marcan changed the topic of #asahi to: Asahi Linux: porting Linux to Apple Silicon macs | "Does XXX work yet?": https://alx.sh/fs | GitHub: https://alx.sh/g | Wiki: https://alx.sh/w | Topics: #asahi-dev #asahi-re #asahi-gpu #asahi-alt #asahi-stream #asahi-offtopic | Keep things on topic | Logs: https://alx.sh/l/asahi
hdbngr has quit [Ping timeout: 480 seconds]
hdbngr has joined #asahi
chadmed has quit [Ping timeout: 480 seconds]
hdbngr has quit [Ping timeout: 480 seconds]
Charlie has joined #asahi
Charlie has left #asahi [#asahi]
Charlie has joined #asahi
hdbngr has joined #asahi
<Charlie>
Hey all! I'm a data engineer/software dev with tons of experience with both linux and MacOS, kubernetes/cluster development/managed/debgging, python/pyspark, bash/zsh, the list goes on. As a new M3 Pro owner what's the best way I can start making contributions to this project? Mainly thinking having an M3 will be beneficial but happy to do non-m3 related dev work as well.
hdbngr has quit [Ping timeout: 480 seconds]
hdbngr has joined #asahi
kidplayer666 has quit [Quit: Connection closed for inactivity]
Bertrand___ has quit [Remote host closed the connection]
linuxgemini has joined #asahi
Bertrand___ has joined #asahi
hdbngr has quit [Ping timeout: 480 seconds]
julio7359 has quit [Ping timeout: 480 seconds]
hdbngr has joined #asahi
julio7359 has joined #asahi
hdbngr has quit [Ping timeout: 480 seconds]
KxCORP has quit [Quit: Bye!]
overholts has quit [Quit: overholts]
KxCORP has joined #asahi
overholts has joined #asahi
jeisom has quit [Ping timeout: 480 seconds]
hdbngr has joined #asahi
Bertrand___ has quit [Ping timeout: 480 seconds]
skipwich has quit [Ping timeout: 480 seconds]
hdbngr has quit [Ping timeout: 480 seconds]
possiblemeatball has quit [Quit: Quit]
possiblemeatball has joined #asahi
dylanchapell has quit [Read error: Connection reset by peer]
Bertrand___ has joined #asahi
hdbngr has joined #asahi
possiblemeatball has quit [Quit: Quit]
hdbngr has quit [Ping timeout: 480 seconds]
hdbngr has joined #asahi
dylanchapell has joined #asahi
hdbngr has quit [Ping timeout: 480 seconds]
hdbngr has joined #asahi
Szadek6367007078972554 has quit []
hdbngr has quit [Ping timeout: 480 seconds]
hdbngr has joined #asahi
Szadek6367007078972554 has joined #asahi
julio7359 has quit [Ping timeout: 480 seconds]
hdbngr has quit [Ping timeout: 480 seconds]
hdbngr has joined #asahi
hdbngr has quit [Ping timeout: 480 seconds]
julio7359 has joined #asahi
hdbngr has joined #asahi
kdb4244 has joined #asahi
Bertrand___ has quit [Read error: Connection reset by peer]
Bertrand___ has joined #asahi
kdb424 has quit [Ping timeout: 480 seconds]
kdb4244 is now known as kdb424
hdbngr has quit [Ping timeout: 480 seconds]
hdbngr has joined #asahi
hdbngr has quit [Ping timeout: 480 seconds]
hdbngr has joined #asahi
shiggitay_ has joined #asahi
hdbngr has quit [Ping timeout: 480 seconds]
rvalue has joined #asahi
rvalue has quit [Read error: Connection reset by peer]
rvalue has joined #asahi
hdbngr has joined #asahi
hdbngr has quit [Ping timeout: 480 seconds]
marvin24 has joined #asahi
marvin24_ has quit [Ping timeout: 480 seconds]
hdbngr has joined #asahi
hdbngr has quit [Ping timeout: 480 seconds]
hdbngr has joined #asahi
eiln has quit [Ping timeout: 480 seconds]
nela has quit [Ping timeout: 480 seconds]
chadmed has joined #asahi
hdbngr has quit [Ping timeout: 480 seconds]
hdbngr has joined #asahi
hdbngr has quit [Ping timeout: 480 seconds]
nela has joined #asahi
hdbngr has joined #asahi
rhysmdnz has quit [Quit: Bridge terminating on SIGTERM]
Guest455 has quit [Quit: Bridge terminating on SIGTERM]
rhysmdnz has joined #asahi
Guest932 has joined #asahi
hdbngr has quit [Ping timeout: 480 seconds]
hdbngr has joined #asahi
shiggitay_ has quit [Ping timeout: 480 seconds]
hdbngr has quit [Ping timeout: 480 seconds]
hdbngr has joined #asahi
hdbngr has quit [Ping timeout: 480 seconds]
hdbngr has joined #asahi
hdbngr has quit [Ping timeout: 480 seconds]
hdbngr has joined #asahi
hdbngr has quit [Ping timeout: 480 seconds]
arahael has joined #asahi
hdbngr has joined #asahi
hdbngr has quit [Ping timeout: 480 seconds]
Bertrand___ has quit [Remote host closed the connection]
Bertrand___ has joined #asahi
hdbngr has joined #asahi
JayBeeFOSS has quit [Ping timeout: 480 seconds]
JayBeeFOSS has joined #asahi
hdbngr has quit [Ping timeout: 480 seconds]
hdbngr has joined #asahi
hdbngr has quit [Ping timeout: 480 seconds]
hdbngr has joined #asahi
hdbngr has quit [Ping timeout: 480 seconds]
vx has quit [Quit: G-Line: User has been permanently banned from this network.]
vx has joined #asahi
mkurz_ has quit [Ping timeout: 480 seconds]
hdbngr has joined #asahi
mkurz_ has joined #asahi
mkurz_ has quit [Read error: No route to host]
mkurz_ has joined #asahi
hdbngr has quit [Ping timeout: 480 seconds]
hdbngr has joined #asahi
quimah has joined #asahi
hdbngr has quit [Ping timeout: 480 seconds]
hdbngr has joined #asahi
PaulFertser has joined #asahi
Bertrand___ has quit [Ping timeout: 480 seconds]
Bertrand___ has joined #asahi
hdbngr has quit [Ping timeout: 480 seconds]
hdbngr has joined #asahi
hdbngr has quit [Ping timeout: 480 seconds]
bingoChecker has joined #asahi
hdbngr has joined #asahi
hdbngr has quit [Ping timeout: 480 seconds]
hpar has joined #asahi
hpar has quit [Quit: Konversation terminated!]
hdbngr has joined #asahi
<mort_>
I wonder what it would take to get proper "s3" sleep on these machines
<j`ey>
being able to properly save/restore the state of all the coprocessors
<mort_>
sounds non-trivial
<Nefsen402>
having linux start up on bespoke aarch64 hardware sounds non-trivial
<mort_>
true
<mort_>
hmm would s4 idle possibly be easier? Since that actually properly shuts down and does a cold boot
Brainium has joined #asahi
hdbngr has quit [Ping timeout: 480 seconds]
hdbngr has joined #asahi
mort_ has quit [Ping timeout: 480 seconds]
mort_ has joined #asahi
<chadmed>
its really not productive to think in terms of acpi power states
<chadmed>
the system is not abstracted at that level and there is no system-wide "please put the machine in x state" that we can do
<mort_>
with the caveat that I may have missed some discussion because my irc client got sad and I had to hard reboot the VPS (!!):
<mort_>
I think the ACPI power states give us a language to talk about different kinds of sleep, even on systems which don't implement ACPI
<chadmed>
yeah but they are totally unrelated to how you would ever implement anything that even "looks" like those states on non-acpi hardware
<mort_>
e.g "store RAM contents to disk, power off completely, then recover RAM from disk on boot" makes sense as a concept regardless of ACPI, and we call that S4 sleep
<chadmed>
mhmm and without platform firmware implementing that interface where do you implement it
<chadmed>
it makes absolutely no sense even as a concept
<mort_>
the kernel?
bingoChecker has quit [Remote host closed the connection]
<kettenis>
even with ACPI, S4 doesn't do much more than powering off the machine
<kettenis>
the OS does all the hard work
<kettenis>
there used to be a separate S4BIOS state where the firmware would do the hard work, but that hasn't been implemented by any vendor in the last decade
<kettenis>
so implementing a suspend-to-disk for these machines should be entirely possible
<kettenis>
does Linux implement suspend-to-disk on other arm64 hardware?
<chadmed>
bah im sorry i need to sleep, s4 is hibernate of course
<chadmed>
im an idiot
<kettenis>
heh
<mort_>
I guess that's the downside of using the acpi state names heh
<mort_>
Phoronix says suspend to disk for ARM64 was added in 4.7
<chadmed>
s2idle Shouldn't(tm) be materially worse than STR in any case. our issue is not something innate to s2idle but rather that some stuff isn't being quiesced/put into low power states
<j`ey>
and being to actually turn off CPUs would be nice
<kettenis>
the only real difference between suspend-to-RAM and suspend-to-idle is that you hand off to some lower-power CPU to turn off the last few things
<mort_>
it's true that s2ram is in principle no better than s2idle + perfect power management in all drivers for all hardware, but there's something to be said about guarantees here
<kettenis>
well, even ACPI S3 doesn't give you those guarantees
<mort_>
this kind of thinking is what causes even Windows laptops these days to randomly just get super hot in your backpack because some driver messed up a power management thing
<mort_>
"everything is turned off except for RAM" is a fairly decent guarantee isn't it?
<chadmed>
no, thats bugs in windows
<kettenis>
the OS is still responsible for turning off tons of stuff first
<chadmed>
this has been proven time and time again
<chadmed>
shitty buggy winblows code and shitty buggy ACPI BIOS code have nothing to do with us
<mort_>
chadmed: those bugs in Windows wouldn't be possible if Windows wasn't running because only the RAM was powered on
<kettenis>
and it is entirely unspecified *what* the OS is responsible for
<mort_>
regardless I trust Linux to be bug-free even less than I trust NT to be bug-free
<mort_>
I have sooooo much experience with random kernel bugs on various bits of hardware causing things like lock-ups and kernel memory leaks and whatever else
<chadmed>
and yet you trust us to emulate ACPI power states?
<mort_>
I trust a kernel that's not running more than I trust a kernel that is to some extent running
hdbngr has quit [Ping timeout: 480 seconds]
<chadmed>
the codepaths would be exactly the same for s2ram and s2idle
<chadmed>
s2ram would require even more kernel intervention on this platform because we cant simply call into firmware to do the last few bits for us in fact
<mort_>
but no, I don't trust that either, my previous laptop would sometimes randomly just get super hot when I closed the lid and then not come to life again until I held down the power button
<chadmed>
then what exactly is the point here?
<mort_>
well
<j`ey>
better sleep :P
<mort_>
the bug I mentioned with my previous laptop would at least happen while the kernel was suspending, and I could be relatively sure that once it was actually suspended, it would stay that way
<chadmed>
j`ey: of course but at the point where we're splitting hairs over what exactly is slept and how is totally irrelevant so long as the end result is good sleep
<chadmed>
which is what i was getting at when saying that acpi power states as a frame of reference are unhelpful and a bad idea
<chadmed>
they just lead to arguments like this
<chadmed>
it literally does not matter in the slightest how the platform is suspended when all the drivers are just gated behind PM_SLEEP and not any particular implementation of "sleep"
<mort_>
to be clear, I am not saying "the Asahi Linux project should implement s2ram"
<mort_>
just that, I believe that this idea of "we can just make sure every driver perfectly implements power management and do s2idle" is a common trend in the industry and is responsible for quite a lot of grief
<chadmed>
i mean, the hardware we're working with is clearly capable of doing it. it's not like we're trying to work with fundamentally broken hardware or firmware implementations that cant handle perfect s2idle
<chadmed>
if we were trying to support some bumass thinkpad or asus motherboard youd have a point though
<mort_>
and perfect s2idle might very well be the right approach for Asahi, especially given that the set of hardware is so limited
hdbngr has joined #asahi
<chadmed>
the main power hogs during s2idle right now are the pcore clusters anyway
<mort_>
and I'm not blind to the fact that work on general PM means better battery performance in both s2idle *and* in normal tasks, while work on s3 sleep would benefit only sleep
<chadmed>
iirc we need psci to turn the clusters off and restore them or something like that
<chadmed>
so its not a problem we dont know how to fix, we just need to actually do it
<j`ey>
well the problem there is how to hanlde PSCI in the same EL
<j`ey>
I prototyped this, with efi and keeping m1n1 in memory and stuff, was fun, but very hacky
<kettenis>
chadmed: technically there is no problem for just adding code in Linux to turn off the P-clusters
<j`ey>
well upstream is the problem :P
<chadmed>
kettenis: yeah well thats what we did in our idle driver but thats never ever getting upstreamed :p
<chadmed>
^^
<mort_>
*if* my understanding is correct that suspend-to-disk is more or less handled generically by the kernel, it could be an interesting stop-gap for those of us who want to be able to not wake up to a dead laptop in the morning even as perfect s2idle is a work in progress
<mort_>
meh it seems like hector martin has already commented on hibernate a few times and there are challenges there too
<sven>
if it was very easy it would already be supported
<mort_>
I guess I could work around this in userspace instead, make firefox save its session, then power off in a way which tells the system to auto power on and open firefox on the next boot
hdbngr has quit [Ping timeout: 480 seconds]
<j`ey>
Is that much different than just having the WM/DE always open ff?
<mort_>
maybe not
<kettenis>
even if driver code to turn off the P-clusters would never be upstreamable it would be useful to have
<mort_>
alright with auto login + auto launch firefox + firefox session restore I successfully have "hibernate" 😅
<j`ey>
mort_: just do that overnight, and during the day normal s2idle hopefully doesnt draw enough
<kettenis>
it could be used as example code for PSCI emulation
<mort_>
I wonder if I could automatically shut down after some period of time in s2idle
hdbngr has joined #asahi
paps__ has quit [Quit: Connection closed for inactivity]
f_ is now known as funderscore
funderscore is now known as f_
hdbngr has quit [Ping timeout: 480 seconds]
hdbngr has joined #asahi
Fischmiep has quit [Read error: Connection reset by peer]
hdbngr has quit [Ping timeout: 480 seconds]
jeisom has joined #asahi
possiblemeatball has joined #asahi
<mort_>
is speakersafetyd used for both the voice coil temperature model safety stuff and the eq stuff? Or is it only responsible for safety and some other system is used for eq
<leio>
some stuff using lsp-plugins, bankstown and co do eq via automatic pipewire setup
hdbngr has joined #asahi
<mort_>
so pipewire (with plugins) ends up doing the actual DSP stuff?
<j`ey>
yeah
<j`ey>
wireplumber too whatever that thing is responsible for. I think that's the pipewire related thing that I see using the most cpu
<mort_>
the description "session and policy manager" doesn't immediately scream "responsible for the heavy lifting for DSP" but htop output doesn't lie, it's there, behind only firefox in cpu utilization while playing videos in firefox
hdbngr has quit [Ping timeout: 480 seconds]
hdbngr has joined #asahi
hdbngr has quit [Ping timeout: 480 seconds]
quimah has quit [Quit: Konversation terminated!]
hdbngr has joined #asahi
hdbngr has quit [Ping timeout: 480 seconds]
jeisom has quit [Ping timeout: 480 seconds]
hdbngr has joined #asahi
tobhe_ has joined #asahi
hdbngr has quit [Ping timeout: 480 seconds]
tobhe has quit [Ping timeout: 480 seconds]
hdbngr has joined #asahi
hdbngr has quit [Ping timeout: 480 seconds]
hdbngr has joined #asahi
axt has joined #asahi
hdbngr has quit [Ping timeout: 480 seconds]
yuyichao has joined #asahi
yuyichao_ has quit [Read error: Connection reset by peer]
hdbngr has joined #asahi
fossdd has quit [Ping timeout: 480 seconds]
fossdd has joined #asahi
cisco87 has quit [Remote host closed the connection]
delsol has joined #asahi
delsol has quit [Remote host closed the connection]
delsol has joined #asahi
wintp has joined #asahi
eiln has joined #asahi
fossdd has quit [Ping timeout: 480 seconds]
fossdd has joined #asahi
fossdd has quit [Ping timeout: 480 seconds]
fossdd has joined #asahi
fossdd has quit [Ping timeout: 480 seconds]
fossdd has joined #asahi
eiln has quit [Quit: WeeChat 4.2.1]
Szadek6367007078972554 has quit []
Szadek6367007078972554 has joined #asahi
tobhe_ has quit [Remote host closed the connection]
leif has joined #asahi
leif has quit []
ydalton has joined #asahi
ydalton has left #asahi [#asahi]
tobhe has joined #asahi
fossdd has quit [Ping timeout: 480 seconds]
nicolas17 has quit [Read error: Connection reset by peer]
fossdd has joined #asahi
wintp has quit [Ping timeout: 480 seconds]
fossdd has quit [Ping timeout: 480 seconds]
fossdd has joined #asahi
wintp has joined #asahi
rvalue has quit [Ping timeout: 480 seconds]
rvalue has joined #asahi
wintp has quit [Ping timeout: 480 seconds]
<eldondev>
Hi all, sorry if this has already been asked or if it's newbie stuff. I was hoping to get out of tethered-to-apple MacOS world with Asahi and I feel a little stuck.
fossdd has quit [Ping timeout: 480 seconds]
<eldondev>
I have an older install of asahi with an earlier MacOS Ventura install.
<eldondev>
My understanding is that the newer installer requires newer boot files, so I am trying to upgrade to Sonoma 14.1 on my 2020 Mac Mini m1 8GB via a usb disk create via the createinstallmedia command from another macbook (air, M1)
fossdd has joined #asahi
<eldondev>
Unfortunately, the install begins, then I get a modal that tells me that installing macOS requires an internet connection, and the installer was unable to personalize my macos experience or something along those lines.
<PaulFertser>
eldondev: why are you not upgrading directly via the Internet?
wintp has joined #asahi
<eldondev>
PaulFertser: Because it's not locally reproducible.
<eldondev>
For the same reason I do things like compile firefox from source locally.
<eldondev>
I like to be able to understand what my computers are doing, reproduce it, and change it if I want.
<PaulFertser>
eldondev: in general the idea is that mac hardware has plenty of additional CPUs each running their own firmware and Asahi needs binaries for those additional CPUs, and the regular way to to get those binaries is copying from existing macOS system to the EFI partition that's accessible later to Linux.
<eldondev>
PaulFertser: Is there a plan on packaging those binaries some other way?
<j`ey>
'A bootable installer doesn't download macOS from the internet, but it does require an internet connection to get firmware and other information specific to the Mac model.'
<j`ey>
eldondev: we can't package those, theyre not redistributable
<eldondev>
Ok, is there an alternative source for that firmware?
<PaulFertser>
eldondev: you can use a "test" device and then package everything needed yourself for your own use. That's how Apple wants it I'm afraid.
<eldondev>
Does asahi enumerate the blobs that it requires from macos in a specific way?
<j`ey>
eldondev: theyre in a tarball
<j`ey>
on the ESP
<j`ey>
at least the ones that asahi has to load, macOS loads some for us
<eldondev>
> macOS loads some for us
<eldondev>
You mean, in a nonvolatile way?
<j`ey>
they get loaded on each boot I think? not 100% sure tbh
<sven>
not sure what you meant by that. the firmware for most coprocessors is already loaded and running before we get control
<sven>
yeah, on every boot
<j`ey>
I was trying to think of firmware we load.. USB, wifi, bt? (or is that just part of wifi)
mkurz_ has quit [Ping timeout: 480 seconds]
<j`ey>
touch/keyboard, ISP
<sven>
wifi and bt is separate and those have to be loaded by us
<eldondev>
My concern is that, rather than getting out of the business of maintaining macOS, and using normal linux maintenance strategies,
<j`ey>
most of that applies, apart from firmware
<eldondev>
So, is this just kindof a one time thing, you think?
<j`ey>
it's kinda like how the other x86 etc have firmware for some parts that are done by the BIOS I guess
wintp has quit [Ping timeout: 480 seconds]
<PaulFertser>
eldondev: normal Linux strategies assume firmware is redistributable and can be added to linux-firmware at git.kernel.org ...
<eldondev>
Right, I guess my question is,
<eldondev>
do we expect Linux going forward to require new versions of macOS firmwares,
<j`ey>
eldondev: not sure exactly what you mean. some firmware is extracted by the installer and linux has to deal with it and some is already done for us by iboot
<j`ey>
for example we require 13.5 for HDMI support
<j`ey>
so people on older fw had to upgrade
<eldondev>
like, when I upgrade to linux 7, will it be incompatible with Apple firmwares for macOS <15?
<j`ey>
but I think there will be some backwards compatability
<PaulFertser>
But is it likely the required macOS version is likely to change in the future?
<j`ey>
eldondev: Im hoping they wont break things, but maybe new features will require neweer fw
<sven>
we generally try to support everything we can with the current set of firmware
<sven>
depending on Apple that may or may not work every time
<eldondev>
Ok, thanks.
<eldondev>
I guess I'm mostly just interested in my little m1 mini from 2020,
<j`ey>
eventually the installer will hopefully gain the ability to upgrade the fw
<sven>
yeah, was just about to write that the installer will sometime in the far future be able to do the update as well
<j`ey>
I cant remember what m3's come with, but that will also be a fw that needs to be supported
fossdd has quit [Ping timeout: 480 seconds]
<j`ey>
(the gpu and display controller driver already have support for multiple versioning in the code)
<eldondev>
Ok, I guess for now I will just (a) perform a full wipe of the machine, (b) install sonoma via the online installer,
<eldondev>
(c) reinstall asahi.
<j`ey>
eldondev: whichever gives you the 13.5 fw
<eldondev>
j`ey: or the 14.1 firmware, right?
<j`ey>
ok sonoma is 14, I never remember the names
<j`ey>
sonoma will be fine
<eldondev>
Can I just dd/blkdiscard over the entire NVMe drive for a wipe?
wintp has joined #asahi
<j`ey>
you dont want to delete the first and last partitions
<eldondev>
I will still be able to boot from the USB installer even if I do, or no?
<j`ey>
you need to DFU then
mohit8158226 has quit [Quit: mohit8158226]
fossdd has joined #asahi
mohit8158226 has joined #asahi
<eldondev>
j`ey: Is DFU from linux going to be possible at some point? I thought I heard it was being considered?
<j`ey>
you can do that with idevicerestore
<janneg>
I wouldn't rely on idevicerestore since I fear it is not a well tested path, m1 mini should be fine
<eldondev>
Ok, seems like this is really what I wanted all along.
wintp has quit [Ping timeout: 480 seconds]
Axenntio has joined #asahi
<eldondev>
Is there any way to enter DFU mode without just already breaking everything?
delsol has quit [Remote host closed the connection]
Bertrand___ has quit [Ping timeout: 480 seconds]
Bertrand___ has joined #asahi
<eldondev>
Ok, I am trying to do the upgrade, opened it to the internet, and the sonoma installer is telling me "failed to download a required asset (SFR)"
<eldondev>
I don't know what SFR is, nor how to make the macos recovery download it.
<j`ey>
system firmware recovery
<eldondev>
Any idea why it wouldn't be able to do this?
<eldondev>
It doesn't give me any suggestions at remediation steps or anything.
WorgIRC has joined #asahi
wintp has joined #asahi
WorgIRC has quit [Read error: Connection reset by peer]
<eldondev>
I assume the system firmware recovery isn't specific to my particular device.
Axenntio has quit [Quit: Axenntio]
fossdd has quit [Ping timeout: 480 seconds]
fossdd has joined #asahi
nicolas17 has joined #asahi
<eldondev>
~.
wintp has quit [Ping timeout: 480 seconds]
wintp has joined #asahi
fossdd has quit [Ping timeout: 480 seconds]
fossdd has joined #asahi
wintp has quit [Ping timeout: 480 seconds]
creechy has quit [Quit: ZNC 1.8.2+deb2build5 - https://znc.in]
wintp has joined #asahi
mkurz_ has joined #asahi
Guest986 has joined #asahi
fossdd has quit [Ping timeout: 480 seconds]
Guest986 has quit [Remote host closed the connection]
creechy has joined #asahi
julio7359 has quit [Ping timeout: 480 seconds]
<leio>
eldondev: sometimes that download is just not stable and a retry works iirc
Brainium has quit [Remote host closed the connection]
wintp has quit [Ping timeout: 480 seconds]
shiggitay_ has joined #asahi
fossdd has joined #asahi
Bertrand___ has quit [Read error: Connection reset by peer]
Bertrand___ has joined #asahi
wintp has joined #asahi
<eldondev>
I booted into my old macos system and am attempting the update from there.
shiggitay_ has quit [Read error: Connection reset by peer]
shiggitay has joined #asahi
<eldondev>
I guess this is just the crux of why I want to put the apple (software) ecosystem in a very tight box for my person usage.
<leio>
oh, I was referring to when asahi-installer pulls them
<eldondev>
Restarting into sonoma I hope.
<eldondev>
contemplating if I am not permitted to disconnect network, or if it will fail if I do :,D
shiggitay has quit [Remote host closed the connection]
wintp has quit [Ping timeout: 480 seconds]
<eldondev>
The thing that makes me most frustrated: If I own the device, I should be able to mitm the update procedure.
<eldondev>
But all this chatter is over TLS.
<eldondev>
And I don't think it's possible for me to install my custom CA in the update procedure.
<eldondev>
Although I guess I didn't try....
<sven>
the earliest boot stages also need a machine specific signature from Apple
<eldondev>
Yeah, I kinda wish I had the setup and time here to try the idevicerestore strategy,
<eldondev>
but I don't :shrug:
<sven>
what I’m saying is that even if you could mitn TLS you still wouldn’t be able to install or update a “full security” macOS because that requires a machine specific signature
<eldondev>
Yeah, I'm more interested in understanding/inspecting what it's doing.
fossdd has joined #asahi
<eldondev>
The whole point is recoverability.
wintp has quit [Ping timeout: 480 seconds]
<eldondev>
As this went today for me, if Apple's servers had been down, there was a 0% chance of success.
<eldondev>
Even if all FW is signed (as it should be!) if I can MITM TLS, I can still replay the environment for the most part to recover a working system.
<sven>
part of a full security installation is a machine specific signature that you *cannot* replay
<sven>
even if you can MITm TLS
<eldondev>
sven: is that descriptive of Apple, or normative?
karlskewes has joined #asahi
wintp has joined #asahi
<sven>
I don’t understand that question
shiggitay has joined #asahi
<eldondev>
sven: like, are you saying that's necessary for the full security of any system,
<eldondev>
or that's just how Apple does it?
<sven>
oh
<sven>
that how Apple does it
<eldondev>
Yeah, sorry, Apple software has not treated me kindly today,
<eldondev>
But now I've upgraded from ancient-ventura-asahi-arch to latest-sonoma-asahi-fedora, so just hoping I never have to do that again :grin:
<eldondev>
And all I had to do was open all the ports and ignore their suggestions about bootable media!
wintp has joined #asahi
<chaos_princess>
can't you pass a special flag to createinstallmedia so it creates an offline-capable installer?
<sven>
maybe, it’ll still need to talk to Apple’s server during installation for that personalized full security signature though
<eldondev>
I wish there was a "turn off full security" bit that I could flip.
<j`ey>
there is, but im not sure if that helps you here
<j`ey>
asahi is run with "reduced security"
<eldondev>
Right, that's what the installer told me ;)
<eldondev>
I would rather have no security than get locked out and have a machine be trashed.
<chaos_princess>
Eh, apple has an okay history with keeping recovery servers online.
<chaos_princess>
Like, you can still do internet recovery on earliest intel macs
<chaos_princess>
And iirc macos still can restore clickwheel ipods from the apple servers.
wintp has quit [Ping timeout: 480 seconds]
<Tramtrist>
Probably a fedora specific question but what are the odds well see sway 1.9 released in asahi fedora 39?
<j`ey>
the fact it isnt even in testing for fc39 makes me wonder
<Tramtrist>
ah its not.. probably fc40 then
<nicolas17>
chaos_princess: afaik all Apple hardware remains recoverable to *some* software
<nicolas17>
if you install iPhone OS 1.0 on a first-gen iPhone (which you *can* do because they didn't have the anti-replay restore mechanism yet), it will fail to activate, because it used an older activation server that has since been shut down
<nicolas17>
but the last supported version (3.x) will work
wintp has joined #asahi
wintp has quit [Ping timeout: 480 seconds]
shiggitay has quit [Remote host closed the connection]
shiggitay has joined #asahi
shiggitay has quit [Remote host closed the connection]