Jump to content

Mavericks - to be locked down (in the future)?


frankiee
 Share

101 posts in this topic

Recommended Posts

OK, so it seems that many of you already had success installing Mavericks on a hack, and the list of supported machines also indicates that everything that can run ML can also run Mavericks, but ...

 

will that still be true for the future, especially for a hackintosh?

 

I am on the verge of jumping into the cold water and want to build myself one, bc Apple does not seem to be able to offer me the hardware I need. But of course, I also want my "hack" to be future proof, and one of the worst things I can imagine is to be locked out of future OS updates.

 

One point that worries me is that Apple seems to use more and more proprietary hardware (especially for the new "Mac Pro"), but it was this article that almost scares me and makes me feel a bit uneasy about the future of hacks in general: http://pikeralpha.wordpress.com/2013/06/13/kext-requirements-for-os-x-10-9-mavericks/

 

In short, the poster claims that: "The /System directory will be locked in the near future and kext in /Library/Extensions must be signed. But more importantly. Kext editing (plists and bin files) will simply be impossible"

 

So, what's your take on this? Do you think this could become a real problem, or nothing to worry about?

Link to comment
Share on other sites

I read the same page today, and I don't understand how the /System/Library/Extensions will be locked down... I think this lock could be hacked/patched.

Btw this codesign security blocking could be in the final 10.9 (apple started to ask developers to register not only for apps, but anything)  :( They want to lock the whole thing... -_-

Well we will see...

Link to comment
Share on other sites

I read the same page today, and I don't understand how the /System/Library/Extensions will be locked down... I think this lock could be hacked/patched.

 

I also don't know, (so thats why I am asking) but I assume if Apple really wants, they will find a way. The question is: are they actually concerned about locking out hacks, or are these measures that won't affect us?

 

And, even if that could be bypassed, that also would mean even more patching, maybe using a custom kernel. But on the other hand, this might reduce compability and of course introduce more difficulties in general.

 

Btw this codesign security blocking could be in the final 10.9

 

Thats one thing I am afraid of ... so this could be a really important issue for everybody imho.

Link to comment
Share on other sites

If Apple implements signature versification via the kernel, I think it'll be very difficult to bypass especially if the kernel itself becomes secured too somehow. 

 

Apple has generally been tolerant of the hackintosh community and I don't think they're trying to kill it, but rather limit it a bit by making it more difficult.

 

If Apple does indeed lockup everything in 10.9, it'll mean we'll have a much narrower range of supported hardware. We can still fake dev ids via DSDT to use some stock kexts but we will no longer be able to patch binaries. We'll have to depend more on 3rd party kexts which, unfortunately, won't cover our needs.

 

We can only wait and see. And I'm sure some brilliant hackers around here will find workarounds, eventually.

  • Like 1
Link to comment
Share on other sites

wouldn't  this mean that 3rd party kexts wouldn't be allowed. This would however limit 3rd party hardware and can't be really in apples interest. If 3rd party hardware kexts are still allowed couldn't we just patch apple kexts an reintroduce them as 3rd party kexts?

 

I don't have much of an insight in such things though. 

Link to comment
Share on other sites

There's a new kext AppleKextExcludeList with an Info.plist that looks a list for kexts allowed to load without a signature.  It's got an infinite list of kexts that looks like some huge database of all kexts ever made for the Mac.

Some stuff in there 

<key>OSKextSigExceptionList</key>
        <key>VoodooSDHC</key>
        <string>1.1d1</string>
        <key>com.AnV.Software.driver.PCGenRTL8139Ethernet</key>
        <string>1.4.1</string>
        <key>com.AnV_Software.driver.AnyAppleUSBKeyboard</key>
        <string>8.8.8</string>
        <key>com.AnV_Software.driver.AnyAppleUSBMouse</key>
        <string>8.8.8</string>
        <key>com.AnV_Software.driver.AnyCardReader</key>
        <string>8.8.8</string>
        <key>com.AnV_Software.driver.AnyiSightCam</key>
        <string>8.8.8</string>
        <key>com.AnV_Software.driver.BroadcomAppleBluetooth</key>
        <string>1111.0</string>
        <key>com.AnV_Software.driver.CustomPeripheral</key>
        <string>8.8.8</string>
        <key>com.AnV_Software.driver.DeviceMergeNub</key>
        <string>1111.0</string>
        <key>com.AnV_Software.driver.DeviceMergeNubAPM</key>
        <string>1.0</string>
        <key>com.Micky1979.plist.WifiInjector</key>
        <string>1.0</string>
        <key>com.Niresh12495.ExtraExtensions</key>
        <string>1.0</string>
        <key>com.Niresh12495.Hackintosh.AHCIPortInjector</key>
        <string>1.0</string>
        <key>com.Niresh12495.Hackintosh.ATAPortInjector</key>
        <string>1.0</string>
        <key>com.Niresh12495.Hackintosh.IOAHCIBlockStorageInjector</key>
        <string>1.1.1</string>
        <key>com.tonymacx86.AHCI_3rdParty_SATA</key>
        <string>1111.0</string>
        <key>com.tonymacx86.AHCI_3rdParty_eSATA</key>
        <string>0.3</string>
        <key>com.tonymacx86.ALC8xxHDA</key>
        <string>1111.0</string>
        <key>com.tonymacx86.ATI48xxController</key>
        <string>9.0.2</string>
        <key>com.tonymacx86.JMicron36xSATA</key>
        <string>0.8</string>
        <key>com.tonymacx86.JMicron36xeSATA</key>
        <string>0.8</string>
        <key>com.tonymacx86.Legacy889HDA</key>
        <string>0.3</string>
        <key>com.tonymacx86.ati6570pm</key>
        <string>3.0</string>
        <key>mohamed.ACPIPS2Nub</key>
        <string>1.0d1</string>
        <key>my.name.adlan.BCM5722D</key>
        <string>1111.0</string>
        <key>name.perrier.thomas.ATIcceleratorDriver</key>
        <string>1.0</string>
        <key>net.osx86.driver.EnsoniqAudioPCI</key>
        <string>1.0.3</string>
        <key>net.osx86.driver.VMsvga2</key>
        <string>1.3d7</string>
        <key>net.osx86.driver.VMsvga2Accel</key>
        <string>1.3d7</string>
        <key>net.osx86.kexts.GenericUSBXHCI</key>
        <string>1.2d11</string>
        <key>org.chameleon.plist.AHCIPortInjector</key>
        <string>1111.0</string>
        <key>org.chameleon.plist.AHCI_Intel_SATA</key>
        <string>1.0</string>
        <key>org.chameleon.plist.ATAPortInjector</key>
        <string>1.0</string>
        <key>org.chameleon.plist.AppleIntelSNBGraphicsFB</key>
        <string>1.0</string>
        <key>org.chameleon.plist.IOAHCIBlockStorageInjector</key>
        <string>1111.0</string>
        <key>org.chameleon.plist.JMicronATAInjector</key>
        <string>1.0</string>
        <key>org.netkas.FakeSMC</key>
        <string>1111.0</string>
        <key>org.netkas.HPETDevice</key>
        <string>1.0</string>
        <key>org.netkas.driver.FakeSMC</key>
        <string>1111.0</string>
        <key>org.netkas.fakesmc</key>
        <string>1111.0</string>
        <key>org.netkas.hda</key>
        <string>900.0</string>
        <key>org.slice.ACPIMonitor</key>
        <string>1111.0</string>
        <key>org.slice.ACPISensors</key>
        <string>1111.0</string>
        <key>org.slice.HWInfo</key>
        <string>1.0</string>
        <key>org.slice.IntelCPUMonitor</key>
        <string>1.1</string>
        <key>org.slice.NSCPC8739x</key>
        <string>1111.0</string>
        <key>org.slice.PC8739x</key>
        <string>1111.0</string>
        <key>org.slice.RadeonMonitor</key>
        <string>2.0</string>
        <key>org.slice.sensor.X3100</key>
        <string>1.0</string>
        <key>org.tgwbd.driver.ACPIPS2Nub</key>
        <string>1.0d1</string>
        <key>org.tgwbd.driver.ElliottForceLegacyRTC</key>
        <string>1111.0</string>
        <key>org.tgwbd.driver.LegacyAppleAHCIPort</key>
        <string>1.5.1</string>
        <key>org.tgwbd.driver.LegacyAppleIntelPIIXATA</key>
        <string>1.0d1</string>
        <key>org.tgwbd.driver.LegacyIOAHCIBlockStorage</key>
        <string>1.1.1</string>
        <key>org.tgwbd.driver.LegacyJMicronATA</key>
        <string>1.0d1</string>
        <key>org.tgwbd.driver.NullCPUPowerManagement</key>
        <string>1111.0</string>
        <key>org.tgwbd.iokit.AppleYukon2</key>
        <string>3.1.12b14</string>
        <key>org.tgwbd.iokit.LegacyAppleYukon2.10.5.7</key>
        <string>9.0</string>
        <key>org.voodoo.VoodooSDHC</key>
        <string>1111.0</string>
        <key>org.voodoo.driver.PS2Controller</key>
        <string>1111.0</string>
        <key>org.voodoo.driver.PS2Keyboard</key>
        <string>1111.0</string>
        <key>org.voodoo.driver.PS2Mouse</key>
        <string>1111.0</string>
        <key>org.voodoo.driver.PS2Trackpad</key>
        <string>1111.0</string>
        <key>org.voodoo.driver.VoodooHDA</key>
        <string>1111.0</string>
        <key>org.voodoo.driver.VoodooPS2ElanTrackpad</key>
        <string>1.1.1</string>
        <key>org.voodoo.driver.VoodooTSCSync</key>
        <string>1111.0</string>

Even FakeSMC is in there :hysterical:

  • Like 9
Link to comment
Share on other sites

The list OSKextSigExceptionList is definitely the exception list, because I see some of the names when rebuilding kernelcache manually with kextcache.  OTOH, the OSKextExcludeList list only contains a few vmware kexts are not part of the public released distribution of VMware Fusion.

Link to comment
Share on other sites

So they basically made DP1 hackintosh compatible with this list? Uhm... lol?

 

And all I need to do is to rename any kext to the ones in the list and it will load? Nice security...  :whistle:  :P

Link to comment
Share on other sites

So they basically made DP1 hackintosh compatible with this list? Uhm... lol?

 

And all I need to do is to rename any kext to the ones in the list and it will load? Nice security...  :whistle:  :P

No,they are forcing us to rename our kexts :D

Link to comment
Share on other sites

I tried editing AppleKextExcludeList.kext/Contents/Info.plist and it works (!).  But then when I run 'kextcache -v -system-prelinked-kernel', it warns that AppleKextExcludeList in non-authentic.  However, the kext on my modified Info.list is reported as allowed.

And all I need to do is to rename any kext to the ones in the list and it will load? Nice security...  :whistle:  :P
Link to comment
Share on other sites

There's a new kext AppleKextExcludeList with an Info.plist that looks a list for kexts allowed to load without a signature.  It's got an infinite list of kexts that looks like some huge database of all kexts ever made for the Mac.

Some stuff in there

 

Even FakeSMC is in there :hysterical:

it's good that it's not the April 1th, otherwise I'd consider this a joke (good one) :)

  • Like 3
Link to comment
Share on other sites

So basically we add our own patched kext which are not included in the list so it will load even without a valid signature.

 

As for me, instead of editingAppleKextExcludeList, I added all the list to fakesmc so it wont get overwritten when update comes. Feel free where you want to put it.

 

Nice find Zenith432 :)

Link to comment
Share on other sites

So basically we add our own patched kext which are not included in the list so it will load even without a valid signature.

 

As for me, instead of editingAppleKextExcludeList, I added all the list to fakesmc so it wont get overwritten when update comes. Feel free where you want to put it.

 

Nice find Zenith432 :)

So you saying that the info plist can be in any kext, the OS will read that list from any kext? How did you test this? Btw if we edit the list in the original place, the AppleKextExcludeList will lose it's signature and that could cause problems too.

Link to comment
Share on other sites

Well, so Apple is managing a plist (within a kext) which is supposed to allow certain (3rd party) kexts to be loaded (without signing) and all of these "hack kexts" are in that list? Hmmmmm! Now that is interesting, but I am still not sure what that means. I really cannot imagine that Apple sort of inofficially supports Hacks by this way ... but why is all this stuff in there then? Because I think it would be more typical for Apple that this list is made for lockdown and exclusion of hacks, and not for (even unofficial) support.

 

Also, in a follow up comment to the article I mentioned above, the original poster stated that: The thing is that Apple has more on their sleeves but that info isn’t even shared, but I have said too much already – since this info was meant to be confidentially – so I just let them be what they are… uninformed.

 

I don't know if he is just making this up, but it sounds not completely uncredible - and quite mysterious - to me.

Link to comment
Share on other sites

I still don't get it... So they lock down the S/L/E/, and we can only use signed kexts in L/E/... So... I rename any kext to "org.netkas.hda" (I just picked one from the "allowed to load without signing" list) and it will load up? You just have to rename any kext and it will load up... I still don't get it why this feature will be then... Because then it's pointless.

 

Because if this is a security feature, then the hacker or the man who want his "bad" kext to be installed, he just rename his malicious kext to an allowed one and he infected osx like before.

Link to comment
Share on other sites

Well, if I am about to shell out some thousand bucks for a new shiny "Hack Pro", it wouldn't be so nice if some months later it will be locked out of future updates. So, since there is a real possibilty of this happening, I think it would be better to  defer my investment at least until Mavericks comes out?

Link to comment
Share on other sites

...

As for me, instead of editingAppleKextExcludeList, I added all the list to fakesmc so it wont get overwritten when update comes. Feel free where you want to put it.

...

I tried this, I added the list to fakesmc, added my kexts to the list and it's not worked. Could you tell us how you exactly did that?

 

 

Edit: I edited the AppleKextExcludeList info.plist and added my modified kexts, then I added the AppleKextExcludeList too into itself, and not a single "WARNING" message on kextcache creation :D

 

post-150972-0-36414100-1371495338_thumb.png

  • Like 4
Link to comment
Share on other sites

 Share

×
×
  • Create New...