Difference between revisions of "SecureBoot"

From The iPhone Wiki
Jump to: navigation, search
(Created page with "== Introduction == With the advent of the T2 macOS gained the ability to verify the integrity of the OS as it is booted. === Verified Components == * The T2 verifi...")
(No difference)

Revision as of 00:36, 29 August 2020

Introduction

With the advent of the T2 macOS gained the ability to verify the integrity of the OS as it is booted.

= Verified Components

  • The T2 verifies MacEFI via img4 and feeds it to the Intel CPU via eSPI
  • MacEFI verifies the `boot.efi` component
    • If in Full Security mode it requires a im4m manifest that is specific to the T2 ECID
    • If in Medium Security mode it requires a im4m manifest that is specific to the T2 CPID