Author Topic: Ephemerboot  (Read 1808 times)

Offline Daniel

  • Gold Member (200+ Posts)
  • *****
  • Posts: 268
  • Programmer, Hacker, Thinker
Ephemerboot
« on: May 23, 2017, 04:59:01 PM »
Hi everyone,
I just found this neat little piece of wizardry called Ephemerboot. It lets you boot off of a ram disk on New World Macs. It apparently does not work on a lot of systems, but the coolest things about it are some of the tricks it uses.
Quote
(Nearly) every partitionable disk has a patch partition, an obscure and little-used invisible 256 kB partition. Code from this partition is loaded and run at boot. Normally this does boring things like patch ROM disk drivers from the pre-4 GB era and allow machines predating popular CD-ROM drives to boot from them with the "c" key. Actually, that's all that patch partitions have ever done, far as I know. You might have noticed, however, that these functions both deal with letting the machine boot from things it normally wouldn't. That's because the patch partition is run before the boot volume is determined.
Quote
Once some physical memory has been cordoned off in Open Firmware, it's tough to access. It's so well-hidden that not even the Nanokernel knows about it just trying to read those addresses causes a crash (an unmapped memory exception). No public Mac API will bring that memory back.

However, there's a cute little app called PowerMacInfo, written as a kernel monitoring tool by some really cool Apple engineers. It can show you physical memory at any address. (By default, it only shows you memory the kernel knows about, but it can be fooled with MacsBug.)
So I reverse-engineered it. It's the "old-style" 68k VM interface. It centers around opword 0xfe0a (that's an f-trap!). The definitions at the top of EphermerBoot.c should be a good enough explanation. The second parameter to VMUnmap controls whether the page should be remapped upon an unmapped access (true) or if unmapped accesses should cause a propagated fault (false). The parameters are UInt32's because they're page numbers, not addresses.

Both of these tricks could be very useful for debugging and general messing around with things we shouldn't mess around with...

Offline Protools5LEGuy

  • Global Moderator
  • Platinum Member (500+ Posts)
  • *****
  • Posts: 2251
Re: Ephemerboot
« Reply #1 on: May 23, 2017, 06:10:53 PM »
https://groups.google.com/forum/#!topic/comp.sys.mac.programmer.help/UH78zG9cmPA
Quote
Current Multiprocessing SDK from Apple contains
version 1.5d16 of PowerMacInfo tool. Undertstand
there is a version 1.7d5 (post by Rene A. Vega
on 10-25-2001). Does anyone know where this can
be downloaded ?

Also, where might I find additional documentation
on the nanokernel (if any exists) ?

Thanks for any help, Nick Burgoyne    14 Feb 2003
<sbrbN...@cats.ucsc.edu>

Quote
It's up to you to figure what's going on inside the nanokernel. You
might have fun with the source from my hack Ephemerboot, at
http://homepage.mac.com/potswa/source .

You could ask Rene for 1.7d5. Or you could ask me.

   - Potatoswatter
Looking for MacOS 9.2.4

Offline Protools5LEGuy

  • Global Moderator
  • Platinum Member (500+ Posts)
  • *****
  • Posts: 2251
Re: Ephemerboot
« Reply #2 on: May 23, 2017, 06:22:18 PM »
https://web.archive.org/web/20031029202050/http://homepage.mac.com:80/potswa/source/
Quote
David Krauss' Source Code Samples

Ephemerboot: This hack allows NewWorld Macs to boot from a RAM disk. It wasn't a simple task. Download it for more info. Goodies you'll get include code for

    data checksumming and correcting, configurable for # errors detected/corrected and speed,
    accessing physical memory from Classic Mac OS, without restrictions (even the PPC exception vectors!), on any PPC OS version, without much hassle,
    dealing with discontiguous physical memory in Open Firmware.

If you reuse any of this code, or just appreciate it, mail me!.

Dis Dave: Dis Dave is a port of Apple's standard PowerPC disassembler to Open Firmware. If you are interested in seeing how a very simple operating system works, Open Firmware has long been a worthwhile read. This disassembler makes interactive disassembly possible for the first time.

OFPong: This is an updated version of the 2nd-place winner of the 1998 MacHack conference competition. It works with newer Macs that don't require a serial connection to start OF. It also lets you change the controls. If this doesn't work on your machine, try the original.

The 6Star Memory Comparators: These are a set of highly optimized PowerPC Assembler functions for comparing blocks of memory (for example, strings). Very fast.

Interrupt Safe Debug: an extended version of the original, by the same author as OFPong. Prints out status messages to the screen, in any environment. My version improves support for getting messages from different pieces of software to one stream of text. While one message coming from within an emulated 68k interrupt is being printed, a pre-emptive PowerPC MPThread cuts in and prints another message at the same time? No problem.

DropLite: This is an ultralight shell for creating simple drag-and-drop apps. Features directory recursion, automatic directory-tree duplication, and basic AppleScriptability. Generates executables under 15K :v). No documentation yet, unfortunately. If you're interested, drop me a line and I'll hop to it.

ClassBlock: this is an old version of a quick stack-based memory allocator class that I put up because there were some people on Usenet that wanted to see it. Still haven't taken it down. If you want a newer version (it's been much improved) tell me to update it.

For as long as I'm too lazy to do a real post of Upper to the FTP site, I'm keeping the Upper sources here. It's a big download 'cuz I didn't remove object code 'cuz I'm lazy. If anyone out there wants to get the source on their PC, and can't use this StuffIt archive, I'll post the regular text upon request.
Looking for MacOS 9.2.4


Offline Daniel

  • Gold Member (200+ Posts)
  • *****
  • Posts: 268
  • Programmer, Hacker, Thinker
Re: Ephemerboot
« Reply #4 on: May 23, 2017, 06:39:24 PM »
Around half of the links on that guy's site do not work(even in the wayback machine). It is very unfortunate :(