apple-data 1.0.611 → 1.0.613

Sign up to get free protection for your applications and to get access to all the features.
data/share/nvram.yaml CHANGED
@@ -4,6 +4,13 @@ metadata:
4
4
  credits:
5
5
  collections:
6
6
  - nvram_variables
7
+ nvram_scopes:
8
+ system:
9
+ description: For Apple Silicon Macs - The SFR / System Level NVRAM
10
+ uuid: 40A0DDD2-77F8-4392-B4A3-1E7304206516
11
+ common:
12
+ description: For Apple Silicon Macs - The Per OS or Non-SFR / System NVRAM
13
+ uuid:
7
14
  nvram_variables:
8
15
  _csegbufsz_experiment:
9
16
  _libmalloc_experiment:
@@ -63,6 +70,9 @@ nvram_variables:
63
70
  bluetoothInternalControllerInfo:
64
71
  BluetoothUHEDevices:
65
72
  board-id:
73
+ boop-storage-nonces:
74
+ scopes:
75
+ - system
66
76
  boot-args:
67
77
  description: String passed to the XNU kernel at boot (M1's do filter this though)
68
78
  type: string
@@ -99,7 +109,7 @@ nvram_variables:
99
109
  boot-stage:
100
110
  boot-volume:
101
111
  bootdelay:
102
- description: Seconds to pause before autoboot
112
+ description: Seconds to pause before `auto-boot`
103
113
  type: number
104
114
  persistent: true
105
115
  BOSCatalogURL:
@@ -109,6 +119,11 @@ nvram_variables:
109
119
  build-version:
110
120
  cam-use-ext-ldo:
111
121
  com.apple.System.boot-nonce:
122
+ description: The persisted random seed that is hashed to become APNonce. While
123
+ this value is not changed, the APNonce remains the same. When a device is booted
124
+ from DFU, a new value is computed for this which is later in restore saved to
125
+ ensure that the APTicket remains valid. Upgrades to APTicket will generate
126
+ a new nonce value.
112
127
  com.apple.System.fp-state:
113
128
  com.apple.System.sep.art:
114
129
  com.apple.System.tz0-size:
@@ -250,6 +265,12 @@ nvram_variables:
250
265
  - PPC
251
266
  IOBusyInterest:
252
267
  IODeviceMemory:
268
+ IONVRAM-FORCESYNCNOW-PROPERTY:
269
+ description: 'Embedded still throttles NVRAM commits via kIONVRAMSyncNowPropertyKey,
270
+ but some clients still need a stricter NVRAM commit contract. Please use this
271
+ with care.
272
+
273
+ '
253
274
  IOPlatformActiveAction:
254
275
  IOPlatformHaltRestartAction:
255
276
  IOPlatformPanicAction:
@@ -288,6 +309,7 @@ nvram_variables:
288
309
  oem-logo:
289
310
  oem-logo?:
290
311
  one-time-boot-command:
312
+ description: A boot command to be used on the next reboot, which is then cleared
291
313
  ota-anomalies:
292
314
  ota-brain-version:
293
315
  ota-breadcrumbs:
@@ -356,6 +378,7 @@ nvram_variables:
356
378
  pmgr_cpu_override:
357
379
  pmgr_gpu_override:
358
380
  policy-nonce-digests:
381
+ description: The hashed digests of the recoveryOS, remote and local policies.
359
382
  pre-recovery-ota-failure-uuid:
360
383
  preferred-count:
361
384
  scopes:
@@ -366,7 +389,7 @@ nvram_variables:
366
389
  preserve-debuggability:
367
390
  prev-lang-diags:kbd:
368
391
  prev-lang:kbd:
369
- description: Default keyboard layout
392
+ description: The last selected language and keyboard layout pair
370
393
  type: string
371
394
  scopes:
372
395
  - common
@@ -425,6 +448,7 @@ nvram_variables:
425
448
  security-password:
426
449
  selftest-#megs:
427
450
  type: number
451
+ sep-debug-args:
428
452
  serverip:
429
453
  SleepWakeFailurePanic:
430
454
  SleepWakeFailureString:
data/share/pki.yaml CHANGED
@@ -7,8 +7,8 @@ metadata:
7
7
  - keys
8
8
  - oids
9
9
  certificate_names:
10
- dcrt: device certificate
11
- dcrt-oid: device owner certificate
10
+ dcrt: Device Identity Certificate
11
+ dcrt-oid: Device Owner Identity Certificate
12
12
  lcrt: Lynx / Secure Storage for SEP Certificate
13
13
  pcrt: product/production certificate?
14
14
  rcrt: remote/recovery certificate?
@@ -50,6 +50,8 @@ oids:
50
50
  - FDRDC-UCRT-SUBCA
51
51
  ous:
52
52
  - ucrt Leaf Certificate
53
+ 1.2.840.113635.100.11.1:
54
+ description: Component Certificate - Component Type
53
55
  1.2.840.113635.100.4.1:
54
56
  symbol: oidAppleExtendedKeyUsageCodeSigning
55
57
  1.2.840.113635.100.4.1.1:
@@ -167,6 +169,8 @@ oids:
167
169
  symbol: oidAppleCertExtAppleServerAuthenticationPPQProdQA
168
170
  1.2.840.113635.100.6.27.3.2:
169
171
  symbol: oidAppleCertExtAppleServerAuthenticationPPQProd
172
+ 1.2.840.113635.100.6.27.32:
173
+ description: Apple SSL Certificate
170
174
  1.2.840.113635.100.6.27.4.1:
171
175
  symbol: oidAppleCertExtAppleServerAuthenticationIDSProdQA
172
176
  1.2.840.113635.100.6.27.4.2:
@@ -197,6 +201,8 @@ oids:
197
201
  for Accessing the Production Apple Push Service
198
202
  1.2.840.113635.100.6.30:
199
203
  symbol: oidAppleCertExtAppleSMPEncryption
204
+ 1.2.840.113635.100.6.36:
205
+ description: Made for iDevice (MFi) - Authentication v3
200
206
  1.2.840.113635.100.6.38.1:
201
207
  symbol: oidAppleCertExtApplePPQSigningProdQA
202
208
  1.2.840.113635.100.6.38.2:
@@ -217,11 +223,18 @@ oids:
217
223
  1.2.840.113635.100.6.5.2:
218
224
  apple_description: Apple iTunes Store Certificates for Signing Requests to Purchase
219
225
  for the iTS
226
+ 1.2.840.113635.100.6.59.1:
227
+ description: Software Authentication GeneralCapabilities
228
+ 1.2.840.113635.100.6.71.1:
229
+ description: Made for iDevice (MFi) - Authentication v4 - Apple Accessory Properties
230
+ Extension
220
231
  1.2.840.113635.100.7.1.1:
221
232
  apple_description: 'Apple FairPlay certificate extended Application Authentication
222
233
  & Authorization: Policy'
223
234
  1.2.840.113635.100.8:
224
- description: Local Policy OID Root
235
+ description: Apple Local Device Attestation (BAA)
236
+ 1.2.840.113635.100.8.2:
237
+ symbol: CTOidItemAppleDeviceAttestationNonce
225
238
  1.2.840.113635.100.8.4:
226
239
  description: Contains a sequence of integer values. Some are 0, some are 1, others
227
240
  appear to be int32 bitmasks.
@@ -234,10 +247,11 @@ oids:
234
247
  - Basic Attestation User Sub CA2
235
248
  ous:
236
249
  - BAA Certification
237
- symbol:
250
+ symbol: CTOidItemAppleDeviceAttestationHardwareProperties
238
251
  1.2.840.113635.100.8.5:
239
252
  description: Similar in nature to `1.2.840.113635.100.8.4`. Non-integer values
240
253
  observed of `ssca`.
254
+ symbol: CTOidItemAppleDeviceAttestationKeyUsageProperties
241
255
  is_asn_body: true
242
256
  is_extension: true
243
257
  found_in:
@@ -248,7 +262,8 @@ oids:
248
262
  ous:
249
263
  - BAA Certification
250
264
  1.2.840.113635.100.8.7:
251
- description: ASN1 data for the version of macOS for the issued under (e.g. 12.2)
265
+ description: Information about the OS environment that performed that local attestation
266
+ symbol: CTOidItemAppleDeviceAttestationDeviceOSInformation
252
267
  is_asn_body: true
253
268
  is_extension: true
254
269
  found_in:
@@ -331,7 +346,11 @@ roots:
331
346
  ZFF10-SDOM1-TssLive-ManifestKey-ExtraContent-Global-RevA-DataCenter:
332
347
  subject_key_id: 041442FEAB470561CE2A7471B55AC0D81AB7536F4B36
333
348
  Apple Secure Boot Root CA - G2:
349
+ description: Primary iDevice SecureROM - Root of Trust
350
+ subordinate_cas:
351
+ T6031-SDOM1-TssLive-ManifestKey-RevA-DataCenter:
334
352
  Apple Secure Boot Root CA - G6:
353
+ description: Seems to be a CA for local policy signatures of boot firmware
335
354
  subordinate_cas:
336
355
  T6031-SDOM1-RecoveryBoot-RevA-Factory:
337
356
  description:
@@ -351,3 +370,6 @@ roots:
351
370
  FDR-SS-CM-E1:
352
371
  FDR-CA1-ROOT-CM:
353
372
  FDR-DC-SSL-ROOT:
373
+ Apple DDI Secure Boot Root CA - G1:
374
+ subordinate_cas:
375
+ ZFF10-SDOM1-TssLive-ManifestKey-ExtraContent-RevA-DataCenter:
@@ -0,0 +1,54 @@
1
+ ---
2
+ metadata:
3
+ description:
4
+ credits:
5
+ collections:
6
+ non_volatile_storage:
7
+ NVMe:
8
+ parts:
9
+ fsys:
10
+ dsecription: The user filesystem.
11
+ EAN:
12
+ diagnostics:
13
+ NAND:
14
+ parts:
15
+ none:
16
+ title:
17
+ boot:
18
+ title: Boot Block
19
+ diag:
20
+ title: Diagnostic Data
21
+ scfg:
22
+ title: System Config
23
+ firm:
24
+ title: Firmware
25
+ nvrm:
26
+ title: Firmware
27
+ fsys:
28
+ title: Filesystem
29
+ plog:
30
+ title: Effaceable
31
+ fbbt:
32
+ title: Bad Block Table
33
+ NOR:
34
+ EAN:
35
+ description: Emulated Apple NOR?
36
+ parts:
37
+ SysCfg:
38
+ nvram:
39
+ parts:
40
+ anvram: ARM NVRAM (Default for iDevices)
41
+ rnvram: Intel NVRAM (For devices with a T2)
42
+ system: The "system" layer NVRAM for Apple Silicon (for the domain of the SFR
43
+ and core APTicket)
44
+ common: Classical NVRAM for OS specific installs
45
+ formats:
46
+ NVV3:
47
+ ramrod_shadow:
48
+ formats:
49
+ nvram.plist:
50
+ xarts:
51
+ formats:
52
+ GigaLocker:
53
+ SEP:
54
+ description: The Lynx or Ocelot directly attached to the SEP
data/share/syscfg.yaml CHANGED
@@ -8,6 +8,7 @@ metadata:
8
8
  - entitlements
9
9
  stores:
10
10
  0Cfg:
11
+ description: Hypervisor Domain 0 SysCfg
11
12
  ADCL:
12
13
  name: Apple Display Calibration Store
13
14
  ADDA:
data/share/terms.yaml CHANGED
@@ -17,10 +17,14 @@ term_list:
17
17
  - title: 64bit ARM v8+ Architecture
18
18
  aarch64e:
19
19
  - title: 64bit ARM v8.3+ Architecture with Pointer Authentication
20
+ AASP:
21
+ - title: Apple Authorised Service Partner
20
22
  ACC:
21
23
  - title: Apple Core Cluster
22
24
  ACE:
23
25
  - title: USB-C Port Controller
26
+ ACM:
27
+ - title: Apple Credential Manager Service
24
28
  AES:
25
29
  - title: Advanced Encryption Standard
26
30
  AGX:
@@ -29,6 +33,8 @@ term_list:
29
33
  - title: Apple Hardware Test
30
34
  AID:
31
35
  - title: Apple ID
36
+ AKS:
37
+ - title: Apple Key Storage Service
32
38
  AltDSID:
33
39
  AMCC:
34
40
  - title: Apple Memory Cache Controller
@@ -39,7 +45,7 @@ term_list:
39
45
  ANE:
40
46
  - title: Apple Neural Engine
41
47
  anpi:
42
- - title:
48
+ - title: Apple NCM Private Interface
43
49
  ANS:
44
50
  - title: Apple NAND Storage
45
51
  AOP:
@@ -85,7 +91,7 @@ term_list:
85
91
  AWDL:
86
92
  - title: Apple Wireless Direct Link
87
93
  BAA:
88
- - title: Basic Attestation Authority (BAA)
94
+ - title: Basic Attestation Authority (BAA) - Used for Local Policy signing
89
95
  baseband:
90
96
  - title:
91
97
  see:
@@ -106,6 +112,9 @@ term_list:
106
112
  - APNonce
107
113
  BootKC:
108
114
  BootPolicy:
115
+ BootROM:
116
+ - see: SEPROM
117
+ - see: SecureROM
109
118
  bridge:
110
119
  bridgeOS:
111
120
  BRK:
@@ -127,12 +136,14 @@ term_list:
127
136
  CPSR:
128
137
  CRAM:
129
138
  - title: Cache-as-RAM
139
+ CRC:
140
+ - title: Cyclic Redundancy Check
130
141
  CRNG:
131
142
  - title: Cryptographic Random Number Generator
132
- cs:
133
- - title: Code Signing
134
143
  CS:
135
144
  - title: Code Signing
145
+ cs:
146
+ - title: Code Signing
136
147
  CSPRNG:
137
148
  - title: Cryptographically Secure Pseudorandom Number Generator
138
149
  CSR:
@@ -140,10 +151,13 @@ term_list:
140
151
  see:
141
152
  - sip
142
153
  CTRR:
154
+ - title: Configurable Text Readonly Region
143
155
  DART:
144
156
  - title: Device Address Resolution Table
145
157
  DCC:
146
158
  - title: Debug Communications Channel
159
+ dcrt:
160
+ - title: Device Certificate
147
161
  defaults:
148
162
  DEP:
149
163
  - title: Data Execute Prevention
@@ -177,6 +191,11 @@ term_list:
177
191
  - title: Error Checking and Correction
178
192
  eCore:
179
193
  - title: Efficiency Core
194
+ EEPROM:
195
+ - title: Electronically Erasable Programmable Read Only Memory
196
+ EffaceableStorage:
197
+ - title: Effaceable Storage
198
+ description:
180
199
  EFI:
181
200
  - title: Extensible Firmware Interface
182
201
  EHCI:
@@ -200,6 +219,10 @@ term_list:
200
219
  - title: Embedded Subscriber Identification Module
201
220
  see:
202
221
  - SIM
222
+ eSPI:
223
+ - title: Enhanced Serial Peripheral Interconnect
224
+ description: Used by the T2 to provide MacEFI to the Intel Chip
225
+ url: https://www.intel.com/content/dam/support/us/en/documents/software/chipset-software/327432-004_espi_base_specification_rev1.0_cb.pdf
203
226
  eUICC:
204
227
  - title: Embedded Universal Integrated Circuit Card
205
228
  see:
@@ -232,6 +255,8 @@ term_list:
232
255
 
233
256
  '
234
257
  Framework:
258
+ fuOS:
259
+ - title: Fully Unsigned OS
235
260
  FW:
236
261
  - see:
237
262
  - FireWire
@@ -246,6 +271,10 @@ term_list:
246
271
  '
247
272
  GENTER:
248
273
  GEXIT:
274
+ GID:
275
+ - title: Group Identity Key (Chip group key)
276
+ description: An AES key used to encrypt objects for all Apple CPUs with the same
277
+ CHIP identity
249
278
  gif:
250
279
  GL0:
251
280
  - title: Guarded Level 0
@@ -257,6 +286,8 @@ term_list:
257
286
  - GXF
258
287
  GXF:
259
288
  - title: Guarded Execution Feature
289
+ HDCP:
290
+ - title: High Definition Content Protection
260
291
  HFS:
261
292
  - title: Hierarchical File System (HFS/HFS+)
262
293
  description:
@@ -336,6 +367,18 @@ term_list:
336
367
  description: A Mach-O Object containing a series of KEXTs (Kernel Extensions)
337
368
  to be loaded alongside the kernel itself. Usually one of three types, the Boot,
338
369
  the System and the Auxiliary.
370
+ KernelIdentityProtection:
371
+ - title: Kernel Identity Protection
372
+ description: After the operating system kernel completes initialization, Kernel
373
+ Integrity Protection (KIP) is enabled to help prevent modifications of kernel
374
+ and driver code. The memory controller provides a protected physical memory
375
+ region that iBoot uses to load the kernel and kernel extensions. After startup
376
+ is complete, the memory controller denies writes to the protected physical memory
377
+ region. The Application Processor’s Memory Management Unit (MMU) is configured
378
+ to help prevent mapping privileged code from physical memory outside the protected
379
+ memory region and to help prevent writeable mappings of physical memory within
380
+ the kernel memory region. To prevent reconfiguration, the hardware used to enable
381
+ KIP is locked after the boot process is complete.
339
382
  kext:
340
383
  - title: Kernel Extension
341
384
  key:
@@ -358,6 +401,8 @@ term_list:
358
401
  for correctness. This ensures that the kernel guarantees are mathematically
359
402
  verified against defects.
360
403
  launchd:
404
+ lcrt:
405
+ - title: Lynx (SEP Secure Storage) Certificate
361
406
  LDM:
362
407
  - title: Lock Down Mode
363
408
  LLB:
@@ -395,6 +440,8 @@ term_list:
395
440
  LSB:
396
441
  - title: Least Significant Byte/Bit
397
442
  - title: Lower Side-Band
443
+ LVDS:
444
+ - title: Low Voltage Differential Signaling
398
445
  LZFSE:
399
446
  mach:
400
447
  mach_port:
@@ -412,11 +459,15 @@ term_list:
412
459
  MMU:
413
460
  - title: Memory Management Unit
414
461
  MRI:
462
+ - title: Mobile Resource Inspector
463
+ see:
464
+ - diags
415
465
  MRtI:
416
466
  MSB:
417
467
  - title: Most Significant Byte/Bit
418
468
  msm:
419
469
  - title: Qualcomm Baseband (Models are MSM) Motorola SoC Modem?
470
+ - title: Thunderbolt IP - Cactus Ridge Thunderbolt Controller
420
471
  MSR:
421
472
  - title: Model/Machine Specific Register
422
473
  see:
@@ -432,6 +483,8 @@ term_list:
432
483
  nbIF:
433
484
  - title: Nearby Interface Type
434
485
  context: nearbyd
486
+ NHI:
487
+ - title: Native Host Interface
435
488
  Nm:
436
489
  - title: User Assigned Name
437
490
  nmi:
@@ -454,6 +507,8 @@ term_list:
454
507
  - title: Other Architecture Handler (Rosetta2)
455
508
  OHCI:
456
509
  - title: Open Host Controller Interface (USB)
510
+ OIC:
511
+ - title: Owner Identity Certificate
457
512
  oic:
458
513
  - title: Owner Identity Certificate (OIC)
459
514
  oid:
@@ -560,6 +615,10 @@ term_list:
560
615
  - DRAM
561
616
  - CRAM
562
617
  - SRAM
618
+ ramrod:
619
+ - title: Ramrod Plugin
620
+ description: A plugin to `patchd` (the OTA system) to allow for full restores
621
+ via the OTA system. (Such as with the Watch which lacks consumer USB connections).
563
622
  recovery:
564
623
  reg:
565
624
  - see: register
@@ -569,6 +628,8 @@ term_list:
569
628
  RemoteXPC:
570
629
  restore:
571
630
  Rosetta:
631
+ RSA:
632
+ - title: RSA (Rivest–Shamir–Adleman) Public Key Cryptography
572
633
  rsep:
573
634
  - title: Restore SEP Firmware Image
574
635
  RSSI:
@@ -618,6 +679,11 @@ term_list:
618
679
  in the nvram variable `csr-status`.
619
680
  see:
620
681
  - CSR
682
+ SKP:
683
+ - title: Sealed Key Protection
684
+ SKS:
685
+ - title: Secure Key Store Service
686
+ SMBus:
621
687
  SMC:
622
688
  - title: System Management Controller
623
689
  - title: Secure Monitor Call (el3)
@@ -640,6 +706,10 @@ term_list:
640
706
  models made use of a smaller (in the few megabytes range) NOR chip to load iBoot,
641
707
  and stored the user's data on a larger NAND flash chip. In newer devices the
642
708
  NOR/SPI flash is synthetic and provided by ANS2/3.
709
+ SPIFlash:
710
+ - title: Serial Peripheral Interconnect Flash Memory Protocol
711
+ see:
712
+ - NOR
643
713
  SPMI:
644
714
  - title: System Power Management Interface
645
715
  url: https://www.mipi.org/specifications/system-power-management-interface
@@ -701,6 +771,7 @@ term_list:
701
771
  TDM:
702
772
  - title: Target Disk Mode
703
773
  tfp0:
774
+ - title: Task for PID 0 (Kernel)
704
775
  trpk:
705
776
  - title: Trusted Public Keys
706
777
  description: Occurs in `trst` objects
@@ -721,7 +792,13 @@ term_list:
721
792
  - tz1
722
793
  - title: Time Zone
723
794
  tz0:
795
+ - title: TrustZone for SEP
796
+ SCIP:
797
+ - title: System Coprocessor Integrity Protection
798
+ KIP:
799
+ - title: Kernel Integrity Protection
724
800
  tz1:
801
+ - title: TrustZone for AP (Trusted Boot Monitor)
725
802
  UART:
726
803
  - title: Universal Asynchronous Receiver / Transmitter
727
804
  ucrt:
@@ -730,6 +807,9 @@ term_list:
730
807
  - title: Universal Integrated Circuit Card
731
808
  see:
732
809
  - sim
810
+ UID:
811
+ - title: User Identity Key (Device specific key)
812
+ description: A unique AES key per device.
733
813
  uik:
734
814
  - title: User Identity Key (UIK)
735
815
  UIKit:
data/share/uuid.yaml ADDED
@@ -0,0 +1,11 @@
1
+ ---
2
+ uuids:
3
+ 40A0DDD2-77F8-4392-B4A3-1E7304206516:
4
+ description: System Firmware NVRAM Scope
5
+ 3D3287DE-280D-4619-AAAB-D97469CA9C71:
6
+ description: Primary System Recovery
7
+ C8858560-55AC-400F-BBB9-C9220A8DAC0D:
8
+ description: Fallback Recovery
9
+ metadata:
10
+ description:
11
+ credits: []
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: apple-data
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.611
4
+ version: 1.0.613
5
5
  platform: ruby
6
6
  authors:
7
7
  - Rick Mark
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-02-24 00:00:00.000000000 Z
11
+ date: 2024-02-27 00:00:00.000000000 Z
12
12
  dependencies: []
13
13
  description: |2
14
14
  This package includes machine readable data about Apple platforms maintained by hack-different.
@@ -268,9 +268,11 @@ files:
268
268
  - share/services.yaml
269
269
  - share/sip.yaml
270
270
  - share/smc.yaml
271
+ - share/storage.yaml
271
272
  - share/syscfg.yaml
272
273
  - share/terms.yaml
273
274
  - share/tipw_sync.yaml
275
+ - share/uuid.yaml
274
276
  - share/vmapple.yaml
275
277
  homepage: https://docs.hackdiffe.rent
276
278
  licenses: