<nicolas17>
as I understand it, the vulnerability is achieving code execution in the DCP
<nicolas17>
and the fact that the DCP can "just call into the AP and ask nicely" wasn't mentioned as a vulnerability, yet arguably it is
<marcan>
the other part of it is the DCP directly handling userspace requests at effectively the ioctl level
<marcan>
which our driver also doesn't do
<marcan>
that's how they jump from userspace to DCP in the first place
<nicolas17>
when the iomobileframebuffer vuln was found, it was only (publicly) exploited on older devices, because on newer ones the vulnerable code was moved to the DCP (the trivial PoC crashed the DCP instead of the XNU kernel)
<nicolas17>
"would it be possible to take over the DCP with that, and then pivot back to the AP?" "given the awful RPC interface marcan discovered, probably"
<nicolas17>
"but it would be a lot of work" and now it turns out it was achieved by a malicious actor...
<marcan>
yup...
<nicolas17>
ok time to push through the adhd and update theiphonewiki for beta 2
<marcan>
probably doesn't matter since I don't see that being exploitable
<marcan>
but good hygiene
<marcan>
(disclaimer: I haven't audited this driver yet :p)
<marcan>
(also we're not shipping it yet)
<nicolas17>
function pointer syntax is so ugly... would dcpep_cb_handlers benefit from a typedef? it's hard to tell if the const is in the right place there
luke has quit [Ping timeout: 480 seconds]
witchbutter has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
riker77_ has joined #asahi
dsrt^ has joined #asahi
riker77 has quit [Ping timeout: 480 seconds]
riker77_ is now known as riker77
linusmaxwell[m] has joined #asahi
PhilippvK has joined #asahi
phiologe has quit [Ping timeout: 480 seconds]
Mary has joined #asahi
ciggi has quit [Read error: Connection reset by peer]
ciggi has joined #asahi
marvin24_ has joined #asahi
marvin24 has quit [Ping timeout: 480 seconds]
gladiac has joined #asahi
the_lanetly_052 has joined #asahi
psykose has quit [Remote host closed the connection]
psykose has joined #asahi
eroux has joined #asahi
dsrt^ has quit [Ping timeout: 480 seconds]
dsrt^ has joined #asahi
nicolas17 has quit [Quit: Konversation terminated!]
dsrt^ has quit [Ping timeout: 480 seconds]
miko has joined #asahi
millenialhacker has joined #asahi
the_lanetly_052__ has joined #asahi
the_lanetly_052 has quit [Ping timeout: 480 seconds]
MajorBiscuit has joined #asahi
psykose has quit [Remote host closed the connection]
psykose has joined #asahi
MoteenShah[m] has joined #asahi
miko has quit [Quit: WeeChat 3.5]
the_lanetly_052__ has quit [Ping timeout: 480 seconds]
Akram has joined #asahi
Akram is now known as Akram2
Akram2 has quit [Ping timeout: 480 seconds]
fautore has joined #asahi
luke has joined #asahi
luke has quit [Remote host closed the connection]
luke has joined #asahi
fautore has quit [Remote host closed the connection]
dsrt^ has joined #asahi
luke has quit [Remote host closed the connection]
luke has joined #asahi
dsrt^ has quit [Ping timeout: 480 seconds]
dsrt^ has joined #asahi
LunaFoxgirlVT has joined #asahi
dsrt^ has quit [Ping timeout: 480 seconds]
L1Q has joined #asahi
millenialhacker has quit [Remote host closed the connection]
millenialhacker has joined #asahi
millenialhacker has quit [Ping timeout: 480 seconds]
LunaFoxgirlVT has quit [Quit: Leaving]
eroux has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
dsrt^ has joined #asahi
the_lanetly_052 has joined #asahi
jluthra has quit [Remote host closed the connection]
jluthra has joined #asahi
millenialhacker has joined #asahi
ptudor has quit [Remote host closed the connection]
ptudor has joined #asahi
millenialhacker has quit [Ping timeout: 480 seconds]
eroux has joined #asahi
luke has quit [Ping timeout: 480 seconds]
millenialhacker has joined #asahi
millenialhacker has quit [Ping timeout: 480 seconds]
luke has joined #asahi
qeeg has quit [Remote host closed the connection]
luke has quit [Ping timeout: 480 seconds]
luke has joined #asahi
qeeg has joined #asahi
guillaume_g has quit []
Gaspare has joined #asahi
millenialhacker has joined #asahi
millenialhacker has quit [Ping timeout: 480 seconds]
<jannau>
I guess it will be kind of slow in the beginning anyway. Rebooting a couple of times into macos recovery until chainloading works
bpye has joined #asahi
nicolas17 has joined #asahi
ptudor_ has joined #asahi
<jannau>
nicolas17: comes with finished software, macOS 12.4
<marcan>
chainloading might work first try tbh, with MMUs off and serial only
<marcan>
not much to go wrong there
ptudor has quit [Ping timeout: 480 seconds]
<marcan>
I should actually make a #define BRINGUP for that
<marcan>
I might also get the chicken sequence done before the stream, because that is boring as heck to watch
<marcan>
(just reversing it, not trying anything)
Gaspare has joined #asahi
toranosora[m] has left #asahi [#asahi]
<nicolas17>
jannau: the Mac Studio shipped with 12.2 21D2048, but the publicly available 12.2 release was 21D49
<nicolas17>
same has happened on iPhones, the public release of iOS 15.0 is 19A346, but iPhone 13 Pro has been reported to come with 19A341 or 19A345 out of the box
millenialhacker has joined #asahi
<jannau>
yes, but 12.3 was immediately available for update
<nicolas17>
yeah they did something weird this time
<nicolas17>
they released 21F2081, with the ipsw supporting both M1 and M2 (although the ipsw list used by Apple Configurator only mentioned it for M2, so restoring M1 machines would still get 21F79)
<nicolas17>
two days later they released 21F2092 supporting only M2
<nicolas17>
and all three are numbered "12.4"
<jannau>
system has an install date of 2022-05-26, so it's possible that this is the same 12.4 as for the m1 devices
<nicolas17>
apparently it comes from a different branch (to avoid leaking info about hardware early), the BuildTrain is "StarFHW" instead of "StarF"
millenialhacker has quit [Ping timeout: 480 seconds]
<jannau>
macOS "system information" still lists keyboard/trackpad under SPI
the_lanetly_052__ has joined #asahi
the_lanetly_052 has quit [Ping timeout: 480 seconds]
witchbutter has joined #asahi
millenialhacker has joined #asahi
millenialhacker has quit [Ping timeout: 480 seconds]
witchbutter has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
dsrt^ has quit [Ping timeout: 480 seconds]
witchbutter has joined #asahi
the_lanetly_052__ has quit [Ping timeout: 480 seconds]
dsrt^ has joined #asahi
vmeson has quit [Read error: Connection reset by peer]
vmeson has joined #asahi
___nick___ has joined #asahi
skipwich has joined #asahi
millenialhacker has joined #asahi
___nick___ has quit []
millenialhacker has quit [Ping timeout: 480 seconds]
___nick___ has joined #asahi
___nick___ has quit []
___nick___ has joined #asahi
<amarioguy>
m2 msr dump when /s
Gaspare has quit [Quit: Gaspare]
skipwich has quit [Ping timeout: 480 seconds]
skipwich has joined #asahi
MajorBiscuit has joined #asahi
<nicolas17>
looks like 12.5 beta 4 just came out, with M2 support (beta 3 still didn't have it)
<amarioguy>
ah so nested virt *is* on m2 now lol good to know
<j`ey>
jannau: wait wut, you have the m2 already?
millenialhacker has quit [Ping timeout: 480 seconds]
<amarioguy>
j'ey: m2 mbp exists
<j`ey>
yes but i didn't know jannau got one
<jannau>
amarioguy: that was what wanted to know, right
<amarioguy>
jannau: that was something i did want to account for yes
<amarioguy>
was also wondering if apple added other things to m2 via MSRs or anything like that (waiting on the m2 mba to release that's why i'm not able to probe myself lol)
<nicolas17>
amarioguy: I think marcan already got the mbp too
<mps>
hm, touchbar on m2 mbp
<amarioguy>
nicolas17: yea ofc marcan would need this stuff asap lol
<j`ey>
monday stream >:D
<rowang077[m]>
Is it possible to undervolt/overvolt and overclock M1/M2 macbooks at all?
Catyre_ has joined #asahi
eroux has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
Catyre__ has joined #asahi
millenialhacker has joined #asahi
Catyre has quit [Ping timeout: 480 seconds]
Gaspare has quit [Quit: Gaspare]
Catyre_ has quit [Ping timeout: 480 seconds]
MajorBiscuit has joined #asahi
millenialhacker has quit [Ping timeout: 480 seconds]
skoobasteeve has joined #asahi
skoobasteeve has quit []
skoobasteeve has joined #asahi
<MichaelMesser[m]>
I don't think anyone discovered anything related to overclocking.
<MichaelMesser[m]>
The problem is if Apple doesn't use something, is less likely to exist in hardware. Even if it does it is harder to discover.
<Catyre>
When I try to connect to my wifi network, Asahi seems to hang indefinitely. I have not had this problem connecting to other networks before. Any idea why this might be happening?