Merge IntelBTPatcher from https://github.com/zxystd/IntelBTPatcher.

Author: zxystd

IntelBTPatcher/Info.plist

@@ -0,0 +1,57 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>CFBundleDevelopmentRegion</key>
+	<string>$(DEVELOPMENT_LANGUAGE)</string>
+	<key>CFBundleExecutable</key>
+	<string>$(EXECUTABLE_NAME)</string>
+	<key>CFBundleIdentifier</key>
+	<string>$(PRODUCT_BUNDLE_IDENTIFIER)</string>
+	<key>CFBundleInfoDictionaryVersion</key>
+	<string>6.0</string>
+	<key>CFBundleName</key>
+	<string>$(PRODUCT_NAME)</string>
+	<key>CFBundlePackageType</key>
+	<string>$(PRODUCT_BUNDLE_PACKAGE_TYPE)</string>
+	<key>CFBundleShortVersionString</key>
+	<string>$(MARKETING_VERSION)</string>
+	<key>CFBundleVersion</key>
+	<string>$(CURRENT_PROJECT_VERSION)</string>
+	<key>IOKitPersonalities</key>
+	<dict>
+		<key>IntelBTPatcher</key>
+		<dict>
+			<key>CFBundleIdentifier</key>
+			<string>$(PRODUCT_BUNDLE_IDENTIFIER)</string>
+			<key>IOClass</key>
+			<string>$(PRODUCT_NAME:rfc1034identifier)</string>
+			<key>IOMatchCategory</key>
+			<string>$(PRODUCT_NAME:rfc1034identifier)</string>
+			<key>IOProviderClass</key>
+			<string>IOResources</string>
+			<key>IOResourceMatch</key>
+			<string>IOKit</string>
+		</dict>
+	</dict>
+	<key>NSHumanReadableCopyright</key>
+	<string>Copyright © 2022 zxystd. All rights reserved.</string>
+	<key>OSBundleLibraries</key>
+	<dict>
+		<key>as.vit9696.Lilu</key>
+		<string>1.2.0</string>
+		<key>com.apple.kpi.bsd</key>
+		<string>12.0.0</string>
+		<key>com.apple.kpi.dsep</key>
+		<string>12.0.0</string>
+		<key>com.apple.kpi.iokit</key>
+		<string>12.0.0</string>
+		<key>com.apple.kpi.libkern</key>
+		<string>12.0.0</string>
+		<key>com.apple.kpi.mach</key>
+		<string>12.0.0</string>
+		<key>com.apple.kpi.unsupported</key>
+		<string>12.0.0</string>
+	</dict>
+</dict>
+</plist>

IntelBTPatcher/IntelBTPatcher.cpp

@@ -0,0 +1,105 @@
+//
+//  IntelBTPatcher.cpp
+//  IntelBTPatcher
+//
+//  Created by qcwap on 2021/2/8.
+//
+
+#include <Headers/kern_api.hpp>
+#include <Headers/kern_util.hpp>
+#include <Headers/plugin_start.hpp>
+
+#include "IntelBTPatcher.hpp"
+
+static CIntelBTPatcher ibtPatcher;
+static CIntelBTPatcher *callbackIBTPatcher = nullptr;
+
+static const char *bootargOff[] {
+    "-ibtcompatoff"
+};
+
+static const char *bootargDebug[] {
+    "-ibtcompatdbg"
+};
+
+static const char *bootargBeta[] {
+    "-ibtcompatbeta"
+};
+
+PluginConfiguration ADDPR(config) {
+    xStringify(PRODUCT_NAME),
+    parseModuleVersion(xStringify(MODULE_VERSION)),
+    LiluAPI::AllowNormal | LiluAPI::AllowInstallerRecovery | LiluAPI::AllowSafeMode,
+    bootargOff,
+    arrsize(bootargOff),
+    bootargDebug,
+    arrsize(bootargDebug),
+    bootargBeta,
+    arrsize(bootargBeta),
+    KernelVersion::MountainLion,
+    KernelVersion::Monterey,
+    []() {
+        ibtPatcher.init();
+    }
+};
+
+static const char *IntelBTPatcher_IOBluetoothFamily[] { "/System/Library/Extensions/IOBluetoothFamily.kext/Contents/MacOS/IOBluetoothFamily" };
+
+static KernelPatcher::KextInfo IntelBTPatcher_IOBluetoothInfo {
+    "com.apple.iokit.IOBluetoothFamily",
+    IntelBTPatcher_IOBluetoothFamily,
+    1,
+    {true, true},
+    {},
+    KernelPatcher::KextInfo::Unloaded
+};
+
+bool CIntelBTPatcher::init()
+{
+    DBGLOG(DRV_NAME, "%s", __PRETTY_FUNCTION__);
+    callbackIBTPatcher = this;
+    lilu.onKextLoadForce(&IntelBTPatcher_IOBluetoothInfo, 1,
+    [](void *user, KernelPatcher &patcher, size_t index, mach_vm_address_t address, size_t size) {
+        callbackIBTPatcher->processKext(patcher, index, address, size);
+    }, this);
+    return true;
+}
+
+void CIntelBTPatcher::free()
+{
+    DBGLOG(DRV_NAME, "%s", __PRETTY_FUNCTION__);
+}
+
+void CIntelBTPatcher::processKext(KernelPatcher &patcher, size_t index, mach_vm_address_t address, size_t size)
+{
+    DBGLOG(DRV_NAME, "%s", __PRETTY_FUNCTION__);
+    if (getKernelVersion() < KernelVersion::Monterey) {
+        if (IntelBTPatcher_IOBluetoothInfo.loadIndex == index) {
+            DBGLOG(DRV_NAME, "%s", IntelBTPatcher_IOBluetoothInfo.id);
+            
+            KernelPatcher::RouteRequest findQueueRequestRequest {
+                "__ZN25IOBluetoothHostController17FindQueuedRequestEtP22BluetoothDeviceAddresstbPP21IOBluetoothHCIRequest",
+                newFindQueueRequest,
+                oldFindQueueRequest
+            };
+            patcher.routeMultiple(index, &findQueueRequestRequest, 1, address, size);
+            if (patcher.getError() == KernelPatcher::Error::NoError) {
+                DBGLOG(DRV_NAME, "routed %s", findQueueRequestRequest.symbol);
+            } else {
+                SYSLOG(DRV_NAME, "failed to resolve %s, error = %d", findQueueRequestRequest.symbol, patcher.getError());
+                patcher.clearError();
+            }
+            
+        }
+    }
+}
+
+IOReturn CIntelBTPatcher::newFindQueueRequest(void *that, unsigned short arg1, void *addr, unsigned short arg2, bool arg3, void **hciRequestPtr)
+{
+    IOReturn ret = FunctionCast(newFindQueueRequest, callbackIBTPatcher->oldFindQueueRequest)(that, arg1, addr, arg2, arg3, hciRequestPtr);
+    if (ret != 0 && arg1 == 0x2019) {
+        ret = FunctionCast(newFindQueueRequest, callbackIBTPatcher->oldFindQueueRequest)(that, arg1, addr, 0xffff, arg3, hciRequestPtr);
+        DBGLOG(DRV_NAME, "%s ret: %d arg1: 0x%04x arg2: 0x%04x arg3: %d ptr: %p", __FUNCTION__, ret, arg1, arg2, arg3, *hciRequestPtr);
+    }
+    return ret;
+}

IntelBTPatcher/IntelBTPatcher.hpp

@@ -0,0 +1,28 @@
+//
+//  IntelBTPatcher.h
+//  IntelBTPatcher
+//
+//  Created by qcwap on 2021/2/8.
+//
+
+#ifndef IntelBTPatcher_h
+#define IntelBTPatcher_h
+
+#include <Headers/kern_patcher.hpp>
+
+#define DRV_NAME "IntelBTPatcher"
+
+class BluetoothDeviceAddress;
+
+class CIntelBTPatcher {
+public:
+    bool init();
+    void free();
+    
+    void processKext(KernelPatcher &patcher, size_t index, mach_vm_address_t address, size_t size);
+    static IOReturn newFindQueueRequest(void *that, unsigned short arg1, void *addr, unsigned short arg2, bool arg3, void **hciRequestPtr);
+    
+    mach_vm_address_t oldFindQueueRequest {};
+};
+
+#endif /* IntelBTPatcher_h */