Jump to content
Andy Vandijck

AutoAMDTool 1.0 (Automatic system decrypter + cpuid patcher)T

18 posts in this topic

Recommended Posts

I have written a tool to auto-patch cpuids and auto-decrypt system binaries on Mountain Lion and Lion.

It is based on AutoAPBDecrypt but uses a launcher to elevate itself to admin rights.

This way it can directly patch and replace the system binaries. ;)

Pre-built binaries for Mountain Lion and Lion are built.

Source is, as usual, also included in the zip package.

Make sure you do a Time Machine backup just to be safe.

Enjoy ;)

AutoAMDTool.zip

Share this post


Link to post
Share on other sites
Advertisement

Hi Andy, I've tried the tool as soon as I start the tool and select them the partition, the tool breaks down and closes.

PS: I've put all binaries in the original condition (Intel) and then tested with your new tool

 

after I have the tool enabled a second time I get a kernel panic.

Edited by spakk

Share this post


Link to post
Share on other sites

Hi Andy, I've tried the tool as soon as I start the tool and select them the partition, the tool breaks down and closes.

PS: I've put all binaries in the original condition (Intel) and then tested with your new tool

 

after I have the tool enabled a second time I get a kernel panic.

That's odd.

The crash is related to the opemu... :s

Share this post


Link to post
Share on other sites

Interesting. If i'm not wrong, a 32-bit instruction, right?

Somewhere in the user trap.

Not sure wether it is 32/64 bit.

By default my app is 64bit but it does support running in 32-bit (Right click, Get Info, 32-bit).

Could I get some more feedback please?

I need other testers since I am at a loss...

It should work just fine the way it is...

Share this post


Link to post
Share on other sites

Running Lion 10.7.5 with ItTz ShAnE's kernel (XNU 11.4.0).

 

$ ./AutoAMDToolLauncher.app/Contents/Resources/MacOS/AutoAMDToolLauncher
./AutoAMDToolLauncher
objc[386]: Object 0x104c1d330 of class NSPathStore2 autoreleased with no pool in place - just leaking - break on objc_autoreleaseNoPool() to debug
objc[386]: Object 0x104c1d690 of class NSPathStore2 autoreleased with no pool in place - just leaking - break on objc_autoreleaseNoPool() to debug
objc[386]: Object 0x104c1da30 of class __NSCFString autoreleased with no pool in place - just leaking - break on objc_autoreleaseNoPool() to debug
objc[386]: Object 0x104c1daa0 of class NSPathStore2 autoreleased with no pool in place - just leaking - break on objc_autoreleaseNoPool() to debug
objc[386]: Object 0x104c1dc10 of class NSPathStore2 autoreleased with no pool in place - just leaking - break on objc_autoreleaseNoPool() to debug
objc[386]: Object 0x104c1dd10 of class NSPathStore2 autoreleased with no pool in place - just leaking - break on objc_autoreleaseNoPool() to debug
objc[386]: Object 0x104c1de20 of class NSPathStore2 autoreleased with no pool in place - just leaking - break on objc_autoreleaseNoPool() to debug
objc[386]: Object 0x104c1d8d0 of class __NSCFData autoreleased with no pool in place - just leaking - break on objc_autoreleaseNoPool() to debug
$

After authenticating, it asks where to scan, then, after an unbelievably short time, it disappears. I guess it's crashing?

 

Now I'll try with my nVidia card just in case it did do anything.

 

EDIT: Aha! I ran this directly from Terminal. It's been scanning and spewing output for the past few minutes.

 

 

$ sudo AutoAMDTool/Release\ Lion/AutoAMDToolLauncher.app/Contents/Resources/AutoAMDTool.app/Contents/MacOS/AutoAMDTool
...lots of this
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
Patch report: 0 instructions patched, 0 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 0 bad instructions, patches bypassed: NO
ERROR: Unsupported or no Mach-O file
Patch report: 0 instructions patched, 0 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 0 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 1 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 1 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 0 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 0 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 0 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 0 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 0 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 0 bad instructions, patches bypassed: NO
Patching universal binary (50 architectures)
Skipping non-Intel architecture (0)
Skipping non-Intel architecture (1)
Skipping non-Intel architecture (2)
Skipping non-Intel architecture (3)
Skipping non-Intel architecture (4)
Skipping non-Intel architecture (5)
Skipping non-Intel architecture (6)
Skipping non-Intel architecture (7)
Skipping non-Intel architecture (8)
Skipping non-Intel architecture (9)
Skipping non-Intel architecture (10)
Skipping non-Intel architecture (11)
Skipping non-Intel architecture (12)
Skipping non-Intel architecture (13)
Skipping non-Intel architecture (14)
Skipping non-Intel architecture (15)
Skipping non-Intel architecture (16)
Skipping non-Intel architecture (17)
Skipping non-Intel architecture (18)
Skipping non-Intel architecture (19)
Skipping non-Intel architecture (20)
Skipping non-Intel architecture (21)
Skipping non-Intel architecture (22)
Skipping non-Intel architecture (23)
Skipping non-Intel architecture (24)
Skipping non-Intel architecture (25)
Skipping non-Intel architecture (26)
Skipping non-Intel architecture (27)
Skipping non-Intel architecture (28)
Skipping non-Intel architecture (29)
Skipping non-Intel architecture (30)
Skipping non-Intel architecture (31)
Skipping non-Intel architecture (32)
Skipping non-Intel architecture (33)
Skipping non-Intel architecture (34)
Skipping non-Intel architecture (35)
Skipping non-Intel architecture (36)
Skipping non-Intel architecture (37)
Skipping non-Intel architecture (38)
Skipping non-Intel architecture (39)
Skipping non-Intel architecture (40)
Skipping non-Intel architecture (41)
Skipping non-Intel architecture (42)
Skipping non-Intel architecture (43)
Skipping non-Intel architecture (44)
Skipping non-Intel architecture (45)
Skipping non-Intel architecture (46)
Skipping non-Intel architecture (47)
Skipping non-Intel architecture (48)
Skipping non-Intel architecture (49)
ERROR: Unsupported or no Mach-O file
Patch report: 0 instructions patched, 0 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 0 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 1 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 1 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 0 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 0 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 0 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 0 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 0 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 0 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 0 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 0 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 3 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 0 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 6 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 1 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 0 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 0 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 0 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 0 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 0 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 0 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 0 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 0 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 8 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 0 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 0 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 0 bad instructions, patches bypassed: NO
ERROR: Unsupported or no Mach-O file
Patch report: 0 instructions patched, 0 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 0 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 0 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 17 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 5 bad instructions, patches bypassed: NO
Patch report: 0 instructions patched, 0 bad instructions, patches bypassed: NO
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file
ERROR: Unsupported or no Mach-O file

...lots of this

 

 

EDIT2: It froze again...

 

EDIT3: I rebooted and tried the 7600GS, just a grey screen with the cursor stuck in the top left corner as usual...

 

EDIT4: Now running Bronzovka's kernel with arch=i386. I was going to try running the tool on /S/L/E only, however it won't scan if I enter "/System/Library/Extentions/" in the box: the following is outputted.

$ sudo sudo AutoAMDTool/Release\ Lion/AutoAMDToolLauncher.app/Contents/Resources/AutoAMDTool.app/Contents/MacOS/AutoAMDTool
2013-02-02 14:39:17.642 AutoAMDTool[252:1a0f] *** -[NSLock unlock]: lock (<NSLock: 0x7fbb4ba20c30> '(null)') unlocked from thread which did not lock it
2013-02-02 14:39:17.643 AutoAMDTool[252:1a0f] *** Break on _NSLockError() to debug.

 

I tried running on / again but captured its output this time before it froze. See attached file.

AutoAMDTool.log.zip

Share this post


Link to post
Share on other sites

Logged on with root.

 

Still crash at the launcher, running from the package contents now. It's working like above mentioned.

 

EDIT: Logging on as root and running it from inside the package contents seems to work. 10 min in the scan of system and hasn't crashed yet! Will update when it's done, or if It crashes

 

EDIT 2: Guess I was very wrong! It killed all my HDD Space for that partition, Click here to view

 

EDIT 3: Copied Extensions to desktop then, Open the package contents again, till the AutoAMDTool in the MacOS folder, ran it in terminal as sudo. Like so:

 

Durans-Mac-Pro:~ durankeeley$ sudo /Users/durankeeley/Desktop/Release\ Mountain\ Lion/AutoAMDToolLauncher.app/Contents/Resources/AutoAMDTool.app/Contents/MacOS/AutoAMDTool

 

. And got the following lines, basically like "instant idiot's" first EDIT.

http://pastebin.com/cDXsMhGv

 

ERROR: Unsupported or no Mach-O file

2013-02-02 20:06:17.925 AutoAMDTool[267:a207] *** -[NSLock unlock]: lock ( '(null)') unlocked from thread which did not lock it

2013-02-02 20:06:17.925 AutoAMDTool[267:a207] *** Break on _NSLockError() to debug

Share this post


Link to post
Share on other sites

Hi Andy, I've tried the tool as soon as I start the tool and select them the partition, the tool breaks down and closes.

PS: I've put all binaries in the original condition (Intel) and then tested with your new tool

 

after I have the tool enabled a second time I get a kernel panic.

 

Hi Andy, I now have everything reinstalled and modified binaries with your tool, unfortunately I get the same message Panic! opemu_utrap the exact same panic message. can it be that the Phenom II X6 T1100 not properly supported entirely by the kernel? Because it's very annoying gradually all other user does not have these problems.

 

as I have already described several times, does this panic message as soon as I open a program or want to, for example, to copy something or want to edit something. :wallbash: :wallbash:

:wallbash: :wallbash:

Share this post


Link to post
Share on other sites

 

 

Hi Andy, I now have everything reinstalled and modified binaries with your tool, unfortunately I get the same message Panic! opemu_utrap the exact same panic message. can it be that the Phenom II X6 T1100 not properly supported entirely by the kernel? Because it's very annoying gradually all other user does not have these problems.

 

as I have already described several times, does this panic message as soon as I open a program or want to, for example, to copy something or want to edit something. :wallbash: :wallbash:

:wallbash: :wallbash:

 

I have a 1050T so not too sure about that. But I'm using an older kernel has I said before, which kernel are you using maybe I can test with that one later today.

 

EDIT: Ok so I did uname -v and I have the same kernel build as your screenshot. I don't know what could be different, I install using iatkos and replaced corecrypto.kext but I did have to use VoodooTSCSync cause DSDT I just can't do, so that allows for all my cores and not have to boot with cpus=1

Share this post


Link to post
Share on other sites

IF anyone is wondering that tests this tool "Unsupported or no Mach-O file" is when amd_insn_patcher runs over a non binary file. So ignore that error.

 

Hi Duran Keeley has the tool works for you? If so? then please upload the binaries which has found the tool here so I can test it.

Share this post


Link to post
Share on other sites

Hi Duran Keeley has the tool works for you? If so? then please upload the binaries which has found the tool here so I can test it.

 

It seems to stop as like if i just run AutoAPBDecrypt 1.1 itself on the NSLock unlock error after amd_inst_patcher has run over files so I guess it has?? To be honest I'm gonna have to reinstall because I have no idea what is patched. If I run AutoAPBDecrypt now my SysDecrypts is empty.

 

I tried to do my whole partition from root user but it killed ALL of my HHD space, like 20GB free to 200mb free :o

Share this post


Link to post
Share on other sites

It seems to stop as like if i just run AutoAPBDecrypt 1.1 itself on the NSLock unlock error after amd_inst_patcher has run over files so I guess it has?? To be honest I'm gonna have to reinstall because I have no idea what is patched. If I run AutoAPBDecrypt now my SysDecrypts is empty.

 

I tried to do my whole partition from root user but it killed ALL of my HHD space, like 20GB free to 200mb free :o

 

I have done differently, I connected my Mountain Lion-USB HDD on my laptop with Mountain Lion and have started the AutoAPBDecrypt 1.1 .There are found seven binaries than i've put these manually into the right place.

Share this post


Link to post
Share on other sites

I have done differently, I connected my Mountain Lion-USB HDD on my laptop with Mountain Lion and have started the AutoAPBDecrypt 1.1 .There are found seven binaries than i've put these manually into the right place.

 

Yeah that would work even better :D

Share this post


Link to post
Share on other sites

Ok so using it on 10.8.3 from 10.7.5

 

Same 7 files,

 

Does anyone else have the problem where every 2 minutes it uses about 1GB of HHD space!???

 

EDIT: Starts to settle down after quitting, thanks again Andy.

Share this post


Link to post
Share on other sites

Mods, could you please move the topic to the AMD Development forum (if Andy agrees, of course)?

It doesn't matter to me.

It may be moved if you think it should be placed there ;)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By Fede1132
      Hi guys i have a problem install macOs Mojave on my PC, I have this configuration:

      CPU: Ryzen 7 2700X;
      GPU1: GTX 970 Strix(For game rendering and 144Hz Monitor);
      GPU2: GTX 750ti Strix(For 2nd monitor rendering to get 100% performances from 1st 144Hz Monitor);
      MotherBoard: MSI x470 GAMING PLUS
      Hard Disk 1 (Windows 10): Samsung EVO M.2;
      Hard Disk 2 (For Storage): RAID (1) between two hard disks;
      Hard Disk 3 (For Mojave): Kingston SSD 120GB;

      I have created my USB with this:
       
      Create Bootable USB Code: sudo /Applications/Install\ macOS\ Mojave.app/Contents/Resources/createinstallmedia --volume /Volumes/USB -- /Applications/Install\ macOS\ Mojave.app -- nointeract && say Done. Clover Settings: Boot: Verbose; dart=0; nv_disable=0; kext-dev-mode=1; GraphicsEnabler=No; XMPDetection = No. Cpu: C6. Devices: (Not Enabled = [ ] - Enabled = [-] - Full Enabled [✓]) Inject (Full Enabled); Add ClockID (Full Enabled); FixOwnership (Full Enabled); Gui: (Not Enabled = [ ] - Enabled = [-] - Full Enabled [✓]) Enabled (Full Enabled); Screen Resolution: 1920x1080; Kernel and Kext Patches: (Not Enabled = [ ] - Enabled = [-] - Full Enabled [✓]) Apple RTC (Full Enabled); KernelPm (Full Enabled); SMBIOS: iMac(18,3); System Parameters: Inject Kexts = Yes; Inject System ID; Used Kexts: FakeSMC FakePCIID NVIDIA WEB LILU BIOS: VT-d = Disabled; XHCI Hand-Off = Enabled; Legacy USB Support: Enabled; Hard Disk: AHCI Mode; Selection Mode: Legacy + EUFI; Clover Install Log:
      Full Error Log:
       
    • By grisno
      Hi people,
       
      Installer to activate the sound card REALTEK ALC282-v2 (10ec:0282) with LayoutID 1 or 3 in MacOS. This installer does not contain AppleHDA patched Kext. To work properly, it must be installed over vanilla AppleHDA.kext.
       
      I want to thank the whole community for their efforts and content provided, because without these it would not be possible to create this installer.
       
      I would appreciate comments and suggestions!!
       
      Status:
      Speakers : OK Headphones : OK HDMI Audio : OK (Intel HD4K Tested) LineIn : N/A (Model Without LineIn) MicInt : OK MicIntNoiseReduction : OK MicExt : N/A (Model Without MicExt) AutoDetectLineIn : N/A (Model Without LineIn) Sleep : OK WakeUp : OK AutoSleep : OK Hibernate : OK Siri : OK   Tested Laptops:
       
      - HP Pavillion 15-D002SS
       
      Coming Soon:
       
      - Unified installer for the different supported operating systems.
      - Support model with LineIn jack.
       
      Modified Verbs:
      01271C20 01271D00 01271EA0 01271F90 01471C10 01471D00 01471E17 01471F90 01871CF0 01871D00 01871E00 01871F40 01E71CF0 01E71D00 01E71E00 01E71F40 02171C30 02171D10 02171E21 02171F00 01470C02   DSDT:
       
      Patch to apply with MaciASL in your DSDT
      ######################################### HDEF v1.00######################################## into method label _DSM parent_label HDEF remove_entry;into device label HDEF insertbeginMethod (_DSM, 4, NotSerialized)\n{\n If (LEqual (Arg2, Zero)) { Return (Buffer() { 0x03 } ) }\n Return (Package()\n {\n "layout-id", Buffer() { 0x01, 0x00, 0x00, 0x00 },\n //"layout-id", Buffer() { 0x03, 0x00, 0x00, 0x00 },\n "hda-gfx", Buffer() { "onboard-1" },\n "PinConfigurations", Buffer() { },\n })\n}\nend;  
    • By ludufre
      [GUIA] Correção de assinatura BIOS Insyde H2O
       
      Recentemente comprei um notebook Lenovo L440 pra instalar o macOS Mojave e fui substituir a placa wireless pela DW1560 porque a atual não é compatível. Descobri que existia uma whitelist de placas permitidas que as fabricantes estão adotando recentemente (no meu caso utiliza uma bios Phoenix Insyde BIOS H2O).
       
      Procurei em fórums de BIOS MODDING e encontrei pessoas que fizeram o patch pra mim. Só que após substituir a BIOS notei que o computador ficava apitando 5 vezes todas vez que ligava e fui me aprofundar no caso. E foi aí que descobri como resolver isso e por isso criei esse guia baseado nas informações que achei em alguns fóruns russos.
       
       
      Prefácio
       
      Quando a BIOS falha no teste te integridade, algumas funcionalidades Intel AMT param de funcionar e é emitido uma sequência de 5 apitos duas vezes no boot.
      Após modificar para remover whitelist (habilitar placas WI-FI não autorizadas), destravar MSR 0xe2 (hackintosh), habilitar menu avançado, etc. a BIOS não vai passar no teste de integridade causando esse problema.
      Essa verificação de integridade é feita através da assinatura RSA do bloco da BIOS chamado TCPABIOS (mais informações abaixo) com a chave pública no formato modulus 3 também armazenada na BIOS.
      Esse bloco TCPABIOS armazena os checksums de cada volume da BIOS.
       
      O que faremos é gerar novos checkums para esses volumes que foram modificados, gerar um para de chaves RSA (privada e pública), assinar esse bloco com a chave privada e substituir a chave pública.
       
       
      Ferramentas necessárias
       
      - EFITool NE alpha 54: https://github.com/LongSoft/UEFITool/releases
      - HxD 2.1.0: https://mh-nexus.de/en/hxd/
      - OpenSSL: http://gnuwin32.sourceforge.net/packages/openssl.htm (Download -> Binaries)
      - Microsoft File Checksum Integrity Verifier (FCIV.exe): https://www.microsoft.com/en-us/download/details.aspx?id=11533
       
      Passo a passo
       
      Vamos abrir a BIOS modificada, localizar o bloco TCPABIOS e entender sua anatomia.
       
      1. Abra a BIOS no HxD
       

      (Vamos utilizar nesse guia a BIOS modificada no fórum MyDigitalLife.com pelo usuário Serg008 para o notebook Lenovo B590)
       
      2. Busque a palavra TCPABIOS:
       


       
      3. O bloco começa com TCPABIOS e termina com antes de TCPACPUH
       

       
      4. Anatomia:
       
      54 43 50 41 42 49 4F 53 48 31 38 34 61 31 31 2F
      32 36 2F 31 33 49 42 4D 53 45 43 55 52 00 FD 27
      34 2A 35 AB 41 26 39 E3 32 E5 B6 8A D6 49 5B 0B
      77 F9 82 58 48 00 00 00 CE 18 1F 00 00 00 03 00
      00 00 00 00 00 00 27 00 00 00 00 00 00 00 00 00
      00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      00 00 00 00 00 00 00 00 00 00 00 FF FF 83 04 D4
      52 52 95 C5 D7 21 55 78 0E 5C AD 47 EE C4 3D 1D
      C1 EC 69 03 2B 51 A5 42 61 96 22 F9 7B 88 57 B7
      A8 9D D0 20 DB 5B 11 10 55 07 84 6C 62 DF FA 2F
      6A A8 43 0C 8A 40 AF 79 0D 31 DB 5A 5D C8 2F EB
      F8 7C 87 B0 A6 3D 2A 88 AE 91 9D 88 E3 AA 85 E3
      5A B3 91 7F 28 68 1F BA 92 C4 7E 10 F5 1A 7E 75
      A9 6F CE C0 4F BA FA 79 A5 98 2B 50 60 BA 09 73
      7B 03 D1 0C 3E A2 9C 44 DF E9 F2 92 34 7B
       
      Cinza: Nome e informações do bloco
      Vermelho: Informações dos volumes (Checksum e Cabeçalho)
      Azul: Separação da lista de volumes para a assinatura do bloco
      Verde: Assinatura do bloco TCPABIOS são os últimos 128 bytes
       
      Lista de Volumes:
       
      Cada volume tem o formato: 00 FD 27 34 2A 35 AB 41 26 39 E3 32 E5 B6 8A D6 49 5B 0B 77 F9 82 58 48 00 00 00 CE 18 1F 00 00 00 03 00 00 00 00 00
                                                      (prefixo 3 bytes + checksum 20 bytes + offset 4 bytes + tamanho do volume 6 bytes + separador do fim 6 bytes)
       
      Os volumes são enumerados e utilizam o primeiro byte no prefixo para isso (00 FD 27), começando do 0.
      A BIOS utilizada nesse exemplo possui somente um volume, mas no caso de mais de um volume, seria: 00 FD 27 .., 01 FD 27 ..., 02 FD 27 ...
      - Checksum é o cálculo SHA1 do volume.
      - Offset é a posição do volume dentro da BIOS. Os bytes ficam invertidos, nesse caso seria 00 00 00 48 ou seja: 48h
      - Tamanho do volume também está com os bytes invertidos, então: 1F18CEh
       
      Então é isso. Precisamos corrigir essas informações (checksum, offset e tamanho)
       
      5. Para extrair os volumes abra a BIOS com o UEFITool e veja como identificar os volumes (nosso exemplo há somente um volume, se houvessem outros estariam também dentro de EfiFirmwareFileSystemGuid):
       

       
      Na BIOS original, circulado em vermelho podemos ver o nosso volume.
      Observe que em azul temos Offset e verde o tamanho. Exatamente como verificamos acima no HxD. Já na BIOS modificada vemos que está diferente o tamanho:
      Oridinal: 1F18CEh
      Modificada: 1F12D5h (vamos precisar disso mais tarde)
       
      6. Vamos extrair esse volume escolhendo a opção “Extract as is...”
       
       
       
      7. Utilize esse comando para obter o checkum desse volume: fciv.exe -sha1 File_Volume_image_FvMainCompact.ffs
       

       
      Agora temos o checksum que é 396e0dc987219b4369b1b9e010166302ce635202
       
      8. Substitua as informações no bloco TCPABIOS:
       

       
      Observe que o tamanho do volume precisa ter os bytes invertidos, então se o total são 6 bytes e é 1F12D5h, fica D5 12 1F 00 00 00 no lugar de CE 18 1F 00 00 00.
      Se o offset for diferente, também realizar o mesmo procedimento invertendo os bytes.
      Checksum alterar de 34 2A 35 AB 41 26 39 E3 32 E5 B6 8A D6 49 5B 0B 77 F9 82 58 para 39 6E 0D C9 87 21 9B 43 69 B1 B9 E0 10 16 63 02 CE 63 52 02
       
      Faça esse procedimento para cada volume na BIOS.
       
      9. Agora precisamos gerar o checksum de todo o bloco TCPABIOS mas sem considerar os últimos 131 bytes, ou seja desconsiderar de FF FF 83 + 80 bytes da assinatura anterior.
       
      Copie para um novo arquivo no HxD e salve como tcpabios
       

       
      Utilize o comando para gerar o checksum desse bloco: fciv.exe -sha1 tcpabios
       

       
      Checksum do bloco TCPABIOS: 0da6715509839a376b0a52e81fdf9683a8e70e52
       
      Crie um novo arquivo no HxD e adicione 108 bytes com 00 e cole o checksum no final e salve como tcpabios_sha, ficando assim:
       

       
      10. Agora vamos gerar a chave privada RSA com modulus 3: openssl genrsa -3 -out my_key.pem 1024
       

       
      Assinar o arquivo tcpabios_sha: openssl rsautl -inkey my_key.pem -sign -in tcpabios_hash -raw > tcpabios_sign
       

       
      Agora aproveite para gerar a chave publica: openssl rsa -in my_key.pem -outform der -pubout -out my_key_pub.der
       

       
      E gerar modulus 3 da chave pública: openssl rsa -pubin -inform der -in my_key_pub.der -text -noout
       

       
      Copie e cole a chave em um arquivo de texto para utilizar daqui a pouco. Remova todos os “:” e coloque tudo em uma única linha, ficando assim:
       

       
      11.   Abra o arquivo tcpabios_sign no HxD, copie o conteúdo e substitua a assinatura no final do bloco TCPABIOS:
       
       
       
      12. Agora vamos localizar na BIOS o local da chave pública e substituir. Essa chave começa com 12 04 e termina com 01 03 FF e fica após o bloco TCPABBLK.
       
      A chave fica assim: 12 04 + 81 bytes + 01 03 FF. Faça uma busca por 01 03 FF para localizar mais facilmente. Verifique se antes dos 81 bytes tem os bytes 12 04 para ter certeza que achou.
       

       

       
      Agora substitua pela chave pública que ficou anotado no arquivo de texto anteriormente, ficando assim:
       

       
       
      Salve e está pronto. Sua BIOS está assinada e pronta.
       
    • By ludufre
      [GUIDE] Fix Insyde H2O BIOS signature (5 beeps on Lenovo)
       
      I recently bought a Lenovo L440 laptop to install the Mojave macOS and I replaced the wireless card with the DW1560 because the current one is not compatible. I discovered that there was a whitelist of enabled cards that manufacturers are adopting recently (in my case it uses a Phoenix Insyde BIOS H2O).
       
      I searched the BIOS Modding forums and found people who did the patch for me. But after replacing the BIOS I noticed that the computer keep beeping 5 times every time I boot. So, I went deeper into this issue and that's when I figured out how to solve it. Then I created this guide based on the information I found in some Russian forums.
       
      Preface
       
      When the BIOS integrity test fails, some Intel AMT functionality stops working and a sequence of 5 whistles is issued twice at boot.
      After modifying to remove whitelist (enable unauthorized WI-FI cards), unlock MSR 0xe2 (hackintosh), enable advanced menu, etc. the BIOS will not pass the integrity test causing this problem.
      This integrity check is done through the RSA signature of the BIOS block called TCPABIOS (more information below) with the public key in modulus 3 format also stored in the BIOS.
      This TCPABIOS block stores the checksums of each BIOS volume.
       
      What we will do is generate new checksum for those volumes that have been modified, generate a RSA (private and public) key pair, sign that block with the private key, and replace the public key.
       
       
      Tools needed
       
      - EFITool NE alpha 54: https://github.com/LongSoft/UEFITool/releases
      - HxD 2.1.0: https://mh-nexus.de/en/hxd/
      - OpenSSL: http://gnuwin32.sourceforge.net/packages/openssl.htm (Download -> Binaries)
      - Microsoft File Checksum Integrity Verifier (FCIV.exe): https://www.microsoft.com/en-us/download/details.aspx?id=11533
       
      Step by step
       
      Let's open the modified BIOS, locate the TCPABIOS block and understand its anatomy.
       
      1. Open the BIOS with HxD
       

      (We will use the modded BIOS in the MyDigitalLife.com forum by the Serg008 user for the Lenovo B590 laptop in this guide)
       
      2. Find the word TCPABIOS:
       


       
      3. The block starts with TCPABIOS and ends before TCPACPUH
       

       
      4. Anatomy:
       
      54 43 50 41 42 49 4F 53 48 31 38 34 61 31 31 2F
      32 36 2F 31 33 49 42 4D 53 45 43 55 52 00 FD 27
      34 2A 35 AB 41 26 39 E3 32 E5 B6 8A D6 49 5B 0B
      77 F9 82 58 48 00 00 00 CE 18 1F 00 00 00 03 00
      00 00 00 00 00 00 27 00 00 00 00 00 00 00 00 00
      00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      00 00 00 00 00 00 00 00 00 00 00 FF FF 83 04 D4
      52 52 95 C5 D7 21 55 78 0E 5C AD 47 EE C4 3D 1D
      C1 EC 69 03 2B 51 A5 42 61 96 22 F9 7B 88 57 B7
      A8 9D D0 20 DB 5B 11 10 55 07 84 6C 62 DF FA 2F
      6A A8 43 0C 8A 40 AF 79 0D 31 DB 5A 5D C8 2F EB
      F8 7C 87 B0 A6 3D 2A 88 AE 91 9D 88 E3 AA 85 E3
      5A B3 91 7F 28 68 1F BA 92 C4 7E 10 F5 1A 7E 75
      A9 6F CE C0 4F BA FA 79 A5 98 2B 50 60 BA 09 73
      7B 03 D1 0C 3E A2 9C 44 DF E9 F2 92 34 7B
       
      Gray: Name and Block Information
      Red: Volume Information (Checksum and Header)
      Blue: Separation of the list of volumes and the block signature
      Green: Signature of the TCPABIOS block are the last 128 bytes
       
      List of Volumes:
       
      Each volume has the format: 00 FD 27 34 2A 35 AB 41 26 39 E3 32 E5 B6 8A D6 49 5B 0B 77 F9 82 58 48 00 00 00 CE 18 1F 00 00 00 03 00 00 00 00 00
                                              (Prefix 3 bytes + checksum 20 bytes + offset 4 bytes + volume size 6 bytes + end delimiter 6 bytes)
       
      The volumes are enumerated and use the first byte in the prefix for this (00 FD 27), starting at 0.
      The BIOS used in this example has only one volume, but in the case of more than one volume, it would be: 00 FD 27 .., 01 FD 27 ..., 02 FD 27 ...
      - Checksum is SHA1 calculation of the volume.
      - Offset is the volume position within the BIOS. The bytes are inverted, in this case it would be 00 00 00 48, equals to 48h
      - Volume Size is also with the bytes inverted, then: 1F18CEh
       
      Then that's it. We need to correct this information (checksum, offset and size)
       
      5. To extract the volumes open the BIOS with the UEFITool and see how to identify the volumes (our example there is only one volume if there were others would also be inside EfiFirmwareFileSystemGuid):
       

       
      In the original BIOS, circled in red we can see our volume.
      Note that in blue we have offset and green the size. Exactly as we checked up on HxD. In the modified BIOS we see that the size is different:
      Original: 1F18CEh
      Modified: 1F12D5h (we'll need this later)
       
      6. Let's extract this volume to calculate the checksum by choosing the "Extract as is ..."
       
       
       
      7. Use this command to get the checksum of this volume: fciv.exe -sha1 File_Volume_image_FvMainCompact.ffs
       

       
      Now we have the checksum that is 396e0dc987219b4369b1b9e010166302ce635202
       
      8. Replace the information in the TCPABIOS block:
       

       
      Note that the volume size must have the bytes inverted, so if the total is 6 bytes and is 1F12D5h, becomes D5 12 1F 00 00 00 in place of CE 18 1F 00 00 00.
      If the offset is different, also perform the same process by inverting the bytes.
      Checksum change from 34 2A 35 AB 41 26 39 E3 32 E5 B6 8A D6 49 5B 0B 77 F9 82 58 to 39 6E 0D C9 87 21 9B 43 69 B1 B9 E0 10 16 63 02 CE 63 52 02
       
      Do this for each volume in the BIOS.
       
      9. Now we need to generate the checksum of the whole TCPABIOS block but without considering the last 131 bytes, that is to dismiss FF FF 83 + 80 bytes from the previous signature.
       
      Copy to a new file in HxD and save as tcpabios
       

       
      Use the command to generate the checksum of this block: fciv.exe -sha1 tcpabios
       

       
      Checksum of TCPABIOS block: 0da6715509839a376b0a52e81fdf9683a8e70e52
       
      Create a new file in HxD and add 108 bytes with 00 and paste the checksum at the end and save as tcpabios_hash, thus:
       

       
      10. Now let's generate the RSA private key with modulus 3: openssl genrsa -3 -out my_key.pem 1024
       

       
      Sign the file tcpabios_hash: openssl rsautl -inkey my_key.pem -sign -in tcpabios_hash -raw > tcpabios_sign
       

       
      Now enjoy to generate the public key: openssl rsa -in my_key.pem -outform der -pubout -out my_key_pub.der
       

       
      And generate public key modulus 3: openssl rsa -pubin -inform der -in my_key_pub.der -text -noout
       

       
      Copy and paste the key into a text file to use soon. Remove all ":" and put everything on a single line, thus:
       

       
      11.   Open the tcpabios_sign file in HxD, copy the contents and replace the signature at the end of the TCPABIOS block:
       
       
       
      12. Now let's locate the location of the public key in the BIOS and replace it. This key starts with 12 04 and ends with 01 03 FF and is after the TCPABBLK block.
       
      The key looks like this: 12 04 + 81 bytes + 01 03 FF. Search for 01 03 FF to locate more easily. Verify that before the 81 bytes have bytes 12 04 to make sure you found.
       

       

       
      Now substitute for the public key that was annotated in the text file previously, thus:
       

       
       
      Save and you're ready. Your BIOS is signed and ready.
    • By Drovosek
      Hello.
      I extracted .aml files via F2 to Clover, then moved iasl and patchmatic to .../bin and DSDT converted.aml to DSDT.dsl
      Then I patched the DSDT.dsl patch battery_HP-G6-2221ss.txt and clicked "Compile".

      11750, 6126, syntax error, unexpected PARSEOP_ARG1
      19689, 6126, syntax error, unexpected PARSEOP_METHOD
      19735, 6126, syntax error, unexpected PARSEOP_CLOSE_PAREN
      19738, 6126, syntax error, unexpected '}', expecting $end and premature End-Of-File

      The first error disappears if you remove all the "args", the third if you remove the closing parenthesis (but I do not know how this is the correct solution to the errors)
       

      debug_9278.zip
      battery_HP-G6-2221ss.txt
      DSDT after bat patching.dsl
      DSDT primary.dsl
×