Fix BlueToolFixup compatibility on macOS 15

Based on #30 and #31. Thanks @zxystd
acidanthera · Jun 16, 2024 · 0c77c27 · 0c77c27
1 parent d7e3f23
commit 0c77c27
Showing 1 changed file with 38 additions and 3 deletions.
diff --git a/BrcmPatchRAM/BlueToolFixup.cpp b/BrcmPatchRAM/BlueToolFixup.cpp
@@ -113,7 +113,14 @@ static const uint8_t kBadChipsetCheckOriginal13_3[] =
 {
     0x81, 0xF9,              // cmp ecx
     0x9E, 0x0F, 0x00, 0x00,  // int 3998
-    0x77, 0x1A               // ja short
+    0x77, 0x00               // ja short
+};
+
+static const uint8_t kBadChipsetCheckMask13_3[] =
+{
+    0xFF, 0xFF,
+    0xFF, 0xFF, 0xFF, 0xFF,
+    0xFF, 0x00
 };
 
 static const uint8_t kBadChipsetCheckPatched13_3[] =
@@ -147,6 +154,33 @@ static const uint8_t kSkipInternalControllerNVRAMCheckPatched13_3[] =
     0x90, 0x90
 };
 
+static const uint8_t kSkipInternalControllerNVRAMCheck15[] =
+{
+    0x41, 0x80, 0x00, 0x01,                   // cmp whatever, 1
+    0x4C, 0x8B, 0xA5, 0x00, 0x00, 0x00, 0x00, // mov r12, whatever
+    0x75, 0x00,                               // jne unsupported
+    0x84, 0xDB,                               // test bl, bl
+    0x75, 0x00                                // jne unsupported
+};
+
+static const uint8_t kSkipInternalControllerNVRAMCheckMask15[] =
+{
+    0xFF, 0xFF, 0x00, 0xFF,
+    0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00,
+    0xFF, 0x00,
+    0xFF, 0xFF,
+    0xFF, 0x00
+};
+
+static const uint8_t kSkipInternalControllerNVRAMCheckPatched15[] =
+{
+    0x90, 0x90, 0x90, 0x90,
+    0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90,
+    0x90, 0x90,
+    0x90, 0x90,
+    0x90, 0x90
+};
+
 static bool shouldPatchBoardId = false;
 static bool shouldPatchAddress = false;
 
@@ -211,8 +245,9 @@ static void patched_cs_validate_page(vnode_t vp, memory_object_t pager, memory_o
         else if (strcmp(path + dirLength, "bluetoothd") == 0) {
             searchAndPatch(data, PAGE_SIZE, path, kVendorCheckOriginal, kVendorCheckPatched);
             searchAndPatch(data, PAGE_SIZE, path, kBadChipsetCheckOriginal, kBadChipsetCheckPatched);
-            searchAndPatch(data, PAGE_SIZE, path, kBadChipsetCheckOriginal13_3, kBadChipsetCheckPatched13_3);
+            searchAndPatchWithMask(data, PAGE_SIZE, path, kBadChipsetCheckOriginal13_3, sizeof(kBadChipsetCheckOriginal13_3), kBadChipsetCheckMask13_3, sizeof(kBadChipsetCheckOriginal13_3), kBadChipsetCheckPatched13_3, sizeof(kBadChipsetCheckPatched13_3), nullptr, 0);
             searchAndPatchWithMask(data, PAGE_SIZE, path, kSkipInternalControllerNVRAMCheck13_3, sizeof(kSkipInternalControllerNVRAMCheck13_3), kSkipInternalControllerNVRAMCheckMask13_3, sizeof(kSkipInternalControllerNVRAMCheckMask13_3), kSkipInternalControllerNVRAMCheckPatched13_3, sizeof(kSkipInternalControllerNVRAMCheckPatched13_3), nullptr, 0);
+            searchAndPatchWithMask(data, PAGE_SIZE, path, kSkipInternalControllerNVRAMCheck15, sizeof(kSkipInternalControllerNVRAMCheck15), kSkipInternalControllerNVRAMCheckMask15, sizeof(kSkipInternalControllerNVRAMCheckMask15), kSkipInternalControllerNVRAMCheckPatched15, sizeof(kSkipInternalControllerNVRAMCheckPatched15), nullptr, 0);
             if (shouldPatchBoardId)
                 searchAndPatch(data, PAGE_SIZE, path, boardIdsWithUSBBluetooth[0], kBoardIdSize, BaseDeviceInfo::get().boardIdentifier, kBoardIdSize);
             if (shouldPatchAddress)
@@ -271,6 +306,6 @@ PluginConfiguration ADDPR(config) {
     bootargBeta,
     arrsize(bootargBeta),
     KernelVersion::Monterey,
-    KernelVersion::Sonoma,
+    KernelVersion::Sequoia,
     pluginStart
 };