How the kernel relies on its extensions to make your Mac work, and has highest privilege for stability and security. How this must change for Apple Silicon.
kernel
Once the kernel takes over from iBoot, there’s a lot of hardware to get running before the SSV can be properly validation, and kernel extensions loaded.
Sometimes known as iBoot1 and iBoot2, they start work with the LocalPolicy for the intended boot volume, validating its vital components.
Understanding each of the four stages in the Secure Booting of an M1 Mac. These are summarised in diagram available here.
There’s a fundamental difference in the way that Intel and M1 Macs store and load their ‘firmware’, which enables the M1 Mac to load and run difference versions of iBoot.
This article has now been extensively corrected and modified.
What’s the difference between an app and kernel memory leak? How would you notice one, and how to investigate it, and (sometimes) work around the problem.
When does an M1 Mac validate its Sealed System Volume? Who designed its display interface? How soon does Find My Mac launch? So many answers found in the log.
The combination of a new kernel built just 10 days earlier with a set of new graphics drivers sufficed to bring many Macs to their knees.
Catalina 10.15.6 update included a bonus: a large memory leak which led to kernel panics. This is the story of its patching.