EFI config backup

2022-03-29 10:26:33 +03:00
parent 03b8035141
commit 24449516c0
96 changed files with 33899 additions and 0 deletions
--- a/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/capstone/arm.h
+++ b/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/capstone/arm.h
@ -0,0 +1,883 @@
+#ifndef CAPSTONE_ARM_H
+#define CAPSTONE_ARM_H
+
+/* Capstone Disassembly Engine */
+/* By Nguyen Anh Quynh <aquynh@gmail.com>, 2013-2014 */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#if !defined(_MSC_VER) || !defined(_KERNEL_MODE)
+#include <stdint.h>
+#endif
+
+#include "platform.h"
+
+#ifdef _MSC_VER
+#pragma warning(disable:4201)
+#endif
+
+//> ARM shift type
+typedef enum arm_shifter {
+	ARM_SFT_INVALID = 0,
+	ARM_SFT_ASR,	// shift with immediate const
+	ARM_SFT_LSL,	// shift with immediate const
+	ARM_SFT_LSR,	// shift with immediate const
+	ARM_SFT_ROR,	// shift with immediate const
+	ARM_SFT_RRX,	// shift with immediate const
+	ARM_SFT_ASR_REG,	// shift with register
+	ARM_SFT_LSL_REG,	// shift with register
+	ARM_SFT_LSR_REG,	// shift with register
+	ARM_SFT_ROR_REG,	// shift with register
+	ARM_SFT_RRX_REG,	// shift with register
+} arm_shifter;
+
+//> ARM condition code
+typedef enum arm_cc {
+	ARM_CC_INVALID = 0,
+	ARM_CC_EQ,            // Equal                      Equal
+	ARM_CC_NE,            // Not equal                  Not equal, or unordered
+	ARM_CC_HS,            // Carry set                  >, ==, or unordered
+	ARM_CC_LO,            // Carry clear                Less than
+	ARM_CC_MI,            // Minus, negative            Less than
+	ARM_CC_PL,            // Plus, positive or zero     >, ==, or unordered
+	ARM_CC_VS,            // Overflow                   Unordered
+	ARM_CC_VC,            // No overflow                Not unordered
+	ARM_CC_HI,            // Unsigned higher            Greater than, or unordered
+	ARM_CC_LS,            // Unsigned lower or same     Less than or equal
+	ARM_CC_GE,            // Greater than or equal      Greater than or equal
+	ARM_CC_LT,            // Less than                  Less than, or unordered
+	ARM_CC_GT,            // Greater than               Greater than
+	ARM_CC_LE,            // Less than or equal         <, ==, or unordered
+	ARM_CC_AL             // Always (unconditional)     Always (unconditional)
+} arm_cc;
+
+typedef enum arm_sysreg {
+	//> Special registers for MSR
+	ARM_SYSREG_INVALID = 0,
+
+	// SPSR* registers can be OR combined
+	ARM_SYSREG_SPSR_C = 1,
+	ARM_SYSREG_SPSR_X = 2,
+	ARM_SYSREG_SPSR_S = 4,
+	ARM_SYSREG_SPSR_F = 8,
+
+	// CPSR* registers can be OR combined
+	ARM_SYSREG_CPSR_C = 16,
+	ARM_SYSREG_CPSR_X = 32,
+	ARM_SYSREG_CPSR_S = 64,
+	ARM_SYSREG_CPSR_F = 128,
+
+	// independent registers
+	ARM_SYSREG_APSR = 256,
+	ARM_SYSREG_APSR_G,
+	ARM_SYSREG_APSR_NZCVQ,
+	ARM_SYSREG_APSR_NZCVQG,
+
+	ARM_SYSREG_IAPSR,
+	ARM_SYSREG_IAPSR_G,
+	ARM_SYSREG_IAPSR_NZCVQG,
+
+	ARM_SYSREG_EAPSR,
+	ARM_SYSREG_EAPSR_G,
+	ARM_SYSREG_EAPSR_NZCVQG,
+
+	ARM_SYSREG_XPSR,
+	ARM_SYSREG_XPSR_G,
+	ARM_SYSREG_XPSR_NZCVQG,
+
+	ARM_SYSREG_IPSR,
+	ARM_SYSREG_EPSR,
+	ARM_SYSREG_IEPSR,
+
+	ARM_SYSREG_MSP,
+	ARM_SYSREG_PSP,
+	ARM_SYSREG_PRIMASK,
+	ARM_SYSREG_BASEPRI,
+	ARM_SYSREG_BASEPRI_MAX,
+	ARM_SYSREG_FAULTMASK,
+	ARM_SYSREG_CONTROL,
+} arm_sysreg;
+
+//> The memory barrier constants map directly to the 4-bit encoding of
+//> the option field for Memory Barrier operations.
+typedef enum arm_mem_barrier {
+	ARM_MB_INVALID = 0,
+	ARM_MB_RESERVED_0,
+	ARM_MB_OSHLD,
+	ARM_MB_OSHST,
+	ARM_MB_OSH,
+	ARM_MB_RESERVED_4,
+	ARM_MB_NSHLD,
+	ARM_MB_NSHST,
+	ARM_MB_NSH,
+	ARM_MB_RESERVED_8,
+	ARM_MB_ISHLD,
+	ARM_MB_ISHST,
+	ARM_MB_ISH,
+	ARM_MB_RESERVED_12,
+	ARM_MB_LD,
+	ARM_MB_ST,
+	ARM_MB_SY,
+} arm_mem_barrier;
+
+//> Operand type for instruction's operands
+typedef enum arm_op_type {
+	ARM_OP_INVALID = 0, // = CS_OP_INVALID (Uninitialized).
+	ARM_OP_REG, // = CS_OP_REG (Register operand).
+	ARM_OP_IMM, // = CS_OP_IMM (Immediate operand).
+	ARM_OP_MEM, // = CS_OP_MEM (Memory operand).
+	ARM_OP_FP,  // = CS_OP_FP (Floating-Point operand).
+	ARM_OP_CIMM = 64, // C-Immediate (coprocessor registers)
+	ARM_OP_PIMM, // P-Immediate (coprocessor registers)
+	ARM_OP_SETEND,	// operand for SETEND instruction
+	ARM_OP_SYSREG,	// MSR/MRS special register operand
+} arm_op_type;
+
+//> Operand type for SETEND instruction
+typedef enum arm_setend_type {
+	ARM_SETEND_INVALID = 0,	// Uninitialized.
+	ARM_SETEND_BE,	// BE operand.
+	ARM_SETEND_LE, // LE operand
+} arm_setend_type;
+
+typedef enum arm_cpsmode_type {
+	ARM_CPSMODE_INVALID = 0,
+	ARM_CPSMODE_IE = 2,
+	ARM_CPSMODE_ID = 3
+} arm_cpsmode_type;
+
+//> Operand type for SETEND instruction
+typedef enum arm_cpsflag_type {
+	ARM_CPSFLAG_INVALID = 0,
+	ARM_CPSFLAG_F = 1,
+	ARM_CPSFLAG_I = 2,
+	ARM_CPSFLAG_A = 4,
+	ARM_CPSFLAG_NONE = 16,	// no flag
+} arm_cpsflag_type;
+
+//> Data type for elements of vector instructions.
+typedef enum arm_vectordata_type {
+	ARM_VECTORDATA_INVALID = 0,
+
+	// Integer type
+	ARM_VECTORDATA_I8,
+	ARM_VECTORDATA_I16,
+	ARM_VECTORDATA_I32,
+	ARM_VECTORDATA_I64,
+
+	// Signed integer type
+	ARM_VECTORDATA_S8,
+	ARM_VECTORDATA_S16,
+	ARM_VECTORDATA_S32,
+	ARM_VECTORDATA_S64,
+
+	// Unsigned integer type
+	ARM_VECTORDATA_U8,
+	ARM_VECTORDATA_U16,
+	ARM_VECTORDATA_U32,
+	ARM_VECTORDATA_U64,
+
+	// Data type for VMUL/VMULL
+	ARM_VECTORDATA_P8,
+
+	// Floating type
+	ARM_VECTORDATA_F32,
+	ARM_VECTORDATA_F64,
+
+	// Convert float <-> float
+	ARM_VECTORDATA_F16F64,	// f16.f64
+	ARM_VECTORDATA_F64F16,	// f64.f16
+	ARM_VECTORDATA_F32F16,	// f32.f16
+	ARM_VECTORDATA_F16F32,	// f32.f16
+	ARM_VECTORDATA_F64F32,	// f64.f32
+	ARM_VECTORDATA_F32F64,	// f32.f64
+
+	// Convert integer <-> float
+	ARM_VECTORDATA_S32F32,	// s32.f32
+	ARM_VECTORDATA_U32F32,	// u32.f32
+	ARM_VECTORDATA_F32S32,	// f32.s32
+	ARM_VECTORDATA_F32U32,	// f32.u32
+	ARM_VECTORDATA_F64S16,	// f64.s16
+	ARM_VECTORDATA_F32S16,	// f32.s16
+	ARM_VECTORDATA_F64S32,	// f64.s32
+	ARM_VECTORDATA_S16F64,	// s16.f64
+	ARM_VECTORDATA_S16F32,	// s16.f64
+	ARM_VECTORDATA_S32F64,	// s32.f64
+	ARM_VECTORDATA_U16F64,	// u16.f64
+	ARM_VECTORDATA_U16F32,	// u16.f32
+	ARM_VECTORDATA_U32F64,	// u32.f64
+	ARM_VECTORDATA_F64U16,	// f64.u16
+	ARM_VECTORDATA_F32U16,	// f32.u16
+	ARM_VECTORDATA_F64U32,	// f64.u32
+} arm_vectordata_type;
+
+// Instruction's operand referring to memory
+// This is associated with ARM_OP_MEM operand type above
+typedef struct arm_op_mem {
+	unsigned int base;	// base register
+	unsigned int index;	// index register
+	int scale;	// scale for index register (can be 1, or -1)
+	int disp;	// displacement/offset value
+} arm_op_mem;
+
+// Instruction operand
+typedef struct cs_arm_op {
+	int vector_index;	// Vector Index for some vector operands (or -1 if irrelevant)
+	struct {
+		arm_shifter type;
+		unsigned int value;
+	} shift;
+	arm_op_type type;	// operand type
+	union {
+		unsigned int reg;	// register value for REG/SYSREG operand
+		int32_t imm;			// immediate value for C-IMM, P-IMM or IMM operand
+		double fp;			// floating point value for FP operand
+		arm_op_mem mem;		// base/index/scale/disp value for MEM operand
+		arm_setend_type setend; // SETEND instruction's operand type
+	};
+	// in some instructions, an operand can be subtracted or added to
+	// the base register,
+	bool subtracted; // if TRUE, this operand is subtracted. otherwise, it is added.
+} cs_arm_op;
+
+// Instruction structure
+typedef struct cs_arm {
+	bool usermode;	// User-mode registers to be loaded (for LDM/STM instructions)
+	int vector_size; 	// Scalar size for vector instructions
+	arm_vectordata_type vector_data; // Data type for elements of vector instructions
+	arm_cpsmode_type cps_mode;	// CPS mode for CPS instruction
+	arm_cpsflag_type cps_flag;	// CPS mode for CPS instruction
+	arm_cc cc;			// conditional code for this insn
+	bool update_flags;	// does this insn update flags?
+	bool writeback;		// does this insn write-back?
+	arm_mem_barrier mem_barrier;	// Option for some memory barrier instructions
+
+	// Number of operands of this instruction, 
+	// or 0 when instruction has no operand.
+	uint8_t op_count;
+
+	cs_arm_op operands[36];	// operands for this instruction.
+} cs_arm;
+
+//> ARM registers
+typedef enum arm_reg {
+	ARM_REG_INVALID = 0,
+	ARM_REG_APSR,
+	ARM_REG_APSR_NZCV,
+	ARM_REG_CPSR,
+	ARM_REG_FPEXC,
+	ARM_REG_FPINST,
+	ARM_REG_FPSCR,
+	ARM_REG_FPSCR_NZCV,
+	ARM_REG_FPSID,
+	ARM_REG_ITSTATE,
+	ARM_REG_LR,
+	ARM_REG_PC,
+	ARM_REG_SP,
+	ARM_REG_SPSR,
+	ARM_REG_D0,
+	ARM_REG_D1,
+	ARM_REG_D2,
+	ARM_REG_D3,
+	ARM_REG_D4,
+	ARM_REG_D5,
+	ARM_REG_D6,
+	ARM_REG_D7,
+	ARM_REG_D8,
+	ARM_REG_D9,
+	ARM_REG_D10,
+	ARM_REG_D11,
+	ARM_REG_D12,
+	ARM_REG_D13,
+	ARM_REG_D14,
+	ARM_REG_D15,
+	ARM_REG_D16,
+	ARM_REG_D17,
+	ARM_REG_D18,
+	ARM_REG_D19,
+	ARM_REG_D20,
+	ARM_REG_D21,
+	ARM_REG_D22,
+	ARM_REG_D23,
+	ARM_REG_D24,
+	ARM_REG_D25,
+	ARM_REG_D26,
+	ARM_REG_D27,
+	ARM_REG_D28,
+	ARM_REG_D29,
+	ARM_REG_D30,
+	ARM_REG_D31,
+	ARM_REG_FPINST2,
+	ARM_REG_MVFR0,
+	ARM_REG_MVFR1,
+	ARM_REG_MVFR2,
+	ARM_REG_Q0,
+	ARM_REG_Q1,
+	ARM_REG_Q2,
+	ARM_REG_Q3,
+	ARM_REG_Q4,
+	ARM_REG_Q5,
+	ARM_REG_Q6,
+	ARM_REG_Q7,
+	ARM_REG_Q8,
+	ARM_REG_Q9,
+	ARM_REG_Q10,
+	ARM_REG_Q11,
+	ARM_REG_Q12,
+	ARM_REG_Q13,
+	ARM_REG_Q14,
+	ARM_REG_Q15,
+	ARM_REG_R0,
+	ARM_REG_R1,
+	ARM_REG_R2,
+	ARM_REG_R3,
+	ARM_REG_R4,
+	ARM_REG_R5,
+	ARM_REG_R6,
+	ARM_REG_R7,
+	ARM_REG_R8,
+	ARM_REG_R9,
+	ARM_REG_R10,
+	ARM_REG_R11,
+	ARM_REG_R12,
+	ARM_REG_S0,
+	ARM_REG_S1,
+	ARM_REG_S2,
+	ARM_REG_S3,
+	ARM_REG_S4,
+	ARM_REG_S5,
+	ARM_REG_S6,
+	ARM_REG_S7,
+	ARM_REG_S8,
+	ARM_REG_S9,
+	ARM_REG_S10,
+	ARM_REG_S11,
+	ARM_REG_S12,
+	ARM_REG_S13,
+	ARM_REG_S14,
+	ARM_REG_S15,
+	ARM_REG_S16,
+	ARM_REG_S17,
+	ARM_REG_S18,
+	ARM_REG_S19,
+	ARM_REG_S20,
+	ARM_REG_S21,
+	ARM_REG_S22,
+	ARM_REG_S23,
+	ARM_REG_S24,
+	ARM_REG_S25,
+	ARM_REG_S26,
+	ARM_REG_S27,
+	ARM_REG_S28,
+	ARM_REG_S29,
+	ARM_REG_S30,
+	ARM_REG_S31,
+
+	ARM_REG_ENDING,		// <-- mark the end of the list or registers
+
+	//> alias registers
+	ARM_REG_R13 = ARM_REG_SP,
+	ARM_REG_R14 = ARM_REG_LR,
+	ARM_REG_R15 = ARM_REG_PC,
+
+	ARM_REG_SB = ARM_REG_R9,
+	ARM_REG_SL = ARM_REG_R10,
+	ARM_REG_FP = ARM_REG_R11,
+	ARM_REG_IP = ARM_REG_R12,
+} arm_reg;
+
+//> ARM instruction
+typedef enum arm_insn {
+	ARM_INS_INVALID = 0,
+
+	ARM_INS_ADC,
+	ARM_INS_ADD,
+	ARM_INS_ADR,
+	ARM_INS_AESD,
+	ARM_INS_AESE,
+	ARM_INS_AESIMC,
+	ARM_INS_AESMC,
+	ARM_INS_AND,
+	ARM_INS_BFC,
+	ARM_INS_BFI,
+	ARM_INS_BIC,
+	ARM_INS_BKPT,
+	ARM_INS_BL,
+	ARM_INS_BLX,
+	ARM_INS_BX,
+	ARM_INS_BXJ,
+	ARM_INS_B,
+	ARM_INS_CDP,
+	ARM_INS_CDP2,
+	ARM_INS_CLREX,
+	ARM_INS_CLZ,
+	ARM_INS_CMN,
+	ARM_INS_CMP,
+	ARM_INS_CPS,
+	ARM_INS_CRC32B,
+	ARM_INS_CRC32CB,
+	ARM_INS_CRC32CH,
+	ARM_INS_CRC32CW,
+	ARM_INS_CRC32H,
+	ARM_INS_CRC32W,
+	ARM_INS_DBG,
+	ARM_INS_DMB,
+	ARM_INS_DSB,
+	ARM_INS_EOR,
+	ARM_INS_VMOV,
+	ARM_INS_FLDMDBX,
+	ARM_INS_FLDMIAX,
+	ARM_INS_VMRS,
+	ARM_INS_FSTMDBX,
+	ARM_INS_FSTMIAX,
+	ARM_INS_HINT,
+	ARM_INS_HLT,
+	ARM_INS_ISB,
+	ARM_INS_LDA,
+	ARM_INS_LDAB,
+	ARM_INS_LDAEX,
+	ARM_INS_LDAEXB,
+	ARM_INS_LDAEXD,
+	ARM_INS_LDAEXH,
+	ARM_INS_LDAH,
+	ARM_INS_LDC2L,
+	ARM_INS_LDC2,
+	ARM_INS_LDCL,
+	ARM_INS_LDC,
+	ARM_INS_LDMDA,
+	ARM_INS_LDMDB,
+	ARM_INS_LDM,
+	ARM_INS_LDMIB,
+	ARM_INS_LDRBT,
+	ARM_INS_LDRB,
+	ARM_INS_LDRD,
+	ARM_INS_LDREX,
+	ARM_INS_LDREXB,
+	ARM_INS_LDREXD,
+	ARM_INS_LDREXH,
+	ARM_INS_LDRH,
+	ARM_INS_LDRHT,
+	ARM_INS_LDRSB,
+	ARM_INS_LDRSBT,
+	ARM_INS_LDRSH,
+	ARM_INS_LDRSHT,
+	ARM_INS_LDRT,
+	ARM_INS_LDR,
+	ARM_INS_MCR,
+	ARM_INS_MCR2,
+	ARM_INS_MCRR,
+	ARM_INS_MCRR2,
+	ARM_INS_MLA,
+	ARM_INS_MLS,
+	ARM_INS_MOV,
+	ARM_INS_MOVT,
+	ARM_INS_MOVW,
+	ARM_INS_MRC,
+	ARM_INS_MRC2,
+	ARM_INS_MRRC,
+	ARM_INS_MRRC2,
+	ARM_INS_MRS,
+	ARM_INS_MSR,
+	ARM_INS_MUL,
+	ARM_INS_MVN,
+	ARM_INS_ORR,
+	ARM_INS_PKHBT,
+	ARM_INS_PKHTB,
+	ARM_INS_PLDW,
+	ARM_INS_PLD,
+	ARM_INS_PLI,
+	ARM_INS_QADD,
+	ARM_INS_QADD16,
+	ARM_INS_QADD8,
+	ARM_INS_QASX,
+	ARM_INS_QDADD,
+	ARM_INS_QDSUB,
+	ARM_INS_QSAX,
+	ARM_INS_QSUB,
+	ARM_INS_QSUB16,
+	ARM_INS_QSUB8,
+	ARM_INS_RBIT,
+	ARM_INS_REV,
+	ARM_INS_REV16,
+	ARM_INS_REVSH,
+	ARM_INS_RFEDA,
+	ARM_INS_RFEDB,
+	ARM_INS_RFEIA,
+	ARM_INS_RFEIB,
+	ARM_INS_RSB,
+	ARM_INS_RSC,
+	ARM_INS_SADD16,
+	ARM_INS_SADD8,
+	ARM_INS_SASX,
+	ARM_INS_SBC,
+	ARM_INS_SBFX,
+	ARM_INS_SDIV,
+	ARM_INS_SEL,
+	ARM_INS_SETEND,
+	ARM_INS_SHA1C,
+	ARM_INS_SHA1H,
+	ARM_INS_SHA1M,
+	ARM_INS_SHA1P,
+	ARM_INS_SHA1SU0,
+	ARM_INS_SHA1SU1,
+	ARM_INS_SHA256H,
+	ARM_INS_SHA256H2,
+	ARM_INS_SHA256SU0,
+	ARM_INS_SHA256SU1,
+	ARM_INS_SHADD16,
+	ARM_INS_SHADD8,
+	ARM_INS_SHASX,
+	ARM_INS_SHSAX,
+	ARM_INS_SHSUB16,
+	ARM_INS_SHSUB8,
+	ARM_INS_SMC,
+	ARM_INS_SMLABB,
+	ARM_INS_SMLABT,
+	ARM_INS_SMLAD,
+	ARM_INS_SMLADX,
+	ARM_INS_SMLAL,
+	ARM_INS_SMLALBB,
+	ARM_INS_SMLALBT,
+	ARM_INS_SMLALD,
+	ARM_INS_SMLALDX,
+	ARM_INS_SMLALTB,
+	ARM_INS_SMLALTT,
+	ARM_INS_SMLATB,
+	ARM_INS_SMLATT,
+	ARM_INS_SMLAWB,
+	ARM_INS_SMLAWT,
+	ARM_INS_SMLSD,
+	ARM_INS_SMLSDX,
+	ARM_INS_SMLSLD,
+	ARM_INS_SMLSLDX,
+	ARM_INS_SMMLA,
+	ARM_INS_SMMLAR,
+	ARM_INS_SMMLS,
+	ARM_INS_SMMLSR,
+	ARM_INS_SMMUL,
+	ARM_INS_SMMULR,
+	ARM_INS_SMUAD,
+	ARM_INS_SMUADX,
+	ARM_INS_SMULBB,
+	ARM_INS_SMULBT,
+	ARM_INS_SMULL,
+	ARM_INS_SMULTB,
+	ARM_INS_SMULTT,
+	ARM_INS_SMULWB,
+	ARM_INS_SMULWT,
+	ARM_INS_SMUSD,
+	ARM_INS_SMUSDX,
+	ARM_INS_SRSDA,
+	ARM_INS_SRSDB,
+	ARM_INS_SRSIA,
+	ARM_INS_SRSIB,
+	ARM_INS_SSAT,
+	ARM_INS_SSAT16,
+	ARM_INS_SSAX,
+	ARM_INS_SSUB16,
+	ARM_INS_SSUB8,
+	ARM_INS_STC2L,
+	ARM_INS_STC2,
+	ARM_INS_STCL,
+	ARM_INS_STC,
+	ARM_INS_STL,
+	ARM_INS_STLB,
+	ARM_INS_STLEX,
+	ARM_INS_STLEXB,
+	ARM_INS_STLEXD,
+	ARM_INS_STLEXH,
+	ARM_INS_STLH,
+	ARM_INS_STMDA,
+	ARM_INS_STMDB,
+	ARM_INS_STM,
+	ARM_INS_STMIB,
+	ARM_INS_STRBT,
+	ARM_INS_STRB,
+	ARM_INS_STRD,
+	ARM_INS_STREX,
+	ARM_INS_STREXB,
+	ARM_INS_STREXD,
+	ARM_INS_STREXH,
+	ARM_INS_STRH,
+	ARM_INS_STRHT,
+	ARM_INS_STRT,
+	ARM_INS_STR,
+	ARM_INS_SUB,
+	ARM_INS_SVC,
+	ARM_INS_SWP,
+	ARM_INS_SWPB,
+	ARM_INS_SXTAB,
+	ARM_INS_SXTAB16,
+	ARM_INS_SXTAH,
+	ARM_INS_SXTB,
+	ARM_INS_SXTB16,
+	ARM_INS_SXTH,
+	ARM_INS_TEQ,
+	ARM_INS_TRAP,
+	ARM_INS_TST,
+	ARM_INS_UADD16,
+	ARM_INS_UADD8,
+	ARM_INS_UASX,
+	ARM_INS_UBFX,
+	ARM_INS_UDF,
+	ARM_INS_UDIV,
+	ARM_INS_UHADD16,
+	ARM_INS_UHADD8,
+	ARM_INS_UHASX,
+	ARM_INS_UHSAX,
+	ARM_INS_UHSUB16,
+	ARM_INS_UHSUB8,
+	ARM_INS_UMAAL,
+	ARM_INS_UMLAL,
+	ARM_INS_UMULL,
+	ARM_INS_UQADD16,
+	ARM_INS_UQADD8,
+	ARM_INS_UQASX,
+	ARM_INS_UQSAX,
+	ARM_INS_UQSUB16,
+	ARM_INS_UQSUB8,
+	ARM_INS_USAD8,
+	ARM_INS_USADA8,
+	ARM_INS_USAT,
+	ARM_INS_USAT16,
+	ARM_INS_USAX,
+	ARM_INS_USUB16,
+	ARM_INS_USUB8,
+	ARM_INS_UXTAB,
+	ARM_INS_UXTAB16,
+	ARM_INS_UXTAH,
+	ARM_INS_UXTB,
+	ARM_INS_UXTB16,
+	ARM_INS_UXTH,
+	ARM_INS_VABAL,
+	ARM_INS_VABA,
+	ARM_INS_VABDL,
+	ARM_INS_VABD,
+	ARM_INS_VABS,
+	ARM_INS_VACGE,
+	ARM_INS_VACGT,
+	ARM_INS_VADD,
+	ARM_INS_VADDHN,
+	ARM_INS_VADDL,
+	ARM_INS_VADDW,
+	ARM_INS_VAND,
+	ARM_INS_VBIC,
+	ARM_INS_VBIF,
+	ARM_INS_VBIT,
+	ARM_INS_VBSL,
+	ARM_INS_VCEQ,
+	ARM_INS_VCGE,
+	ARM_INS_VCGT,
+	ARM_INS_VCLE,
+	ARM_INS_VCLS,
+	ARM_INS_VCLT,
+	ARM_INS_VCLZ,
+	ARM_INS_VCMP,
+	ARM_INS_VCMPE,
+	ARM_INS_VCNT,
+	ARM_INS_VCVTA,
+	ARM_INS_VCVTB,
+	ARM_INS_VCVT,
+	ARM_INS_VCVTM,
+	ARM_INS_VCVTN,
+	ARM_INS_VCVTP,
+	ARM_INS_VCVTT,
+	ARM_INS_VDIV,
+	ARM_INS_VDUP,
+	ARM_INS_VEOR,
+	ARM_INS_VEXT,
+	ARM_INS_VFMA,
+	ARM_INS_VFMS,
+	ARM_INS_VFNMA,
+	ARM_INS_VFNMS,
+	ARM_INS_VHADD,
+	ARM_INS_VHSUB,
+	ARM_INS_VLD1,
+	ARM_INS_VLD2,
+	ARM_INS_VLD3,
+	ARM_INS_VLD4,
+	ARM_INS_VLDMDB,
+	ARM_INS_VLDMIA,
+	ARM_INS_VLDR,
+	ARM_INS_VMAXNM,
+	ARM_INS_VMAX,
+	ARM_INS_VMINNM,
+	ARM_INS_VMIN,
+	ARM_INS_VMLA,
+	ARM_INS_VMLAL,
+	ARM_INS_VMLS,
+	ARM_INS_VMLSL,
+	ARM_INS_VMOVL,
+	ARM_INS_VMOVN,
+	ARM_INS_VMSR,
+	ARM_INS_VMUL,
+	ARM_INS_VMULL,
+	ARM_INS_VMVN,
+	ARM_INS_VNEG,
+	ARM_INS_VNMLA,
+	ARM_INS_VNMLS,
+	ARM_INS_VNMUL,
+	ARM_INS_VORN,
+	ARM_INS_VORR,
+	ARM_INS_VPADAL,
+	ARM_INS_VPADDL,
+	ARM_INS_VPADD,
+	ARM_INS_VPMAX,
+	ARM_INS_VPMIN,
+	ARM_INS_VQABS,
+	ARM_INS_VQADD,
+	ARM_INS_VQDMLAL,
+	ARM_INS_VQDMLSL,
+	ARM_INS_VQDMULH,
+	ARM_INS_VQDMULL,
+	ARM_INS_VQMOVUN,
+	ARM_INS_VQMOVN,
+	ARM_INS_VQNEG,
+	ARM_INS_VQRDMULH,
+	ARM_INS_VQRSHL,
+	ARM_INS_VQRSHRN,
+	ARM_INS_VQRSHRUN,
+	ARM_INS_VQSHL,
+	ARM_INS_VQSHLU,
+	ARM_INS_VQSHRN,
+	ARM_INS_VQSHRUN,
+	ARM_INS_VQSUB,
+	ARM_INS_VRADDHN,
+	ARM_INS_VRECPE,
+	ARM_INS_VRECPS,
+	ARM_INS_VREV16,
+	ARM_INS_VREV32,
+	ARM_INS_VREV64,
+	ARM_INS_VRHADD,
+	ARM_INS_VRINTA,
+	ARM_INS_VRINTM,
+	ARM_INS_VRINTN,
+	ARM_INS_VRINTP,
+	ARM_INS_VRINTR,
+	ARM_INS_VRINTX,
+	ARM_INS_VRINTZ,
+	ARM_INS_VRSHL,
+	ARM_INS_VRSHRN,
+	ARM_INS_VRSHR,
+	ARM_INS_VRSQRTE,
+	ARM_INS_VRSQRTS,
+	ARM_INS_VRSRA,
+	ARM_INS_VRSUBHN,
+	ARM_INS_VSELEQ,
+	ARM_INS_VSELGE,
+	ARM_INS_VSELGT,
+	ARM_INS_VSELVS,
+	ARM_INS_VSHLL,
+	ARM_INS_VSHL,
+	ARM_INS_VSHRN,
+	ARM_INS_VSHR,
+	ARM_INS_VSLI,
+	ARM_INS_VSQRT,
+	ARM_INS_VSRA,
+	ARM_INS_VSRI,
+	ARM_INS_VST1,
+	ARM_INS_VST2,
+	ARM_INS_VST3,
+	ARM_INS_VST4,
+	ARM_INS_VSTMDB,
+	ARM_INS_VSTMIA,
+	ARM_INS_VSTR,
+	ARM_INS_VSUB,
+	ARM_INS_VSUBHN,
+	ARM_INS_VSUBL,
+	ARM_INS_VSUBW,
+	ARM_INS_VSWP,
+	ARM_INS_VTBL,
+	ARM_INS_VTBX,
+	ARM_INS_VCVTR,
+	ARM_INS_VTRN,
+	ARM_INS_VTST,
+	ARM_INS_VUZP,
+	ARM_INS_VZIP,
+	ARM_INS_ADDW,
+	ARM_INS_ASR,
+	ARM_INS_DCPS1,
+	ARM_INS_DCPS2,
+	ARM_INS_DCPS3,
+	ARM_INS_IT,
+	ARM_INS_LSL,
+	ARM_INS_LSR,
+	ARM_INS_ASRS,
+	ARM_INS_LSRS,
+	ARM_INS_ORN,
+	ARM_INS_ROR,
+	ARM_INS_RRX,
+	ARM_INS_SUBS,
+	ARM_INS_SUBW,
+	ARM_INS_TBB,
+	ARM_INS_TBH,
+	ARM_INS_CBNZ,
+	ARM_INS_CBZ,
+	ARM_INS_MOVS,
+	ARM_INS_POP,
+	ARM_INS_PUSH,
+
+	// special instructions
+	ARM_INS_NOP,
+	ARM_INS_YIELD,
+	ARM_INS_WFE,
+	ARM_INS_WFI,
+	ARM_INS_SEV,
+	ARM_INS_SEVL,
+	ARM_INS_VPUSH,
+	ARM_INS_VPOP,
+
+	ARM_INS_ENDING,	// <-- mark the end of the list of instructions
+} arm_insn;
+
+//> Group of ARM instructions
+typedef enum arm_insn_group {
+	ARM_GRP_INVALID = 0, // = CS_GRP_INVALID
+
+	//> Generic groups
+	// all jump instructions (conditional+direct+indirect jumps)
+	ARM_GRP_JUMP,	// = CS_GRP_JUMP
+
+	//> Architecture-specific groups
+	ARM_GRP_CRYPTO = 128,
+	ARM_GRP_DATABARRIER,
+	ARM_GRP_DIVIDE,
+	ARM_GRP_FPARMV8,
+	ARM_GRP_MULTPRO,
+	ARM_GRP_NEON,
+	ARM_GRP_T2EXTRACTPACK,
+	ARM_GRP_THUMB2DSP,
+	ARM_GRP_TRUSTZONE,
+	ARM_GRP_V4T,
+	ARM_GRP_V5T,
+	ARM_GRP_V5TE,
+	ARM_GRP_V6,
+	ARM_GRP_V6T2,
+	ARM_GRP_V7,
+	ARM_GRP_V8,
+	ARM_GRP_VFP2,
+	ARM_GRP_VFP3,
+	ARM_GRP_VFP4,
+	ARM_GRP_ARM,
+	ARM_GRP_MCLASS,
+	ARM_GRP_NOTMCLASS,
+	ARM_GRP_THUMB,
+	ARM_GRP_THUMB1ONLY,
+	ARM_GRP_THUMB2,
+	ARM_GRP_PREV8,
+	ARM_GRP_FPVMLX,
+	ARM_GRP_MULOPS,
+	ARM_GRP_CRC,
+	ARM_GRP_DPVFP,
+	ARM_GRP_V6M,
+
+	ARM_GRP_ENDING,
+} arm_insn_group;
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
--- a/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/capstone/arm64.h
+++ b/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/capstone/arm64.h
--- a/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/capstone/capstone.h
+++ b/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/capstone/capstone.h
@ -0,0 +1,675 @@
+#ifndef CAPSTONE_ENGINE_H
+#define CAPSTONE_ENGINE_H
+
+/* Capstone Disassembly Engine */
+/* By Nguyen Anh Quynh <aquynh@gmail.com>, 2013-2016 */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#if !defined(_MSC_VER) || !defined(_KERNEL_MODE)
+#include <stdint.h>
+#endif
+
+#include <stdarg.h>
+
+#if defined(CAPSTONE_HAS_OSXKERNEL)
+#include <libkern/libkern.h>
+#else
+#include <stdlib.h>
+#include <stdio.h>
+#endif
+
+#include "platform.h"
+
+#ifdef _MSC_VER
+#pragma warning(disable:4201)
+#pragma warning(disable:4100)
+#define CAPSTONE_API __cdecl
+#ifdef CAPSTONE_SHARED
+#define CAPSTONE_EXPORT __declspec(dllexport)
+#else    // defined(CAPSTONE_STATIC)
+#define CAPSTONE_EXPORT
+#endif
+#else
+#define CAPSTONE_API
+#if defined(__GNUC__) && !defined(CAPSTONE_STATIC)
+#define CAPSTONE_EXPORT __attribute__((visibility("default")))
+#else    // defined(CAPSTONE_STATIC)
+#define CAPSTONE_EXPORT
+#endif
+#endif
+
+#ifdef __GNUC__
+#define CAPSTONE_DEPRECATED __attribute__((deprecated))
+#elif defined(_MSC_VER)
+#define CAPSTONE_DEPRECATED __declspec(deprecated)
+#else
+#pragma message("WARNING: You need to implement CAPSTONE_DEPRECATED for this compiler")
+#define CAPSTONE_DEPRECATED
+#endif
+
+// Capstone API version
+#define CS_API_MAJOR 3
+#define CS_API_MINOR 0
+
+// Capstone package version
+#define CS_VERSION_MAJOR CS_API_MAJOR
+#define CS_VERSION_MINOR CS_API_MINOR
+#define CS_VERSION_EXTRA 5
+
+// Macro to create combined version which can be compared to
+// result of cs_version() API.
+#define CS_MAKE_VERSION(major, minor) ((major << 8) + minor)
+
+// Handle using with all API
+typedef size_t csh;
+
+// Architecture type
+typedef enum cs_arch {
+	CS_ARCH_ARM = 0,	// ARM architecture (including Thumb, Thumb-2)
+	CS_ARCH_ARM64,		// ARM-64, also called AArch64
+	CS_ARCH_MIPS,		// Mips architecture
+	CS_ARCH_X86,		// X86 architecture (including x86 & x86-64)
+	CS_ARCH_PPC,		// PowerPC architecture
+	CS_ARCH_SPARC,		// Sparc architecture
+	CS_ARCH_SYSZ,		// SystemZ architecture
+	CS_ARCH_XCORE,		// XCore architecture
+	CS_ARCH_MAX,
+	CS_ARCH_ALL = 0xFFFF, // All architectures - for cs_support()
+} cs_arch;
+
+// Support value to verify diet mode of the engine.
+// If cs_support(CS_SUPPORT_DIET) return True, the engine was compiled
+// in diet mode.
+#define CS_SUPPORT_DIET (CS_ARCH_ALL + 1)
+
+// Support value to verify X86 reduce mode of the engine.
+// If cs_support(CS_SUPPORT_X86_REDUCE) return True, the engine was compiled
+// in X86 reduce mode.
+#define CS_SUPPORT_X86_REDUCE (CS_ARCH_ALL + 2)
+
+// Mode type
+typedef enum cs_mode {
+	CS_MODE_LITTLE_ENDIAN = 0,	// little-endian mode (default mode)
+	CS_MODE_ARM = 0,	// 32-bit ARM
+	CS_MODE_16 = 1 << 1,	// 16-bit mode (X86)
+	CS_MODE_32 = 1 << 2,	// 32-bit mode (X86)
+	CS_MODE_64 = 1 << 3,	// 64-bit mode (X86, PPC)
+	CS_MODE_THUMB = 1 << 4,	// ARM's Thumb mode, including Thumb-2
+	CS_MODE_MCLASS = 1 << 5,	// ARM's Cortex-M series
+	CS_MODE_V8 = 1 << 6,	// ARMv8 A32 encodings for ARM
+	CS_MODE_MICRO = 1 << 4, // MicroMips mode (MIPS)
+	CS_MODE_MIPS3 = 1 << 5, // Mips III ISA
+	CS_MODE_MIPS32R6 = 1 << 6, // Mips32r6 ISA
+	CS_MODE_MIPSGP64 = 1 << 7, // General Purpose Registers are 64-bit wide (MIPS)
+	CS_MODE_V9 = 1 << 4, // SparcV9 mode (Sparc)
+	CS_MODE_BIG_ENDIAN = 1 << 31,	// big-endian mode
+	CS_MODE_MIPS32 = CS_MODE_32,	// Mips32 ISA (Mips)
+	CS_MODE_MIPS64 = CS_MODE_64,	// Mips64 ISA (Mips)
+} cs_mode;
+
+typedef void* (CAPSTONE_API *cs_malloc_t)(size_t size);
+typedef void* (CAPSTONE_API *cs_calloc_t)(size_t nmemb, size_t size);
+typedef void* (CAPSTONE_API *cs_realloc_t)(void *ptr, size_t size);
+typedef void (CAPSTONE_API *cs_free_t)(void *ptr);
+typedef int (CAPSTONE_API *cs_vsnprintf_t)(char *str, size_t size, const char *format, va_list ap);
+
+
+// User-defined dynamic memory related functions: malloc/calloc/realloc/free/vsnprintf()
+// By default, Capstone uses system's malloc(), calloc(), realloc(), free() & vsnprintf().
+typedef struct cs_opt_mem {
+	cs_malloc_t malloc;
+	cs_calloc_t calloc;
+	cs_realloc_t realloc;
+	cs_free_t free;
+	cs_vsnprintf_t vsnprintf;
+} cs_opt_mem;
+
+// Runtime option for the disassembled engine
+typedef enum cs_opt_type {
+	CS_OPT_INVALID = 0,	// No option specified
+	CS_OPT_SYNTAX,	// Assembly output syntax
+	CS_OPT_DETAIL,	// Break down instruction structure into details
+	CS_OPT_MODE,	// Change engine's mode at run-time
+	CS_OPT_MEM,	// User-defined dynamic memory related functions
+	CS_OPT_SKIPDATA, // Skip data when disassembling. Then engine is in SKIPDATA mode.
+	CS_OPT_SKIPDATA_SETUP, // Setup user-defined function for SKIPDATA option
+} cs_opt_type;
+
+// Runtime option value (associated with option type above)
+typedef enum cs_opt_value {
+	CS_OPT_OFF = 0,  // Turn OFF an option - default option of CS_OPT_DETAIL, CS_OPT_SKIPDATA.
+	CS_OPT_ON = 3, // Turn ON an option (CS_OPT_DETAIL, CS_OPT_SKIPDATA).
+	CS_OPT_SYNTAX_DEFAULT = 0, // Default asm syntax (CS_OPT_SYNTAX).
+	CS_OPT_SYNTAX_INTEL, // X86 Intel asm syntax - default on X86 (CS_OPT_SYNTAX).
+	CS_OPT_SYNTAX_ATT,   // X86 ATT asm syntax (CS_OPT_SYNTAX).
+	CS_OPT_SYNTAX_NOREGNAME, // Prints register name with only number (CS_OPT_SYNTAX)
+} cs_opt_value;
+
+//> Common instruction operand types - to be consistent across all architectures.
+typedef enum cs_op_type {
+	CS_OP_INVALID = 0,  // uninitialized/invalid operand.
+	CS_OP_REG,          // Register operand.
+	CS_OP_IMM,          // Immediate operand.
+	CS_OP_MEM,          // Memory operand.
+	CS_OP_FP,           // Floating-Point operand.
+} cs_op_type;
+
+//> Common instruction groups - to be consistent across all architectures.
+typedef enum cs_group_type {
+	CS_GRP_INVALID = 0,  // uninitialized/invalid group.
+	CS_GRP_JUMP,    // all jump instructions (conditional+direct+indirect jumps)
+	CS_GRP_CALL,    // all call instructions
+	CS_GRP_RET,     // all return instructions
+	CS_GRP_INT,     // all interrupt instructions (int+syscall)
+	CS_GRP_IRET,    // all interrupt return instructions
+} cs_group_type;
+
+/*
+ User-defined callback function for SKIPDATA option.
+ See tests/test_skipdata.c for sample code demonstrating this API.
+
+ @code: the input buffer containing code to be disassembled.
+        This is the same buffer passed to cs_disasm().
+ @code_size: size (in bytes) of the above @code buffer.
+ @offset: the position of the currently-examining byte in the input
+      buffer @code mentioned above.
+ @user_data: user-data passed to cs_option() via @user_data field in
+      cs_opt_skipdata struct below.
+
+ @return: return number of bytes to skip, or 0 to immediately stop disassembling.
+*/
+typedef size_t (CAPSTONE_API *cs_skipdata_cb_t)(const uint8_t *code, size_t code_size, size_t offset, void *user_data);
+
+// User-customized setup for SKIPDATA option
+typedef struct cs_opt_skipdata {
+	// Capstone considers data to skip as special "instructions".
+	// User can specify the string for this instruction's "mnemonic" here.
+	// By default (if @mnemonic is NULL), Capstone use ".byte".
+	const char *mnemonic;
+
+	// User-defined callback function to be called when Capstone hits data.
+	// If the returned value from this callback is positive (>0), Capstone
+	// will skip exactly that number of bytes & continue. Otherwise, if
+	// the callback returns 0, Capstone stops disassembling and returns
+	// immediately from cs_disasm()
+	// NOTE: if this callback pointer is NULL, Capstone would skip a number
+	// of bytes depending on architectures, as following:
+	// Arm:     2 bytes (Thumb mode) or 4 bytes.
+	// Arm64:   4 bytes.
+	// Mips:    4 bytes.
+	// PowerPC: 4 bytes.
+	// Sparc:   4 bytes.
+	// SystemZ: 2 bytes.
+	// X86:     1 bytes.
+	// XCore:   2 bytes.
+	cs_skipdata_cb_t callback; 	// default value is NULL
+
+	// User-defined data to be passed to @callback function pointer.
+	void *user_data;
+} cs_opt_skipdata;
+
+
+#include "arm.h"
+#include "arm64.h"
+#include "mips.h"
+#include "ppc.h"
+#include "sparc.h"
+#include "systemz.h"
+#include "x86.h"
+#include "xcore.h"
+
+// NOTE: All information in cs_detail is only available when CS_OPT_DETAIL = CS_OPT_ON
+typedef struct cs_detail {
+	uint8_t regs_read[12]; // list of implicit registers read by this insn
+	uint8_t regs_read_count; // number of implicit registers read by this insn
+
+	uint8_t regs_write[20]; // list of implicit registers modified by this insn
+	uint8_t regs_write_count; // number of implicit registers modified by this insn
+
+	uint8_t groups[8]; // list of group this instruction belong to
+	uint8_t groups_count; // number of groups this insn belongs to
+
+	// Architecture-specific instruction info
+	union {
+		cs_x86 x86;	// X86 architecture, including 16-bit, 32-bit & 64-bit mode
+		cs_arm64 arm64;	// ARM64 architecture (aka AArch64)
+		cs_arm arm;		// ARM architecture (including Thumb/Thumb2)
+		cs_mips mips;	// MIPS architecture
+		cs_ppc ppc;	// PowerPC architecture
+		cs_sparc sparc;	// Sparc architecture
+		cs_sysz sysz;	// SystemZ architecture
+		cs_xcore xcore;	// XCore architecture
+	};
+} cs_detail;
+
+// Detail information of disassembled instruction
+typedef struct cs_insn {
+	// Instruction ID (basically a numeric ID for the instruction mnemonic)
+	// Find the instruction id in the '[ARCH]_insn' enum in the header file 
+	// of corresponding architecture, such as 'arm_insn' in arm.h for ARM,
+	// 'x86_insn' in x86.h for X86, etc...
+	// This information is available even when CS_OPT_DETAIL = CS_OPT_OFF
+	// NOTE: in Skipdata mode, "data" instruction has 0 for this id field.
+	unsigned int id;
+
+	// Address (EIP) of this instruction
+	// This information is available even when CS_OPT_DETAIL = CS_OPT_OFF
+	uint64_t address;
+
+	// Size of this instruction
+	// This information is available even when CS_OPT_DETAIL = CS_OPT_OFF
+	uint16_t size;
+	// Machine bytes of this instruction, with number of bytes indicated by @size above
+	// This information is available even when CS_OPT_DETAIL = CS_OPT_OFF
+	uint8_t bytes[16];
+
+	// Ascii text of instruction mnemonic
+	// This information is available even when CS_OPT_DETAIL = CS_OPT_OFF
+	char mnemonic[32];
+
+	// Ascii text of instruction operands
+	// This information is available even when CS_OPT_DETAIL = CS_OPT_OFF
+	char op_str[160];
+
+	// Pointer to cs_detail.
+	// NOTE: detail pointer is only valid when both requirements below are met:
+	// (1) CS_OP_DETAIL = CS_OPT_ON
+	// (2) Engine is not in Skipdata mode (CS_OP_SKIPDATA option set to CS_OPT_ON)
+	//
+	// NOTE 2: when in Skipdata mode, or when detail mode is OFF, even if this pointer
+	//     is not NULL, its content is still irrelevant.
+	cs_detail *detail;
+} cs_insn;
+
+
+// Calculate the offset of a disassembled instruction in its buffer, given its position
+// in its array of disassembled insn
+// NOTE: this macro works with position (>=1), not index
+#define CS_INSN_OFFSET(insns, post) (insns[post - 1].address - insns[0].address)
+
+
+// All type of errors encountered by Capstone API.
+// These are values returned by cs_errno()
+typedef enum cs_err {
+	CS_ERR_OK = 0,   // No error: everything was fine
+	CS_ERR_MEM,      // Out-Of-Memory error: cs_open(), cs_disasm(), cs_disasm_iter()
+	CS_ERR_ARCH,     // Unsupported architecture: cs_open()
+	CS_ERR_HANDLE,   // Invalid handle: cs_op_count(), cs_op_index()
+	CS_ERR_CSH,	     // Invalid csh argument: cs_close(), cs_errno(), cs_option()
+	CS_ERR_MODE,     // Invalid/unsupported mode: cs_open()
+	CS_ERR_OPTION,   // Invalid/unsupported option: cs_option()
+	CS_ERR_DETAIL,   // Information is unavailable because detail option is OFF
+	CS_ERR_MEMSETUP, // Dynamic memory management uninitialized (see CS_OPT_MEM)
+	CS_ERR_VERSION,  // Unsupported version (bindings)
+	CS_ERR_DIET,     // Access irrelevant data in "diet" engine
+	CS_ERR_SKIPDATA, // Access irrelevant data for "data" instruction in SKIPDATA mode
+	CS_ERR_X86_ATT,  // X86 AT&T syntax is unsupported (opt-out at compile time)
+	CS_ERR_X86_INTEL, // X86 Intel syntax is unsupported (opt-out at compile time)
+} cs_err;
+
+/*
+ Return combined API version & major and minor version numbers.
+
+ @major: major number of API version
+ @minor: minor number of API version
+
+ @return hexical number as (major << 8 | minor), which encodes both
+	 major & minor versions.
+	 NOTE: This returned value can be compared with version number made
+	 with macro CS_MAKE_VERSION
+
+ For example, second API version would return 1 in @major, and 1 in @minor
+ The return value would be 0x0101
+
+ NOTE: if you only care about returned value, but not major and minor values,
+ set both @major & @minor arguments to NULL.
+*/
+CAPSTONE_EXPORT
+unsigned int CAPSTONE_API cs_version(int *major, int *minor);
+
+
+/*
+ This API can be used to either ask for archs supported by this library,
+ or check to see if the library was compile with 'diet' option (or called
+ in 'diet' mode).
+
+ To check if a particular arch is supported by this library, set @query to
+ arch mode (CS_ARCH_* value).
+ To verify if this library supports all the archs, use CS_ARCH_ALL.
+
+ To check if this library is in 'diet' mode, set @query to CS_SUPPORT_DIET.
+
+ @return True if this library supports the given arch, or in 'diet' mode.
+*/
+CAPSTONE_EXPORT
+bool CAPSTONE_API cs_support(int query);
+
+/*
+ Initialize CS handle: this must be done before any usage of CS.
+
+ @arch: architecture type (CS_ARCH_*)
+ @mode: hardware mode. This is combined of CS_MODE_*
+ @handle: pointer to handle, which will be updated at return time
+
+ @return CS_ERR_OK on success, or other value on failure (refer to cs_err enum
+ for detailed error).
+*/
+CAPSTONE_EXPORT
+cs_err CAPSTONE_API cs_open(cs_arch arch, cs_mode mode, csh *handle);
+
+/*
+ Close CS handle: MUST do to release the handle when it is not used anymore.
+ NOTE: this must be only called when there is no longer usage of Capstone,
+ not even access to cs_insn array. The reason is the this API releases some
+ cached memory, thus access to any Capstone API after cs_close() might crash
+ your application.
+
+ In fact,this API invalidate @handle by ZERO out its value (i.e *handle = 0).
+
+ @handle: pointer to a handle returned by cs_open()
+
+ @return CS_ERR_OK on success, or other value on failure (refer to cs_err enum
+ for detailed error).
+*/
+CAPSTONE_EXPORT
+cs_err CAPSTONE_API cs_close(csh *handle);
+
+/*
+ Set option for disassembling engine at runtime
+
+ @handle: handle returned by cs_open()
+ @type: type of option to be set
+ @value: option value corresponding with @type
+
+ @return: CS_ERR_OK on success, or other value on failure.
+ Refer to cs_err enum for detailed error.
+
+ NOTE: in the case of CS_OPT_MEM, handle's value can be anything,
+ so that cs_option(handle, CS_OPT_MEM, value) can (i.e must) be called
+ even before cs_open()
+*/
+CAPSTONE_EXPORT
+cs_err CAPSTONE_API cs_option(csh handle, cs_opt_type type, size_t value);
+
+/*
+ Report the last error number when some API function fail.
+ Like glibc's errno, cs_errno might not retain its old value once accessed.
+
+ @handle: handle returned by cs_open()
+
+ @return: error code of cs_err enum type (CS_ERR_*, see above)
+*/
+CAPSTONE_EXPORT
+cs_err CAPSTONE_API cs_errno(csh handle);
+
+
+/*
+ Return a string describing given error code.
+
+ @code: error code (see CS_ERR_* above)
+
+ @return: returns a pointer to a string that describes the error code
+	passed in the argument @code
+*/
+CAPSTONE_EXPORT
+const char * CAPSTONE_API cs_strerror(cs_err code);
+
+/*
+ Disassemble binary code, given the code buffer, size, address and number
+ of instructions to be decoded.
+ This API dynamically allocate memory to contain disassembled instruction.
+ Resulted instructions will be put into @*insn
+
+ NOTE 1: this API will automatically determine memory needed to contain
+ output disassembled instructions in @insn.
+
+ NOTE 2: caller must free the allocated memory itself to avoid memory leaking.
+
+ NOTE 3: for system with scarce memory to be dynamically allocated such as
+ OS kernel or firmware, the API cs_disasm_iter() might be a better choice than
+ cs_disasm(). The reason is that with cs_disasm(), based on limited available
+ memory, we have to calculate in advance how many instructions to be disassembled,
+ which complicates things. This is especially troublesome for the case @count=0,
+ when cs_disasm() runs uncontrollably (until either end of input buffer, or
+ when it encounters an invalid instruction).
+ 
+ @handle: handle returned by cs_open()
+ @code: buffer containing raw binary code to be disassembled.
+ @code_size: size of the above code buffer.
+ @address: address of the first instruction in given raw code buffer.
+ @insn: array of instructions filled in by this API.
+	   NOTE: @insn will be allocated by this function, and should be freed
+	   with cs_free() API.
+ @count: number of instructions to be disassembled, or 0 to get all of them
+
+ @return: the number of successfully disassembled instructions,
+ or 0 if this function failed to disassemble the given code
+
+ On failure, call cs_errno() for error code.
+*/
+CAPSTONE_EXPORT
+size_t CAPSTONE_API cs_disasm(csh handle,
+		const uint8_t *code, size_t code_size,
+		uint64_t address,
+		size_t count,
+		cs_insn **insn);
+
+/*
+  Deprecated function - to be retired in the next version!
+  Use cs_disasm() instead of cs_disasm_ex()
+*/
+CAPSTONE_EXPORT
+CAPSTONE_DEPRECATED
+size_t CAPSTONE_API cs_disasm_ex(csh handle,
+		const uint8_t *code, size_t code_size,
+		uint64_t address,
+		size_t count,
+		cs_insn **insn);
+
+/*
+ Free memory allocated by cs_malloc() or cs_disasm() (argument @insn)
+
+ @insn: pointer returned by @insn argument in cs_disasm() or cs_malloc()
+ @count: number of cs_insn structures returned by cs_disasm(), or 1
+     to free memory allocated by cs_malloc().
+*/
+CAPSTONE_EXPORT
+void CAPSTONE_API cs_free(cs_insn *insn, size_t count);
+
+
+/*
+ Allocate memory for 1 instruction to be used by cs_disasm_iter().
+
+ @handle: handle returned by cs_open()
+
+ NOTE: when no longer in use, you can reclaim the memory allocated for
+ this instruction with cs_free(insn, 1)
+*/
+CAPSTONE_EXPORT
+cs_insn * CAPSTONE_API cs_malloc(csh handle);
+
+/*
+ Fast API to disassemble binary code, given the code buffer, size, address
+ and number of instructions to be decoded.
+ This API put the resulted instruction into a given cache in @insn.
+ See tests/test_iter.c for sample code demonstrating this API.
+
+ NOTE 1: this API will update @code, @size & @address to point to the next
+ instruction in the input buffer. Therefore, it is convenient to use
+ cs_disasm_iter() inside a loop to quickly iterate all the instructions.
+ While decoding one instruction at a time can also be achieved with
+ cs_disasm(count=1), some benchmarks shown that cs_disasm_iter() can be 30%
+ faster on random input.
+
+ NOTE 2: the cache in @insn can be created with cs_malloc() API.
+
+ NOTE 3: for system with scarce memory to be dynamically allocated such as
+ OS kernel or firmware, this API is recommended over cs_disasm(), which
+ allocates memory based on the number of instructions to be disassembled.
+ The reason is that with cs_disasm(), based on limited available memory,
+ we have to calculate in advance how many instructions to be disassembled,
+ which complicates things. This is especially troublesome for the case
+ @count=0, when cs_disasm() runs uncontrollably (until either end of input
+ buffer, or when it encounters an invalid instruction).
+ 
+ @handle: handle returned by cs_open()
+ @code: buffer containing raw binary code to be disassembled
+ @size: size of above code
+ @address: address of the first insn in given raw code buffer
+ @insn: pointer to instruction to be filled in by this API.
+
+ @return: true if this API successfully decode 1 instruction,
+ or false otherwise.
+
+ On failure, call cs_errno() for error code.
+*/
+CAPSTONE_EXPORT
+bool CAPSTONE_API cs_disasm_iter(csh handle,
+	const uint8_t **code, size_t *size,
+	uint64_t *address, cs_insn *insn);
+
+/*
+ Return friendly name of register in a string.
+ Find the instruction id from header file of corresponding architecture (arm.h for ARM,
+ x86.h for X86, ...)
+
+ WARN: when in 'diet' mode, this API is irrelevant because engine does not
+ store register name.
+
+ @handle: handle returned by cs_open()
+ @reg_id: register id
+
+ @return: string name of the register, or NULL if @reg_id is invalid.
+*/
+CAPSTONE_EXPORT
+const char * CAPSTONE_API cs_reg_name(csh handle, unsigned int reg_id);
+
+/*
+ Return friendly name of an instruction in a string.
+ Find the instruction id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, ...)
+
+ WARN: when in 'diet' mode, this API is irrelevant because the engine does not
+ store instruction name.
+
+ @handle: handle returned by cs_open()
+ @insn_id: instruction id
+
+ @return: string name of the instruction, or NULL if @insn_id is invalid.
+*/
+CAPSTONE_EXPORT
+const char * CAPSTONE_API cs_insn_name(csh handle, unsigned int insn_id);
+
+/*
+ Return friendly name of a group id (that an instruction can belong to)
+ Find the group id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, ...)
+
+ WARN: when in 'diet' mode, this API is irrelevant because the engine does not
+ store group name.
+
+ @handle: handle returned by cs_open()
+ @group_id: group id
+
+ @return: string name of the group, or NULL if @group_id is invalid.
+*/
+CAPSTONE_EXPORT
+const char * CAPSTONE_API cs_group_name(csh handle, unsigned int group_id);
+
+/*
+ Check if a disassembled instruction belong to a particular group.
+ Find the group id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, ...)
+ Internally, this simply verifies if @group_id matches any member of insn->groups array.
+
+ NOTE: this API is only valid when detail option is ON (which is OFF by default).
+
+ WARN: when in 'diet' mode, this API is irrelevant because the engine does not
+ update @groups array.
+
+ @handle: handle returned by cs_open()
+ @insn: disassembled instruction structure received from cs_disasm() or cs_disasm_iter()
+ @group_id: group that you want to check if this instruction belong to.
+
+ @return: true if this instruction indeed belongs to aboved group, or false otherwise.
+*/
+CAPSTONE_EXPORT
+bool CAPSTONE_API cs_insn_group(csh handle, const cs_insn *insn, unsigned int group_id);
+
+/*
+ Check if a disassembled instruction IMPLICITLY used a particular register.
+ Find the register id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, ...)
+ Internally, this simply verifies if @reg_id matches any member of insn->regs_read array.
+
+ NOTE: this API is only valid when detail option is ON (which is OFF by default)
+
+ WARN: when in 'diet' mode, this API is irrelevant because the engine does not
+ update @regs_read array.
+
+ @insn: disassembled instruction structure received from cs_disasm() or cs_disasm_iter()
+ @reg_id: register that you want to check if this instruction used it.
+
+ @return: true if this instruction indeed implicitly used aboved register, or false otherwise.
+*/
+CAPSTONE_EXPORT
+bool CAPSTONE_API cs_reg_read(csh handle, const cs_insn *insn, unsigned int reg_id);
+
+/*
+ Check if a disassembled instruction IMPLICITLY modified a particular register.
+ Find the register id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, ...)
+ Internally, this simply verifies if @reg_id matches any member of insn->regs_write array.
+
+ NOTE: this API is only valid when detail option is ON (which is OFF by default)
+
+ WARN: when in 'diet' mode, this API is irrelevant because the engine does not
+ update @regs_write array.
+
+ @insn: disassembled instruction structure received from cs_disasm() or cs_disasm_iter()
+ @reg_id: register that you want to check if this instruction modified it.
+
+ @return: true if this instruction indeed implicitly modified aboved register, or false otherwise.
+*/
+CAPSTONE_EXPORT
+bool CAPSTONE_API cs_reg_write(csh handle, const cs_insn *insn, unsigned int reg_id);
+
+/*
+ Count the number of operands of a given type.
+ Find the operand type in header file of corresponding architecture (arm.h for ARM, x86.h for X86, ...)
+
+ NOTE: this API is only valid when detail option is ON (which is OFF by default)
+
+ @handle: handle returned by cs_open()
+ @insn: disassembled instruction structure received from cs_disasm() or cs_disasm_iter()
+ @op_type: Operand type to be found.
+
+ @return: number of operands of given type @op_type in instruction @insn,
+ or -1 on failure.
+*/
+CAPSTONE_EXPORT
+int CAPSTONE_API cs_op_count(csh handle, const cs_insn *insn, unsigned int op_type);
+
+/*
+ Retrieve the position of operand of given type in <arch>.operands[] array.
+ Later, the operand can be accessed using the returned position.
+ Find the operand type in header file of corresponding architecture (arm.h for ARM, x86.h for X86, ...)
+
+ NOTE: this API is only valid when detail option is ON (which is OFF by default)
+
+ @handle: handle returned by cs_open()
+ @insn: disassembled instruction structure received from cs_disasm() or cs_disasm_iter()
+ @op_type: Operand type to be found.
+ @position: position of the operand to be found. This must be in the range
+			[1, cs_op_count(handle, insn, op_type)]
+
+ @return: index of operand of given type @op_type in <arch>.operands[] array
+ in instruction @insn, or -1 on failure.
+*/
+CAPSTONE_EXPORT
+int CAPSTONE_API cs_op_index(csh handle, const cs_insn *insn, unsigned int op_type,
+		unsigned int position);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
--- a/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/capstone/mips.h
+++ b/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/capstone/mips.h
@ -0,0 +1,906 @@
+#ifndef CAPSTONE_MIPS_H
+#define CAPSTONE_MIPS_H
+
+/* Capstone Disassembly Engine */
+/* By Nguyen Anh Quynh <aquynh@gmail.com>, 2013-2014 */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#if !defined(_MSC_VER) || !defined(_KERNEL_MODE)
+#include <stdint.h>
+#endif
+
+#include "platform.h"
+
+// GCC MIPS toolchain has a default macro called "mips" which breaks
+// compilation
+#undef mips
+
+#ifdef _MSC_VER
+#pragma warning(disable:4201)
+#endif
+
+//> Operand type for instruction's operands
+typedef enum mips_op_type {
+	MIPS_OP_INVALID = 0, // = CS_OP_INVALID (Uninitialized).
+	MIPS_OP_REG, // = CS_OP_REG (Register operand).
+	MIPS_OP_IMM, // = CS_OP_IMM (Immediate operand).
+	MIPS_OP_MEM, // = CS_OP_MEM (Memory operand).
+} mips_op_type;
+
+// Instruction's operand referring to memory
+// This is associated with MIPS_OP_MEM operand type above
+typedef struct mips_op_mem {
+	unsigned int base;	// base register
+	int64_t disp;	// displacement/offset value
+} mips_op_mem;
+
+// Instruction operand
+typedef struct cs_mips_op {
+	mips_op_type type;	// operand type
+	union {
+		unsigned int reg;	// register value for REG operand
+		int64_t imm;		// immediate value for IMM operand
+		mips_op_mem mem;	// base/index/scale/disp value for MEM operand
+	};
+} cs_mips_op;
+
+// Instruction structure
+typedef struct cs_mips {
+	// Number of operands of this instruction, 
+	// or 0 when instruction has no operand.
+	uint8_t op_count;
+	cs_mips_op operands[8]; // operands for this instruction.
+} cs_mips;
+
+//> MIPS registers
+typedef enum mips_reg {
+	MIPS_REG_INVALID = 0,
+	//> General purpose registers
+	MIPS_REG_0,
+	MIPS_REG_1,
+	MIPS_REG_2,
+	MIPS_REG_3,
+	MIPS_REG_4,
+	MIPS_REG_5,
+	MIPS_REG_6,
+	MIPS_REG_7,
+	MIPS_REG_8,
+	MIPS_REG_9,
+	MIPS_REG_10,
+	MIPS_REG_11,
+	MIPS_REG_12,
+	MIPS_REG_13,
+	MIPS_REG_14,
+	MIPS_REG_15,
+	MIPS_REG_16,
+	MIPS_REG_17,
+	MIPS_REG_18,
+	MIPS_REG_19,
+	MIPS_REG_20,
+	MIPS_REG_21,
+	MIPS_REG_22,
+	MIPS_REG_23,
+	MIPS_REG_24,
+	MIPS_REG_25,
+	MIPS_REG_26,
+	MIPS_REG_27,
+	MIPS_REG_28,
+	MIPS_REG_29,
+	MIPS_REG_30,
+	MIPS_REG_31,
+
+	//> DSP registers
+	MIPS_REG_DSPCCOND,
+	MIPS_REG_DSPCARRY,
+	MIPS_REG_DSPEFI,
+	MIPS_REG_DSPOUTFLAG,
+	MIPS_REG_DSPOUTFLAG16_19,
+	MIPS_REG_DSPOUTFLAG20,
+	MIPS_REG_DSPOUTFLAG21,
+	MIPS_REG_DSPOUTFLAG22,
+	MIPS_REG_DSPOUTFLAG23,
+	MIPS_REG_DSPPOS,
+	MIPS_REG_DSPSCOUNT,
+
+	//> ACC registers
+	MIPS_REG_AC0,
+	MIPS_REG_AC1,
+	MIPS_REG_AC2,
+	MIPS_REG_AC3,
+
+	//> COP registers
+	MIPS_REG_CC0,
+	MIPS_REG_CC1,
+	MIPS_REG_CC2,
+	MIPS_REG_CC3,
+	MIPS_REG_CC4,
+	MIPS_REG_CC5,
+	MIPS_REG_CC6,
+	MIPS_REG_CC7,
+
+	//> FPU registers
+	MIPS_REG_F0,
+	MIPS_REG_F1,
+	MIPS_REG_F2,
+	MIPS_REG_F3,
+	MIPS_REG_F4,
+	MIPS_REG_F5,
+	MIPS_REG_F6,
+	MIPS_REG_F7,
+	MIPS_REG_F8,
+	MIPS_REG_F9,
+	MIPS_REG_F10,
+	MIPS_REG_F11,
+	MIPS_REG_F12,
+	MIPS_REG_F13,
+	MIPS_REG_F14,
+	MIPS_REG_F15,
+	MIPS_REG_F16,
+	MIPS_REG_F17,
+	MIPS_REG_F18,
+	MIPS_REG_F19,
+	MIPS_REG_F20,
+	MIPS_REG_F21,
+	MIPS_REG_F22,
+	MIPS_REG_F23,
+	MIPS_REG_F24,
+	MIPS_REG_F25,
+	MIPS_REG_F26,
+	MIPS_REG_F27,
+	MIPS_REG_F28,
+	MIPS_REG_F29,
+	MIPS_REG_F30,
+	MIPS_REG_F31,
+
+	MIPS_REG_FCC0,
+	MIPS_REG_FCC1,
+	MIPS_REG_FCC2,
+	MIPS_REG_FCC3,
+	MIPS_REG_FCC4,
+	MIPS_REG_FCC5,
+	MIPS_REG_FCC6,
+	MIPS_REG_FCC7,
+
+	//> AFPR128
+	MIPS_REG_W0,
+	MIPS_REG_W1,
+	MIPS_REG_W2,
+	MIPS_REG_W3,
+	MIPS_REG_W4,
+	MIPS_REG_W5,
+	MIPS_REG_W6,
+	MIPS_REG_W7,
+	MIPS_REG_W8,
+	MIPS_REG_W9,
+	MIPS_REG_W10,
+	MIPS_REG_W11,
+	MIPS_REG_W12,
+	MIPS_REG_W13,
+	MIPS_REG_W14,
+	MIPS_REG_W15,
+	MIPS_REG_W16,
+	MIPS_REG_W17,
+	MIPS_REG_W18,
+	MIPS_REG_W19,
+	MIPS_REG_W20,
+	MIPS_REG_W21,
+	MIPS_REG_W22,
+	MIPS_REG_W23,
+	MIPS_REG_W24,
+	MIPS_REG_W25,
+	MIPS_REG_W26,
+	MIPS_REG_W27,
+	MIPS_REG_W28,
+	MIPS_REG_W29,
+	MIPS_REG_W30,
+	MIPS_REG_W31,
+
+	MIPS_REG_HI,
+	MIPS_REG_LO,
+
+	MIPS_REG_P0,
+	MIPS_REG_P1,
+	MIPS_REG_P2,
+
+	MIPS_REG_MPL0,
+	MIPS_REG_MPL1,
+	MIPS_REG_MPL2,
+
+	MIPS_REG_ENDING,	// <-- mark the end of the list or registers
+
+	// alias registers
+	MIPS_REG_ZERO = MIPS_REG_0,
+	MIPS_REG_AT = MIPS_REG_1,
+	MIPS_REG_V0 = MIPS_REG_2,
+	MIPS_REG_V1 = MIPS_REG_3,
+	MIPS_REG_A0 = MIPS_REG_4,
+	MIPS_REG_A1 = MIPS_REG_5,
+	MIPS_REG_A2 = MIPS_REG_6,
+	MIPS_REG_A3 = MIPS_REG_7,
+	MIPS_REG_T0 = MIPS_REG_8,
+	MIPS_REG_T1 = MIPS_REG_9,
+	MIPS_REG_T2 = MIPS_REG_10,
+	MIPS_REG_T3 = MIPS_REG_11,
+	MIPS_REG_T4 = MIPS_REG_12,
+	MIPS_REG_T5 = MIPS_REG_13,
+	MIPS_REG_T6 = MIPS_REG_14,
+	MIPS_REG_T7 = MIPS_REG_15,
+	MIPS_REG_S0 = MIPS_REG_16,
+	MIPS_REG_S1 = MIPS_REG_17,
+	MIPS_REG_S2 = MIPS_REG_18,
+	MIPS_REG_S3 = MIPS_REG_19,
+	MIPS_REG_S4 = MIPS_REG_20,
+	MIPS_REG_S5 = MIPS_REG_21,
+	MIPS_REG_S6 = MIPS_REG_22,
+	MIPS_REG_S7 = MIPS_REG_23,
+	MIPS_REG_T8 = MIPS_REG_24,
+	MIPS_REG_T9 = MIPS_REG_25,
+	MIPS_REG_K0 = MIPS_REG_26,
+	MIPS_REG_K1 = MIPS_REG_27,
+	MIPS_REG_GP = MIPS_REG_28,
+	MIPS_REG_SP = MIPS_REG_29,
+	MIPS_REG_FP = MIPS_REG_30, MIPS_REG_S8 = MIPS_REG_30,
+	MIPS_REG_RA = MIPS_REG_31,
+
+	MIPS_REG_HI0 = MIPS_REG_AC0,
+	MIPS_REG_HI1 = MIPS_REG_AC1,
+	MIPS_REG_HI2 = MIPS_REG_AC2,
+	MIPS_REG_HI3 = MIPS_REG_AC3,
+
+	MIPS_REG_LO0 = MIPS_REG_HI0,
+	MIPS_REG_LO1 = MIPS_REG_HI1,
+	MIPS_REG_LO2 = MIPS_REG_HI2,
+	MIPS_REG_LO3 = MIPS_REG_HI3,
+} mips_reg;
+
+//> MIPS instruction
+typedef enum mips_insn {
+	MIPS_INS_INVALID = 0,
+
+	MIPS_INS_ABSQ_S,
+	MIPS_INS_ADD,
+	MIPS_INS_ADDIUPC,
+	MIPS_INS_ADDQH,
+	MIPS_INS_ADDQH_R,
+	MIPS_INS_ADDQ,
+	MIPS_INS_ADDQ_S,
+	MIPS_INS_ADDSC,
+	MIPS_INS_ADDS_A,
+	MIPS_INS_ADDS_S,
+	MIPS_INS_ADDS_U,
+	MIPS_INS_ADDUH,
+	MIPS_INS_ADDUH_R,
+	MIPS_INS_ADDU,
+	MIPS_INS_ADDU_S,
+	MIPS_INS_ADDVI,
+	MIPS_INS_ADDV,
+	MIPS_INS_ADDWC,
+	MIPS_INS_ADD_A,
+	MIPS_INS_ADDI,
+	MIPS_INS_ADDIU,
+	MIPS_INS_ALIGN,
+	MIPS_INS_ALUIPC,
+	MIPS_INS_AND,
+	MIPS_INS_ANDI,
+	MIPS_INS_APPEND,
+	MIPS_INS_ASUB_S,
+	MIPS_INS_ASUB_U,
+	MIPS_INS_AUI,
+	MIPS_INS_AUIPC,
+	MIPS_INS_AVER_S,
+	MIPS_INS_AVER_U,
+	MIPS_INS_AVE_S,
+	MIPS_INS_AVE_U,
+	MIPS_INS_BADDU,
+	MIPS_INS_BAL,
+	MIPS_INS_BALC,
+	MIPS_INS_BALIGN,
+	MIPS_INS_BC,
+	MIPS_INS_BC0F,
+	MIPS_INS_BC0FL,
+	MIPS_INS_BC0T,
+	MIPS_INS_BC0TL,
+	MIPS_INS_BC1EQZ,
+	MIPS_INS_BC1F,
+	MIPS_INS_BC1FL,
+	MIPS_INS_BC1NEZ,
+	MIPS_INS_BC1T,
+	MIPS_INS_BC1TL,
+	MIPS_INS_BC2EQZ,
+	MIPS_INS_BC2F,
+	MIPS_INS_BC2FL,
+	MIPS_INS_BC2NEZ,
+	MIPS_INS_BC2T,
+	MIPS_INS_BC2TL,
+	MIPS_INS_BC3F,
+	MIPS_INS_BC3FL,
+	MIPS_INS_BC3T,
+	MIPS_INS_BC3TL,
+	MIPS_INS_BCLRI,
+	MIPS_INS_BCLR,
+	MIPS_INS_BEQ,
+	MIPS_INS_BEQC,
+	MIPS_INS_BEQL,
+	MIPS_INS_BEQZALC,
+	MIPS_INS_BEQZC,
+	MIPS_INS_BGEC,
+	MIPS_INS_BGEUC,
+	MIPS_INS_BGEZ,
+	MIPS_INS_BGEZAL,
+	MIPS_INS_BGEZALC,
+	MIPS_INS_BGEZALL,
+	MIPS_INS_BGEZALS,
+	MIPS_INS_BGEZC,
+	MIPS_INS_BGEZL,
+	MIPS_INS_BGTZ,
+	MIPS_INS_BGTZALC,
+	MIPS_INS_BGTZC,
+	MIPS_INS_BGTZL,
+	MIPS_INS_BINSLI,
+	MIPS_INS_BINSL,
+	MIPS_INS_BINSRI,
+	MIPS_INS_BINSR,
+	MIPS_INS_BITREV,
+	MIPS_INS_BITSWAP,
+	MIPS_INS_BLEZ,
+	MIPS_INS_BLEZALC,
+	MIPS_INS_BLEZC,
+	MIPS_INS_BLEZL,
+	MIPS_INS_BLTC,
+	MIPS_INS_BLTUC,
+	MIPS_INS_BLTZ,
+	MIPS_INS_BLTZAL,
+	MIPS_INS_BLTZALC,
+	MIPS_INS_BLTZALL,
+	MIPS_INS_BLTZALS,
+	MIPS_INS_BLTZC,
+	MIPS_INS_BLTZL,
+	MIPS_INS_BMNZI,
+	MIPS_INS_BMNZ,
+	MIPS_INS_BMZI,
+	MIPS_INS_BMZ,
+	MIPS_INS_BNE,
+	MIPS_INS_BNEC,
+	MIPS_INS_BNEGI,
+	MIPS_INS_BNEG,
+	MIPS_INS_BNEL,
+	MIPS_INS_BNEZALC,
+	MIPS_INS_BNEZC,
+	MIPS_INS_BNVC,
+	MIPS_INS_BNZ,
+	MIPS_INS_BOVC,
+	MIPS_INS_BPOSGE32,
+	MIPS_INS_BREAK,
+	MIPS_INS_BSELI,
+	MIPS_INS_BSEL,
+	MIPS_INS_BSETI,
+	MIPS_INS_BSET,
+	MIPS_INS_BZ,
+	MIPS_INS_BEQZ,
+	MIPS_INS_B,
+	MIPS_INS_BNEZ,
+	MIPS_INS_BTEQZ,
+	MIPS_INS_BTNEZ,
+	MIPS_INS_CACHE,
+	MIPS_INS_CEIL,
+	MIPS_INS_CEQI,
+	MIPS_INS_CEQ,
+	MIPS_INS_CFC1,
+	MIPS_INS_CFCMSA,
+	MIPS_INS_CINS,
+	MIPS_INS_CINS32,
+	MIPS_INS_CLASS,
+	MIPS_INS_CLEI_S,
+	MIPS_INS_CLEI_U,
+	MIPS_INS_CLE_S,
+	MIPS_INS_CLE_U,
+	MIPS_INS_CLO,
+	MIPS_INS_CLTI_S,
+	MIPS_INS_CLTI_U,
+	MIPS_INS_CLT_S,
+	MIPS_INS_CLT_U,
+	MIPS_INS_CLZ,
+	MIPS_INS_CMPGDU,
+	MIPS_INS_CMPGU,
+	MIPS_INS_CMPU,
+	MIPS_INS_CMP,
+	MIPS_INS_COPY_S,
+	MIPS_INS_COPY_U,
+	MIPS_INS_CTC1,
+	MIPS_INS_CTCMSA,
+	MIPS_INS_CVT,
+	MIPS_INS_C,
+	MIPS_INS_CMPI,
+	MIPS_INS_DADD,
+	MIPS_INS_DADDI,
+	MIPS_INS_DADDIU,
+	MIPS_INS_DADDU,
+	MIPS_INS_DAHI,
+	MIPS_INS_DALIGN,
+	MIPS_INS_DATI,
+	MIPS_INS_DAUI,
+	MIPS_INS_DBITSWAP,
+	MIPS_INS_DCLO,
+	MIPS_INS_DCLZ,
+	MIPS_INS_DDIV,
+	MIPS_INS_DDIVU,
+	MIPS_INS_DERET,
+	MIPS_INS_DEXT,
+	MIPS_INS_DEXTM,
+	MIPS_INS_DEXTU,
+	MIPS_INS_DI,
+	MIPS_INS_DINS,
+	MIPS_INS_DINSM,
+	MIPS_INS_DINSU,
+	MIPS_INS_DIV,
+	MIPS_INS_DIVU,
+	MIPS_INS_DIV_S,
+	MIPS_INS_DIV_U,
+	MIPS_INS_DLSA,
+	MIPS_INS_DMFC0,
+	MIPS_INS_DMFC1,
+	MIPS_INS_DMFC2,
+	MIPS_INS_DMOD,
+	MIPS_INS_DMODU,
+	MIPS_INS_DMTC0,
+	MIPS_INS_DMTC1,
+	MIPS_INS_DMTC2,
+	MIPS_INS_DMUH,
+	MIPS_INS_DMUHU,
+	MIPS_INS_DMUL,
+	MIPS_INS_DMULT,
+	MIPS_INS_DMULTU,
+	MIPS_INS_DMULU,
+	MIPS_INS_DOTP_S,
+	MIPS_INS_DOTP_U,
+	MIPS_INS_DPADD_S,
+	MIPS_INS_DPADD_U,
+	MIPS_INS_DPAQX_SA,
+	MIPS_INS_DPAQX_S,
+	MIPS_INS_DPAQ_SA,
+	MIPS_INS_DPAQ_S,
+	MIPS_INS_DPAU,
+	MIPS_INS_DPAX,
+	MIPS_INS_DPA,
+	MIPS_INS_DPOP,
+	MIPS_INS_DPSQX_SA,
+	MIPS_INS_DPSQX_S,
+	MIPS_INS_DPSQ_SA,
+	MIPS_INS_DPSQ_S,
+	MIPS_INS_DPSUB_S,
+	MIPS_INS_DPSUB_U,
+	MIPS_INS_DPSU,
+	MIPS_INS_DPSX,
+	MIPS_INS_DPS,
+	MIPS_INS_DROTR,
+	MIPS_INS_DROTR32,
+	MIPS_INS_DROTRV,
+	MIPS_INS_DSBH,
+	MIPS_INS_DSHD,
+	MIPS_INS_DSLL,
+	MIPS_INS_DSLL32,
+	MIPS_INS_DSLLV,
+	MIPS_INS_DSRA,
+	MIPS_INS_DSRA32,
+	MIPS_INS_DSRAV,
+	MIPS_INS_DSRL,
+	MIPS_INS_DSRL32,
+	MIPS_INS_DSRLV,
+	MIPS_INS_DSUB,
+	MIPS_INS_DSUBU,
+	MIPS_INS_EHB,
+	MIPS_INS_EI,
+	MIPS_INS_ERET,
+	MIPS_INS_EXT,
+	MIPS_INS_EXTP,
+	MIPS_INS_EXTPDP,
+	MIPS_INS_EXTPDPV,
+	MIPS_INS_EXTPV,
+	MIPS_INS_EXTRV_RS,
+	MIPS_INS_EXTRV_R,
+	MIPS_INS_EXTRV_S,
+	MIPS_INS_EXTRV,
+	MIPS_INS_EXTR_RS,
+	MIPS_INS_EXTR_R,
+	MIPS_INS_EXTR_S,
+	MIPS_INS_EXTR,
+	MIPS_INS_EXTS,
+	MIPS_INS_EXTS32,
+	MIPS_INS_ABS,
+	MIPS_INS_FADD,
+	MIPS_INS_FCAF,
+	MIPS_INS_FCEQ,
+	MIPS_INS_FCLASS,
+	MIPS_INS_FCLE,
+	MIPS_INS_FCLT,
+	MIPS_INS_FCNE,
+	MIPS_INS_FCOR,
+	MIPS_INS_FCUEQ,
+	MIPS_INS_FCULE,
+	MIPS_INS_FCULT,
+	MIPS_INS_FCUNE,
+	MIPS_INS_FCUN,
+	MIPS_INS_FDIV,
+	MIPS_INS_FEXDO,
+	MIPS_INS_FEXP2,
+	MIPS_INS_FEXUPL,
+	MIPS_INS_FEXUPR,
+	MIPS_INS_FFINT_S,
+	MIPS_INS_FFINT_U,
+	MIPS_INS_FFQL,
+	MIPS_INS_FFQR,
+	MIPS_INS_FILL,
+	MIPS_INS_FLOG2,
+	MIPS_INS_FLOOR,
+	MIPS_INS_FMADD,
+	MIPS_INS_FMAX_A,
+	MIPS_INS_FMAX,
+	MIPS_INS_FMIN_A,
+	MIPS_INS_FMIN,
+	MIPS_INS_MOV,
+	MIPS_INS_FMSUB,
+	MIPS_INS_FMUL,
+	MIPS_INS_MUL,
+	MIPS_INS_NEG,
+	MIPS_INS_FRCP,
+	MIPS_INS_FRINT,
+	MIPS_INS_FRSQRT,
+	MIPS_INS_FSAF,
+	MIPS_INS_FSEQ,
+	MIPS_INS_FSLE,
+	MIPS_INS_FSLT,
+	MIPS_INS_FSNE,
+	MIPS_INS_FSOR,
+	MIPS_INS_FSQRT,
+	MIPS_INS_SQRT,
+	MIPS_INS_FSUB,
+	MIPS_INS_SUB,
+	MIPS_INS_FSUEQ,
+	MIPS_INS_FSULE,
+	MIPS_INS_FSULT,
+	MIPS_INS_FSUNE,
+	MIPS_INS_FSUN,
+	MIPS_INS_FTINT_S,
+	MIPS_INS_FTINT_U,
+	MIPS_INS_FTQ,
+	MIPS_INS_FTRUNC_S,
+	MIPS_INS_FTRUNC_U,
+	MIPS_INS_HADD_S,
+	MIPS_INS_HADD_U,
+	MIPS_INS_HSUB_S,
+	MIPS_INS_HSUB_U,
+	MIPS_INS_ILVEV,
+	MIPS_INS_ILVL,
+	MIPS_INS_ILVOD,
+	MIPS_INS_ILVR,
+	MIPS_INS_INS,
+	MIPS_INS_INSERT,
+	MIPS_INS_INSV,
+	MIPS_INS_INSVE,
+	MIPS_INS_J,
+	MIPS_INS_JAL,
+	MIPS_INS_JALR,
+	MIPS_INS_JALRS,
+	MIPS_INS_JALS,
+	MIPS_INS_JALX,
+	MIPS_INS_JIALC,
+	MIPS_INS_JIC,
+	MIPS_INS_JR,
+	MIPS_INS_JRADDIUSP,
+	MIPS_INS_JRC,
+	MIPS_INS_JALRC,
+	MIPS_INS_LB,
+	MIPS_INS_LBUX,
+	MIPS_INS_LBU,
+	MIPS_INS_LD,
+	MIPS_INS_LDC1,
+	MIPS_INS_LDC2,
+	MIPS_INS_LDC3,
+	MIPS_INS_LDI,
+	MIPS_INS_LDL,
+	MIPS_INS_LDPC,
+	MIPS_INS_LDR,
+	MIPS_INS_LDXC1,
+	MIPS_INS_LH,
+	MIPS_INS_LHX,
+	MIPS_INS_LHU,
+	MIPS_INS_LL,
+	MIPS_INS_LLD,
+	MIPS_INS_LSA,
+	MIPS_INS_LUXC1,
+	MIPS_INS_LUI,
+	MIPS_INS_LW,
+	MIPS_INS_LWC1,
+	MIPS_INS_LWC2,
+	MIPS_INS_LWC3,
+	MIPS_INS_LWL,
+	MIPS_INS_LWPC,
+	MIPS_INS_LWR,
+	MIPS_INS_LWUPC,
+	MIPS_INS_LWU,
+	MIPS_INS_LWX,
+	MIPS_INS_LWXC1,
+	MIPS_INS_LI,
+	MIPS_INS_MADD,
+	MIPS_INS_MADDF,
+	MIPS_INS_MADDR_Q,
+	MIPS_INS_MADDU,
+	MIPS_INS_MADDV,
+	MIPS_INS_MADD_Q,
+	MIPS_INS_MAQ_SA,
+	MIPS_INS_MAQ_S,
+	MIPS_INS_MAXA,
+	MIPS_INS_MAXI_S,
+	MIPS_INS_MAXI_U,
+	MIPS_INS_MAX_A,
+	MIPS_INS_MAX,
+	MIPS_INS_MAX_S,
+	MIPS_INS_MAX_U,
+	MIPS_INS_MFC0,
+	MIPS_INS_MFC1,
+	MIPS_INS_MFC2,
+	MIPS_INS_MFHC1,
+	MIPS_INS_MFHI,
+	MIPS_INS_MFLO,
+	MIPS_INS_MINA,
+	MIPS_INS_MINI_S,
+	MIPS_INS_MINI_U,
+	MIPS_INS_MIN_A,
+	MIPS_INS_MIN,
+	MIPS_INS_MIN_S,
+	MIPS_INS_MIN_U,
+	MIPS_INS_MOD,
+	MIPS_INS_MODSUB,
+	MIPS_INS_MODU,
+	MIPS_INS_MOD_S,
+	MIPS_INS_MOD_U,
+	MIPS_INS_MOVE,
+	MIPS_INS_MOVF,
+	MIPS_INS_MOVN,
+	MIPS_INS_MOVT,
+	MIPS_INS_MOVZ,
+	MIPS_INS_MSUB,
+	MIPS_INS_MSUBF,
+	MIPS_INS_MSUBR_Q,
+	MIPS_INS_MSUBU,
+	MIPS_INS_MSUBV,
+	MIPS_INS_MSUB_Q,
+	MIPS_INS_MTC0,
+	MIPS_INS_MTC1,
+	MIPS_INS_MTC2,
+	MIPS_INS_MTHC1,
+	MIPS_INS_MTHI,
+	MIPS_INS_MTHLIP,
+	MIPS_INS_MTLO,
+	MIPS_INS_MTM0,
+	MIPS_INS_MTM1,
+	MIPS_INS_MTM2,
+	MIPS_INS_MTP0,
+	MIPS_INS_MTP1,
+	MIPS_INS_MTP2,
+	MIPS_INS_MUH,
+	MIPS_INS_MUHU,
+	MIPS_INS_MULEQ_S,
+	MIPS_INS_MULEU_S,
+	MIPS_INS_MULQ_RS,
+	MIPS_INS_MULQ_S,
+	MIPS_INS_MULR_Q,
+	MIPS_INS_MULSAQ_S,
+	MIPS_INS_MULSA,
+	MIPS_INS_MULT,
+	MIPS_INS_MULTU,
+	MIPS_INS_MULU,
+	MIPS_INS_MULV,
+	MIPS_INS_MUL_Q,
+	MIPS_INS_MUL_S,
+	MIPS_INS_NLOC,
+	MIPS_INS_NLZC,
+	MIPS_INS_NMADD,
+	MIPS_INS_NMSUB,
+	MIPS_INS_NOR,
+	MIPS_INS_NORI,
+	MIPS_INS_NOT,
+	MIPS_INS_OR,
+	MIPS_INS_ORI,
+	MIPS_INS_PACKRL,
+	MIPS_INS_PAUSE,
+	MIPS_INS_PCKEV,
+	MIPS_INS_PCKOD,
+	MIPS_INS_PCNT,
+	MIPS_INS_PICK,
+	MIPS_INS_POP,
+	MIPS_INS_PRECEQU,
+	MIPS_INS_PRECEQ,
+	MIPS_INS_PRECEU,
+	MIPS_INS_PRECRQU_S,
+	MIPS_INS_PRECRQ,
+	MIPS_INS_PRECRQ_RS,
+	MIPS_INS_PRECR,
+	MIPS_INS_PRECR_SRA,
+	MIPS_INS_PRECR_SRA_R,
+	MIPS_INS_PREF,
+	MIPS_INS_PREPEND,
+	MIPS_INS_RADDU,
+	MIPS_INS_RDDSP,
+	MIPS_INS_RDHWR,
+	MIPS_INS_REPLV,
+	MIPS_INS_REPL,
+	MIPS_INS_RINT,
+	MIPS_INS_ROTR,
+	MIPS_INS_ROTRV,
+	MIPS_INS_ROUND,
+	MIPS_INS_SAT_S,
+	MIPS_INS_SAT_U,
+	MIPS_INS_SB,
+	MIPS_INS_SC,
+	MIPS_INS_SCD,
+	MIPS_INS_SD,
+	MIPS_INS_SDBBP,
+	MIPS_INS_SDC1,
+	MIPS_INS_SDC2,
+	MIPS_INS_SDC3,
+	MIPS_INS_SDL,
+	MIPS_INS_SDR,
+	MIPS_INS_SDXC1,
+	MIPS_INS_SEB,
+	MIPS_INS_SEH,
+	MIPS_INS_SELEQZ,
+	MIPS_INS_SELNEZ,
+	MIPS_INS_SEL,
+	MIPS_INS_SEQ,
+	MIPS_INS_SEQI,
+	MIPS_INS_SH,
+	MIPS_INS_SHF,
+	MIPS_INS_SHILO,
+	MIPS_INS_SHILOV,
+	MIPS_INS_SHLLV,
+	MIPS_INS_SHLLV_S,
+	MIPS_INS_SHLL,
+	MIPS_INS_SHLL_S,
+	MIPS_INS_SHRAV,
+	MIPS_INS_SHRAV_R,
+	MIPS_INS_SHRA,
+	MIPS_INS_SHRA_R,
+	MIPS_INS_SHRLV,
+	MIPS_INS_SHRL,
+	MIPS_INS_SLDI,
+	MIPS_INS_SLD,
+	MIPS_INS_SLL,
+	MIPS_INS_SLLI,
+	MIPS_INS_SLLV,
+	MIPS_INS_SLT,
+	MIPS_INS_SLTI,
+	MIPS_INS_SLTIU,
+	MIPS_INS_SLTU,
+	MIPS_INS_SNE,
+	MIPS_INS_SNEI,
+	MIPS_INS_SPLATI,
+	MIPS_INS_SPLAT,
+	MIPS_INS_SRA,
+	MIPS_INS_SRAI,
+	MIPS_INS_SRARI,
+	MIPS_INS_SRAR,
+	MIPS_INS_SRAV,
+	MIPS_INS_SRL,
+	MIPS_INS_SRLI,
+	MIPS_INS_SRLRI,
+	MIPS_INS_SRLR,
+	MIPS_INS_SRLV,
+	MIPS_INS_SSNOP,
+	MIPS_INS_ST,
+	MIPS_INS_SUBQH,
+	MIPS_INS_SUBQH_R,
+	MIPS_INS_SUBQ,
+	MIPS_INS_SUBQ_S,
+	MIPS_INS_SUBSUS_U,
+	MIPS_INS_SUBSUU_S,
+	MIPS_INS_SUBS_S,
+	MIPS_INS_SUBS_U,
+	MIPS_INS_SUBUH,
+	MIPS_INS_SUBUH_R,
+	MIPS_INS_SUBU,
+	MIPS_INS_SUBU_S,
+	MIPS_INS_SUBVI,
+	MIPS_INS_SUBV,
+	MIPS_INS_SUXC1,
+	MIPS_INS_SW,
+	MIPS_INS_SWC1,
+	MIPS_INS_SWC2,
+	MIPS_INS_SWC3,
+	MIPS_INS_SWL,
+	MIPS_INS_SWR,
+	MIPS_INS_SWXC1,
+	MIPS_INS_SYNC,
+	MIPS_INS_SYSCALL,
+	MIPS_INS_TEQ,
+	MIPS_INS_TEQI,
+	MIPS_INS_TGE,
+	MIPS_INS_TGEI,
+	MIPS_INS_TGEIU,
+	MIPS_INS_TGEU,
+	MIPS_INS_TLBP,
+	MIPS_INS_TLBR,
+	MIPS_INS_TLBWI,
+	MIPS_INS_TLBWR,
+	MIPS_INS_TLT,
+	MIPS_INS_TLTI,
+	MIPS_INS_TLTIU,
+	MIPS_INS_TLTU,
+	MIPS_INS_TNE,
+	MIPS_INS_TNEI,
+	MIPS_INS_TRUNC,
+	MIPS_INS_V3MULU,
+	MIPS_INS_VMM0,
+	MIPS_INS_VMULU,
+	MIPS_INS_VSHF,
+	MIPS_INS_WAIT,
+	MIPS_INS_WRDSP,
+	MIPS_INS_WSBH,
+	MIPS_INS_XOR,
+	MIPS_INS_XORI,
+
+	//> some alias instructions
+	MIPS_INS_NOP,
+	MIPS_INS_NEGU,
+
+	//> special instructions
+	MIPS_INS_JALR_HB,	// jump and link with Hazard Barrier
+	MIPS_INS_JR_HB,		// jump register with Hazard Barrier
+
+	MIPS_INS_ENDING,
+} mips_insn;
+
+//> Group of MIPS instructions
+typedef enum mips_insn_group {
+	MIPS_GRP_INVALID = 0, // = CS_GRP_INVALID
+
+	//> Generic groups
+	// all jump instructions (conditional+direct+indirect jumps)
+	MIPS_GRP_JUMP,	// = CS_GRP_JUMP
+
+	//> Architecture-specific groups
+	MIPS_GRP_BITCOUNT = 128,
+	MIPS_GRP_DSP,
+	MIPS_GRP_DSPR2,
+	MIPS_GRP_FPIDX,
+	MIPS_GRP_MSA,
+	MIPS_GRP_MIPS32R2,
+	MIPS_GRP_MIPS64,
+	MIPS_GRP_MIPS64R2,
+	MIPS_GRP_SEINREG,
+	MIPS_GRP_STDENC,
+	MIPS_GRP_SWAP,
+	MIPS_GRP_MICROMIPS,
+	MIPS_GRP_MIPS16MODE,
+	MIPS_GRP_FP64BIT,
+	MIPS_GRP_NONANSFPMATH,
+	MIPS_GRP_NOTFP64BIT,
+	MIPS_GRP_NOTINMICROMIPS,
+	MIPS_GRP_NOTNACL,
+	MIPS_GRP_NOTMIPS32R6,
+	MIPS_GRP_NOTMIPS64R6,
+	MIPS_GRP_CNMIPS,
+	MIPS_GRP_MIPS32,
+	MIPS_GRP_MIPS32R6,
+	MIPS_GRP_MIPS64R6,
+	MIPS_GRP_MIPS2,
+	MIPS_GRP_MIPS3,
+	MIPS_GRP_MIPS3_32,
+	MIPS_GRP_MIPS3_32R2,
+	MIPS_GRP_MIPS4_32,
+	MIPS_GRP_MIPS4_32R2,
+	MIPS_GRP_MIPS5_32R2,
+	MIPS_GRP_GP32BIT,
+	MIPS_GRP_GP64BIT,
+
+	MIPS_GRP_ENDING,
+} mips_insn_group;
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
--- a/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/capstone/platform.h
+++ b/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/capstone/platform.h
@ -0,0 +1,110 @@
+/* Capstone Disassembly Engine */
+/* By Axel Souchet & Nguyen Anh Quynh, 2014 */
+
+#ifndef CAPSTONE_PLATFORM_H
+#define CAPSTONE_PLATFORM_H
+
+// handle C99 issue (for pre-2013 VisualStudio)
+#if !defined(__CYGWIN__) && !defined(__MINGW32__) && !defined(__MINGW64__) && (defined (WIN32) || defined (WIN64) || defined (_WIN32) || defined (_WIN64))
+// MSVC
+
+// stdbool.h
+#if (_MSC_VER < 1800) || defined(_KERNEL_MODE)
+// this system does not have stdbool.h
+#ifndef __cplusplus
+typedef unsigned char bool;
+#define false 0
+#define true 1
+#endif
+
+#else
+// VisualStudio 2013+ -> C99 is supported
+#include <stdbool.h>
+#endif
+
+#else
+// not MSVC -> C99 is supported
+#include <stdbool.h>
+#endif
+
+
+// handle C99 issue (for pre-2013 VisualStudio)
+#if defined(CAPSTONE_HAS_OSXKERNEL) || (defined(_MSC_VER) && (_MSC_VER <= 1700 || defined(_KERNEL_MODE)))
+// this system does not have inttypes.h
+
+#if defined(_MSC_VER) && (_MSC_VER < 1600 || defined(_KERNEL_MODE))
+// this system does not have stdint.h
+typedef signed char  int8_t;
+typedef signed short int16_t;
+typedef signed int   int32_t;
+typedef unsigned char  uint8_t;
+typedef unsigned short uint16_t;
+typedef unsigned int   uint32_t;
+typedef signed long long   int64_t;
+typedef unsigned long long uint64_t;
+
+#define INT8_MIN         (-127i8 - 1)
+#define INT16_MIN        (-32767i16 - 1)
+#define INT32_MIN        (-2147483647i32 - 1)
+#define INT64_MIN        (-9223372036854775807i64 - 1)
+#define INT8_MAX         127i8
+#define INT16_MAX        32767i16
+#define INT32_MAX        2147483647i32
+#define INT64_MAX        9223372036854775807i64
+#define UINT8_MAX        0xffui8
+#define UINT16_MAX       0xffffui16
+#define UINT32_MAX       0xffffffffui32
+#define UINT64_MAX       0xffffffffffffffffui64
+#endif
+
+#define __PRI_8_LENGTH_MODIFIER__ "hh"
+#define __PRI_64_LENGTH_MODIFIER__ "ll"
+
+#define PRId8         __PRI_8_LENGTH_MODIFIER__ "d"
+#define PRIi8         __PRI_8_LENGTH_MODIFIER__ "i"
+#define PRIo8         __PRI_8_LENGTH_MODIFIER__ "o"
+#define PRIu8         __PRI_8_LENGTH_MODIFIER__ "u"
+#define PRIx8         __PRI_8_LENGTH_MODIFIER__ "x"
+#define PRIX8         __PRI_8_LENGTH_MODIFIER__ "X"
+
+#define PRId16        "hd"
+#define PRIi16        "hi"
+#define PRIo16        "ho"
+#define PRIu16        "hu"
+#define PRIx16        "hx"
+#define PRIX16        "hX"
+
+#if defined(_MSC_VER) && _MSC_VER <= 1700
+#define PRId32        "ld"
+#define PRIi32        "li"
+#define PRIo32        "lo"
+#define PRIu32        "lu"
+#define PRIx32        "lx"
+#define PRIX32        "lX"
+#else	// OSX
+#define PRId32        "d"
+#define PRIi32        "i"
+#define PRIo32        "o"
+#define PRIu32        "u"
+#define PRIx32        "x"
+#define PRIX32        "X"
+#endif
+
+#if defined(_MSC_VER) && _MSC_VER <= 1700
+// redefine functions from inttypes.h used in cstool
+#define strtoull _strtoui64
+#endif
+
+#define PRId64        __PRI_64_LENGTH_MODIFIER__ "d"
+#define PRIi64        __PRI_64_LENGTH_MODIFIER__ "i"
+#define PRIo64        __PRI_64_LENGTH_MODIFIER__ "o"
+#define PRIu64        __PRI_64_LENGTH_MODIFIER__ "u"
+#define PRIx64        __PRI_64_LENGTH_MODIFIER__ "x"
+#define PRIX64        __PRI_64_LENGTH_MODIFIER__ "X"
+
+#else
+// this system has inttypes.h by default
+#include <inttypes.h>
+#endif
+
+#endif
--- a/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/capstone/ppc.h
+++ b/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/capstone/ppc.h
--- a/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/capstone/sparc.h
+++ b/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/capstone/sparc.h
@ -0,0 +1,522 @@
+#ifndef CAPSTONE_SPARC_H
+#define CAPSTONE_SPARC_H
+
+/* Capstone Disassembly Engine */
+/* By Nguyen Anh Quynh <aquynh@gmail.com>, 2014 */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#if !defined(_MSC_VER) || !defined(_KERNEL_MODE)
+#include <stdint.h>
+#endif
+
+#include "platform.h"
+
+// GCC SPARC toolchain has a default macro called "sparc" which breaks
+// compilation
+#undef sparc
+
+#ifdef _MSC_VER
+#pragma warning(disable:4201)
+#endif
+
+//> Enums corresponding to Sparc condition codes, both icc's and fcc's.
+typedef enum sparc_cc {
+	SPARC_CC_INVALID = 0,	// invalid CC (default)
+	//> Integer condition codes
+	SPARC_CC_ICC_A   =  8+256,  // Always
+	SPARC_CC_ICC_N   =  0+256,  // Never
+	SPARC_CC_ICC_NE  =  9+256,  // Not Equal
+	SPARC_CC_ICC_E   =  1+256,  // Equal
+	SPARC_CC_ICC_G   = 10+256,  // Greater
+	SPARC_CC_ICC_LE  =  2+256,  // Less or Equal
+	SPARC_CC_ICC_GE  = 11+256,  // Greater or Equal
+	SPARC_CC_ICC_L   =  3+256,  // Less
+	SPARC_CC_ICC_GU  = 12+256,  // Greater Unsigned
+	SPARC_CC_ICC_LEU =  4+256,  // Less or Equal Unsigned
+	SPARC_CC_ICC_CC  = 13+256,  // Carry Clear/Great or Equal Unsigned
+	SPARC_CC_ICC_CS  =  5+256,  // Carry Set/Less Unsigned
+	SPARC_CC_ICC_POS = 14+256,  // Positive
+	SPARC_CC_ICC_NEG =  6+256,  // Negative
+	SPARC_CC_ICC_VC  = 15+256,  // Overflow Clear
+	SPARC_CC_ICC_VS  =  7+256,  // Overflow Set
+
+	//> Floating condition codes
+	SPARC_CC_FCC_A   =  8+16+256,  // Always
+	SPARC_CC_FCC_N   =  0+16+256,  // Never
+	SPARC_CC_FCC_U   =  7+16+256,  // Unordered
+	SPARC_CC_FCC_G   =  6+16+256,  // Greater
+	SPARC_CC_FCC_UG  =  5+16+256,  // Unordered or Greater
+	SPARC_CC_FCC_L   =  4+16+256,  // Less
+	SPARC_CC_FCC_UL  =  3+16+256,  // Unordered or Less
+	SPARC_CC_FCC_LG  =  2+16+256,  // Less or Greater
+	SPARC_CC_FCC_NE  =  1+16+256,  // Not Equal
+	SPARC_CC_FCC_E   =  9+16+256,  // Equal
+	SPARC_CC_FCC_UE  = 10+16+256,  // Unordered or Equal
+	SPARC_CC_FCC_GE  = 11+16+256,  // Greater or Equal
+	SPARC_CC_FCC_UGE = 12+16+256,  // Unordered or Greater or Equal
+	SPARC_CC_FCC_LE  = 13+16+256,  // Less or Equal
+	SPARC_CC_FCC_ULE = 14+16+256,  // Unordered or Less or Equal
+	SPARC_CC_FCC_O   = 15+16+256,  // Ordered
+} sparc_cc;
+
+//> Branch hint
+typedef enum sparc_hint {
+	SPARC_HINT_INVALID = 0,	// no hint
+	SPARC_HINT_A	= 1 << 0,	// annul delay slot instruction
+	SPARC_HINT_PT	= 1 << 1,	// branch taken
+	SPARC_HINT_PN	= 1 << 2,	// branch NOT taken
+} sparc_hint;
+
+//> Operand type for instruction's operands
+typedef enum sparc_op_type {
+	SPARC_OP_INVALID = 0, // = CS_OP_INVALID (Uninitialized).
+	SPARC_OP_REG, // = CS_OP_REG (Register operand).
+	SPARC_OP_IMM, // = CS_OP_IMM (Immediate operand).
+	SPARC_OP_MEM, // = CS_OP_MEM (Memory operand).
+} sparc_op_type;
+
+// Instruction's operand referring to memory
+// This is associated with SPARC_OP_MEM operand type above
+typedef struct sparc_op_mem {
+	uint8_t base;	// base register
+	uint8_t index;	// index register
+	int32_t disp;	// displacement/offset value
+} sparc_op_mem;
+
+// Instruction operand
+typedef struct cs_sparc_op {
+	sparc_op_type type;	// operand type
+	union {
+		unsigned int reg;	// register value for REG operand
+		int32_t imm;		// immediate value for IMM operand
+		sparc_op_mem mem;		// base/disp value for MEM operand
+	};
+} cs_sparc_op;
+
+// Instruction structure
+typedef struct cs_sparc {
+	sparc_cc cc;	// code condition for this insn
+	sparc_hint hint;	// branch hint: encoding as bitwise OR of sparc_hint.
+	// Number of operands of this instruction, 
+	// or 0 when instruction has no operand.
+	uint8_t op_count;
+	cs_sparc_op operands[4]; // operands for this instruction.
+} cs_sparc;
+
+//> SPARC registers
+typedef enum sparc_reg {
+	SPARC_REG_INVALID = 0,
+
+	SPARC_REG_F0,
+	SPARC_REG_F1,
+	SPARC_REG_F2,
+	SPARC_REG_F3,
+	SPARC_REG_F4,
+	SPARC_REG_F5,
+	SPARC_REG_F6,
+	SPARC_REG_F7,
+	SPARC_REG_F8,
+	SPARC_REG_F9,
+	SPARC_REG_F10,
+	SPARC_REG_F11,
+	SPARC_REG_F12,
+	SPARC_REG_F13,
+	SPARC_REG_F14,
+	SPARC_REG_F15,
+	SPARC_REG_F16,
+	SPARC_REG_F17,
+	SPARC_REG_F18,
+	SPARC_REG_F19,
+	SPARC_REG_F20,
+	SPARC_REG_F21,
+	SPARC_REG_F22,
+	SPARC_REG_F23,
+	SPARC_REG_F24,
+	SPARC_REG_F25,
+	SPARC_REG_F26,
+	SPARC_REG_F27,
+	SPARC_REG_F28,
+	SPARC_REG_F29,
+	SPARC_REG_F30,
+	SPARC_REG_F31,
+	SPARC_REG_F32,
+	SPARC_REG_F34,
+	SPARC_REG_F36,
+	SPARC_REG_F38,
+	SPARC_REG_F40,
+	SPARC_REG_F42,
+	SPARC_REG_F44,
+	SPARC_REG_F46,
+	SPARC_REG_F48,
+	SPARC_REG_F50,
+	SPARC_REG_F52,
+	SPARC_REG_F54,
+	SPARC_REG_F56,
+	SPARC_REG_F58,
+	SPARC_REG_F60,
+	SPARC_REG_F62,
+	SPARC_REG_FCC0,	// Floating condition codes
+	SPARC_REG_FCC1,
+	SPARC_REG_FCC2,
+	SPARC_REG_FCC3,
+	SPARC_REG_FP,
+	SPARC_REG_G0,
+	SPARC_REG_G1,
+	SPARC_REG_G2,
+	SPARC_REG_G3,
+	SPARC_REG_G4,
+	SPARC_REG_G5,
+	SPARC_REG_G6,
+	SPARC_REG_G7,
+	SPARC_REG_I0,
+	SPARC_REG_I1,
+	SPARC_REG_I2,
+	SPARC_REG_I3,
+	SPARC_REG_I4,
+	SPARC_REG_I5,
+	SPARC_REG_I7,
+	SPARC_REG_ICC,	// Integer condition codes
+	SPARC_REG_L0,
+	SPARC_REG_L1,
+	SPARC_REG_L2,
+	SPARC_REG_L3,
+	SPARC_REG_L4,
+	SPARC_REG_L5,
+	SPARC_REG_L6,
+	SPARC_REG_L7,
+	SPARC_REG_O0,
+	SPARC_REG_O1,
+	SPARC_REG_O2,
+	SPARC_REG_O3,
+	SPARC_REG_O4,
+	SPARC_REG_O5,
+	SPARC_REG_O7,
+	SPARC_REG_SP,
+	SPARC_REG_Y,
+
+	// special register
+	SPARC_REG_XCC,
+
+	SPARC_REG_ENDING,   // <-- mark the end of the list of registers
+
+	// extras
+	SPARC_REG_O6 = SPARC_REG_SP,
+	SPARC_REG_I6 = SPARC_REG_FP,
+} sparc_reg;
+
+//> SPARC instruction
+typedef enum sparc_insn {
+	SPARC_INS_INVALID = 0,
+
+	SPARC_INS_ADDCC,
+	SPARC_INS_ADDX,
+	SPARC_INS_ADDXCC,
+	SPARC_INS_ADDXC,
+	SPARC_INS_ADDXCCC,
+	SPARC_INS_ADD,
+	SPARC_INS_ALIGNADDR,
+	SPARC_INS_ALIGNADDRL,
+	SPARC_INS_ANDCC,
+	SPARC_INS_ANDNCC,
+	SPARC_INS_ANDN,
+	SPARC_INS_AND,
+	SPARC_INS_ARRAY16,
+	SPARC_INS_ARRAY32,
+	SPARC_INS_ARRAY8,
+	SPARC_INS_B,
+	SPARC_INS_JMP,
+	SPARC_INS_BMASK,
+	SPARC_INS_FB,
+	SPARC_INS_BRGEZ,
+	SPARC_INS_BRGZ,
+	SPARC_INS_BRLEZ,
+	SPARC_INS_BRLZ,
+	SPARC_INS_BRNZ,
+	SPARC_INS_BRZ,
+	SPARC_INS_BSHUFFLE,
+	SPARC_INS_CALL,
+	SPARC_INS_CASX,
+	SPARC_INS_CAS,
+	SPARC_INS_CMASK16,
+	SPARC_INS_CMASK32,
+	SPARC_INS_CMASK8,
+	SPARC_INS_CMP,
+	SPARC_INS_EDGE16,
+	SPARC_INS_EDGE16L,
+	SPARC_INS_EDGE16LN,
+	SPARC_INS_EDGE16N,
+	SPARC_INS_EDGE32,
+	SPARC_INS_EDGE32L,
+	SPARC_INS_EDGE32LN,
+	SPARC_INS_EDGE32N,
+	SPARC_INS_EDGE8,
+	SPARC_INS_EDGE8L,
+	SPARC_INS_EDGE8LN,
+	SPARC_INS_EDGE8N,
+	SPARC_INS_FABSD,
+	SPARC_INS_FABSQ,
+	SPARC_INS_FABSS,
+	SPARC_INS_FADDD,
+	SPARC_INS_FADDQ,
+	SPARC_INS_FADDS,
+	SPARC_INS_FALIGNDATA,
+	SPARC_INS_FAND,
+	SPARC_INS_FANDNOT1,
+	SPARC_INS_FANDNOT1S,
+	SPARC_INS_FANDNOT2,
+	SPARC_INS_FANDNOT2S,
+	SPARC_INS_FANDS,
+	SPARC_INS_FCHKSM16,
+	SPARC_INS_FCMPD,
+	SPARC_INS_FCMPEQ16,
+	SPARC_INS_FCMPEQ32,
+	SPARC_INS_FCMPGT16,
+	SPARC_INS_FCMPGT32,
+	SPARC_INS_FCMPLE16,
+	SPARC_INS_FCMPLE32,
+	SPARC_INS_FCMPNE16,
+	SPARC_INS_FCMPNE32,
+	SPARC_INS_FCMPQ,
+	SPARC_INS_FCMPS,
+	SPARC_INS_FDIVD,
+	SPARC_INS_FDIVQ,
+	SPARC_INS_FDIVS,
+	SPARC_INS_FDMULQ,
+	SPARC_INS_FDTOI,
+	SPARC_INS_FDTOQ,
+	SPARC_INS_FDTOS,
+	SPARC_INS_FDTOX,
+	SPARC_INS_FEXPAND,
+	SPARC_INS_FHADDD,
+	SPARC_INS_FHADDS,
+	SPARC_INS_FHSUBD,
+	SPARC_INS_FHSUBS,
+	SPARC_INS_FITOD,
+	SPARC_INS_FITOQ,
+	SPARC_INS_FITOS,
+	SPARC_INS_FLCMPD,
+	SPARC_INS_FLCMPS,
+	SPARC_INS_FLUSHW,
+	SPARC_INS_FMEAN16,
+	SPARC_INS_FMOVD,
+	SPARC_INS_FMOVQ,
+	SPARC_INS_FMOVRDGEZ,
+	SPARC_INS_FMOVRQGEZ,
+	SPARC_INS_FMOVRSGEZ,
+	SPARC_INS_FMOVRDGZ,
+	SPARC_INS_FMOVRQGZ,
+	SPARC_INS_FMOVRSGZ,
+	SPARC_INS_FMOVRDLEZ,
+	SPARC_INS_FMOVRQLEZ,
+	SPARC_INS_FMOVRSLEZ,
+	SPARC_INS_FMOVRDLZ,
+	SPARC_INS_FMOVRQLZ,
+	SPARC_INS_FMOVRSLZ,
+	SPARC_INS_FMOVRDNZ,
+	SPARC_INS_FMOVRQNZ,
+	SPARC_INS_FMOVRSNZ,
+	SPARC_INS_FMOVRDZ,
+	SPARC_INS_FMOVRQZ,
+	SPARC_INS_FMOVRSZ,
+	SPARC_INS_FMOVS,
+	SPARC_INS_FMUL8SUX16,
+	SPARC_INS_FMUL8ULX16,
+	SPARC_INS_FMUL8X16,
+	SPARC_INS_FMUL8X16AL,
+	SPARC_INS_FMUL8X16AU,
+	SPARC_INS_FMULD,
+	SPARC_INS_FMULD8SUX16,
+	SPARC_INS_FMULD8ULX16,
+	SPARC_INS_FMULQ,
+	SPARC_INS_FMULS,
+	SPARC_INS_FNADDD,
+	SPARC_INS_FNADDS,
+	SPARC_INS_FNAND,
+	SPARC_INS_FNANDS,
+	SPARC_INS_FNEGD,
+	SPARC_INS_FNEGQ,
+	SPARC_INS_FNEGS,
+	SPARC_INS_FNHADDD,
+	SPARC_INS_FNHADDS,
+	SPARC_INS_FNOR,
+	SPARC_INS_FNORS,
+	SPARC_INS_FNOT1,
+	SPARC_INS_FNOT1S,
+	SPARC_INS_FNOT2,
+	SPARC_INS_FNOT2S,
+	SPARC_INS_FONE,
+	SPARC_INS_FONES,
+	SPARC_INS_FOR,
+	SPARC_INS_FORNOT1,
+	SPARC_INS_FORNOT1S,
+	SPARC_INS_FORNOT2,
+	SPARC_INS_FORNOT2S,
+	SPARC_INS_FORS,
+	SPARC_INS_FPACK16,
+	SPARC_INS_FPACK32,
+	SPARC_INS_FPACKFIX,
+	SPARC_INS_FPADD16,
+	SPARC_INS_FPADD16S,
+	SPARC_INS_FPADD32,
+	SPARC_INS_FPADD32S,
+	SPARC_INS_FPADD64,
+	SPARC_INS_FPMERGE,
+	SPARC_INS_FPSUB16,
+	SPARC_INS_FPSUB16S,
+	SPARC_INS_FPSUB32,
+	SPARC_INS_FPSUB32S,
+	SPARC_INS_FQTOD,
+	SPARC_INS_FQTOI,
+	SPARC_INS_FQTOS,
+	SPARC_INS_FQTOX,
+	SPARC_INS_FSLAS16,
+	SPARC_INS_FSLAS32,
+	SPARC_INS_FSLL16,
+	SPARC_INS_FSLL32,
+	SPARC_INS_FSMULD,
+	SPARC_INS_FSQRTD,
+	SPARC_INS_FSQRTQ,
+	SPARC_INS_FSQRTS,
+	SPARC_INS_FSRA16,
+	SPARC_INS_FSRA32,
+	SPARC_INS_FSRC1,
+	SPARC_INS_FSRC1S,
+	SPARC_INS_FSRC2,
+	SPARC_INS_FSRC2S,
+	SPARC_INS_FSRL16,
+	SPARC_INS_FSRL32,
+	SPARC_INS_FSTOD,
+	SPARC_INS_FSTOI,
+	SPARC_INS_FSTOQ,
+	SPARC_INS_FSTOX,
+	SPARC_INS_FSUBD,
+	SPARC_INS_FSUBQ,
+	SPARC_INS_FSUBS,
+	SPARC_INS_FXNOR,
+	SPARC_INS_FXNORS,
+	SPARC_INS_FXOR,
+	SPARC_INS_FXORS,
+	SPARC_INS_FXTOD,
+	SPARC_INS_FXTOQ,
+	SPARC_INS_FXTOS,
+	SPARC_INS_FZERO,
+	SPARC_INS_FZEROS,
+	SPARC_INS_JMPL,
+	SPARC_INS_LDD,
+	SPARC_INS_LD,
+	SPARC_INS_LDQ,
+	SPARC_INS_LDSB,
+	SPARC_INS_LDSH,
+	SPARC_INS_LDSW,
+	SPARC_INS_LDUB,
+	SPARC_INS_LDUH,
+	SPARC_INS_LDX,
+	SPARC_INS_LZCNT,
+	SPARC_INS_MEMBAR,
+	SPARC_INS_MOVDTOX,
+	SPARC_INS_MOV,
+	SPARC_INS_MOVRGEZ,
+	SPARC_INS_MOVRGZ,
+	SPARC_INS_MOVRLEZ,
+	SPARC_INS_MOVRLZ,
+	SPARC_INS_MOVRNZ,
+	SPARC_INS_MOVRZ,
+	SPARC_INS_MOVSTOSW,
+	SPARC_INS_MOVSTOUW,
+	SPARC_INS_MULX,
+	SPARC_INS_NOP,
+	SPARC_INS_ORCC,
+	SPARC_INS_ORNCC,
+	SPARC_INS_ORN,
+	SPARC_INS_OR,
+	SPARC_INS_PDIST,
+	SPARC_INS_PDISTN,
+	SPARC_INS_POPC,
+	SPARC_INS_RD,
+	SPARC_INS_RESTORE,
+	SPARC_INS_RETT,
+	SPARC_INS_SAVE,
+	SPARC_INS_SDIVCC,
+	SPARC_INS_SDIVX,
+	SPARC_INS_SDIV,
+	SPARC_INS_SETHI,
+	SPARC_INS_SHUTDOWN,
+	SPARC_INS_SIAM,
+	SPARC_INS_SLLX,
+	SPARC_INS_SLL,
+	SPARC_INS_SMULCC,
+	SPARC_INS_SMUL,
+	SPARC_INS_SRAX,
+	SPARC_INS_SRA,
+	SPARC_INS_SRLX,
+	SPARC_INS_SRL,
+	SPARC_INS_STBAR,
+	SPARC_INS_STB,
+	SPARC_INS_STD,
+	SPARC_INS_ST,
+	SPARC_INS_STH,
+	SPARC_INS_STQ,
+	SPARC_INS_STX,
+	SPARC_INS_SUBCC,
+	SPARC_INS_SUBX,
+	SPARC_INS_SUBXCC,
+	SPARC_INS_SUB,
+	SPARC_INS_SWAP,
+	SPARC_INS_TADDCCTV,
+	SPARC_INS_TADDCC,
+	SPARC_INS_T,
+	SPARC_INS_TSUBCCTV,
+	SPARC_INS_TSUBCC,
+	SPARC_INS_UDIVCC,
+	SPARC_INS_UDIVX,
+	SPARC_INS_UDIV,
+	SPARC_INS_UMULCC,
+	SPARC_INS_UMULXHI,
+	SPARC_INS_UMUL,
+	SPARC_INS_UNIMP,
+	SPARC_INS_FCMPED,
+	SPARC_INS_FCMPEQ,
+	SPARC_INS_FCMPES,
+	SPARC_INS_WR,
+	SPARC_INS_XMULX,
+	SPARC_INS_XMULXHI,
+	SPARC_INS_XNORCC,
+	SPARC_INS_XNOR,
+	SPARC_INS_XORCC,
+	SPARC_INS_XOR,
+
+	// alias instructions
+	SPARC_INS_RET,
+	SPARC_INS_RETL,
+
+	SPARC_INS_ENDING,   // <-- mark the end of the list of instructions
+} sparc_insn;
+
+//> Group of SPARC instructions
+typedef enum sparc_insn_group {
+	SPARC_GRP_INVALID = 0, // = CS_GRP_INVALID
+
+	//> Generic groups
+	// all jump instructions (conditional+direct+indirect jumps)
+	SPARC_GRP_JUMP,	// = CS_GRP_JUMP
+
+	//> Architecture-specific groups
+	SPARC_GRP_HARDQUAD = 128,
+	SPARC_GRP_V9,
+	SPARC_GRP_VIS,
+	SPARC_GRP_VIS2,
+	SPARC_GRP_VIS3, 
+	SPARC_GRP_32BIT,
+	SPARC_GRP_64BIT,
+
+	SPARC_GRP_ENDING,   // <-- mark the end of the list of groups
+} sparc_insn_group;
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
--- a/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/capstone/systemz.h
+++ b/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/capstone/systemz.h
@ -0,0 +1,832 @@
+#ifndef CAPSTONE_SYSTEMZ_H
+#define CAPSTONE_SYSTEMZ_H
+
+/* Capstone Disassembly Engine */
+/* By Nguyen Anh Quynh <aquynh@gmail.com>, 2014 */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#if !defined(_MSC_VER) || !defined(_KERNEL_MODE)
+#include <stdint.h>
+#endif
+
+#include "platform.h"
+
+#ifdef _MSC_VER
+#pragma warning(disable:4201)
+#endif
+
+//> Enums corresponding to SystemZ condition codes
+typedef enum sysz_cc {
+	SYSZ_CC_INVALID = 0,	// invalid CC (default)
+
+	SYSZ_CC_O,
+	SYSZ_CC_H,
+	SYSZ_CC_NLE,
+	SYSZ_CC_L,
+	SYSZ_CC_NHE,
+	SYSZ_CC_LH,
+	SYSZ_CC_NE,
+	SYSZ_CC_E,
+	SYSZ_CC_NLH,
+	SYSZ_CC_HE,
+	SYSZ_CC_NL,
+	SYSZ_CC_LE,
+	SYSZ_CC_NH,
+	SYSZ_CC_NO,
+} sysz_cc;
+
+//> Operand type for instruction's operands
+typedef enum sysz_op_type {
+	SYSZ_OP_INVALID = 0, // = CS_OP_INVALID (Uninitialized).
+	SYSZ_OP_REG, // = CS_OP_REG (Register operand).
+	SYSZ_OP_IMM, // = CS_OP_IMM (Immediate operand).
+	SYSZ_OP_MEM, // = CS_OP_MEM (Memory operand).
+	SYSZ_OP_ACREG = 64,	// Access register operand.
+} sysz_op_type;
+
+// Instruction's operand referring to memory
+// This is associated with SYSZ_OP_MEM operand type above
+typedef struct sysz_op_mem {
+	uint8_t base;	// base register
+	uint8_t index;	// index register
+	uint64_t length;	// BDLAddr operand
+	int64_t disp;	// displacement/offset value
+} sysz_op_mem;
+
+// Instruction operand
+typedef struct cs_sysz_op {
+	sysz_op_type type;	// operand type
+	union {
+		unsigned int reg;	// register value for REG operand
+		int64_t imm;		// immediate value for IMM operand
+		sysz_op_mem mem;		// base/disp value for MEM operand
+	};
+} cs_sysz_op;
+
+// Instruction structure
+typedef struct cs_sysz {
+	sysz_cc cc;		// Code condition
+	// Number of operands of this instruction, 
+	// or 0 when instruction has no operand.
+	uint8_t op_count;
+	cs_sysz_op operands[6]; // operands for this instruction.
+} cs_sysz;
+
+//> SystemZ registers
+typedef enum sysz_reg {
+	SYSZ_REG_INVALID = 0,
+
+	SYSZ_REG_0, 
+	SYSZ_REG_1, 
+	SYSZ_REG_2, 
+	SYSZ_REG_3, 
+	SYSZ_REG_4, 
+	SYSZ_REG_5, 
+	SYSZ_REG_6, 
+	SYSZ_REG_7, 
+	SYSZ_REG_8, 
+	SYSZ_REG_9, 
+	SYSZ_REG_10,
+	SYSZ_REG_11,
+	SYSZ_REG_12,
+	SYSZ_REG_13,
+	SYSZ_REG_14,
+	SYSZ_REG_15,
+	SYSZ_REG_CC,
+	SYSZ_REG_F0,
+	SYSZ_REG_F1,
+	SYSZ_REG_F2,
+	SYSZ_REG_F3,
+	SYSZ_REG_F4,
+	SYSZ_REG_F5,
+	SYSZ_REG_F6,
+	SYSZ_REG_F7,
+	SYSZ_REG_F8,
+	SYSZ_REG_F9,
+	SYSZ_REG_F10,
+	SYSZ_REG_F11,
+	SYSZ_REG_F12,
+	SYSZ_REG_F13,
+	SYSZ_REG_F14,
+	SYSZ_REG_F15,
+
+	SYSZ_REG_R0L,
+
+	SYSZ_REG_ENDING,
+} sysz_reg;
+
+//> SystemZ instruction
+typedef enum sysz_insn {
+	SYSZ_INS_INVALID = 0,
+
+	SYSZ_INS_A,
+	SYSZ_INS_ADB,
+	SYSZ_INS_ADBR,
+	SYSZ_INS_AEB,
+	SYSZ_INS_AEBR,
+	SYSZ_INS_AFI,
+	SYSZ_INS_AG,
+	SYSZ_INS_AGF,
+	SYSZ_INS_AGFI,
+	SYSZ_INS_AGFR,
+	SYSZ_INS_AGHI,
+	SYSZ_INS_AGHIK,
+	SYSZ_INS_AGR,
+	SYSZ_INS_AGRK,
+	SYSZ_INS_AGSI,
+	SYSZ_INS_AH,
+	SYSZ_INS_AHI,
+	SYSZ_INS_AHIK,
+	SYSZ_INS_AHY,
+	SYSZ_INS_AIH,
+	SYSZ_INS_AL,
+	SYSZ_INS_ALC,
+	SYSZ_INS_ALCG,
+	SYSZ_INS_ALCGR,
+	SYSZ_INS_ALCR,
+	SYSZ_INS_ALFI,
+	SYSZ_INS_ALG,
+	SYSZ_INS_ALGF,
+	SYSZ_INS_ALGFI,
+	SYSZ_INS_ALGFR,
+	SYSZ_INS_ALGHSIK,
+	SYSZ_INS_ALGR,
+	SYSZ_INS_ALGRK,
+	SYSZ_INS_ALHSIK,
+	SYSZ_INS_ALR,
+	SYSZ_INS_ALRK,
+	SYSZ_INS_ALY,
+	SYSZ_INS_AR,
+	SYSZ_INS_ARK,
+	SYSZ_INS_ASI,
+	SYSZ_INS_AXBR,
+	SYSZ_INS_AY,
+	SYSZ_INS_BCR,
+	SYSZ_INS_BRC,
+	SYSZ_INS_BRCL,
+	SYSZ_INS_CGIJ,
+	SYSZ_INS_CGRJ,
+	SYSZ_INS_CIJ,
+	SYSZ_INS_CLGIJ,
+	SYSZ_INS_CLGRJ,
+	SYSZ_INS_CLIJ,
+	SYSZ_INS_CLRJ,
+	SYSZ_INS_CRJ,
+	SYSZ_INS_BER,
+	SYSZ_INS_JE,
+	SYSZ_INS_JGE,
+	SYSZ_INS_LOCE,
+	SYSZ_INS_LOCGE,
+	SYSZ_INS_LOCGRE,
+	SYSZ_INS_LOCRE,
+	SYSZ_INS_STOCE,
+	SYSZ_INS_STOCGE,
+	SYSZ_INS_BHR,
+	SYSZ_INS_BHER,
+	SYSZ_INS_JHE,
+	SYSZ_INS_JGHE,
+	SYSZ_INS_LOCHE,
+	SYSZ_INS_LOCGHE,
+	SYSZ_INS_LOCGRHE,
+	SYSZ_INS_LOCRHE,
+	SYSZ_INS_STOCHE,
+	SYSZ_INS_STOCGHE,
+	SYSZ_INS_JH,
+	SYSZ_INS_JGH,
+	SYSZ_INS_LOCH,
+	SYSZ_INS_LOCGH,
+	SYSZ_INS_LOCGRH,
+	SYSZ_INS_LOCRH,
+	SYSZ_INS_STOCH,
+	SYSZ_INS_STOCGH,
+	SYSZ_INS_CGIJNLH,
+	SYSZ_INS_CGRJNLH,
+	SYSZ_INS_CIJNLH,
+	SYSZ_INS_CLGIJNLH,
+	SYSZ_INS_CLGRJNLH,
+	SYSZ_INS_CLIJNLH,
+	SYSZ_INS_CLRJNLH,
+	SYSZ_INS_CRJNLH,
+	SYSZ_INS_CGIJE,
+	SYSZ_INS_CGRJE,
+	SYSZ_INS_CIJE,
+	SYSZ_INS_CLGIJE,
+	SYSZ_INS_CLGRJE,
+	SYSZ_INS_CLIJE,
+	SYSZ_INS_CLRJE,
+	SYSZ_INS_CRJE,
+	SYSZ_INS_CGIJNLE,
+	SYSZ_INS_CGRJNLE,
+	SYSZ_INS_CIJNLE,
+	SYSZ_INS_CLGIJNLE,
+	SYSZ_INS_CLGRJNLE,
+	SYSZ_INS_CLIJNLE,
+	SYSZ_INS_CLRJNLE,
+	SYSZ_INS_CRJNLE,
+	SYSZ_INS_CGIJH,
+	SYSZ_INS_CGRJH,
+	SYSZ_INS_CIJH,
+	SYSZ_INS_CLGIJH,
+	SYSZ_INS_CLGRJH,
+	SYSZ_INS_CLIJH,
+	SYSZ_INS_CLRJH,
+	SYSZ_INS_CRJH,
+	SYSZ_INS_CGIJNL,
+	SYSZ_INS_CGRJNL,
+	SYSZ_INS_CIJNL,
+	SYSZ_INS_CLGIJNL,
+	SYSZ_INS_CLGRJNL,
+	SYSZ_INS_CLIJNL,
+	SYSZ_INS_CLRJNL,
+	SYSZ_INS_CRJNL,
+	SYSZ_INS_CGIJHE,
+	SYSZ_INS_CGRJHE,
+	SYSZ_INS_CIJHE,
+	SYSZ_INS_CLGIJHE,
+	SYSZ_INS_CLGRJHE,
+	SYSZ_INS_CLIJHE,
+	SYSZ_INS_CLRJHE,
+	SYSZ_INS_CRJHE,
+	SYSZ_INS_CGIJNHE,
+	SYSZ_INS_CGRJNHE,
+	SYSZ_INS_CIJNHE,
+	SYSZ_INS_CLGIJNHE,
+	SYSZ_INS_CLGRJNHE,
+	SYSZ_INS_CLIJNHE,
+	SYSZ_INS_CLRJNHE,
+	SYSZ_INS_CRJNHE,
+	SYSZ_INS_CGIJL,
+	SYSZ_INS_CGRJL,
+	SYSZ_INS_CIJL,
+	SYSZ_INS_CLGIJL,
+	SYSZ_INS_CLGRJL,
+	SYSZ_INS_CLIJL,
+	SYSZ_INS_CLRJL,
+	SYSZ_INS_CRJL,
+	SYSZ_INS_CGIJNH,
+	SYSZ_INS_CGRJNH,
+	SYSZ_INS_CIJNH,
+	SYSZ_INS_CLGIJNH,
+	SYSZ_INS_CLGRJNH,
+	SYSZ_INS_CLIJNH,
+	SYSZ_INS_CLRJNH,
+	SYSZ_INS_CRJNH,
+	SYSZ_INS_CGIJLE,
+	SYSZ_INS_CGRJLE,
+	SYSZ_INS_CIJLE,
+	SYSZ_INS_CLGIJLE,
+	SYSZ_INS_CLGRJLE,
+	SYSZ_INS_CLIJLE,
+	SYSZ_INS_CLRJLE,
+	SYSZ_INS_CRJLE,
+	SYSZ_INS_CGIJNE,
+	SYSZ_INS_CGRJNE,
+	SYSZ_INS_CIJNE,
+	SYSZ_INS_CLGIJNE,
+	SYSZ_INS_CLGRJNE,
+	SYSZ_INS_CLIJNE,
+	SYSZ_INS_CLRJNE,
+	SYSZ_INS_CRJNE,
+	SYSZ_INS_CGIJLH,
+	SYSZ_INS_CGRJLH,
+	SYSZ_INS_CIJLH,
+	SYSZ_INS_CLGIJLH,
+	SYSZ_INS_CLGRJLH,
+	SYSZ_INS_CLIJLH,
+	SYSZ_INS_CLRJLH,
+	SYSZ_INS_CRJLH,
+	SYSZ_INS_BLR,
+	SYSZ_INS_BLER,
+	SYSZ_INS_JLE,
+	SYSZ_INS_JGLE,
+	SYSZ_INS_LOCLE,
+	SYSZ_INS_LOCGLE,
+	SYSZ_INS_LOCGRLE,
+	SYSZ_INS_LOCRLE,
+	SYSZ_INS_STOCLE,
+	SYSZ_INS_STOCGLE,
+	SYSZ_INS_BLHR,
+	SYSZ_INS_JLH,
+	SYSZ_INS_JGLH,
+	SYSZ_INS_LOCLH,
+	SYSZ_INS_LOCGLH,
+	SYSZ_INS_LOCGRLH,
+	SYSZ_INS_LOCRLH,
+	SYSZ_INS_STOCLH,
+	SYSZ_INS_STOCGLH,
+	SYSZ_INS_JL,
+	SYSZ_INS_JGL,
+	SYSZ_INS_LOCL,
+	SYSZ_INS_LOCGL,
+	SYSZ_INS_LOCGRL,
+	SYSZ_INS_LOCRL,
+	SYSZ_INS_LOC,
+	SYSZ_INS_LOCG,
+	SYSZ_INS_LOCGR,
+	SYSZ_INS_LOCR,
+	SYSZ_INS_STOCL,
+	SYSZ_INS_STOCGL,
+	SYSZ_INS_BNER,
+	SYSZ_INS_JNE,
+	SYSZ_INS_JGNE,
+	SYSZ_INS_LOCNE,
+	SYSZ_INS_LOCGNE,
+	SYSZ_INS_LOCGRNE,
+	SYSZ_INS_LOCRNE,
+	SYSZ_INS_STOCNE,
+	SYSZ_INS_STOCGNE,
+	SYSZ_INS_BNHR,
+	SYSZ_INS_BNHER,
+	SYSZ_INS_JNHE,
+	SYSZ_INS_JGNHE,
+	SYSZ_INS_LOCNHE,
+	SYSZ_INS_LOCGNHE,
+	SYSZ_INS_LOCGRNHE,
+	SYSZ_INS_LOCRNHE,
+	SYSZ_INS_STOCNHE,
+	SYSZ_INS_STOCGNHE,
+	SYSZ_INS_JNH,
+	SYSZ_INS_JGNH,
+	SYSZ_INS_LOCNH,
+	SYSZ_INS_LOCGNH,
+	SYSZ_INS_LOCGRNH,
+	SYSZ_INS_LOCRNH,
+	SYSZ_INS_STOCNH,
+	SYSZ_INS_STOCGNH,
+	SYSZ_INS_BNLR,
+	SYSZ_INS_BNLER,
+	SYSZ_INS_JNLE,
+	SYSZ_INS_JGNLE,
+	SYSZ_INS_LOCNLE,
+	SYSZ_INS_LOCGNLE,
+	SYSZ_INS_LOCGRNLE,
+	SYSZ_INS_LOCRNLE,
+	SYSZ_INS_STOCNLE,
+	SYSZ_INS_STOCGNLE,
+	SYSZ_INS_BNLHR,
+	SYSZ_INS_JNLH,
+	SYSZ_INS_JGNLH,
+	SYSZ_INS_LOCNLH,
+	SYSZ_INS_LOCGNLH,
+	SYSZ_INS_LOCGRNLH,
+	SYSZ_INS_LOCRNLH,
+	SYSZ_INS_STOCNLH,
+	SYSZ_INS_STOCGNLH,
+	SYSZ_INS_JNL,
+	SYSZ_INS_JGNL,
+	SYSZ_INS_LOCNL,
+	SYSZ_INS_LOCGNL,
+	SYSZ_INS_LOCGRNL,
+	SYSZ_INS_LOCRNL,
+	SYSZ_INS_STOCNL,
+	SYSZ_INS_STOCGNL,
+	SYSZ_INS_BNOR,
+	SYSZ_INS_JNO,
+	SYSZ_INS_JGNO,
+	SYSZ_INS_LOCNO,
+	SYSZ_INS_LOCGNO,
+	SYSZ_INS_LOCGRNO,
+	SYSZ_INS_LOCRNO,
+	SYSZ_INS_STOCNO,
+	SYSZ_INS_STOCGNO,
+	SYSZ_INS_BOR,
+	SYSZ_INS_JO,
+	SYSZ_INS_JGO,
+	SYSZ_INS_LOCO,
+	SYSZ_INS_LOCGO,
+	SYSZ_INS_LOCGRO,
+	SYSZ_INS_LOCRO,
+	SYSZ_INS_STOCO,
+	SYSZ_INS_STOCGO,
+	SYSZ_INS_STOC,
+	SYSZ_INS_STOCG,
+	SYSZ_INS_BASR,
+	SYSZ_INS_BR,
+	SYSZ_INS_BRAS,
+	SYSZ_INS_BRASL,
+	SYSZ_INS_J,
+	SYSZ_INS_JG,
+	SYSZ_INS_BRCT,
+	SYSZ_INS_BRCTG,
+	SYSZ_INS_C,
+	SYSZ_INS_CDB,
+	SYSZ_INS_CDBR,
+	SYSZ_INS_CDFBR,
+	SYSZ_INS_CDGBR,
+	SYSZ_INS_CDLFBR,
+	SYSZ_INS_CDLGBR,
+	SYSZ_INS_CEB,
+	SYSZ_INS_CEBR,
+	SYSZ_INS_CEFBR,
+	SYSZ_INS_CEGBR,
+	SYSZ_INS_CELFBR,
+	SYSZ_INS_CELGBR,
+	SYSZ_INS_CFDBR,
+	SYSZ_INS_CFEBR,
+	SYSZ_INS_CFI,
+	SYSZ_INS_CFXBR,
+	SYSZ_INS_CG,
+	SYSZ_INS_CGDBR,
+	SYSZ_INS_CGEBR,
+	SYSZ_INS_CGF,
+	SYSZ_INS_CGFI,
+	SYSZ_INS_CGFR,
+	SYSZ_INS_CGFRL,
+	SYSZ_INS_CGH,
+	SYSZ_INS_CGHI,
+	SYSZ_INS_CGHRL,
+	SYSZ_INS_CGHSI,
+	SYSZ_INS_CGR,
+	SYSZ_INS_CGRL,
+	SYSZ_INS_CGXBR,
+	SYSZ_INS_CH,
+	SYSZ_INS_CHF,
+	SYSZ_INS_CHHSI,
+	SYSZ_INS_CHI,
+	SYSZ_INS_CHRL,
+	SYSZ_INS_CHSI,
+	SYSZ_INS_CHY,
+	SYSZ_INS_CIH,
+	SYSZ_INS_CL,
+	SYSZ_INS_CLC,
+	SYSZ_INS_CLFDBR,
+	SYSZ_INS_CLFEBR,
+	SYSZ_INS_CLFHSI,
+	SYSZ_INS_CLFI,
+	SYSZ_INS_CLFXBR,
+	SYSZ_INS_CLG,
+	SYSZ_INS_CLGDBR,
+	SYSZ_INS_CLGEBR,
+	SYSZ_INS_CLGF,
+	SYSZ_INS_CLGFI,
+	SYSZ_INS_CLGFR,
+	SYSZ_INS_CLGFRL,
+	SYSZ_INS_CLGHRL,
+	SYSZ_INS_CLGHSI,
+	SYSZ_INS_CLGR,
+	SYSZ_INS_CLGRL,
+	SYSZ_INS_CLGXBR,
+	SYSZ_INS_CLHF,
+	SYSZ_INS_CLHHSI,
+	SYSZ_INS_CLHRL,
+	SYSZ_INS_CLI,
+	SYSZ_INS_CLIH,
+	SYSZ_INS_CLIY,
+	SYSZ_INS_CLR,
+	SYSZ_INS_CLRL,
+	SYSZ_INS_CLST,
+	SYSZ_INS_CLY,
+	SYSZ_INS_CPSDR,
+	SYSZ_INS_CR,
+	SYSZ_INS_CRL,
+	SYSZ_INS_CS,
+	SYSZ_INS_CSG,
+	SYSZ_INS_CSY,
+	SYSZ_INS_CXBR,
+	SYSZ_INS_CXFBR,
+	SYSZ_INS_CXGBR,
+	SYSZ_INS_CXLFBR,
+	SYSZ_INS_CXLGBR,
+	SYSZ_INS_CY,
+	SYSZ_INS_DDB,
+	SYSZ_INS_DDBR,
+	SYSZ_INS_DEB,
+	SYSZ_INS_DEBR,
+	SYSZ_INS_DL,
+	SYSZ_INS_DLG,
+	SYSZ_INS_DLGR,
+	SYSZ_INS_DLR,
+	SYSZ_INS_DSG,
+	SYSZ_INS_DSGF,
+	SYSZ_INS_DSGFR,
+	SYSZ_INS_DSGR,
+	SYSZ_INS_DXBR,
+	SYSZ_INS_EAR,
+	SYSZ_INS_FIDBR,
+	SYSZ_INS_FIDBRA,
+	SYSZ_INS_FIEBR,
+	SYSZ_INS_FIEBRA,
+	SYSZ_INS_FIXBR,
+	SYSZ_INS_FIXBRA,
+	SYSZ_INS_FLOGR,
+	SYSZ_INS_IC,
+	SYSZ_INS_ICY,
+	SYSZ_INS_IIHF,
+	SYSZ_INS_IIHH,
+	SYSZ_INS_IIHL,
+	SYSZ_INS_IILF,
+	SYSZ_INS_IILH,
+	SYSZ_INS_IILL,
+	SYSZ_INS_IPM,
+	SYSZ_INS_L,
+	SYSZ_INS_LA,
+	SYSZ_INS_LAA,
+	SYSZ_INS_LAAG,
+	SYSZ_INS_LAAL,
+	SYSZ_INS_LAALG,
+	SYSZ_INS_LAN,
+	SYSZ_INS_LANG,
+	SYSZ_INS_LAO,
+	SYSZ_INS_LAOG,
+	SYSZ_INS_LARL,
+	SYSZ_INS_LAX,
+	SYSZ_INS_LAXG,
+	SYSZ_INS_LAY,
+	SYSZ_INS_LB,
+	SYSZ_INS_LBH,
+	SYSZ_INS_LBR,
+	SYSZ_INS_LCDBR,
+	SYSZ_INS_LCEBR,
+	SYSZ_INS_LCGFR,
+	SYSZ_INS_LCGR,
+	SYSZ_INS_LCR,
+	SYSZ_INS_LCXBR,
+	SYSZ_INS_LD,
+	SYSZ_INS_LDEB,
+	SYSZ_INS_LDEBR,
+	SYSZ_INS_LDGR,
+	SYSZ_INS_LDR,
+	SYSZ_INS_LDXBR,
+	SYSZ_INS_LDXBRA,
+	SYSZ_INS_LDY,
+	SYSZ_INS_LE,
+	SYSZ_INS_LEDBR,
+	SYSZ_INS_LEDBRA,
+	SYSZ_INS_LER,
+	SYSZ_INS_LEXBR,
+	SYSZ_INS_LEXBRA,
+	SYSZ_INS_LEY,
+	SYSZ_INS_LFH,
+	SYSZ_INS_LG,
+	SYSZ_INS_LGB,
+	SYSZ_INS_LGBR,
+	SYSZ_INS_LGDR,
+	SYSZ_INS_LGF,
+	SYSZ_INS_LGFI,
+	SYSZ_INS_LGFR,
+	SYSZ_INS_LGFRL,
+	SYSZ_INS_LGH,
+	SYSZ_INS_LGHI,
+	SYSZ_INS_LGHR,
+	SYSZ_INS_LGHRL,
+	SYSZ_INS_LGR,
+	SYSZ_INS_LGRL,
+	SYSZ_INS_LH,
+	SYSZ_INS_LHH,
+	SYSZ_INS_LHI,
+	SYSZ_INS_LHR,
+	SYSZ_INS_LHRL,
+	SYSZ_INS_LHY,
+	SYSZ_INS_LLC,
+	SYSZ_INS_LLCH,
+	SYSZ_INS_LLCR,
+	SYSZ_INS_LLGC,
+	SYSZ_INS_LLGCR,
+	SYSZ_INS_LLGF,
+	SYSZ_INS_LLGFR,
+	SYSZ_INS_LLGFRL,
+	SYSZ_INS_LLGH,
+	SYSZ_INS_LLGHR,
+	SYSZ_INS_LLGHRL,
+	SYSZ_INS_LLH,
+	SYSZ_INS_LLHH,
+	SYSZ_INS_LLHR,
+	SYSZ_INS_LLHRL,
+	SYSZ_INS_LLIHF,
+	SYSZ_INS_LLIHH,
+	SYSZ_INS_LLIHL,
+	SYSZ_INS_LLILF,
+	SYSZ_INS_LLILH,
+	SYSZ_INS_LLILL,
+	SYSZ_INS_LMG,
+	SYSZ_INS_LNDBR,
+	SYSZ_INS_LNEBR,
+	SYSZ_INS_LNGFR,
+	SYSZ_INS_LNGR,
+	SYSZ_INS_LNR,
+	SYSZ_INS_LNXBR,
+	SYSZ_INS_LPDBR,
+	SYSZ_INS_LPEBR,
+	SYSZ_INS_LPGFR,
+	SYSZ_INS_LPGR,
+	SYSZ_INS_LPR,
+	SYSZ_INS_LPXBR,
+	SYSZ_INS_LR,
+	SYSZ_INS_LRL,
+	SYSZ_INS_LRV,
+	SYSZ_INS_LRVG,
+	SYSZ_INS_LRVGR,
+	SYSZ_INS_LRVR,
+	SYSZ_INS_LT,
+	SYSZ_INS_LTDBR,
+	SYSZ_INS_LTEBR,
+	SYSZ_INS_LTG,
+	SYSZ_INS_LTGF,
+	SYSZ_INS_LTGFR,
+	SYSZ_INS_LTGR,
+	SYSZ_INS_LTR,
+	SYSZ_INS_LTXBR,
+	SYSZ_INS_LXDB,
+	SYSZ_INS_LXDBR,
+	SYSZ_INS_LXEB,
+	SYSZ_INS_LXEBR,
+	SYSZ_INS_LXR,
+	SYSZ_INS_LY,
+	SYSZ_INS_LZDR,
+	SYSZ_INS_LZER,
+	SYSZ_INS_LZXR,
+	SYSZ_INS_MADB,
+	SYSZ_INS_MADBR,
+	SYSZ_INS_MAEB,
+	SYSZ_INS_MAEBR,
+	SYSZ_INS_MDB,
+	SYSZ_INS_MDBR,
+	SYSZ_INS_MDEB,
+	SYSZ_INS_MDEBR,
+	SYSZ_INS_MEEB,
+	SYSZ_INS_MEEBR,
+	SYSZ_INS_MGHI,
+	SYSZ_INS_MH,
+	SYSZ_INS_MHI,
+	SYSZ_INS_MHY,
+	SYSZ_INS_MLG,
+	SYSZ_INS_MLGR,
+	SYSZ_INS_MS,
+	SYSZ_INS_MSDB,
+	SYSZ_INS_MSDBR,
+	SYSZ_INS_MSEB,
+	SYSZ_INS_MSEBR,
+	SYSZ_INS_MSFI,
+	SYSZ_INS_MSG,
+	SYSZ_INS_MSGF,
+	SYSZ_INS_MSGFI,
+	SYSZ_INS_MSGFR,
+	SYSZ_INS_MSGR,
+	SYSZ_INS_MSR,
+	SYSZ_INS_MSY,
+	SYSZ_INS_MVC,
+	SYSZ_INS_MVGHI,
+	SYSZ_INS_MVHHI,
+	SYSZ_INS_MVHI,
+	SYSZ_INS_MVI,
+	SYSZ_INS_MVIY,
+	SYSZ_INS_MVST,
+	SYSZ_INS_MXBR,
+	SYSZ_INS_MXDB,
+	SYSZ_INS_MXDBR,
+	SYSZ_INS_N,
+	SYSZ_INS_NC,
+	SYSZ_INS_NG,
+	SYSZ_INS_NGR,
+	SYSZ_INS_NGRK,
+	SYSZ_INS_NI,
+	SYSZ_INS_NIHF,
+	SYSZ_INS_NIHH,
+	SYSZ_INS_NIHL,
+	SYSZ_INS_NILF,
+	SYSZ_INS_NILH,
+	SYSZ_INS_NILL,
+	SYSZ_INS_NIY,
+	SYSZ_INS_NR,
+	SYSZ_INS_NRK,
+	SYSZ_INS_NY,
+	SYSZ_INS_O,
+	SYSZ_INS_OC,
+	SYSZ_INS_OG,
+	SYSZ_INS_OGR,
+	SYSZ_INS_OGRK,
+	SYSZ_INS_OI,
+	SYSZ_INS_OIHF,
+	SYSZ_INS_OIHH,
+	SYSZ_INS_OIHL,
+	SYSZ_INS_OILF,
+	SYSZ_INS_OILH,
+	SYSZ_INS_OILL,
+	SYSZ_INS_OIY,
+	SYSZ_INS_OR,
+	SYSZ_INS_ORK,
+	SYSZ_INS_OY,
+	SYSZ_INS_PFD,
+	SYSZ_INS_PFDRL,
+	SYSZ_INS_RISBG,
+	SYSZ_INS_RISBHG,
+	SYSZ_INS_RISBLG,
+	SYSZ_INS_RLL,
+	SYSZ_INS_RLLG,
+	SYSZ_INS_RNSBG,
+	SYSZ_INS_ROSBG,
+	SYSZ_INS_RXSBG,
+	SYSZ_INS_S,
+	SYSZ_INS_SDB,
+	SYSZ_INS_SDBR,
+	SYSZ_INS_SEB,
+	SYSZ_INS_SEBR,
+	SYSZ_INS_SG,
+	SYSZ_INS_SGF,
+	SYSZ_INS_SGFR,
+	SYSZ_INS_SGR,
+	SYSZ_INS_SGRK,
+	SYSZ_INS_SH,
+	SYSZ_INS_SHY,
+	SYSZ_INS_SL,
+	SYSZ_INS_SLB,
+	SYSZ_INS_SLBG,
+	SYSZ_INS_SLBR,
+	SYSZ_INS_SLFI,
+	SYSZ_INS_SLG,
+	SYSZ_INS_SLBGR,
+	SYSZ_INS_SLGF,
+	SYSZ_INS_SLGFI,
+	SYSZ_INS_SLGFR,
+	SYSZ_INS_SLGR,
+	SYSZ_INS_SLGRK,
+	SYSZ_INS_SLL,
+	SYSZ_INS_SLLG,
+	SYSZ_INS_SLLK,
+	SYSZ_INS_SLR,
+	SYSZ_INS_SLRK,
+	SYSZ_INS_SLY,
+	SYSZ_INS_SQDB,
+	SYSZ_INS_SQDBR,
+	SYSZ_INS_SQEB,
+	SYSZ_INS_SQEBR,
+	SYSZ_INS_SQXBR,
+	SYSZ_INS_SR,
+	SYSZ_INS_SRA,
+	SYSZ_INS_SRAG,
+	SYSZ_INS_SRAK,
+	SYSZ_INS_SRK,
+	SYSZ_INS_SRL,
+	SYSZ_INS_SRLG,
+	SYSZ_INS_SRLK,
+	SYSZ_INS_SRST,
+	SYSZ_INS_ST,
+	SYSZ_INS_STC,
+	SYSZ_INS_STCH,
+	SYSZ_INS_STCY,
+	SYSZ_INS_STD,
+	SYSZ_INS_STDY,
+	SYSZ_INS_STE,
+	SYSZ_INS_STEY,
+	SYSZ_INS_STFH,
+	SYSZ_INS_STG,
+	SYSZ_INS_STGRL,
+	SYSZ_INS_STH,
+	SYSZ_INS_STHH,
+	SYSZ_INS_STHRL,
+	SYSZ_INS_STHY,
+	SYSZ_INS_STMG,
+	SYSZ_INS_STRL,
+	SYSZ_INS_STRV,
+	SYSZ_INS_STRVG,
+	SYSZ_INS_STY,
+	SYSZ_INS_SXBR,
+	SYSZ_INS_SY,
+	SYSZ_INS_TM,
+	SYSZ_INS_TMHH,
+	SYSZ_INS_TMHL,
+	SYSZ_INS_TMLH,
+	SYSZ_INS_TMLL,
+	SYSZ_INS_TMY,
+	SYSZ_INS_X,
+	SYSZ_INS_XC,
+	SYSZ_INS_XG,
+	SYSZ_INS_XGR,
+	SYSZ_INS_XGRK,
+	SYSZ_INS_XI,
+	SYSZ_INS_XIHF,
+	SYSZ_INS_XILF,
+	SYSZ_INS_XIY,
+	SYSZ_INS_XR,
+	SYSZ_INS_XRK,
+	SYSZ_INS_XY,
+
+	SYSZ_INS_ENDING,   // <-- mark the end of the list of instructions
+} sysz_insn;
+
+//> Group of SystemZ instructions
+typedef enum sysz_insn_group {
+	SYSZ_GRP_INVALID = 0, // = CS_GRP_INVALID
+
+	//> Generic groups
+	// all jump instructions (conditional+direct+indirect jumps)
+	SYSZ_GRP_JUMP,	// = CS_GRP_JUMP
+
+	//> Architecture-specific groups
+	SYSZ_GRP_DISTINCTOPS = 128,
+	SYSZ_GRP_FPEXTENSION,
+	SYSZ_GRP_HIGHWORD,
+	SYSZ_GRP_INTERLOCKEDACCESS1,
+	SYSZ_GRP_LOADSTOREONCOND,
+
+	SYSZ_GRP_ENDING,   // <-- mark the end of the list of groups
+} sysz_insn_group;
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
--- a/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/capstone/x86.h
+++ b/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/capstone/x86.h
--- a/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/capstone/xcore.h
+++ b/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/capstone/xcore.h
@ -0,0 +1,237 @@
+#ifndef CAPSTONE_XCORE_H
+#define CAPSTONE_XCORE_H
+
+/* Capstone Disassembly Engine */
+/* By Nguyen Anh Quynh <aquynh@gmail.com>, 2014 */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#if !defined(_MSC_VER) || !defined(_KERNEL_MODE)
+#include <stdint.h>
+#endif
+
+#include "platform.h"
+
+#ifdef _MSC_VER
+#pragma warning(disable:4201)
+#endif
+
+//> Operand type for instruction's operands
+typedef enum xcore_op_type {
+	XCORE_OP_INVALID = 0, // = CS_OP_INVALID (Uninitialized).
+	XCORE_OP_REG, // = CS_OP_REG (Register operand).
+	XCORE_OP_IMM, // = CS_OP_IMM (Immediate operand).
+	XCORE_OP_MEM, // = CS_OP_MEM (Memory operand).
+} xcore_op_type;
+
+// Instruction's operand referring to memory
+// This is associated with XCORE_OP_MEM operand type above
+typedef struct xcore_op_mem {
+	uint8_t base;	// base register
+	uint8_t index;	// index register
+	int32_t disp;	// displacement/offset value
+	int     direct;	// +1: forward, -1: backward
+} xcore_op_mem;
+
+// Instruction operand
+typedef struct cs_xcore_op {
+	xcore_op_type type;	// operand type
+	union {
+		unsigned int reg;	// register value for REG operand
+		int32_t imm;		// immediate value for IMM operand
+		xcore_op_mem mem;		// base/disp value for MEM operand
+	};
+} cs_xcore_op;
+
+// Instruction structure
+typedef struct cs_xcore {
+	// Number of operands of this instruction, 
+	// or 0 when instruction has no operand.
+	uint8_t op_count;
+	cs_xcore_op operands[8]; // operands for this instruction.
+} cs_xcore;
+
+//> XCore registers
+typedef enum xcore_reg {
+	XCORE_REG_INVALID = 0,
+
+	XCORE_REG_CP,
+	XCORE_REG_DP,
+	XCORE_REG_LR,
+	XCORE_REG_SP,
+	XCORE_REG_R0,
+	XCORE_REG_R1,
+	XCORE_REG_R2,
+	XCORE_REG_R3,
+	XCORE_REG_R4,
+	XCORE_REG_R5,
+	XCORE_REG_R6,
+	XCORE_REG_R7,
+	XCORE_REG_R8,
+	XCORE_REG_R9,
+	XCORE_REG_R10,
+	XCORE_REG_R11,
+
+	//> pseudo registers
+	XCORE_REG_PC,	// pc
+
+	// internal thread registers
+	// see The-XMOS-XS1-Architecture(X7879A).pdf
+	XCORE_REG_SCP,	// save pc
+	XCORE_REG_SSR,	// save status
+	XCORE_REG_ET,	// exception type
+	XCORE_REG_ED,	// exception data
+	XCORE_REG_SED,	// save exception data
+	XCORE_REG_KEP,	// kernel entry pointer
+	XCORE_REG_KSP,	// kernel stack pointer
+	XCORE_REG_ID,	// thread ID
+
+	XCORE_REG_ENDING,	// <-- mark the end of the list of registers
+} xcore_reg;
+
+//> XCore instruction
+typedef enum xcore_insn {
+	XCORE_INS_INVALID = 0,
+
+	XCORE_INS_ADD,
+	XCORE_INS_ANDNOT,
+	XCORE_INS_AND,
+	XCORE_INS_ASHR,
+	XCORE_INS_BAU,
+	XCORE_INS_BITREV,
+	XCORE_INS_BLA,
+	XCORE_INS_BLAT,
+	XCORE_INS_BL,
+	XCORE_INS_BF,
+	XCORE_INS_BT,
+	XCORE_INS_BU,
+	XCORE_INS_BRU,
+	XCORE_INS_BYTEREV,
+	XCORE_INS_CHKCT,
+	XCORE_INS_CLRE,
+	XCORE_INS_CLRPT,
+	XCORE_INS_CLRSR,
+	XCORE_INS_CLZ,
+	XCORE_INS_CRC8,
+	XCORE_INS_CRC32,
+	XCORE_INS_DCALL,
+	XCORE_INS_DENTSP,
+	XCORE_INS_DGETREG,
+	XCORE_INS_DIVS,
+	XCORE_INS_DIVU,
+	XCORE_INS_DRESTSP,
+	XCORE_INS_DRET,
+	XCORE_INS_ECALLF,
+	XCORE_INS_ECALLT,
+	XCORE_INS_EDU,
+	XCORE_INS_EEF,
+	XCORE_INS_EET,
+	XCORE_INS_EEU,
+	XCORE_INS_ENDIN,
+	XCORE_INS_ENTSP,
+	XCORE_INS_EQ,
+	XCORE_INS_EXTDP,
+	XCORE_INS_EXTSP,
+	XCORE_INS_FREER,
+	XCORE_INS_FREET,
+	XCORE_INS_GETD,
+	XCORE_INS_GET,
+	XCORE_INS_GETN,
+	XCORE_INS_GETR,
+	XCORE_INS_GETSR,
+	XCORE_INS_GETST,
+	XCORE_INS_GETTS,
+	XCORE_INS_INCT,
+	XCORE_INS_INIT,
+	XCORE_INS_INPW,
+	XCORE_INS_INSHR,
+	XCORE_INS_INT,
+	XCORE_INS_IN,
+	XCORE_INS_KCALL,
+	XCORE_INS_KENTSP,
+	XCORE_INS_KRESTSP,
+	XCORE_INS_KRET,
+	XCORE_INS_LADD,
+	XCORE_INS_LD16S,
+	XCORE_INS_LD8U,
+	XCORE_INS_LDA16,
+	XCORE_INS_LDAP,
+	XCORE_INS_LDAW,
+	XCORE_INS_LDC,
+	XCORE_INS_LDW,
+	XCORE_INS_LDIVU,
+	XCORE_INS_LMUL,
+	XCORE_INS_LSS,
+	XCORE_INS_LSUB,
+	XCORE_INS_LSU,
+	XCORE_INS_MACCS,
+	XCORE_INS_MACCU,
+	XCORE_INS_MJOIN,
+	XCORE_INS_MKMSK,
+	XCORE_INS_MSYNC,
+	XCORE_INS_MUL,
+	XCORE_INS_NEG,
+	XCORE_INS_NOT,
+	XCORE_INS_OR,
+	XCORE_INS_OUTCT,
+	XCORE_INS_OUTPW,
+	XCORE_INS_OUTSHR,
+	XCORE_INS_OUTT,
+	XCORE_INS_OUT,
+	XCORE_INS_PEEK,
+	XCORE_INS_REMS,
+	XCORE_INS_REMU,
+	XCORE_INS_RETSP,
+	XCORE_INS_SETCLK,
+	XCORE_INS_SET,
+	XCORE_INS_SETC,
+	XCORE_INS_SETD,
+	XCORE_INS_SETEV,
+	XCORE_INS_SETN,
+	XCORE_INS_SETPSC,
+	XCORE_INS_SETPT,
+	XCORE_INS_SETRDY,
+	XCORE_INS_SETSR,
+	XCORE_INS_SETTW,
+	XCORE_INS_SETV,
+	XCORE_INS_SEXT,
+	XCORE_INS_SHL,
+	XCORE_INS_SHR,
+	XCORE_INS_SSYNC,
+	XCORE_INS_ST16,
+	XCORE_INS_ST8,
+	XCORE_INS_STW,
+	XCORE_INS_SUB,
+	XCORE_INS_SYNCR,
+	XCORE_INS_TESTCT,
+	XCORE_INS_TESTLCL,
+	XCORE_INS_TESTWCT,
+	XCORE_INS_TSETMR,
+	XCORE_INS_START,
+	XCORE_INS_WAITEF,
+	XCORE_INS_WAITET,
+	XCORE_INS_WAITEU,
+	XCORE_INS_XOR,
+	XCORE_INS_ZEXT,
+
+	XCORE_INS_ENDING,   // <-- mark the end of the list of instructions
+} xcore_insn;
+
+//> Group of XCore instructions
+typedef enum xcore_insn_group {
+	XCORE_GRP_INVALID = 0, // = CS_GRP_INVALID
+
+	//> Generic groups
+	// all jump instructions (conditional+direct+indirect jumps)
+	XCORE_GRP_JUMP,	// = CS_GRP_JUMP
+
+	XCORE_GRP_ENDING,   // <-- mark the end of the list of groups
+} xcore_insn_group;
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
--- a/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/hde32.h
+++ b/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/hde32.h
@ -0,0 +1,96 @@
+/*
+ * Hacker Disassembler Engine 32
+ * Copyright (c) 2006-2009, Vyacheslav Patkov.
+ * All rights reserved.
+ *
+ * hde32.h: C/C++ header file
+ *
+ */
+
+#ifndef _HDE32_H_
+#define _HDE32_H_
+
+#include <stdint.h>
+
+#define F_MODRM         0x00000001
+#define F_SIB           0x00000002
+#define F_IMM8          0x00000004
+#define F_IMM16         0x00000008
+#define F_IMM32         0x00000010
+#define F_DISP8         0x00000020
+#define F_DISP16        0x00000040
+#define F_DISP32        0x00000080
+#define F_RELATIVE      0x00000100
+#define F_2IMM16        0x00000800
+#define F_ERROR         0x00001000
+#define F_ERROR_OPCODE  0x00002000
+#define F_ERROR_LENGTH  0x00004000
+#define F_ERROR_LOCK    0x00008000
+#define F_ERROR_OPERAND 0x00010000
+#define F_PREFIX_REPNZ  0x01000000
+#define F_PREFIX_REPX   0x02000000
+#define F_PREFIX_REP    0x03000000
+#define F_PREFIX_66     0x04000000
+#define F_PREFIX_67     0x08000000
+#define F_PREFIX_LOCK   0x10000000
+#define F_PREFIX_SEG    0x20000000
+#define F_PREFIX_ANY    0x3f000000
+
+#define PREFIX_SEGMENT_CS   0x2e
+#define PREFIX_SEGMENT_SS   0x36
+#define PREFIX_SEGMENT_DS   0x3e
+#define PREFIX_SEGMENT_ES   0x26
+#define PREFIX_SEGMENT_FS   0x64
+#define PREFIX_SEGMENT_GS   0x65
+#define PREFIX_LOCK         0xf0
+#define PREFIX_REPNZ        0xf2
+#define PREFIX_REPX         0xf3
+#define PREFIX_OPERAND_SIZE 0x66
+#define PREFIX_ADDRESS_SIZE 0x67
+
+#pragma pack(push,1)
+
+typedef struct {
+    uint8_t len;
+    uint8_t p_rep;
+    uint8_t p_lock;
+    uint8_t p_seg;
+    uint8_t p_66;
+    uint8_t p_67;
+    uint8_t opcode;
+    uint8_t opcode2;
+    uint8_t modrm;
+    uint8_t modrm_mod;
+    uint8_t modrm_reg;
+    uint8_t modrm_rm;
+    uint8_t sib;
+    uint8_t sib_scale;
+    uint8_t sib_index;
+    uint8_t sib_base;
+    union {
+        uint8_t imm8;
+        uint16_t imm16;
+        uint32_t imm32;
+    } imm;
+    union {
+        uint8_t disp8;
+        uint16_t disp16;
+        uint32_t disp32;
+    } disp;
+    uint32_t flags;
+} hde32s;
+
+#pragma pack(pop)
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* __cdecl */
+unsigned int hde32_disasm(const void *code, hde32s *hs);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _HDE32_H_ */
--- a/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/hde64.h
+++ b/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/hde64.h
@ -0,0 +1,103 @@
+/*
+ * Hacker Disassembler Engine 64
+ * Copyright (c) 2008-2009, Vyacheslav Patkov.
+ * All rights reserved.
+ *
+ * hde64.h: C/C++ header file
+ *
+ */
+
+#ifndef _HDE64_H_
+#define _HDE64_H_
+
+#include <stdint.h>
+
+#define F_MODRM         0x00000001
+#define F_SIB           0x00000002
+#define F_IMM8          0x00000004
+#define F_IMM16         0x00000008
+#define F_IMM32         0x00000010
+#define F_IMM64         0x00000020
+#define F_DISP8         0x00000040
+#define F_DISP16        0x00000080
+#define F_DISP32        0x00000100
+#define F_RELATIVE      0x00000200
+#define F_ERROR         0x00001000
+#define F_ERROR_OPCODE  0x00002000
+#define F_ERROR_LENGTH  0x00004000
+#define F_ERROR_LOCK    0x00008000
+#define F_ERROR_OPERAND 0x00010000
+#define F_PREFIX_REPNZ  0x01000000
+#define F_PREFIX_REPX   0x02000000
+#define F_PREFIX_REP    0x03000000
+#define F_PREFIX_66     0x04000000
+#define F_PREFIX_67     0x08000000
+#define F_PREFIX_LOCK   0x10000000
+#define F_PREFIX_SEG    0x20000000
+#define F_PREFIX_REX    0x40000000
+#define F_PREFIX_ANY    0x7f000000
+
+#define PREFIX_SEGMENT_CS   0x2e
+#define PREFIX_SEGMENT_SS   0x36
+#define PREFIX_SEGMENT_DS   0x3e
+#define PREFIX_SEGMENT_ES   0x26
+#define PREFIX_SEGMENT_FS   0x64
+#define PREFIX_SEGMENT_GS   0x65
+#define PREFIX_LOCK         0xf0
+#define PREFIX_REPNZ        0xf2
+#define PREFIX_REPX         0xf3
+#define PREFIX_OPERAND_SIZE 0x66
+#define PREFIX_ADDRESS_SIZE 0x67
+
+#pragma pack(push,1)
+
+typedef struct {
+    uint8_t len;
+    uint8_t p_rep;
+    uint8_t p_lock;
+    uint8_t p_seg;
+    uint8_t p_66;
+    uint8_t p_67;
+    uint8_t rex;
+    uint8_t rex_w;
+    uint8_t rex_r;
+    uint8_t rex_x;
+    uint8_t rex_b;
+    uint8_t opcode;
+    uint8_t opcode2;
+    uint8_t modrm;
+    uint8_t modrm_mod;
+    uint8_t modrm_reg;
+    uint8_t modrm_rm;
+    uint8_t sib;
+    uint8_t sib_scale;
+    uint8_t sib_index;
+    uint8_t sib_base;
+    union {
+        uint8_t imm8;
+        uint16_t imm16;
+        uint32_t imm32;
+        uint64_t imm64;
+    } imm;
+    union {
+        uint8_t disp8;
+        uint16_t disp16;
+        uint32_t disp32;
+    } disp;
+    uint32_t flags;
+} hde64s;
+
+#pragma pack(pop)
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Note, code should point to at least 32 valid bytes. */
+unsigned int hde64_disasm(const void *code, hde64s *hs);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _HDE64_H_ */
--- a/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_api.hpp
+++ b/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_api.hpp
@ -0,0 +1,382 @@
+//
+//  kern_api.hpp
+//  Lilu
+//
+//  Copyright © 2016-2017 vit9696. All rights reserved.
+//
+
+#ifndef kern_api_h
+#define kern_api_h
+
+#include <Headers/kern_config.hpp>
+#include <Headers/kern_patcher.hpp>
+#include <Headers/kern_user.hpp>
+#include <Headers/kern_util.hpp>
+
+#include <stdint.h>
+#include <sys/types.h>
+#include <libkern/OSAtomic.h>
+#include <Availability.h>
+
+#ifndef __ACIDANTHERA_MAC_SDK
+#error "This kext SDK is unsupported. Download from https://github.com/acidanthera/MacKernelSDK"
+#endif
+
+class LiluAPI {
+public:
+	/**
+	 *  Initialise lilu api
+ 	 */
+	void init();
+
+	/**
+	 *  Deinitialise lilu api
+	 */
+	void deinit();
+
+	/**
+	 *  Errors returned by functions
+	 */
+	enum class Error {
+		NoError,
+		LockError,
+		MemoryError,
+		UnsupportedFeature,
+		IncompatibleOS,
+		Disabled,
+		TooLate,
+		Offline
+	};
+
+	/**
+	 *  Minimal API version that guarantees forward ABI compatibility
+	 *  Present due to lack of OSBundleCompatibleVersion at kext injection
+	 */
+	static constexpr size_t CompatibilityVersion {parseModuleVersion("1.2.0")};
+
+	/**
+	 *  Obtains api access by holding a lock, which is required when accessing out of the main context
+	 *
+	 *  @param version  api compatibility version
+	 *  @param check    do not wait on the lock but return Error::LockError on failure
+	 *
+	 *  @return Error::NoError on success
+	 */
+	EXPORT Error requestAccess(size_t version=CompatibilityVersion, bool check=false);
+
+	/**
+	 *  Releases api lock
+	 *
+	 *  @return Error::NoError on success
+	 */
+	EXPORT Error releaseAccess();
+
+	/**
+	 *  You are supposed declare that your plugins work in at least one of these modes
+	 *  It is assumed that single user mode is equal to normal, because it is generally
+	 *  used to continue the load of a complete OS, and by default Lilu itself ignores it.
+	 */
+	enum RunningMode : uint32_t {
+		RunningNormal            = 1,
+		AllowNormal              = RunningNormal,
+		RunningInstallerRecovery = 2,
+		AllowInstallerRecovery   = RunningInstallerRecovery,
+		RunningSafeMode          = 4,
+		AllowSafeMode            = RunningSafeMode
+	};
+
+	/**
+	 *  Obtain current run mode similarly to requirements
+	 *
+	 *  @return run mode mask (RunningMode)
+	 */
+	inline uint32_t getRunMode() {
+		return currentRunMode;
+	}
+
+	/**
+	 *  Decides whether you are eligible to continue
+	 *
+	 *  @param product       product name
+	 *  @param version       product version
+	 *  @param runmode       bitmask of allowed enviornments
+	 *  @param disableArg    pointer to disabling boot arguments array
+	 *  @param disableArgNum number of disabling boot arguments
+	 *  @param debugArg      pointer to debug boot arguments array
+	 *  @param debugArgNum   number of debug boot arguments
+	 *  @param betaArg       pointer to beta boot arguments array
+	 *  @param betaArgNum    number of beta boot arguments
+	 *  @param min           minimal required kernel version
+	 *  @param max           maximum supported kernel version
+	 *  @param printDebug    returns debug printing status (based on debugArg)
+	 *
+	 *  @return Error::NoError on success
+	 */
+	EXPORT Error shouldLoad(const char *product, size_t version, uint32_t runmode, const char **disableArg, size_t disableArgNum, const char **debugArg, size_t debugArgNum, const char **betaArg, size_t betaArgNum, KernelVersion min, KernelVersion max, bool &printDebug);
+
+	/**
+	 *  Kernel patcher loaded callback
+	 *
+	 *  @param user    user provided pointer at registering
+	 *  @param patcher kernel patcher instance
+	 */
+	using t_patcherLoaded = void (*)(void *user, KernelPatcher &patcher);
+
+	/**
+	 *  Registers custom provided callbacks for later invocation on kernel patcher initialisation
+	 *
+	 *  @param callback your callback function
+	 *  @param user     your pointer that will be passed to the callback function
+	 *
+	 *  @return Error::NoError on success
+	 */
+	EXPORT Error onPatcherLoad(t_patcherLoaded callback, void *user=nullptr);
+
+	/**
+	 *  Registers custom provided callbacks for later invocation on kernel patcher initialisation
+	 *  Enforced version, which panics on registration failure (assuming your code cannot continue otherwise)
+	 *
+	 *  @param callback your callback function
+	 *  @param user     your pointer that will be passed to the callback function
+	 */
+	inline void onPatcherLoadForce(t_patcherLoaded callback, void *user=nullptr) {
+		auto err = onPatcherLoad(callback, user);
+		if (err != Error::NoError)
+			PANIC("api", "onPatcherLoad failed with code %d", err);
+	}
+
+	/**
+	 *  Kext loaded callback
+	 *  Note that you will get notified of all the requested kexts for speed reasons
+	 *
+	 *  @param user    user provided pointer at registering
+	 *  @param patcher kernel patcher instance
+	 *  @param id      loaded kinfo id
+	 *  @param slide   loaded slide
+	 *  @param size    loaded memory size
+	 */
+	using t_kextLoaded = void (*)(void *user, KernelPatcher &patcher, size_t id, mach_vm_address_t slide, size_t size);
+
+	/**
+	 *  Registers custom provided callbacks for later invocation on kext load
+	 *
+	 *  @param infos    your kext list (make sure to point to const memory)
+	 *  @param num      number of provided kext entries
+	 *  @param callback your callback function (optional)
+	 *  @param user     your pointer that will be passed to the callback function (optional)
+	 *
+	 *  @return Error::NoError on success
+	 */
+	EXPORT Error onKextLoad(KernelPatcher::KextInfo *infos, size_t num=1, t_kextLoaded callback=nullptr, void *user=nullptr);
+
+	/**
+	 *  Registers custom provided callbacks for later invocation on kext load
+	 *  Enforced version, which panics on registration failure (assuming your code cannot continue otherwise)
+	 *
+	 *  @param infos    your kext list (make sure to point to const memory)
+	 *  @param num      number of provided kext entries
+	 *  @param callback your callback function (optional)
+	 *  @param user     your pointer that will be passed to the callback function (optional)
+	 */
+	inline void onKextLoadForce(KernelPatcher::KextInfo *infos, size_t num=1, t_kextLoaded callback=nullptr, void *user=nullptr) {
+		auto err = onKextLoad(infos, num, callback, user);
+		if (err != Error::NoError)
+			PANIC("api", "onKextLoad failed with code %d", err);
+	}
+
+	/**
+	 *  Registers custom provided callbacks for later invocation on binary load
+	 *
+	 *  @param infos    your binary list (make sure to point to const memory)
+	 *  @param num      number of provided binary entries
+	 *  @param callback your callback function (could be null)
+	 *  @param user     your pointer that will be passed to the callback function
+	 *  @param mods     optional mod list (make sure to point to const memory)
+	 *  @param modnum   number of provided mod entries
+	 *
+	 *  @return Error::NoError on success
+	 */
+	EXPORT Error onProcLoad(UserPatcher::ProcInfo *infos, size_t num=1, UserPatcher::t_BinaryLoaded callback=nullptr, void *user=nullptr, UserPatcher::BinaryModInfo *mods=nullptr, size_t modnum=0);
+
+	/**
+	 *  Registers custom provided callbacks for later invocation on binary load
+	 *  Enforced version, which panics on registration failure (assuming your code cannot continue otherwise)
+	 *
+	 *  @param infos    your binary list (make sure to point to const memory)
+	 *  @param num      number of provided binary entries
+	 *  @param callback your callback function (could be null)
+	 *  @param user     your pointer that will be passed to the callback function
+	 *  @param mods     optional mod list (make sure to point to const memory)
+	 *  @param modnum   number of provided mod entries
+	 */
+	inline void onProcLoadForce(UserPatcher::ProcInfo *infos, size_t num=1, UserPatcher::t_BinaryLoaded callback=nullptr, void *user=nullptr, UserPatcher::BinaryModInfo *mods=nullptr, size_t modnum=0) {
+		auto err = onProcLoad(infos, num, callback, user, mods, modnum);
+		if (err != Error::NoError)
+			PANIC("api", "onProcLoad failed with code %d", err);
+	}
+
+	/**
+	 *  Kext loaded callback
+	 *  Note that you will get notified of all the requested kexts for speed reasons
+	 *
+	 *  @param user          user provided pointer at registering
+	 *  @param task          task
+	 *  @param entitlement   loaded kinfo id
+	 *  @param original      original entitlement value
+	 */
+	using t_entitlementRequested = void (*)(void *user, task_t task, const char *entitlement, OSObject *&original);
+
+	/**
+	 *  Registers custom provided callbacks for later invocation on entitlement registration
+	 *
+	 *  @param callback your callback function
+	 *  @param user     your pointer that will be passed to the callback function
+	 *
+	 *  @return Error::NoError on success
+	 */
+	EXPORT Error onEntitlementRequest(t_entitlementRequested callback, void *user=nullptr);
+
+	/**
+	 *  Registers custom provided callbacks for later invocation on entitlement registration
+	 *  Enforced version, which panics on registration failure (assuming your code cannot continue otherwise)
+	 *
+	 *  @param callback your callback function
+	 *  @param user     your pointer that will be passed to the callback function
+	 */
+	inline void onEntitlementRequestForce(t_entitlementRequested callback, void *user=nullptr) {
+		auto err = onEntitlementRequest(callback, user);
+		if (err != Error::NoError)
+			PANIC("api", "onEntitlementRequest failed with code %d", err);
+	}
+
+	/**
+	 *  Complete plugin registration and perform regulatory actions
+	 */
+	void finaliseRequests();
+
+	/**
+	 *  Processes all the registered patcher load callbacks
+	 *
+	 *  @param patcher kernel patcher instance
+	 */
+	void processPatcherLoadCallbacks(KernelPatcher &patcher);
+
+	/**
+	 *  Processes all the registered kext load callbacks
+	 *
+	 *  @param patcher    kernel patcher instance
+	 *  @param id         loaded kinfo id
+	 *  @param slide      loaded slide
+	 *  @param size       loaded memory size
+	 *  @param reloadable kinfo could be unloaded
+	 */
+	void processKextLoadCallbacks(KernelPatcher &patcher, size_t id, mach_vm_address_t slide, size_t size, bool reloadable);
+
+	/**
+	 *  Processes all the registered user patcher load callbacks
+	 *
+	 *  @param patcher user patcher instance
+	 */
+	void processUserLoadCallbacks(UserPatcher &patcher);
+
+	/**
+	 *  Processes all the registered binary load callbacks
+	 *
+	 *  @param patcher kernel patcher instance
+	 *  @param map     process image vm_map
+	 *  @param path    path to the binary absolute or relative
+	 *  @param len     path length excluding null terminator
+	 */
+	void processBinaryLoadCallbacks(UserPatcher &patcher, vm_map_t map, const char *path, size_t len);
+
+	/**
+	 *  Activates patchers
+	 *
+	 *  @param kpatcher  kernel patcher instance
+	 *  @param upatcher  user patcher instance
+	 */
+	void activate(KernelPatcher &kpatcher, UserPatcher &upatcher);
+
+private:
+
+	/**
+	 *  Api lock
+	 */
+	IOLock *access {nullptr};
+
+	/**
+	 *  Defines current running modes
+	 */
+	uint32_t currentRunMode {};
+
+	/**
+	 *  No longer accept any requests
+	 */
+	bool apiRequestsOver {false};
+
+	/**
+	 *  Stores call function and user pointer
+	 */
+	template <typename T, typename Y=void *>
+	using stored_pair = ppair<T, Y>;
+
+	/**
+	 *  Stores multiple callbacks
+	 */
+	template <typename T, typename Y=void *>
+	using stored_vector = evector<stored_pair<T, Y> *, stored_pair<T, Y>::deleter>;
+
+	/**
+	 *  List of patcher callbacks
+	 */
+	stored_vector<t_patcherLoaded> patcherLoadedCallbacks;
+
+	/**
+	 *  List of kext callbacks
+	 */
+	stored_vector<t_kextLoaded> kextLoadedCallbacks;
+
+	/**
+	 *  List of binary callbacks
+	 */
+	stored_vector<UserPatcher::t_BinaryLoaded> binaryLoadedCallbacks;
+
+	/**
+	 *  List of entitlement callbacks
+	 */
+	stored_vector<t_entitlementRequested> entitlementRequestedCallbacks;
+
+	/**
+	 *  List of processed kexts
+	 */
+	stored_vector<KernelPatcher::KextInfo *, size_t> storedKexts;
+
+	/**
+	 *  List of processed procs
+	 */
+	evector<UserPatcher::ProcInfo *> storedProcs;
+
+	/**
+	 *  List of processed binary mods
+	 */
+	evector<UserPatcher::BinaryModInfo *> storedBinaryMods;
+
+	/**
+	 *  Copy client entitlement type (see IOUserClient)
+	 */
+	using t_copyClientEntitlement = OSObject *(*)(task_t, const char *);
+
+	/**
+	 *  Hooked entitlement copying method
+	 */
+	static OSObject *copyClientEntitlement(task_t task, const char *entitlement);
+
+	/**
+	 *  Trampoline for original entitlement copying method
+	 */
+	t_copyClientEntitlement orgCopyClientEntitlement {nullptr};
+};
+
+EXPORT extern LiluAPI lilu;
+
+#endif /* kern_api_h */
--- a/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_compat.hpp
+++ b/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_compat.hpp
@ -0,0 +1,42 @@
+//
+//  kern_compat.hpp
+//  Lilu
+//
+//  Copyright © 2016-2017 vit9696. All rights reserved.
+//
+
+#ifndef kern_compat_hpp
+#define kern_compat_hpp
+
+#include <Headers/kern_config.hpp>
+#include <stdint.h>
+
+// Legacy compatibility layer created to avoid 10.13 SDK macros
+// unsupported in older systems and improperly guarded due to
+// Availability.h header not being. Currently these macros
+// are left to avoid compilation errors.
+#define lilu_os_memcpy  memcpy
+#define lilu_os_memmove memmove
+#define lilu_os_strncpy strncpy
+#define lilu_os_strncat strncat
+#define lilu_os_strlcat strlcat
+#define lilu_os_strlcpy strlcpy
+#define lilu_os_strcat  strcat
+#define lilu_os_bcopy   bcopy
+
+// This may not be nice but will protect users from changes in KernInfo strcture.
+#ifndef LILU_DISABLE_BRACE_WARNINGS
+#pragma clang diagnostic error "-Wmissing-braces"
+#endif
+
+#if defined(__i386__)
+#define lilu_strtou	strtoul
+
+#elif defined(__x86_64__)
+#define lilu_strtou	strtouq
+
+#else
+#error Unsupported arch.
+#endif
+
+#endif /* kern_compat_hpp */
--- a/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_compression.hpp
+++ b/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_compression.hpp
@ -0,0 +1,84 @@
+//
+//  kern_compression.hpp
+//  Lilu
+//
+//  Copyright © 2016-2017 vit9696. All rights reserved.
+//
+
+#ifndef kern_compression_hpp
+#define kern_compression_hpp
+
+#include <Headers/kern_config.hpp>
+
+#ifdef LILU_COMPRESSION_SUPPORT
+
+#include <Headers/kern_util.hpp>
+#include <stdint.h>
+
+namespace Compression {
+
+	/**
+	 *  Compression constants and modes
+	 */
+	static constexpr uint32_t Magic {0x706D6F63}; //comp
+	static constexpr uint32_t ModeLZVN {0x6E767A6C}; //lzvn
+	static constexpr uint32_t ModeLZSS {0x73737A6C}; //lzss
+	static constexpr uint32_t ModeZLIB {0x9C787A6C}; //zlib
+
+	/**
+	 *  Compressed header structure
+	 */
+	struct Header {
+		uint32_t magic;
+		uint32_t compression;
+		uint32_t hash; // adler32
+		uint32_t decompressed;
+		uint32_t compressed;
+		uint32_t version;
+		uint32_t padding[90];
+	};
+
+	/**
+	 *  Typed decompressing function (currently for lzvn, lzss, and zlib)
+	 *
+	 *  @param compression compression type
+	 *  @param dstlen      decompression buffer size
+	 *  @param src         compressed data
+	 *  @param srclen      compressed data size
+	 *  @param buffer      preallocated buffer to use
+	 *
+	 *  @return decompressed buffer (must be freeded by Buffer::deleter if not preallocated)
+	 */
+	EXPORT uint8_t *decompress(uint32_t compression, uint32_t dstlen, const uint8_t *src, uint32_t srclen, uint8_t *buffer=nullptr);
+
+	/**
+	 *  Typed decompressing function (currently for lzvn, lzss, and zlib)
+	 *
+	 *  @param compression compression type
+	 *  @param dstlen      decompression buffer size, actual decompressed size on success
+	 *  @param src         compressed data
+	 *  @param srclen      compressed data size
+	 *  @param buffer      preallocated buffer to use
+	 *
+	 *  @return decompressed buffer (must be freeded by Buffer::deleter if not preallocated)
+	 */
+	EXPORT uint8_t *decompress(uint32_t compression, uint32_t *dstlen, const uint8_t *src, uint32_t srclen, uint8_t *buffer=nullptr);
+
+	/**
+	 *  Typed compressing function (currently for lzss)
+	 *
+	 *  @param compression compression type
+	 *  @param dstlen      maximum compression buffer size
+	 *  @param src         uncompressed data
+	 *  @param srclen      uncompressed data size
+	 *  @param buffer      preallocated buffer to use
+	 *
+	 *  @return compressed buffer with its actual size in dstlen (must be freeded by Buffer::deleter if not preallocated)
+	 */
+	EXPORT uint8_t *compress(uint32_t compression, uint32_t &dstlen, const uint8_t *src, uint32_t srclen, uint8_t *buffer=nullptr);
+
+}
+
+#endif /* LILU_COMPRESSION_SUPPORT */
+
+#endif /* kern_compression_hpp */
--- a/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_config.hpp
+++ b/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_config.hpp
@ -0,0 +1,33 @@
+//
+//  kern_config.hpp
+//  Lilu
+//
+//  Copyright © 2016-2017 vit9696. All rights reserved.
+//
+
+#ifndef kern_config_hpp
+#define kern_config_hpp
+
+/**
+ *  Enable kext patching support
+ */
+#define LILU_KEXTPATCH_SUPPORT 1
+
+/**
+ *  Enable compression and decompression support
+ */
+#define LILU_COMPRESSION_SUPPORT 1
+
+/**
+ *  Enable advanced disassembly API based on capstone
+ */
+// #define LILU_ADVANCED_DISASSEMBLY 1
+
+/**
+ *  Specify custom initialisation code
+ *  Use these in plugins in Xcode Project Preprocessor Macros section.
+ */
+// #define LILU_CUSTOM_IOKIT_INIT 1
+// #define LILU_CUSTOM_KMOD_INIT 1
+
+#endif /* kern_config_hpp */
--- a/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_cpu.hpp
+++ b/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_cpu.hpp
@ -0,0 +1,418 @@
+//
+//  kern_cpu.hpp
+//  Lilu
+//
+//  Copyright © 2018 vit9696. All rights reserved.
+//
+
+#ifndef kern_cpu_h
+#define kern_cpu_h
+
+#include <Headers/kern_config.hpp>
+#include <Headers/kern_iokit.hpp>
+#include <Headers/kern_util.hpp>
+
+#include <IOKit/IOService.h>
+
+/**
+ *  XNU CPU-related exports missing from headers
+ */
+extern "C" {
+	int cpu_number(void);
+	void mp_rendezvous_no_intrs(void (*action_func)(void *), void *arg);
+};
+
+namespace CPUInfo {
+	/**
+	 *  Keep this in sync to XNU MAX_CPUS from osfmk/i386/mp.h
+	 */
+	static constexpr size_t MaxCpus {64};
+
+	/**
+	 *  Contents of CPUID(1) eax register contents describing model version
+	 */
+	struct CpuVersion {
+		uint32_t stepping       : 4;
+		uint32_t model          : 4;
+		uint32_t family         : 4;
+		uint32_t type           : 2;
+		uint32_t reserved1      : 2;
+		uint32_t extendedModel  : 4;
+		uint32_t extendedFamily : 8;
+		uint32_t reserved2      : 4;
+	};
+
+	static_assert(sizeof(CpuVersion) == sizeof(uint32_t), "CpuVersion size mismatch!");
+
+	/**
+	 *  Intel CPU models as returned by CPUID
+	 *  The list is synchronised and updated with XNU source code (osfmk/i386/cpuid.h).
+	 *  Names are altered to avoid conflicts just in case.
+	 *  Last update: xnu-4903.221.2
+	 *  Some details could be found on http://instlatx64.atw.hu and https://en.wikichip.org/wiki/64-bit_architecture#x86
+	 *  Also: https://www.intel.com/content/dam/www/public/us/en/documents/sa00115-microcode-update-guidance.pdf
+	 */
+	enum CpuModel {
+		CPU_MODEL_UNKNOWN        =  0x00,
+		CPU_MODEL_PENRYN         =  0x17,
+		CPU_MODEL_NEHALEM        =  0x1A,
+		CPU_MODEL_FIELDS         =  0x1E, /* Lynnfield, Clarksfield */
+		CPU_MODEL_DALES          =  0x1F, /* Havendale, Auburndale */
+		CPU_MODEL_NEHALEM_EX     =  0x2E,
+		CPU_MODEL_DALES_32NM     =  0x25, /* Clarkdale, Arrandale */
+		CPU_MODEL_WESTMERE       =  0x2C, /* Gulftown, Westmere-EP/-WS */
+		CPU_MODEL_WESTMERE_EX    =  0x2F,
+		CPU_MODEL_SANDYBRIDGE    =  0x2A,
+		CPU_MODEL_JAKETOWN       =  0x2D,
+		CPU_MODEL_IVYBRIDGE      =  0x3A,
+		CPU_MODEL_IVYBRIDGE_EP   =  0x3E,
+		CPU_MODEL_CRYSTALWELL    =  0x46,
+		CPU_MODEL_HASWELL        =  0x3C,
+		CPU_MODEL_HASWELL_EP     =  0x3F,
+		CPU_MODEL_HASWELL_ULT    =  0x45,
+		CPU_MODEL_BROADWELL      =  0x3D,
+		CPU_MODEL_BROADWELL_ULX  =  0x3D,
+		CPU_MODEL_BROADWELL_ULT  =  0x3D,
+		CPU_MODEL_BRYSTALWELL    =  0x47,
+		CPU_MODEL_SKYLAKE        =  0x4E,
+		CPU_MODEL_SKYLAKE_ULT    =  0x4E,
+		CPU_MODEL_SKYLAKE_ULX    =  0x4E,
+		CPU_MODEL_SKYLAKE_DT     =  0x5E,
+		CPU_MODEL_SKYLAKE_W      =  0x55,
+		CPU_MODEL_KABYLAKE       =  0x8E,
+		CPU_MODEL_KABYLAKE_ULT   =  0x8E,
+		CPU_MODEL_KABYLAKE_ULX   =  0x8E,
+		CPU_MODEL_KABYLAKE_DT    =  0x9E,
+		CPU_MODEL_CANNONLAKE     =  0x66,
+		CPU_MODEL_ICELAKE_Y      =  0x7D,
+		CPU_MODEL_ICELAKE_U      =  0x7E,
+		CPU_MODEL_ICELAKE_SP     =  0x9F, /* Some variation of Ice Lake */
+		CPU_MODEL_COMETLAKE_S    =  0xA5, /* desktop CometLake */
+		CPU_MODEL_COMETLAKE_Y    =  0xA5, /* aka 10th generation Amber Lake Y */
+		CPU_MODEL_COMETLAKE_U    =  0xA6,
+		CPU_MODEL_ROCKETLAKE_S   =  0xA7, /* desktop RocketLake */
+		CPU_MODEL_TIGERLAKE_U    =  0x8C,
+		CPU_MODEL_ALDERLAKE_S    =  0x97,
+	};
+
+	/**
+	 *  Known CPU vendors
+	 */
+	enum class CpuVendor {
+		Unknown,
+		AMD,
+		Intel
+		/* Add more processors here if needed */
+	};
+
+	/**
+	 *  Intel CPU generations (starting from 0)
+	 */
+	enum class CpuGeneration {
+		Unknown,
+		Penryn,
+		Nehalem,
+		Westmere,
+		SandyBridge,
+		IvyBridge,
+		Haswell,
+		Broadwell,
+		Skylake,
+		KabyLake,
+		CoffeeLake,
+		CannonLake,
+		IceLake,
+		CometLake,
+		RocketLake,
+		TigerLake,
+		AlderLake,
+		MaxGeneration
+	};
+
+	/* Responses identification request with %eax 0 */
+	/* AMD:     "AuthenticAMD" */
+	static constexpr uint32_t signature_AMD_ebx = 0x68747541;
+	static constexpr uint32_t signature_AMD_edx = 0x69746e65;
+	static constexpr uint32_t signature_AMD_ecx = 0x444d4163;
+	/* CENTAUR: "CentaurHauls" */
+	static constexpr uint32_t signature_CENTAUR_ebx = 0x746e6543;
+	static constexpr uint32_t signature_CENTAUR_edx = 0x48727561;
+	static constexpr uint32_t signature_CENTAUR_ecx = 0x736c7561;
+	/* CYRIX:   "CyrixInstead" */
+	static constexpr uint32_t signature_CYRIX_ebx = 0x69727943;
+	static constexpr uint32_t signature_CYRIX_edx = 0x736e4978;
+	static constexpr uint32_t signature_CYRIX_ecx = 0x64616574;
+	/* INTEL:   "GenuineIntel" */
+	static constexpr uint32_t signature_INTEL_ebx = 0x756e6547;
+	static constexpr uint32_t signature_INTEL_edx = 0x49656e69;
+	static constexpr uint32_t signature_INTEL_ecx = 0x6c65746e;
+	/* TM1:     "TransmetaCPU" */
+	static constexpr uint32_t signature_TM1_ebx = 0x6e617254;
+	static constexpr uint32_t signature_TM1_edx = 0x74656d73;
+	static constexpr uint32_t signature_TM1_ecx = 0x55504361;
+	/* TM2:     "GenuineTMx86" */
+	static constexpr uint32_t signature_TM2_ebx = 0x756e6547;
+	static constexpr uint32_t signature_TM2_edx = 0x54656e69;
+	static constexpr uint32_t signature_TM2_ecx = 0x3638784d;
+	/* NSC:     "Geode by NSC" */
+	static constexpr uint32_t signature_NSC_ebx = 0x646f6547;
+	static constexpr uint32_t signature_NSC_edx = 0x43534e20;
+	static constexpr uint32_t signature_NSC_ecx = 0x79622065;
+	/* NEXGEN:  "NexGenDriven" */
+	static constexpr uint32_t signature_NEXGEN_ebx = 0x4778654e;
+	static constexpr uint32_t signature_NEXGEN_edx = 0x72446e65;
+	static constexpr uint32_t signature_NEXGEN_ecx = 0x6e657669;
+	/* RISE:    "RiseRiseRise" */
+	static constexpr uint32_t signature_RISE_ebx = 0x65736952;
+	static constexpr uint32_t signature_RISE_edx = 0x65736952;
+	static constexpr uint32_t signature_RISE_ecx = 0x65736952;
+	/* SIS:     "SiS SiS SiS " */
+	static constexpr uint32_t signature_SIS_ebx = 0x20536953;
+	static constexpr uint32_t signature_SIS_edx = 0x20536953;
+	static constexpr uint32_t signature_SIS_ecx = 0x20536953;
+	/* UMC:     "UMC UMC UMC " */
+	static constexpr uint32_t signature_UMC_ebx = 0x20434d55;
+	static constexpr uint32_t signature_UMC_edx = 0x20434d55;
+	static constexpr uint32_t signature_UMC_ecx = 0x20434d55;
+	/* VIA:     "VIA VIA VIA " */
+	static constexpr uint32_t signature_VIA_ebx = 0x20414956;
+	static constexpr uint32_t signature_VIA_edx = 0x20414956;
+	static constexpr uint32_t signature_VIA_ecx = 0x20414956;
+	/* VORTEX:  "Vortex86 SoC" */
+	static constexpr uint32_t signature_VORTEX_ebx = 0x74726f56;
+	static constexpr uint32_t signature_VORTEX_edx = 0x36387865;
+	static constexpr uint32_t signature_VORTEX_ecx = 0x436f5320;
+
+	/* Features in %ecx for leaf 1 */
+	static constexpr uint32_t bit_SSE3        = 0x00000001;
+	static constexpr uint32_t bit_PCLMULQDQ   = 0x00000002;
+	static constexpr uint32_t bit_DTES64      = 0x00000004;
+	static constexpr uint32_t bit_MONITOR     = 0x00000008;
+	static constexpr uint32_t bit_DSCPL       = 0x00000010;
+	static constexpr uint32_t bit_VMX         = 0x00000020;
+	static constexpr uint32_t bit_SMX         = 0x00000040;
+	static constexpr uint32_t bit_EIST        = 0x00000080;
+	static constexpr uint32_t bit_TM2         = 0x00000100;
+	static constexpr uint32_t bit_SSSE3       = 0x00000200;
+	static constexpr uint32_t bit_CNXTID      = 0x00000400;
+	static constexpr uint32_t bit_FMA         = 0x00001000;
+	static constexpr uint32_t bit_CMPXCHG16B  = 0x00002000;
+	static constexpr uint32_t bit_xTPR        = 0x00004000;
+	static constexpr uint32_t bit_PDCM        = 0x00008000;
+	static constexpr uint32_t bit_PCID        = 0x00020000;
+	static constexpr uint32_t bit_DCA         = 0x00040000;
+	static constexpr uint32_t bit_SSE41       = 0x00080000;
+	static constexpr uint32_t bit_SSE42       = 0x00100000;
+	static constexpr uint32_t bit_x2APIC      = 0x00200000;
+	static constexpr uint32_t bit_MOVBE       = 0x00400000;
+	static constexpr uint32_t bit_POPCNT      = 0x00800000;
+	static constexpr uint32_t bit_TSCDeadline = 0x01000000;
+	static constexpr uint32_t bit_AESNI       = 0x02000000;
+	static constexpr uint32_t bit_XSAVE       = 0x04000000;
+	static constexpr uint32_t bit_OSXSAVE     = 0x08000000;
+	static constexpr uint32_t bit_AVX         = 0x10000000;
+	static constexpr uint32_t bit_F16C        = 0x20000000;
+	static constexpr uint32_t bit_RDRND       = 0x40000000;
+
+	/* Features in %edx for leaf 1 */
+	static constexpr uint32_t bit_FPU         = 0x00000001;
+	static constexpr uint32_t bit_VME         = 0x00000002;
+	static constexpr uint32_t bit_DE          = 0x00000004;
+	static constexpr uint32_t bit_PSE         = 0x00000008;
+	static constexpr uint32_t bit_TSC         = 0x00000010;
+	static constexpr uint32_t bit_MSR         = 0x00000020;
+	static constexpr uint32_t bit_PAE         = 0x00000040;
+	static constexpr uint32_t bit_MCE         = 0x00000080;
+	static constexpr uint32_t bit_CX8         = 0x00000100;
+	static constexpr uint32_t bit_APIC        = 0x00000200;
+	static constexpr uint32_t bit_SEP         = 0x00000800;
+	static constexpr uint32_t bit_MTRR        = 0x00001000;
+	static constexpr uint32_t bit_PGE         = 0x00002000;
+	static constexpr uint32_t bit_MCA         = 0x00004000;
+	static constexpr uint32_t bit_CMOV        = 0x00008000;
+	static constexpr uint32_t bit_PAT         = 0x00010000;
+	static constexpr uint32_t bit_PSE36       = 0x00020000;
+	static constexpr uint32_t bit_PSN         = 0x00040000;
+	static constexpr uint32_t bit_CLFSH       = 0x00080000;
+	static constexpr uint32_t bit_DS          = 0x00200000;
+	static constexpr uint32_t bit_ACPI        = 0x00400000;
+	static constexpr uint32_t bit_MMX         = 0x00800000;
+	static constexpr uint32_t bit_FXSR        = 0x01000000;
+	static constexpr uint32_t bit_SSE         = 0x02000000;
+	static constexpr uint32_t bit_SSE2        = 0x04000000;
+	static constexpr uint32_t bit_SS          = 0x08000000;
+	static constexpr uint32_t bit_HTT         = 0x10000000;
+	static constexpr uint32_t bit_TM          = 0x20000000;
+	static constexpr uint32_t bit_PBE         = 0x80000000;
+
+	/* Features in %ebx for leaf 7 sub-leaf 0 */
+	static constexpr uint32_t bit_FSGSBASE    = 0x00000001;
+	static constexpr uint32_t bit_SGX         = 0x00000004;
+	static constexpr uint32_t bit_BMI         = 0x00000008;
+	static constexpr uint32_t bit_HLE         = 0x00000010;
+	static constexpr uint32_t bit_AVX2        = 0x00000020;
+	static constexpr uint32_t bit_SMEP        = 0x00000080;
+	static constexpr uint32_t bit_BMI2        = 0x00000100;
+	static constexpr uint32_t bit_ENH_MOVSB   = 0x00000200;
+	static constexpr uint32_t bit_RTM         = 0x00000800;
+	static constexpr uint32_t bit_MPX         = 0x00004000;
+	static constexpr uint32_t bit_AVX512F     = 0x00010000;
+	static constexpr uint32_t bit_AVX512DQ    = 0x00020000;
+	static constexpr uint32_t bit_RDSEED      = 0x00040000;
+	static constexpr uint32_t bit_ADX         = 0x00080000;
+	static constexpr uint32_t bit_AVX512IFMA  = 0x00200000;
+	static constexpr uint32_t bit_CLFLUSHOPT  = 0x00800000;
+	static constexpr uint32_t bit_CLWB        = 0x01000000;
+	static constexpr uint32_t bit_AVX512PF    = 0x04000000;
+	static constexpr uint32_t bit_AVX51SER    = 0x08000000;
+	static constexpr uint32_t bit_AVX512CD    = 0x10000000;
+	static constexpr uint32_t bit_SHA         = 0x20000000;
+	static constexpr uint32_t bit_AVX512BW    = 0x40000000;
+	static constexpr uint32_t bit_AVX512VL    = 0x80000000;
+
+	/* Features in %ecx for leaf 7 sub-leaf 0 */
+	static constexpr uint32_t bit_PREFTCHWT1  = 0x00000001;
+	static constexpr uint32_t bit_AVX512VBMI  = 0x00000002;
+	static constexpr uint32_t bit_PKU         = 0x00000004;
+	static constexpr uint32_t bit_OSPKE       = 0x00000010;
+	static constexpr uint32_t bit_AVX512VPOPCNTDQ  = 0x00004000;
+	static constexpr uint32_t bit_RDPID       = 0x00400000;
+
+	/* Features in %edx for leaf 7 sub-leaf 0 */
+	static constexpr uint32_t bit_AVX5124VNNIW  = 0x00000004;
+	static constexpr uint32_t bit_AVX5124FMAPS  = 0x00000008;
+
+	/* Features in %eax for leaf 13 sub-leaf 1 */
+	static constexpr uint32_t bit_XSAVEOPT    = 0x00000001;
+	static constexpr uint32_t bit_XSAVEC      = 0x00000002;
+	static constexpr uint32_t bit_XSAVES      = 0x00000008;
+
+	/* Features in %ecx for leaf = 0x80000001 */;
+	static constexpr uint32_t bit_LAHF_LM     = 0x00000001;
+	static constexpr uint32_t bit_ABM         = 0x00000020;
+	static constexpr uint32_t bit_SSE4a       = 0x00000040;
+	static constexpr uint32_t bit_PRFCHW      = 0x00000100;
+	static constexpr uint32_t bit_XOP         = 0x00000800;
+	static constexpr uint32_t bit_LWP         = 0x00008000;
+	static constexpr uint32_t bit_FMA4        = 0x00010000;
+	static constexpr uint32_t bit_TBM         = 0x00200000;
+	static constexpr uint32_t bit_MWAITX      = 0x20000000;
+
+	/* Features in %edx for leaf = 0x80000001 */;
+	static constexpr uint32_t bit_MMXEXT      = 0x00400000;
+	static constexpr uint32_t bit_LM          = 0x20000000;
+	static constexpr uint32_t bit_3DNOWP      = 0x40000000;
+	static constexpr uint32_t bit_3DNOW       = 0x80000000;
+
+	/* Features in %ebx for leaf = 0x80000001 */;
+	static constexpr uint32_t bit_CLZERO      = 0x00000001;
+
+	/**
+	 *  Reads CPU information and other data.
+	 */
+	void init();
+
+	/**
+	 *  Installed CPU information mapping
+	 */
+	struct CpuTopology {
+		/**
+		 *  Number of physical processors installed
+		 */
+		uint8_t packageCount {0};
+
+		/**
+		 *  Number of physical cores per package
+		 */
+		uint8_t physicalCount[MaxCpus] {};
+
+		/**
+		 *  Number of logical cores per package
+		 */
+		uint8_t logicalCount[MaxCpus] {};
+
+		/**
+		 *  Total number of physical cores
+		 */
+		inline uint8_t totalPhysical() {
+			uint8_t count = physicalCount[0];
+			for (uint8_t i = 1; i < packageCount; i++)
+				count += physicalCount[i];
+			return count;
+		}
+
+		/**
+		 *  Total number of logical cores
+		 */
+		inline uint8_t totalLogical() {
+			uint8_t count = logicalCount[0];
+			for (uint8_t i = 1; i < packageCount; i++)
+				count += logicalCount[i];
+			return count;
+		}
+
+		/**
+		 *  Mapping of cpu_number() to CPU package from 0 to packageCount
+		 */
+		uint8_t numberToPackage[MaxCpus] {};
+
+		/**
+		 *  Mapping of cpu_number() to physical core from 0 to physicalCount in package
+		 */
+		uint8_t numberToPhysical[MaxCpus] {};
+
+		/**
+		 *  Mapping of cpu_number() to physical cores from 0 to totalPhysical.
+		 */
+		inline uint8_t numberToPhysicalUnique(uint8_t i) {
+			uint8_t num = 0;
+			uint8_t package = numberToPackage[i];
+			for (uint8_t i = 0; i < package; i++)
+				num += physicalCount[i];
+			return num + numberToPhysical[i];
+		}
+
+		/**
+		 *  Mapping of cpu_number() to logical thread from 0 to logicalCount in package
+		 *  Note, that the list is sorted, and the first physicalCount logical threads
+		 *  correspond to their corresponding physical cores.
+		 */
+		uint8_t numberToLogical[MaxCpus] {};
+	};
+
+	/**
+	 *  Get running CPU generation.
+	 *
+	 *  @param ofamily    a pointer to store CPU family in
+	 *  @param omodel     a pointer to store CPU model in
+	 *  @param ostepping  a pointer to store CPU stepping in
+	 *
+	 *  @return detected Intel CPU generation
+	 */
+	EXPORT CpuGeneration getGeneration(uint32_t *ofamily=nullptr, uint32_t *omodel=nullptr, uint32_t *ostepping=nullptr)  DEPRECATE("Use BaseDeviceInfo");;
+
+	/**
+	 *  Obtain CPU topology.
+	 *
+	 *  @param topology  parsed cpu topology, must be passed zeroed.
+	 *
+	 *  @return true on success
+	 */
+	EXPORT bool getCpuTopology(CpuTopology &topology);
+
+	/**
+	 *  Obtain cpuid registers
+	 *
+	 *  @param no     cpuid number
+	 *  @param count  cpuid count
+	 *  @param a      eax output pointer (optional)
+	 *  @param b      ebx output pointer (optional)
+	 *  @param c      ecx output pointer (optional)
+	 *  @param d      edx output pointer (optional)
+	 *
+	 *  @return true if supported
+	 */
+	EXPORT bool getCpuid(uint32_t no, uint32_t count, uint32_t *a, uint32_t *b=nullptr, uint32_t *c=nullptr, uint32_t *d=nullptr);
+}
+
+#endif /* kern_cpu_h */
--- a/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_crypto.hpp
+++ b/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_crypto.hpp
@ -0,0 +1,95 @@
+//
+//  kern_crypto.hpp
+//  Lilu
+//
+//  Copyright © 2017 vit9696. All rights reserved.
+//
+
+#ifndef kern_crypto_h
+#define kern_crypto_h
+
+#include <Headers/kern_config.hpp>
+#include <Headers/kern_util.hpp>
+#include <stdint.h>
+
+namespace Crypto {
+	/**
+	 *  Currently this is equal to both key size and block size
+	 */
+	static constexpr uint32_t BlockSize = 16;
+
+	/**
+	 *  Currently this is guaranteed hash size
+	 */
+	static constexpr uint32_t MinDigestSize = 32;
+
+	/**
+	 *  Encrypted data format
+	 */
+	struct PACKED Encrypted {
+		uint8_t iv[BlockSize];                         // Initialisation vector
+		struct PACKED Data {
+			uint32_t size;				               // Actual encrypted buffer size
+			uint8_t buf[BlockSize - sizeof(uint32_t)]; // Encrypted buffer >= BlockSize
+		};
+
+		union {
+			Data enc;
+			uint8_t buf[BlockSize];
+		};
+	};
+
+	/**
+	 *  Securely erase memory buffer
+	 *  Based off cc_clear from corecrypto (src/cc_clear.c)
+	 *
+	 *  @param len buffer length
+	 *  @param dst buffer pointer
+	 */
+	inline void zeroMemory(size_t len, void *dst) {
+		auto vptr = reinterpret_cast<volatile char *>(dst);
+		while (len--)
+			*vptr++ = '\0';
+	}
+
+	/**
+	 *  Generates cryptographically secure encryption key (from /dev/random)
+	 *
+	 *  @return generated key of at least BlockSize bits long (must be freeded by Buffer::deleter) or nullptr
+	 */
+	EXPORT uint8_t *genUniqueKey(uint32_t size=BlockSize);
+
+	/**
+	 *  Encrypts data of specified size and stores in Encrypted format
+	 *
+	 *  @param key  encryption key returned by genUniqueKey
+	 *  @param src  source data
+	 *  @param size data size, encrypted size is returned on success
+	 *
+	 *  @return encrypted data in Encrypted format (must be freed by Buffer::deleter) or nullptr
+	 */
+	EXPORT uint8_t *encrypt(const uint8_t *key, const uint8_t *src, uint32_t &size);
+
+	/**
+	 *  Decrypts data of specified size stored in Encrypted format
+	 *
+	 *  @param key  encryption key returned by genUniqueKey
+	 *  @param src  source data
+	 *  @param size data size, decrypted size is returned on success
+	 *
+	 *  @return decrypted data (must be freed by Buffer::deleter) or nullptr
+	 */
+	EXPORT uint8_t *decrypt(const uint8_t *key, const uint8_t *src, uint32_t &size);
+
+	/**
+	 *  Calculate digest of given size
+	 *
+	 *  @param src  source data
+	 *  @param size data size
+	 *
+	 *  @return digest hash of at least MinDigestSize bytes (must be freeded by Buffer::deleter) or nullptr
+	 */
+	EXPORT uint8_t *hash(const uint8_t *src, uint32_t size);
+}
+
+#endif /* kern_crypto_h */
--- a/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_devinfo.hpp
+++ b/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_devinfo.hpp
@ -0,0 +1,438 @@
+//
+//  kern_devinfo.hpp
+//  Lilu
+//
+//  Copyright © 2018-2020 vit9696. All rights reserved.
+//
+
+#ifndef kern_devinfo_h
+#define kern_devinfo_h
+
+#include <Headers/kern_config.hpp>
+#include <Headers/kern_cpu.hpp>
+#include <Headers/kern_iokit.hpp>
+#include <Headers/kern_util.hpp>
+#include <IOKit/IOService.h>
+
+/**
+ *  Obtain installed devices split into categories.
+ *  Should be used from onPatcherLoad and onwards.
+ */
+class DeviceInfo {
+	/**
+	 *  Updates reportedLayoutId
+	 */
+	void updateLayoutId();
+
+	/**
+	 *  Updates reportedFramebufferId
+	 */
+	void updateFramebufferId();
+
+	/**
+	 *  Obtains devices from PCI root
+	 *
+	 *  @param pciRoot  PCI root instance (commonly PCI0@0 device)
+	 */
+	void grabDevicesFromPciRoot(IORegistryEntry *pciRoot);
+
+	/**
+	 *  Await for PCI device publishing in IODeviceTree plane
+	 *
+	 *  @param obj  wait for (PCI) object publishing
+	 */
+	void awaitPublishing(IORegistryEntry *obj);
+
+public:
+	/**
+	 *  Obtains autodetected legacy framebuffer if applicable
+	 *
+	 *  @return framebuffer or 0xFFFFFFFF
+	 */
+	static uint32_t getLegacyFramebufferId();
+
+	/**
+	 *  Checks whether the framebuffer has connectors or not.
+	 *
+	 *  @return true if the framebuffer has no connectors
+	 */
+	static bool isConnectorLessPlatformId(uint32_t id);
+
+	/**
+	 *  Common external GPU parameter list
+	 */
+	struct ExternalVideo {
+		/**
+		 *  Aka GFX0 device
+		 */
+		IORegistryEntry *video {nullptr};
+
+		/**
+		 *  Aka HDAU device
+		 */
+		IORegistryEntry *audio {nullptr};
+
+		/**
+		 *  External GPU vendor
+		 */
+		uint32_t vendor {0};
+	};
+
+	/**
+	 *  Aka HDEF device
+	 */
+	IORegistryEntry *audioBuiltinAnalog {nullptr};
+
+	/**
+	 *  Aka HDAU device for builtin GPU
+	 */
+	IORegistryEntry *audioBuiltinDigital {nullptr};
+
+	/**
+	 *  Aka IGPU device
+	 */
+	IORegistryEntry *videoBuiltin {nullptr};
+
+	/**
+	 *  Aka IMEI device
+	 */
+	IORegistryEntry *managementEngine {nullptr};
+
+	/**
+	 *  Aka GFX0 devices (kept in sync with audioExternal)
+	 */
+	evector<ExternalVideo&> videoExternal;
+
+private:
+	/**
+	 *  This is the default reported layout-id passed to reportedLayoutId.
+	 *  The reason for choosing 7 is its presence in 10.14 and the fact
+	 *  Apple frameworks still communicate to the files present on disk.
+	 *  For information purposes only! Use reportedLayoutId!
+	 */
+	static constexpr uint32_t DefaultReportedLayoutId = 7;
+
+	/**
+	 *  The boot-arg to override the reported layout-id to AppleHDA.
+	 *  For user configuration only! Use reportedLayoutId!
+	 */
+	static constexpr const char *ReportedLayoutIdArg = "alcapplid";
+
+	/**
+	 *  The property to override the reported layout-id to AppleHDA.
+	 *  For user configuration only! Use reportedLayoutId!
+	 */
+	static constexpr const char *ReportedLayoutIdName = "apple-layout-id";
+
+public:
+	/**
+	 *  Layout id to be reported by all audio devices (you must update it yourself).
+	 *  This follows the standard convention initially found in AppleALC:
+	 *	alcapplid=X boot-arg has highest priority and overrides any other value.
+	 *  apple-layout-id HDEF prop has normal priority, you may use it if you need.
+	 *  DefaultReportedLayoutId will be used if both of the above are not set.
+	 */
+	uint32_t reportedLayoutId {0};
+
+private:
+	/**
+	 *  The boot-arg to override the reported AAPL,ig-platform-id to Intel drivers.
+	 *  For user configuration only! Use reportedFramebufferId!
+	 */
+	static constexpr const char *ReportedFrameIdArg = "igfxframe";
+
+	/**
+	 *  The boot-arg to override the reported AAPL,ig-platform-id to Intel drivers.
+	 *  Sets VESA framebuffer id (0xFFFFFFFF).
+	 *  For user configuration only! Use reportedFramebufferId!
+	 */
+	static constexpr const char *ReportedVesaIdArg = "-igfxvesa";
+
+	/**
+	 *  The boot-arg to force-disable any external GPU if found.
+	 *  For user configuration only! Use requestedExternalSwitchOff!
+	 */
+	static constexpr const char *RequestedExternalSwitchOffArg {"-wegnoegpu"};
+
+	/**
+	 *  The boot-arg to force-disable any internal GPU if found.
+	 *  For user configuration only! Use requestedInternalSwitchOff!
+	 */
+	static constexpr const char *RequestedInternalSwitchOffArg {"-wegnoigpu"};
+
+	/**
+	 *  The boot-arg to force-disable any internal GPU if external GPU found.
+	 *  For user configuration only! Use requestedGpuSwitch!!
+	 */
+	static constexpr const char *RequestedGpuSwitchArg {"-wegswitchgpu"};
+
+	/**
+	 *  The property to set your platform id for Intel drivers (Ivy and newer).
+	 *  For user configuration only! Use reportedFramebufferName!
+	 */
+	static constexpr const char *ReportedFrameIdName = "AAPL,ig-platform-id";
+
+	/**
+	 *  The property to set your platform id for Intel drivers (Sandy).
+	 *  For user configuration only! Use reportedFramebufferName!
+	 */
+	static constexpr const char *ReportedFrameIdLegacyName = "AAPL,snb-platform-id";
+
+	/**
+	 *  The IGPU property to force-disable any external GPU if found.
+	 *  For user configuration only! Use processSwitchOff()!
+	 */
+	static constexpr const char *RequestedExternalSwitchOffName {"disable-external-gpu"};
+
+	/**
+	 *  The IGPU property to force-disable the IGPU if any external GPU is found.
+	 *  For user configuration only! Use processSwitchOff()!
+	 */
+	static constexpr const char *RequestedGpuSwitchName {"switch-to-external-gpu"};
+
+	/**
+	 *  The GPU property to force-disable any external or internal GPU.
+	 *  For user configuration only! Use processSwitchOff()!
+	 */
+	static constexpr const char *RequestedGpuSwitchOffName {"disable-gpu"};
+
+	/**
+	 *  The GPU property to force-disable any this external GPU with minimum kernel version (inclusive).
+	 *  For user configuration only! Use processSwitchOff()!
+	 */
+	static constexpr const char *RequestedGpuSwitchOffMinKernelName {"disable-gpu-min"};
+
+	/**
+	 *  The GPU property to force-disable any this external GPU with maximum kernel version (inclusive).
+	 *  For user configuration only! Use processSwitchOff()!
+	 */
+	static constexpr const char *RequestedGpuSwitchOffMaxKernelName {"disable-gpu-max"};
+
+
+	/**
+	 *  Known platform ids used by Intel GPU kexts
+	 *  For user configuration only!
+	 */
+	static constexpr uint32_t DefaultAppleSkylakePlatformId {0x19120000};
+	static constexpr uint32_t DefaultAppleKabyLakePlatformId {0x59160000};
+	static constexpr uint32_t DefaultAppleCoffeeLakePlatformId {0x3EA50000};
+	static constexpr uint32_t DefaultAppleCannonLakePlatformId {0x5A520000};
+	static constexpr uint32_t DefaultAppleIceLakeRealPlatformId {0x8A520000};
+	static constexpr uint32_t DefaultAppleIceLakeSimulatorPlatformId {0xFF050000};
+
+	/**
+	 *  Framebuffers without any ports used for hardware acceleration only
+	 *  Note 1: Broadwell framebuffers all have connectors added.
+	 *  Note 2: Coffee Lake framebuffers without connectors are only present in 10.14.
+	 *  Note 3: prerelease Cannon Lake and Ice Lake framebuffers are without connectors.
+	 *  For user configuration only!
+	 */
+	static constexpr uint32_t ConnectorLessSandyBridgePlatformId1 {0x00030030};
+	static constexpr uint32_t ConnectorLessSandyBridgePlatformId2 {0x00050000};
+	static constexpr uint32_t ConnectorLessIvyBridgePlatformId1 {0x01620006};
+	static constexpr uint32_t ConnectorLessIvyBridgePlatformId2 {0x01620007};
+	static constexpr uint32_t ConnectorLessHaswellPlatformId1 {0x04120004};
+	static constexpr uint32_t ConnectorLessHaswellPlatformId2 {0x0412000B};
+	static constexpr uint32_t ConnectorLessSkylakePlatformId1 {0x19020001};
+	static constexpr uint32_t ConnectorLessSkylakePlatformId2 {0x19170001};
+	static constexpr uint32_t ConnectorLessSkylakePlatformId3 {0x19120001};
+	static constexpr uint32_t ConnectorLessSkylakePlatformId4 {0x19320001};
+	static constexpr uint32_t ConnectorLessKabyLakePlatformId1 {0x59180002};
+	static constexpr uint32_t ConnectorLessKabyLakePlatformId2 {0x59120003};
+	static constexpr uint32_t ConnectorLessCoffeeLakePlatformId1 {0x3E920003};
+	static constexpr uint32_t ConnectorLessCoffeeLakePlatformId2 {0x3E910003};
+	static constexpr uint32_t ConnectorLessCoffeeLakePlatformId3 {0x3E980003};
+	static constexpr uint32_t ConnectorLessCoffeeLakePlatformId4 {0x9BC80003};
+	static constexpr uint32_t ConnectorLessCoffeeLakePlatformId5 {0x9BC50003};
+	static constexpr uint32_t ConnectorLessCoffeeLakePlatformId6 {0x9BC40003};
+
+public:
+	/**
+	 *  Vesa framebuffer identifier
+	 */
+	static constexpr uint32_t DefaultVesaPlatformId {0xFFFFFFFF};
+
+	/**
+	 *  Framebuffer id to be reported to IGPU.
+	 *  This follows the standard convention initially found in IntelGraphicsFixup:
+	 *  igfxframe=X boot-arg has highest priority and overrides any other value.
+	 *  -igfxvesa forces 0xFFFFFFFF frame to get into VESA mode.
+	 *  Manually specified AAPL,ig-platform-id or AAPL,snb-platform-id go next.
+	 *  On Sandy Bridge processors a default AAPL,snb-platform-id will be tried afterwards.
+	 *  On Skylake and Kaby Lake processors some default id will be tried afterwards.
+	 */
+	uint32_t reportedFramebufferId {0};
+
+	/**
+	 *  Compatible platform id property name for this IGPU
+	 */
+	const char *reportedFramebufferName {nullptr};
+
+	/**
+	 *  Set to true if the framebuffer has no connectors
+	 */
+	bool reportedFramebufferIsConnectorLess {false};
+
+	/**
+	 *  Known variants of firmware vendors
+	 *  Please note, that it may not be possible to always detect the right vendor
+	 */
+	enum class FirmwareVendor {
+		Unknown,
+		Apple,
+		VMware,
+		EDKII,
+		Parallels,
+		AMI,
+		Insyde,
+		Phoenix,
+		HP
+	};
+
+	/**
+	 *  Firmware vendor manufacturer
+	 */
+	FirmwareVendor firmwareVendor {FirmwareVendor::Unknown};
+
+	/**
+	 *  Requested external GPU switchoff
+	 */
+	bool requestedExternalSwitchOff {false};
+
+	/**
+	 *  Requested internal GPU switchoff
+	 */
+	bool requestedInternalSwitchOff {false};
+
+	/**
+	 *  Requested GPU switch
+	 */
+	bool requestedGpuSwitch {false};
+	/**
+	 *  Allocate and initialise cached device list.
+	 *
+	 *  @return device list or nullptr
+	 */
+	static DeviceInfo *createCached();
+
+	/**
+	 *  Allocate and initialise the device list.
+	 *
+	 *  @return device list or nullptr
+	 */
+	EXPORT static DeviceInfo *create();
+
+	/**
+	 *  Release initialised device list.
+	 *
+	 *  @param d  device list
+	 */
+	EXPORT static void deleter(DeviceInfo *d NONNULL);
+
+	/**
+	 *  Perform device switch-off as prescribed by the properties injected.
+	 */
+	EXPORT void processSwitchOff();
+};
+
+/**
+ *  Simple device information available at early stage.
+ */
+class BaseDeviceInfo {
+	/**
+	 *  Updates firmwareVendor
+	 */
+	void updateFirmwareVendor();
+
+	/**
+	 *  Updates model information
+	 */
+	void updateModelInfo();
+public:
+	/**
+	 *  Board identifier board-id (VMware has "440BX Desktop Reference Platform", eek)
+	 */
+	char boardIdentifier[48] {};
+
+	/**
+	 *  Model identifier
+	 */
+	char modelIdentifier[48] {};
+
+	/**
+	 * Computer model type.
+	 */
+	int modelType {WIOKit::ComputerModel::ComputerAny};
+
+	/**
+	 *  Firmware vendor manufacturer
+	 */
+	DeviceInfo::FirmwareVendor firmwareVendor {DeviceInfo::FirmwareVendor::Unknown};
+
+	/**
+	 *  Known variants of bootloader vendors
+	 *  Please note, that it may not be possible to always detect the right vendor
+	 */
+	enum class BootloaderVendor {
+		Unknown,
+		Acidanthera,
+		Clover
+	};
+
+	/**
+	 *  Bootloader vendor
+	 */
+	BootloaderVendor bootloaderVendor {BootloaderVendor::Unknown};
+
+	/**
+	 *  CPU vendor
+	 */
+	CPUInfo::CpuVendor cpuVendor {CPUInfo::CpuVendor::Unknown};
+
+	/**
+	 *  CPU generation
+	 */
+	CPUInfo::CpuGeneration cpuGeneration {CPUInfo::CpuGeneration::Unknown};
+
+	/**
+	 *  CPU family
+	 */
+	uint32_t cpuFamily {};
+
+	/**
+	 *  CPU model
+	 */
+	uint32_t cpuModel {};
+
+	/**
+	 *  CPU stepping
+	 */
+	uint32_t cpuStepping {};
+
+	/**
+	 *  CPU max level
+	 */
+	uint32_t cpuMaxLevel {};
+
+	/**
+	 *  CPU max level (ext)
+	 */
+	uint32_t cpuMaxLevelExt {0x80000000};
+
+	/**
+	 *  AVX 2.0 support
+	 */
+	bool cpuHasAvx2 {false};
+
+	/**
+	 *  Obtain base device info.
+	 */
+	EXPORT static const BaseDeviceInfo &get();
+
+	/**
+	 *  Initialize global base device info.
+	 */
+	static void init();
+};
+
+#endif /* kern_devinfo_h */
--- a/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_disasm.hpp
+++ b/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_disasm.hpp
@ -0,0 +1,183 @@
+//
+//  kern_disasm.hpp
+//  Lilu
+//
+//  Copyright © 2016-2017 vit9696. All rights reserved.
+//
+
+#ifndef kern_disasm_hpp
+#define kern_disasm_hpp
+
+#include <Headers/kern_config.hpp>
+#include <Headers/kern_util.hpp>
+
+#if defined(__i386__)
+#include <Headers/hde32.h>
+#elif defined(__x86_64__)
+#include <Headers/hde64.h>
+#else
+#error Unsupported arch.
+#endif
+
+#ifdef LILU_ADVANCED_DISASSEMBLY
+#ifndef CAPSTONE_HAS_OSXKERNEL
+#define CAPSTONE_HAS_OSXKERNEL 1
+#endif
+#include <Headers/capstone/capstone.h>
+#endif /* LILU_ADVANCED_DISASSEMBLY */
+
+#include <sys/types.h>
+#include <mach/vm_types.h>
+
+class Disassembler {
+#ifdef LILU_ADVANCED_DISASSEMBLY
+	/**
+	 *  Because captsone handle can be 0
+	 */
+	bool initialised {false};
+
+	/**
+	 *  Internal capstone handle
+	 */
+	size_t handle {};
+#endif
+
+	/**
+	 *  Max instruction size
+	 */
+	static constexpr size_t MaxInstruction {15};
+public:
+
+#if defined(__i386__)
+	using hde_t = hde32s;
+	static constexpr auto hde_disasm = hde32_disasm;
+#elif defined(__x86_64__)
+	using hde_t = hde64s;
+	static constexpr auto hde_disasm = hde64_disasm;
+#else
+#error Unsupported arch.
+#endif
+
+	/**
+	 *  Return the real instruction size contained within min bytes
+	 *  Unlike instructionSize this uses HDE engine and at the cost of reduced compatibility it is much faster
+	 *  Note: instruction pointer should point to at least min + 32 valid bytes.
+	 *
+	 *  @param ptr instruction pointer
+	 *  @param min minimal possible size
+	 *
+	 *  @return instruction size >= min on success or 0
+	 */
+	EXPORT static size_t quickInstructionSize(mach_vm_address_t ptr, size_t min);
+
+	/* Note, code should point to at least 32 valid bytes. */
+	EXPORT static size_t hdeDisasm(mach_vm_address_t code, hde_t *hs);
+
+#ifdef LILU_ADVANCED_DISASSEMBLY
+
+	/**
+	 *  Initialise advanced dissassembling framework
+	 *
+	 *  @param detailed  debugging output necessity
+	 *
+	 *  @return true on success
+	 */
+	EXPORT bool init(bool detailed=false);
+
+	/**
+	 *  Deinitialise advanced dissassembling framework, must be called regardless of the init error
+	 */
+	EXPORT void deinit();
+
+	/**
+	 *  Reads size bytes from addr and disassembles them.
+	 *
+	 *  @param addr        Address to read from
+	 *  @param size        Size of buffer to read
+	 *  @param result      Disassembled instructions array. You must free it
+	 *
+	 *  @return size of result
+	 */
+	EXPORT size_t disasmBuf(mach_vm_address_t addr, size_t size, cs_insn **result);
+
+	/**
+	 *  Return the real instruction size contained within min bytes
+	 *
+	 *  @param ptr instruction pointer
+	 *  @param min minimal possible size
+	 *
+	 *  @return instruction size >= min on success or 0
+	 */
+	EXPORT size_t instructionSize(mach_vm_address_t ptr, size_t min);
+
+	/**
+	 *  Reads lookup_size bytes from addr and disassembles them.
+	 *  After disassembling, tries to find num-th entry with call instruction, which argument is an immediate value (some address).
+	 *
+	 *  @param addr        Address to read from
+	 *  @param num         Number of call instruction to search for
+	 *  @param lookup_size Number of bytes to read
+	 *
+	 *  @note It is assumed that the operand contains a positive relative address.
+	 *
+	 *  @return direct address of num-th call instruction on success, else 0
+	 */
+	EXPORT mach_vm_address_t disasmNthSub(mach_vm_address_t addr, size_t num, size_t lookup_size);
+
+	/**
+	 *  @brief  Reads lookup_size bytes from addr and disassembles them.
+	 *
+	 *  After disassembling, tries to find num-th entry with jmp instruction, which argument is an immediate value (some address).
+	 *
+	 *  @param addr        Address to read from
+	 *  @param num         Number of jmp instruction to search for
+	 *  @param lookup_size Number of bytes to read
+	 *
+	 *  @note It is assumed that the operand contains a positive relative address.
+	 *
+	 *  @return direct address of num-th jmp instruction on success, else 0
+	 */
+	EXPORT mach_vm_address_t disasmNthJmp(mach_vm_address_t addr, size_t num, size_t lookup_size);
+
+	/**
+	 *  Reads lookup_size bytes from addr and disassembles them.
+	 *  After disassembling, tries to find num-th entry of inst instruction.
+	 *
+	 *  @param addr        Addres to read from
+	 *  @param ins         Instruction code
+	 *  @param num         Number of ins instruction to search for
+	 *  @param lookup_size Number of bytes to read
+	 *
+	 *  @return address of found instruction on success, else 0
+	 */
+	EXPORT mach_vm_address_t disasmNthIns(mach_vm_address_t addr, x86_insn ins, size_t num, size_t lookup_size);
+
+	/**
+	 *  Disassembly matching structure
+	 */
+	struct DisasmSig {
+		x86_insn ins;       // instruction
+		bool sub;           // relevant only for X86_INS_CALL, if its arg is X86_OP_IMM
+		bool addr;          // if you want to return the address of exact inst in sig
+
+		static DisasmSig *create() { return new DisasmSig; }
+		static void deleter(DisasmSig *sig NONNULL) { delete sig; }
+	};
+
+	/**
+	 *  Reads lookup_size bytes from addr and disassembles them.
+	 *  After disassembling, tries to find num-th entry of sig instruction pattern.
+	 *
+	 *  @param addr        Address to read from
+	 *  @param sig         Instruction pattern
+	 *  @param num         Order of pattern to search for
+	 *  @param lookup_size Number of bytes to read
+	 *
+	 *  @return direct address of pattern start on success, else 0
+	 */
+	EXPORT mach_vm_address_t disasmSig(mach_vm_address_t addr, evector<DisasmSig *, DisasmSig::deleter> &sig, size_t num, size_t lookup_size);
+
+#endif /* LILU_ADVANCED_DISASSEMBLY */
+};
+
+#endif /* kern_disasm_hpp */
--- a/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_efi.hpp
+++ b/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_efi.hpp
@ -0,0 +1,95 @@
+//
+//  kern_efi.hpp
+//  Lilu
+//
+//  Copyright © 2018 vit9696. All rights reserved.
+//
+
+#ifndef kern_efi_h
+#define kern_efi_h
+
+#include <Headers/kern_util.hpp>
+
+#include <pexpert/i386/efi.h>
+
+/**
+ *  Convert 32-bit EFI errors provided by Apple to 64-bit EFI errors
+ */
+#define EFI_ERROR64(x) (((x) & ~(1ULL << 31)) | (1ULL << 63))
+static_assert(EFI_LOAD_ERROR == 0x80000001 && EFI_ERROR64(EFI_LOAD_ERROR) == 0x8000000000000001,
+	"Apple has finally upgraded EFI headers!");
+
+class EfiRuntimeServices {
+	IOLock *accessLock {nullptr};
+	static EfiRuntimeServices *instance;
+private:
+	bool is32BitEFI {false};
+	void *efiRuntimeServices {nullptr};
+	
+	/**
+	 *  Set EFI runtime services table pointer
+	 */
+	void setRuntimeServices();
+	
+public:
+	/**
+	 *  Activates EFI Runtime Services
+	 */
+	static void activate();
+
+	/**
+	 *  Lilu custom GUIDs exports, see OcSupportPkg/Include/Guid/OcVariables.h
+	 */
+	EXPORT static const EFI_GUID LiluVendorGuid;
+	EXPORT static const EFI_GUID LiluReadOnlyGuid;
+	EXPORT static const EFI_GUID LiluWriteOnlyGuid;
+
+	/**
+	 *  Get EFI Runtime Services wrapper if supported
+	 *
+	 *  @param lock  lock instance during the run, must be put back
+	 *
+	 *  @return wrapper instance
+	 */
+	EXPORT static EfiRuntimeServices *get(bool lock=false);
+
+	/**
+	 *  Put EFI Runtime Services wrapper to unlock
+	 */
+	EXPORT void put();
+
+	/**
+	 *  Perform system reset (does not return on success)
+	 *
+	 *  @param type reset type
+	 */
+	EXPORT void resetSystem(EFI_RESET_TYPE type);
+
+	/**
+	 *  Obtain EFI variable, invokes EFI_RUNTIME_SERVICES::GetVariable.
+	 *
+	 *  @param name  variable name
+	 *  @param guid  vendor guid
+	 *  @param attr  variable attributes
+	 *  @param size  data buffer size updated on read
+	 *  @param data  read data
+	 *
+	 *  @return EFI_STATUS code
+	 */
+	EXPORT uint64_t getVariable(const char16_t *name, const EFI_GUID *guid, uint32_t *attr, uint64_t *size, void *data);
+
+	/**
+	 *  Set EFI variable, invokes EFI_RUNTIME_SERVICES::SetVariable.
+	 *
+	 *  @param name  variable name
+	 *  @param guid  vendor guid
+	 *  @param attr  variable attributes
+	 *  @param size  data buffer size
+	 *  @param data  data to write
+	 *
+	 *  @return EFI_STATUS code
+	 */
+	EXPORT uint64_t setVariable(const char16_t *name, const EFI_GUID *guid, uint32_t attr, uint64_t size, void *data);
+};
+
+#endif /* kern_efi_h */
--- a/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_file.hpp
+++ b/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_file.hpp
@ -0,0 +1,92 @@
+//
+//  kern_file.hpp
+//  Lilu
+//
+//  Copyright © 2016-2017 vit9696. All rights reserved.
+//
+
+#ifndef kern_file_hpp
+#define kern_file_hpp
+
+#include <Headers/kern_config.hpp>
+#include <Headers/kern_util.hpp>
+
+#include <sys/kernel_types.h>
+#include <sys/fcntl.h>
+
+namespace FileIO {
+	/**
+	 *  Reads file data at path
+	 *
+	 *  @param path full file path
+	 *  @param size bytes read
+	 *
+	 *  @return allocated buffer on success or nullptr on error
+	 */
+	EXPORT uint8_t *readFileToBuffer(const char *path, size_t &size);
+
+	/**
+	 *  Read file data from a vnode
+	 *
+	 *  @param buffer output buffer
+	 *  @param off    file offset
+	 *  @param sz     bytes to read
+	 *  @param vnode  file node
+	 *  @param ctxt   filesystem context
+	 *
+	 *  @return 0 on success
+	 */
+	EXPORT int readFileData(void *buffer, off_t off, size_t sz, vnode_t vnode, vfs_context_t ctxt);
+
+	/**
+	 *  Read file size from a vnode
+	 *
+	 *  @param vnode file node
+	 *  @param ctxt  filesystem context
+	 *
+	 *  @return file size or 0
+	 */
+	EXPORT size_t readFileSize(vnode_t vnode, vfs_context_t ctxt);
+
+	/**
+	 *  Writes buffer to a file at path
+	 *
+	 *  @param path   full file path
+	 *  @param buffer input buffer
+	 *  @param size   bytes write
+	 *  @param fmode  file opening mode
+	 *  @param cmode  file permissions
+	 *
+	 *  @return 0 on success
+	 */
+	EXPORT int writeBufferToFile(const char *path, void *buffer, size_t size, int fmode=O_TRUNC | O_CREAT | FWRITE | O_NOFOLLOW, int cmode=S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH);
+
+	/**
+	 *  Write file data to a vnode
+	 *
+	 *  @param buffer input buffer
+	 *  @param off    file offset
+	 *  @param size   bytes to write
+	 *  @param vnode  file node
+	 *  @param ctxt   filesystem context
+	 *
+	 *  @return 0 on success
+	 */
+	EXPORT int writeFileData(void *buffer, off_t off, size_t size, vnode_t vnode, vfs_context_t ctxt);
+
+	/**
+	 *  Perform file i/o through a vnode
+	 *
+	 *  @param buffer input buffer
+	 *  @param off    file offset
+	 *  @param size   bytes to write
+	 *  @param vnode  file node
+	 *  @param ctxt   filesystem context
+	 *  @param write  write to buffer otherwise read
+	 *
+	 *  @return 0 on success
+	 */
+	int performFileIO(void *buffer, off_t off, size_t size, vnode_t vnode, vfs_context_t ctxt, bool write);
+}
+
+#endif /* kern_file_hpp */
--- a/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_iokit.hpp
+++ b/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_iokit.hpp
@ -0,0 +1,331 @@
+//
+//  kern_iokit.hpp
+//  Lilu
+//
+//  Copyright © 2016-2017 vit9696. All rights reserved.
+//
+
+#ifndef kern_iokit_hpp
+#define kern_iokit_hpp
+
+#include <Headers/kern_config.hpp>
+#include <Headers/kern_util.hpp>
+#include <Headers/kern_patcher.hpp>
+
+#include <libkern/c++/OSSerialize.h>
+#include <IOKit/IORegistryEntry.h>
+
+namespace WIOKit {
+
+	/**
+	 *  AppleHDAEngine::getLocation teaches us to use loop infinitely when talking to IOReg
+	 *  This feels mad and insane, since it may prevent the system from booting.
+	 *  Although this had never happened, we will use a far bigger fail-safe stop value.
+	 */
+	static constexpr size_t bruteMax {40000000};
+
+	/**
+	 *  Read typed OSData
+	 *
+	 *  @param obj    read object
+	 *  @param value  read value
+	 *  @param name   propert name
+	 *
+	 *  @return true on success
+	 */
+	template <typename T>
+	inline bool getOSDataValue(const OSObject *obj, const char *name, T &value) {
+		if (obj) {
+			auto data = OSDynamicCast(OSData, obj);
+			if (data && data->getLength() == sizeof(T)) {
+				value = *static_cast<const T *>(data->getBytesNoCopy());
+				DBGLOG("iokit", "getOSData %s has %llX value", name, static_cast<uint64_t>(value));
+				return true;
+			} else {
+				SYSLOG("iokit", "getOSData %s has unexpected format", name);
+			}
+		} else {
+			DBGLOG("iokit", "getOSData %s was not found", name);
+		}
+		return false;
+	}
+
+	/**
+	 *  Read typed OSData through a temp type
+	 *
+	 *  @param obj    read object
+	 *  @param value  read value
+	 *  @param name   propert name
+	 *
+	 *  @return true on success
+	 */
+	template <typename AS, typename T>
+	inline bool getOSDataValue(const OSObject *obj, const char *name, T &value) {
+		AS tmp;
+		if (getOSDataValue(obj, name, tmp)) {
+			value = static_cast<T>(tmp);
+			return true;
+		}
+
+		return false;
+	}
+
+	/**
+	 *  Read typed OSData from IORegistryEntry
+	 *
+	 *  @see getOSDataValue
+	 */
+	template <typename T>
+	inline bool getOSDataValue(const IORegistryEntry *sect, const char *name, T &value) {
+		return getOSDataValue(sect->getProperty(name), name, value);
+	}
+
+	/**
+	 *  Read typed OSData from IORegistryEntry
+	 *
+	 *  @see getOSDataValue
+	 */
+	template <typename AS, typename T>
+	inline bool getOSDataValue(const IORegistryEntry *sect, const char *name, T &value) {
+		return getOSDataValue<AS>(sect->getProperty(name), name, value);
+	}
+
+	/**
+	 *  Read typed OSData from IORegistryEntry
+	 *
+	 *  @see getOSDataValue
+	 */
+	template <typename T>
+	inline bool getOSDataValue(const OSDictionary *dict, const char *name, T &value) {
+		return getOSDataValue(dict->getObject(name), name, value);
+	}
+
+	/**
+	 *  Read typed OSData from IORegistryEntry
+	 *
+	 *  @see getOSDataValue
+	 */
+	template <typename AS, typename T>
+	inline bool getOSDataValue(const OSDictionary *dict, const char *name, T &value) {
+		return getOSDataValue<AS>(dict->getObject(name), name, value);
+	}
+
+	/**
+	 *  Retrieve property object
+	 *
+	 *  @param entry    IORegistry entry
+	 *  @param property property name
+	 *
+	 *  @return property object (must be released) or nullptr
+	 */
+	EXPORT LIBKERN_RETURNS_RETAINED OSSerialize *getProperty(IORegistryEntry *entry, const char *property);
+
+	/**
+	 *  Model variants
+	 */
+	struct ComputerModel {
+		enum {
+			ComputerInvalid = 0x0,
+			ComputerLaptop  = 0x1,
+			ComputerDesktop = 0x2,
+			ComputerAny = ComputerLaptop | ComputerDesktop
+		};
+	};
+
+	/**
+	 *  PCI GPU Vendor identifiers
+	 */
+	struct VendorID {
+		enum : uint16_t {
+			ATIAMD = 0x1002,
+			AMDZEN = 0x1022,
+			NVIDIA = 0x10DE,
+			Intel  = 0x8086,
+			VMware = 0x15AD,
+			QEMU   = 0x1B36,
+		};
+	};
+
+	/**
+	 *  PCI class codes
+	 */
+	struct ClassCode {
+		enum : uint32_t {
+			VGAController     = 0x030000,
+			// I have never seen this one, but laptops are evil.
+			XGAController     = 0x030100,
+			// Some laptops use this for Optimus GPUs.
+			Ex3DController    = 0x030200,
+			DisplayController = 0x038000,
+			PCIBridge         = 0x060400,
+			// HDA device on some laptops like Acer Aspire VN7-592G (INSYDE).
+			HDAMmDevice       = 0x040100,
+			// Watch out for PCISubclassMask, 0x040380 is common on laptops.
+			HDADevice         = 0x040300,
+			// This does not seem to be documented. It works on Haswell at least.
+			IMEI              = 0x078000,
+			// To ignore device subclasses.
+			PCISubclassMask   = 0xFFFF00,
+		};
+	};
+
+	/**
+	 *  Definitions of PCI Config Registers
+	 */
+	enum PCIRegister : uint8_t {
+		kIOPCIConfigVendorID                = 0x00,
+		kIOPCIConfigDeviceID                = 0x02,
+		kIOPCIConfigCommand                 = 0x04,
+		kIOPCIConfigStatus                  = 0x06,
+		kIOPCIConfigRevisionID              = 0x08,
+		kIOPCIConfigClassCode               = 0x09,
+		kIOPCIConfigCacheLineSize           = 0x0C,
+		kIOPCIConfigLatencyTimer            = 0x0D,
+		kIOPCIConfigHeaderType              = 0x0E,
+		kIOPCIConfigBIST                    = 0x0F,
+		kIOPCIConfigBaseAddress0            = 0x10,
+		kIOPCIConfigBaseAddress1            = 0x14,
+		kIOPCIConfigBaseAddress2            = 0x18,
+		kIOPCIConfigBaseAddress3            = 0x1C,
+		kIOPCIConfigBaseAddress4            = 0x20,
+		kIOPCIConfigBaseAddress5            = 0x24,
+		kIOPCIConfigCardBusCISPtr           = 0x28,
+		kIOPCIConfigSubSystemVendorID       = 0x2C,
+		kIOPCIConfigSubSystemID             = 0x2E,
+		kIOPCIConfigExpansionROMBase        = 0x30,
+		kIOPCIConfigCapabilitiesPtr         = 0x34,
+		kIOPCIConfigInterruptLine           = 0x3C,
+		kIOPCIConfigInterruptPin            = 0x3D,
+		kIOPCIConfigMinimumGrant            = 0x3E,
+		kIOPCIConfigMaximumLatency          = 0x3F,
+		kIOPCIConfigGraphicsControl         = 0x50
+	};
+
+	/**
+	 *  Fixed offsets for PCI Config I/O virtual methods
+	 */
+	struct PCIConfigOffset {
+		enum : size_t {
+			ConfigRead32      = 0x10A,
+			ConfigWrite32     = 0x10B,
+			ConfigRead16      = 0x10C,
+			ConfigWrite16     = 0x10D,
+			ConfigRead8       = 0x10E,
+			ConfigWrite8      = 0x10F,
+			GetBusNumber      = 0x11D,
+			GetDeviceNumber   = 0x11E,
+			GetFunctionNumber = 0x11F
+		};
+	};
+
+	/**
+	 *  PCI Config I/O method prototypes
+	 */
+	using t_PCIConfigRead32 = uint32_t (*)(IORegistryEntry *service, uint32_t space, uint8_t offset);
+	using t_PCIConfigRead16 = uint16_t (*)(IORegistryEntry *service, uint32_t space, uint8_t offset);
+	using t_PCIConfigRead8  = uint8_t  (*)(IORegistryEntry *service, uint32_t space, uint8_t offset);
+	using t_PCIConfigWrite32 = void (*)(IORegistryEntry *service, uint32_t space, uint8_t offset, uint32_t data);
+	using t_PCIConfigWrite16 = void (*)(IORegistryEntry *service, uint32_t space, uint8_t offset, uint16_t data);
+	using t_PCIConfigWrite8  = void (*)(IORegistryEntry *service, uint32_t space, uint8_t offset, uint8_t data);
+	using t_PCIGetBusNumber = uint8_t (*)(IORegistryEntry *service);
+	using t_PCIGetDeviceNumber = uint8_t (*)(IORegistryEntry *service);
+	using t_PCIGetFunctionNumber = uint8_t (*)(IORegistryEntry *service);
+
+	/**
+	 *  Await for device publishing in IOService plane
+	 *
+	 *  @param obj  wait for (PCI) object publishing
+	 *
+	 *  @retval true on success
+	 */
+	EXPORT bool awaitPublishing(IORegistryEntry *obj);
+
+	/**
+	 *  Read PCI Config register
+	 *
+	 *  @param service  IOPCIDevice-compatible service.
+	 *  @param reg      PCI config register
+	 *  @param space    adress space
+	 *  @param size     read size for reading custom registers
+	 *
+	 *  @return value read
+	 */
+	EXPORT uint32_t readPCIConfigValue(IORegistryEntry *service, uint32_t reg, uint32_t space = 0, uint32_t size = 0);
+
+	/**
+	 *  Retrieve PCI device address
+	 *
+	 *  @param service   IOPCIDevice-compatible service.
+	 *  @param bus       bus address
+	 *  @param device    device address
+	 *  @param function  function address
+	 */
+	EXPORT void getDeviceAddress(IORegistryEntry *service, uint8_t &bus, uint8_t &device, uint8_t &function);
+
+	/**
+	 *  Retrieve the computer type
+	 *
+	 *  @return valid computer type or ComputerAny
+	 */
+	EXPORT int getComputerModel() DEPRECATE("Use BaseDeviceInfo");
+
+	/**
+	 *  Retrieve computer model and/or board-id properties
+	 *
+	 *  @param model    model name output buffer or null
+	 *  @param modelsz  model name output buffer size
+	 *  @param board    board identifier output buffer or null
+	 *  @param boardsz  board identifier output buffer size
+	 *
+	 *  @return true if relevant properties already are available, otherwise buffers are unchanged
+	 */
+	EXPORT bool getComputerInfo(char *model, size_t modelsz, char *board, size_t boardsz) DEPRECATE("Use BaseDeviceInfo");
+
+	/**
+	 *  Retrieve an ioreg entry by path/prefix
+	 *
+	 *  @param path    an exact lookup path
+	 *  @param prefix  entry prefix at path
+	 *  @param plane   plane to lookup in
+	 *  @param proc    process every found entry with the method
+	 *  @param brute   kick ioreg until a value is found
+	 *  @param user    pass some value to the callback function
+	 *
+	 *  @return entry pointer (must NOT be released) or nullptr (on failure or in proc mode)
+	 */
+	EXPORT LIBKERN_RETURNS_NOT_RETAINED IORegistryEntry *findEntryByPrefix(const char *path, const char *prefix, const IORegistryPlane *plane, bool (*proc)(void *, IORegistryEntry *)=nullptr, bool brute=false, void *user=nullptr);
+
+	/**
+	 *  Retrieve an ioreg entry by path/prefix
+	 *
+	 *  @param entry   an ioreg entry to look in
+	 *  @param prefix  entry prefix at path
+	 *  @param plane   plane to lookup in
+	 *  @param proc    process every found entry with the method
+	 *  @param brute   kick ioreg until a value is found
+	 *  @param user    pass some value to the callback function
+	 *
+	 *  @return entry pointer (must NOT be released) or nullptr (on failure or in proc mode)
+	 */
+	EXPORT LIBKERN_RETURNS_NOT_RETAINED IORegistryEntry *findEntryByPrefix(IORegistryEntry *entry, const char *prefix, const IORegistryPlane *plane, bool (*proc)(void *, IORegistryEntry *)=nullptr, bool brute=false, void *user=nullptr);
+
+	/**
+	 *  Check if we are using prelinked kernel/kexts or not
+	 *
+	 *  @return true when confirmed that we definitely are
+	 */
+	EXPORT bool usingPrelinkedCache();
+
+	/**
+	 *  Properly rename the device
+	 *
+	 *  @param  entry   device to rename
+	 *  @param  name    new name
+	 *  @param  compat  correct compatible
+	 *
+	 *  @return true on success
+	 */
+	EXPORT bool renameDevice(IORegistryEntry *entry, const char *name, bool compat=true);
+}
+
+#endif /* kern_iokit_hpp */
--- a/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_mach.hpp
+++ b/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_mach.hpp
@ -0,0 +1,349 @@
+//
+//  kern_mach.hpp
+//  Lilu
+//
+//  Certain parts of code are the subject of
+//   copyright © 2011, 2012, 2013, 2014 fG!, reverser@put.as - http://reverse.put.as
+//  Copyright © 2016-2017 vit9696. All rights reserved.
+//
+
+#ifndef kern_mach_hpp
+#define kern_mach_hpp
+
+#include <Headers/kern_config.hpp>
+#include <Headers/kern_util.hpp>
+
+#include <sys/time.h>
+#include <sys/types.h>
+#include <sys/vnode.h>
+#include <mach-o/loader.h>
+#include <mach/vm_param.h>
+#include <libkern/c++/OSDictionary.h>
+
+class MachInfo {
+#if defined(__i386__)
+	using mach_header_native = mach_header;
+	using segment_command_native = segment_command;
+	using nlist_native = struct nlist;
+	
+	static constexpr uint8_t SegmentTypeNative {LC_SEGMENT};
+	static constexpr uint32_t MachMagicNative {MH_MAGIC};
+	static constexpr uint32_t MachCpuTypeNative {CPU_TYPE_I386};
+
+#elif defined(__x86_64__)
+	using mach_header_native = mach_header_64;
+	using segment_command_native = segment_command_64;
+	using nlist_native = struct nlist_64;
+	
+	static constexpr uint8_t SegmentTypeNative {LC_SEGMENT_64};
+	static constexpr uint32_t MachMagicNative {MH_MAGIC_64};
+	static constexpr uint32_t MachCpuTypeNative {CPU_TYPE_X86_64};
+
+#else
+#error Unsupported arch.
+#endif
+	
+	mach_vm_address_t running_text_addr {0}; // the address of running __TEXT segment
+	mach_vm_address_t disk_text_addr {0};    // the same address at from a file
+	mach_vm_address_t kaslr_slide {0};       // the kernel aslr slide, computed as the difference between above's addresses
+	uint8_t *file_buf {nullptr};             // read file data
+	OSDictionary *prelink_dict {nullptr};    // read prealinked kext dictionary
+	uint8_t *prelink_addr {nullptr};         // prelink text base address
+	mach_vm_address_t prelink_vmaddr {0};    // prelink text base vm address (for kexts this is their actual slide)
+	uint32_t file_buf_size {0};              // read file data size
+	uint8_t *sym_buf {nullptr};              // pointer to buffer (normally __LINKEDIT) containing symbols to solve
+	bool sym_buf_ro {false};                 // sym_buf is read-only (not copy).
+	uint64_t sym_fileoff {0};                // file offset of symbols (normally __LINKEDIT) so we can read
+	size_t sym_size {0};
+	uint32_t symboltable_fileoff {0};        // file offset to symbol table - used to position inside the __LINKEDIT buffer
+	uint32_t symboltable_nr_symbols {0};
+	uint32_t stringtable_fileoff {0};        // file offset to string table
+	uint32_t stringtable_size {0};
+	mach_header_native *running_mh {nullptr};    // pointer to mach-o header of running kernel item
+	mach_vm_address_t address_slots {0};     // pointer after mach-o header to store pointers
+	mach_vm_address_t address_slots_end {0}; // pointer after mach-o header to store pointers
+	off_t fat_offset {0};                    // additional fat offset
+	size_t memory_size {HeaderSize};         // memory size
+	bool kaslr_slide_set {false};            // kaslr can be null, used for disambiguation
+	bool allow_decompress {true};            // allows mach decompression
+	bool prelink_slid {false};               // assume kaslr-slid kext addresses
+	bool kernel_collection {false};          // kernel collection (11.0+)
+	uint64_t self_uuid[2] {};                // saved uuid of the loaded kext or kernel
+
+	/**
+	 *  Kernel slide is aligned by 20 bits
+	 */
+	static constexpr size_t KASLRAlignment {0x100000};
+
+	/**
+	 *  Retrieve LC_UUID command value from a mach header
+	 *
+	 *  @param header mach header pointer
+	 *
+	 *  @return UUID or nullptr
+	 */
+	uint64_t *getUUID(void *header);
+
+	/**
+	 *  Retrieve and preserve LC_UUID command value from a mach header
+	 *
+	 *  @param header mach header pointer
+	 *
+	 *  @return true on success
+	 */
+	bool loadUUID(void *header);
+
+	/**
+	 *  Enable/disable the Write Protection bit in CR0 register
+	 *
+	 *  @param enable the desired value
+	 *
+	 *  @return KERN_SUCCESS if succeeded
+	 */
+	static kern_return_t setWPBit(bool enable);
+
+	/**
+	 *  Retrieve the first pages of a binary at disk into a buffer
+	 *  Version that uses KPI VFS functions and a ripped uio_createwithbuffer() from XNU
+	 *
+	 *  @param buffer     allocated buffer sized no less than HeaderSize
+	 *  @param vnode      file node
+	 *  @param ctxt       filesystem context
+	 *  @param decompress enable decompression
+	 *  @param off        fat offset or 0
+	 *
+	 *  @return KERN_SUCCESS if the read data contains 64-bit mach header
+	 */
+	kern_return_t readMachHeader(uint8_t *buffer, vnode_t vnode, vfs_context_t ctxt, off_t off=0);
+
+	/**
+	 *  Retrieve the whole symbol table (typically contained within the linkedit segment) into target buffer from kernel binary at disk
+	 *
+	 *  @param vnode file node
+	 *  @param ctxt  filesystem context
+	 *
+	 *  @return KERN_SUCCESS on success
+	 */
+	kern_return_t readSymbols(vnode_t vnode, vfs_context_t ctxt);
+
+	/**
+	 *  Retrieve necessary mach-o header information from the mach header
+	 *
+	 *  @param header read header sized no less than HeaderSize
+	 */
+	void processMachHeader(void *header);
+
+	/**
+	 *  Load kext info dictionary and addresses if they were not loaded previously
+	 */
+	void updatePrelinkInfo();
+
+	/**
+	 *  Lookup mach image in prelinked image
+	 *
+	 *  @param identifier  identifier
+	 *  @param imageSize   size of the returned buffer
+	 *  @param slide       actual slide for symbols (normally kaslr or 0)
+	 *  @param missing     set to true on successful prelink parsing when image is not needed
+	 *
+	 *  @return pointer to const buffer on success or nullptr
+	 */
+	uint8_t *findImage(const char *identifier, uint32_t &imageSize, mach_vm_address_t &slide, bool &missing);
+
+	MachInfo(bool asKernel, const char *id) : isKernel(asKernel), objectId(id) {
+		DBGLOG("mach", "MachInfo asKernel %d object constructed", asKernel);
+	}
+	MachInfo(const MachInfo &) = delete;
+	MachInfo &operator =(const MachInfo &) = delete;
+
+	/**
+	 *  Resolve mach data in the kernel via prelinked cache
+	 *
+	 *  @param prelink    prelink information source (i.e. Kernel MachInfo)
+	 *
+	 *  @return KERN_SUCCESS if loaded
+	 */
+	kern_return_t initFromPrelinked(MachInfo *prelink);
+
+	/**
+	 *  Resolve mach data in the kernel via filesystem access
+	 *
+	 *  @param paths      filesystem paths for lookup
+	 *  @param num        the number of paths passed
+	 *
+	 *  @return KERN_SUCCESS if loaded
+	 */
+	kern_return_t initFromFileSystem(const char * const paths[], size_t num);
+
+	/**
+	 *  Resolve mach data in the kernel via memory access
+	 *
+	 *  @return KERN_SUCCESS if loaded
+	 */
+	kern_return_t initFromMemory();
+
+public:
+
+	/**
+	 *  Each header is assumed to fit two pages
+	 */
+	static constexpr size_t HeaderSize {PAGE_SIZE_64*2};
+
+	/**
+	 *  Representation mode (kernel/kext)
+	 */
+	EXPORT const bool isKernel;
+
+	/**
+	 *  Specified file identifier
+	 */
+	EXPORT const char *objectId {nullptr};
+
+	/**
+	 *  MachInfo object generator
+	 *
+	 *  @param asKernel this MachInfo represents a kernel
+	 *  @param id       kinfo identifier (e.g. CFBundleIdentifier)
+	 *
+	 *  @return MachInfo object or nullptr
+	 */
+	static MachInfo *create(bool asKernel=false, const char *id=nullptr) { return new MachInfo(asKernel, id); }
+	static void deleter(MachInfo *i NONNULL) { delete i; }
+
+	/**
+	 *  Resolve mach data in the kernel
+	 *
+	 *  @param paths      filesystem paths for lookup
+	 *  @param num        the number of paths passed
+	 *  @param prelink    prelink information source (i.e. Kernel MachInfo)
+	 *  @param fsfallback fallback to reading from filesystem if prelink failed
+	 *
+	 *  @return KERN_SUCCESS if loaded
+	 */
+	EXPORT kern_return_t init(const char * const paths[], size_t num = 1, MachInfo *prelink=nullptr, bool fsfallback=false);
+
+	/**
+	 *  Release the allocated memory, must be called regardless of the init error
+	 */
+	EXPORT void deinit();
+
+	/**
+	 *  Retrieve the mach header and __TEXT addresses for KC mode
+	 *
+	 *  @param slide load slide if calculating for kexts
+	 *
+	 *  @return KERN_SUCCESS on success
+	 */
+	kern_return_t kcGetRunningAddresses(mach_vm_address_t slide);
+
+	/**
+	 *  Get address slot if present
+	 *
+	 *  @return address slot on success
+	 *  @return NULL on success
+	 */
+	mach_vm_address_t getAddressSlot();
+
+	/**
+	 *  Retrieve the mach header and __TEXT addresses
+	 *
+	 *  @param slide load slide if calculating for kexts
+	 *  @param size  memory size
+	 *  @param force force address recalculation
+	 *
+	 *  @return KERN_SUCCESS on success
+	 */
+	EXPORT kern_return_t getRunningAddresses(mach_vm_address_t slide=0, size_t size=0, bool force=false);
+
+	/**
+	 *  Set the mach header address
+	 *
+	 *  @param slide load address
+	 *  @param size  memory size
+	 *
+	 *  @return KERN_SUCCESS on success
+	 */
+	EXPORT kern_return_t setRunningAddresses(mach_vm_address_t slide=0, size_t size=0);
+
+	/**
+	 *  Retrieve running mach positions
+	 *
+	 *  @param header pointer to header
+	 *  @param size   file size
+	 */
+	EXPORT void getRunningPosition(uint8_t * &header, size_t &size);
+
+	/**
+	 *  Solve a mach symbol (running addresses must be calculated)
+	 *
+	 *  @param symbol symbol to solve
+	 *
+	 *  @return running symbol address or 0
+	 */
+	EXPORT mach_vm_address_t solveSymbol(const char *symbol);
+
+	/**
+	 *  Find the kernel base address (mach-o header)
+	 *
+	 *  @return kernel base address or 0
+	 */
+	EXPORT mach_vm_address_t findKernelBase();
+
+	/**
+	 *  Compare the loaded kernel with the current UUID (see loadUUID)
+	 *
+	 *  @param base  image base, pass 0 to use kernel base
+	 *
+	 *  @return true if image uuids match
+	 */
+	EXPORT bool isCurrentBinary(mach_vm_address_t base=0);
+
+	/**
+	 *  Enable/disable interrupt handling
+	 *  this is similar to ml_set_interrupts_enabled except the return value
+	 *
+	 *  @param enable the desired value
+	 *
+	 *  @return true if changed the value and false if it is unchanged
+	 */
+	EXPORT static bool setInterrupts(bool enable);
+
+	/**
+	 *  Enable/disable kernel memory write protection
+	 *
+	 *  @param enable  the desired value
+	 *  @param lock    use spinlock to disable cpu preemption (see KernelPatcher::kernelWriteLock)
+	 *
+	 *  @return KERN_SUCCESS if succeeded
+	 */
+	EXPORT static kern_return_t setKernelWriting(bool enable, IOSimpleLock *lock);
+
+	/**
+	 *  Find section bounds in a passed binary for provided cpu
+	 *
+	 *  @param ptr         pointer to a complete mach-o binary
+	 *  @param sourceSize  size of the mach-o binary
+	 *  @param vmsegment   returned vm segment pointer
+	 *  @param vmsection   returned vm section pointer
+	 *  @param sectionptr  returned section pointer
+	 *  @param sectionSize returned section size or 0 on failure
+	 *  @param segmentName segment name
+	 *  @param sectionName section name
+	 *  @param cpu         cpu to look for in case of fat binaries
+	 */
+	EXPORT static void findSectionBounds(void *ptr, size_t sourceSize, vm_address_t &vmsegment, vm_address_t &vmsection, void *&sectionptr, size_t &sectionSize, const char *segmentName="__TEXT", const char *sectionName="__text", cpu_type_t cpu=CPU_TYPE_X86_64);
+
+	/**
+	 *  Request to free file buffer resources (not including linkedit symtable)
+	 */
+	void freeFileBufferResources();
+
+	/**
+	 *  Get fat offset of the initialised image
+	 */
+	off_t getFatOffset() {
+		return fat_offset;
+	}
+};
+
+#endif /* kern_mach_hpp */
--- a/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_nvram.hpp
+++ b/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_nvram.hpp
@ -0,0 +1,198 @@
+//
+//  kern_nvram.hpp
+//  Lilu
+//
+//  Copyright © 2017 vit9696. All rights reserved.
+//
+
+#ifndef kern_nvram_hpp
+#define kern_nvram_hpp
+
+#include <Headers/kern_util.hpp>
+#include <IOKit/IOService.h>
+#include <libkern/c++/OSSymbol.h>
+#include <libkern/libkern.h>
+#include <stdint.h>
+
+/**
+ *  Some of the most common GUIDs used for variable storage on macOS
+ */
+#define NVRAM_GLOBAL_GUID "8BE4DF61-93CA-11D2-AA0D-00E098032B8C"
+#define NVRAM_APPLE_BOOT_GUID "7C436110-AB2A-4BBB-A880-FE41995C9F82"
+#define NVRAM_APPLE_VENDOR_GUID "4D1EDE05-38C7-4A6A-9CC6-4BCCA8B38C14"
+#define NVRAM_APPLE_FILEVAULT_GUID "8D63D4FE-BD3C-4AAD-881D-86FD974BC1DF"
+#define NVRAM_APPLE_PASSWORD_UI_GUID "9EBA2D25-BBE3-4AC2-A2C6-C87F44A1278C"
+
+/**
+ *  Custom GUIDs used for Lilu preferences
+ *  Must be kept in sync to OcSupportPkg/Include/Guid/OcVariables.h
+ */
+#define LILU_VENDOR_GUID "4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102"
+#define LILU_READ_ONLY_GUID "E09B9297-7928-4440-9AAB-D1F8536FBF0A"
+#define LILU_WRITE_ONLY_GUID "F0B9AF8F-2222-4840-8A37-ECF7CC8C12E1"
+
+/**
+ *  Prefix variable name with a GUID
+ */
+#define NVRAM_PREFIX(x, y) x ":" y
+
+class NVStorage {
+	/**
+	 *  Local nvram controller reference
+	 */
+	IORegistryEntry *dtEntry {nullptr};
+
+public:
+	/**
+	 *  Compress data with a default compression algorithm
+	 *
+	 *  @param src        source data
+	 *  @param size       data size (updated with new size)
+	 *  @param sensitive  contains sensitive data
+	 *
+	 *  @return compressed data (must be freed with Buffer::deleter) or nullptr
+	 */
+	EXPORT uint8_t *compress(const uint8_t *src, uint32_t &size, bool sensitive=false);
+
+	/**
+	 *  Decompress data compressed with compress
+	 *
+	 *  @param src        compressed data
+	 *  @param size       data size (updated with new size)
+	 *  @param sensitive  contains sensitive data
+	 *
+	 *  @return decompressed data (must be freed with Buffer::deleter) or nullptr
+	 */
+	EXPORT uint8_t *decompress(const uint8_t *src, uint32_t &size, bool sensitive=false);
+
+	/**
+	 *  Value storage options
+	 */
+	enum Options {
+		OptAuto         = 0,  // Default options
+		OptRaw          = 1,  // i/o as raw buffer
+		OptCompressed   = 2,  // Apply compression (see kern_compression.hpp)
+		OptEncrypted    = 4,  // Apply encryption with device-unique key (see kern_crypto.hpp)
+		OptChecksum     = 8,  // Append CRC32 checksum to the end
+		OptSensitive    = 16  // Value contains sensitive data
+	};
+
+	/**
+	 *  Prepended value header unless OptRaw is used
+	 *  After the header the following fields should go:
+	 *  uint8_t iv[16]; aes initialisation vector (if OptEncrypted is set)
+	 *  uint32_t size;  decryption size           (if OptEncrypted is set, encrypted)
+	 *  uint32_t size;  decompression size        (if OptCompressed is set, encrypted if OptEncrypted)
+	 *  uint8_t data[]; content data              (encrypted if OptEncrypted)
+	 *  uint32_t crc32; CRC32 cheksum             (if OptChecksum is set)
+	 */
+	struct PACKED Header {
+		static constexpr uint16_t Magic = 0xC717;
+		static constexpr uint8_t MaxVer = 1;
+		using Checksum = uint32_t;
+
+		uint16_t magic {Magic};
+		uint8_t version {MaxVer};
+		uint8_t opts {OptAuto};
+	};
+
+	/**
+	 *  Attempt to connect to active nvram, may fail at early stages
+	 *
+	 *  @return true on success
+	 */
+	EXPORT bool init();
+
+	/**
+	 *  Relinquish resources used, must be called regardless of the init error
+	 */
+	EXPORT void deinit();
+
+	/**
+	 *  Read data from nvram
+	 *
+	 *  @param key    key name
+	 *  @param size   amount of data read
+	 *  @param opts   bitmask of Options, may set option requirements
+	 *  @param enckey encryption key (platform-defined if OptEncrypted is set)
+	 *
+	 *  @return pointer to data (must be freed via Buffer::deleter), nullptr on failure
+	 */
+	EXPORT uint8_t *read(const char *key, uint32_t &size, uint8_t opts=OptAuto, const uint8_t *enckey=nullptr);
+
+	/**
+	 *  Read data from nvram
+	 *
+	 *  @param key    key name
+	 *  @param opts   bitmask of Options, may set option requirements
+	 *  @param enckey encryption key (platform-defined if OptEncrypted is set)
+	 *
+	 *  @return pointer to data (must be freed via OSData::release), nullptr on failure
+	 */
+	EXPORT OSData *read(const char *key, uint8_t opts=OptAuto, const uint8_t *enckey=nullptr);
+
+	/**
+	 *  Write data to nvram
+	 *
+	 *  @param key    key name
+	 *  @param src    source buffer
+	 *  @param size   buffer size
+	 *  @param opts   bitmask of Options
+	 *  @param enckey encryption key (platform-defined if OptEncrypted is set)
+	 *
+	 *  @return true on success
+	 */
+	EXPORT bool write(const char *key, const uint8_t *src, uint32_t sz, uint8_t opts=OptAuto, const uint8_t *enckey=nullptr);
+
+	/**
+	 *  Write data to nvram
+	 *
+	 *  @param key    key name
+	 *  @param data   data object to write
+	 *  @param opts   bitmask of Options
+	 *  @param enckey encryption key (platform-defined if OptEncrypted is set)
+	 *
+	 *  @return true on success
+	 */
+	EXPORT bool write(const char *key, const OSData *data, uint8_t opts=OptAuto, const uint8_t *enckey=nullptr);
+
+	/**
+	 *  Delete key from nvram
+	 *
+	 *  @param key        key name
+	 *  @param sensitive  sensitive data
+	 *
+	 *  @return true on successful deletion or if key is missing
+	 */
+	EXPORT bool remove(const char *key, bool sensitive=false);
+
+	/**
+	 *  Synchronize with nvram controller
+	 *  This method might fail if synchronisation was done recently.
+	 *
+	 *  @return true if synchronised
+	 */
+	EXPORT bool sync();
+
+	/**
+	 *  Exports nvram to a plist file
+	 *
+	 *  @param filename  file path
+	 *  @oaram max       max output size
+	 *  @param sensitive contains sensitive data
+	 *
+	 *  @return true if saved
+	 */
+	EXPORT bool save(const char *filename, uint32_t max=0x20000, bool sensitive=false);
+
+	/**
+	 *  Check whether key exists
+	 *
+	 *  @param key        key name
+	 *
+	 *  @return true if key exists
+	 */
+	EXPORT bool exists(const char *key);
+};
+
+#endif /* kern_nvram_hpp */
--- a/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_patcher.hpp
+++ b/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_patcher.hpp
@ -0,0 +1,868 @@
+//
+//  kern_patcher.hpp
+//  Lilu
+//
+//  Copyright © 2016-2017 vit9696. All rights reserved.
+//
+
+#ifndef kern_patcher_hpp
+#define kern_patcher_hpp
+
+#include <Headers/kern_config.hpp>
+#include <Headers/kern_compat.hpp>
+#include <Headers/kern_util.hpp>
+#include <Headers/kern_mach.hpp>
+#include <Headers/kern_disasm.hpp>
+
+#include <mach/mach_types.h>
+
+namespace Patch { union All; void deleter(All * NONNULL); }
+#ifdef LILU_KEXTPATCH_SUPPORT
+union OSKextLoadedKextSummaryHeaderAny;
+#endif /* LILU_KEXTPATCH_SUPPORT */
+
+class KernelPatcher {
+public:
+
+	/**
+	 *  Errors set by functions
+	 */
+	enum class Error {
+		NoError,
+		NoKinfoFound,
+		NoSymbolFound,
+		KernInitFailure,
+		KernRunningInitFailure,
+		KextListeningFailure,
+		DisasmFailure,
+		MemoryIssue,
+		MemoryProtection,
+		PointerRange,
+		AlreadyDone,
+		LockError,
+		Unsupported,
+		InvalidSymbolFound
+	};
+
+	/**
+	 *  Get last error
+	 *
+	 *  @return error code
+	 */
+	EXPORT Error getError();
+
+	/**
+	 *  Reset all the previous errors
+	 */
+	EXPORT void clearError();
+
+	/**
+	 *  Initialise KernelPatcher, prepare for modifications
+	 */
+	void init();
+
+	/**
+	 *  Deinitialise KernelPatcher, must be called regardless of the init error
+	 */
+	void deinit();
+
+	/**
+	 *  Kernel write lock used for performing kernel & kext writes to disable cpu preemption
+	 *  See MachInfo::setKernelWriting
+	 */
+	EXPORT static IOSimpleLock *kernelWriteLock;
+
+	/**
+	 *  Kext information
+	 */
+	struct KextInfo;
+
+#ifdef LILU_KEXTPATCH_SUPPORT
+	struct KextInfo {
+		static constexpr size_t Unloaded {0};
+		enum SysFlags : uint64_t {
+			Loaded,      // invoke for kext if it is already loaded
+			Reloadable,  // allow the kext to unload and get patched again
+			Disabled,    // do not load this kext (formerly achieved pathNum = 0, this no longer works)
+			FSOnly,      // do not use prelinkedkernel (kextcache) as a symbol source
+			FSFallback,  // perform fs fallback if kextcache failed
+			Reserved,
+			SysFlagNum,
+		};
+		static constexpr uint64_t UserFlagNum {sizeof(uint64_t)-SysFlagNum};
+		static_assert(UserFlagNum > 0, "There should be at least one user flag");
+		const char *id {nullptr};
+		const char **paths {nullptr};
+		size_t pathNum {0};
+		bool sys[SysFlagNum] {};
+		bool user[UserFlagNum] {};
+		size_t loadIndex {Unloaded}; // Updated after loading
+
+		/**
+		 *  Disable this info from being used
+		 *  May be called from onPatcherLoad callbacks to disable certain kexts
+		 */
+		void switchOff() {
+			sys[KernelPatcher::KextInfo::Disabled] = true;
+		}
+	};
+
+	static_assert(sizeof(KextInfo) == 4 * sizeof(size_t) + sizeof(uint64_t), "KextInfo is no longer ABI compatible");
+#endif /* LILU_KEXTPATCH_SUPPORT */
+
+	/**
+	 *  Loads and stores kinfo information locally
+	 *
+	 *  @param id         kernel item identifier
+	 *  @param paths      item filesystem path array
+	 *  @param num        number of path entries
+	 *  @param isKernel   kinfo is kernel info
+	 *  @param fsonly     avoid using prelinkedkernel for kexts
+	 *  @param fsfallback fallback to reading from filesystem if prelink failed
+	 *
+	 *  @return loaded kinfo id
+	 */
+	EXPORT size_t loadKinfo(const char *id, const char * const paths[], size_t num=1, bool isKernel=false, bool fsonly=false, bool fsfallback=false);
+
+#ifdef LILU_KEXTPATCH_SUPPORT
+	/**
+	 *  Loads and stores kinfo information locally
+	 *
+	 *  @param info kext to load, updated on success
+	 *
+	 *  @return loaded kinfo id
+	 */
+	EXPORT size_t loadKinfo(KextInfo *info);
+#endif /* LILU_KEXTPATCH_SUPPORT */
+
+	/**
+	 *  Kernel kinfo id
+	 */
+	static constexpr size_t KernelID {0};
+
+	/**
+	 *  Update running information
+	 *
+	 *  @param id    loaded kinfo id
+	 *  @param slide loaded slide
+	 *  @param size  loaded memory size
+	 *  @param force force recalculatiob
+	 *
+	 *  @return new size
+	 */
+	EXPORT size_t updateRunningInfo(size_t id, mach_vm_address_t slide=0, size_t size=0, bool force=false);
+
+	/**
+	 *  Any kernel
+	 */
+	static constexpr uint32_t KernelAny {0};
+
+	/**
+	 *  Check kernel compatibility
+	 *
+	 *  @param min minimal requested version or KernelAny
+	 *  @param max maximum supported version or KernelAny
+	 *
+	 *  @return true on success
+	 */
+	EXPORT static bool compatibleKernel(uint32_t min, uint32_t max);
+
+	/**
+	 *  Erase coverage instruction prefix (like inc qword ptr[]), that causes function routing to fail
+	 *
+	 *  @param addr   address to valid instruction code
+	 *  @param count  amount of instructions to inspect
+	 */
+	EXPORT void eraseCoverageInstPrefix(mach_vm_address_t addr, size_t count=5);
+
+	/**
+	 *  Erase coverage instruction prefix (like inc qword ptr[]), that causes function routing to fail
+	 *
+	 *  @param addr   address to valid instruction code
+	 *  @param count  amount of instructions to inspect
+	 *  @param limit  amount of bytes to inspect
+	 */
+	EXPORT void eraseCoverageInstPrefix(mach_vm_address_t addr, size_t count, off_t limit);
+
+	/**
+	 *  Solve a kinfo symbol
+	 *
+	 *  @param id      loaded kinfo id
+	 *  @param symbol  symbol to solve
+	 *
+	 *  @return running symbol address or 0
+	 */
+	EXPORT mach_vm_address_t solveSymbol(size_t id, const char *symbol);
+
+	/**
+	 *  Solve a kinfo symbol in range with designated type
+	 *
+	 *  @param id      loaded kinfo id
+	 *  @param symbol  symbol to solve
+	 *  @param start   start address range
+	 *  @param size    address range size
+	 *  @param crash   kernel panic on invalid non-zero address
+	 *
+	 *  @return running symbol address or 0 casted to type T (mach_vm_address_t)
+	 */
+	template <typename T = mach_vm_address_t>
+	inline T solveSymbol(size_t id, const char *symbol, mach_vm_address_t start, size_t size, bool crash=false) {
+		auto addr = solveSymbol(id, symbol);
+		if (addr) {
+			if (addr >= start && addr < start + size)
+				return (T)addr;
+
+			code = Error::InvalidSymbolFound;
+			SYSTRACE("patcher", "address " PRIKADDR " is out of range " PRIKADDR " with size %lX",
+				CASTKADDR(addr), CASTKADDR(start), size);
+
+			PANIC_COND(crash, "patcher", "address " PRIKADDR " is out of range " PRIKADDR " with size %lX",
+				CASTKADDR(addr), CASTKADDR(start), size);
+		}
+
+		return (T)nullptr;
+	}
+    
+    /**
+     *  Solve request to resolve multiple symbols in one shot and simplify error handling
+     *
+     *  @seealso solveMultiple().
+     */
+    struct SolveRequest {
+        /**
+         *  The symbol to solve
+         */
+        const char *symbol {nullptr};
+        
+        /**
+         *  The symbol address on success, otherwise NULL.
+         */
+        mach_vm_address_t *address {nullptr};
+        
+        /**
+         *  Construct a solve request conveniently
+         */
+        template <typename T>
+        SolveRequest(const char *s, T &addr) :
+			symbol(s), address(reinterpret_cast<mach_vm_address_t*>(&addr)) { }
+    };
+	
+	/**
+	 *  Solve multiple functions with basic error handling
+	 *
+	 *  @param id        loaded kinfo id
+	 *  @param requests  an array of requests to solve
+	 *  @param num       requests array size
+	 *  @param start     start address range
+	 *  @param size      address range size
+	 *  @param crash     kernel panic on invalid non-zero address
+	 *  @param force     continue on first error
+	 *
+	 *  @return false if at least one symbol cannot be solved.
+	 */
+	inline bool solveMultiple(size_t id, SolveRequest *requests, size_t num, mach_vm_address_t start, size_t size, bool crash=false, bool force=false) {
+		for (size_t index = 0; index < num; index++) {
+			auto result = solveSymbol(id, requests[index].symbol, start, size, crash);
+			if (result) {
+				*requests[index].address = result;
+			} else {
+				clearError();
+				if (!force) return false;
+			}
+		}
+		return true;
+	}
+	
+	/**
+	 *  Solve multiple functions with basic error handling
+	 *
+	 *  @param id        loaded kinfo id
+	 *  @param requests  an array of requests to solve
+	 *  @param start     start address range
+	 *  @param size      address range size
+	 *  @param crash     kernel panic on invalid non-zero address
+	 *  @param force     continue on first error
+	 *
+	 *  @return false if at least one symbol cannot be solved.
+	 */
+	template <size_t N>
+	inline bool solveMultiple(size_t id, SolveRequest (&requests)[N], mach_vm_address_t start, size_t size, bool crash=false, bool force=false) {
+		return solveMultiple(id, requests, N, start, size, crash, force);
+	}
+
+	/**
+	 *  Hook kext loading and unloading to access kexts at early stage
+	 */
+	EXPORT void setupKextListening();
+
+	/**
+	 *  Free file buffer resources and effectively make prelinked kext loading impossible
+	 */
+	void freeFileBufferResources();
+
+	/**
+	 *  Activates monitoring functions if necessary
+	 */
+	void activate();
+
+	/**
+	 *  Load handling structure
+	 */
+	class KextHandler {
+		using t_handler = void (*)(KextHandler *);
+		KextHandler(const char * const i, size_t idx, t_handler h, bool l, bool r) :
+			id(i), index(idx), handler(h), loaded(l), reloadable(r) {}
+	public:
+		static KextHandler *create(const char * const i, size_t idx, t_handler h, bool l=false, bool r=false) {
+			return new KextHandler(i, idx, h, l, r);
+		}
+		static void deleter(KextHandler *i NONNULL) {
+			delete i;
+		}
+
+		void *self {nullptr};
+		const char * const id {nullptr};
+		size_t index {0};
+		mach_vm_address_t address {0};
+		size_t size {0};
+		t_handler handler {nullptr};
+		bool loaded {false};
+		bool reloadable {false};
+	};
+
+#ifdef LILU_KEXTPATCH_SUPPORT
+	/**
+	 *  Enqueue handler processing at kext loading
+	 *
+	 *  @param handler  handler to process
+	 */
+	EXPORT void waitOnKext(KextHandler *handler);
+
+	/**
+	 *  Update kext handler features
+	 *
+	 *  @param info  loaded kext info with features
+	 */
+	void updateKextHandlerFeatures(KextInfo *info);
+
+	/**
+	 *  Arbitrary kext find/replace patch
+	 */
+	struct LookupPatch {
+		KextInfo *kext;
+		const uint8_t *find;
+		const uint8_t *replace;
+		size_t size;
+		size_t count;
+	};
+
+	/**
+	 *  Apply a find/replace patch
+	 *
+	 *  @param patch patch to apply
+	 */
+	EXPORT void applyLookupPatch(const LookupPatch *patch);
+
+	/**
+	 *  Apply a find/replace patch with additional constraints
+	 *
+	 *  @param patch              patch to apply
+	 *  @param startingAddress    start with this address (or kext/kernel lowest address)
+	 *  @param maxSize            maximum size to lookup (or kext/kernel max size)
+	 */
+	EXPORT void applyLookupPatch(const LookupPatch *patch, uint8_t *startingAddress, size_t maxSize);
+#endif /* LILU_KEXTPATCH_SUPPORT */
+
+	/**
+	 *  Route function to function
+	 *
+	 *  @param from         function to route
+	 *  @param to           routed function
+	 *  @param buildWrapper create entrance wrapper
+	 *  @param kernelRoute  kernel change requiring memory protection changes and patch reverting at unload
+	 *  @param revertible   patches could be reverted
+	 *
+	 *  @return wrapper pointer or 0 on success
+	 */
+	EXPORT mach_vm_address_t routeFunction(mach_vm_address_t from, mach_vm_address_t to, bool buildWrapper=false, bool kernelRoute=true, bool revertible=true) DEPRECATE("Use routeMultiple where possible");
+
+	/**
+	 *  Route function to function with long jump
+	 *
+	 *  @param from         function to route
+	 *  @param to           routed function
+	 *  @param buildWrapper create entrance wrapper
+	 *  @param kernelRoute  kernel change requiring memory protection changes and patch reverting at unload
+	 *  @param revertible   patches could be reverted
+	 *
+	 *  @return wrapper pointer or 0 on success
+	 */
+	EXPORT mach_vm_address_t routeFunctionLong(mach_vm_address_t from, mach_vm_address_t to, bool buildWrapper=false, bool kernelRoute=true, bool revertible=true) DEPRECATE("Use routeMultiple where possible");
+
+	/**
+	 *  Route function to function with short jump
+	 *
+	 *  @param from         function to route
+	 *  @param to           routed function
+	 *  @param buildWrapper create entrance wrapper
+	 *  @param kernelRoute  kernel change requiring memory protection changes and patch reverting at unload
+	 *  @param revertible   patches could be reverted
+	 *
+	 *  @return wrapper pointer or 0 on success
+	 */
+	EXPORT mach_vm_address_t routeFunctionShort(mach_vm_address_t from, mach_vm_address_t to, bool buildWrapper=false, bool kernelRoute=true, bool revertible=true) DEPRECATE("Use routeMultiple where possible");
+
+	/**
+	 *  Route block at assembly level
+	 *
+	 *  @param from         address to route
+	 *  @param opcodes      opcodes to insert
+	 *  @param opnum        number of opcodes
+	 *  @param buildWrapper create entrance wrapper
+	 *  @param kernelRoute  kernel change requiring memory protection changes and patch reverting at unload
+	 *
+	 *  @return wrapper pointer or 0 on success
+	 */
+	EXPORT mach_vm_address_t routeBlock(mach_vm_address_t from, const uint8_t *opcodes, size_t opnum, bool buildWrapper=false, bool kernelRoute=true);
+
+	/**
+	 *  Route virtual function to function
+	 *
+	 *  @param obj      OSObject-compatible instance
+	 *  @param off      function offset in a virtual table (arch-neutral, i.e. divided by sizeof(uintptr_t)
+	 *  @param func     function to replace with
+	 *  @param orgFunc  pointer to store the original function
+	 *
+	 *  @return true on success
+	 */
+	template <typename T>
+	static inline bool routeVirtual(void *obj, size_t off, T func, T *orgFunc=nullptr) {
+		// First OSObject (and similar) field is its virtual table.
+		auto vt = obj ? reinterpret_cast<T **>(obj)[0] : nullptr;
+		if (vt) {
+			// Do not try to replace twice!
+			if (vt[off] == func)
+				return false;
+			if (orgFunc) *orgFunc = vt[off];
+			vt[off] = func;
+			return true;
+		}
+		return false;
+	}
+
+	/**
+	 *  Route request to simplify casting and error handling
+	 *  See routeMultiple.
+	 *
+	 *  symbol  symbol to lookup
+	 *  from    solved symbol (assigned by routeMultiple)
+	 *  to      destination address
+	 *  org     trampoline storage to the original symbol
+	 */
+	struct RouteRequest {
+		const char *symbol {nullptr};
+		mach_vm_address_t from {0};
+		const mach_vm_address_t to {0};
+		mach_vm_address_t *org {nullptr};
+
+		/**
+		 *  Construct RouteRequest for wrapping a function
+		 *  @param s  symbol to lookup
+		 *  @param t  destination address
+		 *  @param o  trampoline storage to the original symbol
+		 */
+		template <typename T>
+		RouteRequest(const char *s, T t, mach_vm_address_t &o) :
+			symbol(s), to(reinterpret_cast<mach_vm_address_t>(t)), org(&o) { }
+		
+		/**
+		 *  Construct RouteRequest for wrapping a function
+		 *  @param s  symbol to lookup
+		 *  @param t  destination address
+		 *  @param o  trampoline storage to the original symbol
+		 */
+		template <typename T, typename O>
+		RouteRequest(const char *s, T t, O &o) :
+			RouteRequest(s, t, reinterpret_cast<mach_vm_address_t&>(o)) { }
+
+		/**
+		 *  Construct RouteRequest for routing a function
+		 *  @param s  symbol to lookup
+		 *  @param t  destination address
+		 */
+		template <typename T>
+		RouteRequest(const char *s, T t) :
+			symbol(s), to(reinterpret_cast<mach_vm_address_t>(t)) { }
+	};
+
+	/**
+	 *  Simple route multiple functions with basic error handling
+	 *
+	 *  @param id           kernel item identifier
+	 *  @param requests     an array of requests to replace
+	 *  @param num          requests array size
+	 *  @param start        start address range
+	 *  @param size         address range size
+	 *  @param kernelRoute  kernel change requiring memory protection changes and patch reverting at unload
+	 *  @param force        continue on first error
+	 *
+	 *  @return false if it at least one error happened
+	 */
+	EXPORT bool routeMultiple(size_t id, RouteRequest *requests, size_t num, mach_vm_address_t start=0, size_t size=0, bool kernelRoute=true, bool force=false);
+
+	/**
+	 *  Simple route multiple functions with basic error handling with long routes
+	 *
+	 *  @param id           kernel item identifier
+	 *  @param requests     an array of requests to replace
+	 *  @param num          requests array size
+	 *  @param start        start address range
+	 *  @param size         address range size
+	 *  @param kernelRoute  kernel change requiring memory protection changes and patch reverting at unload
+	 *  @param force        continue on first error
+	 *
+	 *  @return false if it at least one error happened
+	 */
+	EXPORT bool routeMultipleLong(size_t id, RouteRequest *requests, size_t num, mach_vm_address_t start=0, size_t size=0, bool kernelRoute=true, bool force=false);
+
+	/**
+	 *  Simple route multiple functions with basic error handling with short routes
+	 *
+	 *  @param id           kernel item identifier
+	 *  @param requests     an array of requests to replace
+	 *  @param num          requests array size
+	 *  @param start        start address range
+	 *  @param size         address range size
+	 *  @param kernelRoute  kernel change requiring memory protection changes and patch reverting at unload
+	 *  @param force        continue on first error
+	 *
+	 *  @return false if it at least one error happened
+	 */
+	EXPORT bool routeMultipleShort(size_t id, RouteRequest *requests, size_t num, mach_vm_address_t start=0, size_t size=0, bool kernelRoute=true, bool force=false);
+
+	/**
+	 *  Simple route multiple functions with basic error handling
+	 *
+	 *  @param id           kernel item identifier
+	 *  @param requests     an array of requests to replace
+	 *  @param start        start address range
+	 *  @param size         address range size
+	 *  @param kernelRoute  kernel change requiring memory protection changes and patch reverting at unload
+	 *  @param force        continue on first error
+	 *
+	 *  @return false if it at least one error happened
+	 */
+	template <size_t N>
+	inline bool routeMultiple(size_t id, RouteRequest (&requests)[N], mach_vm_address_t start=0, size_t size=0, bool kernelRoute=true, bool force=false) {
+		return routeMultiple(id, requests, N, start, size, kernelRoute, force);
+	}
+
+	/**
+	 *  Simple route multiple functions with basic error handling with long routes
+	 *
+	 *  @param id           kernel item identifier
+	 *  @param requests     an array of requests to replace
+	 *  @param start        start address range
+	 *  @param size         address range size
+	 *  @param kernelRoute  kernel change requiring memory protection changes and patch reverting at unload
+	 *  @param force        continue on first error
+	 *
+	 *  @return false if it at least one error happened
+	 */
+	template <size_t N>
+	inline bool routeMultipleLong(size_t id, RouteRequest (&requests)[N], mach_vm_address_t start=0, size_t size=0, bool kernelRoute=true, bool force=false) {
+		return routeMultipleLong(id, requests, N, start, size, kernelRoute, force);
+	}
+
+	/**
+	 *  Simple route multiple functions with basic error handling with long routes
+	 *
+	 *  @param id           kernel item identifier
+	 *  @param requests     an array of requests to replace
+	 *  @param start        start address range
+	 *  @param size         address range size
+	 *  @param kernelRoute  kernel change requiring memory protection changes and patch reverting at unload
+	 *  @param force        continue on first error
+	 *
+	 *  @return false if it at least one error happened
+	 */
+	template <size_t N>
+	inline bool routeMultipleShort(size_t id, RouteRequest (&requests)[N], mach_vm_address_t start=0, size_t size=0, bool kernelRoute=true, bool force=false) {
+		return routeMultipleShort(id, requests, N, start, size, kernelRoute, force);
+	}
+
+	/**
+	 *  Simple find and replace in kernel memory.
+	 */
+	static inline bool findAndReplace(void *data, size_t dataSize, const void *find, size_t findSize, const void *replace, size_t replaceSize) {
+		void *res;
+		if (UNLIKELY((res = lilu_os_memmem(data, dataSize, find, findSize)) != nullptr)) {
+			if (UNLIKELY(MachInfo::setKernelWriting(true, KernelPatcher::kernelWriteLock) != KERN_SUCCESS)) {
+				SYSLOG("patcher", "failed to obtain write permissions for f/r");
+				return false;
+			}
+
+			lilu_os_memcpy(res, replace, replaceSize);
+
+			if (UNLIKELY(MachInfo::setKernelWriting(false, KernelPatcher::kernelWriteLock) != KERN_SUCCESS)) {
+				SYSLOG("patcher", "failed to restore write permissions for f/r");
+			}
+
+			return true;
+		}
+
+		return false;
+	}
+	
+	/**
+	 *  Simple find and replace in kernel memory but require both `find` and `replace` buffers to have the same length
+	 */
+	template <size_t N>
+	static inline bool findAndReplace(void *data, size_t dataSize, const uint8_t (&find)[N], const uint8_t (&replace)[N]) {
+		return findAndReplace(data, dataSize, find, N, replace, N);
+	}
+
+private:
+	/**
+	 *  Jump type for routing
+	 */
+	enum class JumpType {
+		Auto,
+		Long,
+		Short,
+		Medium
+	};
+
+	/**
+	 *  The minimal reasonable memory requirement
+	 */
+	static constexpr size_t TempExecutableMemorySize {4096};
+
+	/**
+	 *  As of 10.12 we seem to be not allowed to call vm_ functions from several places including onKextSummariesUpdated.
+	 */
+	static uint8_t tempExecutableMemory[TempExecutableMemorySize];
+
+	/**
+	 *  Offset to tempExecutableMemory that is safe to use
+	 */
+	size_t tempExecutableMemoryOff {0};
+
+	/**
+	 *  Patcher status
+	 */
+	_Atomic(bool) activated = false;
+
+	/**
+	 *  Read previous jump destination from function
+	 *
+	 *  @param from          formerly routed function
+	 *  @param jumpType previous jump type
+	 *
+	 *  @return wrapper pointer on success or 0
+	 */
+	mach_vm_address_t readChain(mach_vm_address_t from, JumpType &jumpType);
+
+	/**
+	 *  Created routed trampoline page
+	 *
+	 *  @param func     original area
+	 *  @param min      minimal amount of bytes that will be overwritten
+	 *  @param opcodes  opcodes to insert before function
+	 *  @param opnum    number of opcodes
+	 *
+	 *  @return trampoline pointer or 0
+	 */
+	mach_vm_address_t createTrampoline(mach_vm_address_t func, size_t min, const uint8_t *opcodes=nullptr, size_t opnum=0);
+
+	/**
+	 *  Route function to function
+	 *
+	 *  @param from         function to route
+	 *  @param to           routed function
+	 *  @param buildWrapper create entrance wrapper
+	 *  @param kernelRoute  kernel change requiring memory protection changes and patch reverting at unload
+	 *  @param revertible   patches could be reverted
+	 *  @param jumpType     jump type to use, relative short or absolute long
+	 *  @param info         info to access address slots to use for shorter routing
+	 *  @param org          write pointer to this variable
+	 *
+	 *  @return wrapper pointer or 0 on success
+	 */
+	mach_vm_address_t routeFunctionInternal(mach_vm_address_t from, mach_vm_address_t to, bool buildWrapper=false, bool kernelRoute=true, bool revertible=true, JumpType jumpType=JumpType::Auto, MachInfo *info=nullptr, mach_vm_address_t *org=nullptr);
+
+	/**
+	 *  Simple route multiple functions with basic error handling with long routes
+	 *
+	 *  @param id           kernel item identifier
+	 *  @param requests     an array of requests to replace
+	 *  @param num          requests array size
+	 *  @param start        start address range
+	 *  @param size         address range size
+	 *  @param kernelRoute  kernel change requiring memory protection changes and patch reverting at unload
+	 *  @param force        continue on first error
+	 *  @param jumpType     jump type to use, relative short or absolute long
+	 *
+	 *  @return false if it at least one error happened
+	 */
+	bool routeMultipleInternal(size_t id, RouteRequest *requests, size_t num, mach_vm_address_t start=0, size_t size=0, bool kernelRoute=true, bool force=false, JumpType jumpType=JumpType::Auto);
+
+#ifdef LILU_KEXTPATCH_SUPPORT
+	/**
+	 *  Process loaded kext
+	 */
+	void processKext(kmod_info_t *kmod, bool loaded);
+	
+	/**
+	 *  Process already loaded kexts once at the start
+	 *
+	 */
+	void processAlreadyLoadedKexts();
+
+	/**
+	 *  Pointer to loaded kmods for kexts
+	 */
+	kmod_info_t **kextKmods {nullptr};
+
+	/**
+	 *  Called at kext unloading if kext listening is enabled on macOS 10.6 and newer
+	 */
+	static OSReturn onOSKextUnload(void *thisKext);
+
+	/**
+	 *  A pointer to OSKext::unload()
+	 */
+	mach_vm_address_t orgOSKextUnload {};
+
+	/**
+	 *  Called at kext loading and unloading if kext listening is enabled on macOS 10.6 and newer
+	 */
+	static void onOSKextSaveLoadedKextPanicList();
+
+	/**
+	 *  A pointer to OSKext::saveLoadedKextPanicList()
+	 */
+	mach_vm_address_t orgOSKextSaveLoadedKextPanicList {};
+	
+#if defined(__i386__)
+	/**
+	 *  Called at kext loading if kext listening is enabled on macOS 10.4 and 10.5
+	 */
+	static kern_return_t onKmodCreateInternal(kmod_info_t *kmod, kmod_t *id);
+	
+	/**
+	 *  A pointer to kmod_create_internal()
+	 */
+	mach_vm_address_t orgKmodCreateInternal {};
+#endif
+
+#endif /* LILU_KEXTPATCH_SUPPORT */
+
+	/**
+	 *  Kernel prelink image in case prelink is used
+	 */
+	MachInfo *prelinkInfo {nullptr};
+
+	/**
+	 *  Loaded kernel items
+	 */
+	evector<MachInfo *, MachInfo::deleter> kinfos;
+
+	/**
+	 *  Applied patches
+	 */
+	evector<Patch::All *, Patch::deleter> kpatches;
+
+#ifdef LILU_KEXTPATCH_SUPPORT	
+	/**
+	 *  Awaiting kext notificators
+	 */
+	evector<KextHandler *, KextHandler::deleter> khandlers;
+
+	/**
+	 *  Awaiting already loaded kext list
+	 */
+	bool waitingForAlreadyLoadedKexts {false};
+
+	/**
+	 *  Flag to prevent kext processing during an unload
+	 */
+	bool isKextUnloading {false};
+
+#endif /* LILU_KEXTPATCH_SUPPORT */
+
+	/**
+	 *  Current error code
+	 */
+	Error code {Error::NoError};
+	static constexpr size_t INVALID {0};
+
+	/**
+	 *  Jump instruction sizes
+	 */
+	static constexpr size_t SmallJump {1 + sizeof(int32_t)};
+	static constexpr size_t LongJump {6 + sizeof(uintptr_t)};
+	static constexpr size_t MediumJump {6};
+	static constexpr uint8_t SmallJumpPrefix {0xE9};
+	static constexpr uint16_t LongJumpPrefix {0x25FF};
+
+	/**
+	 * Atomic trampoline generator, wraps jumper into 64-bit or 128-bit storage
+	 */
+	union FunctionPatch {
+		struct PACKED LongPatch {
+			uint16_t  opcode;
+			uint32_t  argument;
+			uintptr_t disp;
+			uint8_t   org[sizeof(uint64_t) - sizeof(uintptr_t) + sizeof(uint16_t)];
+		} l;
+		static_assert(sizeof(l) == (sizeof(uint64_t) * 2), "Invalid long patch rounding");
+		struct PACKED MediumPatch {
+			uint16_t opcode;
+			uint32_t argument;
+			uint8_t  org[2];
+		} m;
+		static_assert(sizeof(m) == sizeof(uint64_t), "Invalid medium patch rounding");
+		struct PACKED SmallPatch {
+			uint8_t opcode;
+			uint32_t argument;
+			uint8_t org[3];
+		} s;
+		static_assert(sizeof(s) == sizeof(uint64_t), "Invalid small patch rounding");
+		template <typename T>
+		inline void sourceIt(mach_vm_address_t source) {
+			// Note, this one violates strict aliasing, but we play with the memory anyway.
+			for (size_t i = 0; i < sizeof(T::org); ++i)
+				reinterpret_cast<volatile T *>(this)->org[i] = *reinterpret_cast<uint8_t *>(source + offsetof(T, org) + i);
+		}
+		uint64_t value64;
+#if defined(__x86_64__)
+		unsigned __int128 value128;
+#endif
+	} patch;
+
+	/**
+	 *  Possible kernel paths
+	 */
+#ifdef LILU_COMPRESSION_SUPPORT
+	const char *prelinkKernelPaths[7] {
+		// This is the usual kernel cache place, which often the best thing to use
+		"/System/Library/Caches/com.apple.kext.caches/Startup/kernelcache",
+		// Otherwise fallback to one of the prelinked kernels
+		// Since we always verify the LC_UUID value, trying the kernels could be done in any order.
+		"/System/Library/PrelinkedKernels/prelinkedkernel", // normal
+		"/macOS Install Data/Locked Files/Boot Files/prelinkedkernel", // 10.13 installer
+		"/com.apple.boot.R/prelinkedkernel", // 10.12+ fusion drive installer
+		"/com.apple.boot.S/System/Library/PrelinkedKernels/prelinkedkernel", // 10.11 fusion drive installer
+		"/com.apple.recovery.boot/prelinkedkernel", // recovery
+		"/kernelcache" // 10.7 installer
+	};
+#endif
+
+	const char *kernelPaths[2] {
+		"/System/Library/Kernels/kernel",	//since 10.10
+		"/mach_kernel"
+	};
+};
+
+#endif /* kern_patcher_hpp */
--- a/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_policy.hpp
+++ b/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_policy.hpp
@ -0,0 +1,67 @@
+//
+//  kern_policy.hpp
+//  Lilu
+//
+//  Copyright © 2016-2017 vit9696. All rights reserved.
+//
+
+#ifndef kern_policy_hpp
+#define kern_policy_hpp
+
+#include <Headers/kern_config.hpp>
+
+#include <sys/types.h>
+#include <sys/proc.h>
+
+#include <security/mac_framework.h>
+#include <security/mac_policy.h>
+#include <Headers/kern_util.hpp>
+
+#if defined(__x86_64__)
+class Policy {
+	/**
+	 *  TrustedBSD Policy handle
+	 */
+	mac_policy_handle_t policyHandle {0};
+
+	/**
+	 *  TrustedBSD policy configuration
+	 */
+	mac_policy_conf policyConf;
+public:
+	/**
+	 *  Compile-time policy constructor
+	 *
+	 *  @param name  policy name literal
+	 *  @param descr policy description literal
+	 *  @param ops   policy functions
+	 */
+	constexpr Policy(const char *name, const char *descr, struct mac_policy_ops *ops) : policyConf{
+		.mpc_name				= name,
+		.mpc_fullname			= descr,
+		.mpc_labelnames			= nullptr,
+		.mpc_labelname_count	= 0,
+		.mpc_ops				= ops,
+		// Our policies are loaded very early and are static. We cannot unload them.
+		.mpc_loadtime_flags		= 0 /*MPC_LOADTIME_FLAG_UNLOADOK*/,
+		.mpc_field_off			= nullptr,
+		.mpc_runtime_flags		= 0
+	} { }
+
+	/**
+	 *  Registers TrustedBSD policy
+	 *
+	 *  @return true on success
+	 */
+	EXPORT bool registerPolicy();
+
+	/**
+	 *  Unregisters TrustedBSD policy if allowed
+	 *
+	 *  @return true on success
+	 */
+	EXPORT bool unregisterPolicy();
+};
+#endif
+
+#endif /* kern_policy_hpp */
--- a/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_rtc.hpp
+++ b/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_rtc.hpp
@ -0,0 +1,250 @@
+//
+//  kern_rtc.hpp
+//  Lilu
+//
+//  Copyright © 2018 vit9696. All rights reserved.
+//
+
+#ifndef kern_rtc_h
+#define kern_rtc_h
+
+#include <Headers/kern_util.hpp>
+#include <IOKit/IOService.h>
+#include <IOKit/acpi/IOACPIPlatformDevice.h>
+#include <IOKit/IOUserClient.h>
+
+class RTCStorage {
+	/**
+	 *  Apple-specific RTC checksum addresses
+	 */
+	static constexpr uint8_t APPLERTC_HASHED_ADDR = 0x0E;
+	static constexpr uint8_t APPLERTC_CHECKSUM_ADDR1 = 0x58;
+	static constexpr uint8_t APPLERTC_CHECKSUM_ADDR2 = 0x59;
+
+	/**
+	 *  AppleRTC service handle
+	 */
+	IOService *rtcSrv {nullptr};
+
+	/**
+	 *  Low-level RTC read (does not check memory availability).
+	 *
+	 *  @param dev     RTC ACPI device
+	 *  @param offset  offset
+	 *
+	 *  @result read value
+	 */
+	static uint8_t readByte(IOACPIPlatformDevice *dev, uint8_t offset);
+
+	/**
+	 *  Low-level RTC write (does not check memory availability).
+	 *
+	 *  @param dev     RTC ACPI device
+	 *  @param offset  offset
+	 *  @param value   value
+	 */
+	static void writeByte(IOACPIPlatformDevice *dev, uint8_t offset, uint8_t value);
+public:
+	/**
+	 *  General access RTC ports on x86 systems.
+	 */
+	static constexpr uint8_t R_PCH_RTC_INDEX = 0x70;
+	static constexpr uint8_t R_PCH_RTC_TARGET = 0x71;
+	static constexpr uint8_t R_PCH_RTC_EXT_INDEX = 0x72;
+	static constexpr uint8_t R_PCH_RTC_EXT_TARGET = 0x73;
+
+	/**
+	 *  RTC has N banks (we support up to 2) of memory.
+	 */
+	static constexpr uint8_t RTC_BANK_SIZE = 0x80;
+
+	/**
+	 *  Non-ext RTC index register uses higher bit for nmi.
+	 */
+	static constexpr uint8_t RTC_DATA_MASK = 0x7F;
+	static constexpr uint8_t RTC_NMI_MASK = 0x80;
+
+	/**
+	 *  Time offsets.
+	 */
+	static constexpr uint8_t RTC_SEC = 0x00;
+	static constexpr uint8_t RTC_MIN = 0x02;
+	static constexpr uint8_t RTC_HOUR = 0x04;
+
+	static constexpr uint8_t RTC_DAY = 0x07;
+	static constexpr uint8_t RTC_MON = 0x08;
+	static constexpr uint8_t RTC_YEAR = 0x09;
+	
+#if __MAC_OS_X_VERSION_MIN_REQUIRED < __MAC_10_5
+	using t_UserClientExternalMethod = IOReturn (*)(IORegistryEntry *service, uint32_t selector, IOExternalMethodArguments * arguments,
+																									IOExternalMethodDispatch * dispatch, OSObject * target, void * reference);
+	static constexpr size_t UserClientExternalMethodIndex = 0x129;
+#endif
+
+	/**
+	 *  Attempt to connect to active RTC service
+	 *
+	 *  @param wait  wait for service availability
+	 *
+	 *  @return true on success
+	 */
+	EXPORT bool init(bool wait=true);
+
+	/**
+	 *  Release obtained RTC service
+	 */
+	EXPORT void deinit();
+
+	/**
+	 *  Check whether extended (higher 128 bytes) is available
+	 *
+	 *  @return true on success
+	 */
+	EXPORT bool checkExtendedMemory();
+
+	/**
+	 *  Read memory from RTC
+	 *
+	 *  @param off     offset to read data from
+	 *  @param size    data size
+	 *  @param buffer  data buffer to read to
+	 *
+	 *  @return true on success
+	 */
+	EXPORT bool read(uint64_t off, uint32_t size, uint8_t *buffer);
+
+	/**
+	 *  Write memory to RTC
+	 *
+	 *  @param off     offset to write data to
+	 *  @param size    data size
+	 *  @param buffer  data buffer to write from
+	 *
+	 *  @return true on success
+	 */
+	EXPORT bool write(uint64_t off, uint32_t size, uint8_t *buffer);
+
+	/**
+	 *  Obtain RTC device for direct writing.
+	 *  Written as inline to avoid IOACPIPlatformDevice dependency.
+	 *
+	 *  @param name  device name
+	 *
+	 *  @return RTC ACPI device for I/O access, must be released
+	 */
+	static inline IOACPIPlatformDevice *getRTCDevice(const char *name = "PNP0B00") {
+		IOService *rtcDev = nullptr;
+		auto matching = IOService::nameMatching(name);
+		if (matching) {
+#if __MAC_OS_X_VERSION_MIN_REQUIRED < __MAC_10_6
+			rtcDev = IOService::waitForService(matching);
+			if (rtcDev)
+				rtcDev->retain();
+#else
+			rtcDev = IOService::waitForMatchingService(matching);
+			matching->release();
+#endif
+
+		} else {
+			SYSLOG("rtc", "failed to allocate rtc device matching");
+		}
+
+		if (rtcDev) {
+			DBGLOG("rtc", "got rtc device");
+			auto acpiDev = OSDynamicCast(IOACPIPlatformDevice, rtcDev);
+			if (acpiDev) {
+				DBGLOG("rtc", "got rtc acpi device");
+				return acpiDev;
+			} else {
+				SYSLOG("rtc", "failed to obtain rtc acpi device");
+				rtcDev->release();
+			}
+		}
+
+		SYSLOG("rtc", "failed to get rtc device");
+		return nullptr;
+	}
+
+	/**
+	 *  Directly read RTC memory (UNSAFE, usage with caution!)
+	 *
+	 *  @param dev      RTC device
+	 *  @param off      offset to read data from
+	 *  @param size     data size
+	 *  @param buffer   data buffer to read to
+	 *  @param introff  turn interrupts off
+	 *
+	 *  @return true on success
+	 */
+	EXPORT static void readDirect(IOACPIPlatformDevice *dev, uint8_t off, uint16_t size, uint8_t *buffer, bool introff);
+
+	/**
+	 *  Directly write RTC memory (UNSAFE, usage with caution!)
+	 *
+	 *  @param dev      RTC device
+	 *  @param off        offset to read data from
+	 *  @param size       data size
+	 *  @param buffer     data buffer to read to
+	 *  @param updatecrc  recalculate crc on write
+	 *  @param introff    turn interrupts off
+	 *
+	 *  @return true on success
+	 */
+	EXPORT static void writeDirect(IOACPIPlatformDevice *dev, uint8_t off, uint16_t size, uint8_t *buffer, bool updatecrc, bool introff);
+
+
+	/**
+	 *  Directly read RTC memory (UNSAFE, usage with caution!), this is just a compatibility function.
+	 *
+	 *  @param off      offset to read data from
+	 *  @param size     data size
+	 *  @param buffer   data buffer to read to
+	 *  @param introff  turn interrupts off
+	 *
+	 *  @return true on success
+	 */
+	static inline bool readDirect(uint8_t off, uint16_t size, uint8_t *buffer, bool introff) {
+		if (size > RTC_BANK_SIZE*2 - off) {
+			SYSLOG("rtc", "reading unsupported size");
+			return false;
+		}
+
+		auto rtc = getRTCDevice();
+		if (rtc) {
+			readDirect(rtc, off, size, buffer, introff);
+			rtc->release();
+			return true;
+		}
+
+		return false;
+	}
+
+	/**
+	 *  Directly write RTC memory (UNSAFE, usage with caution!), this is just a compatibility function.
+	 *
+	 *  @param off        offset to read data from
+	 *  @param size       data size
+	 *  @param buffer     data buffer to read to
+	 *  @param updatecrc  recalculate crc on write
+	 *  @param introff    turn interrupts off
+	 *
+	 *  @return true on success
+	 */
+	static inline bool writeDirect(uint8_t off, uint16_t size, uint8_t *buffer, bool updatecrc, bool introff) {
+		if (size > RTC_BANK_SIZE*2 - off) {
+			SYSLOG("rtc", "writing unsupported size");
+			return false;
+		}
+
+		auto rtc = getRTCDevice();
+		if (rtc) {
+			writeDirect(rtc, off, size, buffer, updatecrc, introff);
+			rtc->release();
+			return true;
+		}
+
+		return false;
+	}
+};
+
+#endif /* kern_rtc_h */
--- a/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_time.hpp
+++ b/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_time.hpp
@ -0,0 +1,135 @@
+//
+//  kern_time.hpp
+//  Lilu
+//
+//  Copyright © 2018 vit9696. All rights reserved.
+//
+
+#ifndef kern_time_hpp
+#define kern_time_hpp
+
+#include <kern/clock.h>
+
+/**
+ *  Obtain current system time in nanoseconds
+ *
+ *  @return current time
+ */
+inline uint64_t getCurrentTimeNs() {
+	uint64_t currt = 0;
+	absolutetime_to_nanoseconds(mach_absolute_time(), &currt);
+	return currt;
+}
+
+/**
+ *  Obtain current calendar system time in nanoseconds
+ *
+ *  @return current time
+ */
+inline uint64_t getCalendarTimeNs() {
+	clock_sec_t sc;
+	clock_nsec_t ns;
+	clock_get_calendar_nanotime(&sc, &ns);
+	return static_cast<uint64_t>(sc) * NSEC_PER_SEC + ns;
+}
+
+/**
+ *  Obtain time passed since some timestamp in nanoseconds
+ *
+ *  @param start   starting timestamp
+ *  @param current timestamp to check against (pass 0 for current time)
+ *
+ *  @return delta or 0 (if current time equals or precedeces the start)
+ */
+inline uint64_t getTimeSinceNs(uint64_t start, uint64_t current = 0) {
+	if (current == 0)
+		current = getCurrentTimeNs();
+	if (current > start)
+		return current - start;
+	return 0;
+}
+
+/**
+ *  Obtain time left till a timestamp in the future in nanoseconds
+ *
+ *  @param start   starting timestamp
+ *  @param timeout timeout for the event
+ *  @param current timestamp to check against (pass 0 for current time)
+ *
+ *  @return delta or 0 (if the timeout is over)
+ */
+inline uint64_t getTimeLeftNs(uint64_t start, uint64_t timeout, uint64_t current = 0) {
+	if (current == 0)
+		current = getCurrentTimeNs();
+	if (start + timeout > current)
+		return start + timeout - current;
+	return 0;
+}
+
+/**
+ *  Convert from nanoseconds to milliseconds
+ *
+ *  @param t timestamp in ns
+ *
+ *  @return timestamp in ms
+ */
+constexpr  uint64_t convertNsToMs(uint64_t t) {
+	return t / 1000000;
+}
+
+/**
+ *  Convert from nanoseconds to seconds
+ *
+ *  @param t timestamp in ns
+ *
+ *  @return timestamp in s
+ */
+constexpr uint64_t convertNsToSc(uint64_t t) {
+	return t / 1000000000;
+}
+
+/**
+ *  Convert from milliseconds to seconds
+ *
+ *  @param t timestamp in ms
+ *
+ *  @return timestamp in s
+ */
+constexpr uint64_t convertMsToSc(uint64_t t) {
+	return t / 1000;
+}
+
+/**
+ *  Convert from milliseconds to nanoseconds
+ *
+ *  @param t timestamp in ms
+ *
+ *  @return timestamp in ns
+ */
+constexpr uint64_t convertMsToNs(uint64_t t) {
+	return t * 1000000;
+}
+
+/**
+ *  Convert from seconds to nanoseconds
+ *
+ *  @param t timestamp in s
+ *
+ *  @return timestamp in ns
+ */
+constexpr uint64_t convertScToNs(uint64_t t) {
+	return t * 1000000000;
+}
+
+/**
+ *  Convert from seconds to milliseconds
+ *
+ *  @param t timestamp in s
+ *
+ *  @return timestamp in ms
+ */
+constexpr uint64_t convertScToMs(uint64_t t) {
+	return t * 1000;
+}
+
+#endif /* kern_time_hpp */
--- a/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_user.hpp
+++ b/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_user.hpp
@ -0,0 +1,615 @@
+//
+//  kern_user.hpp
+//  Lilu
+//
+//  Copyright © 2016-2017 vit9696. All rights reserved.
+//
+
+#ifndef kern_user_hpp
+#define kern_user_hpp
+
+#include <Headers/kern_config.hpp>
+#include <Headers/kern_patcher.hpp>
+
+#include <mach/shared_region.h>
+#include <sys/kauth.h>
+
+class UserPatcher {
+public:
+	/**
+	 *  Initialise UserPatcher, prepare for modifications
+	 *
+	 *  @param patcher        kernel patcher instance
+	 *  @param preferSlowMode policy boot type
+	 *
+	 *  @return true on success
+	 */
+	bool init(KernelPatcher &patcher, bool preferSlowMode);
+
+	/**
+	 *  Deinitialise UserPatcher, must be called regardless of the init error
+	 */
+	void deinit();
+
+	/**
+	 *  Obtain page protection
+	 *
+	 *  @param map  vm map
+	 *  @param addr map offset
+	 *
+	 *  @return protection
+	 */
+	EXPORT vm_prot_t getPageProtection(vm_map_t map, vm_map_address_t addr);
+
+	/**
+	 *  Mach segment/section references for patch locations
+	 */
+	enum FileSegment : uint32_t {
+		SegmentsTextStart,
+		SegmentTextText = SegmentsTextStart,
+		SegmentTextStubs,
+		SegmentTextConst,
+		SegmentTextCstring,
+		SegmentTextUstring,
+		SegmentsTextEnd = SegmentTextUstring,
+		SegmentsDataStart,
+		SegmentDataConst = SegmentsDataStart,
+		SegmentDataCfstring,
+		SegmentDataCommon,
+		SegmentsDataEnd = SegmentDataCommon,
+		SegmentTotal
+	};
+
+	/**
+	 *  Mach segment names kept in sync with FileSegment
+	 */
+	const char *fileSegments[SegmentTotal] {
+		"__TEXT",
+		"__TEXT",
+		"__TEXT",
+		"__TEXT",
+		"__TEXT",
+		"__DATA",
+		"__DATA",
+		"__DATA"
+	};
+
+	/**
+	 *  Mach section names kept in sync with FileSegment
+	 */
+	const char *fileSections[SegmentTotal] {
+		"__text",
+		"__stubs",
+		"__const",
+		"__cstring",
+		"__ustring",
+		"__const",
+		"__cfstring",
+		"__common"
+	};
+
+	/**
+	 * Binary modification patches flags
+	 */
+	enum BinaryModPatchFlags {
+		/*
+		 * Only applies to one process, not globally.
+		 */
+		LocalOnly = 1
+	};
+
+	/**
+	 *  Structure holding lookup-style binary patches
+	 */
+	struct BinaryModPatch {
+		cpu_type_t cpu;
+		uint32_t flags;
+		const uint8_t *find;
+		const uint8_t *replace;
+		size_t size;
+		size_t skip;
+		size_t count;
+		FileSegment segment;
+		uint32_t section;
+	};
+
+#if defined(__i386__)
+	static_assert(sizeof(BinaryModPatch) == 36, "BinaryModPatch 32-bit ABI compatibility failure");
+#elif defined(__x86_64__)
+	static_assert(sizeof(BinaryModPatch) == 56, "BinaryModPatch 64-bit ABI compatibility failure");
+#else
+#error Unsupported arch.
+#endif
+
+	/**
+	 *  Structure describing the modifications for the binary
+	 */
+	struct BinaryModInfo {
+		const char *path;
+		BinaryModPatch *patches;
+		size_t count;
+		vm_address_t startTEXT;
+		vm_address_t endTEXT;
+		vm_address_t startDATA;
+		vm_address_t endDATA;
+	};
+
+	/**
+	 *  Structure describing relevant processes run
+	 */
+	struct ProcInfo {
+		/**
+		 *  Process matching flags
+		 */
+		enum ProcFlags {
+			MatchExact  = 0,
+			MatchAny    = 1,
+			MatchPrefix = 2,
+			MatchSuffix = 4,
+			MatchMask   = MatchExact | MatchAny | MatchPrefix | MatchSuffix
+		};
+
+		/**
+		 *  Unused (aka disabled) proc info section
+		 */
+		static constexpr uint32_t SectionDisabled {0};
+
+		const char *path {nullptr};
+		uint32_t len {0};
+		uint32_t section {SectionDisabled};
+		uint32_t flags {MatchExact};
+	};
+
+	/**
+	 *  External callback type for on process invocation
+	 *
+	 *  @param user    user provided pointer at registering
+	 *  @param patcher user patcher instance
+	 *  @param map     process image vm_map
+	 *  @param path    path to the binary absolute or relative
+	 *  @param len     path length excluding null terminator
+	 */
+	using t_BinaryLoaded = void (*)(void *user, UserPatcher &patcher, vm_map_t map, const char *path, size_t len);
+
+	/**
+	 *  Instructs user patcher to do further actions
+	 *
+	 *  @param procs    process list
+	 *  @param procNum  process list size
+	 *  @param mods     modification list
+	 *  @param modNum   modification list size
+	 *  @param callback callback function
+	 *  @param user     pointer that will be passed to the callback function
+	 */
+	bool registerPatches(ProcInfo **procs, size_t procNum, BinaryModInfo **mods, size_t modNum, t_BinaryLoaded callback, void *user);
+
+	/**
+	 *  Reads current process header
+	 *
+	 *  @param map     vm map
+	 *  @param header  Mach-O header
+	 *
+	 *  @return false on failure
+	 */
+	EXPORT bool getTaskHeader(vm_map_t map, mach_header_64 &header);
+
+	/**
+	 *  Disables dyld_shared_cache for the current process
+	 *
+	 *  @param map  vm map
+	 *
+	 *  @return false on mach image failure
+	 */
+	EXPORT bool injectRestrict(vm_map_t map);
+
+	/**
+	 *  Injects payload into the process right after the header with EP replacement.
+	 *
+	 *  @param map      vm map
+	 *  @param payload  code
+	 *  @param size     code size (up to PAGE_SIZE)
+	 *  @param ep       original entrypoint (may be written to code before copying)
+	 *
+	 *  @return false on mach image failure
+	 */
+	EXPORT bool injectPayload(vm_map_t map, uint8_t *payload, size_t size, void *ep=nullptr);
+
+	/**
+	 *  Allocates a new segment in the process.
+	 *
+	 *  @param map      vm map
+	 *  @param addr     allocation address (e.g. a little below SHARED_REGION_BASE_X86_64)
+	 *  @param payload  code
+	 *  @param size     code size (must be PAGE_SIZE-aligned)
+	 *  @param prot     segment protection
+	 *
+	 *  @return allocated address or 0 on failure
+	 */
+	EXPORT vm_address_t injectSegment(vm_map_t taskPort, vm_address_t addr, uint8_t *payload, size_t size, vm_prot_t prot);
+
+	/**
+	 *  Activates monitoring functions if necessary
+	 */
+	void activate();
+
+	/**
+	 *  Get active dyld shared cache path.
+	 *
+	 *  @return shared cache path constant
+	 */
+	EXPORT static const char *getSharedCachePath() DEPRECATE("Use matchSharedCachePath, macOS 12 has multiple caches");
+
+	/**
+	 *  Check if the supplied path matches dyld shared cache path.
+	 *
+	 *  @param path  image path
+	 *
+	 *  @return shared cache path constant
+	 */
+	EXPORT static bool matchSharedCachePath(const char *path);
+
+private:
+
+	/**
+	 *  Kernel function prototypes
+	 */
+	using vm_shared_region_t = void *;
+	using shared_file_mapping_np = void *;
+	using t_currentMap = vm_map_t (*)(void);
+	using t_getTaskMap = vm_map_t (*)(task_t);
+	using t_getMapMin = vm_map_offset_t (*)(vm_map_t);
+	using t_vmMapSwitchProtect = void (*)(vm_map_t, boolean_t);
+	using t_vmMapCheckProtection = boolean_t (*)(vm_map_t, vm_map_offset_t, vm_map_offset_t, vm_prot_t);
+	using t_vmMapReadUser = kern_return_t (*)(vm_map_t, vm_map_address_t, const void *, vm_size_t);
+	using t_vmMapWriteUser = kern_return_t (*)(vm_map_t, const void *, vm_map_address_t, vm_size_t);
+
+	/**
+	 *  Original kernel function trampolines
+	 */
+	mach_vm_address_t orgCodeSignValidatePageWrapper {};
+	mach_vm_address_t orgCodeSignValidateRangeWrapper {};
+	mach_vm_address_t orgVmSharedRegionMapFile {};
+	mach_vm_address_t orgVmSharedRegionSlide {};
+	mach_vm_address_t orgVmSharedRegionSlideMojave {};
+	t_currentMap orgCurrentMap {nullptr};
+	t_getMapMin orgGetMapMin {nullptr};
+	t_getTaskMap orgGetTaskMap {nullptr};
+	t_vmMapSwitchProtect orgVmMapSwitchProtect {nullptr};
+	t_vmMapCheckProtection orgVmMapCheckProtection {nullptr};
+	t_vmMapReadUser orgVmMapReadUser {nullptr};
+	t_vmMapWriteUser orgVmMapWriteUser {nullptr};
+	mach_vm_address_t orgTaskSetMainThreadQos {};
+
+	/**
+	 *  Kernel function wrappers
+	 */
+	static boolean_t codeSignValidatePageWrapper(void *blobs, memory_object_t pager, memory_object_offset_t page_offset, const void *data, unsigned *tainted);
+	static boolean_t codeSignValidateRangeWrapper(void *blobs, memory_object_t pager, memory_object_offset_t range_offset, const void *data, memory_object_size_t data_size, unsigned *tainted);
+	static vm_map_t swapTaskMap(task_t task, thread_t thread, vm_map_t map, boolean_t doswitch);
+	static vm_map_t vmMapSwitch(vm_map_t map);
+	static kern_return_t vmSharedRegionMapFile(vm_shared_region_t shared_region, unsigned int mappings_count, shared_file_mapping_np *mappings, memory_object_control_t file_control, memory_object_size_t file_size, void *root_dir, uint32_t slide, user_addr_t slide_start, user_addr_t slide_size);
+	static void execsigs(proc_t p, thread_t thread);
+	static int vmSharedRegionSlide(uint32_t slide, mach_vm_offset_t entry_start_address, mach_vm_size_t entry_size, mach_vm_offset_t slide_start, mach_vm_size_t slide_size, memory_object_control_t sr_file_control);
+	static int vmSharedRegionSlideMojave(uint32_t slide, mach_vm_offset_t entry_start_address, mach_vm_size_t entry_size, mach_vm_offset_t slide_start, mach_vm_size_t slide_size, mach_vm_offset_t slid_mapping, memory_object_control_t sr_file_control);
+	static void taskSetMainThreadQos(task_t task, thread_t main_thread);
+
+	/**
+	 *  Applies page patches to the memory range
+	 *
+	 *  @param data_ptr  pages in kernel memory
+	 *  @param data_size data size divisible by PAGE_SIZE
+	 */
+	void performPagePatch(const void *data_ptr, size_t data_size);
+
+	/**
+	 * dyld shared cache map entry structure
+	 */
+	struct MapEntry {
+		const char *filename;
+		size_t length;
+		vm_address_t startTEXT;
+		vm_address_t endTEXT;
+		vm_address_t startDATA;
+		vm_address_t endDATA;
+	};
+
+	/**
+	 *  Obtains __TEXT addresses from .map files
+	 *
+	 *  @param mapBuf     read .map file
+	 *  @param mapSz      .map file size
+	 *  @param mapEntries entries to look for
+	 *  @param nentries   number of entries
+	 *
+	 *  @return number of entries found
+	 */
+	size_t mapAddresses(const char *mapBuf, MapEntry *mapEntries, size_t nentries);
+
+	/**
+	 *  Stored ASLR slide of dyld shared cache
+	 */
+	uint32_t storedSharedCacheSlide {0};
+
+	/**
+	 *  Set once shared cache slide is defined
+	 */
+	bool sharedCacheSlideStored {false};
+
+	/**
+	 *  Set on init to decide on whether to use __RESTRICT or patch dyld shared cache
+	 */
+	bool patchDyldSharedCache {false};
+
+	/**
+	 *  Kernel patcher instance
+	 */
+	KernelPatcher *patcher {nullptr};
+
+	/**
+	 *  Pending callback entry
+	 */
+	struct PendingUser {
+		/**
+		 *  Patch requested for path
+		 */
+		char path[MAXPATHLEN] {};
+
+		/**
+		 *  Patch requested for path
+		 */
+		uint32_t pathLen {0};
+	};
+
+	/**
+	 *  Stored pending callback
+	 */
+	ThreadLocal<PendingUser *, 32> pending;
+
+	/**
+	 *  Current minimal proc name length
+	 */
+	uint32_t currentMinProcLength {0};
+
+	/**
+	 *  Provided binary modification list
+	 */
+	BinaryModInfo **binaryMod {nullptr};
+
+	/**
+	 *  Amount of provided binary modifications
+	 */
+	size_t binaryModSize {0};
+
+	/**
+	 *  Provided process list
+	 */
+	ProcInfo **procInfo {nullptr};
+
+	/**
+	 *  Amount of provided processes
+	 */
+	size_t procInfoSize {0};
+
+	/**
+	 *  Provided global callback for on proc invocation
+	 */
+	ppair<t_BinaryLoaded, void *> userCallback {};
+
+	/**
+	 *  Applies dyld shared cache patches
+	 *
+	 *  @param map     current process map
+	 *  @param slide   ASLR offset
+	 *  @param cpu     cache cpu type
+	 *  @param restore true to rollback the changes
+	 */
+	void patchSharedCache(vm_map_t map, uint32_t slide, cpu_type_t cpu, bool applyChanges=true);
+
+	/**
+	 *  Structure holding userspace lookup patches
+	 */
+	struct LookupStorage {
+		struct PatchRef {
+			size_t i {0};
+			evector<off_t> pageOffs;
+			evector<off_t> segOffs;
+			static PatchRef *create() {
+				return new PatchRef;
+			}
+			static void deleter(PatchRef *r NONNULL) {
+				r->pageOffs.deinit();
+				r->segOffs.deinit();
+				delete r;
+			}
+		};
+
+		const BinaryModInfo *mod {nullptr};
+		evector<PatchRef *, PatchRef::deleter> refs;
+		Page *page {nullptr};
+		vm_address_t pageOff {0};
+
+		static LookupStorage *create() {
+			auto p = new LookupStorage;
+			if (p) {
+				p->page = Page::create();
+				if (!p->page) {
+					deleter(p);
+					p = nullptr;
+				}
+			}
+			return p;
+		}
+
+		static void deleter(LookupStorage *p NONNULL) {
+			if (p->page) {
+				Page::deleter(p->page);
+				p->page = nullptr;
+			}
+			p->refs.deinit();
+			delete p;
+		}
+	};
+
+	struct Lookup {
+		uint32_t offs[4] {};
+		static constexpr size_t matchNum {4};
+		evector<uint64_t> c[matchNum];
+	};
+
+	evector<LookupStorage *, LookupStorage::deleter> lookupStorage;
+	Lookup lookup;
+	
+	/**
+	 *  Restrict 64-bit entry overlapping DYLD_SHARED_CACHE to enforce manual library loading
+	 */
+	segment_command_64 restrictSegment64 {
+		LC_SEGMENT_64,
+		sizeof(segment_command_64),
+		"__RESTRICT",
+		SHARED_REGION_BASE_X86_64,
+		1, 0, 0, 0, 0, 0, 0
+	};
+
+	/**
+	 *  Restrict 32-bit entry overlapping DYLD_SHARED_CACHE to enforce manual library loading
+	 */
+	segment_command restrictSegment32 {
+		LC_SEGMENT,
+		sizeof(segment_command),
+		"__RESTRICT",
+		SHARED_REGION_BASE_I386,
+		1, 0, 0, 0, 0, 0, 0
+	};
+
+	/**
+	 *  Temporary buffer for reading image data
+	 */
+	uint8_t tmpBufferData[PAGE_SIZE*3] {};
+
+	/**
+	 *  Kernel auth listener handle
+	 */
+	kauth_listener_t listener {nullptr};
+
+	/**
+	 *  Patcher status
+	 */
+	_Atomic(bool) activated = false;
+
+	/**
+	 *  Validation cookie
+	 */
+	void *cookie {nullptr};
+
+	/**
+	 *  Flags for codesign (PL) offset in struct proc. (uint32_t p_csflags)
+	 */
+	size_t csFlagsOffset {0};
+
+	/**
+	 *  Exec callback
+	 *
+	 *  @param credential kauth credential
+	 *  @param idata      cookie
+	 *  @param action     passed action, we only need KAUTH_FILEOP_EXEC
+	 *  @param arg0       pointer to vnode (vnode *) for executable
+	 *  @param arg1       pointer to path (char *) to executable
+	 *
+	 *  @return 0 to allow further execution
+	 */
+	static int execListener(kauth_cred_t /* credential */, void *idata, kauth_action_t action, uintptr_t /* arg0 */, uintptr_t arg1, uintptr_t, uintptr_t);
+
+	/**
+	 *  Unrestricted vm_protect, that takes care of Mojave codesign limitations for everyone's good.
+	 *  See vm_protect description.
+	 */
+	kern_return_t vmProtect(vm_map_t map, vm_offset_t start, vm_size_t size, boolean_t set_maximum, vm_prot_t new_protection);
+
+	/**
+	 *  Callback invoked at process loading
+	 *
+	 *  @param path binary path
+	 *  @param len  path length
+	 */
+	void onPath(const char *path, uint32_t len);
+
+	/**
+	 *  Reads files from BinaryModInfos and prepares lookupStorage
+	 *
+	 *  @return true on success
+	 */
+	bool loadFilesForPatching();
+
+	/**
+	 *  Reads dyld shared cache and obtains segment offsets
+	 *
+	 *  @return true on success
+	 */
+	bool loadDyldSharedCacheMapping();
+
+	/**
+	 *  Prepares quick page lookup based on lookupStorage values
+	 *
+	 *  @return true on success
+	 */
+	bool loadLookups();
+
+	/**
+	 *  Hooks memory access to get ready for patching
+	 *
+	 *  @return true on success
+	 */
+	bool hookMemoryAccess();
+
+	/**
+	 *  Peforms the actual binary patching
+	 *
+	 *  @param map  vm map
+	 *  @param path binary path
+	 *  @param len  path length
+	 */
+	void patchBinary(vm_map_t map, const char *path, uint32_t len);
+
+	/**
+	 *  DYLD shared cache map path for 10.10+ on Haswell
+	 */
+	static constexpr const char *SharedCacheMapHaswell {"/private/var/db/dyld/dyld_shared_cache_x86_64h.map"};
+
+	/**
+	 *  DYLD shared cache map path for all other systems and older CPUs
+	 */
+	static constexpr const char *SharedCacheMapLegacy {"/private/var/db/dyld/dyld_shared_cache_x86_64.map"};
+
+	/**
+	 *  DYLD shared cache path on Haswell+ before Big Sur
+	 */
+	static constexpr const char *sharedCacheHaswell {"/private/var/db/dyld/dyld_shared_cache_x86_64h"};
+
+	/**
+	 *  DYLD shared cache path on older systems before Big Sur
+	 */
+	static constexpr const char *sharedCacheLegacy {"/private/var/db/dyld/dyld_shared_cache_x86_64"};
+	
+	/**
+	 *  DYLD shared cache map path on Haswell+ on Big Sur
+	 */
+	static constexpr const char *bigSurSharedCacheMapHaswell {"/System/Library/dyld/dyld_shared_cache_x86_64h.map"};
+	
+	/**
+	 *  DYLD shared cache map path on older systems on Big Sur
+	 */
+	static constexpr const char *bigSurSharedCacheMapLegacy {"/System/Library/dyld/dyld_shared_cache_x86_64.map"};
+
+	/**
+	 *  DYLD shared cache path on Haswell+ on Big Sur
+	 */
+	static constexpr const char *bigSurSharedCacheHaswell {"/System/Library/dyld/dyld_shared_cache_x86_64h"};
+
+	/**
+	 *  DYLD shared cache path on older systems on Big Sur
+	 */
+	static constexpr const char *bigSurSharedCacheLegacy {"/System/Library/dyld/dyld_shared_cache_x86_64"};
+
+};
+
+#endif /* kern_user_hpp */
--- a/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_util.hpp
+++ b/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_util.hpp
--- a/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_version.hpp
+++ b/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/kern_version.hpp
@ -0,0 +1,85 @@
+//
+//  kern_version.hpp
+//  Lilu
+//
+//  Copyright © 2016-2020 vit9696. All rights reserved.
+//
+
+#ifndef kern_version_hpp
+#define kern_version_hpp
+
+#include <Headers/kern_util.hpp>
+
+#include <stdint.h>
+#include <sys/types.h>
+
+/**
+ *  Slightly non-standard helpers to get the date in a YYYY-MM-DD format.
+ */
+template <size_t i>
+inline constexpr char getBuildYear() {
+	static_assert(i < 4, "Year consists of four digits");
+	return __DATE__[7+i];
+}
+
+template <size_t i>
+inline constexpr char getBuildMonth() {
+	static_assert(i < 2, "Month consists of two digits");
+	auto mon = static_cast<uint32_t>(__DATE__[0])
+		| (static_cast<uint32_t>(__DATE__[1]) << 8U)
+		| (static_cast<uint32_t>(__DATE__[2]) << 16U)
+		| (static_cast<uint32_t>(__DATE__[3]) << 24U);
+	switch (mon) {
+		case ' naJ':
+			return "01"[i];
+		case ' beF':
+			return "02"[i];
+		case ' raM':
+			return "03"[i];
+		case ' rpA':
+			return "04"[i];
+		case ' yaM':
+			return "05"[i];
+		case ' nuJ':
+			return "06"[i];
+		case ' luJ':
+			return "07"[i];
+		case ' guA':
+			return "08"[i];
+		case ' peS':
+			return "09"[i];
+		case ' tcO':
+			return "10"[i];
+		case ' voN':
+			return "11"[i];
+		case ' ceD':
+			return "12"[i];
+		default:
+			return '0';
+	}
+}
+
+template <size_t i>
+inline constexpr char getBuildDay() {
+	static_assert(i < 2, "Day consists of two digits");
+	if (i == 0 && __DATE__[4+i] == ' ')
+		return '0';
+	return __DATE__[4+i];
+}
+
+#if !defined(LILU_CUSTOM_KMOD_INIT) || !defined(LILU_CUSTOM_IOKIT_INIT) || defined(LILU_USE_KEXT_VERSION)
+
+static const char kextVersion[] {
+#ifdef DEBUG
+	'D', 'B', 'G', '-',
+#else
+	'R', 'E', 'L', '-',
+#endif
+	xStringify(MODULE_VERSION)[0], xStringify(MODULE_VERSION)[2], xStringify(MODULE_VERSION)[4], '-',
+	getBuildYear<0>(), getBuildYear<1>(), getBuildYear<2>(), getBuildYear<3>(), '-',
+	getBuildMonth<0>(), getBuildMonth<1>(), '-', getBuildDay<0>(), getBuildDay<1>(), '\0'
+};
+
+#endif
+
+#endif /* kern_version_hpp */
--- a/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/plugin_start.hpp
+++ b/EFI/OC/Kexts/Lilu.kext/Contents/Resources/Headers/plugin_start.hpp
@ -0,0 +1,53 @@
+//
+//  kern_start.hpp
+//  AppleALC
+//
+//  Copyright © 2016 vit9696. All rights reserved.
+//
+
+#ifndef kern_start_hpp
+#define kern_start_hpp
+
+#include <Headers/kern_util.hpp>
+
+#include <IOKit/IOService.h>
+#include <sys/types.h>
+
+struct PluginConfiguration {
+	const char *product;        // Product name (e.g. xStringify(PRODUCT_NAME))
+	size_t version;             // Product version (e.g. parseModuleVersion(xStringify(MODULE_VERSION)))
+	uint32_t runmode;           // Product supported environments (e.g. LiluAPI::AllowNormal)
+	const char **disableArg;    // Pointer to disabling boot arguments array
+	size_t disableArgNum;       // Number of disabling boot arguments
+	const char **debugArg;      // Pointer to debug boot arguments array
+	size_t debugArgNum;         // Number of debug boot arguments
+	const char **betaArg;       // Pointer to beta boot arguments array
+	size_t betaArgNum;          // Number of beta boot arguments
+	KernelVersion minKernel;    // Minimal required kernel version
+	KernelVersion maxKernel;    // Maximum supported kernel version
+	void (*pluginStart)();      // Main function
+};
+
+#ifndef LILU_CUSTOM_KMOD_INIT
+
+extern PluginConfiguration ADDPR(config);
+
+extern bool ADDPR(startSuccess);
+
+#endif /* LILU_CUSTOM_KMOD_INIT */
+
+#ifndef LILU_CUSTOM_IOKIT_INIT
+
+class EXPORT PRODUCT_NAME : public IOService {
+	OSDeclareDefaultStructors(PRODUCT_NAME)
+public:
+	IOService *probe(IOService *provider, SInt32 *score) override;
+	bool start(IOService *provider) override;
+	void stop(IOService *provider) override;
+};
+
+extern PRODUCT_NAME *ADDPR(selfInstance);
+
+#endif /* LILU_CUSTOM_IOKIT_INIT */
+
+#endif /* kern_start_hpp */