Ventura incremental updates - MSU_ERR_FILESYSTEM_DOESNT_VERIFY with BlueToolFixup

[hacker1024]

When using the latest BlueToolFixup kext on Ventura, incremental updates break.

contents of '/usr/sbin/BlueTool' don't match bom (e349e24c vs 7deb332d)

Full output:

Software Update Tool

Finding available software
Downloading macOS Ventura 13 Beta 3
Downloading: 100.00%
Failed to download & prepare update: Error Domain=SUOSUErrorDomain Code=201 "Failed to prepare the software update. Please try again." UserInfo={NSLocalizedRecoverySuggestion=An error occurred while downloading the selected updates. Please check your internet connection and try again., NSLocalizedDescription=Failed to prepare the software update. Please try again., NSUnderlyingError=0x600000084ed0 {Error Domain=SUMacControllerError Code=7740 "[SUMacControllerErrorPrepareFailed=7740] Failed to perform Prepare operation: [MobileSoftwareUpdateErrorDomain(MSU):MSU_ERR_FILESYSTEM_DOESNT_VERIFY(3)_1_MobileSoftwareUpdateBOMErrorDomain:1|FullReplacementRequired|]" UserInfo={SUMacControllerErrorIndicationsSummary=|FullReplacementRequired|, SUMacControllerErrorIndicationsMask=2, NSUnderlyingError=0x600000084e70 {Error Domain=MobileSoftwareUpdateErrorDomain Code=3 "'./usr/sbin/BlueTool' does not verify" UserInfo={target_update=22A5295h, NSUnderlyingError=0x600000084f60 {Error Domain=MobileSoftwareUpdateBOMErrorDomain Code=1 "contents of '/usr/sbin/BlueTool' don't match bom (e349e24c vs 7deb332d)" UserInfo=0x600000e80740 (not displayed)}, MSUFullReplacementRecommened=true, NSLocalizedDescription='./usr/sbin/BlueTool' does not verify}}, NSLocalizedDescription=Failed to prepare the software update. Please try again., NSDebugDescription=[SUMacControllerErrorPrepareFailed=7740] Failed to perform Prepare operation: [MobileSoftwareUpdateErrorDomain(MSU):MSU_ERR_FILESYSTEM_DOESNT_VERIFY(3)_1_MobileSoftwareUpdateBOMErrorDomain:1|FullReplacementRequired|], SUMacControllerErrorIndicationsDescription=-> Full replacement is required [as opposed to incremental patch].}}}
^C
Cancelled download.

[khronokernel]

This is related to the usage of cs_validate_page, any Lilu plugin that patches userspace binaries in Big Sur+ will be affected. Any patches applied can be viewed on a binary in Hex editors, ie. Hex Fiend. This is why Apple alerts that the Bill of Material (BOM) is incorrect, as it knows what the contents should be.

• Note: We edit the page cache, not the physical binary. This is why on reboot, the patches are not retained

Main affected extensions of this would be BlueToolFixup, RestrictEvents, FeatureUnlock and WhateverGreen. These are just Acidanthera extensions, most likely other projects would be affected as well.

Currently unsure what options we have to work-around this. CC @vit9696

[vit9696]

That's roughly what I was worried about with the new changes @osy suggested long ago. I guess it has finally shoot into our legs. The right way is to do page copying, but it may trigger various page protection mechanisms.

[Kwokping]

Did the bug have been fixed？I have the same problem that couldn‘t incremental updates.

[PMheart]

Unfortunately this is more complex, while we look forward to patches.

[justinkb]

I can confirm this definitely happens with RestrictEvents' patching of the disk arbitration agent, just for the record

for me it is a low priority bug, since you can just do --fetch-full-installer in the command line. it is nice to know what the issue exactly is tho