changelog.txt

Update from 19-10-2024

The Dumper:
-> Detects if running on a T2 or Silicon Mac and removes the button accordingly.
-> Added a dialog for missing LBSN/BD sector.
-> Decodes board-id to Mac model in log file.
-> tells the user if the assigned FireWire address does not match the firmware MAC address.
This may indicate that on an MP41 or MP51, firmware from another machine was flashed.

test_nvram:
-> Dumping IM121 is forced to use eficheck (available from High Sierra to Ventura) due to a crash when loading DirectHW.kext.
-> "FW MAC matches not with LBSN" or "FW MAC matches with LBSN" line, when the Mac has Firewire and LBSN sector has a firmware MAC address.
-> A catch when Eficheck is not available (before 10.13, after 13).
-> A catch for an empty EFI version string.
-> CRC32 check for the main firmware volumes for MP41 and MP51 firmwares.

Macschrauber's System Version Scanner:
-> more sealed status report.
-> more progress bar steps for multiple MacOS on one machine.

Select Wi-Fi from found networks and Select Wi-Fi from preferred networks:
-> Message and workaround if Airport Utility cli tool is not working anymore on OS since Ventura.

ESP Tools:
-> Detect amdvbflash ESP.

unmount all ESPs, Mount ESP from list, Mount ESP from list and show bootloader:
-> Unmounting has an option to handle busy status of ESPs.

copy ESP:
-> Sets script into a loop, to work on more than one ESP in a row.

Boot-Args:
-> edit boot-args got into a loop, so editing more options is more comfortable.

Preboot Fixer:
-> mount ESP needs admin privileges if user is not in admin group, fixed when using stored admin / password data.





Update from 1-9-2024

The Dumper:
-> Various fixes for running the Dumper and the tools as a non admin user.
So the optional, encrypted password storage got an admin user name, too, if needed.
-> Added iMac 12,1 dumping via Eficheck.
As that machine freezes when loading DirectHW.kext. Eficheck is available on High Sierra and later.
-> Adds MacOs version and CPU configuration to the analyse window and log file, if available.
-> Added detailed boot block info, with version and release date.
-> Detect more empty .fd firmware files for MP41 and MP51.


test_nvram (cli part of the Dumper):
-> Added scanning file system wide.
example: test_nvram -r '(4M)' 'MP51*.bin'
-> Added -printsystemineveryhexdumpvar argument, to display the MacOs version in ever hexdump. Useful to capture differences in NVRAM variables' content.
-> Added -romtobin argument, to rename filename.rom to filename.bin"
-> Adjustments to run in every path, not just in /usr/local/bin
-> Added showing a specific variable as hexdump and text.
Scans Fsys and NVRAM), can also be a part of the name. Like '-vars ssn', what shows ssn, ssnp and GUID.
Example: test_nvram -r '(4M)' '-vars boot-args' 'MP51*.bin' 

-> Read and decode csr-active-config directly from NVRAM.
Example: test_nvram '-nvram csr-active-config'
NVRAM output:
csr-active-config	w%00%00%00
-------------------------------------------------------------------
Decoded:
77000000
Decoded (little-endian representation):
00000077
-------------------------------------------------------------------
0x001 CSR_ALLOW_UNTRUSTED_KEXTS
0x002 CSR_ALLOW_UNRESTRICTED_FS
0x004 CSR_ALLOW_TASK_FOR_PID
0x010 CSR_ALLOW_APPLE_INTERNAL
0x020 CSR_ALLOW_UNRESTRICTED_DTRACE
0x040 CSR_ALLOW_UNRESTRICTED_NVRAM
-------------------------------------------------------------------
Hexadecimal encoding:
00000000: 3737 3030 3030 3030                      77000000
-------------------------------------------------------------------
Raw XML data:
dwAAAA==
-------------------------------------------------------------------
Base64 encoding:
w
-------------------------------------------------------------------
Hexadecimal conversion:
6477414141413d3d
-------------------------------------------------------------------

-> Fixed a glitch where it printed a lot of satsmart errors for not supported drives.
-> Various fixes for running the Dumper and the tools in Snow Leopard


Extra Tools (ESP tools, Repair preboot, etc.):
-> boot-args: edit boot-args got a vertical list of boot-args.
Makes reading a large list of boot-args easier.
-> boot-args: -v for verbose mode does not error when csr protection for nvram is on.
As this argument is allowed with nvram protection



Update from 5-8-2024

The Dumper:
-> Added recognition for Matt Card.
a Matt Card is a repair module what replaces your defective firmware chip. You should not use that chip with preset IDs
-> Added recognition for more errors found by UEFIExtract.
-> Implemented dynamic $IBIOSI$ scan to retrieve BIOS versions of "unknown" machines' firmware and unnamed .fd files.
-> Revisited OpenCore LauncherOption: Full presentation.
-> Fixed: ASCII values in csr-active-config were not interpreted correctly.
-> Fixed: Usernames with special characters, such as spaces, no longer cause privilege errors.

Extra Tools (ESP tools, Repair preboot, etc.):
-> Enlarged dialog buttons for wider dialogs.
-> Improved recognition of dark and light mode for rendering icons of ESPs and System volumes.
-> Improved check ESP for MS certificates tool to live in the login items to check after every Mac OS start.
It can deactivate Windows ESPs so they do not start without OpenCore or RefindPlus protection.
Also it can check the NVRAM streams for Microsoft certificates when csr values are set as needed.

New tool: Macschrauber's System Version Scanner:
-> Scans for MacOs and Windows versions
-> Presents sealed status ( yes / broken ) for MacOS
-> Presents UEFI / Bios variant for Windows


Update from 16-6-2024

-> display BootNext, unnamed, clover and gpu-power-mode variables
-> logging of Board-ID for iMacPro 1,1 and MacPro 7,1
-> logging detailed csr config status

-> hexdumpall argument for test_nvram
with test_nvram dumpfile.bin -hexdumpall a full list of hexdumps of deleted and valid NVRAM variables is displayed. This can be hughe.

-> additional tool: Macschrauber's System Version Scanner
it scans thru all mounted volumes and displays the MacOs version, drive and physical position, similar to the ESP tools.

Also various corrections and additions to the ESP tools, regarding Windows ESP and external volumes.


Update from 5-5-2024

-> presenting CSR values for s.i.p / rootless flags
like: csr_Allow_Untrusted_Kexts, Unrestricted_FS, Task_For_Pid, Apple_Internal, Unrestricted_Dtrace, Unrestricted_NVRAM (0x77)

-> warn for unusual var headers
like state: 0x00 or 0xff and size: 0xff

-> presenting nvda_drv=1 variable

-> presenting efi-boot-device-data variable

-> the log shows a platform compatibility test for the helper tools

fixed:
-> security mode=none presented an alarm, tho this setting is useless it must not show a warning
-> during house keeping an error slipped in, where firmwares with 2 alive streams would not set the active stream as VSS1

ESP tools:
-> support for multiple ESPs on one volume
-> OCLP ESPs got a model string, to distinguish

fixed:
-> Windows ESP did not got their icon, got a path wrong



Update from 21-4-2024

-> analyzing `.scap`files
Those are proprietary firmware capsules used by Apple to securely package and distribute firmware updates.

-> revisited the display of the NVRAM variables to
example: 1 (5 deleted) MemoryConfigg

-> showing some more NVRAM variables:
recover-boot-mode
sleepwake_diagxx
SleepWakeFailureString
StartupMute and SystemAudioVolume for detecting no audible boot chime

-> wildcards for the test_nvram_shell script. Like [test_nvram *.bin -showallvars]

-> multiple CRC32 errors got all UUIDs displayed




Update from 31-3-2024

-> added an option for <ESP Mount from list and show bootloader> to prevent booting of Uefi Windows
If started on a Mac Pro 1,1 to 5,1 unit it allows the user to rename bootx64.efi to bootx64.efioff to
prevent direct booting of Uefi Windows in its ESP by request.

-> a 2nd variant of the LBSN Sector for MP41 is detected

-> -nofreshdump argument for test_nvram and adding this for analysing ch341a dumps
as a readout of a chip in the programmer could not be treated same for live diagnostics.

also a fix for Type_80 firmwares what have more than one Fsys stream in the NRAM Volume, reporting FSys variables order




Update from 22-3-2024

-> analysing .dump files eficheck creates for sending them without user data (Fsys stream) to Apple
My Mac Mini 7,1 creates a 6 MB file, I would need more examples of other sizes

-> the stop button of the progress window works now in the Dumper and most of the tools

-> worked over a handler to process sudo cli tool calls, so more precise logging

-> added <download from github> to the downloaders

Also error correction in the <Is damaged fix> tool due to a typo in a version comment.





Update from 10-3-2024

-> adding a line when OpenCore is running during storing the dump

-> showing MP41 or MP51 backplane type and generation

-> checking Fsys for missing items or wrong order
sometimes they get into the wrong order or items are missing, leading to problems with machine identification
example: [ICODE]Fsys: 0 overrides, 1 override-version, 2 ssn, 3 EOF (son, hwc is missing)[/ICODE]

-> one Dialog with up to 4 buttons, scrollable analyze dialog
10.7-10.9 still has the classic look, 10.10 to Catalina horizontal buttons, Big Sur to Sonoma vertical buttons

-> LBSN check for wrong jump points after MP4,1 -> MP5,1 manual conversion and v. v. 
If someone tries to inject a Mac Pro 4,1 LBSN/BD sector into a Mac Pro 5,1 firmware the Dumper informs and stops before flashing this gives a brick. Also vice versa, if someone downgrades a Mac Pro 5,1 to Mac Pro 4,1 incorrectly.

-> The ESP / Preboot Tools were polished

-> Additional conditions for missing user privileges

-> more logging / progress bar information

-> technically invalid serial numbers are reported

-> some bugs were fixed, ESP Label works for UEFI Windows,

the Dumper had a bug in V4-2-2024 what prevented starting in 10.9 to 10.7, some ESP Tools were also fixed for working in those earlier OS'.

Also fixed a bug, stopping the script when using the CH341a programmer with a misnamed variable.

In V2-3-2024 a glitch was fixed when the font "Courier New" was missing it prevents displaying the analyse dialog.

In V10-3-2024 fixed checking a file with unsupported file size resulted in a script error, that error come with V2-3-2024.







Update from 23-1-2024

-> Dumps and logfiles get their own folder for every dump
Like ~/Downloads/Macschrauber's Rom Dump 23.01.2024_00-43-43/

silently changed it, as the Dumper could be used to test dumps or to flash, so the previous folder naming was not accurate

-> Revisited most of the ESP Tools and done a new tool: Preboot fixer and renamer 
This is for the mess unprotected High Sierra boots does with Catalina and newer.
It can also be used to just rename the icons shown in Boot Picker and OpenCore. Even with multiple lines.
Thanks to [USER=710085]@joevt[/USER], here for all the the help and with building the icons.
High-sierra-booting-possibly-corrupts-newer-systems-fix-and-description






Update from 23-12-2023

-> showing firmware programming mode [  ] [off] [on]
The Dumper checks for firmware programming mode on compatible units (MacPro 4,1/5,1). It does this during reading/flashing or directly, when the password is stored encrypted by a CLI tool in the Other Tools folder.

(Firmware programming mode is initiated by pressing the power button until a long tone and blinking power LED appear when starting the box.)

I don't want the user to give access to the keychain or to bother him with passwords before the Dumper initiates any visible actions.

-> Wrapped the Dumper into a loop, does not end directly after flashing / dumping.

Fixes:
- if the user's Downloads folder is not available it prompts for another
- The scanvss log filename had the spoofed firmware version in, now it's the real firmware version






Update from 10-12-2023

-> detecting Nvidia Chipsets to report long readout duration
Macs with Nvidia chipsets (MCP79 / MCP89 built around 2009) could take about 5 minutes to read the firmware

-> Multiple flash chip definitions for dumping with the shell script
it prompts for the chip of a Mac whose spi data is not captured (yet) if Flashrom returns more than one type

-> checking Bootblock vectors for rebuilds, showing Fsys header type after base_xx

-> emergency stop if one tries to flash a firmware from another Mac model in a MP 4,1/5,1
exits if the pre-flashing information readout is ignored

-> reading MBP54 and MBP91, updated some chip definitions for other models

-> added a copy ESP script to the ESP tools
Post in thread 'Manually Configured OpenCore on the Mac Pro'






Update from 18-11-2023

-> -vars argument to the shell script
Displays all variables of the nvram stream, including Fsys, Gaid, VSS1, VSS2, SVS1, SVS2. Plain text displaying of the hardware descriptor (base_xx text), IASInstallPhaseList, and the LBSN / BD sector.

But never post such a detailed dump to public sources. The dump, and the big report contains loads of personal and machine data. So again: never, ever post that shell script report!

-> -hexdump argument to the shell script
Displays the most important variables and checks the checksums for post-2012 firmwares.

-> Dynamically finding the lbsn sector, displaying the hexdump of it in the shell script.

-> iCloud lock detection, displaying the stored text shown to the finder in the CLI tool

-> More details for Microsoft Windows certificates

-> MacBook Pro 8,1 dumping. Mac Pro 6.1 got a 2nd spi flash chip type.

-> Scanvss log files for "Scanvss semi-compatible" firmwares
Some firmwares could not be decoded by Scanvss if the whole dump is given, but the extracted NVRAM Volume.

-> rename Preboot
A little script to rename .contentDetails of a Preboot APFS Volume. Sometimes the Names are not updated and the script allows you to rename the name a bootloader shows.


Fixes:
- Battery-health for type 00 firmwares is working.






Update from 22-10-2023

-> Find my Mac detection
The dumper provides information that Find my Mac is activated. This can be important when buying a used device.
Only the shell script provides the configured text output from a Find my Mac lock. Since these texts often contain private data such as phone numbers or email addresses, there is no output in the dumper.

-> The collection of changing NVRAM states is supported.
You can either add your Shasum encrypted serial number to the shell script or provide an argument
[ICODE]-gathernvram.vol[/ICODE]. If that argument is given, or you added the encoded serial number of your Mac to the shell script, the Dumper stores (to spare storage space) just the NVRAM volume of the dump to a pre configured folder "All_Nvrams" in your home folder.

fixes:
- Some newer Macs' firmware (approximately from 2013 onwards) have a variable of the old (up to around 2013) type 00. I have revised the detection logic to avoid incorrect classification.






Update from 12-10-2023

-> NVRAM Volume Detection:
  The shell script dynamically identifies the NVRAM volume position and offsets. In theory, this means that all Mac Firmwares could be decoded.
-> Dumping Mac Mini 7,1 for the Dumper and shell script
-> ESP Tools: Added a script to automatically label ESPs for the boot picker based on the found bootloader flavor

fixes:
- An error occurred when running Yosemite, and the absence of bootarg: kext-dev-mode=1 prevented the loading of DirectHW.kext, leading to a missing variable.
- An older OS like Yosemite truncated the firmware version, causing the shell script to display a spoofed firmware.
- A glitch related to logging prevented the selection of multiple found flash chips on untested Macs.






Update from 8-10-2023

-> showing the OpenCore spoofed firmware string (only for fresh dumps possible)
-> counting Microsoft Uefi variables
-> dumping: iMac 11,1, iMac 11,2
-> added a tool to rename ESPs (bootloaders like OC) shown in the boot picker

details: https://forums.macrumors.com/threads/manually-configured-opencore-on-the-mac-pro.2207814/page-520?post=32382081#post-32382081

analyzing MBP61, MBP62, IM112, IM113 to shell script

workaround for deeper analysing units with Scanvss where Scanvss could not scan the dump file directly:
        IM112, IM113, IM121, MBP61, MBP62, MBP81, MBP82, MBA41, MBA42, MM51

fixed: infinite loop in the shell script / the Dumper for units with less than 6 NVRAM variables of type (AA.55.7F.00.07)






Update from 17-9-2023

-> detection for refurbished boards (ssnp present), shows a warning if not serialised (ssnp but no ssn)
-> reporting of u(efi) version where possible and adjust the warning for Windows certificates
-> -scanvss and -freespace arguments for the test_nvram shell script

-> fixed: Model code was not shown before serial number in GUI tool






Update from 31-8-2023

-> Fixed a bug where flashing was rejected
-> The ESP tools got a <mount ESP from list v2> tool
what shows the drive model, interface, position and last but not least the type / version (where possible) of the bootloader (OpenCore native, OCLP, OC MartinLo, RefindPlus, rEFInd, Windows, ...)

[URL unfurl="true"]https://forums.macrumors.com/threads/manually-configured-opencore-on-the-mac-pro.2207814/page-520?post=32382081#post-32382081[/URL]






Update from 27-8-2023

-> No real new functions, polishing and error corrections.
-> The ESP tools work in old systems what do not work with diskutil to mount / unmount
-> Added a bunch of scripts to add and edit boot-args






Update from 12-8-2023
-> Bootvars show where the System / Bootloader / Recovery / ... is physically stored.

Gives, when possible, the actual path, the product name of the drive and the position.

Like: Boot001: OpenCore |EFI|disk0s1 (PCI External:APPLE SSD SM0256G) /EFI/OC/OpenCore.efi


some more examples:
[CODE]
BootOrder: 1:Boot0080
Boot0001: OpenCore |EFI|disk3s1 (SATA Bay 3:ST1000DM003-1ER162)|EFI|EFI\OC_OCLP031\OpenCore.efi
Boot0080: Mac OS X |Apple_APFS|disk2s2 (SATA Bay 1:Samsung SSD 850 PRO 256GB)|\x-EC79-4675-96B4-786E627FCA06\System\Library\CoreServices\boot.efi
Boot0080 is MacOs 10.14.6, label: Mojave
Boot0081: Recovery OS \x-98B6-49D7-9BAF-0E6A2928C527\boot.efi
Boot0082: |Apple_APFS|disk2s2 (SATA Bay 1:Samsung SSD 850 PRO 256GB)|\x-EC79-4675-96B4-786E627FCA06\System\Library\CoreServices\boot.efi
Boot0082 is MacOs 10.14.6, label: Mojave
BootFFFF: |EFI|disk3s1 (SATA Bay 3:ST1000DM003-1ER162)|EFI|\EFI\BOOT\BOOTX64.efi
OCBtOrder: 1:OCBt0080
OCBt0080: Mac OS X [USB] \x-9D33-4C33-86EE-B3C893C0C765\System\Library\CoreServices\boot.efi
OCBt0081: Mac OS X \x-66D5-4532-99D9-7711AAE353F5\System\Library\CoreServices\boot.efi
[/CODE]

credits to [USER=710085]@joevt[/USER] for the dumpbootvars scripts, where some code is adapted from.
where DiskUUIDs are stored in the bootvars it is possible to show this details. Not all bootvars contain this.

For us it is very handy to show where the OpenCore bootloader is.

I wrote a little more about what reading the bootvars gives to us in https://forums.macrumors.com/threads/manually-configured-opencore-on-the-mac-pro.2207814/post-32378414






Update from 3-8-2023
-> Reading out battery-health variable on compatible MacBooks plus a history, read from the deleted variables. So we can track the battery-health a little. I could need help to understand more of the values. Not all battery types / machines generate timestamps.

(the battery-health is also displayed in the GUI tool, CLI tool output is better to display)


-> So added back and forward buttons to the analyse dialog as these get bigger with displaying battery-health.

-> compatible machines dump with eficheck if Flashrom is not working

-> the repair script for cleaning the xattr quarantine flag


CLI tool:
-> the CLI tool can dump with Flashrom. For those machines we know the spi chip versions it assumes the correct type. Not that rich probing as the GUI tool but it works.

(the spi chip type can still be handed over by the -chip:xyz argument)

-> Also the CLI tool dumps with Eficheck (for compatible units, not Mac Pro 4,1/5,1). This will not need S.I.P. disabled (for the DirectHW.kext)


so there is a little installer script for deploying the shell script and the used tools. This is optional, the Dumper works like before. With this shell script things can be automated, like checking the NVRAM free space after every reboot.

Take care to keep the serials and IDs very private, it could be a serious security issue publishing them.

-> some more polishing and corrections in the shell script