hoakley May 12, 2021 Macs, Technology

Booting an M1 Mac: external disks and local boot policy

One of the big differences between a Mac running macOS and a device running iOS/iPadOS is that the Mac can start up from an external disk.

Intel Macs without a T2 chip do this very simply, and provided that the external disk is compatible, has a suitable version of macOS installed, and has been ‘blessed’ as bootable, you can walk up to a Mac, start it up from that disk, and use it. The only thing which could stand in your way is if the user has enabled its firmware password.

The T2 chip changed this completely. Unless the user has already changed its default security settings to allow it to start up from an external disk, you’ll have no joy whatsoever. Although this is secure, it’s also more than inconvenient, as the times that you most need your Mac to start up from an external disk are when it’s in trouble with its internal disk, and that’s likely to prevent you from changing its security settings, leaving your Mac dead.

M1 Macs aim to address this shortcoming of T2 models: the ability to start an M1 Mac from an external disk isn’t directly controlled by its boot security policy, and it should be possible to boot an M1 Mac from an external disk without having to change any security settings. As there isn’t any direct control, it might look as if that’s the case, but security policy can still get in the way and prevent you from starting an M1 Mac up from an external disk. This article explains how that happens, among other things.

Boot Security Policy

Unlike a T2 Mac, M1 Macs don’t set one boot security policy for the Mac, but a policy for each bootable disk. This is attractive, as it means that you can still ensure that, when it boots from its internal SSD it does so in Full Security, but your M1 Mac can be more relaxed when it boots from an external disk instead. This is implemented in per-disk LocalPolicy files which are stored in the iSCPreboot container of the internal SSD at /[volume-group-uuid]/LocalPolicy/[policy-hash].img4.

When you select an external disk as the boot disk in the Startup Disk pane, it looks for that disk’s LocalPolicy. If it finds none, a new LocalPolicy is created, defaulting to starting up from that disk in Full Security mode. Among other things, that means that the version of macOS installed on it must be the same as (or more recent than) that installed on the internal SSD. This isn’t clearly explained in Apple’s Platform Security Guide, where the three levels of security are explained as:

“Full Security: The system behaves like iOS and iPadOS, and allows only booting software which was known to be the latest that was available at install time.”
“Reduced Security: […] This allows the system to run older versions of macOS. Because older versions of macOS inevitably have unpatched vulnerabilities, this security mode is described as Reduced. This is also the policy level required to support booting kernel extensions (kexts).”
“Permissive Security: The system behaves like Reduced Security […], but it also tells iBoot that it should accept some boot objects being signed by the Secure Enclave with the same key used to sign the LocalPolicy. This policy level supports users that are building, signing, and booting their own custom XNU kernels.”

In practice, at least as far as Big Sur 11.3.1 is concerned, Full Security means that the system allows only booting macOS which has the same (or a later) version as that installed on the internal disk. Once its internal SSD has been updated to 11.3.1, an M1 Mac won’t boot from 11.3 or earlier on any external disk in Full Security mode (with one notable exception described below).

Yesterday, I explained how you can change this by dropping the boot policy for an external disk to Reduced Security. That lets you boot an external disk which you want to update to the current release of macOS, or to boot from a historical release of macOS for test purposes. To understand the how and why you need to look at what happens when an M1 Mac boots macOS, something the Platform Security Guide is very good at explaining, but doesn’t even mention how it works with external bootable systems.

The boot process

m1bootsecurity1

This diagram is a first draft of how I understand this to work, and is based on the information provided by Apple, that revealed by the Asahi Linux team, and a little of my own work and imagination.

Fairly early during the boot process, the Mac must determine which startup volume group it’s intended to use. As the Low-Level Bootloader (LLB, Stage 1) has to validate LocalPolicy for that startup disk, it appears to be LLB which does that from a setting in the NVRAM. At some stage, either LLB or iBoot (Stage 2) has to check Local Boot Policy, which is stored against the lobo key in the LocalPolicy file in the iSCPreboot container of the internal SSD at /[volume-group-uuid]/LocalPolicy/[policy-hash].img4. If this imposes Full Security, the version of macOS on that boot volume group is compared against that on the internal SSD, which is stored in /SFR/current/SystemVersion.plist in iSCPreboot. In the diagram above I presume that occurs before iBoot is loaded, but that could occur later during the second stage boot.

If LocalPolicy is for Full Security and the macOS versions match, boot proceeds normally. If the macOS version of the external disk is older than that in SystemVersion.plist, the boot process is halted and Startup Manager is loaded, giving the user a graceful exit. If LocalPolicy is for Reduced or Permissive Security, then boot proceeds regardless of macOS versions, allowing the Mac to start up in an older version of macOS.

At present, the odd situation is when LocalPolicy is set to Full Security and the macOS versions don’t match, but the external disk is connected via USB-A rather than USB-C or Thunderbolt. In that circumstance, it appears that booting continues despite the conflict in macOS versions. This could be a simple bug, but I suspect that it’s a limitation of the USB-A bus (I recall historical issues in which USB-A had problems with security systems which could be related).

Human interface

Users normally control which startup volume group is to be used to boot that Mac in two places: the Startup Manager in Recovery Mode, and the Startup Disk pane in System Preferences. When the user selects one of the available startup disks there and tries to restart that Mac, macOS checks whether a LocalPolicy file exists for that disk. If no LocalPolicy exists, one is created using default settings, otherwise the current file is used.

multiboot02

Anticipating problems which would arise if this LocalPolicy were for Full Security and the local version of macOS conflicted with that running on the internal SSD, Startup Manager and the Startup Disk pane will refuse to restart when such a conflict exists. Unfortunately the error message which is displayed isn’t helpful to the user, as it doesn’t explain how they can address this problem, merely offering to help them install a fresh current version of macOS, which normally isn’t what the user wants.

macOS full installers

The final piece in this jigsaw puzzle is the macOS full installer app. In response to user outcry when it removed the macOS 11.2 installer as soon as 11.2.1 was released, Apple now leaves full installers available for each version of Big Sur. However, they don’t appear to be of much use to those with M1 Macs, as all attempts to install an older version of macOS on an external disk appear to fail.

multiboot04

This is so consistent that it’s unlikely to be unintentional: I believe that full installer apps are designed only to run successfully in versions of macOS older than the version which they will install. Thus, the 11.3 full installer will work when run in 11.2.3 or earlier, but not in 11.3.1. This appears to reinforce the Full Security policy, which denies access to versions of macOS with known vulnerabilities.

Platform Security Guide

This invaluable document should be available here. However, the current (February 2021) version is only available in US English. As Apple’s support website will automatically redirect you to a localised copy, and those still don’t appear to have been updated to the current edition, to read about the M1 you’ll need to view this PDF version instead.

20Comments

Add yours

1

EcleX on May 12, 2021 at 9:21 am

Many thanks for all these interesting and useful articles. Hopefully, Apple engineers read this site and make things easier with future macOS releases.

LikeLiked by 1 person
- 2
  
  hoakley on May 12, 2021 at 11:36 am
  
  Thank you.
  I’m not sure what you mean by making things easier. Apart from the oddity with USB-A connected disks, it all seems to work as intended. What would Apple want to change?
  Howard.
  
  LikeLike
  - 3
    
    Richard Murray on May 12, 2021 at 7:17 pm
    
    “Anticipating problems which would arise if this LocalPolicy were for Full Security and the local version of macOS conflicted with that running on the internal SSD, Startup Manager and the Startup Disk pane will refuse to restart when such a conflict exists. Unfortunately the error message which is displayed isn’t helpful to the user, as it doesn’t explain how they can address this problem, merely offering to help them install a fresh current version of macOS, which normally isn’t what the user wants.”
    
    Well, they may want to make the error message more helpful by explaining how to address the problem. 🙂
    
    LikeLiked by 1 person
    - 4
      
      hoakley on May 12, 2021 at 9:41 pm
      
      Or even better, document this for users, which has been most of my problem, and why I’ve written this account. But that doesn’t actually change how things work, which I think is what Eclex was referring to when he wrote about engineers doing something.
      Howard.
      
      LikeLike
  - 5
    
    EcleX on May 12, 2021 at 10:47 pm
    
    I meant making things really easy to use, as the Mac has been traditionally. You could simply install any macOS version on any external disk and boot any other Mac that supported such macOS version.
    
    LikeLiked by 1 person
    - 6
      
      hoakley on May 12, 2021 at 11:01 pm
      
      Yes, I thought you had that in mind. If you want a Mac that will do that, then you’d better stock up on non-T2 Intel Macs, because they’re the last that will be able to do that. It’s a massive vulnerability, which is why the user has to downgrade security policy in order to be able to run an older version of macOS.
      Take 11.3, for instance, which has two major WebKit vulnerabilities in it, which Apple knows are already being exploited. To be able to boot your M1 Mac into that while having ‘Full Security’ enabled is, well, complete nonsense, isn’t it? Any Mac running 11.3 is by definition now running at reduced security because of those vulnerabilities.
      Howard.
      
      LikeLike
  - 7
    
    EcleX on May 13, 2021 at 10:08 am
    
    What I meant is that if a user is the admin of all devices involved and grants access with credentials (username and password), such user (admin of all) should be capable to boot any Mac (owned by such user) from any external disk (owned by such user) with any macOS supported by such Macs. I understand that no security risk is involved in that.
    
    LikeLiked by 1 person
    - 8
      
      hoakley on May 13, 2021 at 11:43 am
      
      Thank you.
      No security risk? You and I have very different ideas as to what those words mean.
      With a pre-T2 Mac, you can walk up to it with a bootable external disk, start that Mac up from that, and run not only a vulnerable version of macOS, but one that has actually been hacked to be malicious.
      There is no Secure Boot, nor is there any boot security.
      Unless of course you can explain how you prevent that? The only method available doesn’t actually provide any boot security either – you can use a firmware password. Not only can they be bypassed, but even without bypassing them they provide no control over what is used to boot that Mac, do they?
      I can see I need to write an explainer.
      Howard.
      
      LikeLike
9

zero on May 14, 2021 at 6:48 pm

Slightly to one side perhaps, yet I wondered if you had come across any way to disable the auto boot function of the M1?
It’s proving very difficult to properly clean all the ice cream and crisps from my keyboard without driving the poor machine to distraction.

LikeLiked by 1 person
- 10
  
  hoakley on May 14, 2021 at 7:40 pm
  
  That sounds very serious! How about turning your keyboard off before cleaning it? Ice cream and crisps, indeed 🙂
  Howard.
  
  LikeLike
11

zero on May 14, 2021 at 9:50 pm

I must admit I was being rather poetic about the crisps and ice cream, and the reality is that for the first time ever I am planning to sell this new M1 machine on as soon as a nice pro model comes along, and am therefore trying to keep it unusually clean.

Problem I have found is that it’s not possible to effectively clean the keyboard with auto boot auto booting all the time.

Writing this I realised I could let it run down first, yet it would simply be nice to have the option of a terminal command to temporarily disable the auto boot function.

No-one in google land seems to have an answer and I thought you might as ever have an interesting and informed view on this.

best
Simon

LikeLiked by 1 person
- 12
  
  hoakley on May 14, 2021 at 10:10 pm
  
  Ah: this sounds like an M1 MacBook Air or Pro? I thought if you shut it down, so long as you don’t touch the Power button it should be OK to clean its keyboard, but it sounds as it just keeps powering up again.
  Howard.
  
  LikeLike
- 13
  
  rsfinn on May 26, 2021 at 8:54 pm
  
  Sorry for the late reply, but I think that KeyboardCleanTool may be the answer you’re looking for.
  
  LikeLiked by 1 person
14

zero on May 14, 2021 at 10:45 pm

It is indeed, and I think until we find a way to regain on-off control I shall let the battery drain out and sparkle it up then.

LikeLiked by 1 person
15

EcleX on May 15, 2021 at 1:21 pm

Imagine two identical Macs (work and home) booted from an external SSD. The internal SSD is used as Time Machine in both Macs. After booting from the first Mac from the external disk, it was upgraded from macOS 10.12.4 (16E195) Sierra to macOS 11.3.1 (20E241) Big Sur.

I understand that such Mac firmware, etc was automatically upgraded while upgrading. But how to upgrade the firmware etc of the second Mac? I guess that the only way is to install macOS Big Sur into its internal SSD (or install it into other external SSD). Is that correct? Thanks.

LikeLiked by 1 person
- 16
  
  hoakley on May 15, 2021 at 3:36 pm
  
  Thank you.
  Presuming that both Macs have a full system installed on their internal storage, that’s the logical one to update on the second Mac, to bring the firmware update. However, just installing the current version of macOS to an otherwise unused external disk will achieve the same result.
  Howard.
  
  LikeLike
- 17
  
  EcleX on May 15, 2021 at 3:52 pm
  
  Thanks. None of the Macs have a full system installed on their internal storage. The internal disk in both Macs is used as Time Machine disk only. No macOS installed in such internal disk for both Macs.
  
  I understand then that the options to update the firmware etc in the second Mac are either installing macOS in its internal disk, or in an external one connected to such Mac. Is that correct? Thanks again for all.
  
  LikeLiked by 1 person
  - 18
    
    hoakley on May 15, 2021 at 4:35 pm
    
    Yes.
    I’m surprised that you haven’t installed systems on their internal storage. That means that, without a suitable external disk connected, they can’t even boot into Recovery or Diagnostics, which wouldn’t seem a wise move to me.
    Howard.
    
    LikeLike
  - 19
    
    EcleX on May 15, 2021 at 8:14 pm
    
    Because I want the Time Machine disk with all possible disk space (2 TB SSD). The Macs are always booted from the external SSD disk, and therefore can boot into Recovery (Command R at booting) or Diagnostics (Command D at booting).
    
    LikeLiked by 1 person
    - 20
      
      hoakley on May 15, 2021 at 9:38 pm
      
      As I wrote, without a suitable external disk connected, your Macs are dead. For the cost of 15 GB of space on their internal storage, they’d be significantly more robust, IMHO. I’ve never used a Mac which is totally reliant on the right external disk being connected to it.
      Howard.
      
      LikeLike

·Comments are closed.

Share this:

Like this:

Related