Booting an M1 Mac: external disks and local boot policy in macOS 11.4

Little more than a fortnight ago, I attempted to detail how M1 Macs running Big Sur version 11.3.1 apply LocalPolicy to determine whether an external disk can be booted. Little did I realise then that this would all change completely when Apple released macOS 11.4. This article attempts to explain this in the light of those major changes.

One of the big differences between a Mac running macOS and a device running iOS/iPadOS is that the Mac can start up from an external disk.

Intel Macs without a T2 chip do this very simply, and provided that the external disk is compatible, has a suitable version of macOS installed, and has been ‘blessed’ as bootable, you can walk up to a Mac, start it up from that disk, and use it. The only thing which could stand in your way is if the user has enabled its firmware password.

The T2 chip changed this completely. Unless the user has already altered its default security settings to allow it to start up from an external disk, you’ll have no joy whatsoever. Although this is secure, it’s also more than inconvenient, as the times you most need your Mac to start up from an external disk are when it’s in trouble with its internal disk, and that’s likely to prevent you from changing its security settings, leaving your Mac dead.

M1 Macs aim to address this shortcoming of T2 models: the ability to start an M1 Mac from an external disk isn’t directly controlled by the boot security policy for its internal disk, and it should be possible to boot an M1 Mac from an external disk without having to change any security settings. As there isn’t any direct control, it might look as if that’s the case, but security policy can still get in the way and prevent you from starting an M1 Mac up from an external disk. This article explains how that happens, among other things.

Boot Security Policy

Unlike a T2 Mac, M1 Macs don’t set one boot security policy for the whole Mac, but a policy for each bootable disk. This is attractive, as it means that you can still ensure that, when it boots from its internal SSD it does so in Full Security, but your M1 Mac can be more relaxed when it boots from an external disk instead. This is implemented in per-disk LocalPolicy files which are stored in the iSCPreboot container of the internal SSD at /[volume-group-uuid]/LocalPolicy/[policy-hash].img4.

When you select an external disk as the boot disk in the Startup Disk pane, it looks for that disk’s LocalPolicy. If it finds none, a new LocalPolicy is created, defaulting to starting up from that disk in Full Security mode. Apple’s Platform Security Guide explains the three levels of security as:

“Full Security: The system behaves like iOS and iPadOS, and allows only booting software which was known to be the latest that was available at install time.”
“Reduced Security: […] This allows the system to run older versions of macOS. Because older versions of macOS inevitably have unpatched vulnerabilities, this security mode is described as Reduced. This is also the policy level required to support booting kernel extensions (kexts).”
“Permissive Security: The system behaves like Reduced Security […], but it also tells iBoot that it should accept some boot objects being signed by the Secure Enclave with the same key used to sign the LocalPolicy. This policy level supports users that are building, signing, and booting their own custom XNU kernels.”

In macOS 11.4, the wording used for Full and Reduced Security can lead to confusion. All releases of Big Sur can now be booted in Full Security, even though those prior to 11.4 are known to have unpatched security vulnerabilities. Whereas in earlier versions of macOS 11, it had been necessary to downgrade some older releases of Big Sur to Reduced Security, for those boot disks to work properly with later releases on the internal SSD, that’s no longer a requirement.

There are two common situations in which macOS requires a boot disk to operate at a lower security level: third-party kernel extensions and changed major security settings including SIP.

For an M1 Mac to be able to load a third-party kernel extension, that boot disk has to have a LocalPolicy of Reduced or Permissive Security. When running at Full Security, those kernel extensions can’t be loaded. Similarly, when you use the csrutil command in Recovery to disable SIP (or make other changes to key macOS security systems), that boot disk will be downgraded to Permissive Security. It’s a requirement of Full Security that all major security systems are active.

The boot process

This diagram is a second draft of how I understand this to work, and is based on the information provided by Apple, that revealed by the Asahi Linux team, and a little of my own work and imagination.

Fairly early during the boot process, the Mac must determine which startup volume group it’s intended to use. As the Low-Level Bootloader (LLB, Stage 1) has to validate LocalPolicy for that startup disk, it appears to be LLB which does that from a setting in the NVRAM. At some stage, either LLB or iBoot (Stage 2) has to check Local Boot Policy, which is stored against the lobo key in the LocalPolicy file in the iSCPreboot container of the internal SSD at /[volume-group-uuid]/LocalPolicy/[policy-hash].img4. In the diagram above I presume that occurs before iBoot is loaded, but that could occur later during the second stage boot.

If LocalPolicy is for Full Security and the Seal and policies are good, boot proceeds normally. If signatures or policies are incompatible with the chosen security level, the boot process is halted and Boot Recovery Assistant is loaded, giving the user a graceful exit. This is also true of LocalPolicy for Reduced or Permissive Security.

Human interface

Users normally control which startup volume group is to be used to boot that Mac in two places: the Startup Manager in Recovery Mode, and the Startup Disk pane in System Preferences. When the user selects one of the available startup disks there and tries to restart that Mac, macOS checks whether a LocalPolicy file exists for that disk. If no LocalPolicy exists, one is created using default settings, otherwise the current file is used.

If macOS detects a problem with starting up from the chosen boot disk, then it normally falls back to recoveryOS and opens the Boot Recovery Assistant, which offers to reinstall macOS or choose another startup disk.

macOS full installers

The final piece in this jigsaw puzzle is the macOS full installer app. In response to user outcry when it removed the macOS 11.2 installer as soon as 11.2.1 was released, Apple now leaves full installers available for each version of Big Sur. Prior to macOS 11.4, old installers frequently failed when run in a more recent release of Big Sur. In 11.4, you should now be able to run and install any released version of macOS 11, provided that Apple hasn’t revoked its signature for that installer. Versions before 11.2 may suffer problems, though, with incompatibilities with more recent firmware.

Platform Security Guide

This invaluable document is available here. Previous versions weren’t available for non-US English, but Apple has now addressed that it should be fully accessible. If you need the PDF version, that’s available from here.

14Comments

Add yours

1

Javier Gallardo on June 2, 2021 at 9:18 am

Thank you for your resume; everything seems to make sense, at last.
(…I keep wondering if Apple will give clear instructions about these details for M1 users).

LikeLiked by 1 person
- 2
  
  hoakley on June 2, 2021 at 3:24 pm
  
  Thank you. Coming tomorrow: the Recovery modes.
  Howard.
  
  LikeLike
- 3
  
  hoakley on June 2, 2021 at 10:13 pm
  
  Thank you.
  Howard.
  
  LikeLike
4

Joel Bruner on June 2, 2021 at 8:03 pm

Hey Howard, love the diagrams, thanks!

You know what macOS 11.4 on Apple Silicon STILL DOESN’T support yet? It doesn’t support re-installing macOS fresh with “startosinstall –eraseinstall” (inside the Resources of “Install macOS Big Sur.app”) AND being able to shut down WITHOUT running Setup Assistant. Amazing yeah?

If you don’t go through Setup Assistant on that first reboot after an “eraseinstall” and just Shut Down, it will ALWAYS boot back to Recovery (with no users to recover) so you MUST Erase Mac… and download from the Internet (or Apple Configurator 2). Reported (via ACE) back in 11.2 and they “plan” to address it, but no timeline… I think that means macOS 12

Figured I’d mention since you have always shown such attention to detail for how macOS SHOULD work and then how it actual DOES work. Thanks!

LikeLiked by 1 person
- 5
  
  hoakley on June 2, 2021 at 10:19 pm
  
  Thank you.
  Yes, I recall that from a while back. It’s almost as if this won’t be supported, so I wonder if there’s a security reason behind it. There are several things that have been ‘planned’ to be addressed which also simply haven’t happened – standalone Big Sur updaters remains the biggest, I think.
  Howard.
  
  LikeLike
6

JR on June 2, 2021 at 9:06 pm

Great article.
Unfortunately, I am still struggling with the concept of creating an external bootable backup if I can’t copy the local drive.
For example, let’s assume the following scenario. I have a M1 mac running 11.4 and I have no external startup disks, also assume that Apple just release 12.0.
Before I upgrade to 12.0, I would like to copy my local drive to an external drive so that I can first upgrade the external drive to make sure I am happy with 12.0 before committing to it. I guess this scenario can also apply to 11.5
On Intel prior to Big Sur, I know exactly what to do, but here I am struggling with the fact that I can’t copy my local drive to an external volume, so how can I test the upgrade as if I was using the local drive.
I guess I am getting hung up on not being able to make a bootable copy, so I don’t know how I can have a mirror image on the external drive of the local drive to test the upgrade in this scenario.
Does that mean I have to install 11.4 on an external drive first then use CCC to copy the APFS container to the external drive from a backup of the local drive then boot the external drive and try the upgrade.
I am also thinking that anytime I want to create another external drive I must install 11.4 again. Is that true?
I am getting confused just trying to layout this scenario.
Maybe you can help clueless people like me with a step by step process on how to create an external bootable copy of the local drive for purposes of testing OS upgrades or software for that matter.
Thank you.

LikeLiked by 1 person
- 7
  
  hoakley on June 2, 2021 at 10:22 pm
  
  Thank you.
  I do understand. Let me think this through and write an article for Friday morning stepping through your options. For a start, I think that updating the internal SSD is something you should only do when you’re confident that you’re going to stay upgraded. Downgrading is perfectly feasible (and far better with the M1), but such a waste of time and effort.
  Howard.
  
  LikeLike
8

performa475 on June 3, 2021 at 9:04 am

An off topic remark possibly but where does this leave booting, say, an ARM Linux distribution installed on an external drive or even a USB stick. I imagine some work would need to be done on suitable third party boot managers. It’s quite easy with Intel Macs especially with boot managers such as rEFInd available. I guess similar problems will exist booting up Linux from its own volume on a M1 Mac’s internal drive?

LikeLiked by 1 person
- 9
  
  hoakley on June 3, 2021 at 9:11 am
  
  The only way I know of to actually boot an M1 Mac into Linux is to hack the kernel with an extension which boots Linux. Asahi Linux is pursuing a more robust solution, but isn’t likely to be available for a month or two yet.
  Intel and Apple Silicon Macs boot totally differently, so there’s no simple solution yet for M1 models.
  Howard.
  
  LikeLike
  - 10
    
    performa475 on June 3, 2021 at 9:27 am
    
    Thanks for the info re Asahi. Incidentally I’ve successfully tried out several ARM Linux distros in Parallels Desktop virtual machines running on my M1 machine.
    
    LikeLiked by 1 person
11

bwillius on June 4, 2021 at 4:07 am

Your articles are wonderful. There is, however, one big problem. If I have problems starting up a Mac I need a simple procedure for troubleshooting. Instead I have to ask myself: do I want full, reduced or permissive security? Whatever the difference between these are. The descriptions read like they were made by lawyers. If I select the full security and forget to update the external hard disk I’m screwed anyways. I think.

Do I want internet recovery, true recovery, whatnot recovery?

Everything has become so terribly complex.

LikeLiked by 1 person
- 12
  
  hoakley on June 4, 2021 at 8:55 am
  
  Thank you.
  No, on an M1 Mac it has become far simpler.
  You want to run in Full Security, unless there’s a powerful reason for not doing so, typically that you rely on a third-party kext, in which case you have to reduce security to allow that kext to be loaded.
  There is, for the normal user, just one Recovery, 1 True Recovery. No Internet Recovery, or anything else Recovery. You enter it using one action, pressing and holding the Power button at startup.
  That’s it.
  Howard.
  
  LikeLike
13

Firitia on June 9, 2021 at 2:43 am

With a big sur installer disk it is easy to create a system on a external disk, which then starts up the computer… once. But try to restart again, the computer wants you to reinstall the system.

LikeLiked by 1 person
- 14
  
  hoakley on June 9, 2021 at 6:51 am
  
  You don’t need a Big Sur installer disk to do that: you can simply run the Installer app within your current Big Sur installation. If you prefer, you can perform the installation in Recovery, but that’s not necessary in 11.4.
  Try doing this in 11.4 using the Installer app, as I have described.
  Howard.
  
  LikeLike