Capstone help for a nine year old boy…

Ok. So I thought that I started early with coding. Turns out I did not. Got a request from a nine year old boy with a hackintosh; This doesn’t work.?

#!/usr/bin/python

from capstone import *

...

Right. You need Capstone (libs) for this, and he wants to install pre-compiled libraries. Great. Can someone help me out with links to a file with a readme?

Note: I have been looking out not to hit other boats and now I need to get some sleep. My wife is taking over and I hope that someone here can help him out.

Thanks!

Edit: I helped him with the download and compilation and installation of Capstone and he is setup and trying to read the firmwaremask et all from firmware files (to be used with Clover).

Have fun now Robin. Lookup Galápagos Islands on a map, and then you’ll also know where I am 🙂

Advertisement

iMac Pro comes with Security Enclave Processor

I piled through the firmware/rubble from the new iMac Pro – to be released in December – and it appears to be coming with a Security Enclave Processor (SEP). You know. Like the one that was added to the MacBook Pro’s with Touch Bar and Touch ID, but this time to (also?) support a new feature called Apple SecureBoot (for the SEP only?). Here are some of the properties that it uses:

AppleSecureBootPolicy
ApECID
ApChipID
ApBoardID
ApSecurityDomain
ApProductionStatus
ApSecurityMode

Edit: ApSecurityMode appears to support a customer and developer mode.

The iMac Pro may eventually support – with a later firmware/seed update – a Magic Keyboard with Touch Bar and Touch ID – perhaps optionally – but I’m not saying Apple will. That is still a mystery. The fact that Device (ASOC) is missing in the currently available ACPI tables may hint to not.

And in case you have missing it, the iMac Pro comes with the AMD Radeon Vega 10 Video Adapter. Ok. You knew that already, but there are a ton of new device properties. Some starting with ATY,Japura. The AMD10000Controller.kext also includes references to ATY,Iriri and ATY,Kamarang and the IOPCIMatch is set to:

0x68601002, 0x68671002 and 0x687F1002 (Vega RX).

Edit: Oh wow. This is news. The iMac Pro comes with one of the Intel Purley Xeons with a LGA3647 socket? Not a LGA2066 socket?

Edit-2: I am sailing – you know on a boat – and Internet access is not great. Had no access. Not for hours. Anyway. I did find a lot of source code paths with Basin Falls in the firmware. Like for example:

Vendor/Intel/IntelBfs/BasinFallsSiliconPkg/Me/MePlatformReset/DEBUG/AutoGen.c

Vendor/Intel/IntelBfs/PurleyPlatPkg/PlatformDxe/PlatformType/PlatformType/DEBUG/AutoGen.c

Edit-3: The information on the Intel roadmap for Basin Falls, aka workstations with a single processor, points to a “Server Socket R” (the R4 socket). The top of the line Xeon’s (Platinum and Gold) use a LGA3647 (Server Socket P) and supports six memory channels. The images of the open iMac Pro on Apple’s website show “only” four memory modules. As noted by a reader in the comments.

The filenames use both “Basin Falls” and “Purley” in them and thus suggest that Apple is in fact using Purley Xeon’s, but I don’t expect Apple to use Platinum or Gold Xeon’s. The latter are destined for scalable server grade hardware with 2, 4 or 8+ processors. In short. The iMac Pro may come with a Purley Xeon, but not one with a LGA3647 socket.

Edit-4: Ok. The iMac Pro will likely get Xeon SKU’s of the following Intel Core-X models:

Intel 7980XE (18 cores/36 threads/42MB Cache/Turbo Boost TBD)
Intel 7900X (10 cores/20 threads/23MB Cache/Turbo Boost 3.0 Max 4.5GHz)
Intel 7820X ( 8 cores/16 threads/19MB Cache/Turbo Boost 3.0 Max 4.5GHz)

LGA 2066 socket R4 with four memory channels. That’s it I guess.

Script to upgrade macOS High Sierra DP1 to DP2 (17A291j)

I wrote a new handy script (install_1013_DP2.sh) which downloads the individual upgrade packages for macOS High Sierra DP2 (17A291j) from the CatalogURL and then the installer opens, right after the download has finished, and it let’s you pick a target volume.

I myself even ran the script from macOS Sierra 10.12.3, after modifying the ProductVersion in: /System/Library/CoreServices/SystemVersion.plist which I changed into 10.13 I restored the value (10.12.3) when the installer started to move files.

Please confirm!

Edit: In case that you don’t have a RecoveryHD, then you will see an error at the end of the installation procedure. No worries. This is expected behaviour.

How to get Xcode 9 Beta without a paid developer account…

http://adcdownload.apple.com/WWDC_2017/Xcode_9_beta/Xcode_9_beta.xip

Thanks to Apple 🙂

Why do we need it? Look here:

typedef struct boot_args {
    uint16_t    Revision;	/* Revision of boot_args structure */
    uint16_t    Version;	/* Version of boot_args structure */

    uint8_t     efiMode;    /* 32 = 32-bit, 64 = 64-bit */
    uint8_t     debugMode;  /* Bit field with behavior changes */
    uint16_t    flags;

    char        CommandLine[BOOT_LINE_LENGTH];	/* Passed in command line */

    uint32_t    MemoryMap;  /* Physical address of memory map */
    uint32_t    MemoryMapSize;
    uint32_t    MemoryMapDescriptorSize;
    uint32_t    MemoryMapDescriptorVersion;

    Boot_VideoV1 VideoV1;	/* Video Information */

    uint32_t    deviceTreeP;	  /* Physical address of flattened device tree */
    uint32_t    deviceTreeLength; /* Length of flattened tree */

    uint32_t    kaddr;            /* Physical address of beginning of kernel text */
    uint32_t    ksize;            /* Size of combined kernel text+data+efi */

    uint32_t    efiRuntimeServicesPageStart; /* physical address of defragmented runtime pages */
    uint32_t    efiRuntimeServicesPageCount;
    uint64_t    efiRuntimeServicesVirtualPageStart; /* virtual address of defragmented runtime pages */

    uint32_t    efiSystemTable;   /* physical address of system table in runtime area */
    uint32_t    kslide;

    uint32_t    performanceDataStart; /* physical address of log */
    uint32_t    performanceDataSize;

    uint32_t    keyStoreDataStart; /* physical address of key store data */
    uint32_t    keyStoreDataSize;
    uint64_t	bootMemStart;
    uint64_t	bootMemSize;
    uint64_t    PhysicalMemorySize;
    uint64_t    FSBFrequency;
    uint64_t    pciConfigSpaceBaseAddress;
    uint32_t    pciConfigSpaceStartBusNumber;
    uint32_t    pciConfigSpaceEndBusNumber;
    uint32_t	csrActiveConfig;
    uint32_t	csrCapabilities;
    uint32_t    boot_SMC_plimit;
    uint16_t    bootProgressMeterStart;
    uint16_t    bootProgressMeterEnd;
    Boot_Video	Video;		/* Video Information */

    uint32_t    apfsDataStart; /* Physical address of apfs volume key structure */
    uint32_t    apfsDataSize;

    uint32_t    __reserved4[710];

} boot_args;

Chameleon and High Sierra…

I helped the developers of Chameleon with previous OS upgrades and I am wondering what the current state is. Is Chameleon already patched and working with High Sierra? If not, then feel free to reply here with a link to the latest source code.

Lilu.kext v1.4 load issues…

I am totally new to Lilu.kext and ran into load problems with it and thus I filed a new Github issue here. Anyone reading this who knows how I can resolve this problem?

I use the IntelGraphicsFixup.kext plugin (with -igfxbeta) and inject kexts with RevoBoot – injection of my AppleNVMEFamily.kext works with High Sierra so that should be fine.

Anyone?

Edit: I located the problem – Lilu.kext disables itself when it finds boot argument -s.

2017 iMac Pro SMBIOS data…

I think that I figured out the SMBIOS data for the iMac Pro. Here it is:

#if (TARGET_MODEL == IMACPRO_10)
	#define SMB_BIOS_VERSION	"IMP11.88Z.0058.B00.1705091711"
	#define SMB_PRODUCT_NAME	"iMacPro1,1"
	#define SMB_BOARD_PRODUCT	"Mac-7BA5B2D9E42DDD94"
	#define EFI_MODEL_NAME		{ 'i', 'M', 'a', 'c', 'P', 'r', 'o', '1', ',', '1' }
#endif

This is my best guess now, but it will most likely change before the iMac Pro is released!

That combined with the (preliminary) data from the current FrequencyVectors gives us:

Intel® Xeon® 8 Core with a maximum Turbo frequency of 3.6 GHz.
Intel® Xeon® 10 Core with a maximum Turbo frequency of 3.2 GHz.
Intel® Xeon® 18 Core with a maximum Turbo frequency of 3.0 GHz.

The max turbo frequencies may need to be changed in a next Developer Preview of High Sierra, or some later macOS upgrade, because we now know that they are incorrect. Here is the new data:

Intel® Xeon® W-2145 (8C/16T) with a maximum Turbo frequency of 4.5 GHz
Intel® Xeon® W-2155 (10C/20T) with a maximum Turbo frequency of 4.5 GHz
Intel® Xeon® W-2195 (18C/36T) with a maximum Turbo frequency of 4.3 GHz

Edit: Apple is testing a 10 core/20 thread computer, supposedly the iMac Pro with AMD Radeon Vega 10 Video Adapter, and they mask pretty much everything (in the SMBIOS):

model-id.: AAPJ137,1.
board-id.: Apple Common.

The BIOS date is 11/11/2016 and thus Apple is, apparently, working on it for quite some time already.

What is puzzling is that I also found the text: “Integrated Video Controller” in the SMBIOS. What does that mean? Does that mean that the Xeon’s for the iMac Pro come with IGPU, or has Apple simply forgotten to take it out? I for one hope that the former is true, but chances are slim. And here is the ACPI _PR scope from the DSDT:

Scope (_PR)
{
    Processor (PR00, 0x01, 0x00000410, 0x06) {}
    Processor (PR01, 0x02, 0x00000410, 0x06) {}
    Processor (PR02, 0x03, 0x00000410, 0x06) {}
    Processor (PR03, 0x04, 0x00000410, 0x06) {}
    Processor (PR04, 0x05, 0x00000410, 0x06) {}
    Processor (PR05, 0x06, 0x00000410, 0x06) {}
    Processor (PR06, 0x07, 0x00000410, 0x06) {}
    Processor (PR07, 0x08, 0x00000410, 0x06) {}
    Processor (PR08, 0x09, 0x00000410, 0x06) {}
    Processor (PR09, 0x0A, 0x00000410, 0x06) {}
    Processor (PR10, 0x0B, 0x00000410, 0x06) {}
    Processor (PR11, 0x0C, 0x00000410, 0x06) {}
    Processor (PR12, 0x0D, 0x00000410, 0x06) {}
    Processor (PR13, 0x0E, 0x00000410, 0x06) {}
    Processor (PR14, 0x0F, 0x00000410, 0x06) {}
    Processor (PR15, 0x10, 0x00000410, 0x06) {}
    Processor (PR16, 0x11, 0x00000410, 0x06) {}
    Processor (PR17, 0x12, 0x00000410, 0x06) {}
    Processor (PR18, 0x13, 0x00000410, 0x06) {}
    Processor (PR19, 0x14, 0x00000410, 0x06) {}
}

This is why we know that Apple is testing a processor with ten cores and twenty threads.

Update: The iMac that Apple is testing is the 10-core iMacPro1,1 (Apple is currently still using AAPJ137,1 as modelID) with Intel Basin Falls C422 chipset (C621 is for the Purely Xeons). There is no mention (yet) of any Intel Core i9 processors in the code. Just to let you know 😉

Edit: Data now also updated.

Update: I somehow mixed two board-id’s. The one that I extracted from the assumed iMac Pro firmware image is: Mac-7BA5B2D9E42DDD94 and the two known processors are:

Intel Xeon W-2140B @ 3.2GHz ( 8 cores and 16 threads)
Intel Xeon W-2150B @ 3.0GHz (10 cores and 20 threads)

We still don’t know the exact model identifier that Apple will use. They may use iMac19,1 or iMacPro1,1 We just don’t know yet.

Also. Remember when I said that I found the text Integrated Video Controller” in the SMBIOS. Well. Take a look at this XML snippets. One that I copied from AppleGraphicsDevicePolicy

			<key>ConfigMap</key>
			<dict>
				<key>Mac-77EB7D7DAF985301</key>
				<string>none</string>

And that coupled with this snippet:

			<key>Config4</key>
			<dict>
				<key>GFX0</key>
				<dict>
					<key>EDID</key>
					<dict>
						<key>index</key>
						<integer>0</integer>
					</dict>
					<key>FeatureControl</key>
					<integer>12</integer>
					<key>unload</key>
					<false/>
				</dict>
				<key>IGPU</key>
				<dict>
					<key>unload</key>
					<true/>
				</dict>
				<key>display</key>
				<dict>
					<key>EDID</key>
					<dict>
						<key>index</key>
						<integer>0</integer>
					</dict>
					<key>FeatureControl</key>
					<integer>12</integer>
					<key>unload</key>
					<false/>
				</dict>
			</dict>

We can’t just draw conclusions yet, but this may well mean that the Xeon W-21X0B SKU’s for Apple come with internal graphics. Next up. AMD graphics data from AppleGraphicsPowerManagement:

				<key>Mac-7BA5B2D9E42DDD94</key>
				<dict>
					<key>Vendor1002Device6860</key>
					<dict>
						<key>AGDCEnabled</key>
						<integer>1</integer>
						<key>Heuristic</key>
						<dict>
							<key>ID</key>
							<integer>-1</integer>
						</dict>
						<key>control-id</key>
						<integer>17</integer>
						<key>max-power-state</key>
						<integer>15</integer>
						<key>min-power-state</key>
						<integer>0</integer>
					</dict>
					<key>Vendor1002Device6867</key>
					<dict>
						<key>AGDCEnabled</key>
						<integer>1</integer>
						<key>Heuristic</key>
						<dict>
							<key>ID</key>
							<integer>-1</integer>
						</dict>
						<key>control-id</key>
						<integer>17</integer>
						<key>max-power-state</key>
						<integer>15</integer>
						<key>min-power-state</key>
						<integer>0</integer>
					</dict>
				</dict>

Edit: Updated with the latest data from macOS 10.13.2 (17C60c)

2017 MacBook Pro and iMac SMBIOS data…

Here is the late 2016 MacBook Pro SMBIOS data:

#elif (TARGET_MODEL == MACBOOK_PRO_141)
	// 13-inch without Touch Bar / Touch ID
	// Intel Core i5-7360U 2.3 GHz (max Turbo Boost 3.6 GHz)
	// Intel Core i7-7660U 2.5 GHz (max Turbo Boost 4.0 GHz)
	#define SMB_BIOS_VERSION	"MBP141.88Z.0160.B00.1705082121"
	#define SMB_PRODUCT_NAME	"MacBookPro14,1"
	#define SMB_BOARD_PRODUCT	"Mac-B4831CEBD52A0C4C"
	#define EFI_MODEL_NAME		{ 'M', 'a', 'c', 'B', 'o', 'o', 'k', 'P', 'r', 'o', '1', '4', ',', '1' }
#elif (TARGET_MODEL == MACBOOK_PRO_142)
	// 13-inch with Touch Bar / Touch ID
	// Intel Core i5-7267U 3.1 GHz (max Turbo Boost 3.5 GHz)
	// Intel Core i5-7287U 3.3 GHz (max Turbo Boost 3.7 GHz)
	// Intel Core i7-7567U 3.5 GHz (max Turbo Boost 4.0 GHz)
	#define SMB_BIOS_VERSION	"MBP142.88Z.0160.B00.1705082121"
	#define SMB_PRODUCT_NAME	"MacBookPro14,2"
	#define SMB_BOARD_PRODUCT	"Mac-CAD6701F7CEA0921 "
	#define EFI_MODEL_NAME		{ 'M', 'a', 'c', 'B', 'o', 'o', 'k', 'P', 'r', 'o', '1', '4', ',', '2' }
#else // Defaults to MacBookPro14,3
	// 15-inch with Touch Bar / Touch ID
	// Intel Core i7-7700HQ 2.8 GHz (max Turbo Boost 3.8 GHz)
	// Intel Core i7-7820HQ 2.9 GHz (max Turbo Boost 3.9 GHz)
	// Intel Core i7-7920HQ 3.1 GHz (max Turbo Boost 4.1 GHz)
	#define SMB_BIOS_VERSION	"MBP143.88Z.0160.B00.1705090111"
	#define SMB_PRODUCT_NAME	"MacBookPro14,3"
	#define SMB_BOARD_PRODUCT	"Mac-551B86E5744E2388"
	#define EFI_MODEL_NAME		{ 'M', 'a', 'c', 'B', 'o', 'o', 'k', 'P', 'r', 'o', '1', '4', ',', '3' }

And here is the data of the new iMacs.

#elif (TARGET_MODEL == IMAC_181) // Retina 5K, 27-inch, 2017
	#define SMB_BIOS_VERSION	"IM181.88Z.0145.B07.1705082121"
	#define SMB_PRODUCT_NAME	"iMac18,1"
	#define SMB_BOARD_PRODUCT	"Mac-4B682C642B45593E"
	#define EFI_MODEL_NAME		{ 'i', 'M', 'a', 'c', '1', '8', ',', '1' }
#elif (TARGET_MODEL == IMAC_182) // Retina 5K, 27-inch, 2017
	#define SMB_BIOS_VERSION	"IM182.88Z.0145.B07.1705082121"
	#define SMB_PRODUCT_NAME	"iMac18,2"
	#define SMB_BOARD_PRODUCT	"Mac-77F17D7DA9285301"
	#define EFI_MODEL_NAME		{ 'i', 'M', 'a', 'c', '1', '8', ',', '2' }
#else // Defaults to iMac18,3 Retina 5K, 27-inch, 2017
	#define SMB_BIOS_VERSION	"IM183.88Z.0145.B07.1705082121"
	#define SMB_PRODUCT_NAME	"iMac18,3"
	#define SMB_BOARD_PRODUCT	"Mac-BE088AF8C5EB4FA2"
	#define EFI_MODEL_NAME		{ 'i', 'M', 'a', 'c', '1', '8', ',', '3' }

Note: This data was initially added to RevoBoot, but it can be used with any boot loader!

Oh and just in case you are wondering how fast a 2017 MacBook Pro (MacBookPro14,3/Mac-551B86E5744E2388) is with the Intel Core i7-7820HQ 2.9 GHz (max Turbo Boost 3.9 GHz) processor. Here are the Geekbench results.

CatalogURL for macOS 10.13 (High Sierra)

I blogged about CatalogURL’s last year also, but today I’d like to share the new ones for macOS 10.13:

Developer Program Members

https://swscan.apple.com/content/catalogs/others/index-10.13seed-10.13-10.12-10.11-10.10-10.9-mountainlion-lion-snowleopard-leopard.merged-1.sucatalog.gz

Beta Program Members

https://swscan.apple.com/content/catalogs/others/index-10.13beta-10.13-10.12-10.11-10.10-10.9-mountainlion-lion-snowleopard-leopard.merged-1.sucatalog.gz

Regular Software Updates

https://swscan.apple.com/content/catalogs/others/index-10.13-10.12-10.11-10.10-10.9-mountainlion-lion-snowleopard-leopard.merged-1.sucatalog.gz

Customer Seed Updates

https://swscan.apple.com/content/catalogs/others/index-10.13customerseed-10.13-10.12-10.11-10.10-10.9-mountainlion-lion-snowleopard-leopard.merged-1.sucatalog.gz

You can check the CatalogURL with help of this terminal command:

sudo defaults read /Library/Preferences/com.apple.SoftwareUpdate CatalogURL

You can change the CatalogURL with:

sudo /usr/sbin/softwareupdate --set-catalog [URL]

Note: The CatalogURL’s also works for the initial installation. Not just the updates. The script for it can be found in my Github repository.

p.s. Please note that I did not test this script myself. I cannot do that right now (holiday).

Update: In case you run into ERROR_12DBCCA60C then make sure you have

/Users/Shared/.SeedEnrollment.plist

with the following content:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>SeedProgram</key>
	<string>DeveloperSeed</string>
</dict>