apple-data 1.0.600 → 1.0.602
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/apple_data/version.rb +1 -1
- data/share/apns.yaml +1 -1
- data/share/fdr.yaml +25 -0
- data/share/img4.yaml +176 -12
- data/share/sandbox.yaml +19 -0
- data/share/syscfg.yaml +100 -1
- data/share/terms.yaml +340 -0
- metadata +4 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: dd760aa9e09e4a1a3262b1b7ba1a2142d79572876b78c969dd8f40542eee852b
|
4
|
+
data.tar.gz: 2ec56bb95e0d0097fad7234484ed395f196b5256e77cf852773e4e04aa5ac8e9
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: f51754e3f65ff1c507e6894dc872a0390601d0f1af783825546da153710c711b39c5685781196094364fcea8c1e0205d1b12b09dcf73ad9c85e1cbf14a578044
|
7
|
+
data.tar.gz: 7e36ea6e0a9bde9de0244fe2d4a6e647ce4e101bbec978b01b2ebb07fe30847415b53973937b31e144e039e1745e3b553e985af43bb74b354eaad9e072ed746d
|
data/lib/apple_data/version.rb
CHANGED
data/share/apns.yaml
CHANGED
data/share/fdr.yaml
CHANGED
@@ -75,6 +75,8 @@ fdr_properties:
|
|
75
75
|
description:
|
76
76
|
jlnl:
|
77
77
|
description:
|
78
|
+
esdm:
|
79
|
+
description: Extended Security Domain Fuse
|
78
80
|
jlnm:
|
79
81
|
description:
|
80
82
|
jlnv:
|
@@ -85,6 +87,29 @@ fdr_properties:
|
|
85
87
|
description:
|
86
88
|
jlsk:
|
87
89
|
description:
|
90
|
+
mmap:
|
91
|
+
description: The memory map passed from the iBoot loader to the Kernel
|
92
|
+
sePK:
|
93
|
+
description: Point Compressed Elliptic Curve point sering as the master Public Key for the SE
|
94
|
+
comb:
|
95
|
+
description: Combined FDR object
|
96
|
+
rssl:
|
97
|
+
description: Root SSL / TLS certificate
|
98
|
+
trst:
|
99
|
+
description: Trust Object
|
100
|
+
rvok:
|
101
|
+
description: Trust Object Revocation
|
102
|
+
fdrd:
|
103
|
+
description: FDR2 Data
|
104
|
+
secb:
|
105
|
+
sreq:
|
106
|
+
description: Sealing request
|
107
|
+
fdr2:
|
108
|
+
mft2:
|
109
|
+
trpk:
|
110
|
+
description: Trusted Public Key
|
111
|
+
IM4C:
|
112
|
+
description: Img4 Certificate
|
88
113
|
lcrt:
|
89
114
|
description:
|
90
115
|
contexts:
|
data/share/img4.yaml
CHANGED
@@ -43,13 +43,53 @@ img4_tags:
|
|
43
43
|
aupr:
|
44
44
|
description:
|
45
45
|
auxi:
|
46
|
-
|
46
|
+
title: Auxiliary Kernel Collection (AuxKC) Image4 Manifest Hash (`auxi`)
|
47
|
+
description: >
|
48
|
+
After the system verifies that the UAKL hash matches what’s found in the `auxp` field of the
|
49
|
+
LocalPolicy, it requests that the AuxKC be signed by the Secure Enclave processor application that’s
|
50
|
+
responsible for LocalPolicy signing. Next, an SHA384 hash of the AuxKC Image4 manifest signature is placed
|
51
|
+
into the LocalPolicy to avoid the potential for mixing and matching previously signed AuxKCs to an operating
|
52
|
+
system at boot time. If iBoot finds the auxi field in the LocalPolicy, it attempts to load the AuxKC from
|
53
|
+
storage and validate its signature. It also verifies that the hash of the Image4 manifest attached to the
|
54
|
+
AuxKC matches the value found in the auxi field. If the AuxKC fails to load for any reason, the system
|
55
|
+
continues to boot without this boot object and (so) without any third-party kexts loaded. The auxp field
|
56
|
+
is a prerequisite for setting the auxi field in the LocalPolicy. Users change the auxi value implicitly
|
57
|
+
when they change the UAKL by approving a kext from the Security & Privacy pane in System Preferences.
|
58
|
+
type: binary
|
59
|
+
subtype: sha2-384
|
60
|
+
access:
|
61
|
+
write:
|
62
|
+
- macOS
|
47
63
|
auxk:
|
48
64
|
description: Auxiliary Kernel Cache
|
49
65
|
auxp:
|
50
|
-
|
66
|
+
title: Auxiliary Kernel Collection (AuxKC) Policy Hash (auxp)
|
67
|
+
description: >
|
68
|
+
The `auxp` is an SHA384 hash of the user-authorized kext list (UAKL) policy. This is used at
|
69
|
+
AuxKC generation time to help ensure that only user-authorized kexts are included in the AuxKC. `smb2`
|
70
|
+
is a prerequisite for setting this field. Users change the `auxp` value implicitly when they change the
|
71
|
+
UAKL by approving a kext from the Security & Privacy pane in System Preferences.
|
72
|
+
type: binary
|
73
|
+
subtype: sha2-384
|
74
|
+
access:
|
75
|
+
write:
|
76
|
+
- macOS
|
51
77
|
auxr:
|
52
|
-
|
78
|
+
title: Auxiliary Kernel Collection (AuxKC) Receipt Hash (auxr)
|
79
|
+
description: >
|
80
|
+
The `auxr` is an SHA384 hash of the AuxKC receipt, which indicates the exact set of kexts that
|
81
|
+
were included into the AuxKC. The AuxKC receipt can be a subset of the UAKL, because kexts can be excluded
|
82
|
+
from the AuxKC even if they’re user authorized if they’re known to be used for attacks. In addition,
|
83
|
+
some kexts that can be used to break the user-kernel boundary may lead to decreased functionality,
|
84
|
+
such as an inability to use Apple Pay or play 4K and HDR content. Users who want these capabilities
|
85
|
+
opt in to a more restrictive AuxKC inclusion. The auxp field is a prerequisite for setting the auxr
|
86
|
+
field in the LocalPolicy. Users change the auxr value implicitly when they build a new AuxKC from
|
87
|
+
the Security & Privacy pane in System Preferences.
|
88
|
+
type: binary
|
89
|
+
subtype: sha2-384
|
90
|
+
access:
|
91
|
+
write:
|
92
|
+
- macOS
|
53
93
|
avef:
|
54
94
|
description: AV Encryption (DRM) Firmware
|
55
95
|
bat0:
|
@@ -105,7 +145,16 @@ img4_tags:
|
|
105
145
|
cmsv:
|
106
146
|
description:
|
107
147
|
coih:
|
108
|
-
|
148
|
+
title: CustomOS Image4 Manifest Hash (coih)
|
149
|
+
description: >
|
150
|
+
The `coih` is an SHA384 hash of CustomOS Image4 manifest. The payload for that manifest is used
|
151
|
+
by iBoot (instead of the XNU kernel) to transfer control. Users change the `coih` value implicitly when
|
152
|
+
they use the `kmutil` configure-boot command-line tool in 1TR.
|
153
|
+
type: binary
|
154
|
+
subtype: sha2-384
|
155
|
+
access:
|
156
|
+
write:
|
157
|
+
- 1TR
|
109
158
|
CPRO:
|
110
159
|
description: Chip promotion fuse value (what is burned in)
|
111
160
|
alias:
|
@@ -161,6 +210,18 @@ img4_tags:
|
|
161
210
|
- effective-production-status-ap
|
162
211
|
esca:
|
163
212
|
description:
|
213
|
+
hrlp:
|
214
|
+
title: Has Secure Enclave Signed recoveryOS Local Policy (hrlp)
|
215
|
+
description: >
|
216
|
+
The `hrlp` indicates whether or not the `prot` value is the measurement of a Secure Enclave–signed
|
217
|
+
recoveryOS LocalPolicy. If not, then the recoveryOS LocalPolicy is signed by the Apple online signing server,
|
218
|
+
which signs things such as macOS Image4 files.
|
219
|
+
type: boolean
|
220
|
+
access:
|
221
|
+
write:
|
222
|
+
- 1TR
|
223
|
+
- recoveryOS
|
224
|
+
- macOS
|
164
225
|
esdm:
|
165
226
|
description: Extended Security Domain fuses
|
166
227
|
alias:
|
@@ -261,7 +322,18 @@ img4_tags:
|
|
261
322
|
krnl:
|
262
323
|
description: Kernel
|
263
324
|
kuid:
|
264
|
-
|
325
|
+
title: Key encryption key (KEK) Group UUID (kuid)
|
326
|
+
description: >
|
327
|
+
The kuid indicates the volume that was booted. The key encryption key has typically been used
|
328
|
+
for Data Protection. For each LocalPolicy, it’s used to protect the LocalPolicy signing key. The
|
329
|
+
kuid is set by the user implicitly when creating a new operating system install.
|
330
|
+
type: binary
|
331
|
+
subtype: sha2-384
|
332
|
+
access:
|
333
|
+
write:
|
334
|
+
- 1TR
|
335
|
+
- recoveryOS
|
336
|
+
- macOS
|
265
337
|
lamo:
|
266
338
|
description:
|
267
339
|
lckr:
|
@@ -273,9 +345,17 @@ img4_tags:
|
|
273
345
|
logo:
|
274
346
|
description: Apple logo image
|
275
347
|
love:
|
276
|
-
|
348
|
+
title: Local Operating System Version (love)
|
349
|
+
description: >
|
350
|
+
The love indicates the OS version that the LocalPolicy is created for. The version is obtained from the
|
351
|
+
next state manifest during LocalPolicy creation and is used to enforce recoveryOS pairing restrictions.
|
277
352
|
type: string
|
278
353
|
example: "21.3.66.0.0,0"
|
354
|
+
access:
|
355
|
+
write:
|
356
|
+
- 1TR
|
357
|
+
- recoveryOS
|
358
|
+
- macOS
|
279
359
|
prtp:
|
280
360
|
description: Product ID String
|
281
361
|
type: string
|
@@ -287,7 +367,26 @@ img4_tags:
|
|
287
367
|
lphp:
|
288
368
|
description:
|
289
369
|
lpnh:
|
290
|
-
|
370
|
+
title: LocalPolicy Nonce Hash (lpnh)
|
371
|
+
description: >
|
372
|
+
The lpnh is used for anti-replay of the LocalPolicy. This is an SHA384 hash of the LocalPolicy Nonce
|
373
|
+
(LPN), which is stored in the Secure Storage Component and accessible using the Secure Enclave Boot
|
374
|
+
ROM or Secure Enclave. The raw nonce is never visible to the Application Processor, only to the
|
375
|
+
sepOS. An attacker wanting to convince LLB that a previous LocalPolicy they had captured was valid
|
376
|
+
would need to place a value into the Secure Storage Component, which hashes to the same lpnh value
|
377
|
+
found in the LocalPolicy they want to replay. Normally there is a single LPN valid on the system—except
|
378
|
+
during software updates, when two are simultaneously valid—to allow for the possibility of falling back
|
379
|
+
to booting the old software in the event of an update error. When any LocalPolicy for any operating
|
380
|
+
system is changed, all policies are re-signed with the new lpnh value corresponding to the new LPN
|
381
|
+
found in the Secure Storage Component. This change happens when the user changes security settings
|
382
|
+
or creates new operating systems with a new LocalPolicy for each.
|
383
|
+
type: binary
|
384
|
+
subtype: sha2-384
|
385
|
+
access:
|
386
|
+
write:
|
387
|
+
- 1TR
|
388
|
+
- recoveryOS
|
389
|
+
- macOS
|
291
390
|
lpol:
|
292
391
|
description: Local Policy
|
293
392
|
ltrs:
|
@@ -359,7 +458,20 @@ img4_tags:
|
|
359
458
|
pndp:
|
360
459
|
description:
|
361
460
|
prot:
|
362
|
-
|
461
|
+
title: Paired recoveryOS Trusted Boot Policy Measurement (prot)
|
462
|
+
description: >
|
463
|
+
A paired recoveryOS Trusted Boot Policy Measurement (TBPM) is a special iterative SHA384 hash calculation
|
464
|
+
over the Image4 manifest of a LocalPolicy, excluding nonces, in order to give a consistent measurement
|
465
|
+
over time (because nonces like lpnh are frequently updated). The prot field, which is found only in each
|
466
|
+
macOS LocalPolicy, provides a pairing to indicate the recoveryOS LocalPolicy that corresponds to the
|
467
|
+
macOS LocalPolicy.
|
468
|
+
type: binary
|
469
|
+
subtype: sha2-384
|
470
|
+
access:
|
471
|
+
write:
|
472
|
+
- 1TR
|
473
|
+
- recoveryOS
|
474
|
+
- macOS
|
363
475
|
rbmt:
|
364
476
|
description:
|
365
477
|
rddg:
|
@@ -383,11 +495,42 @@ img4_tags:
|
|
383
495
|
rolp:
|
384
496
|
description: recoveryOS local policy
|
385
497
|
ronh:
|
386
|
-
|
498
|
+
title: recoveryOS Nonce Hash (ronh)
|
499
|
+
description: >
|
500
|
+
The ronh behaves the same way as the lpnh, but is found exclusively in the LocalPolicy for system
|
501
|
+
recoveryOS. It’s updated when the system recoveryOS is updated, such as on software updates. A
|
502
|
+
separate nonce from the lpnh and rpnh is used so that when a device is put into a disabled state
|
503
|
+
by Find My, existing operating systems can be disabled (by removing their LPN and RPN from the
|
504
|
+
Secure Storage Component), while still leaving the system recoveryOS bootable. In this way, the
|
505
|
+
operating systems can be reenabled when the system owner proves their control over the system by
|
506
|
+
putting in their iCloud password used for the Find My account. This change happens when a user updates
|
507
|
+
the system recoveryOS or creates new operating systems.
|
508
|
+
type: binary
|
509
|
+
subtype: sha2-384
|
510
|
+
access:
|
511
|
+
write:
|
512
|
+
- 1TR
|
513
|
+
- recoveryOS
|
514
|
+
- macOS
|
387
515
|
rosi:
|
388
516
|
description:
|
389
517
|
nish:
|
390
|
-
|
518
|
+
title: Next Stage Image4 Manifest Hash (nsih)
|
519
|
+
description: >
|
520
|
+
The nsih field represents an SHA384 hash of the Image4 manifest data structure that describes the booted
|
521
|
+
macOS. The macOS Image4 manifest contains measurements for all the boot objects—such as iBoot, the static
|
522
|
+
trust cache, device tree, Boot Kernel Collection, and signed system volume (SSV) volume root hash. When
|
523
|
+
LLB is directed to boot a given macOS, it’s designed to ensure that the hash of the macOS Image4 manifest
|
524
|
+
attached to iBoot matches what’s captured in the nsih field of the LocalPolicy. In this way, the nsih
|
525
|
+
captures the user intention of what operating system the user has created a LocalPolicy for. Users
|
526
|
+
change the nsih value implicitly when they perform a software update.
|
527
|
+
type: binary
|
528
|
+
subtype: sha2-384
|
529
|
+
access:
|
530
|
+
write:
|
531
|
+
- 1TR
|
532
|
+
- recoveryOS
|
533
|
+
- macOS
|
391
534
|
spih:
|
392
535
|
description: Cryptex1 Image4 Hash
|
393
536
|
stng:
|
@@ -395,7 +538,18 @@ img4_tags:
|
|
395
538
|
auxh:
|
396
539
|
description: User Authorized Kext List Hash
|
397
540
|
rpnh:
|
398
|
-
|
541
|
+
title: Remote Policy Nonce Hash (rpnh)
|
542
|
+
description: >
|
543
|
+
The rpnh behaves the same way as the lpnh but is updated only when the remote policy is updated, such as when
|
544
|
+
changing the state of Find My enrollment. This change happens when the user changes the state of Find My on
|
545
|
+
their Mac.
|
546
|
+
type: binary
|
547
|
+
subtype: sha2-384
|
548
|
+
access:
|
549
|
+
write:
|
550
|
+
- 1TR
|
551
|
+
- recoveryOS
|
552
|
+
- macOS
|
399
553
|
RSCH:
|
400
554
|
description: Research mode
|
401
555
|
fgpt:
|
@@ -515,7 +669,17 @@ img4_tags:
|
|
515
669
|
vkdl:
|
516
670
|
description:
|
517
671
|
vuid:
|
518
|
-
|
672
|
+
title: APFS volume group UUID (vuid)
|
673
|
+
description: >
|
674
|
+
The vuid indicates the volume group the kernel should use as root. This field is primarily informational
|
675
|
+
and isn’t used for security constraints. This vuid is set by the user implicitly when creating a new
|
676
|
+
operating system install.
|
677
|
+
type: binary
|
678
|
+
subtype: sha2-384
|
679
|
+
access:
|
680
|
+
- 1TR
|
681
|
+
- recoveryOS
|
682
|
+
- macOS
|
519
683
|
ware:
|
520
684
|
description:
|
521
685
|
wchf:
|
data/share/sandbox.yaml
ADDED
@@ -0,0 +1,19 @@
|
|
1
|
+
---
|
2
|
+
metadata:
|
3
|
+
description:
|
4
|
+
credits:
|
5
|
+
profiles:
|
6
|
+
nonet:
|
7
|
+
nointernet:
|
8
|
+
pure-computation:
|
9
|
+
write-tmp-only:
|
10
|
+
nowrite:
|
11
|
+
sandbox-compilerd:
|
12
|
+
mDNSResponder:
|
13
|
+
apsd:
|
14
|
+
AppleDiags:
|
15
|
+
PasteBoard:
|
16
|
+
container:
|
17
|
+
MobileSafari:
|
18
|
+
MobileMail:
|
19
|
+
MobileMaps:
|
data/share/syscfg.yaml
CHANGED
@@ -1,4 +1,103 @@
|
|
1
1
|
---
|
2
2
|
metadata:
|
3
3
|
description:
|
4
|
-
credits:
|
4
|
+
credits:
|
5
|
+
|
6
|
+
values:
|
7
|
+
RMd#:
|
8
|
+
description: Regulatory Model Number
|
9
|
+
Coor:
|
10
|
+
description: Country of Origin
|
11
|
+
values:
|
12
|
+
- C
|
13
|
+
CFG#:
|
14
|
+
description: Configuration Number
|
15
|
+
SrNm:
|
16
|
+
description: Serial Number
|
17
|
+
MLB#:
|
18
|
+
description: Main Logic Board Serial Number
|
19
|
+
Regn:
|
20
|
+
description: Region Info
|
21
|
+
Mod#:
|
22
|
+
description: Model Number
|
23
|
+
MdlC:
|
24
|
+
description: Model Configuration (key value seperated by ";" and "key=value")
|
25
|
+
CLCG:
|
26
|
+
description: Cover glass (gloss or opaque)
|
27
|
+
BMac:
|
28
|
+
description: Bluetooth MAC Address
|
29
|
+
SwBh:
|
30
|
+
description: Software Behavior
|
31
|
+
CLBG:
|
32
|
+
MkBS:
|
33
|
+
CLHS:
|
34
|
+
CGMt:
|
35
|
+
EMac:
|
36
|
+
EnMt:
|
37
|
+
BGMt:
|
38
|
+
EMc2:
|
39
|
+
rpcp:
|
40
|
+
MkBH:
|
41
|
+
WMac:
|
42
|
+
SBVr:
|
43
|
+
AROC:
|
44
|
+
LTAO:
|
45
|
+
ARSC:
|
46
|
+
ASCl:
|
47
|
+
ARXN:
|
48
|
+
AICl:
|
49
|
+
ARot:
|
50
|
+
ARNC:
|
51
|
+
ARXC:
|
52
|
+
GICl:
|
53
|
+
GRXC:
|
54
|
+
GRXN:
|
55
|
+
GRNC:
|
56
|
+
GRSC:
|
57
|
+
GSCl:
|
58
|
+
GYTT:
|
59
|
+
GRot:
|
60
|
+
MDCC:
|
61
|
+
CRot:
|
62
|
+
CVCC:
|
63
|
+
CDCC:
|
64
|
+
CMOC:
|
65
|
+
CSCM:
|
66
|
+
JRot:
|
67
|
+
CPAS:
|
68
|
+
PRTT: (Pressure Sensor / Barometer) temp-compensation-table
|
69
|
+
SPPO: (Pressure Sensor / Barometer) pressure-offset-calibration
|
70
|
+
PxCl: (Proximity Sensor) prox-calibration
|
71
|
+
PSCl:
|
72
|
+
STRB:
|
73
|
+
BCAR:
|
74
|
+
PrCL:
|
75
|
+
RACa:
|
76
|
+
RACm:
|
77
|
+
RxCL:
|
78
|
+
TCal:
|
79
|
+
WSKU:
|
80
|
+
description: WiFi Chip / Product SKU
|
81
|
+
WCAL:
|
82
|
+
description: WiFi Calibration Data
|
83
|
+
RFEM:
|
84
|
+
BCAL:
|
85
|
+
BTTx:
|
86
|
+
BTBF:
|
87
|
+
MBac:
|
88
|
+
BTRx:
|
89
|
+
RSKU:
|
90
|
+
description: Region SKU (in US "/LLA")
|
91
|
+
DClr:
|
92
|
+
DBCl:
|
93
|
+
DPCl:
|
94
|
+
DTCl:
|
95
|
+
CGSp:
|
96
|
+
CLCL:
|
97
|
+
MiGH:
|
98
|
+
SpPH:
|
99
|
+
SpGH:
|
100
|
+
MiGB:
|
101
|
+
TMac:
|
102
|
+
ksku:
|
103
|
+
TCID:
|
data/share/terms.yaml
ADDED
@@ -0,0 +1,340 @@
|
|
1
|
+
---
|
2
|
+
terms:
|
3
|
+
ace:
|
4
|
+
- title: USB-C Port Controller
|
5
|
+
aht:
|
6
|
+
- title: Apple Hardware Test
|
7
|
+
ane:
|
8
|
+
- title: Apple Neural Engine
|
9
|
+
anps:
|
10
|
+
- title: Apple Push Notification Service
|
11
|
+
description:
|
12
|
+
aop:
|
13
|
+
- title: Always-On Processor
|
14
|
+
AP:
|
15
|
+
- title: Application Processor
|
16
|
+
aps:
|
17
|
+
see:
|
18
|
+
- apns
|
19
|
+
APTicket:
|
20
|
+
mach:
|
21
|
+
tfp0:
|
22
|
+
gcd:
|
23
|
+
- title: Grand Central Dispatch
|
24
|
+
xnu:
|
25
|
+
seatbelt:
|
26
|
+
see:
|
27
|
+
- sandbox
|
28
|
+
dfu:
|
29
|
+
- title: Device Firmware Update
|
30
|
+
recovery:
|
31
|
+
restore:
|
32
|
+
mdm:
|
33
|
+
- title: Mobile Device Management
|
34
|
+
dep:
|
35
|
+
- title: Device Enrollment Program
|
36
|
+
se:
|
37
|
+
- title: Secure Element
|
38
|
+
register:
|
39
|
+
- title: Processor Register
|
40
|
+
msr:
|
41
|
+
- title: Model/Machine Specific Register
|
42
|
+
see:
|
43
|
+
- register
|
44
|
+
ecore:
|
45
|
+
- title: Efficienty Core
|
46
|
+
pcore:
|
47
|
+
- title: Performance Core
|
48
|
+
x86:
|
49
|
+
x86_64:
|
50
|
+
x86_64h:
|
51
|
+
arm:
|
52
|
+
armv7:
|
53
|
+
aarch64:
|
54
|
+
aarch64e:
|
55
|
+
sp:
|
56
|
+
- title: Stack Pointer
|
57
|
+
fp:
|
58
|
+
- title: Frame Pointer
|
59
|
+
baseband:
|
60
|
+
bluetooth:
|
61
|
+
wlan:
|
62
|
+
bridge:
|
63
|
+
bridgeOS:
|
64
|
+
eOS:
|
65
|
+
OHCI:
|
66
|
+
EHCI:
|
67
|
+
VHCI:
|
68
|
+
XPC:
|
69
|
+
RemoteXPC:
|
70
|
+
"Mach Port":
|
71
|
+
see:
|
72
|
+
- mach_port
|
73
|
+
mach_port:
|
74
|
+
bundle:
|
75
|
+
AppKit:
|
76
|
+
UIKit:
|
77
|
+
entitlement:
|
78
|
+
cs:
|
79
|
+
- title: Code Signing
|
80
|
+
ioreg:
|
81
|
+
macho:
|
82
|
+
dylib:
|
83
|
+
dsc:
|
84
|
+
syscall:
|
85
|
+
plist:
|
86
|
+
asn:
|
87
|
+
asn1:
|
88
|
+
der:
|
89
|
+
pdu:
|
90
|
+
quarantine:
|
91
|
+
dyld:
|
92
|
+
executable:
|
93
|
+
service:
|
94
|
+
launchd:
|
95
|
+
Framework:
|
96
|
+
defaults:
|
97
|
+
iv:
|
98
|
+
- title: Initialization Vector (Encryption)
|
99
|
+
key:
|
100
|
+
- title: Encryption Key
|
101
|
+
pem:
|
102
|
+
efi:
|
103
|
+
nub:
|
104
|
+
aes:
|
105
|
+
- title: Advanced Encryption Standard
|
106
|
+
pki:
|
107
|
+
- title: Public Key Infrastructure
|
108
|
+
ecc:
|
109
|
+
- title: Elliptic Curve Cryptograph
|
110
|
+
- title: Error Checking and Correction
|
111
|
+
hid:
|
112
|
+
- title: Human Interface Device
|
113
|
+
uart:
|
114
|
+
amfm:
|
115
|
+
i2c:
|
116
|
+
- title: Inter Integrated Circuit
|
117
|
+
spmi:
|
118
|
+
smmu:
|
119
|
+
mmu:
|
120
|
+
pa:
|
121
|
+
- title: Physical Address
|
122
|
+
tc:
|
123
|
+
see:
|
124
|
+
- TrustCache
|
125
|
+
iboot:
|
126
|
+
reg:
|
127
|
+
see:
|
128
|
+
- register
|
129
|
+
ean:
|
130
|
+
ans:
|
131
|
+
- title: Apple NAND Storage
|
132
|
+
soc:
|
133
|
+
- title: System-on-a-Chip
|
134
|
+
fpga:
|
135
|
+
AuxKC:
|
136
|
+
BootKC:
|
137
|
+
sio:
|
138
|
+
- title: SmartIO (iPad keyboard covers)
|
139
|
+
tss:
|
140
|
+
- title: Tatsu Signing Server
|
141
|
+
kc:
|
142
|
+
see:
|
143
|
+
- kernelcache
|
144
|
+
rsep:
|
145
|
+
- title: Restore SEP Firmware Image
|
146
|
+
keynag:
|
147
|
+
asmb:
|
148
|
+
- title: Apple Secure Multi Boot
|
149
|
+
awdl:
|
150
|
+
csr:
|
151
|
+
see:
|
152
|
+
- sip
|
153
|
+
ctrr:
|
154
|
+
dart:
|
155
|
+
- title: Device Address Resolution Table
|
156
|
+
dext:
|
157
|
+
dmg:
|
158
|
+
- title: Disk Image
|
159
|
+
dt:
|
160
|
+
- title: Device Tree
|
161
|
+
en:
|
162
|
+
- title: Ethernet Adapter (generic)
|
163
|
+
description: Often `en` in the form `enX` where X is a number is used to identify
|
164
|
+
a network adapter.
|
165
|
+
esim:
|
166
|
+
- title: Embedded Subscriber Identificaton Module
|
167
|
+
see:
|
168
|
+
- sim
|
169
|
+
euicc:
|
170
|
+
see:
|
171
|
+
- esim
|
172
|
+
FindMy:
|
173
|
+
- title: FindMy iPhone / Mac
|
174
|
+
description: A set of technologies that both help find the location of a lost
|
175
|
+
Apple device, as well as prevent theft from being able to reset the device for
|
176
|
+
sale or use.
|
177
|
+
FireWire:
|
178
|
+
- title: FireWire
|
179
|
+
fmm:
|
180
|
+
see:
|
181
|
+
- FindMy
|
182
|
+
fw:
|
183
|
+
see:
|
184
|
+
- FireWire
|
185
|
+
- firmware
|
186
|
+
isp:
|
187
|
+
- title: Image Signal Processor
|
188
|
+
kdp:
|
189
|
+
- title: Kernel Debug Port / Protocol
|
190
|
+
description: KDP is a general way in which XNU allows for the kernel itself to
|
191
|
+
be attached to a debugger. Attaching a kernel debugger allows for the complete
|
192
|
+
control of a device and subverts all security guarantees, therefore should be
|
193
|
+
exercised with care. Apple makes majority of the KDP for external users available
|
194
|
+
through Kernel Debug Kits. These are components that help with two machine
|
195
|
+
debugging, but nearly all kernels shipped by Apple can be debugged if the proper
|
196
|
+
`boot-args` are passed on startup.
|
197
|
+
kernel:
|
198
|
+
kernelcache:
|
199
|
+
- title: Kernel Cache
|
200
|
+
description: A kernel cache is a combined object that contains the kernel itself
|
201
|
+
as well as various kexts (Kernel Extensions). Older macs would load the kernel
|
202
|
+
itself, then load the various kexts from disk. The process of loading the kexts
|
203
|
+
and then binding the symbols was a process that slowed the starup of a mac. Apple
|
204
|
+
then started doing the combine of the kernel and the extensions into a BootCache
|
205
|
+
that allowed the system to load one large monolithic binary.
|
206
|
+
kext:
|
207
|
+
ktrr:
|
208
|
+
- title: Kernel Text Readonly Region
|
209
|
+
lpddr:
|
210
|
+
- title: Low-Power Double Data Rate RAM
|
211
|
+
description: LPDDR differs as it uses techniques to minimize the amount of power
|
212
|
+
needed to maintain the memory. Most RAM requires that the RAM controller occasionally
|
213
|
+
read each value, and write it again as the data is stored in capacitors that
|
214
|
+
leak current over time. Were the cells not refreshed, every 1 in memory would
|
215
|
+
eventually leak enough current that it would become a zero.
|
216
|
+
see:
|
217
|
+
- ddr
|
218
|
+
lr:
|
219
|
+
- title: Link Register (ARM)
|
220
|
+
description: The LR is populated when a `bx` is called to inform a function of
|
221
|
+
the address to return to.
|
222
|
+
nand:
|
223
|
+
- title: Not-AND Based Non-volatile Memory
|
224
|
+
see:
|
225
|
+
- nvme
|
226
|
+
nmi:
|
227
|
+
- title: Non-maskable Interrupt
|
228
|
+
nor:
|
229
|
+
- title: Not-OR Based Non-volatile Memory
|
230
|
+
see:
|
231
|
+
- spi
|
232
|
+
nvram:
|
233
|
+
- title: Non-Volatile RAM
|
234
|
+
ota:
|
235
|
+
- title: Over-the-Air Update - Incremental Update (Somewhat arcane)
|
236
|
+
description: In the earliest days of the iPhone, users had to connect the device
|
237
|
+
to a computer with iTunes to download and Apply updates to the operating system. Eventually
|
238
|
+
Apple produced a system called OTA (because at the time it was mostly focused
|
239
|
+
on download of these updates over cellular - therefore over-the-air as in wireless)
|
240
|
+
to allow users to keep a device updated without being tied to a computer. This
|
241
|
+
is somewhat of a misnomer now because OTA updates can be delivered over several
|
242
|
+
means, some of which include over ethernet for example which, ironically isn't
|
243
|
+
over any wireless protocol. Some types of devices and restore flows make use
|
244
|
+
of 'full OTAs' which are a delta update in OTA format, but includes the entire
|
245
|
+
set of data to restore devices. These are typically employed for devices that
|
246
|
+
lack the port needed for DFU/iBoot/IPSW based recovery.
|
247
|
+
otg:
|
248
|
+
- title: USB On-the-go
|
249
|
+
description: USB-OTG is a way to describe a device that is typically a peripheral
|
250
|
+
acting instead as a USB host. The technology evolved as phones became not just
|
251
|
+
devices you could attach to a computer such as to sync with iTunes, but hosts
|
252
|
+
in their own right such as to access a flash drive.
|
253
|
+
panic:
|
254
|
+
- title: Kernel / Device Panic
|
255
|
+
description:
|
256
|
+
pc:
|
257
|
+
- title: Program Counter (ARM/Intel)
|
258
|
+
description: The PC or Program Counter is the address (typically virtual address)
|
259
|
+
which the processor is currently executing. When a subroutine is called, the
|
260
|
+
PC is the address passed to LR so that the called function knows where to return
|
261
|
+
to.
|
262
|
+
pio:
|
263
|
+
- title: Programmed IO
|
264
|
+
pmgr:
|
265
|
+
- title: Power Manager
|
266
|
+
pmp:
|
267
|
+
- title: Power Management Processor
|
268
|
+
pram:
|
269
|
+
- title: Parameter RAM
|
270
|
+
see:
|
271
|
+
- nvram
|
272
|
+
rtkit:
|
273
|
+
- title: RealtimeKit (Realtime OS)
|
274
|
+
sart:
|
275
|
+
- title: Secure Address Resolution Table
|
276
|
+
sep:
|
277
|
+
- title: Secure Enclave Processor
|
278
|
+
sim:
|
279
|
+
- title: Subscriber Identification Module
|
280
|
+
SIP:
|
281
|
+
- title: System Integrity Protection
|
282
|
+
description: System Integrity Protection is a set of technologies employed by
|
283
|
+
Apple to ensure that even when a process executes as root (UID0) it cannot modify
|
284
|
+
a system in such a way as to disable security features. The feature is also
|
285
|
+
known as `csr` due to it being managed by `csrutil` and stored in Intel macs
|
286
|
+
in the nvram variable `csr-status`.
|
287
|
+
smc:
|
288
|
+
- title: System Management Controller
|
289
|
+
spi:
|
290
|
+
- title: Serial Peripheral Interconnect
|
291
|
+
description: SPI is a physical pin layer used to pass data between chips. It's
|
292
|
+
primary use is in SPI Flash, which is a simple, low level way to read and write
|
293
|
+
firmware from flash storage. This was used to load the BIOS/Firmware for Intel
|
294
|
+
macs before the T2. (The T2 uses eSPI or enhanced SPI to expose a "synthetic"
|
295
|
+
or fake SPI Flash chip to the Intel chip from the T2). Often SPI is used by
|
296
|
+
Apple devices to load and store non-volatile data prior to bringing up the NAND/NVMe
|
297
|
+
chip, this historically was called NOR as it was a distinct component. NOR
|
298
|
+
Flash is usually more expensive compared to NAND which is why the early iPhone
|
299
|
+
models made use of a smaller (in the few megabytes range) NOR chip to load iBoot,
|
300
|
+
and stored the user's data on a larger NAND flash chip. In newer devices the
|
301
|
+
NOR/SPI flash is synthetic and provided by ANS2/3.
|
302
|
+
SysCfg:
|
303
|
+
see:
|
304
|
+
- SysConfig
|
305
|
+
SysConfig:
|
306
|
+
- title: System Configuration
|
307
|
+
description: SysCfg / SysConfig is a portion of non-volatile memory of Apple devices
|
308
|
+
that encodes various data that is only to be set by Apple. The most canonical
|
309
|
+
example is this is the location of the serial number. This is because the device
|
310
|
+
serial number cannot be burned in as it is the whole device, not any one component. SysCfg
|
311
|
+
is a series of key/value pairs and is documented in `syscfg.yaml`.
|
312
|
+
tbm:
|
313
|
+
- title: Trusted Boot Monitor
|
314
|
+
tcon:
|
315
|
+
- title: Timing Controller (Displays)
|
316
|
+
description: The TCON is used to control the refresh of a LED/OLED display, ensuring
|
317
|
+
that each frame is shown for the right amount of time, and that new frames are
|
318
|
+
updated all at once / not-torn.
|
319
|
+
tdm:
|
320
|
+
- title: Target Disk Mode
|
321
|
+
trustcache:
|
322
|
+
- title:
|
323
|
+
tz:
|
324
|
+
- title: ARM TrustZone
|
325
|
+
see:
|
326
|
+
- tz0
|
327
|
+
- tz1
|
328
|
+
tz0:
|
329
|
+
tz1:
|
330
|
+
uicc:
|
331
|
+
see:
|
332
|
+
- sim
|
333
|
+
usb-pd:
|
334
|
+
- title: USB Power Delivery
|
335
|
+
vm:
|
336
|
+
- title: Virtual Memory
|
337
|
+
- title: Virtual Machine
|
338
|
+
metadata:
|
339
|
+
description:
|
340
|
+
credits: []
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: apple-data
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.
|
4
|
+
version: 1.0.602
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Rick Mark
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2024-02-
|
11
|
+
date: 2024-02-15 00:00:00.000000000 Z
|
12
12
|
dependencies: []
|
13
13
|
description: |2
|
14
14
|
This package includes machine readable data about Apple platforms maintained by hack-different.
|
@@ -264,11 +264,13 @@ files:
|
|
264
264
|
- share/pmu.yaml
|
265
265
|
- share/registers.yaml
|
266
266
|
- share/resources.yaml
|
267
|
+
- share/sandbox.yaml
|
267
268
|
- share/sep.yaml
|
268
269
|
- share/services.yaml
|
269
270
|
- share/sip.yaml
|
270
271
|
- share/smc.yaml
|
271
272
|
- share/syscfg.yaml
|
273
|
+
- share/terms.yaml
|
272
274
|
- share/tipw_sync.yaml
|
273
275
|
- share/vmapple.yaml
|
274
276
|
homepage: https://docs.hackdiffe.rent
|