Jump to content
oldnapalm

AppleRTC patch (CMOS reset after sleep/wake)

50 posts in this topic

Recommended Posts

sudo perl -pi -e 's|\x75\x2e\x0f\xb6|\xeb\x2e\x0f\xb6|' /System/Library/Extensions/AppleRTC.kext/Contents/MacOS/AppleRTC
sudo touch /System/Library/Extensions
 

It's the same patch as ML, just different location, thanks rayap
 
 
10.8
< 0000000000001d32 jne 0x1d64
---
> 0000000000001d32 jmp 0x1d64
10.9
< 0000000000000d3e jne 0xd6e
---
> 0000000000000d3e jmp 0xd6e

 

Share this post


Link to post
Share on other sites
Advertisement

This patch does NOT work.

 

For me it worked pretty well! i've patched the original applertc from S/L/E and added in E/E , then i've restored the vanilla one in the original S/L/E folder...

Share this post


Link to post
Share on other sites

For me it worked pretty well! i've patched the original applertc from S/L/E and added in E/E , then i've restored the vanilla one in the original S/L/E folder...

 

well without a patched dsdt on 4 different machines that ive tested this on, cmos resets until i patch the dsdt, so.... i can confirm that it doesnt work.

Share this post


Link to post
Share on other sites

Without a patched DSDT you will have CMOS reset even without using sleep/wake on many machines.

 

AppleRTC patch avoids CMOS reset after sleep/wake.

 

It's a well known issue, anyway I've updated the title.

 

More info

http://www.insanelymac.com/forum/topic/253992-cmos-resets-on-restarts-after-sleep-and-wake-in-107-lion/

 

If it's not the case, how do you patch DSDT to avoid CMOS reset after sleep/wake?

Share this post


Link to post
Share on other sites
If it's not the case, how do you patch DSDT to avoid CMOS reset after sleep/wake?

 

Original code with comments on what to change.

Device (RTC)
{
    Name (_HID, EisaId ("PNP0B00"))  // _HID: Hardware ID
    Name (ATT0, ResourceTemplate ()
    {
        IO (Decode16,
            0x0070,             // Range Minimum
            0x0070,             // Range Maximum
            0x00,               // Alignment
            0x04,               // Length <-- Change from 4 to 2
            )
        IRQNoFlags () // <-- remove or comment 
            {8} // <-- these two lines
    })
    Name (ATT1, ResourceTemplate ()
    {
        IO (Decode16,
            0x0070,             // Range Minimum
            0x0070,             // Range Maximum
            0x00,               // Alignment
            0x04,               // Length <-- Change from 4 to 2
            )
    })
    Method (_CRS, 0, NotSerialized)  // _CRS: Current Resource Settings
    {
        If (LGreaterEqual (OSFX, 0x03)) {
            If (HPTF) {
                Return (ATT1)
            } Else {
                Return (ATT0)
            }
        } Else {
            Return (ATT0)
        }
    }
}

Fixed without comments:

Device (RTC)
{
    Name (_HID, EisaId ("PNP0B00"))  // _HID: Hardware ID
    Name (ATT0, ResourceTemplate ()
    {
        IO (Decode16,
            0x0070,             // Range Minimum
            0x0070,             // Range Maximum
            0x00,               // Alignment
            0x02,               // Length
            )
    })
    Name (ATT1, ResourceTemplate ()
    {
        IO (Decode16,
            0x0070,             // Range Minimum
            0x0070,             // Range Maximum
            0x00,               // Alignment
            0x02,               // Length
            )
    })
    Method (_CRS, 0, NotSerialized)  // _CRS: Current Resource Settings
    {
        If (LGreaterEqual (OSFX, 0x03)) {
            If (HPTF) {
                Return (ATT1)
            } Else {
                Return (ATT0)
            }
        } Else {
            Return (ATT0)
        }
    }
}

Share this post


Link to post
Share on other sites

On my Asus P5E this DSDT patch only fixes CMOS reset if I don't use sleep. After a sleep/wake CMOS is still reset if I don't patch AppleRTC.

Share this post


Link to post
Share on other sites

AppleRTC in DP2 can be patched with the same offset from the DP1

 

EDIT: Sorry, my mistake. Is the same kext. :P

Share this post


Link to post
Share on other sites

oldnapalm, thank you for nice tip.

 

 

I have on my DSTD the RTC block:

                Device (RTC)
                {
                    Name (_HID, EisaId ("PNP0B00"))
                    Name (BUF0, ResourceTemplate ()
                    {
                        IO (Decode16,
                            0x0070,             // Range Minimum
                            0x0070,             // Range Maximum
                            0x01,               // Alignment
                            0x02,               // Length
                            )
                    })
                    Name (BUF1, ResourceTemplate ()
                    {
                        IO (Decode16,
                            0x0070,             // Range Minimum
                            0x0070,             // Range Maximum
                            0x01,               // Alignment
                            0x08,               // Length
                            )
                        IRQNoFlags ()
                            {8}
                    })
                    Method (_CRS, 0, Serialized)
                    {
                        If (LEqual (HPTS, One))
                        {
                            Return (BUF0)
                        }
                        Else
                        {
                            Return (BUF1)
                        }
                    }
                }

If I remove the IRQNoFlags (), then comp will not go to the sleep at all. Has been reported that erasing IRQ from RTC breaks sleep under snow leopard 10.6.0 and 10.6.1, on 10.6.2 doesn´t breaks sleep. Seems that OS X 10.9 (13A603) removing the IRQNoFlags will break the sleep. 

 

I tested your suggestion to patch AppleRTC. Similar approach is also described on thedotnetter blog. 

 

Seems that this patch does NOT work for me. Any suggestions?

 

 

 

 

 

Share this post


Link to post
Share on other sites

This works for me on 10.9 Mavericks:

perl -pi -e 's|\x41\x89\xd7\x41\x89\xf4|\xe9\xb8\x00\x00\x00\x90|;' /System/Library/Extensions/AppleRTC.kext/Contents/MacOS/AppleRTC

 

Verify your source file before patching: 

md5 AppleRTC 

MD5 (AppleRTC) = 4b1d28ac48a2a7b35ed6b2034e0fd912

 

This patch completely disables all CMOS writes from AppleRTC

Share this post


Link to post
Share on other sites

This works for me on 10.9 Mavericks:

perl -pi -e 's|\x41\x89\xd7\x41\x89\xf4|\xe9\xb8\x00\x00\x00\x90|;' /System/Library/Extensions/AppleRTC.kext/Contents/MacOS/AppleRTC

 

Verify your source file before patching: 

md5 AppleRTC 

MD5 (AppleRTC) = 4b1d28ac48a2a7b35ed6b2034e0fd912

 

This patch completely disables all CMOS writes from AppleRTC

This patch worked for me on my Dell Inspiron 530 running 10.9. The one that [url=&quot;http://www.insanelymac.com/forum/topic/279450-why-insanelymac-does-not-support-tonymacx86/&quot;]#####[/url] 6 installed does not work for me - after restart, the cmos is corrupt (even after shutdown - sometimes).

But after 4 restarts & shutdowns, all seems OK.

Thx.

Share this post


Link to post
Share on other sites

post-1145065-0-41558700-1392377375_thumb.png

 

Friends. I did a "dump" of the RTC, the Eurotherm DarwinDumper. Can you tell me, why he reported "bugs" in the CMOS reset? 
 
There may be errors in my system after the "sleep"?

Share this post


Link to post
Share on other sites

 can some body  help me and patch my rtc kext its failing   some times it goes to the wheel to restart  other times just  resets my cmos right away  but prob is its causing a cmos reset n i have the patch kext installed  

Share this post


Link to post
Share on other sites

Just apply the patch above (which i mention in prev comment). You will no longer have RTC/cmos errors. Verify md5 before patching.

Share this post


Link to post
Share on other sites

Just apply the patch above (which i mention in prev comment). You will no longer have RTC/cmos errors. Verify md5 before patching.

could you specify which build. 10.9.?

Share this post


Link to post
Share on other sites

Im use the patch for ML and always after from shutdown or restart  when im starting windows my clock is 3 hrs back!  How to fix that.

 

I have windows & mac in same hdd.

Share this post


Link to post
Share on other sites
@windowsX1
joust the first time zone in mac OSX. 
then in windows. 
Even in windows add this file to the registry. 
After that restart switching between windows and mac about 3 times
to synchronize the system and voila, you are done, you will see that your time will be the same in both systems.
credits:iddpioneer

 

Corrigir_Horario_Win_Mac.zip

Share this post


Link to post
Share on other sites

Im use the patch for ML and always after from shutdown or restart  when im starting windows my clock is 3 hrs back!  How to fix that.

 

I have windows & mac in same hdd.

You may install BootCamp on Windows. (reading HFS+ partitions is a benefit)

Share this post


Link to post
Share on other sites

Hi,

I have recently updated my system to Mavericks, and now if the system sleeps the CMOS is corrupted. I realise looking through some threads here that this is pretty old news, but I had a DSDT file in Mountain Lion which I guess took care of this issue (came via a Kakewalk install), so it wasn't a problem for me. Now in Mavericks I don't have a DSDT file. (I used MyHack.) 

As I am new to this topic any guidance is welcome:

 

1. Can I use an off-the-shelf DSDT.aml file for my motherboard or do I need to compile one myself somehow? If so, how?

2. Once I have a DSDT.aml file, will adding the patch above solve my problem?

 

My system: a venerable GA-EX58-UD5, 2.7GHz Intel Core i7, GeForce 9800 GT 512MB, 6GB Corsair memory. Still going strong after a number of years.

Extras installed: just what came with MyHack, namely:

 

AppleACPIPS2Nub.kext

ApplePS2Controller.kext

FakeSMC.kext

lspcidrv.kext

NullCPUPowerManagement.kext

Patched_10.7_AppleRTC.kext

 

As a side note, my boot up time since upgrading is very long - about 2mins to the login screen, another long while before I can actually log in. Fine once in. Is a DSDT file likely to help with this issue?

 

Thanks.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By grisno
      Hi people,
       
      Installer to activate the sound card REALTEK ALC282-v2 (10ec:0282) with LayoutID 1 or 3 in MacOS. This installer does not contain AppleHDA patched Kext. To work properly, it must be installed over vanilla AppleHDA.kext.
       
      I want to thank the whole community for their efforts and content provided, because without these it would not be possible to create this installer.
       
      I would appreciate comments and suggestions!!
       
      Status:
      Speakers : OK Headphones : OK HDMI Audio : OK (Intel HD4K Tested) LineIn : N/A (Model Without LineIn) MicInt : OK MicIntNoiseReduction : OK MicExt : N/A (Model Without MicExt) AutoDetectLineIn : N/A (Model Without LineIn) Sleep : OK WakeUp : OK AutoSleep : OK Hibernate : OK Siri : OK   Tested Laptops:
       
      - HP Pavillion 15-D002SS
       
      Coming Soon:
       
      - Unified installer for the different supported operating systems.
      - Support model with LineIn jack.
       
      Modified Verbs:
      01271C20 01271D00 01271EA0 01271F90 01471C10 01471D00 01471E17 01471F90 01871CF0 01871D00 01871E00 01871F40 01E71CF0 01E71D00 01E71E00 01E71F40 02171C30 02171D10 02171E21 02171F00 01470C02   DSDT:
       
      Patch to apply with MaciASL in your DSDT
      ######################################### HDEF v1.00######################################## into method label _DSM parent_label HDEF remove_entry;into device label HDEF insertbeginMethod (_DSM, 4, NotSerialized)\n{\n If (LEqual (Arg2, Zero)) { Return (Buffer() { 0x03 } ) }\n Return (Package()\n {\n "layout-id", Buffer() { 0x01, 0x00, 0x00, 0x00 },\n //"layout-id", Buffer() { 0x03, 0x00, 0x00, 0x00 },\n "hda-gfx", Buffer() { "onboard-1" },\n "PinConfigurations", Buffer() { },\n })\n}\nend;  
    • By ludufre
      [GUIA] Correção de assinatura BIOS Insyde H2O
       
      Recentemente comprei um notebook Lenovo L440 pra instalar o macOS Mojave e fui substituir a placa wireless pela DW1560 porque a atual não é compatível. Descobri que existia uma whitelist de placas permitidas que as fabricantes estão adotando recentemente (no meu caso utiliza uma bios Phoenix Insyde BIOS H2O).
       
      Procurei em fórums de BIOS MODDING e encontrei pessoas que fizeram o patch pra mim. Só que após substituir a BIOS notei que o computador ficava apitando 5 vezes todas vez que ligava e fui me aprofundar no caso. E foi aí que descobri como resolver isso e por isso criei esse guia baseado nas informações que achei em alguns fóruns russos.
       
       
      Prefácio
       
      Quando a BIOS falha no teste te integridade, algumas funcionalidades Intel AMT param de funcionar e é emitido uma sequência de 5 apitos duas vezes no boot.
      Após modificar para remover whitelist (habilitar placas WI-FI não autorizadas), destravar MSR 0xe2 (hackintosh), habilitar menu avançado, etc. a BIOS não vai passar no teste de integridade causando esse problema.
      Essa verificação de integridade é feita através da assinatura RSA do bloco da BIOS chamado TCPABIOS (mais informações abaixo) com a chave pública no formato modulus 3 também armazenada na BIOS.
      Esse bloco TCPABIOS armazena os checksums de cada volume da BIOS.
       
      O que faremos é gerar novos checkums para esses volumes que foram modificados, gerar um para de chaves RSA (privada e pública), assinar esse bloco com a chave privada e substituir a chave pública.
       
       
      Ferramentas necessárias
       
      - EFITool NE alpha 54: https://github.com/LongSoft/UEFITool/releases
      - HxD 2.1.0: https://mh-nexus.de/en/hxd/
      - OpenSSL: http://gnuwin32.sourceforge.net/packages/openssl.htm (Download -> Binaries)
      - Microsoft File Checksum Integrity Verifier (FCIV.exe): https://www.microsoft.com/en-us/download/details.aspx?id=11533
       
      Passo a passo
       
      Vamos abrir a BIOS modificada, localizar o bloco TCPABIOS e entender sua anatomia.
       
      1. Abra a BIOS no HxD
       

      (Vamos utilizar nesse guia a BIOS modificada no fórum MyDigitalLife.com pelo usuário Serg008 para o notebook Lenovo B590)
       
      2. Busque a palavra TCPABIOS:
       


       
      3. O bloco começa com TCPABIOS e termina com antes de TCPACPUH
       

       
      4. Anatomia:
       
      54 43 50 41 42 49 4F 53 48 31 38 34 61 31 31 2F
      32 36 2F 31 33 49 42 4D 53 45 43 55 52 00 FD 27
      34 2A 35 AB 41 26 39 E3 32 E5 B6 8A D6 49 5B 0B
      77 F9 82 58 48 00 00 00 CE 18 1F 00 00 00 03 00
      00 00 00 00 00 00 27 00 00 00 00 00 00 00 00 00
      00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      00 00 00 00 00 00 00 00 00 00 00 FF FF 83 04 D4
      52 52 95 C5 D7 21 55 78 0E 5C AD 47 EE C4 3D 1D
      C1 EC 69 03 2B 51 A5 42 61 96 22 F9 7B 88 57 B7
      A8 9D D0 20 DB 5B 11 10 55 07 84 6C 62 DF FA 2F
      6A A8 43 0C 8A 40 AF 79 0D 31 DB 5A 5D C8 2F EB
      F8 7C 87 B0 A6 3D 2A 88 AE 91 9D 88 E3 AA 85 E3
      5A B3 91 7F 28 68 1F BA 92 C4 7E 10 F5 1A 7E 75
      A9 6F CE C0 4F BA FA 79 A5 98 2B 50 60 BA 09 73
      7B 03 D1 0C 3E A2 9C 44 DF E9 F2 92 34 7B
       
      Cinza: Nome e informações do bloco
      Vermelho: Informações dos volumes (Checksum e Cabeçalho)
      Azul: Separação da lista de volumes para a assinatura do bloco
      Verde: Assinatura do bloco TCPABIOS são os últimos 128 bytes
       
      Lista de Volumes:
       
      Cada volume tem o formato: 00 FD 27 34 2A 35 AB 41 26 39 E3 32 E5 B6 8A D6 49 5B 0B 77 F9 82 58 48 00 00 00 CE 18 1F 00 00 00 03 00 00 00 00 00
                                                      (prefixo 3 bytes + checksum 20 bytes + offset 4 bytes + tamanho do volume 6 bytes + separador do fim 6 bytes)
       
      Os volumes são enumerados e utilizam o primeiro byte no prefixo para isso (00 FD 27), começando do 0.
      A BIOS utilizada nesse exemplo possui somente um volume, mas no caso de mais de um volume, seria: 00 FD 27 .., 01 FD 27 ..., 02 FD 27 ...
      - Checksum é o cálculo SHA1 do volume.
      - Offset é a posição do volume dentro da BIOS. Os bytes ficam invertidos, nesse caso seria 00 00 00 48 ou seja: 48h
      - Tamanho do volume também está com os bytes invertidos, então: 1F18CEh
       
      Então é isso. Precisamos corrigir essas informações (checksum, offset e tamanho)
       
      5. Para extrair os volumes abra a BIOS com o UEFITool e veja como identificar os volumes (nosso exemplo há somente um volume, se houvessem outros estariam também dentro de EfiFirmwareFileSystemGuid):
       

       
      Na BIOS original, circulado em vermelho podemos ver o nosso volume.
      Observe que em azul temos Offset e verde o tamanho. Exatamente como verificamos acima no HxD. Já na BIOS modificada vemos que está diferente o tamanho:
      Oridinal: 1F18CEh
      Modificada: 1F12D5h (vamos precisar disso mais tarde)
       
      6. Vamos extrair esse volume escolhendo a opção “Extract as is...”
       
       
       
      7. Utilize esse comando para obter o checkum desse volume: fciv.exe -sha1 File_Volume_image_FvMainCompact.ffs
       

       
      Agora temos o checksum que é 396e0dc987219b4369b1b9e010166302ce635202
       
      8. Substitua as informações no bloco TCPABIOS:
       

       
      Observe que o tamanho do volume precisa ter os bytes invertidos, então se o total são 6 bytes e é 1F12D5h, fica D5 12 1F 00 00 00 no lugar de CE 18 1F 00 00 00.
      Se o offset for diferente, também realizar o mesmo procedimento invertendo os bytes.
      Checksum alterar de 34 2A 35 AB 41 26 39 E3 32 E5 B6 8A D6 49 5B 0B 77 F9 82 58 para 39 6E 0D C9 87 21 9B 43 69 B1 B9 E0 10 16 63 02 CE 63 52 02
       
      Faça esse procedimento para cada volume na BIOS.
       
      9. Agora precisamos gerar o checksum de todo o bloco TCPABIOS mas sem considerar os últimos 131 bytes, ou seja desconsiderar de FF FF 83 + 80 bytes da assinatura anterior.
       
      Copie para um novo arquivo no HxD e salve como tcpabios
       

       
      Utilize o comando para gerar o checksum desse bloco: fciv.exe -sha1 tcpabios
       

       
      Checksum do bloco TCPABIOS: 0da6715509839a376b0a52e81fdf9683a8e70e52
       
      Crie um novo arquivo no HxD e adicione 108 bytes com 00 e cole o checksum no final e salve como tcpabios_sha, ficando assim:
       

       
      10. Agora vamos gerar a chave privada RSA com modulus 3: openssl genrsa -3 -out my_key.pem 1024
       

       
      Assinar o arquivo tcpabios_sha: openssl rsautl -inkey my_key.pem -sign -in tcpabios_hash -raw > tcpabios_sign
       

       
      Agora aproveite para gerar a chave publica: openssl rsa -in my_key.pem -outform der -pubout -out my_key_pub.der
       

       
      E gerar modulus 3 da chave pública: openssl rsa -pubin -inform der -in my_key_pub.der -text -noout
       

       
      Copie e cole a chave em um arquivo de texto para utilizar daqui a pouco. Remova todos os “:” e coloque tudo em uma única linha, ficando assim:
       

       
      11.   Abra o arquivo tcpabios_sign no HxD, copie o conteúdo e substitua a assinatura no final do bloco TCPABIOS:
       
       
       
      12. Agora vamos localizar na BIOS o local da chave pública e substituir. Essa chave começa com 12 04 e termina com 01 03 FF e fica após o bloco TCPABBLK.
       
      A chave fica assim: 12 04 + 81 bytes + 01 03 FF. Faça uma busca por 01 03 FF para localizar mais facilmente. Verifique se antes dos 81 bytes tem os bytes 12 04 para ter certeza que achou.
       

       

       
      Agora substitua pela chave pública que ficou anotado no arquivo de texto anteriormente, ficando assim:
       

       
       
      Salve e está pronto. Sua BIOS está assinada e pronta.
       
    • By ludufre
      [GUIDE] Fix Insyde H2O BIOS signature (5 beeps on Lenovo)
       
      I recently bought a Lenovo L440 laptop to install the Mojave macOS and I replaced the wireless card with the DW1560 because the current one is not compatible. I discovered that there was a whitelist of enabled cards that manufacturers are adopting recently (in my case it uses a Phoenix Insyde BIOS H2O).
       
      I searched the BIOS Modding forums and found people who did the patch for me. But after replacing the BIOS I noticed that the computer keep beeping 5 times every time I boot. So, I went deeper into this issue and that's when I figured out how to solve it. Then I created this guide based on the information I found in some Russian forums.
       
      Preface
       
      When the BIOS integrity test fails, some Intel AMT functionality stops working and a sequence of 5 whistles is issued twice at boot.
      After modifying to remove whitelist (enable unauthorized WI-FI cards), unlock MSR 0xe2 (hackintosh), enable advanced menu, etc. the BIOS will not pass the integrity test causing this problem.
      This integrity check is done through the RSA signature of the BIOS block called TCPABIOS (more information below) with the public key in modulus 3 format also stored in the BIOS.
      This TCPABIOS block stores the checksums of each BIOS volume.
       
      What we will do is generate new checksum for those volumes that have been modified, generate a RSA (private and public) key pair, sign that block with the private key, and replace the public key.
       
       
      Tools needed
       
      - EFITool NE alpha 54: https://github.com/LongSoft/UEFITool/releases
      - HxD 2.1.0: https://mh-nexus.de/en/hxd/
      - OpenSSL: http://gnuwin32.sourceforge.net/packages/openssl.htm (Download -> Binaries)
      - Microsoft File Checksum Integrity Verifier (FCIV.exe): https://www.microsoft.com/en-us/download/details.aspx?id=11533
       
      Step by step
       
      Let's open the modified BIOS, locate the TCPABIOS block and understand its anatomy.
       
      1. Open the BIOS with HxD
       

      (We will use the modded BIOS in the MyDigitalLife.com forum by the Serg008 user for the Lenovo B590 laptop in this guide)
       
      2. Find the word TCPABIOS:
       


       
      3. The block starts with TCPABIOS and ends before TCPACPUH
       

       
      4. Anatomy:
       
      54 43 50 41 42 49 4F 53 48 31 38 34 61 31 31 2F
      32 36 2F 31 33 49 42 4D 53 45 43 55 52 00 FD 27
      34 2A 35 AB 41 26 39 E3 32 E5 B6 8A D6 49 5B 0B
      77 F9 82 58 48 00 00 00 CE 18 1F 00 00 00 03 00
      00 00 00 00 00 00 27 00 00 00 00 00 00 00 00 00
      00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      00 00 00 00 00 00 00 00 00 00 00 FF FF 83 04 D4
      52 52 95 C5 D7 21 55 78 0E 5C AD 47 EE C4 3D 1D
      C1 EC 69 03 2B 51 A5 42 61 96 22 F9 7B 88 57 B7
      A8 9D D0 20 DB 5B 11 10 55 07 84 6C 62 DF FA 2F
      6A A8 43 0C 8A 40 AF 79 0D 31 DB 5A 5D C8 2F EB
      F8 7C 87 B0 A6 3D 2A 88 AE 91 9D 88 E3 AA 85 E3
      5A B3 91 7F 28 68 1F BA 92 C4 7E 10 F5 1A 7E 75
      A9 6F CE C0 4F BA FA 79 A5 98 2B 50 60 BA 09 73
      7B 03 D1 0C 3E A2 9C 44 DF E9 F2 92 34 7B
       
      Gray: Name and Block Information
      Red: Volume Information (Checksum and Header)
      Blue: Separation of the list of volumes and the block signature
      Green: Signature of the TCPABIOS block are the last 128 bytes
       
      List of Volumes:
       
      Each volume has the format: 00 FD 27 34 2A 35 AB 41 26 39 E3 32 E5 B6 8A D6 49 5B 0B 77 F9 82 58 48 00 00 00 CE 18 1F 00 00 00 03 00 00 00 00 00
                                              (Prefix 3 bytes + checksum 20 bytes + offset 4 bytes + volume size 6 bytes + end delimiter 6 bytes)
       
      The volumes are enumerated and use the first byte in the prefix for this (00 FD 27), starting at 0.
      The BIOS used in this example has only one volume, but in the case of more than one volume, it would be: 00 FD 27 .., 01 FD 27 ..., 02 FD 27 ...
      - Checksum is SHA1 calculation of the volume.
      - Offset is the volume position within the BIOS. The bytes are inverted, in this case it would be 00 00 00 48, equals to 48h
      - Volume Size is also with the bytes inverted, then: 1F18CEh
       
      Then that's it. We need to correct this information (checksum, offset and size)
       
      5. To extract the volumes open the BIOS with the UEFITool and see how to identify the volumes (our example there is only one volume if there were others would also be inside EfiFirmwareFileSystemGuid):
       

       
      In the original BIOS, circled in red we can see our volume.
      Note that in blue we have offset and green the size. Exactly as we checked up on HxD. In the modified BIOS we see that the size is different:
      Original: 1F18CEh
      Modified: 1F12D5h (we'll need this later)
       
      6. Let's extract this volume to calculate the checksum by choosing the "Extract as is ..."
       
       
       
      7. Use this command to get the checksum of this volume: fciv.exe -sha1 File_Volume_image_FvMainCompact.ffs
       

       
      Now we have the checksum that is 396e0dc987219b4369b1b9e010166302ce635202
       
      8. Replace the information in the TCPABIOS block:
       

       
      Note that the volume size must have the bytes inverted, so if the total is 6 bytes and is 1F12D5h, becomes D5 12 1F 00 00 00 in place of CE 18 1F 00 00 00.
      If the offset is different, also perform the same process by inverting the bytes.
      Checksum change from 34 2A 35 AB 41 26 39 E3 32 E5 B6 8A D6 49 5B 0B 77 F9 82 58 to 39 6E 0D C9 87 21 9B 43 69 B1 B9 E0 10 16 63 02 CE 63 52 02
       
      Do this for each volume in the BIOS.
       
      9. Now we need to generate the checksum of the whole TCPABIOS block but without considering the last 131 bytes, that is to dismiss FF FF 83 + 80 bytes from the previous signature.
       
      Copy to a new file in HxD and save as tcpabios
       

       
      Use the command to generate the checksum of this block: fciv.exe -sha1 tcpabios
       

       
      Checksum of TCPABIOS block: 0da6715509839a376b0a52e81fdf9683a8e70e52
       
      Create a new file in HxD and add 108 bytes with 00 and paste the checksum at the end and save as tcpabios_hash, thus:
       

       
      10. Now let's generate the RSA private key with modulus 3: openssl genrsa -3 -out my_key.pem 1024
       

       
      Sign the file tcpabios_hash: openssl rsautl -inkey my_key.pem -sign -in tcpabios_hash -raw > tcpabios_sign
       

       
      Now enjoy to generate the public key: openssl rsa -in my_key.pem -outform der -pubout -out my_key_pub.der
       

       
      And generate public key modulus 3: openssl rsa -pubin -inform der -in my_key_pub.der -text -noout
       

       
      Copy and paste the key into a text file to use soon. Remove all ":" and put everything on a single line, thus:
       

       
      11.   Open the tcpabios_sign file in HxD, copy the contents and replace the signature at the end of the TCPABIOS block:
       
       
       
      12. Now let's locate the location of the public key in the BIOS and replace it. This key starts with 12 04 and ends with 01 03 FF and is after the TCPABBLK block.
       
      The key looks like this: 12 04 + 81 bytes + 01 03 FF. Search for 01 03 FF to locate more easily. Verify that before the 81 bytes have bytes 12 04 to make sure you found.
       

       

       
      Now substitute for the public key that was annotated in the text file previously, thus:
       

       
       
      Save and you're ready. Your BIOS is signed and ready.
    • By Drovosek
      Hello.
      I extracted .aml files via F2 to Clover, then moved iasl and patchmatic to .../bin and DSDT converted.aml to DSDT.dsl
      Then I patched the DSDT.dsl patch battery_HP-G6-2221ss.txt and clicked "Compile".

      11750, 6126, syntax error, unexpected PARSEOP_ARG1
      19689, 6126, syntax error, unexpected PARSEOP_METHOD
      19735, 6126, syntax error, unexpected PARSEOP_CLOSE_PAREN
      19738, 6126, syntax error, unexpected '}', expecting $end and premature End-Of-File

      The first error disappears if you remove all the "args", the third if you remove the closing parenthesis (but I do not know how this is the correct solution to the errors)
       

      debug_9278.zip
      battery_HP-G6-2221ss.txt
      DSDT after bat patching.dsl
      DSDT primary.dsl
    • By grisno
      Hi people,
       
      This is a preliminary installer to activate the sound card IDT 92HD87B2/4 (111D:76D9) in MacOS. This new version of the installer does not contain AppleHDA patched Kext. To work properly, it must be installed over vanilla AppleHDA Kext.
       
      I want to thank the whole community for their efforts and content provided, because without these it would not be possible to create this installer.
       
      I would appreciate comments and suggestions!!
       
      Status:
      Speakers : OK Headphones : OK HDMI Audio : OK (Intel HD3K/4K Tested) LineIn : OK MicInt : OK MicIntNoiseReduction : OK MicExt : OK AutoDetectLineIn : OK Sleep : OK WakeUp : OK AutoSleep : OK Hibernate : OK Siri : OK   Tested Laptops:
       
      - HP Pavillion G6-2209SS
      - HP Probook 4440S
       
      Coming Soon:
       
      - Unified installer for the different supported operating systems
       
      Original Verbs:
      00a71cf0 00a71d00 00a71ef0 00a71f40 00b71c1f 00b71d10 00b71e21 00b71f04 00c71c20 00c71d10 00c71ea1 00c71f04 00d71c10 00d71d01 00d71e17 00d71f90 00f71cf0 00f71d00 00f71ef0 00f71f40 01171c30 01171d01 01171ea3 01171fd5   Modified Verbs Layer ID 3 & 12:
      00A71CF0 00A71D00 00A71EF0 00A71F40 01371C40 01371D10 01371E21 01371F04 00C71C20 00C71D10 00C71E81 00C71F04 01471C10 01471D01 01471E17 01471F90 00F71C50 00F71D00 00F71EF0 00F71F40 01171C30 01171D01 01171EA0 01171F90  
      Modified Verbs Layer ID 2:
      00B71C10 00B71D10 00B71E21 00B71F04 00C71C20 00C71D10 00C71E81 00C71F04 00D71C30 00D71D00 00D71E17 00D71F90 01171C40 01171D00 01171EA0 01171F90  
        AppleHDAHardwareConfigDriver.kext > Info.plist (Layer ID 2, 3 & 12): <key>HDAConfigDefault</key> <array> <dict> <key>AFGLowPowerState</key> <data> AwAAAA== </data> <key>Codec</key> <string>IDT 92HD87B2/4</string> <key>CodecID</key> <integer>287143641</integer> <key>ConfigData</key> <data> AKcc8ACnHQAApx7wAKcfQAE3HEABNx0QATce IQE3HwQAxxwgAMcdEADHHoEAxx8EAUccEAFH HQEBRx4XAUcfkAD3HFAA9x0AAPce8AD3H0AB FxwwARcdAQEXHqABFx+Q </data> <key>FuncGroup</key> <integer>1</integer> <key>LayoutID</key> <integer>2</integer> </dict> <dict> <key>AFGLowPowerState</key> <data> AwAAAA== </data> <key>Codec</key> <string>IDT 92HD87B2/4</string> <key>CodecID</key> <integer>287143641</integer> <key>ConfigData</key> <data> ALccEAC3HRAAtx4hALcfBADHHCAAxx0QAMce gQDHHwQA1xwwANcdAADXHhcA1x+QARccQAEX HQABFx6gARcfkA== </data> <key>FuncGroup</key> <integer>1</integer> <key>LayoutID</key> <integer>3</integer> </dict> <dict> <key>AFGLowPowerState</key> <data> AwAAAA== </data> <key>Codec</key> <string>IDT 92HD87B2/4</string> <key>CodecID</key> <integer>287143641</integer> <key>ConfigData</key> <data> ALccEAC3HRAAtx4hALcfBADHHCAAxx0QAMce gQDHHwQA1xwwANcdAADXHhcA1x+QARccQAEX HQABFx6gARcfkA== </data> <key>FuncGroup</key> <integer>1</integer> <key>LayoutID</key> <integer>12</integer> </dict> </array>   DSDT:
       
      Patch to apply with MaciASL in your DSDT. You must change the value of the layout-id before applying the patch. In MacOS Mojave should always be 0x02
      ######################################### HDEF ######################################## into method label _DSM parent_label HDEF remove_entry; into device label HDEF insert begin Method (_DSM, 4, NotSerialized)\n {\n If (LEqual (Arg2, Zero)) { Return (Buffer() { 0x03 } ) }\n Return (Package()\n {\n "built-in", Buffer () { 0x00 }, \n "hda-gfx", Buffer() { "onboard-1" }, \n "layout-id", Buffer () { 0x03, 0x00, 0x00, 0x00 }, \n "PinConfigurations", Buffer () {}, \n "MaximumBootBeepVolume", Buffer () { 0x4d } \n })\n }\n end;  
×