Apple released OS X v10.10 Yosemite Developer Preview 1 (Build 14A238x) to its Mac developers and soon after the release notes showed up on pastebin.com. And no. That wasn’t me. That was someone else. No idea who it was but anyway. The DP1 initiated a lot of (press) coverage about the new (flat) look and feel, and that is great for end-users and the like, but we hackers are far more interested in the boring stuff. Hidden deep under the hood of OS X 10.10 Yosemite DP1 and thus here goes.
mach_kernel
Apple renamed mach_kernel to kernel and also moved it out of the root. Eliminating the need to hide it during the installation process. Which failed a couple of times already, and then people could easily rm the file. Well. Not anymore, because now it is put away in: /System/Library/Kernels making the accidental removal of the kernel virtually impossible. Oh and here is a tip. I found this change by looking at: /usr/standalone/BootCaches.plist and here is a snipped of that file.
<key>Kernelcache v1.3</key> <dict> <key>ExtensionsDir</key> <array> <string>/System/Library/Extensions</string> <string>/Library/Extensions</string> </array> <key>Path</key> <string>/System/Library/Caches/com.apple.kext.caches/Startup/kernelcache</string> <key>KernelPath</key> <string>/System/Library/Kernels/kernel</string> <key>KernelsDir</key> <string>/System/Library/Kernels</string> <key>Archs</key> <array> <string>x86_64</string> </array> <key>Preferred Compression</key> <string>lzvn</string> </dict>
kernelcache
The above snippet also gave away that Apple is still using the same version/name/path for the kernel cache, but hold on. There is also a new property called Preferred Compression. Set to lzvn. Which is new. Overriding the previously used lzss compression method. But looking at the code, I think that you can either remove or rename lzvn to lzss and then kextcache will re-create a new kernelcache with lzss. Which is a must have for legacy boot loaders like Chameleon, Chimera and RevoBoot because without support for lzvn or renamed property value, this piece of code in drivers.c will error out with: “kernel compression is bad!”
if (kernel_header->signature == OSSwapBigToHostConstInt32('comp'))
{
if (kernel_header->compressType != OSSwapBigToHostConstInt32('lzss'))
{
error("kernel compression is bad\n");
return -1;
}
Yikes! I love using kernel cache. It makes booting up your Mac/hack so much faster. How do we fix this?
lzvn_decode
I started with a simple grep for lzvn in the extensions directory, resulting in two matches. One in AppleFSCompressionZlib.kext
And one in IOGraphics.kext
Here we also find a reference to lzvn.opcode_table which appears to be a 2KB data table. And since kextcache creates the kernel cache, it had to have the same sort of code. Bingo. Here it is.
The good news is that the source code of both IOGraphics.kext and kextcache should become publicly available. Well. Not right now, because Apple is, as usual, very slow with updating opensource.apple.com. Their reasons are unknown, but it is most likely security related. And even then. I mean. Look at what happened with XCPM in the mach_kernel. No source was ever shared. Why? No idea.
Also. The 2KB opcode tables are not the same. In fact. All three are different. The question now is what to do. Wait or dig deeper and try to write our own lzvn code. The problem is that I don’t even have the time to finish this blog article…
boot.efi
Some of you may wonder why Clover can boot with kernel cache while other, legacy, boot loaders cannot. The answer is rather simple. Clover loads: /usr/standalone/i386/boot.efi and this file adds support for lzvn with yet another (also different) 2 KB opcode.table Oops. I almost forgot it. This is where _lzvn_decode can be found in boot.efi
Support for lzss is still there so we can use both of them.
What is next?
I extracted the 2 KB opcode.table from boot.efi, now also available from dropbox (all four of them) and then I disassembled _lzvn_decode. Well. Here you go. Yup. This the one from boot.efi.
_lzvn_decode: 19780: 55 push %rbp 19781: 48 89 e5 mov %rsp,%rbp 19784: 57 push %rdi 19785: 56 push %rsi 19786: 48 89 cf mov %rcx,%rdi 19789: 48 89 d6 mov %rdx,%rsi 1978c: 4c 89 c2 mov %r8,%rdx 1978f: 4c 89 c9 mov %r9,%rcx 19792: 53 push %rbx 19793: 41 54 push %r12 19795: 48 8d 1d 24 ee 06 00 lea 0x6ee24(%rip),%rbx # 0x885c0 1979c: 48 31 c0 xor %rax,%rax 1979f: 4d 31 e4 xor %r12,%r12 197a2: 48 83 ee 08 sub $0x8,%rsi 197a6: 0f 82 92 02 00 00 jb 0x19a3e 197ac: 48 8d 4c 0a f8 lea -0x8(%rdx,%rcx,1),%rcx 197b1: 48 39 ca cmp %rcx,%rdx 197b4: 0f 87 84 02 00 00 ja 0x19a3e 197ba: 4c 0f b6 0a movzbq (%rdx),%r9 197be: 4c 8b 02 mov (%rdx),%r8 197c1: 42 ff 24 cb jmpq *(%rbx,%r9,8) 197c5: 48 83 c2 01 add $0x1,%rdx 197c9: 48 39 ca cmp %rcx,%rdx 197cc: 0f 87 6c 02 00 00 ja 0x19a3e 197d2: 4c 0f b6 0a movzbq (%rdx),%r9 197d6: 4c 8b 02 mov (%rdx),%r8 197d9: 42 ff 24 cb jmpq *(%rbx,%r9,8) 197dd: 0f 1f 00 nopl (%rax) 197e0: 49 c1 e9 06 shr $0x6,%r9 197e4: 4a 8d 54 0a 02 lea 0x2(%rdx,%r9,1),%rdx 197e9: 48 39 ca cmp %rcx,%rdx 197ec: 0f 87 4c 02 00 00 ja 0x19a3e 197f2: 4d 89 c4 mov %r8,%r12 197f5: 49 0f cc bswap %r12 197f8: 4d 89 e2 mov %r12,%r10 197fb: 49 c1 e4 05 shl $0x5,%r12 197ff: 49 c1 e2 02 shl $0x2,%r10 19803: 49 c1 ec 35 shr $0x35,%r12 19807: 49 c1 ea 3d shr $0x3d,%r10 1980b: 49 c1 e8 10 shr $0x10,%r8 1980f: 49 83 c2 03 add $0x3,%r10 19813: 4e 8d 1c 08 lea (%rax,%r9,1),%r11 19817: 4d 01 d3 add %r10,%r11 1981a: 49 39 f3 cmp %rsi,%r11 1981d: 73 3d jae 0x1985c 1981f: 4c 89 04 07 mov %r8,(%rdi,%rax,1) 19823: 4c 01 c8 add %r9,%rax 19826: 49 89 c0 mov %rax,%r8 19829: 4d 29 e0 sub %r12,%r8 1982c: 0f 82 0c 02 00 00 jb 0x19a3e 19832: 49 83 fc 08 cmp $0x8,%r12 19836: 72 54 jb 0x1988c 19838: 4e 8b 0c 07 mov (%rdi,%r8,1),%r9 1983c: 49 83 c0 08 add $0x8,%r8 19840: 4c 89 0c 07 mov %r9,(%rdi,%rax,1) 19844: 48 83 c0 08 add $0x8,%rax 19848: 49 83 ea 08 sub $0x8,%r10 1984c: 77 ea ja 0x19838 1984e: 4c 01 d0 add %r10,%rax 19851: 4c 0f b6 0a movzbq (%rdx),%r9 19855: 4c 8b 02 mov (%rdx),%r8 19858: 42 ff 24 cb jmpq *(%rbx,%r9,8) 1985c: 4d 85 c9 test %r9,%r9 1985f: 74 1f je 0x19880 19861: 4c 8d 5e 08 lea 0x8(%rsi),%r11 19865: 44 88 04 07 mov %r8b,(%rdi,%rax,1) 19869: 48 83 c0 01 add $0x1,%rax 1986d: 49 39 c3 cmp %rax,%r11 19870: 0f 84 cb 01 00 00 je 0x19a41 19876: 49 c1 e8 08 shr $0x8,%r8 1987a: 49 83 e9 01 sub $0x1,%r9 1987e: 75 e5 jne 0x19865 19880: 49 89 c0 mov %rax,%r8 19883: 4d 29 e0 sub %r12,%r8 19886: 0f 82 b2 01 00 00 jb 0x19a3e 1988c: 4c 8d 5e 08 lea 0x8(%rsi),%r11 19890: 4e 0f b6 0c 07 movzbq (%rdi,%r8,1),%r9 19895: 49 83 c0 01 add $0x1,%r8 19899: 44 88 0c 07 mov %r9b,(%rdi,%rax,1) 1989d: 48 83 c0 01 add $0x1,%rax 198a1: 49 39 c3 cmp %rax,%r11 198a4: 0f 84 97 01 00 00 je 0x19a41 198aa: 49 83 ea 01 sub $0x1,%r10 198ae: 75 e0 jne 0x19890 198b0: 4c 0f b6 0a movzbq (%rdx),%r9 198b4: 4c 8b 02 mov (%rdx),%r8 198b7: 42 ff 24 cb jmpq *(%rbx,%r9,8) 198bb: 49 c1 e9 06 shr $0x6,%r9 198bf: 4a 8d 54 0a 01 lea 0x1(%rdx,%r9,1),%rdx 198c4: 48 39 ca cmp %rcx,%rdx 198c7: 0f 87 71 01 00 00 ja 0x19a3e 198cd: 49 c7 c2 38 00 00 00 mov $0x38,%r10 198d4: 4d 21 c2 and %r8,%r10 198d7: 49 c1 e8 08 shr $0x8,%r8 198db: 49 c1 ea 03 shr $0x3,%r10 198df: 49 83 c2 03 add $0x3,%r10 198e3: e9 2b ff ff ff jmpq 0x19813 198e8: 49 c1 e9 06 shr $0x6,%r9 198ec: 4a 8d 54 0a 03 lea 0x3(%rdx,%r9,1),%rdx 198f1: 48 39 ca cmp %rcx,%rdx 198f4: 0f 87 44 01 00 00 ja 0x19a3e 198fa: 49 c7 c2 38 00 00 00 mov $0x38,%r10 19901: 49 c7 c4 ff ff 00 00 mov $0xffff,%r12 19908: 4d 21 c2 and %r8,%r10 1990b: 49 c1 e8 08 shr $0x8,%r8 1990f: 49 c1 ea 03 shr $0x3,%r10 19913: 4d 21 c4 and %r8,%r12 19916: 49 c1 e8 10 shr $0x10,%r8 1991a: 49 83 c2 03 add $0x3,%r10 1991e: e9 f0 fe ff ff jmpq 0x19813 19923: 49 c1 e9 03 shr $0x3,%r9 19927: 49 83 e1 03 and $0x3,%r9 1992b: 4a 8d 54 0a 03 lea 0x3(%rdx,%r9,1),%rdx 19930: 48 39 ca cmp %rcx,%rdx 19933: 0f 87 05 01 00 00 ja 0x19a3e 19939: 4d 89 c2 mov %r8,%r10 1993c: 49 81 e2 07 03 00 00 and $0x307,%r10 19943: 49 c1 e8 0a shr $0xa,%r8 19947: 4d 0f b6 e2 movzbq %r10b,%r12 1994b: 49 c1 ea 08 shr $0x8,%r10 1994f: 49 c1 e4 02 shl $0x2,%r12 19953: 4d 09 e2 or %r12,%r10 19956: 49 c7 c4 ff 3f 00 00 mov $0x3fff,%r12 1995d: 49 83 c2 03 add $0x3,%r10 19961: 4d 21 c4 and %r8,%r12 19964: 49 c1 e8 0e shr $0xe,%r8 19968: e9 a6 fe ff ff jmpq 0x19813 1996d: 48 83 c2 01 add $0x1,%rdx 19971: 48 39 ca cmp %rcx,%rdx 19974: 0f 87 c4 00 00 00 ja 0x19a3e 1997a: 4d 89 c2 mov %r8,%r10 1997d: 49 83 e2 0f and $0xf,%r10 19981: eb 1f jmp 0x199a2 19983: 48 83 c2 02 add $0x2,%rdx 19987: 48 39 ca cmp %rcx,%rdx 1998a: 0f 87 ae 00 00 00 ja 0x19a3e 19990: 4d 89 c2 mov %r8,%r10 19993: 49 c1 ea 08 shr $0x8,%r10 19997: 49 81 e2 ff 00 00 00 and $0xff,%r10 1999e: 49 83 c2 10 add $0x10,%r10 199a2: 49 89 c0 mov %rax,%r8 199a5: 4d 29 e0 sub %r12,%r8 199a8: 4e 8d 1c 10 lea (%rax,%r10,1),%r11 199ac: 49 39 f3 cmp %rsi,%r11 199af: 0f 83 d7 fe ff ff jae 0x1988c 199b5: 49 83 fc 08 cmp $0x8,%r12 199b9: 0f 83 79 fe ff ff jae 0x19838 199bf: e9 c8 fe ff ff jmpq 0x1988c 199c4: 49 83 e0 0f and $0xf,%r8 199c8: 4a 8d 54 02 01 lea 0x1(%rdx,%r8,1),%rdx 199cd: eb 14 jmp 0x199e3 199cf: 49 c1 e8 08 shr $0x8,%r8 199d3: 49 81 e0 ff 00 00 00 and $0xff,%r8 199da: 49 83 c0 10 add $0x10,%r8 199de: 4a 8d 54 02 02 lea 0x2(%rdx,%r8,1),%rdx 199e3: 48 39 ca cmp %rcx,%rdx 199e6: 77 56 ja 0x19a3e 199e8: 4e 8d 1c 00 lea (%rax,%r8,1),%r11 199ec: 49 f7 d8 neg %r8 199ef: 49 39 f3 cmp %rsi,%r11 199f2: 77 23 ja 0x19a17 199f4: 4e 8d 1c 1f lea (%rdi,%r11,1),%r11 199f8: 4e 8b 0c 02 mov (%rdx,%r8,1),%r9 199fc: 4f 89 0c 03 mov %r9,(%r11,%r8,1) 19a00: 49 83 c0 08 add $0x8,%r8 19a04: 73 f2 jae 0x199f8 19a06: 4c 89 d8 mov %r11,%rax 19a09: 48 29 f8 sub %rdi,%rax 19a0c: 4c 0f b6 0a movzbq (%rdx),%r9 19a10: 4c 8b 02 mov (%rdx),%r8 19a13: 42 ff 24 cb jmpq *(%rbx,%r9,8) 19a17: 4c 8d 5e 08 lea 0x8(%rsi),%r11 19a1b: 4e 0f b6 0c 02 movzbq (%rdx,%r8,1),%r9 19a20: 44 88 0c 07 mov %r9b,(%rdi,%rax,1) 19a24: 48 83 c0 01 add $0x1,%rax 19a28: 49 39 c3 cmp %rax,%r11 19a2b: 74 14 je 0x19a41 19a2d: 49 83 c0 01 add $0x1,%r8 19a31: 75 e8 jne 0x19a1b 19a33: 4c 0f b6 0a movzbq (%rdx),%r9 19a37: 4c 8b 02 mov (%rdx),%r8 19a3a: 42 ff 24 cb jmpq *(%rbx,%r9,8) 19a3e: 48 31 c0 xor %rax,%rax 19a41: 41 5c pop %r12 19a43: 5b pop %rbx 19a44: 5e pop %rsi 19a45: 5f pop %rdi 19a46: 5d pop %rbp 19a47: c3 retq
Anyone willing to have a go with it? Yes. You will need to convert it and figure out how to get it going, but we are hackers. Right?
Kernelcache header data
I checked the header data of the new kernelcache, a few days ago already, and noticed that it had changed. It used to start with the mach_header_64 data (28 bytes):
struct mach_header_64 {
uint32_t magic; /* mach magic number identifier */
cpu_type_t cputype; /* cpu specifier */
cpu_subtype_t cpusubtype; /* machine specifier */
uint32_t filetype; /* type of file */
uint32_t ncmds; /* number of load commands */
uint32_t sizeofcmds; /* the size of all the load commands */
uint32_t flags; /* flags */
uint32_t reserved; /* reserved */
};
Which is defined in: /usr/include/mach-o/loader.h but now it starts with the pre-linked kernel header:
#define PLATFORM_NAME_LEN (64)
#define ROOT_PATH_LEN (256)
// prelinkVersion value >= 1 means KASLR supported
typedef struct prelinked_kernel_header {
uint32_t signature;
uint32_t compressType;
uint32_t adler32;
uint32_t uncompressedSize;
uint32_t compressedSize;
uint32_t prelinkVersion;
uint32_t reserved[10];
char platformName[PLATFORM_NAME_LEN]; // unused
char rootPath[ROOT_PATH_LEN]; // unused
char data[0];
} PrelinkedKernelHeader;
This structure is defined in kernelcache.h which is part of kext-tools and it used to come right after the mach_header_64 data, but not anymore. Easily fixed in the boot loader.
Edit:
I was wrong. Only the kernel cache in the BaseSystem.dmg is missing the mach_header_64 data. It’s still there in: /System/Library/Caches/com.apple.kext.caches/Startup/kernelcache
Problem sorted.
Update
I found a new boot argument called kcsuffix in the kextcache binary, which can be used to add… well you’ve guessed it already, add a suffix to the kernelcache.
I also found three references to .development and a strange one called /AppleInternal
I ran a few tests with kcsuffix=.development and that worked, because I noticed that the usual kextcache -Boot -U / at boot time now uses the added suffix.
Also. This bit is something you should know by now, but some people seem to be confused by it. Let’s try one more time. Ok. We already learned that
unsigned or improperly signed kexts will not be loaded in Yosemite, and that this strict checking can be disabled by adding a boot argument (kext-dev-mode=1) but you may not even need it. Not when the unsigned kext is listed in AppleKextExcludeList.kext Then you won’t have to use: kext-dev-mode=1
Quite simple isn’t it 😉
Pike's Universum 
Great find Piker. Without guys like you, the world is a boring place!
That looks pretty straightforward. I’ll give it a shot this evening if no one else has gotten around to it.
Great. What are you planning to do? Write a straight inline assembler function or port it to C?
I have a strong, perhaps even irrational dislike for inline assembly and AT&T syntax. I haven’t gotten to it quite yet though I might have time right now. I’d disassemble that to Intel syntax, fix all the branches, compile it with nasm and add to the makefile to link it. I suppose it could be fun to rewrite it in C. I’ll pull it up in IDA and see how it goes. (No license at the moment, so no decompiler). I took a quick look through RevoBoot, it should be trivial to add the new path for 10.10.
By the way, my kernelcache (in 10.10) starts with mach_header_64. I’ve rebuilt it a few times; no change.
Thanks. Note added.
Well I failed to notice all these bootloaders are only x86. That leaves me with a few options, and the hacker in me would rather just change the calling conventions and link at runtime than port it to C (or i386 assembly for that matter).
Yes. All legacy boot loaders are 32-bit, by design, and whatever path you go… nobody will complain when it works 😉
Found some time to work on this today. Got the decompression working (in 64 bit user space). Linker is mostly done, should have time to test this weekend.
Brilliant! Thanks for working on this.
Did you ever finish it?
Didn’t get to work on it this weekend. The only thing left to do is to add some code for swapping to long mode and back. Shouldn’t take more than a few minutes. I’ll put the code on github tonight either way.
Good job and thanks again!
P.s. Don’t forget to add a link to your Github repository 😉
I do not know if this is possible or within your realm of interest at all however there is a segment of us Mac Pro 1,1 & 2,1 owners, in an attempt to bleed every minute of life we can from our admittedly aging though still very competent machines ,that have become reliant on a “home-brew” Tiamos boot.efi Mac Only boot loader to run the latest OS X on our otherwise unsupported desktops. Upon the release of OS X 10.10 earlier and through testing, it has become apparent that quite possibly for the very changes you have so eloquently outlined here, that in its present state the current version of this boot.efi will not boot Yosemite.
As you certainly seem highly advanced and quite capable, a whole community of poor schumks owning old Mac Pro’s hoping to extend the life of there machines a bit longer throughout the public release of OS X 10.10 would be eternally grateful if you would have a “looksie” and perhaps bring the code current enabling it to boot Yosemite. 🙂
Iam ready to testing anything for the community , config Z87X-UD5H / i74770k GTX760 OS X 10.9 /OS X 10.10
Pike,
As regards the kernel path changes, what about RAID and Fusion helper partitions? Should they still be at root or placed in Apple’s already present directories?
I notice there is a /System/Library/CoreServices there, so is Apple adding “Kernels to that /System/Library directory?
Or, may it be in the com.apple.boot.X directory?
Thanks for all your work!
MAJ
Apple wants people to use: /System/Library/Kernels/kernel for OS X 10.10 and greater, otherwise it will not only confuse people, but it will also break after the first OS upgrade.
Hey Pike
I was just wondering why grabbing dsdt via terminal no longer working using these 2 commands on Yosemite.
perl -e ‘open(CMD, “ioreg -lw0 \| grep DSDT|”) or die; while() { chomp; if($_ =~ /\”DSDT\.?\d?\”=]*)>/) { $buff = $1; open(PIP, “|xxd -r -p > ./DSDT.aml”) or die; print PIP “$1”; } }’
ioreg -arw0 -d1 -c AppleACPIPlatformExpert | xpath /plist/array/dict/dict[2]/data[2]/text\(\) | base64 -D -o ./DSDT.aml
Doesnt work too on Yosemite. Yosemite no longer have the “DSDT” string in ioreg.
ioreg -c AppleACPIPlatformExpert -k ‘ACPI Tables’ -d 1 -rw0 | egrep ‘ACPI Tables’ | sed -e ‘s/.*”DSDT”=,.*//g’
Apple stripped it. No longer there. I’ll try to figure out a new way and let you know when I found one.
Any progress pike?
No, but it should be possible. Working on some other things right now.
Hi Pike
+1 on this issue please 🙂
/AppleInternal
An iOS perspective: the /AppleInternal directory is “… used on Apple Internal firmwares only. It contains bundles and applications used for testing …“.
An OS X perspective: I used an /AppleInternal directory to test some third party software (not my own) with pre-release builds of OS X 10.9. (Note to self: the resulting Apple Radar ID was probably 14160671.)
Pike, I managed to use the function to decompress the LZVN compressed kernelcache.
Reference:
http://www.insanelymac.com/forum/topic/300296-decompkernelcache-apps-to-decompress-kernel-cache-of-yosemite-and-older-lzvnlzss-and-updated-kext-tools-for-mavericks/?p=2052235
I have one request:
You managed to track down the decompression function within kexttools and other software, could you do the same for the 32 bit part of kextcache and also in both the 32 bit as well as 64 bit parts of kextcache look up where the compression function is?
Thanks a lot in advance 😀
Thanks a lot Andy!
Check your PM over at insanelymac.com for the 32-bit pointers. Good luck four your hunt!
Hi Pike,
I need the cross reference table for the 32-bit parts of kextcache for Yosemite.
Then I’m sure I can build a 32-bit decompressor.
Please PM me on InsanelyMac 😉
Ok. I’ll have another look… when I have the time for it.
Pingback: LZVN take II | Pike's Universum
Pingback: LZVN take II | Pike's Universum
Pingback: LZVN packed Apple Logo’s | Pike's Universum
Greetings,
Hi guys. This is a `bit off ‘ the subject of this thread, however, after endless searching for “kernelcache” via google, I reached this post. I think you might be able to help. I’m running mavericks and I built xnu manually as I’ve been doing for years. I’ve installed and have been running the kernel just fine, however, there’s one glaring difference. The stock kernel boots in approximately 6-8 seconds (using kernelcache). This kernel however, takes 30-40 seconds to boot. I’m presuming that the kernel I built is not a `prelinked’ kernel.
The system is definitely not loading the kernelcache file when I boot with the kernel that I built.
I’m somewhat new to the concept of prelinked mach_kernels. Do you have any ideas on how to go about getting my self-compiled kernel to boot from the kernelcache file?, or; i.e., is there some other way to get this kernel to use the already existing kernelcache file that the stock kernel uses? Or, is that a bad idea? Does the fact that the kernel I built having a different name such as mach_kernel.new, that I chose, as to not overwrite the stock kernel, possibly have anything to do with this?
I do, however, understand the basis of what the kernelcache is as well as why it is used, but I have no idea how to use kextcache to achieve what I’m trying to do, and if using that is even necessary in my specific situation. Apple seems somewhat elusive regarding this. I’ve only stumbled upon one webpage that basically is just referencing the man page on kextcache.
Just as a point of interest, I’m booting this kernel via adding it to nvram boot-args=”Kernel=mach_kernel.new”
The primary reason that I’m wanting to do this is because I want to rectify the extremely slow boot with this self-compiled kernel. I’ve tried rebuilding the caches, etc… and that does nothing, as far as affecting the speed up.
Any suggestions would be greatly appreciated.
Hi,
Yup. This is likely the crux of the problem: nvram boot-args=”Kernel=mach_kernel.new”
With Yosemite you can add boot argument kcsuffix=.new and then the kextd (deamon) will use it when it re-creates the kernel cache, but this doesn’t work with Mavericks so you need to use /usr/sbin/kextcache and make your own pre-linked kernel cache, and add boot argument “Kernel Cache” to make it work.
Hey,
Thanks for the tip. That’s kinda what I thought, or was thinking at some point. Unfortunately, I’m not that familiar with using kextcache, at least in the way we’re talking about. I’m more of a logician when it comes to imperative subsystems of mach, such as, IPC and VM. As far as the tools go, I’m familiar with otool and nm, but not so much with kextcache. So, basically, the kernel image and all necessary drivers in question here, are being read and loaded off the disk each time thus causing the slow boot. That sucks.
Do you have any idea what parameters I would need to pass to kextcache to make this work ? And, Wouldn’t that possibly overwrite the stock kernel’s kernelcache file that already exists in the /Startup subdir ?
Hello,
As I believe I was the first to mention/run by/contact you regarding your assistance with the Mac Pro Yosemite boot loader, I just wanted stop by again and personally express my upmost appreciation for the time and effort you put forth on this project. As I gathered from your blog and mentioned within my post here back in June, I truly admire your highly advanced skills. You certainly possess an exceptional gift. I must say however that what I find most impressive is how freely you share your gift with the world.
Thanks again !
Hi Greg,
Oh yeah now I remember. You asked me to have a look, but at that time I simply had no time for it. Too busy with other stuff. You know.
And thank you so much for your kind words. I tell you. Yesterday, after reading and approving your comment, I simply had no words to reply to you. I know it is weird. I mean. Let’s face it. For most people it’s all about the money. Not so for me. Not anymore. It took some time to sink in, but after losing a sister. Someone so smart. So brilliant. Thing is. My parents are divorced, and when she came back home from school to have a chat with me… because dad wasn’t there and mom was working… I was always busy. The big brother she looked up against. But I had no time for her, because I thought that it was all about the money. Now I regret that decision, but that was also an eye opener. I realised that something had to change. And that something was I. Now I don’t care about money anymore, and I try to be a better person. And what you see/read here, is me trying to become that person.
Thanks again!
Simply, wow! Thanks.
Pingback: Recover HD booting with macosxbootloader | Pike's Universum
Pingback: Apple’s kext signing bypassed… | Pike's Universum