apple-data 1.0.600 → 1.0.602

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 15275056392f38b0ee0cddf9a78c75b789c35a661373610d40eccd59cd87fe97
-  data.tar.gz: d2e9f6553af7cd431f91bd7731d57d869eb0a455bd9a959291399e717024d0a2
+  metadata.gz: dd760aa9e09e4a1a3262b1b7ba1a2142d79572876b78c969dd8f40542eee852b
+  data.tar.gz: 2ec56bb95e0d0097fad7234484ed395f196b5256e77cf852773e4e04aa5ac8e9
 SHA512:
-  metadata.gz: 0ae8f21160273e15588b6dda61b31b204d4abd8ed89d379b4ca5e25210e3cb26156b646858e7703643637f37d981a34c56f9a26b4fc4a908cda0d8e6cfae266a
-  data.tar.gz: e7d821eef75a798598043a5034735c326986c081475dcf1be5a1d6428792a113e7989e7b9d10261c195fe64999b72a7eb95a9c9ff3099a5fb6fd8a66d3282ea6
+  metadata.gz: f51754e3f65ff1c507e6894dc872a0390601d0f1af783825546da153710c711b39c5685781196094364fcea8c1e0205d1b12b09dcf73ad9c85e1cbf14a578044
+  data.tar.gz: 7e36ea6e0a9bde9de0244fe2d4a6e647ce4e101bbec978b01b2ebb07fe30847415b53973937b31e144e039e1745e3b553e985af43bb74b354eaad9e072ed746d

data/lib/apple_data/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module AppleData
-  VERSION = '1.0.600'
+  VERSION = '1.0.602'
 end

data/share/apns.yaml

@@ -575,7 +575,7 @@ apns_environments:
         com.apple.aps.remindd.dataaccess.dev:
         com.apple.dataaccess.dataaccessd.aps.dev:
       processes:
-      - cloudd
+        cloudd:
     _applepay:
   production:
     endpoints:

data/share/fdr.yaml

@@ -75,6 +75,8 @@ fdr_properties:
     description:
   jlnl:
     description:
+  esdm:
+    description: Extended Security Domain Fuse
   jlnm:
     description:
   jlnv:
@@ -85,6 +87,29 @@ fdr_properties:
     description:
   jlsk:
     description:
+  mmap:
+    description: The memory map passed from the iBoot loader to the Kernel
+  sePK:
+    description: Point Compressed Elliptic Curve point sering as the master Public Key for the SE
+  comb:
+    description: Combined FDR object
+  rssl:
+    description: Root SSL / TLS certificate
+  trst:
+    description: Trust Object
+  rvok:
+    description: Trust Object Revocation
+  fdrd:
+    description: FDR2 Data
+  secb:
+  sreq:
+    description: Sealing request
+  fdr2:
+  mft2:
+  trpk:
+    description: Trusted Public Key
+  IM4C:
+    description: Img4 Certificate
   lcrt:
     description:
     contexts:

data/share/img4.yaml

@@ -43,13 +43,53 @@ img4_tags:
   aupr:
     description:
   auxi:
-    description: Auxiliary Kernel Cache Image4 Hash
+    title: Auxiliary Kernel Collection (AuxKC) Image4 Manifest Hash (`auxi`)
+    description: >
+      After the system verifies that the UAKL hash matches what’s found in the `auxp` field of the
+      LocalPolicy, it requests that the AuxKC be signed by the Secure Enclave processor application that’s
+      responsible for LocalPolicy signing. Next, an SHA384 hash of the AuxKC Image4 manifest signature is placed
+      into the LocalPolicy to avoid the potential for mixing and matching previously signed AuxKCs to an operating
+      system at boot time. If iBoot finds the auxi field in the LocalPolicy, it attempts to load the AuxKC from
+      storage and validate its signature. It also verifies that the hash of the Image4 manifest attached to the
+      AuxKC matches the value found in the auxi field. If the AuxKC fails to load for any reason, the system
+      continues to boot without this boot object and (so) without any third-party kexts loaded. The auxp field
+      is a prerequisite for setting the auxi field in the LocalPolicy. Users change the auxi value implicitly
+      when they change the UAKL by approving a kext from the Security & Privacy pane in System Preferences.
+    type: binary
+    subtype: sha2-384
+    access:
+      write:
+        - macOS
   auxk:
     description: Auxiliary Kernel Cache
   auxp:
-    description: User Authorized Kext List Hash
+    title: Auxiliary Kernel Collection (AuxKC) Policy Hash (auxp)
+    description: >
+      The `auxp` is an SHA384 hash of the user-authorized kext list (UAKL) policy. This is used at
+      AuxKC generation time to help ensure that only user-authorized kexts are included in the AuxKC. `smb2`
+      is a prerequisite for setting this field. Users change the `auxp` value implicitly when they change the
+      UAKL by approving a kext from the Security & Privacy pane in System Preferences.
+    type: binary
+    subtype: sha2-384
+    access:
+      write:
+        - macOS
   auxr:
-    description: AuxKC Kext Receipt Hash
+    title: Auxiliary Kernel Collection (AuxKC) Receipt Hash (auxr)
+    description: >
+      The `auxr` is an SHA384 hash of the AuxKC receipt, which indicates the exact set of kexts that
+      were included into the AuxKC. The AuxKC receipt can be a subset of the UAKL, because kexts can be excluded
+      from the AuxKC even if they’re user authorized if they’re known to be used for attacks. In addition,
+      some kexts that can be used to break the user-kernel boundary may lead to decreased functionality,
+      such as an inability to use Apple Pay or play 4K and HDR content. Users who want these capabilities
+      opt in to a more restrictive AuxKC inclusion. The auxp field is a prerequisite for setting the auxr
+      field in the LocalPolicy. Users change the auxr value implicitly when they build a new AuxKC from
+      the Security & Privacy pane in System Preferences.
+    type: binary
+    subtype: sha2-384
+    access:
+      write:
+        - macOS
   avef:
     description: AV Encryption (DRM) Firmware
   bat0:
@@ -105,7 +145,16 @@ img4_tags:
   cmsv:
     description:
   coih:
-    description:
+    title: CustomOS Image4 Manifest Hash (coih)
+    description: >
+      The `coih` is an SHA384 hash of CustomOS Image4 manifest. The payload for that manifest is used
+      by iBoot (instead of the XNU kernel) to transfer control. Users change the `coih` value implicitly when
+      they use the `kmutil` configure-boot command-line tool in 1TR.
+    type: binary
+    subtype: sha2-384
+    access:
+      write:
+        - 1TR
   CPRO:
     description: Chip promotion fuse value (what is burned in)
     alias:
@@ -161,6 +210,18 @@ img4_tags:
       - effective-production-status-ap
   esca:
     description:
+  hrlp:
+    title: Has Secure Enclave Signed recoveryOS Local Policy (hrlp)
+    description: >
+      The `hrlp` indicates whether or not the `prot` value is the measurement of a Secure Enclave–signed
+      recoveryOS LocalPolicy. If not, then the recoveryOS LocalPolicy is signed by the Apple online signing server,
+      which signs things such as macOS Image4 files.
+    type: boolean
+    access:
+      write:
+        - 1TR
+        - recoveryOS
+        - macOS
   esdm:
     description: Extended Security Domain fuses
     alias:
@@ -261,7 +322,18 @@ img4_tags:
   krnl:
     description: Kernel
   kuid:
-    description: KEK Group UUID
+    title: Key encryption key (KEK) Group UUID (kuid)
+    description: >
+      The kuid indicates the volume that was booted. The key encryption key has typically been used
+      for Data Protection. For each LocalPolicy, it’s used to protect the LocalPolicy signing key. The
+      kuid is set by the user implicitly when creating a new operating system install.
+    type: binary
+    subtype: sha2-384
+    access:
+      write:
+        - 1TR
+        - recoveryOS
+        - macOS
   lamo:
     description:
   lckr:
@@ -273,9 +345,17 @@ img4_tags:
   logo:
     description: Apple logo image
   love:
-    description: OS Version - dotted form. Last portion after the version and comma is a cryptex update?
+    title: Local Operating System Version (love)
+    description: >
+      The love indicates the OS version that the LocalPolicy is created for. The version is obtained from the
+      next state manifest during LocalPolicy creation and is used to enforce recoveryOS pairing restrictions.
     type: string
     example: "21.3.66.0.0,0"
+    access:
+      write:
+        - 1TR
+        - recoveryOS
+        - macOS
   prtp:
     description: Product ID String
     type: string
@@ -287,7 +367,26 @@ img4_tags:
   lphp:
     description:
   lpnh:
-    description: LocalPolicy nonce hash
+    title: LocalPolicy Nonce Hash (lpnh)
+    description: >
+      The lpnh is used for anti-replay of the LocalPolicy. This is an SHA384 hash of the LocalPolicy Nonce
+      (LPN), which is stored in the Secure Storage Component and accessible using the Secure Enclave Boot
+      ROM or Secure Enclave. The raw nonce is never visible to the Application Processor, only to the
+      sepOS. An attacker wanting to convince LLB that a previous LocalPolicy they had captured was valid
+      would need to place a value into the Secure Storage Component, which hashes to the same lpnh value
+      found in the LocalPolicy they want to replay. Normally there is a single LPN valid on the system—except
+      during software updates, when two are simultaneously valid—to allow for the possibility of falling back
+      to booting the old software in the event of an update error. When any LocalPolicy for any operating
+      system is changed, all policies are re-signed with the new lpnh value corresponding to the new LPN
+      found in the Secure Storage Component. This change happens when the user changes security settings
+      or creates new operating systems with a new LocalPolicy for each.
+    type: binary
+    subtype: sha2-384
+    access:
+      write:
+        - 1TR
+        - recoveryOS
+        - macOS
   lpol:
     description: Local Policy
   ltrs:
@@ -359,7 +458,20 @@ img4_tags:
   pndp:
     description:
   prot:
-    description:
+    title: Paired recoveryOS Trusted Boot Policy Measurement (prot)
+    description: >
+      A paired recoveryOS Trusted Boot Policy Measurement (TBPM) is a special iterative SHA384 hash calculation
+      over the Image4 manifest of a LocalPolicy, excluding nonces, in order to give a consistent measurement
+      over time (because nonces like lpnh are frequently updated). The prot field, which is found only in each
+      macOS LocalPolicy, provides a pairing to indicate the recoveryOS LocalPolicy that corresponds to the
+      macOS LocalPolicy.
+    type: binary
+    subtype: sha2-384
+    access:
+      write:
+        - 1TR
+        - recoveryOS
+        - macOS
   rbmt:
     description:
   rddg:
@@ -383,11 +495,42 @@ img4_tags:
   rolp:
     description: recoveryOS local policy
   ronh:
-    description: recoveryOS nonce hash
+    title: recoveryOS Nonce Hash (ronh)
+    description: >
+      The ronh behaves the same way as the lpnh, but is found exclusively in the LocalPolicy for system
+      recoveryOS. It’s updated when the system recoveryOS is updated, such as on software updates. A
+      separate nonce from the lpnh and rpnh is used so that when a device is put into a disabled state
+      by Find My, existing operating systems can be disabled (by removing their LPN and RPN from the
+      Secure Storage Component), while still leaving the system recoveryOS bootable. In this way, the
+      operating systems can be reenabled when the system owner proves their control over the system by
+      putting in their iCloud password used for the Find My account. This change happens when a user updates
+      the system recoveryOS or creates new operating systems.
+    type: binary
+    subtype: sha2-384
+    access:
+      write:
+        - 1TR
+        - recoveryOS
+        - macOS
   rosi:
     description:
   nish:
-    description: preboot splat manifest hash
+    title: Next Stage Image4 Manifest Hash (nsih)
+    description: >
+      The nsih field represents an SHA384 hash of the Image4 manifest data structure that describes the booted
+      macOS. The macOS Image4 manifest contains measurements for all the boot objects—such as iBoot, the static
+      trust cache, device tree, Boot Kernel Collection, and signed system volume (SSV) volume root hash. When
+      LLB is directed to boot a given macOS, it’s designed to ensure that the hash of the macOS Image4 manifest
+      attached to iBoot matches what’s captured in the nsih field of the LocalPolicy. In this way, the nsih
+      captures the user intention of what operating system the user has created a LocalPolicy for. Users
+      change the nsih value implicitly when they perform a software update.
+    type: binary
+    subtype: sha2-384
+    access:
+      write:
+        - 1TR
+        - recoveryOS
+        - macOS
   spih:
     description: Cryptex1 Image4 Hash
   stng:
@@ -395,7 +538,18 @@ img4_tags:
   auxh:
     description: User Authorized Kext List Hash
   rpnh:
-    description: RemotePolicy nonce hash
+    title: Remote Policy Nonce Hash (rpnh)
+    description: >
+      The rpnh behaves the same way as the lpnh but is updated only when the remote policy is updated, such as when
+      changing the state of Find My enrollment. This change happens when the user changes the state of Find My on
+      their Mac.
+    type: binary
+    subtype: sha2-384
+    access:
+      write:
+        - 1TR
+        - recoveryOS
+        - macOS
   RSCH:
     description: Research mode
   fgpt:
@@ -515,7 +669,17 @@ img4_tags:
   vkdl:
     description:
   vuid:
-    description: Volume Group UUID
+    title: APFS volume group UUID (vuid)
+    description: >
+      The vuid indicates the volume group the kernel should use as root. This field is primarily informational
+      and isn’t used for security constraints. This vuid is set by the user implicitly when creating a new
+      operating system install.
+    type: binary
+    subtype: sha2-384
+    access:
+      - 1TR
+      - recoveryOS
+      - macOS
   ware:
     description:
   wchf:

data/share/sandbox.yaml

@@ -0,0 +1,19 @@
+---
+metadata:
+  description:
+  credits:
+profiles:
+  nonet:
+  nointernet:
+  pure-computation:
+  write-tmp-only:
+  nowrite:
+  sandbox-compilerd:
+  mDNSResponder:
+  apsd:
+  AppleDiags:
+  PasteBoard:
+  container:
+  MobileSafari:
+  MobileMail:
+  MobileMaps:

data/share/syscfg.yaml

@@ -1,4 +1,103 @@
 ---
 metadata:
   description:
-  credits:
+  credits:
+
+values:
+  RMd#:
+    description: Regulatory Model Number
+  Coor:
+    description: Country of Origin
+    values:
+      - C
+  CFG#:
+    description: Configuration Number
+  SrNm:
+    description: Serial Number
+  MLB#:
+    description: Main Logic Board Serial Number
+  Regn:
+    description: Region Info
+  Mod#:
+    description: Model Number
+  MdlC:
+    description: Model Configuration (key value seperated by ";" and "key=value")
+  CLCG:
+    description: Cover glass (gloss or opaque)
+  BMac:
+    description: Bluetooth MAC Address
+  SwBh:
+    description: Software Behavior
+  CLBG:
+  MkBS:
+  CLHS:
+  CGMt:
+  EMac:
+  EnMt:
+  BGMt:
+  EMc2:
+  rpcp:
+  MkBH:
+  WMac:
+  SBVr:
+  AROC:
+  LTAO:
+  ARSC:
+  ASCl:
+  ARXN:
+  AICl:
+  ARot:
+  ARNC:
+  ARXC:
+  GICl:
+  GRXC:
+  GRXN:
+  GRNC:
+  GRSC:
+  GSCl:
+  GYTT:
+  GRot:
+  MDCC:
+  CRot:
+  CVCC:
+  CDCC:
+  CMOC:
+  CSCM:
+  JRot:
+  CPAS:
+  PRTT: (Pressure Sensor / Barometer) temp-compensation-table
+  SPPO: (Pressure Sensor / Barometer) pressure-offset-calibration
+  PxCl: (Proximity Sensor) prox-calibration
+  PSCl:
+  STRB:
+  BCAR:
+  PrCL:
+  RACa:
+  RACm:
+  RxCL:
+  TCal:
+  WSKU:
+    description: WiFi Chip / Product SKU
+  WCAL:
+    description: WiFi Calibration Data
+  RFEM:
+  BCAL:
+  BTTx:
+  BTBF:
+  MBac:
+  BTRx:
+  RSKU:
+    description: Region SKU (in US "/LLA")
+  DClr:
+  DBCl:
+  DPCl:
+  DTCl:
+  CGSp:
+  CLCL:
+  MiGH:
+  SpPH:
+  SpGH:
+  MiGB:
+  TMac:
+  ksku:
+  TCID:

data/share/terms.yaml

@@ -0,0 +1,340 @@
+---
+terms:
+  ace:
+  - title: USB-C Port Controller
+  aht:
+  - title: Apple Hardware Test
+  ane:
+  - title: Apple Neural Engine
+  anps:
+  - title: Apple Push Notification Service
+    description:
+  aop:
+  - title: Always-On Processor
+  AP:
+  - title: Application Processor
+  aps:
+    see:
+    - apns
+  APTicket:
+  mach:
+  tfp0:
+  gcd:
+    - title: Grand Central Dispatch
+  xnu:
+  seatbelt:
+    see:
+      - sandbox
+  dfu:
+    - title: Device Firmware Update
+  recovery:
+  restore:
+  mdm:
+    - title: Mobile Device Management
+  dep:
+    - title: Device Enrollment Program
+  se:
+    - title: Secure Element
+  register:
+    - title: Processor Register
+  msr:
+    - title: Model/Machine Specific Register
+      see:
+        - register
+  ecore:
+    - title: Efficienty Core
+  pcore:
+    - title: Performance Core
+  x86:
+  x86_64:
+  x86_64h:
+  arm:
+  armv7:
+  aarch64:
+  aarch64e:
+  sp:
+    - title: Stack Pointer
+  fp:
+    - title: Frame Pointer
+  baseband:
+  bluetooth:
+  wlan:
+  bridge:
+  bridgeOS:
+  eOS:
+  OHCI:
+  EHCI:
+  VHCI:
+  XPC:
+  RemoteXPC:
+  "Mach Port":
+    see:
+      - mach_port
+  mach_port:
+  bundle:
+  AppKit:
+  UIKit:
+  entitlement:
+  cs:
+    - title: Code Signing
+  ioreg:
+  macho:
+  dylib:
+  dsc:
+  syscall:
+  plist:
+  asn:
+  asn1:
+  der:
+  pdu:
+  quarantine:
+  dyld:
+  executable:
+  service:
+  launchd:
+  Framework:
+  defaults:
+  iv:
+    - title: Initialization Vector (Encryption)
+  key:
+    - title: Encryption Key
+  pem:
+  efi:
+  nub:
+  aes:
+    - title: Advanced Encryption Standard
+  pki:
+    - title: Public Key Infrastructure
+  ecc:
+    - title: Elliptic Curve Cryptograph
+    - title: Error Checking and Correction
+  hid:
+    - title: Human Interface Device
+  uart:
+  amfm:
+  i2c:
+    - title: Inter Integrated Circuit
+  spmi:
+  smmu:
+  mmu:
+  pa:
+    - title: Physical Address
+  tc:
+    see:
+      - TrustCache
+  iboot:
+  reg:
+    see:
+      - register
+  ean:
+  ans:
+    - title: Apple NAND Storage
+  soc:
+    - title: System-on-a-Chip
+  fpga:
+  AuxKC:
+  BootKC:
+  sio:
+    - title: SmartIO (iPad keyboard covers)
+  tss:
+    - title: Tatsu Signing Server
+  kc:
+    see:
+      - kernelcache
+  rsep:
+    - title: Restore SEP Firmware Image
+  keynag:
+  asmb:
+  - title: Apple Secure Multi Boot
+  awdl:
+  csr:
+    see:
+    - sip
+  ctrr:
+  dart:
+  - title: Device Address Resolution Table
+  dext:
+  dmg:
+  - title: Disk Image
+  dt:
+  - title: Device Tree
+  en:
+  - title: Ethernet Adapter (generic)
+    description: Often `en` in the form `enX` where X is a number is used to identify
+      a network adapter.
+  esim:
+  - title: Embedded Subscriber Identificaton Module
+    see:
+    - sim
+  euicc:
+    see:
+    - esim
+  FindMy:
+  - title: FindMy iPhone / Mac
+    description: A set of technologies that both help find the location of a lost
+      Apple device, as well as prevent theft from being able to reset the device for
+      sale or use.
+  FireWire:
+  - title: FireWire
+  fmm:
+    see:
+    - FindMy
+  fw:
+    see:
+    - FireWire
+    - firmware
+  isp:
+  - title: Image Signal Processor
+  kdp:
+  - title: Kernel Debug Port / Protocol
+    description: KDP is a general way in which XNU allows for the kernel itself to
+      be attached to a debugger. Attaching a kernel debugger allows for the complete
+      control of a device and subverts all security guarantees, therefore should be
+      exercised with care.  Apple makes majority of the KDP for external users available
+      through Kernel Debug Kits.  These are components that help with two machine
+      debugging, but nearly all kernels shipped by Apple can be debugged if the proper
+      `boot-args` are passed on startup.
+  kernel:
+  kernelcache:
+  - title: Kernel Cache
+    description: A kernel cache is a combined object that contains the kernel itself
+      as well as various kexts (Kernel Extensions).  Older macs would load the kernel
+      itself, then load the various kexts from disk. The process of loading the kexts
+      and then binding the symbols was a process that slowed the starup of a mac.  Apple
+      then started doing the combine of the kernel and the extensions into a BootCache
+      that allowed the system to load one large monolithic binary.
+  kext:
+  ktrr:
+  - title: Kernel Text Readonly Region
+  lpddr:
+  - title: Low-Power Double Data Rate RAM
+    description: LPDDR differs as it uses techniques to minimize the amount of power
+      needed to maintain the memory.  Most RAM requires that the RAM controller occasionally
+      read each value, and write it again as the data is stored in capacitors that
+      leak current over time.  Were the cells not refreshed, every 1 in memory would
+      eventually leak enough current that it would become a zero.
+    see:
+    - ddr
+  lr:
+  - title: Link Register (ARM)
+    description: The LR is populated when a `bx` is called to inform a function of
+      the address to return to.
+  nand:
+  - title: Not-AND Based Non-volatile Memory
+    see:
+    - nvme
+  nmi:
+  - title: Non-maskable Interrupt
+  nor:
+  - title: Not-OR Based Non-volatile Memory
+    see:
+    - spi
+  nvram:
+  - title: Non-Volatile RAM
+  ota:
+  - title: Over-the-Air Update - Incremental Update (Somewhat arcane)
+    description: In the earliest days of the iPhone, users had to connect the device
+      to a computer with iTunes to download and Apply updates to the operating system.  Eventually
+      Apple produced a system called OTA (because at the time it was mostly focused
+      on download of these updates over cellular - therefore over-the-air as in wireless)
+      to allow users to keep a device updated without being tied to a computer. This
+      is somewhat of a misnomer now because OTA updates can be delivered over several
+      means, some of which include over ethernet for example which, ironically isn't
+      over any wireless protocol.  Some types of devices and restore flows make use
+      of 'full OTAs' which are a delta update in OTA format, but includes the entire
+      set of data to restore devices.  These are typically employed for devices that
+      lack the port needed for DFU/iBoot/IPSW based recovery.
+  otg:
+  - title: USB On-the-go
+    description: USB-OTG is a way to describe a device that is typically a peripheral
+      acting instead as a USB host.  The technology evolved as phones became not just
+      devices you could attach to a computer such as to sync with iTunes, but hosts
+      in their own right such as to access a flash drive.
+  panic:
+  - title: Kernel / Device Panic
+    description:
+  pc:
+  - title: Program Counter (ARM/Intel)
+    description: The PC or Program Counter is the address (typically virtual address)
+      which the processor is currently executing.  When a subroutine is called, the
+      PC is the address passed to LR so that the called function knows where to return
+      to.
+  pio:
+  - title: Programmed IO
+  pmgr:
+  - title: Power Manager
+  pmp:
+  - title: Power Management Processor
+  pram:
+  - title: Parameter RAM
+    see:
+    - nvram
+  rtkit:
+  - title: RealtimeKit (Realtime OS)
+  sart:
+  - title: Secure Address Resolution Table
+  sep:
+  - title: Secure Enclave Processor
+  sim:
+  - title: Subscriber Identification Module
+  SIP:
+  - title: System Integrity Protection
+    description: System Integrity Protection is a set of technologies employed by
+      Apple to ensure that even when a process executes as root (UID0) it cannot modify
+      a system in such a way as to disable security features.  The feature is also
+      known as `csr` due to it being managed by `csrutil` and stored in Intel macs
+      in the nvram variable `csr-status`.
+  smc:
+  - title: System Management Controller
+  spi:
+  - title: Serial Peripheral Interconnect
+    description: SPI is a physical pin layer used to pass data between chips.  It's
+      primary use is in SPI Flash, which is a simple, low level way to read and write
+      firmware from flash storage.  This was used to load the BIOS/Firmware for Intel
+      macs before the T2. (The T2 uses eSPI or enhanced SPI to expose a "synthetic"
+      or fake SPI Flash chip to the Intel chip from the T2).  Often SPI is used by
+      Apple devices to load and store non-volatile data prior to bringing up the NAND/NVMe
+      chip, this historically was called NOR as it was a distinct component.  NOR
+      Flash is usually more expensive compared to NAND which is why the early iPhone
+      models made use of a smaller (in the few megabytes range) NOR chip to load iBoot,
+      and stored the user's data on a larger NAND flash chip. In newer devices the
+      NOR/SPI flash is synthetic and provided by ANS2/3.
+  SysCfg:
+    see:
+    - SysConfig
+  SysConfig:
+  - title: System Configuration
+    description: SysCfg / SysConfig is a portion of non-volatile memory of Apple devices
+      that encodes various data that is only to be set by Apple.  The most canonical
+      example is this is the location of the serial number.  This is because the device
+      serial number cannot be burned in as it is the whole device, not any one component.  SysCfg
+      is a series of key/value pairs and is documented in `syscfg.yaml`.
+  tbm:
+  - title: Trusted Boot Monitor
+  tcon:
+  - title: Timing Controller (Displays)
+    description: The TCON is used to control the refresh of a LED/OLED display, ensuring
+      that each frame is shown for the right amount of time, and that new frames are
+      updated all at once / not-torn.
+  tdm:
+  - title: Target Disk Mode
+  trustcache:
+  - title:
+  tz:
+  - title: ARM TrustZone
+    see:
+    - tz0
+    - tz1
+  tz0:
+  tz1:
+  uicc:
+    see:
+    - sim
+  usb-pd:
+  - title: USB Power Delivery
+  vm:
+  - title: Virtual Memory
+  - title: Virtual Machine
+metadata:
+  description:
+  credits: []

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: apple-data
 version: !ruby/object:Gem::Version
-  version: 1.0.600
+  version: 1.0.602
 platform: ruby
 authors:
 - Rick Mark
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2024-02-06 00:00:00.000000000 Z
+date: 2024-02-15 00:00:00.000000000 Z
 dependencies: []
 description: |2
       This package includes machine readable data about Apple platforms maintained by hack-different.
@@ -264,11 +264,13 @@ files:
 - share/pmu.yaml
 - share/registers.yaml
 - share/resources.yaml
+- share/sandbox.yaml
 - share/sep.yaml
 - share/services.yaml
 - share/sip.yaml
 - share/smc.yaml
 - share/syscfg.yaml
+- share/terms.yaml
 - share/tipw_sync.yaml
 - share/vmapple.yaml
 homepage: https://docs.hackdiffe.rent