<hthh_>
(probably not helpful, but i unpack with xerub/img4lib then just load into ida)
<davidrysk[m]>
from where?
<davidrysk[m]>
I'm looking at /System/Library/Kernels/kernel.release.t8101
<davidrysk[m]>
which isn't an img4
<davidrysk[m]>
ah, just have to disassemble all the .text sections
<hthh_>
so i grab from the ipsw (from ipsw.me, which you can unzip), but that kernel loads in ida fine for me too (although it's just xnu, without the drivers)
<Shiz>
it's prelinked, you can just jam it into ida afaik
ransom has joined #asahi-re
ransom has quit [Ping timeout: 256 seconds]
ransom has joined #asahi-re
<davidrysk[m]>
What did marcan end up doing to work around the nGnRE issue?
<brentr123[m]>
I believe he renamed it to something else
<brentr123[m]>
Either that or I’m confused
<davidrysk[m]>
Apple doesn't have any workaround in their t8101 xnu for this, that I can tell
BaughnLogBot is now known as Baughn
<davidrysk[m]>
they do set more things in the MAIR1 register though
<hthh_>
i assume xnu just maps memory nGnRnE not nGnRE?
<davidrysk[m]>
xnu maps MT_DEVICE_nGnRE memory as nGnRE
<davidrysk[m]>
but xnu also declares two more memory types (CACHE_ATTRINDX_POSTED_REORDERED and CACHE_ATTRINDX_POSTED_COMBINED_REORDERED) and configured them accordingly
<davidrysk[m]>
configures*
<davidrysk[m]>
that's normal memory though
tiagom has joined #asahi-re
<davidrysk[m]>
IOKit exposes a kIOPostedWrite type which maps to nGnRE
<davidrysk[m]>
for IOMemory mapping
<davidrysk[m]>
is it possible that nothing in macOS uses that? I guess
Tokamak has quit [Ping timeout: 240 seconds]
<hthh_>
yeah - no idea - it's weird how much they can get away with when it's just their code on their hardware
Tokamak has joined #asahi-re
ransom has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
modwizcode has quit [Quit: Later]
Tokamak has quit [Ping timeout: 265 seconds]
Tokamak has joined #asahi-re
tiagom has quit [Quit: tiagom]
Tokamak_ has joined #asahi-re
Tokamak has quit [Ping timeout: 246 seconds]
tiagom has joined #asahi-re
artemist has quit [Ping timeout: 258 seconds]
artemist has joined #asahi-re
tiagom has quit [Quit: tiagom]
artemist has quit [Read error: Connection reset by peer]
artemist has joined #asahi-re
tiago has joined #asahi-re
tiago has quit [Client Quit]
tiagom has joined #asahi-re
tiagom has quit [Quit: leaving]
ransom has joined #asahi-re
ransom has quit [Client Quit]
tiagom has joined #asahi-re
tiagom has quit [Client Quit]
tiagom has joined #asahi-re
tiagom has quit [Client Quit]
tiagom has joined #asahi-re
Tokamak_ has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
tiagom has quit [Quit: leaving]
tiagom has joined #asahi-re
_whitelogger has joined #asahi-re
tiagom has quit [Quit: leaving]
<sven>
hrm, maybe the quirk doesn't apply to all of MMIO but only to some of it. or maybe there's some magic memory poke to fix that issue somewhere in xnu.
<sven>
but i'd expect the kernel to just map everything as nGnRnE :s
<maximus64>
we can install ktext and dump out the kernel page table and verify
n40455 has joined #asahi-re
n40455 has left #asahi-re [#asahi-re]
alula has joined #asahi-re
bostjan has joined #asahi-re
mogery has joined #asahi-re
wiloon has joined #asahi-re
mogeryy has joined #asahi-re
mogery has quit [Ping timeout: 256 seconds]
Axenntio has joined #asahi-re
minicom7 has joined #asahi-re
minicom has quit [Ping timeout: 240 seconds]
DrWhax has quit [Ping timeout: 240 seconds]
Hexagon has quit [Ping timeout: 240 seconds]
yeoj has quit [Ping timeout: 240 seconds]
yeoj has joined #asahi-re
vijfhoek has joined #asahi-re
DrWhax has joined #asahi-re
Hexagon has joined #asahi-re
Axenntio has quit [Ping timeout: 272 seconds]
r1fl has joined #asahi-re
taziden has quit [Ping timeout: 240 seconds]
mogeryy has quit [Read error: Connection reset by peer]
taziden has joined #asahi-re
mogeryy has joined #asahi-re
maor26 has joined #asahi-re
wiloon has quit [Quit: Connection closed for inactivity]
mogeryy has quit [Client Quit]
mogeryy has joined #asahi-re
mogeryy has quit [Remote host closed the connection]
mogeryy has joined #asahi-re
mogeryy has quit [Remote host closed the connection]
mogeryy has joined #asahi-re
maor26 has quit [Remote host closed the connection]
maor26 has joined #asahi-re
lucid_0x80 has joined #asahi-re
volpe has joined #asahi-re
snalty has joined #asahi-re
mogeryy has quit [Remote host closed the connection]
fewfewwe has joined #asahi-re
vimal has joined #asahi-re
vimal has quit [Remote host closed the connection]
vimal has joined #asahi-re
minicom7 is now known as minicom
<j`ey>
how was that chicken bit sequence found?
maor has joined #asahi-re
lucid_0x80 has quit [Read error: Connection reset by peer]
maor26 has quit [Ping timeout: 256 seconds]
jamadazi has joined #asahi-re
fewfewwe has quit [Quit: Connection closed]
TomJepp has joined #asahi-re
modwizcode has joined #asahi-re
ransom has joined #asahi-re
ransom has quit [Client Quit]
Tokamak has joined #asahi-re
skg has quit [Quit: 〜バイバイ〜!]
skg has joined #asahi-re
sharpiro has joined #asahi-re
jamadazi has quit [Ping timeout: 272 seconds]
sharpiro has quit [Quit: Leaving]
lethalbit has joined #asahi-re
jamadazi has joined #asahi-re
jamadazi has quit [Client Quit]
Axenntio has joined #asahi-re
Axenntio has quit [Ping timeout: 272 seconds]
uberushaximus has quit [Ping timeout: 256 seconds]
TehLink has joined #asahi-re
TheLink has quit [Ping timeout: 240 seconds]
TehLink is now known as TheLink
HotSwap has joined #asahi-re
citruscitrus[m] has joined #asahi-re
bostjan has quit [Quit: Leaving]
snalty has quit [Quit: Leaving]
maor has quit [Ping timeout: 272 seconds]
volpe has quit [Remote host closed the connection]