Bootloader Chameleon 2.4svn Official PKG Installer

[Micky1979]

Does it support newer cpu? also, can you clean up the print log a little bit, kinda messy

This require additional study/work.

No good idea to silence all log from my side when you use KernelPatcher module, because basically you're using a patched kernel. This happen also with Clover when you play with some options in the config.

ATM the code for unsupported CPU need an update:

 

if(cpus == CPU_MODEL_UNKNOWN)

            {

                switch(Platform.CPU.Model)

                {

                    case 13:

                    case CPUID_MODEL_YONAH:

                    case CPUID_MODEL_MEROM:

                    case CPUID_MODEL_PENRYN:

                    case CPUID_MODEL_NEHALEM:

                    case CPUID_MODEL_FIELDS:

                    case CPUID_MODEL_DALES:

                    case CPUID_MODEL_NEHALEM_EX:

                        // Known cpu's we don't want to add the patch

                        return;

                        break;

                        

                    default:

                        // CPU not in supported list, so we are going to add

                        // The patch will be applied

                        break;

                        

                }

            }

            else

 

but this is the only easy thing

 

EDIT

 

best would be that unsupported CPU it is decided by OS version.

Is the difference between Enoch and Chameleon just the GUI? I searched the net but nothing comes up.

 

Thank you

Chameleon is the main Trunk, Enoch is a branch. Enoch is Up-to-date, Chameleon not.

Basically You can't find any difference running Enoch or Chameleon.

[mendietinha]

Chameleon is the main Trunk, Enoch is a branch. Enoch is Up-to-date, Chameleon not.

Basically You can't find any difference running Enoch or Chameleon.

 

that is it. enoch, for example does boot el capitan, cham not yet. they update more slowly.

[Onixs]

that is it. enoch, for example does boot el capitan, cham not yet. they update more slowly.

Branch is usually gets updated first before making it to the main trunk

[Micky1979]

Yep, also because we are only at DP2...

[Pike R. Alpha]

Please release all changed source code a.s.a.p. (Github is hugely preferable) so that I can help you to protect all OS X El Capitan installations from having a free walk in to folks like Hacking Team (Hacked in late 2014 already) and others.

 

The crux here is to not inject rootless=0 (not by any means) and let the filesystem be protected.

[mendietinha]

Please release all changed source code a.s.a.p. (Github is hugely preferable) so that I can help you to protect all OS X El Capitan installations from having a free walk in to folks like Hacking Team (Hacked in late 2014 already) and others. The crux here is to not inject rootless=0 (not by any means) and let the filesystem be protected.

 

a good soul right there.

[joe75]

with chameleon starting by loading of kernelcache it begins unprotected

 

nothing is protected while sudo tools are still in affect regardless of "rootless"

 

users are lazy and will keep system protection disabled; look how many see no problem leaving an ESP always mounted..

[Micky1979]

if boot.efi is replaced by someone, chameleon is even safe ...(I'm kidding  )

[Slice]

if boot.efi is replaced by someone, chameleon is even safe ...(I'm kidding  )

Very vital! Someone uses Chameleon and decided to replace boot.efi….

[Micky1979]

Very vital! Someone uses Chameleon and decided to replace boot.efi….

☞ https://pikeralpha.wordpress.com/2015/07/08/el-capitan-should-not-be-booted-with-rootless0/

 

....(I'm kidding   )

 

sorry Slice this was a joke (quip) on what of Pike said (that was a quip too, or a example) about replacing boot.efi and the Hacking Team already hacked by someone else.....

 

I hope that no one believes in fairy tales (about my post)  ..It was made to smile .. 

 

 

EDIT

I agree to the safety problem using rootless.

[deek5]

Hello,

El Capitan version 15A216g, Enoch 2725 can"t boot with kextcache or prelinkedkernel, boot just without ( kernelflags -v -f npci=0x2000 rootless kext-dev-mode=1)

[deek5]

Sorry, I just checked with Enoch rev.2732.pkg, everything works with the version of 15A216g Elcapitan.
Thank you for everything

[mendietinha]

is it booting normally in public beta?

[Pike R. Alpha]

Clarification: The replacement of boot.efi can be misused on real (genuine) Macs, but other EFI boot loader like Clover are also vulnerable. Just like legacy boot loaders i.e. Chameleon but then you don't need to replace boot.efi (old news hehe).

 

 

p.s. Sorry for my late reply here, but I was invited to show off the vulnerability IRL and I am told that it will be patched soon.

[ErmaC]

TEST:
- I remove the auto injection of rootless=0 for OS X 10.11 put it at prompt if you need
- Same thing for kext-dev-mode=1 you have to add it by yourself for OS X 10.11 El Capitan, still auto injected for Yosemite.



Let me know.

Cordially

ErmaC

[chris1111]

Test   El Capitan Public Beta   and boot  no Flag  rootless=0

Boot verry fast 

 

My audio and network  works 

Congrats but bdmesg indicate flag   kex-dev-mode=1 and I just flag -v 

 

This is my boot plist

 

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">

<plist version="1.0">

 

<dict>

<key>ShowInfo</key>

<string>Yes</string>

<key>Graphics Mode</key>

<string>1024x768x32</string>

<key>GraphicsEnabler</key>

<string>No</string>

<key>Instant Menu</key>

<string>Yes</string>

<key>Legacy Logo</key>

 <string>No</string>

 <key>Kernel</key>

<string>kernel</string>

<key>Kernel Flags</key>

<string>-v</string>

<key>UseKernelCache</key>

<string>Yes</string>

 

</dict>

 

</plist>

[crazybirdy]

TEST:

- I remove the auto injection of rootless=0 for OS X 10.11 put it at prompt if you need

- Same thing for kext-dev-mode=1 you have to add it by yourself for OS X 10.11 El Capitan, still auto injected for Yosemite.

 

TEST_rev.2736.zip

 

Let me know.

 

Cordially

 

ErmaC

 same as chris1111.

 

Boot with -f only, but bdmesg indicate flag  kex-dev-mode=1 and -f.

[Fabio1971]

TEST:

- I remove the auto injection of rootless=0 for OS X 10.11 put it at prompt if you need

- Same thing for kext-dev-mode=1 you have to add it by yourself for OS X 10.11 El Capitan, still auto injected for Yosemite.

 

TEST_rev.2736.zip

 

Let me know.

 

Cordially

 

ErmaC

same, boot with -v only, but bdmesg indicate flag -v kex-dev-mode=1 

 

Fabio

[ErmaC]

Ok...
sorry guys...
This is the correct one...



ErmaC

[crazybirdy]

Ok...

sorry guys...

This is the correct one...

 

TEST2_rev.2736.zip

 

ErmaC

 

rootless=0 and kext-dev-mode=1, both no more exist now. :thumbsup_anim:

--

Tested in El Capitan Public Beta

[Pike R. Alpha]

Update: I committed the required changes to your Github repository. Have fun now

[Micky1979]

 

I saw... fantastic

[Fabio1971]

Ok...

sorry guys...

This is the correct one...

 

TEST2_rev.2736.zip

 

ErmaC

test two systems result 

Boot Args: -v npci=0x2000 kext-dev-mode=1
Boot Args: -v kext-dev-mode=1

Fabio

[ErmaC]

test two systems result 

Boot Args: -v npci=0x2000 kext-dev-mode=1
Boot Args: -v kext-dev-mode=1

Fabio

 

???

Where you test? on Yosemite or on El Capitan?

 

ErmaC

[ErmaC]

Update:

Enoch 2737 with latest SVN commits + Pike's changes.

-> http://www.insanelymac.com/forum/files/file/71-enoch/

 

ErmaC