iWin32 Posted June 17, 2013 Share Posted June 17, 2013 In short, the poster claims that: "The /System directory will be locked in the near future and kext in /Library/Extensions must be signed. But more importantly. Kext editing (plists and bin files) will simply be impossible" I bolded the bin part on his post because that is one thing that scares me: With all the recent work that is done with the Intel HD Graphics Framebuffer, it may go down the drain...because the only way to get it done is to patch the bin file with a hex editor (or use Vertek's built patcher) of AppleIntelHDGraphicsFB.kext, otherwise, we'll be stuck in the dark with an empty screen. Just curious: Will this be a problem? DSDT hacks are useless until you get the framebuffer working! Although I will say seeing FakeSMC in the exception list is a bit ironic for Apple! That sure would serve a really useful purpose on a legit mac!! Soon, they'll be starting their own Hackintosh help-line!!! Link to comment Share on other sites More sharing options...
kitmac Posted June 17, 2013 Share Posted June 17, 2013 I tried this, I added the list to fakesmc, added my kexts to the list and it's not worked. Could you tell us how you exactly did that? Edit: I edited the AppleKextExcludeList info.plist and added my modified kexts, then I added the AppleKextExcludeList too into itself, and not a single "WARNING" message on kextcache creation gsg.png awesome..... Link to comment Share on other sites More sharing options...
3.14r2 Posted June 17, 2013 Share Posted June 17, 2013 Although I will say seeing FakeSMC in the exception list is a bit ironic for Apple! That sure would serve a really useful purpose on a legit mac!! I wonder if Apple is considering a very generous donation to the forum (who knows, even Tony can get a buck of two, if Apple be generous enough) Link to comment Share on other sites More sharing options...
GhostRaider Posted June 18, 2013 Share Posted June 18, 2013 I'm sure there are Apple engineers that read InsanelyMac and other hackintosh forums. I mean how else did Apple get that list? What I do believe is that as long as people pay for the operating system, they wouldn't really care. I mean that's extra money for them. As for the discovery for the exclusion list, it could mean that Apple does indeed support hackintosh and wants it alive. They created a list so that there is no difficulty in installing and loading them up at startup. The only benefit would just be for security purposes. In case some person creates a malicious application and wants to install a malicious kext with it, then they will not be able to do that. But the problem is when you have to modify an official Apple kext. I'm not sure what would happen there. Link to comment Share on other sites More sharing options...
Maniac10 Posted June 18, 2013 Share Posted June 18, 2013 They probably collected that list from diagnostic and usage reports people with hacks have been sending. 1 Link to comment Share on other sites More sharing options...
jamiethemorris Posted June 18, 2013 Share Posted June 18, 2013 That would make sense. This whole thing is confusing... There's no way Apple would purposefully allow these kexts... Are you guys sure it doesn't mean the opposite? That these are kexts that aren't allowed? Link to comment Share on other sites More sharing options...
Maniac10 Posted June 18, 2013 Share Posted June 18, 2013 For now it's a whitelist, it says so in the console: com.apple.kextcache[449]: kext com.softraid.driver.SoftRAID 404009000 is in exception list, allowing to load Link to comment Share on other sites More sharing options...
nyolc8 Posted June 18, 2013 Share Posted June 18, 2013 jamiethemorris: I got rid all the warning messages by adding my modified kexts to that list... so yes, that list is for allowing those kexts. Link to comment Share on other sites More sharing options...
jamiethemorris Posted June 18, 2013 Share Posted June 18, 2013 Wow! How strange. Also, I'm curious... If you have a developer account and wanted to sign your own kext, does Apple have to approve that, or would you just do it? The article also mentioned that /system would be locked though, which would mean you couldn't modify the exception kext... The only thing is I don't see how it's possible to lock out the root user... Maybe I'm misunderstanding. Link to comment Share on other sites More sharing options...
nyolc8 Posted June 19, 2013 Share Posted June 19, 2013 Wow! How strange. Also, I'm curious... If you have a developer account and wanted to sign your own kext, does Apple have to approve that, or would you just do it? When you make the codesign for it, it communicate with apple servers and then the server gives you a token or something and then xcode build that into your kext/app. So you can't "just" sign it. The article also mentioned that /system would be locked though, which would mean you couldn't modify the exception kext... The only thing is I don't see how it's possible to lock out the root user... Maybe I'm misunderstanding. Now that is the thing I don't understand as well... *** I read on another forum, someone tried to put modified (so codesign broken) kexts into Extra/Extenisons/ and osx loaded all of them from there without any message at kext cache creation They said, System/Extensions/ will be locked... but what about Extra/Extensions/? 3 Link to comment Share on other sites More sharing options...
3.14r2 Posted June 19, 2013 Share Posted June 19, 2013 I read on another forum, someone tried to put modified (so codesign broken) kexts into Extra/Extenisons/ and osx loaded all of them from there without any message at kext cache creation Yet another curious (in scope of allow/forbid hackintoshing) feature Link to comment Share on other sites More sharing options...
Maniac10 Posted June 19, 2013 Share Posted June 19, 2013 I read on another forum, someone tried to put modified (so codesign broken) kexts into Extra/Extenisons/ and osx loaded all of them from there without any message at kext cache creation They said, System/Extensions/ will be locked... but what about Extra/Extensions/? OSX don't care about kexts there, it's a Chameleon thing only. And I think you don't see the warnings because they won't be included into the kext caches. (not sure, anyone?) Link to comment Share on other sites More sharing options...
jamiethemorris Posted June 19, 2013 Share Posted June 19, 2013 OSX don't care about kexts there, it's a Chameleon thing only. And I think you don't see the warnings because they won't be included into the kext caches. (not sure, anyone?) yeah that's true. It would make or boot really slow though without the cache. Link to comment Share on other sites More sharing options...
iFIRE Posted June 19, 2013 Share Posted June 19, 2013 Like this: Yes we can!!!! The famous phrase , but now this is : Yes we SCAN !!!!!! Link to comment Share on other sites More sharing options...
iWin32 Posted June 23, 2013 Share Posted June 23, 2013 I wonder if Apple is considering a very generous donation to the forum (who knows, even Tony can get a buck of two, if Apple be generous enough) Well, one thing I noticed when editing AppleKextExcludeList.kext's Info.plist is, well... <key>com.tidalpoolsoftware.macproxy.kext</key> <string>2.0.5</string> <key>com.tonymacx86.AHCI_3rdParty_SATA</key> <string>1111.0</string> <key>com.tonymacx86.AHCI_3rdParty_eSATA</key> <string>0.3</string> <key>com.tonymacx86.ALC8xxHDA</key> <string>1111.0</string> <key>com.tonymacx86.ATI48xxController</key> <string>9.0.2</string> <key>com.tonymacx86.JMicron36xSATA</key> <string>0.8</string> <key>com.tonymacx86.JMicron36xeSATA</key> <string>0.8</string> <key>com.tonymacx86.Legacy889HDA</key> <string>0.3</string> <key>com.tonymacx86.ati6570pm</key> <string>3.0</string> <key>com.tootoosoft.driver.Intel82566MM</key> <string>1111.0</string> This forum may not support him, but Apple sure supports tonymacx86!! 2 Link to comment Share on other sites More sharing options...
3.14r2 Posted June 24, 2013 Share Posted June 24, 2013 Well, one thing I noticed when editing AppleKextExcludeList.kext's Info.plist is, well... This forum may not support him, but Apple sure supports tonymacx86!! I can't believe this is happening!!! Next thing we know will be the official announcement of Apple buying Tony's (serious) business Link to comment Share on other sites More sharing options...
nyolc8 Posted June 24, 2013 Share Posted June 24, 2013 What happens if we patch a signed kext with clover's on-the-fly kextpatching? Then we can add anything to the applekextexcludelist without losing it's codesign? 1 Link to comment Share on other sites More sharing options...
jamiethemorris Posted June 24, 2013 Share Posted June 24, 2013 What happens if we patch a signed kext with clover's on-the-fly kextpatching? Then we can add anything to the applekextexcludelist without losing it's codesign? I was wondering this too. Couldn't you also add any kext to that list, whether or not it actually exists natively, and then it wouldn't need a codesign? Link to comment Share on other sites More sharing options...
Pike R. Alpha Posted June 24, 2013 Share Posted June 24, 2013 Apple isn't supporting anyone. This list was generated from support data.Wait for it to be removed. Like everything hack related. 4 Link to comment Share on other sites More sharing options...
theconnactic Posted June 24, 2013 Share Posted June 24, 2013 Pike, honestly, do you think this code sign move, besides improved security issues, was also aimed on improper use ("hackintosh", EULA violation) of OSX? Like in Tiger days, when they made some attempts on it? All the best! Link to comment Share on other sites More sharing options...
3.14r2 Posted June 24, 2013 Share Posted June 24, 2013 Apple isn't supporting anyone. This list was generated from support data.Wait for it to be removed. Like everything hack related. I have no doubts that Apple isn't supporting anyone, it's just quite curious to see such a thing in the officially provided OS X versions (not some distro). Though it is only a DP (early) version (not yet the public release), but still why bother with the list (even if it's a trivial thing to make)? For security reasons? I guess Apple could create something much more complicated then this, if they would be all about security. May be it's just to have more beta testers with very different hardware (more then only genuine Macs could offer)? Link to comment Share on other sites More sharing options...
Onixs Posted June 25, 2013 Share Posted June 25, 2013 at the end of the day, we are just guinea pigs regarding this topic. 1 Link to comment Share on other sites More sharing options...
frankiee Posted June 25, 2013 Author Share Posted June 25, 2013 Are there any changes in DP2 regarding this topic? Link to comment Share on other sites More sharing options...
nyolc8 Posted June 25, 2013 Share Posted June 25, 2013 Are there any changes in DP2 regarding this topic? The same applekextexcludelist editing fixes the warning messages. Nothing changed. Link to comment Share on other sites More sharing options...
frankiee Posted June 25, 2013 Author Share Posted June 25, 2013 Nothing changed. Really curious if that still will be true with the release .... 1 Link to comment Share on other sites More sharing options...
Recommended Posts