<marcan>
Alex[m]17: it is not. read the article about DFU.
<marcan>
Apple Silicon devices cannot boot from external storage at all
<marcan>
not without recovery mode working anyway
<marcan>
iBoot does not support USB
<marcan>
"booting" from external storage is, apparently, actually a recovery feature where it copies the boot-related stuff from external storage into internal storage
<marcan>
so none of this is relevant for recovery
<marcan>
if 1TR is gone, and macOS is gone, you get to DFU
<tpw_rules>
how many kilobytes is iBoot?
<marcan>
robinp: that's basically my plan, except copying screen and script from macOS so I can have a proper tty
stormclad has joined #asahi
<rwhitby>
marcan: do you think it would be useful to create a wiki page that tells people how to prepare their device to be able to participate in the project while still having access to macOS data (either in internal or external disk) and how to recover from worst case scenarios? Put all the various information into one place specific to this project?
stormclad has quit [Ping timeout: 260 seconds]
<opticron>
that sounds like a very convenient page
<davidrysk[m]>
The first part, we're not 100% on that yet
<davidrysk[m]>
The second part, a second Mac (relatively recent Intel Mac is fine) and a link to the DFU instructions, well that should recovery a worst case scenario
<davidrysk[m]>
recover*
<opticron>
kind of a "newbies and desparate start here"
<rwhitby>
davidrysk[m]: right, the first part is what I'm intending to help determine.
<opticron>
*desperate
<davidrysk[m]>
I'd start with seeing how to install multiple instances of macOS on the Mac
<davidrysk[m]>
e.g. 11.0.1 and 11.1, in separate APFS containers
<davidrysk[m]>
Are you familiar with installinstallmacos.py? That's another useful tool — it allows for the creation of a bootable install USB (though I'm not 100% sure it will boot on M1)
<rwhitby>
I'm currently assuming that nothing that's not a utility that already exists on the M1 will be of any use for dual-booting etc.
<davidrysk[m]>
Apple claims that you're supposed to be able to have multiple macOS installs
<Alex[m]17>
<marcan "Alex: it is not. read the articl"> marcan: i dont know what article you are referring to. but good to hear there is a recovery mode irrelevant to booting from external storage.
<davidrysk[m]>
but people have reported problems with external boot (which doesn't appear to be direct external boot)
<rwhitby>
ok, so I successfully reinstalled macOS on an external TBT3 SSD according to https://discussions.apple.com/thread/252222611 and have been (as expected) able to select it as a startup disk. All this is of course expected. Next step is to DFU recover from scratch, and then see if it's still possible to boot from the external SSD after that.
<davidrysk[m]>
there is a startup disk preference panel in macOS
roxfan has quit [Remote host closed the connection]
<rwhitby>
Yes, that's the normal way to select startup disks. The same options (internal SSD and external SSD) are also available in 1TR alongside the Options.
aratuk has quit [Ping timeout: 246 seconds]
<davidrysk[m]>
do you have a usb-c drive you can test with?
<davidrysk[m]>
people report mixed success and failure
<rwhitby>
I'm testing with TBT3 SSD (Samsung X5). I can also test with USB3 10Gb/s SSD (Sandisk Extreme 900).
roxfan has joined #asahi
aratuk has joined #asahi
aratuk_ has joined #asahi
aratuk_ has quit [Read error: Connection reset by peer]
aratuk__ has joined #asahi
aratuk__ has quit [Read error: Connection reset by peer]
aratuk_ has joined #asahi
aratuk has quit [Ping timeout: 246 seconds]
<rwhitby>
As expected, booting from internal SSD or external SSD also works from 1TR selection screen. Nothing new here.
<marcan>
and probably increases the chances of macOS upgrades failing
<marcan>
davidrysk[m]: so one problem with the APFS containers which makes this finicky is that I already tried adding a partition and it broke recovery mode
<marcan>
I need to figure out what exactly happened and whether it can be fixed
<marcan>
(it didn't break macOS, so I was able to delete the partition and get it back without DFU)
<marcan>
probably just the recovery partition getting referenced by index somewhere
<rwhitby>
marcan: that's what I'm in a position to test now if you need anything tested. I have a fully expendable (as long as it can be recovered) macOS install at the moment.
<marcan>
so for dual-booting, of course, one way would be to have our bootloader be able to chainload macOS
<marcan>
but if we can coax iBoot/recovery mode into doing it, that would be very convenient
<marcan>
and in principle multiple installs should indeed be supported AIUI
<marcan>
there is clear evidence of support for that
<marcan>
one thing though. is that a lot of this might be broken
<marcan>
*lots* of things were broken in what shipped from the factory AIUI
<marcan>
which is why everyone said upgrade to 11.0.1 first
<marcan>
M1 was clearly a rush job, especially this whole firmware/boot thing
<marcan>
so I expect things to improve over time
<marcan>
but we should expect to encounter bugs/problems at this stage I think
<marcan>
feeling good about progress today, going to reply to an important email or two and get down to work
<rwhitby>
well, if DFU restore doesn't work I can just take it back as DOA today ;-)
<marcan>
hahaha, I would be *very* surprised if any of us managed to brick the things so that they can't be DFU'd
<rwhitby>
yeah, but I want to personally prove that process today before I start to rely on it working at some point in the future :-0
<marcan>
though one interesting question is whether Apple can do product data repair in Apple Stores - probably not is my guess, so if we manage to nuke that they probably have to go back to the mothership for repair
<marcan>
but there is no reason whatsoever for us to ever write to NOR flash as far as I can tell
<marcan>
and possibly even no way, it might be locked hard after iBoot
<robinp>
marcan: streming ?
<marcan>
robinp: probably
* rwhitby
is in a position to watch today
<marcan>
rwhitby: feel free to hack around; I don't have anything specific to want to test right now, other than seeing if I can get recovery to work with an extra partition
<marcan>
what I did was use disk utility in macOS to partition the disk, splitting the macOS container into two. that's somewhat broken, you can pick HFS and then it goes and formats it as APFS anyway. it errored out for me, but actually did the split properly
<marcan>
then I went back and formatted it as HFS+ as a placeholder
<marcan>
at that point macOS was fine, but recovery no longer worked
<marcan>
deleting the HFS+ partition (leaving the empty space) fixed it
<rwhitby>
yeah, that's my goal - work out how to have an extra partition that Linux can use while macOS remains where it is
<marcan>
I remember diskutil (cmdline) showing recovery partition numbers in the apfs info
<marcan>
so I suspect it's stored somewhere
<marcan>
but it might also be in iSC
<marcan>
(that's iBoot System Container btw)
<rwhitby>
If you like I'll document all the partitioning in the wiki too
<marcan>
I was actually about to do some of that, boot process/partitioning docs
<marcan>
let me get to the emails and I'll stream some of that research
<rwhitby>
please paste a link here when you start streaming
<marcan>
oh yeah, one thing you can do
<marcan>
you have that PD analyzer, right?
<rwhitby>
yep
<rwhitby>
Ellisys C-Tracker, and also my own Saleae decoder.
<marcan>
I wonder if Apple Configurator 2 actually does any PD stuff against a target Mac, if you use a proper C-C cable
<rwhitby>
(and a Cypress analyser and a Twinkie, but I never use those)
<davidrysk[m]>
Back for a while
<davidrysk[m]>
marcan: you being on Japan time is kinda inconvenient for me :D
<marcan>
so maybe you can give that a whirl
<marcan>
davidrysk[m]: yeah...
<marcan>
unfortunate timezone issues
<rwhitby>
yes, I intended to have full tracing in place for the DFU to capture all that
<davidrysk[m]>
rwhitby: It might be worth seeing if you can have multiple macOS APFS containers with different OS volumes on the internal disk
<davidrysk[m]>
and still have recovery function
<marcan>
I'm mostly interested in PD; I think we mostly know how DFU works, and I have a USB2 analyzer I can use for that bit
<marcan>
I do want to get idevicerestore (linux tool) to work with the M1
<marcan>
not sure what the current state is
<rwhitby>
ok, will check PD in particular
<marcan>
but it should be mostly incremental additions to that
<davidrysk[m]>
marcan: unimplemented. I think it might support T2
<marcan>
yeah, but I mean, how close
<JTL>
marcan: out of interest, what USB2 analyzer you use these days?
<marcan>
OpenVizsla
<marcan>
which I helped write the software for
<JTL>
ah yeah
<JTL>
I remember the kickstarter for that from 10 years ago
<JTL>
and the delays
<marcan>
yeah that was one... rollercoaster ride
<JTL>
haha
<JTL>
I remember that
<marcan>
let's just say a certain someone is no longer welcome to work with us
<JTL>
Oof
<marcan>
and also Ben saved the project with his own personal money (R.I.P...)
<rwhitby>
is that the one you would buy today, or is there something better (e.g. Luna?)
<marcan>
I think that kickstarter deserves an award for being the most delayed hardware project that actually shipped all rewards
<JTL>
RIP bushing
<JTL>
marcan: *xbox 360 trophy thingy*
czero64 has quit [Ping timeout: 260 seconds]
<JTL>
"Delayed but Shipped Project"
<davidrysk[m]>
I mean, between it and the Open Locksport kickstarter, for which Jason Scott stepped in to help complete
<marcan>
rwhitby: not sure tbh, haven't looked into it. OV is a nice architecture, but I also want to design Glasgow revD/E, and revE will be a perfectly fine backend for an analyzer
<marcan>
but that's at least a couple years away most likely
<marcan>
actually I kinda wonder if a USB "hat" for revC would make sense... next to no buffer memory is a problem though
<marcan>
(OV has that)
<marcan>
but revE will definitely support this use case with the right modules
<davidrysk[m]>
Some Apple documentation (IIRC WWDC2020 videos) hints that you can have multiple OS versions within the same APFS container, but that really doesn't help us
<davidrysk[m]>
I wish Apple didn't put so much of their documentation in videos
<marcan>
yeah
<davidrysk[m]>
it's awfully inconvenient
<rwhitby>
Looks like OV is available to purchase at sysmocom
stormclad has joined #asahi
<marcan>
it is
<marcan>
those are the units Ben had stashed away, we finally got them into good hands semi-recently
<marcan>
(bless his wife)
<JTL>
It's what bushing would've wanted :(
<marcan>
seriously, I can't thank both of them enough for everything they've done for this project and so many others
<marcan>
it certainly is
<rwhitby>
I've been looking for a good USB sniffer, was waiting for Luna but may push the button on that one earlier
<marcan>
just keep in mind the software is a bit hacky, last I remember we were discussing how to properly integrate it with pcap/wireshark
<marcan>
honestly the project needs a bit of software love
<marcan>
the hardware is great
<rwhitby>
ktemkin is using it for Luna testing, right?
<marcan>
I haven't used it recently, last time I used it I was just dumping USB frames to stdout :)
<davidrysk[m]>
I think most of the time when I've needed to do USB tracing I've used the VMware facilities for it, but they're nowhere near as good as hardware
* rwhitby
shuts up so marcan can get back to email and streaming
<marcan>
I should actually look into who github.com/openvizsla is, we should convert that to an organization
<marcan>
(I think this used to be hosted elsewhere)
<marcan>
anyway, emails and work
<Necrosporus>
rwhitby, maybe this question is naive, but is it possible to boot OSX from $5 USB flash drive? Are you required to have something like thunderbolt SSD? Also... given it's supposedly super fast, how long does it take to get you from power on to login screen / desktop?
<davidrysk[m]>
Necrosporus: you're supposed to be able to boot from a $5 USB flash drive (but performance will suck, so you might not want to), but people were reporting it to be broken
<rwhitby>
I'll be testing 10Gb/s USBC SSD soon, and have tested 20Gb/s TBT3 SSD. Can time both of them if you like.
<davidrysk[m]>
I've had okay performance on my intel macs with the sandisk extreme pro usb 3.1 (or 3.2) drives
<Necrosporus>
rwhitby, can you time internal storage?
<davidrysk[m]>
rwhitby: do you have any lower-end USB media like the drives I refer to?
<Necrosporus>
Also you do already have working external medium, right? So can you just dd it over an USB flash?
<rwhitby>
davidrysk[m]: not of sufficient size
<davidrysk[m]>
Necrosporus: you can't just dd it over a usb flash, you have to use the mac os installer app. now if you dd that, that probably can be portable to another usb flash
<Necrosporus>
I mean that thing, yes
<Necrosporus>
using installer, then dd whatever there is to other external drive
<Necrosporus>
How much space is required by the installer?
<Necrosporus>
Can it install to 8Gb medium? Or 16Gb?
<davidrysk[m]>
the big sur installer is much more inefficient than previous ones
<davidrysk[m]>
people reported difficulty with USBA drives
<Necrosporus>
rwhitby, and boooting from it too?
<davidrysk[m]>
I'm not sure if they meant using the USBA ports on mac minis, or USBC adapters for them
<davidrysk[m]>
the mac mini USBA ports are weird because they're behind those Fresco Logic controllers — it's possible that Apple didn't fully implement boot support for them
<davidrysk[m]>
I guess the next thing
<davidrysk[m]>
use Disk Utility to shrink the APFS container on the 480GB to 240GB and make a second one and name it differently
<davidrysk[m]>
install macOS onto it and see what the partition layout looks like
<rwhitby>
33s from 1TR to login for USBC.
<davidrysk[m]>
then try the same on the internal
<davidrysk[m]>
see if you can stuff two separate OS installs on the same disk... and see if recovery and all still work
<Necrosporus>
That's quite a lot, I think
<Necrosporus>
I mean Windows XP on my old computer with slow 40GB ide HDD took about 30 seconds to boot
<rwhitby>
That's weird - I got a "The version of macOS on the selected disk needs to be reinstalled" when booting from the TBT3 SSD, even though it previously had no issue booting from it multiple times.
<davidrysk[m]>
rwhitby: if that happens, go back to the boot selector and try again
<davidrysk[m]>
that can mean the incorrect volume is selected
<davidrysk[m]>
(and can also be triggered by bootchain related bugs, of which there are still some)
<rwhitby>
happened a second time from 1TR, trying from macOS prefs
stormclad has quit [Ping timeout: 240 seconds]
<rwhitby>
32s from reboot to login for TBT3 SSD, roughly same as USBC SSD, so it's not transport or disk speed limited (I know that TBT3 SSD is at least twice as fast as USBC SSD using BlackMagic speed test.
<marcan>
davidrysk[m]: there is no boot support for *any* external storage; all of that is handled via macOS
<davidrysk[m]>
rwhitby: is it any faster on reboot?
<Shiz>
marcan: so I guess you saw `diskutil apfs list` right
<marcan>
so in principle "external" "boot" should work from anything macos supports
<davidrysk[m]>
marcan: via macOS in recovery?
<marcan>
yes
<Shiz>
where it assigns the partition role by partition number
<Shiz>
:)
<Shiz>
that probably is the cause of your breakage
<marcan>
Shiz: yes
<marcan>
that is what I saw after the breakage
<marcan>
but I'm not sure how true that info is
<marcan>
or how it fits into everything else
<rwhitby>
14s for internal chime to login.
<marcan>
so I need to check if that really is the problem :)
<marcan>
diskutil is way too automagic
<davidrysk[m]>
marcan: that's why I wonder what will happen if you make a second APFS container with a second independent copy of macOS on the internal SSD
<marcan>
I don't even know what the GPT partition entries look like tbh
<davidrysk[m]>
I can dump my gpt :)
<davidrysk[m]>
but I think I can also make diskutil do that
<marcan>
actually I was having trouble with that, getting raw disk info
<marcan>
and then I realized bputil *re-enables* aspects of SIP, grumble
<davidrysk[m]>
yes
<marcan>
I think it will probably work now
<marcan>
that's another thing on my TODO list today :p
<marcan>
anyway, let me do the emails :)
<davidrysk[m]>
did y'all see that Apple got rid of old fashioned raw target mode?
<davidrysk[m]>
modern target mode is SMB server based
<rwhitby>
final figures are 14s internal chime to login, 22s USBC chime to login, 22s TBT3 chime to login.
<marcan>
davidrysk[m]: same reason I think
<Shiz>
the GPT partition entries are pretty simple
<marcan>
it seems the philosophy here was "UEFI on Macs is an enourmous pile of junk"
<Shiz>
disk3 is a synthesized APFS volume
<marcan>
and they went full 180
<Shiz>
like btrfs subvolumes
<marcan>
and now iBoot is tiny, and everything else is done in macos
<davidrysk[m]>
marcan: well it *was* an enormous pile of junk
<davidrysk[m]>
and the updater was unreliable too
<marcan>
btw, another useful thing: amfi_get_out_of_my_way=1 on boot-args should get rid of all of the entitlement junk I *think*
<marcan>
(if SIP is disabled)
<Shiz>
the GPT entries are just: [iBoot SC][APFS volume][Recovery]
<Shiz>
3 partitions :)
<marcan>
Shiz: I wonder what they are in my GPT, after I created and deleted a partition
<davidrysk[m]>
what happens if you put a second apfs volume on the disk
<roxfan>
what's SC?
<marcan>
specifically, whether it coalesced or not
<Shiz>
system container
<marcan>
iBoot System Container
<Shiz>
the iboot pre-bootstrap
<roxfan>
k
<Shiz>
:p
<Shiz>
info container
<marcan>
davidrysk[m]: right now if you put a second anything on the disk recovery explodes :p
<marcan>
so I need to fix that first
<davidrysk[m]>
hm, disk utility won't let you
<marcan>
disk utility does let you partition the main container
<davidrysk[m]>
it lets you add volumes to the main container
<davidrysk[m]>
it does not let you add another main container
<Shiz>
for the curious
<marcan>
right now my mac mini looks like [iSC][macOS]<empty space>[Recovery] (I'm not sure what the physical partition entry indexes are in GPT at this point)
<rwhitby>
davidrysk[m] 4s faster on TBT3 for reboot to same disk
<marcan>
that works
<marcan>
but with a partition filling the empty space, it breaks
DarthCloud has quit [Remote host closed the connection]
DarthCloud has joined #asahi
Tokamak has quit [Ping timeout: 246 seconds]
Tokamak has joined #asahi
<rwhitby>
M1 doesn't like being told to boot from an external disk but then unplugging the external disk. Doesn't seem to default back to the internal disk automatically.
<rwhitby>
davidrysk[m] let me know if you want anything else recorded from that
<davidrysk[m]>
what's in the EFI?
<davidrysk[m]>
anything at all?
<davidrysk[m]>
those look like plain volumes that are set up in the same way intel mac bootable external volumes would be set up
<rwhitby>
davidrysk[m] updated gist
<davidrysk[m]>
rwhitby:
<davidrysk[m]>
rwhitby: can you mount it as a FAT32 partition and recursively list the contents?
<rwhitby>
yep, it's empty
<artemist>
IIRC Apple loves putting an ESP on every GPT thing, even if it's just a flash drive you don't intend to be bootable
<davidrysk[m]>
they use it for firmware updates and apparently a log of some sort, on pre-T1 Intel Macs
<Shiz>
at least the internal drive has no ESP :p
<rwhitby>
confirmed - if you boot from an external drive, and then reboot without that drive attached, then you get into a boot loop that eventually results in a Recovery Assistant screen which says you have to reinstall and does not have the option to boot from the internal drive. you have to power cycle into 1TR to see the internal drive again and boot from it.
<Shiz>
wow
<Necrosporus>
rwhitby, thanks. Does EFI partition made by M1 have any files on it?
<Necrosporus>
is it fat32?
<Shiz>
that makes sense with my knowledge of how the boot process works so far
<Necrosporus>
Ah, wait already answered
aratuk has joined #asahi
<Necrosporus>
Do you know what are those volumes for? Like VM, and unlabeled disk9s2
<Necrosporus>
Do preboot and VM volumes have any files?
<Shiz>
Preboot is used in the boot process and contains iBoot, the device tree and the kernel cache
<Shiz>
along with various other stuff
<Necrosporus>
So, they are as files?
<Shiz>
yes
<Necrosporus>
did anybody upload them?
<Shiz>
probably not? they're note very interesting
<Shiz>
it's not much different than what is in the ipsw
<davidrysk[m]>
Necrosporus: you can extract them from an ipsw (also, -re)
aratuk_ has quit [Ping timeout: 272 seconds]
<davidrysk[m]>
rwhitby: that sounds like a bug that should be filed with apple...
<rwhitby>
so, next step is to try and add a partition to an external drive and see if it still boots from that drive?
<davidrysk[m]>
okay I really have to go
<davidrysk[m]>
night :)
<rwhitby>
actually, first would be to try to add an extra APFS volume rather than a partition
<Necrosporus>
davidrysk[m], or to remove ESP
<rwhitby>
1TR still presents it as a boot option ...
aratuk has quit [Remote host closed the connection]
<davidrysk[m]>
I would expect adding an APFS volume to not be a problem
aratuk has joined #asahi
<rwhitby>
yep, still boots
<marcan>
VM is the swap partition
<marcan>
Necrosporus: do not ask for file uploads, that is a copyright violation
<Shiz>
i do wonder why VM is only 20kb for me
<marcan>
devicetrees and such are data-like enough to be probably okay, but we're not going to put iBoot executables on the internet
<Shiz>
do apfs subvolumes grow?
<marcan>
Shiz: dynamically resizes
<Shiz>
ah
<marcan>
yes
<marcan>
they share space
<marcan>
that's the point
<Shiz>
neat
<rwhitby>
Now adding a FAT32 partition to the external disk while booted from that disk.
<marcan>
I wonder if I can install macos to an "external disk", then replace the kernel with mini, then just not plug in said disk. that should actually work, given what we know about how this works
<rwhitby>
(just using plain Disk Utility to do this, in the hope that it will keep everything blessed)
<marcan>
yeah let me try that
aratuk has quit [Ping timeout: 264 seconds]
<marcan>
seems like the safest bet to mess with kernels
<marcan>
in principle doing that should result in the secondary install/kernel ending up in the internal storage anyway
<rwhitby>
external disk booted with both Linux APFS volume and Linux FAT32 partition.
<rwhitby>
(not that I haven't disabled any security yet)
<davidrysk[m]>
disabling the signed system volume is kinda a one way modification
<davidrysk[m]>
reinstalling macOS should restore that part
<davidrysk[m]>
the other things can be reverted
<davidrysk[m]>
(without reinstall)
<davidrysk[m]>
(signed system volume == authenticated-root)
<rwhitby>
ok, going to add the same volume and partition to the internal disk now and see if that still boots. if it doesn't, then I'll have an excuse to do a recovery :-)
<davidrysk[m]>
if you didn't mount it as read/write and edit the system volume, just re-enabling it might work
<davidrysk[m]>
rwhitby: also see if you can still access macOS Recovery
<rwhitby>
Is it possible that the trick is simply to do the partitioning before disabling the security?
<davidrysk[m]>
and test the different combinations of [Apple_APFS_ISC] [Apple_APFS] [Apple_APFS_Recovery] [Linux], [Apple_APFS_ISC] [Apple_APFS] [Linux] [Apple_APFS_Recovery], and Apple_APFS_ISC] [Linux] [Apple_APFS_Recovery]
<davidrysk[m]>
I think OS firmware might be stored in [Apple_APFS] though :|
<rwhitby>
oh, I'm just being a dumb end-user and using the Disk Utility GUI to add these things. I'm not placing the new partitions in specific places.
<davidrysk[m]>
which means testing with that partition in place, but with the large system and data volumes deleted and the partition itself shrunk, might be worth it
<davidrysk[m]>
ahhhh :)
<davidrysk[m]>
disk utility is low on features but it does have better error handling
<davidrysk[m]>
anyway now I really need to go
<rwhitby>
restarting with new partition/volume on internal disk ...
<rwhitby>
ok, that's not looking as good as the external disk. boot loop city.
<rwhitby>
so that's a clear macOS bug then. A user adds partitions using disk utility GUI and their device no longer boots as a result.
<rwhitby>
however, going though 1TR allows it to boot again
<rwhitby>
but a normal restart continues to result in a boot loop
_whitelogger has joined #asahi
<rwhitby>
yes, it was the other bug manifesting. there seems to be no issue with additional partition/volume on internal disk or external disk (note that security has not been disabled yet)
<marcan>
rwhitby: what exactly did you do on the internal disk to partition it?
kkd has joined #asahi
<marcan>
when I split/added a partition (note: no actual macos install though) it broke 1TR
<marcan>
oh wait, you added a partition to the external disk you mean
<rwhitby>
marcan: I went into Disk Utility GUI, and first added an APFS volume, and then added a partition. All using the GUI only.
<rwhitby>
I tested this both on external disk first, and now also on internal disk.
<marcan>
by adding a partition you mean selecting the main container, then clicking partition?
<rwhitby>
Yes, select Container disk3, click partition, say "yes, I do want partition, not volume", select the size and format type.
<marcan>
huh, that's what broke it for me
<rwhitby>
then wait as it resizes, after it warns you it can take a long time on a live filesystem (it didn't take more than 5 minutes)
<rwhitby>
so the difference is that I have not yet removed security
<marcan>
mine actually failed at some point, but the resize worked, but I had chosen HFS+ and it decided to make it APFS anyway, then I reformatted it as HFS+, then rebooted, 1TR broken
<marcan>
either that, or OS version
<rwhitby>
I'm on 11.1, and I chose FAT32 to start, and have redone it with ExFAT just now.
<marcan>
oh lol, at some point an OSX update must've decided to remove my partitioning anyway. lovely.
<marcan>
well, let's try that again
<marcan>
I made it FAT32
<rwhitby>
I'm trying it again with a 128GB ExFAT
<rwhitby>
(half the disk)
<rwhitby>
yep, no problem
<rwhitby>
marcan: did it work for you?
<marcan>
lessee
<marcan>
well it shows up as FAT32
<marcan>
yup, works now
<marcan>
well okay then, either something went strangely wrong last time, or they fixed a bug
<marcan>
I might've been on 11.0.1 that time
<marcan>
very good that this works then :)
<brentr123[m]>
Gg
<rwhitby>
yes, very good.
<rwhitby>
Does it work from command line too? (for future scripting)
<marcan>
haven't tried yet, but first I want to see how that apfs info looks
<marcan>
also yay, raw disk access works (hadn't checked that yet)
<marcan>
(SIP coming back on after bputil *really* confused me)
<marcan>
let's install some less-terrible tools with homebrew
bear24rw has quit [Remote host closed the connection]
<Shiz>
_alice: apparently xartutil --erase-all also erases touchID data
<Shiz>
so likely some SEP/T2 interaction
<Shiz>
>xartutil: ERROR: No supported link to the SEP Present yea
<marcan>
Shiz: there are several subvolumes mounted
<marcan>
(from iSC)
<marcan>
that is one of them
<marcan>
so things to keep in mind
<Shiz>
xarts gets mounted from 1s2 though, that's not iSC
<marcan>
it is
<Shiz>
oh right, disk1 is synthesized
<Shiz>
I off-by-oned myself :p
<marcan>
"effaceable storage": encrypted storage that is "quick-erasable" by nuking the keys
<marcan>
they also do rollback protection, I believe there should be a secure EEPROM/element IC somewhere (could be in-package) that talks to the SEP
<marcan>
and the SEP has to store stuff too, so presumably that gets put somewhere
<marcan>
we also don't *really* know for a fact that /dev/disk0 is really the whole storage, for all we know the SEP could have a partition behind the scenes at a lower level
<marcan>
Shiz: but yeah this is looking like the SEP store, which presumably is actually proxied through the OS
<Shiz>
ye
<marcan>
I think this is a common scheme in android too, let the OS drive the eMMC and proxy e.g. baseband storage through
<marcan>
xartutil --list shows two "sessions"
<Shiz>
i mean it makes sense, no need to add a bunch of storage to the SEP if you can just store it elsewhere encrypted :)
<Shiz>
yeah, and the latter session is your Data volume
<marcan>
trying to read the .gl file gives operation not permitted :)
<Shiz>
threw me off that the synthesized disk1 didn't appear in diskutil, wonder what's up with that
<marcan>
it works in recovery
<marcan>
they have some kind of BS to hide them in macOS
<marcan>
I'd really like to figure out how to disable that
<marcan>
diskutil list -plist does show everything (in plist form), ha
<Shiz>
:o
<Shiz>
I just dumped the disk1 with dd and used hdiutil attach -imageKey CRawDiskImage -nomount, which also showed details :p
<marcan>
also I faked the header to that (I had already partitioned my disk), please sanity check that gdisk output
<JTL>
Enjoy lunch :)
<Shiz>
there was a small diff in free space in your GPT header, I replaced it with dumps from mine
<Shiz>
as well as added the iSC info, and replaced the macOS info with mine (mostly small UUIDs and size diffrences, but eliminates the 256GB disclaimer)
<Shiz>
on an unrelated note, glad someone else is using dokuwiki-style category:name titles
bear24rw has quit [Remote host closed the connection]
bear24rw has joined #asahi
bear24rw has quit [Ping timeout: 260 seconds]
Necrosporus_ has joined #asahi
Necrosporus is now known as Guest90598
Necrosporus_ is now known as Necrosporus
Guest90598 has quit [Killed (card.freenode.net (Nickname regained by services))]
bear24rw has joined #asahi
jabashque has joined #asahi
amw1 has joined #asahi
Tokamak has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
jaXvi has quit [Ping timeout: 246 seconds]
bear24rw has quit [Remote host closed the connection]
bear24rw has joined #asahi
bear24rw has quit [Ping timeout: 265 seconds]
amw1 has quit [Ping timeout: 246 seconds]
maor26 has joined #asahi
marcan changed the topic of #asahi to: Asahi Linux: porting Linux to Apple Silicon macs | General project discussion | Topics: #asahi-dev #asahi-re #asahi-gpu #asahi-offtopic | Keep things on topic | GitHub: https://alx.sh/g | Logs: https://alx.sh/l/asahi
marcan changed the topic of #asahi to: Asahi Linux: porting Linux to Apple Silicon macs | General project discussion | GitHub: https://alx.sh/g | Wiki: https://alx.sh/w | Topics: #asahi-dev #asahi-re #asahi-gpu #asahi-offtopic | Keep things on topic | Logs: https://alx.sh/l/asahi
<marcan>
(it's existing infra I had for mrcn.st, I just registered a domain and copypasta'd it; so far it's the only bit of AsahiLinux infra that's hosted on my personal infra, other than DNS, but I might figure some way to separate it later)
<marcan>
also, eventually, the installer will probably be something like curl https://alx.sh | sh :p
<j`ey>
makes sense, no point for a db for so few links :-)
<marcan>
I mean the filesystem already implements perfectly good b-trees and things like that
<marcan>
symlinks make for a perfectly fine key-value store
<marcan>
:-)
<marcan>
(even though ls gets angry at me and shows them bright red because it think symlinks should point to files, for some reason)
<mrasmus>
Huh. How does that check out on e.g. a windows system? That feels like something that could get munged by poor client assumptions, in some way.
<mrasmus>
(I'll be honest, have not worked extensively in the intersection of git and symlinks, heh.)
<marcan>
yeah, uh, I'm not sure what windows would do with that
<marcan>
apparently msysgit checks them out as text files?
<mrasmus>
Better than trying to check them out as... what are they called in ntfs-land, junctions? Those map better to hard links iirc?
<marcan>
well, Windows NT has a UNIX subsystem so...
<mrasmus>
No wait, I did know that. I was conflating when I had to work with junction crap for other reasons; my last gig actually involved mklink and the like.
<marcan>
heh
<mrasmus>
Look, I try not to remember that gig. Got stuck as the build engineer for an eng org that didn't know Windows but was building entirely on a Windows stack. There's a lot of reasons I did not stick around. >.>
<mrasmus>
Anyway now I'm curious how other git clients handle the symlink thing, might have to hack around and find out at some point.
<marcan>
so one takeaway from this is that iBoot2 (the OS loader) is packaged with macOS, and logically part of the "OS" install even though we can't touch it
<marcan>
that means that if we want to "dual-boot" properly, we will need two partitions: an APFS container containing at least the Preboot stuff (and possibly other dummy volumes), where we copy over the Preboot part of a macOS install, and replace only the kernelcache
<marcan>
and then a proper linux partition
<marcan>
hopefully if we do it this way it will play nice with the macOS updater (and it also means it won't update our device firmwares for us, thus won't break our drivers when macOS gets updated)
<marcan>
(since each OS has a separate iBoot2/firmware blob set)
<marcan>
so the next thing to play around with is whether this is possible - whether I can manually copy over a macOS preboot layout and convince SFR to boot it
<davidrysk[m]>
I’ll paste my diskutil output in a bit
<davidrysk[m]>
then what loads the firmware for us?
<davidrysk[m]>
Or do we read it off recovery and load it from there?
<davidrysk[m]>
That would be one way to get around the firmware distribution problem
TheJollyRoger has quit [Remote host closed the connection]
<davidrysk[m]>
ok right, diskutil only shows me the Apple_APFS_ISC partition (disk0s1), because the APFS container is unmounted, and the OS will not allow mounting it.
<davidrysk[m]>
However, I can use dd to create an image of it and then use hdiutil to mount that
TheJollyRoger has joined #asahi
<davidrysk[m]>
(with a bit of finagling -- I used `hdiutil attach -verbose -imagekey diskimage-class=CRawDiskImage -nomount -readonly imagename.img`
<davidrysk[m]>
The same is true with the Apple_APFS_Recovery partition, disk0s3
<davidrysk[m]>
the APFS volumes only get synthesized when the container is mounted
czero64 has quit [Quit: Session terminated!]
aratuk has joined #asahi
aratuk has quit [Ping timeout: 272 seconds]
<marcan>
iBoot(2) loads the firmware
<marcan>
it is mounted
<marcan>
diskutil is just doing some stupid hiding thing
<marcan>
diskutil list -plist shows it
<davidrysk[m]>
hm yeah, then it is diskutil being silly
<marcan>
you can get info for individual components
jamadazi has quit [Ping timeout: 264 seconds]
modwizcode has joined #asahi
bear24rw has joined #asahi
bear24rw has quit [Ping timeout: 265 seconds]
<marcan>
lol, I tried to do a mildly complex repartition with Disk Utility and of course it failed (after attempting to do it in a ridiculously inefficient way)
<marcan>
I should stop trying to use that UI, it's clearly terrible
mah has joined #asahi
<davidrysk[m]>
the Disk Utility UI is terrible, and the CLI is clunky
<brentr123[m]>
i like how the windows partition manager is
<brentr123[m]>
in microsoft windows
<modwizcode>
I don't, it gets annoyed if the disk isn't partitioned just right and refuses to work at all.
<davidrysk[m]>
UI wise it's fine, but I find it to be unstable and hang a lot
jamadazi has joined #asahi
<davidrysk[m]>
it's also lacking knobs
<davidrysk[m]>
so I very often have to resort to using diskpart
<modwizcode>
Sometimes you just can't delete partitions that are on secondary disks even just because it's marked in such a way that windows thinks it should be protected. So you have to use diskpart which is way less safe
mah has quit [Ping timeout: 246 seconds]
mah has joined #asahi
<modwizcode>
marcan: possibly slightly unrelated but do you have like an active copy of the codebase for mini that you start with somewhere? I assume the version you linked me from the SPMP isn't the most current
<modwizcode>
Ah okay I figured you touched it since
<davidrysk[m]>
marcan: (you might know this already but) it's probably best to set it up as a new repo and not a fork on GitHub because forks lack some critical features
<j`ey>
it does?
<marcan>
mini? I wasn't planning on forking it, it's going to be mangled too much to be worth having history
<marcan>
but what features are missing?
<davidrysk[m]>
for one, you cannot search the code of forks using the search box on the github website
<marcan>
oh hah
<modwizcode>
Did they change that?
<modwizcode>
You used to, I always get fork results and it was annoying
<jn__>
(not being able to search them is pretty terrible for the 30k linux kernel forks on github)
<davidrysk[m]>
I mean if you're searching for code within a specific repo
<j`ey>
"Sorry, forked repositories are not currently searchable.
<j`ey>
"
<j`ey>
weird
<modwizcode>
That must be new
<modwizcode>
Because every time I tried to find strange code I'd get 30000x copies of the same forked repo
<j`ey>
modwizcode: searching *within* a repo
<modwizcode>
Ohhh
<modwizcode>
I had it backwards for what wasn't working lol
Bublik has joined #asahi
ransom has joined #asahi
Bublik has quit [Ping timeout: 264 seconds]
mah has quit [Ping timeout: 256 seconds]
jamadazi has quit [Ping timeout: 264 seconds]
<Shiz>
marcan: just whe ni had munged it to b econsistent with mine :D