Clover General discussion

MacNB · April 24, 2020

On 6/24/2019 at 12:34 AM, vector sigma said:

To be clear I've already checked the kernel and the below code seems to at least patch all occurrences as it is programmed for:


BOOLEAN KernelIvyBridgeXCPM(VOID *kernelData, LOADER_ENTRY *Entry, BOOLEAN use_xcpm_idle)
{
  UINT8       *kern = (UINT8*)kernelData;
  CHAR8       *comment;
  UINT32      i;
  UINT32      patchLocation;
  UINT64      os_version = AsciiOSVersionToUint64(Entry->OSVersion);

  // check whether Ivy Bridge
  if (gCPUStructure.Model != CPU_MODEL_IVY_BRIDGE) {
    DBG("Unsupported platform.\nRequires Ivy Bridge, aborted\n");
    DBG("KernelIvyBridgeXCPM() <===FALSE\n");
    return FALSE;
  }

  // check OS version suit for patches
  // PMheart: attempt to add 10.14 compatibility
  if (os_version < AsciiOSVersionToUint64("10.8.5") || os_version >= AsciiOSVersionToUint64("10.15")) {
    DBG("Unsupported macOS.\nIvy Bridge XCPM requires macOS 10.8.5 - 10.13.x, aborted\n");
    DBG("KernelIvyBridgeXCPM() <===FALSE\n");
    return FALSE;
  } else if (os_version >= AsciiOSVersionToUint64("10.8.5") && os_version < AsciiOSVersionToUint64("10.12")) {
    // 10.8.5 - 10.11.x no need the following kernel patches on Ivy Bridge - we just use -xcpm boot-args
    DBG("KernelIvyBridgeXCPM() <===\n");
    return TRUE;
  }

  DBG("Searching _xcpm_pkg_scope_msr ...\n");
  if (os_version >= AsciiOSVersionToUint64("10.12")) {
    // 10.12+
    patchLocation = 0; // clean out the value just in case
    for (i = 0; i < 0x1000000; i++) {
      if (kern[i+0] == 0xBE && kern[i+1] == 0x07 && kern[i+2] == 0x00 && kern[i+3] == 0x00 &&
          kern[i+4] == 0x00 && kern[i+5] == 0x31 && kern[i+6] == 0xD2 && kern[i+7] == 0xE8) {
        patchLocation = i+7;
        DBG("Found _xcpm_pkg_scope_msr\n");
        break;
      }
    }

    if (patchLocation) {
      for (i = 0; i < 5; i++) {
        kern[patchLocation+i] = 0x90;
      }
      DBG("Applied _xcpm_pkg_scope_msr patch\n");
    } else {
      DBG("_xcpm_pkg_scope_msr not found, patch aborted\n");
      DBG("KernelIvyBridgeXCPM() <===FALSE\n");
      return FALSE;
    }
  }

  comment = "_xcpm_bootstrap";
  if (os_version <= AsciiOSVersionToUint64("10.12.5")) {
    // 10.12 - 10.12.5
    STATIC UINT8 find[] = { 0x83, 0xC3, 0xC4, 0x83, 0xFB, 0x22 };
    STATIC UINT8 repl[] = { 0x83, 0xC3, 0xC6, 0x83, 0xFB, 0x22 };
    applyKernPatch(kern, find, sizeof(find), repl, comment);
  } else if (os_version < AsciiOSVersionToUint64("10.13")) {
    // 10.12.6
    STATIC UINT8 find[] = { 0x8D, 0x43, 0xC4, 0x83, 0xF8, 0x22 };
    STATIC UINT8 repl[] = { 0x8D, 0x43, 0xC6, 0x83, 0xF8, 0x22 };
    applyKernPatch(kern, find, sizeof(find), repl, comment);
    // PMheart: attempt to add 10.14 compatibility
  } else if (os_version < AsciiOSVersionToUint64("10.15")) {
    // 10.13/10.14
    STATIC UINT8 find[] = { 0x89, 0xD8, 0x04, 0xC4, 0x3C, 0x22 };
    STATIC UINT8 repl[] = { 0x89, 0xD8, 0x04, 0xC6, 0x3C, 0x22 };
    applyKernPatch(kern, find, sizeof(find), repl, comment);
    // PMheart: attempt to add 10.15 compatibility
  } else if (os_version < AsciiOSVersionToUint64("10.16")) {
    STATIC UINT8 find[] = { 0x8D, 0x43, 0xC4, 0x3C, 0x22 };
    STATIC UINT8 repl[] = { 0x8D, 0x43, 0xC6, 0x3C, 0x22 };
    applyKernPatch(kern, find, sizeof(find), repl, comment);
  }

uless my cpu isn't involved, but should since is it a Core i5 3210M if I correctly understood the code.

Can anyone confirm that this (actually the latest code) works with 10.15.4 ?

I set KernelXCPM=Yes and for 10.14.6, XCPM mode is enabled.

If I now boot 10.15.4, with the same config.plist file, XCPM mode is not enabled.

Is this patch still valid:

.
.
.
else if (os_version < AsciiOSVersionToUint64("10.16")) {
    STATIC UINT8 find[] = { 0x8D, 0x43, 0xC4, 0x3C, 0x22 };
    STATIC UINT8 repl[] = { 0x8D, 0x43, 0xC6, 0x3C, 0x22 };
    applyKernPatch(kern, find, sizeof(find), repl, comment);
.
.
.

Edited April 24, 2020 by MacNB

vector sigma · April 24, 2020

Sorry I'm still with 10.15.3

MacNB · April 24, 2020

7 minutes ago, vector sigma said:

Sorry I'm still with 10.15.3

10.15.3 is > 10.15 which means it is < 10.16 which means that patch must be getting applied for you.

If you run this check from terminal:

sysctl -n machdep.xcpm.mode

does it return 1 or 0 ?

thx

vector sigma · April 24, 2020

8 minutes ago, MacNB said:
10.15.3 is > 10.15 which means it is < 10.16 which means that patch must be getting applied for you.

If you run this check from terminal:
sysctl -n machdep.xcpm.mode 
does it return 1 or 0 ?

thx

Of course that is working, but you ask something else

MacNB · April 24, 2020

41 minutes ago, vector sigma said:

Of course that is working, but you ask something else

Oh. So XCPM is enabled for you on Ivy Bridge ?

What do you think I am asking ?

vector sigma · April 24, 2020

4 minutes ago, MacNB said:

What do you think I am asking ?

if work in 10.15.4 and I answered I'm still in 10.15.3 which works fine but sorry I'm not sure what you miss.

MacNB · April 24, 2020

12 minutes ago, vector sigma said:

if work in 10.15.4 and I answered I'm still in 10.15.3 which works fine but sorry I'm not sure what you miss.

What I missed was that I was looking at the code above (posted back in June 2019) and according to that logic it should not work for 10.15.3.

But I just checked the latest patch code and now I understand why it works for you:

else if (os_version < AsciiOSVersionToUint64("10.15")) {
    // 10.13/10.14
    STATIC UINT8 find[] = { 0x89, 0xD8, 0x04, 0xC4, 0x3C, 0x22 };
    STATIC UINT8 repl[] = { 0x89, 0xD8, 0x04, 0xC6, 0x3C, 0x22 };
    applyKernPatch(kern, find, sizeof(find), repl, comment);
    // PMheart: attempt to add 10.15 compatibility
  } else if (os_version < AsciiOSVersionToUint64("10.15.4")) {
    STATIC UINT8 find[] = { 0x8D, 0x43, 0xC4, 0x3C, 0x22 };
    STATIC UINT8 repl[] = { 0x8D, 0x43, 0xC6, 0x3C, 0x22 };
    applyKernPatch(kern, find, sizeof(find), repl, comment);
  } else if (os_version < AsciiOSVersionToUint64("10.16")) {
    STATIC UINT8 find[] = { 0x80, 0xC3, 0xC4, 0x80, 0xFB, 0x42 };
    STATIC UINT8 repl[] = { 0x80, 0xC3, 0xC6, 0x80, 0xFB, 0x42 };
    applyKernPatch(kern, find, sizeof(find), repl, comment);

For 10.15.4+, that patch does not work. I think I need to raise a bug.

Thx for bearing with me.

vector sigma · April 24, 2020

You have to look at your kernel for find bytes if still exist

else if (os_version < AsciiOSVersionToUint64("10.16")) {

STATIC UINT8 find[] = { 0x80, 0xC3, 0xC4, 0x80, 0xFB, 0x42 };

STATIC UINT8 repl[] = { 0x80, 0xC3, 0xC1, 0x80, 0xFB, 0x42 };

applyKernPatch(kern, find, sizeof(find), repl, comment);

}

Edited April 24, 2020 by vector sigma

MacNB · April 24, 2020

20 minutes ago, vector sigma said:

You have to look at your kernel for find bytes if still exist

else if (os_version < AsciiOSVersionToUint64("10.16")) {

STATIC UINT8 find[] = { 0x80, 0xC3, 0xC4, 0x80, 0xFB, 0x42 };

STATIC UINT8 repl[] = { 0x80, 0xC3, 0xC1, 0x80, 0xFB, 0x42 };

applyKernPatch(kern, find, sizeof(find), repl, comment);

}

Bites 0x80, 0xC3, 0xC4, 0x80, 0xFB, 0x42 exists and gets patched I think but that does not enable XCPM.

BTW, in the replace bytes you quoted above ( 0x80, 0xC3, 0xC1, 0x80, 0xFB, 0x42) there's one byte different from the sources. The 0xC1 should be 0xC6 for Ivy Bridge ?.

Alpha22 · April 24, 2020

@Slice

Quote

Check if you have invisible file on EFI partition

.VolumeLabel.txt

no invisible files on the EFI partition

Quote

And tell us what is the method to install Clover you used.

Clover_r5114.pkg I install on usb and try

vector sigma · April 24, 2020

3 hours ago, MacNB said:

Bites 0x80, 0xC3, 0xC4, 0x80, 0xFB, 0x42 exists and gets patched I think but that does not enable XCPM.

BTW, in the replace bytes you quoted above ( 0x80, 0xC3, 0xC1, 0x80, 0xFB, 0x42) there's one byte different from the sources. The 0xC1 should be 0xC6 for Ivy Bridge ?.

~~not for Ivy bridge, yuo mean as 'mov' in assembly?..could be. Tried?~~ edit, yes you're right

Edited April 24, 2020 by vector sigma

stinga11 · April 24, 2020

Greetings, I spent a while without using clover trying other bootloaders but in the end I decided to go back to clover and noticed that one of the functions I used before now doesn't work. In my drivers folder I have the NTFS.efi driver and in (boot/default Boot Volume) I wrote "System Reserved" and it does not work instead of showing that partition by default the one of Mac continues to appear.

vector sigma · April 24, 2020

Just updated to 10.15.5 Beta 2 (19F62f) and the xcpm patch doesn't work

MacNB · April 24, 2020

2 hours ago, vector sigma said:

Just updated to 10.15.5 Beta 2 (19F62f) and the xcpm patch doesn't work

Thanks for updating your system and testing.

You're probably in a better influencing position than me to report it ?

Edited April 24, 2020 by MacNB

mick3lson · April 24, 2020

I have updated clover to version 5114, my theme work well, I've found two dots near the custom title, It's only cosmetic issue, but up to the version 5107 wasn't there.

vector sigma · April 25, 2020

4 hours ago, MacNB said:

Thanks for updating your system and testing.

You're probably in a better influencing position than me to report it ?

For my laptop is a tragedy, so yes I'll start immediately to stalk all devs

Alpha22 · April 25, 2020

even with these two Themes I have written twice 5114

Slice · April 25, 2020

2 hours ago, Alpha22 said:

even with these two Themes I have written twice 5114

It means your USB stick is named "5114" don't know why.

vector sigma · April 25, 2020

a 'diskutil list' can show it

Alpha22 · April 25, 2020

5 hours ago, Slice said:

It means your USB stick is named "5114" don't know why.

that's right, you have advice on how to name it

Edited April 25, 2020 by Alpha22

Slice · April 25, 2020

Finder rename?

Pene · April 25, 2020

@Badruzeus

Can you confirm if this change produces you a working binary on your Linux?

Pene · April 25, 2020

On 4/25/2020 at 2:46 AM, mick3lson said:

I have updated clover to version 5114, my theme work well, I've found two dots near the custom title, It's only cosmetic issue, but up to the version 5107 wasn't there.

Corrected in master.

Pene · April 26, 2020

@Slice

Something is wrong in this commit.

I am getting into an endless loop in kext_patcher, and it hangs before macOS starts loading.

Alpha22 · April 26, 2020

@Slice

I tried installing Clover_r5114 on the hard drive, it should be ok

Edited April 26, 2020 by Alpha22

Clover General discussion

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites