Rewrite HDMI patches without... well... patches

astro1df · Aug 16, 2024 · 6801f66 · 6801f66
1 parent ac31b2c
commit 6801f66
Show file tree

Hide file tree

Showing 2 changed files with 56 additions and 74 deletions.
diff --git a/NootedRed/AppleGFXHDA.cpp b/NootedRed/AppleGFXHDA.cpp
@@ -6,6 +6,14 @@
 #include "PatcherPlus.hpp"
 #include <Headers/kern_api.hpp>
 
+constexpr UInt32 AMDVendorID = 0x1002;
+constexpr UInt32 Navi10HDMIDeviceID = 0xAB38;
+constexpr UInt32 Navi10HDMIID = (Navi10HDMIDeviceID << 16) | AMDVendorID;
+constexpr UInt32 RavenHDMIDeviceID = 0x15DE;
+constexpr UInt32 RavenHDMIID = (RavenHDMIDeviceID << 16) | AMDVendorID;
+constexpr UInt32 RenoirHDMIDeviceID = 0x1637;
+constexpr UInt32 RenoirHDMIID = (RenoirHDMIDeviceID << 16) | AMDVendorID;
+
 static const char *pathAppleGFXHDA = "/System/Library/Extensions/AppleGFXHDA.kext/Contents/MacOS/AppleGFXHDA";
 
 static KernelPatcher::KextInfo kextAppleGFXHDA {"com.apple.driver.AppleGFXHDA", &pathAppleGFXHDA, 1, {true}, {},
@@ -20,38 +28,50 @@ void AppleGFXHDA::init() {
 
 bool AppleGFXHDA::processKext(KernelPatcher &patcher, size_t id, mach_vm_address_t slide, size_t size) {
     if (kextAppleGFXHDA.loadIndex == id) {
-        const UInt32 probeFind = 0xAB381002;
-        const UInt32 probeRepl = NRed::callback->deviceId <= 0x15DD ? 0x15DE1002 : 0x16371002;
-        bool catalina = getKernelVersion() == KernelVersion::Catalina;
-        const LookupPatchPlus patches[] = {
-            {&kextAppleGFXHDA, reinterpret_cast<const UInt8 *>(&probeFind), reinterpret_cast<const UInt8 *>(&probeRepl),
-                sizeof(probeFind), 1},
-            {&kextAppleGFXHDA, kCreateAppleHDAWidget1Original, kCreateAppleHDAWidget1OriginalMask,
-                kCreateAppleHDAWidget1Patched, kCreateAppleHDAWidget1PatchedMask, catalina ? 2U : 1},
+        NRed::callback->setRMMIOIfNecessary();
+
+        const UInt32 probeFind = Navi10HDMIID;
+        const UInt32 probeRepl = NRed::callback->chipType < ChipType::Renoir ? RavenHDMIID : RenoirHDMIID;
+        const LookupPatchPlus patch = {&kextAppleGFXHDA, reinterpret_cast<const UInt8 *>(&probeFind),
+            reinterpret_cast<const UInt8 *>(&probeRepl), sizeof(probeFind), 1};
+        PANIC_COND(!patch.apply(patcher, slide, size), "AGFXHDA", "Failed to apply patch for HDMI controller probe");
+
+        SolveRequestPlus solveRequests[] = {
+            {"__ZN34AppleGFXHDAFunctionGroupATI_Tahiti10gMetaClassE", this->orgFunctionGroupTahiti},
+            {"__ZN26AppleGFXHDAWidget_1002AAA010gMetaClassE", this->orgWidget1002AAA0},
         };
-        PANIC_COND(!LookupPatchPlus::applyAll(patcher, patches, slide, size), "AGFXHDA", "Failed to apply patches");
-
-        if (catalina) {
-            const LookupPatchPlus patch {&kextAppleGFXHDA, kCreateAppleHDACatalinaOriginal,
-                kCreateAppleHDACatalinaOriginalMask, kCreateAppleHDACatalinaPatched, kCreateAppleHDACatalinaPatchedMask,
-                1};
-            PANIC_COND(!patch.apply(patcher, slide, size), "AGFXHDA", "Failed to apply patch");
-        } else {
-            const LookupPatchPlus patches[] = {
-                {&kextAppleGFXHDA, kCreateAppleHDAFunctionGroup1Original, kCreateAppleHDAFunctionGroup1Patched, 1},
-                {&kextAppleGFXHDA, kCreateAppleHDAFunctionGroup2Original, kCreateAppleHDAFunctionGroup2Patched, 1},
-                {&kextAppleGFXHDA, kCreateAppleHDAWidget2Original, kCreateAppleHDAWidget2OriginalMask,
-                    kCreateAppleHDAWidget2Patched, 1},
-                {&kextAppleGFXHDA, kCreateAppleHDAOriginal, kCreateAppleHDAOriginalMask, kCreateAppleHDAPatched,
-                    kCreateAppleHDAPatchedMask, 2},
-                {&kextAppleGFXHDA, kCreateAppleHDA2Original, kCreateAppleHDA2OriginalMask, kCreateAppleHDA2Patched,
-                    kCreateAppleHDA2PatchedMask, 2},
-            };
-            PANIC_COND(!LookupPatchPlus::applyAll(patcher, patches, slide, size), "AGFXHDA", "Failed to apply patches");
-        }
+        PANIC_COND(!SolveRequestPlus::solveAll(patcher, id, solveRequests, slide, size), "AGFXHDA",
+            "Failed to solve symbols");
+
+        RouteRequestPlus requests[] = {
+            {"__ZN31AppleGFXHDAFunctionGroupFactory27createAppleHDAFunctionGroupEP11DevIdStruct",
+                wrapCreateAppleHDAFunctionGroup, this->orgCreateAppleHDAFunctionGroup},
+            {"__ZN24AppleGFXHDAWidgetFactory20createAppleHDAWidgetEP11DevIdStruct", wrapCreateAppleHDAWidget,
+                this->orgCreateAppleHDAWidget},
+        };
+        PANIC_COND(!RouteRequestPlus::routeAll(patcher, id, requests, slide, size), "AGFXHDA",
+            "Failed to route symbols");
 
         return true;
     }
 
     return false;
 }
+
+void *AppleGFXHDA::wrapCreateAppleHDAFunctionGroup(void *devId) {
+    auto vendorID = getMember<UInt16>(devId, 0x2);
+    auto deviceID = getMember<UInt32>(devId, 0x8);
+    if (vendorID == AMDVendorID && (deviceID == RavenHDMIDeviceID || deviceID == RenoirHDMIDeviceID)) {
+        return callback->orgFunctionGroupTahiti->alloc();
+    }
+    return FunctionCast(wrapCreateAppleHDAFunctionGroup, callback->orgCreateAppleHDAFunctionGroup)(devId);
+}
+
+void *AppleGFXHDA::wrapCreateAppleHDAWidget(void *devId) {
+    auto vendorID = getMember<UInt16>(devId, 0x2);
+    auto deviceID = getMember<UInt32>(devId, 0x8);
+    if (vendorID == AMDVendorID && (deviceID == RavenHDMIDeviceID || deviceID == RenoirHDMIDeviceID)) {
+        return callback->orgWidget1002AAA0->alloc();
+    }
+    return FunctionCast(wrapCreateAppleHDAFunctionGroup, callback->orgCreateAppleHDAFunctionGroup)(devId);
+}
diff --git a/NootedRed/AppleGFXHDA.hpp b/NootedRed/AppleGFXHDA.hpp
@@ -11,51 +11,13 @@ class AppleGFXHDA {
     public:
     void init();
     bool processKext(KernelPatcher &patcher, size_t id, mach_vm_address_t slide, size_t size);
-};
-
-//------ Patches ------//
-
-// TODO: Provide an explanation here.
-static const UInt8 kCreateAppleHDAFunctionGroup1Original[] = {0x3D, 0xD7, 0xAA, 0x00, 0x00};
-static const UInt8 kCreateAppleHDAFunctionGroup1Patched[] = {0x3D, 0x00, 0x00, 0x00, 0x00};
-
-// TODO: Provide an explanation here.
-static const UInt8 kCreateAppleHDAFunctionGroup2Original[] = {0x3D, 0xF7, 0xAA, 0x00, 0x00, 0x7F};
-static const UInt8 kCreateAppleHDAFunctionGroup2Patched[] = {0x3D, 0xF7, 0xAA, 0x00, 0x00, 0xEB};
 
-// TODO: Provide an explanation here.
-static const UInt8 kCreateAppleHDACatalinaOriginal[] = {0x3D, 0x1F, 0xAB, 0x00, 0x00, 0x7F, 0x00, 0x3D, 0xE0, 0xAA,
-    0x00, 0x00, 0x74, 0x00};
-static const UInt8 kCreateAppleHDACatalinaOriginalMask[] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0xFF, 0xFF, 0xFF,
-    0xFF, 0xFF, 0xFF, 0x00};
-static const UInt8 kCreateAppleHDACatalinaPatched[] = {0x66, 0x90, 0x66, 0x90, 0x66, 0x90, 0x66, 0x90, 0x66, 0x90, 0x66,
-    0x90, 0xEB, 0x00};
-static const UInt8 kCreateAppleHDACatalinaPatchedMask[] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-    0xFF, 0xFF, 0xFF, 0x00};
+    private:
+    OSMetaClass *orgFunctionGroupTahiti {nullptr};
+    OSMetaClass *orgWidget1002AAA0 {nullptr};
+    mach_vm_address_t orgCreateAppleHDAFunctionGroup {0};
+    mach_vm_address_t orgCreateAppleHDAWidget {0};
 
-// Force else path for `deviceID < 0xAA88` and `deviceID < 0xAAE0` check.
-static const UInt8 kCreateAppleHDAWidget1Original[] = {0x3D, 0x87, 0xAA, 0x00, 0x00, 0x7E, 0x00, 0x3D, 0xDF, 0xAA, 0x00,
-    0x00, 0x7F, 0x00};
-static const UInt8 kCreateAppleHDAWidget1OriginalMask[] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0xFF, 0xFF, 0xFF,
-    0xFF, 0xFF, 0xFF, 0x00};
-static const UInt8 kCreateAppleHDAWidget1Patched[] = {0x66, 0x90, 0x66, 0x90, 0x66, 0x90, 0x90, 0x66, 0x90, 0x66, 0x90,
-    0x90, 0xEB, 0x00};
-static const UInt8 kCreateAppleHDAWidget1PatchedMask[] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-    0xFF, 0xFF, 0xFF, 0x00};
-
-// Force else path for `deviceID < 0xAB20` check.
-static const UInt8 kCreateAppleHDAWidget2Original[] = {0x3D, 0x1F, 0xAB, 0x00, 0x00, 0x7E, 0x00};
-static const UInt8 kCreateAppleHDAWidget2OriginalMask[] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00};
-static const UInt8 kCreateAppleHDAWidget2Patched[] = {0x66, 0x90, 0x66, 0x90, 0x66, 0x90, 0x90};
-
-// Force else path for `0x18 < deviceID - 0xAB20` check.
-static const UInt8 kCreateAppleHDAOriginal[] = {0x8D, 0x88, 0xE0, 0x54, 0xFF, 0xFF, 0x83, 0xF9, 0x18, 0x77, 0x00};
-static const UInt8 kCreateAppleHDAOriginalMask[] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00};
-static const UInt8 kCreateAppleHDAPatched[] = {0x66, 0x90, 0x66, 0x90, 0x66, 0x90, 0x66, 0x90, 0x90, 0xEB, 0x00};
-static const UInt8 kCreateAppleHDAPatchedMask[] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00};
-
-// Force `deviceID == 0xA*F8` path.
-static const UInt8 kCreateAppleHDA2Original[] = {0x3D, 0xF8, 0xA0, 0x00, 0x00, 0x74, 0x00};
-static const UInt8 kCreateAppleHDA2OriginalMask[] = {0xFF, 0xFF, 0xF0, 0xFF, 0xFF, 0xFF, 0x00};
-static const UInt8 kCreateAppleHDA2Patched[] = {0x66, 0x90, 0x66, 0x90, 0x90, 0xEB, 0x00};
-static const UInt8 kCreateAppleHDA2PatchedMask[] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00};
+    static void *wrapCreateAppleHDAFunctionGroup(void *devId);
+    static void *wrapCreateAppleHDAWidget(void *devId);
+};