boot sector should be able to accomplish most of what we want.

[bofors]

Honestly, searching for the Signatures in RAM will probably be your best bet.

I think that is the plan.

 

With this info we know the boundarys we need to look at and its should start at the 4gig limit, 0xFFFFFFFF, for 32-bit systems and work backwards.

When you say 32-bit systems, you mean 32-bit OS, right? I mean, my Pentium D has 64-bit extensions but OSx86 is effectively 32-bit, so I would still start searching at 0xFFFFFFFF.

 

I am thinking about a writing a simple C program to look for the signature.

 

Once the addresses are found a simple boot sector should be able to accomplish most of what we want.

 

Can you explain this? What about the ExitBootServices() issue?

[Mrcollins]

When is say 32-bit I mean not running in the 64-bit extended mode but also not in the 16-bit real mode. Basically 32-bit protected running with out physical address extentions (PAE). the first address possible should be 0xFF800000and just keep subtracting 0x400000 from that. the signature should line up on on off those addresses.

 

As far as what I was talking about with the boot loader, one could write an asembly boot block that gets the processor in to 32-bit protected, loads the registers on the Processor with the Table address, or what ever else was needed (I can't remember at this point) and do a jump into the correct section of EFI or load the EFI shell from a disk or even just embed the efi shell onto the said "boot disk".

[mifki]

Ok well the efi shell could do that i guess (boot form the sample imp.) and dumpmem from there i guess.

[mifki]

Ok well we have gotten some new ideas on flashing a intel board, we are going to make somemore chnages then we will be ready to flash it (Apple Firmware) to a real board, stay tuned for more news

[guyin916]

woohoo!

[McSkywalker]

Dark side of the force

[munky]

OMFG! The perfect mac clone is getting closer....

 

Someone will have to compile a semthex/mifki kernel with the EFI stuff restored

 

Once we can flash intel boards (and hopefully ATI cards too) the ONLY difference between our clones and the real thing will be the TPM, which artoo will take care of for us. Amazing stuff!

[elsler]

I have a Intel 945 gtp board just waiting for this

[sbeehre]

at the moment it wont be 945 or 975s they will come later on

[Proteo]

at the moment it wont be 945 or 975s they will come later on

 

What boards can we expect it will work with? (I mean for now)

[elsler]

well i have a 965 as well so im still hoping

[sbeehre]

is it an intel 965 board?

[elsler]

no its an asus p5b but hey ill buy a intel one if i need to

[sbeehre]

other manufacturers boards may not be EFI compatible

[abcslayer]

At least your board must have a 1MB Flash device (megabytes not bits) For Intel board flashing we must bypass FW ID checking of the Intel flashing tool

[mifki]

yah 965 intel first, then we add suppoort for other intel boards such as the 975, 945 and 915

[munky]

out of interest, why is 945 a problem, given that the intel macs (iirc) are 945 based?

[lord_muad_dib]

ok.. seems i have to attach a flash chip on my nforce4 with some glue first

[mifki]

lol,

 

and to munky, the 945 aint a problem ( I have a BadAxe, do you think im gonna let it drop that easily ) its just that in a previous flash attempt all the hardware mapped to the wrng places, so we are now trying a different method that should work 100% (or 99.9%) support will be added for the other intel boards easily its just a mix and match situtaion (mixing the intel drivers witht he apple files and removign the intel csm), abcslayer, we already have fixed iflash for a revious flash attempt, (945 --> 915) it worked we got it bootign via boot.efi but a lot of things were mapped wrong so they didnt work (such as USB and Audio and a couple of ohter vital components)

[elsler]

hmm to buy an intel p965 board or not ??

[mifki]

no, not till we say so lol, no point buying something incompatible and its a G965 btw not a P965