jeisom has quit [Remote host closed the connection]
jeisom has joined #asahi-re
pb17 has quit [Ping timeout: 480 seconds]
pb17 has joined #asahi-re
hdbngr has joined #asahi-re
hdbngr has quit [Ping timeout: 480 seconds]
pb17 has quit [Ping timeout: 480 seconds]
hdbngr has joined #asahi-re
hdbngr has quit [Ping timeout: 480 seconds]
pb17 has joined #asahi-re
hdbngr has joined #asahi-re
hdbngr has quit [Ping timeout: 480 seconds]
SalimTer- has joined #asahi-re
SalimTerryLi has quit [Ping timeout: 480 seconds]
ilm has joined #asahi-re
ilm has left #asahi-re [#asahi-re]
ilmo has joined #asahi-re
<ilmo>
hi, I have installed macOS 14.5 build 23F5049f, gone trough the m1n1 hypervisor setup in the recovery, set the m1n1 custom boot object and now macOS is stuck in an infinite boot loop which eventually results in being thrown into recovery and I do not see any serial tty device getting attached, dmesg is empty
<jannau>
ilmo: on which device? in which partition did you install m1n1 as custom boot object? the 14.5 macOS one?
<ilmo>
Yes, the 14.5 one for sure, device is the m1 pro macbook pro
<ilmo>
jannau: I am also connecting using a usb 2.0 cable, it has data lines
<ilmo>
jannau: Yes, I have set up the bootpolicy and sip according to the instructions there, I have also not tried this with any other macOS version yet as I always had it install versions which did not have a KDK, now I am downloading 12.3, but would this macOS version make a difference?
<ilmo>
I mean m1n1 is loaded before macOS from what I understand, the serial communication is implemented in there, so shouldn't I see something happen in dmesg?
<jannau>
use 13.5, I'm asking because the instructions work over all m1/m2 devices (and select m3) up to 14.4
<jannau>
yes, only m1n1 is loaded and it will wait for a connection via serial or usb
<ilmo>
will it make a big difference reverse engineering on 13.5 vs 12.3?
<jannau>
no it just makes not much sense to work with 12.3. HW obviously doesn't change over OS versions but 13.5 should be the starting point for firmware interfaces
<ilmo>
jannau: which 13.5 build exactly? just so that I don't have the KDK problem again
<ilmo>
or should I get the correct one when using softwareupdate?
<jannau>
13.5(.0) but just check if the kdk is available before. not sure if it's still available via softwareupdate. exact version shouldn't matter that much for RE though
HardWall has joined #asahi-re
<ilmo>
Unfortunatley 13.5 is not avaliable anymore, will 13.6.6 work? or even 14.x? is there a list of known working versions?
<jannau>
depends on what you want to look at. if 13.6.6 is the closest still available version then it's probably similar enough (compared to 13.5)
<ilmo>
I'm just scared of another 1h 30mins download which won't work again, re wise it'll be fine for sure, just worrying about the m1n1 boot object not booting
hdbngr has joined #asahi-re
hdbngr has quit [Ping timeout: 480 seconds]
pb17 has quit [Ping timeout: 480 seconds]
ilmo_ has joined #asahi-re
pb17 has joined #asahi-re
<jannau>
I'd say it's more likely that you did something wrong or your m1n1 binary is broken than 14.5 not working, sorry. but it's still useful to RE work with a similar macOS version as everyone else
hdbngr has joined #asahi-re
hdbngr has quit [Ping timeout: 480 seconds]
hdbngr has joined #asahi-re
hdbngr has quit [Ping timeout: 480 seconds]
hdbngr has joined #asahi-re
hdbngr has quit [Ping timeout: 480 seconds]
glem has quit [Quit: bye.]
hdbngr has joined #asahi-re
glem has joined #asahi-re
pb17 has quit [Ping timeout: 480 seconds]
pb17 has joined #asahi-re
hdbngr has quit [Ping timeout: 480 seconds]
hdbngr has joined #asahi-re
jeisom has quit [Remote host closed the connection]
hdbngr has quit [Ping timeout: 480 seconds]
hdbngr has joined #asahi-re
hdbngr has quit [Ping timeout: 480 seconds]
hdbngr has joined #asahi-re
hdbngr has quit [Ping timeout: 480 seconds]
gi0 has quit []
ilmo has quit [Remote host closed the connection]
pb17 has quit [Ping timeout: 480 seconds]
ilmo_ has quit [Quit: WeeChat 4.1.1]
ilmo has joined #asahi-re
<ilmo>
jannau: yeah I do think that it is me doing something wrong, but I've tried this many times already, I don't have any ideaabout why this could be happening, I installed macOS, bputil, csrutil, kmutil, then reboot into the macOS version I installed and it shows a white apple logo bootlooping
<jannau>
are you installing a second macOS volume?
<ilmo>
jannau: Yes
<ilmo>
I am sure I have selected the correct UUID by looking it up trough disk util
<jannau>
you're booting into 1tr by holding power until "loading boot options" appears? The tools should complain if not
<ilmo>
Yes I was till now, actually now at this exact moment this appeared for me for the first time
<ilmo>
I compiled m1n1 on darwin, and used the m1n1 bin from the build directory
<jannau>
what appeared?
<ilmo>
the message about trying again after executing kmutil
<ilmo>
This never appeared tho
hdbngr has joined #asahi-re
<jannau>
I can't follow
<ilmo>
So right now I have installed macOS 13.6.5, downloaded the KDK, did bputil,csrutil then I have executed the kmutil command and for the first time I have seen it complain about restarting and going into recovery again
<ilmo>
before when doing installations with 14.4 or other versions this did not appear, not that I think this has anything to do with the version but just never seen this happen till now
<jannau>
ah. so shutdown and hold power until your booted into 1tr
<ilmo>
Yeah, did thatn, now its the usual by setting a custom boot object you will be putting your system into permissive mode
<jannau>
I don't think this is the error though
<ilmo>
Yeah its not, now I'm restarting
<ilmo>
And it worked!!!! Finally, so it was the version
<ilmo>
Or maybe one thing that I did differently this time is after doing bputil and csrutil I rebooted, logged in, then reboot again into recovery, then set the boot object, reason I think this could be important is that it says reboot to apply SIP removal
<ilmo>
Thank you very much for your help!
<ilmo>
I'll be trying to re touch id now
<jannau>
I would be surprised if it's the version and I think I usually do bputil, csrutil and kmutil in one go. glad it worked now
hdbngr has quit [Ping timeout: 480 seconds]
<ilmo>
Yea I'd be supried if it is the version but It's hard to explain this otherwise
<jannau>
amarioguy was looking into sep (which you will need for touch id) and/or touch id
<jannau>
haven't heard any for a while, svem might know more
<ilmo>
yeah the sep is necessary for touch id but I think just starting to look at how the touch id enrollment process works will also give a good starting point for the sep
<ilmo>
would love to get in touch with anyone that worked on the sep tho
<sven>
I did a bit of work a long time ago
<sven>
dunno if amarioguy made any progress
<sven>
there’s a tracer in m1n1 that should decode the first layer ipc
<sven>
and some code to boot the sep
<sven>
Touch ID enrollment will already require the sep
<sven>
I’d expect that it’s essentially just passing encrypted data between the sensor and sep
pb17 has joined #asahi-re
<sven>
very likely even the same data the Bluetooth keyboards with touchid will send/receive
<ilmo>
but we can already see the communication in the hypervisor right?
<ilmo>
Thats awesome that there is a tracer for it already
ilmo has quit [Quit: WeeChat 4.1.1]
roxfan has quit [Remote host closed the connection]
ilmo has joined #asahi-re
roxfan has joined #asahi-re
roxfan has quit [Remote host closed the connection]
<sven>
it’s just the first layer which happens to be fairly simple. still lots of work to be done
<sven>
and yeah, you should be able to see everything with the hv