Jump to content
frankiee

Mavericks - to be locked down (in the future)?

101 posts in this topic

Recommended Posts

OK, so it seems that many of you already had success installing Mavericks on a hack, and the list of supported machines also indicates that everything that can run ML can also run Mavericks, but ...

 

will that still be true for the future, especially for a hackintosh?

 

I am on the verge of jumping into the cold water and want to build myself one, bc Apple does not seem to be able to offer me the hardware I need. But of course, I also want my "hack" to be future proof, and one of the worst things I can imagine is to be locked out of future OS updates.

 

One point that worries me is that Apple seems to use more and more proprietary hardware (especially for the new "Mac Pro"), but it was this article that almost scares me and makes me feel a bit uneasy about the future of hacks in general: http://pikeralpha.wordpress.com/2013/06/13/kext-requirements-for-os-x-10-9-mavericks/

 

In short, the poster claims that: "The /System directory will be locked in the near future and kext in /Library/Extensions must be signed. But more importantly. Kext editing (plists and bin files) will simply be impossible"

 

So, what's your take on this? Do you think this could become a real problem, or nothing to worry about?

Share this post


Link to post
Share on other sites
Advertisement

I read the same page today, and I don't understand how the /System/Library/Extensions will be locked down... I think this lock could be hacked/patched.

Btw this codesign security blocking could be in the final 10.9 (apple started to ask developers to register not only for apps, but anything)  :( They want to lock the whole thing... -_-

Well we will see...

Share this post


Link to post
Share on other sites

you might have to ask somebody like rampagedev or piker or other developers out there 

i'm sure they could give you an answer ( or answers)

Share this post


Link to post
Share on other sites

I read the same page today, and I don't understand how the /System/Library/Extensions will be locked down... I think this lock could be hacked/patched.

 

I also don't know, (so thats why I am asking) but I assume if Apple really wants, they will find a way. The question is: are they actually concerned about locking out hacks, or are these measures that won't affect us?

 

And, even if that could be bypassed, that also would mean even more patching, maybe using a custom kernel. But on the other hand, this might reduce compability and of course introduce more difficulties in general.

 

Btw this codesign security blocking could be in the final 10.9

 

Thats one thing I am afraid of ... so this could be a really important issue for everybody imho.

Share this post


Link to post
Share on other sites

If Apple implements signature versification via the kernel, I think it'll be very difficult to bypass especially if the kernel itself becomes secured too somehow. 

 

Apple has generally been tolerant of the hackintosh community and I don't think they're trying to kill it, but rather limit it a bit by making it more difficult.

 

If Apple does indeed lockup everything in 10.9, it'll mean we'll have a much narrower range of supported hardware. We can still fake dev ids via DSDT to use some stock kexts but we will no longer be able to patch binaries. We'll have to depend more on 3rd party kexts which, unfortunately, won't cover our needs.

 

We can only wait and see. And I'm sure some brilliant hackers around here will find workarounds, eventually.

Share this post


Link to post
Share on other sites

wouldn't  this mean that 3rd party kexts wouldn't be allowed. This would however limit 3rd party hardware and can't be really in apples interest. If 3rd party hardware kexts are still allowed couldn't we just patch apple kexts an reintroduce them as 3rd party kexts?

 

I don't have much of an insight in such things though. 

Share this post


Link to post
Share on other sites

There's a new kext AppleKextExcludeList with an Info.plist that looks a list for kexts allowed to load without a signature.  It's got an infinite list of kexts that looks like some huge database of all kexts ever made for the Mac.

Some stuff in there 

<key>OSKextSigExceptionList</key>
        <key>VoodooSDHC</key>
        <string>1.1d1</string>
        <key>com.AnV.Software.driver.PCGenRTL8139Ethernet</key>
        <string>1.4.1</string>
        <key>com.AnV_Software.driver.AnyAppleUSBKeyboard</key>
        <string>8.8.8</string>
        <key>com.AnV_Software.driver.AnyAppleUSBMouse</key>
        <string>8.8.8</string>
        <key>com.AnV_Software.driver.AnyCardReader</key>
        <string>8.8.8</string>
        <key>com.AnV_Software.driver.AnyiSightCam</key>
        <string>8.8.8</string>
        <key>com.AnV_Software.driver.BroadcomAppleBluetooth</key>
        <string>1111.0</string>
        <key>com.AnV_Software.driver.CustomPeripheral</key>
        <string>8.8.8</string>
        <key>com.AnV_Software.driver.DeviceMergeNub</key>
        <string>1111.0</string>
        <key>com.AnV_Software.driver.DeviceMergeNubAPM</key>
        <string>1.0</string>
        <key>com.Micky1979.plist.WifiInjector</key>
        <string>1.0</string>
        <key>com.Niresh12495.ExtraExtensions</key>
        <string>1.0</string>
        <key>com.Niresh12495.Hackintosh.AHCIPortInjector</key>
        <string>1.0</string>
        <key>com.Niresh12495.Hackintosh.ATAPortInjector</key>
        <string>1.0</string>
        <key>com.Niresh12495.Hackintosh.IOAHCIBlockStorageInjector</key>
        <string>1.1.1</string>
        <key>com.tonymacx86.AHCI_3rdParty_SATA</key>
        <string>1111.0</string>
        <key>com.tonymacx86.AHCI_3rdParty_eSATA</key>
        <string>0.3</string>
        <key>com.tonymacx86.ALC8xxHDA</key>
        <string>1111.0</string>
        <key>com.tonymacx86.ATI48xxController</key>
        <string>9.0.2</string>
        <key>com.tonymacx86.JMicron36xSATA</key>
        <string>0.8</string>
        <key>com.tonymacx86.JMicron36xeSATA</key>
        <string>0.8</string>
        <key>com.tonymacx86.Legacy889HDA</key>
        <string>0.3</string>
        <key>com.tonymacx86.ati6570pm</key>
        <string>3.0</string>
        <key>mohamed.ACPIPS2Nub</key>
        <string>1.0d1</string>
        <key>my.name.adlan.BCM5722D</key>
        <string>1111.0</string>
        <key>name.perrier.thomas.ATIcceleratorDriver</key>
        <string>1.0</string>
        <key>net.osx86.driver.EnsoniqAudioPCI</key>
        <string>1.0.3</string>
        <key>net.osx86.driver.VMsvga2</key>
        <string>1.3d7</string>
        <key>net.osx86.driver.VMsvga2Accel</key>
        <string>1.3d7</string>
        <key>net.osx86.kexts.GenericUSBXHCI</key>
        <string>1.2d11</string>
        <key>org.chameleon.plist.AHCIPortInjector</key>
        <string>1111.0</string>
        <key>org.chameleon.plist.AHCI_Intel_SATA</key>
        <string>1.0</string>
        <key>org.chameleon.plist.ATAPortInjector</key>
        <string>1.0</string>
        <key>org.chameleon.plist.AppleIntelSNBGraphicsFB</key>
        <string>1.0</string>
        <key>org.chameleon.plist.IOAHCIBlockStorageInjector</key>
        <string>1111.0</string>
        <key>org.chameleon.plist.JMicronATAInjector</key>
        <string>1.0</string>
        <key>org.netkas.FakeSMC</key>
        <string>1111.0</string>
        <key>org.netkas.HPETDevice</key>
        <string>1.0</string>
        <key>org.netkas.driver.FakeSMC</key>
        <string>1111.0</string>
        <key>org.netkas.fakesmc</key>
        <string>1111.0</string>
        <key>org.netkas.hda</key>
        <string>900.0</string>
        <key>org.slice.ACPIMonitor</key>
        <string>1111.0</string>
        <key>org.slice.ACPISensors</key>
        <string>1111.0</string>
        <key>org.slice.HWInfo</key>
        <string>1.0</string>
        <key>org.slice.IntelCPUMonitor</key>
        <string>1.1</string>
        <key>org.slice.NSCPC8739x</key>
        <string>1111.0</string>
        <key>org.slice.PC8739x</key>
        <string>1111.0</string>
        <key>org.slice.RadeonMonitor</key>
        <string>2.0</string>
        <key>org.slice.sensor.X3100</key>
        <string>1.0</string>
        <key>org.tgwbd.driver.ACPIPS2Nub</key>
        <string>1.0d1</string>
        <key>org.tgwbd.driver.ElliottForceLegacyRTC</key>
        <string>1111.0</string>
        <key>org.tgwbd.driver.LegacyAppleAHCIPort</key>
        <string>1.5.1</string>
        <key>org.tgwbd.driver.LegacyAppleIntelPIIXATA</key>
        <string>1.0d1</string>
        <key>org.tgwbd.driver.LegacyIOAHCIBlockStorage</key>
        <string>1.1.1</string>
        <key>org.tgwbd.driver.LegacyJMicronATA</key>
        <string>1.0d1</string>
        <key>org.tgwbd.driver.NullCPUPowerManagement</key>
        <string>1111.0</string>
        <key>org.tgwbd.iokit.AppleYukon2</key>
        <string>3.1.12b14</string>
        <key>org.tgwbd.iokit.LegacyAppleYukon2.10.5.7</key>
        <string>9.0</string>
        <key>org.voodoo.VoodooSDHC</key>
        <string>1111.0</string>
        <key>org.voodoo.driver.PS2Controller</key>
        <string>1111.0</string>
        <key>org.voodoo.driver.PS2Keyboard</key>
        <string>1111.0</string>
        <key>org.voodoo.driver.PS2Mouse</key>
        <string>1111.0</string>
        <key>org.voodoo.driver.PS2Trackpad</key>
        <string>1111.0</string>
        <key>org.voodoo.driver.VoodooHDA</key>
        <string>1111.0</string>
        <key>org.voodoo.driver.VoodooPS2ElanTrackpad</key>
        <string>1.1.1</string>
        <key>org.voodoo.driver.VoodooTSCSync</key>
        <string>1111.0</string>

Even FakeSMC is in there :hysterical:

Share this post


Link to post
Share on other sites

I think Exclude means it will not load them... They basically blocking all those kexts with this thing.

Share this post


Link to post
Share on other sites

The list OSKextSigExceptionList is definitely the exception list, because I see some of the names when rebuilding kernelcache manually with kextcache.  OTOH, the OSKextExcludeList list only contains a few vmware kexts are not part of the public released distribution of VMware Fusion.

Share this post


Link to post
Share on other sites

So they basically made DP1 hackintosh compatible with this list? Uhm... lol?

 

And all I need to do is to rename any kext to the ones in the list and it will load? Nice security...  :whistle:  :P

Share this post


Link to post
Share on other sites

So they basically made DP1 hackintosh compatible with this list? Uhm... lol?

 

And all I need to do is to rename any kext to the ones in the list and it will load? Nice security...  :whistle:  :P

No,they are forcing us to rename our kexts :D

Share this post


Link to post
Share on other sites

I tried editing AppleKextExcludeList.kext/Contents/Info.plist and it works (!).  But then when I run 'kextcache -v -system-prelinked-kernel', it warns that AppleKextExcludeList in non-authentic.  However, the kext on my modified Info.list is reported as allowed.

And all I need to do is to rename any kext to the ones in the list and it will load? Nice security...  :whistle:  :P

Share this post


Link to post
Share on other sites

There's a new kext AppleKextExcludeList with an Info.plist that looks a list for kexts allowed to load without a signature.  It's got an infinite list of kexts that looks like some huge database of all kexts ever made for the Mac.

Some stuff in there

 

Even FakeSMC is in there :hysterical:

it's good that it's not the April 1th, otherwise I'd consider this a joke (good one) :)

Share this post


Link to post
Share on other sites

So basically we add our own patched kext which are not included in the list so it will load even without a valid signature.

 

As for me, instead of editingAppleKextExcludeList, I added all the list to fakesmc so it wont get overwritten when update comes. Feel free where you want to put it.

 

Nice find Zenith432 :)

Share this post


Link to post
Share on other sites

So basically we add our own patched kext which are not included in the list so it will load even without a valid signature.

 

As for me, instead of editingAppleKextExcludeList, I added all the list to fakesmc so it wont get overwritten when update comes. Feel free where you want to put it.

 

Nice find Zenith432 :)

So you saying that the info plist can be in any kext, the OS will read that list from any kext? How did you test this? Btw if we edit the list in the original place, the AppleKextExcludeList will lose it's signature and that could cause problems too.

Share this post


Link to post
Share on other sites

Well, so Apple is managing a plist (within a kext) which is supposed to allow certain (3rd party) kexts to be loaded (without signing) and all of these "hack kexts" are in that list? Hmmmmm! Now that is interesting, but I am still not sure what that means. I really cannot imagine that Apple sort of inofficially supports Hacks by this way ... but why is all this stuff in there then? Because I think it would be more typical for Apple that this list is made for lockdown and exclusion of hacks, and not for (even unofficial) support.

 

Also, in a follow up comment to the article I mentioned above, the original poster stated that: The thing is that Apple has more on their sleeves but that info isn’t even shared, but I have said too much already – since this info was meant to be confidentially – so I just let them be what they are… uninformed.

 

I don't know if he is just making this up, but it sounds not completely uncredible - and quite mysterious - to me.

Share this post


Link to post
Share on other sites

I still don't get it... So they lock down the S/L/E/, and we can only use signed kexts in L/E/... So... I rename any kext to "org.netkas.hda" (I just picked one from the "allowed to load without signing" list) and it will load up? You just have to rename any kext and it will load up... I still don't get it why this feature will be then... Because then it's pointless.

 

Because if this is a security feature, then the hacker or the man who want his "bad" kext to be installed, he just rename his malicious kext to an allowed one and he infected osx like before.

Share this post


Link to post
Share on other sites

Stop speculating, just wait till this is tested and explained properly. Pike said it was coming but it's not active yet so keep doing things like always and you'll be fine.

Share this post


Link to post
Share on other sites

Well, if I am about to shell out some thousand bucks for a new shiny "Hack Pro", it wouldn't be so nice if some months later it will be locked out of future updates. So, since there is a real possibilty of this happening, I think it would be better to  defer my investment at least until Mavericks comes out?

Share this post


Link to post
Share on other sites

...

As for me, instead of editingAppleKextExcludeList, I added all the list to fakesmc so it wont get overwritten when update comes. Feel free where you want to put it.

...

I tried this, I added the list to fakesmc, added my kexts to the list and it's not worked. Could you tell us how you exactly did that?

 

 

Edit: I edited the AppleKextExcludeList info.plist and added my modified kexts, then I added the AppleKextExcludeList too into itself, and not a single "WARNING" message on kextcache creation :D

 

post-150972-0-36414100-1371495338_thumb.png

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×