Skip to content

Commit

Permalink
Added one more patch for bluetoothd on macOS 15
Browse files Browse the repository at this point in the history
  • Loading branch information
@PMheart
PMheart committed Jun 17, 2024
1 parent 0c77c27 commit ebc01b5
Showing 1 changed file with 29 additions and 0 deletions.
29 changes: 29 additions & 0 deletions BrcmPatchRAM/BlueToolFixup.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -109,6 +109,33 @@ static const uint8_t kBadChipsetCheckPatched[] =
0xEB // jmp short
};

static const uint8_t kBadChipsetCheckOriginal15[] =
{
0x81, 0xFA, 0xCF, 0x07, 0x00, 0x00, // cmp edx, 1999d
0x72, 0x00, // jb unsupported
0xFF, 0xC9, // dec ecx
0x81, 0xF9, 0x9E, 0x0F, 0x00, 0x00, // cmp edx, 3998d
0x77, 0x00 // ja unsupported
};

static const uint8_t kBadChipsetCheckMask15[] =
{
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xFF, 0x00,
0xFF, 0xFF,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xFF, 0x00
};

static const uint8_t kBadChipsetCheckPatched15[] =
{
0x90, 0x90, 0x90, 0x90, 0x90, 0x90,
0x90, 0x90,
0x90, 0x90,
0x90, 0x90, 0x90, 0x90, 0x90, 0x90,
0x90, 0x90
};

static const uint8_t kBadChipsetCheckOriginal13_3[] =
{
0x81, 0xF9, // cmp ecx
Expand Down Expand Up @@ -245,6 +272,8 @@ static void patched_cs_validate_page(vnode_t vp, memory_object_t pager, memory_o
else if (strcmp(path + dirLength, "bluetoothd") == 0) {
searchAndPatch(data, PAGE_SIZE, path, kVendorCheckOriginal, kVendorCheckPatched);
searchAndPatch(data, PAGE_SIZE, path, kBadChipsetCheckOriginal, kBadChipsetCheckPatched);
// kBadChipsetCheckOriginal15 is a greater set of kBadChipsetCheckOriginal13_3, and thus will be applied first.
searchAndPatchWithMask(data, PAGE_SIZE, path, kBadChipsetCheckOriginal15, sizeof(kBadChipsetCheckOriginal15), kBadChipsetCheckMask15, sizeof(kBadChipsetCheckMask15), kBadChipsetCheckPatched15, sizeof(kBadChipsetCheckPatched15), nullptr, 0);
searchAndPatchWithMask(data, PAGE_SIZE, path, kBadChipsetCheckOriginal13_3, sizeof(kBadChipsetCheckOriginal13_3), kBadChipsetCheckMask13_3, sizeof(kBadChipsetCheckOriginal13_3), kBadChipsetCheckPatched13_3, sizeof(kBadChipsetCheckPatched13_3), nullptr, 0);
searchAndPatchWithMask(data, PAGE_SIZE, path, kSkipInternalControllerNVRAMCheck13_3, sizeof(kSkipInternalControllerNVRAMCheck13_3), kSkipInternalControllerNVRAMCheckMask13_3, sizeof(kSkipInternalControllerNVRAMCheckMask13_3), kSkipInternalControllerNVRAMCheckPatched13_3, sizeof(kSkipInternalControllerNVRAMCheckPatched13_3), nullptr, 0);
searchAndPatchWithMask(data, PAGE_SIZE, path, kSkipInternalControllerNVRAMCheck15, sizeof(kSkipInternalControllerNVRAMCheck15), kSkipInternalControllerNVRAMCheckMask15, sizeof(kSkipInternalControllerNVRAMCheckMask15), kSkipInternalControllerNVRAMCheckPatched15, sizeof(kSkipInternalControllerNVRAMCheckPatched15), nullptr, 0);
Expand Down

0 comments on commit ebc01b5

Please sign in to comment.