Closed zhuowei closed 2 years ago
nikias
commented
3 years ago This is cool. We need to fix the naming though, maybe we should call them Virtual Mac 1 and Virtual Mac 2... how does AC2 call them?
Regarding the restore, it might be a similar issue we see with M1 restores on M1 iMacs and MacBooks.
nikias
commented
3 years ago Hmm apparently vma2macosap/VirtualMac2,1 is called Apple Virtual Machine 1 according to this:
https://gist.github.com/blacktop/c480ec1eeb87767e714e054f78128c42
zhuowei
commented
3 years ago Hmm apparently
vma2macosap/VirtualMac2,1is calledApple Virtual Machine 1according to this: https://gist.github.com/blacktop/c480ec1eeb87767e714e054f78128c42
The device tree for vma1 also calls it "Apple Virtual Machine 1" (at least in macOS 12 beta 1, when I last checked), though, hence the naming in this PR.
Apple Configurator 2 just shows the device as VirtualMac. (This is Configurator 2.13.1; not sure if 2.14 changes anything)
I wonder if we should just remove the vma1 device since you shouldn't encounter it normally. macOS 12 Virtualization.framework always chooses to emulate vma2macosap when given a macOS 12 IPSW, even though the IPSW has device trees for both, unless you manually override it or start the VM without an IPSW. Apple isn't signing vma1 so you'd never be able to restore onto it anyways.
nikias
commented
3 years ago Tempted to just call them VirtualMac either, or maybe stick with VirtualMac2,1 in case we ever see a different model name, although I could just update it later in case this happens. Also, it seems that Apple Configurator doesn't have a name but rather this is coming from some system framework, or maybe it strips of the numeric part.
nikias
commented
3 years ago Now the real question, can USB traffic be dumped when AC2 is restoring the VirtualMacs ? Needs disabled SIP and Wireshark, although not sure if this works on macOS 12.
Also @zhuowei would be cool to sniff the TSS requests, maybe there are differences compared to the Mac mini restores that are working already. You can disable SSL for TSS with:
defaults write com.apple.AMPDevicesAgent AuthInstallSigningServerURL http://gs.apple.com:80And undo this setting with
defaults delete com.apple.AMPDevicesAgent AuthInstallSigningServerURLMerged with 6e68ca725168a65d363d9a0f235a63773ef66bc4.
Adds device IDs for macOS 12's Apple Silicon VMs, as created in macOS 12 Virtualization.framework (https://developer.apple.com/documentation/virtualization/vzmachardwaremodel?language=objc)
Currently, macOS 12 beta 2 has device trees and support in Virtualization.framework for two different virtual machine types, VirtualMac1,1 and VirtualMac2,1. The first seems to be unused: only the VirtualMac2,1 variant is being signed.
See http://swcdn.apple.com/content/downloads/38/12/071-51840-A_R2JDKNM0LX/wqollynqs6j5006166tvw4rliu9htf7swu/BuildManifest.plist for the board IDs.
idevicerecovery can't recover the virtual machines through virtual DFU mode since it fails to send iBEC: https://gist.github.com/zhuowei/baabd6a3600eb1d59096fa056f3ab0d8 (Apple Configurator 2 is able to restore VMs over DFU, so the VM is working). Might as well add the device IDs anyway.