Skip to content

Instantly share code, notes, and snippets.

@thimslugga
Forked from YOU54F/README.md
Created April 24, 2024 17:28
Show Gist options
  • Save thimslugga/a623751a137789d75cb1c8d6ebac1752 to your computer and use it in GitHub Desktop.
Save thimslugga/a623751a137789d75cb1c8d6ebac1752 to your computer and use it in GitHub Desktop.
Apple Silicon and Virtual Machines: Beating the 2 VM Limit
layout title date categories
post
Apple Silicon and Virtual Machines: Beating the 2 VM Limit
2023-08-08 07:00:00 -0600
macOS

For those who've been wondering what I've been doing for these past few months outside of OpenCore Legacy Patcher, I got the amazing opportunity to work as a Mac Admin Intern at a local consultant company.

One of the areas I've been working quite a bit with is macOS Virtual Machines, specifically Apple Silicon Virtual Machines based on Apple's Virtualization framework. However, not long after doing a lot of development and testing using Apple's VM stack (through the amazing project, UTM), I found a very frustrating limitation: Apple Silicon hosts can only have a maximum of 2 macOS guest VMs active at once.

This is most commonly seen with this error, generated by Virtualization.framework:

The number of virtual machines exceeds the limit. The maximum supported number of active virtual machines has been reached.

The main reason for this error comes from macOS' SLA, section 2.B.iii:

(iii) to install, use and run up to two (2) additional copies or instances of the Apple Software, or any prior macOS or OS X operating system software or subsequent release of the Apple Software, within virtual operating system environments on each Apple-branded computer you own or control that is already running the Apple Software, for purposes of: (a) software development; (b) testing during software development; (c) using macOS Server; or (d) personal, non-commercial use.

While I cannot officially virtualize more than 2 copies of macOS on a single machine at once for work, I was still interested in figuring out where in macOS Apple embeds these checks and whether hobbyists and researchers could enable support for more than 2 active macOS VMs at once.

macOS Internals Deep Dive

To start, I initially thought this limitation was userspace based and as such would be embedded somewhere within /System/Library/Frameworks/Virtualization.framework. Due to macOS Big Sur's dyld merger of frameworks, we'll need to either extract the framework manually or use tooling such as Hopper Disassembler to load specific binaries embedded in the dyld shared cache.

With this, I was able to examine the framework more closely. However, after many hours of research, I was unable to find where Apple imposed the VM limit. At best, I could only determine that the error message was generated from the framework but nowhere in userspace itself does Apple define a hardcoded 2 VM limit...

After a tip from jevinskie on the Hack Different Discord server, I learned that Apple's guest limitation is implemented somewhere within the closed-source part of XNU (the macOS kernel). While I didn't have any strings to go off of, I did know that the Intel Kernel won't have the same code. So with a not-so-quick comparison between the functions and strings of the Intel and Apple Silicon kernels, I found that the main VM stack is under hv_vm_*.

Throwing the development kernel for macOS Sonoma Beta 4 (23A5301h) in IDA, I found the init code for the VM stack: hv_init():

Here we see how Apple handles the VM limitation: Using the int hv_apple_isa_vm_quota variable, the kernel decrements/increments the variable as new Virtual Machines as started/stopped:

Increment Function Decrement Function
void hv_vm_destroy_0(hv_vm_t_0 *vm) void hv_trap_vm_create(uint64_t_0 arg)

And something else is interesting, 2 new boot-args: hypervisor= and hv_apple_isa_vm_quota=.

The former is a simple gate check for the latter, which is far more interesting: hv_apple_isa_vm_quota= can override the VM limitation in the kernel!

However, after some more research, I found that this logic is not the same in the release kernels. Instead, Apple swapped the hypervisor boot-arg with an AppleInternal check through System Integrity Protection:

/*
  CSR_ALLOW_APPLE_INTERNAL = 0x10

  From XNU Source:
  #define CSR_ALLOW_APPLE_INTERNAL (1 << 4)
  https://opensource.apple.com/source/xnu/xnu-7195.121.3/bsd/sys/csr.h.auto.html
*/
if ((*(int8_t *)_csr_config & 0x10) != 0x0) {
  _PE_parse_boot_argn_internal(*0xfffffe00072696d0 + 0x6c, "hv_apple_isa_vm_quota", 0xfffffe0007b58410, 0x4, 0x0);
}

Here we have 2 options:

  1. Boot Apple's Development Kernel
  2. Modify the release kernel to strip the AppleInternal check

To save the bit of sanity I have left, we'll go with the first option. So now my next challenge: Booting a development kernel on my MacBook Pro.

Building a Development Kernel Collection

To build a development kernel collection, we'll need to fetch the appropriate Kernel Debug Kit from Apple's Developer Site. Note that KDKs must match the host, otherwise, issues can occur both during kernel and kext linkage as well as during boot.

Once you have the KDK Disk Image downloaded and installed the embedded package, next check the type of kernel your Mac uses:

uname -v | awk -F '/' '{print $NF}'| awk -F '_' '{print $NF}'

On an M2 Pro MacBook Pro (Mac14,9), this will return T6020. On other CPU models, especially different generations such as M1 vs M2, the kernel variant will be different:

Now we can start building our kernel!

The following invocation assumes:

  • Host machine uses a T6020 Kernel
  • Host is running macOS 14.0, Build 23A5301h

Ensure you adjust your invocation below to match your host respectively.

sudo kmutil create \
  --arch arm64e \
  --no-authorization \
  --variant-suffix development \
  --new boot \
  --boot-path VirtualMachine.kc \
  --kernel /Library/Developer/KDKs/KDK_14.0_23A5301h.kdk/System/Library/Kernels/kernel.development.t6020 \
  --repository /Library/Developer/KDKs/KDK_14.0_23A5301h.kdk/System/Library/Extensions \
  --repository /System/Library/Extensions \
  --repository /System/Library/DriverExtensions \
  --explicit-only $(kmutil inspect -V release --no-header | grep -v "SEPHiber" | awk '{print " -b "$1; }')

This will create a VirtualMachine.kc file in your home directory. Keep in mind the path, as we'll need to access this from recoveryOS.

Configuring our Mac to boot the Development Kernel Collection

Finally shutdown your Mac, and boot into recovery by holding the power button and selecting "Option":

Next, authorize the user, and select Utilities -> Terminal from the Menubar. Here we'll set some policies for our machine:

  1. Disable System Integrity Protection
  2. Allow custom boot args to be passed
  3. Configure our Mac to boot our custom Kernel Collection (adjust Macintosh HD to your volume)
  4. Set our boot-args
  • kcsuffix=: Set Kernel Collection variant to boot
  • hypervisor=: Enable special features in the Virtualization Stack (namely VM quota override)
  • hv_apple_isa_vm_quota=: Override VM quota, the max value is 0x7FFFFFFF (set to 0xFF (255) VMs for practicality)
csrutil disable
bputil --disable-boot-args-restriction
kmutil configure-boot --volume /Volumes/Macintosh\ HD --custom-boot-object /Volumes/Macintosh\ HD/Users/*/VirtualMachine.kc
nvram 40A0DDD2-77F8-4392-B4A3-1E7304206516:boot-args='kcsuffix=development hypervisor=0x1 hv_apple_isa_vm_quota=0xFF'

Once rebooted, you can verify this applied in Terminal:

sysctl kern.osbuildconfig
nvram boot-args

Putting our machine to work!

Now that everything is prepared, you'll now want to grab any virtualization solution utilizing Virtualization.framework. Some examples include:

Now we can fire up our VMs! Below I got 9 macOS VMs running at once on my M2 Pro MacBook Pro, and still usable for testing!

(This was also the first time I ever heard the fan turn on this machine, so we know we're getting our money's worth ;p)

When did Apple grace us with this feature?

It seems that with macOS 12, Monterey, Apple added this boot-arg along side the Virtualization stack. And as we saw with Sonoma's kernel, the AppleInternal check is still present even in Monterey. It seems Apple still has a ton of secrets hiding within XNU.

Closing Thoughts

Overall this was a really interesting research journey and I'm glad I was able to figure out how Apple implemented this limitation. Additionally I really appreciate that even though this is an unsupported use case, the Virtualization team in CoreOS still provided the option for enthusiasts to override this limitation (even if not documented or straightforward to do so).

Some improvements I have in mind for the future (though unlikely to implement):

  • Develop tooling to automate the KC building and booting.
    • Download and generate a development kernel collection for a given host.
    • Configure host in recoveryOS to boot the kernel collection.
  • Look into developing a kernel extension that can override the hv_apple_isa_vm_quota variable.
    • Removes the need for a custom, development kernel collection.

Otherwise I hope the community finds this blog post interesting, my next journey will likely be seeing whether DEP Enrolment/Serial Number overrides for Apple Silicon VMs is possible. Though may not be as lucky as this post ;p

layout title date categories
post
Apple Silicon and Virtual Machines: Custom Serials, DEP Enrolment and the Secure Enclave
2023-08-18 07:00:00 -0600
macOS

With my last post, I briefly mentioned at the end that my next challenge was to figure out whether the usage of custom serial numbers or Automated Device Enrolment (ADE) through the Device Enrolment Program (DEP) was possible on Apple Silicon VMs running macOS. Well today we'll go over the challenges of getting DEP working, and how iCloud and Custom Kernel Collections all face the same issue.


Reversing the Virtualization stack

To start, we'll be delving into Apple's Virtualization stack once more: /System/Library/Frameworks/Virtualization.framework. What we'll be looking for is references to serial numbers in the framework, and whether there are any exposed methods to supplement our own values.

After a bit of searching, class dumps and a very useful page from the vz wiki, we can see some interesting properties and methods exposed in Virtualization.framework:

// Property
@property (T@"_VZMacSerialNumber",R) _serialNumber

// Class Method
[VZMacMachineIdentifier _machineIdentifierWithSerialNumber:]
_VZMacSerialNumber _machineIdentifierWithSerialNumber

Notes:

  • Virtualization.framework currently only supports serial numbers of 10 characters. This means serial numbers from pre-2021, such as Intel machines and first-wave M1s, will be unsupported. Models released after the 2021 M1 iMac should be using this new format (ex. 14"/16" MacBook Pros)
  • These private APIs were added in macOS Ventura, thus requiring Ventura or newer as the host. However, Monterey guest VMs can still be used with them.

Modding VirtualApple to gain more private functions

Now that we have these fun new APIs to try, we need an app we can modify. For this, we'll be modding Saagar Jha's VirtualApple project. With some help from DhinakG, we're all set to test our VM!

However, on Virtual Machine creation, we get an unfortunate error when trying to start a Virtual Machine with a custom serial number:

Granting Private Entitlements

After some brief debugging, I found that com.apple.Virtualization.VirtualMachine.xpc is dying with the following line:

FATAL: Unable to create a virtual machine with restricted devices.

Throwing the XPC service in a decompiler, we find our issue:

if (os_variant_has_internal_content("com.apple.virtualization") != 0x0) {
        sub_10024efa8("Restricted devices require the com.apple.private.virtualization entitlement.");
}

To resolve this, we'll need to sign VirtualApple with a private entitlement. Unfortunately for us, that means we need to disable AMFI.

As we did in the last blog post, boot into recoveryOS and run the following in Terminal:

bputil --disable-boot-args-restriction
nvram 40A0DDD2-77F8-4392-B4A3-1E7304206516:boot-args='amfi=0x80'

amfi=0x80 is a boot argument that disables AMFI's security restrictions, including allowing us to sign arbitrary entitlements on our applications.

  • This boot-arg is also known as amfi_get_out_of_my_way=0x1

Once back in our main OS, we'll need to add the following entitlement: com.apple.private.virtualization

Simply add it to VirtualApple's entitlements.plist, and resign:

  • You can also simply re-run the project with the updated entitlement if you don't have an exported app.
codesign -f -s - --entitlements entitlements.plist VirtualApple.app

Booting our Virtual Machine with custom serial numbers

Finally, we can boot our virtual machine with our custom serial! After a brief install using a Store Demo serial number we have access to, we see some success! Our machine successfully appears as an Demo Unit with the expected "Demo Registration: Please, Enter the demo mode activation code" message:

Now for the real challenge, testing a serial number enrolled in DEP.


Now for this test I'll grab a 10 character serial number off a test machine and see if we can enroll in that machine's MDM.

While install and initial setup went smoothly, we do hit a serious error:

An error occurred while obtaining automatic configuration settings
The cloud configuration server is unavailable

No matter the OS or the serial number, we keep hitting this activation error...

Secure Enclave: The Missing Piece

After delving quite deep into the MDM enrolment flow, I found our core issue seems to be a missing UCRT.pem.

mobileactivationd: [com.apple.mobileactivationd:daemon] UCRT DEP enrollment state requested by mdmclient
mdmclient: [com.apple.ManagedClient:MDMDaemon] [0:MDMDaemon:<0x540>] UCRTsmb5: DEP registered according to UCRT: UCRTDEPStateUnavailable
mdmclient: [com.apple.ManagedClient:MDMDaemon] [0:MDMDaemon:<0x540>] CloudConfiguration: isDeviceRegisteredWithDEP:  APNS: -1  UCRT: -1  ProvDEP: 0

A UCRT is a User Identity Certificate that's sent from Apple's servers after our machine generates an attestation from the SEP (Secure Enclave Processor) using CryptoTokenKit.

  • /usr/libexec/teslad requests the UCRT from Apple through -[MobileActivationMacOSDaemon issueUCRT:withCompletionBlock:]_block_invoke, the request will result in Server error: 400 (bad request) and thus the rest of the DEP chain will fail.

So why does our Virtual Machine fail to create a UCRT? Well unfortunately it seems to be caused by missing hardware, specifically the lack of a Secure Enclave in our virtual machine. During attestation, the Owner Identity Certificate (OIC) is requested from the Secure Enclave, however our Virtual Machine doesn't support this and errors:

mobileactivationd: (libbootpolicy.dylib) [com.apple.BootPolicy:Library] BootPolicy: bootpolicy_get_oic: entry
mobileactivationd: (libbootpolicy.dylib) [com.apple.BootPolicy:Library] BootPolicy: SEP command 38 returned 3
mobileactivationd: (libbootpolicy.dylib) [com.apple.BootPolicy:Library] BootPolicy: assert: bpe == 0  (/AppleInternal/Library/BuildRoots/8ca92091-1d5a-11ee-a938-46d450270006/Library/Caches/com.apple.xbs/Sources/BootPolicy/dylib/dylib.c:1942)
mobileactivationd: (libbootpolicy.dylib) [com.apple.BootPolicy:Library] BootPolicy: bootpolicy_get_oic: exit: SEP storage (3)

Thus a proper attestation cannot be performed, and so the UCRT request fails.


So how does the rest of the OS function when there's no SEP? Well Apple developed AppleVPBootPolicy.kext, AppleVPCredentialManager.kext and AppleVPKeyStore.kext to handle the missing SEP and trick most of the OS into functioning correctly. Though as we can see, it's not perfect and fails to handle our Attestation request.

If we reverse /usr/lib/libbootpolicy.dylib and examine bootpolicy_get_oic, we'll see an invocation to the SEP:

int _bootpolicy_get_oic(int arg0, int arg1) {
	...
	result = __sep_command(0x26, ..., ..., ..., 0x1024);
}

From this, __sep_command invokes __sep_send, which implements an IOConnectCall for communication with com.apple.security.BootPolicy in IOService

  • Normally com.apple.security.BootPolicy would be BootPolicy.kext on bare metal, however in VMs AppleVPBootPolicy.kext will be taking this role.

Inside of AppleVPBootPolicy.kext, the array _command_functions[]'s entries corresponds to different functions.

SEP command 38 = _command_get_oic()

However the contents of this function doesn't provide anything of use, instead always returning error code 3:

signed __int64 _command_get_oic()
{
  __asm { HINT            #0x22 }
  return 3LL;
}

It seems that OIC handling was never implemented, most likely #ifdef'd out of public versions.

iCloud, OS Betas and Kernel Collections

Another thing you may have noticed is that Apple Silicon Virtual Machines cannot sign into iCloud. Well the reason for this is also attestation related, since AuthKit.framework cannot setup a secure chain of trust. And guess what macOS 13.4 added? A new requirement for developer accounts to access macOS Betas.

And for those needing to boot development kernels or test kernel extensions are also out of luck, as it seems bputil/kmutil cannot communicate with the SEP to configure boot for custom Kernel Collections including Auxiliary KCs meant for kexts in /Library/Extensions.

Conclusion

While unfortunately this research journey didn't result in any real successes for testing DEP workflows, it was still really interesting seeing how the enrolment setup functions as well as work with the private APIs in Virtualization.framework. Though it is quite frustrating seeing many development tools being unavailable in Virtual Machines, especially proper OS betas and custom kernel collections.

Perhaps with macOS 15, we'll finally get VirtualMac3,1 and proper SEP virtualization. Though this is just wishful thinking ;p

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment